Aide decriptage rapport anti-virus
Aide decriptage rapport anti-virus - Virus/Spywares - Windows & Software
Marsh Posté le 18-05-2014 à 15:22:25
Bonjour,
Peux tu regarder mon post ici : http://forum.hardware.fr/hfr/Windo [...] 6867_1.htm
et poster tes 3 rapports ?
Marsh Posté le 18-05-2014 à 16:19:54
Bonjour!
Merci pour ce retour, je fais en sorte que mon père fasse ces analyses sur son pc et je reviens vers toi dans quelques jours!!
Sujets relatifs:
- suite Rapport ZHPDiag...mon PC à 2 de tension!
- Rapport ZHPDiag...mon PC à 2 de tension!
- Impossible de se débarasser de mon Virus!
- Gros probleme de connection,besoin d'aide please
- Virus - Processus hôte pour tâche windows - fonctionnement excessif
- pc qui plante total ? virus ?
- virus pc à cause d'une clé usb infecté
- Anti-mal/spyware gratuit
- Aide pour réinstaller Windows 7
- Virus mise à jour et pub
Marsh Posté le 18-05-2014 à 15:03:12
Bonjour à tous et d'avance un gros merci pour l'aide toujours aussi efficace de la communauté!
Mon padre a du chopper un bon gros virus puisque son ordinateur à sévèrement ralentis ces derniers jours... (Windows 7)
Etant à distance il m'est assez difficile de régler le problème, mais je lui ai fait faire un scan système par Avira Antivirus dont j'aimerais que vous m'aidiez à déchiffrer le rapport ci-dessous parceque mes connaissances s'arretent là... et du coup si vous pouviez m'indiquer une quelconque marche à suivre pour regler le problème... ca serait vraiment top!
Encore merci d'avance!
Clément
Avira Free Antivirus
Report file date: mercredi 14 mai 2014 14:08
Scanning for 6827516 virus strains and unwanted programs.
The program is running as an unrestricted full version.
Online services are available.
Licensee : Avira AntiVir Personal - Free Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows 7 Home Premium
Windows version : (Service Pack 1) [6.1.7601]
Boot mode : Normally booted
Username : Système
Computer name : JEANMICHEL-PC
Version information:
BUILD.DAT : 12.1.9.2500 41420 Bytes 24/06/2013 23:14:00
AVSCAN.EXE : 12.3.0.48 468256 Bytes 15/11/2012 08:00:37
AVSCAN.DLL : 12.3.0.15 54736 Bytes 02/05/2012 13:31:39
LUKE.DLL : 12.3.0.15 68304 Bytes 01/05/2012 23:31:47
AVSCPLR.DLL : 12.3.0.14 97032 Bytes 01/05/2012 22:13:36
AVREG.DLL : 12.3.0.17 232200 Bytes 05/07/2012 10:20:50
VBASE000.VDF : 7.11.70.0 66736640 Bytes 04/04/2013 14:13:11
VBASE001.VDF : 7.11.74.226 2201600 Bytes 30/04/2013 13:51:43
VBASE002.VDF : 7.11.80.60 2751488 Bytes 28/05/2013 15:50:12
VBASE003.VDF : 7.11.85.214 2162688 Bytes 21/06/2013 07:39:15
VBASE004.VDF : 7.11.91.176 3903488 Bytes 23/07/2013 13:16:13
VBASE005.VDF : 7.11.98.186 6822912 Bytes 29/08/2013 06:34:31
VBASE006.VDF : 7.11.139.38 15708672 Bytes 27/03/2014 14:09:23
VBASE007.VDF : 7.11.145.136 2117120 Bytes 28/04/2014 15:30:08
VBASE008.VDF : 7.11.145.137 2048 Bytes 28/04/2014 15:30:08
VBASE009.VDF : 7.11.145.138 2048 Bytes 28/04/2014 15:30:08
VBASE010.VDF : 7.11.145.139 2048 Bytes 28/04/2014 15:30:08
VBASE011.VDF : 7.11.145.140 2048 Bytes 28/04/2014 15:30:08
VBASE012.VDF : 7.11.145.141 2048 Bytes 28/04/2014 15:30:08
VBASE013.VDF : 7.11.146.20 166912 Bytes 29/04/2014 16:42:36
VBASE014.VDF : 7.11.146.131 194048 Bytes 01/05/2014 07:54:02
VBASE015.VDF : 7.11.146.243 167936 Bytes 03/05/2014 13:17:54
VBASE016.VDF : 7.11.147.97 122368 Bytes 05/05/2014 13:17:53
VBASE017.VDF : 7.11.147.207 169472 Bytes 06/05/2014 08:50:55
VBASE018.VDF : 7.11.148.61 174080 Bytes 08/05/2014 08:52:24
VBASE019.VDF : 7.11.148.149 257024 Bytes 09/05/2014 13:09:41
VBASE020.VDF : 7.11.148.241 135168 Bytes 12/05/2014 16:42:50
VBASE021.VDF : 7.11.149.61 139264 Bytes 13/05/2014 21:50:18
VBASE022.VDF : 7.11.149.62 2048 Bytes 13/05/2014 21:50:18
VBASE023.VDF : 7.11.149.63 2048 Bytes 13/05/2014 21:50:18
VBASE024.VDF : 7.11.149.64 2048 Bytes 13/05/2014 21:50:18
VBASE025.VDF : 7.11.149.65 2048 Bytes 13/05/2014 21:50:19
VBASE026.VDF : 7.11.149.66 2048 Bytes 13/05/2014 21:50:19
VBASE027.VDF : 7.11.149.67 2048 Bytes 13/05/2014 21:50:19
VBASE028.VDF : 7.11.149.68 2048 Bytes 13/05/2014 21:50:19
VBASE029.VDF : 7.11.149.69 2048 Bytes 13/05/2014 21:50:19
VBASE030.VDF : 7.11.149.70 2048 Bytes 13/05/2014 21:50:19
VBASE031.VDF : 7.11.149.120 192512 Bytes 13/05/2014 21:50:53
Engine version : 8.3.18.20
AEVDF.DLL : 8.3.0.4 118976 Bytes 21/03/2014 13:56:24
AESCRIPT.DLL : 8.1.4.202 528584 Bytes 09/05/2014 08:52:28
AESCN.DLL : 8.3.0.2 135360 Bytes 21/03/2014 13:56:23
AESBX.DLL : 8.2.20.24 1409224 Bytes 09/05/2014 08:52:29
AERDL.DLL : 8.2.0.138 704888 Bytes 02/12/2013 15:30:46
AEPACK.DLL : 8.4.0.24 778440 Bytes 13/05/2014 21:51:34
AEOFFICE.DLL : 8.3.0.4 205000 Bytes 18/04/2014 12:44:03
AEHEUR.DLL : 8.1.4.1054 6697160 Bytes 09/05/2014 08:52:28
AEHELP.DLL : 8.3.0.0 274808 Bytes 12/03/2014 07:56:21
AEGEN.DLL : 8.1.7.26 450752 Bytes 18/04/2014 12:44:03
AEEXP.DLL : 8.4.1.312 569544 Bytes 01/05/2014 07:08:41
AEEMU.DLL : 8.1.3.2 393587 Bytes 20/07/2012 14:35:55
AECORE.DLL : 8.3.0.6 241864 Bytes 19/03/2014 13:27:28
AEBB.DLL : 8.1.1.4 53619 Bytes 05/11/2012 16:43:05
AVWINLL.DLL : 12.3.0.15 27344 Bytes 01/05/2012 22:59:21
AVPREF.DLL : 12.3.0.32 50720 Bytes 15/11/2012 08:00:37
AVREP.DLL : 12.3.0.15 179208 Bytes 01/05/2012 22:13:35
AVARKT.DLL : 12.3.0.33 209696 Bytes 15/11/2012 08:00:36
AVEVTLOG.DLL : 12.3.0.15 169168 Bytes 01/05/2012 22:28:49
SQLITE3.DLL : 3.7.0.1 398288 Bytes 16/04/2012 21:11:02
AVSMTP.DLL : 12.3.0.32 63480 Bytes 31/07/2012 09:19:05
NETNT.DLL : 12.3.0.15 17104 Bytes 01/05/2012 23:33:29
RCIMAGE.DLL : 12.3.0.31 4445944 Bytes 31/07/2012 09:18:57
RCTEXT.DLL : 12.3.0.32 97056 Bytes 15/11/2012 08:00:34
Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: C:\program files (x86)\avira\antivir desktop\sysscan.avp
Logging.............................: default
Primary action......................: Interactive
Secondary action....................: Ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:, D:,
Process scan........................: on
Extended process scan...............: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: extended
Start of the scan: mercredi 14 mai 2014 14:08
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!
Starting search for hidden objects.
HKEY_USERS\S-1-5-21-2290406132-3904796435-910176848-1000\Software\Avira\AntiVir Desktop\profDataStr
[NOTE] The registry entry is invisible.
Hidden driver
[NOTE] A memory modification has been detected, which could potentially be used to hide file access attempts.
The scan of running processes will be started
Scan process 'hpqgpc01.exe' - '57' Module(s) have been scanned
Scan process 'hpqbam08.exe' - '30' Module(s) have been scanned
Scan process 'hpqSTE08.exe' - '61' Module(s) have been scanned
Scan process 'avscan.exe' - '93' Module(s) have been scanned
Scan process 'avcenter.exe' - '86' Module(s) have been scanned
Scan process 'WDC.exe' - '29' Module(s) have been scanned
Scan process 'KBFiltr.exe' - '18' Module(s) have been scanned
Scan process 'ATKOSD.exe' - '18' Module(s) have been scanned
Scan process 'avgnt.exe' - '89' Module(s) have been scanned
Scan process 'hpwuschd2.exe' - '20' Module(s) have been scanned
Scan process 'DMedia.exe' - '19' Module(s) have been scanned
Scan process 'ATKOSD2.exe' - '25' Module(s) have been scanned
Scan process 'HControlUser.exe' - '18' Module(s) have been scanned
Scan process 'CLMLSvc.exe' - '36' Module(s) have been scanned
Scan process 'ALU.exe' - '56' Module(s) have been scanned
Scan process 'wcourier.exe' - '35' Module(s) have been scanned
Scan process 'AsScrPro.exe' - '32' Module(s) have been scanned
Scan process 'hpqtra08.exe' - '76' Module(s) have been scanned
Scan process 'DTLite.exe' - '36' Module(s) have been scanned
Scan process 'Atouch64.exe' - '26' Module(s) have been scanned
Scan process 'svchost.exe' - '46' Module(s) have been scanned
Scan process 'avguard.exe' - '62' Module(s) have been scanned
Scan process 'HControl.exe' - '45' Module(s) have been scanned
Scan process 'sched.exe' - '42' Module(s) have been scanned
Scan process 'GFNEXSrv.exe' - '16' Module(s) have been scanned
Scan process 'ASLDRSrv.exe' - '21' Module(s) have been scanned
Starting to scan executable files (registry).
C:\Windows\Sysnative\drivers\sptd.sys
[WARNING] The file could not be opened!
The registry was scanned ( '1815' files ).
Starting the file scan:
Begin scan in 'C:\' <OS>
C:\Users\jean michel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\J6JI92OO\Being.Entitle2[1].htm
[0] Archive type: SWC
--> Object
[DETECTION] Contains recognition pattern of the EXP/FLASH.Nebefy.Gen exploit
C:\Users\jean michel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\J6JI92OO\Chorus2[1].htm
[0] Archive type: SWC
--> Object
[DETECTION] Contains recognition pattern of the EXP/FLASH.Nebefy.Gen exploit
C:\Users\jean michel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\J6JI92OO\Disarm-Printer[1].htm
[DETECTION] Contains recognition pattern of the EXP/CVE-2011-3402.C exploit
C:\Users\jean michel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\J6JI92OO\Lame_Eventual2[1].htm
[0] Archive type: SWC
--> Object
[DETECTION] Contains recognition pattern of the EXP/FLASH.Nebefy.Gen exploit
C:\Users\jean michel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\J6JI92OO\Lame_Eventual2[2].htm
[0] Archive type: SWC
--> Object
[DETECTION] Contains recognition pattern of the EXP/FLASH.Nebefy.Gen exploit
C:\Users\jean michel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\J6JI92OO\regular[1].htm
[DETECTION] Contains recognition pattern of the EXP/JS.Expack.DX exploit
C:\Users\jean michel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\J6JI92OO\SLEEVE[1].htm
[DETECTION] Contains recognition pattern of the EXP/JS.Expack.DX exploit
C:\Users\jean michel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\J6JI92OO\SLEEVE[2].htm
[DETECTION] Contains recognition pattern of the EXP/JS.Expack.DX exploit
C:\Users\jean michel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\J6JI92OO\YNL[1].pdf
[0] Archive type: PDF
--> pdf_form_2.avp
[DETECTION] Contains recognition pattern of the EXP/Pdfka.EL.835 exploit
Begin scan in 'D:\' <DATA>
Beginning disinfection:
C:\Users\jean michel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\J6JI92OO\YNL[1].pdf
[DETECTION] Contains recognition pattern of the EXP/Pdfka.EL.835 exploit
[NOTE] The file was moved to the quarantine directory under the name '56ebb839.qua'.
C:\Users\jean michel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\J6JI92OO\SLEEVE[2].htm
[DETECTION] Contains recognition pattern of the EXP/JS.Expack.DX exploit
[NOTE] The file was moved to the quarantine directory under the name '4e05979c.qua'.
C:\Users\jean michel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\J6JI92OO\SLEEVE[1].htm
[DETECTION] Contains recognition pattern of the EXP/JS.Expack.DX exploit
[NOTE] The file was moved to the quarantine directory under the name '1c5acd74.qua'.
C:\Users\jean michel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\J6JI92OO\regular[1].htm
[DETECTION] Contains recognition pattern of the EXP/JS.Expack.DX exploit
[NOTE] The file was moved to the quarantine directory under the name '7a0b82cf.qua'.
C:\Users\jean michel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\J6JI92OO\Lame_Eventual2[2].htm
[DETECTION] Contains recognition pattern of the EXP/FLASH.Nebefy.Gen exploit
[NOTE] The file was moved to the quarantine directory under the name '3fb1affd.qua'.
C:\Users\jean michel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\J6JI92OO\Lame_Eventual2[1].htm
[DETECTION] Contains recognition pattern of the EXP/FLASH.Nebefy.Gen exploit
[NOTE] The file was moved to the quarantine directory under the name '40aa9d9c.qua'.
C:\Users\jean michel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\J6JI92OO\Disarm-Printer[1].htm
[DETECTION] Contains recognition pattern of the EXP/CVE-2011-3402.C exploit
[NOTE] The file was moved to the quarantine directory under the name '0c18b1de.qua'.
C:\Users\jean michel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\J6JI92OO\Chorus2[1].htm
[DETECTION] Contains recognition pattern of the EXP/FLASH.Nebefy.Gen exploit
[NOTE] The file was moved to the quarantine directory under the name '700cf18f.qua'.
C:\Users\jean michel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\J6JI92OO\Being.Entitle2[1].htm
[DETECTION] Contains recognition pattern of the EXP/FLASH.Nebefy.Gen exploit
[NOTE] The file was moved to the quarantine directory under the name '5d6cdec4.qua'.
End of the scan: vendredi 16 mai 2014 15:45
Used time: 49:28:05 Hour(s)
The scan has been done completely.
33300 Scanned directories
937181 Files were scanned
9 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 Files were deleted
0 Viruses and unwanted programs were repaired
9 Files were moved to quarantine
0 Files were renamed
1 Files cannot be scanned
937171 Files not concerned
10694 Archives were scanned
1 Warnings
11 Notes
607265 Objects were scanned with rootkit scan
2 Hidden objects were found