Aller au contenu
  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

Alerte récurrente de l'antivirus


jezabel

Messages recommandés

rapport Antivir :

 

 

 

Avira AntiVir Personal

Report file date: mardi 9 décembre 2008 18:22

 

Scanning for 1080260 virus strains and unwanted programs.

 

Licensed to: Avira AntiVir PersonalEdition Classic

Serial number: 0000149996-ADJIE-0001

Platform: Windows Vista

Windows version: (Service Pack 1) [6.0.6001]

Boot mode: Normally booted

Username: SYSTEM

Computer name: NEGRE

 

Version information:

BUILD.DAT : 8.2.0.337 16934 Bytes 18/11/2008 13:05:00

AVSCAN.EXE : 8.1.4.10 315649 Bytes 28/11/2008 08:37:21

AVSCAN.DLL : 8.1.4.0 40705 Bytes 17/07/2008 20:55:16

LUKE.DLL : 8.1.4.5 164097 Bytes 17/07/2008 20:55:16

LUKERES.DLL : 8.1.4.0 12033 Bytes 17/07/2008 20:55:16

ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 20:21:54

ANTIVIR1.VDF : 7.1.0.197 1170432 Bytes 07/12/2008 17:56:15

ANTIVIR2.VDF : 7.1.0.198 2048 Bytes 07/12/2008 17:56:15

ANTIVIR3.VDF : 7.1.0.213 63488 Bytes 09/12/2008 17:21:24

Engineversion : 8.2.0.43

AEVDF.DLL : 8.1.0.6 102772 Bytes 15/10/2008 16:23:38

AESCRIPT.DLL : 8.1.1.18 336251 Bytes 08/12/2008 17:56:17

AESCN.DLL : 8.1.1.5 123251 Bytes 07/11/2008 19:40:26

AERDL.DLL : 8.1.1.3 438645 Bytes 05/11/2008 19:40:40

AEPACK.DLL : 8.1.3.4 393591 Bytes 11/11/2008 19:40:59

AEOFFICE.DLL : 8.1.0.32 196987 Bytes 05/12/2008 17:08:48

AEHEUR.DLL : 8.1.0.74 1519990 Bytes 05/12/2008 17:08:47

AEHELP.DLL : 8.1.2.0 119159 Bytes 20/11/2008 17:09:16

AEGEN.DLL : 8.1.1.6 323955 Bytes 29/11/2008 08:36:30

AEEMU.DLL : 8.1.0.9 393588 Bytes 15/10/2008 16:23:28

AECORE.DLL : 8.1.5.2 172405 Bytes 29/11/2008 08:36:29

AEBB.DLL : 8.1.0.3 53618 Bytes 15/10/2008 16:23:26

AVWINLL.DLL : 1.0.0.12 15105 Bytes 17/07/2008 20:55:16

AVPREF.DLL : 8.0.2.0 38657 Bytes 17/07/2008 20:55:16

AVREP.DLL : 8.0.0.2 98344 Bytes 01/08/2008 06:00:37

AVREG.DLL : 8.0.0.1 33537 Bytes 17/07/2008 20:55:16

AVARKT.DLL : 1.0.0.23 307457 Bytes 15/04/2008 16:51:23

AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 17/07/2008 20:55:16

SQLITE3.DLL : 3.3.17.1 339968 Bytes 15/04/2008 16:51:24

SMTPLIB.DLL : 1.2.0.23 28929 Bytes 17/07/2008 20:55:17

NETNT.DLL : 8.0.0.1 7937 Bytes 15/04/2008 16:51:24

RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 17/07/2008 20:55:14

RCTEXT.DLL : 8.0.52.0 86273 Bytes 17/07/2008 20:55:14

 

Configuration settings for the scan:

Jobname..........................: Complete system scan

Configuration file...............: c:\program files\antivir personaledition classic\sysscan.avp

Logging..........................: low

Primary action...................: interactive

Secondary action.................: ignore

Scan master boot sector..........: on

Scan boot sector.................: on

Boot sectors.....................: C:,

Process scan.....................: on

Scan registry....................: on

Search for rootkits..............: on

Scan all files...................: All files

Scan archives....................: on

Recursion depth..................: 20

Smart extensions.................: on

Macro heuristic..................: on

File heuristic...................: high

Deviating risk categories........: +APPL,+GAME,+JOKE,+PCK,+SPR,

 

Start of the scan: mardi 9 décembre 2008 18:22

 

Starting search for hidden objects.

'83702' objects were checked, '0' hidden objects were found.

 

The scan of running processes will be started

Scan process 'avscan.exe' - '1' Module(s) have been scanned

Scan process 'avcenter.exe' - '1' Module(s) have been scanned

Scan process 'WmiPrvSE.exe' - '1' Module(s) have been scanned

Scan process 'WMIADAP.exe' - '1' Module(s) have been scanned

Scan process 'TrustedInstaller.exe' - '1' Module(s) have been scanned

Scan process 'taskeng.exe' - '1' Module(s) have been scanned

Scan process 'NMIndexStoreSvr.exe' - '1' Module(s) have been scanned

Scan process 'NMIndexingService.exe' - '1' Module(s) have been scanned

Scan process 'NMBgMonitor.exe' - '1' Module(s) have been scanned

Scan process 'MaxMenuMgr.exe' - '1' Module(s) have been scanned

Scan process 'jusched.exe' - '1' Module(s) have been scanned

Scan process 'IAAnotif.exe' - '1' Module(s) have been scanned

Scan process 'avgnt.exe' - '1' Module(s) have been scanned

Scan process 'acrotray.exe' - '1' Module(s) have been scanned

Scan process 'explorer.exe' - '1' Module(s) have been scanned

Scan process 'dwm.exe' - '1' Module(s) have been scanned

Scan process 'taskeng.exe' - '1' Module(s) have been scanned

Scan process 'SearchIndexer.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'ULCDRSvr.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'TCPSVCS.EXE' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'SyncServices.exe' - '1' Module(s) have been scanned

Scan process 'inetinfo.exe' - '1' Module(s) have been scanned

Scan process 'IAANTmon.exe' - '1' Module(s) have been scanned

Scan process 'AdskScSrv.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'sched.exe' - '1' Module(s) have been scanned

Scan process 'a2service.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'avguard.exe' - '1' Module(s) have been scanned

Scan process 'spoolsv.exe' - '1' Module(s) have been scanned

Scan process 'Ati2evxx.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'SLsvc.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'audiodg.exe' - '0' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'Ati2evxx.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'winlogon.exe' - '1' Module(s) have been scanned

Scan process 'lsm.exe' - '1' Module(s) have been scanned

Scan process 'lsass.exe' - '1' Module(s) have been scanned

Scan process 'services.exe' - '1' Module(s) have been scanned

Scan process 'csrss.exe' - '1' Module(s) have been scanned

Scan process 'wininit.exe' - '1' Module(s) have been scanned

Scan process 'csrss.exe' - '1' Module(s) have been scanned

Scan process 'smss.exe' - '1' Module(s) have been scanned

54 processes with 54 modules were scanned

 

Starting master boot sector scan:

Master boot sector HD0

[iNFO] No virus was found!

 

Start scanning boot sectors:

Boot sector 'C:\'

[iNFO] No virus was found!

 

Starting to scan the registry.

The registry was scanned ( '40' files ).

 

 

Starting the file scan:

 

Begin scan in 'C:\'

C:\hiberfil.sys

[WARNING] The file could not be opened!

C:\pagefile.sys

[WARNING] The file could not be opened!

C:\Program Files\AntiVir PersonalEdition Classic\avnotify.exe

[WARNING] The file could not be opened!

C:\Qoobox\Quarantine\C\Windows\cisvc.exe.vir

[DETECTION] Contains recognition pattern of the WORM/Taft.1 worm

[NOTE] The file was moved to '49b1b18a.qua'!

C:\Qoobox\Quarantine\C\Windows\logman.exe.vir

[DETECTION] Contains recognition pattern of the WORM/Taft.1 worm

[NOTE] The file was moved to '49a5b190.qua'!

C:\Qoobox\Quarantine\C\Windows\system\mstsc.exe.vir

[DETECTION] Contains recognition pattern of the WORM/Taft.1 worm

[NOTE] The file was moved to '49b2b195.qua'!

C:\Qoobox\Quarantine\C\Windows\System32\drivers\cmstp.exe.vir

[DETECTION] Contains recognition pattern of the WORM/Taft.1 worm

[NOTE] The file was moved to '49b1b18f.qua'!

C:\Users\Cécile\AppData\Local\Microsoft\dllhst3g.exe

[DETECTION] Contains recognition pattern of the WORM/Taft.1 worm

[NOTE] The file was moved to '49aab1b1.qua'!

C:\Users\nègre\AppData\Local\Microsoft\ieudinit.exe

[DETECTION] Contains recognition pattern of the WORM/Taft.1 worm

[NOTE] The file was moved to '49b3b1d4.qua'!

C:\Users\nègre\AppData\Local\Microsoft\mstinit.exe

[DETECTION] Contains recognition pattern of the WORM/Taft.1 worm

[NOTE] The file was moved to '49b2b1e3.qua'!

C:\Users\nègre\AppData\Local\Mozilla\Firefox\Profiles\wa6gzygd.default\Cache\C2152591d01

[0] Archive type: RAR SFX (self extracting)

--> 32788R22FWJFW\hidec.exe

[DETECTION] Contains recognition pattern of the SPR/Tool.Hide.A program

--> 32788R22FWJFW\NirCmd.cfexe

[DETECTION] Contains recognition pattern of the APPL/NirCmd.E.2.B application

--> 32788R22FWJFW\nircmd.com

[DETECTION] Contains recognition pattern of the APPL/NirCmd.E.2.B application

--> 32788R22FWJFW\NirCmdC.cfexe

[DETECTION] Contains recognition pattern of the APPL/NirCmd.E.1.B application

--> 32788R22FWJFW\psexec.cfexe

[1] Archive type: RSRC

--> Object

[DETECTION] Contains recognition pattern of the APPL/PsExec.E application

[NOTE] The file was moved to '496fb1b6.qua'!

C:\Users\nègre\AppData\Roaming\mqtgsvc.exe

[DETECTION] Contains recognition pattern of the WORM/Taft.1 worm

[NOTE] The file was moved to '49b2b1fc.qua'!

C:\Users\nègre\Desktop\ComboFix.exe

[0] Archive type: RAR SFX (self extracting)

--> 32788R22FWJFW\hidec.exe

[DETECTION] Contains recognition pattern of the SPR/Tool.Hide.A program

--> 32788R22FWJFW\NirCmd.cfexe

[DETECTION] Contains recognition pattern of the APPL/NirCmd.E.2.B application

--> 32788R22FWJFW\nircmd.com

[DETECTION] Contains recognition pattern of the APPL/NirCmd.E.2.B application

--> 32788R22FWJFW\NirCmdC.cfexe

[DETECTION] Contains recognition pattern of the APPL/NirCmd.E.1.B application

--> 32788R22FWJFW\psexec.cfexe

[1] Archive type: RSRC

--> Object

[DETECTION] Contains recognition pattern of the APPL/PsExec.E application

[NOTE] The file was moved to '49abb220.qua'!

C:\Users\nègre\Desktop\OTMoveIt3.exe

[DETECTION] Contains a recognition pattern of the (harmful) BDS/Subseven.asu back-door program

[NOTE] The file was moved to '498bb205.qua'!

C:\_OTMoveIt\MovedFiles\12072008_192109\windows\System\cmstp.exe

[DETECTION] Contains recognition pattern of the WORM/Taft.1 worm

[NOTE] The file was moved to '49b1b7d7.qua'!

C:\_OTMoveIt\MovedFiles\12072008_192109\windows\System\comrepl.exe

[DETECTION] Contains recognition pattern of the WORM/Taft.1 worm

[NOTE] The file was moved to '49abb7d9.qua'!

C:\_OTMoveIt\MovedFiles\12072008_192109\windows\system32\drivers\clipsrv.exe

[DETECTION] Contains recognition pattern of the WORM/Taft.1 worm

[NOTE] The file was moved to '49a7b7d6.qua'!

C:\_OTMoveIt\MovedFiles\12072008_192109\windows\system32\drivers\ieudinit.exe

[DETECTION] Contains recognition pattern of the WORM/Taft.1 worm

[NOTE] The file was moved to '49b3b7cf.qua'!

 

 

End of the scan: mardi 9 décembre 2008 19:22

Used time: 1:00:33 Hour(s)

 

The scan has been done completely.

 

26829 Scanning directories

641819 Files were scanned

23 viruses and/or unwanted programs were found

0 Files were classified as suspicious:

0 files were deleted

0 files were repaired

15 files were moved to quarantine

0 files were renamed

3 Files cannot be scanned

641793 Files not concerned

8871 Archives were scanned

3 Warnings

15 Notes

83702 Objects were scanned with rootkit scan

0 Hidden objects were found

Lien vers le commentaire
Partager sur d’autres sites

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...