Tr/unpacked.gen et tr/atraps.gen

Voici le rapport Hijackthis, je vais faire un analyse antivir sur le champs et coller le rapport par la suite


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:11:19, on 2008-09-29
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\htpatch.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\HP\HP Software Update\HPWuSchd.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Symantec AntiVirus\DoScan.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\PROGRA~1\Magentic\bin\MgApp.exe
C:\Program Files\IncrediMail\bin\IMApp.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\HP\hpcoretech\comp\hpdarc.exe
C:\hijackthis\eden.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ca/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [HTpatch] C:\WINDOWS\htpatch.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [Magentic] C:\PROGRA~1\Magentic\bin\Magentic.exe /c
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/FacebookPhotoUploader5.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.n9ws.com/webscanner/kavwebscan_unicode.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://lesamazonesberthier.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {8436FE12-31DB-48BF-83BF-FE682F9160B4} (NanoInstaller Class) - https://www.pandasecurity.com/en/homeusers/online-antivirus/?ref=activescan
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} (Java Plug-in 1.6.0_03) -
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: intu-ir2007 - {52BAEC6B-9405-46F9-A131-6D50720A3CC4} - (no file)
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe

J'ai suivi à la lettre les procédures mais voilà qu'au redémarrage de l'ordinateur, antivir guard me lance encore une fois ces alertes (24 alertes)
Virus or unwanted program 'TR/Unpacked.Gen [trojan]'
detected in file 'C:\Documents and Settings\Administrateur\Local Settings\temp\00010075.exe.
Action performed: Deny access

Virus or unwanted program 'TR/ATRAPS.Gen [trojan]'
detected in file 'C:\Documents and Settings\Administrateur\Local Settings\temp\00008991.exe.
Action performed: Deny access

quelques fois c'est dans le dossier C:\Windows\temp, mais dans tous les cas, chaque fois le fichier 000xxxx.exe change de numéro. Même si je les mets en quarantaine ou que je les suppriment, ils reviennent toujours au redémarrage, il doit bien y avoir un fichier quelque part qui est responsable de tout ce remue-ménage, je n'ai remarqué aucun comportement bizarre de mon ordinateur à date, mais c'est vraiment très agaçant.

je te remercie pour ton temps et ton aide précieuse

Rapport OTMoveIt2

File/Folder C:\Documents and Settings\Administrateur\Local Settings\temp\00010075.exe. not found.
File/Folder C:\Documents and Settings\Administrateur\Local Settings\temp\00008991.exe. not found.

OTMoveIt2 by OldTimer - Version 1.0.4.3 log created on 09302008_110434

est-ce que je dois passer malwarebyte's quand même?

Et voici le rapport

Malwarebytes' Anti-Malware 1.28
Version de la base de données: 1224
Windows 5.1.2600 Service Pack 3

2008-09-30 11:44:33
mbam-log-2008-09-30 (11-44-33).txt

Type de recherche: Examen complet (C:\|)
Eléments examinés: 98468
Temps écoulé: 32 minute(s), 31 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

Salut

Voici le rapport antivir en mode sans échec

Avira AntiVir Personal
Report file date: 30 septembre 2008 12:09

Scanning for 1649801 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 3) [5.1.2600]
Boot mode: Save mode
Username: Administrateur
Computer name: ORDINATEUR

Version information:
BUILD.DAT : 8.1.0.331 16934 Bytes 12/08/2008 11:46:00
AVSCAN.EXE : 8.1.4.7 315649 Bytes 26/06/2008 14:57:53
AVSCAN.DLL : 8.1.4.0 40705 Bytes 26/05/2008 13:56:40
LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 18:44:19
LUKERES.DLL : 8.1.4.0 12033 Bytes 26/05/2008 13:58:52
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 16:33:34
ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 24/06/2008 19:54:15
ANTIVIR2.VDF : 7.0.6.217 3773440 Bytes 26/09/2008 13:44:57
ANTIVIR3.VDF : 7.0.6.225 64512 Bytes 29/09/2008 18:10:28
Engineversion : 8.1.1.35
AEVDF.DLL : 8.1.0.5 102772 Bytes 25/02/2008 15:58:21
AESCRIPT.DLL : 8.1.0.76 319867 Bytes 28/09/2008 13:45:14
AESCN.DLL : 8.1.0.23 119156 Bytes 10/07/2008 18:44:49
AERDL.DLL : 8.1.1.2 438644 Bytes 28/09/2008 13:45:12
AEPACK.DLL : 8.1.2.3 364918 Bytes 28/09/2008 13:45:10
AEOFFICE.DLL : 8.1.0.25 196986 Bytes 28/09/2008 13:45:08
AEHEUR.DLL : 8.1.0.59 1438071 Bytes 28/09/2008 13:45:06
AEHELP.DLL : 8.1.0.15 115063 Bytes 10/07/2008 18:44:48
AEGEN.DLL : 8.1.0.36 315764 Bytes 28/09/2008 13:45:03
AEEMU.DLL : 8.1.0.7 430452 Bytes 31/07/2008 14:33:21
AECORE.DLL : 8.1.1.11 172406 Bytes 28/09/2008 13:45:01
AEBB.DLL : 8.1.0.1 53617 Bytes 10/07/2008 18:44:48
AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 14:40:05
AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 15:28:01
AVREP.DLL : 8.0.0.2 98344 Bytes 28/09/2008 13:44:59
AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 17:26:40
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 14:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 18:27:49
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 23:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 18:49:40
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 18:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 12/06/2008 19:48:07
RCTEXT.DLL : 8.0.52.0 86273 Bytes 27/06/2008 19:34:37

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Deviating risk categories........: +APPL,+GAME,+JOKE,+PCK,+SPR,

Start of the scan: 30 septembre 2008 12:09

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'guard.exe' - '1' Module(s) have been scanned
Scan process 'aawservice.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
13 processes with 13 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!

Starting to scan the registry.
The registry was scanned ( '64' files ).


Starting the file scan:

Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!


End of the scan: 30 septembre 2008 13:34
Used time: 1:25:05 Hour(s)

The scan has been done completely.

5684 Scanning directories
251109 Files were scanned
0 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
251108 Files not concerned
8751 Archives were scanned
1 Warnings
0 Notes


Note: au redémarrage antivir a démarrer tout seul un autre scan, je le laisse faire on verra les résultats, deux fenêtres d'alertes sont ouvertes, C\WINDOWS\temp\00009898.exe is the TR/Unpacked.Gen Trojan , mais je n'ai encore pris aucune action, je veux voir si le scan les détectera.
Alors, qu'en penses-tu, tout un casse-tête?

Dernier rapport antivir, j'ai ignoré deux alertes et il les a détecté

Avira AntiVir Personal
Report file date: 30 septembre 2008 13:39

Scanning for 1649801 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 3) [5.1.2600]
Boot mode: Normally booted
Username: SYSTEM
Computer name: ORDINATEUR

Version information:
BUILD.DAT : 8.1.0.331 16934 Bytes 12/08/2008 11:46:00
AVSCAN.EXE : 8.1.4.7 315649 Bytes 26/06/2008 14:57:53
AVSCAN.DLL : 8.1.4.0 40705 Bytes 26/05/2008 13:56:40
LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 18:44:19
LUKERES.DLL : 8.1.4.0 12033 Bytes 26/05/2008 13:58:52
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 16:33:34
ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 24/06/2008 19:54:15
ANTIVIR2.VDF : 7.0.6.217 3773440 Bytes 26/09/2008 13:44:57
ANTIVIR3.VDF : 7.0.6.225 64512 Bytes 29/09/2008 18:10:28
Engineversion : 8.1.1.35
AEVDF.DLL : 8.1.0.5 102772 Bytes 25/02/2008 15:58:21
AESCRIPT.DLL : 8.1.0.76 319867 Bytes 28/09/2008 13:45:14
AESCN.DLL : 8.1.0.23 119156 Bytes 10/07/2008 18:44:49
AERDL.DLL : 8.1.1.2 438644 Bytes 28/09/2008 13:45:12
AEPACK.DLL : 8.1.2.3 364918 Bytes 28/09/2008 13:45:10
AEOFFICE.DLL : 8.1.0.25 196986 Bytes 28/09/2008 13:45:08
AEHEUR.DLL : 8.1.0.59 1438071 Bytes 28/09/2008 13:45:06
AEHELP.DLL : 8.1.0.15 115063 Bytes 10/07/2008 18:44:48
AEGEN.DLL : 8.1.0.36 315764 Bytes 28/09/2008 13:45:03
AEEMU.DLL : 8.1.0.7 430452 Bytes 31/07/2008 14:33:21
AECORE.DLL : 8.1.1.11 172406 Bytes 28/09/2008 13:45:01
AEBB.DLL : 8.1.0.1 53617 Bytes 10/07/2008 18:44:48
AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 14:40:05
AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 15:28:01
AVREP.DLL : 8.0.0.2 98344 Bytes 28/09/2008 13:44:59
AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 17:26:40
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 14:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 18:27:49
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 23:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 18:49:40
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 18:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 12/06/2008 19:48:07
RCTEXT.DLL : 8.0.52.0 86273 Bytes 27/06/2008 19:34:37

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Deviating risk categories........: +APPL,+GAME,+JOKE,+PCK,+SPR,

Start of the scan: 30 septembre 2008 13:39

The scan of running processes will be started
Scan process 'ImApp.exe' - '1' Module(s) have been scanned
Scan process 'hptskmgr.exe' - '1' Module(s) have been scanned
Scan process 'HPOSM.exe' - '1' Module(s) have been scanned
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'MgApp.exe' - '1' Module(s) have been scanned
Scan process 'hpqtra08.exe' - '1' Module(s) have been scanned
Scan process 'TeaTimer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'IncMail.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'hpcmpmgr.exe' - '1' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '1' Module(s) have been scanned
Scan process 'DoScan.exe' - '1' Module(s) have been scanned
Scan process 'hpwuSchd.exe' - '1' Module(s) have been scanned
Scan process 'avgas.exe' - '1' Module(s) have been scanned
Scan process 'VPTray.exe' - '1' Module(s) have been scanned
Scan process 'ccApp.exe' - '1' Module(s) have been scanned
Scan process 'htpatch.exe' - '1' Module(s) have been scanned
Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'ccEvtMgr.exe' - '1' Module(s) have been scanned
Scan process 'Rtvscan.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'SMAgent.exe' - '1' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
Scan process 'DefWatch.exe' - '1' Module(s) have been scanned
Scan process 'ccSetMgr.exe' - '1' Module(s) have been scanned
Scan process 'guard.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'aawservice.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
43 processes with 43 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!

Starting to scan the registry.
The registry was scanned ( '63' files ).


Starting the file scan:

Begin scan in 'C:\'
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\WINDOWS\temp\00025084.exe
[DETECTION] Is the TR/ATRAPS.Gen Trojan
[WARNING] The file was ignored!
C:\WINDOWS\temp\00028575.VIR
[DETECTION] Is the TR/Unpacked.Gen Trojan
[WARNING] The file was ignored!


End of the scan: 30 septembre 2008 14:43
Used time: 1:03:57 Hour(s)

The scan has been done completely.

5687 Scanning directories
251150 Files were scanned
2 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
251146 Files not concerned
8751 Archives were scanned
4 Warnings
0 Notes

Désolée j'ai eu quelques difficultés avec explorer, le rapport combofix :

ComboFix 08-09-28.05 - Administrateur 2008-09-30 16:03:40.2 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.233 [GMT -4:00]
Lancé depuis: C:\Documents and Settings\Administrateur\Bureau\ComboFix.exe
* Un nouveau point de restauration a été créé
.

((((((((((((((((((((((((((((( Fichiers créés du 2008-08-28 au 2008-09-30 ))))))))))))))))))))))))))))))))))))
.

2008-09-30 11:04 . 2008-09-30 11:04 <REP> d-------- C:\_OTMoveIt
2008-09-29 14:55 . 2008-09-29 15:11 <REP> d-------- C:\hijackthis
2008-09-28 18:58 . 2008-09-28 18:58 13,774,256 --a------ C:\Program Files\nod32-2.5fr_ms_windows_nt.exe
2008-09-28 18:40 . 2008-09-28 18:40 119,808 --a------ C:\Program Files\VundoFix.exe
2008-09-28 09:42 . 2008-09-28 09:42 <REP> d-------- C:\Program Files\Avira
2008-09-28 09:42 . 2008-09-28 09:42 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira
2008-09-28 09:31 . 2008-09-28 09:31 25,085,704 --a------ C:\Program Files\antivir-personal-edition_avira_antivir_personal_free_8.1.0.367_anglais_10821.exe
2008-09-27 23:58 . 2008-09-27 23:58 <REP> d-------- C:\Program Files\Lavasoft
2008-09-27 23:55 . 2008-09-27 23:55 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-09-27 23:55 . 2008-09-27 23:55 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-09-27 23:55 . 2008-09-27 23:55 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Malwarebytes
2008-09-27 23:55 . 2008-09-10 00:04 38,528 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-09-27 23:55 . 2008-09-10 00:03 17,200 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-09-27 23:53 . 2008-09-27 23:53 2,934,272 --a------ C:\Program Files\ccsetup212.exe
2008-09-27 22:55 . 2008-09-27 22:55 140,288 --a------ C:\Program Files\vcleaner.exe
2008-09-27 22:43 . 2008-09-27 22:43 234,655 --a------ C:\Program Files\f-force.zip
2008-09-27 22:40 . 2008-09-27 22:40 13,767,512 --a------ C:\Program Files\sdasetup.exe
2008-09-27 22:39 . 2008-09-27 22:39 2,189,864 --a------ C:\Program Files\mbam-setup.exe
2008-09-27 20:40 . 2008-09-27 20:40 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-09-27 17:58 . 2008-06-19 17:24 28,544 --a------ C:\WINDOWS\system32\drivers\pavboot.sys
2008-09-27 13:53 . 2008-09-27 13:53 552 --a------ C:\WINDOWS\system32\d3d8caps.dat
2008-09-26 23:47 . 2008-09-26 23:47 <REP> d-------- C:\Documents and Settings\All Users\Application Data\JollyBear
2008-09-18 16:08 . 2004-08-19 10:09 221,184 --a------ C:\WINDOWS\system32\wmpns.dll
2008-09-18 15:00 . 2008-09-18 15:00 <REP> d-------- C:\WINDOWS\system32\fr
2008-09-18 15:00 . 2008-09-18 15:00 <REP> d-------- C:\WINDOWS\system32\bits
2008-09-18 15:00 . 2008-09-18 15:00 <REP> d-------- C:\WINDOWS\l2schemas
2008-09-18 14:56 . 2008-09-18 15:00 <REP> d-------- C:\WINDOWS\ServicePackFiles
2008-09-17 19:56 . 2004-07-17 22:55 129,045 --------- C:\WINDOWS\system32\drivers\cxthsfs2.cty
2008-09-16 21:49 . 2008-09-19 14:23 <REP> d-------- C:\Program Files\LimeWire
2008-09-16 21:49 . 2008-09-26 23:45 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\LimeWire
2008-09-16 21:47 . 2008-09-16 21:47 4,898,704 --a------ C:\Program Files\LimeWireWin.exe
2008-08-30 19:11 . 2008-08-30 19:11 <REP> d-------- C:\Documents and Settings\LocalService\Mes documents
2008-08-16 18:13 . 2003-07-16 02:27 43,264 -ra------ C:\WINDOWS\system32\drivers\ser2pl.sys
2008-08-14 11:00 . 2008-04-11 15:05 691,712 -----c--- C:\WINDOWS\system32\dllcache\inetcomm.dll
2008-08-12 11:37 . 2008-08-12 11:37 <REP> d-------- C:\Documents and Settings\All Users\Application Data\IM
2008-08-12 11:36 . 2008-08-12 11:36 <REP> d-------- C:\Documents and Settings\All Users\Application Data\IncrediMail

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-30 19:43 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared
2008-09-30 19:29 --------- d-----w C:\Program Files\Symantec AntiVirus
2008-09-30 19:29 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
2008-09-30 15:02 --------- d-----w C:\Program Files\Zuma Deluxe
2008-09-30 13:50 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-09-28 03:58 --------- d-----w C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-09-28 03:58 --------- d-----w C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-09-27 21:58 --------- d-----w C:\Program Files\Panda Security
2008-09-27 12:27 17,408 ----a-w C:\WINDOWS\system32\KMSYUV.DLL
2008-09-23 03:00 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-09-20 03:14 73,216 ----a-w C:\WINDOWS\ST6UNST.EXE
2008-09-20 03:14 286,720 ------w C:\WINDOWS\Setup1.exe
2008-09-19 01:14 --------- d-----w C:\Program Files\MSN Messenger
2008-09-17 01:17 4 ----a-w C:\dvrwindow.bin
2008-08-30 23:17 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-08-27 16:44 --------- d-----w C:\Program Files\StepMania
2008-08-12 15:36 --------- d-----w C:\Program Files\IncrediMail
2008-08-08 23:30 --------- d-----w C:\Program Files\PartyGaming
2008-07-19 02:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll
2008-07-19 02:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe
2008-07-19 02:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll
2008-07-19 02:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll
2008-07-19 02:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll
2008-07-19 02:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll
2008-07-19 02:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll
2008-07-19 02:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll
2008-07-07 20:28 253,952 ----a-w C:\WINDOWS\system32\es.dll
2008-06-24 22:12 295,936 ------w C:\WINDOWS\system32\wmpeffects.dll
2008-06-24 16:44 74,240 ----a-w C:\WINDOWS\system32\mscms.dll
2008-06-23 16:28 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2008-06-20 17:47 247,808 ----a-w C:\WINDOWS\system32\mswsock.dll
2008-06-05 02:16 10,072,368 ----a-w C:\Program Files\copytodvd4_setup-avangate_678.exe
2008-06-04 23:26 47,360 ----a-w C:\Documents and Settings\Administrateur\Application Data\pcouffin.sys
2008-06-04 22:23 4,328,969 ----a-w C:\Program Files\burn4free_setup.exe
2008-06-01 00:56 151,552 ------w C:\WINDOWS\system32\pxwma.dll
2008-06-01 00:56 108,544 ------w C:\WINDOWS\system32\pxcpyi64.exe
2008-06-01 00:56 104,960 ------w C:\WINDOWS\system32\pxinsi64.exe
2008-05-20 00:49 5,265,101 ----a-w C:\Program Files\Shareaza_2.3.1.0_Win32.exe
2008-05-03 03:31 5,063,603 ----a-w C:\Program Files\karafun_118.exe
2008-02-09 04:02 1,483,226 ----a-w C:\Program Files\cldxtra.exe
2007-12-17 12:38 2,724,328 ----a-w C:\Program Files\ccsetup203.exe
2007-11-14 17:45 18,164,640 ----a-w C:\Program Files\aaw2007.exe
2007-11-14 17:29 7,467,056 ----a-w C:\Program Files\spybotsd15.exe
2008-01-19 20:06 8 --sh--r C:\WINDOWS\system32\[u]0/uCC34CAA9E.sys
2008-01-19 20:07 2,828 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IncrediMail"="C:\Program Files\IncrediMail\bin\IncMail.exe" [2008-07-24 243072]
"Magentic"="C:\PROGRA~1\Magentic\bin\Magentic.exe" [2007-10-09 475180]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2007-08-31 1460560]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HTpatch"="C:\WINDOWS\htpatch.exe" [2002-10-30 28672]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-10-22 7700480]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-10-22 86016]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 6731312]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd.exe" [2003-08-04 49152]
"HP Component Manager"="C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" [2004-05-12 241664]
"NeroCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 155648]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
"nwiz"="nwiz.exe" [2006-10-22 C:\WINDOWS\system32\nwiz.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-13 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.YUY2"= kmsyuv.dll
"vidc.divx"= KM4.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"C:\\WINDOWS\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\IncrediMail\\bin\\ImApp.exe"=
"C:\\Program Files\\IncrediMail\\bin\\IncMail.exe"=
"C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"=
"C:\\WINDOWS\\system32\\mshta.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\Program Files\\Starcraft\\StarCraft.exe"=
"C:\\Program Files\\IncrediMail\\magentic_install.exe"=
"C:\\Program Files\\Magentic\\bin\\MgImp.exe"=
"C:\\Program Files\\Magentic\\bin\\Magentic.exe"=
"C:\\Program Files\\Magentic\\bin\\MgApp.exe"=
"C:\\Program Files\\Delta_II\\Delta_II Client\\WebServer.exe"=
"C:\\Program Files\\Shareaza\\Shareaza.exe"=
"C:\\Program Files\\Hasbro Interactive\\RollerCoaster Tycoon\\rct.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"2001:TCP"= 2001:TCP:IPRegister
"80:TCP"= 80:TCP:Web

R0 pavboot;pavboot;C:\WINDOWS\system32\drivers\pavboot.sys [2008-06-19 28544]
R3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 MemStPCI;Contrôleur Sony Memory Stick (PCI);C:\WINDOWS\system32\DRIVERS\MemStPCI.SYS [2008-04-13 26112]
S3 USBSER34;USBSER34;C:\WINDOWS\system32\Drivers\USBSER34.SYS [2007-12-23 35248]
S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]

*Newly Created Service* - PROCEXP90
.
- - - - ORPHELINS SUPPRIMES - - - -

Notify-NavLogon - (no file)


.
------- Examen supplémentaire -------
.
R0 -: HKCU-Main,Start Page = hxxp://www.google.ca/
O9 -: {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 -: {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe -
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-30 16:05:50
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
HTpatch = C:\WINDOWS\htpatch.exe?ows\CurrentVersion\Run?z[(C?? ???h`??????x???????????x????????B??x??? C??????H???????????????????p????B??????p`???????B??????x??????????????????????|?OA??O??????????????????????????p`??????? ?? ???8M??????????st.I????????????(????????O?

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
Heure de fin: 2008-09-30 16:07:34
ComboFix-quarantined-files.txt 2008-09-30 20:07:25

Avant-CF: 44ÿ983ÿ402ÿ496 octets libres
Après-CF: 44,978,651,136 octets libres

174 --- E O F --- 2008-09-19 18:29:28

Merveilleux, rien de détecté et plus de souci au démarrage

Merci beaucoup jlpjlp d'avoir résolu mon problème
c'est super!

Merci merci

BitDefender Online Scanner
Scan report generated at: Tue, Sep 30, 2008 - 18:21:03

Scan path: A:\;C:\;D:\;E:\;

Statistics
Time 00:59:08
Files 199376
Folders 5638
Boot Sectors 0
Archives 10179
Packed Files 14533

Results
Identified Viruses 0
Infected Files 0
Suspect Files 0
Warnings 0
Disinfected 0
Deleted Files 0

Engines Info
Virus Definitions 1692482
Engine build AVCORE v1.7 (build 8314.19) (i386) (Sep 10 2008 19:37:42)
Scan plugins 14
Archive plugins 40
Unpack plugins 7
E-mail plugins 6
System plugins 0

Scan Settings
First Action Disinfect
Second Action Delete
Heuristics Yes
Enable Warnings Yes
Scanned Extensions *;
Exclude Extensions
Scan Emails Yes
Scan Archives Yes
Scan Packed Yes
Scan Files Yes
Scan Boot Yes

Merveilleux, rien de détecté et plus de souci au démarrage

Merci beaucoup d'avoir résolu mon problème
c'est super!

Merci merci

Bonjour à tous j'ai un tr unpacked trojan gen sur mon pc depuis quelques jours et impossible de le supprimer avec antivir. Dés que je le fait il revient au bout de peu de temps. Je suis une quiche en informatique alors si vous pouviez m'aider ça serait sympa .

Par avance merci

hijre j'ai fair navilog1,anti malware et j'ai instale hijack this ,j'ai eoncor tr/unpacked.gen