Ordi pollué (résolu)

[drims]

Bonjour Falkra,

 

J'ai ici le rapport de Combo Fix. J'ai eu 5 minutes de doute car il ne voulait pas s'exécuter et m'affichait un message "Date Error, check your settings".

Après traduction, j'ai vérifié la date de mon ordi et tout s'est arrangé

 

ComboFix 08-07-19.1 - sentier nature 2008-07-20 11:29:10.1 - FAT32x86

Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.206 [GMT 2:00]

Endroit: C:\Documents and Settings\sentier nature\Bureau\ComboFix.exe

* Création d'un nouveau point de restauration

 

AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!

.

 

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))

.

 

C:\Documents and Settings\sentier nature\Menu Démarrer\Programmes\Antivirus 2008 PRO

C:\WINDOWS\system32\aajhrdpm.ini

C:\WINDOWS\system32\bvtkjnob.ini

C:\WINDOWS\system32\hycjsrxs.ini

C:\WINDOWS\system32\jfuafobv.ini

C:\WINDOWS\system32\kpaigpbs.ini

C:\WINDOWS\system32\lfigndqu.ini

C:\WINDOWS\system32\mcrh.tmp

C:\WINDOWS\system32\mcrmuhvu.ini

C:\WINDOWS\system32\ogvgxevb.dll

C:\WINDOWS\system32\opnolMCr.dll

C:\WINDOWS\system32\peobvpqx.ini

C:\WINDOWS\system32\pwwvlmdh.ini

C:\WINDOWS\system32\qtccqool.dll

C:\WINDOWS\system32\quhckoug.ini

C:\WINDOWS\system32\tnclolko.ini

C:\WINDOWS\system32\tuvVOGyw.dll

C:\WINDOWS\system32\wntnjx.dll

C:\WINDOWS\system32\wrotclxe.ini

C:\WINDOWS\system32\wyGOVvut.ini

 

.

((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-06-20 to 2008-07-20 ))))))))))))))))))))))))))))))))))))

.

 

2008-07-14 13:31 . 2008-07-14 13:31 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware

2008-07-14 13:31 . 2008-07-14 13:31 <REP> d-------- C:\Documents and Settings\sentier nature\Application Data\Malwarebytes

2008-07-14 13:31 . 2008-07-14 13:31 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes

2008-07-14 13:31 . 2008-07-07 17:35 34,296 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys

2008-07-14 13:31 . 2008-07-07 17:35 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys

2008-07-11 11:18 . 2008-07-11 11:18 <REP> d-------- C:\Lop SD

2008-07-10 23:54 . 2008-07-10 23:54 <REP> d-------- C:\Program Files\Navilog1

2008-07-03 12:59 . 2008-03-29 22:59 33,224 --a------ C:\a

2008-07-03 12:33 . 2008-07-03 12:33 <REP> d-------- C:\Program Files\Enigma Software Group

2008-06-22 21:02 . 2004-09-20 11:09 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage r‚seau

2008-06-22 21:02 . 2004-09-20 11:09 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage d'impression

2008-06-22 21:02 . 2004-09-20 11:09 <REP> d--h----- C:\Documents and Settings\Administrateur\ModŠles

2008-06-22 21:02 . 2004-09-20 19:10 <REP> dr------- C:\Documents and Settings\Administrateur\Mes documents

2008-06-22 21:02 . 2004-09-20 11:09 <REP> dr------- C:\Documents and Settings\Administrateur\Menu D‚marrer

2008-06-22 21:02 . 2004-09-20 19:10 <REP> dr------- C:\Documents and Settings\Administrateur\Favoris

2008-06-22 21:02 . 2004-09-20 11:09 <REP> d-------- C:\Documents and Settings\Administrateur\Bureau

2008-06-22 21:02 . 2008-06-22 21:02 <REP> d-------- C:\Documents and Settings\Administrateur

2008-06-22 20:55 . 2008-06-22 20:55 <REP> d--hs---- C:\FOUND.000

2008-06-22 20:17 . 2008-06-22 20:17 <REP> d-------- C:\Program Files\Avira

2008-06-22 15:49 . 2008-06-22 15:49 <REP> d-------- C:\Program Files\Avira(2)

 

.

(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-07-10 15:21 4,566 ----a-w C:\WINDOWS\system32\tmp.reg

2008-06-14 17:59 272,768 ----a-w C:\WINDOWS\system32\drivers\bthport.sys

2008-06-14 17:59 272,768 ----a-w C:\WINDOWS\system32\dllcache\bthport.sys

2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\dllcache\rmcast.sys

2008-05-07 05:15 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll

2008-05-07 05:15 1,293,824 ----a-w C:\WINDOWS\system32\dllcache\quartz.dll

.

 

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

REGEDIT4

*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 17:24 1694208]

"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 05:00 15360]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"LaunchApp"="Alaunch" [X]

"epm-dm"="c:\acer\epm\epm-dm.exe" [2004-07-14 14:19 151552]

"SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [2004-05-20 19:57 98304]

"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2004-05-20 19:57 532480]

"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]

"RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2003-10-21 11:52 40960]

"RealTray"="C:\Program Files\Real\RealPlayer\RealPlay.exe" [2006-03-20 14:11 26112]

"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 05:00 455168]

"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 05:00 455168]

"MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-05 05:00 59392]

"LManager"="C:\Program Files\Launch Manager\QtZgAcer.EXE" [2004-07-30 11:30 319488]

"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" [2004-08-05 05:00 208952]

"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2004-02-11 01:55 155648]

"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2004-02-11 01:51 118784]

"EPSON Stylus C86 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0R2.EXE" [2003-11-25 05:00 99840]

"EPSON Stylus C66 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0S2.EXE" [2003-11-26 09:00 99840]

"EPSON Stylus C64 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE" [2003-05-27 05:08 99840]

"ePowerManagement"="C:\Acer\ePM\ePM.exe" [2004-09-01 17:38 2876416]

"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-02-12 10:06 262401]

"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-05 05:00 110592 C:\WINDOWS\system32\bthprops.cpl]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 05:00 15360]

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"AntiVirusOverride"=dword:00000001

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"C:\\WINDOWS\\System32\\java.exe"=

"C:\\Program Files\\LimeWire\\LimeWire.exe"=

 

R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-05-16 01:20]

R1 SMBHC;Pilote de contrôleur hôte du bus de gestion du système Microsoft;C:\WINDOWS\system32\DRIVERS\SMBHC.sys [2001-08-17 21:57]

R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-05-16 01:16]

R2 EpmPsd;Acer EPM Power Scheme Driver;C:\WINDOWS\system32\drivers\epm-psd.sys [2004-07-19 13:10]

R2 EpmShd;Acer EPM System Hardware Driver;C:\WINDOWS\system32\drivers\epm-shd.sys [2004-08-14 20:59]

R2 osaio;osaio;C:\WINDOWS\system32\drivers\osaio.sys [2004-06-01 11:50]

R2 osanbm;osanbm;C:\WINDOWS\system32\drivers\osanbm.sys [2004-06-01 11:50]

R3 IPN2220;acer IPN2220 Wireless LAN Card Driver;C:\WINDOWS\system32\DRIVERS\i2220ntx.sys [2004-03-30 08:23]

R3 SMBBATT;Pilote de batterie intelligente Microsoft;C:\WINDOWS\system32\DRIVERS\SMBBATT.sys [2004-08-03 23:07]

S3 PCASp50;PCASp50 NDIS Protocol Driver;C:\WINDOWS\system32\Drivers\PCASp50.sys [2005-11-19 02:13]

S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-05 05:00]

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{366efef0-7ed2-11db-9b2d-00c09f843bc1}]

\Shell\AutoRun\command - setupSNK.exe

.

- - - - ORPHANS REMOVED - - - -

 

HKCU-Run-gufyjtgj - C:\WINDOWS\system32\eduxyjet.exe

HKLM-Explorer_Run-1A1ktngkj5 - C:\Documents and Settings\All Users\Application Data\uzifcbmv\mdolevob.exe

 

 

**************************************************************************

 

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-07-20 11:32:34

Windows 5.1.2600 Service Pack 2 FAT NTAPI

 

Balayage processus cach‚s ...

 

Balayage cach‚ autostart entries ...

 

Balayage des fichiers cach‚s ...

 

Scan termin‚ avec succŠs

Les fichiers cach‚s: 0

 

**************************************************************************

.

------------------------ Other Running Processes ------------------------

.

C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASWUPDSV.EXE

C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHSERV.EXE

C:\ACER\EMANAGER\ANBMSERV.EXE

C:\PROGRAM FILES\FICHIERS COMMUNS\MICROSOFT SHARED\VS7DEBUG\MDM.EXE

C:\WINDOWS\SYSTEM32\RUNDLL32.EXE

C:\PROGRAM FILES\HERCULES\WIFI STATION\WIFISTATION.EXE

C:\PROGRAM FILES\ADOBE\ACROBAT 7.0\READER\READER_SL.EXE

.

**************************************************************************

.

Temps d'accomplissement: 2008-07-20 11:33:54 - machine was rebooted

ComboFix-quarantined-files.txt 2008-07-20 09:33:52

 

Pre-Run: 11,182,473,216 octets libres

Post-Run: 11,784,093,696 octets libres

 

142 --- E O F --- 2008-06-17 14:43:50

[Falkra]

Super !

Le plus gros est fait maintenant.

 

Poste un nouveau rapport HijackThis stp.

[drims]

Falkra mon sauveur

 

Effectivement je sens que mon ordi va beaucoup mieux ! Plus de pages de pub qui s'ouvrent sans arrêt, ça fait du bien !

Mes mises à jour qui étaient désactivées sont réactivées. Antivir, par contre, j'ai toujours pas compris comment le remettre en route

 

Je te poste le rapport HijackThis :

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 16:20:19, on 20/07/2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\Explorer.EXE

C:\acer\epm\epm-dm.exe

C:\Program Files\Synaptics\SynTP\SynTPLpr.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe

C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe

C:\Program Files\Real\RealPlayer\RealPlay.exe

C:\Program Files\Launch Manager\QtZgAcer.EXE

C:\WINDOWS\system32\igfxtray.exe

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0R2.EXE

C:\WINDOWS\system32\rundll32.exe

C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe

C:\Program Files\Messenger\msmsgs.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Hercules\WiFi Station\WifiStation.exe

C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Acer\eManager\anbmServ.exe

C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Program Files\internet explorer\iexplore.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\internet explorer\iexplore.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll

O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll

O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll

O4 - HKLM\..\Run: [epm-dm] c:\acer\epm\epm-dm.exe

O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"

O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"

O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER

O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC

O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName

O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC

O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE

O4 - HKLM\..\Run: [LaunchApp] Alaunch

O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32

O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [EPSON Stylus C86 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0R2.EXE /P23 "EPSON Stylus C86 Series" /O6 "USB002" /M "Stylus C86"

O4 - HKLM\..\Run: [EPSON Stylus C66 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0S2.EXE /P23 "EPSON Stylus C66 Series" /O6 "USB002" /M "Stylus C66"

O4 - HKLM\..\Run: [EPSON Stylus C64 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C64 Series" /O6 "USB001" /M "Stylus C64"

O4 - HKLM\..\Run: [ePowerManagement] C:\Acer\ePM\ePM.exe boot

O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: WiFi Station.lnk = ?

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll

O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

 

--

End of file - 6390 bytes

[Falkra]

Ton rapport est ok.

 

Il faut d'abord désinstaller Avast. Tu peux le faire par le panneau de configuration / ajout-suppression de programmes.

Si ça ne marche pas bien, il y a aussi (au cas où mais normalement pas besoin) cet utilitaire officiel :

http://www.avast.com/fre/avast-uninstall-utility.html

 

On voit pour Antivir ensuite.

[drims]

Salut Falkra

 

Bon t'en as pas encore fini avec moi...

 

J'avais déjà essayé de désinstaller Avast en passant par ajout/suppression de programmes mais à chaque fois un message d'erreur apparaissait. C'est toujours le cas : Erreur inconnue, le programme ne peut pas charger iNews (C:\Program Files\Alwil Software\Avast4\DATA\iNews.htm).

 

J'ai voulu télécharger aswClear sur mon bureau, mais un message d'erreur s'affiche : The avast self protection module is enabled. For this reason, the operation cannot be completed. To complete the operation, either run this program from Window Safe Mode, or disable the Avast self protection (Via settings / Troubleshooting page).

 

Je fais quoi ?

[Falkra]

Ok, alors désactive l'auto protection d'avast avant de lancer aswClear :

 

Je n'ai pas ça en français, mais les choses sont à la même place.

 

Si tu ne trouves pas, démarre en mode sans échec et lance aswClear depuis le mode sans échec. (il devra avoir été téléchargé préalablement)

[drims]

Bonjour Falkra,

 

Ca y est j'ai réussi à désinstaller Avast de mon ordi en passant par le mode sans échec... Ouf !

Je suis prête pour la suite

[Falkra]

Ok, tu peux installer Antivir, voici un lien de téléchargement direct :

http://dl1.avgate.net/down/windows/antivir...n_winu_en_h.exe

[drims]

Youpi, le parapluie de antivir s'est enfin ouvert

Et la mise à jour fonctionne aussi

 

Trop le bonheur

 

Est-ce qu'il reste autre chose à faire ?

[drims]

J'ai profité que antivir soit à nouveau actif pour scanner mon ordi. Je t'envoie le rapport :

 

Avira AntiVir Personal

Report file date: mardi 22 juillet 2008 12:33

 

Scanning for 1487515 virus strains and unwanted programs.

 

Licensed to: Avira AntiVir PersonalEdition Classic

Serial number: 0000149996-ADJIE-0001

Platform: Windows XP

Windows version: (Service Pack 2) [5.1.2600]

Boot mode: Normally booted

Username: SYSTEM

Computer name: ACER-86ABAAF10A

 

Version information:

BUILD.DAT : 8.1.0.326 16933 Bytes 11/07/2008 12:57:00

AVSCAN.EXE : 8.1.4.7 315649 Bytes 26/06/2008 08:57:54

AVSCAN.DLL : 8.1.4.0 40705 Bytes 26/05/2008 07:56:42

LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 12:44:20

LUKERES.DLL : 8.1.4.0 12033 Bytes 26/05/2008 07:58:54

ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34

ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 24/06/2008 13:54:16

ANTIVIR2.VDF : 7.0.5.144 1690624 Bytes 21/07/2008 10:22:26

ANTIVIR3.VDF : 7.0.5.150 37376 Bytes 22/07/2008 10:22:26

Engineversion : 8.1.1.11

AEVDF.DLL : 8.1.0.5 102772 Bytes 09/07/2008 08:46:52

AESCRIPT.DLL : 8.1.0.59 307579 Bytes 22/07/2008 10:22:36

AESCN.DLL : 8.1.0.23 119156 Bytes 22/07/2008 10:22:34

AERDL.DLL : 8.1.0.20 418165 Bytes 09/07/2008 08:46:52

AEPACK.DLL : 8.1.2.1 364917 Bytes 22/07/2008 10:22:34

AEOFFICE.DLL : 8.1.0.21 192891 Bytes 22/07/2008 10:22:32

AEHEUR.DLL : 8.1.0.43 1339767 Bytes 22/07/2008 10:22:32

AEHELP.DLL : 8.1.0.15 115063 Bytes 09/07/2008 08:46:52

AEGEN.DLL : 8.1.0.29 307573 Bytes 09/07/2008 08:46:52

AEEMU.DLL : 8.1.0.6 430451 Bytes 09/07/2008 08:46:52

AECORE.DLL : 8.1.1.6 172405 Bytes 22/07/2008 10:22:28

AEBB.DLL : 8.1.0.1 53617 Bytes 24/04/2008 08:50:42

AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 08:40:06

AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 09:28:02

AVREP.DLL : 7.0.0.1 155688 Bytes 30/06/2008 14:35:22

AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 11:26:42

AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:24

AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 12:27:50

SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:04

SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 12:49:42

NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:12

RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 12/06/2008 13:48:08

RCTEXT.DLL : 8.0.52.0 86273 Bytes 27/06/2008 13:34:38

 

Configuration settings for the scan:

Jobname..........................: Complete system scan

Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp

Logging..........................: low

Primary action...................: interactive

Secondary action.................: ignore

Scan master boot sector..........: on

Scan boot sector.................: on

Boot sectors.....................: C:, D:,

Process scan.....................: on

Scan registry....................: on

Search for rootkits..............: off

Scan all files...................: Intelligent file selection

Scan archives....................: on

Recursion depth..................: 20

Smart extensions.................: on

Macro heuristic..................: on

File heuristic...................: medium

 

Start of the scan: mardi 22 juillet 2008 12:33

 

The scan of running processes will be started

Scan process 'avscan.exe' - '1' Module(s) have been scanned

Scan process 'avcenter.exe' - '1' Module(s) have been scanned

Scan process 'msiexec.exe' - '1' Module(s) have been scanned

Scan process 'wuauclt.exe' - '1' Module(s) have been scanned

Scan process 'avgnt.exe' - '1' Module(s) have been scanned

Scan process 'avguard.exe' - '1' Module(s) have been scanned

Scan process 'sched.exe' - '1' Module(s) have been scanned

Scan process 'ALG.EXE' - '1' Module(s) have been scanned

Scan process 'WiFiStation.exe' - '1' Module(s) have been scanned

Scan process 'CTFMON.EXE' - '1' Module(s) have been scanned

Scan process 'MSMSGS.EXE' - '1' Module(s) have been scanned

Scan process 'RUNDLL32.EXE' - '1' Module(s) have been scanned

Scan process 'E_S4I0R2.EXE' - '1' Module(s) have been scanned

Scan process 'HKCMD.EXE' - '1' Module(s) have been scanned

Scan process 'IGFXTRAY.EXE' - '1' Module(s) have been scanned

Scan process 'QtZgAcer.EXE' - '1' Module(s) have been scanned

Scan process 'REALPLAY.EXE' - '1' Module(s) have been scanned

Scan process 'PDVDServ.exe' - '1' Module(s) have been scanned

Scan process 'JUSCHED.EXE' - '1' Module(s) have been scanned

Scan process 'SynTPEnh.exe' - '1' Module(s) have been scanned

Scan process 'SynTPLpr.exe' - '1' Module(s) have been scanned

Scan process 'EPM-DM.EXE' - '1' Module(s) have been scanned

Scan process 'MDM.EXE' - '1' Module(s) have been scanned

Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned

Scan process 'anbmServ.exe' - '1' Module(s) have been scanned

Scan process 'EXPLORER.EXE' - '1' Module(s) have been scanned

Scan process 'SPOOLSV.EXE' - '1' Module(s) have been scanned

Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned

Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned

Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned

Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned

Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned

Scan process 'LSASS.EXE' - '1' Module(s) have been scanned

Scan process 'SERVICES.EXE' - '1' Module(s) have been scanned

Scan process 'WINLOGON.EXE' - '1' Module(s) have been scanned

Scan process 'CSRSS.EXE' - '1' Module(s) have been scanned

Scan process 'SMSS.EXE' - '1' Module(s) have been scanned

37 processes with 37 modules were scanned

 

Starting master boot sector scan:

Master boot sector HD0

[iNFO] No virus was found!

 

Start scanning boot sectors:

Boot sector 'C:\'

[iNFO] No virus was found!

Boot sector 'D:\'

[iNFO] No virus was found!

 

Starting to scan the registry.

The registry was scanned ( '67' files ).

 

 

Starting the file scan:

 

Begin scan in 'C:\' <ACER>

C:\hiberfil.sys

[WARNING] The file could not be opened!

C:\pagefile.sys

[WARNING] The file could not be opened!

C:\a

[DETECTION] Is the TR/Hoax.Renos.bfn Trojan

[NOTE] The file was moved to '48bfb7cb.qua'!

C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\INFECTED\48bfb7cb.qua

[0] Archive type: HIDDEN

--> FIL\\\?\C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\INFECTED\48bfb7cb.qua

[DETECTION] Is the TR/Hoax.Renos.bfn Trojan

[NOTE] The file was moved to '48e7ba32.qua'!

C:\Documents and Settings\sentier nature\Application Data\Sun\Java\Deployment\cache\6.0\16\2635d3d0-64f77813

[0] Archive type: ZIP

--> OP.class

[DETECTION] Contains recognition pattern of the EXP/ByteVerify.I exploit

[NOTE] The file was moved to '48b8ba76.qua'!

C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP12\A0000834.exe

[DETECTION] Is the TR/Tibs.NJ.3 Trojan

[NOTE] The file was moved to '48b5bc66.qua'!

C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP13\A0001022.DLL

[DETECTION] Is the TR/Vundo.Gen Trojan

[NOTE] The file was moved to '48b5bc71.qua'!

C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP14\A0002049.dll

[DETECTION] Is the TR/Vundo.Gen Trojan

[NOTE] The file was moved to '48b5bc76.qua'!

C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP15\A0002282.DLL

[DETECTION] Is the TR/Vundo.Gen Trojan

[NOTE] The file was moved to '48b5bc80.qua'!

C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP16\A0002298.dll

[DETECTION] Is the TR/Vundo.Gen Trojan

[NOTE] The file was moved to '48b5bc85.qua'!

C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP16\A0002299.dll

[DETECTION] Is the TR/Vundo.Gen Trojan

[NOTE] The file was moved to '48b5bc88.qua'!

C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP19\A0002339.dll

[DETECTION] Is the TR/Vundo.Gen Trojan

[NOTE] The file was moved to '48b5bc8d.qua'!

C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP19\A0002340.dll

[DETECTION] Is the TR/Vundo.Gen Trojan

[NOTE] The file was moved to '48b5bc8f.qua'!

C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP19\A0002355.DLL

[DETECTION] Is the TR/Vundo.Gen Trojan

[NOTE] The file was moved to '48b5bc92.qua'!

C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP19\A0002371.dll

[DETECTION] Is the TR/Vundo.Gen Trojan

[NOTE] The file was moved to '48b5bc95.qua'!

C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP19\A0002372.dll

[DETECTION] Is the TR/Vundo.Gen Trojan

[NOTE] The file was moved to '48b5bc99.qua'!

C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP20\A0002472.dll

[DETECTION] Is the TR/Vundo.Gen Trojan

[NOTE] The file was moved to '48b5bca0.qua'!

C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP20\A0002542.DLL

[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan

[NOTE] The file was moved to '48b5bca7.qua'!

C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP20\A0002559.exe

[DETECTION] Is the TR/Tibs.NJ.3 Trojan

[NOTE] The file was moved to '48b5bcab.qua'!

C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP20\A0002560.exe

[DETECTION] Is the TR/Hoax.Renos.bfn Trojan

[NOTE] The file was moved to '48b5bcae.qua'!

C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP20\A0002567.exe

[DETECTION] Contains a recognition pattern of the (harmful) BDS/IRC.Chazz.41 back-door program

[NOTE] The file was moved to '48b5bcb2.qua'!

C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP20\A0002617.DLL

[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan

[NOTE] The file was moved to '48b5bcb6.qua'!

C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP20\A0002631.exe

[DETECTION] Contains a recognition pattern of the (harmful) BDS/IRC.Chazz.41 back-door program

[NOTE] The file was moved to '48b5be45.qua'!

C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP20\A0002661.exe

[DETECTION] Is the TR/Vapsup.hbh.2 Trojan

[NOTE] The file was moved to '48b5be4d.qua'!

C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP20\A0002662.EXE

[DETECTION] Is the TR/Hoax.Renos.bfn Trojan

[NOTE] The file was moved to '48b5be4e.qua'!

C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP20\A0002678.exe

[DETECTION] Contains a recognition pattern of the (harmful) BDS/IRC.Chazz.41 back-door program

[NOTE] The file was moved to '48b5be4f.qua'!

C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP20\A0002681.DLL

[DETECTION] Is the TR/Vundo.FAT.1 Trojan

[NOTE] The file was moved to '4914f2c8.qua'!

C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP20\A0002704.DLL

[DETECTION] Is the TR/Monderb.92672 Trojan

[NOTE] The file was moved to '48b5be50.qua'!

C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP20\A0002733.dll

[DETECTION] Is the TR/Monderb.93248 Trojan

[NOTE] The file was moved to '48b5be51.qua'!

C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP21\A0002779.dll

[DETECTION] Is the TR/Trash.Gen Trojan

[NOTE] The file was moved to '48b5be53.qua'!

C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP21\A0002781.dll

[DETECTION] Is the TR/Trash.Gen Trojan

[NOTE] The file was moved to '4914f2cc.qua'!

C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP21\A0002783.exe

[DETECTION] Is the TR/Trash.Gen Trojan

[NOTE] The file was moved to '48b5be54.qua'!

C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP21\A0002784.dll

[DETECTION] Is the TR/Trash.Gen Trojan

[NOTE] The file was moved to '4914f2cd.qua'!

C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP21\A0002785.dll

[DETECTION] Is the TR/Trash.Gen Trojan

[NOTE] The file was moved to '48b5be55.qua'!

C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP21\A0002786.dll

[DETECTION] Is the TR/Trash.Gen Trojan

[NOTE] The file was moved to '4914f3f6.qua'!

C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP21\A0002787.dll

[DETECTION] Is the TR/Trash.Gen Trojan

[NOTE] The file was moved to '48b5be57.qua'!

C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP21\A0002788.dll

[DETECTION] Is the TR/Trash.Gen Trojan

[NOTE] The file was moved to '48b5be56.qua'!

C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP21\A0002789.dll

[DETECTION] Is the TR/Trash.Gen Trojan

[NOTE] The file was moved to '4914f3f7.qua'!

C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP21\A0002790.dll

[DETECTION] Is the TR/Trash.Gen Trojan

[NOTE] The file was moved to '4914f3f8.qua'!

C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP21\A0002791.dll

[DETECTION] Is the TR/Trash.Gen Trojan

[NOTE] The file was moved to '48b5be58.qua'!

C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP21\A0002792.dll

[DETECTION] Is the TR/Trash.Gen Trojan

[NOTE] The file was moved to '4914f2c1.qua'!

C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP21\A0002793.exe

[DETECTION] Is the TR/Trash.Gen Trojan

[NOTE] The file was moved to '48b5be5a.qua'!

C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP21\A0002794.dll

[DETECTION] Is the TR/Trash.Gen Trojan

[NOTE] The file was moved to '48b5be59.qua'!

C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP21\A0002795.dll

[DETECTION] Is the TR/Trash.Gen Trojan

[NOTE] The file was moved to '4914f2c2.qua'!

C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP21\A0002796.dll

[DETECTION] Is the TR/Trash.Gen Trojan

[NOTE] The file was moved to '48b5be5b.qua'!

C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP21\A0002797.dll

[DETECTION] Is the TR/Trash.Gen Trojan

[NOTE] The file was moved to '4914f2c3.qua'!

C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP21\A0002798.dll

[DETECTION] Is the TR/Trash.Gen Trojan

[NOTE] The file was moved to '48b5be5c.qua'!

C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP21\A0002799.dll

[DETECTION] Is the TR/Killav.28714 Trojan

[NOTE] The file was moved to '4914f3fd.qua'!

C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP22\A0002962.dll

[DETECTION] Is the TR/Trash.Gen Trojan

[NOTE] The file was moved to '48b5be63.qua'!

C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP22\A0002964.dll

[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan

[NOTE] The file was moved to '48b5be64.qua'!

C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP22\A0002965.dll

[DETECTION] Is the TR/Trash.Gen Trojan

[NOTE] The file was moved to '4914f3c5.qua'!

C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP22\A0002966.DLL

[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan

[NOTE] The file was moved to '48b5be66.qua'!

C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP22\A0003001.exe

[DETECTION] Contains recognition pattern of the DR/Tool.Reboot.F.108 dropper

C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP22\A0003001.exe

[0] Archive type: RAR SFX (self extracting)

--> SmitfraudFix\IEDFix.C.exe

[DETECTION] Contains a recognition pattern of the (harmful) BDS/IRC.Chazz.41 back-door program

[NOTE] The file was moved to '48b5be68.qua'!

C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP22\A0003009.exe

[DETECTION] Contains a recognition pattern of the (harmful) BDS/IRC.Chazz.41 back-door program

[NOTE] The file was moved to '48b5be69.qua'!

C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP23\A0003236.exe

[DETECTION] Contains a recognition pattern of the (harmful) BDS/IRC.Chazz.41 back-door program

[NOTE] The file was moved to '48b5be6e.qua'!

C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP27\A0003586.exe

[DETECTION] Contains recognition pattern of the DR/Tool.Reboot.F.108 dropper

C:\System Volume Information\_restore{7D65FA75-CEC4-4949-A8E3-ACE730FEFF8E}\RP27\A0003586.exe

[0] Archive type: RAR SFX (self extracting)

--> SmitfraudFix\IEDFix.C.exe

[DETECTION] Contains a recognition pattern of the (harmful) BDS/IRC.Chazz.41 back-door program

[NOTE] The file was moved to '48b5be78.qua'!

C:\QooBox\Quarantine\C\WINDOWS\system32\ogvgxevb.dll.vir

[DETECTION] Is the TR/Trash.Gen Trojan

[NOTE] The file was moved to '48fbbebe.qua'!

C:\QooBox\Quarantine\C\WINDOWS\system32\opnolMCr.dll.vir

[DETECTION] Is the TR/Trash.Gen Trojan

[NOTE] The file was moved to '48f3bec7.qua'!

C:\QooBox\Quarantine\C\WINDOWS\system32\qtccqool.dll.vir

[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan

[NOTE] The file was moved to '48e8becb.qua'!

C:\QooBox\Quarantine\C\WINDOWS\system32\tuvVOGyw.dll.vir

[DETECTION] Is the TR/Trash.Gen Trojan

[NOTE] The file was moved to '48fbbecd.qua'!

C:\QooBox\Quarantine\C\WINDOWS\system32\wntnjx.dll.vir

[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan

[NOTE] The file was moved to '48f9bec6.qua'!

Begin scan in 'D:\' <ACERDATA>

 

 

End of the scan: mardi 22 juillet 2008 13:03

Used time: 29:46 Minute(s)

 

The scan has been done completely.

 

2773 Scanning directories

219344 Files were scanned

61 viruses and/or unwanted programs were found

0 Files were classified as suspicious:

0 files were deleted

0 files were repaired

59 files were moved to quarantine

0 files were renamed

2 Files cannot be scanned

219281 Files not concerned

6432 Archives were scanned

2 Warnings

59 Notes