Infection par Xor-encoded.A et autres... - Page 2

Précédent
  • 1
  • 2
  • 3
  1. mimille1978
     
    je te remercie pour ces nouveaux tuyaux, je crois qu'antivir n'a pas trouvé de virus, je n'a rien trouvé à supprimer :

    AntiVir PersonalEdition Classic
    Report file date: dimanche 7 septembre 2008 22:42

    Scanning for 835736 virus strains and unwanted programs.

    Licensed to: Avira AntiVir PersonalEdition Classic
    Serial number: 0000149996-ADJIE-0001
    Platform: Windows Vista
    Windows version: (plain) [6.0.6000]
    Username: SYSTEM
    Computer name: PC-DE-MARIE

    Version information:
    BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
    AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 12:16:29
    AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 11:23:51
    LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 14:32:47
    LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 11:35:20
    ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 13:27:15
    ANTIVIR1.VDF : 7.0.0.0 1640448 Bytes 13/09/2007 13:26:55
    ANTIVIR2.VDF : 7.0.0.1 2048 Bytes 13/09/2007 13:27:04
    ANTIVIR3.VDF : 7.0.0.2 2048 Bytes 13/09/2007 13:27:13
    AVEWIN32.DLL : 7.6.0.15 2806272 Bytes 17/09/2007 16:43:56
    AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 09:36:26
    AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 06:39:17
    AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 12:16:24
    AVPACK32.DLL : 7.3.0.15 360488 Bytes 03/08/2007 07:46:00
    AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 06:17:06
    AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 11:26:33
    AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 06:10:18
    NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 10:09:42
    RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 11:38:13
    RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 11:50:37
    SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 08:37:21

    Configuration settings for the scan:
    Jobname..........................: Complete system scan
    Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
    Logging..........................: low
    Primary action...................: interactive
    Secondary action.................: ignore
    Scan master boot sector..........: off
    Scan boot sector.................: on
    Boot sectors.....................: D:,
    Scan memory......................: on
    Process scan.....................: on
    Scan registry....................: on
    Search for rootkits..............: off
    Scan all files...................: Intelligent file selection
    Scan archives....................: on
    Recursion depth..................: 20
    Smart extensions.................: on
    Macro heuristic..................: on
    File heuristic...................: medium

    Start of the scan: dimanche 7 septembre 2008 22:42

    The scan of running processes will be started
    Scan process 'avscan.exe' - '1' Module(s) have been scanned
    Scan process 'avcenter.exe' - '1' Module(s) have been scanned
    Scan process 'avgnt.exe' - '1' Module(s) have been scanned
    Scan process 'avguard.exe' - '1' Module(s) have been scanned
    Scan process 'TrustedInstaller.exe' - '1' Module(s) have been scanned
    Scan process 'WMIADAP.exe' - '1' Module(s) have been scanned
    Scan process 'sched.exe' - '1' Module(s) have been scanned
    Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
    Scan process 'WmiPrvSE.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'VSSVC.exe' - '1' Module(s) have been scanned
    Scan process 'conime.exe' - '1' Module(s) have been scanned
    Scan process 'usnsvc.exe' - '1' Module(s) have been scanned
    Scan process 'NclRSSrv.exe' - '1' Module(s) have been scanned
    Scan process 'NclUSBSrv.exe' - '1' Module(s) have been scanned
    Scan process 'TosBtHSP.exe' - '1' Module(s) have been scanned
    Scan process 'ServiceLayer.exe' - '1' Module(s) have been scanned
    Scan process 'TosBtHid.exe' - '1' Module(s) have been scanned
    Scan process 'TosA2dp.exe' - '1' Module(s) have been scanned
    Scan process 'CCC.exe' - '1' Module(s) have been scanned
    Scan process 'iPodService.exe' - '1' Module(s) have been scanned
    Scan process 'TosBtMng.exe' - '1' Module(s) have been scanned
    Scan process 'ehmsas.exe' - '1' Module(s) have been scanned
    Scan process 'NMIndexingService.exe' - '1' Module(s) have been scanned
    Scan process 'wmpnetwk.exe' - '1' Module(s) have been scanned
    Scan process 'PCSuite.exe' - '1' Module(s) have been scanned
    Scan process 'emule.exe' - '1' Module(s) have been scanned
    Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned
    Scan process 'MOM.exe' - '1' Module(s) have been scanned
    Scan process 'ATKOSD.exe' - '1' Module(s) have been scanned
    Scan process 'ACEngSvr.exe' - '1' Module(s) have been scanned
    Scan process 'wmpnscfg.exe' - '1' Module(s) have been scanned
    Scan process 'ehtray.exe' - '1' Module(s) have been scanned
    Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
    Scan process 'sidebar.exe' - '1' Module(s) have been scanned
    Scan process 'iTunesHelper.exe' - '1' Module(s) have been scanned
    Scan process 'V0220Mon.exe' - '1' Module(s) have been scanned
    Scan process 'jusched.exe' - '1' Module(s) have been scanned
    Scan process 'WmiPrvSE.exe' - '1' Module(s) have been scanned
    Scan process 'BatteryLife.exe' - '1' Module(s) have been scanned
    Scan process 'ACMON.exe' - '1' Module(s) have been scanned
    Scan process 'wcourier.exe' - '1' Module(s) have been scanned
    Scan process 'ATKOSD2.exe' - '1' Module(s) have been scanned
    Scan process 'HControl.exe' - '1' Module(s) have been scanned
    Scan process 'winampa.exe' - '1' Module(s) have been scanned
    Scan process 'SynTPEnh.exe' - '1' Module(s) have been scanned
    Scan process 'RtHDVCpl.exe' - '1' Module(s) have been scanned
    Scan process 'InCD.exe' - '1' Module(s) have been scanned
    Scan process 'sm56hlpr.exe' - '1' Module(s) have been scanned
    Scan process 'ALU.exe' - '1' Module(s) have been scanned
    Scan process 'explorer.exe' - '1' Module(s) have been scanned
    Scan process 'taskeng.exe' - '1' Module(s) have been scanned
    Scan process 'dwm.exe' - '1' Module(s) have been scanned
    Scan process 'taskeng.exe' - '1' Module(s) have been scanned
    Scan process 'SearchIndexer.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'TosBtSrv.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'spmgr.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'LSSrvc.exe' - '1' Module(s) have been scanned
    Scan process 'InCDsrv.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'mDNSResponder.exe' - '1' Module(s) have been scanned
    Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
    Scan process 'ASLDRSrv.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'Ati2evxx.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'SLsvc.exe' - '1' Module(s) have been scanned
    Scan process 'audiodg.exe' - '0' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'Ati2evxx.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'winlogon.exe' - '1' Module(s) have been scanned
    Scan process 'lsm.exe' - '1' Module(s) have been scanned
    Scan process 'lsass.exe' - '1' Module(s) have been scanned
    Scan process 'services.exe' - '1' Module(s) have been scanned
    Scan process 'csrss.exe' - '1' Module(s) have been scanned
    Scan process 'wininit.exe' - '1' Module(s) have been scanned
    Scan process 'csrss.exe' - '1' Module(s) have been scanned
    Scan process 'smss.exe' - '1' Module(s) have been scanned
    87 processes with 87 modules were scanned

    Start scanning boot sectors:
    Boot sector 'C:\'
    [NOTE] No virus was found!
    Boot sector 'D:\'
    [NOTE] No virus was found!

    Starting to scan the registry.
    The registry was scanned ( '14' files ).

    Starting the file scan:

    Begin scan in 'C:\' <VistaOS>
    C:\hiberfil.sys
    [WARNING] The file could not be opened!
    C:\pagefile.sys
    [WARNING] The file could not be opened!
    Begin scan in 'D:\' <DATA>

    End of the scan: dimanche 7 septembre 2008 23:35
    Used time: 53:07 min

    The scan has been done completely.

    17226 Scanning directories
    213573 Files were scanned
    0 viruses and/or unwanted programs were found
    0 Files were classified as suspicious:
    0 files were deleted
    0 files were repaired
    0 files were moved to quarantine
    0 files were renamed
    2 Files cannot be scanned
    213573 Files not concerned
    1493 Archives were scanned
    2 Warnings
    0 Notes
    0
  2. Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 324
     
    Et avec Windows Defender ?
    0
  3. Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 324
     
    Pardon, je parlais Activescan 2.0.
    0
  4. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  5. mimille1978
     
    L'analyse est bloquée à 88% et il y a déjà 40 fichiers infectés.
    0
  6. Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 324
     
    Tu ne peux pas poster le rapport ?
    0
  7. mimille1978
     
    nan je relance le scan qui a planté.
    0
  8. mimille1978
     
    encore bloqué à 88%. ça peut venir du fichier scanné ? C:\Users\marie\Desktop\Co...882R2FWJFW\pv.cfexe
    0
  9. mimille1978
     
    je peux faire plutôt une analyse rapide ?
    0
  10. Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 324
     
    Oui si tu veux.
    0
  11. mimille1978
     
    là le scan reste bloqué à 100% sans accès à un rapport avec 19 fichiers infectés.
    0
  12. Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 324
     
    Comment faire si je n'ai pas le rapport.
    0
  13. Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 324
     
    Salut,

    Tu es infecté par Vundo aussi.

    ---> Fais un scan rapide avec MBAM, supprime tout ce qu'il trouve et poste le rapport :
    http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.htm
    -1
  14. Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 324
     
    Ce n'est pas le bon scan.
    -1
  15. Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 324
     
    ---> Fais un scan rapide avec MalwareByte's Anti-Malware, supprime tout ce qu'il trouve et poste le rapport.

    Pour télécharger MalwareByte's Anti-Malware :
    http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.htm
    -1
  16. Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 324
     
    ---> Relance MBAM, va dans Quarantaine et supprime tout

    ---> Désactive l'UAC le temps de la désinfection :
    https://www.zebulon.fr/astuces/pratique/220-desactiver-l-uac-dans-vista.html

    ---> Télécharge ComboFix.exe de sUBs sur ton Bureau :
    http://download.bleepingcomputer.com/sUBs/ComboFix.exe

    /!\ Déconnecte-toi du net et ferme toutes les applications, antivirus et antispyware y compris /!\

    ---> Double-clique sur Combofix.exe
    Un "pop-up" va apparaître qui dit que "ComboFix est utilisé à vos risques et avec aucune garantie...".
    Accepte en cliquant sur "Oui"

    ---> Mets-le en langue française F
    Tape sur la touche 1 (Yes) pour démarrer le scan.

    /!\ Ne touche à rien tant que le scan n'est pas terminé. /!\

    En fin de scan, il est possible que ComboFix ait besoin de redémarrer le PC pour finaliser la désinfection, laisse-le faire.

    Une fois le scan achevé, un rapport va s'afficher : Poste son contenu

    /!\ Réactive la protection en temps réel de ton antivirus et de ton antispyware avant de te reconnecter à Internet. /!\

    Note : Le rapport se trouve également là : C:\ComboFix.txt
    -1
  17. Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 324
     
    Par contre, je dois te laisser.
    -1
  18. Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 324
     
    - Télécharge HijackThis V 2.02 (HijackThis Installer) :
    http://www.trendsecure.com/portal/en-US/threat_analytics/HJTInstall.exe

    - Fais un double-clic sur HJTInstall.exe afin de lancer l'installation

    - Clique sur Install ensuite sur I Accept

    - Clique sur Do a scan system and save log file

    - Le bloc-notes s'ouvrira, fais un copier-coller de tout son contenu ici dans ta prochaine réponse.
    -1
  19. Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 324
     
    Mince.

    Désinstalle et réinstalle ta clé wifi.
    -1
Précédent
  • 1
  • 2
  • 3