HELP 92 trojans & worms après scan antivir
Résolu
thierry mignard
Messages postés
67
Statut
Membre
-
chimay8 Messages postés 7947 Statut Contributeur sécurité -
chimay8 Messages postés 7947 Statut Contributeur sécurité -
Bonjour,
j'ai fais un scan en ligne ce matin avec eset-nod 32 en ligne, puis avec bit defender qui ne m'ont trouvé aucun virus et cet aprem je viensde faire un scan avec antivir (conseillé sur les forums) que je viens d'installer et il me trouve 92 menaces (essentiellement des trojans mais également quelques worms).
Comment faire pour les supprimer?
merci d'avance.
voici le rapport du scan antivir:
.0.0.
Avira AntiVir Personal
Report file date: jeudi 18 septembre 2008 15:43
Scanning for 1624539 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Normally booted
Username: SYSTEM
Computer name: MATTHIEUTH
Version information:
BUILD.DAT : 8.1.0.331 16934 Bytes 12/08/2008 11:46:00
AVSCAN.EXE : 8.1.4.7 315649 Bytes 26/06/2008 08:57:53
AVSCAN.DLL : 8.1.4.0 40705 Bytes 26/05/2008 07:56:40
LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 12:44:19
LUKERES.DLL : 8.1.4.0 12033 Bytes 26/05/2008 07:58:52
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34
ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 24/06/2008 13:54:15
ANTIVIR2.VDF : 7.0.6.153 3341312 Bytes 12/09/2008 12:30:29
ANTIVIR3.VDF : 7.0.6.178 182784 Bytes 18/09/2008 12:30:31
Engineversion : 8.1.1.34
AEVDF.DLL : 8.1.0.5 102772 Bytes 25/02/2008 09:58:21
AESCRIPT.DLL : 8.1.0.76 319867 Bytes 18/09/2008 12:30:43
AESCN.DLL : 8.1.0.23 119156 Bytes 10/07/2008 12:44:49
AERDL.DLL : 8.1.1.2 438644 Bytes 18/09/2008 12:30:42
AEPACK.DLL : 8.1.2.1 364917 Bytes 15/07/2008 12:58:35
AEOFFICE.DLL : 8.1.0.25 196986 Bytes 18/09/2008 12:30:40
AEHEUR.DLL : 8.1.0.59 1438071 Bytes 18/09/2008 12:30:39
AEHELP.DLL : 8.1.0.15 115063 Bytes 10/07/2008 12:44:48
AEGEN.DLL : 8.1.0.36 315764 Bytes 18/09/2008 12:30:34
AEEMU.DLL : 8.1.0.7 430452 Bytes 31/07/2008 08:33:21
AECORE.DLL : 8.1.1.11 172406 Bytes 18/09/2008 12:30:32
AEBB.DLL : 8.1.0.1 53617 Bytes 10/07/2008 12:44:48
AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 08:40:05
AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 09:28:01
AVREP.DLL : 8.0.0.2 98344 Bytes 18/09/2008 12:30:31
AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 11:26:40
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 12:27:49
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 12:49:40
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 12/06/2008 13:48:07
RCTEXT.DLL : 8.0.52.0 86273 Bytes 27/06/2008 13:34:37
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: jeudi 18 septembre 2008 15:43
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'bdss.exe' - '1' Module(s) have been scanned
Scan process 'xcommsvr.exe' - '1' Module(s) have been scanned
Scan process 'NkbMonitor.exe' - '1' Module(s) have been scanned
Scan process 'acrotray.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
Scan process 'IAANTMon.exe' - '1' Module(s) have been scanned
Scan process 'msmsgs.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'CDAC11BA.EXE' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'bdagent.exe' - '1' Module(s) have been scanned
Scan process 'schedul2.exe' - '1' Module(s) have been scanned
Scan process 'realsched.exe' - '1' Module(s) have been scanned
Scan process 'qttask.exe' - '1' Module(s) have been scanned
Scan process 'schedhlp.exe' - '1' Module(s) have been scanned
Scan process 'TrueImageMonitor.exe' - '1' Module(s) have been scanned
Scan process 'RTHDCPL.EXE' - '1' Module(s) have been scanned
Scan process 'IAAnotif.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
36 processes with 36 modules were scanned
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Starting to scan the registry.
The registry was scanned ( '59' files ).
Starting the file scan:
Begin scan in 'C:\'
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP137\A0021026.dll
[DETECTION] Is the TR/PSW.OnlineGames.YD Trojan
[NOTE] The file was moved to '49026167.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP137\A0021082.dll
[DETECTION] Is the TR/PSW.OnlineGames.YD Trojan
[NOTE] The file was moved to '4902616a.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP137\A0021103.dll
[DETECTION] Is the TR/PSW.OnlineGames.YD Trojan
[NOTE] The file was moved to '4902616e.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP137\A0022131.dll
[DETECTION] Is the TR/PSW.OnlineGames.YD Trojan
[NOTE] The file was moved to '49026172.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP137\A0022146.dll
[DETECTION] Is the TR/PSW.OnlineGames.YD Trojan
[NOTE] The file was moved to '49026175.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP137\A0022198.dll
[DETECTION] Is the TR/PSW.OnlineGames.YD Trojan
[NOTE] The file was moved to '49026178.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP137\A0022225.dll
[DETECTION] Is the TR/PSW.OnlineGames.YD Trojan
[NOTE] The file was moved to '4902617b.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP137\A0022327.dll
[DETECTION] Is the TR/PSW.OnlineGames.YD Trojan
[NOTE] The file was moved to '4902617e.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP137\A0022367.dll
[DETECTION] Is the TR/PSW.OnlineGames.YD Trojan
[NOTE] The file was moved to '49026180.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP137\A0022423.dll
[DETECTION] Is the TR/PSW.OnlineGames.YD Trojan
[NOTE] The file was moved to '49026183.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP137\A0022513.dll
[DETECTION] Is the TR/PSW.OnlineGames.YD Trojan
[NOTE] The file was moved to '49026187.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP137\A0022611.dll
[DETECTION] Is the TR/PSW.OnlineGames.YD Trojan
[NOTE] The file was moved to '4902618b.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP137\A0022781.dll
[DETECTION] Is the TR/PSW.OnlineGames.YD Trojan
[NOTE] The file was moved to '49026191.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP137\A0022841.dll
[DETECTION] Is the TR/PSW.OnlineGames.YD Trojan
[NOTE] The file was moved to '49026194.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP137\A0022905.dll
[DETECTION] Is the TR/PSW.OnlineGames.YD Trojan
[NOTE] The file was moved to '49026197.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP148\A0031976.dll
[DETECTION] Is the TR/PSW.OnlineGames.YD Trojan
[NOTE] The file was moved to '49026245.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP148\A0031995.dll
[DETECTION] Is the TR/PSW.OnlineGames.YD Trojan
[NOTE] The file was moved to '49026249.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP148\A0032057.dll
[DETECTION] Is the TR/PSW.OnlineGames.YD Trojan
[NOTE] The file was moved to '4902624c.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP148\A0032082.dll
[DETECTION] Is the TR/PSW.OnlineGames.YD Trojan
[NOTE] The file was moved to '49026250.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034110.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '49026276.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034111.cmd
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49026278.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034112.inf
[DETECTION] Is the TR/Script.3002 Trojan
[NOTE] The file was moved to '4902627c.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034124.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4902627e.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034126.cmd
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49026280.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034127.inf
[DETECTION] Is the TR/Script.3002 Trojan
[NOTE] The file was moved to '49026282.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034134.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '49026284.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034138.cmd
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49026287.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034139.inf
[DETECTION] Is the TR/Script.3002 Trojan
[NOTE] The file was moved to '49026289.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034161.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4902628c.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034165.cmd
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '4902628e.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034166.inf
[DETECTION] Is the TR/Script.3002 Trojan
[NOTE] The file was moved to '49026290.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034177.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '49026292.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034178.cmd
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49026294.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034179.inf
[DETECTION] Is the TR/Script.3002 Trojan
[NOTE] The file was moved to '49026296.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034196.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '49026298.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034198.cmd
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '4902629a.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034199.inf
[DETECTION] Is the TR/Script.3002 Trojan
[NOTE] The file was moved to '4902629c.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034251.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4902629e.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034253.cmd
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '490262a0.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034254.inf
[DETECTION] Is the TR/Script.3002 Trojan
[NOTE] The file was moved to '490262a2.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034270.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '490262a6.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034272.cmd
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '490262a8.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034273.inf
[DETECTION] Is the TR/Script.3002 Trojan
[NOTE] The file was moved to '490262aa.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034342.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '490262ad.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034344.cmd
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '490262af.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034345.inf
[DETECTION] Is the TR/Script.3002 Trojan
[NOTE] The file was moved to '490262b0.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034434.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '490262b4.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034436.cmd
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '490262b6.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034437.inf
[DETECTION] Is the TR/Script.3002 Trojan
[NOTE] The file was moved to '490262b7.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034446.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '490262b9.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034448.cmd
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '490262bb.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034449.inf
[DETECTION] Is the TR/Script.3002 Trojan
[NOTE] The file was moved to '490262bc.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034461.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '490262be.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034463.cmd
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '490262c0.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034464.inf
[DETECTION] Is the TR/Script.3002 Trojan
[NOTE] The file was moved to '490262c1.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034476.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '490262c3.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034478.cmd
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '490262c5.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034479.inf
[DETECTION] Is the TR/Script.3002 Trojan
[NOTE] The file was moved to '490262c7.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034492.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '490262c8.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034493.cmd
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '490262ca.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034494.inf
[DETECTION] Is the TR/Script.3002 Trojan
[NOTE] The file was moved to '490262cc.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034504.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '490262cd.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034507.cmd
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '490262cf.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034508.inf
[DETECTION] Is the TR/Script.3002 Trojan
[NOTE] The file was moved to '490262d1.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034514.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '490262d2.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034516.cmd
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '490262d4.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034517.inf
[DETECTION] Is the TR/Script.3002 Trojan
[NOTE] The file was moved to '490262d6.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034564.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '490262d8.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034565.cmd
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '490262d9.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034566.inf
[DETECTION] Is the TR/Script.3002 Trojan
[NOTE] The file was moved to '490262db.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034601.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '490262dd.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034604.cmd
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '490262df.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034605.inf
[DETECTION] Is the TR/Script.3002 Trojan
[NOTE] The file was moved to '490262e1.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034614.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '490262e3.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034616.cmd
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '490262e5.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034617.inf
[DETECTION] Is the TR/Script.3002 Trojan
[NOTE] The file was moved to '490262e6.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034645.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '490262e8.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034646.cmd
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '490262ea.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034647.inf
[DETECTION] Is the TR/Script.3002 Trojan
[NOTE] The file was moved to '490262ec.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034654.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '490262ee.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034656.cmd
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '490262f0.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034657.inf
[DETECTION] Is the TR/Script.3002 Trojan
[NOTE] The file was moved to '490262f1.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0035752.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4902630b.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0035770.cmd
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49026310.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0035771.inf
[DETECTION] Is the TR/Script.3002 Trojan
[NOTE] The file was moved to '49026311.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0035772.dll
[DETECTION] Is the TR/PSW.OnlineGames.YD Trojan
[NOTE] The file was moved to '49026313.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0035773.dll
[DETECTION] Is the TR/PSW.OnlineGames.YD Trojan
[NOTE] The file was moved to '49026315.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0035774.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49026317.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0035776.exe
[DETECTION] Contains recognition pattern of the WORM/VB.BV.4 worm
[NOTE] The file was moved to '49026319.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0035777.EXE
[DETECTION] Contains recognition pattern of the WORM/VB.BV.4 worm
[NOTE] The file was moved to '4902631b.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP150\A0036093.inf
[DETECTION] Is the TR/Script.3002 Trojan
[NOTE] The file was moved to '49026331.qua'!
C:\WINDOWS\uda.exe
[DETECTION] Contains recognition pattern of the WORM/VB.BV worm
[NOTE] The file was moved to '4933637f.qua'!
End of the scan: jeudi 18 septembre 2008 16:22
Used time: 38:59 Minute(s)
The scan has been done completely.
4932 Scanning directories
184085 Files were scanned
92 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
92 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
183991 Files not concerned
521 Archives were scanned
2 Warnings
92 Notes
j'ai fais un scan en ligne ce matin avec eset-nod 32 en ligne, puis avec bit defender qui ne m'ont trouvé aucun virus et cet aprem je viensde faire un scan avec antivir (conseillé sur les forums) que je viens d'installer et il me trouve 92 menaces (essentiellement des trojans mais également quelques worms).
Comment faire pour les supprimer?
merci d'avance.
voici le rapport du scan antivir:
.0.0.
Avira AntiVir Personal
Report file date: jeudi 18 septembre 2008 15:43
Scanning for 1624539 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Normally booted
Username: SYSTEM
Computer name: MATTHIEUTH
Version information:
BUILD.DAT : 8.1.0.331 16934 Bytes 12/08/2008 11:46:00
AVSCAN.EXE : 8.1.4.7 315649 Bytes 26/06/2008 08:57:53
AVSCAN.DLL : 8.1.4.0 40705 Bytes 26/05/2008 07:56:40
LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 12:44:19
LUKERES.DLL : 8.1.4.0 12033 Bytes 26/05/2008 07:58:52
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34
ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 24/06/2008 13:54:15
ANTIVIR2.VDF : 7.0.6.153 3341312 Bytes 12/09/2008 12:30:29
ANTIVIR3.VDF : 7.0.6.178 182784 Bytes 18/09/2008 12:30:31
Engineversion : 8.1.1.34
AEVDF.DLL : 8.1.0.5 102772 Bytes 25/02/2008 09:58:21
AESCRIPT.DLL : 8.1.0.76 319867 Bytes 18/09/2008 12:30:43
AESCN.DLL : 8.1.0.23 119156 Bytes 10/07/2008 12:44:49
AERDL.DLL : 8.1.1.2 438644 Bytes 18/09/2008 12:30:42
AEPACK.DLL : 8.1.2.1 364917 Bytes 15/07/2008 12:58:35
AEOFFICE.DLL : 8.1.0.25 196986 Bytes 18/09/2008 12:30:40
AEHEUR.DLL : 8.1.0.59 1438071 Bytes 18/09/2008 12:30:39
AEHELP.DLL : 8.1.0.15 115063 Bytes 10/07/2008 12:44:48
AEGEN.DLL : 8.1.0.36 315764 Bytes 18/09/2008 12:30:34
AEEMU.DLL : 8.1.0.7 430452 Bytes 31/07/2008 08:33:21
AECORE.DLL : 8.1.1.11 172406 Bytes 18/09/2008 12:30:32
AEBB.DLL : 8.1.0.1 53617 Bytes 10/07/2008 12:44:48
AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 08:40:05
AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 09:28:01
AVREP.DLL : 8.0.0.2 98344 Bytes 18/09/2008 12:30:31
AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 11:26:40
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 12:27:49
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 12:49:40
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 12/06/2008 13:48:07
RCTEXT.DLL : 8.0.52.0 86273 Bytes 27/06/2008 13:34:37
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: jeudi 18 septembre 2008 15:43
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'bdss.exe' - '1' Module(s) have been scanned
Scan process 'xcommsvr.exe' - '1' Module(s) have been scanned
Scan process 'NkbMonitor.exe' - '1' Module(s) have been scanned
Scan process 'acrotray.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
Scan process 'IAANTMon.exe' - '1' Module(s) have been scanned
Scan process 'msmsgs.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'CDAC11BA.EXE' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'bdagent.exe' - '1' Module(s) have been scanned
Scan process 'schedul2.exe' - '1' Module(s) have been scanned
Scan process 'realsched.exe' - '1' Module(s) have been scanned
Scan process 'qttask.exe' - '1' Module(s) have been scanned
Scan process 'schedhlp.exe' - '1' Module(s) have been scanned
Scan process 'TrueImageMonitor.exe' - '1' Module(s) have been scanned
Scan process 'RTHDCPL.EXE' - '1' Module(s) have been scanned
Scan process 'IAAnotif.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
36 processes with 36 modules were scanned
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Starting to scan the registry.
The registry was scanned ( '59' files ).
Starting the file scan:
Begin scan in 'C:\'
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP137\A0021026.dll
[DETECTION] Is the TR/PSW.OnlineGames.YD Trojan
[NOTE] The file was moved to '49026167.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP137\A0021082.dll
[DETECTION] Is the TR/PSW.OnlineGames.YD Trojan
[NOTE] The file was moved to '4902616a.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP137\A0021103.dll
[DETECTION] Is the TR/PSW.OnlineGames.YD Trojan
[NOTE] The file was moved to '4902616e.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP137\A0022131.dll
[DETECTION] Is the TR/PSW.OnlineGames.YD Trojan
[NOTE] The file was moved to '49026172.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP137\A0022146.dll
[DETECTION] Is the TR/PSW.OnlineGames.YD Trojan
[NOTE] The file was moved to '49026175.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP137\A0022198.dll
[DETECTION] Is the TR/PSW.OnlineGames.YD Trojan
[NOTE] The file was moved to '49026178.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP137\A0022225.dll
[DETECTION] Is the TR/PSW.OnlineGames.YD Trojan
[NOTE] The file was moved to '4902617b.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP137\A0022327.dll
[DETECTION] Is the TR/PSW.OnlineGames.YD Trojan
[NOTE] The file was moved to '4902617e.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP137\A0022367.dll
[DETECTION] Is the TR/PSW.OnlineGames.YD Trojan
[NOTE] The file was moved to '49026180.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP137\A0022423.dll
[DETECTION] Is the TR/PSW.OnlineGames.YD Trojan
[NOTE] The file was moved to '49026183.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP137\A0022513.dll
[DETECTION] Is the TR/PSW.OnlineGames.YD Trojan
[NOTE] The file was moved to '49026187.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP137\A0022611.dll
[DETECTION] Is the TR/PSW.OnlineGames.YD Trojan
[NOTE] The file was moved to '4902618b.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP137\A0022781.dll
[DETECTION] Is the TR/PSW.OnlineGames.YD Trojan
[NOTE] The file was moved to '49026191.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP137\A0022841.dll
[DETECTION] Is the TR/PSW.OnlineGames.YD Trojan
[NOTE] The file was moved to '49026194.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP137\A0022905.dll
[DETECTION] Is the TR/PSW.OnlineGames.YD Trojan
[NOTE] The file was moved to '49026197.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP148\A0031976.dll
[DETECTION] Is the TR/PSW.OnlineGames.YD Trojan
[NOTE] The file was moved to '49026245.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP148\A0031995.dll
[DETECTION] Is the TR/PSW.OnlineGames.YD Trojan
[NOTE] The file was moved to '49026249.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP148\A0032057.dll
[DETECTION] Is the TR/PSW.OnlineGames.YD Trojan
[NOTE] The file was moved to '4902624c.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP148\A0032082.dll
[DETECTION] Is the TR/PSW.OnlineGames.YD Trojan
[NOTE] The file was moved to '49026250.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034110.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '49026276.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034111.cmd
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49026278.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034112.inf
[DETECTION] Is the TR/Script.3002 Trojan
[NOTE] The file was moved to '4902627c.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034124.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4902627e.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034126.cmd
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49026280.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034127.inf
[DETECTION] Is the TR/Script.3002 Trojan
[NOTE] The file was moved to '49026282.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034134.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '49026284.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034138.cmd
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49026287.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034139.inf
[DETECTION] Is the TR/Script.3002 Trojan
[NOTE] The file was moved to '49026289.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034161.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4902628c.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034165.cmd
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '4902628e.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034166.inf
[DETECTION] Is the TR/Script.3002 Trojan
[NOTE] The file was moved to '49026290.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034177.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '49026292.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034178.cmd
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49026294.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034179.inf
[DETECTION] Is the TR/Script.3002 Trojan
[NOTE] The file was moved to '49026296.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034196.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '49026298.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034198.cmd
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '4902629a.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034199.inf
[DETECTION] Is the TR/Script.3002 Trojan
[NOTE] The file was moved to '4902629c.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034251.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4902629e.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034253.cmd
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '490262a0.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034254.inf
[DETECTION] Is the TR/Script.3002 Trojan
[NOTE] The file was moved to '490262a2.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034270.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '490262a6.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034272.cmd
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '490262a8.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034273.inf
[DETECTION] Is the TR/Script.3002 Trojan
[NOTE] The file was moved to '490262aa.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034342.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '490262ad.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034344.cmd
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '490262af.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034345.inf
[DETECTION] Is the TR/Script.3002 Trojan
[NOTE] The file was moved to '490262b0.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034434.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '490262b4.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034436.cmd
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '490262b6.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034437.inf
[DETECTION] Is the TR/Script.3002 Trojan
[NOTE] The file was moved to '490262b7.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034446.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '490262b9.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034448.cmd
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '490262bb.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034449.inf
[DETECTION] Is the TR/Script.3002 Trojan
[NOTE] The file was moved to '490262bc.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034461.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '490262be.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034463.cmd
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '490262c0.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034464.inf
[DETECTION] Is the TR/Script.3002 Trojan
[NOTE] The file was moved to '490262c1.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034476.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '490262c3.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034478.cmd
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '490262c5.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034479.inf
[DETECTION] Is the TR/Script.3002 Trojan
[NOTE] The file was moved to '490262c7.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034492.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '490262c8.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034493.cmd
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '490262ca.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034494.inf
[DETECTION] Is the TR/Script.3002 Trojan
[NOTE] The file was moved to '490262cc.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034504.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '490262cd.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034507.cmd
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '490262cf.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034508.inf
[DETECTION] Is the TR/Script.3002 Trojan
[NOTE] The file was moved to '490262d1.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034514.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '490262d2.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034516.cmd
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '490262d4.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034517.inf
[DETECTION] Is the TR/Script.3002 Trojan
[NOTE] The file was moved to '490262d6.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034564.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '490262d8.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034565.cmd
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '490262d9.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034566.inf
[DETECTION] Is the TR/Script.3002 Trojan
[NOTE] The file was moved to '490262db.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034601.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '490262dd.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034604.cmd
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '490262df.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034605.inf
[DETECTION] Is the TR/Script.3002 Trojan
[NOTE] The file was moved to '490262e1.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034614.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '490262e3.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034616.cmd
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '490262e5.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034617.inf
[DETECTION] Is the TR/Script.3002 Trojan
[NOTE] The file was moved to '490262e6.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034645.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '490262e8.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034646.cmd
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '490262ea.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034647.inf
[DETECTION] Is the TR/Script.3002 Trojan
[NOTE] The file was moved to '490262ec.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034654.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '490262ee.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034656.cmd
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '490262f0.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0034657.inf
[DETECTION] Is the TR/Script.3002 Trojan
[NOTE] The file was moved to '490262f1.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0035752.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4902630b.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0035770.cmd
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49026310.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0035771.inf
[DETECTION] Is the TR/Script.3002 Trojan
[NOTE] The file was moved to '49026311.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0035772.dll
[DETECTION] Is the TR/PSW.OnlineGames.YD Trojan
[NOTE] The file was moved to '49026313.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0035773.dll
[DETECTION] Is the TR/PSW.OnlineGames.YD Trojan
[NOTE] The file was moved to '49026315.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0035774.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '49026317.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0035776.exe
[DETECTION] Contains recognition pattern of the WORM/VB.BV.4 worm
[NOTE] The file was moved to '49026319.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP149\A0035777.EXE
[DETECTION] Contains recognition pattern of the WORM/VB.BV.4 worm
[NOTE] The file was moved to '4902631b.qua'!
C:\System Volume Information\_restore{8D7108F6-007D-463C-A179-097AD3390F14}\RP150\A0036093.inf
[DETECTION] Is the TR/Script.3002 Trojan
[NOTE] The file was moved to '49026331.qua'!
C:\WINDOWS\uda.exe
[DETECTION] Contains recognition pattern of the WORM/VB.BV worm
[NOTE] The file was moved to '4933637f.qua'!
End of the scan: jeudi 18 septembre 2008 16:22
Used time: 38:59 Minute(s)
The scan has been done completely.
4932 Scanning directories
184085 Files were scanned
92 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
92 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
183991 Files not concerned
521 Archives were scanned
2 Warnings
92 Notes
A voir également:
- HELP 92 trojans & worms après scan antivir
- Scan qr code pc - Guide
- Sfc scan - Guide
- Scan spotify - Guide
- Google traduction photo scan - Guide
- Scan manga - Forum Réseaux sociaux
8 réponses
salut
tu viens de faire une belle découverte......
j'ai eu dernièrement un problème similaire....
Attention quand tu fais des scan en ligne, il trouve toujours quelque chose !!! et certains programme te harcèle, une sorte de force de vente de leurs produits ( anti-virus malware etc.etc...)
je comprend que cela peut être flippant quand on a des choses bizzard sur son pc (fichier espion/virus/piratage des données perso., etc.etc...)
voici un programme gratuit que tu peu installer sur ton pc et qui devrais éliminer tout ses problème et tracas.
donne moi de tes nouvelles pour savoir si ca a bien fonctionner
https://www.clubic.com/telecharger-fiche215092-malwarebytes-anti-malware.html
tu viens de faire une belle découverte......
j'ai eu dernièrement un problème similaire....
Attention quand tu fais des scan en ligne, il trouve toujours quelque chose !!! et certains programme te harcèle, une sorte de force de vente de leurs produits ( anti-virus malware etc.etc...)
je comprend que cela peut être flippant quand on a des choses bizzard sur son pc (fichier espion/virus/piratage des données perso., etc.etc...)
voici un programme gratuit que tu peu installer sur ton pc et qui devrais éliminer tout ses problème et tracas.
donne moi de tes nouvelles pour savoir si ca a bien fonctionner
https://www.clubic.com/telecharger-fiche215092-malwarebytes-anti-malware.html
Salut,
c'est la preuve qu'il tourne mieux que les autres
ceci est inquiètant,pas le reste
[DETECTION] Is the TR/Script.3002 Trojan
[NOTE] The file was moved to '49026331.qua'!
C:\WINDOWS\uda.exe
[DETECTION] Contains recognition pattern of the WORM/VB.BV worm
[NOTE] The file was moved to '4933637f.qua'!
fais ceci stp
- Télécharge HiJackThis.zip de Merijn sur ton bureau.
- Dézippe le dans un dossier prévu à cet effet.
** exemple C:\hijackthis < Enregistre le bien dans c : !
- Double-clique dessus
- Génère un rapport en suivant ces indications :
- Exécute le et clique sur "Do a scan and save log file".
- Le rapport s'ouvre sur le Bloc-Note.
- Colle le rapport ici, pour cela :
- Menu Edition / Selectionner Tout
- Menu Edition / copier
- Ici dans un nouveau message : clic droit / coller
- ** ne pas fixer de lignes sans notre avis **
Aide : N'hésite pas à consulter l'aide HiJackThis de Malekal_morte
En image
c'est la preuve qu'il tourne mieux que les autres
ceci est inquiètant,pas le reste
[DETECTION] Is the TR/Script.3002 Trojan
[NOTE] The file was moved to '49026331.qua'!
C:\WINDOWS\uda.exe
[DETECTION] Contains recognition pattern of the WORM/VB.BV worm
[NOTE] The file was moved to '4933637f.qua'!
fais ceci stp
- Télécharge HiJackThis.zip de Merijn sur ton bureau.
- Dézippe le dans un dossier prévu à cet effet.
** exemple C:\hijackthis < Enregistre le bien dans c : !
- Double-clique dessus
- Génère un rapport en suivant ces indications :
- Exécute le et clique sur "Do a scan and save log file".
- Le rapport s'ouvre sur le Bloc-Note.
- Colle le rapport ici, pour cela :
- Menu Edition / Selectionner Tout
- Menu Edition / copier
- Ici dans un nouveau message : clic droit / coller
- ** ne pas fixer de lignes sans notre avis **
Aide : N'hésite pas à consulter l'aide HiJackThis de Malekal_morte
En image
voici un programme gratuit que tu peu installer sur ton pc et qui devrais éliminer tout ses problème et tracas.
donne moi de tes nouvelles pour savoir si ca a bien fonctionner
https://www.clubic.com/telecharger-fiche215092-malwarebytes-anti-malware.html
non,pas maintenant!!!!
MBAM peut faire sauter des lignes qui sont nécessaires pour d'autres fix/tool
donne moi de tes nouvelles pour savoir si ca a bien fonctionner
https://www.clubic.com/telecharger-fiche215092-malwarebytes-anti-malware.html
non,pas maintenant!!!!
MBAM peut faire sauter des lignes qui sont nécessaires pour d'autres fix/tool
Bonjour chimay et aragor,
voici mon rapport hijackthis par contre je tiens à vous préciser que dans la matinée j'ai utilisé malware bytes malware sur les conseils de quelq'un du forum et qu'il ne m'avait rien trouvé.
Merci de votre réactivité voici le rapporthijackthis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:56:22, on 18/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Micro Application\TrueImage\TrueImageMonitor.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\USB Disk Security\USBGuard.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - c:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: (no name) - {D7515C61-A66C-4319-A0E0-D416CB8059E3} - (no file)
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Micro Application\TrueImage\TrueImageMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [USB Antivirus] C:\Program Files\USB Disk Security\USBGuard.exe
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Assistant d'Acrobat.lnk = C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - https://www.eset.com/
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: WinFast(R) Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
voici mon rapport hijackthis par contre je tiens à vous préciser que dans la matinée j'ai utilisé malware bytes malware sur les conseils de quelq'un du forum et qu'il ne m'avait rien trouvé.
Merci de votre réactivité voici le rapporthijackthis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:56:22, on 18/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Micro Application\TrueImage\TrueImageMonitor.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\USB Disk Security\USBGuard.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - c:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: (no name) - {D7515C61-A66C-4319-A0E0-D416CB8059E3} - (no file)
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Micro Application\TrueImage\TrueImageMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [USB Antivirus] C:\Program Files\USB Disk Security\USBGuard.exe
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Assistant d'Acrobat.lnk = C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - https://www.eset.com/
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: WinFast(R) Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
c'est ok, y a plus rien
le log est propre
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) pas à jour,contient des failles de sécu,même si tu utilise Firefox où opéra
http://www.microsoft.com/downloads/details.aspx?familyid=9AE91EBE-3385-447C-8A30-081805B2F90B&displaylang=fr
ensuite
fais ceci
Télécharges : - CCleaner
https://www.pcastuces.com/logitheque/ccleaner.htm
Ce logiciel va permettre de supprimer tous les fichiers temporaires et de corrigé ton registre .Lors de l'installation, avant de cliquer sur le bouton "installer", décoche toutes les "options supplémentaires" sauf les 2 première.
Une fois le prg instalé et lancé, Clique sur "Options", "Avancé" et décoche la case "Effacer uniquement les fichiers, du dossier Temp de Windows, plus vieux que 48 heures"( Par la suite, laisse-le avec ses réglages par défaut. C'est tout ).
Un tuto ( aide ):
http://perso.orange.fr/jesses/Docs/Logiciels/CCleaner.htm
---> Utilisation:
! déconnectes toi et fermes toutes applications en cours !
* vas dans "nettoyeur" : fait analyse puis nettoyage
* vas dans "registre" : fait chercher les erreurs et réparer ( plusieurs fois jusqu'à ce qu'il n'y est plus d'erreur ) .
( CCleaner : soft à garder sur son PC , super utile pour de bons nettoyages ... )
voila ce qui n'a pas été fait et que Antivir a vu(C:\System Volume Information\_restore) et les malwares se planquent souvent dedans!
fais ceci (et ces toujours à faire en fin de désinfection!!)
Suppression des points de restauration :
1.Ouvre le Menu Démarrer
2.Clique-droit sur Poste de travail
3.Clique sur Propriétés
4.Positionne-toi dans l'onglet Restauration du système
5.Coche "Désactiver la restauration système"
6.Valide par Ok
7.Redémarre ton pc
8.Reproduis les manipulations 1 à 3
9.Décoche "Désactiver la restauration système"
10.Valide par Ok
le log est propre
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) pas à jour,contient des failles de sécu,même si tu utilise Firefox où opéra
http://www.microsoft.com/downloads/details.aspx?familyid=9AE91EBE-3385-447C-8A30-081805B2F90B&displaylang=fr
ensuite
fais ceci
Télécharges : - CCleaner
https://www.pcastuces.com/logitheque/ccleaner.htm
Ce logiciel va permettre de supprimer tous les fichiers temporaires et de corrigé ton registre .Lors de l'installation, avant de cliquer sur le bouton "installer", décoche toutes les "options supplémentaires" sauf les 2 première.
Une fois le prg instalé et lancé, Clique sur "Options", "Avancé" et décoche la case "Effacer uniquement les fichiers, du dossier Temp de Windows, plus vieux que 48 heures"( Par la suite, laisse-le avec ses réglages par défaut. C'est tout ).
Un tuto ( aide ):
http://perso.orange.fr/jesses/Docs/Logiciels/CCleaner.htm
---> Utilisation:
! déconnectes toi et fermes toutes applications en cours !
* vas dans "nettoyeur" : fait analyse puis nettoyage
* vas dans "registre" : fait chercher les erreurs et réparer ( plusieurs fois jusqu'à ce qu'il n'y est plus d'erreur ) .
( CCleaner : soft à garder sur son PC , super utile pour de bons nettoyages ... )
voila ce qui n'a pas été fait et que Antivir a vu(C:\System Volume Information\_restore) et les malwares se planquent souvent dedans!
fais ceci (et ces toujours à faire en fin de désinfection!!)
Suppression des points de restauration :
1.Ouvre le Menu Démarrer
2.Clique-droit sur Poste de travail
3.Clique sur Propriétés
4.Positionne-toi dans l'onglet Restauration du système
5.Coche "Désactiver la restauration système"
6.Valide par Ok
7.Redémarre ton pc
8.Reproduis les manipulations 1 à 3
9.Décoche "Désactiver la restauration système"
10.Valide par Ok
Rebonjour Chimay, j'ai fais les manips indiquées.
J'aurais besoin d'un conseil: pour l'instant je n'ai qu'antivir sur mon ordi faut il un pare feu et un anti spyware? Si oui lesquels et sont ils tous compatibles les uns avec les autres?
Ccleaner remplace t-il un antispyware?
Enfin faut-il que je relance un scan antivir pour vérifier.
Merci encore
J'aurais besoin d'un conseil: pour l'instant je n'ai qu'antivir sur mon ordi faut il un pare feu et un anti spyware? Si oui lesquels et sont ils tous compatibles les uns avec les autres?
Ccleaner remplace t-il un antispyware?
Enfin faut-il que je relance un scan antivir pour vérifier.
Merci encore
Bonsoir Chimay,
je viens de finir un scan antivir, il m'annonce 2 'warning':
est-ce dangereux?
Voicile scan:
Avira AntiVir Personal
Report file date: jeudi 18 septembre 2008 18:08
Scanning for 1624539 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Normally booted
Username: SYSTEM
Computer name: MATTHIEUTH
Version information:
BUILD.DAT : 8.1.0.331 16934 Bytes 12/08/2008 11:46:00
AVSCAN.EXE : 8.1.4.7 315649 Bytes 26/06/2008 08:57:53
AVSCAN.DLL : 8.1.4.0 40705 Bytes 26/05/2008 07:56:40
LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 12:44:19
LUKERES.DLL : 8.1.4.0 12033 Bytes 26/05/2008 07:58:52
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34
ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 24/06/2008 13:54:15
ANTIVIR2.VDF : 7.0.6.153 3341312 Bytes 12/09/2008 12:30:29
ANTIVIR3.VDF : 7.0.6.178 182784 Bytes 18/09/2008 12:30:31
Engineversion : 8.1.1.34
AEVDF.DLL : 8.1.0.5 102772 Bytes 25/02/2008 09:58:21
AESCRIPT.DLL : 8.1.0.76 319867 Bytes 18/09/2008 12:30:43
AESCN.DLL : 8.1.0.23 119156 Bytes 10/07/2008 12:44:49
AERDL.DLL : 8.1.1.2 438644 Bytes 18/09/2008 12:30:42
AEPACK.DLL : 8.1.2.1 364917 Bytes 15/07/2008 12:58:35
AEOFFICE.DLL : 8.1.0.25 196986 Bytes 18/09/2008 12:30:40
AEHEUR.DLL : 8.1.0.59 1438071 Bytes 18/09/2008 12:30:39
AEHELP.DLL : 8.1.0.15 115063 Bytes 10/07/2008 12:44:48
AEGEN.DLL : 8.1.0.36 315764 Bytes 18/09/2008 12:30:34
AEEMU.DLL : 8.1.0.7 430452 Bytes 31/07/2008 08:33:21
AECORE.DLL : 8.1.1.11 172406 Bytes 18/09/2008 12:30:32
AEBB.DLL : 8.1.0.1 53617 Bytes 10/07/2008 12:44:48
AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 08:40:05
AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 09:28:01
AVREP.DLL : 8.0.0.2 98344 Bytes 18/09/2008 12:30:31
AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 11:26:40
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 12:27:49
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 12:49:40
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 12/06/2008 13:48:07
RCTEXT.DLL : 8.0.52.0 86273 Bytes 27/06/2008 13:34:37
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: jeudi 18 septembre 2008 18:08
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
Scan process 'IAANTMon.exe' - '1' Module(s) have been scanned
Scan process 'CDAC11BA.EXE' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'schedul2.exe' - '1' Module(s) have been scanned
Scan process 'NkbMonitor.exe' - '1' Module(s) have been scanned
Scan process 'acrotray.exe' - '1' Module(s) have been scanned
Scan process 'msmsgs.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'USBGuard.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'realsched.exe' - '1' Module(s) have been scanned
Scan process 'qttask.exe' - '1' Module(s) have been scanned
Scan process 'schedhlp.exe' - '1' Module(s) have been scanned
Scan process 'TrueImageMonitor.exe' - '1' Module(s) have been scanned
Scan process 'RTHDCPL.EXE' - '1' Module(s) have been scanned
Scan process 'IAAnotif.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
34 processes with 34 modules were scanned
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Starting to scan the registry.
The registry was scanned ( '59' files ).
Starting the file scan:
Begin scan in 'C:\'
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\pagefile.sys
[WARNING] The file could not be opened!
End of the scan: jeudi 18 septembre 2008 18:36
Used time: 27:54 Minute(s)
The scan has been done completely.
4785 Scanning directories
171456 Files were scanned
0 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
171454 Files not concerned
521 Archives were scanned
2 Warnings
0 Notes
je viens de finir un scan antivir, il m'annonce 2 'warning':
est-ce dangereux?
Voicile scan:
Avira AntiVir Personal
Report file date: jeudi 18 septembre 2008 18:08
Scanning for 1624539 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Normally booted
Username: SYSTEM
Computer name: MATTHIEUTH
Version information:
BUILD.DAT : 8.1.0.331 16934 Bytes 12/08/2008 11:46:00
AVSCAN.EXE : 8.1.4.7 315649 Bytes 26/06/2008 08:57:53
AVSCAN.DLL : 8.1.4.0 40705 Bytes 26/05/2008 07:56:40
LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 12:44:19
LUKERES.DLL : 8.1.4.0 12033 Bytes 26/05/2008 07:58:52
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34
ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 24/06/2008 13:54:15
ANTIVIR2.VDF : 7.0.6.153 3341312 Bytes 12/09/2008 12:30:29
ANTIVIR3.VDF : 7.0.6.178 182784 Bytes 18/09/2008 12:30:31
Engineversion : 8.1.1.34
AEVDF.DLL : 8.1.0.5 102772 Bytes 25/02/2008 09:58:21
AESCRIPT.DLL : 8.1.0.76 319867 Bytes 18/09/2008 12:30:43
AESCN.DLL : 8.1.0.23 119156 Bytes 10/07/2008 12:44:49
AERDL.DLL : 8.1.1.2 438644 Bytes 18/09/2008 12:30:42
AEPACK.DLL : 8.1.2.1 364917 Bytes 15/07/2008 12:58:35
AEOFFICE.DLL : 8.1.0.25 196986 Bytes 18/09/2008 12:30:40
AEHEUR.DLL : 8.1.0.59 1438071 Bytes 18/09/2008 12:30:39
AEHELP.DLL : 8.1.0.15 115063 Bytes 10/07/2008 12:44:48
AEGEN.DLL : 8.1.0.36 315764 Bytes 18/09/2008 12:30:34
AEEMU.DLL : 8.1.0.7 430452 Bytes 31/07/2008 08:33:21
AECORE.DLL : 8.1.1.11 172406 Bytes 18/09/2008 12:30:32
AEBB.DLL : 8.1.0.1 53617 Bytes 10/07/2008 12:44:48
AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 08:40:05
AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 09:28:01
AVREP.DLL : 8.0.0.2 98344 Bytes 18/09/2008 12:30:31
AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 11:26:40
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 12:27:49
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 12:49:40
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 12/06/2008 13:48:07
RCTEXT.DLL : 8.0.52.0 86273 Bytes 27/06/2008 13:34:37
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: jeudi 18 septembre 2008 18:08
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
Scan process 'IAANTMon.exe' - '1' Module(s) have been scanned
Scan process 'CDAC11BA.EXE' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'schedul2.exe' - '1' Module(s) have been scanned
Scan process 'NkbMonitor.exe' - '1' Module(s) have been scanned
Scan process 'acrotray.exe' - '1' Module(s) have been scanned
Scan process 'msmsgs.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'USBGuard.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'realsched.exe' - '1' Module(s) have been scanned
Scan process 'qttask.exe' - '1' Module(s) have been scanned
Scan process 'schedhlp.exe' - '1' Module(s) have been scanned
Scan process 'TrueImageMonitor.exe' - '1' Module(s) have been scanned
Scan process 'RTHDCPL.EXE' - '1' Module(s) have been scanned
Scan process 'IAAnotif.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
34 processes with 34 modules were scanned
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Starting to scan the registry.
The registry was scanned ( '59' files ).
Starting the file scan:
Begin scan in 'C:\'
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\pagefile.sys
[WARNING] The file could not be opened!
End of the scan: jeudi 18 septembre 2008 18:36
Used time: 27:54 Minute(s)
The scan has been done completely.
4785 Scanning directories
171456 Files were scanned
0 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
171454 Files not concerned
521 Archives were scanned
2 Warnings
0 Notes
