Infecté par Virtob
Résolu/Fermé
A voir également:
- Infecté par Virtob
- L'ordinateur de mustapha a été infecté par un virus répertorié récemment. son anti-virus ne l'a pas détecté. qu'a-t-il pu se passer ? - Forum Virus / Sécurité
- Message iphone infecte par virus ✓ - Forum iPhone
- L'ordinateur d'arthur a été infecté par un virus répertorié récemment. son anti-virus ne l'a pas détecté. qu'a-t-il pu se passer ? - Forum Virus / Sécurité
- Je viens de recevoir une alerte aux virus sur mon iphone - Forum iPhone
- Alerte windows ordinateur infecté ✓ - Forum Virus / Sécurité
26 réponses
flobx33
Messages postés
9
Date d'inscription
samedi 17 novembre 2007
Statut
Membre
Dernière intervention
20 novembre 2007
20 nov. 2007 à 13:01
20 nov. 2007 à 13:01
Raport Avira Antivir
AntiVir PersonalEdition Classic
Report file date: mardi 20 novembre 2007 10:51
Scanning for 935480 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows Vista
Windows version: (plain) [6.0.6000]
Username: Flo
Computer name: FLO-PC
Version information:
BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:20
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 14:27:15
ANTIVIR1.VDF : 7.0.0.0 1640448 Bytes 13/09/2007 14:26:55
ANTIVIR2.VDF : 7.0.0.198 1206272 Bytes 11/11/2007 09:48:01
ANTIVIR3.VDF : 7.0.0.236 138752 Bytes 20/11/2007 09:48:01
AVEWIN32.DLL : 7.6.0.34 3125760 Bytes 20/11/2007 09:48:02
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24
AVPACK32.DLL : 7.3.0.15 360488 Bytes 03/08/2007 08:46:00
AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 11:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 12:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:21
Configuration settings for the scan:
Jobname..........................: Manual Selection
Configuration file...............: C:\ProgramData\Avira\AntiVir PersonalEdition Classic\PROFILES\folder.avp
Logging..........................: high
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: on
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: high
Deviating risk categories........: +APPL,+GAME,+JOKE,+PCK,+SPR,
Start of the scan: mardi 20 novembre 2007 10:51
Starting search for hidden objects.
'83525' objects were checked, '0' hidden objects were found.
End of the scan: mardi 20 novembre 2007 12:46
Used time: 1:55:14 min
The scan has been done completely.
15094 Scanning directories
188694 Files were scanned
0 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
74 Files cannot be scanned
188694 Files not concerned
1066 Archives were scanned
75 Warnings
0 Notes
83525 Objects were scanned with rootkit scan
0 Hidden objects were found
ça c'est le scan de mon DD ou il y a windows je vais scanner mon autre DD interne ou il y a le virusmais d'abord il faut que je le brache je post le rapport après
AntiVir PersonalEdition Classic
Report file date: mardi 20 novembre 2007 10:51
Scanning for 935480 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows Vista
Windows version: (plain) [6.0.6000]
Username: Flo
Computer name: FLO-PC
Version information:
BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:20
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 14:27:15
ANTIVIR1.VDF : 7.0.0.0 1640448 Bytes 13/09/2007 14:26:55
ANTIVIR2.VDF : 7.0.0.198 1206272 Bytes 11/11/2007 09:48:01
ANTIVIR3.VDF : 7.0.0.236 138752 Bytes 20/11/2007 09:48:01
AVEWIN32.DLL : 7.6.0.34 3125760 Bytes 20/11/2007 09:48:02
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24
AVPACK32.DLL : 7.3.0.15 360488 Bytes 03/08/2007 08:46:00
AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 11:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 12:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:21
Configuration settings for the scan:
Jobname..........................: Manual Selection
Configuration file...............: C:\ProgramData\Avira\AntiVir PersonalEdition Classic\PROFILES\folder.avp
Logging..........................: high
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: on
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: high
Deviating risk categories........: +APPL,+GAME,+JOKE,+PCK,+SPR,
Start of the scan: mardi 20 novembre 2007 10:51
Starting search for hidden objects.
'83525' objects were checked, '0' hidden objects were found.
End of the scan: mardi 20 novembre 2007 12:46
Used time: 1:55:14 min
The scan has been done completely.
15094 Scanning directories
188694 Files were scanned
0 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
74 Files cannot be scanned
188694 Files not concerned
1066 Archives were scanned
75 Warnings
0 Notes
83525 Objects were scanned with rootkit scan
0 Hidden objects were found
ça c'est le scan de mon DD ou il y a windows je vais scanner mon autre DD interne ou il y a le virusmais d'abord il faut que je le brache je post le rapport après
jalobservateur
Messages postés
7372
Date d'inscription
lundi 16 juillet 2007
Statut
Contributeur sécurité
Dernière intervention
10 mai 2012
930
20 nov. 2007 à 17:12
20 nov. 2007 à 17:12
Super ! tu fais ça comme un chef!
Continues mon ami !!!
Passes toute la sauce!
Sur Windows, cliques le moins possible, laisses-le dormir...
Si tu avais Process explorer... tu pourrais lui couper sa source aussi...
E T no phone home Loll!
;-)
Continues mon ami !!!
Passes toute la sauce!
Sur Windows, cliques le moins possible, laisses-le dormir...
Si tu avais Process explorer... tu pourrais lui couper sa source aussi...
E T no phone home Loll!
;-)
flobx33
Messages postés
9
Date d'inscription
samedi 17 novembre 2007
Statut
Membre
Dernière intervention
20 novembre 2007
20 nov. 2007 à 18:06
20 nov. 2007 à 18:06
Scan de l'autre Disque Dur interne:
AntiVir PersonalEdition Classic
Report file date: mardi 20 novembre 2007 16:28
Scanning for 935480 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows Vista
Windows version: (plain) [6.0.6000]
Username: Flo
Computer name: FLO-PC
Version information:
BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:20
ANTIVIR0.VDF : 6.40.0.0 1103052
8 Bytes 18/07/2007 14:27:15
ANTIVIR1.VDF : 7.0.0.0 1640448 Bytes 13/09/2007 14:26:55
ANTIVIR2.VDF : 7.0.0.198 1206272 Bytes 11/11/2007 09:48:01
ANTIVIR3.VDF : 7.0.0.236 138752 Bytes 20/11/2007 09:48:01
AVEWIN32.DLL : 7.6.0.34 3125760 Bytes 20/11/2007 09:48:02
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24
AVPACK32.DLL : 7.3.0.15 360488 Bytes 03/08/2007 08:46:00
AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 11:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 12:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:21
Configuration settings for the scan:
Jobname..........................: Manual Selection
Configuration file...............: C:\ProgramData\Avira\AntiVir PersonalEdition Classic\PROFILES\folder.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: D:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: on
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: high
Deviating risk categories........: +APPL,+GAME,+JOKE,+PCK,+SPR,
Start of the scan: mardi 20 novembre 2007 16:28
Starting search for hidden objects.
'79906' objects were checked, '0' hidden objects were found.
The scan of running processes will be started
Scan process 'taskeng.exe' - '1' Module(s) have been scanned
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'firefox.exe' - '1' Module(s) have been scanned
Scan process 'WmiPrvSE.exe' - '1' Module(s) have been scanned
Scan process 'unsecapp.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'SOUNDMAN.EXE' - '1' Module(s) have been scanned
Scan process 'MSASCui.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'dwm.exe' - '1' Module(s) have been scanned
Scan process 'taskeng.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'infocard.exe' - '1' Module(s) have been scanned
Scan process 'taskeng.exe' - '1' Module(s) have been scanned
Scan process 'SearchIndexer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'mdm.exe' - '1' Module(s) have been scanned
Scan process 'FileZilla server.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'SLsvc.exe' - '1' Module(s) have been scanned
Scan process 'audiodg.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsm.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'wininit.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
40 processes with 40 modules were scanned
Starting master boot sector scan:
Master boot sector HD0
[NOTE] No virus was found!
Master boot sector HD1
[NOTE] No virus was found!
Start scanning boot sectors:
Boot sector 'D:\'
[NOTE] No virus was found!
Starting to scan the registry.
The registry was scanned ( '7' files ).
Starting the file scan:
Begin scan in 'D:\' <Windows>
D:\grabit\downloads\vista installation.rar
[0] Archive type: RAR
--> vista installation\cl08seCu9\ocr\filer.net\AntiCaptcha\AntiCaptcha.exe
[DETECTION] Contains code of the Windows virus W32/Virut.AO
--> vista installation\cl08seCu9\ocr\megaupload.com\AntiCaptcha\AntiCaptcha.exe
[DETECTION] Contains code of the Windows virus W32/Virut.AO
--> vista installation\cl08seCu9\ocr\megaupload.com\AntiCaptcha\megafree.exe
[DETECTION] Contains code of the Windows virus W32/Virut.AO
--> vista installation\cl08seCu9\ocr\megaupload.com\FineReader\result.exe
[DETECTION] Contains code of the Windows virus W32/Virut.AO
--> vista installation\cl08seCu9\ocr\netload.in\FineReader\netload.exe
[DETECTION] Contains code of the Windows virus W32/Virut.AO
--> vista installation\cl08seCu9\ocr\netload.in\FineReader\result.exe
[DETECTION] Contains code of the Windows virus W32/Virut.AO
--> vista installation\cl08seCu9\ocr\netload.in\nur_fuer_disch\CleanNetload.exe
[DETECTION] Contains code of the Windows virus W32/Virut.AO
--> vista installation\cl08seCu9\ocr\netload.in\nur_fuer_disch\rapidclip.exe
[DETECTION] Contains code of the Windows virus W32/Virut.AO
--> vista installation\cl08seCu9\ocr\rapidshare.com\AntiCaptcha\AntiCaptcha.exe
[DETECTION] Contains code of the Windows virus W32/Virut.AO
--> vista installation\cl08seCu9\ocr\rapidshare.com\Bot check\Bot.exe
[DETECTION] Contains code of the Windows virus W32/Virut.AO
--> vista installation\cl08seCu9\ocr\rapidshare.de\BotCheck\BotCheck.exe
[DETECTION] Contains code of the Windows virus W32/Virut.AO
--> vista installation\cl08seCu9\router\Arcor Wlan Router 100\ztnbatch.exe
[DETECTION] Contains code of the Windows virus W32/Virut.AO
--> vista installation\cl08seCu9\router\FRITZ!Box\nc.exe
[DETECTION] Contains code of the Windows virus W32/Virut.AO
--> vista installation\cl08seCu9\router\FRITZ!Box\voip.exe
[DETECTION] Contains code of the Windows virus W32/Virut.AO
--> vista installation\cl08seCu9\router\Speedport w 500v\DisConnect.exe
[DETECTION] Contains code of the Windows virus W32/Virut.AO
--> vista installation\cl08seCu9\RouterClient.exe
[DETECTION] Contains code of the Windows virus W32/Virut.AO
--> vista installation\cl08seCu9\RouterRecorder.exe
[DETECTION] Contains code of the Windows virus W32/Virut.AO
--> vista installation\Fritzbox reconnect\bat\nc.exe
[DETECTION] Contains code of the Windows virus W32/Virut.AO
--> vista installation\Fritzbox reconnect\exe\nc.exe
[DETECTION] Contains code of the Windows virus W32/Virut.AO
--> vista installation\IfoEdit.exe
[DETECTION] Contains code of the Windows virus W32/Virut.AO
--> vista installation\power dvd\PDVDBD\Advisor\CLDetect.exe
[DETECTION] Contains code of the Windows virus W32/Virut.AO
--> vista installation\power dvd\PDVDBD\RichVideo\RichVideo.exe
[DETECTION] Contains code of the Windows virus W32/Virut.AO
--> vista installation\power dvd\PDVDBD\RichVideo\RichVideoInstall.exe
[DETECTION] Contains code of the Windows virus W32/Virut.AO
--> vista installation\power dvd\PDVDBD\RichVideo\RichVideoUnInstall.exe
[DETECTION] Contains code of the Windows virus W32/Virut.AO
--> vista installation\power dvd\PDVDBD\Setup.exe
[DETECTION] Contains code of the Windows virus W32/Virut.AO
--> vista installation\power dvd\PDVDHD\Advisor\CLDetect.exe
[DETECTION] Contains code of the Windows virus W32/Virut.AO
--> vista installation\power dvd\PDVDHD\RichVideo\RichVideo.exe
[DETECTION] Contains code of the Windows virus W32/Virut.AO
--> vista installation\power dvd\PDVDHD\RichVideo\RichVideoInstall.exe
[DETECTION] Contains code of the Windows virus W32/Virut.AO
--> vista installation\power dvd\PDVDHD\RichVideo\RichVideoUnInstall.exe
[DETECTION] Contains code of the Windows virus W32/Virut.AO
--> vista installation\power dvd\PDVDHD\Setup.exe
[DETECTION] Contains code of the Windows virus W32/Virut.AO
--> vista installation\power dvd\Setup.exe
[DETECTION] Contains detection pattern of the SPR/RAS.A program
[WARNING] An error has occurred and the file was not deleted. ErrorID: 16001
[WARNING] Failed!
D:\Program Files\NiProD.rar
[DETECTION] Contains detection pattern of the Windows virus W32/Virut.AO
[INFO] The file was moved to '479301e7.qua'!
D:\Program Files\3d Dialing\3d Dialing.rar
[0] Archive type: RAR
--> dialing.exe
[DETECTION] Contains code of the Windows virus W32/Virut.AO
--> uninstall.exe
[DETECTION] Contains code of the Windows virus W32/Virut.AO
[INFO] The file was moved to '4763023e.qua'!
D:\Program Files\Microsoft Games\Age of Empires III\Age of Empires III.rar
[0] Archive type: RAR
--> instapup.exe
[DETECTION] Contains code of the Windows virus W32/Virut.AO
--> splash.exe
[DETECTION] Contains code of the Windows virus W32/Virut.AO
--> autopatcher.exe
[DETECTION] Contains code of the Windows virus W32/Virut.AO
--> filecrc.exe
[DETECTION] Contains code of the Windows virus W32/Virut.AO
[INFO] The file was moved to '47a802ed.qua'!
D:\Program Files\Notepad++\Notepad++.rar
[DETECTION] Contains detection pattern of the Windows virus W32/Virut.AO
[INFO] The file was renamed to 'Notepad++.rar.VIR'!
D:\Program Files\UseNeXT\UseNeXT.rar
[0] Archive type: RAR
--> UseNeXT.exe
[DETECTION] Contains code of the Windows virus W32/Virut.AO
[INFO] The file was moved to '47a80fcf.qua'!
End of the scan: mardi 20 novembre 2007 17:48
Used time: 1:19:57 min
The scan has been done completely.
1545 Scanning directories
110234 Files were scanned
49 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
4 files were moved to quarantine
1 files were renamed
0 Files cannot be scanned
110185 Files not concerned
738 Archives were scanned
1 Warnings
111 Notes
79906 Objects were scanned with rootkit scan
0 Hidden objects were found
Apparement le virus vient de vista Installation qui est une archive rar que j'ai télécharger sur zdnet il me semble c'est une archive avec les meilleurs logiciels pour vista ...
Voilà c'est mon Disque dur secondaire qui est infecté pas de problème avec ma partition Windows donc j'installe zone alarm et je te tient au courant.
PS: D:\Program Files\Microsoft Games\Age of Empires III\Age of Empires III.rar c'est l'archive ou j'ai mis tout les .exe de AOE 3 (je peux plus y jouer heuresement j'ai sauvegarde le dossier ou les parties sont enregistré)
PPS: J'ai suprimé tout les fichiers de la quarentaines
AntiVir PersonalEdition Classic
Report file date: mardi 20 novembre 2007 16:28
Scanning for 935480 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows Vista
Windows version: (plain) [6.0.6000]
Username: Flo
Computer name: FLO-PC
Version information:
BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:20
ANTIVIR0.VDF : 6.40.0.0 1103052
8 Bytes 18/07/2007 14:27:15
ANTIVIR1.VDF : 7.0.0.0 1640448 Bytes 13/09/2007 14:26:55
ANTIVIR2.VDF : 7.0.0.198 1206272 Bytes 11/11/2007 09:48:01
ANTIVIR3.VDF : 7.0.0.236 138752 Bytes 20/11/2007 09:48:01
AVEWIN32.DLL : 7.6.0.34 3125760 Bytes 20/11/2007 09:48:02
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24
AVPACK32.DLL : 7.3.0.15 360488 Bytes 03/08/2007 08:46:00
AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 11:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 12:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:21
Configuration settings for the scan:
Jobname..........................: Manual Selection
Configuration file...............: C:\ProgramData\Avira\AntiVir PersonalEdition Classic\PROFILES\folder.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: D:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: on
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: high
Deviating risk categories........: +APPL,+GAME,+JOKE,+PCK,+SPR,
Start of the scan: mardi 20 novembre 2007 16:28
Starting search for hidden objects.
'79906' objects were checked, '0' hidden objects were found.
The scan of running processes will be started
Scan process 'taskeng.exe' - '1' Module(s) have been scanned
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'firefox.exe' - '1' Module(s) have been scanned
Scan process 'WmiPrvSE.exe' - '1' Module(s) have been scanned
Scan process 'unsecapp.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'SOUNDMAN.EXE' - '1' Module(s) have been scanned
Scan process 'MSASCui.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'dwm.exe' - '1' Module(s) have been scanned
Scan process 'taskeng.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'infocard.exe' - '1' Module(s) have been scanned
Scan process 'taskeng.exe' - '1' Module(s) have been scanned
Scan process 'SearchIndexer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'mdm.exe' - '1' Module(s) have been scanned
Scan process 'FileZilla server.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'SLsvc.exe' - '1' Module(s) have been scanned
Scan process 'audiodg.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsm.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'wininit.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
40 processes with 40 modules were scanned
Starting master boot sector scan:
Master boot sector HD0
[NOTE] No virus was found!
Master boot sector HD1
[NOTE] No virus was found!
Start scanning boot sectors:
Boot sector 'D:\'
[NOTE] No virus was found!
Starting to scan the registry.
The registry was scanned ( '7' files ).
Starting the file scan:
Begin scan in 'D:\' <Windows>
D:\grabit\downloads\vista installation.rar
[0] Archive type: RAR
--> vista installation\cl08seCu9\ocr\filer.net\AntiCaptcha\AntiCaptcha.exe
[DETECTION] Contains code of the Windows virus W32/Virut.AO
--> vista installation\cl08seCu9\ocr\megaupload.com\AntiCaptcha\AntiCaptcha.exe
[DETECTION] Contains code of the Windows virus W32/Virut.AO
--> vista installation\cl08seCu9\ocr\megaupload.com\AntiCaptcha\megafree.exe
[DETECTION] Contains code of the Windows virus W32/Virut.AO
--> vista installation\cl08seCu9\ocr\megaupload.com\FineReader\result.exe
[DETECTION] Contains code of the Windows virus W32/Virut.AO
--> vista installation\cl08seCu9\ocr\netload.in\FineReader\netload.exe
[DETECTION] Contains code of the Windows virus W32/Virut.AO
--> vista installation\cl08seCu9\ocr\netload.in\FineReader\result.exe
[DETECTION] Contains code of the Windows virus W32/Virut.AO
--> vista installation\cl08seCu9\ocr\netload.in\nur_fuer_disch\CleanNetload.exe
[DETECTION] Contains code of the Windows virus W32/Virut.AO
--> vista installation\cl08seCu9\ocr\netload.in\nur_fuer_disch\rapidclip.exe
[DETECTION] Contains code of the Windows virus W32/Virut.AO
--> vista installation\cl08seCu9\ocr\rapidshare.com\AntiCaptcha\AntiCaptcha.exe
[DETECTION] Contains code of the Windows virus W32/Virut.AO
--> vista installation\cl08seCu9\ocr\rapidshare.com\Bot check\Bot.exe
[DETECTION] Contains code of the Windows virus W32/Virut.AO
--> vista installation\cl08seCu9\ocr\rapidshare.de\BotCheck\BotCheck.exe
[DETECTION] Contains code of the Windows virus W32/Virut.AO
--> vista installation\cl08seCu9\router\Arcor Wlan Router 100\ztnbatch.exe
[DETECTION] Contains code of the Windows virus W32/Virut.AO
--> vista installation\cl08seCu9\router\FRITZ!Box\nc.exe
[DETECTION] Contains code of the Windows virus W32/Virut.AO
--> vista installation\cl08seCu9\router\FRITZ!Box\voip.exe
[DETECTION] Contains code of the Windows virus W32/Virut.AO
--> vista installation\cl08seCu9\router\Speedport w 500v\DisConnect.exe
[DETECTION] Contains code of the Windows virus W32/Virut.AO
--> vista installation\cl08seCu9\RouterClient.exe
[DETECTION] Contains code of the Windows virus W32/Virut.AO
--> vista installation\cl08seCu9\RouterRecorder.exe
[DETECTION] Contains code of the Windows virus W32/Virut.AO
--> vista installation\Fritzbox reconnect\bat\nc.exe
[DETECTION] Contains code of the Windows virus W32/Virut.AO
--> vista installation\Fritzbox reconnect\exe\nc.exe
[DETECTION] Contains code of the Windows virus W32/Virut.AO
--> vista installation\IfoEdit.exe
[DETECTION] Contains code of the Windows virus W32/Virut.AO
--> vista installation\power dvd\PDVDBD\Advisor\CLDetect.exe
[DETECTION] Contains code of the Windows virus W32/Virut.AO
--> vista installation\power dvd\PDVDBD\RichVideo\RichVideo.exe
[DETECTION] Contains code of the Windows virus W32/Virut.AO
--> vista installation\power dvd\PDVDBD\RichVideo\RichVideoInstall.exe
[DETECTION] Contains code of the Windows virus W32/Virut.AO
--> vista installation\power dvd\PDVDBD\RichVideo\RichVideoUnInstall.exe
[DETECTION] Contains code of the Windows virus W32/Virut.AO
--> vista installation\power dvd\PDVDBD\Setup.exe
[DETECTION] Contains code of the Windows virus W32/Virut.AO
--> vista installation\power dvd\PDVDHD\Advisor\CLDetect.exe
[DETECTION] Contains code of the Windows virus W32/Virut.AO
--> vista installation\power dvd\PDVDHD\RichVideo\RichVideo.exe
[DETECTION] Contains code of the Windows virus W32/Virut.AO
--> vista installation\power dvd\PDVDHD\RichVideo\RichVideoInstall.exe
[DETECTION] Contains code of the Windows virus W32/Virut.AO
--> vista installation\power dvd\PDVDHD\RichVideo\RichVideoUnInstall.exe
[DETECTION] Contains code of the Windows virus W32/Virut.AO
--> vista installation\power dvd\PDVDHD\Setup.exe
[DETECTION] Contains code of the Windows virus W32/Virut.AO
--> vista installation\power dvd\Setup.exe
[DETECTION] Contains detection pattern of the SPR/RAS.A program
[WARNING] An error has occurred and the file was not deleted. ErrorID: 16001
[WARNING] Failed!
D:\Program Files\NiProD.rar
[DETECTION] Contains detection pattern of the Windows virus W32/Virut.AO
[INFO] The file was moved to '479301e7.qua'!
D:\Program Files\3d Dialing\3d Dialing.rar
[0] Archive type: RAR
--> dialing.exe
[DETECTION] Contains code of the Windows virus W32/Virut.AO
--> uninstall.exe
[DETECTION] Contains code of the Windows virus W32/Virut.AO
[INFO] The file was moved to '4763023e.qua'!
D:\Program Files\Microsoft Games\Age of Empires III\Age of Empires III.rar
[0] Archive type: RAR
--> instapup.exe
[DETECTION] Contains code of the Windows virus W32/Virut.AO
--> splash.exe
[DETECTION] Contains code of the Windows virus W32/Virut.AO
--> autopatcher.exe
[DETECTION] Contains code of the Windows virus W32/Virut.AO
--> filecrc.exe
[DETECTION] Contains code of the Windows virus W32/Virut.AO
[INFO] The file was moved to '47a802ed.qua'!
D:\Program Files\Notepad++\Notepad++.rar
[DETECTION] Contains detection pattern of the Windows virus W32/Virut.AO
[INFO] The file was renamed to 'Notepad++.rar.VIR'!
D:\Program Files\UseNeXT\UseNeXT.rar
[0] Archive type: RAR
--> UseNeXT.exe
[DETECTION] Contains code of the Windows virus W32/Virut.AO
[INFO] The file was moved to '47a80fcf.qua'!
End of the scan: mardi 20 novembre 2007 17:48
Used time: 1:19:57 min
The scan has been done completely.
1545 Scanning directories
110234 Files were scanned
49 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
4 files were moved to quarantine
1 files were renamed
0 Files cannot be scanned
110185 Files not concerned
738 Archives were scanned
1 Warnings
111 Notes
79906 Objects were scanned with rootkit scan
0 Hidden objects were found
Apparement le virus vient de vista Installation qui est une archive rar que j'ai télécharger sur zdnet il me semble c'est une archive avec les meilleurs logiciels pour vista ...
Voilà c'est mon Disque dur secondaire qui est infecté pas de problème avec ma partition Windows donc j'installe zone alarm et je te tient au courant.
PS: D:\Program Files\Microsoft Games\Age of Empires III\Age of Empires III.rar c'est l'archive ou j'ai mis tout les .exe de AOE 3 (je peux plus y jouer heuresement j'ai sauvegarde le dossier ou les parties sont enregistré)
PPS: J'ai suprimé tout les fichiers de la quarentaines
flobx33
Messages postés
9
Date d'inscription
samedi 17 novembre 2007
Statut
Membre
Dernière intervention
20 novembre 2007
20 nov. 2007 à 20:34
20 nov. 2007 à 20:34
J'ai instaler process explorer mais aucun processus ne m'a l'air suspect mais comme je l'ai dit ma partition windows n'est pas infecté:
Process PID CPU Description Company Name
System Idle Process 0 1.52
Interrupts n/a 3.03 Hardware Interrupts
DPCs n/a 12.12 Deferred Procedure Calls
System 4
smss.exe 416 Windows Session Manager Microsoft Corporation
csrss.exe 484 Processus d'exécuttion client-serveur Microsoft Corporation
wininit.exe 532 Application de démarrage de Windows Microsoft Corporation
services.exe 616 Applications Services et Contrôleur Microsoft Corporation
svchost.exe 788 Processus hôte pour les services Windows Microsoft Corporation
svchost.exe 836 Processus hôte pour les services Windows Microsoft Corporation
svchost.exe 876 Processus hôte pour les services Windows Microsoft Corporation
svchost.exe 940 Processus hôte pour les services Windows Microsoft Corporation
audiodg.exe 1136 Isolation graphique de périphérique audio Windows Microsoft Corporation
svchost.exe 1036 9.09 Processus hôte pour les services Windows Microsoft Corporation
dwm.exe 1884 Gestionnaire de fenêtres du Bureau Microsoft Corporation
svchost.exe 1052 Processus hôte pour les services Windows Microsoft Corporation
taskeng.exe 272 Moteur du Planificateur de tâches Microsoft Corporation
taskeng.exe 2584 Moteur du Planificateur de tâches Microsoft Corporation
SLsvc.exe 1176 Service de gestion des licences Microsoft Microsoft Corporation
svchost.exe 1204 Processus hôte pour les services Windows Microsoft Corporation
svchost.exe 1376 Processus hôte pour les services Windows Microsoft Corporation
vsmon.exe 1432 TrueVector Service Check Point Software Technologies LTD
spoolsv.exe 2000 Application sous-système spouleur Microsoft Corporation
svchost.exe 2036 Processus hôte pour les services Windows Microsoft Corporation
FileZilla server.exe 924 FileZilla Server FileZilla Project
mdm.exe 1852 Machine Debug Manager Microsoft Corporation
svchost.exe 2088 Processus hôte pour les services Windows Microsoft Corporation
svchost.exe 2172 Processus hôte pour les services Windows Microsoft Corporation
svchost.exe 2208 Processus hôte pour les services Windows Microsoft Corporation
SearchIndexer.exe 2280 Microsoft Windows Search Indexer Microsoft Corporation
avguard.exe 3264 Antivirus On-Access Service Avira GmbH
sched.exe 4064 Antivirus Scheduler Avira GmbH
lsass.exe 632 1.52 Processus de l’autorité de sécurité locale Microsoft Corporation
lsm.exe 640 Service du gestionnaire de session locale Microsoft Corporation
csrss.exe 540 Processus d'exécuttion client-serveur Microsoft Corporation
winlogon.exe 572 Application d'ouverture de session Windows Microsoft Corporation
explorer.exe 1912 3.03 Explorateur Windows Microsoft Corporation
MSASCui.exe 488 Windows Defender User Interface Microsoft Corporation
SOUNDMAN.EXE 472 Realtek Sound Manager Realtek Semiconductor Corp.
zlclient.exe 652 ZoneAlarm Client Check Point Software Technologies LTD
firefox.exe 2064 Firefox Mozilla Corporation
procexp.exe 4060 62.12 Sysinternals Process Explorer Sysinternals
avgnt.exe 2852 Antivirus System Tray Tool Avira GmbH
Process PID CPU Description Company Name
System Idle Process 0 1.52
Interrupts n/a 3.03 Hardware Interrupts
DPCs n/a 12.12 Deferred Procedure Calls
System 4
smss.exe 416 Windows Session Manager Microsoft Corporation
csrss.exe 484 Processus d'exécuttion client-serveur Microsoft Corporation
wininit.exe 532 Application de démarrage de Windows Microsoft Corporation
services.exe 616 Applications Services et Contrôleur Microsoft Corporation
svchost.exe 788 Processus hôte pour les services Windows Microsoft Corporation
svchost.exe 836 Processus hôte pour les services Windows Microsoft Corporation
svchost.exe 876 Processus hôte pour les services Windows Microsoft Corporation
svchost.exe 940 Processus hôte pour les services Windows Microsoft Corporation
audiodg.exe 1136 Isolation graphique de périphérique audio Windows Microsoft Corporation
svchost.exe 1036 9.09 Processus hôte pour les services Windows Microsoft Corporation
dwm.exe 1884 Gestionnaire de fenêtres du Bureau Microsoft Corporation
svchost.exe 1052 Processus hôte pour les services Windows Microsoft Corporation
taskeng.exe 272 Moteur du Planificateur de tâches Microsoft Corporation
taskeng.exe 2584 Moteur du Planificateur de tâches Microsoft Corporation
SLsvc.exe 1176 Service de gestion des licences Microsoft Microsoft Corporation
svchost.exe 1204 Processus hôte pour les services Windows Microsoft Corporation
svchost.exe 1376 Processus hôte pour les services Windows Microsoft Corporation
vsmon.exe 1432 TrueVector Service Check Point Software Technologies LTD
spoolsv.exe 2000 Application sous-système spouleur Microsoft Corporation
svchost.exe 2036 Processus hôte pour les services Windows Microsoft Corporation
FileZilla server.exe 924 FileZilla Server FileZilla Project
mdm.exe 1852 Machine Debug Manager Microsoft Corporation
svchost.exe 2088 Processus hôte pour les services Windows Microsoft Corporation
svchost.exe 2172 Processus hôte pour les services Windows Microsoft Corporation
svchost.exe 2208 Processus hôte pour les services Windows Microsoft Corporation
SearchIndexer.exe 2280 Microsoft Windows Search Indexer Microsoft Corporation
avguard.exe 3264 Antivirus On-Access Service Avira GmbH
sched.exe 4064 Antivirus Scheduler Avira GmbH
lsass.exe 632 1.52 Processus de l’autorité de sécurité locale Microsoft Corporation
lsm.exe 640 Service du gestionnaire de session locale Microsoft Corporation
csrss.exe 540 Processus d'exécuttion client-serveur Microsoft Corporation
winlogon.exe 572 Application d'ouverture de session Windows Microsoft Corporation
explorer.exe 1912 3.03 Explorateur Windows Microsoft Corporation
MSASCui.exe 488 Windows Defender User Interface Microsoft Corporation
SOUNDMAN.EXE 472 Realtek Sound Manager Realtek Semiconductor Corp.
zlclient.exe 652 ZoneAlarm Client Check Point Software Technologies LTD
firefox.exe 2064 Firefox Mozilla Corporation
procexp.exe 4060 62.12 Sysinternals Process Explorer Sysinternals
avgnt.exe 2852 Antivirus System Tray Tool Avira GmbH
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
jalobservateur
Messages postés
7372
Date d'inscription
lundi 16 juillet 2007
Statut
Contributeur sécurité
Dernière intervention
10 mai 2012
930
20 nov. 2007 à 21:35
20 nov. 2007 à 21:35
Super continues!
Jettes tout ce qui te sembles bizz. et oui ok pour les process! Good news!
Mets Ccleaner et RegSeeker
RegSeeker mode auto.
Je vais tenter de revenir
Je suis encore en combat avec la famille Virut de Q et ses cousins/cousines LOLL
Jettes tout ce qui te sembles bizz. et oui ok pour les process! Good news!
Mets Ccleaner et RegSeeker
RegSeeker mode auto.
Je vais tenter de revenir
Je suis encore en combat avec la famille Virut de Q et ses cousins/cousines LOLL
pixel-mort
Messages postés
50
Date d'inscription
vendredi 21 septembre 2007
Statut
Membre
Dernière intervention
23 avril 2009
3
16 nov. 2007 à 23:57
16 nov. 2007 à 23:57
bonjour,
oh lala ton virus a l'air mechant ! tu la choper comment ? d/L sur emule, téléchargement illegale ?
si c'est le cas c'est bien fait pour toi, sinon ben achete un anti virus payant ou gratuit (antivir)
mais sache que dans les cas comme le tien, je te conseil de formater ton pc, j'espere pour toi que tu a fait des sauvgardes PC
amicalement
pixel-mort
oh lala ton virus a l'air mechant ! tu la choper comment ? d/L sur emule, téléchargement illegale ?
si c'est le cas c'est bien fait pour toi, sinon ben achete un anti virus payant ou gratuit (antivir)
mais sache que dans les cas comme le tien, je te conseil de formater ton pc, j'espere pour toi que tu a fait des sauvgardes PC
amicalement
pixel-mort