Virus ??? Problème ATKKBService.exe
kEvaR
Messages postés
63
Statut
Membre
-
Pocahontas -
Pocahontas -
Bonjour,
J'ai un soucis sur un PC au démarrage et je pense avoir chopper quelques choses...
Problème ATKKBService.exe au démarrage et plusieurs autres problèmes iexplorer.exe entre autre...
Je lance un scan Malwarebytes' anti-Malware. Avira anti-vir et un rapport HijackThis
Malwarebytes' Anti-Malware 1.25
Version de la base de données: 1080
Windows 5.1.2600 Service Pack 2
11:41:41 24/08/2008
mbam-log-08-24-2008 (11-41-41).txt
Type de recherche: Examen complet (C:\|D:\|E:\|)
Eléments examinés: 208200
Temps écoulé: 1 hour(s), 0 minute(s), 50 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
---------------------------------------------------------------------------------------------------------------------------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:42:43, on 24/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\ASUS\GamerOSD\GamerOSD.exe
C:\Program Files\NETGEAR\Wireless Smart Configuration\Utility\NetgearAG.exe
C:\Program Files\Startup Mechanic\StartupMonitor.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Winamp Remote\bin\OrbTray.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\Winamp Remote\bin\Orb.exe
C:\PROGRA~1\NVIDIA~1\NETWOR~1\Apache Group\Apache2\bin\apache.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\PROGRA~1\NVIDIA~1\NETWOR~1\Apache Group\Apache2\bin\apache.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\PROGRA~1\NVIDIA~1\NETWOR~1\bin\nSvcLog.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files\Graveur\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\NVIDIA~1\NETWOR~1\bin\nSvcAppFlt.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\FlashGet\flashget.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\mstsc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\Administrateur\Bureau\HiJackThis.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:\WINDOWS\system32\BhoECart.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: FlashGet - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\Program Files\FlashGet\fgiebar.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [C6501Sound] RunDll32 c6501.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [ASUSGamerOSD] C:\Program Files\ASUS\GamerOSD\GamerOSD.exe
O4 - HKLM\..\Run: [AS00_Netgear] C:\Program Files\NETGEAR\Wireless Smart Configuration\Utility\NetgearAG.exe -hide
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [Startup Manager Scanner] C:\Program Files\Startup Mechanic\StartupMonitor.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [Orb] "C:\Program Files\Winamp Remote\bin\OrbTray.exe" /background
O8 - Extra context menu item: &Tout télécharger avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users.WINDOWS\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_03\bin\npjpi150_03.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_03\bin\npjpi150_03.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O15 - Trusted Zone: http://www.secuser.com
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5852F5ED-8BF4-11D4-A245-0080C6F74284} (isInstalled Class) - http://javadl-esd.sun.com/update/1.5.0/jinstall-1_5_0_03-windows-i586.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\PROGRA~1\NVIDIA~1\NETWOR~1\bin\nSvcAppFlt.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\PROGRA~1\NVIDIA~1\NETWOR~1\Apache Group\Apache2\bin\apache.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA - C:\PROGRA~1\NVIDIA~1\NETWOR~1\bin\nSvcLog.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Graveur\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
--
End of file - 12131 bytes
---------------------------------------------------------------------------------------------------------------------------------------------------------------
Avira AntiVir Personal
Report file date: dimanche 24 août 2008 11:43
Scanning for 1568528 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Normally booted
Username: SYSTEM
Computer name: GONE
Version information:
BUILD.DAT : 8.1.0.331 16934 Bytes 12/08/2008 11:46:00
AVSCAN.EXE : 8.1.4.7 315649 Bytes 26/06/2008 08:57:53
AVSCAN.DLL : 8.1.4.0 40705 Bytes 26/05/2008 07:56:40
LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 12:44:19
LUKERES.DLL : 8.1.4.0 12033 Bytes 26/05/2008 07:58:52
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34
ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 24/06/2008 13:54:15
ANTIVIR2.VDF : 7.0.6.10 2587136 Bytes 14/08/2008 09:03:19
ANTIVIR3.VDF : 7.0.6.59 242688 Bytes 23/08/2008 09:03:20
Engineversion : 8.1.1.23
AEVDF.DLL : 8.1.0.5 102772 Bytes 09/07/2008 08:46:50
AESCRIPT.DLL : 8.1.0.68 315770 Bytes 24/08/2008 09:03:33
AESCN.DLL : 8.1.0.23 119156 Bytes 24/08/2008 09:03:32
AERDL.DLL : 8.1.0.20 418165 Bytes 09/07/2008 08:46:50
AEPACK.DLL : 8.1.2.1 364917 Bytes 24/08/2008 09:03:31
AEOFFICE.DLL : 8.1.0.22 192890 Bytes 24/08/2008 09:03:29
AEHEUR.DLL : 8.1.0.50 1388918 Bytes 24/08/2008 09:03:28
AEHELP.DLL : 8.1.0.15 115063 Bytes 09/07/2008 08:46:50
AEGEN.DLL : 8.1.0.36 315764 Bytes 24/08/2008 09:03:24
AEEMU.DLL : 8.1.0.7 430452 Bytes 24/08/2008 09:03:23
AECORE.DLL : 8.1.1.8 172406 Bytes 24/08/2008 09:03:22
AEBB.DLL : 8.1.0.1 53617 Bytes 24/04/2008 08:50:42
AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 08:40:05
AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 09:28:01
AVREP.DLL : 8.0.0.2 98344 Bytes 24/08/2008 09:03:21
AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 11:26:40
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 12:27:49
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 12:49:40
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 12/06/2008 13:48:07
RCTEXT.DLL : 8.0.52.0 86273 Bytes 27/06/2008 13:34:37
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, D:, E:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: dimanche 24 août 2008 11:43
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '1' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'WLLoginProxy.exe' - '1' Module(s) have been scanned
Scan process 'iexplore.exe' - '1' Module(s) have been scanned
Scan process 'mstsc.exe' - '1' Module(s) have been scanned
Scan process 'firefox.exe' - '1' Module(s) have been scanned
Scan process 'flashget.exe' - '1' Module(s) have been scanned
Scan process 'kpf4gui.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'nSvcAppFlt.exe' - '1' Module(s) have been scanned
Scan process 'wdfmgr.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'StarWindService.exe' - '1' Module(s) have been scanned
Scan process 'sqlwriter.exe' - '1' Module(s) have been scanned
Scan process 'sqlbrowser.exe' - '1' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
Scan process 'nSvcLog.exe' - '1' Module(s) have been scanned
Scan process 'sqlservr.exe' - '1' Module(s) have been scanned
Scan process 'MDM.EXE' - '1' Module(s) have been scanned
Scan process 'kpf4gui.exe' - '1' Module(s) have been scanned
Scan process 'LogMeIn.exe' - '1' Module(s) have been scanned
Scan process 'Apache.exe' - '1' Module(s) have been scanned
Scan process 'ramaint.exe' - '1' Module(s) have been scanned
Scan process 'LSSrvc.exe' - '1' Module(s) have been scanned
Scan process 'kpf4ss.exe' - '1' Module(s) have been scanned
Scan process 'Apache.exe' - '1' Module(s) have been scanned
Scan process 'Orb.exe' - '1' Module(s) have been scanned
Scan process 'rapimgr.exe' - '1' Module(s) have been scanned
Scan process 'OrbTray.exe' - '1' Module(s) have been scanned
Scan process 'wcescomm.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'winampa.exe' - '1' Module(s) have been scanned
Scan process 'acrotray.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'StartupMonitor.exe' - '1' Module(s) have been scanned
Scan process 'NetgearAG.exe' - '1' Module(s) have been scanned
Scan process 'GamerOSD.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
55 processes with 55 modules were scanned
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!
Boot sector 'E:\'
[INFO] No virus was found!
Starting to scan the registry.
The registry was scanned ( '60' files ).
Starting the file scan:
Begin scan in 'C:\' <XP>
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\WINDOWS\Temp\tmp000059690\ncrdll.exe
[DETECTION] Is the TR/Small.14900 Trojan
[NOTE] The file was moved to '4923356d.qua'!
Begin scan in 'D:\' <Logiciel>
D:\Alcohol.120%.v1.9.5.3105.WinALL.Cracked-BetaMaster\Crack\Patch.exe
[DETECTION] Is the TR/Agent.69632.O Trojan
[NOTE] The file was moved to '49253577.qua'!
D:\Antivirus\Flash_Disinfector.exe
[DETECTION] Is the TR/Batc.Flashdis.A.1 Trojan
[NOTE] The file was moved to '49123585.qua'!
D:\Crystal Report Dev 8.5\Seagate Crystal Report Dev 8.5\redist\jp\NSQL20~1.EXE
[0] Archive type: ZIP SFX (self extracting)
--> INSTDLL.DLL
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '4902359d.qua'!
D:\emoticon\MsgPlus-301.exe
[DETECTION] Is the TR/Dldr.Swizzor.AG.2 Trojan
[NOTE] The file was moved to '491835de.qua'!
D:\System Volume Information\_restore{28C1292A-4ABD-46DE-89E7-D99C3F82D40F}\RP248\A0033736.exe
[DETECTION] Is the TR/Agent.69632.O Trojan
[NOTE] The file was moved to '48e13670.qua'!
D:\System Volume Information\_restore{28C1292A-4ABD-46DE-89E7-D99C3F82D40F}\RP248\A0033737.exe
[DETECTION] Is the TR/Batc.Flashdis.A.1 Trojan
[NOTE] The file was moved to '4963a501.qua'!
D:\System Volume Information\_restore{28C1292A-4ABD-46DE-89E7-D99C3F82D40F}\RP248\A0033738.EXE
[0] Archive type: ZIP SFX (self extracting)
--> INSTDLL.DLL
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '48e13671.qua'!
D:\System Volume Information\_restore{28C1292A-4ABD-46DE-89E7-D99C3F82D40F}\RP248\A0033739.exe
[DETECTION] Is the TR/Dldr.Swizzor.AG.2 Trojan
[NOTE] The file was moved to '4963a502.qua'!
Begin scan in 'E:\' <Fichiers>
E:\Fichiers téléchargés\archi\GH0ST.exe
[DETECTION] Is the TR/Dldr.Delphi.Gen Trojan
[NOTE] The file was moved to '48e13850.qua'!
E:\Fichiers téléchargés\archi\XXX.folder
[DETECTION] Contains recognition pattern of a probably damaged CC/JS.Agent.A sample
[NOTE] The file was moved to '49093861.qua'!
E:\Fichiers téléchargés\archi\pamela\_aleste.exe
[DETECTION] Contains recognition pattern of the W32/Stanit Windows virus
[NOTE] The file was moved to '491d38b6.qua'!
E:\Fichiers téléchargés\archi\programme\Artlantis Studio 2.0 + Crack.rar
[0] Archive type: RAR
--> Artlantis_Studio_200_EN_Win\Crack_atl_2.zip
[1] Archive type: ZIP
--> ArtlantisBatchRender.exe
[DETECTION] Is the TR/Agent.716800.F Trojan
--> ArtlantisStudio.exe
[DETECTION] Is the TR/Agent.2246656 Trojan
[NOTE] The file was moved to '4925399d.qua'!
E:\Fichiers téléchargés\archi\programme\Artlantis.Studio.v1.2.0.0.Multilanguage.WinALL.Cracked-ENGiNE.rar
[0] Archive type: RAR
--> Artlantis.Studio.v1.2.0.0.Multilanguage.WinALL.Cracked-ENGiNE\Crack\Artlantis.studio.v1.2.0.0_Crk.exe
[DETECTION] Is the TR/Patch.ES Trojan
[NOTE] The file was moved to '492539c3.qua'!
E:\Fichiers téléchargés\archi\programme\Artlantis.Studio.v2.0.0.3.Multilangual-ENGiNE.rar
[0] Archive type: RAR
--> Artlantis.Studio.v2.0.0.3.Multilangual-ENGiNE\e-as23ce.zip
[1] Archive type: ZIP
--> e-as23.rar
[2] Archive type: RAR
--> ENGiNE\ArtlantisBatchRender.exe
[DETECTION] Is the TR/Agent.716800.F Trojan
--> ENGiNE\ArtlantisStudio.exe
[DETECTION] Is the TR/Agent.2246656 Trojan
[NOTE] The file was moved to '492539e9.qua'!
E:\Fichiers téléchargés\archi\programme\archi 10 commercial\Setup.exe
[DETECTION] Contains recognition pattern of the W32/Stanit Windows virus
[NOTE] The file was moved to '49253ad9.qua'!
E:\Fichiers téléchargés\archi\programme\archi 10 commercial\ArchiCAD 10\archive.exe
[DETECTION] Contains recognition pattern of the W32/Stanit Windows virus
[NOTE] The file was moved to '49143ae7.qua'!
E:\Fichiers téléchargés\archi\programme\archi 10 commercial\ArchiCAD 10\Setup.exe
[DETECTION] Contains recognition pattern of the W32/Stanit Windows virus
[NOTE] The file was moved to '49253af4.qua'!
E:\Fichiers téléchargés\archi\programme\archi 10 commercial\ArchiCAD 10\JVM\jre-1_5_0_06-windows-i586-p.exe
[DETECTION] Contains recognition pattern of the W32/Stanit Windows virus
[NOTE] The file was moved to '49163b02.qua'!
E:\Fichiers téléchargés\archi\programme\archi 10 commercial\Crack\Arch10.fr_Crk.exe
[DETECTION] Contains recognition pattern of the W32/Stanit Windows virus
[NOTE] The file was moved to '49143b02.qua'!
E:\Fichiers téléchargés\archi\programme\archi 10 commercial\JAVA\jre-1_5_0_06-windows-i586-p.exe
[DETECTION] Contains recognition pattern of the W32/Stanit Windows virus
[NOTE] The file was moved to '489299b3.qua'!
E:\Fichiers téléchargés\archi\programme\archi 10 commercial\QuickTime\QuickTimeInstaller.exe
[DETECTION] Contains recognition pattern of the W32/Stanit Windows virus
[NOTE] The file was moved to '491a3b06.qua'!
E:\Fichiers téléchargés\archi\programme\archi 10 commercial\WIBU\WIBU32\WIBUKEY.exe
[DETECTION] Contains recognition pattern of the W32/Stanit Windows virus
[NOTE] The file was moved to '48f33ada.qua'!
E:\Fichiers téléchargés\archi\programme\archi 10 commercial\WIBU\WIBU32\DRIVER\Setup32.exe
[DETECTION] Contains recognition pattern of the W32/Stanit Windows virus
[NOTE] The file was moved to '49253af6.qua'!
E:\Fichiers téléchargés\archi\programme\archi 10 commercial\WIBU\WIBU64\WIBUKEY.exe
[DETECTION] Contains recognition pattern of the W32/Stanit Windows virus
[NOTE] The file was moved to '48f33add.qua'!
E:\Fichiers téléchargés\archi\programme\archi 10 commercial\WIBU\WIBU64\DRIVER\Setup64.exe
[DETECTION] Contains recognition pattern of the W32/Gael.3666 Windows virus
[NOTE] The file was moved to '49253af9.qua'!
E:\Fichiers téléchargés\Prog Charlotte\Adobe Acrobat Reader 7.0 Professional Multilanguage + Keygenerator.zip
[0] Archive type: ZIP
--> Keygenerator.exe
[DETECTION] Contains recognition pattern of the WORM/Autorun.cxl worm
[NOTE] The file was moved to '49203bc4.qua'!
E:\System Volume Information\_restore{28C1292A-4ABD-46DE-89E7-D99C3F82D40F}\RP248\A0033740.exe
[DETECTION] Is the TR/Dldr.Delphi.Gen Trojan
[NOTE] The file was moved to '48e13c49.qua'!
E:\System Volume Information\_restore{28C1292A-4ABD-46DE-89E7-D99C3F82D40F}\RP248\A0033741.exe
[DETECTION] Contains recognition pattern of the W32/Stanit Windows virus
[NOTE] The file was moved to '4963af3a.qua'!
E:\System Volume Information\_restore{28C1292A-4ABD-46DE-89E7-D99C3F82D40F}\RP248\A0033742.exe
[DETECTION] Contains recognition pattern of the W32/Stanit Windows virus
[NOTE] The file was moved to '48e13c4b.qua'!
E:\System Volume Information\_restore{28C1292A-4ABD-46DE-89E7-D99C3F82D40F}\RP248\A0033743.exe
[DETECTION] Contains recognition pattern of the W32/Stanit Windows virus
[NOTE] The file was moved to '48e13c4a.qua'!
E:\System Volume Information\_restore{28C1292A-4ABD-46DE-89E7-D99C3F82D40F}\RP248\A0033744.exe
[DETECTION] Contains recognition pattern of the W32/Stanit Windows virus
[NOTE] The file was moved to '4963af3b.qua'!
E:\System Volume Information\_restore{28C1292A-4ABD-46DE-89E7-D99C3F82D40F}\RP248\A0033745.exe
[DETECTION] Contains recognition pattern of the W32/Stanit Windows virus
[NOTE] The file was moved to '48e13c4c.qua'!
E:\System Volume Information\_restore{28C1292A-4ABD-46DE-89E7-D99C3F82D40F}\RP248\A0033746.exe
[DETECTION] Contains recognition pattern of the W32/Stanit Windows virus
[NOTE] The file was moved to '4963af3c.qua'!
E:\System Volume Information\_restore{28C1292A-4ABD-46DE-89E7-D99C3F82D40F}\RP248\A0033747.exe
[DETECTION] Contains recognition pattern of the W32/Stanit Windows virus
[NOTE] The file was moved to '48e13c4d.qua'!
E:\System Volume Information\_restore{28C1292A-4ABD-46DE-89E7-D99C3F82D40F}\RP248\A0033748.exe
[DETECTION] Contains recognition pattern of the W32/Stanit Windows virus
[NOTE] The file was moved to '4963af3e.qua'!
E:\System Volume Information\_restore{28C1292A-4ABD-46DE-89E7-D99C3F82D40F}\RP248\A0033749.exe
[DETECTION] Contains recognition pattern of the W32/Stanit Windows virus
[NOTE] The file was moved to '48e13c4f.qua'!
E:\System Volume Information\_restore{28C1292A-4ABD-46DE-89E7-D99C3F82D40F}\RP248\A0033750.exe
[DETECTION] Contains recognition pattern of the W32/Stanit Windows virus
[NOTE] The file was moved to '4963af3d.qua'!
E:\System Volume Information\_restore{28C1292A-4ABD-46DE-89E7-D99C3F82D40F}\RP248\A0033751.exe
[DETECTION] Contains recognition pattern of the W32/Stanit Windows virus
[NOTE] The file was moved to '48e13c4e.qua'!
E:\System Volume Information\_restore{28C1292A-4ABD-46DE-89E7-D99C3F82D40F}\RP248\A0033752.exe
[DETECTION] Contains recognition pattern of the W32/Gael.3666 Windows virus
[NOTE] The file was moved to '4963af3f.qua'!
End of the scan: dimanche 24 août 2008 12:46
Used time: 1:03:24 Hour(s)
The scan has been done completely.
14658 Scanning directories
546270 Files were scanned
42 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
40 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
546227 Files not concerned
3551 Archives were scanned
1 Warnings
40 Notes
J'ai un soucis sur un PC au démarrage et je pense avoir chopper quelques choses...
Problème ATKKBService.exe au démarrage et plusieurs autres problèmes iexplorer.exe entre autre...
Je lance un scan Malwarebytes' anti-Malware. Avira anti-vir et un rapport HijackThis
Malwarebytes' Anti-Malware 1.25
Version de la base de données: 1080
Windows 5.1.2600 Service Pack 2
11:41:41 24/08/2008
mbam-log-08-24-2008 (11-41-41).txt
Type de recherche: Examen complet (C:\|D:\|E:\|)
Eléments examinés: 208200
Temps écoulé: 1 hour(s), 0 minute(s), 50 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
---------------------------------------------------------------------------------------------------------------------------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:42:43, on 24/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\ASUS\GamerOSD\GamerOSD.exe
C:\Program Files\NETGEAR\Wireless Smart Configuration\Utility\NetgearAG.exe
C:\Program Files\Startup Mechanic\StartupMonitor.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Winamp Remote\bin\OrbTray.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\Winamp Remote\bin\Orb.exe
C:\PROGRA~1\NVIDIA~1\NETWOR~1\Apache Group\Apache2\bin\apache.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\PROGRA~1\NVIDIA~1\NETWOR~1\Apache Group\Apache2\bin\apache.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\PROGRA~1\NVIDIA~1\NETWOR~1\bin\nSvcLog.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files\Graveur\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\NVIDIA~1\NETWOR~1\bin\nSvcAppFlt.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\FlashGet\flashget.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\mstsc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\Administrateur\Bureau\HiJackThis.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:\WINDOWS\system32\BhoECart.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: FlashGet - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\Program Files\FlashGet\fgiebar.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [C6501Sound] RunDll32 c6501.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [ASUSGamerOSD] C:\Program Files\ASUS\GamerOSD\GamerOSD.exe
O4 - HKLM\..\Run: [AS00_Netgear] C:\Program Files\NETGEAR\Wireless Smart Configuration\Utility\NetgearAG.exe -hide
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [Startup Manager Scanner] C:\Program Files\Startup Mechanic\StartupMonitor.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [Orb] "C:\Program Files\Winamp Remote\bin\OrbTray.exe" /background
O8 - Extra context menu item: &Tout télécharger avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users.WINDOWS\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_03\bin\npjpi150_03.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_03\bin\npjpi150_03.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O15 - Trusted Zone: http://www.secuser.com
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5852F5ED-8BF4-11D4-A245-0080C6F74284} (isInstalled Class) - http://javadl-esd.sun.com/update/1.5.0/jinstall-1_5_0_03-windows-i586.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\PROGRA~1\NVIDIA~1\NETWOR~1\bin\nSvcAppFlt.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\PROGRA~1\NVIDIA~1\NETWOR~1\Apache Group\Apache2\bin\apache.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA - C:\PROGRA~1\NVIDIA~1\NETWOR~1\bin\nSvcLog.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Graveur\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
--
End of file - 12131 bytes
---------------------------------------------------------------------------------------------------------------------------------------------------------------
Avira AntiVir Personal
Report file date: dimanche 24 août 2008 11:43
Scanning for 1568528 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Normally booted
Username: SYSTEM
Computer name: GONE
Version information:
BUILD.DAT : 8.1.0.331 16934 Bytes 12/08/2008 11:46:00
AVSCAN.EXE : 8.1.4.7 315649 Bytes 26/06/2008 08:57:53
AVSCAN.DLL : 8.1.4.0 40705 Bytes 26/05/2008 07:56:40
LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 12:44:19
LUKERES.DLL : 8.1.4.0 12033 Bytes 26/05/2008 07:58:52
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34
ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 24/06/2008 13:54:15
ANTIVIR2.VDF : 7.0.6.10 2587136 Bytes 14/08/2008 09:03:19
ANTIVIR3.VDF : 7.0.6.59 242688 Bytes 23/08/2008 09:03:20
Engineversion : 8.1.1.23
AEVDF.DLL : 8.1.0.5 102772 Bytes 09/07/2008 08:46:50
AESCRIPT.DLL : 8.1.0.68 315770 Bytes 24/08/2008 09:03:33
AESCN.DLL : 8.1.0.23 119156 Bytes 24/08/2008 09:03:32
AERDL.DLL : 8.1.0.20 418165 Bytes 09/07/2008 08:46:50
AEPACK.DLL : 8.1.2.1 364917 Bytes 24/08/2008 09:03:31
AEOFFICE.DLL : 8.1.0.22 192890 Bytes 24/08/2008 09:03:29
AEHEUR.DLL : 8.1.0.50 1388918 Bytes 24/08/2008 09:03:28
AEHELP.DLL : 8.1.0.15 115063 Bytes 09/07/2008 08:46:50
AEGEN.DLL : 8.1.0.36 315764 Bytes 24/08/2008 09:03:24
AEEMU.DLL : 8.1.0.7 430452 Bytes 24/08/2008 09:03:23
AECORE.DLL : 8.1.1.8 172406 Bytes 24/08/2008 09:03:22
AEBB.DLL : 8.1.0.1 53617 Bytes 24/04/2008 08:50:42
AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 08:40:05
AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 09:28:01
AVREP.DLL : 8.0.0.2 98344 Bytes 24/08/2008 09:03:21
AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 11:26:40
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 12:27:49
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 12:49:40
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 12/06/2008 13:48:07
RCTEXT.DLL : 8.0.52.0 86273 Bytes 27/06/2008 13:34:37
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, D:, E:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: dimanche 24 août 2008 11:43
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '1' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'WLLoginProxy.exe' - '1' Module(s) have been scanned
Scan process 'iexplore.exe' - '1' Module(s) have been scanned
Scan process 'mstsc.exe' - '1' Module(s) have been scanned
Scan process 'firefox.exe' - '1' Module(s) have been scanned
Scan process 'flashget.exe' - '1' Module(s) have been scanned
Scan process 'kpf4gui.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'nSvcAppFlt.exe' - '1' Module(s) have been scanned
Scan process 'wdfmgr.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'StarWindService.exe' - '1' Module(s) have been scanned
Scan process 'sqlwriter.exe' - '1' Module(s) have been scanned
Scan process 'sqlbrowser.exe' - '1' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
Scan process 'nSvcLog.exe' - '1' Module(s) have been scanned
Scan process 'sqlservr.exe' - '1' Module(s) have been scanned
Scan process 'MDM.EXE' - '1' Module(s) have been scanned
Scan process 'kpf4gui.exe' - '1' Module(s) have been scanned
Scan process 'LogMeIn.exe' - '1' Module(s) have been scanned
Scan process 'Apache.exe' - '1' Module(s) have been scanned
Scan process 'ramaint.exe' - '1' Module(s) have been scanned
Scan process 'LSSrvc.exe' - '1' Module(s) have been scanned
Scan process 'kpf4ss.exe' - '1' Module(s) have been scanned
Scan process 'Apache.exe' - '1' Module(s) have been scanned
Scan process 'Orb.exe' - '1' Module(s) have been scanned
Scan process 'rapimgr.exe' - '1' Module(s) have been scanned
Scan process 'OrbTray.exe' - '1' Module(s) have been scanned
Scan process 'wcescomm.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'winampa.exe' - '1' Module(s) have been scanned
Scan process 'acrotray.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'StartupMonitor.exe' - '1' Module(s) have been scanned
Scan process 'NetgearAG.exe' - '1' Module(s) have been scanned
Scan process 'GamerOSD.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
55 processes with 55 modules were scanned
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!
Boot sector 'E:\'
[INFO] No virus was found!
Starting to scan the registry.
The registry was scanned ( '60' files ).
Starting the file scan:
Begin scan in 'C:\' <XP>
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\WINDOWS\Temp\tmp000059690\ncrdll.exe
[DETECTION] Is the TR/Small.14900 Trojan
[NOTE] The file was moved to '4923356d.qua'!
Begin scan in 'D:\' <Logiciel>
D:\Alcohol.120%.v1.9.5.3105.WinALL.Cracked-BetaMaster\Crack\Patch.exe
[DETECTION] Is the TR/Agent.69632.O Trojan
[NOTE] The file was moved to '49253577.qua'!
D:\Antivirus\Flash_Disinfector.exe
[DETECTION] Is the TR/Batc.Flashdis.A.1 Trojan
[NOTE] The file was moved to '49123585.qua'!
D:\Crystal Report Dev 8.5\Seagate Crystal Report Dev 8.5\redist\jp\NSQL20~1.EXE
[0] Archive type: ZIP SFX (self extracting)
--> INSTDLL.DLL
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '4902359d.qua'!
D:\emoticon\MsgPlus-301.exe
[DETECTION] Is the TR/Dldr.Swizzor.AG.2 Trojan
[NOTE] The file was moved to '491835de.qua'!
D:\System Volume Information\_restore{28C1292A-4ABD-46DE-89E7-D99C3F82D40F}\RP248\A0033736.exe
[DETECTION] Is the TR/Agent.69632.O Trojan
[NOTE] The file was moved to '48e13670.qua'!
D:\System Volume Information\_restore{28C1292A-4ABD-46DE-89E7-D99C3F82D40F}\RP248\A0033737.exe
[DETECTION] Is the TR/Batc.Flashdis.A.1 Trojan
[NOTE] The file was moved to '4963a501.qua'!
D:\System Volume Information\_restore{28C1292A-4ABD-46DE-89E7-D99C3F82D40F}\RP248\A0033738.EXE
[0] Archive type: ZIP SFX (self extracting)
--> INSTDLL.DLL
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '48e13671.qua'!
D:\System Volume Information\_restore{28C1292A-4ABD-46DE-89E7-D99C3F82D40F}\RP248\A0033739.exe
[DETECTION] Is the TR/Dldr.Swizzor.AG.2 Trojan
[NOTE] The file was moved to '4963a502.qua'!
Begin scan in 'E:\' <Fichiers>
E:\Fichiers téléchargés\archi\GH0ST.exe
[DETECTION] Is the TR/Dldr.Delphi.Gen Trojan
[NOTE] The file was moved to '48e13850.qua'!
E:\Fichiers téléchargés\archi\XXX.folder
[DETECTION] Contains recognition pattern of a probably damaged CC/JS.Agent.A sample
[NOTE] The file was moved to '49093861.qua'!
E:\Fichiers téléchargés\archi\pamela\_aleste.exe
[DETECTION] Contains recognition pattern of the W32/Stanit Windows virus
[NOTE] The file was moved to '491d38b6.qua'!
E:\Fichiers téléchargés\archi\programme\Artlantis Studio 2.0 + Crack.rar
[0] Archive type: RAR
--> Artlantis_Studio_200_EN_Win\Crack_atl_2.zip
[1] Archive type: ZIP
--> ArtlantisBatchRender.exe
[DETECTION] Is the TR/Agent.716800.F Trojan
--> ArtlantisStudio.exe
[DETECTION] Is the TR/Agent.2246656 Trojan
[NOTE] The file was moved to '4925399d.qua'!
E:\Fichiers téléchargés\archi\programme\Artlantis.Studio.v1.2.0.0.Multilanguage.WinALL.Cracked-ENGiNE.rar
[0] Archive type: RAR
--> Artlantis.Studio.v1.2.0.0.Multilanguage.WinALL.Cracked-ENGiNE\Crack\Artlantis.studio.v1.2.0.0_Crk.exe
[DETECTION] Is the TR/Patch.ES Trojan
[NOTE] The file was moved to '492539c3.qua'!
E:\Fichiers téléchargés\archi\programme\Artlantis.Studio.v2.0.0.3.Multilangual-ENGiNE.rar
[0] Archive type: RAR
--> Artlantis.Studio.v2.0.0.3.Multilangual-ENGiNE\e-as23ce.zip
[1] Archive type: ZIP
--> e-as23.rar
[2] Archive type: RAR
--> ENGiNE\ArtlantisBatchRender.exe
[DETECTION] Is the TR/Agent.716800.F Trojan
--> ENGiNE\ArtlantisStudio.exe
[DETECTION] Is the TR/Agent.2246656 Trojan
[NOTE] The file was moved to '492539e9.qua'!
E:\Fichiers téléchargés\archi\programme\archi 10 commercial\Setup.exe
[DETECTION] Contains recognition pattern of the W32/Stanit Windows virus
[NOTE] The file was moved to '49253ad9.qua'!
E:\Fichiers téléchargés\archi\programme\archi 10 commercial\ArchiCAD 10\archive.exe
[DETECTION] Contains recognition pattern of the W32/Stanit Windows virus
[NOTE] The file was moved to '49143ae7.qua'!
E:\Fichiers téléchargés\archi\programme\archi 10 commercial\ArchiCAD 10\Setup.exe
[DETECTION] Contains recognition pattern of the W32/Stanit Windows virus
[NOTE] The file was moved to '49253af4.qua'!
E:\Fichiers téléchargés\archi\programme\archi 10 commercial\ArchiCAD 10\JVM\jre-1_5_0_06-windows-i586-p.exe
[DETECTION] Contains recognition pattern of the W32/Stanit Windows virus
[NOTE] The file was moved to '49163b02.qua'!
E:\Fichiers téléchargés\archi\programme\archi 10 commercial\Crack\Arch10.fr_Crk.exe
[DETECTION] Contains recognition pattern of the W32/Stanit Windows virus
[NOTE] The file was moved to '49143b02.qua'!
E:\Fichiers téléchargés\archi\programme\archi 10 commercial\JAVA\jre-1_5_0_06-windows-i586-p.exe
[DETECTION] Contains recognition pattern of the W32/Stanit Windows virus
[NOTE] The file was moved to '489299b3.qua'!
E:\Fichiers téléchargés\archi\programme\archi 10 commercial\QuickTime\QuickTimeInstaller.exe
[DETECTION] Contains recognition pattern of the W32/Stanit Windows virus
[NOTE] The file was moved to '491a3b06.qua'!
E:\Fichiers téléchargés\archi\programme\archi 10 commercial\WIBU\WIBU32\WIBUKEY.exe
[DETECTION] Contains recognition pattern of the W32/Stanit Windows virus
[NOTE] The file was moved to '48f33ada.qua'!
E:\Fichiers téléchargés\archi\programme\archi 10 commercial\WIBU\WIBU32\DRIVER\Setup32.exe
[DETECTION] Contains recognition pattern of the W32/Stanit Windows virus
[NOTE] The file was moved to '49253af6.qua'!
E:\Fichiers téléchargés\archi\programme\archi 10 commercial\WIBU\WIBU64\WIBUKEY.exe
[DETECTION] Contains recognition pattern of the W32/Stanit Windows virus
[NOTE] The file was moved to '48f33add.qua'!
E:\Fichiers téléchargés\archi\programme\archi 10 commercial\WIBU\WIBU64\DRIVER\Setup64.exe
[DETECTION] Contains recognition pattern of the W32/Gael.3666 Windows virus
[NOTE] The file was moved to '49253af9.qua'!
E:\Fichiers téléchargés\Prog Charlotte\Adobe Acrobat Reader 7.0 Professional Multilanguage + Keygenerator.zip
[0] Archive type: ZIP
--> Keygenerator.exe
[DETECTION] Contains recognition pattern of the WORM/Autorun.cxl worm
[NOTE] The file was moved to '49203bc4.qua'!
E:\System Volume Information\_restore{28C1292A-4ABD-46DE-89E7-D99C3F82D40F}\RP248\A0033740.exe
[DETECTION] Is the TR/Dldr.Delphi.Gen Trojan
[NOTE] The file was moved to '48e13c49.qua'!
E:\System Volume Information\_restore{28C1292A-4ABD-46DE-89E7-D99C3F82D40F}\RP248\A0033741.exe
[DETECTION] Contains recognition pattern of the W32/Stanit Windows virus
[NOTE] The file was moved to '4963af3a.qua'!
E:\System Volume Information\_restore{28C1292A-4ABD-46DE-89E7-D99C3F82D40F}\RP248\A0033742.exe
[DETECTION] Contains recognition pattern of the W32/Stanit Windows virus
[NOTE] The file was moved to '48e13c4b.qua'!
E:\System Volume Information\_restore{28C1292A-4ABD-46DE-89E7-D99C3F82D40F}\RP248\A0033743.exe
[DETECTION] Contains recognition pattern of the W32/Stanit Windows virus
[NOTE] The file was moved to '48e13c4a.qua'!
E:\System Volume Information\_restore{28C1292A-4ABD-46DE-89E7-D99C3F82D40F}\RP248\A0033744.exe
[DETECTION] Contains recognition pattern of the W32/Stanit Windows virus
[NOTE] The file was moved to '4963af3b.qua'!
E:\System Volume Information\_restore{28C1292A-4ABD-46DE-89E7-D99C3F82D40F}\RP248\A0033745.exe
[DETECTION] Contains recognition pattern of the W32/Stanit Windows virus
[NOTE] The file was moved to '48e13c4c.qua'!
E:\System Volume Information\_restore{28C1292A-4ABD-46DE-89E7-D99C3F82D40F}\RP248\A0033746.exe
[DETECTION] Contains recognition pattern of the W32/Stanit Windows virus
[NOTE] The file was moved to '4963af3c.qua'!
E:\System Volume Information\_restore{28C1292A-4ABD-46DE-89E7-D99C3F82D40F}\RP248\A0033747.exe
[DETECTION] Contains recognition pattern of the W32/Stanit Windows virus
[NOTE] The file was moved to '48e13c4d.qua'!
E:\System Volume Information\_restore{28C1292A-4ABD-46DE-89E7-D99C3F82D40F}\RP248\A0033748.exe
[DETECTION] Contains recognition pattern of the W32/Stanit Windows virus
[NOTE] The file was moved to '4963af3e.qua'!
E:\System Volume Information\_restore{28C1292A-4ABD-46DE-89E7-D99C3F82D40F}\RP248\A0033749.exe
[DETECTION] Contains recognition pattern of the W32/Stanit Windows virus
[NOTE] The file was moved to '48e13c4f.qua'!
E:\System Volume Information\_restore{28C1292A-4ABD-46DE-89E7-D99C3F82D40F}\RP248\A0033750.exe
[DETECTION] Contains recognition pattern of the W32/Stanit Windows virus
[NOTE] The file was moved to '4963af3d.qua'!
E:\System Volume Information\_restore{28C1292A-4ABD-46DE-89E7-D99C3F82D40F}\RP248\A0033751.exe
[DETECTION] Contains recognition pattern of the W32/Stanit Windows virus
[NOTE] The file was moved to '48e13c4e.qua'!
E:\System Volume Information\_restore{28C1292A-4ABD-46DE-89E7-D99C3F82D40F}\RP248\A0033752.exe
[DETECTION] Contains recognition pattern of the W32/Gael.3666 Windows virus
[NOTE] The file was moved to '4963af3f.qua'!
End of the scan: dimanche 24 août 2008 12:46
Used time: 1:03:24 Hour(s)
The scan has been done completely.
14658 Scanning directories
546270 Files were scanned
42 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
40 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
546227 Files not concerned
3551 Archives were scanned
1 Warnings
40 Notes
Configuration: Windows XP Firefox 2.0.0.16
A voir également:
- Virus ??? Problème ATKKBService.exe
- Virus mcafee - Accueil - Piratage
- Comment détruire un virus informatique - Guide
- Powershell.exe virus - Guide
- Undisclosed-recipients virus - Guide
- Impossible de terminer l'opération car le fichier contient un virus - Forum Virus
5 réponses
bonjour , bravo , tu as tout pleins de cracks et tous sont infectés !!!!!
la solution ,
tous les virer !!!!!!!!!
la solution ,
tous les virer !!!!!!!!!
ok tiens nous informés de l'avancement , ensuite il faudras debuter une desinfection ;-)) car il y en as un peu as tous les étages !!! ;;;;;-----)))
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
la seul solution que je trouve c de prendre une masse eclater ta machine ensuite aller a leclers et prend leur merde de machine bon marcher Florance je taimmeeeeeeeeeeeeeeeeeeeeeeee philippe revient avec tes kélops
AFPA on taime OGAMEEEEEEEEEEEEEEE racourci clavier 107 touches 32 go de ram et 64 processeur octoprocesse azote liquide refroidisement
AFPA on taime OGAMEEEEEEEEEEEEEEE racourci clavier 107 touches 32 go de ram et 64 processeur octoprocesse azote liquide refroidisement
