oui c'est vrai que j'étais bien infecté...on a bien avancé quand même
Voilà mon rapport Antivir :
Avira AntiVir Personal
Report file date: jeudi 20 août 2009 17:22
Scanning for 1649952 virus strains and unwanted programs.
Licensed to: Avira AntiVir Personal - FREE Antivirus
Serial number: 0000149996-ADJIE-0000001
Platform: Windows XP
Windows version: (Service Pack 3) [5.1.2600]
Boot mode: Normally booted
Username: SYSTEM
Computer name: PC-EDDY
Version information:
BUILD.DAT : 8.2.0.353 17048 Bytes 15/05/2009 12:02:00
AVSCAN.EXE : 8.1.4.10 315649 Bytes 25/11/2008 14:51:09
AVSCAN.DLL : 8.1.4.0 40705 Bytes 26/05/2008 07:56:40
LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 12:44:19
LUKERES.DLL : 8.1.4.0 12033 Bytes 26/05/2008 07:58:52
ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 14:12:14
ANTIVIR1.VDF : 7.1.4.132 5707264 Bytes 24/06/2009 20:27:22
ANTIVIR2.VDF : 7.1.5.88 2668032 Bytes 10/08/2009 20:45:58
ANTIVIR3.VDF : 7.1.5.142 435712 Bytes 20/08/2009 15:21:29
Engineversion : 8.2.1.3
AEVDF.DLL : 8.1.1.1 106868 Bytes 30/04/2009 21:25:44
AEscript.DLL : 8.1.2.25 459130 Bytes 12/08/2009 20:48:19
AESCN.DLL : 8.1.2.4 127348 Bytes 22/07/2009 20:41:30
AERDL.DLL : 8.1.2.4 430452 Bytes 14/07/2009 18:17:42
AEPACK.DLL : 8.1.3.18 401783 Bytes 27/05/2009 19:34:04
AEOFFICE.DLL : 8.1.0.38 196987 Bytes 17/06/2009 19:29:41
AEHEUR.DLL : 8.1.0.155 1921400 Bytes 18/08/2009 20:50:05
AEHELP.DLL : 8.1.6.0 233846 Bytes 18/08/2009 20:49:21
AEGEN.DLL : 8.1.1.57 356725 Bytes 18/08/2009 20:49:17
AEEMU.DLL : 8.1.0.9 393588 Bytes 16/10/2008 08:49:15
AECORE.DLL : 8.1.7.6 184694 Bytes 22/07/2009 20:41:27
AEBB.DLL : 8.1.0.3 53618 Bytes 16/10/2008 08:49:12
AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 08:40:05
AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 09:28:01
AVREP.DLL : 8.0.0.3 155688 Bytes 21/04/2009 12:49:51
AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 11:26:40
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 12:27:49
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 12:49:40
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 12/06/2008 13:48:07
RCTEXT.DLL : 8.0.52.0 86273 Bytes 27/06/2008 13:34:37
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, D:, E:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Deviating archive types..........: +BSD Mailbox, +Netscape/Mozilla Mailbox, +Eudora Mailbox, +Squid cache, +Pegasus Mailbox, +MS Outlook Mailbox,
Macro heuristic..................: on
File heuristic...................: medium
Deviating risk categories........: +GAME,+JOKE,+PCK,+SPR,
Start of the scan: jeudi 20 août 2009 17:22
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'iexplore.exe' - '1' Module(s) have been scanned
Scan process 'jucheck.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'iexplore.exe' - '1' Module(s) have been scanned
Scan process 'iexplore.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'usnsvc.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'KHALMNPR.exe' - '1' Module(s) have been scanned
Scan process 'SetPoint.exe' - '1' Module(s) have been scanned
Scan process 'daemon.exe' - '1' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'OxiTray.exe' - '1' Module(s) have been scanned
Scan process 'Oxigen.exe' - '1' Module(s) have been scanned
Scan process 'realsched.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'PnkBstrB.exe' - '1' Module(s) have been scanned
Scan process 'PnkBstrA.exe' - '1' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
Scan process 'jqs.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
40 processes with 40 modules were scanned
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!
Boot sector 'E:\'
[INFO] No virus was found!
Starting to scan the registry.
The registry was scanned ( '63' files ).
Starting the file scan:
Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Documents and Settings\Eddy\Bureau\SmitfraudFix.exe
[0] Archive type: RAR SFX (self extracting)
--> SmitfraudFix\Reboot.exe
[DETECTION] Contains recognition pattern of the SPR/Tool.Reboot.F program
--> SmitfraudFix\restart.exe
[DETECTION] Contains recognition pattern of the SPR/Tool.Hardoff.A program
[NOTE] The file was moved to '4af66b26.qua'!
C:\Qoobox\Quarantine\C\Documents and Settings\Eddy\msword98.exe.vir
[DETECTION] Is the TR/Dldr.Mutant.egj Trojan
[NOTE] The file was moved to '4b047123.qua'!
C:\Qoobox\Quarantine\C\WINDOWS\system32\braviax.exe.vir
[DETECTION] Is the TR/Dldr.FraudLoad.fgk Trojan
[NOTE] The file was moved to '4aee7125.qua'!
C:\Qoobox\Quarantine\C\WINDOWS\system32\msword98.exe.vir
[DETECTION] Is the TR/Dldr.Mutant.egj Trojan
[NOTE] The file was moved to '4b047128.qua'!
C:\System Volume Information\_restore{6525A892-EE4B-4A1D-B776-83048B7FB0FF}\RP528\A0062390.exe
[DETECTION] Is the TR/Fake.ids.11264 Trojan
[NOTE] The file was moved to '4abd70f6.qua'!
C:\System Volume Information\_restore{6525A892-EE4B-4A1D-B776-83048B7FB0FF}\RP528\A0062478.exe
[DETECTION] Is the TR/Fake.ids.11264 Trojan
[NOTE] The file was moved to '4abd70fa.qua'!
C:\System Volume Information\_restore{6525A892-EE4B-4A1D-B776-83048B7FB0FF}\RP528\A0062498.exe
[DETECTION] Is the TR/Fake.ids.11264 Trojan
[NOTE] The file was moved to '4abd70fc.qua'!
C:\System Volume Information\_restore{6525A892-EE4B-4A1D-B776-83048B7FB0FF}\RP530\A0062559.sys
[DETECTION] Is the TR/Rootkit.Gen Trojan
[NOTE] The file was moved to '4abd7100.qua'!
C:\System Volume Information\_restore{6525A892-EE4B-4A1D-B776-83048B7FB0FF}\RP530\A0062578.sys
[DETECTION] Contains recognition pattern of the SPR/Tool.Cutwail.L.7 program
[NOTE] The file was moved to '4abd7103.qua'!
C:\System Volume Information\_restore{6525A892-EE4B-4A1D-B776-83048B7FB0FF}\RP530\A0062579.sys
[DETECTION] Contains recognition pattern of the SPR/Tool.Cutwail.L.7 program
[NOTE] The file was moved to '4abd7104.qua'!
C:\System Volume Information\_restore{6525A892-EE4B-4A1D-B776-83048B7FB0FF}\RP531\A0062673.exe
[0] Archive type: RAR SFX (self extracting)
--> SmitfraudFix\Reboot.exe
[DETECTION] Contains recognition pattern of the SPR/Tool.Reboot.F program
--> SmitfraudFix\restart.exe
[DETECTION] Contains recognition pattern of the SPR/Tool.Hardoff.A program
[NOTE] The file was moved to '4abd7114.qua'!
C:\System Volume Information\_restore{6525A892-EE4B-4A1D-B776-83048B7FB0FF}\RP531\A0062788.exe
[DETECTION] Is the TR/Dldr.FraudLoad.fgk Trojan
[NOTE] The file was moved to '4abd7144.qua'!
C:\System Volume Information\_restore{6525A892-EE4B-4A1D-B776-83048B7FB0FF}\RP531\A0063685.exe
[DETECTION] Is the TR/Dldr.Mutant.egj Trojan
[NOTE] The file was moved to '4abd7169.qua'!
C:\System Volume Information\_restore{6525A892-EE4B-4A1D-B776-83048B7FB0FF}\RP531\A0063686.exe
[DETECTION] Is the TR/Dldr.Mutant.egj Trojan
[NOTE] The file was moved to '4abd716e.qua'!
C:\System Volume Information\_restore{6525A892-EE4B-4A1D-B776-83048B7FB0FF}\RP531\A0063848.exe
[0] Archive type: RAR SFX (self extracting)
--> SmitfraudFix\Reboot.exe
[DETECTION] Contains recognition pattern of the SPR/Tool.Reboot.F program
--> SmitfraudFix\restart.exe
[DETECTION] Contains recognition pattern of the SPR/Tool.Hardoff.A program
[NOTE] The file was moved to '4abd7198.qua'!
C:\WINDOWS\system32\drivers\sptd.sys
[WARNING] The file could not be opened!
Begin scan in 'D:\'
Begin scan in 'E:\'
End of the scan: jeudi 20 août 2009 18:53
Used time: 1:30:54 Hour(s)
The scan has been done completely.
6164 Scanning directories
465829 Files were scanned
18 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
15 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
465809 Files not concerned
2459 Archives were scanned
2 Warnings
15 Notes