Viruses and/or unwanted programs were found
monsieur.
Messages postés
25
Statut
Membre
-
^^Marie^^ Messages postés 126523 Date d'inscription Statut Membre Dernière intervention -
^^Marie^^ Messages postés 126523 Date d'inscription Statut Membre Dernière intervention -
Salut tout le monde,
j'ai installé depuis environ 1 mois Avira Antivirus et depuis il me surprend par le tas de "viruses and/or unwanted programs" qu'il me sort à chaque scanning , chose que je ne connaissait pas avant quand j'avais Avast. Par exemple aujourd'hui dès la matin, Avira me sort 23 "viruses and/or unwanted programs" , ne sachant que faire de ce bouquet de merde, je le mets en quarantaine et je restore de suite les fichiers infectés. Puis exactement 3 heures après, je relance un nouveau scanning et je suis surpris par la liste de 24 "viruses and/or unwanted programs". Je ne comprends rien...., et je vous demande s.v.p de bien vouloir m'assister a remedier à ce probleme avec le maximum de précision possible, et ce du fait que je ne comprends pas le vocabulaire lineaire et je vis en Thailande comme Robinson Crusoe où dans le village il n'y a pas un francophone ni à 50 k.m de la ronde....
Aussi que dois je faire avec ce probleme selon les rapports : 3 Files cannot be scanned.
Pourais je detruire les fichiers infectés mentionnés sur les rapports sans les restorer.
Ci-dessous les deux rapports Avira :
Rapport numero 1 : 23 virus
AntiVir PersonalEdition Classic
Report file date: 20 มกราคม 2551 05:42 ===> 20/01/2008 selon calendrier Thai
Scanning for 1056958 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: test
Computer name: WIN06V5
Version information:
BUILD.DAT : 270 15603 Bytes 19/9/2550 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/8/2550 07:16:30
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/8/2550 06:23:52
LUKE.DLL : 7.0.5.3 147496 Bytes 14/8/2550 09:32:48
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/8/2550 06:35:22
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/7/2550 08:27:16
ANTIVIR1.VDF : 7.0.1.95 3367424 Bytes 14/12/2550 14:54:20
ANTIVIR2.VDF : 7.0.2.0 948736 Bytes 15/1/2551 12:57:00
ANTIVIR3.VDF : 7.0.2.20 225792 Bytes 18/1/2551 12:54:36
AVEWIN32.DLL : 7.6.0.48 3080704 Bytes 17/1/2551 12:57:00
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/2/2550 04:36:28
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/7/2550 01:39:18
AVREP.DLL : 7.0.0.1 155688 Bytes 16/4/2550 07:16:24
AVPACK32.DLL : 7.6.0.3 360488 Bytes 17/1/2551 12:57:00
AVREG.DLL : 7.0.1.6 30760 Bytes 18/7/2550 01:17:08
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/8/2550 06:26:34
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/7/2550 01:10:20
NETNT.DLL : 7.0.0.0 7720 Bytes 8/3/2550 05:09:44
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 7/8/2550 06:38:14
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/8/2550 06:50:38
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/7/2550 03:37:22
Configuration settings for the scan:
Jobname..........................: Manual Selection
Configuration file...............: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\PROFILES\folder.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: J:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Deviating archive types..........: +BSD Mailbox, +Netscape/Mozilla Mailbox, +Eudora Mailbox, +Squid cache, +Pegasus Mailbox, +MS Outlook Mailbox,
Macro heuristic..................: on
File heuristic...................: medium
Deviating risk categories........: +APPL,+GAME,+JOKE,+PCK,+SPR,
Start of the scan: 20 มกราคม 2551 05:42
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'Camfrog Video Chat.exe' - '1' Module(s) have been scanned
Scan process 'ALG.EXE' - '1' Module(s) have been scanned
Scan process 'ServiceLayer.exe' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'RichVideo.exe' - '1' Module(s) have been scanned
Scan process 'NVSVC32.EXE' - '1' Module(s) have been scanned
Scan process 'NMSAccessU.exe' - '1' Module(s) have been scanned
Scan process 'MDM.EXE' - '1' Module(s) have been scanned
Scan process 'LSSrvc.exe' - '1' Module(s) have been scanned
Scan process 'InCDsrv.exe' - '1' Module(s) have been scanned
Scan process 'IJPLMSVC.EXE' - '1' Module(s) have been scanned
Scan process 'GoogleUpdaterService.exe' - '1' Module(s) have been scanned
Scan process 'SCHED.EXE' - '1' Module(s) have been scanned
Scan process 'GoogleUpdater.exe' - '1' Module(s) have been scanned
Scan process 'YahooMessenger.exe' - '1' Module(s) have been scanned
Scan process 'CTFMON.EXE' - '1' Module(s) have been scanned
Scan process 'realsched.exe' - '1' Module(s) have been scanned
Scan process 'WINAMPA.EXE' - '1' Module(s) have been scanned
Scan process 'InCD.exe' - '1' Module(s) have been scanned
Scan process 'NBHGui.exe' - '1' Module(s) have been scanned
Scan process 'AVGNT.EXE' - '1' Module(s) have been scanned
Scan process 'LaunchApplication.exe' - '1' Module(s) have been scanned
Scan process 'PDVDServ.exe' - '1' Module(s) have been scanned
Scan process 'VM305_STI.EXE' - '1' Module(s) have been scanned
Scan process 'JUSCHED.EXE' - '1' Module(s) have been scanned
Scan process 'RTHDCPL.EXE' - '1' Module(s) have been scanned
Scan process 'UnlockerAssistant.exe' - '1' Module(s) have been scanned
Scan process 'EXPLORER.EXE' - '1' Module(s) have been scanned
Scan process 'AVGUARD.EXE' - '1' Module(s) have been scanned
Scan process 'SPOOLSV.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'LSASS.EXE' - '1' Module(s) have been scanned
Scan process 'SERVICES.EXE' - '1' Module(s) have been scanned
Scan process 'WINLOGON.EXE' - '1' Module(s) have been scanned
Scan process 'CSRSS.EXE' - '1' Module(s) have been scanned
Scan process 'SMSS.EXE' - '1' Module(s) have been scanned
43 processes with 43 modules were scanned
Start scanning boot sectors:
Boot sector 'A:\'
[NOTE] In the drive 'A:\' no data medium is inserted!
Boot sector 'C:\'
[NOTE] No virus was found!
Boot sector 'D:\'
[NOTE] No virus was found!
Boot sector 'E:\'
[NOTE] No virus was found!
Boot sector 'G:\'
[NOTE] In the drive 'G:\' no data medium is inserted!
Boot sector 'H:\'
[NOTE] In the drive 'H:\' no data medium is inserted!
Boot sector 'I:\'
[NOTE] In the drive 'I:\' no data medium is inserted!
Boot sector 'J:\'
[NOTE] In the drive 'J:\' no data medium is inserted!
Starting to scan the registry.
The registry was scanned ( '33' files ).
Starting the file scan:
Begin scan in 'A:\'
Search path A:\ could not be opened!
The parameter is incorrect.
Begin scan in 'C:\' <DISK2_VOL1>
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\WINDOWS\system32\drivers\sptd.sys
[WARNING] The file could not be opened!
C:\Documents and Settings\test\My Documents\islam\livre\chia\algadeer\algadeer\่ขŸ Ÿ้ไง๏ฉ • ้้ใ•••้Ÿ๊ก Ÿ้ฌ๏•••ฆ ใ งŸ้ฅซ๏๋ Ÿ้š๊๏๋๏.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[INFO] The file was moved to '48318c30.qua'!
C:\Documents and Settings\test\Desktop\tools\jeux\killbee.exe
[DETECTION] Contains detection pattern of the joke program JOKE/KillerBee
[INFO] The file was moved to '47fe7eb1.qua'!
C:\Program Files\NtreevSoft\Pangya_Th\PangFBI.exe
[DETECTION] Is the Trojan horse TR/Agent.AUM
[INFO] The file was moved to '48008069.qua'!
C:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP107\A0062074.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[INFO] The file was moved to '47c280e5.qua'!
C:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP163\A0096462.exe
[DETECTION] Is the Trojan horse TR/Agent.AUM
[INFO] The file was moved to '47c280e9.qua'!
C:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP160\A0095265.exe
[DETECTION] Is the Trojan horse TR/Agent.AUM
[INFO] The file was moved to '47c280eb.qua'!
C:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP152\A0091983.exe
[DETECTION] Is the Trojan horse TR/Agent.AUM
[INFO] The file was moved to '47c280ee.qua'!
C:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP150\A0091771.exe
[DETECTION] Is the Trojan horse TR/Agent.AUM
[INFO] The file was moved to '47c280f1.qua'!
C:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP148\A0091037.exe
[DETECTION] Is the Trojan horse TR/Agent.AUM
[INFO] The file was moved to '47c280f5.qua'!
C:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP146\A0088135.exe
[DETECTION] Is the Trojan horse TR/Agent.AUM
[INFO] The file was moved to '47c280f7.qua'!
C:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP141\A0085770.exe
[DETECTION] Is the Trojan horse TR/Agent.AUM
[INFO] The file was moved to '47c280f9.qua'!
C:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP141\A0085796.exe
[DETECTION] Is the Trojan horse TR/Agent.AUM
[INFO] The file was moved to '47c280fb.qua'!
C:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP139\A0084678.exe
[DETECTION] Is the Trojan horse TR/Agent.AUM
[INFO] The file was moved to '47c280fe.qua'!
C:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP138\A0083589.exe
[DETECTION] Is the Trojan horse TR/Agent.AUM
[INFO] The file was moved to '47c28100.qua'!
C:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP212\A0108731.exe
[DETECTION] Is the Trojan horse TR/Agent.AUM
[INFO] The file was moved to '47c3810d.qua'!
C:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP226\A0112407.exe
[DETECTION] Is the Trojan horse TR/Agent.AUM
[INFO] The file was moved to '47c3812f.qua'!
C:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP250\A0118726.exe
[DETECTION] Contains detection pattern of the SPR/HideWindows.I program
[INFO] The file was moved to '47c3815f.qua'!
C:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP250\A0118727.exe
[DETECTION] Contains detection pattern of the joke program JOKE/KillerBee
[INFO] The file was moved to '47c38161.qua'!
C:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP251\A0118731.exe
[DETECTION] Is the Trojan horse TR/Agent.AUM
[INFO] The file was moved to '47c3816f.qua'!
C:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP254\A0120309.exe
[DETECTION] Contains detection pattern of the SPR/HideWindows.I program
[INFO] The file was moved to '47c38190.qua'!
C:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP254\A0120310.exe
[DETECTION] Contains detection pattern of the joke program JOKE/KillerBee
[INFO] The file was moved to '47c38194.qua'!
C:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP254\A0120313.exe
[DETECTION] Is the Trojan horse TR/Agent.AUM
[INFO] The file was moved to '47c38198.qua'!
Begin scan in 'D:\' <DISK2_VOL2>
D:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP150\A0091851.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[INFO] The file was moved to '47c281b1.qua'!
Begin scan in 'E:\' <DISK2_VOL3>
Begin scan in 'F:\' <Mon disque>
Begin scan in 'G:\'
Search path G:\ could not be opened!
The device is not ready.
Begin scan in 'H:\'
Search path H:\ could not be opened!
The device is not ready.
Begin scan in 'I:\'
Search path I:\ could not be opened!
The device is not ready.
Begin scan in 'J:\'
Search path J:\ could not be opened!
The device is not ready.
End of the scan: 20 มกราคม 2551 06:02 ===> 20/01/2008 selon calendrier Tha
Used time: 20:14 min
The scan has been done completely.
5855 Scanning directories
256972 Files were scanned
23 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
23 files were moved to quarantine
0 files were renamed
3 Files cannot be scanned
256949 Files not concerned
2049 Archives were scanned
3 Warnings
0 Notes
Rapport numero 2 : 24 virus
AntiVir PersonalEdition Classic
Report file date: 20 มกราคม 2551 09:09 ===> 20/01/2008 selon calendrier Tha
Scanning for 1056958 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: test
Computer name: WIN06V5
Version information:
BUILD.DAT : 270 15603 Bytes 19/9/2550 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/8/2550 07:16:30
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/8/2550 06:23:52
LUKE.DLL : 7.0.5.3 147496 Bytes 14/8/2550 09:32:48
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/8/2550 06:35:22
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/7/2550 08:27:16
ANTIVIR1.VDF : 7.0.1.95 3367424 Bytes 14/12/2550 14:54:20
ANTIVIR2.VDF : 7.0.2.0 948736 Bytes 15/1/2551 12:57:00
ANTIVIR3.VDF : 7.0.2.20 225792 Bytes 18/1/2551 12:54:36
AVEWIN32.DLL : 7.6.0.48 3080704 Bytes 17/1/2551 12:57:00
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/2/2550 04:36:28
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/7/2550 01:39:18
AVREP.DLL : 7.0.0.1 155688 Bytes 16/4/2550 07:16:24
AVPACK32.DLL : 7.6.0.3 360488 Bytes 17/1/2551 12:57:00
AVREG.DLL : 7.0.1.6 30760 Bytes 18/7/2550 01:17:08
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/8/2550 06:26:34
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/7/2550 01:10:20
NETNT.DLL : 7.0.0.0 7720 Bytes 8/3/2550 05:09:44
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 7/8/2550 06:38:14
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/8/2550 06:50:38
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/7/2550 03:37:22
Configuration settings for the scan:
Jobname..........................: Local Drives
Configuration file...............: c:\program files\avira\antivir personaledition classic\alldrives.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: F:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Deviating archive types..........: +BSD Mailbox, +Netscape/Mozilla Mailbox, +Eudora Mailbox, +Squid cache, +Pegasus Mailbox, +MS Outlook Mailbox,
Macro heuristic..................: on
File heuristic...................: medium
Deviating risk categories........: +APPL,+GAME,+JOKE,+PCK,+SPR,
Start of the scan: 20 มกราคม 2551 09:09
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'IEXPLORE.EXE' - '1' Module(s) have been scanned
Scan process 'winamp.exe' - '1' Module(s) have been scanned
Scan process 'Bookmark-Manager.exe' - '1' Module(s) have been scanned
Scan process 'FIREFOX.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'ALG.EXE' - '1' Module(s) have been scanned
Scan process 'ServiceLayer.exe' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'RichVideo.exe' - '1' Module(s) have been scanned
Scan process 'NVSVC32.EXE' - '1' Module(s) have been scanned
Scan process 'NMSAccessU.exe' - '1' Module(s) have been scanned
Scan process 'MDM.EXE' - '1' Module(s) have been scanned
Scan process 'LSSrvc.exe' - '1' Module(s) have been scanned
Scan process 'InCDsrv.exe' - '1' Module(s) have been scanned
Scan process 'IJPLMSVC.EXE' - '1' Module(s) have been scanned
Scan process 'GoogleUpdaterService.exe' - '1' Module(s) have been scanned
Scan process 'SCHED.EXE' - '1' Module(s) have been scanned
Scan process 'GoogleUpdater.exe' - '1' Module(s) have been scanned
Scan process 'CTFMON.EXE' - '1' Module(s) have been scanned
Scan process 'realsched.exe' - '1' Module(s) have been scanned
Scan process 'WINAMPA.EXE' - '1' Module(s) have been scanned
Scan process 'InCD.exe' - '1' Module(s) have been scanned
Scan process 'NBHGui.exe' - '1' Module(s) have been scanned
Scan process 'AVGNT.EXE' - '1' Module(s) have been scanned
Scan process 'PDVDServ.exe' - '1' Module(s) have been scanned
Scan process 'VM305_STI.EXE' - '1' Module(s) have been scanned
Scan process 'JUSCHED.EXE' - '1' Module(s) have been scanned
Scan process 'RTHDCPL.EXE' - '1' Module(s) have been scanned
Scan process 'UnlockerAssistant.exe' - '1' Module(s) have been scanned
Scan process 'EXPLORER.EXE' - '1' Module(s) have been scanned
Scan process 'AVGUARD.EXE' - '1' Module(s) have been scanned
Scan process 'SPOOLSV.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'LSASS.EXE' - '1' Module(s) have been scanned
Scan process 'SERVICES.EXE' - '1' Module(s) have been scanned
Scan process 'WINLOGON.EXE' - '1' Module(s) have been scanned
Scan process 'CSRSS.EXE' - '1' Module(s) have been scanned
Scan process 'SMSS.EXE' - '1' Module(s) have been scanned
44 processes with 44 modules were scanned
Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Boot sector 'D:\'
[NOTE] No virus was found!
Boot sector 'E:\'
[NOTE] No virus was found!
Boot sector 'A:\'
[NOTE] In the drive 'A:\' no data medium is inserted!
Boot sector 'G:\'
[NOTE] In the drive 'G:\' no data medium is inserted!
Boot sector 'H:\'
[NOTE] In the drive 'H:\' no data medium is inserted!
Boot sector 'I:\'
[NOTE] In the drive 'I:\' no data medium is inserted!
Boot sector 'J:\'
[NOTE] In the drive 'J:\' no data medium is inserted!
Starting to scan the registry.
The registry was scanned ( '33' files ).
Starting the file scan:
Begin scan in 'C:\' <DISK2_VOL1>
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\WINDOWS\system32\cmdow.exe
[DETECTION] Contains detection pattern of the SPR/HideWindows.I program
[INFO] The file was moved to '47f6adf2.qua'!
C:\WINDOWS\system32\drivers\sptd.sys
[WARNING] The file could not be opened!
C:\Documents and Settings\test\My Documents\islam\livre\chia\algadeer\algadeer\่ขŸ Ÿ้ไง๏ฉ • ้้ใ•••้Ÿ๊ก Ÿ้ฌ๏•••ฆ ใ งŸ้ฅซ๏๋ Ÿ้š๊๏๋๏.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[INFO] The file was moved to '4831bce0.qua'!
C:\Documents and Settings\test\Desktop\tools\jeux\killbee.exe
[DETECTION] Contains detection pattern of the joke program JOKE/KillerBee
[INFO] The file was moved to '47feaf57.qua'!
C:\Program Files\NtreevSoft\Pangya_Th\PangFBI.exe
[DETECTION] Is the Trojan horse TR/Agent.AUM
[INFO] The file was moved to '4800b0fc.qua'!
C:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP107\A0062074.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[INFO] The file was moved to '47c2b17d.qua'!
C:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP163\A0096462.exe
[DETECTION] Is the Trojan horse TR/Agent.AUM
[INFO] The file was moved to '47c2b180.qua'!
C:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP160\A0095265.exe
[DETECTION] Is the Trojan horse TR/Agent.AUM
[INFO] The file was moved to '47c2b182.qua'!
C:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP152\A0091983.exe
[DETECTION] Is the Trojan horse TR/Agent.AUM
[INFO] The file was moved to '47c2b184.qua'!
C:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP150\A0091771.exe
[DETECTION] Is the Trojan horse TR/Agent.AUM
[INFO] The file was moved to '47c2b186.qua'!
C:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP148\A0091037.exe
[DETECTION] Is the Trojan horse TR/Agent.AUM
[INFO] The file was moved to '47c2b188.qua'!
C:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP146\A0088135.exe
[DETECTION] Is the Trojan horse TR/Agent.AUM
[INFO] The file was moved to '47c2b18a.qua'!
C:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP141\A0085770.exe
[DETECTION] Is the Trojan horse TR/Agent.AUM
[INFO] The file was moved to '47c2b18c.qua'!
C:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP141\A0085796.exe
[DETECTION] Is the Trojan horse TR/Agent.AUM
[INFO] The file was moved to '47c2b18e.qua'!
C:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP139\A0084678.exe
[DETECTION] Is the Trojan horse TR/Agent.AUM
[INFO] The file was moved to '47c2b190.qua'!
C:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP138\A0083589.exe
[DETECTION] Is the Trojan horse TR/Agent.AUM
[INFO] The file was moved to '47c2b192.qua'!
C:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP212\A0108731.exe
[DETECTION] Is the Trojan horse TR/Agent.AUM
[INFO] The file was moved to '47c3b198.qua'!
C:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP226\A0112407.exe
[DETECTION] Is the Trojan horse TR/Agent.AUM
[INFO] The file was moved to '47c3b1b0.qua'!
C:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP250\A0118726.exe
[DETECTION] Contains detection pattern of the SPR/HideWindows.I program
[INFO] The file was moved to '47c3b1e1.qua'!
C:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP250\A0118727.exe
[DETECTION] Contains detection pattern of the joke program JOKE/KillerBee
[INFO] The file was moved to '47c3b1e3.qua'!
C:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP251\A0118731.exe
[DETECTION] Is the Trojan horse TR/Agent.AUM
[INFO] The file was moved to '47c3b1f6.qua'!
C:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP254\A0120309.exe
[DETECTION] Contains detection pattern of the SPR/HideWindows.I program
[INFO] The file was moved to '47c3b216.qua'!
C:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP254\A0120310.exe
[DETECTION] Contains detection pattern of the joke program JOKE/KillerBee
[INFO] The file was moved to '47c3b218.qua'!
C:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP254\A0120313.exe
[DETECTION] Is the Trojan horse TR/Agent.AUM
[INFO] The file was moved to '47c3b21a.qua'!
Begin scan in 'D:\' <DISK2_VOL2>
D:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP150\A0091851.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[INFO] The file was moved to '47c2b235.qua'!
Begin scan in 'E:\' <DISK2_VOL3>
Begin scan in 'A:\'
Search path A:\ could not be opened!
The device is not ready.
Begin scan in 'G:\'
Search path G:\ could not be opened!
The device is not ready.
Begin scan in 'H:\'
Search path H:\ could not be opened!
The device is not ready.
Begin scan in 'I:\'
Search path I:\ could not be opened!
The device is not ready.
Begin scan in 'J:\'
Search path J:\ could not be opened!
The device is not ready.
Begin scan in 'F:\' <Mon disque>
End of the scan: 20 มกราคม 2551 09:29 ===> 20/01/2008 selon calendrier Tha
Used time: 19:59 min
The scan has been done completely.
5927 Scanning directories
257958 Files were scanned
24 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
24 files were moved to quarantine
0 files were renamed
3 Files cannot be scanned
257934 Files not concerned
2080 Archives were scanned
3 Warnings
0 Notes
j'ai installé depuis environ 1 mois Avira Antivirus et depuis il me surprend par le tas de "viruses and/or unwanted programs" qu'il me sort à chaque scanning , chose que je ne connaissait pas avant quand j'avais Avast. Par exemple aujourd'hui dès la matin, Avira me sort 23 "viruses and/or unwanted programs" , ne sachant que faire de ce bouquet de merde, je le mets en quarantaine et je restore de suite les fichiers infectés. Puis exactement 3 heures après, je relance un nouveau scanning et je suis surpris par la liste de 24 "viruses and/or unwanted programs". Je ne comprends rien...., et je vous demande s.v.p de bien vouloir m'assister a remedier à ce probleme avec le maximum de précision possible, et ce du fait que je ne comprends pas le vocabulaire lineaire et je vis en Thailande comme Robinson Crusoe où dans le village il n'y a pas un francophone ni à 50 k.m de la ronde....
Aussi que dois je faire avec ce probleme selon les rapports : 3 Files cannot be scanned.
Pourais je detruire les fichiers infectés mentionnés sur les rapports sans les restorer.
Ci-dessous les deux rapports Avira :
Rapport numero 1 : 23 virus
AntiVir PersonalEdition Classic
Report file date: 20 มกราคม 2551 05:42 ===> 20/01/2008 selon calendrier Thai
Scanning for 1056958 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: test
Computer name: WIN06V5
Version information:
BUILD.DAT : 270 15603 Bytes 19/9/2550 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/8/2550 07:16:30
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/8/2550 06:23:52
LUKE.DLL : 7.0.5.3 147496 Bytes 14/8/2550 09:32:48
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/8/2550 06:35:22
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/7/2550 08:27:16
ANTIVIR1.VDF : 7.0.1.95 3367424 Bytes 14/12/2550 14:54:20
ANTIVIR2.VDF : 7.0.2.0 948736 Bytes 15/1/2551 12:57:00
ANTIVIR3.VDF : 7.0.2.20 225792 Bytes 18/1/2551 12:54:36
AVEWIN32.DLL : 7.6.0.48 3080704 Bytes 17/1/2551 12:57:00
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/2/2550 04:36:28
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/7/2550 01:39:18
AVREP.DLL : 7.0.0.1 155688 Bytes 16/4/2550 07:16:24
AVPACK32.DLL : 7.6.0.3 360488 Bytes 17/1/2551 12:57:00
AVREG.DLL : 7.0.1.6 30760 Bytes 18/7/2550 01:17:08
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/8/2550 06:26:34
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/7/2550 01:10:20
NETNT.DLL : 7.0.0.0 7720 Bytes 8/3/2550 05:09:44
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 7/8/2550 06:38:14
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/8/2550 06:50:38
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/7/2550 03:37:22
Configuration settings for the scan:
Jobname..........................: Manual Selection
Configuration file...............: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\PROFILES\folder.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: J:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Deviating archive types..........: +BSD Mailbox, +Netscape/Mozilla Mailbox, +Eudora Mailbox, +Squid cache, +Pegasus Mailbox, +MS Outlook Mailbox,
Macro heuristic..................: on
File heuristic...................: medium
Deviating risk categories........: +APPL,+GAME,+JOKE,+PCK,+SPR,
Start of the scan: 20 มกราคม 2551 05:42
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'Camfrog Video Chat.exe' - '1' Module(s) have been scanned
Scan process 'ALG.EXE' - '1' Module(s) have been scanned
Scan process 'ServiceLayer.exe' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'RichVideo.exe' - '1' Module(s) have been scanned
Scan process 'NVSVC32.EXE' - '1' Module(s) have been scanned
Scan process 'NMSAccessU.exe' - '1' Module(s) have been scanned
Scan process 'MDM.EXE' - '1' Module(s) have been scanned
Scan process 'LSSrvc.exe' - '1' Module(s) have been scanned
Scan process 'InCDsrv.exe' - '1' Module(s) have been scanned
Scan process 'IJPLMSVC.EXE' - '1' Module(s) have been scanned
Scan process 'GoogleUpdaterService.exe' - '1' Module(s) have been scanned
Scan process 'SCHED.EXE' - '1' Module(s) have been scanned
Scan process 'GoogleUpdater.exe' - '1' Module(s) have been scanned
Scan process 'YahooMessenger.exe' - '1' Module(s) have been scanned
Scan process 'CTFMON.EXE' - '1' Module(s) have been scanned
Scan process 'realsched.exe' - '1' Module(s) have been scanned
Scan process 'WINAMPA.EXE' - '1' Module(s) have been scanned
Scan process 'InCD.exe' - '1' Module(s) have been scanned
Scan process 'NBHGui.exe' - '1' Module(s) have been scanned
Scan process 'AVGNT.EXE' - '1' Module(s) have been scanned
Scan process 'LaunchApplication.exe' - '1' Module(s) have been scanned
Scan process 'PDVDServ.exe' - '1' Module(s) have been scanned
Scan process 'VM305_STI.EXE' - '1' Module(s) have been scanned
Scan process 'JUSCHED.EXE' - '1' Module(s) have been scanned
Scan process 'RTHDCPL.EXE' - '1' Module(s) have been scanned
Scan process 'UnlockerAssistant.exe' - '1' Module(s) have been scanned
Scan process 'EXPLORER.EXE' - '1' Module(s) have been scanned
Scan process 'AVGUARD.EXE' - '1' Module(s) have been scanned
Scan process 'SPOOLSV.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'LSASS.EXE' - '1' Module(s) have been scanned
Scan process 'SERVICES.EXE' - '1' Module(s) have been scanned
Scan process 'WINLOGON.EXE' - '1' Module(s) have been scanned
Scan process 'CSRSS.EXE' - '1' Module(s) have been scanned
Scan process 'SMSS.EXE' - '1' Module(s) have been scanned
43 processes with 43 modules were scanned
Start scanning boot sectors:
Boot sector 'A:\'
[NOTE] In the drive 'A:\' no data medium is inserted!
Boot sector 'C:\'
[NOTE] No virus was found!
Boot sector 'D:\'
[NOTE] No virus was found!
Boot sector 'E:\'
[NOTE] No virus was found!
Boot sector 'G:\'
[NOTE] In the drive 'G:\' no data medium is inserted!
Boot sector 'H:\'
[NOTE] In the drive 'H:\' no data medium is inserted!
Boot sector 'I:\'
[NOTE] In the drive 'I:\' no data medium is inserted!
Boot sector 'J:\'
[NOTE] In the drive 'J:\' no data medium is inserted!
Starting to scan the registry.
The registry was scanned ( '33' files ).
Starting the file scan:
Begin scan in 'A:\'
Search path A:\ could not be opened!
The parameter is incorrect.
Begin scan in 'C:\' <DISK2_VOL1>
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\WINDOWS\system32\drivers\sptd.sys
[WARNING] The file could not be opened!
C:\Documents and Settings\test\My Documents\islam\livre\chia\algadeer\algadeer\่ขŸ Ÿ้ไง๏ฉ • ้้ใ•••้Ÿ๊ก Ÿ้ฌ๏•••ฆ ใ งŸ้ฅซ๏๋ Ÿ้š๊๏๋๏.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[INFO] The file was moved to '48318c30.qua'!
C:\Documents and Settings\test\Desktop\tools\jeux\killbee.exe
[DETECTION] Contains detection pattern of the joke program JOKE/KillerBee
[INFO] The file was moved to '47fe7eb1.qua'!
C:\Program Files\NtreevSoft\Pangya_Th\PangFBI.exe
[DETECTION] Is the Trojan horse TR/Agent.AUM
[INFO] The file was moved to '48008069.qua'!
C:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP107\A0062074.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[INFO] The file was moved to '47c280e5.qua'!
C:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP163\A0096462.exe
[DETECTION] Is the Trojan horse TR/Agent.AUM
[INFO] The file was moved to '47c280e9.qua'!
C:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP160\A0095265.exe
[DETECTION] Is the Trojan horse TR/Agent.AUM
[INFO] The file was moved to '47c280eb.qua'!
C:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP152\A0091983.exe
[DETECTION] Is the Trojan horse TR/Agent.AUM
[INFO] The file was moved to '47c280ee.qua'!
C:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP150\A0091771.exe
[DETECTION] Is the Trojan horse TR/Agent.AUM
[INFO] The file was moved to '47c280f1.qua'!
C:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP148\A0091037.exe
[DETECTION] Is the Trojan horse TR/Agent.AUM
[INFO] The file was moved to '47c280f5.qua'!
C:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP146\A0088135.exe
[DETECTION] Is the Trojan horse TR/Agent.AUM
[INFO] The file was moved to '47c280f7.qua'!
C:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP141\A0085770.exe
[DETECTION] Is the Trojan horse TR/Agent.AUM
[INFO] The file was moved to '47c280f9.qua'!
C:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP141\A0085796.exe
[DETECTION] Is the Trojan horse TR/Agent.AUM
[INFO] The file was moved to '47c280fb.qua'!
C:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP139\A0084678.exe
[DETECTION] Is the Trojan horse TR/Agent.AUM
[INFO] The file was moved to '47c280fe.qua'!
C:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP138\A0083589.exe
[DETECTION] Is the Trojan horse TR/Agent.AUM
[INFO] The file was moved to '47c28100.qua'!
C:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP212\A0108731.exe
[DETECTION] Is the Trojan horse TR/Agent.AUM
[INFO] The file was moved to '47c3810d.qua'!
C:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP226\A0112407.exe
[DETECTION] Is the Trojan horse TR/Agent.AUM
[INFO] The file was moved to '47c3812f.qua'!
C:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP250\A0118726.exe
[DETECTION] Contains detection pattern of the SPR/HideWindows.I program
[INFO] The file was moved to '47c3815f.qua'!
C:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP250\A0118727.exe
[DETECTION] Contains detection pattern of the joke program JOKE/KillerBee
[INFO] The file was moved to '47c38161.qua'!
C:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP251\A0118731.exe
[DETECTION] Is the Trojan horse TR/Agent.AUM
[INFO] The file was moved to '47c3816f.qua'!
C:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP254\A0120309.exe
[DETECTION] Contains detection pattern of the SPR/HideWindows.I program
[INFO] The file was moved to '47c38190.qua'!
C:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP254\A0120310.exe
[DETECTION] Contains detection pattern of the joke program JOKE/KillerBee
[INFO] The file was moved to '47c38194.qua'!
C:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP254\A0120313.exe
[DETECTION] Is the Trojan horse TR/Agent.AUM
[INFO] The file was moved to '47c38198.qua'!
Begin scan in 'D:\' <DISK2_VOL2>
D:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP150\A0091851.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[INFO] The file was moved to '47c281b1.qua'!
Begin scan in 'E:\' <DISK2_VOL3>
Begin scan in 'F:\' <Mon disque>
Begin scan in 'G:\'
Search path G:\ could not be opened!
The device is not ready.
Begin scan in 'H:\'
Search path H:\ could not be opened!
The device is not ready.
Begin scan in 'I:\'
Search path I:\ could not be opened!
The device is not ready.
Begin scan in 'J:\'
Search path J:\ could not be opened!
The device is not ready.
End of the scan: 20 มกราคม 2551 06:02 ===> 20/01/2008 selon calendrier Tha
Used time: 20:14 min
The scan has been done completely.
5855 Scanning directories
256972 Files were scanned
23 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
23 files were moved to quarantine
0 files were renamed
3 Files cannot be scanned
256949 Files not concerned
2049 Archives were scanned
3 Warnings
0 Notes
Rapport numero 2 : 24 virus
AntiVir PersonalEdition Classic
Report file date: 20 มกราคม 2551 09:09 ===> 20/01/2008 selon calendrier Tha
Scanning for 1056958 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: test
Computer name: WIN06V5
Version information:
BUILD.DAT : 270 15603 Bytes 19/9/2550 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/8/2550 07:16:30
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/8/2550 06:23:52
LUKE.DLL : 7.0.5.3 147496 Bytes 14/8/2550 09:32:48
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/8/2550 06:35:22
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/7/2550 08:27:16
ANTIVIR1.VDF : 7.0.1.95 3367424 Bytes 14/12/2550 14:54:20
ANTIVIR2.VDF : 7.0.2.0 948736 Bytes 15/1/2551 12:57:00
ANTIVIR3.VDF : 7.0.2.20 225792 Bytes 18/1/2551 12:54:36
AVEWIN32.DLL : 7.6.0.48 3080704 Bytes 17/1/2551 12:57:00
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/2/2550 04:36:28
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/7/2550 01:39:18
AVREP.DLL : 7.0.0.1 155688 Bytes 16/4/2550 07:16:24
AVPACK32.DLL : 7.6.0.3 360488 Bytes 17/1/2551 12:57:00
AVREG.DLL : 7.0.1.6 30760 Bytes 18/7/2550 01:17:08
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/8/2550 06:26:34
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/7/2550 01:10:20
NETNT.DLL : 7.0.0.0 7720 Bytes 8/3/2550 05:09:44
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 7/8/2550 06:38:14
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/8/2550 06:50:38
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/7/2550 03:37:22
Configuration settings for the scan:
Jobname..........................: Local Drives
Configuration file...............: c:\program files\avira\antivir personaledition classic\alldrives.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: F:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Deviating archive types..........: +BSD Mailbox, +Netscape/Mozilla Mailbox, +Eudora Mailbox, +Squid cache, +Pegasus Mailbox, +MS Outlook Mailbox,
Macro heuristic..................: on
File heuristic...................: medium
Deviating risk categories........: +APPL,+GAME,+JOKE,+PCK,+SPR,
Start of the scan: 20 มกราคม 2551 09:09
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'IEXPLORE.EXE' - '1' Module(s) have been scanned
Scan process 'winamp.exe' - '1' Module(s) have been scanned
Scan process 'Bookmark-Manager.exe' - '1' Module(s) have been scanned
Scan process 'FIREFOX.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'ALG.EXE' - '1' Module(s) have been scanned
Scan process 'ServiceLayer.exe' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'RichVideo.exe' - '1' Module(s) have been scanned
Scan process 'NVSVC32.EXE' - '1' Module(s) have been scanned
Scan process 'NMSAccessU.exe' - '1' Module(s) have been scanned
Scan process 'MDM.EXE' - '1' Module(s) have been scanned
Scan process 'LSSrvc.exe' - '1' Module(s) have been scanned
Scan process 'InCDsrv.exe' - '1' Module(s) have been scanned
Scan process 'IJPLMSVC.EXE' - '1' Module(s) have been scanned
Scan process 'GoogleUpdaterService.exe' - '1' Module(s) have been scanned
Scan process 'SCHED.EXE' - '1' Module(s) have been scanned
Scan process 'GoogleUpdater.exe' - '1' Module(s) have been scanned
Scan process 'CTFMON.EXE' - '1' Module(s) have been scanned
Scan process 'realsched.exe' - '1' Module(s) have been scanned
Scan process 'WINAMPA.EXE' - '1' Module(s) have been scanned
Scan process 'InCD.exe' - '1' Module(s) have been scanned
Scan process 'NBHGui.exe' - '1' Module(s) have been scanned
Scan process 'AVGNT.EXE' - '1' Module(s) have been scanned
Scan process 'PDVDServ.exe' - '1' Module(s) have been scanned
Scan process 'VM305_STI.EXE' - '1' Module(s) have been scanned
Scan process 'JUSCHED.EXE' - '1' Module(s) have been scanned
Scan process 'RTHDCPL.EXE' - '1' Module(s) have been scanned
Scan process 'UnlockerAssistant.exe' - '1' Module(s) have been scanned
Scan process 'EXPLORER.EXE' - '1' Module(s) have been scanned
Scan process 'AVGUARD.EXE' - '1' Module(s) have been scanned
Scan process 'SPOOLSV.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'LSASS.EXE' - '1' Module(s) have been scanned
Scan process 'SERVICES.EXE' - '1' Module(s) have been scanned
Scan process 'WINLOGON.EXE' - '1' Module(s) have been scanned
Scan process 'CSRSS.EXE' - '1' Module(s) have been scanned
Scan process 'SMSS.EXE' - '1' Module(s) have been scanned
44 processes with 44 modules were scanned
Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Boot sector 'D:\'
[NOTE] No virus was found!
Boot sector 'E:\'
[NOTE] No virus was found!
Boot sector 'A:\'
[NOTE] In the drive 'A:\' no data medium is inserted!
Boot sector 'G:\'
[NOTE] In the drive 'G:\' no data medium is inserted!
Boot sector 'H:\'
[NOTE] In the drive 'H:\' no data medium is inserted!
Boot sector 'I:\'
[NOTE] In the drive 'I:\' no data medium is inserted!
Boot sector 'J:\'
[NOTE] In the drive 'J:\' no data medium is inserted!
Starting to scan the registry.
The registry was scanned ( '33' files ).
Starting the file scan:
Begin scan in 'C:\' <DISK2_VOL1>
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\WINDOWS\system32\cmdow.exe
[DETECTION] Contains detection pattern of the SPR/HideWindows.I program
[INFO] The file was moved to '47f6adf2.qua'!
C:\WINDOWS\system32\drivers\sptd.sys
[WARNING] The file could not be opened!
C:\Documents and Settings\test\My Documents\islam\livre\chia\algadeer\algadeer\่ขŸ Ÿ้ไง๏ฉ • ้้ใ•••้Ÿ๊ก Ÿ้ฌ๏•••ฆ ใ งŸ้ฅซ๏๋ Ÿ้š๊๏๋๏.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[INFO] The file was moved to '4831bce0.qua'!
C:\Documents and Settings\test\Desktop\tools\jeux\killbee.exe
[DETECTION] Contains detection pattern of the joke program JOKE/KillerBee
[INFO] The file was moved to '47feaf57.qua'!
C:\Program Files\NtreevSoft\Pangya_Th\PangFBI.exe
[DETECTION] Is the Trojan horse TR/Agent.AUM
[INFO] The file was moved to '4800b0fc.qua'!
C:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP107\A0062074.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[INFO] The file was moved to '47c2b17d.qua'!
C:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP163\A0096462.exe
[DETECTION] Is the Trojan horse TR/Agent.AUM
[INFO] The file was moved to '47c2b180.qua'!
C:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP160\A0095265.exe
[DETECTION] Is the Trojan horse TR/Agent.AUM
[INFO] The file was moved to '47c2b182.qua'!
C:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP152\A0091983.exe
[DETECTION] Is the Trojan horse TR/Agent.AUM
[INFO] The file was moved to '47c2b184.qua'!
C:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP150\A0091771.exe
[DETECTION] Is the Trojan horse TR/Agent.AUM
[INFO] The file was moved to '47c2b186.qua'!
C:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP148\A0091037.exe
[DETECTION] Is the Trojan horse TR/Agent.AUM
[INFO] The file was moved to '47c2b188.qua'!
C:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP146\A0088135.exe
[DETECTION] Is the Trojan horse TR/Agent.AUM
[INFO] The file was moved to '47c2b18a.qua'!
C:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP141\A0085770.exe
[DETECTION] Is the Trojan horse TR/Agent.AUM
[INFO] The file was moved to '47c2b18c.qua'!
C:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP141\A0085796.exe
[DETECTION] Is the Trojan horse TR/Agent.AUM
[INFO] The file was moved to '47c2b18e.qua'!
C:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP139\A0084678.exe
[DETECTION] Is the Trojan horse TR/Agent.AUM
[INFO] The file was moved to '47c2b190.qua'!
C:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP138\A0083589.exe
[DETECTION] Is the Trojan horse TR/Agent.AUM
[INFO] The file was moved to '47c2b192.qua'!
C:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP212\A0108731.exe
[DETECTION] Is the Trojan horse TR/Agent.AUM
[INFO] The file was moved to '47c3b198.qua'!
C:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP226\A0112407.exe
[DETECTION] Is the Trojan horse TR/Agent.AUM
[INFO] The file was moved to '47c3b1b0.qua'!
C:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP250\A0118726.exe
[DETECTION] Contains detection pattern of the SPR/HideWindows.I program
[INFO] The file was moved to '47c3b1e1.qua'!
C:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP250\A0118727.exe
[DETECTION] Contains detection pattern of the joke program JOKE/KillerBee
[INFO] The file was moved to '47c3b1e3.qua'!
C:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP251\A0118731.exe
[DETECTION] Is the Trojan horse TR/Agent.AUM
[INFO] The file was moved to '47c3b1f6.qua'!
C:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP254\A0120309.exe
[DETECTION] Contains detection pattern of the SPR/HideWindows.I program
[INFO] The file was moved to '47c3b216.qua'!
C:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP254\A0120310.exe
[DETECTION] Contains detection pattern of the joke program JOKE/KillerBee
[INFO] The file was moved to '47c3b218.qua'!
C:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP254\A0120313.exe
[DETECTION] Is the Trojan horse TR/Agent.AUM
[INFO] The file was moved to '47c3b21a.qua'!
Begin scan in 'D:\' <DISK2_VOL2>
D:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP150\A0091851.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[INFO] The file was moved to '47c2b235.qua'!
Begin scan in 'E:\' <DISK2_VOL3>
Begin scan in 'A:\'
Search path A:\ could not be opened!
The device is not ready.
Begin scan in 'G:\'
Search path G:\ could not be opened!
The device is not ready.
Begin scan in 'H:\'
Search path H:\ could not be opened!
The device is not ready.
Begin scan in 'I:\'
Search path I:\ could not be opened!
The device is not ready.
Begin scan in 'J:\'
Search path J:\ could not be opened!
The device is not ready.
Begin scan in 'F:\' <Mon disque>
End of the scan: 20 มกราคม 2551 09:29 ===> 20/01/2008 selon calendrier Tha
Used time: 19:59 min
The scan has been done completely.
5927 Scanning directories
257958 Files were scanned
24 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
24 files were moved to quarantine
0 files were renamed
3 Files cannot be scanned
257934 Files not concerned
2080 Archives were scanned
3 Warnings
0 Notes
A voir également:
- Viruses and/or unwanted programs were found
- Spybot search and destroy - Télécharger - Antivirus & Antimalwares
- Find and mount - Télécharger - Récupération de données
- Microsoft save as pdf or xps add-in for 2007 microsoft office programs - Télécharger - Bureautique
- Carre or bercy ✓ - Forum Loisirs / Divertissements
- X64 or x86 ✓ - Forum Windows
1 réponse
Bonjour
Antivir est un très bon anti-virus
Commence par faire ceci.
1 Télécharge
CCleaner.
http://www.filehippo.com/download_ccleaner.html
Installe le dans un répertoire dédié.
AVG Anti-Spyware
https://www.avg.com/en-ww/free-antivirus-download
Tu l'installes.
Lance AVG Anti-Spyware et clique sur le bouton Mise à jour. Patiente
2 Redémarre en mode sans echec
. Attention, tu n'as pas accès à internet dans ce mode, note bien ce que tu as à faire.
Démarre l'ordinateur.
Une fois le chargement du BIOS terminé, il y a un écran noir. Appuye sur la touche F8 jusqu'à l'affichage du menu des options avancées de Windows.
En utilisant les touches du curseur, sélectionne Mode sans échec et appuye sur Entrée.
3 Lance le nettoyage avec CCleaner.
Tutorial ici:
https://kerio.probb.fr/t242-tuto-ccleaner-v-2
https://www.malekal.com/tutoriel-ccleaner/
http://perso.orange.fr/jesses/Docs/Logiciels/CCleaner.htm
4 Lance Lance AVG Anti-Spyware
Clique sur le bouton Analyse (de la barre d'outils)
Puis sur l'onglets Comment réagir, clique sur Actions recommandées.
Sélectionne Quarantine.
Reviens à l'onglet Analyse. Clique sur Analyse complète du système.
A la fin du scan, choisis l'option " Appliquer toutes les actions " en bas.
Clique sur "Enregistrer le rapport"
. Ceci génère un rapport en fichier texte qui se trouve dans le dossier Reports du dossier d'AVG Anti-Spyware.
5 Redémarre normalement et poste le rapport d'AVG Anti-Spyware avec un rapport
6 F - Hijackthis - Outil de diagnostic et réparation
télécharge HijackThis ici:
http://telechargement.zebulon.fr/138-hijackthis-1991.html
Dézippe le dans un dossier prévu à cet effet.
Par exemple C:\hijackthis < Enregistre le bien dans c : !
Démo : (Merci a Balltrap34 pour cette réalisation)
http://pageperso.aol.fr/balltrap34/Hijenr.gif
Lance le puis:
clique sur "do a system scan and save logfile" (cf démo)
faire un copier coller du log entier sur le forum
Démo : (Merci a Balltrap34 pour cette réalisation)
http://pageperso.aol.fr/balltrap34/demohijack.htm
http://www.tutoriaux-excalibur.com/hijackthis.htm
https://leblogdeclaude.blogspot.com/2006/10/informatique-section-hijackthis.html
Bon courage
A+
Antivir est un très bon anti-virus
Commence par faire ceci.
1 Télécharge
CCleaner.
http://www.filehippo.com/download_ccleaner.html
Installe le dans un répertoire dédié.
AVG Anti-Spyware
https://www.avg.com/en-ww/free-antivirus-download
Tu l'installes.
Lance AVG Anti-Spyware et clique sur le bouton Mise à jour. Patiente
2 Redémarre en mode sans echec
. Attention, tu n'as pas accès à internet dans ce mode, note bien ce que tu as à faire.
Démarre l'ordinateur.
Une fois le chargement du BIOS terminé, il y a un écran noir. Appuye sur la touche F8 jusqu'à l'affichage du menu des options avancées de Windows.
En utilisant les touches du curseur, sélectionne Mode sans échec et appuye sur Entrée.
3 Lance le nettoyage avec CCleaner.
Tutorial ici:
https://kerio.probb.fr/t242-tuto-ccleaner-v-2
https://www.malekal.com/tutoriel-ccleaner/
http://perso.orange.fr/jesses/Docs/Logiciels/CCleaner.htm
4 Lance Lance AVG Anti-Spyware
Clique sur le bouton Analyse (de la barre d'outils)
Puis sur l'onglets Comment réagir, clique sur Actions recommandées.
Sélectionne Quarantine.
Reviens à l'onglet Analyse. Clique sur Analyse complète du système.
A la fin du scan, choisis l'option " Appliquer toutes les actions " en bas.
Clique sur "Enregistrer le rapport"
. Ceci génère un rapport en fichier texte qui se trouve dans le dossier Reports du dossier d'AVG Anti-Spyware.
5 Redémarre normalement et poste le rapport d'AVG Anti-Spyware avec un rapport
6 F - Hijackthis - Outil de diagnostic et réparation
télécharge HijackThis ici:
http://telechargement.zebulon.fr/138-hijackthis-1991.html
Dézippe le dans un dossier prévu à cet effet.
Par exemple C:\hijackthis < Enregistre le bien dans c : !
Démo : (Merci a Balltrap34 pour cette réalisation)
http://pageperso.aol.fr/balltrap34/Hijenr.gif
Lance le puis:
clique sur "do a system scan and save logfile" (cf démo)
faire un copier coller du log entier sur le forum
Démo : (Merci a Balltrap34 pour cette réalisation)
http://pageperso.aol.fr/balltrap34/demohijack.htm
http://www.tutoriaux-excalibur.com/hijackthis.htm
https://leblogdeclaude.blogspot.com/2006/10/informatique-section-hijackthis.html
Bon courage
A+
