monsieur.
Messages postés25Date d'inscriptionmercredi 11 juillet 2007StatutMembreDernière intervention20 janvier 2008
-
18 déc. 2007 à 07:10
Utilisateur anonyme -
18 déc. 2007 à 08:13
Bonjour tout le monde,
J'ai un souci avec mon anti-virus Avira, ou souvent a chaque scanning il me sort des "bouquets" de virus que je me en quarantaine sans savoir les traiter de suite.
Je veux savoir si effectivement il y'a des infections ou ce n'est qu'une formule de "marketing" pour me faire incliner vers l'option payante qui est plus efficace.
Comment l'infection touche en general qu'un seul fichier de la forme suivante :
Tous les "virus" que j'ai mis en quarantaine qui sont en nombre de 106 files infectes, ne peuvent t'ils pas nuire a ma machine ? sinon comment les traiter ?
veuillez m'expliquer cette prose du rapport de scanning d'aujourd'hui (mentionnee en Thai)
AntiVir PersonalEdition Classic
Report file date: 18 decembre 2007 12:00
Scanning for 974683 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: SYSTEM
Computer name: WIN06V5
Configuration settings for the scan:
Jobname..........................: Local Hard Disks
Configuration file...............: C:\Program Files\Avira\AntiVir PersonalEdition Classic\alldiscs.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: E:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: 18 ธันวาคม 2550 12:00
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'ACDSeeQV.exe' - '1' Module(s) have been scanned
Scan process 'firefox.exe' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'wscntfy.exe' - '1' Module(s) have been scanned
Scan process 'ServiceLayer.exe' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'RichVideo.exe' - '1' Module(s) have been scanned
Scan process 'NVSVC32.EXE' - '1' Module(s) have been scanned
Scan process 'NMSAccessU.exe' - '1' Module(s) have been scanned
Scan process 'MDM.EXE' - '1' Module(s) have been scanned
Scan process 'Orb.exe' - '1' Module(s) have been scanned
Scan process 'LSSrvc.exe' - '1' Module(s) have been scanned
Scan process 'InCDsrv.exe' - '1' Module(s) have been scanned
Scan process 'IJPLMSVC.EXE' - '1' Module(s) have been scanned
Scan process 'GoogleUpdater.exe' - '1' Module(s) have been scanned
Scan process 'GoogleUpdaterService.exe' - '1' Module(s) have been scanned
Scan process 'SCHED.EXE' - '1' Module(s) have been scanned
Scan process 'TeaTimer.exe' - '1' Module(s) have been scanned
Scan process 'OrbTray.exe' - '1' Module(s) have been scanned
Scan process 'CTFMON.EXE' - '1' Module(s) have been scanned
Scan process 'realsched.exe' - '1' Module(s) have been scanned
Scan process 'WINAMPA.EXE' - '1' Module(s) have been scanned
Scan process 'InCD.exe' - '1' Module(s) have been scanned
Scan process 'NBHGui.exe' - '1' Module(s) have been scanned
Scan process 'AVGNT.EXE' - '1' Module(s) have been scanned
Scan process 'PDVDServ.exe' - '1' Module(s) have been scanned
Scan process 'VM305_STI.EXE' - '1' Module(s) have been scanned
Scan process 'JUSCHED.EXE' - '1' Module(s) have been scanned
Scan process 'RTHDCPL.EXE' - '1' Module(s) have been scanned
Scan process 'UnlockerAssistant.exe' - '1' Module(s) have been scanned
Scan process 'EXPLORER.EXE' - '1' Module(s) have been scanned
Scan process 'AVGUARD.EXE' - '1' Module(s) have been scanned
Scan process 'SPOOLSV.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'LSASS.EXE' - '1' Module(s) have been scanned
Scan process 'SERVICES.EXE' - '1' Module(s) have been scanned
Scan process 'WINLOGON.EXE' - '1' Module(s) have been scanned
Scan process 'CSRSS.EXE' - '1' Module(s) have been scanned
Scan process 'SMSS.EXE' - '1' Module(s) have been scanned
45 processes with 45 modules were scanned
Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Boot sector 'D:\'
[NOTE] No virus was found!
Boot sector 'E:\'
[NOTE] No virus was found!
Starting to scan the registry.
The registry was scanned ( '29' files ).
Starting the file scan:
Begin scan in 'C:\' <DISK2_VOL1>
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\WINDOWS\system32\drivers\sptd.sys
[WARNING] The file could not be opened!
C:\Documents and Settings\test\My Documents\islam\livre\chia\algadeer\algadeer\่ขŸ Ÿ้ไง๏ฉ • ้้ใ•••้Ÿ๊ก Ÿ้ฌ๏•••ฆ ใ งŸ้ฅซ๏๋ Ÿ้š๊๏๋๏.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[INFO] The file was moved to '480662f8.qua'!
C:\Program Files\NtreevSoft\Pangya_Th\PangFBI.exe
[DETECTION] Is the Trojan horse TR/Agent.AUM
[INFO] The file was moved to '47d55b47.qua'!
C:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP107\A0062074.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[INFO] The file was moved to '47975bb3.qua'!
C:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP163\A0096462.exe
[DETECTION] Is the Trojan horse TR/Agent.AUM
[INFO] The file was moved to '47975bb5.qua'!
C:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP160\A0095265.exe
[DETECTION] Is the Trojan horse TR/Agent.AUM
[INFO] The file was moved to '47975bb6.qua'!
C:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP152\A0091983.exe
[DETECTION] Is the Trojan horse TR/Agent.AUM
[INFO] The file was moved to '47975bb8.qua'!
C:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP150\A0091771.exe
[DETECTION] Is the Trojan horse TR/Agent.AUM
[INFO] The file was moved to '47975bba.qua'!
C:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP148\A0091037.exe
[DETECTION] Is the Trojan horse TR/Agent.AUM
[INFO] The file was moved to '47975bbb.qua'!
C:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP146\A0088135.exe
[DETECTION] Is the Trojan horse TR/Agent.AUM
[INFO] The file was moved to '47975bbd.qua'!
C:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP141\A0085796.exe
[DETECTION] Is the Trojan horse TR/Agent.AUM
[INFO] The file was moved to '47975bbe.qua'!
C:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP141\A0085770.exe
[DETECTION] Is the Trojan horse TR/Agent.AUM
[INFO] The file was moved to '47975bc0.qua'!
C:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP139\A0084678.exe
[DETECTION] Is the Trojan horse TR/Agent.AUM
[INFO] The file was moved to '47975bc5.qua'!
C:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP138\A0083589.exe
[DETECTION] Is the Trojan horse TR/Agent.AUM
[INFO] The file was moved to '47975bcf.qua'!
C:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP212\A0108731.exe
[DETECTION] Is the Trojan horse TR/Agent.AUM
[INFO] The file was moved to '47985bd6.qua'!
C:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP226\A0112407.exe
[DETECTION] Is the Trojan horse TR/Agent.AUM
[INFO] The file was moved to '47985bec.qua'!
Begin scan in 'D:\' <DISK2_VOL2>
D:\System Volume Information\_restore{8E006B94-8C10-4691-9057-8B804B001E28}\RP150\A0091851.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[INFO] The file was moved to '47975c01.qua'!
Begin scan in 'E:\' <DISK2_VOL3>
End of the scan: 18 decemnbre 2007 12:34
Used time: 34:11 min
The scan has been done completely.
5633 Scanning directories
246054 Files were scanned
16 viruses and/or unwanted programs were found 0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
16 files were moved to quarantine
0 files were renamed
3 Files cannot be scanned
246038 Files not concerned
2034 Archives were scanned
3 Warnings
0 Notes
Bonjour
cliquez avec le bouton droit de la souris sur l'icône du Poste de travail et, dans le menu contextuel qui s'affiche, cliquez sur Propriétés.
Dans la fenêtre qui suit, sélectionnez l'onglet Restauration du système et cochez la case Désactiver la Restauration du système sur tous les lecteurs. Cliquez sur OK et, lorsqu'un message vous le demande, confirmez la désactivation.
La réactiver ensuite (5 mn après).
monsieur.
Messages postés25Date d'inscriptionmercredi 11 juillet 2007StatutMembreDernière intervention20 janvier 20083 18 déc. 2007 à 08:04
Bonjour, Je m'exuse mais je n'ai compris l'utilite de l'operation que vous etiez gentil de me suggerer. Merci de votre comprehension, je suis un analphabete du binaire.
monsieur.
Messages postés25Date d'inscriptionmercredi 11 juillet 2007StatutMembreDernière intervention20 janvier 20083 18 déc. 2007 à 08:01
bonjour, Je m'exuse mais je n'ai compris l'utilite de l'operation que vous etiez gentil de me suggerer. Merci de votre comprehension, je suis un analphabete du binaire.
Le but c'est de supprimer les dossiers "RP1, RP2, RP3, etc" qui sont dans le dossier système "System Volume Information" qui se trouve à la racine du lesteur, et dans lesquels se trouvent (entre autres) les fichiers mis en quarantaine par l'anti-virus.
Sinon, l'autre solution consiste à purger la quarantaine dans l'anti-virus.
18 déc. 2007 à 08:04