Vundo Ge impossible à enlever.. aidez moi svp - Page 2

Résolu
Précédent
  • 1
  • 2
  1. docjol Messages postés 20 Statut Membre
     
    J'ai ajouté les 2 fichiers dans vundofix puis remove.
    L'outil demande effectivement un redémarrage puis rien, pas de rapport.
    Faut il que je refasse un vundofix pour le rapport?
    0
  2. ep44 Messages postés 7415 Date d'inscription   Statut Contributeur Dernière intervention   3
     
    regarde dans c:
    0
  3. docjol Messages postés 20 Statut Membre
     
    C'est tout ce que j'ai trouvé:
    Beginning removal...

    Performing Repairs to the registry.
    Done!

    VundoFix V6.7.7

    Checking Java version...

    Scan started at 16:42:34 01/01/2008

    Listing files found while scanning....

    Connais tu azureus?
    Quand je le lance pour télécharger des torrents au bout de qques min j'ai un reboot de la machine.
    Pense tu que le virus est en cause?
    0
  4. ep44 Messages postés 7415 Date d'inscription   Statut Contributeur Dernière intervention   3
     
    non car je ne fait pas de peer to peer

    attention justement à ce genre de pratique
    un moyen très sur pour ce faire infecter ;-)

    refais pour voir combofix
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. docjol Messages postés 20 Statut Membre
     
    Exact mais je pensais antivir capable de me protéger.
    Voici tout d'abord un rapport de mon antivirus qui a retrouvé vundo dans un autre répertoire apparement détruit.
    Je fais un combofix ensuite..

    AntiVir PersonalEdition Classic
    Report file date: mardi 1 janvier 2008 17:26

    Scanning for 996949 virus strains and unwanted programs.

    Licensed to: Avira AntiVir PersonalEdition Classic
    Serial number: 0000149996-ADJIE-0001
    Platform: Windows XP
    Windows version: (Service Pack 2) [5.1.2600]
    Username: SYSTEM
    Computer name: JOLY-76DB3399B9

    Version information:
    BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
    AVSCAN.EXE : 7.0.6.1 290856 Bytes 06/09/2007 20:43:47
    AVSCAN.DLL : 7.0.6.0 49192 Bytes 06/09/2007 20:43:47
    LUKE.DLL : 7.0.5.3 147496 Bytes 06/09/2007 20:43:48
    LUKERES.DLL : 7.0.6.1 10280 Bytes 06/09/2007 20:43:48
    ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 22:09:57
    ANTIVIR1.VDF : 7.0.1.95 3367424 Bytes 14/12/2007 07:39:22
    ANTIVIR2.VDF : 7.0.1.170 311296 Bytes 28/12/2007 16:31:05
    ANTIVIR3.VDF : 7.0.1.181 36352 Bytes 31/12/2007 16:31:06
    AVEWIN32.DLL : 7.6.0.46 3084800 Bytes 20/12/2007 19:39:19
    AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 09:36:26
    AVPREF.DLL : 7.0.2.2 25640 Bytes 06/09/2007 20:43:47
    AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 12:16:24
    AVPACK32.DLL : 7.6.0.2 360488 Bytes 20/12/2007 19:39:21
    AVREG.DLL : 7.0.1.6 30760 Bytes 06/09/2007 20:43:47
    AVARKT.DLL : 1.0.0.20 278568 Bytes 06/09/2007 20:43:42
    AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 06/09/2007 20:43:43
    NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 10:09:42
    RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 06/09/2007 20:43:33
    RCTEXT.DLL : 7.0.62.0 86056 Bytes 06/09/2007 20:43:33
    SQLITE3.DLL : 3.3.17.1 339968 Bytes 06/09/2007 20:43:48

    Configuration settings for the scan:
    Jobname..........................: Complete system scan
    Configuration file...............: c:\program files\antivir personaledition classic\sysscan.avp
    Logging..........................: low
    Primary action...................: interactive
    Secondary action.................: ignore
    Scan master boot sector..........: off
    Scan boot sector.................: on
    Boot sectors.....................: C:,
    Scan memory......................: on
    Process scan.....................: on
    Scan registry....................: on
    Search for rootkits..............: off
    Scan all files...................: Intelligent file selection
    Scan archives....................: on
    Recursion depth..................: 20
    Smart extensions.................: on
    Macro heuristic..................: on
    File heuristic...................: medium

    Start of the scan: mardi 1 janvier 2008 17:26

    The scan of running processes will be started
    Scan process 'avscan.exe' - '1' Module(s) have been scanned
    Scan process 'avcenter.exe' - '1' Module(s) have been scanned
    Scan process 'wscntfy.exe' - '1' Module(s) have been scanned
    Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
    Scan process 'IEXPLORE.EXE' - '1' Module(s) have been scanned
    Scan process 'RtWLan.exe' - '1' Module(s) have been scanned
    Scan process 'alg.exe' - '1' Module(s) have been scanned
    Scan process 'ServiceLayer.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
    Scan process 'sched.exe' - '1' Module(s) have been scanned
    Scan process 'RtlWake.exe' - '1' Module(s) have been scanned
    Scan process 'rapimgr.exe' - '1' Module(s) have been scanned
    Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned
    Scan process 'wcescomm.exe' - '1' Module(s) have been scanned
    Scan process 'msmsgs.exe' - '1' Module(s) have been scanned
    Scan process 'LaunchApplication.exe' - '1' Module(s) have been scanned
    Scan process 'jusched.exe' - '1' Module(s) have been scanned
    Scan process 'realsched.exe' - '1' Module(s) have been scanned
    Scan process 'qttask.exe' - '1' Module(s) have been scanned
    Scan process 'Reader_SL.exe' - '1' Module(s) have been scanned
    Scan process 'apdproxy.exe' - '1' Module(s) have been scanned
    Scan process 'SetIcon.exe' - '1' Module(s) have been scanned
    Scan process 'avgnt.exe' - '1' Module(s) have been scanned
    Scan process 'avguard.exe' - '1' Module(s) have been scanned
    Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'explorer.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'lsass.exe' - '1' Module(s) have been scanned
    Scan process 'services.exe' - '1' Module(s) have been scanned
    Scan process 'winlogon.exe' - '1' Module(s) have been scanned
    Scan process 'csrss.exe' - '1' Module(s) have been scanned
    Scan process 'smss.exe' - '1' Module(s) have been scanned
    38 processes with 38 modules were scanned

    Start scanning boot sectors:
    Boot sector 'C:\'
    [NOTE] No virus was found!

    Starting to scan the registry.
    The registry was scanned ( '23' files ).

    Starting the file scan:

    Begin scan in 'C:\'
    C:\hiberfil.sys
    [WARNING] The file could not be opened!
    C:\pagefile.sys
    [WARNING] The file could not be opened!
    C:\System Volume Information\_restore{1B69B5DB-44A6-4E35-B458-780579A32FC9}\RP231\A0095214.dll
    [DETECTION] Is the Trojan horse TR/Vundo.Gen
    [INFO] The file was deleted!

    End of the scan: mardi 1 janvier 2008 23:43
    Used time: 6:16:29 min

    The scan has been done completely.

    3716 Scanning directories
    249132 Files were scanned
    1 viruses and/or unwanted programs were found
    0 Files were classified as suspicious:
    1 files were deleted
    0 files were repaired
    0 files were moved to quarantine
    0 files were renamed
    2 Files cannot be scanned
    249131 Files not concerned
    1983 Archives were scanned
    2 Warnings
    3 Notes
    0
  7. docjol Messages postés 20 Statut Membre
     
    J'ai tjs ce TR/Inject.PH qui apparait dans un fichier temp que je détruit mais qui reviens.

    ComboFix 07-12-21.4 - Joly 2008-01-01 23:47:17.5 - NTFSx86
    Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.406 [GMT 1:00]
    Running from: C:\Documents and Settings\Joly\Bureau\ComboFix.exe
    .

    ((((((((((((((((((((((((((((( Fichiers cr‚‚s 2007-12-01 to 2008-01-01 ))))))))))))))))))))))))))))))))))))
    .

    2007-12-30 14:56 . 2007-12-31 01:51 <REP> d-------- C:\Program Files\Trend Micro
    2007-12-27 02:56 . 2008-01-01 16:42 <REP> d-------- C:\VundoFix Backups
    2007-12-27 02:37 . 2007-12-27 02:37 <REP> d-------- C:\Program Files\Spyware-Secure
    2007-12-26 15:57 . 2007-12-26 15:57 <REP> d-------- C:\Documents and Settings\Joly\Application Data\Apple Computer
    2007-12-25 00:53 . 2007-12-25 00:53 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
    2007-12-24 23:58 . 2007-12-24 23:58 <REP> d-------- C:\WINDOWS\report
    2007-12-24 23:57 . 2007-12-24 23:44 40,242,225 --a------ C:\WINDOWS\LPT$VPN.905
    2007-12-24 23:44 . 2007-12-24 23:44 <REP> d-------- C:\WINDOWS\AU_Backup
    2007-12-24 23:44 . 2007-12-24 23:44 40,242,225 --a------ C:\WINDOWS\VPTNFILE.905
    2007-12-24 23:44 . 2007-12-24 23:44 1,906,226 --a------ C:\WINDOWS\tsc.ptn
    2007-12-24 23:44 . 2007-12-24 23:44 1,163,344 --a------ C:\WINDOWS\vsapi32.dll
    2007-12-24 23:44 . 2007-12-24 23:44 267,845 --a------ C:\WINDOWS\tsc.exe
    2007-12-24 23:44 . 2007-12-24 23:44 86,094 --a------ C:\WINDOWS\BPMNT.dll
    2007-12-24 23:44 . 2007-12-24 23:44 71,749 --a------ C:\WINDOWS\hcextoutput.dll
    2007-12-24 23:44 . 2007-12-24 23:59 823 --a------ C:\WINDOWS\tsc.ini
    2007-12-24 23:40 . 2007-12-24 23:44 <REP> d-------- C:\WINDOWS\AU_Temp
    2007-12-24 23:40 . 2007-12-24 23:40 <REP> d-------- C:\WINDOWS\AU_Log
    2007-12-24 23:40 . 2007-12-24 23:40 170 --a------ C:\WINDOWS\GetServer.ini
    2007-12-24 23:39 . 2007-12-24 23:39 507,904 --a------ C:\WINDOWS\TMUPDATE.DLL
    2007-12-24 23:39 . 2007-12-24 23:39 286,720 --a------ C:\WINDOWS\PATCH.EXE
    2007-12-24 23:39 . 2007-12-24 23:39 69,689 --a------ C:\WINDOWS\UNZIP.DLL
    2007-12-24 08:42 . 2007-12-24 08:42 15 --a------ C:\WINDOWS\system32\90c6198b
    2007-12-23 11:39 . 2008-01-01 15:27 54,156 --ah----- C:\WINDOWS\QTFont.qfn
    2007-12-23 11:39 . 2007-12-23 11:39 1,409 --a------ C:\WINDOWS\QTFont.for
    2007-12-20 19:56 . 2007-12-20 19:56 <REP> d-------- C:\WINDOWS\Sun

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-01-01 16:23 --------- d-----w C:\Documents and Settings\Joly\Application Data\Azureus
    2007-12-31 01:00 --------- d-----w C:\Program Files\Everest Poker
    2007-12-30 21:28 --------- d-----w C:\Program Files\eMule
    2007-12-30 13:42 --------- d-----w C:\Program Files\Azureus
    2007-12-27 01:22 --------- d-----w C:\Program Files\Mindscape
    2007-12-24 22:37 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2007-12-19 07:22 --------- d-----w C:\Program Files\Google
    2007-12-17 19:30 --------- d-----w C:\Program Files\Java
    2007-11-25 23:38 --------- d-----w C:\Documents and Settings\Joly\Application Data\Nokia Multimedia Player
    2007-11-25 20:55 --------- d-----w C:\Documents and Settings\Joly\Application Data\PC Suite
    2007-11-25 20:52 --------- d-----w C:\Documents and Settings\Joly\Application Data\Nokia
    2007-11-25 20:52 --------- d-----w C:\Documents and Settings\All Users\Application Data\PC Suite
    2007-11-25 20:41 --------- d-----w C:\Program Files\Fichiers communs\Nokia
    2007-11-25 20:40 --------- d-----w C:\Program Files\Nokia
    2007-11-25 20:40 --------- d-----w C:\Program Files\Fichiers communs\PCSuite
    2007-11-25 20:39 --------- d-----w C:\Program Files\DIFX
    2007-11-25 20:36 --------- d-----w C:\Program Files\PC Connectivity Solution
    2007-11-25 20:36 --------- d-----w C:\Program Files\7-Zip
    2007-11-25 20:30 --------- d-----w C:\Documents and Settings\All Users\Application Data\Installations
    2007-11-25 14:03 --------- d-----w C:\Program Files\Panda Security
    2007-11-25 13:11 --------- d-----w C:\Documents and Settings\Joly\Application Data\DivX
    2007-11-25 13:07 --------- d-----w C:\Program Files\DivX
    2007-11-25 10:56 --------- d-----w C:\Documents and Settings\All Users\Application Data\Azureus
    2007-11-17 15:24 --------- d-----w C:\Program Files\QuickTime
    2007-11-17 15:18 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
    2007-11-11 13:02 283,648 ----a-w C:\WINDOWS\uninst.exe
    2007-11-11 10:48 --------- d-----w C:\Program Files\Windows Media Connect 2
    2007-11-08 16:12 --------- d-----w C:\Program Files\IncrediMail
    2007-11-03 18:25 --------- d-----w C:\Program Files\Microsoft ActiveSync
    2007-11-03 17:54 --------- d-----w C:\Program Files\Fichiers communs\ODBC
    2004-10-01 13:00 40,960 ----a-w C:\Program Files\Uninstall_CDS.exe
    .

    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 17:24]
    "H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe" [2005-08-05 14:01]
    "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-12-20 23:38]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "NvCplDaemon"="RUNDLL32.exe" [2004-08-19 15:10 C:\WINDOWS\system32\rundll32.exe]
    "avgnt"="C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" [2007-10-11 14:53]
    "SetIcon"="\Program Files\SMSC\Seticon.exe" [2004-04-28 13:02]
    "Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe" []
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51]
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-06-19 01:18]
    "TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-08-12 19:06]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11]
    "PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-06-18 15:10]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-19 15:09]
    "Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 10:17]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Docteur Club Internet.lnk]
    path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Docteur Club Internet.lnk
    backup=C:\WINDOWS\pss\Docteur Club Internet.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AudioDeck]
    C:\Program Files\VIAudioi\SBADeck\ADeck.exe 1

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BJCFD]
    C:\Program Files\BroadJump\Client Foundation\CFD.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
    2001-07-09 09:50 155648 --a------ C:\WINDOWS\system32\NeroCheck.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
    RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
    RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
    nwiz.exe /install

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RecoverFromReboot]
    C:\WINDOWS\Temp\RecoverFromReboot.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
    2004-11-02 19:24 32768 --a------ C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Workflow]
    D:\install\Workflow.exe

    R2 EAPPkt;Realtek EAPPkt Protocol;C:\WINDOWS\system32\DRIVERS\EAPPkt.sys [2005-04-01 09:42]
    R3 RTLWUSB;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter NT Driver;C:\WINDOWS\system32\DRIVERS\wg111v2.sys [2005-04-21 12:33]
    R3 SjyPkt;SjyPkt;C:\WINDOWS\System32\Drivers\SjyPkt.sys [2002-10-02 07:57]
    S3 USB_RNDIS_51;Broadcom USB Remote NDIS Device Driver;C:\WINDOWS\system32\DRIVERS\usb8023.sys [2005-01-27 21:24]
    S3 W8335XP;IEEE 802.11g Wireless Cardbus/PCI Adapter HW51;C:\WINDOWS\system32\DRIVERS\Mrv8000c.sys [2004-12-24 07:43]

    .
    **************************************************************************

    catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-01-01 23:52:41
    Windows 5.1.2600 Service Pack 2 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 0

    **************************************************************************
    .
    Completion time: 2008-01-01 23:54:10 - machine was rebooted
    0
  8. ep44 Messages postés 7415 Date d'inscription   Statut Contributeur Dernière intervention   3
     
    C:\System Volume Information\_restore{1B69B5DB-44A6-4E35-B458-780579A32FC9}\RP231\A0095214.dll
    [DETECTION] Is the Trojan horse TR/Vundo.Gen
    [INFO] The file was deleted! 


    voici ce que dit ton dernier rapport
    le dossier à était supprimer

    fait ceci
    => démarrer
    => Exécuter
    => tape %temp%
    => vide le contenu
    si il ne veux pas vider à faire en mode sans échec

    ensuite va dans c:/windows/temp et vide son contenu

    ensuite va dans c:/windiows/prefecth et vide son contenu

    ensuite refais un scan avec ton antivirus en mode sans échec

    @+
    0
  9. docjol Messages postés 20 Statut Membre
     
    Impossible de lire le contenu de tape% temp% et donc de le vider même en mode sans echec.
    J'ai ensuite vidé les 2 dossiers windows.
    Voici le rapport de antivir en mode sans echec.

    AntiVir PersonalEdition Classic
    Report file date: mercredi 2 janvier 2008 14:16

    Scanning for 996949 virus strains and unwanted programs.

    Licensed to: Avira AntiVir PersonalEdition Classic
    Serial number: 0000149996-ADJIE-0001
    Platform: Windows XP
    Windows version: (Service Pack 2) [5.1.2600]
    Username: Joly
    Computer name: JOLY-76DB3399B9

    Version information:
    BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
    AVSCAN.EXE : 7.0.6.1 290856 Bytes 06/09/2007 20:43:47
    AVSCAN.DLL : 7.0.6.0 49192 Bytes 06/09/2007 20:43:47
    LUKE.DLL : 7.0.5.3 147496 Bytes 06/09/2007 20:43:48
    LUKERES.DLL : 7.0.6.1 10280 Bytes 06/09/2007 20:43:48
    ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 22:09:57
    ANTIVIR1.VDF : 7.0.1.95 3367424 Bytes 14/12/2007 07:39:22
    ANTIVIR2.VDF : 7.0.1.170 311296 Bytes 28/12/2007 16:31:05
    ANTIVIR3.VDF : 7.0.1.181 36352 Bytes 31/12/2007 16:31:06
    AVEWIN32.DLL : 7.6.0.46 3084800 Bytes 20/12/2007 19:39:19
    AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 09:36:26
    AVPREF.DLL : 7.0.2.2 25640 Bytes 06/09/2007 20:43:47
    AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 12:16:24
    AVPACK32.DLL : 7.6.0.2 360488 Bytes 20/12/2007 19:39:21
    AVREG.DLL : 7.0.1.6 30760 Bytes 06/09/2007 20:43:47
    AVARKT.DLL : 1.0.0.20 278568 Bytes 06/09/2007 20:43:42
    AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 06/09/2007 20:43:43
    NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 10:09:42
    RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 06/09/2007 20:43:33
    RCTEXT.DLL : 7.0.62.0 86056 Bytes 06/09/2007 20:43:33
    SQLITE3.DLL : 3.3.17.1 339968 Bytes 06/09/2007 20:43:48

    Configuration settings for the scan:
    Jobname..........................: Complete system scan
    Configuration file...............: c:\program files\antivir personaledition classic\sysscan.avp
    Logging..........................: low
    Primary action...................: interactive
    Secondary action.................: ignore
    Scan master boot sector..........: off
    Scan boot sector.................: on
    Boot sectors.....................: C:,
    Scan memory......................: on
    Process scan.....................: on
    Scan registry....................: on
    Search for rootkits..............: off
    Scan all files...................: Intelligent file selection
    Scan archives....................: on
    Recursion depth..................: 20
    Smart extensions.................: on
    Macro heuristic..................: on
    File heuristic...................: medium

    Start of the scan: mercredi 2 janvier 2008 14:16

    The scan of running processes will be started
    Scan process 'avscan.exe' - '1' Module(s) have been scanned
    Scan process 'avcenter.exe' - '1' Module(s) have been scanned
    Scan process 'explorer.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'lsass.exe' - '1' Module(s) have been scanned
    Scan process 'services.exe' - '1' Module(s) have been scanned
    Scan process 'winlogon.exe' - '1' Module(s) have been scanned
    Scan process 'csrss.exe' - '1' Module(s) have been scanned
    Scan process 'smss.exe' - '1' Module(s) have been scanned
    13 processes with 13 modules were scanned

    Start scanning boot sectors:
    Boot sector 'C:\'
    [NOTE] No virus was found!

    Starting to scan the registry.
    The registry was scanned ( '27' files ).

    Starting the file scan:

    Begin scan in 'C:\'
    C:\pagefile.sys
    [WARNING] The file could not be opened!
    C:\Documents and Settings\Joly\Local Settings\Temporary Internet Files\Content.IE5\WPQVWXQZ\club-internet[1].htm
    [DETECTION] Contains detection pattern of the HTML script virus HTML/Infected.WebPage.Gen
    [INFO] The file was moved to '47f091d8.qua'!

    End of the scan: mercredi 2 janvier 2008 15:00
    Used time: 44:12 min

    The scan has been done completely.

    3724 Scanning directories
    246448 Files were scanned
    0 viruses and/or unwanted programs were found
    1 Files were classified as suspicious:
    0 files were deleted
    0 files were repaired
    1 files were moved to quarantine
    0 files were renamed
    1 Files cannot be scanned
    246448 Files not concerned
    2030 Archives were scanned
    1 Warnings
    3 Notes
    0
    1. ctoutmoi
       
      ben dis donc je savais pas que vous etiez aussi calé en informatique!ne mettez pu azeurus qnd je telecharge avec g aussi l'ordi qui rame!
      0
  10. ep44 Messages postés 7415 Date d'inscription   Statut Contributeur Dernière intervention   3
     
    Bonsoir docjol,

    fait ceci
    => poste de travail
    => c:
    => documents and setting
    => clic sur le non d'utilisateur
    => ensuite tu fait outils
    => options des dossiers cachés
    => affichage
    => et tu coche afficher les dossiers cachés
    => ouvre local setting
    => fichier temp et vide son contenu
    si il ne veut pas se vider essaye en mode sans échec

    si il ne toujours pas essaye ceci http://www.atribune.org/ccount/click.php?id=1
    tu coche tout et tu clic sur empty selected
    @+
    0
  11. ep44 Messages postés 7415 Date d'inscription   Statut Contributeur Dernière intervention   3
     
    --
    C’est généralement lorsque le disque dur plante qu’on se rend compte qu’on a oublié de le sauvegarder.
    0
Précédent
  • 1
  • 2