Sujet Précédent Sujet Suivant

Virus TR/Trash.Gen trouvé par ANTIVIR

Résolu/Fermé
levagurod Messages postés 17 Date d'inscription lundi 17 mars 2008 Statut Membre Dernière intervention 20 mars 2008 - 20 mars 2008 à 17:23
levagurod Messages postés 17 Date d'inscription lundi 17 mars 2008 Statut Membre Dernière intervention 20 mars 2008 - 20 mars 2008 à 23:07
Bonjour,
Je suis infecté par le virus Tr/Trash.Gen, merci de m'aider à le supprimer.

Ci dessous le rapport de HijackThis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:55:48, on 20/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\Program Files\TomTom HOME 2\HOMERunner.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Eraser\Eraser.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Retrospect\Retrospect 7.5\retrorun.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
c:\progra~1\softwin\bitdef~1\bdmcon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = https://support.microsoft.com/en-US/topic/internet-explorer-downloads-d49e1f0d-571c-9a7b-d97e-be248806ca70
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IEPro\iepro.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: InlineSearchHandleHotKey - {B6FFE2AE-4D12-451F-B457-FE6125FFB1CF} - C:\Program Files\IEForge\Inline Search\InlineSearch.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: MEDIADICO Familial - {CEDDA62B-5FBE-4AB2-AE2E-5E069F444444} - C:\Program Files\LAventure\MDToolbar\MdToolbar.dll
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1036
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [BDNewsAgent] c:\program files\softwin\bitdefender free edition\bdnagent.exe
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe" -s
O4 - HKLM\..\Run: [BDMCon] c:\PROGRA~1\softwin\BITDEF~1\bdmcon.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [Eraser] C:\Program Files\Eraser\Eraser.exe -hide
O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [^SetupICWDesktop] (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: DSLMON.lnk.disabled
O4 - Global Startup: Lancement rapide d'Adobe Acrobat.lnk = ?
O4 - Global Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: Add to AMV Converter... - C:\Program Files\MP3 Player Utilities 4.15\AMVConverter\grab.html
O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 4.15\MediaManager\grab.html
O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: ATI TV - {44226DFF-747E-4edc-B30C-78752E50CD0C} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {1FF43AD5-2262-4C2F-81D4-26D710C3F305} (VB2S Mannequin Virtuel Control) - http://mannequin.redoute.fr/activex/Mannequin.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/default.aspx
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/default.aspx
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{9D1C0BF7-3C28-4F12-A6E9-D2ACD310242D}: NameServer = 81.253.149.1 80.10.246.3
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Retrospect Launcher (RetroLauncher) - EMC Corporation - C:\Program Files\Retrospect\Retrospect 7.5\retrorun.exe
O23 - Service: BitDefender Communicator (XCOMM) - Softwin - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe

//-----------------------------------------------------------------
//
// Fichier journal BitDefender
//
// Créé le: 20/03/2008 16:05:28
//
//-----------------------------------------------------------------


Statistiques

Chemin cible: C:\
D:\
Dossiers : 8118
Fichiers : 379232
Archives : 3519
Fichiers empaquetés : 21474
Virus trouvés : 0
Fichiers infectés : 0
Alertes : 0
Fichiers suspects : 0
Fichiers désinfectés : 0
Fichiers effacés : 0
Fichiers copiés : 0
Fichiers déplacés : 0
Fichiers renommés : 0
Erreurs I/O : 38
Temps d'analyse := 01:06:57
Fichiers/seconde :94

Définitions virus : 933814
Plugins d'analyse : 14
Plugins archives : 38
Plug-ins décompression : 7
Plug-ins messagerie : 6
Plug-ins système : 1

Options d'analyse

Détection
[X] Analyser le secteur de boot
[X] Analyser les archives
[X] Analyser les fichiers en paquets
[X] Analyser la messagerie

Masque fichiers
[ ] Programmes
[X] Tous les fichiers
[ ] Extensions définies par l'utilisateur:
[ ] Exclure les extensions: ;

Action

Objets infectés
[ ] Ignorer
[X] Désinfecter
[ ] Effacer
[ ] Copier
[ ] Déplacer dans le dossier infectés
[ ] Renommer
[ ] Demander l'action

Seconde action
[ ] Ignorer
[ ] Effacer
[ ] Copier
[X] Déplacer dans le dossier infectés
[ ] Renommer
[ ] Demander l'action

Options d'analyse
[X] Activer les alertes
[X] Activer l'heuristique
[ ] Afficher tous les fichiers dans le journal
[X] Fichier journal : vscan.log
[ ] Rajouter au rapport existant
Fichiers analysés
A voir également:

7 réponses

Réponse 1 / 7
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
20 mars 2008 à 23:00
ok

encore des soucis?
2
levagurod Messages postés 17 Date d'inscription lundi 17 mars 2008 Statut Membre Dernière intervention 20 mars 2008
20 mars 2008 à 23:07
Pour l'instant tout semble correct, encore MERCI pour ton aide précieuse.
Salut
A+
0
Réponse 2 / 7
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
20 mars 2008 à 17:55
slt,
colle le rapport antivir pour voir les fichiers inféctés
0
levagurod Messages postés 17 Date d'inscription lundi 17 mars 2008 Statut Membre Dernière intervention 20 mars 2008
20 mars 2008 à 18:18
20.03.2008 11:05:02 - Installation Directory: C:\Program Files\Avira\AntiVir PersonalEdition Classic\
20.03.2008 11:05:02 - Backup Directory: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\
20.03.2008 11:05:02 - Temp Directory: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\TEMP\AVUPDATE_47e236ce\
20.03.2008 11:05:03 - Start the Update GUI... Displaymode: 0

20.03.2008 11:05:02 - Installation Directory: C:\Program Files\Avira\AntiVir PersonalEdition Classic\
20.03.2008 11:05:02 - Backup Directory: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\
20.03.2008 11:05:02 - Temp Directory: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\TEMP\AVUPDATE_47e236ce\
20.03.2008 11:05:03 - Start the Update GUI... Displaymode: 0

20.03.2008 11:05:05 - Keyfile: OK [FULL Mode]

20.03.2008 11:05:05 - Avira AntiVir PersonalEdition Classic

20.03.2008 11:05:05 - Master IDX file has changed
20.03.2008 11:05:10 - Keyfile: OK [FULL Mode]

20.03.2008 11:05:11 - File basic-nt/2k/avgntflt.sys's operating system doesn't match the current one. File ignored.
20.03.2008 11:05:11 - File basic-nt/avadmin.exe's operating system doesn't match the current one. File ignored.
20.03.2008 11:05:11 - File basic-nt/avgio64.sys's operating system doesn't match the current one. File ignored.
20.03.2008 11:05:11 - File basic-nt/imp64b.exe's operating system doesn't match the current one. File ignored.
20.03.2008 11:05:11 - File basic-nt/psapi.dll's operating system doesn't match the current one. File ignored.
20.03.2008 11:05:11 - File basic-nt/shlext64.dll's operating system doesn't match the current one. File ignored.
20.03.2008 11:05:11 - File basic-nt/vista64/avgntflt.sys's operating system doesn't match the current one. File ignored.
20.03.2008 11:05:11 - File basic-nt/wsctool.exe's operating system doesn't match the current one. File ignored.
20.03.2008 11:05:11 - File basic-nt/xp64/avgntflt.sys's operating system doesn't match the current one. File ignored.
20.03.2008 11:05:11 - File basic-nt/2k/avgntdd.sys's operating system doesn't match the current one. File ignored.
20.03.2008 11:05:11 - File basic-nt/2k/avgntmgr.sys's operating system doesn't match the current one. File ignored.
20.03.2008 11:05:11 - File basic-nt/nt/avgntdd.sys's operating system doesn't match the current one. File ignored.
20.03.2008 11:05:11 - File basic-nt/nt/avgntmgr.sys's operating system doesn't match the current one. File ignored.
20.03.2008 11:05:11 - File basic-nt/vista64/avgntflt.sys's operating system doesn't match the current one. File ignored.
20.03.2008 11:05:11 - Downloading the product.info file from http://dl4.avgate.net/upd/idx/vdf.info.gz
20.03.2008 11:05:13 - Keyfile: OK [FULL Mode]

20.03.2008 11:05:13 - Downloading the product.info file from http://dl4.avgate.net/upd/idx/specvir-nt.info.gz
20.03.2008 11:05:14 - Downloading the product.info file from http://dl4.avgate.net/upd/idx/engine.info.gz
20.03.2008 11:05:14 - Downloading the product.info file from http://dl4.avgate.net/upd/idx/engine-nt-en.info.gz
20.03.2008 11:05:16 - Module: SELFUPDATE Source: winwks\en\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 15
20.03.2008 11:05:16 - Module: MAIN Source: winwks\en\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 75
20.03.2008 11:05:17 - Module: COMMAPPDATA Source: winwks\en\ Destination: C:\Documents and Settings\All Users\Application Data\ Files: 1
20.03.2008 11:05:17 - Module: TEXT Source: winwks\en\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 3
20.03.2008 11:05:17 - Module: VDF Source: vdf\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 4
20.03.2008 11:05:17 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\antivir3.vdf 7.0.3.51 < 7.0.3.59
20.03.2008 11:05:17 - Module: AVREP_NT Source: engine\nt\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 1
20.03.2008 11:05:17 - Module: ENGINE Source: engine\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 2
20.03.2008 11:05:17 - Module: ENGINE_NT_EN Source: engine\nt\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 1
20.03.2008 11:05:17 - Module: DRV Source: winwks\en\ Destination: C:\WINDOWS\SYSTEM32\drivers\ Files: 4
20.03.2008 11:05:17 - Minifilter is installed

20.03.2008 11:05:17 - Minifilter is possible

20.03.2008 11:05:17 - Reading registry value successful: Software\Avira\AntiVir PersonalEdition Classic | FilterType

20.03.2008 11:05:17 - Initialize avnotify.exe

20.03.2008 11:05:17 - Starting avnotify.exe successful

20.03.2008 11:05:17 - Preparing to download files
20.03.2008 11:05:17 - 1 files need to be downloaded / copied from http://dl4.avgate.net/upd/
20.03.2008 11:05:17 - #1: Downloading and extracting http://dl4.avgate.net/upd/vdf/antivir3.vdf.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\TEMP\AVUPDATE_47e236ce\vdf\antivir3.vdf
20.03.2008 11:05:27 - Status of service AntiVirService is running

20.03.2008 11:05:27 - Save file C:\Program Files\Avira\AntiVir PersonalEdition Classic\antivir0.vdf to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\antivir0.vdf.

20.03.2008 11:05:27 - Save file C:\Program Files\Avira\AntiVir PersonalEdition Classic\antivir1.vdf to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\antivir1.vdf.

20.03.2008 11:05:27 - Save file C:\Program Files\Avira\AntiVir PersonalEdition Classic\antivir2.vdf to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\antivir2.vdf.

20.03.2008 11:05:27 - Save file C:\Program Files\Avira\AntiVir PersonalEdition Classic\antivir3.vdf to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\antivir3.vdf.

20.03.2008 11:05:27 - Save file C:\Program Files\Avira\AntiVir PersonalEdition Classic\avewin32.dll to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\FAILSAFE\avewin32.dll.

20.03.2008 11:05:27 - Starting to install
20.03.2008 11:05:27 - Processing module VDF Source: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\TEMP\AVUPDATE_47e236ce\vdf\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\
20.03.2008 11:05:27 - A total of 1 files were updated
20.03.2008 11:05:27 - Registry entry created successfully: Software\Avira\AntiVir PersonalEdition Classic |UpdateInProgress

20.03.2008 11:05:27 - Status of service AntiVirService is running

20.03.2008 11:05:29 - Reinitialization of AntiVirService carried out successfully.

20.03.2008 11:05:29 - Dialup: 0

20.03.2008 11:05:29 - Downloaded bytes: 324720

20.03.2008 11:05:29 - Downloaded file(s): 1

20.03.2008 11:05:29 - Downloaded file(s): antivir3.vdf

20.03.2008 11:05:29 - Engine version local : 7.6.0.75

20.03.2008 11:05:29 - Engine version internet: 7.6.0.75

20.03.2008 11:05:29 - 0. VDF version local : 6.40.0.0

20.03.2008 11:05:29 - 0. VDF version internet: 6.40.0.0

20.03.2008 11:05:29 - 1. VDF version local : 7.0.3.2

20.03.2008 11:05:29 - 1. VDF version internet: 7.0.3.2

20.03.2008 11:05:29 - 2. VDF version local : 7.0.3.3

20.03.2008 11:05:29 - 2. VDF version internet: 7.0.3.3

20.03.2008 11:05:30 - 3. VDF version local : 7.0.3.51

20.03.2008 11:05:30 - 3. VDF version internet: 7.0.3.59

20.03.2008 11:05:30 - Required time: 00:27

20.03.2008 11:05:30 - Registry entry created successfully: Software\Avira\AntiVir PersonalEdition Classic |LastUpdate

20.03.2008 11:05:30 - Update finished successfully

Voici le rapport d'Antivir
0
Réponse 3 / 7
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
20 mars 2008 à 18:21
slt ,le rapport antivir n'est pas bon

regarde dans ce post ce que donne un rapport antivir (message numero 8)

http://www.commentcamarche.net/forum/affich 4417969 virus search daily#dernier
0
Réponse 4 / 7
levagurod Messages postés 17 Date d'inscription lundi 17 mars 2008 Statut Membre Dernière intervention 20 mars 2008
20 mars 2008 à 18:24
Voici le rapport d'Antivir lorsqu'il a trouvé l'infection
16/03/2008,08:52:40 ---------------------------------------------------------
16/03/2008,08:52:42 Keyfile contains a valid license. The Avira AntiVir PersonalEdition Classic will run as a fully functional version!
16/03/2008,08:52:42 AntiVir Guard version: 7.00.00.81,engine version 7.6.0.15,VDF version: 7.0.0.2
16/03/2008,08:52:43 Start Filter Device.
16/03/2008,08:52:43 Avira AntiVir PersonalEdition Classic has been started successfully!
16/03/2008,08:52:43 [CONFIG] On-Access configuration used:
- Files to scan: scan files from local drives
- Device mode: scan files on open, scan files on close
- Only scan files with one of the following extensions: . .386 .?HT* .ACM .ADE .ADP .ANI .APP .ASD .ASF .ASP .ASX .AWX .AX .BAS .BAT .BIN .BOO .CDF .CHM .CLASS .CMD .CNV .COM .CPL .CRT .CSH .DLL .DLO .DO? .DRV .EMF .EML .EXE* .FLT .FOT .HLP .HT* .INF .INI .INS .ISP .J2K .JAR .JFF .JFI .JFIF .JIF .JMH .JNG .JP2 .JPE .JPEG .JPG .JS* .JSE .LNK .LSP .MD? .MDB .MOD .MS? .NWS .OBJ .OCX .OLB .OSD .OV? .PCD .PDR .PGM .PHP .PIF .PKG .PL* .PNG .POT .PPS .PPT .PRG .RAR .REG .RPL .RTF .SBF .SCR .SCRIPT .SCT .SH .SHA .SHB .SHS .SHTM* .SPL .SWF .SYS .TLB .TMP .TSP .TTF
.URL .VB? .VCS .VLM .VXD .VXO .WIZ .WLL .WMD .WMF .WMS .WMZ .WPC .WSC .WSF .WSH .WWK .XL? .XML .ZIP
- Unpack runtime compressed files
- Actions: ask the user
- Heuristic: MACRO , WIN32 MEDIUM
- Logfile report level 1
16/03/2008,08:53:17 [CONFIG] On-Access configuration used:
- Files to scan: scan files from local drives
- Device mode: scan files on open, scan files on close
- Only scan files with one of the following extensions: . .386 .?HT* .ACM .ADE .ADP .ANI .APP .ASD .ASF .ASP .ASX .AWX .AX .BAS .BAT .BIN .BOO .CDF .CHM .CLASS .CMD .CNV .COM .CPL .CRT .CSH .DLL .DLO .DO? .DRV .EMF .EML .EXE* .FLT .FOT .HLP .HT* .INF .INI .INS .ISP .J2K .JAR .JFF .JFI .JFIF .JIF .JMH .JNG .JP2 .JPE .JPEG .JPG .JS* .JSE .LNK .LSP .MD? .MDB .MOD .MS? .NWS .OBJ .OCX .OLB .OSD .OV? .PCD .PDR .PGM .PHP .PIF .PKG .PL* .PNG .POT .PPS .PPT .PRG .RAR .REG .RPL .RTF .SBF .SCR .SCRIPT .SCT .SH .SHA .SHB .SHS .SHTM* .SPL .SWF .SYS .TLB .TMP .TSP .TTF
.URL .VB? .VCS .VLM .VXD .VXO .WIZ .WLL .WMD .WMF .WMS .WMZ .WPC .WSC .WSF .WSH .WWK .XL? .XML .ZIP
- Unpack runtime compressed files
- Actions: ask the user
- Heuristic: MACRO , WIN32 MEDIUM
- Logfile report level 1
16/03/2008,08:54:01 [CONFIG] On-Access configuration used:
- Files to scan: scan files from local drives
- Device mode: scan files on open, scan files on close
- Only scan files with one of the following extensions: . .386 .?HT* .ACM .ADE .ADP .ANI .APP .ASD .ASF .ASP .ASX .AWX .AX .BAS .BAT .BIN .BOO .CDF .CHM .CLASS .CMD .CNV .COM .CPL .CRT .CSH .DLL .DLO .DO? .DRV .EMF .EML .EXE* .FLT .FOT .HLP .HT* .INF .INI .INS .ISP .J2K .JAR .JFF .JFI .JFIF .JIF .JMH .JNG .JP2 .JPE .JPEG .JPG .JS* .JSE .LNK .LSP .MD? .MDB .MOD .MS? .NWS .OBJ .OCX .OLB .OSD .OV? .PCD .PDR .PGM .PHP .PIF .PKG .PL* .PNG .POT .PPS .PPT .PRG .RAR .REG .RPL .RTF .SBF .SCR .SCRIPT .SCT .SH .SHA .SHB .SHS .SHTM* .SPL .SWF .SYS .TLB .TMP .TSP .TTF
.URL .VB? .VCS .VLM .VXD .VXO .WIZ .WLL .WMD .WMF .WMS .WMZ .WPC .WSC .WSF .WSH .WWK .XL? .XML .ZIP
- Unpack runtime compressed files
- Actions: ask the user
- Heuristic: MACRO , WIN32 MEDIUM
- Logfile report level 1
16/03/2008,08:56:24 Avira AntiVir PersonalEdition Classic service has been stopped!
16/03/2008,08:56:31 ---------------------------------------------------------
16/03/2008,08:56:34 Keyfile contains a valid license. The Avira AntiVir PersonalEdition Classic will run as a fully functional version!
16/03/2008,08:56:34 AntiVir Guard version: 7.00.00.82,engine version 7.6.0.73,VDF version: 7.0.3.31
16/03/2008,08:56:35 Start Filter Device.
16/03/2008,08:56:35 Avira AntiVir PersonalEdition Classic has been started successfully!
16/03/2008,08:56:35 [CONFIG] On-Access configuration used:
- Files to scan: scan files from local drives
- Device mode: scan files on open, scan files on close
- Only scan files with one of the following extensions: . .386 .?HT* .ACM .ADE .ADP .ANI .APP .ASD .ASF .ASP .ASX .AWX .AX .BAS .BAT .BIN .BOO .CDF .CHM .CLASS .CMD .CNV .COM .CPL .CRT .CSH .DLL .DLO .DO? .DRV .EMF .EML .EXE* .FLT .FOT .HLP .HT* .INF .INI .INS .ISP .J2K .JAR .JFF .JFI .JFIF .JIF .JMH .JNG .JP2 .JPE .JPEG .JPG .JS* .JSE .LNK .LSP .MD? .MDB .MOD .MS? .NWS .OBJ .OCX .OLB .OSD .OV? .PCD .PDF .PDR .PGM .PHP .PIF .PKG .PL* .PNG .POT .PPS .PPT .PRG .RAR .REG .RPL .RTF .SBF .SCR .SCRIPT .SCT .SH .SHA .SHB .SHS .SHTM* .SIS .SPL .SWF .SYS .TLB .TMP
.TSP .TTF .URL .VB? .VCS .VLM .VXD .VXO .WIZ .WLL .WMD .WMF .WMS .WMZ .WPC .WSC .WSF .WSH .WWK .XL? .XML .ZIP
- Unpack runtime compressed files
- Actions: ask the user
- Heuristic: MACRO , WIN32 MEDIUM
- Logfile report level 1
16/03/2008,08:56:36 [CONFIG] On-Access configuration used:
- Files to scan: scan files from local drives
- Device mode: scan files on open, scan files on close
- Only scan files with one of the following extensions: . .386 .?HT* .ACM .ADE .ADP .ANI .APP .ASD .ASF .ASP .ASX .AWX .AX .BAS .BAT .BIN .BOO .CDF .CHM .CLASS .CMD .CNV .COM .CPL .CRT .CSH .DLL .DLO .DO? .DRV .EMF .EML .EXE* .FLT .FOT .HLP .HT* .INF .INI .INS .ISP .J2K .JAR .JFF .JFI .JFIF .JIF .JMH .JNG .JP2 .JPE .JPEG .JPG .JS* .JSE .LNK .LSP .MD? .MDB .MOD .MS? .NWS .OBJ .OCX .OLB .OSD .OV? .PCD .PDF .PDR .PGM .PHP .PIF .PKG .PL* .PNG .POT .PPS .PPT .PRG .RAR .REG .RPL .RTF .SBF .SCR .SCRIPT .SCT .SH .SHA .SHB .SHS .SHTM* .SIS .SPL .SWF .SYS .TLB .TMP
.TSP .TTF .URL .VB? .VCS .VLM .VXD .VXO .WIZ .WLL .WMD .WMF .WMS .WMZ .WPC .WSC .WSF .WSH .WWK .XL? .XML .ZIP
- Unpack runtime compressed files
- Actions: ask the user
- Heuristic: MACRO , WIN32 MEDIUM
- Logfile report level 1
16/03/2008,09:06:23 [WARNING] Is the Trojan horse TR/Crypt.XPACK.Gen!
C:\WINDOWS\system32\ozbowu.exe
16/03/2008,09:06:46 Avira AntiVir PersonalEdition Classic service has been stopped!
16/03/2008,17:43:53 ---------------------------------------------------------
16/03/2008,17:44:00 Keyfile contains a valid license. The Avira AntiVir PersonalEdition Classic will run as a fully functional version!
16/03/2008,17:44:00 AntiVir Guard version: 7.00.00.82,engine version 7.6.0.73,VDF version: 7.0.3.31
16/03/2008,17:44:01 Start Filter Device.
16/03/2008,17:44:01 Avira AntiVir PersonalEdition Classic has been started successfully!
16/03/2008,17:44:01 [CONFIG] On-Access configuration used:
- Files to scan: scan files from local drives
- Device mode: scan files on open, scan files on close
- Only scan files with one of the following extensions: . .386 .?HT* .ACM .ADE .ADP .ANI .APP .ASD .ASF .ASP .ASX .AWX .AX .BAS .BAT .BIN .BOO .CDF .CHM .CLASS .CMD .CNV .COM .CPL .CRT .CSH .DLL .DLO .DO? .DRV .EMF .EML .EXE* .FLT .FOT .HLP .HT* .INF .INI .INS .ISP .J2K .JAR .JFF .JFI .JFIF .JIF .JMH .JNG .JP2 .JPE .JPEG .JPG .JS* .JSE .LNK .LSP .MD? .MDB .MOD .MS? .NWS .OBJ .OCX .OLB .OSD .OV? .PCD .PDF .PDR .PGM .PHP .PIF .PKG .PL* .PNG .POT .PPS .PPT .PRG .RAR .REG .RPL .RTF .SBF .SCR .SCRIPT .SCT .SH .SHA .SHB .SHS .SHTM* .SIS .SPL .SWF .SYS .TLB .TMP
.TSP .TTF .URL .VB? .VCS .VLM .VXD .VXO .WIZ .WLL .WMD .WMF .WMS .WMZ .WPC .WSC .WSF .WSH .WWK .XL? .XML .ZIP
- Unpack runtime compressed files
- Actions: ask the user
- Heuristic: MACRO , WIN32 MEDIUM
- Logfile report level 1
16/03/2008,17:45:18 [WARNING] Is the Trojan horse TR/Crypt.ULPM.Gen!
C:\Documents and Settings\Philippe\Local Settings\Temporary Internet Files\Content.IE5\UN9BVX6O\6736f989[1].exe
16/03/2008,17:45:18 [WARNING] Is the Trojan horse TR/Crypt.ULPM.Gen!
C:\Documents and Settings\Philippe\uprylo.exe
16/03/2008,17:45:18 [WARNING] Is the Trojan horse TR/Crypt.ULPM.Gen!
C:\Documents and Settings\Philippe\uprylo.exe
[INFO] The file will be deleted.
16/03/2008,17:47:10 Update process started!
16/03/2008,17:47:12 Current Engine Version: 7.6.0.73
16/03/2008,17:47:12 Current Pattern File: 7.0.3.33 from 16/03/2008, 16:26
16/03/2008,17:47:12 [CONFIG] On-Access configuration used:
- Files to scan: scan files from local drives
- Device mode: scan files on open, scan files on close
- Only scan files with one of the following extensions: . .386 .?HT* .ACM .ADE .ADP .ANI .APP .ASD .ASF .ASP .ASX .AWX .AX .BAS .BAT .BIN .BOO .CDF .CHM .CLASS .CMD .CNV .COM .CPL .CRT .CSH .DLL .DLO .DO? .DRV .EMF .EML .EXE* .FLT .FOT .HLP .HT* .INF .INI .INS .ISP .J2K .JAR .JFF .JFI .JFIF .JIF .JMH .JNG .JP2 .JPE .JPEG .JPG .JS* .JSE .LNK .LSP .MD? .MDB .MOD .MS? .NWS .OBJ .OCX .OLB .OSD .OV? .PCD .PDF .PDR .PGM .PHP .PIF .PKG .PL* .PNG .POT .PPS .PPT .PRG .RAR .REG .RPL .RTF .SBF .SCR .SCRIPT .SCT .SH .SHA .SHB .SHS .SHTM* .SIS .SPL .SWF .SYS .TLB .TMP
.TSP .TTF .URL .VB? .VCS .VLM .VXD .VXO .WIZ .WLL .WMD .WMF .WMS .WMZ .WPC .WSC .WSF .WSH .WWK .XL? .XML .ZIP
- Unpack runtime compressed files
- Actions: ask the user
- Heuristic: MACRO , WIN32 MEDIUM
- Logfile report level 1
16/03/2008,17:51:47 [WARNING] Is the Trojan horse TR/Crypt.ULPM.Gen!
C:\Documents and Settings\Philippe\jilcez.exe
16/03/2008,17:51:47 [WARNING] Is the Trojan horse TR/Crypt.ULPM.Gen!
C:\Documents and Settings\Philippe\Local Settings\Temporary Internet Files\Content.IE5\XXJVKR5W\6736f989[1].exe
[INFO] The file will be deleted.
16/03/2008,17:51:47 [WARNING] Is the Trojan horse TR/Crypt.ULPM.Gen!
C:\Documents and Settings\Philippe\jilcez.exe
[INFO] The file will be deleted.
16/03/2008,17:58:05 [CONFIG] On-Access configuration used:
- Files to scan: scan files from local drives
- Device mode: scan files on open, scan files on close
- Only scan files with one of the following extensions: . .386 .?HT* .ACM .ADE .ADP .ANI .APP .ASD .ASF .ASP .ASX .AWX .AX .BAS .BAT .BIN .BOO .CDF .CHM .CLASS .CMD .CNV .COM .CPL .CRT .CSH .DLL .DLO .DO? .DRV .EMF .EML .EXE* .FLT .FOT .HLP .HT* .INF .INI .INS .ISP .J2K .JAR .JFF .JFI .JFIF .JIF .JMH .JNG .JP2 .JPE .JPEG .JPG .JS* .JSE .LNK .LSP .MD? .MDB .MOD .MS? .NWS .OBJ .OCX .OLB .OSD .OV? .PCD .PDF .PDR .PGM .PHP .PIF .PKG .PL* .PNG .POT .PPS .PPT .PRG .RAR .REG .RPL .RTF .SBF .SCR .SCRIPT .SCT .SH .SHA .SHB .SHS .SHTM* .SIS .SPL .SWF .SYS .TLB .TMP
.TSP .TTF .URL .VB? .VCS .VLM .VXD .VXO .WIZ .WLL .WMD .WMF .WMS .WMZ .WPC .WSC .WSF .WSH .WWK .XL? .XML .ZIP
- Unpack runtime compressed files
- Actions: ask the user
- Heuristic: MACRO , WIN32 MEDIUM
- Logfile report level 1
16/03/2008,18:12:17 [WARNING] Is the Trojan horse TR/Crypt.XPACK.Gen!
C:\WINDOWS\system32\ozbowu.exe
16/03/2008,18:12:47 Avira AntiVir PersonalEdition Classic service has been stopped!
16/03/2008,18:13:48 ---------------------------------------------------------
16/03/2008,18:13:57 Keyfile contains a valid license. The Avira AntiVir PersonalEdition Classic will run as a fully functional version!
16/03/2008,18:13:57 AntiVir Guard version: 7.00.00.82,engine version 7.6.0.73,VDF version: 7.0.3.33
16/03/2008,18:13:58 Start Filter Device.
16/03/2008,18:13:58 Avira AntiVir PersonalEdition Classic has been started successfully!
16/03/2008,18:13:58 [CONFIG] On-Access configuration used:
- Files to scan: scan files from local drives
- Device mode: scan files on open, scan files on close
- Only scan files with one of the following extensions: . .386 .?HT* .ACM .ADE .ADP .ANI .APP .ASD .ASF .ASP .ASX .AWX .AX .BAS .BAT .BIN .BOO .CDF .CHM .CLASS .CMD .CNV .COM .CPL .CRT .CSH .DLL .DLO .DO? .DRV .EMF .EML .EXE* .FLT .FOT .HLP .HT* .INF .INI .INS .ISP .J2K .JAR .JFF .JFI .JFIF .JIF .JMH .JNG .JP2 .JPE .JPEG .JPG .JS* .JSE .LNK .LSP .MD? .MDB .MOD .MS? .NWS .OBJ .OCX .OLB .OSD .OV? .PCD .PDF .PDR .PGM .PHP .PIF .PKG .PL* .PNG .POT .PPS .PPT .PRG .RAR .REG .RPL .RTF .SBF .SCR .SCRIPT .SCT .SH .SHA .SHB .SHS .SHTM* .SIS .SPL .SWF .SYS .TLB .TMP
.TSP .TTF .URL .VB? .VCS .VLM .VXD .VXO .WIZ .WLL .WMD .WMF .WMS .WMZ .WPC .WSC .WSF .WSH .WWK .XL? .XML .ZIP
- Unpack runtime compressed files
- Actions: ask the user
- Heuristic: MACRO , WIN32 MEDIUM
- Logfile report level 1
16/03/2008,20:42:34 [WARNING] Is the Trojan horse TR/Crypt.XPACK.Gen!
C:\WINDOWS\system32\ozbowu.exe
16/03/2008,20:42:38 [WARNING] Is the Trojan horse TR/Crypt.XPACK.Gen!
C:\WINDOWS\system32\ozbowu.exe
16/03/2008,20:43:02 Avira AntiVir PersonalEdition Classic service has been stopped!
17/03/2008,07:09:54 ---------------------------------------------------------
17/03/2008,07:09:58 Keyfile contains a valid license. The Avira AntiVir PersonalEdition Classic will run as a fully functional version!
17/03/2008,07:09:58 AntiVir Guard version: 7.00.00.82,engine version 7.6.0.73,VDF version: 7.0.3.33
17/03/2008,07:09:59 Start Filter Device.
17/03/2008,07:09:59 Avira AntiVir PersonalEdition Classic has been started successfully!
17/03/2008,07:09:59 [CONFIG] On-Access configuration used:
- Files to scan: scan files from local drives
- Device mode: scan files on open, scan files on close
- Only scan files with one of the following extensions: . .386 .?HT* .ACM .ADE .ADP .ANI .APP .ASD .ASF .ASP .ASX .AWX .AX .BAS .BAT .BIN .BOO .CDF .CHM .CLASS .CMD .CNV .COM .CPL .CRT .CSH .DLL .DLO .DO? .DRV .EMF .EML .EXE* .FLT .FOT .HLP .HT* .INF .INI .INS .ISP .J2K .JAR .JFF .JFI .JFIF .JIF .JMH .JNG .JP2 .JPE .JPEG .JPG .JS* .JSE .LNK .LSP .MD? .MDB .MOD .MS? .NWS .OBJ .OCX .OLB .OSD .OV? .PCD .PDF .PDR .PGM .PHP .PIF .PKG .PL* .PNG .POT .PPS .PPT .PRG .RAR .REG .RPL .RTF .SBF .SCR .SCRIPT .SCT .SH .SHA .SHB .SHS .SHTM* .SIS .SPL .SWF .SYS .TLB .TMP
.TSP .TTF .URL .VB? .VCS .VLM .VXD .VXO .WIZ .WLL .WMD .WMF .WMS .WMZ .WPC .WSC .WSF .WSH .WWK .XL? .XML .ZIP
- Unpack runtime compressed files
- Actions: ask the user
- Heuristic: MACRO , WIN32 MEDIUM
- Logfile report level 1
17/03/2008,07:10:56 [WARNING] Is the Trojan horse TR/Crypt.ULPM.Gen!
C:\Documents and Settings\Philippe\xorkob.exe
17/03/2008,07:10:56 [WARNING] Is the Trojan horse TR/Crypt.ULPM.Gen!
C:\Documents and Settings\Philippe\Local Settings\Temporary Internet Files\Content.IE5\XXJVKR5W\6736f989[1].exe
[INFO] The file will be deleted.
17/03/2008,07:10:55 [WARNING] Is the Trojan horse TR/Crypt.ULPM.Gen!
C:\Documents and Settings\Philippe\xorkob.exe
17/03/2008,08:53:03 Update process started!
17/03/2008,08:53:05 Current Engine Version: 7.6.0.73
17/03/2008,08:53:05 Current Pattern File: 7.0.3.34 from 17/03/2008, 07:55
17/03/2008,08:53:05 [CONFIG] On-Access configuration used:
- Files to scan: scan files from local drives
- Device mode: scan files on open, scan files on close
- Only scan files with one of the following extensions: . .386 .?HT* .ACM .ADE .ADP .ANI .APP .ASD .ASF .ASP .ASX .AWX .AX .BAS .BAT .BIN .BOO .CDF .CHM .CLASS .CMD .CNV .COM .CPL .CRT .CSH .DLL .DLO .DO? .DRV .EMF .EML .EXE* .FLT .FOT .HLP .HT* .INF .INI .INS .ISP .J2K .JAR .JFF .JFI .JFIF .JIF .JMH .JNG .JP2 .JPE .JPEG .JPG .JS* .JSE .LNK .LSP .MD? .MDB .MOD .MS? .NWS .OBJ .OCX .OLB .OSD .OV? .PCD .PDF .PDR .PGM .PHP .PIF .PKG .PL* .PNG .POT .PPS .PPT .PRG .RAR .REG .RPL .RTF .SBF .SCR .SCRIPT .SCT .SH .SHA .SHB .SHS .SHTM* .SIS .SPL .SWF .SYS .TLB .TMP
.TSP .TTF .URL .VB? .VCS .VLM .VXD .VXO .WIZ .WLL .WMD .WMF .WMS .WMZ .WPC .WSC .WSF .WSH .WWK .XL? .XML .ZIP
- Unpack runtime compressed files
- Actions: ask the user
- Heuristic: MACRO , WIN32 MEDIUM
- Logfile report level 1
17/03/2008,23:35:20 Update process started!
17/03/2008,23:35:23 Current Engine Version: 7.6.0.73
17/03/2008,23:35:23 Current Pattern File: 7.0.3.41 from 17/03/2008, 16:32
17/03/2008,23:35:24 [CONFIG] On-Access configuration used:
- Files to scan: scan files from local drives
- Device mode: scan files on open, scan files on close
- Only scan files with one of the following extensions: . .386 .?HT* .ACM .ADE .ADP .ANI .APP .ASD .ASF .ASP .ASX .AWX .AX .BAS .BAT .BIN .BOO .CDF .CHM .CLASS .CMD .CNV .COM .CPL .CRT .CSH .DLL .DLO .DO? .DRV .EMF .EML .EXE* .FLT .FOT .HLP .HT* .INF .INI .INS .ISP .J2K .JAR .JFF .JFI .JFIF .JIF .JMH .JNG .JP2 .JPE .JPEG .JPG .JS* .JSE .LNK .LSP .MD? .MDB .MOD .MS? .NWS .OBJ .OCX .OLB .OSD .OV? .PCD .PDF .PDR .PGM .PHP .PIF .PKG .PL* .PNG .POT .PPS .PPT .PRG .RAR .REG .RPL .RTF .SBF .SCR .SCRIPT .SCT .SH .SHA .SHB .SHS .SHTM* .SIS .SPL .SWF .SYS .TLB .TMP
.TSP .TTF .URL .VB? .VCS .VLM .VXD .VXO .WIZ .WLL .WMD .WMF .WMS .WMZ .WPC .WSC .WSF .WSH .WWK .XL? .XML .ZIP
- Unpack runtime compressed files
- Actions: ask the user
- Heuristic: MACRO , WIN32 MEDIUM
- Logfile report level 1
17/03/2008,23:36:02 [CONFIG] On-Access configuration used:
- Files to scan: scan files from local drives
- Device mode: scan files on open, scan files on close
- Only scan files with one of the following extensions: . .386 .?HT* .ACM .ADE .ADP .ANI .APP .ASD .ASF .ASP .ASX .AWX .AX .BAS .BAT .BIN .BOO .CDF .CHM .CLASS .CMD .CNV .COM .CPL .CRT .CSH .DLL .DLO .DO? .DRV .EMF .EML .EXE* .FLT .FOT .HLP .HT* .INF .INI .INS .ISP .J2K .JAR .JFF .JFI .JFIF .JIF .JMH .JNG .JP2 .JPE .JPEG .JPG .JS* .JSE .LNK .LSP .MD? .MDB .MOD .MS? .NWS .OBJ .OCX .OLB .OSD .OV? .PCD .PDF .PDR .PGM .PHP .PIF .PKG .PL* .PNG .POT .PPS .PPT .PRG .RAR .REG .RPL .RTF .SBF .SCR .SCRIPT .SCT .SH .SHA .SHB .SHS .SHTM* .SIS .SPL .SWF .SYS .TLB .TMP
.TSP .TTF .URL .VB? .VCS .VLM .VXD .VXO .WIZ .WLL .WMD .WMF .WMS .WMZ .WPC .WSC .WSF .WSH .WWK .XL? .XML .ZIP
- Unpack runtime compressed files
- Actions: ask the user
- Heuristic: MACRO , WIN32 MEDIUM
- Logfile report level 1
17/03/2008,23:48:58 [WARNING] Is the Trojan horse TR/Crypt.XPACK.Gen!
C:\WINDOWS\system32\ozbowu.exe
17/03/2008,23:48:59 [WARNING] Is the Trojan horse TR/Crypt.XPACK.Gen!
C:\WINDOWS\system32\ozbowu.exe
17/03/2008,23:49:00 [WARNING] Is the Trojan horse TR/Crypt.XPACK.Gen!
C:\WINDOWS\system32\ozbowu.exe
17/03/2008,23:49:27 Avira AntiVir PersonalEdition Classic service has been stopped!
18/03/2008,07:36:48 ---------------------------------------------------------
18/03/2008,07:36:52 Keyfile contains a valid license. The Avira AntiVir PersonalEdition Classic will run as a fully functional version!
18/03/2008,07:36:52 AntiVir Guard version: 7.00.00.82,engine version 7.6.0.73,VDF version: 7.0.3.41
18/03/2008,07:36:53 Start Filter Device.
18/03/2008,07:36:53 Avira AntiVir PersonalEdition Classic has been started successfully!
18/03/2008,07:36:53 [CONFIG] On-Access configuration used:
- Files to scan: scan files from local drives
- Device mode: scan files on open, scan files on close
- Only scan files with one of the following extensions: . .386 .?HT* .ACM .ADE .ADP .ANI .APP .ASD .ASF .ASP .ASX .AWX .AX .BAS .BAT .BIN .BOO .CDF .CHM .CLASS .CMD .CNV .COM .CPL .CRT .CSH .DLL .DLO .DO? .DRV .EMF .EML .EXE* .FLT .FOT .HLP .HT* .INF .INI .INS .ISP .J2K .JAR .JFF .JFI .JFIF .JIF .JMH .JNG .JP2 .JPE .JPEG .JPG .JS* .JSE .LNK .LSP .MD? .MDB .MOD .MS? .NWS .OBJ .OCX .OLB .OSD .OV? .PCD .PDF .PDR .PGM .PHP .PIF .PKG .PL* .PNG .POT .PPS .PPT .PRG .RAR .REG .RPL .RTF .SBF .SCR .SCRIPT .SCT .SH .SHA .SHB .SHS .SHTM* .SIS .SPL .SWF .SYS .TLB .TMP
.TSP .TTF .URL .VB? .VCS .VLM .VXD .VXO .WIZ .WLL .WMD .WMF .WMS .WMZ .WPC .WSC .WSF .WSH .WWK .XL? .XML .ZIP
- Unpack runtime compressed files
- Actions: ask the user
- Heuristic: MACRO , WIN32 MEDIUM
- Logfile report level 1
18/03/2008,07:43:06 Avira AntiVir PersonalEdition Classic service has been stopped!
18/03/2008,07:44:21 ---------------------------------------------------------
18/03/2008,07:44:24 Keyfile contains a valid license. The Avira AntiVir PersonalEdition Classic will run as a fully functional version!
18/03/2008,07:44:24 AntiVir Guard version: 7.00.00.82,engine version 7.6.0.73,VDF version: 7.0.3.41
18/03/2008,07:44:25 Start Filter Device.
18/03/2008,07:44:26 Avira AntiVir PersonalEdition Classic has been started successfully!
18/03/2008,07:44:26 [CONFIG] On-Access configuration used:
- Files to scan: scan files from local drives
- Device mode: scan files on open, scan files on close
- Only scan files with one of the following extensions: . .386 .?HT* .ACM .ADE .ADP .ANI .APP .ASD .ASF .ASP .ASX .AWX .AX .BAS .BAT .BIN .BOO .CDF .CHM .CLASS .CMD .CNV .COM .CPL .CRT .CSH .DLL .DLO .DO? .DRV .EMF .EML .EXE* .FLT .FOT .HLP .HT* .INF .INI .INS .ISP .J2K .JAR .JFF .JFI .JFIF .JIF .JMH .JNG .JP2 .JPE .JPEG .JPG .JS* .JSE .LNK .LSP .MD? .MDB .MOD .MS? .NWS .OBJ .OCX .OLB .OSD .OV? .PCD .PDF .PDR .PGM .PHP .PIF .PKG .PL* .PNG .POT .PPS .PPT .PRG .RAR .REG .RPL .RTF .SBF .SCR .SCRIPT .SCT .SH .SHA .SHB .SHS .SHTM* .SIS .SPL .SWF .SYS .TLB .TMP
.TSP .TTF .URL .VB? .VCS .VLM .VXD .VXO .WIZ .WLL .WMD .WMF .WMS .WMZ .WPC .WSC .WSF .WSH .WWK .XL? .XML .ZIP
- Unpack runtime compressed files
- Actions: ask the user
- Heuristic: MACRO , WIN32 MEDIUM
- Logfile report level 1
18/03/2008,07:48:23 [WARNING] Is the Trojan horse TR/Crypt.XPACK.Gen!
C:\WINDOWS\system32\ozbowu.exe
18/03/2008,08:12:12 ---------------------------------------------------------
18/03/2008,08:12:15 Keyfile contains a valid license. The Avira AntiVir PersonalEdition Classic will run as a fully functional version!
18/03/2008,08:12:15 AntiVir Guard version: 7.00.00.82,engine version 7.6.0.73,VDF version: 7.0.3.41
18/03/2008,08:12:16 Start Filter Device.
18/03/2008,08:12:16 Avira AntiVir PersonalEdition Classic has been started successfully!
18/03/2008,08:12:16 [CONFIG] On-Access configuration used:
- Files to scan: scan files from local drives
- Device mode: scan files on open, scan files on close
- Only scan files with one of the following extensions: . .386 .?HT* .ACM .ADE .ADP .ANI .APP .ASD .ASF .ASP .ASX .AWX .AX .BAS .BAT .BIN .BOO .CDF .CHM .CLASS .CMD .CNV .COM .CPL .CRT .CSH .DLL .DLO .DO? .DRV .EMF .EML .EXE* .FLT .FOT .HLP .HT* .INF .INI .INS .ISP .J2K .JAR .JFF .JFI .JFIF .JIF .JMH .JNG .JP2 .JPE .JPEG .JPG .JS* .JSE .LNK .LSP .MD? .MDB .MOD .MS? .NWS .OBJ .OCX .OLB .OSD .OV? .PCD .PDF .PDR .PGM .PHP .PIF .PKG .PL* .PNG .POT .PPS .PPT .PRG .RAR .REG .RPL .RTF .SBF .SCR .SCRIPT .SCT .SH .SHA .SHB .SHS .SHTM* .SIS .SPL .SWF .SYS .TLB .TMP
.TSP .TTF .URL .VB? .VCS .VLM .VXD .VXO .WIZ .WLL .WMD .WMF .WMS .WMZ .WPC .WSC .WSF .WSH .WWK .XL? .XML .ZIP
- Unpack runtime compressed files
- Actions: ask the user
- Heuristic: MACRO , WIN32 MEDIUM
- Logfile report level 1
18/03/2008,08:13:10 [WARNING] Is the Trojan horse TR/Crypt.ULPM.Gen!
C:\Documents and Settings\Philippe\iylyyb.exe
18/03/2008,08:13:10 [WARNING] Is the Trojan horse TR/Crypt.ULPM.Gen!
C:\Documents and Settings\Philippe\Local Settings\Temporary Internet Files\Content.IE5\XXJVKR5W\6736f989[1].exe
[INFO] The file will be deleted.
18/03/2008,08:13:10 [WARNING] Is the Trojan horse TR/Crypt.ULPM.Gen!
C:\Documents and Settings\Philippe\iylyyb.exe
18/03/2008,09:07:24 [CONFIG] On-Access configuration used:
- Files to scan: scan files from local drives
- Device mode: scan files on open, scan files on close
- Only scan files with one of the following extensions: . .386 .?HT* .ACM .ADE .ADP .ANI .APP .ASD .ASF .ASP .ASX .AWX .AX .BAS .BAT .BIN .BOO .CDF .CHM .CLASS .CMD .CNV .COM .CPL .CRT .CSH .DLL .DLO .DO? .DRV .EMF .EML .EXE* .FLT .FOT .HLP .HT* .INF .INI .INS .ISP .J2K .JAR .JFF .JFI .JFIF .JIF .JMH .JNG .JP2 .JPE .JPEG .JPG .JS* .JSE .LNK .LSP .MD? .MDB .MOD .MS? .NWS .OBJ .OCX .OLB .OSD .OV? .PCD .PDF .PDR .PGM .PHP .PIF .PKG .PL* .PNG .POT .PPS .PPT .PRG .RAR .REG .RPL .RTF .SBF .SCR .SCRIPT .SCT .SH .SHA .SHB .SHS .SHTM* .SIS .SPL .SWF .SYS .TLB .TMP
.TSP .TTF .URL .VB? .VCS .VLM .VXD .VXO .WIZ .WLL .WMD .WMF .WMS .WMZ .WPC .WSC .WSF .WSH .WWK .XL? .XML .ZIP
- Unpack runtime compressed files
- Actions: ask the user
- Heuristic: MACRO , WIN32 MEDIUM
- Logfile report level 1
18/03/2008,09:08:00 [WARNING] Is the Trojan horse TR/Crypt.ULPM.Gen!
C:\Documents and Settings\Philippe\Local Settings\Temporary Internet Files\Content.IE5\C3TX8T36\6736f989[1].exe
18/03/2008,09:08:00 [WARNING] Is the Trojan horse TR/Crypt.ULPM.Gen!
C:\Documents and Settings\Philippe\hqchyh.exe
18/03/2008,09:07:59 [WARNING] Is the Trojan horse TR/Crypt.ULPM.Gen!
C:\Documents and Settings\Philippe\hqchyh.exe
18/03/2008,09:15:00 [WARNING] Is the Trojan horse TR/Crypt.ULPM.Gen!
C:\Documents and Settings\Philippe\vnhsgu.exe
18/03/2008,09:15:00 [WARNING] Is the Trojan horse TR/Crypt.ULPM.Gen!
C:\Documents and Settings\Philippe\Local Settings\Temporary Internet Files\Content.IE5\XXJVKR5W\6736f989[1].exe
18/03/2008,09:14:59 [WARNING] Is the Trojan horse TR/Crypt.ULPM.Gen!
C:\Documents and Settings\Philippe\vnhsgu.exe
18/03/2008,15:12:07 [WARNING] Is the Trojan horse TR/Crypt.XPACK.Gen!
C:\WINDOWS\system32\ozbowu.exe
18/03/2008,15:11:56 [WARNING] Is the Trojan horse TR/Crypt.XPACK.Gen!
C:\WINDOWS\system32\ozbowu.exe
18/03/2008,15:16:20 [WARNING] Is the Trojan horse TR/Crypt.ULPM.Gen!
C:\WINDOWS\system32\hysmxv.exe
18/03/2008,15:16:20 [WARNING] Is the Trojan horse TR/Crypt.ULPM.Gen!
C:\Documents and Settings\Philippe\Local Settings\Temporary Internet Files\Content.IE5\XXJVKR5W\6736f989[1].exe
18/03/2008,15:16:20 [WARNING] Is the Trojan horse TR/Crypt.ULPM.Gen!
C:\WINDOWS\system32\hysmxv.exe
18/03/2008,17:01:11 Avira AntiVir PersonalEdition Classic service has been stopped!
18/03/2008,17:02:15 ---------------------------------------------------------
18/03/2008,17:02:18 Keyfile contains a valid license. The Avira AntiVir PersonalEdition Classic will run as a fully functional version!
18/03/2008,17:02:18 AntiVir Guard version: 7.00.00.82,engine version 7.6.0.73,VDF version: 7.0.3.41
18/03/2008,17:02:19 Start Filter Device.
18/03/2008,17:02:19 Avira AntiVir PersonalEdition Classic has been started successfully!
18/03/2008,17:02:19 [CONFIG] On-Access configuration used:
- Files to scan: scan files from local drives
- Device mode: scan files on open, scan files on close
- Only scan files with one of the following extensions: . .386 .?HT* .ACM .ADE .ADP .ANI .APP .ASD .ASF .ASP .ASX .AWX .AX .BAS .BAT .BIN .BOO .CDF .CHM .CLASS .CMD .CNV .COM .CPL .CRT .CSH .DLL .DLO .DO? .DRV .EMF .EML .EXE* .FLT .FOT .HLP .HT* .INF .INI .INS .ISP .J2K .JAR .JFF .JFI .JFIF .JIF .JMH .JNG .JP2 .JPE .JPEG .JPG .JS* .JSE .LNK .LSP .MD? .MDB .MOD .MS? .NWS .OBJ .OCX .OLB .OSD .OV? .PCD .PDF .PDR .PGM .PHP .PIF .PKG .PL* .PNG .POT .PPS .PPT .PRG .RAR .REG .RPL .RTF .SBF .SCR .SCRIPT .SCT .SH .SHA .SHB .SHS .SHTM* .SIS .SPL .SWF .SYS .TLB .TMP
.TSP .TTF .URL .VB? .VCS .VLM .VXD .VXO .WIZ .WLL .WMD .WMF .WMS .WMZ .WPC .WSC .WSF .WSH .WWK .XL? .XML .ZIP
- Unpack runtime compressed files
- Actions: ask the user
- Heuristic: MACRO , WIN32 MEDIUM
- Logfile report level 1
18/03/2008,18:52:57 [WARNING] Is the Trojan horse TR/Crypt.XPACK.Gen!
C:\WINDOWS\system32\ozbowu.exe
18/03/2008,18:53:33 Avira AntiVir PersonalEdition Classic service has been stopped!
18/03/2008,19:08:46 ---------------------------------------------------------
18/03/2008,19:08:49 Keyfile contains a valid license. The Avira AntiVir PersonalEdition Classic will run as a fully functional version!
18/03/2008,19:08:49 AntiVir Guard version: 7.00.00.82,engine version 7.6.0.73,VDF version: 7.0.3.41
18/03/2008,19:08:50 Start Filter Device.
18/03/2008,19:08:50 Avira AntiVir PersonalEdition Classic has been started successfully!
18/03/2008,19:08:50 [CONFIG] On-Access configuration used:
- Files to scan: scan files from local drives
- Device mode: scan files on open, scan files on close
- Only scan files with one of the following extensions: . .386 .?HT* .ACM .ADE .ADP .ANI .APP .ASD .ASF .ASP .ASX .AWX .AX .BAS .BAT .BIN .BOO .CDF .CHM .CLASS .CMD .CNV .COM .CPL .CRT .CSH .DLL .DLO .DO? .DRV .EMF .EML .EXE* .FLT .FOT .HLP .HT* .INF .INI .INS .ISP .J2K .JAR .JFF .JFI .JFIF .JIF .JMH .JNG .JP2 .JPE .JPEG .JPG .JS* .JSE .LNK .LSP .MD? .MDB .MOD .MS? .NWS .OBJ .OCX .OLB .OSD .OV? .PCD .PDF .PDR .PGM .PHP .PIF .PKG .PL* .PNG .POT .PPS .PPT .PRG .RAR .REG .RPL .RTF .SBF .SCR .SCRIPT .SCT .SH .SHA .SHB .SHS .SHTM* .SIS .SPL .SWF .SYS .TLB .TMP
.TSP .TTF .URL .VB? .VCS .VLM .VXD .VXO .WIZ .WLL .WMD .WMF .WMS .WMZ .WPC .WSC .WSF .WSH .WWK .XL? .XML .ZIP
- Unpack runtime compressed files
- Actions: ask the user
- Heuristic: MACRO , WIN32 MEDIUM
- Logfile report level 1
18/03/2008,19:54:12 [WARNING] Is the Trojan horse TR/Crypt.XPACK.Gen!
C:\WINDOWS\system32\ozbowu.exe
18/03/2008,19:54:18 [WARNING] Is the Trojan horse TR/Crypt.XPACK.Gen!
C:\WINDOWS\system32\ozbowu.exe
18/03/2008,20:56:01 Avira AntiVir PersonalEdition Classic service has been stopped!
18/03/2008,20:57:05 ---------------------------------------------------------
18/03/2008,20:57:09 Keyfile contains a valid license. The Avira AntiVir PersonalEdition Classic will run as a fully functional version!
18/03/2008,20:57:09 AntiVir Guard version: 7.00.00.82,engine version 7.6.0.73,VDF version: 7.0.3.41
18/03/2008,20:57:10 Start Filter Device.
18/03/2008,20:57:10 Avira AntiVir PersonalEdition Classic has been started successfully!
18/03/2008,20:57:10 [CONFIG] On-Access configuration used:
- Files to scan: scan files from local drives
- Device mode: scan files on open, scan files on close
- Only scan files with one of the following extensions: . .386 .?HT* .ACM .ADE .ADP .ANI .APP .ASD .ASF .ASP .ASX .AWX .AX .BAS .BAT .BIN .BOO .CDF .CHM .CLASS .CMD .CNV .COM .CPL .CRT .CSH .DLL .DLO .DO? .DRV .EMF .EML .EXE* .FLT .FOT .HLP .HT* .INF .INI .INS .ISP .J2K .JAR .JFF .JFI .JFIF .JIF .JMH .JNG .JP2 .JPE .JPEG .JPG .JS* .JSE .LNK .LSP .MD? .MDB .MOD .MS? .NWS .OBJ .OCX .OLB .OSD .OV? .PCD .PDF .PDR .PGM .PHP .PIF .PKG .PL* .PNG .POT .PPS .PPT .PRG .RAR .REG .RPL .RTF .SBF .SCR .SCRIPT .SCT .SH .SHA .SHB .SHS .SHTM* .SIS .SPL .SWF .SYS .TLB .TMP
.TSP .TTF .URL .VB? .VCS .VLM .VXD .VXO .WIZ .WLL .WMD .WMF .WMS .WMZ .WPC .WSC .WSF .WSH .WWK .XL? .XML .ZIP
- Unpack runtime compressed files
- Actions: ask the user
- Heuristic: MACRO , WIN32 MEDIUM
- Logfile report level 1
18/03/2008,23:30:13 Avira AntiVir PersonalEdition Classic service has been stopped!
19/03/2008,06:12:09 ---------------------------------------------------------
19/03/2008,06:12:13 Keyfile contains a valid license. The Avira AntiVir PersonalEdition Classic will run as a fully functional version!
19/03/2008,06:12:13 AntiVir Guard version: 7.00.00.82,engine version 7.6.0.73,VDF version: 7.0.3.41
19/03/2008,06:12:14 Start Filter Device.
19/03/2008,06:12:14 Avira AntiVir PersonalEdition Classic has been started successfully!
19/03/2008,06:12:14 [CONFIG] On-Access configuration used:
- Files to scan: scan files from local drives
- Device mode: scan files on open, scan files on close
- Only scan files with one of the following extensions: . .386 .?HT* .ACM .ADE .ADP .ANI .APP .ASD .ASF .ASP .ASX .AWX .AX .BAS .BAT .BIN .BOO .CDF .CHM .CLASS .CMD .CNV .COM .CPL .CRT .CSH .DLL .DLO .DO? .DRV .EMF .EML .EXE* .FLT .FOT .HLP .HT* .INF .INI .INS .ISP .J2K .JAR .JFF .JFI .JFIF .JIF .JMH .JNG .JP2 .JPE .JPEG .JPG .JS* .JSE .LNK .LSP .MD? .MDB .MOD .MS? .NWS .OBJ .OCX .OLB .OSD .OV? .PCD .PDF .PDR .PGM .PHP .PIF .PKG .PL* .PNG .POT .PPS .PPT .PRG .RAR .REG .RPL .RTF .SBF .SCR .SCRIPT .SCT .SH .SHA .SHB .SHS .SHTM* .SIS .SPL .SWF .SYS .TLB .TMP
.TSP .TTF .URL .VB? .VCS .VLM .VXD .VXO .WIZ .WLL .WMD .WMF .WMS .WMZ .WPC .WSC .WSF .WSH .WWK .XL? .XML .ZIP
- Unpack runtime compressed files
- Actions: ask the user
- Heuristic: MACRO , WIN32 MEDIUM
- Logfile report level 1
19/03/2008,06:18:28 Avira AntiVir PersonalEdition Classic service has been stopped!
19/03/2008,07:43:50 ---------------------------------------------------------
19/03/2008,07:43:53 Keyfile contains a valid license. The Avira AntiVir PersonalEdition Classic will run as a fully functional version!
19/03/2008,07:43:53 AntiVir Guard version: 7.00.00.82,engine version 7.6.0.73,VDF version: 7.0.3.41
19/03/2008,07:43:54 Start Filter Device.
19/03/2008,07:43:55 Avira AntiVir PersonalEdition Classic has been started successfully!
19/03/2008,07:43:55 [CONFIG] On-Access configuration used:
- Files to scan: scan files from local drives
- Device mode: scan files on open, scan files on close
- Only scan files with one of the following extensions: . .386 .?HT* .ACM .ADE .ADP .ANI .APP .ASD .ASF .ASP .ASX .AWX .AX .BAS .BAT .BIN .BOO .CDF .CHM .CLASS .CMD .CNV .COM .CPL .CRT .CSH .DLL .DLO .DO? .DRV .EMF .EML .EXE* .FLT .FOT .HLP .HT* .INF .INI .INS .ISP .J2K .JAR .JFF .JFI .JFIF .JIF .JMH .JNG .JP2 .JPE .JPEG .JPG .JS* .JSE .LNK .LSP .MD? .MDB .MOD .MS? .NWS .OBJ .OCX .OLB .OSD .OV? .PCD .PDF .PDR .PGM .PHP .PIF .PKG .PL* .PNG .POT .PPS .PPT .PRG .RAR .REG .RPL .RTF .SBF .SCR .SCRIPT .SCT .SH .SHA .SHB .SHS .SHTM* .SIS .SPL .SWF .SYS .TLB .TMP
.TSP .TTF .URL .VB? .VCS .VLM .VXD .VXO .WIZ .WLL .WMD .WMF .WMS .WMZ .WPC .WSC .WSF .WSH .WWK .XL? .XML .ZIP
- Unpack runtime compressed files
- Actions: ask the user
- Heuristic: MACRO , WIN32 MEDIUM
- Logfile report level 1
19/03/2008,07:48:40 Update process started!
19/03/2008,07:48:44 Current Engine Version: 7.6.0.75
19/03/2008,07:48:44 Current Pattern File: 7.0.3.50 from 19/03/2008, 07:11
19/03/2008,07:48:44 [CONFIG] On-Access configuration used:
- Files to scan: scan files from local drives
- Device mode: scan files on open, scan files on close
- Only scan files with one of the following extensions: . .386 .?HT* .ACM .ADE .ADP .ANI .APP .ASD .ASF .ASP .ASX .AWX .AX .BAS .BAT .BIN .BOO .CDF .CHM .CLASS .CMD .CNV .COM .CPL .CRT .CSH .DLL .DLO .DO? .DRV .EMF .EML .EXE* .FLT .FOT .HLP .HT* .INF .INI .INS .ISP .J2K .JAR .JFF .JFI .JFIF .JIF .JMH .JNG .JP2 .JPE .JPEG .JPG .JS* .JSE .LNK .LSP .MD? .MDB .MOD .MS? .NWS .OBJ .OCX .OLB .OSD .OV? .PCD .PDF .PDR .PGM .PHP .PIF .PKG .PL* .PNG .POT .PPS .PPT .PRG .RAR .REG .RPL .RTF .SBF .SCR .SCRIPT .SCT .SH .SHA .SHB .SHS .SHTM* .SIS .SPL .SWF .SYS .TLB .TMP
.TSP .TTF .URL .VB? .VCS .VLM .VXD .VXO .WIZ .WLL .WMD .WMF .WMS .WMZ .WPC .WSC .WSF .WSH .WWK .XL? .XML .ZIP
- Unpack runtime compressed files
- Actions: ask the user
- Heuristic: MACRO , WIN32 MEDIUM
- Logfile report level 1
19/03/2008,08:53:02 Update process started!
19/03/2008,08:53:04 Current Engine Version: 7.6.0.75
19/03/2008,08:53:04 Current Pattern File: 7.0.3.51 from 19/03/2008, 08:27
19/03/2008,08:53:04 [CONFIG] On-Access configuration used:
- Files to scan: scan files from local drives
- Device mode: scan files on open, scan files on close
- Only scan files with one of the following extensions: . .386 .?HT* .ACM .ADE .ADP .ANI .APP .ASD .ASF .ASP .ASX .AWX .AX .BAS .BAT .BIN .BOO .CDF .CHM .CLASS .CMD .CNV .COM .CPL .CRT .CSH .DLL .DLO .DO? .DRV .EMF .EML .EXE* .FLT .FOT .HLP .HT* .INF .INI .INS .ISP .J2K .JAR .JFF .JFI .JFIF .JIF .JMH .JNG .JP2 .JPE .JPEG .JPG .JS* .JSE .LNK .LSP .MD? .MDB .MOD .MS? .NWS .OBJ .OCX .OLB .OSD .OV? .PCD .PDF .PDR .PGM .PHP .PIF .PKG .PL* .PNG .POT .PPS .PPT .PRG .RAR .REG .RPL .RTF .SBF .SCR .SCRIPT .SCT .SH .SHA .SHB .SHS .SHTM* .SIS .SPL .SWF .SYS .TLB .TMP
.TSP .TTF .URL .VB? .VCS .VLM .VXD .VXO .WIZ .WLL .WMD .WMF .WMS .WMZ .WPC .WSC .WSF .WSH .WWK .XL? .XML .ZIP
- Unpack runtime compressed files
- Actions: ask the user
- Heuristic: MACRO , WIN32 MEDIUM
- Logfile report level 1
19/03/2008,10:17:54 Avira AntiVir PersonalEdition Classic service has been stopped!
19/03/2008,22:47:34 ---------------------------------------------------------
19/03/2008,22:47:37 Keyfile contains a valid license. The Avira AntiVir PersonalEdition Classic will run as a fully functional version!
19/03/2008,22:47:37 AntiVir Guard version: 7.00.00.82,engine version 7.6.0.75,VDF version: 7.0.3.51
19/03/2008,22:47:38 Start Filter Device.
19/03/2008,22:47:38 Avira AntiVir PersonalEdition Classic has been started successfully!
19/03/2008,22:47:38 [CONFIG] On-Access configuration used:
- Files to scan: scan files from local drives
- Device mode: scan files on open, scan files on close
- Only scan files with one of the following extensions: . .386 .?HT* .ACM .ADE .ADP .ANI .APP .ASD .ASF .ASP .ASX .AWX .AX .BAS .BAT .BIN .BOO .CDF .CHM .CLASS .CMD .CNV .COM .CPL .CRT .CSH .DLL .DLO .DO? .DRV .EMF .EML .EXE* .FLT .FOT .HLP .HT* .INF .INI .INS .ISP .J2K .JAR .JFF .JFI .JFIF .JIF .JMH .JNG .JP2 .JPE .JPEG .JPG .JS* .JSE .LNK .LSP .MD? .MDB .MOD .MS? .NWS .OBJ .OCX .OLB .OSD .OV? .PCD .PDF .PDR .PGM .PHP .PIF .PKG .PL* .PNG .POT .PPS .PPT .PRG .RAR .REG .RPL .RTF .SBF .SCR .SCRIPT .SCT .SH .SHA .SHB .SHS .SHTM* .SIS .SPL .SWF .SYS .TLB .TMP
.TSP .TTF .URL .VB? .VCS .VLM .VXD .VXO .WIZ .WLL .WMD .WMF .WMS .WMZ .WPC .WSC .WSF .WSH .WWK .XL? .XML .ZIP
- Unpack runtime compressed files
- Actions: ask the user
- Heuristic: MACRO , WIN32 MEDIUM
- Logfile report level 1
19/03/2008,23:19:34 Avira AntiVir PersonalEdition Classic service has been stopped!
19/03/2008,23:20:33 ---------------------------------------------------------
19/03/2008,23:20:37 Keyfile contains a valid license. The Avira AntiVir PersonalEdition Classic will run as a fully functional version!
19/03/2008,23:20:37 AntiVir Guard version: 7.00.00.82,engine version 7.6.0.75,VDF version: 7.0.3.51
19/03/2008,23:20:38 Start Filter Device.
19/03/2008,23:20:38 Avira AntiVir PersonalEdition Classic has been started successfully!
19/03/2008,23:20:38 [CONFIG] On-Access configuration used:
- Files to scan: scan files from local drives
- Device mode: scan files on open, scan files on close
- Only scan files with one of the following extensions: . .386 .?HT* .ACM .ADE .ADP .ANI .APP .ASD .ASF .ASP .ASX .AWX .AX .BAS .BAT .BIN .BOO .CDF .CHM .CLASS .CMD .CNV .COM .CPL .CRT .CSH .DLL .DLO .DO? .DRV .EMF .EML .EXE* .FLT .FOT .HLP .HT* .INF .INI .INS .ISP .J2K .JAR .JFF .JFI .JFIF .JIF .JMH .JNG .JP2 .JPE .JPEG .JPG .JS* .JSE .LNK .LSP .MD? .MDB .MOD .MS? .NWS .OBJ .OCX .OLB .OSD .OV? .PCD .PDF .PDR .PGM .PHP .PIF .PKG .PL* .PNG .POT .PPS .PPT .PRG .RAR .REG .RPL .RTF .SBF .SCR .SCRIPT .SCT .SH .SHA .SHB .SHS .SHTM* .SIS .SPL .SWF .SYS .TLB .TMP
.TSP .TTF .URL .VB? .VCS .VLM .VXD .VXO .WIZ .WLL .WMD .WMF .WMS .WMZ .WPC .WSC .WSF .WSH .WWK .XL? .XML .ZIP
- Unpack runtime compressed files
- Actions: ask the user
- Heuristic: MACRO , WIN32 MEDIUM
- Logfile report level 1
20/03/2008,00:38:12 Avira AntiVir PersonalEdition Classic service has been stopped!
20/03/2008,11:01:12 ---------------------------------------------------------
20/03/2008,11:01:15 Keyfile contains a valid license. The Avira AntiVir PersonalEdition Classic will run as a fully functional version!
20/03/2008,11:01:15 AntiVir Guard version: 7.00.00.82,engine version 7.6.0.75,VDF version: 7.0.3.51
20/03/2008,11:01:17 Start Filter Device.
20/03/2008,11:01:17 Avira AntiVir PersonalEdition Classic has been started successfully!
20/03/2008,11:01:17 [CONFIG] On-Access configuration used:
- Files to scan: scan files from local drives
- Device mode: scan files on open, scan files on close
- Only scan files with one of the following extensions: . .386 .?HT* .ACM .ADE .ADP .ANI .APP .ASD .ASF .ASP .ASX .AWX .AX .BAS .BAT .BIN .BOO .CDF .CHM .CLASS .CMD .CNV .COM .CPL .CRT .CSH .DLL .DLO .DO? .DRV .EMF .EML .EXE* .FLT .FOT .HLP .HT* .INF .INI .INS .ISP .J2K .JAR .JFF .JFI .JFIF .JIF .JMH .JNG .JP2 .JPE .JPEG .JPG .JS* .JSE .LNK .LSP .MD? .MDB .MOD .MS? .NWS .OBJ .OCX .OLB .OSD .OV? .PCD .PDF .PDR .PGM .PHP .PIF .PKG .PL* .PNG .POT .PPS .PPT .PRG .RAR .REG .RPL .RTF .SBF .SCR .SCRIPT .SCT .SH .SHA .SHB .SHS .SHTM* .SIS .SPL .SWF .SYS .TLB .TMP
.TSP .TTF .URL .VB? .VCS .VLM .VXD .VXO .WIZ .WLL .WMD .WMF .WMS .WMZ .WPC .WSC .WSF .WSH .WWK .XL? .XML .ZIP
- Unpack runtime compressed files
- Actions: ask the user
- Heuristic: MACRO , WIN32 MEDIUM
- Logfile report level 1
20/03/2008,11:03:43 [CONFIG] On-Access configuration used:
- Files to scan: scan files from local drives
- Device mode: scan files on open, scan files on close
- Only scan files with one of the following extensions: . .386 .?HT* .ACM .ADE .ADP .ANI .APP .ASD .ASF .ASP .ASX .AWX .AX .BAS .BAT .BIN .BOO .CDF .CHM .CLASS .CMD .CNV .COM .CPL .CRT .CSH .DLL .DLO .DO? .DRV .EMF .EML .EXE* .FLT .FOT .HLP .HT* .INF .INI .INS .ISP .J2K .JAR .JFF .JFI .JFIF .JIF .JMH .JNG .JP2 .JPE .JPEG .JPG .JS* .JSE .LNK .LSP .MD? .MDB .MOD .MS? .NWS .OBJ .OCX .OLB .OSD .OV? .PCD .PDF .PDR .PGM .PHP .PIF .PKG .PL* .PNG .POT .PPS .PPT .PRG .RAR .REG .RPL .RTF .SBF .SCR .SCRIPT .SCT .SH .SHA .SHB .SHS .SHTM* .SIS .SPL .SWF .SYS .TLB .TMP
.TSP .TTF .URL .VB? .VCS .VLM .VXD .VXO .WIZ .WLL .WMD .WMF .WMS .WMZ .WPC .WSC .WSF .WSH .WWK .XL? .XML .ZIP
- Unpack runtime compressed files
- Actions: ask the user
- Heuristic: MACRO , WIN32 MEDIUM
- Logfile report level 1
20/03/2008,11:05:27 Update process started!
20/03/2008,11:05:29 Current Engine Version: 7.6.0.75
20/03/2008,11:05:29 Current Pattern File: 7.0.3.59 from 20/03/2008, 10:32
20/03/2008,11:05:30 [CONFIG] On-Access configuration used:
- Files to scan: scan files from local drives
- Device mode: scan files on open, scan files on close
- Only scan files with one of the following extensions: . .386 .?HT* .ACM .ADE .ADP .ANI .APP .ASD .ASF .ASP .ASX .AWX .AX .BAS .BAT .BIN .BOO .CDF .CHM .CLASS .CMD .CNV .COM .CPL .CRT .CSH .DLL .DLO .DO? .DRV .EMF .EML .EXE* .FLT .FOT .HLP .HT* .INF .INI .INS .ISP .J2K .JAR .JFF .JFI .JFIF .JIF .JMH .JNG .JP2 .JPE .JPEG .JPG .JS* .JSE .LNK .LSP .MD? .MDB .MOD .MS? .NWS .OBJ .OCX .OLB .OSD .OV? .PCD .PDF .PDR .PGM .PHP .PIF .PKG .PL* .PNG .POT .PPS .PPT .PRG .RAR .REG .RPL .RTF .SBF .SCR .SCRIPT .SCT .SH .SHA .SHB .SHS .SHTM* .SIS .SPL .SWF .SYS .TLB .TMP
.TSP .TTF .URL .VB? .VCS .VLM .VXD .VXO .WIZ .WLL .WMD .WMF .WMS .WMZ .WPC .WSC .WSF .WSH .WWK .XL? .XML .ZIP
- Unpack runtime compressed files
- Actions: ask the user
- Heuristic: MACRO , WIN32 MEDIUM
- Logfile report level 1
20/03/2008,12:03:34 [WARNING] Is the Trojan horse TR/Trash.Gen!
C:\System Volume Information\_restore{75A78811-67CB-44E9-8A11-CBE5A3BE447A}\RP2\A0000046.exe
20/03/2008,15:33:34 [WARNING] Is the Trojan horse TR/Trash.Gen!
C:\System Volume Information\_restore{75A78811-67CB-44E9-8A11-CBE5A3BE447A}\RP2\A0000046.exe
[INFO] The file will be deleted.
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 7
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
20 mars 2008 à 18:26
slt ,le rapport antivir n'est pas bon

regarde dans ce post ce que donne un rapport antivir (message numero 8)

http://www.commentcamarche.net/forum/affich 4417969 virus search daily#dernier



_________________


désactive la restauration système pour purger les virus qui seraient dedans puis réactive là : https://www.informatruc.com


ensuite refais antivir et colle moi le bon rapport

a plus
0
Réponse 6 / 7
levagurod Messages postés 17 Date d'inscription lundi 17 mars 2008 Statut Membre Dernière intervention 20 mars 2008
20 mars 2008 à 18:32
http://www.commentcamarche.net/forum/affich 4417969 virus search daily#dernier; Cette page n'existe plus.
0
Réponse 7 / 7
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
20 mars 2008 à 19:03
http://www.commentcamarche.net/forum/affich 4417969 virus search daily#dernier
0
levagurod Messages postés 17 Date d'inscription lundi 17 mars 2008 Statut Membre Dernière intervention 20 mars 2008
20 mars 2008 à 22:09
Voila le rapport d'Antivir

AntiVir PersonalEdition Classic
Report file date: jeudi 20 mars 2008 18:38

Scanning for 1159861 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: Philippe
Computer name: XXXX-GDFSF00ZE0

Version information:
BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:20
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 14:27:15
ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 07:56:27
ANTIVIR2.VDF : 7.0.3.3 2048 Bytes 07/03/2008 07:56:27
ANTIVIR3.VDF : 7.0.3.59 324608 Bytes 20/03/2008 10:05:27
AVEWIN32.DLL : 7.6.0.75 3334656 Bytes 19/03/2008 06:48:40
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24
AVPACK32.DLL : 7.6.0.3 360488 Bytes 16/03/2008 07:56:29
AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 11:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 12:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:21

Configuration settings for the scan:
Jobname..........................: Local Hard Disks
Configuration file...............: c:\program files\avira\antivir personaledition classic\alldiscs.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: D:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: jeudi 20 mars 2008 18:38

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'bdmcon.exe' - '1' Module(s) have been scanned
Scan process 'bdss.exe' - '1' Module(s) have been scanned
Scan process 'firefox.exe' - '1' Module(s) have been scanned
Scan process 'MDM.EXE' - '1' Module(s) have been scanned
Scan process 'CLI.exe' - '1' Module(s) have been scanned
Scan process 'CLI.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'iPodService.exe' - '1' Module(s) have been scanned
Scan process 'wmpnetwk.exe' - '1' Module(s) have been scanned
Scan process 'xcommsvr.exe' - '1' Module(s) have been scanned
Scan process 'MsPMSPSv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'retrorun.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'CTsvcCDA.EXE' - '1' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'WZQKPICK.EXE' - '1' Module(s) have been scanned
Scan process 'ONENOTEM.EXE' - '1' Module(s) have been scanned
Scan process 'TosBtHSP.exe' - '1' Module(s) have been scanned
Scan process 'TosBtHid.exe' - '1' Module(s) have been scanned
Scan process 'TosA2dp.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'TosBtMng.exe' - '1' Module(s) have been scanned
Scan process 'TeaTimer.exe' - '1' Module(s) have been scanned
Scan process 'wmpnscfg.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'PicasaMediaDetector.exe' - '1' Module(s) have been scanned
Scan process 'Eraser.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'iTunesHelper.exe' - '1' Module(s) have been scanned
Scan process 'HOMERunner.exe' - '1' Module(s) have been scanned
Scan process 'gnotify.exe' - '1' Module(s) have been scanned
Scan process 'CLI.exe' - '1' Module(s) have been scanned
Scan process 'realsched.exe' - '1' Module(s) have been scanned
Scan process 'CloneCDTray.exe' - '1' Module(s) have been scanned
Scan process 'AcroTray.exe' - '1' Module(s) have been scanned
Scan process 'daemon.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'aawservice.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'MsMpEng.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
58 processes with 58 modules were scanned

Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Boot sector 'D:\'
[NOTE] No virus was found!

Starting to scan the registry.
The registry was scanned ( '47' files ).


Starting the file scan:

Begin scan in 'C:\' <Data 1>
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\WINDOWS\system32\drivers\atapi.sys
[WARNING] The file could not be opened!
C:\WINDOWS\system32\drivers\sptd.sys
[WARNING] The file could not be opened!
C:\WINDOWS\system32\drivers\sptd8893.sys
[WARNING] The file could not be opened!
Begin scan in 'D:\' <Data 2>


End of the scan: jeudi 20 mars 2008 21:44
Used time: 3:06:06 min

The scan has been done completely.

10156 Scanning directories
445699 Files were scanned
0 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
4 Files cannot be scanned
445699 Files not concerned
2742 Archives were scanned
4 Warnings
9 Notes
0

Discussions similaires

Est ce que le site tlauncher est dangereux ?
caribou -
bazfile -

1 réponse
Comment retrouver le presse papier sur iPhone ?
Slilluu -
Ascaris -

6 réponses
Sa veux dire koi??Subject: FW: Tr :FW: TR: TR
france22 -
ghano0666545160 -

12 réponses
Comment savoir si j'ai attrapé un virus sur mon téléphone ?
Infolock -
bell -

66 réponses
Comment ouvrir le presse papier et retrouver tous les copiers
JusDeCoco02 -
madmyke -

9 réponses