JackDaniels123

Ok parfait!!! Merci beaucoup

Une dernière question: Voila ce qui vient de se passer sur mon ordi: Je viens de voir Norton qui analyse le téléchargement ce l'outil software_reporter_tool.exe (Sans que je fasse quoi que ce soit) Il l'installe la : C:\Users\marc\AppData\Local\Google\Chrome\User Data\SwReporter\23.131.1 Es-ce normal??

Merci beaucoup pour votre aide et réactivité!! @+

Oui j'ai déjà utilisé la version d'essai et pour sketchup, en effet nous avons une version etudiant qui est valide 3 ans mais en master (4eme année), la licence se désactive :/ Voilà mon dernier rapport https://up.security-x.fr/file.php?h=R8e3ef57f58cc618b605986c019ca3048

J'avais bien un compte Google chrome oui, j'ai effectué les manip de réinitialisation. Franchement bien mieux l'ordi!!! Il a retrouvé une bonne rapidité d'exécution

Mea culpa Je vais faire gaffe maintenant mais faut absolument que je trouve le moyen d'installer tout mes logiciels sans crack et keygen, mais c'est un autre sujet. J'ai supprimé la quarantaine, puis-je me servir de Chrome?

Bonjour, Désolé j'avais beaucoup de travail en ce moment. En effet ces virus ont été installés par ma faute. Je suis en Master architecture et notre école nous ont donné 3 ans de licence pour des logiciels tels que rhino ou sketchup. Malheureusement, à partir de la 4ème année, nous devons nous procurer les crack de ces logiciels qui sont pour la plupart introuvables et très chers. Le seul moyen que j'ai trouvé était Utorrent sur des sites turcs ou autre. Je savait que je m'exposais à toute sorte de virus par cette application mais je pensais désinfecter après l'installation. Si vous avez d'autres piste de téléchargement de ce genre de crack de logiciel, je suis preneur!!! Merci de prendre du temps pour m'aider en tout cas car mon ordi rame pas mal depuis :/ J'ai suivi votre procédure, j'ai désinstallé McAfee, Windows live essential (toutefois dommage car il y avait movie maker) Et voici les 3 rapports demandés: https://up.security-x.fr/file.php?h=Re41fd12e2536c462072d0f08b8809f52 https://up.security-x.fr/file.php?h=Re4363cadd3cb4c7121247b8221dd77a3 https://up.security-x.fr/file.php?h=R9fea80edaa8a20dcf8f7d3bbfe578acd Merci beaucoup!!

Bonjour, Comme dans les sur certains précédents sujets, mon PC est infecté par le virus des moteur de recherche Cleanserp.net. Pourriez vous m'aider a éradiquer cette saloperie s'ilvous plait? Merci d'avance, voici les lien des logs FRST https://up.security-x.fr/file.php?h=Rd2d4657c4a2783df0bb3652045de0d09 https://up.security-x.fr/file.php?h=Rfcd45189b28fd4fbed8785afb4975c60

Merci beaucoup, pour l'instant tout va bien, 2 mise a jour un peu diffixiles a lancer, sinon pas de ralentissement. Dois-je relancer un sujet si nouveau probleme?

Le lien n'est pas fonctionnel désolé!

Effectivement, j'ai deja nettoyer quelques ordi avant mais j'été dépasse par celui ci! Voici le rapport: ComboFix 12-08-25.04 - Anne-Claire 25/08/2012 22:52:30.1.1 - x86 Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.33.1036.18.3001.1730 [GMT 2:00] Lancé depuis: c:\users\Anne-Claire\Desktop\ComboFix.exe AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C} SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\hpeE8B1.dll c:\users\Anne-Claire\AppData\Local\{da2acb81-c61f-8d66-115c-0eab2c5097ac} c:\users\Anne-Claire\AppData\Local\{da2acb81-c61f-8d66-115c-0eab2c5097ac}\@ c:\users\Anne-Claire\AppData\Local\{da2acb81-c61f-8d66-115c-0eab2c5097ac}\n c:\users\Anne-Claire\AppData\Local\{da2acb81-c61f-8d66-115c-0eab2c5097ac}\U\00000001.@ c:\users\Anne-Claire\AppData\Local\{da2acb81-c61f-8d66-115c-0eab2c5097ac}\U\80000000.@ c:\users\Anne-Claire\AppData\Local\{da2acb81-c61f-8d66-115c-0eab2c5097ac}\U\800000cb.@ c:\users\Anne-Claire\AppData\Roaming\quickzip51.msi.tmp c:\windows\system32\muzapp.exe . . ((((((((((((((((((((((((((((( Fichiers créés du 2012-07-25 au 2012-08-25 )))))))))))))))))))))))))))))))))))) . . 2012-08-25 20:59 . 2012-08-25 20:59 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-08-25 20:35 . 2012-08-25 20:35 -------- d-----w- c:\program files\Ad-Remover 2012-08-25 20:00 . 2012-08-25 20:00 -------- d-----w- c:\users\Anne-Claire\AppData\Local\Apple 2012-08-25 19:58 . 2012-08-25 19:58 -------- d-----w- c:\users\Anne-Claire\AppData\Roaming\Avira 2012-08-25 19:52 . 2012-07-18 16:05 83392 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2012-08-25 19:52 . 2012-07-18 16:05 36000 ----a-w- c:\windows\system32\drivers\avkmgr.sys 2012-08-25 19:52 . 2012-07-18 16:05 137928 ----a-w- c:\windows\system32\drivers\avipbb.sys 2012-08-25 19:52 . 2012-08-25 19:52 -------- d-----w- c:\programdata\Avira 2012-08-25 19:52 . 2012-08-25 19:52 -------- d-----w- c:\program files\Avira 2012-08-25 19:08 . 2012-08-25 19:08 -------- d-----w- c:\windows\system32\EventProviders 2012-08-25 18:57 . 2012-08-25 18:57 -------- d-----w- c:\users\Anne-Claire\AppData\Local\Acer ePower Management V4 2012-08-25 16:34 . 2012-08-25 16:34 -------- d-----w- c:\users\Anne-Claire\AppData\Local\Adobe 2012-08-25 15:33 . 2012-06-29 08:44 6891424 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{CD99450C-EAED-480F-946C-B78506D8AAD3}\mpengine.dll 2012-08-24 09:04 . 2012-08-25 14:22 -------- d-----w- c:\programdata\6F638C1A377C0CEF79DCE7766C44B161 2012-08-08 17:56 . 2012-08-08 17:56 -------- d-----w- c:\users\Anne-Claire\AppData\Roaming\ArcSoft 2012-08-08 17:56 . 2012-08-08 17:56 -------- d-----w- c:\users\Anne-Claire\AppData\Roaming\HP SimpleSave Application . . . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2012-08-15 16:53 . 2012-05-21 20:05 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-08-15 16:53 . 2012-03-04 19:13 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-05-31 10:25 . 2012-02-15 18:15 237072 ----a-w- c:\windows\system32\MpSigStub.exe . . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 94208 ----a-w- c:\users\Anne-Claire\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 94208 ----a-w- c:\users\Anne-Claire\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 94208 ----a-w- c:\users\Anne-Claire\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 94208 ----a-w- c:\users\Anne-Claire\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP] @="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}" [HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}] 2008-10-27 10:05 40496 ----a-w- c:\program files\EgisTec\MyWinLocker 3\x86\PSDProtect.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ProductReg"="c:\program files\Acer\WR_PopUp\ProductReg.exe" [2008-11-17 135168] "KiesTrayAgent"="c:\program files\Samsung\Kies\/\KiesTrayAgent.exe" [2010-01-28 3404600] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-07-13 17418928] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-02-12 186904] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-05-13 141848] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-05-07 175128] "Persistence"="c:\windows\system32\igfxpers.exe" [2009-05-13 153624] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-04-11 7399968] "Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [2009-04-11 1833504] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-02-06 1430824] "LManager"="c:\program files\Launch Manager\LManager.exe" [2009-04-09 1071624] "PLFSetI"="c:\windows\PLFSetI.exe" [2008-07-29 200704] "BackupManagerTray"="c:\program files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2009-05-26 253696] "LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2009-03-30 62760] "Acer ePower Management"="c:\program files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe" [2009-05-15 440864] "ODDPwr"="c:\program files\Acer\Optical Drive Power Management\ODDPwr.exe" [2009-04-29 176128] "EgisTecLiveUpdate"="c:\program files\EgisTec Egis Software Update\EgisUpdate.exe" [2008-10-27 199464] "mwlDaemon"="c:\program files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe" [2008-10-27 346672] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2012-07-18 348664] . c:\users\Anne-Claire\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dropbox.lnk - c:\users\Anne-Claire\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-5-24 27112840] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Acer VCM.lnk - c:\program files\Acer\Acer VCM\AcerVCM.exe [2011-9-17 565248] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x] . . --- Autres Services/Pilotes en mémoire --- . *NewlyCreated* - FSUSBEXDISK . Contenu du dossier 'Tâches planifiées' . 2012-08-25 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-21 16:53] . . ------- Examen supplémentaire ------- . IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 IE: {{725EC34E-943C-4df6-B0B2-FBDE7F242276} - c:\users\Anne-Claire\Desktop\PartyPoker.fr.lnk TCP: DhcpNameServer = 212.27.40.241 212.27.40.240 . - - - - ORPHELINS SUPPRIMES - - - - . HKCU-Run-Livestation - c:\program files\Livestation\Livestation.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-08-25 23:00 Windows 6.0.6001 Service Pack 1 NTFS . Recherche de processus cachés ... . Recherche d'éléments en démarrage automatique cachés ... . Recherche de fichiers cachés ... . Scan terminé avec succès Fichiers cachés: 0 . ************************************************************************** . --------------------- CLES DE REGISTRE BLOQUEES --------------------- . [HKEY_LOCAL_MACHINE\system\ControlSet004\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet004\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet004\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet004\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . Heure de fin: 2012-08-25 23:04:10 ComboFix-quarantined-files.txt 2012-08-25 21:04 . Avant-CF: 79 041 122 304 octets libres Après-CF: 78 985 355 264 octets libres . - - End Of File - - DB41F49F98BC42E5E56146EF27B232D0

MBAM rapport: Malwarebytes Anti-Malware (Essai) 1.62.0.1300 www.malwarebytes.org Version de la base de données: v2012.08.26.02 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 7.0.6002.18005 Anne-Claire :: PC-DE-ANNE-CLAI [administrateur] Protection: Activé 26/08/2012 15:05:39 mbam-log-2012-08-26 (15-05-39).txt Type d'examen: Examen complet (C:\|D:\|E:\|F:\|) Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM Options d'examen désactivées: P2P Elément(s) analysé(s): 308339 Temps écoulé: 57 minute(s), 33 seconde(s) Processus mémoire détecté(s): 0 (Aucun élément nuisible détecté) Module(s) mémoire détecté(s): 0 (Aucun élément nuisible détecté) Clé(s) du Registre détectée(s): 0 (Aucun élément nuisible détecté) Valeur(s) du Registre détectée(s): 0 (Aucun élément nuisible détecté) Elément(s) de données du Registre détecté(s): 0 (Aucun élément nuisible détecté) Dossier(s) détecté(s): 0 (Aucun élément nuisible détecté) Fichier(s) détecté(s): 3 C:\Qoobox\Quarantine\C\Users\Anne-Claire\AppData\Local\{da2acb81-c61f-8d66-115c-0eab2c5097ac}\n.vir (RootKit.0Access) -> Mis en quarantaine et supprimé avec succès. C:\Qoobox\Quarantine\C\Users\Anne-Claire\AppData\Local\{da2acb81-c61f-8d66-115c-0eab2c5097ac}\U\[email protected] (Rootkit.0Access) -> Mis en quarantaine et supprimé avec succès. C:\Users\Anne-Claire\Documents\Logiciels\WebPlayer.exe (Adware.Dropper) -> Mis en quarantaine et supprimé avec succès. (fin)

Voici le rapport : # AdwCleaner v1.801 - Rapport créé le 26/08/2012 à 14:26:26 # Mis à jour le 14/08/2012 par Xplode # Système d'exploitation : Windows Vista Home Premium Service Pack 2 (32 bits) # Nom d'utilisateur : Anne-Claire - PC-DE-ANNE-CLAI # Mode de démarrage : Normal # Exécuté depuis : C:\Users\Anne-Claire\Desktop\Marc Clean Soft\adwcleaner.exe # Option [suppression] ***** [services] ***** ***** [Fichiers / Dossiers] ***** ***** [Registre] ***** Clé Supprimée : HKCU\Software\AppDataLow\Software\SmartBar Clé Supprimée : HKCU\Software\Ask.com.tmp Clé Supprimée : HKCU\Software\Conduit ***** [Registre - GUID] ***** ***** [Navigateurs] ***** -\\ Internet Explorer v7.0.6002.18005 [OK] Le registre ne contient aucune entrée illégitime. -\\ Opera v12.1.1532.0 Fichier : C:\Users\Anne-Claire\AppData\Roaming\Opera\Opera\operaprefs.ini [OK] Le fichier ne contient aucune entrée illégitime. ************************* AdwCleaner[R1].txt - [3039 octets] - [25/08/2012 22:29:23] AdwCleaner[s1].txt - [3199 octets] - [25/08/2012 22:29:42] AdwCleaner[s2].txt - [1085 octets] - [26/08/2012 14:26:26] ########## EOF - C:\AdwCleaner[s2].txt - [1213 octets] ########## Merci,

Merci, et voila pour le rapport: Download ZHPDiag.txt from Sendspace.com - send big files the easy way

Ouai merci pour la reponse rapide! Voici le dernier rapport antivir: Avira Free Antivirus Report file date: samedi 25 août 2012 21:56 Scanning for 4166737 virus strains and unwanted programs. The program is running as an unrestricted full version. Online services are available. Licensee : Avira AntiVir Personal - Free Antivirus Serial number : 0000149996-ADJIE-0000001 Platform : Windows Vista Home Premium Windows version : (Service Pack 1) [6.0.6001] Boot mode : Normally booted Username : Anne-Claire Computer name : PC-DE-ANNE-CLAI Version information: BUILD.DAT : 12.0.0.1167 40870 Bytes 18/07/2012 20:07:00 AVSCAN.EXE : 12.3.0.33 468472 Bytes 18/07/2012 16:04:51 AVSCAN.DLL : 12.3.0.15 54736 Bytes 18/07/2012 16:05:06 LUKE.DLL : 12.3.0.15 68304 Bytes 18/07/2012 16:04:59 AVSCPLR.DLL : 12.3.0.27 97064 Bytes 18/07/2012 16:04:51 AVREG.DLL : 12.3.0.33 232232 Bytes 18/07/2012 16:04:51 VBASE000.VDF : 7.10.0.0 19875328 Bytes 06/11/2009 18:18:34 VBASE001.VDF : 7.11.0.0 13342208 Bytes 14/12/2010 23:23:21 VBASE002.VDF : 7.11.19.170 14374912 Bytes 20/12/2011 23:32:24 VBASE003.VDF : 7.11.21.238 4472832 Bytes 01/02/2012 09:58:50 VBASE004.VDF : 7.11.26.44 4329472 Bytes 28/03/2012 22:38:13 VBASE005.VDF : 7.11.34.116 4034048 Bytes 29/06/2012 16:05:05 VBASE006.VDF : 7.11.34.117 2048 Bytes 29/06/2012 16:05:05 VBASE007.VDF : 7.11.34.118 2048 Bytes 29/06/2012 16:05:05 VBASE008.VDF : 7.11.34.119 2048 Bytes 29/06/2012 16:05:05 VBASE009.VDF : 7.11.34.120 2048 Bytes 29/06/2012 16:05:05 VBASE010.VDF : 7.11.34.121 2048 Bytes 29/06/2012 16:05:05 VBASE011.VDF : 7.11.34.122 2048 Bytes 29/06/2012 16:05:05 VBASE012.VDF : 7.11.34.123 2048 Bytes 29/06/2012 16:05:05 VBASE013.VDF : 7.11.34.124 2048 Bytes 29/06/2012 16:05:05 VBASE014.VDF : 7.11.38.18 2554880 Bytes 30/07/2012 19:54:23 VBASE015.VDF : 7.11.38.70 556032 Bytes 31/07/2012 19:54:27 VBASE016.VDF : 7.11.38.143 171008 Bytes 02/08/2012 19:54:28 VBASE017.VDF : 7.11.38.221 178176 Bytes 06/08/2012 19:54:30 VBASE018.VDF : 7.11.39.37 168448 Bytes 08/08/2012 19:54:31 VBASE019.VDF : 7.11.39.89 131072 Bytes 09/08/2012 19:54:32 VBASE020.VDF : 7.11.39.145 142336 Bytes 11/08/2012 19:54:33 VBASE021.VDF : 7.11.39.207 165888 Bytes 14/08/2012 19:54:34 VBASE022.VDF : 7.11.40.9 156160 Bytes 16/08/2012 19:54:35 VBASE023.VDF : 7.11.40.49 133120 Bytes 17/08/2012 19:54:36 VBASE024.VDF : 7.11.40.95 156160 Bytes 20/08/2012 19:54:37 VBASE025.VDF : 7.11.40.155 181760 Bytes 22/08/2012 19:54:38 VBASE026.VDF : 7.11.40.205 203264 Bytes 23/08/2012 19:54:39 VBASE027.VDF : 7.11.40.206 2048 Bytes 23/08/2012 19:54:39 VBASE028.VDF : 7.11.40.207 2048 Bytes 23/08/2012 19:54:39 VBASE029.VDF : 7.11.40.208 2048 Bytes 23/08/2012 19:54:39 VBASE030.VDF : 7.11.40.209 2048 Bytes 23/08/2012 19:54:39 VBASE031.VDF : 7.11.40.250 96256 Bytes 25/08/2012 19:54:40 Engine version : 8.2.10.146 AEVDF.DLL : 8.1.2.10 102772 Bytes 25/08/2012 19:55:03 AESCRIPT.DLL : 8.1.4.46 455034 Bytes 25/08/2012 19:55:02 AESCN.DLL : 8.1.8.2 131444 Bytes 16/02/2012 16:11:36 AESBX.DLL : 8.2.5.12 606578 Bytes 18/07/2012 16:04:48 AERDL.DLL : 8.1.9.15 639348 Bytes 20/01/2012 23:22:40 AEPACK.DLL : 8.3.0.32 811382 Bytes 25/08/2012 19:55:01 AEOFFICE.DLL : 8.1.2.42 201083 Bytes 25/08/2012 19:54:58 AEHEUR.DLL : 8.1.4.92 5177718 Bytes 25/08/2012 19:54:58 AEHELP.DLL : 8.1.23.2 258422 Bytes 18/07/2012 16:04:45 AEGEN.DLL : 8.1.5.36 434549 Bytes 25/08/2012 19:54:45 AEEXP.DLL : 8.1.0.80 86389 Bytes 25/08/2012 19:55:03 AEEMU.DLL : 8.1.3.2 393587 Bytes 25/08/2012 19:54:43 AECORE.DLL : 8.1.27.4 201078 Bytes 25/08/2012 19:54:42 AEBB.DLL : 8.1.1.0 53618 Bytes 20/01/2012 23:22:35 AVWINLL.DLL : 12.3.0.15 27344 Bytes 18/07/2012 16:04:53 AVPREF.DLL : 12.3.0.15 51920 Bytes 18/07/2012 16:04:51 AVREP.DLL : 12.3.0.15 179208 Bytes 18/07/2012 16:04:51 AVARKT.DLL : 12.3.0.15 211408 Bytes 18/07/2012 16:04:49 AVEVTLOG.DLL : 12.3.0.15 169168 Bytes 18/07/2012 16:04:50 SQLITE3.DLL : 3.7.0.1 398288 Bytes 18/07/2012 16:05:02 AVSMTP.DLL : 12.3.0.32 63480 Bytes 18/07/2012 16:04:52 NETNT.DLL : 12.3.0.15 17104 Bytes 18/07/2012 16:04:59 RCIMAGE.DLL : 12.3.0.31 4445944 Bytes 18/07/2012 16:05:09 RCTEXT.DLL : 12.3.0.31 97784 Bytes 18/07/2012 16:05:09 Configuration settings for the scan: Jobname.............................: Short system scan after installation Configuration file..................: c:\program files\avira\antivir desktop\setupprf.dat Logging.............................: default Primary action......................: Interactive Secondary action....................: Ignore Scan master boot sector.............: on Scan boot sector....................: on Process scan........................: on Scan registry.......................: on Search for rootkits.................: off Integrity checking of system files..: off Scan all files......................: Intelligent file selection Scan archives.......................: on Recursion depth.....................: 20 Smart extensions....................: on Macro heuristic.....................: on File heuristic......................: extended Deviating risk categories...........: +JOKE,+PFS, Start of the scan: samedi 25 août 2012 21:56 Starting master boot sector scan: Master boot sector HD0 [iNFO] No virus was found! Start scanning boot sectors: The scan of running processes will be started Scan process 'avscan.exe' - '1' Module(s) have been scanned Scan process 'avshadow.exe' - '1' Module(s) have been scanned Scan process 'avguard.exe' - '1' Module(s) have been scanned Scan process 'msiexec.exe' - '1' Module(s) have been scanned Scan process 'WMIADAP.EXE' - '1' Module(s) have been scanned Scan process 'TrustedInstaller.exe' - '1' Module(s) have been scanned Scan process 'wuauclt.exe' - '1' Module(s) have been scanned Scan process 'avcenter.exe' - '1' Module(s) have been scanned Scan process 'avconfig.exe' - '1' Module(s) have been scanned Scan process 'avgnt.exe' - '1' Module(s) have been scanned Scan process 'sched.exe' - '1' Module(s) have been scanned Scan process 'setup.exe' - '1' Module(s) have been scanned Scan process 'presetup.exe' - '1' Module(s) have been scanned Scan process 'avira_free_antivirus_en.exe' - '1' Module(s) have been scanned Module is OK -> <C:\Users\Anne-Claire\Desktop\avira_free_antivirus_en.exe> [WARNING] The file is password protected Scan process 'SynTPHelper.exe' - '1' Module(s) have been scanned Scan process 'ePowerEvent.exe' - '1' Module(s) have been scanned Scan process 'igfxext.exe' - '1' Module(s) have been scanned Scan process 'ePowerTray.exe' - '1' Module(s) have been scanned Scan process 'wmpnetwk.exe' - '1' Module(s) have been scanned Scan process 'igfxsrvc.exe' - '1' Module(s) have been scanned Scan process 'igfxext.exe' - '1' Module(s) have been scanned Scan process 'wmiprvse.exe' - '1' Module(s) have been scanned Scan process 'unsecapp.exe' - '1' Module(s) have been scanned Scan process 'Dropbox.exe' - '1' Module(s) have been scanned Scan process 'AcerVCM.exe' - '1' Module(s) have been scanned Scan process 'Skype.exe' - '1' Module(s) have been scanned Scan process 'wmpnscfg.exe' - '1' Module(s) have been scanned Scan process 'jusched.exe' - '1' Module(s) have been scanned Scan process 'mwlDaemon.exe' - '1' Module(s) have been scanned Scan process 'EgisUpdate.exe' - '1' Module(s) have been scanned Scan process 'ODDPWR.exe' - '1' Module(s) have been scanned Scan process 'BackupManagerTray.exe' - '1' Module(s) have been scanned Scan process 'PLFSetI.exe' - '1' Module(s) have been scanned Scan process 'LManager.exe' - '1' Module(s) have been scanned Scan process 'wmiprvse.exe' - '1' Module(s) have been scanned Scan process 'taskeng.exe' - '1' Module(s) have been scanned Scan process 'igfxsrvc.exe' - '1' Module(s) have been scanned Scan process 'IAANTMon.exe' - '1' Module(s) have been scanned Scan process 'YahooAUService.exe' - '1' Module(s) have been scanned Scan process 'SearchIndexer.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'RS_Service.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'SupServ.exe' - '1' Module(s) have been scanned Scan process 'ODDPWRSvc.exe' - '1' Module(s) have been scanned Scan process 'SchedulerSvc.exe' - '1' Module(s) have been scanned Scan process 'IScheduleSvc.exe' - '1' Module(s) have been scanned Scan process 'MWLService.exe' - '1' Module(s) have been scanned Scan process 'FsUsbExService.Exe' - '1' Module(s) have been scanned Scan process 'ePowerSvc.exe' - '1' Module(s) have been scanned Scan process 'dsiwmis.exe' - '1' Module(s) have been scanned Scan process 'dgdersvc.exe' - '1' Module(s) have been scanned Scan process 'armsvc.exe' - '1' Module(s) have been scanned Scan process 'SynTPEnh.exe' - '1' Module(s) have been scanned Scan process 'RtHDVCpl.exe' - '1' Module(s) have been scanned Scan process 'igfxpers.exe' - '1' Module(s) have been scanned Scan process 'hkcmd.exe' - '1' Module(s) have been scanned Scan process 'igfxtray.exe' - '1' Module(s) have been scanned Scan process 'IAAnotif.exe' - '1' Module(s) have been scanned Scan process 'taskeng.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'spoolsv.exe' - '1' Module(s) have been scanned Scan process 'Explorer.EXE' - '1' Module(s) have been scanned Scan process 'Dwm.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'SLsvc.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'lsm.exe' - '1' Module(s) have been scanned Scan process 'lsass.exe' - '1' Module(s) have been scanned Scan process 'services.exe' - '1' Module(s) have been scanned Scan process 'winlogon.exe' - '1' Module(s) have been scanned Scan process 'csrss.exe' - '1' Module(s) have been scanned Scan process 'wininit.exe' - '1' Module(s) have been scanned Scan process 'csrss.exe' - '1' Module(s) have been scanned Scan process 'smss.exe' - '1' Module(s) have been scanned Starting to scan executable files (registry). C:\Program Files\Object\bho_project.dll [DETECTION] Contains virus patterns of Adware ADWARE/Adware.Gen The registry was scanned ( '2219' files ). Beginning disinfection: The registration entry <HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{de4e75d3-60aa-4f02-a0e4-c8a40576574c}\> was removed successfully. The registration entry <HKEY_CLASSES_ROOT\CLSID\{de4e75d3-60aa-4f02-a0e4-c8a40576574c}\> was removed successfully. The registration entry <HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{de4e75d3-60aa-4f02-a0e4-c8a40576574c}\> was removed successfully. C:\Program Files\Object\bho_project.dll [DETECTION] Contains virus patterns of Adware ADWARE/Adware.Gen [NOTE] The file was moved to the quarantine directory under the name '556f9e43.qua'. [NOTE] The registration entry <HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{de4e75d3-60aa-4f02-a0e4-c8a40576574c}> was successfully repaired. [NOTE] The registration entry <HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{de4e75d3-60aa-4f02-a0e4-c8a40576574c}> was successfully repaired. [NOTE] The registration entry <HKEY_USERS\S-1-5-21-1065561180-239058308-3607678911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{de4e75d3-60aa-4f02-a0e4-c8a40576574c}> was successfully repaired. End of the scan: samedi 25 août 2012 22:11 Used time: 02:24 Minute(s) The scan has been done completely. 0 Scanned directories 3704 Files were scanned 1 Viruses and/or unwanted programs were found 0 Files were classified as suspicious 0 Files were deleted 0 Viruses and unwanted programs were repaired 1 Files were moved to quarantine 0 Files were renamed 0 Files cannot be scanned 3703 Files not concerned 21 Archives were scanned 1 Warnings 1 Notes Merci