Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

Probleme antimalware doctor

bertolino1978
 Partager

Messages recommandés

bertolino1978 Junior Member

bertolino1978

Posté(e)
Posté(e)

Bonjour,

 

Je rencontre un problème. Peut-être a-t-il déjà été traité mais je ne sais comment m'en dépatouillé.

Petite histoire : Voici qu'aujourd'hui impossible de pouvoir me servir de l'ordi.

Mon ordi

-Vista ed fam 2007

-Intel Pentium dual CPU E2200 2.20 GHz

 

Tout était bloqué. Apparition fenêtres multiple puis me dirigeant sur site d'achat.

Bloqué donc j'ai rebouté impossible accès mode sans échec... Donc j'ai débranché et forcé redémarrage et j'ai eu accès à une restauration système.

Ça a fonctionné mais je pense que le virus est toujours présent.

 

***Donc j'ai téléchargé malwarebytes version simple dont voici le rapport:

Malwarebytes' Anti-Malware 1.46

www.malwarebytes.org

 

Version de la base de données: 4052

 

Windows 6.0.6001 Service Pack 1

Internet Explorer 7.0.6001.18000

 

2010-08-30 15:59:16

mbam-log-2010-08-30 (15-59-16).txt

 

Type d'examen: Examen rapide

Elément(s) analysé(s): 116671

Temps écoulé: 9 minute(s), 39 seconde(s)

 

Processus mémoire infecté(s): 0

Module(s) mémoire infecté(s): 0

Clé(s) du Registre infectée(s): 1

Valeur(s) du Registre infectée(s): 1

Elément(s) de données du Registre infecté(s): 0

Dossier(s) infecté(s): 0

Fichier(s) infecté(s): 0

 

Processus mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Module(s) mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Clé(s) du Registre infectée(s):

HKEY_CURRENT_USER\SOFTWARE\Microsoft\cs41275 (Malware.Trace) -> No action taken.

 

Valeur(s) du Registre infectée(s):

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lsa shellu (Trojan.Agent) -> No action taken.

 

Elément(s) de données du Registre infecté(s):

(Aucun élément nuisible détecté)

 

Dossier(s) infecté(s):

(Aucun élément nuisible détecté)

 

Fichier(s) infecté(s):

(Aucun élément nuisible détecté)

 

 

***Après j'ai relancé scan avec mon antivirus avira dont voici rapport :

 

Avira AntiVir Personal

Report file date: 2010-08-30 15:42

 

Scanning for 2763561 virus strains and unwanted programs.

 

Licensed to: Avira AntiVir Personal - FREE Antivirus

Serial number: 0000149996-ADJIE-0000001

Platform: Windows Vista

Windows version: (Service Pack 1) [6.0.6001]

Boot mode: Normally booted

Username: SYSTEM

Computer name: BERTOLINO-FIXE

 

Version information:

BUILD.DAT : 8.2.0.354 17048 Bytes 2009-10-23 13:15:00

AVSCAN.EXE : 8.1.4.10 315649 Bytes 2009-01-10 17:49:59

AVSCAN.DLL : 8.1.4.0 40705 Bytes 2008-05-26 08:56:40

LUKE.DLL : 8.1.4.5 164097 Bytes 2008-06-12 13:44:19

LUKERES.DLL : 8.1.4.0 12033 Bytes 2008-05-26 08:58:52

ANTIVIR0.VDF : 7.10.0.0 19875328 Bytes 2009-11-06 04:52:31

ANTIVIR1.VDF : 7.10.9.170 16733040 Bytes 2010-07-23 17:14:41

ANTIVIR2.VDF : 7.10.11.38 2676128 Bytes 2010-08-27 17:06:08

ANTIVIR3.VDF : 7.10.11.48 110080 Bytes 2010-08-30 13:29:15

Engineversion : 8.2.4.46

AEVDF.DLL : 8.1.2.1 106868 Bytes 2010-07-30 17:05:35

AESCRIPT.DLL : 8.1.3.44 1364346 Bytes 2010-08-26 17:06:33

AESCN.DLL : 8.1.6.1 127347 Bytes 2010-05-12 17:00:14

AESBX.DLL : 8.1.3.1 254324 Bytes 2010-04-23 16:59:16

AERDL.DLL : 8.1.8.2 614772 Bytes 2010-07-20 17:04:46

AEPACK.DLL : 8.2.3.5 471412 Bytes 2010-08-07 17:04:39

AEOFFICE.DLL : 8.1.1.8 201081 Bytes 2010-07-21 17:06:38

AEHEUR.DLL : 8.1.2.19 2867574 Bytes 2010-08-26 17:06:29

AEHELP.DLL : 8.1.13.3 242038 Bytes 2010-08-26 17:06:13

AEGEN.DLL : 8.1.3.20 397684 Bytes 2010-08-26 17:06:10

AEEMU.DLL : 8.1.2.0 393588 Bytes 2010-04-23 16:59:15

AECORE.DLL : 8.1.16.2 192887 Bytes 2010-07-20 17:03:44

AEBB.DLL : 8.1.1.0 53618 Bytes 2010-04-23 16:59:14

AVWINLL.DLL : 1.0.0.12 15105 Bytes 2008-07-09 09:40:05

AVPREF.DLL : 8.0.2.0 38657 Bytes 2008-05-16 10:28:01

AVREP.DLL : 8.0.0.7 159784 Bytes 2010-02-16 16:55:49

AVREG.DLL : 8.0.0.1 33537 Bytes 2008-05-09 12:26:40

AVARKT.DLL : 1.0.0.23 307457 Bytes 2008-02-12 09:29:23

AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 2008-06-12 13:27:49

SQLITE3.DLL : 3.3.17.1 339968 Bytes 2008-01-22 18:28:02

SMTPLIB.DLL : 1.2.0.23 28929 Bytes 2008-06-12 13:49:40

NETNT.DLL : 8.0.0.1 7937 Bytes 2008-01-25 13:05:10

RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 2008-06-12 14:48:07

RCTEXT.DLL : 8.0.52.0 86273 Bytes 2008-06-27 14:34:37

 

Configuration settings for the scan:

Jobname..........................: Complete system scan

Configuration file...............: C:\program files\avira\antivir personaledition classic\sysscan.avp

Logging..........................: low

Primary action...................: interactive

Secondary action.................: ignore

Scan master boot sector..........: on

Scan boot sector.................: on

Boot sectors.....................: C:,

Process scan.....................: on

Scan registry....................: on

Search for rootkits..............: off

Scan all files...................: Intelligent file selection

Scan archives....................: on

Recursion depth..................: 20

Smart extensions.................: on

Macro heuristic..................: on

File heuristic...................: medium

 

Start of the scan: 2010-08-30 15:42

 

The scan of running processes will be started

Scan process 'avscan.exe' - '1' Module(s) have been scanned

Scan process 'taskeng.exe' - '1' Module(s) have been scanned

Scan process 'plugin-container.exe' - '1' Module(s) have been scanned

Scan process 'firefox.exe' - '1' Module(s) have been scanned

Scan process 'CarboniteSetupLitePBPreInstaller.exe' - '1' Module(s) have been scanned

Scan process 'avcenter.exe' - '1' Module(s) have been scanned

Scan process 'mobsync.exe' - '1' Module(s) have been scanned

Scan process 'NMIndexingService.exe' - '1' Module(s) have been scanned

Scan process 'wmpnetwk.exe' - '1' Module(s) have been scanned

Scan process 'rundll32.exe' - '1' Module(s) have been scanned

Scan process 'WUDFHost.exe' - '1' Module(s) have been scanned

Scan process 'wmpnscfg.exe' - '1' Module(s) have been scanned

Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned

Scan process 'NMIndexStoreSvr.exe' - '1' Module(s) have been scanned

Scan process 'SmpSys.exe' - '1' Module(s) have been scanned

Scan process 'AdobeARM.exe' - '1' Module(s) have been scanned

Scan process 'jusched.exe' - '1' Module(s) have been scanned

Scan process 'avgnt.exe' - '1' Module(s) have been scanned

Scan process 'SearchIndexer.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'IoctlSvc.exe' - '1' Module(s) have been scanned

Scan process 'GoogleDesktop.exe' - '1' Module(s) have been scanned

Scan process 'rundll32.exe' - '1' Module(s) have been scanned

Scan process 'RtHDVCpl.exe' - '1' Module(s) have been scanned

Scan process 'NBService.exe' - '1' Module(s) have been scanned

Scan process 'ASKUpgrade.exe' - '1' Module(s) have been scanned

Scan process 'AskService.exe' - '1' Module(s) have been scanned

Scan process 'avguard.exe' - '1' Module(s) have been scanned

Scan process 'taskeng.exe' - '1' Module(s) have been scanned

Scan process 'explorer.exe' - '1' Module(s) have been scanned

Scan process 'dwm.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'taskeng.exe' - '1' Module(s) have been scanned

Scan process 'sched.exe' - '1' Module(s) have been scanned

Scan process 'spoolsv.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'SLsvc.exe' - '1' Module(s) have been scanned

Scan process 'audiodg.exe' - '0' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'winlogon.exe' - '1' Module(s) have been scanned

Scan process 'lsm.exe' - '1' Module(s) have been scanned

Scan process 'lsass.exe' - '1' Module(s) have been scanned

Scan process 'services.exe' - '1' Module(s) have been scanned

Scan process 'csrss.exe' - '1' Module(s) have been scanned

Scan process 'wininit.exe' - '1' Module(s) have been scanned

Scan process 'csrss.exe' - '1' Module(s) have been scanned

Scan process 'smss.exe' - '1' Module(s) have been scanned

54 processes with 54 modules were scanned

 

Starting master boot sector scan:

Master boot sector HD0

[iNFO] No virus was found!

Master boot sector HD1

[iNFO] No virus was found!

[WARNING] System error [21]: Le périphérique n'est pas prêt.

[iNFO] Please restart the search with Administrator rights

Master boot sector HD2

[iNFO] No virus was found!

[WARNING] System error [21]: Le périphérique n'est pas prêt.

[iNFO] Please restart the search with Administrator rights

Master boot sector HD3

[iNFO] No virus was found!

[WARNING] System error [21]: Le périphérique n'est pas prêt.

[iNFO] Please restart the search with Administrator rights

Master boot sector HD4

[iNFO] No virus was found!

[WARNING] System error [21]: Le périphérique n'est pas prêt.

[iNFO] Please restart the search with Administrator rights

Master boot sector HD5

[iNFO] No virus was found!

[WARNING] System error [21]: Le périphérique n'est pas prêt.

[iNFO] Please restart the search with Administrator rights

Master boot sector HD6

[iNFO] No virus was found!

 

Start scanning boot sectors:

Boot sector 'C:\'

[iNFO] No virus was found!

 

Starting to scan the registry.

The registry was scanned ( '41' files ).

 

 

Starting the file scan:

 

Begin scan in 'C:\' <HDD>

C:\hiberfil.sys

[WARNING] The file could not be opened!

C:\pagefile.sys

[WARNING] The file could not be opened!

C:\Users\pc\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28\68a9cc5c-4bb6ce69

[0] Archive type: ZIP

--> ________vload.class

[DETECTION] Contains recognition pattern of the JAVA/Agent.AH Java virus

[NOTE] The file was moved to '4cdcb939.qua'!

C:\Users\pc\AppData\Roaming\Microsoft\Windows\Templates\memory.tmp

[DETECTION] Is the TR/Oficla.GH Trojan

[NOTE] The file was moved to '4ce8b9b1.qua'!

 

 

End of the scan: 2010-08-30 16:25

Used time: 43:43 Minute(s)

 

The scan has been done completely.

 

15485 Scanning directories

415011 Files were scanned

2 viruses and/or unwanted programs were found

0 Files were classified as suspicious:

0 files were deleted

0 files were repaired

2 files were moved to quarantine

0 files were renamed

2 Files cannot be scanned

415007 Files not concerned

5355 Archives were scanned

7 Warnings

2 Notes

 

 

Malwarebytes trouve Malware.trace et Trojan agent.

Avira trouve 7 warnings et 2 detections, virus que j'ai mis en 40aine comme demandé.

 

Je suis pas très bon en informatique. Comment faire simple ?

J'ai lu qu'il fallait désactiver restauration système ?

 

Help me, please...

Par avance merci

nardino Full Patch Member

nardino

Posté(e)
Posté(e)

Bonjour,

Relance Malwarebytes mis à jour et supprime la sélection à la fin du scan s'il trouve encore quelque chose.

Redémarre si demandé.

Pr&écise si le problème est toujours présent après.

@+

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...