39 virus détectés : qui est chaud ? :)
Résolu
Pedro-Rookie
Messages postés
94
Statut
Membre
-
Pedro-Rookie Messages postés 94 Statut Membre -
Pedro-Rookie Messages postés 94 Statut Membre -
Bonjour à tous,
Je viens de récupérer le PC de mon neveu.
Après avoir nettoyer le pc (physiquement j'entends), je suis passer au nettoyage informatique, résultat : 39 virus.... |o|
Qui est assez fou pour m'aider?
Vaut-il mieux jeter le pc dans la cheminée?
Merci :)
Je viens de récupérer le PC de mon neveu.
Après avoir nettoyer le pc (physiquement j'entends), je suis passer au nettoyage informatique, résultat : 39 virus.... |o|
Qui est assez fou pour m'aider?
Vaut-il mieux jeter le pc dans la cheminée?
Merci :)
A voir également:
- 39 virus détectés : qui est chaud ? :)
- Virus mcafee - Accueil - Piratage
- Virus facebook demande d'amis - Accueil - Facebook
- Undisclosed-recipients virus - Guide
- Fogra 39 - Forum Windows
- Panda anti virus gratuit - Télécharger - Antivirus & Antimalwares
33 réponses
Rapport de ZHPFix 1.12.3260 par Nicolas Coolman, Update du 11/03/2011
Fichier d'export Registre : C:\ZHPExportRegistry-20-03-2011-21-40-26.txt
Run by Ludovic at 20/03/2011 21:40:26
Windows XP Home Edition Service Pack 3 (Build 2600)
Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html
Contact : nicolascoolman@yahoo.fr
========== Clé(s) du Registre ==========
SS - | Auto 28/08/2009 0 | (aswUpdSv) . (...) - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe => Clé supprimée avec succès
O64 - Services: CurCS - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (.not file.) - avast! iAVS4 Control Service (aswUpdSv) .(...) - LEGACY_ASWUPDSV => Clé supprimée avec succès
HKLM\Software\Panda Software => Clé supprimée avec succès
========== Dossier(s) ==========
C:\Program Files\Panda Security => Supprimé et mis en quarantaine
C:\Program Files\Emsisoft Anti-Malware => Supprimé et mis en quarantaine
========== Fichier(s) ==========
c:\program files\alwil software\avast4\aswupdsv.exe => Fichier absent
========== Récapitulatif ==========
3 : Clé(s) du Registre
2 : Dossier(s)
1 : Fichier(s)
End of the scan
Fichier d'export Registre : C:\ZHPExportRegistry-20-03-2011-21-40-26.txt
Run by Ludovic at 20/03/2011 21:40:26
Windows XP Home Edition Service Pack 3 (Build 2600)
Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html
Contact : nicolascoolman@yahoo.fr
========== Clé(s) du Registre ==========
SS - | Auto 28/08/2009 0 | (aswUpdSv) . (...) - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe => Clé supprimée avec succès
O64 - Services: CurCS - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (.not file.) - avast! iAVS4 Control Service (aswUpdSv) .(...) - LEGACY_ASWUPDSV => Clé supprimée avec succès
HKLM\Software\Panda Software => Clé supprimée avec succès
========== Dossier(s) ==========
C:\Program Files\Panda Security => Supprimé et mis en quarantaine
C:\Program Files\Emsisoft Anti-Malware => Supprimé et mis en quarantaine
========== Fichier(s) ==========
c:\program files\alwil software\avast4\aswupdsv.exe => Fichier absent
========== Récapitulatif ==========
3 : Clé(s) du Registre
2 : Dossier(s)
1 : Fichier(s)
End of the scan
A part UninstallAV qui est detecté par antivir comme un virus, j'ai l'impression que ça va mieux.
Je dois avoir pas mal de processus qui tournent et qui ne servent à rien.
Aussi des programmes inutiles..
Je vais refaire un coup de MBAM et AD-REMOVER peut être également?
Je dois avoir pas mal de processus qui tournent et qui ne servent à rien.
Aussi des programmes inutiles..
Je vais refaire un coup de MBAM et AD-REMOVER peut être également?
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
A part UninstallAV qui est detecté par antivir comme un virus, j'ai l'impression que ça va mieux.
tu as moyens via antivir de signaler le logiciel comme étant non infecter? c'est moi qui l'ai fait, je peux te dire qu'il est propre. lol
Je vais refaire un coup de MBAM et AD-REMOVER peut être également?
un zhpdiag me suffira.
Je dois avoir pas mal de processus qui tournent et qui ne servent à rien.
Aussi des programmes inutiles..
t'inquiète, j'ai tout ce qu'il faut a la fin.
▶▶▶ CONTRIBUTEUR SÉCURITÉ ◀◀◀
Qualification Helper sur HELPER FORMATION.
tu as moyens via antivir de signaler le logiciel comme étant non infecter? c'est moi qui l'ai fait, je peux te dire qu'il est propre. lol
Je vais refaire un coup de MBAM et AD-REMOVER peut être également?
un zhpdiag me suffira.
Je dois avoir pas mal de processus qui tournent et qui ne servent à rien.
Aussi des programmes inutiles..
t'inquiète, j'ai tout ce qu'il faut a la fin.
▶▶▶ CONTRIBUTEUR SÉCURITÉ ◀◀◀
Qualification Helper sur HELPER FORMATION.
tu as moyens via antivir de signaler le logiciel comme étant non infecter? c'est moi qui l'ai fait, je peux te dire qu'il est propre. lol
Je viens de voir ça. Merci
zhpdiag dans 3-4 minutes. Je termine un truc que je ne peux pas mettre en pause :)
Je viens de voir ça. Merci
zhpdiag dans 3-4 minutes. Je termine un truc que je ne peux pas mettre en pause :)
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Version de la base de données: 6092
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
22/03/2011 00:03:30
mbam-log-2011-03-22 (00-03-30).txt
Type d'examen: Examen complet (C:\|)
Elément(s) analysé(s): 275120
Temps écoulé: 1 heure(s), 20 minute(s), 35 seconde(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 1
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
c:\system volume information\_restore{58f2378a-346c-49c9-9919-d1d804f5fda0}\RP698\A0143618.exe (Trojan.Crypt) -> Quarantined and deleted successfully.
www.malwarebytes.org
Version de la base de données: 6092
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
22/03/2011 00:03:30
mbam-log-2011-03-22 (00-03-30).txt
Type d'examen: Examen complet (C:\|)
Elément(s) analysé(s): 275120
Temps écoulé: 1 heure(s), 20 minute(s), 35 seconde(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 1
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
c:\system volume information\_restore{58f2378a-346c-49c9-9919-d1d804f5fda0}\RP698\A0143618.exe (Trojan.Crypt) -> Quarantined and deleted successfully.
Après analyse avec Avira:
3 virus détectés (dont celui d'UninstallAV mais on s'en fout):
Avira AntiVir Personal
Report file date: mardi 22 mars 2011 08:35
Scanning for 2519619 virus strains and unwanted programs.
The program is running as an unrestricted full version.
Online services are available:
Licensee : Avira AntiVir Personal - FREE Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows XP
Windows version : (Service Pack 3) [5.1.2600]
Boot mode : Normally booted
Username : SYSTEM
Computer name : GEPEMA_LUDOVIC
Version information:
BUILD.DAT : 10.0.0.635 31822 Bytes 07/03/2011 12:15:00
AVSCAN.EXE : 10.0.3.5 435368 Bytes 10/01/2011 13:23:31
AVSCAN.DLL : 10.0.3.0 46440 Bytes 01/04/2010 11:57:04
LUKE.DLL : 10.0.3.2 104296 Bytes 10/01/2011 13:23:40
LUKERES.DLL : 10.0.0.1 12648 Bytes 10/02/2010 22:40:49
VBASE000.VDF : 7.10.0.0 19875328 Bytes 06/11/2009 08:05:36
VBASE001.VDF : 7.11.0.0 13342208 Bytes 14/12/2010 13:23:50
VBASE002.VDF : 7.11.3.0 1950720 Bytes 09/02/2011 21:38:29
VBASE003.VDF : 7.11.3.1 2048 Bytes 09/02/2011 21:38:29
VBASE004.VDF : 7.11.3.2 2048 Bytes 09/02/2011 21:38:29
VBASE005.VDF : 7.11.3.3 2048 Bytes 09/02/2011 21:38:29
VBASE006.VDF : 7.11.3.4 2048 Bytes 09/02/2011 21:38:29
VBASE007.VDF : 7.11.3.5 2048 Bytes 09/02/2011 21:38:29
VBASE008.VDF : 7.11.3.6 2048 Bytes 09/02/2011 21:38:29
VBASE009.VDF : 7.11.3.7 2048 Bytes 09/02/2011 21:38:29
VBASE010.VDF : 7.11.3.8 2048 Bytes 09/02/2011 21:38:29
VBASE011.VDF : 7.11.3.9 2048 Bytes 09/02/2011 21:38:29
VBASE012.VDF : 7.11.3.10 2048 Bytes 09/02/2011 21:38:30
VBASE013.VDF : 7.11.3.59 157184 Bytes 14/02/2011 21:38:30
VBASE014.VDF : 7.11.3.97 120320 Bytes 16/02/2011 21:38:30
VBASE015.VDF : 7.11.3.148 128000 Bytes 19/02/2011 21:38:31
VBASE016.VDF : 7.11.3.183 140288 Bytes 22/02/2011 21:38:31
VBASE017.VDF : 7.11.3.216 124416 Bytes 24/02/2011 21:38:31
VBASE018.VDF : 7.11.3.251 159232 Bytes 28/02/2011 21:38:32
VBASE019.VDF : 7.11.4.33 148992 Bytes 02/03/2011 21:38:32
VBASE020.VDF : 7.11.4.73 150016 Bytes 06/03/2011 21:38:33
VBASE021.VDF : 7.11.4.108 122880 Bytes 08/03/2011 21:38:33
VBASE022.VDF : 7.11.4.150 133120 Bytes 10/03/2011 21:38:33
VBASE023.VDF : 7.11.4.183 122368 Bytes 14/03/2011 21:38:34
VBASE024.VDF : 7.11.4.228 123392 Bytes 16/03/2011 21:38:34
VBASE025.VDF : 7.11.5.8 246272 Bytes 21/03/2011 07:28:36
VBASE026.VDF : 7.11.5.9 2048 Bytes 21/03/2011 07:28:36
VBASE027.VDF : 7.11.5.10 2048 Bytes 21/03/2011 07:28:36
VBASE028.VDF : 7.11.5.11 2048 Bytes 21/03/2011 07:28:37
VBASE029.VDF : 7.11.5.12 2048 Bytes 21/03/2011 07:28:37
VBASE030.VDF : 7.11.5.13 2048 Bytes 21/03/2011 07:28:37
VBASE031.VDF : 7.11.5.22 68096 Bytes 22/03/2011 07:28:37
Engineversion : 8.2.4.188
AEVDF.DLL : 8.1.2.1 106868 Bytes 10/01/2011 13:23:26
AESCRIPT.DLL : 8.1.3.57 1261947 Bytes 19/03/2011 22:26:45
AESCN.DLL : 8.1.7.2 127349 Bytes 10/01/2011 13:23:26
AESBX.DLL : 8.1.3.2 254324 Bytes 10/01/2011 13:23:26
AERDL.DLL : 8.1.9.8 639346 Bytes 16/03/2011 21:38:42
AEPACK.DLL : 8.2.4.12 520567 Bytes 16/03/2011 21:38:41
AEOFFICE.DLL : 8.1.1.17 205177 Bytes 16/03/2011 21:38:40
AEHEUR.DLL : 8.1.2.87 3371383 Bytes 19/03/2011 22:26:44
AEHELP.DLL : 8.1.16.1 246134 Bytes 16/03/2011 21:38:37
AEGEN.DLL : 8.1.5.3 397684 Bytes 19/03/2011 22:26:41
AEEMU.DLL : 8.1.3.0 393589 Bytes 10/01/2011 13:23:18
AECORE.DLL : 8.1.19.2 196983 Bytes 16/03/2011 21:38:35
AEBB.DLL : 8.1.1.0 53618 Bytes 10/01/2011 13:23:18
AVWINLL.DLL : 10.0.0.0 19304 Bytes 10/01/2011 13:23:32
AVPREF.DLL : 10.0.0.0 44904 Bytes 10/01/2011 13:23:30
AVREP.DLL : 10.0.0.8 62209 Bytes 17/06/2010 13:27:13
AVREG.DLL : 10.0.3.2 53096 Bytes 10/01/2011 13:23:31
AVSCPLR.DLL : 10.0.3.2 84328 Bytes 10/01/2011 13:23:31
AVARKT.DLL : 10.0.22.6 231784 Bytes 10/01/2011 13:23:27
AVEVTLOG.DLL : 10.0.0.8 203112 Bytes 10/01/2011 13:23:28
SQLITE3.DLL : 3.6.19.0 355688 Bytes 17/06/2010 13:27:22
AVSMTP.DLL : 10.0.0.17 63848 Bytes 10/01/2011 13:23:31
NETNT.DLL : 10.0.0.0 11624 Bytes 17/06/2010 13:27:21
RCIMAGE.DLL : 10.0.0.26 2550120 Bytes 28/01/2010 12:10:20
RCTEXT.DLL : 10.0.58.0 97128 Bytes 10/01/2011 13:23:52
Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: C:\Program Files\Avira\AntiVir Desktop\sysscan.avp
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:,
Process scan........................: on
Extended process scan...............: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium
Start of the scan: mardi 22 mars 2011 08:35
Starting search for hidden objects.
In the module 'AVARKT.DLL' an exception occured.
Calling the function ARK_Scan
Error description:UNKNOWN
EAX = 0B53D154 EBX = 0B53D324
ECX = 00000000 EDX = 00000003
ESI = 0B53D1DC EDI = 0b53d340
EIP = 7C812AFB EBP = 0B53D1A4
ESP = 0B53D150 Flg = 00000206
CS = 00000023 SS = 0000001B
The scan of running processes will be started
Scan process 'plugin-container.exe' - '59' Module(s) have been scanned
Scan process 'msdtc.exe' - '40' Module(s) have been scanned
Scan process 'dllhost.exe' - '59' Module(s) have been scanned
Scan process 'dllhost.exe' - '45' Module(s) have been scanned
Scan process 'vssvc.exe' - '48' Module(s) have been scanned
Scan process 'avscan.exe' - '68' Module(s) have been scanned
Scan process 'avcenter.exe' - '62' Module(s) have been scanned
Scan process 'firefox.exe' - '81' Module(s) have been scanned
Scan process 'alg.exe' - '33' Module(s) have been scanned
Scan process 'wmiapsrv.exe' - '45' Module(s) have been scanned
Scan process 'postgres.exe' - '24' Module(s) have been scanned
Scan process 'postgres.exe' - '24' Module(s) have been scanned
Scan process 'postgres.exe' - '24' Module(s) have been scanned
Scan process 'postgres.exe' - '26' Module(s) have been scanned
Scan process 'svchost.exe' - '38' Module(s) have been scanned
Scan process 'Apntex.exe' - '14' Module(s) have been scanned
Scan process 'pg_ctl.exe' - '30' Module(s) have been scanned
Scan process 'TPSBattM.exe' - '21' Module(s) have been scanned
Scan process 'avshadow.exe' - '26' Module(s) have been scanned
Scan process 'mdm.exe' - '21' Module(s) have been scanned
Scan process 'jqs.exe' - '72' Module(s) have been scanned
Scan process 'DVDRAMSV.exe' - '13' Module(s) have been scanned
Scan process 'CFSvcs.exe' - '43' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '29' Module(s) have been scanned
Scan process 'avguard.exe' - '53' Module(s) have been scanned
Scan process 'rapimgr.exe' - '43' Module(s) have been scanned
Scan process 'RAMASST.exe' - '18' Module(s) have been scanned
Scan process 'Wcescomm.exe' - '43' Module(s) have been scanned
Scan process 'avgnt.exe' - '51' Module(s) have been scanned
Scan process 'jusched.exe' - '21' Module(s) have been scanned
Scan process 'tfswctrl.exe' - '28' Module(s) have been scanned
Scan process 'TFncKy.exe' - '26' Module(s) have been scanned
Scan process 'TPSMain.exe' - '33' Module(s) have been scanned
Scan process 'TCtrlIOHook.exe' - '20' Module(s) have been scanned
Scan process 'ZoomingHook.exe' - '15' Module(s) have been scanned
Scan process 'Apoint.exe' - '40' Module(s) have been scanned
Scan process 'AGRSMMSG.exe' - '18' Module(s) have been scanned
Scan process 'atiptaxx.exe' - '32' Module(s) have been scanned
Scan process 'svchost.exe' - '34' Module(s) have been scanned
Scan process 'sched.exe' - '46' Module(s) have been scanned
Scan process 'spoolsv.exe' - '57' Module(s) have been scanned
Scan process 'Explorer.EXE' - '91' Module(s) have been scanned
Scan process 'Ati2evxx.exe' - '19' Module(s) have been scanned
Scan process 'svchost.exe' - '37' Module(s) have been scanned
Scan process 'svchost.exe' - '32' Module(s) have been scanned
Scan process 'svchost.exe' - '165' Module(s) have been scanned
Scan process 'svchost.exe' - '38' Module(s) have been scanned
Scan process 'svchost.exe' - '51' Module(s) have been scanned
Scan process 'Ati2evxx.exe' - '15' Module(s) have been scanned
Scan process 'lsass.exe' - '58' Module(s) have been scanned
Scan process 'services.exe' - '27' Module(s) have been scanned
Scan process 'winlogon.exe' - '68' Module(s) have been scanned
Scan process 'csrss.exe' - '12' Module(s) have been scanned
Scan process 'smss.exe' - '2' Module(s) have been scanned
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Starting to scan executable files (registry).
The registry was scanned ( '467' files ).
Starting the file scan:
Begin scan in 'C:\'
C:\Documents and Settings\Ludovic\Bureau\uninstallAV_v110.exe
[DETECTION] Contains a recognition pattern of the (harmful) BDS/Agent.bgwt back-door program
C:\System Volume Information\_restore{58F2378A-346C-49C9-9919-D1D804F5FDA0}\RP698\A0143619.exe
[DETECTION] Is the TR/Agent.59904.B Trojan
C:\System Volume Information\_restore{58F2378A-346C-49C9-9919-D1D804F5FDA0}\RP698\A0143620.ico
[DETECTION] Contains recognition pattern of the KIT/GeeBat construction kit
Beginning disinfection:
C:\System Volume Information\_restore{58F2378A-346C-49C9-9919-D1D804F5FDA0}\RP698\A0143620.ico
[DETECTION] Contains recognition pattern of the KIT/GeeBat construction kit
[NOTE] The file was moved to the quarantine directory under the name '46c35f3a.qua'.
C:\System Volume Information\_restore{58F2378A-346C-49C9-9919-D1D804F5FDA0}\RP698\A0143619.exe
[DETECTION] Is the TR/Agent.59904.B Trojan
[NOTE] The file was moved to the quarantine directory under the name '5e54709d.qua'.
C:\Documents and Settings\Ludovic\Bureau\uninstallAV_v110.exe
[DETECTION] Contains a recognition pattern of the (harmful) BDS/Agent.bgwt back-door program
[NOTE] The file was moved to the quarantine directory under the name '0c432a33.qua'.
End of the scan: mardi 22 mars 2011 20:41
Used time: 1:33:04 Hour(s)
The scan has been done completely.
9134 Scanned directories
412742 Files were scanned
3 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
3 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
412739 Files not concerned
7895 Archives were scanned
0 Warnings
3 Notes
463668 Objects were scanned with rootkit scan
1 Hidden objects were found
3 virus détectés (dont celui d'UninstallAV mais on s'en fout):
Avira AntiVir Personal
Report file date: mardi 22 mars 2011 08:35
Scanning for 2519619 virus strains and unwanted programs.
The program is running as an unrestricted full version.
Online services are available:
Licensee : Avira AntiVir Personal - FREE Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows XP
Windows version : (Service Pack 3) [5.1.2600]
Boot mode : Normally booted
Username : SYSTEM
Computer name : GEPEMA_LUDOVIC
Version information:
BUILD.DAT : 10.0.0.635 31822 Bytes 07/03/2011 12:15:00
AVSCAN.EXE : 10.0.3.5 435368 Bytes 10/01/2011 13:23:31
AVSCAN.DLL : 10.0.3.0 46440 Bytes 01/04/2010 11:57:04
LUKE.DLL : 10.0.3.2 104296 Bytes 10/01/2011 13:23:40
LUKERES.DLL : 10.0.0.1 12648 Bytes 10/02/2010 22:40:49
VBASE000.VDF : 7.10.0.0 19875328 Bytes 06/11/2009 08:05:36
VBASE001.VDF : 7.11.0.0 13342208 Bytes 14/12/2010 13:23:50
VBASE002.VDF : 7.11.3.0 1950720 Bytes 09/02/2011 21:38:29
VBASE003.VDF : 7.11.3.1 2048 Bytes 09/02/2011 21:38:29
VBASE004.VDF : 7.11.3.2 2048 Bytes 09/02/2011 21:38:29
VBASE005.VDF : 7.11.3.3 2048 Bytes 09/02/2011 21:38:29
VBASE006.VDF : 7.11.3.4 2048 Bytes 09/02/2011 21:38:29
VBASE007.VDF : 7.11.3.5 2048 Bytes 09/02/2011 21:38:29
VBASE008.VDF : 7.11.3.6 2048 Bytes 09/02/2011 21:38:29
VBASE009.VDF : 7.11.3.7 2048 Bytes 09/02/2011 21:38:29
VBASE010.VDF : 7.11.3.8 2048 Bytes 09/02/2011 21:38:29
VBASE011.VDF : 7.11.3.9 2048 Bytes 09/02/2011 21:38:29
VBASE012.VDF : 7.11.3.10 2048 Bytes 09/02/2011 21:38:30
VBASE013.VDF : 7.11.3.59 157184 Bytes 14/02/2011 21:38:30
VBASE014.VDF : 7.11.3.97 120320 Bytes 16/02/2011 21:38:30
VBASE015.VDF : 7.11.3.148 128000 Bytes 19/02/2011 21:38:31
VBASE016.VDF : 7.11.3.183 140288 Bytes 22/02/2011 21:38:31
VBASE017.VDF : 7.11.3.216 124416 Bytes 24/02/2011 21:38:31
VBASE018.VDF : 7.11.3.251 159232 Bytes 28/02/2011 21:38:32
VBASE019.VDF : 7.11.4.33 148992 Bytes 02/03/2011 21:38:32
VBASE020.VDF : 7.11.4.73 150016 Bytes 06/03/2011 21:38:33
VBASE021.VDF : 7.11.4.108 122880 Bytes 08/03/2011 21:38:33
VBASE022.VDF : 7.11.4.150 133120 Bytes 10/03/2011 21:38:33
VBASE023.VDF : 7.11.4.183 122368 Bytes 14/03/2011 21:38:34
VBASE024.VDF : 7.11.4.228 123392 Bytes 16/03/2011 21:38:34
VBASE025.VDF : 7.11.5.8 246272 Bytes 21/03/2011 07:28:36
VBASE026.VDF : 7.11.5.9 2048 Bytes 21/03/2011 07:28:36
VBASE027.VDF : 7.11.5.10 2048 Bytes 21/03/2011 07:28:36
VBASE028.VDF : 7.11.5.11 2048 Bytes 21/03/2011 07:28:37
VBASE029.VDF : 7.11.5.12 2048 Bytes 21/03/2011 07:28:37
VBASE030.VDF : 7.11.5.13 2048 Bytes 21/03/2011 07:28:37
VBASE031.VDF : 7.11.5.22 68096 Bytes 22/03/2011 07:28:37
Engineversion : 8.2.4.188
AEVDF.DLL : 8.1.2.1 106868 Bytes 10/01/2011 13:23:26
AESCRIPT.DLL : 8.1.3.57 1261947 Bytes 19/03/2011 22:26:45
AESCN.DLL : 8.1.7.2 127349 Bytes 10/01/2011 13:23:26
AESBX.DLL : 8.1.3.2 254324 Bytes 10/01/2011 13:23:26
AERDL.DLL : 8.1.9.8 639346 Bytes 16/03/2011 21:38:42
AEPACK.DLL : 8.2.4.12 520567 Bytes 16/03/2011 21:38:41
AEOFFICE.DLL : 8.1.1.17 205177 Bytes 16/03/2011 21:38:40
AEHEUR.DLL : 8.1.2.87 3371383 Bytes 19/03/2011 22:26:44
AEHELP.DLL : 8.1.16.1 246134 Bytes 16/03/2011 21:38:37
AEGEN.DLL : 8.1.5.3 397684 Bytes 19/03/2011 22:26:41
AEEMU.DLL : 8.1.3.0 393589 Bytes 10/01/2011 13:23:18
AECORE.DLL : 8.1.19.2 196983 Bytes 16/03/2011 21:38:35
AEBB.DLL : 8.1.1.0 53618 Bytes 10/01/2011 13:23:18
AVWINLL.DLL : 10.0.0.0 19304 Bytes 10/01/2011 13:23:32
AVPREF.DLL : 10.0.0.0 44904 Bytes 10/01/2011 13:23:30
AVREP.DLL : 10.0.0.8 62209 Bytes 17/06/2010 13:27:13
AVREG.DLL : 10.0.3.2 53096 Bytes 10/01/2011 13:23:31
AVSCPLR.DLL : 10.0.3.2 84328 Bytes 10/01/2011 13:23:31
AVARKT.DLL : 10.0.22.6 231784 Bytes 10/01/2011 13:23:27
AVEVTLOG.DLL : 10.0.0.8 203112 Bytes 10/01/2011 13:23:28
SQLITE3.DLL : 3.6.19.0 355688 Bytes 17/06/2010 13:27:22
AVSMTP.DLL : 10.0.0.17 63848 Bytes 10/01/2011 13:23:31
NETNT.DLL : 10.0.0.0 11624 Bytes 17/06/2010 13:27:21
RCIMAGE.DLL : 10.0.0.26 2550120 Bytes 28/01/2010 12:10:20
RCTEXT.DLL : 10.0.58.0 97128 Bytes 10/01/2011 13:23:52
Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: C:\Program Files\Avira\AntiVir Desktop\sysscan.avp
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:,
Process scan........................: on
Extended process scan...............: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium
Start of the scan: mardi 22 mars 2011 08:35
Starting search for hidden objects.
In the module 'AVARKT.DLL' an exception occured.
Calling the function ARK_Scan
Error description:UNKNOWN
EAX = 0B53D154 EBX = 0B53D324
ECX = 00000000 EDX = 00000003
ESI = 0B53D1DC EDI = 0b53d340
EIP = 7C812AFB EBP = 0B53D1A4
ESP = 0B53D150 Flg = 00000206
CS = 00000023 SS = 0000001B
The scan of running processes will be started
Scan process 'plugin-container.exe' - '59' Module(s) have been scanned
Scan process 'msdtc.exe' - '40' Module(s) have been scanned
Scan process 'dllhost.exe' - '59' Module(s) have been scanned
Scan process 'dllhost.exe' - '45' Module(s) have been scanned
Scan process 'vssvc.exe' - '48' Module(s) have been scanned
Scan process 'avscan.exe' - '68' Module(s) have been scanned
Scan process 'avcenter.exe' - '62' Module(s) have been scanned
Scan process 'firefox.exe' - '81' Module(s) have been scanned
Scan process 'alg.exe' - '33' Module(s) have been scanned
Scan process 'wmiapsrv.exe' - '45' Module(s) have been scanned
Scan process 'postgres.exe' - '24' Module(s) have been scanned
Scan process 'postgres.exe' - '24' Module(s) have been scanned
Scan process 'postgres.exe' - '24' Module(s) have been scanned
Scan process 'postgres.exe' - '26' Module(s) have been scanned
Scan process 'svchost.exe' - '38' Module(s) have been scanned
Scan process 'Apntex.exe' - '14' Module(s) have been scanned
Scan process 'pg_ctl.exe' - '30' Module(s) have been scanned
Scan process 'TPSBattM.exe' - '21' Module(s) have been scanned
Scan process 'avshadow.exe' - '26' Module(s) have been scanned
Scan process 'mdm.exe' - '21' Module(s) have been scanned
Scan process 'jqs.exe' - '72' Module(s) have been scanned
Scan process 'DVDRAMSV.exe' - '13' Module(s) have been scanned
Scan process 'CFSvcs.exe' - '43' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '29' Module(s) have been scanned
Scan process 'avguard.exe' - '53' Module(s) have been scanned
Scan process 'rapimgr.exe' - '43' Module(s) have been scanned
Scan process 'RAMASST.exe' - '18' Module(s) have been scanned
Scan process 'Wcescomm.exe' - '43' Module(s) have been scanned
Scan process 'avgnt.exe' - '51' Module(s) have been scanned
Scan process 'jusched.exe' - '21' Module(s) have been scanned
Scan process 'tfswctrl.exe' - '28' Module(s) have been scanned
Scan process 'TFncKy.exe' - '26' Module(s) have been scanned
Scan process 'TPSMain.exe' - '33' Module(s) have been scanned
Scan process 'TCtrlIOHook.exe' - '20' Module(s) have been scanned
Scan process 'ZoomingHook.exe' - '15' Module(s) have been scanned
Scan process 'Apoint.exe' - '40' Module(s) have been scanned
Scan process 'AGRSMMSG.exe' - '18' Module(s) have been scanned
Scan process 'atiptaxx.exe' - '32' Module(s) have been scanned
Scan process 'svchost.exe' - '34' Module(s) have been scanned
Scan process 'sched.exe' - '46' Module(s) have been scanned
Scan process 'spoolsv.exe' - '57' Module(s) have been scanned
Scan process 'Explorer.EXE' - '91' Module(s) have been scanned
Scan process 'Ati2evxx.exe' - '19' Module(s) have been scanned
Scan process 'svchost.exe' - '37' Module(s) have been scanned
Scan process 'svchost.exe' - '32' Module(s) have been scanned
Scan process 'svchost.exe' - '165' Module(s) have been scanned
Scan process 'svchost.exe' - '38' Module(s) have been scanned
Scan process 'svchost.exe' - '51' Module(s) have been scanned
Scan process 'Ati2evxx.exe' - '15' Module(s) have been scanned
Scan process 'lsass.exe' - '58' Module(s) have been scanned
Scan process 'services.exe' - '27' Module(s) have been scanned
Scan process 'winlogon.exe' - '68' Module(s) have been scanned
Scan process 'csrss.exe' - '12' Module(s) have been scanned
Scan process 'smss.exe' - '2' Module(s) have been scanned
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Starting to scan executable files (registry).
The registry was scanned ( '467' files ).
Starting the file scan:
Begin scan in 'C:\'
C:\Documents and Settings\Ludovic\Bureau\uninstallAV_v110.exe
[DETECTION] Contains a recognition pattern of the (harmful) BDS/Agent.bgwt back-door program
C:\System Volume Information\_restore{58F2378A-346C-49C9-9919-D1D804F5FDA0}\RP698\A0143619.exe
[DETECTION] Is the TR/Agent.59904.B Trojan
C:\System Volume Information\_restore{58F2378A-346C-49C9-9919-D1D804F5FDA0}\RP698\A0143620.ico
[DETECTION] Contains recognition pattern of the KIT/GeeBat construction kit
Beginning disinfection:
C:\System Volume Information\_restore{58F2378A-346C-49C9-9919-D1D804F5FDA0}\RP698\A0143620.ico
[DETECTION] Contains recognition pattern of the KIT/GeeBat construction kit
[NOTE] The file was moved to the quarantine directory under the name '46c35f3a.qua'.
C:\System Volume Information\_restore{58F2378A-346C-49C9-9919-D1D804F5FDA0}\RP698\A0143619.exe
[DETECTION] Is the TR/Agent.59904.B Trojan
[NOTE] The file was moved to the quarantine directory under the name '5e54709d.qua'.
C:\Documents and Settings\Ludovic\Bureau\uninstallAV_v110.exe
[DETECTION] Contains a recognition pattern of the (harmful) BDS/Agent.bgwt back-door program
[NOTE] The file was moved to the quarantine directory under the name '0c432a33.qua'.
End of the scan: mardi 22 mars 2011 20:41
Used time: 1:33:04 Hour(s)
The scan has been done completely.
9134 Scanned directories
412742 Files were scanned
3 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
3 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
412739 Files not concerned
7895 Archives were scanned
0 Warnings
3 Notes
463668 Objects were scanned with rootkit scan
1 Hidden objects were found
