Infection rootkit gen
caltera
-
caltera -
caltera -
Bonjour,
Avast viens de trouver un virus rootkit-gen sur mon ordinateur, sur mon jeu reseau preferé ^^
J'ai tout de suite refait un scan au demarage et j'ai vu qu'il n'arrivais pas a le supprimer. J'ai donc été voir le net et j'ai vu que ce virus a l'air d'etre une bonne salo*** pour s'en debarasser. J'ai donc suivi le conseil d'un ancien topic sur ce sujet et voici le rapport de hijack this
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:49:16, on 14/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\USB Disk Win98 Driver\Res.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\twain_32\SlimU2\HotKey.Exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Trend Micro\HijackThis\monjack.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\Program Files\Copernic Agent\CopernicAgentExt.rdl/INTEGRATION_BAND_SEARCHBAR_HTML
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {BE89472C-B803-4D1D-9A9A-0A63660E0FE3} - C:\PROGRA~1\COPERN~1\COPERN~1.DLL
O1 - Hosts: 88.191.80.222 l2authd.lineage2.com
O1 - Hosts: 88.191.80.222 L2testauthd.lineage2.com
O1 - Hosts: 216.107.250.194 nprotect.lineage2.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Idea2 SidebarBrowserMonitor Class - {45AD732C-2CE2-4666-B366-B2214AD57A49} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\Program Files\Copernic Agent\CopernicAgentExt.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [USB Storage Toolbox] C:\Program Files\USB Disk Win98 Driver\Res.EXE
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Contrôleur de calendrier Ulead.lnk.disabled
O4 - Global Startup: Lancement Application Fax.lnk.disabled
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Chercher avec Copernic Agent - res://C:\Program Files\Copernic Agent\CopernicAgentExt.rdl/INTEGRATION_MENU_SEARCHEXT
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O9 - Extra 'Tools' menuitem: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra 'Tools' menuitem: Démarrer Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} (GameLauncher Control) - http://www.acclaim.com/cabs/acclaim_v5.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
Avast viens de trouver un virus rootkit-gen sur mon ordinateur, sur mon jeu reseau preferé ^^
J'ai tout de suite refait un scan au demarage et j'ai vu qu'il n'arrivais pas a le supprimer. J'ai donc été voir le net et j'ai vu que ce virus a l'air d'etre une bonne salo*** pour s'en debarasser. J'ai donc suivi le conseil d'un ancien topic sur ce sujet et voici le rapport de hijack this
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:49:16, on 14/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\USB Disk Win98 Driver\Res.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\twain_32\SlimU2\HotKey.Exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Trend Micro\HijackThis\monjack.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\Program Files\Copernic Agent\CopernicAgentExt.rdl/INTEGRATION_BAND_SEARCHBAR_HTML
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {BE89472C-B803-4D1D-9A9A-0A63660E0FE3} - C:\PROGRA~1\COPERN~1\COPERN~1.DLL
O1 - Hosts: 88.191.80.222 l2authd.lineage2.com
O1 - Hosts: 88.191.80.222 L2testauthd.lineage2.com
O1 - Hosts: 216.107.250.194 nprotect.lineage2.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Idea2 SidebarBrowserMonitor Class - {45AD732C-2CE2-4666-B366-B2214AD57A49} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\Program Files\Copernic Agent\CopernicAgentExt.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [USB Storage Toolbox] C:\Program Files\USB Disk Win98 Driver\Res.EXE
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Contrôleur de calendrier Ulead.lnk.disabled
O4 - Global Startup: Lancement Application Fax.lnk.disabled
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Chercher avec Copernic Agent - res://C:\Program Files\Copernic Agent\CopernicAgentExt.rdl/INTEGRATION_MENU_SEARCHEXT
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O9 - Extra 'Tools' menuitem: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra 'Tools' menuitem: Démarrer Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} (GameLauncher Control) - http://www.acclaim.com/cabs/acclaim_v5.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
A voir également:
- Infection rootkit gen
- Oxy-gen - Télécharger - Généalogie
- Mi box s 1st gen vs 2nd gen - Accueil - TV & Vidéo
- Rootkit - Télécharger - Antivirus & Antimalwares
- Malwarex-gen - Forum Virus
- Lenovo yoga 9i gen 8 - Accueil - Ordinateurs
1 réponse
desinstallation du logiciel incriminé, supression de avast, et scan virus avec antivir comme conseillé, voici le rapport
Avira AntiVir Personal
Report file date: mercredi 14 mai 2008 14:59
Scanning for 1265410 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Normally booted
Username: SYSTEM
Computer name: ORDI-PAPA
Version information:
BUILD.DAT : 8.1.00.295 16479 Bytes 09/04/2008 16:24:00
AVSCAN.EXE : 8.1.2.12 311553 Bytes 18/03/2008 09:02:56
AVSCAN.DLL : 8.1.1.0 53505 Bytes 07/02/2008 08:43:37
LUKE.DLL : 8.1.2.9 151809 Bytes 28/02/2008 08:41:23
LUKERES.DLL : 8.1.2.1 12033 Bytes 21/02/2008 08:28:40
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34
ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 13:08:58
ANTIVIR2.VDF : 7.0.4.0 1554432 Bytes 05/05/2008 12:55:11
ANTIVIR3.VDF : 7.0.4.36 181248 Bytes 14/05/2008 12:55:13
Engineversion : 8.1.0.42
AEVDF.DLL : 8.1.0.5 102772 Bytes 25/02/2008 09:58:21
AESCRIPT.DLL : 8.1.0.31 262522 Bytes 14/05/2008 12:55:29
AESCN.DLL : 8.1.0.16 119156 Bytes 14/05/2008 12:55:28
AERDL.DLL : 8.1.0.20 418165 Bytes 14/05/2008 12:55:27
AEPACK.DLL : 8.1.1.4 364918 Bytes 14/05/2008 12:55:25
AEOFFICE.DLL : 8.1.0.18 192890 Bytes 14/05/2008 12:55:23
AEHEUR.DLL : 8.1.0.26 1237366 Bytes 14/05/2008 12:55:22
AEHELP.DLL : 8.1.0.14 115063 Bytes 14/05/2008 12:55:18
AEGEN.DLL : 8.1.0.20 299380 Bytes 14/05/2008 12:55:17
AEEMU.DLL : 8.1.0.6 430451 Bytes 14/05/2008 12:55:15
AECORE.DLL : 8.1.0.28 168310 Bytes 14/05/2008 12:55:14
AVWINLL.DLL : 1.0.0.7 14593 Bytes 23/01/2008 17:07:53
AVPREF.DLL : 8.0.0.1 25857 Bytes 18/02/2008 10:37:50
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:26:47
AVREG.DLL : 8.0.0.0 30977 Bytes 23/01/2008 17:07:49
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23
AVEVTLOG.DLL : 8.0.0.11 114945 Bytes 28/02/2008 08:31:31
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
SMTPLIB.DLL : 1.2.0.19 28929 Bytes 23/01/2008 17:08:39
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10
RCIMAGE.DLL : 8.0.0.35 2371841 Bytes 10/03/2008 14:37:25
RCTEXT.DLL : 8.0.32.0 86273 Bytes 06/03/2008 12:02:11
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: repair
Secondary action.................: quarantine
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, I:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: on
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: high
Start of the scan: mercredi 14 mai 2008 14:59
Starting search for hidden objects.
'59616' objects were checked, '0' hidden objects were found.
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'PnkBstrA.exe' - '1' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'Res.exe' - '1' Module(s) have been scanned
Scan process 'RTHDCPL.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'aawservice.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
27 processes with 27 modules were scanned
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'I:\'
[INFO] No virus was found!
Starting to scan the registry.
The registry was scanned ( '33' files ).
Starting the file scan:
Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Documents and Settings\Vincent Gérard\Mes documents\Downloads\rev-e112.rar
[0] Archive type: RAR
--> ReVOLVeR\Experience112.exe
[DETECTION] Contains detection pattern of the worm WORM/Stration.FTY
[NOTE] The file was moved to '48a0e612.qua'!
C:\System Volume Information\_restore{0CC80043-677B-4575-9905-BDC4DE2FE019}\RP70\A0005902.exe
[WARNING] No further files can be extracted from this archive. The archive will be closed
C:\System Volume Information\_restore{0CC80043-677B-4575-9905-BDC4DE2FE019}\RP71\A0005907.exe
[WARNING] No further files can be extracted from this archive. The archive will be closed
Begin scan in 'I:\' <Disque externe>
I:\jeux\nox\Nox - Westwood Studios (Class Rip).zip
[NOTE] The file was moved to '48a2fbd1.qua'!
I:\System Volume Information\_restore{114BBA23-0C1A-4D24-8D0F-D4F7325498E1}\RP49\A0008042.INF
[DETECTION] Contains detection pattern of the worm WORM/RJUMP.B.1
[NOTE] The file was moved to '485aff13.qua'!
I:\System Volume Information\_restore{503132DC-1532-4941-9D92-EFA8DD759B48}\RP252\A0048223.INF
[DETECTION] Contains detection pattern of the worm WORM/RJUMP.B.1
[NOTE] The file was moved to '485aff14.qua'!
I:\System Volume Information\_restore{503132DC-1532-4941-9D92-EFA8DD759B48}\RP253\A0048322.INF
[DETECTION] Contains detection pattern of the worm WORM/RJUMP.B.1
[NOTE] The file was moved to '485aff15.qua'!
I:\System Volume Information\_restore{503132DC-1532-4941-9D92-EFA8DD759B48}\RP255\A0048373.INF
[DETECTION] Contains detection pattern of the worm WORM/RJUMP.B.1
[NOTE] The file was moved to '485aff16.qua'!
I:\System Volume Information\_restore{503132DC-1532-4941-9D92-EFA8DD759B48}\RP256\A0048414.INF
[DETECTION] Contains detection pattern of the worm WORM/RJUMP.B.1
[NOTE] The file was moved to '49fac467.qua'!
I:\System Volume Information\_restore{503132DC-1532-4941-9D92-EFA8DD759B48}\RP256\A0048448.INF
[DETECTION] Contains detection pattern of the worm WORM/RJUMP.B.1
[NOTE] The file was moved to '485aff17.qua'!
I:\System Volume Information\_restore{503132DC-1532-4941-9D92-EFA8DD759B48}\RP267\A0050063.INF
[DETECTION] Contains detection pattern of the worm WORM/RJUMP.B.1
[NOTE] The file was moved to '485aff18.qua'!
I:\System Volume Information\_restore{503132DC-1532-4941-9D92-EFA8DD759B48}\RP272\A0050219.INF
[DETECTION] Contains detection pattern of the worm WORM/RJUMP.B.1
[NOTE] The file was moved to '485aff19.qua'!
I:\System Volume Information\_restore{503132DC-1532-4941-9D92-EFA8DD759B48}\RP277\A0050860.INF
[DETECTION] Contains detection pattern of the worm WORM/RJUMP.B.1
[NOTE] The file was moved to '49fac46a.qua'!
I:\System Volume Information\_restore{503132DC-1532-4941-9D92-EFA8DD759B48}\RP279\A0050959.INF
[DETECTION] Contains detection pattern of the worm WORM/RJUMP.B.1
[NOTE] The file was moved to '485aff1a.qua'!
I:\System Volume Information\_restore{503132DC-1532-4941-9D92-EFA8DD759B48}\RP282\A0051265.INF
[DETECTION] Contains detection pattern of the worm WORM/RJUMP.B.1
[NOTE] The file was moved to '485aff1b.qua'!
I:\System Volume Information\_restore{503132DC-1532-4941-9D92-EFA8DD759B48}\RP300\A0054303.exe
[DETECTION] Is the Trojan horse TR/Agent.9331537
[NOTE] The file was moved to '49fac46c.qua'!
I:\System Volume Information\_restore{503132DC-1532-4941-9D92-EFA8DD759B48}\RP312\A0058834.exe
[DETECTION] Is the Trojan horse TR/Agent.9331537
[NOTE] The file was moved to '485aff2b.qua'!
I:\System Volume Information\_restore{69B4A718-07B0-4FE9-ABDE-FB31369B5747}\RP661\A0149808.INF
[DETECTION] Contains detection pattern of the worm WORM/RJUMP.B.1
[NOTE] The file was moved to '485bff3b.qua'!
I:\System Volume Information\_restore{69B4A718-07B0-4FE9-ABDE-FB31369B5747}\RP661\A0149811.INF
[DETECTION] Contains detection pattern of the worm WORM/RJUMP.B.1
[NOTE] The file was moved to '485bff3c.qua'!
I:\System Volume Information\_restore{69B4A718-07B0-4FE9-ABDE-FB31369B5747}\RP689\A0156381.INF
[DETECTION] Contains detection pattern of the worm WORM/RJUMP.B.1
[NOTE] The file was moved to '485bff3d.qua'!
End of the scan: mercredi 14 mai 2008 17:02
Used time: 2:03:13 min
The scan has been done completely.
15637 Scanning directories
644386 Files were scanned
18 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
18 files were moved to quarantine
0 files were renamed
3 Files cannot be scanned
644368 Files not concerned
2148 Archives were scanned
3 Warnings
18 Notes
59616 Objects were scanned with rootkit scan
0 Hidden objects were found
Avira AntiVir Personal
Report file date: mercredi 14 mai 2008 14:59
Scanning for 1265410 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Normally booted
Username: SYSTEM
Computer name: ORDI-PAPA
Version information:
BUILD.DAT : 8.1.00.295 16479 Bytes 09/04/2008 16:24:00
AVSCAN.EXE : 8.1.2.12 311553 Bytes 18/03/2008 09:02:56
AVSCAN.DLL : 8.1.1.0 53505 Bytes 07/02/2008 08:43:37
LUKE.DLL : 8.1.2.9 151809 Bytes 28/02/2008 08:41:23
LUKERES.DLL : 8.1.2.1 12033 Bytes 21/02/2008 08:28:40
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34
ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 13:08:58
ANTIVIR2.VDF : 7.0.4.0 1554432 Bytes 05/05/2008 12:55:11
ANTIVIR3.VDF : 7.0.4.36 181248 Bytes 14/05/2008 12:55:13
Engineversion : 8.1.0.42
AEVDF.DLL : 8.1.0.5 102772 Bytes 25/02/2008 09:58:21
AESCRIPT.DLL : 8.1.0.31 262522 Bytes 14/05/2008 12:55:29
AESCN.DLL : 8.1.0.16 119156 Bytes 14/05/2008 12:55:28
AERDL.DLL : 8.1.0.20 418165 Bytes 14/05/2008 12:55:27
AEPACK.DLL : 8.1.1.4 364918 Bytes 14/05/2008 12:55:25
AEOFFICE.DLL : 8.1.0.18 192890 Bytes 14/05/2008 12:55:23
AEHEUR.DLL : 8.1.0.26 1237366 Bytes 14/05/2008 12:55:22
AEHELP.DLL : 8.1.0.14 115063 Bytes 14/05/2008 12:55:18
AEGEN.DLL : 8.1.0.20 299380 Bytes 14/05/2008 12:55:17
AEEMU.DLL : 8.1.0.6 430451 Bytes 14/05/2008 12:55:15
AECORE.DLL : 8.1.0.28 168310 Bytes 14/05/2008 12:55:14
AVWINLL.DLL : 1.0.0.7 14593 Bytes 23/01/2008 17:07:53
AVPREF.DLL : 8.0.0.1 25857 Bytes 18/02/2008 10:37:50
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:26:47
AVREG.DLL : 8.0.0.0 30977 Bytes 23/01/2008 17:07:49
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23
AVEVTLOG.DLL : 8.0.0.11 114945 Bytes 28/02/2008 08:31:31
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
SMTPLIB.DLL : 1.2.0.19 28929 Bytes 23/01/2008 17:08:39
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10
RCIMAGE.DLL : 8.0.0.35 2371841 Bytes 10/03/2008 14:37:25
RCTEXT.DLL : 8.0.32.0 86273 Bytes 06/03/2008 12:02:11
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: repair
Secondary action.................: quarantine
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, I:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: on
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: high
Start of the scan: mercredi 14 mai 2008 14:59
Starting search for hidden objects.
'59616' objects were checked, '0' hidden objects were found.
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'PnkBstrA.exe' - '1' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'Res.exe' - '1' Module(s) have been scanned
Scan process 'RTHDCPL.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'aawservice.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
27 processes with 27 modules were scanned
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'I:\'
[INFO] No virus was found!
Starting to scan the registry.
The registry was scanned ( '33' files ).
Starting the file scan:
Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Documents and Settings\Vincent Gérard\Mes documents\Downloads\rev-e112.rar
[0] Archive type: RAR
--> ReVOLVeR\Experience112.exe
[DETECTION] Contains detection pattern of the worm WORM/Stration.FTY
[NOTE] The file was moved to '48a0e612.qua'!
C:\System Volume Information\_restore{0CC80043-677B-4575-9905-BDC4DE2FE019}\RP70\A0005902.exe
[WARNING] No further files can be extracted from this archive. The archive will be closed
C:\System Volume Information\_restore{0CC80043-677B-4575-9905-BDC4DE2FE019}\RP71\A0005907.exe
[WARNING] No further files can be extracted from this archive. The archive will be closed
Begin scan in 'I:\' <Disque externe>
I:\jeux\nox\Nox - Westwood Studios (Class Rip).zip
[NOTE] The file was moved to '48a2fbd1.qua'!
I:\System Volume Information\_restore{114BBA23-0C1A-4D24-8D0F-D4F7325498E1}\RP49\A0008042.INF
[DETECTION] Contains detection pattern of the worm WORM/RJUMP.B.1
[NOTE] The file was moved to '485aff13.qua'!
I:\System Volume Information\_restore{503132DC-1532-4941-9D92-EFA8DD759B48}\RP252\A0048223.INF
[DETECTION] Contains detection pattern of the worm WORM/RJUMP.B.1
[NOTE] The file was moved to '485aff14.qua'!
I:\System Volume Information\_restore{503132DC-1532-4941-9D92-EFA8DD759B48}\RP253\A0048322.INF
[DETECTION] Contains detection pattern of the worm WORM/RJUMP.B.1
[NOTE] The file was moved to '485aff15.qua'!
I:\System Volume Information\_restore{503132DC-1532-4941-9D92-EFA8DD759B48}\RP255\A0048373.INF
[DETECTION] Contains detection pattern of the worm WORM/RJUMP.B.1
[NOTE] The file was moved to '485aff16.qua'!
I:\System Volume Information\_restore{503132DC-1532-4941-9D92-EFA8DD759B48}\RP256\A0048414.INF
[DETECTION] Contains detection pattern of the worm WORM/RJUMP.B.1
[NOTE] The file was moved to '49fac467.qua'!
I:\System Volume Information\_restore{503132DC-1532-4941-9D92-EFA8DD759B48}\RP256\A0048448.INF
[DETECTION] Contains detection pattern of the worm WORM/RJUMP.B.1
[NOTE] The file was moved to '485aff17.qua'!
I:\System Volume Information\_restore{503132DC-1532-4941-9D92-EFA8DD759B48}\RP267\A0050063.INF
[DETECTION] Contains detection pattern of the worm WORM/RJUMP.B.1
[NOTE] The file was moved to '485aff18.qua'!
I:\System Volume Information\_restore{503132DC-1532-4941-9D92-EFA8DD759B48}\RP272\A0050219.INF
[DETECTION] Contains detection pattern of the worm WORM/RJUMP.B.1
[NOTE] The file was moved to '485aff19.qua'!
I:\System Volume Information\_restore{503132DC-1532-4941-9D92-EFA8DD759B48}\RP277\A0050860.INF
[DETECTION] Contains detection pattern of the worm WORM/RJUMP.B.1
[NOTE] The file was moved to '49fac46a.qua'!
I:\System Volume Information\_restore{503132DC-1532-4941-9D92-EFA8DD759B48}\RP279\A0050959.INF
[DETECTION] Contains detection pattern of the worm WORM/RJUMP.B.1
[NOTE] The file was moved to '485aff1a.qua'!
I:\System Volume Information\_restore{503132DC-1532-4941-9D92-EFA8DD759B48}\RP282\A0051265.INF
[DETECTION] Contains detection pattern of the worm WORM/RJUMP.B.1
[NOTE] The file was moved to '485aff1b.qua'!
I:\System Volume Information\_restore{503132DC-1532-4941-9D92-EFA8DD759B48}\RP300\A0054303.exe
[DETECTION] Is the Trojan horse TR/Agent.9331537
[NOTE] The file was moved to '49fac46c.qua'!
I:\System Volume Information\_restore{503132DC-1532-4941-9D92-EFA8DD759B48}\RP312\A0058834.exe
[DETECTION] Is the Trojan horse TR/Agent.9331537
[NOTE] The file was moved to '485aff2b.qua'!
I:\System Volume Information\_restore{69B4A718-07B0-4FE9-ABDE-FB31369B5747}\RP661\A0149808.INF
[DETECTION] Contains detection pattern of the worm WORM/RJUMP.B.1
[NOTE] The file was moved to '485bff3b.qua'!
I:\System Volume Information\_restore{69B4A718-07B0-4FE9-ABDE-FB31369B5747}\RP661\A0149811.INF
[DETECTION] Contains detection pattern of the worm WORM/RJUMP.B.1
[NOTE] The file was moved to '485bff3c.qua'!
I:\System Volume Information\_restore{69B4A718-07B0-4FE9-ABDE-FB31369B5747}\RP689\A0156381.INF
[DETECTION] Contains detection pattern of the worm WORM/RJUMP.B.1
[NOTE] The file was moved to '485bff3d.qua'!
End of the scan: mercredi 14 mai 2008 17:02
Used time: 2:03:13 min
The scan has been done completely.
15637 Scanning directories
644386 Files were scanned
18 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
18 files were moved to quarantine
0 files were renamed
3 Files cannot be scanned
644368 Files not concerned
2148 Archives were scanned
3 Warnings
18 Notes
59616 Objects were scanned with rootkit scan
0 Hidden objects were found
