Au secours !! page web infernale
Yop
-
Yop -
Yop -
Bonjour,
Aprés avoir fait un nettoyage Ad aware, Spybot j'ai effectue un scan Hijackthis mais je ne suis pas expert alors un peu de lumière me serait d'une grande utilité!!
Mon soucis, pC qui rame et lorsque je clic sur un site ou une recherche google cela m'envoie sur des sites genre "searcherpro.. plusfindnet.. travelnet ou parfois pages blanches ecrit site introuvable.."
merci à tous !!
Voici mon LOG
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:43:29, on 27/02/2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\keyhook.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe
C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe
C:\WINDOWS\system32\sistray.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\FOXITS~1\FOXITR~1\FOXITR~1.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Tatimicro\Bureau\HiJackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Ad-Aware Security Toolbar - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files\adawaretb\adawareDx.dll
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Ad-Aware Security Toolbar - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files\adawaretb\adawareDx.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: Ad-Aware Security Toolbar - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files\adawaretb\adawareDx.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Fichiers communs\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Reader Application Helper] C:\Program Files\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe
O4 - HKLM\..\Run: [Ad-Aware Browsing Protection] "C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [adaware] reg.exe delete "HKCU\Software\AppDataLow\Software\adaware" /f (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [adaware] reg.exe delete "HKCU\Software\AppDataLow\Software\adaware" /f (User 'Default user')
O4 - Startup: Styler.lnk = ?
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Documents and Settings\Tatimicro\Application Data\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {62D90588-609E-4208-A260-A6CEC45BB92C} - http://www.bobtv.fr/download/v2/cfweb_www.bobtv.fr-download-v2_instmodule.exe
O16 - DPF: {83A4D5A6-E2C1-4EDD-AD48-1A1C50BD06EF} (Image Uploader Control) - http://www.photoweb.fr/telechargement/telechargement-photoweb-6.5.6.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} ("Ma-Config.com control) - http://fichiers.touslesdrivers.com/maconfig/MaConfig_4_6_0_1.cab
O16 - DPF: {DFB5BCF1-06AE-4ABB-BFA8-1E228F41C50A} - http://www.bobtv.fr/download/cfweb_www.bobtv.fr-download_instmodule.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: Sony SCSI Helper Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\Fsk\SonySCSIHelperService.exe
Aprés avoir fait un nettoyage Ad aware, Spybot j'ai effectue un scan Hijackthis mais je ne suis pas expert alors un peu de lumière me serait d'une grande utilité!!
Mon soucis, pC qui rame et lorsque je clic sur un site ou une recherche google cela m'envoie sur des sites genre "searcherpro.. plusfindnet.. travelnet ou parfois pages blanches ecrit site introuvable.."
merci à tous !!
Voici mon LOG
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:43:29, on 27/02/2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\keyhook.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe
C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe
C:\WINDOWS\system32\sistray.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\FOXITS~1\FOXITR~1\FOXITR~1.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Tatimicro\Bureau\HiJackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Ad-Aware Security Toolbar - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files\adawaretb\adawareDx.dll
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Ad-Aware Security Toolbar - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files\adawaretb\adawareDx.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: Ad-Aware Security Toolbar - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files\adawaretb\adawareDx.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Fichiers communs\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Reader Application Helper] C:\Program Files\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe
O4 - HKLM\..\Run: [Ad-Aware Browsing Protection] "C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [adaware] reg.exe delete "HKCU\Software\AppDataLow\Software\adaware" /f (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [adaware] reg.exe delete "HKCU\Software\AppDataLow\Software\adaware" /f (User 'Default user')
O4 - Startup: Styler.lnk = ?
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Documents and Settings\Tatimicro\Application Data\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {62D90588-609E-4208-A260-A6CEC45BB92C} - http://www.bobtv.fr/download/v2/cfweb_www.bobtv.fr-download-v2_instmodule.exe
O16 - DPF: {83A4D5A6-E2C1-4EDD-AD48-1A1C50BD06EF} (Image Uploader Control) - http://www.photoweb.fr/telechargement/telechargement-photoweb-6.5.6.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} ("Ma-Config.com control) - http://fichiers.touslesdrivers.com/maconfig/MaConfig_4_6_0_1.cab
O16 - DPF: {DFB5BCF1-06AE-4ABB-BFA8-1E228F41C50A} - http://www.bobtv.fr/download/cfweb_www.bobtv.fr-download_instmodule.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: Sony SCSI Helper Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\Fsk\SonySCSIHelperService.exe
A voir également:
- Au secours !! page web infernale
- Web office - Guide
- Supprimer page word - Guide
- Comment traduire une page web - Guide
- Screenshot page web entière - Guide
- Création page web - Guide
3 réponses
Salut,
Adware et Spybot sont dépassés, désinstalle les.
Sauvegarde les données importantes.
Passe un coup de TDSSKiller : https://forum.malekal.com/viewtopic.php?t=28637&start=
Lire ce qui est écrit au niveau des suppressions/réparation (delete et cure), ne pas supprimer n'importe quoi.
Poste le rapport ici.
~~
Passe un coup d'aswmbr : https://forum.malekal.com/viewtopic.php?t=31619&start=
Télécharge le et mets le sur ton bureau.
Poste le rapport ici.
Like the angel you are, you laugh creating a lightness in my chest,
Your eyes they penetrate me,
(Your answer's always 'maybe')
That's when I got up and left
Adware et Spybot sont dépassés, désinstalle les.
Sauvegarde les données importantes.
Passe un coup de TDSSKiller : https://forum.malekal.com/viewtopic.php?t=28637&start=
Lire ce qui est écrit au niveau des suppressions/réparation (delete et cure), ne pas supprimer n'importe quoi.
Poste le rapport ici.
~~
Passe un coup d'aswmbr : https://forum.malekal.com/viewtopic.php?t=31619&start=
Télécharge le et mets le sur ton bureau.
Poste le rapport ici.
Like the angel you are, you laugh creating a lightness in my chest,
Your eyes they penetrate me,
(Your answer's always 'maybe')
That's when I got up and left
Salut et merci pour le tuyau,
Aprés scan TDDSSkiller il m'affiche ca
Rootkit.win32.TDSS.tdl4
Physical drive: /Device/Harddisk0/DRO
Malware object, high risk
J'effectue l'autre (aswmbr) et je te le poste a suivre..
Encore merci
Aprés scan TDDSSkiller il m'affiche ca
Rootkit.win32.TDSS.tdl4
Physical drive: /Device/Harddisk0/DRO
Malware object, high risk
J'effectue l'autre (aswmbr) et je te le poste a suivre..
Encore merci
Voici le log aswmbr
aswMBR version 0.9.9.1649 Copyright(c) 2011 AVAST Software
Run date: 2012-02-28 21:00:13
-----------------------------
21:00:13.906 OS Version: Windows 5.1.2600 Service Pack 3
21:00:13.906 Number of processors: 1 586 0x209
21:00:13.906 ComputerName: TATIMICR-50686E UserName: Tatimicro
21:00:30.125 Initialize success
21:02:50.671 AVAST engine defs: 12022801
21:07:04.203 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
21:07:04.203 Disk 0 Vendor: WDC_WD3200AAJB-00J3A0 01.03E01 Size: 305245MB BusType: 3
21:07:04.234 Disk 0 MBR read successfully
21:07:04.234 Disk 0 MBR scan
21:07:04.265 Disk 0 Windows XP default MBR code
21:07:04.265 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 149997 MB offset 63
21:07:04.265 Disk 0 Partition - 00 0F Extended LBA 155237 MB offset 307194930
21:07:04.312 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 155237 MB offset 307194993
21:07:04.312 Disk 0 scanning sectors +625121280
21:07:04.421 Disk 0 scanning C:\WINDOWS\system32\drivers
21:07:20.781 Service scanning
21:07:58.812 Modules scanning
21:08:04.234 Disk 0 trace - called modules:
21:08:04.250 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
21:08:04.250 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86b86ab8]
21:08:04.250 3 CLASSPNP.SYS[f7859fd7] -> nt!IofCallDriver -> \Device\00000056[0x86bcdf18]
21:08:04.250 5 ACPI.sys[f77cf620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x86b8fd98]
21:08:09.296 AVAST engine scan C:\WINDOWS
21:08:23.750 AVAST engine scan C:\WINDOWS\system32
21:12:40.906 AVAST engine scan C:\WINDOWS\system32\drivers
21:13:02.859 AVAST engine scan C:\Documents and Settings\Tatimicro
21:14:58.296 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Tatimicro\Bureau\MBR.dat"
21:14:58.296 The log file has been saved successfully to "C:\Documents and Settings\Tatimicro\Bureau\aswMBR.txt"
aswMBR version 0.9.9.1649 Copyright(c) 2011 AVAST Software
Run date: 2012-02-28 21:00:13
-----------------------------
21:00:13.906 OS Version: Windows 5.1.2600 Service Pack 3
21:00:13.906 Number of processors: 1 586 0x209
21:00:13.906 ComputerName: TATIMICR-50686E UserName: Tatimicro
21:00:30.125 Initialize success
21:02:50.671 AVAST engine defs: 12022801
21:07:04.203 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
21:07:04.203 Disk 0 Vendor: WDC_WD3200AAJB-00J3A0 01.03E01 Size: 305245MB BusType: 3
21:07:04.234 Disk 0 MBR read successfully
21:07:04.234 Disk 0 MBR scan
21:07:04.265 Disk 0 Windows XP default MBR code
21:07:04.265 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 149997 MB offset 63
21:07:04.265 Disk 0 Partition - 00 0F Extended LBA 155237 MB offset 307194930
21:07:04.312 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 155237 MB offset 307194993
21:07:04.312 Disk 0 scanning sectors +625121280
21:07:04.421 Disk 0 scanning C:\WINDOWS\system32\drivers
21:07:20.781 Service scanning
21:07:58.812 Modules scanning
21:08:04.234 Disk 0 trace - called modules:
21:08:04.250 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
21:08:04.250 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86b86ab8]
21:08:04.250 3 CLASSPNP.SYS[f7859fd7] -> nt!IofCallDriver -> \Device\00000056[0x86bcdf18]
21:08:04.250 5 ACPI.sys[f77cf620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x86b8fd98]
21:08:09.296 AVAST engine scan C:\WINDOWS
21:08:23.750 AVAST engine scan C:\WINDOWS\system32
21:12:40.906 AVAST engine scan C:\WINDOWS\system32\drivers
21:13:02.859 AVAST engine scan C:\Documents and Settings\Tatimicro
21:14:58.296 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Tatimicro\Bureau\MBR.dat"
21:14:58.296 The log file has been saved successfully to "C:\Documents and Settings\Tatimicro\Bureau\aswMBR.txt"
21:28:28.453 AVAST engine scan C:\Documents and Settings\All Users
21:29:31.609 Scan finished successfully
21:30:57.234 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Tatimicro\Bureau\MBR.dat"
21:30:57.265 The log file has been saved successfully to "C:\Documents and Settings\Tatimicro\Bureau\aswMBR.txt"
aswMBR version 0.9.9.1649 Copyright(c) 2011 AVAST Software
Run date: 2012-02-28 21:00:13
-----------------------------
21:00:13.906 OS Version: Windows 5.1.2600 Service Pack 3
21:00:13.906 Number of processors: 1 586 0x209
21:00:13.906 ComputerName: TATIMICR-50686E UserName: Tatimicro
21:00:30.125 Initialize success
21:02:50.671 AVAST engine defs: 12022801
21:07:04.203 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
21:07:04.203 Disk 0 Vendor: WDC_WD3200AAJB-00J3A0 01.03E01 Size: 305245MB BusType: 3
21:07:04.234 Disk 0 MBR read successfully
21:07:04.234 Disk 0 MBR scan
21:07:04.265 Disk 0 Windows XP default MBR code
21:07:04.265 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 149997 MB offset 63
21:07:04.265 Disk 0 Partition - 00 0F Extended LBA 155237 MB offset 307194930
21:07:04.312 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 155237 MB offset 307194993
21:07:04.312 Disk 0 scanning sectors +625121280
21:07:04.421 Disk 0 scanning C:\WINDOWS\system32\drivers
21:07:20.781 Service scanning
21:07:58.812 Modules scanning
21:08:04.234 Disk 0 trace - called modules:
21:08:04.250 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
21:08:04.250 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86b86ab8]
21:08:04.250 3 CLASSPNP.SYS[f7859fd7] -> nt!IofCallDriver -> \Device\00000056[0x86bcdf18]
21:08:04.250 5 ACPI.sys[f77cf620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x86b8fd98]
21:08:09.296 AVAST engine scan C:\WINDOWS
21:08:23.750 AVAST engine scan C:\WINDOWS\system32
21:12:40.906 AVAST engine scan C:\WINDOWS\system32\drivers
21:13:02.859 AVAST engine scan C:\Documents and Settings\Tatimicro
21:14:58.296 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Tatimicro\Bureau\MBR.dat"
21:14:58.296 The log file has been saved successfully to "C:\Documents and Settings\Tatimicro\Bureau\aswMBR.txt"
aswMBR version 0.9.9.1649 Copyright(c) 2011 AVAST Software
Run date: 2012-02-28 21:00:13
-----------------------------
21:00:13.906 OS Version: Windows 5.1.2600 Service Pack 3
21:00:13.906 Number of processors: 1 586 0x209
21:00:13.906 ComputerName: TATIMICR-50686E UserName: Tatimicro
21:00:30.125 Initialize success
21:02:50.671 AVAST engine defs: 12022801
21:07:04.203 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
21:07:04.203 Disk 0 Vendor: WDC_WD3200AAJB-00J3A0 01.03E01 Size: 305245MB BusType: 3
21:07:04.234 Disk 0 MBR read successfully
21:07:04.234 Disk 0 MBR scan
21:07:04.265 Disk 0 Windows XP default MBR code
21:07:04.265 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 149997 MB offset 63
21:07:04.265 Disk 0 Partition - 00 0F Extended LBA 155237 MB offset 307194930
21:07:04.312 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 155237 MB offset 307194993
21:07:04.312 Disk 0 scanning sectors +625121280
21:07:04.421 Disk 0 scanning C:\WINDOWS\system32\drivers
21:07:20.781 Service scanning
21:07:58.812 Modules scanning
21:08:04.234 Disk 0 trace - called modules:
21:08:04.250 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
21:08:04.250 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86b86ab8]
21:08:04.250 3 CLASSPNP.SYS[f7859fd7] -> nt!IofCallDriver -> \Device\00000056[0x86bcdf18]
21:08:04.250 5 ACPI.sys[f77cf620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x86b8fd98]
21:08:09.296 AVAST engine scan C:\WINDOWS
21:08:23.750 AVAST engine scan C:\WINDOWS\system32
21:12:40.906 AVAST engine scan C:\WINDOWS\system32\drivers
21:13:02.859 AVAST engine scan C:\Documents and Settings\Tatimicro
21:14:58.296 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Tatimicro\Bureau\MBR.dat"
21:14:58.296 The log file has been saved successfully to "C:\Documents and Settings\Tatimicro\Bureau\aswMBR.txt"
21:28:28.453 AVAST engine scan C:\Documents and Settings\All Users
21:29:31.609 Scan finished successfully
21:30:57.234 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Tatimicro\Bureau\MBR.dat"
21:30:57.265 The log file has been saved successfully to "C:\Documents and Settings\Tatimicro\Bureau\aswMBR.txt"
