Sujet Précédent Sujet Suivant

Analyse rapport antivir

leon95 Messages postés 1231 Statut Membre -  
leon95 Messages postés 1231 Statut Membre -
Bonjour,
aniviri a trouve un truc et l a mis en quarantaine.je vous poste le rapport.;pouvez vous me dire si y a rien d autre a faire..merci d avance

Avira AntiVir Personal
Report file date: mardi 15 avril 2008 17:00

Scanning for 1202665 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Normally booted
Username: SYSTEM
Computer name: ORDINATEUR

Version information:
BUILD.DAT : 8.1.00.295 16479 Bytes 09/04/2008 16:24:00
AVSCAN.EXE : 8.1.2.12 311553 Bytes 15/04/2008 08:50:00
AVSCAN.DLL : 8.1.1.0 53505 Bytes 15/04/2008 08:50:00
LUKE.DLL : 8.1.2.9 151809 Bytes 15/04/2008 08:50:00
LUKERES.DLL : 8.1.2.1 12033 Bytes 15/04/2008 08:50:00
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 13:27:15
ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 16:20:53
ANTIVIR2.VDF : 7.0.3.156 795136 Bytes 11/04/2008 08:25:07
ANTIVIR3.VDF : 7.0.3.170 123904 Bytes 15/04/2008 14:57:50
Engineversion : 8.1.0.30
AEVDF.DLL : 8.1.0.5 102772 Bytes 15/04/2008 08:50:01
AESCRIPT.DLL : 8.1.0.23 233851 Bytes 15/04/2008 08:50:01
AESCN.DLL : 8.1.0.13 115061 Bytes 15/04/2008 08:50:01
AERDL.DLL : 8.1.0.19 418164 Bytes 15/04/2008 08:50:01
AEPACK.DLL : 8.1.1.1 364918 Bytes 15/04/2008 08:50:01
AEOFFICE.DLL : 8.1.0.17 192891 Bytes 15/04/2008 08:50:01
AEHEUR.DLL : 8.1.0.18 1167735 Bytes 15/04/2008 08:50:01
AEHELP.DLL : 8.1.0.12 115063 Bytes 15/04/2008 08:50:01
AEGEN.DLL : 8.1.0.15 299379 Bytes 15/04/2008 08:50:01
AEEMU.DLL : 8.1.0.5 430450 Bytes 15/04/2008 08:50:01
AECORE.DLL : 8.1.0.26 168311 Bytes 15/04/2008 08:50:01
AVWINLL.DLL : 1.0.0.7 14593 Bytes 15/04/2008 08:50:00
AVPREF.DLL : 8.0.0.1 25857 Bytes 15/04/2008 08:50:00
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 12:16:24
AVREG.DLL : 8.0.0.0 30977 Bytes 15/04/2008 08:50:00
AVARKT.DLL : 1.0.0.23 307457 Bytes 15/04/2008 08:49:59
AVEVTLOG.DLL : 8.0.0.11 114945 Bytes 15/04/2008 08:50:00
SQLITE3.DLL : 3.3.17.1 339968 Bytes 15/04/2008 08:50:00
SMTPLIB.DLL : 1.2.0.19 28929 Bytes 15/04/2008 08:50:00
NETNT.DLL : 8.0.0.1 7937 Bytes 15/04/2008 08:50:00
RCIMAGE.DLL : 8.0.0.35 2371841 Bytes 15/04/2008 08:49:57
RCTEXT.DLL : 8.0.32.0 86273 Bytes 15/04/2008 08:49:57

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: C:\Program Files\Avira\AntiVir PersonalEdition Classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, D:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: on
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: mardi 15 avril 2008 17:00

Starting search for hidden objects.
The driver could not be initialized.

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'usnsvc.exe' - '1' Module(s) have been scanned
Scan process 'cidaemon.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'TeaTimer.exe' - '1' Module(s) have been scanned
Scan process 'LClock.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'LVCOMSX.EXE' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'mixer.exe' - '1' Module(s) have been scanned
Scan process 'oasrv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
Scan process 'NMSAccessU.exe' - '1' Module(s) have been scanned
Scan process 'lxcrcoms.exe' - '1' Module(s) have been scanned
Scan process 'oaui.exe' - '1' Module(s) have been scanned
Scan process 'cisvc.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
33 processes with 33 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!

Starting to scan the registry.
The registry was scanned ( '30' files ).

Starting the file scan:

Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{8CA783B6-41B8-47C2-A543-283411942BAC}\RP57\A0006968.exe
[DETECTION] Contains detection pattern of the dropper DR/Tool.Reboot.F.79
[NOTE] The file was moved to '4834c51f.qua'!
Begin scan in 'D:\' <DONNEES>

End of the scan: mardi 15 avril 2008 17:18
Used time: 17:30 min

The scan has been done completely.

2703 Scanning directories
119378 Files were scanned
1 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
1 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
119377 Files not concerned
1345 Archives were scanned
1 Warnings
1 Notes
A voir également:

3 réponses

Réponse 1 / 3
shinobi80 Messages postés 918 Statut Membre 73
 
salut!
non rien de grave.laisse en quarantaine.as tu un anti spyware?
0
leon95 Messages postés 1231 Statut Membre 22
 
bonsoir et merci.oui j ai spybot avec le tea teamer et antispyware
0
shinobi80 Messages postés 918 Statut Membre 73 > leon95 Messages postés 1231 Statut Membre
 
c tres bien.as tu ccleaner pour nettoyer ton pc?sinon le voici:
https://www.commentcamarche.net/telecharger/ un logiciel essentiel 168 avis opinions.php3

Utilisation :
-Dans l'onglet "Nettoyeur" cliquer sur "Analyse". Une fois l'analyse terminée, cliquer sur "Lancer le Nettoyage".
-Dans l'onglet "Erreurs" cliquer sur "Chercher des erreurs" puis, avant de cliquer sur "Réparer les erreurs sélectionnées" effectuer une sauvegarde de votre registre (comme proposé). Recommencer jusqu’à qu’il n’y est plus d’erreurs détectés.
0
leon95 Messages postés 1231 Statut Membre 22 > shinobi80 Messages postés 918 Statut Membre
 
merci je l ai deja mais meme en recherche google je n ai rien trouve sur ce probleme.c est bizarre
0
shinobi80 Messages postés 918 Statut Membre 73 > leon95 Messages postés 1231 Statut Membre
 
rien d alarmant.ya t il ralentissement de ton pc?sinon c est bon
0
leon95 Messages postés 1231 Statut Membre 22 > shinobi80 Messages postés 918 Statut Membre
 
ouais un peu mou le pc
0
Réponse 2 / 3
jalobservateur Messages postés 7372 Date d'inscription   Statut Contributeur sécurité Dernière intervention   930
 
Bonjour vs 2.
Leon95: C:\System Volume Information\_restore{8CA783B6-41B8-47C2-A543-283411942BAC}\RP57\A0006968.exe
[DETECTION] Contains detection pattern of the dropper DR/Tool.Reboot.F.79
[NOTE] The file was moved to '4834c51f.qua'!
Ceci est simplement une composante inclue dans un fix de décontamination que tu as préalablement utilisé.
Et il est dans le Volume\Restore.
Alors simplement le supprimer et ensuite: Démarrer/Poste de travail/Cliques droite sur Poste de travail/Propriétés/Restoration du système/Désactiver en cochant la resto/Appliquer/ok/Redémarrer/Refaire au complet /Mais décoches /Et Appliquer/OK et voilà. @+ Jal ;-)
0
leon95 Messages postés 1231 Statut Membre 22
 
salut jal..ca fait plaisir de te retrouver
et merci j ai compris je supprime et je purge ma restauration systeme
et je sais que ton temps est precieux..et si tu as le temps je met un hitjathid

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:37:58, on 15/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Tall Emu\Online Armor\oaui.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\lxcrcoms.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Tall Emu\Online Armor\oasrv.exe
C:\WINDOWS\Mixer.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\lclock.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\SYSTEM32\cidaemon.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/toolbar/ie8/sidebar.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LXCRCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCRtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [OnlineArmor GUI] "C:\Program Files\Tall Emu\Online Armor\oaui.exe"
O4 - HKLM\..\RunOnce: [OnlineArmor GUI] "C:\Program Files\Tall Emu\Online Armor\oaui.exe" /fork
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LClock] lclock.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [LSD_III] %systemroot%\LSD\end.cmd (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [LSD_III] %systemroot%\LSD\end.cmd (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [LSD_III] %systemroot%\LSD\end.cmd (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [LSD_III] %systemroot%\LSD\end.cmd (User 'Default user')
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - https://www.eset.com/
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - https://www.f-secure.com/en/home/support
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - Unknown owner - C:\Program Files\LogMeIn\x86\RaMaint.exe (file missing)
O23 - Service: LogMeIn - Unknown owner - C:\Program Files\LogMeIn\x86\LogMeIn.exe (file missing)
O23 - Service: lxcr_device - - C:\WINDOWS\system32\lxcrcoms.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Online Armor (SvcOnlineArmor) - Tall Emu - C:\Program Files\Tall Emu\Online Armor\oasrv.exe
0
Réponse 3 / 3
jalobservateur Messages postés 7372 Date d'inscription   Statut Contributeur sécurité Dernière intervention   930
 
Re Leon95.
Pas d'infection visible.
Inutilités en assez grand nombre.
Version Windows (LSD) Ouais.
Service logmein 023--->(File missing) Service à désactiver et fixer--->HJKTS.
++ Mais je ne voulais que t'indiquer ceci car tu es déjà pris en charge par Shinobi80.
PS: Aussi pas de paranoîa! Tu est suffisamment protégé le reste ne dépend que de ta façon de naviguer et de suivre.
Puis de la vitesse de la souris...
Je file boulôt.@+ Vs 2.
0
leon95 Messages postés 1231 Statut Membre 22
 
je n ai pas logmein dans program files...comment faire??
0

Discussions similaires

Impossible d'afficher le rapport de tableau croisé dynamique sur un rapport
Utilisateur anonyme -
TomH. -

13 réponses
Google Chrome "  Échec de l'analyse antivirus "
jmpower -
RBmoon -

18 réponses
Huawei P8 Lite "nouveau tag ajouté"
ArianeKathleen -
Mn -

25 réponses
Nouveau tag ajouté - Utilité
Eerfers -
madmyke -

1 réponse
" Échec de l'analyse antivirus " la solution.
bazfile -
bazfile -

0 réponse