Spyworn.win32 et bestsellerantivirus
Résolu/Fermé32 réponses
Utilisateur anonyme
15 nov. 2007 à 23:14
15 nov. 2007 à 23:14
Fichier trdcvkes.dll_ reçu le 2007.11.15 23:05:11 (CET)
Situation actuelle: en cours de chargement ... mis en file d'attente en attente en cours d'analyse terminé NON TROUVE ARRETE
Résultat: 8/32 (25%)
en train de charger les informations du serveur...
Votre fichier est dans la file d'attente, en position: 6.
L'heure estimée de démarrage est entre 55 et 78 secondes.
Ne fermez pas la fenêtre avant la fin de l'analyse.
L'analyseur qui traitait votre fichier est actuellement stoppé, nous allons attendre quelques secondes pour tenter de récupérer vos résultats.
Si vous attendez depuis plus de cinq minutes, vous devez renvoyer votre fichier.
Votre fichier est, en ce moment, en cours d'analyse par VirusTotal,
les résultats seront affichés au fur et à mesure de leur génération.
Formaté Impression des résultats
Votre fichier a expiré ou n'existe pas.
Le service est en ce moment, stoppé, votre fichier attend d'être analysé (position : ) depuis une durée indéfinie.
Vous pouvez attendre une réponse du Web (re-chargement automatique) ou taper votre e-mail dans le formulaire ci-dessous et cliquer "Demande" pour que le système vous envoie une notification quand l'analyse sera terminée.
Email:
Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2007.11.16.0 2007.11.15 -
AntiVir 7.6.0.34 2007.11.15 TR/Dldr.ConHook.Gen
Authentium 4.93.8 2007.11.15 -
Avast 4.7.1074.0 2007.11.15 -
AVG 7.5.0.503 2007.11.15 Clicker.JXQ
BitDefender 7.2 2007.11.15 -
CAT-QuickHeal 9.00 2007.11.15 -
ClamAV 0.91.2 2007.11.15 -
DrWeb 4.44.0.09170 2007.11.15 -
eSafe 7.0.15.0 2007.11.14 -
eTrust-Vet 31.2.5297 2007.11.15 -
Ewido 4.0 2007.11.15 -
FileAdvisor 1 2007.11.15 -
Fortinet 3.11.0.0 2007.10.19 -
F-Prot 4.4.2.54 2007.11.14 -
F-Secure 6.70.13030.0 2007.11.15 Vundo.gen49
Ikarus T3.1.1.12 2007.11.15 -
Kaspersky 7.0.0.125 2007.11.15 -
McAfee 5164 2007.11.15 -
Microsoft 1.3007 2007.11.12 -
NOD32v2 2661 2007.11.15 -
Norman 5.80.02 2007.11.15 Vundo.gen49
Panda 9.0.0.4 2007.11.15 Spyware/Virtumonde
Prevx1 V2 2007.11.15 Trojan.Vundo
Rising 20.18.31.00 2007.11.15 -
Sophos 4.23.0 2007.11.15 -
Sunbelt 2.2.907.0 2007.11.15 -
Symantec 10 2007.11.15 Trojan.Vundo
TheHacker 6.2.9.129 2007.11.15 -
VBA32 3.12.2.5 2007.11.15 -
VirusBuster 4.3.26:9 2007.11.15 -
Webwasher-Gateway 6.0.1 2007.11.15 Trojan.Dldr.ConHook.Gen
Information additionnelle
File size: 86080 bytes
MD5: 99d6f1af29de733044cd42227f0418e3
SHA1: e96d358d135dfdf97da4339abf51b2972cca0a75
Prevx info: http://fileinfo.prevx.com/fileinfo.asp?PX5=5BFAAFC24074BCCE508C0193A7BA5A003F01D110
Situation actuelle: en cours de chargement ... mis en file d'attente en attente en cours d'analyse terminé NON TROUVE ARRETE
Résultat: 8/32 (25%)
en train de charger les informations du serveur...
Votre fichier est dans la file d'attente, en position: 6.
L'heure estimée de démarrage est entre 55 et 78 secondes.
Ne fermez pas la fenêtre avant la fin de l'analyse.
L'analyseur qui traitait votre fichier est actuellement stoppé, nous allons attendre quelques secondes pour tenter de récupérer vos résultats.
Si vous attendez depuis plus de cinq minutes, vous devez renvoyer votre fichier.
Votre fichier est, en ce moment, en cours d'analyse par VirusTotal,
les résultats seront affichés au fur et à mesure de leur génération.
Formaté Impression des résultats
Votre fichier a expiré ou n'existe pas.
Le service est en ce moment, stoppé, votre fichier attend d'être analysé (position : ) depuis une durée indéfinie.
Vous pouvez attendre une réponse du Web (re-chargement automatique) ou taper votre e-mail dans le formulaire ci-dessous et cliquer "Demande" pour que le système vous envoie une notification quand l'analyse sera terminée.
Email:
Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2007.11.16.0 2007.11.15 -
AntiVir 7.6.0.34 2007.11.15 TR/Dldr.ConHook.Gen
Authentium 4.93.8 2007.11.15 -
Avast 4.7.1074.0 2007.11.15 -
AVG 7.5.0.503 2007.11.15 Clicker.JXQ
BitDefender 7.2 2007.11.15 -
CAT-QuickHeal 9.00 2007.11.15 -
ClamAV 0.91.2 2007.11.15 -
DrWeb 4.44.0.09170 2007.11.15 -
eSafe 7.0.15.0 2007.11.14 -
eTrust-Vet 31.2.5297 2007.11.15 -
Ewido 4.0 2007.11.15 -
FileAdvisor 1 2007.11.15 -
Fortinet 3.11.0.0 2007.10.19 -
F-Prot 4.4.2.54 2007.11.14 -
F-Secure 6.70.13030.0 2007.11.15 Vundo.gen49
Ikarus T3.1.1.12 2007.11.15 -
Kaspersky 7.0.0.125 2007.11.15 -
McAfee 5164 2007.11.15 -
Microsoft 1.3007 2007.11.12 -
NOD32v2 2661 2007.11.15 -
Norman 5.80.02 2007.11.15 Vundo.gen49
Panda 9.0.0.4 2007.11.15 Spyware/Virtumonde
Prevx1 V2 2007.11.15 Trojan.Vundo
Rising 20.18.31.00 2007.11.15 -
Sophos 4.23.0 2007.11.15 -
Sunbelt 2.2.907.0 2007.11.15 -
Symantec 10 2007.11.15 Trojan.Vundo
TheHacker 6.2.9.129 2007.11.15 -
VBA32 3.12.2.5 2007.11.15 -
VirusBuster 4.3.26:9 2007.11.15 -
Webwasher-Gateway 6.0.1 2007.11.15 Trojan.Dldr.ConHook.Gen
Information additionnelle
File size: 86080 bytes
MD5: 99d6f1af29de733044cd42227f0418e3
SHA1: e96d358d135dfdf97da4339abf51b2972cca0a75
Prevx info: http://fileinfo.prevx.com/fileinfo.asp?PX5=5BFAAFC24074BCCE508C0193A7BA5A003F01D110
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
15 nov. 2007 à 23:17
15 nov. 2007 à 23:17
regarde mon message 20 pour la suite apres avoir analysé tous les fichiers donnés
a plus
a plus
Utilisateur anonyme
15 nov. 2007 à 23:24
15 nov. 2007 à 23:24
Fichier xheunbwv.dll_ reçu le 2007.11.15 23:15:04 (CET)
Situation actuelle: en cours de chargement ... mis en file d'attente en attente en cours d'analyse terminé NON TROUVE ARRETE
Résultat: 11/32 (34.38%)
en train de charger les informations du serveur...
Votre fichier est dans la file d'attente, en position: 6.
L'heure estimée de démarrage est entre 55 et 78 secondes.
Ne fermez pas la fenêtre avant la fin de l'analyse.
L'analyseur qui traitait votre fichier est actuellement stoppé, nous allons attendre quelques secondes pour tenter de récupérer vos résultats.
Si vous attendez depuis plus de cinq minutes, vous devez renvoyer votre fichier.
Votre fichier est, en ce moment, en cours d'analyse par VirusTotal,
les résultats seront affichés au fur et à mesure de leur génération.
Formaté Impression des résultats
Votre fichier a expiré ou n'existe pas.
Le service est en ce moment, stoppé, votre fichier attend d'être analysé (position : ) depuis une durée indéfinie.
Vous pouvez attendre une réponse du Web (re-chargement automatique) ou taper votre e-mail dans le formulaire ci-dessous et cliquer "Demande" pour que le système vous envoie une notification quand l'analyse sera terminée.
Email:
Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2007.11.16.0 2007.11.15 -
AntiVir 7.6.0.34 2007.11.15 TR/Vundo.CA
Authentium 4.93.8 2007.11.15 -
Avast 4.7.1074.0 2007.11.15 -
AVG 7.5.0.503 2007.11.15 Obfustat.VTX
BitDefender 7.2 2007.11.15 Adware.Virtumonde.GHI
CAT-QuickHeal 9.00 2007.11.15 -
ClamAV 0.91.2 2007.11.15 -
DrWeb 4.44.0.09170 2007.11.15 -
eSafe 7.0.15.0 2007.11.14 -
eTrust-Vet 31.2.5297 2007.11.15 -
Ewido 4.0 2007.11.15 -
FileAdvisor 1 2007.11.15 -
Fortinet 3.11.0.0 2007.10.19 -
F-Prot 4.4.2.54 2007.11.14 -
F-Secure 6.70.13030.0 2007.11.15 -
Ikarus T3.1.1.12 2007.11.15 -
Kaspersky 7.0.0.125 2007.11.15 not-a-virus:AdWare.Win32.SecToolBar.k
McAfee 5164 2007.11.15 -
Microsoft 1.3007 2007.11.12 -
NOD32v2 2661 2007.11.15 Win32/Adware.SecToolbar
Norman 5.80.02 2007.11.15 W32/Virtumonde.IIT
Panda 9.0.0.4 2007.11.15 Spyware/Virtumonde
Prevx1 V2 2007.11.15 Trojan.Zlob
Rising 20.18.31.00 2007.11.15 -
Sophos 4.23.0 2007.11.15 -
Sunbelt 2.2.907.0 2007.11.15 -
Symantec 10 2007.11.15 Trojan.Vundo
TheHacker 6.2.9.129 2007.11.15 Trojan/BHO.ui
VBA32 3.12.2.5 2007.11.15 -
VirusBuster 4.3.26:9 2007.11.15 -
Webwasher-Gateway 6.0.1 2007.11.15 Trojan.Vundo.CA
Information additionnelle
File size: 145984 bytes
MD5: 0e2d51539d9bb17e116e41c1396520cd
SHA1: 5bcb7fa90beab9ac25a3c840dea11e314d3fd6f7
Prevx info: http://fileinfo.prevx.com/fileinfo.asp?PX5=5E3C8ADC40D98E673AB20272A7FF1C00C714E363
Situation actuelle: en cours de chargement ... mis en file d'attente en attente en cours d'analyse terminé NON TROUVE ARRETE
Résultat: 11/32 (34.38%)
en train de charger les informations du serveur...
Votre fichier est dans la file d'attente, en position: 6.
L'heure estimée de démarrage est entre 55 et 78 secondes.
Ne fermez pas la fenêtre avant la fin de l'analyse.
L'analyseur qui traitait votre fichier est actuellement stoppé, nous allons attendre quelques secondes pour tenter de récupérer vos résultats.
Si vous attendez depuis plus de cinq minutes, vous devez renvoyer votre fichier.
Votre fichier est, en ce moment, en cours d'analyse par VirusTotal,
les résultats seront affichés au fur et à mesure de leur génération.
Formaté Impression des résultats
Votre fichier a expiré ou n'existe pas.
Le service est en ce moment, stoppé, votre fichier attend d'être analysé (position : ) depuis une durée indéfinie.
Vous pouvez attendre une réponse du Web (re-chargement automatique) ou taper votre e-mail dans le formulaire ci-dessous et cliquer "Demande" pour que le système vous envoie une notification quand l'analyse sera terminée.
Email:
Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2007.11.16.0 2007.11.15 -
AntiVir 7.6.0.34 2007.11.15 TR/Vundo.CA
Authentium 4.93.8 2007.11.15 -
Avast 4.7.1074.0 2007.11.15 -
AVG 7.5.0.503 2007.11.15 Obfustat.VTX
BitDefender 7.2 2007.11.15 Adware.Virtumonde.GHI
CAT-QuickHeal 9.00 2007.11.15 -
ClamAV 0.91.2 2007.11.15 -
DrWeb 4.44.0.09170 2007.11.15 -
eSafe 7.0.15.0 2007.11.14 -
eTrust-Vet 31.2.5297 2007.11.15 -
Ewido 4.0 2007.11.15 -
FileAdvisor 1 2007.11.15 -
Fortinet 3.11.0.0 2007.10.19 -
F-Prot 4.4.2.54 2007.11.14 -
F-Secure 6.70.13030.0 2007.11.15 -
Ikarus T3.1.1.12 2007.11.15 -
Kaspersky 7.0.0.125 2007.11.15 not-a-virus:AdWare.Win32.SecToolBar.k
McAfee 5164 2007.11.15 -
Microsoft 1.3007 2007.11.12 -
NOD32v2 2661 2007.11.15 Win32/Adware.SecToolbar
Norman 5.80.02 2007.11.15 W32/Virtumonde.IIT
Panda 9.0.0.4 2007.11.15 Spyware/Virtumonde
Prevx1 V2 2007.11.15 Trojan.Zlob
Rising 20.18.31.00 2007.11.15 -
Sophos 4.23.0 2007.11.15 -
Sunbelt 2.2.907.0 2007.11.15 -
Symantec 10 2007.11.15 Trojan.Vundo
TheHacker 6.2.9.129 2007.11.15 Trojan/BHO.ui
VBA32 3.12.2.5 2007.11.15 -
VirusBuster 4.3.26:9 2007.11.15 -
Webwasher-Gateway 6.0.1 2007.11.15 Trojan.Vundo.CA
Information additionnelle
File size: 145984 bytes
MD5: 0e2d51539d9bb17e116e41c1396520cd
SHA1: 5bcb7fa90beab9ac25a3c840dea11e314d3fd6f7
Prevx info: http://fileinfo.prevx.com/fileinfo.asp?PX5=5E3C8ADC40D98E673AB20272A7FF1C00C714E363
Utilisateur anonyme
16 nov. 2007 à 07:54
16 nov. 2007 à 07:54
File/Folder C:\WINDOWS\SYSTEM32\xheunbwv.dll not found.
File/Folder C:\WINDOWS\SYSTEM32\saxnxsma.dll not found.
File/Folder C:\WINDOWS\SYSTEM32\rbfwokwp.dll not found.
File/Folder C:\WINDOWS\SYSTEM32\trdcvkes.dll not found.
File/Folder C:\WINDOWS\SYSTEM32\ssqqrqp.dll
C:\WINDOWS\SYSTEM32\lvpyodau.dll not found.
File/Folder C:\WINDOWS\SYSTEM32\yayvwxv.dll not found.
Created on 11/16/2007 07:46:57
File/Folder C:\WINDOWS\SYSTEM32\saxnxsma.dll not found.
File/Folder C:\WINDOWS\SYSTEM32\rbfwokwp.dll not found.
File/Folder C:\WINDOWS\SYSTEM32\trdcvkes.dll not found.
File/Folder C:\WINDOWS\SYSTEM32\ssqqrqp.dll
C:\WINDOWS\SYSTEM32\lvpyodau.dll not found.
File/Folder C:\WINDOWS\SYSTEM32\yayvwxv.dll not found.
Created on 11/16/2007 07:46:57
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
16 nov. 2007 à 09:19
16 nov. 2007 à 09:19
____________
Colle le rapport :
Clean permettra de faire du nettoyage et supprimer des fichiers que des anti-virus et anti-spywares n'ont pas pu trouver. Le logiciel est régulièrement mis à jour, vous devrez donc le re-téléchargé pour obtenir une version plus récente.
Téléchargez clean.zip, décompressez-le sur votre bureau (clic droit / extraire tout), vous obtenez alors un dossier clean
Démarrez Windows en mode sans échec : Guide pour redémarrer en mode sans échec
Ouvrez le dossier clean qui se trouve sur ton bureau, et double-cliquez sur clean.cmd, une fenêtre noire va apparaître pendant un instant, laissez la ouverte jusqu'à ce qu'elle se ferme.
Manuel de clean :
http://kerio.probb.fr/tuto-Clean-h37.html
_______________________
remplace avast par antivir et colle moi un rapport:
https://www.malekal.com/avira-free-security-antivirus-gratuit/ (merci Malekal)
________________________
recolle un rapport hijackthis
et dis moi tes problemes
Colle le rapport :
Clean permettra de faire du nettoyage et supprimer des fichiers que des anti-virus et anti-spywares n'ont pas pu trouver. Le logiciel est régulièrement mis à jour, vous devrez donc le re-téléchargé pour obtenir une version plus récente.
Téléchargez clean.zip, décompressez-le sur votre bureau (clic droit / extraire tout), vous obtenez alors un dossier clean
Démarrez Windows en mode sans échec : Guide pour redémarrer en mode sans échec
Ouvrez le dossier clean qui se trouve sur ton bureau, et double-cliquez sur clean.cmd, une fenêtre noire va apparaître pendant un instant, laissez la ouverte jusqu'à ce qu'elle se ferme.
Manuel de clean :
http://kerio.probb.fr/tuto-Clean-h37.html
_______________________
remplace avast par antivir et colle moi un rapport:
https://www.malekal.com/avira-free-security-antivirus-gratuit/ (merci Malekal)
________________________
recolle un rapport hijackthis
et dis moi tes problemes
Utilisateur anonyme
16 nov. 2007 à 09:44
16 nov. 2007 à 09:44
raport antivir
AntiVir PersonalEdition Classic
Report file date: vendredi 16 novembre 2007 09:10
Scanning for 930405 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: SYSTEM
Computer name: YVES
Version information:
BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:30
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:52
LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:48
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:22
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 14:27:16
ANTIVIR1.VDF : 7.0.0.0 1640448 Bytes 13/09/2007 14:26:56
ANTIVIR2.VDF : 7.0.0.198 1206272 Bytes 11/11/2007 08:09:22
ANTIVIR3.VDF : 7.0.0.222 75776 Bytes 16/11/2007 08:09:22
AVEWIN32.DLL : 7.6.0.34 3125760 Bytes 16/11/2007 08:09:22
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:28
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:18
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24
AVPACK32.DLL : 7.3.0.15 360488 Bytes 3/08/2007 08:46:02
AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:08
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:34
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:20
NETNT.DLL : 7.0.0.0 7720 Bytes 8/03/2007 11:09:44
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 7/08/2007 12:38:14
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:38
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:22
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: Y:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: vendredi 16 novembre 2007 09:10
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'IEXPLORE.EXE' - '1' Module(s) have been scanned
Scan process 'KPF4GUI.EXE' - '1' Module(s) have been scanned
Scan process 'ALG.EXE' - '1' Module(s) have been scanned
Scan process 'RAPIMGR.EXE' - '1' Module(s) have been scanned
Scan process 'WCESCOMM.EXE' - '1' Module(s) have been scanned
Scan process 'CTFMON.EXE' - '1' Module(s) have been scanned
Scan process 'KPF4GUI.EXE' - '1' Module(s) have been scanned
Scan process 'WLANCFG.EXE' - '1' Module(s) have been scanned
Scan process 'WDFMGR.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'KPF4SS.EXE' - '1' Module(s) have been scanned
Scan process 'SMAgent.exe' - '1' Module(s) have been scanned
Scan process 'HPZipm12.exe' - '1' Module(s) have been scanned
Scan process 'NVSVC32.EXE' - '1' Module(s) have been scanned
Scan process 'BTNtService.exe' - '1' Module(s) have been scanned
Scan process 'SPOOLSV.EXE' - '1' Module(s) have been scanned
Scan process 'EXPLORER.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'LSASS.EXE' - '1' Module(s) have been scanned
Scan process 'SERVICES.EXE' - '1' Module(s) have been scanned
Scan process 'WINLOGON.EXE' - '1' Module(s) have been scanned
Scan process 'CSRSS.EXE' - '1' Module(s) have been scanned
Scan process 'SMSS.EXE' - '1' Module(s) have been scanned
33 processes with 33 modules were scanned
Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Boot sector 'Y:\'
[NOTE] No virus was found!
Starting to scan the registry.
The registry was scanned ( '17' files ).
Starting the file scan:
Begin scan in 'C:\'
C:\PAGEFILE.SYS
[WARNING] The file could not be opened!
C:\upload_moi_YVES.tar.gz
[0] Archive type: GZ
--> upload_moi.tar
[1] Archive type: TAR (tape archiver)
--> _OTMoveIt/MovedFiles/WINDOWS/system32/hblqlbbh.dll
[DETECTION] Is the Trojan horse TR/Dldr.ConHook.Gen
--> _OTMoveIt/MovedFiles/WINDOWS/system32/xheunbwv.dll
[DETECTION] Is the Trojan horse TR/Vundo.CA
--> _OTMoveIt/MovedFiles/WINDOWS/system32/saxnxsma.dll
[DETECTION] Is the Trojan horse TR/Vundo.CA
--> _OTMoveIt/MovedFiles/WINDOWS/system32/rbfwokwp.dll
[DETECTION] Is the Trojan horse TR/Dldr.ConHook.Gen
--> _OTMoveIt/MovedFiles/WINDOWS/system32/trdcvkes.dll
[DETECTION] Is the Trojan horse TR/Dldr.ConHook.Gen
--> _OTMoveIt/MovedFiles/WINDOWS/system32/lvpyodau.dll
[DETECTION] Is the Trojan horse TR/BHO.RF
--> qoobox/Quarantine/C/Documents and Settings/yves/Application Data/install_en[1].exe.vir
[DETECTION] Is the Trojan horse TR/Dldr.WinFixer.AU
--> qoobox/Quarantine/C/z.exe.vir
[DETECTION] Is the Trojan horse TR/PSW.Agent.133120
--> qoobox/Quarantine/C/WINDOWS/SYSTEM32/awttqnk.dll.vir
[DETECTION] Is the Trojan horse TR/Vundo.Gen
--> qoobox/Quarantine/C/WINDOWS/SYSTEM32/iifecba.dll.vir
[DETECTION] Is the Trojan horse TR/Vundo.Gen
--> qoobox/Quarantine/C/WINDOWS/SYSTEM32/tdwmsgxn.dll.vir
[DETECTION] Is the Trojan horse TR/Dldr.ConHook.Gen
--> qoobox/Quarantine/C/WINDOWS/SYSTEM32/u4/wr31drs.exe.vir
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
--> qoobox/Quarantine/C/WINDOWS/SYSTEM32/DRIVERS/FMTR.sys.vir
[DETECTION] Contains detection pattern of the Phish-File/Email PHISH/FraudTool.BestSeller.A.3
--> qoobox/Quarantine/C/WINDOWS/SYSTEM32/ddayv.dll.vir
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '47a950f4.qua'!
C:\Program Files\Fichiers communs\ErreurChasseur\strpmon.exe
[DETECTION] Is the Trojan horse TR/Dldr.Agen.593920
[INFO] The file was moved to '47af532c.qua'!
C:\Program Files\Hijackthis Version Française\backups\backup-20071113-134725-222.dll
[DETECTION] Is the Trojan horse TR/Dldr.ConHook.Gen
[INFO] The file was moved to '47a0550e.qua'!
C:\System Volume Information\_restore{33B876CD-58C2-4D27-B29A-7391664323E4}\RP234\A0152453.exe
[DETECTION] Is the Trojan horse TR/Fotomoto.F.1
[INFO] The file was moved to '476e5676.qua'!
C:\System Volume Information\_restore{33B876CD-58C2-4D27-B29A-7391664323E4}\RP234\A0152454.exe
[DETECTION] Is the Trojan horse TR/Fotomoto.F.1
[INFO] The file was moved to '46113b27.qua'!
C:\System Volume Information\_restore{33B876CD-58C2-4D27-B29A-7391664323E4}\RP234\A0152455.exe
[DETECTION] Is the Trojan horse TR/Fotomoto.F.1
[INFO] The file was moved to '476e5678.qua'!
C:\System Volume Information\_restore{33B876CD-58C2-4D27-B29A-7391664323E4}\RP234\A0152456.exe
[DETECTION] Is the Trojan horse TR/Fotomoto.F.1
[INFO] The file was moved to '476e5677.qua'!
C:\System Volume Information\_restore{33B876CD-58C2-4D27-B29A-7391664323E4}\RP234\A0152457.exe
[DETECTION] Is the Trojan horse TR/Fotomoto.F.1
[INFO] The file was moved to '46113b28.qua'!
C:\System Volume Information\_restore{33B876CD-58C2-4D27-B29A-7391664323E4}\RP239\A0153840.exe
[DETECTION] Is the Trojan horse TR/Dldr.Agen.593920
[INFO] The file was moved to '476e5680.qua'!
C:\System Volume Information\_restore{33B876CD-58C2-4D27-B29A-7391664323E4}\RP239\A0153841.dll
[DETECTION] Is the Trojan horse TR/Dldr.ConHook.Gen
[INFO] The file was moved to '46113bd1.qua'!
C:\VundoFix Backups\dtyoaidw.dll.bad
[DETECTION] Is the Trojan horse TR/Vundo.CA
[INFO] The file was moved to '47b656c6.qua'!
C:\VundoFix Backups\yvmqpgqg.dll.bad
[DETECTION] Is the Trojan horse TR/Dldr.ConHook.Gen
[INFO] The file was moved to '47aa56c8.qua'!
C:\VundoFix Backups\zscprlhp.dll.bad
[DETECTION] Is the Trojan horse TR/Vundo.CA
[INFO] The file was moved to '47a056c5.qua'!
C:\_OTMoveIt\MovedFiles\WINDOWS\system32\hblqlbbh.dll
[DETECTION] Is the Trojan horse TR/Dldr.ConHook.Gen
[INFO] The file was moved to '47a956b5.qua'!
C:\_OTMoveIt\MovedFiles\WINDOWS\system32\xheunbwv.dll
[DETECTION] Is the Trojan horse TR/Vundo.CA
[INFO] The file was moved to '47a256bb.qua'!
C:\_OTMoveIt\MovedFiles\WINDOWS\system32\saxnxsma.dll
[DETECTION] Is the Trojan horse TR/Vundo.CA
[INFO] The file was moved to '47b556b4.qua'!
C:\_OTMoveIt\MovedFiles\WINDOWS\system32\rbfwokwp.dll
[DETECTION] Is the Trojan horse TR/Dldr.ConHook.Gen
[INFO] The file was moved to '47a356b5.qua'!
C:\_OTMoveIt\MovedFiles\WINDOWS\system32\trdcvkes.dll
[DETECTION] Is the Trojan horse TR/Dldr.ConHook.Gen
[INFO] The file was moved to '47a156c6.qua'!
C:\_OTMoveIt\MovedFiles\WINDOWS\system32\lvpyodau.dll
[DETECTION] Is the Trojan horse TR/BHO.RF
[INFO] The file was moved to '47ad56ca.qua'!
C:\qoobox\Quarantine\C\z.exe.vir
[DETECTION] Is the Trojan horse TR/PSW.Agent.133120
[INFO] The file was moved to '47a25683.qua'!
C:\qoobox\Quarantine\C\Documents and Settings\yves\Application Data\install_en[1].exe.vir
[DETECTION] Is the Trojan horse TR/Dldr.WinFixer.AU
[INFO] The file was moved to '47b056c3.qua'!
C:\qoobox\Quarantine\C\WINDOWS\SYSTEM32\awttqnk.dll.vir
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '47b156cd.qua'!
C:\qoobox\Quarantine\C\WINDOWS\SYSTEM32\iifecba.dll.vir
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '47a356bf.qua'!
C:\qoobox\Quarantine\C\WINDOWS\SYSTEM32\tdwmsgxn.dll.vir
[DETECTION] Is the Trojan horse TR/Dldr.ConHook.Gen
[INFO] The file was moved to '47b456ba.qua'!
C:\qoobox\Quarantine\C\WINDOWS\SYSTEM32\ddayv.dll.vir
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '479e56bb.qua'!
C:\qoobox\Quarantine\C\WINDOWS\SYSTEM32\u4\wr31drs.exe.vir
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[INFO] The file was moved to '477056c9.qua'!
C:\qoobox\Quarantine\C\WINDOWS\SYSTEM32\DRIVERS\FMTR.sys.vir
[DETECTION] Contains detection pattern of the Phish-File/Email PHISH/FraudTool.BestSeller.A.3
[INFO] The file was moved to '479156a4.qua'!
Begin scan in 'Y:\' <yves partit>
End of the scan: vendredi 16 novembre 2007 09:40
Used time: 30:13 min
The scan has been done completely.
5404 Scanning directories
264966 Files were scanned
40 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
27 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
264926 Files not concerned
2224 Archives were scanned
1 Warnings
36 Notes
AntiVir PersonalEdition Classic
Report file date: vendredi 16 novembre 2007 09:10
Scanning for 930405 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: SYSTEM
Computer name: YVES
Version information:
BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:30
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:52
LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:48
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:22
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 14:27:16
ANTIVIR1.VDF : 7.0.0.0 1640448 Bytes 13/09/2007 14:26:56
ANTIVIR2.VDF : 7.0.0.198 1206272 Bytes 11/11/2007 08:09:22
ANTIVIR3.VDF : 7.0.0.222 75776 Bytes 16/11/2007 08:09:22
AVEWIN32.DLL : 7.6.0.34 3125760 Bytes 16/11/2007 08:09:22
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:28
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:18
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24
AVPACK32.DLL : 7.3.0.15 360488 Bytes 3/08/2007 08:46:02
AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:08
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:34
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:20
NETNT.DLL : 7.0.0.0 7720 Bytes 8/03/2007 11:09:44
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 7/08/2007 12:38:14
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:38
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:22
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: Y:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: vendredi 16 novembre 2007 09:10
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'IEXPLORE.EXE' - '1' Module(s) have been scanned
Scan process 'KPF4GUI.EXE' - '1' Module(s) have been scanned
Scan process 'ALG.EXE' - '1' Module(s) have been scanned
Scan process 'RAPIMGR.EXE' - '1' Module(s) have been scanned
Scan process 'WCESCOMM.EXE' - '1' Module(s) have been scanned
Scan process 'CTFMON.EXE' - '1' Module(s) have been scanned
Scan process 'KPF4GUI.EXE' - '1' Module(s) have been scanned
Scan process 'WLANCFG.EXE' - '1' Module(s) have been scanned
Scan process 'WDFMGR.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'KPF4SS.EXE' - '1' Module(s) have been scanned
Scan process 'SMAgent.exe' - '1' Module(s) have been scanned
Scan process 'HPZipm12.exe' - '1' Module(s) have been scanned
Scan process 'NVSVC32.EXE' - '1' Module(s) have been scanned
Scan process 'BTNtService.exe' - '1' Module(s) have been scanned
Scan process 'SPOOLSV.EXE' - '1' Module(s) have been scanned
Scan process 'EXPLORER.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'LSASS.EXE' - '1' Module(s) have been scanned
Scan process 'SERVICES.EXE' - '1' Module(s) have been scanned
Scan process 'WINLOGON.EXE' - '1' Module(s) have been scanned
Scan process 'CSRSS.EXE' - '1' Module(s) have been scanned
Scan process 'SMSS.EXE' - '1' Module(s) have been scanned
33 processes with 33 modules were scanned
Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Boot sector 'Y:\'
[NOTE] No virus was found!
Starting to scan the registry.
The registry was scanned ( '17' files ).
Starting the file scan:
Begin scan in 'C:\'
C:\PAGEFILE.SYS
[WARNING] The file could not be opened!
C:\upload_moi_YVES.tar.gz
[0] Archive type: GZ
--> upload_moi.tar
[1] Archive type: TAR (tape archiver)
--> _OTMoveIt/MovedFiles/WINDOWS/system32/hblqlbbh.dll
[DETECTION] Is the Trojan horse TR/Dldr.ConHook.Gen
--> _OTMoveIt/MovedFiles/WINDOWS/system32/xheunbwv.dll
[DETECTION] Is the Trojan horse TR/Vundo.CA
--> _OTMoveIt/MovedFiles/WINDOWS/system32/saxnxsma.dll
[DETECTION] Is the Trojan horse TR/Vundo.CA
--> _OTMoveIt/MovedFiles/WINDOWS/system32/rbfwokwp.dll
[DETECTION] Is the Trojan horse TR/Dldr.ConHook.Gen
--> _OTMoveIt/MovedFiles/WINDOWS/system32/trdcvkes.dll
[DETECTION] Is the Trojan horse TR/Dldr.ConHook.Gen
--> _OTMoveIt/MovedFiles/WINDOWS/system32/lvpyodau.dll
[DETECTION] Is the Trojan horse TR/BHO.RF
--> qoobox/Quarantine/C/Documents and Settings/yves/Application Data/install_en[1].exe.vir
[DETECTION] Is the Trojan horse TR/Dldr.WinFixer.AU
--> qoobox/Quarantine/C/z.exe.vir
[DETECTION] Is the Trojan horse TR/PSW.Agent.133120
--> qoobox/Quarantine/C/WINDOWS/SYSTEM32/awttqnk.dll.vir
[DETECTION] Is the Trojan horse TR/Vundo.Gen
--> qoobox/Quarantine/C/WINDOWS/SYSTEM32/iifecba.dll.vir
[DETECTION] Is the Trojan horse TR/Vundo.Gen
--> qoobox/Quarantine/C/WINDOWS/SYSTEM32/tdwmsgxn.dll.vir
[DETECTION] Is the Trojan horse TR/Dldr.ConHook.Gen
--> qoobox/Quarantine/C/WINDOWS/SYSTEM32/u4/wr31drs.exe.vir
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
--> qoobox/Quarantine/C/WINDOWS/SYSTEM32/DRIVERS/FMTR.sys.vir
[DETECTION] Contains detection pattern of the Phish-File/Email PHISH/FraudTool.BestSeller.A.3
--> qoobox/Quarantine/C/WINDOWS/SYSTEM32/ddayv.dll.vir
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '47a950f4.qua'!
C:\Program Files\Fichiers communs\ErreurChasseur\strpmon.exe
[DETECTION] Is the Trojan horse TR/Dldr.Agen.593920
[INFO] The file was moved to '47af532c.qua'!
C:\Program Files\Hijackthis Version Française\backups\backup-20071113-134725-222.dll
[DETECTION] Is the Trojan horse TR/Dldr.ConHook.Gen
[INFO] The file was moved to '47a0550e.qua'!
C:\System Volume Information\_restore{33B876CD-58C2-4D27-B29A-7391664323E4}\RP234\A0152453.exe
[DETECTION] Is the Trojan horse TR/Fotomoto.F.1
[INFO] The file was moved to '476e5676.qua'!
C:\System Volume Information\_restore{33B876CD-58C2-4D27-B29A-7391664323E4}\RP234\A0152454.exe
[DETECTION] Is the Trojan horse TR/Fotomoto.F.1
[INFO] The file was moved to '46113b27.qua'!
C:\System Volume Information\_restore{33B876CD-58C2-4D27-B29A-7391664323E4}\RP234\A0152455.exe
[DETECTION] Is the Trojan horse TR/Fotomoto.F.1
[INFO] The file was moved to '476e5678.qua'!
C:\System Volume Information\_restore{33B876CD-58C2-4D27-B29A-7391664323E4}\RP234\A0152456.exe
[DETECTION] Is the Trojan horse TR/Fotomoto.F.1
[INFO] The file was moved to '476e5677.qua'!
C:\System Volume Information\_restore{33B876CD-58C2-4D27-B29A-7391664323E4}\RP234\A0152457.exe
[DETECTION] Is the Trojan horse TR/Fotomoto.F.1
[INFO] The file was moved to '46113b28.qua'!
C:\System Volume Information\_restore{33B876CD-58C2-4D27-B29A-7391664323E4}\RP239\A0153840.exe
[DETECTION] Is the Trojan horse TR/Dldr.Agen.593920
[INFO] The file was moved to '476e5680.qua'!
C:\System Volume Information\_restore{33B876CD-58C2-4D27-B29A-7391664323E4}\RP239\A0153841.dll
[DETECTION] Is the Trojan horse TR/Dldr.ConHook.Gen
[INFO] The file was moved to '46113bd1.qua'!
C:\VundoFix Backups\dtyoaidw.dll.bad
[DETECTION] Is the Trojan horse TR/Vundo.CA
[INFO] The file was moved to '47b656c6.qua'!
C:\VundoFix Backups\yvmqpgqg.dll.bad
[DETECTION] Is the Trojan horse TR/Dldr.ConHook.Gen
[INFO] The file was moved to '47aa56c8.qua'!
C:\VundoFix Backups\zscprlhp.dll.bad
[DETECTION] Is the Trojan horse TR/Vundo.CA
[INFO] The file was moved to '47a056c5.qua'!
C:\_OTMoveIt\MovedFiles\WINDOWS\system32\hblqlbbh.dll
[DETECTION] Is the Trojan horse TR/Dldr.ConHook.Gen
[INFO] The file was moved to '47a956b5.qua'!
C:\_OTMoveIt\MovedFiles\WINDOWS\system32\xheunbwv.dll
[DETECTION] Is the Trojan horse TR/Vundo.CA
[INFO] The file was moved to '47a256bb.qua'!
C:\_OTMoveIt\MovedFiles\WINDOWS\system32\saxnxsma.dll
[DETECTION] Is the Trojan horse TR/Vundo.CA
[INFO] The file was moved to '47b556b4.qua'!
C:\_OTMoveIt\MovedFiles\WINDOWS\system32\rbfwokwp.dll
[DETECTION] Is the Trojan horse TR/Dldr.ConHook.Gen
[INFO] The file was moved to '47a356b5.qua'!
C:\_OTMoveIt\MovedFiles\WINDOWS\system32\trdcvkes.dll
[DETECTION] Is the Trojan horse TR/Dldr.ConHook.Gen
[INFO] The file was moved to '47a156c6.qua'!
C:\_OTMoveIt\MovedFiles\WINDOWS\system32\lvpyodau.dll
[DETECTION] Is the Trojan horse TR/BHO.RF
[INFO] The file was moved to '47ad56ca.qua'!
C:\qoobox\Quarantine\C\z.exe.vir
[DETECTION] Is the Trojan horse TR/PSW.Agent.133120
[INFO] The file was moved to '47a25683.qua'!
C:\qoobox\Quarantine\C\Documents and Settings\yves\Application Data\install_en[1].exe.vir
[DETECTION] Is the Trojan horse TR/Dldr.WinFixer.AU
[INFO] The file was moved to '47b056c3.qua'!
C:\qoobox\Quarantine\C\WINDOWS\SYSTEM32\awttqnk.dll.vir
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '47b156cd.qua'!
C:\qoobox\Quarantine\C\WINDOWS\SYSTEM32\iifecba.dll.vir
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '47a356bf.qua'!
C:\qoobox\Quarantine\C\WINDOWS\SYSTEM32\tdwmsgxn.dll.vir
[DETECTION] Is the Trojan horse TR/Dldr.ConHook.Gen
[INFO] The file was moved to '47b456ba.qua'!
C:\qoobox\Quarantine\C\WINDOWS\SYSTEM32\ddayv.dll.vir
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '479e56bb.qua'!
C:\qoobox\Quarantine\C\WINDOWS\SYSTEM32\u4\wr31drs.exe.vir
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[INFO] The file was moved to '477056c9.qua'!
C:\qoobox\Quarantine\C\WINDOWS\SYSTEM32\DRIVERS\FMTR.sys.vir
[DETECTION] Contains detection pattern of the Phish-File/Email PHISH/FraudTool.BestSeller.A.3
[INFO] The file was moved to '479156a4.qua'!
Begin scan in 'Y:\' <yves partit>
End of the scan: vendredi 16 novembre 2007 09:40
Used time: 30:13 min
The scan has been done completely.
5404 Scanning directories
264966 Files were scanned
40 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
27 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
264926 Files not concerned
2224 Archives were scanned
1 Warnings
36 Notes
Utilisateur anonyme
16 nov. 2007 à 09:47
16 nov. 2007 à 09:47
Logfile of HijackThis v1.99.1
Scan saved at 9:47:30, on 16/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Inventel\Gateway\wlancfg.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\MICROS~2\wcescomm.exe
C:\PROGRA~1\MICROS~2\rapimgr.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\PROGRA~1\MICROS~2\wcescomm.exe"
O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: Yahoo! Checkers - http://download2.games.yahoo.com/games/clients/y/kt4_x.cab
O16 - DPF: Yahoo! Literati - http://download2.games.yahoo.com/games/clients/y/tt5_x.cab
O16 - DPF: Yahoo! Pool 2 - http://download2.games.yahoo.com/games/clients/y/poti_x.cab
O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} (F-Secure Online Scanner 3.1) - https://www.f-secure.com/en/home/support
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www3.snapfish.be/SnapfishActivia.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Creative Technology Ltd. - (no file)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe
Scan saved at 9:47:30, on 16/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Inventel\Gateway\wlancfg.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\MICROS~2\wcescomm.exe
C:\PROGRA~1\MICROS~2\rapimgr.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\PROGRA~1\MICROS~2\wcescomm.exe"
O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: Yahoo! Checkers - http://download2.games.yahoo.com/games/clients/y/kt4_x.cab
O16 - DPF: Yahoo! Literati - http://download2.games.yahoo.com/games/clients/y/tt5_x.cab
O16 - DPF: Yahoo! Pool 2 - http://download2.games.yahoo.com/games/clients/y/poti_x.cab
O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} (F-Secure Online Scanner 3.1) - https://www.f-secure.com/en/home/support
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www3.snapfish.be/SnapfishActivia.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Creative Technology Ltd. - (no file)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe
Utilisateur anonyme
16 nov. 2007 à 12:22
16 nov. 2007 à 12:22
Script execute en mode sans echec
Rapport clean par Malekal_morte - http://www.malekal.com
Script execute en mode sans echec ven. 16/11/2007 a 12:16:38,73
Microsoft Windows XP [version 5.1.2600]
*** Suppression des fichiers dans C:
*** Suppression des fichiers dans C:\WINDOWS\
*** Suppression des fichiers dans C:\WINDOWS\system32
*** Suppression des fichiers dans C:\Program Files
*** Suppression des clefs du registre effectuee..
*** Fin du rapport !
Rapport clean par Malekal_morte - http://www.malekal.com
Script execute en mode sans echec ven. 16/11/2007 a 12:16:38,73
Microsoft Windows XP [version 5.1.2600]
*** Suppression des fichiers dans C:
*** Suppression des fichiers dans C:\WINDOWS\
*** Suppression des fichiers dans C:\WINDOWS\system32
*** Suppression des fichiers dans C:\Program Files
*** Suppression des clefs du registre effectuee..
*** Fin du rapport !
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
16 nov. 2007 à 22:32
16 nov. 2007 à 22:32
vire tout ce qui est dans vundofix backups en allant dans poste de travail puis C...
C:\VundoFix Backups\
__________________
vire tout ce qui est dans MovedFiles en allant dans poste de travail puis C...
C:\_OTMoveIt\MovedFiles\
_______________________
vire tout ce qui est dans Quarantineen allant dans poste de travail puis C...
C:\qoobox\Quarantine
_______________________
si tout c'est bien passé désactive la restauration système pour purger les virus qui seraient dedans (dans DEMARRER puis TOUS LES PROGRAMMES puis ACCESSOIRE puis OUTILS SYSTEME puis RESTAURATION SYSTEME puis paramètre)
puis redemarre ton ordi
puis réactive là
_______________________
installe
SPYWAREBLASTER pour immuniser le système contre vundo notamment mais en anglais (mais facile d'utilisation : il suffit de faire "update" pour mettre à jour tous les mois et ensuite" enable all protection" pour immuniser)...
_______________________
recolle un rapport antivr et surtout dis tes problemes
pour info:
pour protéger gratos ton ordi
http://www.commentcamarche.net/telecharger/logiciel 4 securite
mettre un antivirus
AVAST en français ou ANTIVIR (en anglais mais très efficace)
https://www.malekal.com/avira-free-security-antivirus-gratuit/ (merci Malekal)
-------------
des anti-espions :
AD AWARE + SPYBOT + si tea timer non active de spybot: WINDOWS DEFENDER ou SPYWARE TERMINATOR
+
SPYWAREBLASTER pour immuniser le système contre vundo notamment mais en anglais (mais facile d'utilisation : il suffit de faire "update" pour mettre à jour tous les mois et ensuite" enable all protection" pour immuniser)...
Rq : spybot et ad-aware on sorti de nouvelles versions cette année vérifiez que vous avez la dernière version
--------
un pare feu :
celui de Windows ou mieux KERIO ou JETICO ou ZONE ALARM (mettre que le parefeu gratuit)
https://www.clubic.com/telecharger-fiche11071-sunbelt-personal-firewall-ex-kerio.html
https://manuelsdaide.com/contact/
http://www.open-files.com/forum/index.php?showtopic=29277
http://www.commentcamarche.net/telecharger/telecharger 157 zonealarm
-----------
CCLEANER pour effacer les traces de surf
C:\VundoFix Backups\
__________________
vire tout ce qui est dans MovedFiles en allant dans poste de travail puis C...
C:\_OTMoveIt\MovedFiles\
_______________________
vire tout ce qui est dans Quarantineen allant dans poste de travail puis C...
C:\qoobox\Quarantine
_______________________
si tout c'est bien passé désactive la restauration système pour purger les virus qui seraient dedans (dans DEMARRER puis TOUS LES PROGRAMMES puis ACCESSOIRE puis OUTILS SYSTEME puis RESTAURATION SYSTEME puis paramètre)
puis redemarre ton ordi
puis réactive là
_______________________
installe
SPYWAREBLASTER pour immuniser le système contre vundo notamment mais en anglais (mais facile d'utilisation : il suffit de faire "update" pour mettre à jour tous les mois et ensuite" enable all protection" pour immuniser)...
_______________________
recolle un rapport antivr et surtout dis tes problemes
pour info:
pour protéger gratos ton ordi
http://www.commentcamarche.net/telecharger/logiciel 4 securite
mettre un antivirus
AVAST en français ou ANTIVIR (en anglais mais très efficace)
https://www.malekal.com/avira-free-security-antivirus-gratuit/ (merci Malekal)
-------------
des anti-espions :
AD AWARE + SPYBOT + si tea timer non active de spybot: WINDOWS DEFENDER ou SPYWARE TERMINATOR
+
SPYWAREBLASTER pour immuniser le système contre vundo notamment mais en anglais (mais facile d'utilisation : il suffit de faire "update" pour mettre à jour tous les mois et ensuite" enable all protection" pour immuniser)...
Rq : spybot et ad-aware on sorti de nouvelles versions cette année vérifiez que vous avez la dernière version
--------
un pare feu :
celui de Windows ou mieux KERIO ou JETICO ou ZONE ALARM (mettre que le parefeu gratuit)
https://www.clubic.com/telecharger-fiche11071-sunbelt-personal-firewall-ex-kerio.html
https://manuelsdaide.com/contact/
http://www.open-files.com/forum/index.php?showtopic=29277
http://www.commentcamarche.net/telecharger/telecharger 157 zonealarm
-----------
CCLEANER pour effacer les traces de surf
Utilisateur anonyme
17 nov. 2007 à 08:35
17 nov. 2007 à 08:35
AntiVir PersonalEdition Classic
Report file date: samedi 17 novembre 2007 07:47
Scanning for 930655 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: SYSTEM
Computer name: YVES
Version information:
BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:30
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:52
LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:48
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:22
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 14:27:16
ANTIVIR1.VDF : 7.0.0.0 1640448 Bytes 13/09/2007 14:26:56
ANTIVIR2.VDF : 7.0.0.198 1206272 Bytes 11/11/2007 08:09:22
ANTIVIR3.VDF : 7.0.0.223 79360 Bytes 16/11/2007 12:36:52
AVEWIN32.DLL : 7.6.0.34 3125760 Bytes 16/11/2007 08:09:22
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:28
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:18
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24
AVPACK32.DLL : 7.3.0.15 360488 Bytes 3/08/2007 08:46:02
AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:08
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:34
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:20
NETNT.DLL : 7.0.0.0 7720 Bytes 8/03/2007 11:09:44
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 7/08/2007 12:38:14
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:38
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:22
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: Y:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: samedi 17 novembre 2007 07:47
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'hpgs2wnf.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'KPF4GUI.EXE' - '1' Module(s) have been scanned
Scan process 'ALG.EXE' - '1' Module(s) have been scanned
Scan process 'KPF4GUI.EXE' - '1' Module(s) have been scanned
Scan process 'WLANCFG.EXE' - '1' Module(s) have been scanned
Scan process 'WDFMGR.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'RAPIMGR.EXE' - '1' Module(s) have been scanned
Scan process 'KPF4SS.EXE' - '1' Module(s) have been scanned
Scan process 'SMAgent.exe' - '1' Module(s) have been scanned
Scan process 'WCESCOMM.EXE' - '1' Module(s) have been scanned
Scan process 'CTFMON.EXE' - '1' Module(s) have been scanned
Scan process 'HPZipm12.exe' - '1' Module(s) have been scanned
Scan process 'AVGNT.EXE' - '1' Module(s) have been scanned
Scan process 'NVSVC32.EXE' - '1' Module(s) have been scanned
Scan process 'BTNtService.exe' - '1' Module(s) have been scanned
Scan process 'SCHED.EXE' - '1' Module(s) have been scanned
Scan process 'AVGUARD.EXE' - '1' Module(s) have been scanned
Scan process 'EXPLORER.EXE' - '1' Module(s) have been scanned
Scan process 'SPOOLSV.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'LSASS.EXE' - '1' Module(s) have been scanned
Scan process 'SERVICES.EXE' - '1' Module(s) have been scanned
Scan process 'WINLOGON.EXE' - '1' Module(s) have been scanned
Scan process 'CSRSS.EXE' - '1' Module(s) have been scanned
Scan process 'SMSS.EXE' - '1' Module(s) have been scanned
33 processes with 33 modules were scanned
Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Boot sector 'Y:\'
[NOTE] No virus was found!
Starting to scan the registry.
The registry was scanned ( '17' files ).
Starting the file scan:
Begin scan in 'C:\'
C:\PAGEFILE.SYS
[WARNING] The file could not be opened!
Begin scan in 'Y:\' <yves partit>
End of the scan: samedi 17 novembre 2007 08:16
Used time: 29:19 min
The scan has been done completely.
5368 Scanning directories
264204 Files were scanned
0 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
264204 Files not concerned
2213 Archives were scanned
1 Warnings
36 Notes
Report file date: samedi 17 novembre 2007 07:47
Scanning for 930655 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: SYSTEM
Computer name: YVES
Version information:
BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:30
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:52
LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:48
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:22
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 14:27:16
ANTIVIR1.VDF : 7.0.0.0 1640448 Bytes 13/09/2007 14:26:56
ANTIVIR2.VDF : 7.0.0.198 1206272 Bytes 11/11/2007 08:09:22
ANTIVIR3.VDF : 7.0.0.223 79360 Bytes 16/11/2007 12:36:52
AVEWIN32.DLL : 7.6.0.34 3125760 Bytes 16/11/2007 08:09:22
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:28
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:18
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24
AVPACK32.DLL : 7.3.0.15 360488 Bytes 3/08/2007 08:46:02
AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:08
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:34
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:20
NETNT.DLL : 7.0.0.0 7720 Bytes 8/03/2007 11:09:44
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 7/08/2007 12:38:14
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:38
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:22
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: Y:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: samedi 17 novembre 2007 07:47
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'hpgs2wnf.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'KPF4GUI.EXE' - '1' Module(s) have been scanned
Scan process 'ALG.EXE' - '1' Module(s) have been scanned
Scan process 'KPF4GUI.EXE' - '1' Module(s) have been scanned
Scan process 'WLANCFG.EXE' - '1' Module(s) have been scanned
Scan process 'WDFMGR.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'RAPIMGR.EXE' - '1' Module(s) have been scanned
Scan process 'KPF4SS.EXE' - '1' Module(s) have been scanned
Scan process 'SMAgent.exe' - '1' Module(s) have been scanned
Scan process 'WCESCOMM.EXE' - '1' Module(s) have been scanned
Scan process 'CTFMON.EXE' - '1' Module(s) have been scanned
Scan process 'HPZipm12.exe' - '1' Module(s) have been scanned
Scan process 'AVGNT.EXE' - '1' Module(s) have been scanned
Scan process 'NVSVC32.EXE' - '1' Module(s) have been scanned
Scan process 'BTNtService.exe' - '1' Module(s) have been scanned
Scan process 'SCHED.EXE' - '1' Module(s) have been scanned
Scan process 'AVGUARD.EXE' - '1' Module(s) have been scanned
Scan process 'EXPLORER.EXE' - '1' Module(s) have been scanned
Scan process 'SPOOLSV.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'LSASS.EXE' - '1' Module(s) have been scanned
Scan process 'SERVICES.EXE' - '1' Module(s) have been scanned
Scan process 'WINLOGON.EXE' - '1' Module(s) have been scanned
Scan process 'CSRSS.EXE' - '1' Module(s) have been scanned
Scan process 'SMSS.EXE' - '1' Module(s) have been scanned
33 processes with 33 modules were scanned
Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Boot sector 'Y:\'
[NOTE] No virus was found!
Starting to scan the registry.
The registry was scanned ( '17' files ).
Starting the file scan:
Begin scan in 'C:\'
C:\PAGEFILE.SYS
[WARNING] The file could not be opened!
Begin scan in 'Y:\' <yves partit>
End of the scan: samedi 17 novembre 2007 08:16
Used time: 29:19 min
The scan has been done completely.
5368 Scanning directories
264204 Files were scanned
0 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
264204 Files not concerned
2213 Archives were scanned
1 Warnings
36 Notes
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
17 nov. 2007 à 18:02
17 nov. 2007 à 18:02
encore des pbs?
Utilisateur anonyme
17 nov. 2007 à 19:15
17 nov. 2007 à 19:15
non plus de problemes!!!
je te remercie mille fois de ton coup de main !
merci beaucoup
je te remercie mille fois de ton coup de main !
merci beaucoup