Sujet Précédent Sujet Suivant

AERTE VIRUS

Fermé
Utilisateur anonyme -  
 Utilisateur anonyme -
Bonjour,

j'aiur mon PC Antivir et Avast tous deux mis à jour quotidiennement et manuellement.

voici un rapport de Antivir: 



Avira AntiVir Personal
Report file date: mardi 29 juillet 2008  11:28

Scanning for 1516553 virus strains and unwanted programs.

Licensed to:      Avira AntiVir PersonalEdition Classic
Serial number:    0000149996-ADJIE-0001
Platform:         Windows XP
Windows version:  (Service Pack 2)  [5.1.2600]
Boot mode:        Normally booted
Username:         SYSTEM
Computer name:    ALEX-OLC7JBQRUP

Version information:
BUILD.DAT     : 8.1.00.295      16479 Bytes  09/04/2008 16:24:00
AVSCAN.EXE    : 8.1.2.12       311553 Bytes  18/03/2008 09:02:56
AVSCAN.DLL    : 8.1.1.0         53505 Bytes  07/02/2008 08:43:37
LUKE.DLL      : 8.1.2.9        151809 Bytes  28/02/2008 08:41:23
LUKERES.DLL   : 8.1.2.1         12033 Bytes  21/02/2008 08:28:40
ANTIVIR0.VDF  : 6.40.0.0     11030528 Bytes  18/07/2007 10:33:34
ANTIVIR1.VDF  : 7.0.5.1       8182784 Bytes  24/06/2008 18:01:17
ANTIVIR2.VDF  : 7.0.5.174     2027008 Bytes  25/07/2008 18:01:30
ANTIVIR3.VDF  : 7.0.5.182       95744 Bytes  28/07/2008 18:01:31
Engineversion : 8.1.1.12  
AEVDF.DLL     : 8.1.0.5        102772 Bytes  25/02/2008 09:58:21
AESCRIPT.DLL  : 8.1.0.59       307579 Bytes  28/07/2008 18:01:47
AESCN.DLL     : 8.1.0.23       119156 Bytes  28/07/2008 18:01:46
AERDL.DLL     : 8.1.0.20       418165 Bytes  28/07/2008 18:01:45
AEPACK.DLL    : 8.1.2.1        364917 Bytes  28/07/2008 18:01:43
AEOFFICE.DLL  : 8.1.0.21       192891 Bytes  28/07/2008 18:01:41
AEHEUR.DLL    : 8.1.0.44      1343863 Bytes  28/07/2008 18:01:40
AEHELP.DLL    : 8.1.0.15       115063 Bytes  28/07/2008 18:01:36
AEGEN.DLL     : 8.1.0.31       311669 Bytes  28/07/2008 18:01:35
AEEMU.DLL     : 8.1.0.6        430451 Bytes  28/07/2008 18:01:34
AECORE.DLL    : 8.1.1.7        172406 Bytes  28/07/2008 18:01:33
AEBB.DLL      : 8.1.0.1         53617 Bytes  28/07/2008 18:01:32
AVWINLL.DLL   : 1.0.0.7         14593 Bytes  23/01/2008 17:07:53
AVPREF.DLL    : 8.0.0.1         25857 Bytes  18/02/2008 10:37:50
AVREP.DLL     : 8.0.0.2         98561 Bytes  28/07/2008 18:01:32
AVREG.DLL     : 8.0.0.0         30977 Bytes  23/01/2008 17:07:49
AVARKT.DLL    : 1.0.0.23       307457 Bytes  12/02/2008 08:29:23
AVEVTLOG.DLL  : 8.0.0.11       114945 Bytes  28/02/2008 08:31:31
SQLITE3.DLL   : 3.3.17.1       339968 Bytes  22/01/2008 17:28:02
SMTPLIB.DLL   : 1.2.0.19        28929 Bytes  23/01/2008 17:08:39
NETNT.DLL     : 8.0.0.1          7937 Bytes  25/01/2008 12:05:10
RCIMAGE.DLL   : 8.0.0.35      2371841 Bytes  10/03/2008 14:37:25
RCTEXT.DLL    : 8.0.32.0        86273 Bytes  06/03/2008 12:02:11

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, 
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: mardi 29 juillet 2008  11:28

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'ObjectDock.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'wscntfy.exe' - '1' Module(s) have been scanned
Scan process 'ashWebSv.exe' - '1' Module(s) have been scanned
Scan process 'ashMaiSv.exe' - '1' Module(s) have been scanned
Scan process 'searchindexer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'ashServ.exe' - '1' Module(s) have been scanned
Scan process 'aswUpdSv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
30 processes with 30 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
      [INFO]      No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
      [INFO]      No virus was found!

Starting to scan the registry.
The registry was scanned ( '23' files ).


Starting the file scan:

Begin scan in 'C:\'
C:\pagefile.sys
      [WARNING]   The file could not be opened!
C:\WINDOWS\system32\khfEvTno.VIR
      [DETECTION] Is the Trojan horse TR/Vundo.Gen
      [NOTE]      A backup was created as '48f4ee69.qua'  ( QUARANTINE )
      [WARNING]   The file could not be deleted!
C:\WINDOWS\system32\drivers\sptd.sys
      [WARNING]   The file could not be opened!


End of the scan: mardi 29 juillet 2008  12:18
Used time: 50:53 min

The scan has been done completely.

   8202 Scanning directories
 255193 Files were scanned
      1 viruses and/or unwanted programs were found
      0 Files were classified as suspicious:
      0 files were deleted
      0 files were repaired
      1 files were moved to quarantine
      0 files were renamed
      2 Files cannot be scanned
 255192 Files not concerned
   3364 Archives were scanned
      3 Warnings
      1 Notes


Le problème vient du faite que tous les fichiers suspicieux son mis dans la zone de quarantaine mais je ne sais pas oùelle se trouve et de plus il ne supprime pas comme demandé ces fichiers virus.

Quand je tape n'importe quel mot sur google il me renvoie sur des sites à caractère pornographique ou des sites de demande d'argent tel que https://www.partypoker.fr/

Comment faire pour supprimer une bonne fois pour toute tous les fichiers de la zone quarantaine et savoir où ils sont?
A voir également:

6 réponses

Réponse 1 / 6
chefpunky Messages postés 676 Statut Membre 31
 
Pour commencer il ne faut jamais 2 antivirus

desinstalle Avast! avec le maniere suivante:

1. Téléchargez aswClear.exe(http://files.avast.com/files/eng/aswclear.exe sur votre bureau
2. Désactivez le système d’autoprotection avast!
3. Exécutez l'utilitaire téléchargé
4. Si vous avez installé avast dans un dossier différent de celui par défaut retrouvez le en parcourrant votre disque avec le bouton "...". (Note: Faites attention! Le contenu de tout dossier que vous choisirez sera supprimé!)
5. Cliquez sur Uninstall
6. Redémarrez votre ordinateur

ensuite telecharge MBAM:
http://www.commentcamarche.net/telecharger/telechargement 34055379 malwarebyte s anti malware

1.1 met le a jour

1.2 fais une recherche COMPLETE

1.3 nettoi toute les infections

1.4 poste le rapport ici
0
Utilisateur anonyme
 
Désolé mais le premier lien ne fonctionne pas ... que faire ;)
0
Réponse 2 / 6
chefpunky Messages postés 676 Statut Membre 31
 
https://www.avast.com/fr-fr/uninstall-utility va dessus il ya l' explication.
0
Réponse 3 / 6
Utilisateur anonyme
 
Où se situe le lien dans le logiciel pour afficher le rapport ?

pour l'instant il a trouvé 17 fichiers infectés
0
Réponse 4 / 6
chefpunky Messages postés 676 Statut Membre 31
 
il se trouve a la fin du scan MBAM en bas a droite tu peux voir les detail du scan tu nettoi tous et il va t' ouvrir une fenetre avec le rapport.
0
Utilisateur anonyme
 
bien, le check complet est en cours donc le rapport devrai normalement suivre ... :D

au fait j'ai oublié une chose importante à mes yeux : je te remercie beaucoup mon ami
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 6
chefpunky Messages postés 676 Statut Membre 31
 
De rien.
0
Réponse 6 / 6
Utilisateur anonyme
 
Malwarebytes' Anti-Malware 1.23
Version de la base de données: 1006
Windows 5.1.2600 Service Pack 2

13:25:09 29/07/2008
mbam-log-7-29-2008 (13-25-09).txt

Type de recherche: Examen complet (A:\|C:\|D:\|E:\|F:\|)
Eléments examinés: 110312
Temps écoulé: 39 minute(s), 12 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 3
Clé(s) du Registre infectée(s): 15
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 2
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 15

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
C:\WINDOWS\system32\jrcmmasi.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\ljJYQHwX.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\dokkbb.dll (Trojan.Vundo) -> Delete on reboot.

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0d50ba9a-4771-4b11-8da3-5b88885a4185} (Trojan.Vundo) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{0d50ba9a-4771-4b11-8da3-5b88885a4185} (Trojan.Vundo) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8c0bc8c0-52cf-4069-ba73-437a8ab9d428} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8c0bc8c0-52cf-4069-ba73-437a8ab9d428} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{4937d5d1-2039-409a-bd83-fec9b39b2356} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{caf9d798-c659-4b9b-8e19-ee27c3d04ee7} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{15c7d7ad-a87a-4c0d-9d8b-637fcd3488ef} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\bhonew.bho (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\bhonew.bho.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{76086c05-4d0a-4b92-9219-2e3fe8c553f9} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Trojan.Vundo) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\58fb94d3 (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\bm5bc8a74f (Trojan.Agent) -> Delete on reboot.

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo) -> Data: c:\windows\system32\ljjyqhwx -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\ljjyqhwx -> Delete on reboot.

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\WINDOWS\system32\ljJYQHwX.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\XwHQYJjl.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\XwHQYJjl.ini2 (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dokkbb.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\cxdlwjde.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\edjwldxc.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jrcmmasi.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\isammcrj.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Alex\Mes documents\My Received Files\Piano Virtuel.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Piano_virtuel\Uninstall.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\diaaptnh.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\cookies.ini (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\deipxxvf.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\BM5bc8a74f.xml (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\BM5bc8a74f.txt (Trojan.Vundo) -> Quarantined and deleted successfully.
0

Discussions similaires

Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
virus Artemis!
mabiche37 -
Malekal_morte- -

14 réponses
Désinstaller Softonic
Diguimette -
lilidurhone -

5 réponses
Message Apple virus !!
Souclik67 -
MPMP10 -

3 réponses