Encore à propos du trojan Vundo
Utilisateur anonyme
-
Utilisateur anonyme -
Utilisateur anonyme -
Bonjour,
je suis une petite débutante dans l'informatique et bien que j'ai lu avec attention tous vos messages à propos de la détection et l'éradication de ce trojan, il est encore présent dans mon ordi. Je vous explique la situation: antivir me détecte Vundo sous ces noms là: TR/Vundo.AG ou TR/Vundo.Gen ou TR/Dldr.WMA.Wimad.N. Spybot, A-squared Ad-aware et AVG ne me le détectait pas au début. Quelques jours après, Spybot m'a detecté Virtumonde. Il me l'enlevait, le trouvait ... (J'ai appris plus tard que Virtumonde est l'autre nom de Vundo. ) Mais les autres logiciels de protection ne me détectaient rien. J'ai alors téléchargé des anti-trojan comme Trojan remover, Fixvundo, ou un anti-virus qui s'appelle Multicleaner, bref aucune détection non plus ou alors s'ils détectaient quelque chose, ils l'effaçait et me disait qu'il n'y avait pus rien. Je redémarre l'ordi, je refais des scan, rien n'est détecté mais j'ai toujours Antivir qui m'informe qu'il y a un un trojan. Comment faire merci?
je suis une petite débutante dans l'informatique et bien que j'ai lu avec attention tous vos messages à propos de la détection et l'éradication de ce trojan, il est encore présent dans mon ordi. Je vous explique la situation: antivir me détecte Vundo sous ces noms là: TR/Vundo.AG ou TR/Vundo.Gen ou TR/Dldr.WMA.Wimad.N. Spybot, A-squared Ad-aware et AVG ne me le détectait pas au début. Quelques jours après, Spybot m'a detecté Virtumonde. Il me l'enlevait, le trouvait ... (J'ai appris plus tard que Virtumonde est l'autre nom de Vundo. ) Mais les autres logiciels de protection ne me détectaient rien. J'ai alors téléchargé des anti-trojan comme Trojan remover, Fixvundo, ou un anti-virus qui s'appelle Multicleaner, bref aucune détection non plus ou alors s'ils détectaient quelque chose, ils l'effaçait et me disait qu'il n'y avait pus rien. Je redémarre l'ordi, je refais des scan, rien n'est détecté mais j'ai toujours Antivir qui m'informe qu'il y a un un trojan. Comment faire merci?
A voir également:
- Encore à propos du trojan Vundo
- Trojan remover - Télécharger - Antivirus & Antimalwares
- Anti trojan - Télécharger - Antivirus & Antimalwares
- Virus trojan al11 ✓ - Forum Virus
- Csrss.exe trojan fr ✓ - Forum Virus
- Trojan win32 - Forum Virus
5 réponses
slt,
Télécharge Combofix de sUBs : Renomme le avant toute installation, par exemple, nomme le "KillBagle". aide ici : https://forum.pcastuces.com/sujet.asp?f=25&s=37315
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Sauvegarde le sur ton bureau et pas ailleurs !
Aide à l’utilisation de combofix ici: https://bibou0007.forumpro.fr/login?redirect=%2Ft121-topic
Double-clic sur combofix, Il va te poser une question, réponds par la touche 1 et entrée pour valider, laisse toi guider.
Attends que combofix ait terminé, un rapport sera créé. Poste le rapport.
_______
colle un rapport hijackthis
http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis/download
manuel :
http://pagesperso-orange.fr/rginformatique/section%20virus/demohijack.htm
https://leblogdeclaude.blogspot.com/2006/10/informatique-section-hijackthis.html
Je conseille de renomer Hijackthis, pour contrer une éventuelle infection de Vundo.
ex:Renomme le fichier HijackThis.exe en eden.exe pour cela, fais un clic droit sur le fichier HijackThis.exe et choisis renommer dans la liste
Ensuite avec Explorer créer un dossier c:\hijackthis
Décompresser Hijackthis dans ce dossier.
C'est important pour les sauvegardes."
_______________
colle le rapport antivir pour voir aussi
Télécharge Combofix de sUBs : Renomme le avant toute installation, par exemple, nomme le "KillBagle". aide ici : https://forum.pcastuces.com/sujet.asp?f=25&s=37315
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Sauvegarde le sur ton bureau et pas ailleurs !
Aide à l’utilisation de combofix ici: https://bibou0007.forumpro.fr/login?redirect=%2Ft121-topic
Double-clic sur combofix, Il va te poser une question, réponds par la touche 1 et entrée pour valider, laisse toi guider.
Attends que combofix ait terminé, un rapport sera créé. Poste le rapport.
_______
colle un rapport hijackthis
http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis/download
manuel :
http://pagesperso-orange.fr/rginformatique/section%20virus/demohijack.htm
https://leblogdeclaude.blogspot.com/2006/10/informatique-section-hijackthis.html
Je conseille de renomer Hijackthis, pour contrer une éventuelle infection de Vundo.
ex:Renomme le fichier HijackThis.exe en eden.exe pour cela, fais un clic droit sur le fichier HijackThis.exe et choisis renommer dans la liste
Ensuite avec Explorer créer un dossier c:\hijackthis
Décompresser Hijackthis dans ce dossier.
C'est important pour les sauvegardes."
_______________
colle le rapport antivir pour voir aussi
Alors voici le rapport de Combo :
ComboFix 08-04-10.9 - Julie 2008-04-11 18:14:11.2 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.277 [GMT 2:00]
Endroit: C:\Documents and Settings\Julie\Bureau\Combo-Fix.exe
* Création d'un nouveau point de restauration
[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.
((((((((((((((((((((((((((((( Fichiers créés 2008-03-11 to 2008-04-11 ))))))))))))))))))))))))))))))))))))
.
2008-04-11 17:06 . 2008-04-11 17:06 <REP> d-------- C:\Program Files\Enigma Software Group
2008-04-11 15:40 . 2008-04-11 15:54 <REP> d-------- C:\Program Files\Zylom Games
2008-04-11 15:40 . 2008-04-11 15:40 <REP> d-------- C:\Documents and Settings\Julie\Application Data\Zylom
2008-04-11 15:40 . 2008-04-11 15:40 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Zylom
2008-04-11 13:02 . 2008-04-11 13:02 <REP> d-------- C:\Program Files\Trojan Remover
2008-04-11 13:02 . 2008-04-11 13:02 <REP> d-------- C:\Documents and Settings\Julie\Application Data\Simply Super Software
2008-04-11 13:02 . 2008-04-11 13:02 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Simply Super Software
2008-04-11 00:03 . 2008-04-11 00:03 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Christmasville
2008-04-10 21:35 . 2008-04-10 21:35 <REP> d-------- C:\Documents and Settings\Julie\Saved Games
2008-04-10 21:25 . 2008-04-10 21:25 <REP> d-------- C:\Program Files\GamesBar
2008-04-10 21:24 . 2008-04-11 10:07 <REP> d-------- C:\Program Files\Gamenext
2008-04-09 23:45 . 2008-04-09 23:45 <REP> d-------- C:\Documents and Settings\NetworkService\Application Data\AVG7
2008-04-09 23:37 . 2008-04-09 23:39 <REP> d-------- C:\reffiles
2008-04-09 23:37 . 2008-04-09 23:37 <REP> d-------- C:\Program Files\DARSITE
2008-04-09 23:33 . 2008-04-09 23:33 <REP> d-------- C:\Downloads
2008-04-09 23:33 . 2008-04-09 23:36 <REP> d-------- C:\Documents and Settings\Julie\Application Data\GetRightToGo
2008-04-09 23:08 . 2008-04-11 14:24 <REP> d-------- C:\Program Files\Panda Security
2008-04-09 22:00 . 2008-04-09 22:00 <REP> d-------- C:\Program Files\Google
2008-04-09 22:00 . 2006-10-05 04:42 2,560 --------- C:\WINDOWS\system32\drivers\cdralw2k.sys
2008-04-09 22:00 . 2006-10-05 04:42 2,432 --------- C:\WINDOWS\system32\drivers\cdr4_xp.sys
2008-04-09 21:49 . 2008-04-09 21:49 <REP> d-------- C:\Documents and Settings\LocalService\Application Data\AVG7
2008-04-09 21:49 . 2008-04-11 13:05 <REP> d-------- C:\Documents and Settings\Julie\Application Data\AVG7
2008-04-09 21:48 . 2008-04-09 21:48 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-04-09 21:38 . 2008-04-11 13:08 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-04-09 21:38 . 2006-05-25 15:52 162,304 --a------ C:\WINDOWS\system32\ztvunrar36.dll
2008-04-09 21:38 . 2003-02-02 20:06 153,088 --a------ C:\WINDOWS\system32\UNRAR3.dll
2008-04-09 21:38 . 2005-08-26 01:50 77,312 --a------ C:\WINDOWS\system32\ztvunace26.dll
2008-04-09 21:38 . 2002-03-06 01:00 75,264 --a------ C:\WINDOWS\system32\unacev2.dll
2008-04-09 21:38 . 2006-06-19 13:01 69,632 --a------ C:\WINDOWS\system32\ztvcabinet.dll
2008-04-09 21:30 . 2008-04-09 21:30 <REP> d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-04-09 21:24 . 2008-04-09 21:24 <REP> d-------- C:\Program Files\Lavasoft
2008-04-09 00:11 . 2008-04-09 00:11 <REP> d-------- C:\WINDOWS\Downloaded Installations
2008-04-09 00:11 . 2008-04-09 00:11 <REP> d-------- C:\Program Files\Veoh Networks
2008-04-08 17:23 . 2008-04-08 17:23 <REP> d-------- C:\Program Files\Logiciel Soliland
2008-04-08 17:23 . 2007-12-15 15:14 537,872 --a------ C:\WINDOWS\system32\msxml20.dll
2008-04-07 21:45 . 2008-04-07 21:45 0 --a------ C:\WINDOWS\iPlayer.INI
2008-04-07 21:44 . 2008-04-07 21:47 <REP> d-------- C:\Program Files\InterActual
2008-04-07 19:20 . 2008-04-11 10:06 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avg7
2008-04-07 15:16 . 2008-04-07 15:16 <REP> d-------- C:\Program Files\OpenOffice.org 2.4
2008-04-06 00:38 . 2008-04-09 22:00 <REP> d-------- C:\Program Files\Picasa2
2008-04-06 00:31 . 2008-04-06 00:31 <REP> d-------- C:\Program Files\SoftChris
2008-04-02 15:59 . 2008-04-07 19:22 312 --a------ C:\WINDOWS\wininit.ini
2008-03-24 21:54 . 2008-03-24 21:54 <REP> d-------- C:\Documents and Settings\NetworkService\Mes documents
2008-03-24 18:55 . 2008-04-11 12:15 <REP> d-------- C:\VundoFix Backups
2008-03-24 17:41 . 2008-03-24 17:41 98,304 --a------ C:\WINDOWS\system32CmdLineExt.dll
2008-03-24 15:39 . 2008-03-24 15:39 <REP> d-------- C:\Program Files\LimeWire
2008-03-24 15:39 . 2008-04-10 20:23 <REP> d-------- C:\Documents and Settings\Julie\Application Data\LimeWire
2008-03-24 15:39 . 2008-03-24 15:39 38,912 --a------ C:\WINDOWS\system32\efcbaaa.dll.vir
2008-03-21 21:05 . 2008-04-06 00:41 <REP> d-------- C:\Program Files\BoontyGames
2008-03-20 20:22 . 2008-03-20 20:22 <REP> d-------- C:\Documents and Settings\Julie\Application Data\Printer Info Cache
2008-03-16 13:37 . 2008-03-16 13:37 108,336 --------- C:\WINDOWS\system32\mswinsck.ocx
2008-03-16 13:37 . 2008-03-16 13:37 15,872 --------- C:\WINDOWS\system32\winskfr.dll
2008-03-15 21:37 . 2008-03-15 21:38 <REP> d-------- C:\WINDOWS\UbiSoft
2008-03-13 22:47 . 2008-03-13 22:47 <REP> d-------- C:\Program Files\HgProgrammes
2008-03-13 22:47 . 2008-03-13 22:47 <REP> d-------- C:\Program Files\Fichiers communs\PC SOFT
2008-03-13 22:47 . 2008-03-13 22:47 <REP> d-------- C:\Documents and Settings\All Users\Application Data\HgProgrammes
2008-03-13 22:47 . 2008-03-13 22:47 0 --a------ C:\WINDOWS\fix321854
2008-03-12 20:35 . 2008-03-12 20:36 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-03-12 20:05 . 2007-10-30 00:43 1,293,824 -----c--- C:\WINDOWS\system32\dllcache\quartz.dll
2008-03-12 19:52 . 2008-03-12 19:52 <REP> d-------- C:\Program Files\Avira
2008-03-12 19:52 . 2008-03-12 19:52 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira
2008-03-12 14:04 . 2008-04-07 21:41 <REP> d-------- C:\Documents and Settings\Julie\Application Data\dvdcss
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-11 14:17 --------- d-----w C:\Documents and Settings\Julie\Application Data\OpenOffice.org2
2008-04-11 12:22 22,528 ----a-w C:\WINDOWS\system32\drivers\nhcDriver.sys
2008-04-11 10:32 --------- d-----w C:\Program Files\a-squared Free
sinon comment faut-il faire pour créer un dossier avec Explorer pour HijackThis?
ComboFix 08-04-10.9 - Julie 2008-04-11 18:14:11.2 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.277 [GMT 2:00]
Endroit: C:\Documents and Settings\Julie\Bureau\Combo-Fix.exe
* Création d'un nouveau point de restauration
[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.
((((((((((((((((((((((((((((( Fichiers créés 2008-03-11 to 2008-04-11 ))))))))))))))))))))))))))))))))))))
.
2008-04-11 17:06 . 2008-04-11 17:06 <REP> d-------- C:\Program Files\Enigma Software Group
2008-04-11 15:40 . 2008-04-11 15:54 <REP> d-------- C:\Program Files\Zylom Games
2008-04-11 15:40 . 2008-04-11 15:40 <REP> d-------- C:\Documents and Settings\Julie\Application Data\Zylom
2008-04-11 15:40 . 2008-04-11 15:40 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Zylom
2008-04-11 13:02 . 2008-04-11 13:02 <REP> d-------- C:\Program Files\Trojan Remover
2008-04-11 13:02 . 2008-04-11 13:02 <REP> d-------- C:\Documents and Settings\Julie\Application Data\Simply Super Software
2008-04-11 13:02 . 2008-04-11 13:02 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Simply Super Software
2008-04-11 00:03 . 2008-04-11 00:03 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Christmasville
2008-04-10 21:35 . 2008-04-10 21:35 <REP> d-------- C:\Documents and Settings\Julie\Saved Games
2008-04-10 21:25 . 2008-04-10 21:25 <REP> d-------- C:\Program Files\GamesBar
2008-04-10 21:24 . 2008-04-11 10:07 <REP> d-------- C:\Program Files\Gamenext
2008-04-09 23:45 . 2008-04-09 23:45 <REP> d-------- C:\Documents and Settings\NetworkService\Application Data\AVG7
2008-04-09 23:37 . 2008-04-09 23:39 <REP> d-------- C:\reffiles
2008-04-09 23:37 . 2008-04-09 23:37 <REP> d-------- C:\Program Files\DARSITE
2008-04-09 23:33 . 2008-04-09 23:33 <REP> d-------- C:\Downloads
2008-04-09 23:33 . 2008-04-09 23:36 <REP> d-------- C:\Documents and Settings\Julie\Application Data\GetRightToGo
2008-04-09 23:08 . 2008-04-11 14:24 <REP> d-------- C:\Program Files\Panda Security
2008-04-09 22:00 . 2008-04-09 22:00 <REP> d-------- C:\Program Files\Google
2008-04-09 22:00 . 2006-10-05 04:42 2,560 --------- C:\WINDOWS\system32\drivers\cdralw2k.sys
2008-04-09 22:00 . 2006-10-05 04:42 2,432 --------- C:\WINDOWS\system32\drivers\cdr4_xp.sys
2008-04-09 21:49 . 2008-04-09 21:49 <REP> d-------- C:\Documents and Settings\LocalService\Application Data\AVG7
2008-04-09 21:49 . 2008-04-11 13:05 <REP> d-------- C:\Documents and Settings\Julie\Application Data\AVG7
2008-04-09 21:48 . 2008-04-09 21:48 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-04-09 21:38 . 2008-04-11 13:08 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-04-09 21:38 . 2006-05-25 15:52 162,304 --a------ C:\WINDOWS\system32\ztvunrar36.dll
2008-04-09 21:38 . 2003-02-02 20:06 153,088 --a------ C:\WINDOWS\system32\UNRAR3.dll
2008-04-09 21:38 . 2005-08-26 01:50 77,312 --a------ C:\WINDOWS\system32\ztvunace26.dll
2008-04-09 21:38 . 2002-03-06 01:00 75,264 --a------ C:\WINDOWS\system32\unacev2.dll
2008-04-09 21:38 . 2006-06-19 13:01 69,632 --a------ C:\WINDOWS\system32\ztvcabinet.dll
2008-04-09 21:30 . 2008-04-09 21:30 <REP> d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-04-09 21:24 . 2008-04-09 21:24 <REP> d-------- C:\Program Files\Lavasoft
2008-04-09 00:11 . 2008-04-09 00:11 <REP> d-------- C:\WINDOWS\Downloaded Installations
2008-04-09 00:11 . 2008-04-09 00:11 <REP> d-------- C:\Program Files\Veoh Networks
2008-04-08 17:23 . 2008-04-08 17:23 <REP> d-------- C:\Program Files\Logiciel Soliland
2008-04-08 17:23 . 2007-12-15 15:14 537,872 --a------ C:\WINDOWS\system32\msxml20.dll
2008-04-07 21:45 . 2008-04-07 21:45 0 --a------ C:\WINDOWS\iPlayer.INI
2008-04-07 21:44 . 2008-04-07 21:47 <REP> d-------- C:\Program Files\InterActual
2008-04-07 19:20 . 2008-04-11 10:06 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avg7
2008-04-07 15:16 . 2008-04-07 15:16 <REP> d-------- C:\Program Files\OpenOffice.org 2.4
2008-04-06 00:38 . 2008-04-09 22:00 <REP> d-------- C:\Program Files\Picasa2
2008-04-06 00:31 . 2008-04-06 00:31 <REP> d-------- C:\Program Files\SoftChris
2008-04-02 15:59 . 2008-04-07 19:22 312 --a------ C:\WINDOWS\wininit.ini
2008-03-24 21:54 . 2008-03-24 21:54 <REP> d-------- C:\Documents and Settings\NetworkService\Mes documents
2008-03-24 18:55 . 2008-04-11 12:15 <REP> d-------- C:\VundoFix Backups
2008-03-24 17:41 . 2008-03-24 17:41 98,304 --a------ C:\WINDOWS\system32CmdLineExt.dll
2008-03-24 15:39 . 2008-03-24 15:39 <REP> d-------- C:\Program Files\LimeWire
2008-03-24 15:39 . 2008-04-10 20:23 <REP> d-------- C:\Documents and Settings\Julie\Application Data\LimeWire
2008-03-24 15:39 . 2008-03-24 15:39 38,912 --a------ C:\WINDOWS\system32\efcbaaa.dll.vir
2008-03-21 21:05 . 2008-04-06 00:41 <REP> d-------- C:\Program Files\BoontyGames
2008-03-20 20:22 . 2008-03-20 20:22 <REP> d-------- C:\Documents and Settings\Julie\Application Data\Printer Info Cache
2008-03-16 13:37 . 2008-03-16 13:37 108,336 --------- C:\WINDOWS\system32\mswinsck.ocx
2008-03-16 13:37 . 2008-03-16 13:37 15,872 --------- C:\WINDOWS\system32\winskfr.dll
2008-03-15 21:37 . 2008-03-15 21:38 <REP> d-------- C:\WINDOWS\UbiSoft
2008-03-13 22:47 . 2008-03-13 22:47 <REP> d-------- C:\Program Files\HgProgrammes
2008-03-13 22:47 . 2008-03-13 22:47 <REP> d-------- C:\Program Files\Fichiers communs\PC SOFT
2008-03-13 22:47 . 2008-03-13 22:47 <REP> d-------- C:\Documents and Settings\All Users\Application Data\HgProgrammes
2008-03-13 22:47 . 2008-03-13 22:47 0 --a------ C:\WINDOWS\fix321854
2008-03-12 20:35 . 2008-03-12 20:36 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-03-12 20:05 . 2007-10-30 00:43 1,293,824 -----c--- C:\WINDOWS\system32\dllcache\quartz.dll
2008-03-12 19:52 . 2008-03-12 19:52 <REP> d-------- C:\Program Files\Avira
2008-03-12 19:52 . 2008-03-12 19:52 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira
2008-03-12 14:04 . 2008-04-07 21:41 <REP> d-------- C:\Documents and Settings\Julie\Application Data\dvdcss
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-11 14:17 --------- d-----w C:\Documents and Settings\Julie\Application Data\OpenOffice.org2
2008-04-11 12:22 22,528 ----a-w C:\WINDOWS\system32\drivers\nhcDriver.sys
2008-04-11 10:32 --------- d-----w C:\Program Files\a-squared Free
sinon comment faut-il faire pour créer un dossier avec Explorer pour HijackThis?
vire ce fichier en allant dans poste de travail puis c
C:\WINDOWS\system32\efcbaaa.dll.vir
___
pour hijackhtis
manuel :
http://pagesperso-orange.fr/rginformatique/section%20virus/demohijack.htm
____
puis colle un rapport antivir
C:\WINDOWS\system32\efcbaaa.dll.vir
___
pour hijackhtis
manuel :
http://pagesperso-orange.fr/rginformatique/section%20virus/demohijack.htm
____
puis colle un rapport antivir
Je suis désolée mais tu peux expliquer plus clairement parce que là je vois pas du tout comment faire ... je n'y connais vraiment rien et le peu que je sache c'est grâce à mon copain qui d'habitude s'occupe de mon ordi.
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Rapport d'Antivir :
AntiVir PersonalEdition Classic
Report file date: vendredi 11 avril 2008 18:25
Scanning for 1193728 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: SYSTEM
Computer name: XPSP2-16EF3D2CA
Version information:
BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:20
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 14:27:15
ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 18:13:42
ANTIVIR2.VDF : 7.0.3.127 649216 Bytes 07/04/2008 19:17:32
ANTIVIR3.VDF : 7.0.3.150 135168 Bytes 10/04/2008 19:17:50
AVEWIN32.DLL : 7.6.0.84 3461632 Bytes 10/04/2008 19:17:50
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24
AVPACK32.DLL : 7.6.0.3 360488 Bytes 12/03/2008 18:13:43
AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 11:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 12:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:21
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: C:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: vendredi 11 avril 2008 18:25
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'soffice.bin' - '1' Module(s) have been scanned
Scan process 'soffice.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'TeaTimer.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'SpyHunter3.exe' - '1' Module(s) have been scanned
Scan process 'usnsvc.exe' - '1' Module(s) have been scanned
Scan process 'firefox.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'wscntfy.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'HPZipm12.exe' - '1' Module(s) have been scanned
Scan process 'avgemc.exe' - '1' Module(s) have been scanned
Scan process 'avgupsvc.exe' - '1' Module(s) have been scanned
Scan process 'avgamsvr.exe' - '1' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'a2service.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'VeohClient.exe' - '1' Module(s) have been scanned
Scan process 'RocketDock.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'avgcc.exe' - '1' Module(s) have been scanned
Scan process 'SolilandUpdate.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'nhc.exe' - '1' Module(s) have been scanned
Scan process 'igfxpers.exe' - '1' Module(s) have been scanned
Scan process 'hkcmd.exe' - '1' Module(s) have been scanned
Scan process 'aawservice.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
44 processes with 44 modules were scanned
Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Starting to scan the registry.
The registry was scanned ( '37' files ).
Starting the file scan:
Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\WINDOWS\system32\drivers\sptd.sys
[WARNING] The file could not be opened!
End of the scan: vendredi 11 avril 2008 19:10
Used time: 44:47 min
The scan has been done completely.
7037 Scanning directories
322563 Files were scanned
0 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
322563 Files not concerned
2281 Archives were scanned
2 Warnings
46 Notes
AntiVir PersonalEdition Classic
Report file date: vendredi 11 avril 2008 18:25
Scanning for 1193728 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: SYSTEM
Computer name: XPSP2-16EF3D2CA
Version information:
BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:20
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 14:27:15
ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 18:13:42
ANTIVIR2.VDF : 7.0.3.127 649216 Bytes 07/04/2008 19:17:32
ANTIVIR3.VDF : 7.0.3.150 135168 Bytes 10/04/2008 19:17:50
AVEWIN32.DLL : 7.6.0.84 3461632 Bytes 10/04/2008 19:17:50
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24
AVPACK32.DLL : 7.6.0.3 360488 Bytes 12/03/2008 18:13:43
AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 11:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 12:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:21
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: C:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: vendredi 11 avril 2008 18:25
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'soffice.bin' - '1' Module(s) have been scanned
Scan process 'soffice.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'TeaTimer.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'SpyHunter3.exe' - '1' Module(s) have been scanned
Scan process 'usnsvc.exe' - '1' Module(s) have been scanned
Scan process 'firefox.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'wscntfy.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'HPZipm12.exe' - '1' Module(s) have been scanned
Scan process 'avgemc.exe' - '1' Module(s) have been scanned
Scan process 'avgupsvc.exe' - '1' Module(s) have been scanned
Scan process 'avgamsvr.exe' - '1' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'a2service.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'VeohClient.exe' - '1' Module(s) have been scanned
Scan process 'RocketDock.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'avgcc.exe' - '1' Module(s) have been scanned
Scan process 'SolilandUpdate.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'nhc.exe' - '1' Module(s) have been scanned
Scan process 'igfxpers.exe' - '1' Module(s) have been scanned
Scan process 'hkcmd.exe' - '1' Module(s) have been scanned
Scan process 'aawservice.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
44 processes with 44 modules were scanned
Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Starting to scan the registry.
The registry was scanned ( '37' files ).
Starting the file scan:
Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\WINDOWS\system32\drivers\sptd.sys
[WARNING] The file could not be opened!
End of the scan: vendredi 11 avril 2008 19:10
Used time: 44:47 min
The scan has been done completely.
7037 Scanning directories
322563 Files were scanned
0 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
322563 Files not concerned
2281 Archives were scanned
2 Warnings
46 Notes
