Sujet Précédent Sujet Suivant

Pb virus win32

yo -  
 yo -
Bonjour,
je rencontre un pb avec Win32:Adware-gen [Adw] je viens d'effectuer la recherche avec hijackthis.voici le
rapport. qqun peut-il me renseigner? par avance merci

Logfile of HijackThis v1.99.1
Scan saved at 11:37:23, on 07/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\SysMonitor.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\lphcrpqj0eac5.exe
C:\Documents and Settings\yo\Local Settings\Temp\.tt9.tmp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
C:\Program Files\NETGEAR\WG111v2\WG111v2.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Java\jre1.6.0_03\bin\jucheck.exe
C:\DOCUME~1\yo\LOCALS~1\Temp\Répertoire temporaire 1 pour hijackthis_199.zip\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/defaults/su/*https://fr.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://fr.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\WINDOWS\system32\SysMonitor.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 0
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [lphcrpqj0eac5] C:\WINDOWS\system32\lphcrpqj0eac5.exe
O4 - HKLM\..\Run: [inrhcvpqj0eac5] C:\Documents and Settings\yo\Local Settings\Temp\.tt9.tmp.exe /CR=32AE7D78104D9AEF773998D8703A4E3D071456B924287C233D780756C0F5DDD10AB1BBABF1DD4ED39877C0032838CC0F793B7A94D1918C5E0D79F408E8DB7E4789E966599327D3F5BF777C1829E4A678B3
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Acer Empowering Technology.lnk = ?
O4 - Global Startup: Acer WLAN 11g USB Dongle.lnk = C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: NETGEAR WG111v2 Smart Wizard.lnk = C:\Program Files\NETGEAR\WG111v2\WG111v2.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O17 - HKLM\System\CCS\Services\Tcpip\..\{BCB1F93C-5406-4215-B1A0-0952EB572C5E}: NameServer = 192.168.1.1,0.0.0.0
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
A voir également:

26 réponses

  • 1
  • 2
Réponse 1 / 26
chimay8 Messages postés 7947 Statut Contributeur sécurité 60
 
Salut

Télécharge SmitFraudfix de S!Ri, balltrap34 et moe31
http://siri.urz.free.fr/Fix/SmitfraudFix.zip -
mirroir: http://72.232.135.12/siri/SmitfraudFix.php

voila à quoi cela ressemble : http://siri.urz.free.fr/Fix/SmitfraudFix.php

Désactive les logiciels de protections(antivirus et antispyware)
-- Fais un clic droit puis Extraire tout sur le fichier SmitfraudFix.zip, cela va tout décompresser dans un nouveau dossier SmitFraudfix
-- Ouvre le dossier SmitFraudFix double clique sur SmitfraudFix.cmd (le .cmd peut ne pas être présent)
-- Choisis l'option 1 et appuie sur Entrée
-- Réponds o (Oui) aux deux questions suivantes si elles sont posées
-- Un rapport sera généré; sauvegarde le dans un dossier.
-- Copie/colle le contenu du rapport ici
0
yo
 
Excuses moi j'attendais un mail qui n'arrivais pas. Je te remercie beaucoup voilà le rapport
SmitFraudFix v2.346

Rapport fait à 17:23:41,56, 07/09/2008
Executé à partir de C:\Documents and Settings\yo\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\SysMonitor.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\lphcrpqj0eac5.exe
C:\Documents and Settings\yo\Local Settings\Temp\.tt9.tmp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
C:\Program Files\NETGEAR\WG111v2\WG111v2.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Java\jre1.6.0_03\bin\jucheck.exe
C:\WINDOWS\system32\cmd.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts


»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\yo


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\yo\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\yo\Favoris


»»»»»»»»»»»»»»»»»»»»»»»» Bureau


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files


»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues


»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"


»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri



»»»»»»»»»»»»»»»»»»»»»»»» VACFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» 404Fix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» AntiXPVSTFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

AntiXPVSTFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri



»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» RK



»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter #6 - Miniport d'ordonnancement de paquets
DNS Server Search Order: 192.168.1.1
DNS Server Search Order: 0.0.0.0

HKLM\SYSTEM\CCS\Services\Tcpip\..\{BCB1F93C-5406-4215-B1A0-0952EB572C5E}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CCS\Services\Tcpip\..\{BCB1F93C-5406-4215-B1A0-0952EB572C5E}: NameServer=192.168.1.1,0.0.0.0
HKLM\SYSTEM\CS1\Services\Tcpip\..\{BCB1F93C-5406-4215-B1A0-0952EB572C5E}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{BCB1F93C-5406-4215-B1A0-0952EB572C5E}: NameServer=192.168.1.1,0.0.0.0
HKLM\SYSTEM\CS2\Services\Tcpip\..\{BCB1F93C-5406-4215-B1A0-0952EB572C5E}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS2\Services\Tcpip\..\{BCB1F93C-5406-4215-B1A0-0952EB572C5E}: NameServer=192.168.1.1,0.0.0.0
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1


»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin
0
Réponse 2 / 26
chimay8 Messages postés 7947 Statut Contributeur sécurité 60
 
bon,il voit rien...mais moi si
on change de méthode

Télécharge SDfix (créé par AndyManchesta) et sauvegarde le sur ton Bureau. Tu peux suivre le tutorial SDFix de Malekal pour t'aider :

Double clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau. Redémarre ton ordinateur en mode sans échec en suivant la procédure que voici :
[*]Redémarre ton ordinateur
[*]Après avoir entendu l'ordinateur biper lors du démarrage, mais avant que l'icône Windows apparaisse, tapote la touche F8 (une pression par seconde).
[*]A la place du chargement normal de Windows, un menu avec différentes options devrait apparaître.
[*]Choisis la première option, pour exécuter Windows en mode sans échec, puis appuie sur "Entrée".
[*]Choisis ton compte.
Déroule la liste des instructions ci-dessous :
[*]Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.bat pour lancer le script.
[*]Appuie sur Y pour commencer le processus de nettoyage.
[*]Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
[*]Appuie sur une touche pour redémarrer le PC.
[*]Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
[*]Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
[*]Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
[*]Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
[*]Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum
0
yo
 
re
j'ai l'impression qu'il y avait association de malfaiteurs.j'ai maintenant celui-ci qui apparait au démarrage

VBS:Malware-gen
0
Réponse 3 / 26
yo
 
ci joint le raport

[b]SDFix: Version 1.222 [/b]
Run by yo on 07/09/2008 at 18:07

Microsoft Windows XP [version 5.1.2600]
Running From: C:\SDFix

[b]Checking Services [/b]:

[b]Rootkit[/b]:
C:\WINDOWS\system32\drivers\msliksurserv.sys - [B]VirTool:WinNT/Rootkitdrv.DM[/B]

[b]Name [/b]:
msliksurserv

[b]Path [/b]:
\??\globalroot\systemroot\system32\drivers\msliksurserv.sys

msliksurserv - Deleted

Restoring Default Security Values
Restoring Default Hosts File
Restoring Default Desktop Wallpaper
0
Réponse 4 / 26
chimay8 Messages postés 7947 Statut Contributeur sécurité 60
 
on continue,

Télécharge Combofix sUBs : http://download.bleepingcomputer.com/sUBs/ComboFix.exe
et sauvegarde le sur ton bureau et pas ailleurs!

**Désactive les logiciels de protection** (Antivirus, Antispywares) puis :
deconnecte toi d'internet,ferme tout les programmes

Double-clique sur combofix, Il va te poser une question, réponds par la touche 1 et entrée pour valider.
ne touche plus à rien même pas ta souris!!
Attends que combofix ait terminé, un rapport sera créé. Poste le rapport.

Copie/colle un nouveau rapport HiJackThis avec.
0
yo
 
il va jusqu'à l'étape 10 et après plus rien ! j'ai refais 2 fois la manip peut être que je n'attend pas assez??
0
yo
 
il va jusqu'a l'étape 10 puis il met suppreqssion de fichier c windows system 32 et après plus rien...
enfin si il y a le win 32 trojam qui apparaît à son tour et il reste boqué ensuite
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 26
chimay8 Messages postés 7947 Statut Contributeur sécurité 60
 
oui,faut être patient
0
yo
 
je n'arrive pas a passer cette étape j'ai laissé tourner 1h00 il reste toujours bloqué à cette étape 10 suppression de fichier c windows system 32. IL y a une barre d'outil qui s'incrit a un moment et qui met Echec du chargement du script "..
0
Réponse 6 / 26
chimay8 Messages postés 7947 Statut Contributeur sécurité 60
 
bon, abandonne combofix

fais ceci,attention c'est assez long

Télécharge Malwarebytes' Anti-Malware et enregistre le sur ton Bureau.
https://www.malwarebytes.com/
A la fin du téléchargement, ferme toutes les fenêtres et programmes, y compris celui-ci.
Double-clique sur l'icône "Download_mbam-setup.exe" sur ton bureau pour démarrer le programme d'installation.
Pendant l'installation, suis les indications n'apporte aucune modification aux réglages par défaut et, en fin d'installation, vérifie que les options Update Malwarebytes' Anti-Malware et Launch Malwarebytes' Anti-Malware sont cochées.
MBAM démarrera automatiquement et enverra un message demandant à mettre à jour le programme avant de lancer une analyse. Comme MBAM se met automatiquement à jour en fin d'installation, clique sur OK pour fermer la boîte de dialogue.
Ferme MBAM
Redémarre en mode sans échec, pour cela, redémarre l'ordinateur, avant le logo Windows, tapote sur la touche F8, un menu va apparaître, choisis Mode sans échec et appuye sur la touche entrée du clavier.

Relance MBAM
La fenêtre principale de MBAM s'affiche :
Dans l'onglet analyse, vérifie que "Exécuter un examen complet" est coché et clique sur le bouton Rechercher pour démarrer l'analyse.
MBAM analyse ton ordinateur. L'analyse peut prendre un certain temps. Il suffit de vérifier de temps en temps son avancement.

A la fin de l'analyse, un message s'affiche indiquant la fin de l'analyse. Clique sur OK pour poursuivre.
Si des malwares ont été détectés, leur liste s'affiche.
***EN CLIQUANT SUR SUPPRESSION(?)FAIT LE***, MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.

MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Ferme le Bloc-notes. (Le rapport peut être retrouvé sous l'onglet Rapports/logs)
Ferme MBAM en cliquant sur Quitter.
Poste le rapport dans ta réponse
0
yo
 
l'orsque je vais sur le lien il n'y a rien qui se passe. J'ai aussi par telecharger.com et pareil : internet explorer ne peut afficher cette page!
0
Réponse 7 / 26
chimay8 Messages postés 7947 Statut Contributeur sécurité 60
 
essaye ce lien
http://www.commentcamarche.net/telecharger/telecharger 34055379 malwarebyte s anti malware
0
yo
 
j'ai fais l'analyse et supprimer la liste en mode sans échec.
Voici le rapport

Malwarebytes' Anti-Malware 1.26
Version de la base de données: 1125
Windows 5.1.2600 Service Pack 2

2008-09-07 22:54:06
mbam-log-2008-09-07 (22-54-06).txt

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 109258
Temps écoulé: 32 minute(s), 49 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 5
Valeur(s) du Registre infectée(s): 6
Elément(s) de données du Registre infecté(s): 2
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 16

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\msliksur (Trojan.DNSChanger) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\sunporn (Trojan.DNSChanger) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\sunpornwrrb325 (Trojan.DNSChanger) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\msliksurserv (Rootkit.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Software Notifier (Rogue.Multiple) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lphcrpqj0eac5 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\inrhcvpqj0eac5 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\wallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\originalwallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\convertedwallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\scrnsave.exe (Hijack.Wallpaper) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispBackgroundPage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispScrSavPage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\QooBox\Quarantine\C\WINDOWS\system32\blphcrpqj0eac5.scr.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\SDFix\backups\tmpE.tmp (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP317\A0042516.scr (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lphcrpqj0eac5.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\phcrpqj0eac5.bmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\yo\Local Settings\Temp\.tt1.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\yo\Local Settings\Temp\.tt2.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\yo\Local Settings\Temp\.tt3.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\yo\Local Settings\Temp\.tt4.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\yo\Local Settings\Temp\.tt5.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\yo\Local Settings\Temp\.tt6.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\yo\Local Settings\Temp\.tt7.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\yo\Local Settings\Temp\.tt8.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\yo\Local Settings\Temp\.tt9.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\yo\Local Settings\Temp\.ttA.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\yo\Local Settings\Temp\.ttB.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
0
Réponse 8 / 26
chimay8 Messages postés 7947 Statut Contributeur sécurité 60
 
poste un nouveau rapport hjt stp
avec mon lien car ta version est obsolète

http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis/download
0
yo
 
une fois hijackthis ouvert je vais ou? Main menu: what would u like to do
0
Réponse 9 / 26
chimay8 Messages postés 7947 Statut Contributeur sécurité 60
 
comment ça?

Télécharge HiJackThis.zip de Merijn sur ton bureau.
- Dézippe le dans un dossier prévu à cet effet.
** exemple C:\hijackthis < Enregistre le bien dans c : !

- Double-clique dessus
- Génère un rapport en suivant ces indications :
- Exécute le et clique sur "Do a scan and save log file".
- Le rapport s'ouvre sur le Bloc-Note.
- Colle le rapport ici, pour cela :
- Menu Edition / Selectionner Tout
- Menu Edition / copier
- Ici dans un nouveau message : clic droit / coller
- ** ne pas fixer de lignes sans notre avis **
Aide : N'hésite pas à consulter l'aide HiJackThis de Malekal_morte
En image
0
yo
 
ok voila.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:46, on 2008-09-07
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\SysMonitor.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
C:\Program Files\NETGEAR\WG111v2\WG111v2.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Java\jre1.6.0_03\bin\jucheck.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/defaults/su/*https://fr.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://fr.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\WINDOWS\system32\SysMonitor.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 0
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Acer Empowering Technology.lnk = ?
O4 - Global Startup: Acer WLAN 11g USB Dongle.lnk = C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: NETGEAR WG111v2 Smart Wizard.lnk = C:\Program Files\NETGEAR\WG111v2\WG111v2.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{BCB1F93C-5406-4215-B1A0-0952EB572C5E}: NameServer = 192.168.1.1,0.0.0.0
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
0
Réponse 10 / 26
chimay8 Messages postés 7947 Statut Contributeur sécurité 60
 
java n'est pas à jour,il contient des failles de sécurité

Télécharge JavaRa.zip de Paul 'Prm753' McLain et Fred de Vries.
Décompresse le fichier sur ton bureau (clique droit > Extraire tout.)
Double-clique sur le répertoire JavaRa obtenu.
Puis double-clique sur le fichier JavaRa.exe (le .exe peut ne pas s'afficher)
Clique sur Search For Updates.
Sélectionne Update Using jucheck.exe puis clique sur Search.
Autorise le processus à se connecter s'il te le demande, clique sur Install et suis les instructions d'installation. Cela prendra quelques minutes.
Quand l'installation est terminée, revient à l'écran de JavaRa et clique sur Remove Older Versions.
Clique sur Oui pour confirmer. L'outil va travailler, clique ensuite sur Ok, puis une deuxième fois sur Ok.
Un rapport va s'ouvrir, copie-colle le dans ta prochaine réponse.
Note : le rapport se trouve aussi à la racine de la partition système, en général C:\ sous le nom JavaRa.log
(c:\JavaRa.log)
Ferme l'application.

ensuite

Pour supprimer les outils/fix utilisés :

Télécharge ToolsCleaner sur ton bureau.
-->
http://www.commentcamarche.net/telecharger/telechargement 34055291 toolscleaner

# Clique sur "Recherche" et laisse le scan agir ...
# Clique sur "Suppression" pour finaliser.
# Tu peux, si tu le souhaites, te servir des Options facultatives.
# Clique sur Quitter pour obtenir le rapport.
# Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).

ensuite

Télécharges : - CCleaner
https://www.pcastuces.com/logitheque/ccleaner.htm
Ce logiciel va permettre de supprimer tous les fichiers temporaires et de corrigé ton registre .Lors de l'installation, avant de cliquer sur le bouton "installer", décoche toutes les "options supplémentaires" sauf les 2 première.
Une fois le prg instalé et lancé, Clique sur "Options", "Avancé" et décoche la case "Effacer uniquement les fichiers, du dossier Temp de Windows, plus vieux que 48 heures"( Par la suite, laisse-le avec ses réglages par défaut. C'est tout ).

Un tuto ( aide ):
http://perso.orange.fr/jesses/Docs/Logiciels/CCleaner.htm

---> Utilisation:
! déconnectes toi et fermes toutes les applications en cours !
* vas dans "nettoyeur" : fait analyse puis nettoyage
* vas dans "registre" : fait chercher les erreurs et réparer ( plusieurs fois jusqu'à ce qu'il n'y est plus d'erreur ) .

( CCleaner : soft à garder sur son PC , super utile pour de bons nettoyages ... )

**important**

Suppression des points de restauration :
1.Ouvre le Menu Démarrer
2.Clique-droit sur Poste de travail
3.Clique sur Propriétés
4.Positionne-toi dans l'onglet Restauration du système
5.Coche "Désactiver la restauration système"
6.Valide par Ok
7.Redémarre ton pc
8.Reproduis les manipulations 1 à 3
9.Décoche "Désactiver la restauration système"
10.Valide par Ok

dis moi comment tourne ton pc? tu as encore des problèmes?
0
yo
 
JavaRa 1.11 Removal Log.

Report follows after line.

------------------------------------

The JavaRa removal process was started on Mon Sep 08 00:11:35 2008

Found and removed: C:\Program Files\Java\jre1.5.0_06

Found and removed: C:\Program Files\Java\jre1.6.0_01

Found and removed: Software\JavaSoft\Java2D\1.5.0_06

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D510006

Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D510006

Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D510006

Found and removed: SOFTWARE\Classes\JavaPlugin.150_06

Found and removed: SOFTWARE\Classes\JavaWebStart.isInstalled.1.5.0.0

Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.5.0_06

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5.0_06

Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D510006

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D510006

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0150060}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D610001

Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D610003

Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610001

Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610003

Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610001

Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610003

Found and removed: SOFTWARE\Classes\JavaPlugin.160_01

Found and removed: SOFTWARE\Classes\JavaPlugin.160_03

Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_01

Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_03

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_01

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_03

Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610001

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610003

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610001

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610003

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610001

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610003

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160010}

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160030}

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.5.0_06

Found and removed: Software\Classes\JavaPlugin.160_01

Found and removed: Software\Classes\JavaPlugin.160_03

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.5.0_06\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_01\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_03\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_01\bin\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_03\bin\

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_02

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_03

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_04

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2.0_01

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_01

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_03

Found and removed: Software\JavaSoft\Java2D\1.6.0_01

Found and removed: Software\JavaSoft\Java2D\1.6.0_03

Found and removed: Software\JavaSoft\Java Runtime Environment\1.6.0_01

Found and removed: Software\JavaSoft\Java Runtime Environment\1.6.0_03

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBB}

------------------------------------

Finished reporting.



[ Rapport ToolsCleaner version 2.2.3 (par A.Rothstein & dj QUIOU) ]

-->- Recherche:

C:\SDFIX: trouvé !
C:\Combofix: trouvé !
C:\Qoobox: trouvé !
C:\ComboFix\Combofix.txt: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: trouvé !
C:\Documents and Settings\yo\Bureau\SmitFraudFix.zip: trouvé !
C:\Documents and Settings\yo\Bureau\HijackThis.lnk: trouvé !
C:\Documents and Settings\yo\Bureau\ComboFix.exe: trouvé !
C:\Documents and Settings\yo\Bureau\HJTInstall.exe: trouvé !
C:\Program Files\Trend Micro\HijackThis: trouvé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: trouvé !
C:\Program Files\Trend Micro\HijackThis\hijackthis.log: trouvé !

---------------------------------
-->- Suppression:

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: supprimé !
C:\Documents and Settings\yo\Bureau\SmitFraudFix.zip: supprimé !
C:\Documents and Settings\yo\Bureau\HijackThis.lnk: supprimé !
C:\Documents and Settings\yo\Bureau\ComboFix.exe: ERREUR DE SUPPRESSION !!
C:\Documents and Settings\yo\Bureau\HJTInstall.exe: supprimé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: supprimé !
C:\ComboFix\Combofix.txt: supprimé !
C:\Program Files\Trend Micro\HijackThis\hijackthis.log: supprimé !
C:\SDFIX: supprimé !
C:\Combofix: supprimé !
C:\Qoobox: supprimé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: supprimé !
C:\Program Files\Trend Micro\HijackThis: supprimé !



je recommences ccleaner et t'envoies le rapport ça n'a pas fonctionné hier soir
0
yo
 
a l'étape ccleaner il bloque à 1 moment sur l'analyse et à nouveau un virus apparaît avec avast VBS:Malware-gen
on a l'impression que ça bloque l'analyse. Sinon je serai peut être là en début d'apm sinon donne moi tes dispo je vais faire en foncton
0
yo
 
j'ai reessayé une autre fois en faisant pause sur avast et là j'ai réussi à aller jusqu'au bout = désactiver la restauration système.
Alors tu m'ecusera pour hier soir mais je me suis endormi dessus et aujourd'hui ya boulot, redonnes moi de tes nouvelles pour confirmation. j'espère ne plus revoir le malware pour l'instant ça semble bon. à tout à l'heure
0
Réponse 11 / 26
chimay8 Messages postés 7947 Statut Contributeur sécurité 60
 
Mon avis est Avast!, McAfee et Norton sont loin de ce que l'on a fait de mieux en matière de protection, ce sont des antivirus que je déconseille :
Avast! VS Antivir (Mai 2007): https://forum.malekal.com/viewtopic.php?f=45&t=3528
Avast! VS Antivir VS AVG 8 (Mai 2008): https://forum.malekal.com/viewtopic.php?f=45&t=11659
Si vous avez Avast!, Norton ou McAfee: A lire: http://forum.malekal.com/viewtopic.php?f=3&t=9631

Graph : http://winnow.oitc.com/AntiVirusPerformance.html
Stats : http://winnow.oitc.com/avmalwarestats.php

Pour moi, Antivir et AVG 8 sont beaucoup plus performants : C'est pourquoi, je te conseille TRES VIVEMENT de désinstaller ton antivirus et installer Antivir ou AVG 8 à la place (selon ton choix) .... ce n'est bien sûr pas une obligation mais un conseil.

Tu trouveras un tutorial Antivir depuis ce lien : https://www.malekal.com/avira-free-security-antivirus-gratuit/
et une page qui explique comment migrer d'Avast! à Antivir : http://forum.malekal.com/ftopic4192.php

fais un scan complet avec Antivir et poste le rapport
0
yo
 
Avira AntiVir Personal- Free AntiVirus
*************************************

Copyright © 2008 Avira GmbH.
All rights reserved.


Inhalt
******

0 Important information
1 System requirements
2 Important requirements for an installation
3 Support service
4 Contact address


0 Important information
***********************

Users who have up to now installed an ANSI version of the Avira
AntiVir Personal software pack on a Microsoft
Windows 2000 or Microsoft Windows XP operating system, receive
update information when attempting to update.

When updating, please proceed as follows:

1. Deinstall the installed version of the Avira AntiVir
Personal.
2. Download a current software pack from the downoad section of the
Avira AntiVir Personal website
https://www.avira.com/
3. Install this software pack on your computer.

1 System requirements
*********************

In order for Avira AntiVir Personal to run properly, the computer
system must fulfill the following requirements:

- Computer: Pentium or higher, at least 266 MHz

- Operating system
- Microsoft Windows Vista (32 or 64 bit) or
- Microsoft Windows XP Home or Professional (32 or 64 bit), SP 2
recommended or
- Microsoft Windows 2000, SP 4 recommended

The display of the program interfaces can differ, depending on the
operating system used.

- 30 MB free memory on the hard disk (more if quarantine is used)

- Min. 100 MB temporary memory on the hard disk

- Min. 192 MB RAM (Windows XP or Professional)

- Min. 512 MB RAM (Windows Vista)

- For the installation of Avira AntiVir Personal:
administrator rights



2 Important requirements for an installation
********************************************

Ensure that the following requirements are fulfilled so that Avira
AntiVir Personal works properly on your computer:

- System requirements fulfilled
- No other on-access scanner (also called Guard) installed
- Installer has administrator rights
- Internet/Intranet connection available
- All running programs on the computer exited


3 Support service
*****************

All relevant information concerning our comprehensive support service
can be found on our website http://www.avira.com/classic-support.



4 Contact
*********

If you have any questions or requests concerning the Avira AntiVir
Personal product range, we will be pleased to help you. You find our
contact addresses on the internet at https://www.avira.com/en/contact
0
Réponse 12 / 26
yo
 
Salut j'ai donc installé hier antivir et effectué des scans ci joints les rapports. Le premier rapport montre des virus trouvés que j'ai détruis au lieu de les mettre en 40N et redémarrer. les autres scan n'ont rien donnés. Qu'en penses-tu?

Avira AntiVir Personal
Report file date: 2008-09-11 23:12

Scanning for 1609795 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Save mode
Username: yo
Computer name: JOHAN

Version information:
BUILD.DAT : 8.1.0.331 16934 Bytes 2008-08-12 11:46:00
AVSCAN.EXE : 8.1.4.7 315649 Bytes 2008-06-26 08:57:53
AVSCAN.DLL : 8.1.4.0 40705 Bytes 2008-05-26 07:56:40
LUKE.DLL : 8.1.4.5 164097 Bytes 2008-06-12 12:44:19
LUKERES.DLL : 8.1.4.0 12033 Bytes 2008-05-26 07:58:52
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 2007-07-18 10:33:34
ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 2008-06-24 13:54:15
ANTIVIR2.VDF : 7.0.6.94 2998784 Bytes 2008-08-31 21:06:51
ANTIVIR3.VDF : 7.0.6.148 334848 Bytes 2008-09-11 21:06:57
Engineversion : 8.1.1.28
AEVDF.DLL : 8.1.0.5 102772 Bytes 2008-02-25 09:58:21
AESCRIPT.DLL : 8.1.0.70 319866 Bytes 2008-09-11 21:07:21
AESCN.DLL : 8.1.0.23 119156 Bytes 2008-07-10 12:44:49
AERDL.DLL : 8.1.1.1 397683 Bytes 2008-09-11 21:07:19
AEPACK.DLL : 8.1.2.1 364917 Bytes 2008-07-15 12:58:35
AEOFFICE.DLL : 8.1.0.23 196987 Bytes 2008-09-11 21:07:15
AEHEUR.DLL : 8.1.0.51 1397111 Bytes 2008-09-11 21:07:13
AEHELP.DLL : 8.1.0.15 115063 Bytes 2008-07-10 12:44:48
AEGEN.DLL : 8.1.0.36 315764 Bytes 2008-09-11 21:07:03
AEEMU.DLL : 8.1.0.7 430452 Bytes 2008-07-31 08:33:21
AECORE.DLL : 8.1.1.11 172406 Bytes 2008-09-11 21:07:00
AEBB.DLL : 8.1.0.1 53617 Bytes 2008-07-10 12:44:48
AVWINLL.DLL : 1.0.0.12 15105 Bytes 2008-07-09 08:40:05
AVPREF.DLL : 8.0.2.0 38657 Bytes 2008-05-16 09:28:01
AVREP.DLL : 8.0.0.2 98344 Bytes 2008-09-11 21:06:57
AVREG.DLL : 8.0.0.1 33537 Bytes 2008-05-09 11:26:40
AVARKT.DLL : 1.0.0.23 307457 Bytes 2008-02-12 08:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 2008-06-12 12:27:49
SQLITE3.DLL : 3.3.17.1 339968 Bytes 2008-01-22 17:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 2008-06-12 12:49:40
NETNT.DLL : 8.0.0.1 7937 Bytes 2008-01-25 12:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 2008-06-12 13:48:07
RCTEXT.DLL : 8.0.52.0 86273 Bytes 2008-06-27 13:34:37

Configuration settings for the scan:
Jobname..........................: Local Hard Disks
Configuration file...............: c:\program files\avira\antivir personaledition classic\alldiscs.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, D:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: 2008-09-11 23:12

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
11 processes with 11 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD2
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD3
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD4
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!

Starting to scan the registry.
The registry was scanned ( '82' files ).

Starting the file scan:

Begin scan in 'C:\' <ACER>
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Backups\.tt9.tmp
[DETECTION] Contains recognition pattern of the PHISH/FraudTool.XPAntivirus.RJ phishing file/email
[NOTE] The file was deleted!
C:\Backups\phcrpqj0eac5.bmp
[DETECTION] Is the TR/Fakealert.AAF Trojan
[NOTE] The file was deleted!
C:\Documents and Settings\yo\Bureau\catchme.zip
[0] Archive type: ZIP
--> msliksurcredo.dll
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was deleted!
C:\WINDOWS\system32\spool\drivers\w32x86\EB5ST000.DAT
[0] Archive type: CAB SFX (self extracting)
--> \EBAPISET.exe
[WARNING] No further files can be extracted from this archive. The archive will be closed
C:\WINDOWS\system32\spool\drivers\w32x86\3\EB5ST000.DAT
[0] Archive type: CAB SFX (self extracting)
--> \EBAPISET.exe
[WARNING] No further files can be extracted from this archive. The archive will be closed
Begin scan in 'D:\' <ACERDATA>

End of the scan: 2008-09-11 23:35
Used time: 22:55 Minute(s)

The scan has been done completely.

4625 Scanning directories
180173 Files were scanned
3 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
3 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
180169 Files not concerned
6969 Archives were scanned
7 Warnings
3 Notes

Avira AntiVir Personal
Report file date: 2008-09-12 14:21

Scanning for 1609795 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Save mode
Username: yo
Computer name: JOHAN

Version information:
BUILD.DAT : 8.1.0.331 16934 Bytes 2008-08-12 11:46:00
AVSCAN.EXE : 8.1.4.7 315649 Bytes 2008-06-26 08:57:53
AVSCAN.DLL : 8.1.4.0 40705 Bytes 2008-05-26 07:56:40
LUKE.DLL : 8.1.4.5 164097 Bytes 2008-06-12 12:44:19
LUKERES.DLL : 8.1.4.0 12033 Bytes 2008-05-26 07:58:52
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 2007-07-18 10:33:34
ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 2008-06-24 13:54:15
ANTIVIR2.VDF : 7.0.6.94 2998784 Bytes 2008-08-31 21:06:51
ANTIVIR3.VDF : 7.0.6.148 334848 Bytes 2008-09-11 21:06:57
Engineversion : 8.1.1.28
AEVDF.DLL : 8.1.0.5 102772 Bytes 2008-02-25 09:58:21
AESCRIPT.DLL : 8.1.0.70 319866 Bytes 2008-09-11 21:07:21
AESCN.DLL : 8.1.0.23 119156 Bytes 2008-07-10 12:44:49
AERDL.DLL : 8.1.1.1 397683 Bytes 2008-09-11 21:07:19
AEPACK.DLL : 8.1.2.1 364917 Bytes 2008-07-15 12:58:35
AEOFFICE.DLL : 8.1.0.23 196987 Bytes 2008-09-11 21:07:15
AEHEUR.DLL : 8.1.0.51 1397111 Bytes 2008-09-11 21:07:13
AEHELP.DLL : 8.1.0.15 115063 Bytes 2008-07-10 12:44:48
AEGEN.DLL : 8.1.0.36 315764 Bytes 2008-09-11 21:07:03
AEEMU.DLL : 8.1.0.7 430452 Bytes 2008-07-31 08:33:21
AECORE.DLL : 8.1.1.11 172406 Bytes 2008-09-11 21:07:00
AEBB.DLL : 8.1.0.1 53617 Bytes 2008-07-10 12:44:48
AVWINLL.DLL : 1.0.0.12 15105 Bytes 2008-07-09 08:40:05
AVPREF.DLL : 8.0.2.0 38657 Bytes 2008-05-16 09:28:01
AVREP.DLL : 8.0.0.2 98344 Bytes 2008-09-11 21:06:57
AVREG.DLL : 8.0.0.1 33537 Bytes 2008-05-09 11:26:40
AVARKT.DLL : 1.0.0.23 307457 Bytes 2008-02-12 08:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 2008-06-12 12:27:49
SQLITE3.DLL : 3.3.17.1 339968 Bytes 2008-01-22 17:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 2008-06-12 12:49:40
NETNT.DLL : 8.0.0.1 7937 Bytes 2008-01-25 12:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 2008-06-12 13:48:07
RCTEXT.DLL : 8.0.52.0 86273 Bytes 2008-06-27 13:34:37

Configuration settings for the scan:
Jobname..........................: Manual Selection
Configuration file...............: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\PROFILES\folder.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: on
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: 2008-09-12 14:21

Starting search for hidden objects.
The driver could not be initialized.

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
11 processes with 11 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD2
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD3
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD4
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!

Starting to scan the registry.
The registry was scanned ( '82' files ).

Starting the file scan:

Begin scan in 'C:\' <ACER>
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\WINDOWS\system32\spool\drivers\w32x86\EB5ST000.DAT
[0] Archive type: CAB SFX (self extracting)
--> \EBAPISET.exe
[WARNING] No further files can be extracted from this archive. The archive will be closed
C:\WINDOWS\system32\spool\drivers\w32x86\3\EB5ST000.DAT
[0] Archive type: CAB SFX (self extracting)
--> \EBAPISET.exe
[WARNING] No further files can be extracted from this archive. The archive will be closed

End of the scan: 2008-09-12 14:43
Used time: 21:49 Minute(s)

The scan has been done completely.

4610 Scanning directories
180132 Files were scanned
0 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
180131 Files not concerned
6968 Archives were scanned
7 Warnings
0 Notes

Avira AntiVir Personal
Report file date: 2008-09-12 14:11

Scanning for 1609795 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Save mode
Username: yo
Computer name: JOHAN

Version information:
BUILD.DAT : 8.1.0.331 16934 Bytes 2008-08-12 11:46:00
AVSCAN.EXE : 8.1.4.7 315649 Bytes 2008-06-26 08:57:53
AVSCAN.DLL : 8.1.4.0 40705 Bytes 2008-05-26 07:56:40
LUKE.DLL : 8.1.4.5 164097 Bytes 2008-06-12 12:44:19
LUKERES.DLL : 8.1.4.0 12033 Bytes 2008-05-26 07:58:52
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 2007-07-18 10:33:34
ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 2008-06-24 13:54:15
ANTIVIR2.VDF : 7.0.6.94 2998784 Bytes 2008-08-31 21:06:51
ANTIVIR3.VDF : 7.0.6.148 334848 Bytes 2008-09-11 21:06:57
Engineversion : 8.1.1.28
AEVDF.DLL : 8.1.0.5 102772 Bytes 2008-02-25 09:58:21
AESCRIPT.DLL : 8.1.0.70 319866 Bytes 2008-09-11 21:07:21
AESCN.DLL : 8.1.0.23 119156 Bytes 2008-07-10 12:44:49
AERDL.DLL : 8.1.1.1 397683 Bytes 2008-09-11 21:07:19
AEPACK.DLL : 8.1.2.1 364917 Bytes 2008-07-15 12:58:35
AEOFFICE.DLL : 8.1.0.23 196987 Bytes 2008-09-11 21:07:15
AEHEUR.DLL : 8.1.0.51 1397111 Bytes 2008-09-11 21:07:13
AEHELP.DLL : 8.1.0.15 115063 Bytes 2008-07-10 12:44:48
AEGEN.DLL : 8.1.0.36 315764 Bytes 2008-09-11 21:07:03
AEEMU.DLL : 8.1.0.7 430452 Bytes 2008-07-31 08:33:21
AECORE.DLL : 8.1.1.11 172406 Bytes 2008-09-11 21:07:00
AEBB.DLL : 8.1.0.1 53617 Bytes 2008-07-10 12:44:48
AVWINLL.DLL : 1.0.0.12 15105 Bytes 2008-07-09 08:40:05
AVPREF.DLL : 8.0.2.0 38657 Bytes 2008-05-16 09:28:01
AVREP.DLL : 8.0.0.2 98344 Bytes 2008-09-11 21:06:57
AVREG.DLL : 8.0.0.1 33537 Bytes 2008-05-09 11:26:40
AVARKT.DLL : 1.0.0.23 307457 Bytes 2008-02-12 08:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 2008-06-12 12:27:49
SQLITE3.DLL : 3.3.17.1 339968 Bytes 2008-01-22 17:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 2008-06-12 12:49:40
NETNT.DLL : 8.0.0.1 7937 Bytes 2008-01-25 12:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 2008-06-12 13:48:07
RCTEXT.DLL : 8.0.52.0 86273 Bytes 2008-06-27 13:34:37

Configuration settings for the scan:
Jobname..........................: Rootkit search
Configuration file...............: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\PROFILES\rootkit.avp
Logging..........................: high
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Process scan.....................: off
Scan registry....................: off
Search for rootkits..............: on
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: high
Expanded search settings.........: 0x00300922

Start of the scan: 2008-09-12 14:11

Starting search for hidden objects.
The driver could not be initialized.

End of the scan: 2008-09-12 14:11
Used time: 00:02 Minute(s)

The scan has been done completely.

0 Scanning directories
0 Files were scanned
0 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
0 Files cannot be scanned
0 Files not concerned
0 Archives were scanned
0 Warnings
0 Notes

Avira AntiVir Personal
Report file date: 2008-09-12 13:50

Scanning for 1609795 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Save mode
Username: yo
Computer name: JOHAN

Version information:
BUILD.DAT : 8.1.0.331 16934 Bytes 2008-08-12 11:46:00
AVSCAN.EXE : 8.1.4.7 315649 Bytes 2008-06-26 08:57:53
AVSCAN.DLL : 8.1.4.0 40705 Bytes 2008-05-26 07:56:40
LUKE.DLL : 8.1.4.5 164097 Bytes 2008-06-12 12:44:19
LUKERES.DLL : 8.1.4.0 12033 Bytes 2008-05-26 07:58:52
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 2007-07-18 10:33:34
ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 2008-06-24 13:54:15
ANTIVIR2.VDF : 7.0.6.94 2998784 Bytes 2008-08-31 21:06:51
ANTIVIR3.VDF : 7.0.6.148 334848 Bytes 2008-09-11 21:06:57
Engineversion : 8.1.1.28
AEVDF.DLL : 8.1.0.5 102772 Bytes 2008-02-25 09:58:21
AESCRIPT.DLL : 8.1.0.70 319866 Bytes 2008-09-11 21:07:21
AESCN.DLL : 8.1.0.23 119156 Bytes 2008-07-10 12:44:49
AERDL.DLL : 8.1.1.1 397683 Bytes 2008-09-11 21:07:19
AEPACK.DLL : 8.1.2.1 364917 Bytes 2008-07-15 12:58:35
AEOFFICE.DLL : 8.1.0.23 196987 Bytes 2008-09-11 21:07:15
AEHEUR.DLL : 8.1.0.51 1397111 Bytes 2008-09-11 21:07:13
AEHELP.DLL : 8.1.0.15 115063 Bytes 2008-07-10 12:44:48
AEGEN.DLL : 8.1.0.36 315764 Bytes 2008-09-11 21:07:03
AEEMU.DLL : 8.1.0.7 430452 Bytes 2008-07-31 08:33:21
AECORE.DLL : 8.1.1.11 172406 Bytes 2008-09-11 21:07:00
AEBB.DLL : 8.1.0.1 53617 Bytes 2008-07-10 12:44:48
AVWINLL.DLL : 1.0.0.12 15105 Bytes 2008-07-09 08:40:05
AVPREF.DLL : 8.0.2.0 38657 Bytes 2008-05-16 09:28:01
AVREP.DLL : 8.0.0.2 98344 Bytes 2008-09-11 21:06:57
AVREG.DLL : 8.0.0.1 33537 Bytes 2008-05-09 11:26:40
AVARKT.DLL : 1.0.0.23 307457 Bytes 2008-02-12 08:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 2008-06-12 12:27:49
SQLITE3.DLL : 3.3.17.1 339968 Bytes 2008-01-22 17:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 2008-06-12 12:49:40
NETNT.DLL : 8.0.0.1 7937 Bytes 2008-01-25 12:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 2008-06-12 13:48:07
RCTEXT.DLL : 8.0.52.0 86273 Bytes 2008-06-27 13:34:37

Configuration settings for the scan:
Jobname..........................: My Documents
Configuration file...............: c:\program files\avira\antivir personaledition classic\mydocs.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: 2008-09-12 13:50

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
11 processes with 11 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD2
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD3
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD4
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!

Starting to scan the registry.
The registry was scanned ( '82' files ).

Starting the file scan:

Begin scan in 'C:\Documents and Settings\yo\Mes documents'

End of the scan: 2008-09-12 13:52
Used time: 02:23 Minute(s)

The scan has been done completely.

346 Scanning directories
5052 Files were scanned
0 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
0 Files cannot be scanned
5052 Files not concerned
4 Archives were scanned
4 Warnings
0 Notes

Avira AntiVir Personal
Report file date: 2008-09-12 11:40

Scanning for 1609795 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Save mode
Username: yo
Computer name: JOHAN

Version information:
BUILD.DAT : 8.1.0.331 16934 Bytes 2008-08-12 11:46:00
AVSCAN.EXE : 8.1.4.7 315649 Bytes 2008-06-26 08:57:53
AVSCAN.DLL : 8.1.4.0 40705 Bytes 2008-05-26 07:56:40
LUKE.DLL : 8.1.4.5 164097 Bytes 2008-06-12 12:44:19
LUKERES.DLL : 8.1.4.0 12033 Bytes 2008-05-26 07:58:52
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 2007-07-18 10:33:34
ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 2008-06-24 13:54:15
ANTIVIR2.VDF : 7.0.6.94 2998784 Bytes 2008-08-31 21:06:51
ANTIVIR3.VDF : 7.0.6.148 334848 Bytes 2008-09-11 21:06:57
Engineversion : 8.1.1.28
AEVDF.DLL : 8.1.0.5 102772 Bytes 2008-02-25 09:58:21
AESCRIPT.DLL : 8.1.0.70 319866 Bytes 2008-09-11 21:07:21
AESCN.DLL : 8.1.0.23 119156 Bytes 2008-07-10 12:44:49
AERDL.DLL : 8.1.1.1 397683 Bytes 2008-09-11 21:07:19
AEPACK.DLL : 8.1.2.1 364917 Bytes 2008-07-15 12:58:35
AEOFFICE.DLL : 8.1.0.23 196987 Bytes 2008-09-11 21:07:15
AEHEUR.DLL : 8.1.0.51 1397111 Bytes 2008-09-11 21:07:13
AEHELP.DLL : 8.1.0.15 115063 Bytes 2008-07-10 12:44:48
AEGEN.DLL : 8.1.0.36 315764 Bytes 2008-09-11 21:07:03
AEEMU.DLL : 8.1.0.7 430452 Bytes 2008-07-31 08:33:21
AECORE.DLL : 8.1.1.11 172406 Bytes 2008-09-11 21:07:00
AEBB.DLL : 8.1.0.1 53617 Bytes 2008-07-10 12:44:48
AVWINLL.DLL : 1.0.0.12 15105 Bytes 2008-07-09 08:40:05
AVPREF.DLL : 8.0.2.0 38657 Bytes 2008-05-16 09:28:01
AVREP.DLL : 8.0.0.2 98344 Bytes 2008-09-11 21:06:57
AVREG.DLL : 8.0.0.1 33537 Bytes 2008-05-09 11:26:40
AVARKT.DLL : 1.0.0.23 307457 Bytes 2008-02-12 08:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 2008-06-12 12:27:49
SQLITE3.DLL : 3.3.17.1 339968 Bytes 2008-01-22 17:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 2008-06-12 12:49:40
NETNT.DLL : 8.0.0.1 7937 Bytes 2008-01-25 12:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 2008-06-12 13:48:07
RCTEXT.DLL : 8.0.52.0 86273 Bytes 2008-06-27 13:34:37

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, D:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: 2008-09-12 11:40

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
11 processes with 11 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD2
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD3
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD4
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!

Starting to scan the registry.
The registry was scanned ( '82' files ).

Starting the file scan:

Begin scan in 'C:\' <ACER>
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\WINDOWS\system32\spool\drivers\w32x86\EB5ST000.DAT
[0] Archive type: CAB SFX (self extracting)
--> \EBAPISET.exe
[WARNING] No further files can be extracted from this archive. The archive will be closed
C:\WINDOWS\system32\spool\drivers\w32x86\3\EB5ST000.DAT
[0] Archive type: CAB SFX (self extracting)
--> \EBAPISET.exe
[WARNING] No further files can be extracted from this archive. The archive will be closed
Begin scan in 'D:\' <ACERDATA>

End of the scan: 2008-09-12 12:01
Used time: 21:20 Minute(s)

The scan has been done completely.

4625 Scanning directories
180174 Files were scanned
0 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
180173 Files not concerned
6968 Archives were scanned
7 Warnings
0 Notes

Avira AntiVir Personal
Report file date: 2008-09-12 11:31

Scanning for 1609795 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Save mode
Username: yo
Computer name: JOHAN

Version information:
BUILD.DAT : 8.1.0.331 16934 Bytes 2008-08-12 11:46:00
AVSCAN.EXE : 8.1.4.7 315649 Bytes 2008-06-26 08:57:53
AVSCAN.DLL : 8.1.4.0 40705 Bytes 2008-05-26 07:56:40
LUKE.DLL : 8.1.4.5 164097 Bytes 2008-06-12 12:44:19
LUKERES.DLL : 8.1.4.0 12033 Bytes 2008-05-26 07:58:52
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 2007-07-18 10:33:34
ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 2008-06-24 13:54:15
ANTIVIR2.VDF : 7.0.6.94 2998784 Bytes 2008-08-31 21:06:51
ANTIVIR3.VDF : 7.0.6.148 334848 Bytes 2008-09-11 21:06:57
Engineversion : 8.1.1.28
AEVDF.DLL : 8.1.0.5 102772 Bytes 2008-02-25 09:58:21
AESCRIPT.DLL : 8.1.0.70 319866 Bytes 2008-09-11 21:07:21
AESCN.DLL : 8.1.0.23 119156 Bytes 2008-07-10 12:44:49
AERDL.DLL : 8.1.1.1 397683 Bytes 2008-09-11 21:07:19
AEPACK.DLL : 8.1.2.1 364917 Bytes 2008-07-15 12:58:35
AEOFFICE.DLL : 8.1.0.23 196987 Bytes 2008-09-11 21:07:15
AEHEUR.DLL : 8.1.0.51 1397111 Bytes 2008-09-11 21:07:13
AEHELP.DLL : 8.1.0.15 115063 Bytes 2008-07-10 12:44:48
AEGEN.DLL : 8.1.0.36 315764 Bytes 2008-09-11 21:07:03
AEEMU.DLL : 8.1.0.7 430452 Bytes 2008-07-31 08:33:21
AECORE.DLL : 8.1.1.11 172406 Bytes 2008-09-11 21:07:00
AEBB.DLL : 8.1.0.1 53617 Bytes 2008-07-10 12:44:48
AVWINLL.DLL : 1.0.0.12 15105 Bytes 2008-07-09 08:40:05
AVPREF.DLL : 8.0.2.0 38657 Bytes 2008-05-16 09:28:01
AVREP.DLL : 8.0.0.2 98344 Bytes 2008-09-11 21:06:57
AVREG.DLL : 8.0.0.1 33537 Bytes 2008-05-09 11:26:40
AVARKT.DLL : 1.0.0.23 307457 Bytes 2008-02-12 08:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 2008-06-12 12:27:49
SQLITE3.DLL : 3.3.17.1 339968 Bytes 2008-01-22 17:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 2008-06-12 12:49:40
NETNT.DLL : 8.0.0.1 7937 Bytes 2008-01-25 12:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 2008-06-12 13:48:07
RCTEXT.DLL : 8.0.52.0 86273 Bytes 2008-06-27 13:34:37

Configuration settings for the scan:
Jobname..........................: Windows System Directory
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysdir.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: 2008-09-12 11:31

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
11 processes with 11 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD2
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD3
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD4
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!

Starting to scan the registry.
The registry was scanned ( '82' files ).

Starting the file scan:

Begin scan in 'C:\WINDOWS\system32'
C:\WINDOWS\system32\spool\drivers\w32x86\EB5ST000.DAT
[0] Archive type: CAB SFX (self extracting)
--> \EBAPISET.exe
[WARNING] No further files can be extracted from this archive. The archive will be closed
C:\WINDOWS\system32\spool\drivers\w32x86\3\EB5ST000.DAT
[0] Archive type: CAB SFX (self extracting)
--> \EBAPISET.exe
[WARNING] No further files can be extracted from this archive. The archive will be closed

End of the scan: 2008-09-12 11:32
Used time: 00:26 Minute(s)

The scan has been done completely.

204 Scanning directories
7563 Files were scanned
0 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
0 Files cannot be scanned
7563 Files not concerned
12 Archives were scanned
6 Warnings
0 Notes

Avira AntiVir Personal
Report file date: 2008-09-12 11:26

Scanning for 1609795 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Save mode
Username: yo
Computer name: JOHAN

Version information:
BUILD.DAT : 8.1.0.331 16934 Bytes 2008-08-12 11:46:00
AVSCAN.EXE : 8.1.4.7 315649 Bytes 2008-06-26 08:57:53
AVSCAN.DLL : 8.1.4.0 40705 Bytes 2008-05-26 07:56:40
LUKE.DLL : 8.1.4.5 164097 Bytes 2008-06-12 12:44:19
LUKERES.DLL : 8.1.4.0 12033 Bytes 2008-05-26 07:58:52
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 2007-07-18 10:33:34
ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 2008-06-24 13:54:15
ANTIVIR2.VDF : 7.0.6.94 2998784 Bytes 2008-08-31 21:06:51
ANTIVIR3.VDF : 7.0.6.148 334848 Bytes 2008-09-11 21:06:57
Engineversion : 8.1.1.28
AEVDF.DLL : 8.1.0.5 102772 Bytes 2008-02-25 09:58:21
AESCRIPT.DLL : 8.1.0.70 319866 Bytes 2008-09-11 21:07:21
AESCN.DLL : 8.1.0.23 119156 Bytes 2008-07-10 12:44:49
AERDL.DLL : 8.1.1.1 397683 Bytes 2008-09-11 21:07:19
AEPACK.DLL : 8.1.2.1 364917 Bytes 2008-07-15 12:58:35
AEOFFICE.DLL : 8.1.0.23 196987 Bytes 2008-09-11 21:07:15
AEHEUR.DLL : 8.1.0.51 1397111 Bytes 2008-09-11 21:07:13
AEHELP.DLL : 8.1.0.15 115063 Bytes 2008-07-10 12:44:48
AEGEN.DLL : 8.1.0.36 315764 Bytes 2008-09-11 21:07:03
AEEMU.DLL : 8.1.0.7 430452 Bytes 2008-07-31 08:33:21
AECORE.DLL : 8.1.1.11 172406 Bytes 2008-09-11 21:07:00
AEBB.DLL : 8.1.0.1 53617 Bytes 2008-07-10 12:44:48
AVWINLL.DLL : 1.0.0.12 15105 Bytes 2008-07-09 08:40:05
AVPREF.DLL : 8.0.2.0 38657 Bytes 2008-05-16 09:28:01
AVREP.DLL : 8.0.0.2 98344 Bytes 2008-09-11 21:06:57
AVREG.DLL : 8.0.0.1 33537 Bytes 2008-05-09 11:26:40
AVARKT.DLL : 1.0.0.23 307457 Bytes 2008-02-12 08:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 2008-06-12 12:27:49
SQLITE3.DLL : 3.3.17.1 339968 Bytes 2008-01-22 17:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 2008-06-12 12:49:40
NETNT.DLL : 8.0.0.1 7937 Bytes 2008-01-25 12:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 2008-06-12 13:48:07
RCTEXT.DLL : 8.0.52.0 86273 Bytes 2008-06-27 13:34:37

Configuration settings for the scan:
Jobname..........................: Removable Drives
Configuration file...............: c:\program files\avira\antivir personaledition classic\rmdiscs.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: F:, G:, H:, I:, E:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: 2008-09-12 11:26

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
11 processes with 11 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD2
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD3
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD4
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.

Start scanning boot sectors:
Boot sector 'F:\'
[INFO] In the drive 'F:\' no data medium is inserted!
Boot sector 'G:\'
[INFO] In the drive 'G:\' no data medium is inserted!
Boot sector 'H:\'
[INFO] In the drive 'H:\' no data medium is inserted!
Boot sector 'I:\'
[INFO] In the drive 'I:\' no data medium is inserted!

Starting to scan the registry.
The registry was scanned ( '82' files ).

Starting the file scan:

Begin scan in 'F:\'
Search path F:\ could not be opened!
System error [21]: Le périphérique n'est pas prêt.
Begin scan in 'G:\'
Search path G:\ could not be opened!
System error [21]: Le périphérique n'est pas prêt.
Begin scan in 'H:\'
Search path H:\ could not be opened!
System error [21]: Le périphérique n'est pas prêt.
Begin scan in 'I:\'
Search path I:\ could not be opened!
System error [21]: Le périphérique n'est pas prêt.
Begin scan in 'E:\'
Search path E:\ could not be opened!
System error [21]: Le périphérique n'est pas prêt.

End of the scan: 2008-09-12 11:26
Used time: 00:11 Minute(s)

The scan has been done completely.

0 Scanning directories
93 Files were scanned
0 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
0 Files cannot be scanned
93 Files not concerned
0 Archives were scanned
4 Warnings
0 Notes

Avira AntiVir Personal
Report file date: 2008-09-12 11:00

Scanning for 1609795 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Save mode
Username: yo
Computer name: JOHAN

Version information:
BUILD.DAT : 8.1.0.331 16934 Bytes 2008-08-12 11:46:00
AVSCAN.EXE : 8.1.4.7 315649 Bytes 2008-06-26 08:57:53
AVSCAN.DLL : 8.1.4.0 40705 Bytes 2008-05-26 07:56:40
LUKE.DLL : 8.1.4.5 164097 Bytes 2008-06-12 12:44:19
LUKERES.DLL : 8.1.4.0 12033 Bytes 2008-05-26 07:58:52
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 2007-07-18 10:33:34
ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 2008-06-24 13:54:15
ANTIVIR2.VDF : 7.0.6.94 2998784 Bytes 2008-08-31 21:06:51
ANTIVIR3.VDF : 7.0.6.148 334848 Bytes 2008-09-11 21:06:57
Engineversion : 8.1.1.28
AEVDF.DLL : 8.1.0.5 102772 Bytes 2008-02-25 09:58:21
AESCRIPT.DLL : 8.1.0.70 319866 Bytes 2008-09-11 21:07:21
AESCN.DLL : 8.1.0.23 119156 Bytes 2008-07-10 12:44:49
AERDL.DLL : 8.1.1.1 397683 Bytes 2008-09-11 21:07:19
AEPACK.DLL : 8.1.2.1 364917 Bytes 2008-07-15 12:58:35
AEOFFICE.DLL : 8.1.0.23 196987 Bytes 2008-09-11 21:07:15
AEHEUR.DLL : 8.1.0.51 1397111 Bytes 2008-09-11 21:07:13
AEHELP.DLL : 8.1.0.15 115063 Bytes 2008-07-10 12:44:48
AEGEN.DLL : 8.1.0.36 315764 Bytes 2008-09-11 21:07:03
AEEMU.DLL : 8.1.0.7 430452 Bytes 2008-07-31 08:33:21
AECORE.DLL : 8.1.1.11 172406 Bytes 2008-09-11 21:07:00
AEBB.DLL : 8.1.0.1 53617 Bytes 2008-07-10 12:44:48
AVWINLL.DLL : 1.0.0.12 15105 Bytes 2008-07-09 08:40:05
AVPREF.DLL : 8.0.2.0 38657 Bytes 2008-05-16 09:28:01
AVREP.DLL : 8.0.0.2 98344 Bytes 2008-09-11 21:06:57
AVREG.DLL : 8.0.0.1 33537 Bytes 2008-05-09 11:26:40
AVARKT.DLL : 1.0.0.23 307457 Bytes 2008-02-12 08:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 2008-06-12 12:27:49
SQLITE3.DLL : 3.3.17.1 339968 Bytes 2008-01-22 17:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 2008-06-12 12:49:40
NETNT.DLL : 8.0.0.1 7937 Bytes 2008-01-25 12:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 2008-06-12 13:48:07
RCTEXT.DLL : 8.0.52.0 86273 Bytes 2008-06-27 13:34:37

Configuration settings for the scan:
Jobname..........................: Local Drives
Configuration file...............: c:\program files\avira\antivir personaledition classic\alldrives.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, D:, F:, G:, H:, I:, E:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: 2008-09-12 11:00

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
11 processes with 11 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD2
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD3
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD4
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!
Boot sector 'F:\'
[INFO] In the drive 'F:\' no data medium is inserted!
Boot sector 'G:\'
[INFO] In the drive 'G:\' no data medium is inserted!
Boot sector 'H:\'
[INFO] In the drive 'H:\' no data medium is inserted!
Boot sector 'I:\'
[INFO] In the drive 'I:\' no data medium is inserted!

Starting to scan the registry.
The registry was scanned ( '82' files ).

Starting the file scan:

Begin scan in 'C:\' <ACER>
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\WINDOWS\system32\spool\drivers\w32x86\EB5ST000.DAT
[0] Archive type: CAB SFX (self extracting)
--> \EBAPISET.exe
[WARNING] No further files can be extracted from this archive. The archive will be closed
C:\WINDOWS\system32\spool\drivers\w32x86\3\EB5ST000.DAT
[0] Archive type: CAB SFX (self extracting)
--> \EBAPISET.exe
[WARNING] No further files can be extracted from this archive. The archive will be closed
Begin scan in 'D:\' <ACERDATA>
Begin scan in 'F:\'
Search path F:\ could not be opened!
System error [21]: Le périphérique n'est pas prêt.
Begin scan in 'G:\'
Search path G:\ could not be opened!
System error [21]: Le périphérique n'est pas prêt.
Begin scan in 'H:\'
Search path H:\ could not be opened!
System error [21]: Le périphérique n'est pas prêt.
Begin scan in 'I:\'
Search path I:\ could not be opened!
System error [21]: Le périphérique n'est pas prêt.
Begin scan in 'E:\'
Search path E:\ could not be opened!
System error [21]: Le périphérique n'est pas prêt.

End of the scan: 2008-09-12 11:22
Used time: 21:50 Minute(s)

The scan has been done completely.

4625 Scanning directories
180168 Files were scanned
0 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
180167 Files not concerned
6968 Archives were scanned
7 Warnings
0 Notes

11.09.2008 23:05:55 - Installation Directory: C:\Program Files\Avira\AntiVir PersonalEdition Classic\
11.09.2008 23:05:55 - Backup Directory: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\
11.09.2008 23:05:55 - Temp Directory: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_48c98833\
11.09.2008 23:05:55 - Using System's global Proxy settings
11.09.2008 23:05:56 - Launching GUI... display mode: 0
11.09.2008 23:05:56 - selftest successful: C:\Program Files\Avira\AntiVir PersonalEdition Classic\updlib.dll
11.09.2008 23:05:56 - selftest successful: C:\Program Files\Avira\AntiVir PersonalEdition Classic\updlibrc.dll
11.09.2008 23:05:55 - Installation Directory: C:\Program Files\Avira\AntiVir PersonalEdition Classic\
11.09.2008 23:05:55 - Backup Directory: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\
11.09.2008 23:05:55 - Temp Directory: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_48c98833\
11.09.2008 23:05:55 - Using System's global Proxy settings
11.09.2008 23:05:56 - Launching GUI... display mode: 0
11.09.2008 23:05:56 - selftest successful: C:\Program Files\Avira\AntiVir PersonalEdition Classic\updlib.dll
11.09.2008 23:05:56 - selftest successful: C:\Program Files\Avira\AntiVir PersonalEdition Classic\updlibrc.dll
11.09.2008 23:05:56 - Avira AntiVir Personal - Free Antivirus
11.09.2008 23:05:56 - Copy file C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_48c98833\idx/master.idx to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\IDX\master.idx
11.09.2008 23:05:56 - Master IDX file has changed
11.09.2008 23:05:57 - Downloading the product.info file from http://dl4.avgate.net/upd/idx/classic-nt-en.info.gz
11.09.2008 23:05:58 - Copy file C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_48c98833\classic-nt-en.info to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\IDX\classic-nt-en.info
11.09.2008 23:05:58 - Downloading the product.info file from http://dl4.avgate.net/upd/idx/vdf.info.gz
11.09.2008 23:05:58 - Downloading the product.info file from http://dl4.avgate.net/upd/idx/specvir-nt.info.gz
11.09.2008 23:05:59 - Downloading the product.info file from http://dl4.avgate.net/upd/idx/ave2.info.gz
11.09.2008 23:05:59 - Downloading the product.info file from http://dl4.avgate.net/upd/idx/info-wks-classic-nt-en.info.gz
11.09.2008 23:06:00 - Module: SELFUPDATE Source: winwks\en\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 15
11.09.2008 23:06:00 - Module: MAIN Source: winwks\en\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 83
11.09.2008 23:06:00 - Module: COMMAPPDATA_AV Source: winwks\en\ Destination: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\ Files: 1
11.09.2008 23:06:00 - Module: COMMAPP Source: winwks\en\ Destination: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\JOBS\ Files: 4
11.09.2008 23:06:00 - Module: COMMAPDATA_AV_PROFILES Source: winwks\en\ Destination: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\PROFILES\ Files: 2
11.09.2008 23:06:00 - Module: TEXT Source: winwks\en\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 3
11.09.2008 23:06:00 - Module: VDF Source: vdf\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 4
11.09.2008 23:06:01 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\antivir2.vdf 7.0.5.20 < 7.0.6.94
11.09.2008 23:06:01 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\antivir3.vdf 7.0.5.23 < 7.0.6.148
11.09.2008 23:06:01 - Module: AVREP_NT Source: engine\nt\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 1
11.09.2008 23:06:01 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avrep.dll 7.0.0.1 < 8.0.0.2
11.09.2008 23:06:01 - Module: AVE2 Source: ave2\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 14
11.09.2008 23:06:01 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\aecore.dll 8.1.1.8 < 8.1.1.11
11.09.2008 23:06:01 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\aegen.dll 8.1.0.35 < 8.1.0.36
11.09.2008 23:06:01 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\aeheur.dll 8.1.0.47 < 8.1.0.51
11.09.2008 23:06:01 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\aeoffice.dll 8.1.0.21 < 8.1.0.23
11.09.2008 23:06:01 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\aerdl.dll 8.1.0.20 < 8.1.1.1
11.09.2008 23:06:01 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\aescript.dll 8.1.0.63 < 8.1.0.70
11.09.2008 23:06:01 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\aeset.dat 8.1.1.19 < 8.1.1.28
11.09.2008 23:06:01 - Module: DRV Source: winwks\en\ Destination: C:\WINDOWS\SYSTEM32\drivers\ Files: 4
11.09.2008 23:06:01 - Module: PRODINFO Source: winwks\en\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 1
11.09.2008 23:06:01 - Minifilter is installed
11.09.2008 23:06:01 - Minifilter is possible
11.09.2008 23:06:01 - Reading registry value successful: Software\Avira\AntiVir PersonalEdition Classic | FilterType
11.09.2008 23:06:01 - Initialize avnotify.exe
11.09.2008 23:06:01 - Starting avnotify.exe successful
11.09.2008 23:06:01 - Preparing to download files
11.09.2008 23:06:01 - 12 files need to be downloaded / copied from http://dl4.avgate.net/upd/
11.09.2008 23:06:01 - #1: Downloading and extracting http://dl4.avgate.net/upd/winwks/en/classic-nt/filelist.ini.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_48c98833\winwks\en\classic-nt/filelist.ini
11.09.2008 23:06:01 - #2: Downloading and extracting http://dl4.avgate.net/upd/winwks/en/classic-nt/product.ini.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_48c98833\winwks\en\classic-nt/product.ini
11.09.2008 23:06:02 - #3: Downloading and extracting http://dl4.avgate.net/upd/vdf/antivir2.vdf.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_48c98833\vdf\antivir2.vdf
11.09.2008 23:06:51 - #4: Downloading and extracting http://dl4.avgate.net/upd/vdf/antivir3.vdf.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_48c98833\vdf\antivir3.vdf
11.09.2008 23:06:57 - #5: Downloading and extracting http://dl4.avgate.net/upd/engine/nt/avrep.dll.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_48c98833\engine\nt\avrep.dll
11.09.2008 23:06:57 - #6: Downloading and extracting http://dl4.avgate.net/upd/ave2/aecore.dll.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_48c98833\ave2\aecore.dll
11.09.2008 23:07:00 - #7: Downloading and extracting http://dl4.avgate.net/upd/ave2/aegen.dll.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_48c98833\ave2\aegen.dll
11.09.2008 23:07:03 - #8: Downloading and extracting http://dl4.avgate.net/upd/ave2/aeheur.dll.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_48c98833\ave2\aeheur.dll
11.09.2008 23:07:13 - #9: Downloading and extracting http://dl4.avgate.net/upd/ave2/aeoffice.dll.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_48c98833\ave2\aeoffice.dll
11.09.2008 23:07:15 - #10: Downloading and extracting http://dl4.avgate.net/upd/ave2/aerdl.dll.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_48c98833\ave2\aerdl.dll
11.09.2008 23:07:19 - #11: Downloading and extracting http://dl4.avgate.net/upd/ave2/aescript.dll.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_48c98833\ave2\aescript.dll
11.09.2008 23:07:21 - #12: Downloading and extracting http://dl4.avgate.net/upd/ave2/aeset.dat.gz t
0
Réponse 13 / 26
yo
 
Salut j'ai donc installé hier antivir et effectué des scans ci joints les rapports. Le premier rapport montre des virus trouvés que j'ai détruis au lieu de les mettre en 40N et redémarrer. les autres scan n'ont rien donnés. Qu'en penses-tu?

Avira AntiVir Personal
Report file date: 2008-09-11 23:12

Scanning for 1609795 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Save mode
Username: yo
Computer name: JOHAN

Version information:
BUILD.DAT : 8.1.0.331 16934 Bytes 2008-08-12 11:46:00
AVSCAN.EXE : 8.1.4.7 315649 Bytes 2008-06-26 08:57:53
AVSCAN.DLL : 8.1.4.0 40705 Bytes 2008-05-26 07:56:40
LUKE.DLL : 8.1.4.5 164097 Bytes 2008-06-12 12:44:19
LUKERES.DLL : 8.1.4.0 12033 Bytes 2008-05-26 07:58:52
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 2007-07-18 10:33:34
ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 2008-06-24 13:54:15
ANTIVIR2.VDF : 7.0.6.94 2998784 Bytes 2008-08-31 21:06:51
ANTIVIR3.VDF : 7.0.6.148 334848 Bytes 2008-09-11 21:06:57
Engineversion : 8.1.1.28
AEVDF.DLL : 8.1.0.5 102772 Bytes 2008-02-25 09:58:21
AESCRIPT.DLL : 8.1.0.70 319866 Bytes 2008-09-11 21:07:21
AESCN.DLL : 8.1.0.23 119156 Bytes 2008-07-10 12:44:49
AERDL.DLL : 8.1.1.1 397683 Bytes 2008-09-11 21:07:19
AEPACK.DLL : 8.1.2.1 364917 Bytes 2008-07-15 12:58:35
AEOFFICE.DLL : 8.1.0.23 196987 Bytes 2008-09-11 21:07:15
AEHEUR.DLL : 8.1.0.51 1397111 Bytes 2008-09-11 21:07:13
AEHELP.DLL : 8.1.0.15 115063 Bytes 2008-07-10 12:44:48
AEGEN.DLL : 8.1.0.36 315764 Bytes 2008-09-11 21:07:03
AEEMU.DLL : 8.1.0.7 430452 Bytes 2008-07-31 08:33:21
AECORE.DLL : 8.1.1.11 172406 Bytes 2008-09-11 21:07:00
AEBB.DLL : 8.1.0.1 53617 Bytes 2008-07-10 12:44:48
AVWINLL.DLL : 1.0.0.12 15105 Bytes 2008-07-09 08:40:05
AVPREF.DLL : 8.0.2.0 38657 Bytes 2008-05-16 09:28:01
AVREP.DLL : 8.0.0.2 98344 Bytes 2008-09-11 21:06:57
AVREG.DLL : 8.0.0.1 33537 Bytes 2008-05-09 11:26:40
AVARKT.DLL : 1.0.0.23 307457 Bytes 2008-02-12 08:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 2008-06-12 12:27:49
SQLITE3.DLL : 3.3.17.1 339968 Bytes 2008-01-22 17:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 2008-06-12 12:49:40
NETNT.DLL : 8.0.0.1 7937 Bytes 2008-01-25 12:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 2008-06-12 13:48:07
RCTEXT.DLL : 8.0.52.0 86273 Bytes 2008-06-27 13:34:37

Configuration settings for the scan:
Jobname..........................: Local Hard Disks
Configuration file...............: c:\program files\avira\antivir personaledition classic\alldiscs.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, D:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: 2008-09-11 23:12

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
11 processes with 11 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD2
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD3
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD4
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!

Starting to scan the registry.
The registry was scanned ( '82' files ).

Starting the file scan:

Begin scan in 'C:\' <ACER>
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Backups\.tt9.tmp
[DETECTION] Contains recognition pattern of the PHISH/FraudTool.XPAntivirus.RJ phishing file/email
[NOTE] The file was deleted!
C:\Backups\phcrpqj0eac5.bmp
[DETECTION] Is the TR/Fakealert.AAF Trojan
[NOTE] The file was deleted!
C:\Documents and Settings\yo\Bureau\catchme.zip
[0] Archive type: ZIP
--> msliksurcredo.dll
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was deleted!
C:\WINDOWS\system32\spool\drivers\w32x86\EB5ST000.DAT
[0] Archive type: CAB SFX (self extracting)
--> \EBAPISET.exe
[WARNING] No further files can be extracted from this archive. The archive will be closed
C:\WINDOWS\system32\spool\drivers\w32x86\3\EB5ST000.DAT
[0] Archive type: CAB SFX (self extracting)
--> \EBAPISET.exe
[WARNING] No further files can be extracted from this archive. The archive will be closed
Begin scan in 'D:\' <ACERDATA>

End of the scan: 2008-09-11 23:35
Used time: 22:55 Minute(s)

The scan has been done completely.

4625 Scanning directories
180173 Files were scanned
3 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
3 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
180169 Files not concerned
6969 Archives were scanned
7 Warnings
3 Notes

Avira AntiVir Personal
Report file date: 2008-09-12 14:21

Scanning for 1609795 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Save mode
Username: yo
Computer name: JOHAN

Version information:
BUILD.DAT : 8.1.0.331 16934 Bytes 2008-08-12 11:46:00
AVSCAN.EXE : 8.1.4.7 315649 Bytes 2008-06-26 08:57:53
AVSCAN.DLL : 8.1.4.0 40705 Bytes 2008-05-26 07:56:40
LUKE.DLL : 8.1.4.5 164097 Bytes 2008-06-12 12:44:19
LUKERES.DLL : 8.1.4.0 12033 Bytes 2008-05-26 07:58:52
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 2007-07-18 10:33:34
ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 2008-06-24 13:54:15
ANTIVIR2.VDF : 7.0.6.94 2998784 Bytes 2008-08-31 21:06:51
ANTIVIR3.VDF : 7.0.6.148 334848 Bytes 2008-09-11 21:06:57
Engineversion : 8.1.1.28
AEVDF.DLL : 8.1.0.5 102772 Bytes 2008-02-25 09:58:21
AESCRIPT.DLL : 8.1.0.70 319866 Bytes 2008-09-11 21:07:21
AESCN.DLL : 8.1.0.23 119156 Bytes 2008-07-10 12:44:49
AERDL.DLL : 8.1.1.1 397683 Bytes 2008-09-11 21:07:19
AEPACK.DLL : 8.1.2.1 364917 Bytes 2008-07-15 12:58:35
AEOFFICE.DLL : 8.1.0.23 196987 Bytes 2008-09-11 21:07:15
AEHEUR.DLL : 8.1.0.51 1397111 Bytes 2008-09-11 21:07:13
AEHELP.DLL : 8.1.0.15 115063 Bytes 2008-07-10 12:44:48
AEGEN.DLL : 8.1.0.36 315764 Bytes 2008-09-11 21:07:03
AEEMU.DLL : 8.1.0.7 430452 Bytes 2008-07-31 08:33:21
AECORE.DLL : 8.1.1.11 172406 Bytes 2008-09-11 21:07:00
AEBB.DLL : 8.1.0.1 53617 Bytes 2008-07-10 12:44:48
AVWINLL.DLL : 1.0.0.12 15105 Bytes 2008-07-09 08:40:05
AVPREF.DLL : 8.0.2.0 38657 Bytes 2008-05-16 09:28:01
AVREP.DLL : 8.0.0.2 98344 Bytes 2008-09-11 21:06:57
AVREG.DLL : 8.0.0.1 33537 Bytes 2008-05-09 11:26:40
AVARKT.DLL : 1.0.0.23 307457 Bytes 2008-02-12 08:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 2008-06-12 12:27:49
SQLITE3.DLL : 3.3.17.1 339968 Bytes 2008-01-22 17:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 2008-06-12 12:49:40
NETNT.DLL : 8.0.0.1 7937 Bytes 2008-01-25 12:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 2008-06-12 13:48:07
RCTEXT.DLL : 8.0.52.0 86273 Bytes 2008-06-27 13:34:37

Configuration settings for the scan:
Jobname..........................: Manual Selection
Configuration file...............: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\PROFILES\folder.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: on
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: 2008-09-12 14:21

Starting search for hidden objects.
The driver could not be initialized.

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
11 processes with 11 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD2
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD3
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD4
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!

Starting to scan the registry.
The registry was scanned ( '82' files ).

Starting the file scan:

Begin scan in 'C:\' <ACER>
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\WINDOWS\system32\spool\drivers\w32x86\EB5ST000.DAT
[0] Archive type: CAB SFX (self extracting)
--> \EBAPISET.exe
[WARNING] No further files can be extracted from this archive. The archive will be closed
C:\WINDOWS\system32\spool\drivers\w32x86\3\EB5ST000.DAT
[0] Archive type: CAB SFX (self extracting)
--> \EBAPISET.exe
[WARNING] No further files can be extracted from this archive. The archive will be closed

End of the scan: 2008-09-12 14:43
Used time: 21:49 Minute(s)

The scan has been done completely.

4610 Scanning directories
180132 Files were scanned
0 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
180131 Files not concerned
6968 Archives were scanned
7 Warnings
0 Notes

Avira AntiVir Personal
Report file date: 2008-09-12 14:11

Scanning for 1609795 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Save mode
Username: yo
Computer name: JOHAN

Version information:
BUILD.DAT : 8.1.0.331 16934 Bytes 2008-08-12 11:46:00
AVSCAN.EXE : 8.1.4.7 315649 Bytes 2008-06-26 08:57:53
AVSCAN.DLL : 8.1.4.0 40705 Bytes 2008-05-26 07:56:40
LUKE.DLL : 8.1.4.5 164097 Bytes 2008-06-12 12:44:19
LUKERES.DLL : 8.1.4.0 12033 Bytes 2008-05-26 07:58:52
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 2007-07-18 10:33:34
ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 2008-06-24 13:54:15
ANTIVIR2.VDF : 7.0.6.94 2998784 Bytes 2008-08-31 21:06:51
ANTIVIR3.VDF : 7.0.6.148 334848 Bytes 2008-09-11 21:06:57
Engineversion : 8.1.1.28
AEVDF.DLL : 8.1.0.5 102772 Bytes 2008-02-25 09:58:21
AESCRIPT.DLL : 8.1.0.70 319866 Bytes 2008-09-11 21:07:21
AESCN.DLL : 8.1.0.23 119156 Bytes 2008-07-10 12:44:49
AERDL.DLL : 8.1.1.1 397683 Bytes 2008-09-11 21:07:19
AEPACK.DLL : 8.1.2.1 364917 Bytes 2008-07-15 12:58:35
AEOFFICE.DLL : 8.1.0.23 196987 Bytes 2008-09-11 21:07:15
AEHEUR.DLL : 8.1.0.51 1397111 Bytes 2008-09-11 21:07:13
AEHELP.DLL : 8.1.0.15 115063 Bytes 2008-07-10 12:44:48
AEGEN.DLL : 8.1.0.36 315764 Bytes 2008-09-11 21:07:03
AEEMU.DLL : 8.1.0.7 430452 Bytes 2008-07-31 08:33:21
AECORE.DLL : 8.1.1.11 172406 Bytes 2008-09-11 21:07:00
AEBB.DLL : 8.1.0.1 53617 Bytes 2008-07-10 12:44:48
AVWINLL.DLL : 1.0.0.12 15105 Bytes 2008-07-09 08:40:05
AVPREF.DLL : 8.0.2.0 38657 Bytes 2008-05-16 09:28:01
AVREP.DLL : 8.0.0.2 98344 Bytes 2008-09-11 21:06:57
AVREG.DLL : 8.0.0.1 33537 Bytes 2008-05-09 11:26:40
AVARKT.DLL : 1.0.0.23 307457 Bytes 2008-02-12 08:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 2008-06-12 12:27:49
SQLITE3.DLL : 3.3.17.1 339968 Bytes 2008-01-22 17:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 2008-06-12 12:49:40
NETNT.DLL : 8.0.0.1 7937 Bytes 2008-01-25 12:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 2008-06-12 13:48:07
RCTEXT.DLL : 8.0.52.0 86273 Bytes 2008-06-27 13:34:37

Configuration settings for the scan:
Jobname..........................: Rootkit search
Configuration file...............: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\PROFILES\rootkit.avp
Logging..........................: high
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Process scan.....................: off
Scan registry....................: off
Search for rootkits..............: on
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: high
Expanded search settings.........: 0x00300922

Start of the scan: 2008-09-12 14:11

Starting search for hidden objects.
The driver could not be initialized.

End of the scan: 2008-09-12 14:11
Used time: 00:02 Minute(s)

The scan has been done completely.

0 Scanning directories
0 Files were scanned
0 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
0 Files cannot be scanned
0 Files not concerned
0 Archives were scanned
0 Warnings
0 Notes

Avira AntiVir Personal
Report file date: 2008-09-12 13:50

Scanning for 1609795 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Save mode
Username: yo
Computer name: JOHAN

Version information:
BUILD.DAT : 8.1.0.331 16934 Bytes 2008-08-12 11:46:00
AVSCAN.EXE : 8.1.4.7 315649 Bytes 2008-06-26 08:57:53
AVSCAN.DLL : 8.1.4.0 40705 Bytes 2008-05-26 07:56:40
LUKE.DLL : 8.1.4.5 164097 Bytes 2008-06-12 12:44:19
LUKERES.DLL : 8.1.4.0 12033 Bytes 2008-05-26 07:58:52
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 2007-07-18 10:33:34
ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 2008-06-24 13:54:15
ANTIVIR2.VDF : 7.0.6.94 2998784 Bytes 2008-08-31 21:06:51
ANTIVIR3.VDF : 7.0.6.148 334848 Bytes 2008-09-11 21:06:57
Engineversion : 8.1.1.28
AEVDF.DLL : 8.1.0.5 102772 Bytes 2008-02-25 09:58:21
AESCRIPT.DLL : 8.1.0.70 319866 Bytes 2008-09-11 21:07:21
AESCN.DLL : 8.1.0.23 119156 Bytes 2008-07-10 12:44:49
AERDL.DLL : 8.1.1.1 397683 Bytes 2008-09-11 21:07:19
AEPACK.DLL : 8.1.2.1 364917 Bytes 2008-07-15 12:58:35
AEOFFICE.DLL : 8.1.0.23 196987 Bytes 2008-09-11 21:07:15
AEHEUR.DLL : 8.1.0.51 1397111 Bytes 2008-09-11 21:07:13
AEHELP.DLL : 8.1.0.15 115063 Bytes 2008-07-10 12:44:48
AEGEN.DLL : 8.1.0.36 315764 Bytes 2008-09-11 21:07:03
AEEMU.DLL : 8.1.0.7 430452 Bytes 2008-07-31 08:33:21
AECORE.DLL : 8.1.1.11 172406 Bytes 2008-09-11 21:07:00
AEBB.DLL : 8.1.0.1 53617 Bytes 2008-07-10 12:44:48
AVWINLL.DLL : 1.0.0.12 15105 Bytes 2008-07-09 08:40:05
AVPREF.DLL : 8.0.2.0 38657 Bytes 2008-05-16 09:28:01
AVREP.DLL : 8.0.0.2 98344 Bytes 2008-09-11 21:06:57
AVREG.DLL : 8.0.0.1 33537 Bytes 2008-05-09 11:26:40
AVARKT.DLL : 1.0.0.23 307457 Bytes 2008-02-12 08:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 2008-06-12 12:27:49
SQLITE3.DLL : 3.3.17.1 339968 Bytes 2008-01-22 17:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 2008-06-12 12:49:40
NETNT.DLL : 8.0.0.1 7937 Bytes 2008-01-25 12:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 2008-06-12 13:48:07
RCTEXT.DLL : 8.0.52.0 86273 Bytes 2008-06-27 13:34:37

Configuration settings for the scan:
Jobname..........................: My Documents
Configuration file...............: c:\program files\avira\antivir personaledition classic\mydocs.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: 2008-09-12 13:50

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
11 processes with 11 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD2
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD3
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD4
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!

Starting to scan the registry.
The registry was scanned ( '82' files ).

Starting the file scan:

Begin scan in 'C:\Documents and Settings\yo\Mes documents'

End of the scan: 2008-09-12 13:52
Used time: 02:23 Minute(s)

The scan has been done completely.

346 Scanning directories
5052 Files were scanned
0 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
0 Files cannot be scanned
5052 Files not concerned
4 Archives were scanned
4 Warnings
0 Notes

Avira AntiVir Personal
Report file date: 2008-09-12 11:40

Scanning for 1609795 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Save mode
Username: yo
Computer name: JOHAN

Version information:
BUILD.DAT : 8.1.0.331 16934 Bytes 2008-08-12 11:46:00
AVSCAN.EXE : 8.1.4.7 315649 Bytes 2008-06-26 08:57:53
AVSCAN.DLL : 8.1.4.0 40705 Bytes 2008-05-26 07:56:40
LUKE.DLL : 8.1.4.5 164097 Bytes 2008-06-12 12:44:19
LUKERES.DLL : 8.1.4.0 12033 Bytes 2008-05-26 07:58:52
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 2007-07-18 10:33:34
ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 2008-06-24 13:54:15
ANTIVIR2.VDF : 7.0.6.94 2998784 Bytes 2008-08-31 21:06:51
ANTIVIR3.VDF : 7.0.6.148 334848 Bytes 2008-09-11 21:06:57
Engineversion : 8.1.1.28
AEVDF.DLL : 8.1.0.5 102772 Bytes 2008-02-25 09:58:21
AESCRIPT.DLL : 8.1.0.70 319866 Bytes 2008-09-11 21:07:21
AESCN.DLL : 8.1.0.23 119156 Bytes 2008-07-10 12:44:49
AERDL.DLL : 8.1.1.1 397683 Bytes 2008-09-11 21:07:19
AEPACK.DLL : 8.1.2.1 364917 Bytes 2008-07-15 12:58:35
AEOFFICE.DLL : 8.1.0.23 196987 Bytes 2008-09-11 21:07:15
AEHEUR.DLL : 8.1.0.51 1397111 Bytes 2008-09-11 21:07:13
AEHELP.DLL : 8.1.0.15 115063 Bytes 2008-07-10 12:44:48
AEGEN.DLL : 8.1.0.36 315764 Bytes 2008-09-11 21:07:03
AEEMU.DLL : 8.1.0.7 430452 Bytes 2008-07-31 08:33:21
AECORE.DLL : 8.1.1.11 172406 Bytes 2008-09-11 21:07:00
AEBB.DLL : 8.1.0.1 53617 Bytes 2008-07-10 12:44:48
AVWINLL.DLL : 1.0.0.12 15105 Bytes 2008-07-09 08:40:05
AVPREF.DLL : 8.0.2.0 38657 Bytes 2008-05-16 09:28:01
AVREP.DLL : 8.0.0.2 98344 Bytes 2008-09-11 21:06:57
AVREG.DLL : 8.0.0.1 33537 Bytes 2008-05-09 11:26:40
AVARKT.DLL : 1.0.0.23 307457 Bytes 2008-02-12 08:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 2008-06-12 12:27:49
SQLITE3.DLL : 3.3.17.1 339968 Bytes 2008-01-22 17:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 2008-06-12 12:49:40
NETNT.DLL : 8.0.0.1 7937 Bytes 2008-01-25 12:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 2008-06-12 13:48:07
RCTEXT.DLL : 8.0.52.0 86273 Bytes 2008-06-27 13:34:37

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, D:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: 2008-09-12 11:40

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
11 processes with 11 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD2
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD3
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD4
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!

Starting to scan the registry.
The registry was scanned ( '82' files ).

Starting the file scan:

Begin scan in 'C:\' <ACER>
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\WINDOWS\system32\spool\drivers\w32x86\EB5ST000.DAT
[0] Archive type: CAB SFX (self extracting)
--> \EBAPISET.exe
[WARNING] No further files can be extracted from this archive. The archive will be closed
C:\WINDOWS\system32\spool\drivers\w32x86\3\EB5ST000.DAT
[0] Archive type: CAB SFX (self extracting)
--> \EBAPISET.exe
[WARNING] No further files can be extracted from this archive. The archive will be closed
Begin scan in 'D:\' <ACERDATA>

End of the scan: 2008-09-12 12:01
Used time: 21:20 Minute(s)

The scan has been done completely.

4625 Scanning directories
180174 Files were scanned
0 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
180173 Files not concerned
6968 Archives were scanned
7 Warnings
0 Notes

Avira AntiVir Personal
Report file date: 2008-09-12 11:31

Scanning for 1609795 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Save mode
Username: yo
Computer name: JOHAN

Version information:
BUILD.DAT : 8.1.0.331 16934 Bytes 2008-08-12 11:46:00
AVSCAN.EXE : 8.1.4.7 315649 Bytes 2008-06-26 08:57:53
AVSCAN.DLL : 8.1.4.0 40705 Bytes 2008-05-26 07:56:40
LUKE.DLL : 8.1.4.5 164097 Bytes 2008-06-12 12:44:19
LUKERES.DLL : 8.1.4.0 12033 Bytes 2008-05-26 07:58:52
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 2007-07-18 10:33:34
ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 2008-06-24 13:54:15
ANTIVIR2.VDF : 7.0.6.94 2998784 Bytes 2008-08-31 21:06:51
ANTIVIR3.VDF : 7.0.6.148 334848 Bytes 2008-09-11 21:06:57
Engineversion : 8.1.1.28
AEVDF.DLL : 8.1.0.5 102772 Bytes 2008-02-25 09:58:21
AESCRIPT.DLL : 8.1.0.70 319866 Bytes 2008-09-11 21:07:21
AESCN.DLL : 8.1.0.23 119156 Bytes 2008-07-10 12:44:49
AERDL.DLL : 8.1.1.1 397683 Bytes 2008-09-11 21:07:19
AEPACK.DLL : 8.1.2.1 364917 Bytes 2008-07-15 12:58:35
AEOFFICE.DLL : 8.1.0.23 196987 Bytes 2008-09-11 21:07:15
AEHEUR.DLL : 8.1.0.51 1397111 Bytes 2008-09-11 21:07:13
AEHELP.DLL : 8.1.0.15 115063 Bytes 2008-07-10 12:44:48
AEGEN.DLL : 8.1.0.36 315764 Bytes 2008-09-11 21:07:03
AEEMU.DLL : 8.1.0.7 430452 Bytes 2008-07-31 08:33:21
AECORE.DLL : 8.1.1.11 172406 Bytes 2008-09-11 21:07:00
AEBB.DLL : 8.1.0.1 53617 Bytes 2008-07-10 12:44:48
AVWINLL.DLL : 1.0.0.12 15105 Bytes 2008-07-09 08:40:05
AVPREF.DLL : 8.0.2.0 38657 Bytes 2008-05-16 09:28:01
AVREP.DLL : 8.0.0.2 98344 Bytes 2008-09-11 21:06:57
AVREG.DLL : 8.0.0.1 33537 Bytes 2008-05-09 11:26:40
AVARKT.DLL : 1.0.0.23 307457 Bytes 2008-02-12 08:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 2008-06-12 12:27:49
SQLITE3.DLL : 3.3.17.1 339968 Bytes 2008-01-22 17:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 2008-06-12 12:49:40
NETNT.DLL : 8.0.0.1 7937 Bytes 2008-01-25 12:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 2008-06-12 13:48:07
RCTEXT.DLL : 8.0.52.0 86273 Bytes 2008-06-27 13:34:37

Configuration settings for the scan:
Jobname..........................: Windows System Directory
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysdir.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: 2008-09-12 11:31

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
11 processes with 11 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD2
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD3
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD4
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!

Starting to scan the registry.
The registry was scanned ( '82' files ).

Starting the file scan:

Begin scan in 'C:\WINDOWS\system32'
C:\WINDOWS\system32\spool\drivers\w32x86\EB5ST000.DAT
[0] Archive type: CAB SFX (self extracting)
--> \EBAPISET.exe
[WARNING] No further files can be extracted from this archive. The archive will be closed
C:\WINDOWS\system32\spool\drivers\w32x86\3\EB5ST000.DAT
[0] Archive type: CAB SFX (self extracting)
--> \EBAPISET.exe
[WARNING] No further files can be extracted from this archive. The archive will be closed

End of the scan: 2008-09-12 11:32
Used time: 00:26 Minute(s)

The scan has been done completely.

204 Scanning directories
7563 Files were scanned
0 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
0 Files cannot be scanned
7563 Files not concerned
12 Archives were scanned
6 Warnings
0 Notes

Avira AntiVir Personal
Report file date: 2008-09-12 11:26

Scanning for 1609795 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Save mode
Username: yo
Computer name: JOHAN

Version information:
BUILD.DAT : 8.1.0.331 16934 Bytes 2008-08-12 11:46:00
AVSCAN.EXE : 8.1.4.7 315649 Bytes 2008-06-26 08:57:53
AVSCAN.DLL : 8.1.4.0 40705 Bytes 2008-05-26 07:56:40
LUKE.DLL : 8.1.4.5 164097 Bytes 2008-06-12 12:44:19
LUKERES.DLL : 8.1.4.0 12033 Bytes 2008-05-26 07:58:52
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 2007-07-18 10:33:34
ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 2008-06-24 13:54:15
ANTIVIR2.VDF : 7.0.6.94 2998784 Bytes 2008-08-31 21:06:51
ANTIVIR3.VDF : 7.0.6.148 334848 Bytes 2008-09-11 21:06:57
Engineversion : 8.1.1.28
AEVDF.DLL : 8.1.0.5 102772 Bytes 2008-02-25 09:58:21
AESCRIPT.DLL : 8.1.0.70 319866 Bytes 2008-09-11 21:07:21
AESCN.DLL : 8.1.0.23 119156 Bytes 2008-07-10 12:44:49
AERDL.DLL : 8.1.1.1 397683 Bytes 2008-09-11 21:07:19
AEPACK.DLL : 8.1.2.1 364917 Bytes 2008-07-15 12:58:35
AEOFFICE.DLL : 8.1.0.23 196987 Bytes 2008-09-11 21:07:15
AEHEUR.DLL : 8.1.0.51 1397111 Bytes 2008-09-11 21:07:13
AEHELP.DLL : 8.1.0.15 115063 Bytes 2008-07-10 12:44:48
AEGEN.DLL : 8.1.0.36 315764 Bytes 2008-09-11 21:07:03
AEEMU.DLL : 8.1.0.7 430452 Bytes 2008-07-31 08:33:21
AECORE.DLL : 8.1.1.11 172406 Bytes 2008-09-11 21:07:00
AEBB.DLL : 8.1.0.1 53617 Bytes 2008-07-10 12:44:48
AVWINLL.DLL : 1.0.0.12 15105 Bytes 2008-07-09 08:40:05
AVPREF.DLL : 8.0.2.0 38657 Bytes 2008-05-16 09:28:01
AVREP.DLL : 8.0.0.2 98344 Bytes 2008-09-11 21:06:57
AVREG.DLL : 8.0.0.1 33537 Bytes 2008-05-09 11:26:40
AVARKT.DLL : 1.0.0.23 307457 Bytes 2008-02-12 08:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 2008-06-12 12:27:49
SQLITE3.DLL : 3.3.17.1 339968 Bytes 2008-01-22 17:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 2008-06-12 12:49:40
NETNT.DLL : 8.0.0.1 7937 Bytes 2008-01-25 12:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 2008-06-12 13:48:07
RCTEXT.DLL : 8.0.52.0 86273 Bytes 2008-06-27 13:34:37

Configuration settings for the scan:
Jobname..........................: Removable Drives
Configuration file...............: c:\program files\avira\antivir personaledition classic\rmdiscs.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: F:, G:, H:, I:, E:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: 2008-09-12 11:26

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
11 processes with 11 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD2
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD3
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD4
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.

Start scanning boot sectors:
Boot sector 'F:\'
[INFO] In the drive 'F:\' no data medium is inserted!
Boot sector 'G:\'
[INFO] In the drive 'G:\' no data medium is inserted!
Boot sector 'H:\'
[INFO] In the drive 'H:\' no data medium is inserted!
Boot sector 'I:\'
[INFO] In the drive 'I:\' no data medium is inserted!

Starting to scan the registry.
The registry was scanned ( '82' files ).

Starting the file scan:

Begin scan in 'F:\'
Search path F:\ could not be opened!
System error [21]: Le périphérique n'est pas prêt.
Begin scan in 'G:\'
Search path G:\ could not be opened!
System error [21]: Le périphérique n'est pas prêt.
Begin scan in 'H:\'
Search path H:\ could not be opened!
System error [21]: Le périphérique n'est pas prêt.
Begin scan in 'I:\'
Search path I:\ could not be opened!
System error [21]: Le périphérique n'est pas prêt.
Begin scan in 'E:\'
Search path E:\ could not be opened!
System error [21]: Le périphérique n'est pas prêt.

End of the scan: 2008-09-12 11:26
Used time: 00:11 Minute(s)

The scan has been done completely.

0 Scanning directories
93 Files were scanned
0 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
0 Files cannot be scanned
93 Files not concerned
0 Archives were scanned
4 Warnings
0 Notes

Avira AntiVir Personal
Report file date: 2008-09-12 11:00

Scanning for 1609795 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Save mode
Username: yo
Computer name: JOHAN

Version information:
BUILD.DAT : 8.1.0.331 16934 Bytes 2008-08-12 11:46:00
AVSCAN.EXE : 8.1.4.7 315649 Bytes 2008-06-26 08:57:53
AVSCAN.DLL : 8.1.4.0 40705 Bytes 2008-05-26 07:56:40
LUKE.DLL : 8.1.4.5 164097 Bytes 2008-06-12 12:44:19
LUKERES.DLL : 8.1.4.0 12033 Bytes 2008-05-26 07:58:52
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 2007-07-18 10:33:34
ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 2008-06-24 13:54:15
ANTIVIR2.VDF : 7.0.6.94 2998784 Bytes 2008-08-31 21:06:51
ANTIVIR3.VDF : 7.0.6.148 334848 Bytes 2008-09-11 21:06:57
Engineversion : 8.1.1.28
AEVDF.DLL : 8.1.0.5 102772 Bytes 2008-02-25 09:58:21
AESCRIPT.DLL : 8.1.0.70 319866 Bytes 2008-09-11 21:07:21
AESCN.DLL : 8.1.0.23 119156 Bytes 2008-07-10 12:44:49
AERDL.DLL : 8.1.1.1 397683 Bytes 2008-09-11 21:07:19
AEPACK.DLL : 8.1.2.1 364917 Bytes 2008-07-15 12:58:35
AEOFFICE.DLL : 8.1.0.23 196987 Bytes 2008-09-11 21:07:15
AEHEUR.DLL : 8.1.0.51 1397111 Bytes 2008-09-11 21:07:13
AEHELP.DLL : 8.1.0.15 115063 Bytes 2008-07-10 12:44:48
AEGEN.DLL : 8.1.0.36 315764 Bytes 2008-09-11 21:07:03
AEEMU.DLL : 8.1.0.7 430452 Bytes 2008-07-31 08:33:21
AECORE.DLL : 8.1.1.11 172406 Bytes 2008-09-11 21:07:00
AEBB.DLL : 8.1.0.1 53617 Bytes 2008-07-10 12:44:48
AVWINLL.DLL : 1.0.0.12 15105 Bytes 2008-07-09 08:40:05
AVPREF.DLL : 8.0.2.0 38657 Bytes 2008-05-16 09:28:01
AVREP.DLL : 8.0.0.2 98344 Bytes 2008-09-11 21:06:57
AVREG.DLL : 8.0.0.1 33537 Bytes 2008-05-09 11:26:40
AVARKT.DLL : 1.0.0.23 307457 Bytes 2008-02-12 08:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 2008-06-12 12:27:49
SQLITE3.DLL : 3.3.17.1 339968 Bytes 2008-01-22 17:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 2008-06-12 12:49:40
NETNT.DLL : 8.0.0.1 7937 Bytes 2008-01-25 12:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 2008-06-12 13:48:07
RCTEXT.DLL : 8.0.52.0 86273 Bytes 2008-06-27 13:34:37

Configuration settings for the scan:
Jobname..........................: Local Drives
Configuration file...............: c:\program files\avira\antivir personaledition classic\alldrives.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, D:, F:, G:, H:, I:, E:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: 2008-09-12 11:00

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
11 processes with 11 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD2
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD3
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD4
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!
Boot sector 'F:\'
[INFO] In the drive 'F:\' no data medium is inserted!
Boot sector 'G:\'
[INFO] In the drive 'G:\' no data medium is inserted!
Boot sector 'H:\'
[INFO] In the drive 'H:\' no data medium is inserted!
Boot sector 'I:\'
[INFO] In the drive 'I:\' no data medium is inserted!

Starting to scan the registry.
The registry was scanned ( '82' files ).

Starting the file scan:

Begin scan in 'C:\' <ACER>
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\WINDOWS\system32\spool\drivers\w32x86\EB5ST000.DAT
[0] Archive type: CAB SFX (self extracting)
--> \EBAPISET.exe
[WARNING] No further files can be extracted from this archive. The archive will be closed
C:\WINDOWS\system32\spool\drivers\w32x86\3\EB5ST000.DAT
[0] Archive type: CAB SFX (self extracting)
--> \EBAPISET.exe
[WARNING] No further files can be extracted from this archive. The archive will be closed
Begin scan in 'D:\' <ACERDATA>
Begin scan in 'F:\'
Search path F:\ could not be opened!
System error [21]: Le périphérique n'est pas prêt.
Begin scan in 'G:\'
Search path G:\ could not be opened!
System error [21]: Le périphérique n'est pas prêt.
Begin scan in 'H:\'
Search path H:\ could not be opened!
System error [21]: Le périphérique n'est pas prêt.
Begin scan in 'I:\'
Search path I:\ could not be opened!
System error [21]: Le périphérique n'est pas prêt.
Begin scan in 'E:\'
Search path E:\ could not be opened!
System error [21]: Le périphérique n'est pas prêt.

End of the scan: 2008-09-12 11:22
Used time: 21:50 Minute(s)

The scan has been done completely.

4625 Scanning directories
180168 Files were scanned
0 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
180167 Files not concerned
6968 Archives were scanned
7 Warnings
0 Notes

11.09.2008 23:05:55 - Installation Directory: C:\Program Files\Avira\AntiVir PersonalEdition Classic\
11.09.2008 23:05:55 - Backup Directory: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\
11.09.2008 23:05:55 - Temp Directory: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_48c98833\
11.09.2008 23:05:55 - Using System's global Proxy settings
11.09.2008 23:05:56 - Launching GUI... display mode: 0
11.09.2008 23:05:56 - selftest successful: C:\Program Files\Avira\AntiVir PersonalEdition Classic\updlib.dll
11.09.2008 23:05:56 - selftest successful: C:\Program Files\Avira\AntiVir PersonalEdition Classic\updlibrc.dll
11.09.2008 23:05:55 - Installation Directory: C:\Program Files\Avira\AntiVir PersonalEdition Classic\
11.09.2008 23:05:55 - Backup Directory: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\
11.09.2008 23:05:55 - Temp Directory: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_48c98833\
11.09.2008 23:05:55 - Using System's global Proxy settings
11.09.2008 23:05:56 - Launching GUI... display mode: 0
11.09.2008 23:05:56 - selftest successful: C:\Program Files\Avira\AntiVir PersonalEdition Classic\updlib.dll
11.09.2008 23:05:56 - selftest successful: C:\Program Files\Avira\AntiVir PersonalEdition Classic\updlibrc.dll
11.09.2008 23:05:56 - Avira AntiVir Personal - Free Antivirus
11.09.2008 23:05:56 - Copy file C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_48c98833\idx/master.idx to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\IDX\master.idx
11.09.2008 23:05:56 - Master IDX file has changed
11.09.2008 23:05:57 - Downloading the product.info file from http://dl4.avgate.net/upd/idx/classic-nt-en.info.gz
11.09.2008 23:05:58 - Copy file C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_48c98833\classic-nt-en.info to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\IDX\classic-nt-en.info
11.09.2008 23:05:58 - Downloading the product.info file from http://dl4.avgate.net/upd/idx/vdf.info.gz
11.09.2008 23:05:58 - Downloading the product.info file from http://dl4.avgate.net/upd/idx/specvir-nt.info.gz
11.09.2008 23:05:59 - Downloading the product.info file from http://dl4.avgate.net/upd/idx/ave2.info.gz
11.09.2008 23:05:59 - Downloading the product.info file from http://dl4.avgate.net/upd/idx/info-wks-classic-nt-en.info.gz
11.09.2008 23:06:00 - Module: SELFUPDATE Source: winwks\en\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 15
11.09.2008 23:06:00 - Module: MAIN Source: winwks\en\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 83
11.09.2008 23:06:00 - Module: COMMAPPDATA_AV Source: winwks\en\ Destination: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\ Files: 1
11.09.2008 23:06:00 - Module: COMMAPP Source: winwks\en\ Destination: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\JOBS\ Files: 4
11.09.2008 23:06:00 - Module: COMMAPDATA_AV_PROFILES Source: winwks\en\ Destination: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\PROFILES\ Files: 2
11.09.2008 23:06:00 - Module: TEXT Source: winwks\en\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 3
11.09.2008 23:06:00 - Module: VDF Source: vdf\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 4
11.09.2008 23:06:01 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\antivir2.vdf 7.0.5.20 < 7.0.6.94
11.09.2008 23:06:01 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\antivir3.vdf 7.0.5.23 < 7.0.6.148
11.09.2008 23:06:01 - Module: AVREP_NT Source: engine\nt\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 1
11.09.2008 23:06:01 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avrep.dll 7.0.0.1 < 8.0.0.2
11.09.2008 23:06:01 - Module: AVE2 Source: ave2\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 14
11.09.2008 23:06:01 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\aecore.dll 8.1.1.8 < 8.1.1.11
11.09.2008 23:06:01 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\aegen.dll 8.1.0.35 < 8.1.0.36
11.09.2008 23:06:01 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\aeheur.dll 8.1.0.47 < 8.1.0.51
11.09.2008 23:06:01 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\aeoffice.dll 8.1.0.21 < 8.1.0.23
11.09.2008 23:06:01 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\aerdl.dll 8.1.0.20 < 8.1.1.1
11.09.2008 23:06:01 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\aescript.dll 8.1.0.63 < 8.1.0.70
11.09.2008 23:06:01 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\aeset.dat 8.1.1.19 < 8.1.1.28
11.09.2008 23:06:01 - Module: DRV Source: winwks\en\ Destination: C:\WINDOWS\SYSTEM32\drivers\ Files: 4
11.09.2008 23:06:01 - Module: PRODINFO Source: winwks\en\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 1
11.09.2008 23:06:01 - Minifilter is installed
11.09.2008 23:06:01 - Minifilter is possible
11.09.2008 23:06:01 - Reading registry value successful: Software\Avira\AntiVir PersonalEdition Classic | FilterType
11.09.2008 23:06:01 - Initialize avnotify.exe
11.09.2008 23:06:01 - Starting avnotify.exe successful
11.09.2008 23:06:01 - Preparing to download files
11.09.2008 23:06:01 - 12 files need to be downloaded / copied from http://dl4.avgate.net/upd/
11.09.2008 23:06:01 - #1: Downloading and extracting http://dl4.avgate.net/upd/winwks/en/classic-nt/filelist.ini.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_48c98833\winwks\en\classic-nt/filelist.ini
11.09.2008 23:06:01 - #2: Downloading and extracting http://dl4.avgate.net/upd/winwks/en/classic-nt/product.ini.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_48c98833\winwks\en\classic-nt/product.ini
11.09.2008 23:06:02 - #3: Downloading and extracting http://dl4.avgate.net/upd/vdf/antivir2.vdf.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_48c98833\vdf\antivir2.vdf
11.09.2008 23:06:51 - #4: Downloading and extracting http://dl4.avgate.net/upd/vdf/antivir3.vdf.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_48c98833\vdf\antivir3.vdf
11.09.2008 23:06:57 - #5: Downloading and extracting http://dl4.avgate.net/upd/engine/nt/avrep.dll.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_48c98833\engine\nt\avrep.dll
11.09.2008 23:06:57 - #6: Downloading and extracting http://dl4.avgate.net/upd/ave2/aecore.dll.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_48c98833\ave2\aecore.dll
11.09.2008 23:07:00 - #7: Downloading and extracting http://dl4.avgate.net/upd/ave2/aegen.dll.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_48c98833\ave2\aegen.dll
11.09.2008 23:07:03 - #8: Downloading and extracting http://dl4.avgate.net/upd/ave2/aeheur.dll.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_48c98833\ave2\aeheur.dll
11.09.2008 23:07:13 - #9: Downloading and extracting http://dl4.avgate.net/upd/ave2/aeoffice.dll.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_48c98833\ave2\aeoffice.dll
11.09.2008 23:07:15 - #10: Downloading and extracting http://dl4.avgate.net/upd/ave2/aerdl.dll.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_48c98833\ave2\aerdl.dll
11.09.2008 23:07:19 - #11: Downloading and extracting http://dl4.avgate.net/upd/ave2/aescript.dll.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_48c98833\ave2\aescript.dll
11.09.2008 23:07:21 - #12: Downloading and extracting http://dl4.avgate.net/upd/ave2/aeset.dat.gz t
0
Réponse 14 / 26
yo
 
Salut j'ai donc installé hier antivir et effectué des scans ci joints les rapports. Le premier rapport montre des virus trouvés que j'ai détruis au lieu de les mettre en 40N et redémarrer. les autres scan n'ont rien donnés. Qu'en penses-tu?

Avira AntiVir Personal
Report file date: 2008-09-11 23:12

Scanning for 1609795 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Save mode
Username: yo
Computer name: JOHAN

Version information:
BUILD.DAT : 8.1.0.331 16934 Bytes 2008-08-12 11:46:00
AVSCAN.EXE : 8.1.4.7 315649 Bytes 2008-06-26 08:57:53
AVSCAN.DLL : 8.1.4.0 40705 Bytes 2008-05-26 07:56:40
LUKE.DLL : 8.1.4.5 164097 Bytes 2008-06-12 12:44:19
LUKERES.DLL : 8.1.4.0 12033 Bytes 2008-05-26 07:58:52
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 2007-07-18 10:33:34
ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 2008-06-24 13:54:15
ANTIVIR2.VDF : 7.0.6.94 2998784 Bytes 2008-08-31 21:06:51
ANTIVIR3.VDF : 7.0.6.148 334848 Bytes 2008-09-11 21:06:57
Engineversion : 8.1.1.28
AEVDF.DLL : 8.1.0.5 102772 Bytes 2008-02-25 09:58:21
AESCRIPT.DLL : 8.1.0.70 319866 Bytes 2008-09-11 21:07:21
AESCN.DLL : 8.1.0.23 119156 Bytes 2008-07-10 12:44:49
AERDL.DLL : 8.1.1.1 397683 Bytes 2008-09-11 21:07:19
AEPACK.DLL : 8.1.2.1 364917 Bytes 2008-07-15 12:58:35
AEOFFICE.DLL : 8.1.0.23 196987 Bytes 2008-09-11 21:07:15
AEHEUR.DLL : 8.1.0.51 1397111 Bytes 2008-09-11 21:07:13
AEHELP.DLL : 8.1.0.15 115063 Bytes 2008-07-10 12:44:48
AEGEN.DLL : 8.1.0.36 315764 Bytes 2008-09-11 21:07:03
AEEMU.DLL : 8.1.0.7 430452 Bytes 2008-07-31 08:33:21
AECORE.DLL : 8.1.1.11 172406 Bytes 2008-09-11 21:07:00
AEBB.DLL : 8.1.0.1 53617 Bytes 2008-07-10 12:44:48
AVWINLL.DLL : 1.0.0.12 15105 Bytes 2008-07-09 08:40:05
AVPREF.DLL : 8.0.2.0 38657 Bytes 2008-05-16 09:28:01
AVREP.DLL : 8.0.0.2 98344 Bytes 2008-09-11 21:06:57
AVREG.DLL : 8.0.0.1 33537 Bytes 2008-05-09 11:26:40
AVARKT.DLL : 1.0.0.23 307457 Bytes 2008-02-12 08:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 2008-06-12 12:27:49
SQLITE3.DLL : 3.3.17.1 339968 Bytes 2008-01-22 17:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 2008-06-12 12:49:40
NETNT.DLL : 8.0.0.1 7937 Bytes 2008-01-25 12:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 2008-06-12 13:48:07
RCTEXT.DLL : 8.0.52.0 86273 Bytes 2008-06-27 13:34:37

Configuration settings for the scan:
Jobname..........................: Local Hard Disks
Configuration file...............: c:\program files\avira\antivir personaledition classic\alldiscs.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, D:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: 2008-09-11 23:12

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
11 processes with 11 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD2
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD3
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD4
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!

Starting to scan the registry.
The registry was scanned ( '82' files ).

Starting the file scan:

Begin scan in 'C:\' <ACER>
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Backups\.tt9.tmp
[DETECTION] Contains recognition pattern of the PHISH/FraudTool.XPAntivirus.RJ phishing file/email
[NOTE] The file was deleted!
C:\Backups\phcrpqj0eac5.bmp
[DETECTION] Is the TR/Fakealert.AAF Trojan
[NOTE] The file was deleted!
C:\Documents and Settings\yo\Bureau\catchme.zip
[0] Archive type: ZIP
--> msliksurcredo.dll
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was deleted!
C:\WINDOWS\system32\spool\drivers\w32x86\EB5ST000.DAT
[0] Archive type: CAB SFX (self extracting)
--> \EBAPISET.exe
[WARNING] No further files can be extracted from this archive. The archive will be closed
C:\WINDOWS\system32\spool\drivers\w32x86\3\EB5ST000.DAT
[0] Archive type: CAB SFX (self extracting)
--> \EBAPISET.exe
[WARNING] No further files can be extracted from this archive. The archive will be closed
Begin scan in 'D:\' <ACERDATA>

End of the scan: 2008-09-11 23:35
Used time: 22:55 Minute(s)

The scan has been done completely.

4625 Scanning directories
180173 Files were scanned
3 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
3 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
180169 Files not concerned
6969 Archives were scanned
7 Warnings
3 Notes

Avira AntiVir Personal
Report file date: 2008-09-12 14:21

Scanning for 1609795 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Save mode
Username: yo
Computer name: JOHAN

Version information:
BUILD.DAT : 8.1.0.331 16934 Bytes 2008-08-12 11:46:00
AVSCAN.EXE : 8.1.4.7 315649 Bytes 2008-06-26 08:57:53
AVSCAN.DLL : 8.1.4.0 40705 Bytes 2008-05-26 07:56:40
LUKE.DLL : 8.1.4.5 164097 Bytes 2008-06-12 12:44:19
LUKERES.DLL : 8.1.4.0 12033 Bytes 2008-05-26 07:58:52
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 2007-07-18 10:33:34
ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 2008-06-24 13:54:15
ANTIVIR2.VDF : 7.0.6.94 2998784 Bytes 2008-08-31 21:06:51
ANTIVIR3.VDF : 7.0.6.148 334848 Bytes 2008-09-11 21:06:57
Engineversion : 8.1.1.28
AEVDF.DLL : 8.1.0.5 102772 Bytes 2008-02-25 09:58:21
AESCRIPT.DLL : 8.1.0.70 319866 Bytes 2008-09-11 21:07:21
AESCN.DLL : 8.1.0.23 119156 Bytes 2008-07-10 12:44:49
AERDL.DLL : 8.1.1.1 397683 Bytes 2008-09-11 21:07:19
AEPACK.DLL : 8.1.2.1 364917 Bytes 2008-07-15 12:58:35
AEOFFICE.DLL : 8.1.0.23 196987 Bytes 2008-09-11 21:07:15
AEHEUR.DLL : 8.1.0.51 1397111 Bytes 2008-09-11 21:07:13
AEHELP.DLL : 8.1.0.15 115063 Bytes 2008-07-10 12:44:48
AEGEN.DLL : 8.1.0.36 315764 Bytes 2008-09-11 21:07:03
AEEMU.DLL : 8.1.0.7 430452 Bytes 2008-07-31 08:33:21
AECORE.DLL : 8.1.1.11 172406 Bytes 2008-09-11 21:07:00
AEBB.DLL : 8.1.0.1 53617 Bytes 2008-07-10 12:44:48
AVWINLL.DLL : 1.0.0.12 15105 Bytes 2008-07-09 08:40:05
AVPREF.DLL : 8.0.2.0 38657 Bytes 2008-05-16 09:28:01
AVREP.DLL : 8.0.0.2 98344 Bytes 2008-09-11 21:06:57
AVREG.DLL : 8.0.0.1 33537 Bytes 2008-05-09 11:26:40
AVARKT.DLL : 1.0.0.23 307457 Bytes 2008-02-12 08:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 2008-06-12 12:27:49
SQLITE3.DLL : 3.3.17.1 339968 Bytes 2008-01-22 17:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 2008-06-12 12:49:40
NETNT.DLL : 8.0.0.1 7937 Bytes 2008-01-25 12:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 2008-06-12 13:48:07
RCTEXT.DLL : 8.0.52.0 86273 Bytes 2008-06-27 13:34:37

Configuration settings for the scan:
Jobname..........................: Manual Selection
Configuration file...............: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\PROFILES\folder.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: on
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: 2008-09-12 14:21

Starting search for hidden objects.
The driver could not be initialized.

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
11 processes with 11 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD2
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD3
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD4
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!

Starting to scan the registry.
The registry was scanned ( '82' files ).

Starting the file scan:

Begin scan in 'C:\' <ACER>
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\WINDOWS\system32\spool\drivers\w32x86\EB5ST000.DAT
[0] Archive type: CAB SFX (self extracting)
--> \EBAPISET.exe
[WARNING] No further files can be extracted from this archive. The archive will be closed
C:\WINDOWS\system32\spool\drivers\w32x86\3\EB5ST000.DAT
[0] Archive type: CAB SFX (self extracting)
--> \EBAPISET.exe
[WARNING] No further files can be extracted from this archive. The archive will be closed

End of the scan: 2008-09-12 14:43
Used time: 21:49 Minute(s)

The scan has been done completely.

4610 Scanning directories
180132 Files were scanned
0 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
180131 Files not concerned
6968 Archives were scanned
7 Warnings
0 Notes

Avira AntiVir Personal
Report file date: 2008-09-12 14:11

Scanning for 1609795 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Save mode
Username: yo
Computer name: JOHAN

Version information:
BUILD.DAT : 8.1.0.331 16934 Bytes 2008-08-12 11:46:00
AVSCAN.EXE : 8.1.4.7 315649 Bytes 2008-06-26 08:57:53
AVSCAN.DLL : 8.1.4.0 40705 Bytes 2008-05-26 07:56:40
LUKE.DLL : 8.1.4.5 164097 Bytes 2008-06-12 12:44:19
LUKERES.DLL : 8.1.4.0 12033 Bytes 2008-05-26 07:58:52
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 2007-07-18 10:33:34
ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 2008-06-24 13:54:15
ANTIVIR2.VDF : 7.0.6.94 2998784 Bytes 2008-08-31 21:06:51
ANTIVIR3.VDF : 7.0.6.148 334848 Bytes 2008-09-11 21:06:57
Engineversion : 8.1.1.28
AEVDF.DLL : 8.1.0.5 102772 Bytes 2008-02-25 09:58:21
AESCRIPT.DLL : 8.1.0.70 319866 Bytes 2008-09-11 21:07:21
AESCN.DLL : 8.1.0.23 119156 Bytes 2008-07-10 12:44:49
AERDL.DLL : 8.1.1.1 397683 Bytes 2008-09-11 21:07:19
AEPACK.DLL : 8.1.2.1 364917 Bytes 2008-07-15 12:58:35
AEOFFICE.DLL : 8.1.0.23 196987 Bytes 2008-09-11 21:07:15
AEHEUR.DLL : 8.1.0.51 1397111 Bytes 2008-09-11 21:07:13
AEHELP.DLL : 8.1.0.15 115063 Bytes 2008-07-10 12:44:48
AEGEN.DLL : 8.1.0.36 315764 Bytes 2008-09-11 21:07:03
AEEMU.DLL : 8.1.0.7 430452 Bytes 2008-07-31 08:33:21
AECORE.DLL : 8.1.1.11 172406 Bytes 2008-09-11 21:07:00
AEBB.DLL : 8.1.0.1 53617 Bytes 2008-07-10 12:44:48
AVWINLL.DLL : 1.0.0.12 15105 Bytes 2008-07-09 08:40:05
AVPREF.DLL : 8.0.2.0 38657 Bytes 2008-05-16 09:28:01
AVREP.DLL : 8.0.0.2 98344 Bytes 2008-09-11 21:06:57
AVREG.DLL : 8.0.0.1 33537 Bytes 2008-05-09 11:26:40
AVARKT.DLL : 1.0.0.23 307457 Bytes 2008-02-12 08:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 2008-06-12 12:27:49
SQLITE3.DLL : 3.3.17.1 339968 Bytes 2008-01-22 17:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 2008-06-12 12:49:40
NETNT.DLL : 8.0.0.1 7937 Bytes 2008-01-25 12:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 2008-06-12 13:48:07
RCTEXT.DLL : 8.0.52.0 86273 Bytes 2008-06-27 13:34:37

Configuration settings for the scan:
Jobname..........................: Rootkit search
Configuration file...............: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\PROFILES\rootkit.avp
Logging..........................: high
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Process scan.....................: off
Scan registry....................: off
Search for rootkits..............: on
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: high
Expanded search settings.........: 0x00300922

Start of the scan: 2008-09-12 14:11

Starting search for hidden objects.
The driver could not be initialized.

End of the scan: 2008-09-12 14:11
Used time: 00:02 Minute(s)

The scan has been done completely.

0 Scanning directories
0 Files were scanned
0 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
0 Files cannot be scanned
0 Files not concerned
0 Archives were scanned
0 Warnings
0 Notes

Avira AntiVir Personal
Report file date: 2008-09-12 13:50

Scanning for 1609795 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Save mode
Username: yo
Computer name: JOHAN

Version information:
BUILD.DAT : 8.1.0.331 16934 Bytes 2008-08-12 11:46:00
AVSCAN.EXE : 8.1.4.7 315649 Bytes 2008-06-26 08:57:53
AVSCAN.DLL : 8.1.4.0 40705 Bytes 2008-05-26 07:56:40
LUKE.DLL : 8.1.4.5 164097 Bytes 2008-06-12 12:44:19
LUKERES.DLL : 8.1.4.0 12033 Bytes 2008-05-26 07:58:52
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 2007-07-18 10:33:34
ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 2008-06-24 13:54:15
ANTIVIR2.VDF : 7.0.6.94 2998784 Bytes 2008-08-31 21:06:51
ANTIVIR3.VDF : 7.0.6.148 334848 Bytes 2008-09-11 21:06:57
Engineversion : 8.1.1.28
AEVDF.DLL : 8.1.0.5 102772 Bytes 2008-02-25 09:58:21
AESCRIPT.DLL : 8.1.0.70 319866 Bytes 2008-09-11 21:07:21
AESCN.DLL : 8.1.0.23 119156 Bytes 2008-07-10 12:44:49
AERDL.DLL : 8.1.1.1 397683 Bytes 2008-09-11 21:07:19
AEPACK.DLL : 8.1.2.1 364917 Bytes 2008-07-15 12:58:35
AEOFFICE.DLL : 8.1.0.23 196987 Bytes 2008-09-11 21:07:15
AEHEUR.DLL : 8.1.0.51 1397111 Bytes 2008-09-11 21:07:13
AEHELP.DLL : 8.1.0.15 115063 Bytes 2008-07-10 12:44:48
AEGEN.DLL : 8.1.0.36 315764 Bytes 2008-09-11 21:07:03
AEEMU.DLL : 8.1.0.7 430452 Bytes 2008-07-31 08:33:21
AECORE.DLL : 8.1.1.11 172406 Bytes 2008-09-11 21:07:00
AEBB.DLL : 8.1.0.1 53617 Bytes 2008-07-10 12:44:48
AVWINLL.DLL : 1.0.0.12 15105 Bytes 2008-07-09 08:40:05
AVPREF.DLL : 8.0.2.0 38657 Bytes 2008-05-16 09:28:01
AVREP.DLL : 8.0.0.2 98344 Bytes 2008-09-11 21:06:57
AVREG.DLL : 8.0.0.1 33537 Bytes 2008-05-09 11:26:40
AVARKT.DLL : 1.0.0.23 307457 Bytes 2008-02-12 08:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 2008-06-12 12:27:49
SQLITE3.DLL : 3.3.17.1 339968 Bytes 2008-01-22 17:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 2008-06-12 12:49:40
NETNT.DLL : 8.0.0.1 7937 Bytes 2008-01-25 12:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 2008-06-12 13:48:07
RCTEXT.DLL : 8.0.52.0 86273 Bytes 2008-06-27 13:34:37

Configuration settings for the scan:
Jobname..........................: My Documents
Configuration file...............: c:\program files\avira\antivir personaledition classic\mydocs.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: 2008-09-12 13:50

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
11 processes with 11 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD2
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD3
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD4
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!

Starting to scan the registry.
The registry was scanned ( '82' files ).

Starting the file scan:

Begin scan in 'C:\Documents and Settings\yo\Mes documents'

End of the scan: 2008-09-12 13:52
Used time: 02:23 Minute(s)

The scan has been done completely.

346 Scanning directories
5052 Files were scanned
0 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
0 Files cannot be scanned
5052 Files not concerned
4 Archives were scanned
4 Warnings
0 Notes

Avira AntiVir Personal
Report file date: 2008-09-12 11:40

Scanning for 1609795 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Save mode
Username: yo
Computer name: JOHAN

Version information:
BUILD.DAT : 8.1.0.331 16934 Bytes 2008-08-12 11:46:00
AVSCAN.EXE : 8.1.4.7 315649 Bytes 2008-06-26 08:57:53
AVSCAN.DLL : 8.1.4.0 40705 Bytes 2008-05-26 07:56:40
LUKE.DLL : 8.1.4.5 164097 Bytes 2008-06-12 12:44:19
LUKERES.DLL : 8.1.4.0 12033 Bytes 2008-05-26 07:58:52
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 2007-07-18 10:33:34
ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 2008-06-24 13:54:15
ANTIVIR2.VDF : 7.0.6.94 2998784 Bytes 2008-08-31 21:06:51
ANTIVIR3.VDF : 7.0.6.148 334848 Bytes 2008-09-11 21:06:57
Engineversion : 8.1.1.28
AEVDF.DLL : 8.1.0.5 102772 Bytes 2008-02-25 09:58:21
AESCRIPT.DLL : 8.1.0.70 319866 Bytes 2008-09-11 21:07:21
AESCN.DLL : 8.1.0.23 119156 Bytes 2008-07-10 12:44:49
AERDL.DLL : 8.1.1.1 397683 Bytes 2008-09-11 21:07:19
AEPACK.DLL : 8.1.2.1 364917 Bytes 2008-07-15 12:58:35
AEOFFICE.DLL : 8.1.0.23 196987 Bytes 2008-09-11 21:07:15
AEHEUR.DLL : 8.1.0.51 1397111 Bytes 2008-09-11 21:07:13
AEHELP.DLL : 8.1.0.15 115063 Bytes 2008-07-10 12:44:48
AEGEN.DLL : 8.1.0.36 315764 Bytes 2008-09-11 21:07:03
AEEMU.DLL : 8.1.0.7 430452 Bytes 2008-07-31 08:33:21
AECORE.DLL : 8.1.1.11 172406 Bytes 2008-09-11 21:07:00
AEBB.DLL : 8.1.0.1 53617 Bytes 2008-07-10 12:44:48
AVWINLL.DLL : 1.0.0.12 15105 Bytes 2008-07-09 08:40:05
AVPREF.DLL : 8.0.2.0 38657 Bytes 2008-05-16 09:28:01
AVREP.DLL : 8.0.0.2 98344 Bytes 2008-09-11 21:06:57
AVREG.DLL : 8.0.0.1 33537 Bytes 2008-05-09 11:26:40
AVARKT.DLL : 1.0.0.23 307457 Bytes 2008-02-12 08:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 2008-06-12 12:27:49
SQLITE3.DLL : 3.3.17.1 339968 Bytes 2008-01-22 17:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 2008-06-12 12:49:40
NETNT.DLL : 8.0.0.1 7937 Bytes 2008-01-25 12:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 2008-06-12 13:48:07
RCTEXT.DLL : 8.0.52.0 86273 Bytes 2008-06-27 13:34:37

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, D:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: 2008-09-12 11:40

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
11 processes with 11 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD2
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD3
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD4
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!

Starting to scan the registry.
The registry was scanned ( '82' files ).

Starting the file scan:

Begin scan in 'C:\' <ACER>
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\WINDOWS\system32\spool\drivers\w32x86\EB5ST000.DAT
[0] Archive type: CAB SFX (self extracting)
--> \EBAPISET.exe
[WARNING] No further files can be extracted from this archive. The archive will be closed
C:\WINDOWS\system32\spool\drivers\w32x86\3\EB5ST000.DAT
[0] Archive type: CAB SFX (self extracting)
--> \EBAPISET.exe
[WARNING] No further files can be extracted from this archive. The archive will be closed
Begin scan in 'D:\' <ACERDATA>

End of the scan: 2008-09-12 12:01
Used time: 21:20 Minute(s)

The scan has been done completely.

4625 Scanning directories
180174 Files were scanned
0 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
180173 Files not concerned
6968 Archives were scanned
7 Warnings
0 Notes

Avira AntiVir Personal
Report file date: 2008-09-12 11:31

Scanning for 1609795 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Save mode
Username: yo
Computer name: JOHAN

Version information:
BUILD.DAT : 8.1.0.331 16934 Bytes 2008-08-12 11:46:00
AVSCAN.EXE : 8.1.4.7 315649 Bytes 2008-06-26 08:57:53
AVSCAN.DLL : 8.1.4.0 40705 Bytes 2008-05-26 07:56:40
LUKE.DLL : 8.1.4.5 164097 Bytes 2008-06-12 12:44:19
LUKERES.DLL : 8.1.4.0 12033 Bytes 2008-05-26 07:58:52
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 2007-07-18 10:33:34
ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 2008-06-24 13:54:15
ANTIVIR2.VDF : 7.0.6.94 2998784 Bytes 2008-08-31 21:06:51
ANTIVIR3.VDF : 7.0.6.148 334848 Bytes 2008-09-11 21:06:57
Engineversion : 8.1.1.28
AEVDF.DLL : 8.1.0.5 102772 Bytes 2008-02-25 09:58:21
AESCRIPT.DLL : 8.1.0.70 319866 Bytes 2008-09-11 21:07:21
AESCN.DLL : 8.1.0.23 119156 Bytes 2008-07-10 12:44:49
AERDL.DLL : 8.1.1.1 397683 Bytes 2008-09-11 21:07:19
AEPACK.DLL : 8.1.2.1 364917 Bytes 2008-07-15 12:58:35
AEOFFICE.DLL : 8.1.0.23 196987 Bytes 2008-09-11 21:07:15
AEHEUR.DLL : 8.1.0.51 1397111 Bytes 2008-09-11 21:07:13
AEHELP.DLL : 8.1.0.15 115063 Bytes 2008-07-10 12:44:48
AEGEN.DLL : 8.1.0.36 315764 Bytes 2008-09-11 21:07:03
AEEMU.DLL : 8.1.0.7 430452 Bytes 2008-07-31 08:33:21
AECORE.DLL : 8.1.1.11 172406 Bytes 2008-09-11 21:07:00
AEBB.DLL : 8.1.0.1 53617 Bytes 2008-07-10 12:44:48
AVWINLL.DLL : 1.0.0.12 15105 Bytes 2008-07-09 08:40:05
AVPREF.DLL : 8.0.2.0 38657 Bytes 2008-05-16 09:28:01
AVREP.DLL : 8.0.0.2 98344 Bytes 2008-09-11 21:06:57
AVREG.DLL : 8.0.0.1 33537 Bytes 2008-05-09 11:26:40
AVARKT.DLL : 1.0.0.23 307457 Bytes 2008-02-12 08:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 2008-06-12 12:27:49
SQLITE3.DLL : 3.3.17.1 339968 Bytes 2008-01-22 17:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 2008-06-12 12:49:40
NETNT.DLL : 8.0.0.1 7937 Bytes 2008-01-25 12:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 2008-06-12 13:48:07
RCTEXT.DLL : 8.0.52.0 86273 Bytes 2008-06-27 13:34:37

Configuration settings for the scan:
Jobname..........................: Windows System Directory
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysdir.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: 2008-09-12 11:31

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
11 processes with 11 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD2
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD3
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD4
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!

Starting to scan the registry.
The registry was scanned ( '82' files ).

Starting the file scan:

Begin scan in 'C:\WINDOWS\system32'
C:\WINDOWS\system32\spool\drivers\w32x86\EB5ST000.DAT
[0] Archive type: CAB SFX (self extracting)
--> \EBAPISET.exe
[WARNING] No further files can be extracted from this archive. The archive will be closed
C:\WINDOWS\system32\spool\drivers\w32x86\3\EB5ST000.DAT
[0] Archive type: CAB SFX (self extracting)
--> \EBAPISET.exe
[WARNING] No further files can be extracted from this archive. The archive will be closed

End of the scan: 2008-09-12 11:32
Used time: 00:26 Minute(s)

The scan has been done completely.

204 Scanning directories
7563 Files were scanned
0 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
0 Files cannot be scanned
7563 Files not concerned
12 Archives were scanned
6 Warnings
0 Notes

Avira AntiVir Personal
Report file date: 2008-09-12 11:26

Scanning for 1609795 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Save mode
Username: yo
Computer name: JOHAN

Version information:
BUILD.DAT : 8.1.0.331 16934 Bytes 2008-08-12 11:46:00
AVSCAN.EXE : 8.1.4.7 315649 Bytes 2008-06-26 08:57:53
AVSCAN.DLL : 8.1.4.0 40705 Bytes 2008-05-26 07:56:40
LUKE.DLL : 8.1.4.5 164097 Bytes 2008-06-12 12:44:19
LUKERES.DLL : 8.1.4.0 12033 Bytes 2008-05-26 07:58:52
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 2007-07-18 10:33:34
ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 2008-06-24 13:54:15
ANTIVIR2.VDF : 7.0.6.94 2998784 Bytes 2008-08-31 21:06:51
ANTIVIR3.VDF : 7.0.6.148 334848 Bytes 2008-09-11 21:06:57
Engineversion : 8.1.1.28
AEVDF.DLL : 8.1.0.5 102772 Bytes 2008-02-25 09:58:21
AESCRIPT.DLL : 8.1.0.70 319866 Bytes 2008-09-11 21:07:21
AESCN.DLL : 8.1.0.23 119156 Bytes 2008-07-10 12:44:49
AERDL.DLL : 8.1.1.1 397683 Bytes 2008-09-11 21:07:19
AEPACK.DLL : 8.1.2.1 364917 Bytes 2008-07-15 12:58:35
AEOFFICE.DLL : 8.1.0.23 196987 Bytes 2008-09-11 21:07:15
AEHEUR.DLL : 8.1.0.51 1397111 Bytes 2008-09-11 21:07:13
AEHELP.DLL : 8.1.0.15 115063 Bytes 2008-07-10 12:44:48
AEGEN.DLL : 8.1.0.36 315764 Bytes 2008-09-11 21:07:03
AEEMU.DLL : 8.1.0.7 430452 Bytes 2008-07-31 08:33:21
AECORE.DLL : 8.1.1.11 172406 Bytes 2008-09-11 21:07:00
AEBB.DLL : 8.1.0.1 53617 Bytes 2008-07-10 12:44:48
AVWINLL.DLL : 1.0.0.12 15105 Bytes 2008-07-09 08:40:05
AVPREF.DLL : 8.0.2.0 38657 Bytes 2008-05-16 09:28:01
AVREP.DLL : 8.0.0.2 98344 Bytes 2008-09-11 21:06:57
AVREG.DLL : 8.0.0.1 33537 Bytes 2008-05-09 11:26:40
AVARKT.DLL : 1.0.0.23 307457 Bytes 2008-02-12 08:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 2008-06-12 12:27:49
SQLITE3.DLL : 3.3.17.1 339968 Bytes 2008-01-22 17:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 2008-06-12 12:49:40
NETNT.DLL : 8.0.0.1 7937 Bytes 2008-01-25 12:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 2008-06-12 13:48:07
RCTEXT.DLL : 8.0.52.0 86273 Bytes 2008-06-27 13:34:37

Configuration settings for the scan:
Jobname..........................: Removable Drives
Configuration file...............: c:\program files\avira\antivir personaledition classic\rmdiscs.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: F:, G:, H:, I:, E:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: 2008-09-12 11:26

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
11 processes with 11 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD2
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD3
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD4
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.

Start scanning boot sectors:
Boot sector 'F:\'
[INFO] In the drive 'F:\' no data medium is inserted!
Boot sector 'G:\'
[INFO] In the drive 'G:\' no data medium is inserted!
Boot sector 'H:\'
[INFO] In the drive 'H:\' no data medium is inserted!
Boot sector 'I:\'
[INFO] In the drive 'I:\' no data medium is inserted!

Starting to scan the registry.
The registry was scanned ( '82' files ).

Starting the file scan:

Begin scan in 'F:\'
Search path F:\ could not be opened!
System error [21]: Le périphérique n'est pas prêt.
Begin scan in 'G:\'
Search path G:\ could not be opened!
System error [21]: Le périphérique n'est pas prêt.
Begin scan in 'H:\'
Search path H:\ could not be opened!
System error [21]: Le périphérique n'est pas prêt.
Begin scan in 'I:\'
Search path I:\ could not be opened!
System error [21]: Le périphérique n'est pas prêt.
Begin scan in 'E:\'
Search path E:\ could not be opened!
System error [21]: Le périphérique n'est pas prêt.

End of the scan: 2008-09-12 11:26
Used time: 00:11 Minute(s)

The scan has been done completely.

0 Scanning directories
93 Files were scanned
0 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
0 Files cannot be scanned
93 Files not concerned
0 Archives were scanned
4 Warnings
0 Notes

Avira AntiVir Personal
Report file date: 2008-09-12 11:00

Scanning for 1609795 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Save mode
Username: yo
Computer name: JOHAN

Version information:
BUILD.DAT : 8.1.0.331 16934 Bytes 2008-08-12 11:46:00
AVSCAN.EXE : 8.1.4.7 315649 Bytes 2008-06-26 08:57:53
AVSCAN.DLL : 8.1.4.0 40705 Bytes 2008-05-26 07:56:40
LUKE.DLL : 8.1.4.5 164097 Bytes 2008-06-12 12:44:19
LUKERES.DLL : 8.1.4.0 12033 Bytes 2008-05-26 07:58:52
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 2007-07-18 10:33:34
ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 2008-06-24 13:54:15
ANTIVIR2.VDF : 7.0.6.94 2998784 Bytes 2008-08-31 21:06:51
ANTIVIR3.VDF : 7.0.6.148 334848 Bytes 2008-09-11 21:06:57
Engineversion : 8.1.1.28
AEVDF.DLL : 8.1.0.5 102772 Bytes 2008-02-25 09:58:21
AESCRIPT.DLL : 8.1.0.70 319866 Bytes 2008-09-11 21:07:21
AESCN.DLL : 8.1.0.23 119156 Bytes 2008-07-10 12:44:49
AERDL.DLL : 8.1.1.1 397683 Bytes 2008-09-11 21:07:19
AEPACK.DLL : 8.1.2.1 364917 Bytes 2008-07-15 12:58:35
AEOFFICE.DLL : 8.1.0.23 196987 Bytes 2008-09-11 21:07:15
AEHEUR.DLL : 8.1.0.51 1397111 Bytes 2008-09-11 21:07:13
AEHELP.DLL : 8.1.0.15 115063 Bytes 2008-07-10 12:44:48
AEGEN.DLL : 8.1.0.36 315764 Bytes 2008-09-11 21:07:03
AEEMU.DLL : 8.1.0.7 430452 Bytes 2008-07-31 08:33:21
AECORE.DLL : 8.1.1.11 172406 Bytes 2008-09-11 21:07:00
AEBB.DLL : 8.1.0.1 53617 Bytes 2008-07-10 12:44:48
AVWINLL.DLL : 1.0.0.12 15105 Bytes 2008-07-09 08:40:05
AVPREF.DLL : 8.0.2.0 38657 Bytes 2008-05-16 09:28:01
AVREP.DLL : 8.0.0.2 98344 Bytes 2008-09-11 21:06:57
AVREG.DLL : 8.0.0.1 33537 Bytes 2008-05-09 11:26:40
AVARKT.DLL : 1.0.0.23 307457 Bytes 2008-02-12 08:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 2008-06-12 12:27:49
SQLITE3.DLL : 3.3.17.1 339968 Bytes 2008-01-22 17:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 2008-06-12 12:49:40
NETNT.DLL : 8.0.0.1 7937 Bytes 2008-01-25 12:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 2008-06-12 13:48:07
RCTEXT.DLL : 8.0.52.0 86273 Bytes 2008-06-27 13:34:37

Configuration settings for the scan:
Jobname..........................: Local Drives
Configuration file...............: c:\program files\avira\antivir personaledition classic\alldrives.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, D:, F:, G:, H:, I:, E:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: 2008-09-12 11:00

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
11 processes with 11 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD2
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD3
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD4
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!
Boot sector 'F:\'
[INFO] In the drive 'F:\' no data medium is inserted!
Boot sector 'G:\'
[INFO] In the drive 'G:\' no data medium is inserted!
Boot sector 'H:\'
[INFO] In the drive 'H:\' no data medium is inserted!
Boot sector 'I:\'
[INFO] In the drive 'I:\' no data medium is inserted!

Starting to scan the registry.
The registry was scanned ( '82' files ).

Starting the file scan:

Begin scan in 'C:\' <ACER>
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\WINDOWS\system32\spool\drivers\w32x86\EB5ST000.DAT
[0] Archive type: CAB SFX (self extracting)
--> \EBAPISET.exe
[WARNING] No further files can be extracted from this archive. The archive will be closed
C:\WINDOWS\system32\spool\drivers\w32x86\3\EB5ST000.DAT
[0] Archive type: CAB SFX (self extracting)
--> \EBAPISET.exe
[WARNING] No further files can be extracted from this archive. The archive will be closed
Begin scan in 'D:\' <ACERDATA>
Begin scan in 'F:\'
Search path F:\ could not be opened!
System error [21]: Le périphérique n'est pas prêt.
Begin scan in 'G:\'
Search path G:\ could not be opened!
System error [21]: Le périphérique n'est pas prêt.
Begin scan in 'H:\'
Search path H:\ could not be opened!
System error [21]: Le périphérique n'est pas prêt.
Begin scan in 'I:\'
Search path I:\ could not be opened!
System error [21]: Le périphérique n'est pas prêt.
Begin scan in 'E:\'
Search path E:\ could not be opened!
System error [21]: Le périphérique n'est pas prêt.

End of the scan: 2008-09-12 11:22
Used time: 21:50 Minute(s)

The scan has been done completely.

4625 Scanning directories
180168 Files were scanned
0 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
180167 Files not concerned
6968 Archives were scanned
7 Warnings
0 Notes

11.09.2008 23:05:55 - Installation Directory: C:\Program Files\Avira\AntiVir PersonalEdition Classic\
11.09.2008 23:05:55 - Backup Directory: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\
11.09.2008 23:05:55 - Temp Directory: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_48c98833\
11.09.2008 23:05:55 - Using System's global Proxy settings
11.09.2008 23:05:56 - Launching GUI... display mode: 0
11.09.2008 23:05:56 - selftest successful: C:\Program Files\Avira\AntiVir PersonalEdition Classic\updlib.dll
11.09.2008 23:05:56 - selftest successful: C:\Program Files\Avira\AntiVir PersonalEdition Classic\updlibrc.dll
11.09.2008 23:05:55 - Installation Directory: C:\Program Files\Avira\AntiVir PersonalEdition Classic\
11.09.2008 23:05:55 - Backup Directory: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\BACKUP\
11.09.2008 23:05:55 - Temp Directory: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_48c98833\
11.09.2008 23:05:55 - Using System's global Proxy settings
11.09.2008 23:05:56 - Launching GUI... display mode: 0
11.09.2008 23:05:56 - selftest successful: C:\Program Files\Avira\AntiVir PersonalEdition Classic\updlib.dll
11.09.2008 23:05:56 - selftest successful: C:\Program Files\Avira\AntiVir PersonalEdition Classic\updlibrc.dll
11.09.2008 23:05:56 - Avira AntiVir Personal - Free Antivirus
11.09.2008 23:05:56 - Copy file C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_48c98833\idx/master.idx to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\IDX\master.idx
11.09.2008 23:05:56 - Master IDX file has changed
11.09.2008 23:05:57 - Downloading the product.info file from http://dl4.avgate.net/upd/idx/classic-nt-en.info.gz
11.09.2008 23:05:58 - Copy file C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_48c98833\classic-nt-en.info to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\IDX\classic-nt-en.info
11.09.2008 23:05:58 - Downloading the product.info file from http://dl4.avgate.net/upd/idx/vdf.info.gz
11.09.2008 23:05:58 - Downloading the product.info file from http://dl4.avgate.net/upd/idx/specvir-nt.info.gz
11.09.2008 23:05:59 - Downloading the product.info file from http://dl4.avgate.net/upd/idx/ave2.info.gz
11.09.2008 23:05:59 - Downloading the product.info file from http://dl4.avgate.net/upd/idx/info-wks-classic-nt-en.info.gz
11.09.2008 23:06:00 - Module: SELFUPDATE Source: winwks\en\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 15
11.09.2008 23:06:00 - Module: MAIN Source: winwks\en\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 83
11.09.2008 23:06:00 - Module: COMMAPPDATA_AV Source: winwks\en\ Destination: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\ Files: 1
11.09.2008 23:06:00 - Module: COMMAPP Source: winwks\en\ Destination: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\JOBS\ Files: 4
11.09.2008 23:06:00 - Module: COMMAPDATA_AV_PROFILES Source: winwks\en\ Destination: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\PROFILES\ Files: 2
11.09.2008 23:06:00 - Module: TEXT Source: winwks\en\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 3
11.09.2008 23:06:00 - Module: VDF Source: vdf\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 4
11.09.2008 23:06:01 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\antivir2.vdf 7.0.5.20 < 7.0.6.94
11.09.2008 23:06:01 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\antivir3.vdf 7.0.5.23 < 7.0.6.148
11.09.2008 23:06:01 - Module: AVREP_NT Source: engine\nt\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 1
11.09.2008 23:06:01 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avrep.dll 7.0.0.1 < 8.0.0.2
11.09.2008 23:06:01 - Module: AVE2 Source: ave2\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 14
11.09.2008 23:06:01 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\aecore.dll 8.1.1.8 < 8.1.1.11
11.09.2008 23:06:01 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\aegen.dll 8.1.0.35 < 8.1.0.36
11.09.2008 23:06:01 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\aeheur.dll 8.1.0.47 < 8.1.0.51
11.09.2008 23:06:01 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\aeoffice.dll 8.1.0.21 < 8.1.0.23
11.09.2008 23:06:01 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\aerdl.dll 8.1.0.20 < 8.1.1.1
11.09.2008 23:06:01 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\aescript.dll 8.1.0.63 < 8.1.0.70
11.09.2008 23:06:01 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\aeset.dat 8.1.1.19 < 8.1.1.28
11.09.2008 23:06:01 - Module: DRV Source: winwks\en\ Destination: C:\WINDOWS\SYSTEM32\drivers\ Files: 4
11.09.2008 23:06:01 - Module: PRODINFO Source: winwks\en\ Destination: C:\Program Files\Avira\AntiVir PersonalEdition Classic\ Files: 1
11.09.2008 23:06:01 - Minifilter is installed
11.09.2008 23:06:01 - Minifilter is possible
11.09.2008 23:06:01 - Reading registry value successful: Software\Avira\AntiVir PersonalEdition Classic | FilterType
11.09.2008 23:06:01 - Initialize avnotify.exe
11.09.2008 23:06:01 - Starting avnotify.exe successful
11.09.2008 23:06:01 - Preparing to download files
11.09.2008 23:06:01 - 12 files need to be downloaded / copied from http://dl4.avgate.net/upd/
11.09.2008 23:06:01 - #1: Downloading and extracting http://dl4.avgate.net/upd/winwks/en/classic-nt/filelist.ini.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_48c98833\winwks\en\classic-nt/filelist.ini
11.09.2008 23:06:01 - #2: Downloading and extracting http://dl4.avgate.net/upd/winwks/en/classic-nt/product.ini.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_48c98833\winwks\en\classic-nt/product.ini
11.09.2008 23:06:02 - #3: Downloading and extracting http://dl4.avgate.net/upd/vdf/antivir2.vdf.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_48c98833\vdf\antivir2.vdf
11.09.2008 23:06:51 - #4: Downloading and extracting http://dl4.avgate.net/upd/vdf/antivir3.vdf.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_48c98833\vdf\antivir3.vdf
11.09.2008 23:06:57 - #5: Downloading and extracting http://dl4.avgate.net/upd/engine/nt/avrep.dll.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_48c98833\engine\nt\avrep.dll
11.09.2008 23:06:57 - #6: Downloading and extracting http://dl4.avgate.net/upd/ave2/aecore.dll.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_48c98833\ave2\aecore.dll
11.09.2008 23:07:00 - #7: Downloading and extracting http://dl4.avgate.net/upd/ave2/aegen.dll.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_48c98833\ave2\aegen.dll
11.09.2008 23:07:03 - #8: Downloading and extracting http://dl4.avgate.net/upd/ave2/aeheur.dll.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_48c98833\ave2\aeheur.dll
11.09.2008 23:07:13 - #9: Downloading and extracting http://dl4.avgate.net/upd/ave2/aeoffice.dll.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_48c98833\ave2\aeoffice.dll
11.09.2008 23:07:15 - #10: Downloading and extracting http://dl4.avgate.net/upd/ave2/aerdl.dll.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_48c98833\ave2\aerdl.dll
11.09.2008 23:07:19 - #11: Downloading and extracting http://dl4.avgate.net/upd/ave2/aescript.dll.gz to C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\Update\AVUPDATE_48c98833\ave2\aescript.dll
11.09.2008 23:07:21 - #12: Downloading and extracting http://dl4.avgate.net/upd/ave2/aeset.dat.gz t
0
Réponse 15 / 26
chimay8 Messages postés 7947 Statut Contributeur sécurité 60
 
salut,
déso panne de pc,donc pas su répondre avant

désinstalle combofix

clic sur démarrer
clic sur éxécuter

fais un copier/coller de ComboFix /u
clic sur ok

ensuite réinstalle le

Télécharge Combofix sUBs : http://download.bleepingcomputer.com/sUBs/ComboFix.exe
et sauvegarde le sur ton bureau et pas ailleurs!

**Désactive les logiciels de protection** (Antivirus, Antispywares) puis :
deconnecte toi d'internet,ferme tout les programmes

Double-clique sur combofix, Il va te poser une question, réponds par la touche 1 et entrée pour valider.
ne touche plus à rien, même pas ta souris!!
Attends que combofix ait terminé, un rapport sera créé. Poste le rapport.

Copie/colle un nouveau rapport HiJackThis avec.
0
Réponse 16 / 26
yo
 
ComboFix 08-09-15.02 - yo 2008-09-16 22:28:26.6 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.1.1036.18.688 [GMT 2:00]
Lancé depuis: C:\Documents and Settings\yo\Bureau\ComboFix.exe
* Un nouveau point de restauration a été créé

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.

((((((((((((((((((((((((((((( Fichiers créés du 2008-08-16 au 2008-09-16 ))))))))))))))))))))))))))))))))))))
.

2008-09-16 22:06 . 2008-09-16 22:06 <REP> d-------- C:\WINDOWS\LastGood
2008-09-15 20:12 . 2008-09-15 20:12 <REP> d-------- C:\WINDOWS\system32\fr
2008-09-15 20:12 . 2008-09-15 20:12 <REP> d-------- C:\WINDOWS\system32\bits
2008-09-15 20:12 . 2008-09-15 20:12 <REP> d-------- C:\WINDOWS\l2schemas
2008-09-15 20:10 . 2008-09-15 20:12 <REP> d-------- C:\WINDOWS\ServicePackFiles
2008-09-11 23:02 . 2008-09-11 23:02 <REP> d-------- C:\Program Files\Avira
2008-09-11 23:02 . 2008-09-11 23:02 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira
2008-09-10 19:54 . 2008-09-16 22:20 1,917 --a------ C:\WINDOWS\imsins.BAK
2008-09-08 00:27 . 2008-09-08 00:27 <REP> d-------- C:\Program Files\CCleaner
2008-09-07 23:34 . 2008-09-08 00:16 <REP> d-------- C:\Program Files\Trend Micro
2008-09-07 22:02 . 2008-09-07 22:02 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-09-07 22:02 . 2008-09-07 22:02 <REP> d-------- C:\Documents and Settings\yo\Application Data\Malwarebytes
2008-09-07 22:02 . 2008-09-07 22:02 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-09-07 22:02 . 2008-09-02 00:16 38,528 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-09-07 22:02 . 2008-09-02 00:16 17,200 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-09-07 18:06 . 2008-09-08 00:16 <REP> d-------- C:\WINDOWS\ERUNT
2008-09-07 18:06 . 2008-09-11 23:14 <REP> d-------- C:\Backups
2008-08-28 20:11 . 2008-04-14 04:33 1,888,992 --------- C:\WINDOWS\system32\ati3duag.dll

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-07 22:11 --------- d-----w C:\Program Files\Java
2008-07-18 20:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll
2008-07-18 20:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe
2008-07-18 20:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll
2008-07-18 20:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll
2008-07-18 20:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll
2008-07-18 20:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll
2008-07-18 20:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll
2008-07-18 20:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll
2008-07-07 20:28 253,952 ----a-w C:\WINDOWS\system32\es.dll
2008-06-24 16:44 74,240 ------w C:\WINDOWS\system32\mscms.dll
2008-06-24 16:12 295,936 ------w C:\WINDOWS\system32\wmpeffects.dll
2008-06-23 16:28 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2008-06-20 17:47 247,808 ----a-w C:\WINDOWS\system32\mswsock.dll
2007-11-10 08:30 0 ----a-w C:\Documents and Settings\yo\svc012.exe
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 15360]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LaunchApp"="Alaunch" [X]
"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [2005-09-29 67584]
"ntiMUI"="c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe" [2005-05-11 45056]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" [2004-08-10 208952]
"IMEKRMIG6.1"="C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE" [2004-08-10 44032]
"MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-10 59392]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-10 455168]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-10 455168]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-04-27 7573504]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-04-27 86016]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 132496]
"Acer Empowering Technology Monitor"="C:\WINDOWS\system32\SysMonitor.exe" [2006-04-18 49152]
"eDataSecurity Loader"="C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2006-03-17 345088]
"eRecoveryService"="C:\Acer\Empowering Technology\eRecovery\eRAgent.exe" [2006-06-01 413696]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-04-27 282624]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
"RTHDCPL"="RTHDCPL.EXE" [2006-06-01 C:\WINDOWS\RTHDCPL.exe]
"SkyTel"="SkyTel.EXE" [2006-05-16 C:\WINDOWS\SkyTel.exe]
"nwiz"="nwiz.exe" [2006-04-27 C:\WINDOWS\system32\nwiz.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 15360]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Acer Empowering Technology.lnk - C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe [2007-01-23 45056]
Acer WLAN 11g USB Dongle.lnk - C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe [2005-11-16 745472]
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696]
EPSON Status Monitor 3 Environment Check 2.lnk - C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE [2007-12-03 121856]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [1999-02-17 65588]
NETGEAR WG111v2 Smart Wizard.lnk - C:\Program Files\NETGEAR\WG111v2\WG111v2.exe [2006-05-17 2297856]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\Soulseek-Test\\slsk.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

R3 int15.sys;int15.sys;C:\Acer\Empowering Technology\eRecovery\int15.sys [2005-01-13 69632]
R3 RTLWUSB;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter NT Driver;C:\WINDOWS\system32\DRIVERS\wg111v2.sys [2006-03-27 167808]
S3 ZD1211BU(ZyDAS);ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ZyDAS);C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys [2005-10-28 402432]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\P]
\Shell\Auto\command - P:\RavMonE.exe e
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RavMonE.exe e
.
Contenu du dossier 'Tâches planifiées'
.
.
------- Examen supplémentaire -------
.
FireFox -: Profile - C:\Documents and Settings\yo\Application Data\Mozilla\Firefox\Profiles\q1o6radx.default\
FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-16 22:30:06
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------

PROCESSUS: C:\WINDOWS\system32\winlogon.exe
-> C:\WINDOWS\system32\RtlGina2.dll
.
Heure de fin: 2008-09-16 22:30:39
ComboFix-quarantined-files.txt 2008-09-16 20:30:37

Avant-CF: 136,944,721,920 octets libres
AprŠs-CF: 137,285,689,344 octets libres

127 --- E O F --- 2008-09-15 20:08:51
0
Réponse 17 / 26
yo
 
Logfile of HijackThis v1.99.1
Scan saved at 22:44:00, on 16/09/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\SysMonitor.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
C:\Program Files\NETGEAR\WG111v2\WG111v2.exe
C:\Program Files\Java\jre1.6.0_03\bin\jucheck.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\DOCUME~1\yo\LOCALS~1\Temp\Répertoire temporaire 3 pour hijackthis_199.zip\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/defaults/su/*https://fr.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://fr.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\WINDOWS\system32\SysMonitor.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 0
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Acer Empowering Technology.lnk = ?
O4 - Global Startup: Acer WLAN 11g USB Dongle.lnk = C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: NETGEAR WG111v2 Smart Wizard.lnk = C:\Program Files\NETGEAR\WG111v2\WG111v2.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O17 - HKLM\System\CCS\Services\Tcpip\..\{BCB1F93C-5406-4215-B1A0-0952EB572C5E}: NameServer = 192.168.1.1,0.0.0.0
O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

ComboFix 08-09-15.02 - yo 2008-09-16 22:28:26.6 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.1.1036.18.688 [GMT 2:00]
Lancé depuis: C:\Documents and Settings\yo\Bureau\ComboFix.exe
* Un nouveau point de restauration a été créé

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!/b/color
.

((((((((((((((((((((((((((((( Fichiers créés du 2008-08-16 au 2008-09-16 ))))))))))))))))))))))))))))))))))))
.

2008-09-16 22:06 . 2008-09-16 22:06 <REP> d-------- C:\WINDOWS\LastGood
2008-09-15 20:12 . 2008-09-15 20:12 <REP> d-------- C:\WINDOWS\system32\fr
2008-09-15 20:12 . 2008-09-15 20:12 <REP> d-------- C:\WINDOWS\system32\bits
2008-09-15 20:12 . 2008-09-15 20:12 <REP> d-------- C:\WINDOWS\l2schemas
2008-09-15 20:10 . 2008-09-15 20:12 <REP> d-------- C:\WINDOWS\ServicePackFiles
2008-09-11 23:02 . 2008-09-11 23:02 <REP> d-------- C:\Program Files\Avira
2008-09-11 23:02 . 2008-09-11 23:02 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira
2008-09-10 19:54 . 2008-09-16 22:20 1,917 --a------ C:\WINDOWS\imsins.BAK
2008-09-08 00:27 . 2008-09-08 00:27 <REP> d-------- C:\Program Files\CCleaner
2008-09-07 23:34 . 2008-09-08 00:16 <REP> d-------- C:\Program Files\Trend Micro
2008-09-07 22:02 . 2008-09-07 22:02 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-09-07 22:02 . 2008-09-07 22:02 <REP> d-------- C:\Documents and Settings\yo\Application Data\Malwarebytes
2008-09-07 22:02 . 2008-09-07 22:02 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-09-07 22:02 . 2008-09-02 00:16 38,528 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-09-07 22:02 . 2008-09-02 00:16 17,200 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-09-07 18:06 . 2008-09-08 00:16 <REP> d-------- C:\WINDOWS\ERUNT
2008-09-07 18:06 . 2008-09-11 23:14 <REP> d-------- C:\Backups
2008-08-28 20:11 . 2008-04-14 04:33 1,888,992 --------- C:\WINDOWS\system32\ati3duag.dll

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-07 22:11 --------- d-----w C:\Program Files\Java
2008-07-18 20:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll
2008-07-18 20:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe
2008-07-18 20:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll
2008-07-18 20:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll
2008-07-18 20:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll
2008-07-18 20:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll
2008-07-18 20:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll
2008-07-18 20:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll
2008-07-07 20:28 253,952 ----a-w C:\WINDOWS\system32\es.dll
2008-06-24 16:44 74,240 ------w C:\WINDOWS\system32\mscms.dll
2008-06-24 16:12 295,936 ------w C:\WINDOWS\system32\wmpeffects.dll
2008-06-23 16:28 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2008-06-20 17:47 247,808 ----a-w C:\WINDOWS\system32\mswsock.dll
2007-11-10 08:30 0 ----a-w C:\Documents and Settings\yo\svc012.exe
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 15360]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LaunchApp"="Alaunch" [X]
"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [2005-09-29 67584]
"ntiMUI"="c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe" [2005-05-11 45056]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" [2004-08-10 208952]
"IMEKRMIG6.1"="C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE" [2004-08-10 44032]
"MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-10 59392]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-10 455168]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-10 455168]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-04-27 7573504]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-04-27 86016]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 132496]
"Acer Empowering Technology Monitor"="C:\WINDOWS\system32\SysMonitor.exe" [2006-04-18 49152]
"eDataSecurity Loader"="C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2006-03-17 345088]
"eRecoveryService"="C:\Acer\Empowering Technology\eRecovery\eRAgent.exe" [2006-06-01 413696]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-04-27 282624]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
"RTHDCPL"="RTHDCPL.EXE" [2006-06-01 C:\WINDOWS\RTHDCPL.exe]
"SkyTel"="SkyTel.EXE" [2006-05-16 C:\WINDOWS\SkyTel.exe]
"nwiz"="nwiz.exe" [2006-04-27 C:\WINDOWS\system32\nwiz.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 15360]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Acer Empowering Technology.lnk - C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe [2007-01-23 45056]
Acer WLAN 11g USB Dongle.lnk - C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe [2005-11-16 745472]
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696]
EPSON Status Monitor 3 Environment Check 2.lnk - C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE [2007-12-03 121856]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [1999-02-17 65588]
NETGEAR WG111v2 Smart Wizard.lnk - C:\Program Files\NETGEAR\WG111v2\WG111v2.exe [2006-05-17 2297856]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\Soulseek-Test\\slsk.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

R3 int15.sys;int15.sys;C:\Acer\Empowering Technology\eRecovery\int15.sys [2005-01-13 69632]
R3 RTLWUSB;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter NT Driver;C:\WINDOWS\system32\DRIVERS\wg111v2.sys [2006-03-27 167808]
S3 ZD1211BU(ZyDAS);ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ZyDAS);C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys [2005-10-28 402432]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\P]
\Shell\Auto\command - P:\RavMonE.exe e
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RavMonE.exe e
.
Contenu du dossier 'Tâches planifiées'
.
.
------- Examen supplémentaire -------
.
FireFox -: Profile - C:\Documents and Settings\yo\Application Data\Mozilla\Firefox\Profiles\q1o6radx.default\
FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-16 22:30:06
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------

PROCESSUS: C:\WINDOWS\system32\winlogon.exe
-> C:\WINDOWS\system32\RtlGina2.dll
.
Heure de fin: 2008-09-16 22:30:39
ComboFix-quarantined-files.txt 2008-09-16 20:30:37

Avant-CF: 136,944,721,920 octets libres
AprŠs-CF: 137,285,689,344 octets libres

127 --- E O F --- 2008-09-15 20:08:51
0
Réponse 18 / 26
chimay8 Messages postés 7947 Statut Contributeur sécurité 60
 
fais ceci stp

1/ # Télécharge RavAntivirus d'Evosla :
http://ww25.evosla.com/compteur.php?soft=rav_antivirus

# Si tu as une clé USB, disque dur externe, etc, branche-les sans les ouvrir avant de lancer ce FIX
# Fais un clic droit sur le fichier .ZIP > Extraire sur > le Bureau
# Doucle-clique sur >> RAV.exe << afin de lancer l'outil.
# Une fois RAV ANTIVIRUS lancé, laisse-le réagir , il scanne automatiquement tout les lecteurs (disques fixes et amovibles)
# Si infection > un log s'établira, sinon le soft affichera (très rapide) ==>Votre Ordinateur est sain .
# Retire tes disques amovibles et redémarrez votre ordinateur.
# Poste le rapport, si infection!

2/ Télécharge sur le bureau Flash Disinfector (de SUBS) à cette adresse : http://www.techsupportforum.com/sectools/sUBs/Flash_Disinfector.exe

Double-clique sur l’icône.
Les icônes vont disparaître. C’est normal.
Si un rapport est généré en cas d'infection, sauvegarde-le sur le bureau, et poste le ensuite
Redémarre ensuite le PC.
0
yo
 
idem pour le flash disinfector pas de rapport peut-être ailleurs que mes doc, ???
0
Réponse 19 / 26
yo
 
j'ai fais un rav antivirus en revanche je n'arrive pas à trouver le rapport? d'habitude ils sont dans mes documents. Sinon autrement antivir me relance souvent sur le fait qu'il ne protège pas des spywares et qu'il propose la version payante... on a installé un anti malwares.
0
Réponse 20 / 26
chimay8 Messages postés 7947 Statut Contributeur sécurité 60
 
non,pas grave

si il n'y a pas de rapport c'est qu'il n'a rien trouvé

mais ceci me dérange

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\P]
\Shell\Auto\command - P:\RavMonE.exe e
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RavMonE.exe e

Télécharge sur ton bureau GenProc de Narco4 & jean-chretien1

Ensuite dézippe le dossier puis double-clique sur le fichier GenProc.bat

Une fois qu'il a finit son analyse fait un copier/coller du log qui vient de s'ouvrir dans Bloc-note
Poste le ici

Aide en images
0

Discussions similaires

Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
Problème avec "PUADIManager:Win32/OfferCore
Knaki -
bazfile -

3 réponses
Désinstaller Softonic
Diguimette -
lilidurhone -

5 réponses
virus Artemis!
mabiche37 -
Malekal_morte- -

14 réponses
Message Apple virus !!
Souclik67 -
MPMP10 -

3 réponses