Sujet Précédent Sujet Suivant

Besoin d'aide, antivir me trouve 35 virus

shaolin44 -  
 Utilisateur anonyme -
Bonjour,

mon ordi est infecté, comment faire pour le rendre clean à nouveau ?

merci aux experts de la sécurité de m'aider car là je ne sais plus quoi faire

Shaolin44
A voir également:

18 réponses

Réponse 1 / 18
Utilisateur anonyme
 
salut

ben quand antivir te trouve des virus tu clic sur delete et ok

telecharge hijackthis fait un scan et colle moi le log ici
0
Réponse 2 / 18
Utilisateur anonyme
 
aide antivir

https://www.malekal.com/avira-free-security-antivirus-gratuit/
0
Réponse 3 / 18
shaolin44
 
Salut Jessy et merci de m'aider, voila le scan hijack, Antivir à mis les fichiers suspects en quarantaine, je peux te poster le rapport antivir si tu veux

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:51:01, on 02/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\hphmon06.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Neuf\Kit\WiFi\9wifi.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Scansoft\PaperPort\SmartUI\SmartUI.exe
C:\Program Files\TRENDnet\TEW-424UB\TRENDnet.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\TRENDnet\TEW-424UB\SiSWLSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avscan.exe
C:\Program Files\Java\jre1.6.0_03\bin\jucheck.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q105&bd=pavilion&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q105&bd=pavilion&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://actus.sfr.fr
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [Autoconfigurateur WiFi Neuf] "C:\Program Files\Neuf\Kit\WiFi\9wifi.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - S-1-5-18 Startup: AutoTBar.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: AutoTBar.exe (User 'Default user')
O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: SmartUI.lnk = ?
O4 - Global Startup: Wireless Configuration Utility HW.32.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MIF269~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIF269~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SiS WirelessLan Service (SiSWLSvc) - Unknown owner - C:\Program Files\TRENDnet\TEW-424UB\SiSWLSvc.exe
O23 - Service: BitDefender Communicator (XCOMM) - Softwin - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
0
Réponse 4 / 18
Utilisateur anonyme
 
jamais 2 antivirus desinstalle bitdefender

puis telecharge spybot et ad-aware mes les a jours puis fait un scan et supprime tous se qu'ils trouvent puis tu me reposte un log hijackthis

oui tu peur me poste le log d'antivir
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 18
shaolin44
 
Voila le scan Antivir,

AntiVir PersonalEdition Classic
Report file date: mercredi 2 avril 2008 11:12

Scanning for 1173671 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: SYSTEM
Computer name: MARC

Version information:
BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 12:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 11:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 14:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 11:35:20
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 13:27:15
ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 14:03:02
ANTIVIR2.VDF : 7.0.3.85 434176 Bytes 27/03/2008 14:03:02
ANTIVIR3.VDF : 7.0.3.103 76800 Bytes 01/04/2008 14:03:02
AVEWIN32.DLL : 7.6.0.78 3408384 Bytes 01/04/2008 14:03:03
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 09:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 06:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 12:16:24
AVPACK32.DLL : 7.6.0.3 360488 Bytes 01/04/2008 14:03:03
AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 06:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 11:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 06:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 10:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 11:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 11:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 08:37:21

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: D:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: mercredi 2 avril 2008 11:12

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
Scan process 'firefox.exe' - '1' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'iPodService.exe' - '1' Module(s) have been scanned
Scan process 'xcommsvr.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'SiSWLSvc.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'TRENDnet.exe' - '1' Module(s) have been scanned
Scan process 'SmartUI.exe' - '1' Module(s) have been scanned
Scan process 'hpqtra08.exe' - '1' Module(s) have been scanned
Scan process 'dslmon.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'backWeb-8876480.exe' - '1' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'FxSvr2.exe' - '1' Module(s) have been scanned
Scan process 'reader_sl.exe' - '1' Module(s) have been scanned
Scan process '9wifi.exe' - '1' Module(s) have been scanned
Scan process 'LogiTray.exe' - '1' Module(s) have been scanned
Scan process 'LVCOMSX.EXE' - '1' Module(s) have been scanned
Scan process 'ALCXMNTR.EXE' - '1' Module(s) have been scanned
Scan process 'atiptaxx.exe' - '1' Module(s) have been scanned
Scan process 'iTunesHelper.exe' - '1' Module(s) have been scanned
Scan process 'kbd.exe' - '1' Module(s) have been scanned
Scan process 'hphmon06.exe' - '1' Module(s) have been scanned
Scan process 'AGRSMMSG.exe' - '1' Module(s) have been scanned
Scan process 'hpsysdrv.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
46 processes with 46 modules were scanned

Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Boot sector 'D:\'
[NOTE] No virus was found!

Starting to scan the registry.
The registry was scanned ( '52' files ).

Starting the file scan:

Begin scan in 'C:\' <HP_PAVILION>
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP356\A0029860.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '48235f67.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP359\A0030975.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '48235f73.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP361\A0031047.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[INFO] The file was moved to '48235f8b.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP361\A0031077.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[INFO] The file was moved to '48235f90.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP363\A0032125.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '48235f94.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP363\A0032127.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '48235f95.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP364\A0033125.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '48235f96.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP367\A0033185.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '48235f9b.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP367\A0033239.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '48235f9d.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP369\A0033274.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '48235fa0.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP371\A0033318.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '48235fa3.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP372\A0033343.dll
[DETECTION] Is the Trojan horse TR/Vundo.EER
[INFO] The file was moved to '48235fa6.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP372\A0033344.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '495e3baf.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP372\A0033345.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '48235fb8.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP372\A0033346.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '48235fa7.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP372\A0033347.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '48235fa8.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP372\A0033348.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '495e3ba1.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP372\A0033349.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '48235faa.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP372\A0033353.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '48235fa9.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP372\A0033354.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '495e3ba2.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP372\A0033356.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '495e3ba3.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP372\A0033358.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '48235fac.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP372\A0033362.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '495e3ba5.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP372\A0033363.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '48235fab.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP372\A0033365.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '495e3ba4.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP372\A0033368.dll
[DETECTION] Is the Trojan horse TR/Vundo.GH
[INFO] The file was moved to '48235fad.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP372\A0033370.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '48235fae.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP372\A0033371.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '495e3ba7.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP372\A0033374.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '495e3ba9.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP372\A0033376.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '495e3ba6.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP372\A0033377.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '48235faf.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP372\A0033378.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '495e3bb8.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP372\A0033392.dll
[DETECTION] Is the Trojan horse TR/Trash.Gen
[INFO] The file was moved to '48235fa2.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP372\A0033393.dll
[DETECTION] Is the Trojan horse TR/Trash.Gen
[INFO] The file was moved to '495e3bab.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP373\A0033443.exe
[0] Archive type: ZIP SFX (self extracting)
--> CIVILIZATION3.EXE
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[INFO] The file was moved to '48235fce.qua'!
Begin scan in 'D:\' <HP_RECOVERY>

End of the scan: mercredi 2 avril 2008 12:52
Used time: 1:40:09 min

The scan has been done completely.

7985 Scanning directories
646631 Files were scanned
35 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
35 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
646596 Files not concerned
16765 Archives were scanned
2 Warnings
52 Notes
0
Réponse 6 / 18
Utilisateur anonyme
 
ok
0
Réponse 7 / 18
dou-l Messages postés 2871 Statut Membre 61
 
Désolé pour l'inrusion

mais t'es infécter par vundo donc :

Téléchargez VundoFix -> http://www.atribune.org/ccount/click.php?id=4

Double cliquez VundoFix.exe pour l'exécuter.
Quand VundoFix s'ouvre, cliquez sur le bouton Scan for Vundo.
Une fois le scan fini, cliquez sur le bouton Remove Vundo.
Vous recevrez un avertissement vous demandant si vous voulez effacer ces
fichiers répondez en cliquant sur YES
Une fois que vous avez cliqué yes, votre bureau deviendra vide au moment où il
enlève Vundo.

Pote le raport

++
0
Réponse 8 / 18
shaolin44
 
tu penses que ces trojans qui sont en quarantaine sont désormais inoffensifs ou bien l'ordi est toujours vulnérable ?
0
Réponse 9 / 18
Utilisateur anonyme
 
tes toujours infecter alors fait ce que je tes dit^plus haut
0
Réponse 10 / 18
dou-l Messages postés 2871 Statut Membre 61
 
Main n'importe quoi jessy

c'est pas antivir qui va le sortir de la !

Si tu veux plus avoir de blem fait ce que je dit je sais ce que je fait !
0
Réponse 11 / 18
••RiverToo•• Messages postés 1098 Statut Membre 53
 
Salut a tous

Shaolin44

Tous tes virus en grande majorité se trouve dans
C:\System Volume Information\_restore

C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP356\A0029860.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '48235f67.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP359\A0030975.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '48235f73.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP361\A0031047.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[INFO] The file was moved to '48235f8b.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP361\A0031077.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[INFO] The file was moved to '48235f90.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP363\A0032125.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '48235f94.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP363\A0032127.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '48235f95.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP364\A0033125.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '48235f96.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP367\A0033185.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '48235f9b.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP367\A0033239.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '48235f9d.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP369\A0033274.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '48235fa0.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP371\A0033318.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '48235fa3.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP372\A0033343.dll
[DETECTION] Is the Trojan horse TR/Vundo.EER
[INFO] The file was moved to '48235fa6.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP372\A0033344.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '495e3baf.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP372\A0033345.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '48235fb8.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP372\A0033346.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '48235fa7.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP372\A0033347.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '48235fa8.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP372\A0033348.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '495e3ba1.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP372\A0033349.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '48235faa.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP372\A0033353.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '48235fa9.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP372\A0033354.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '495e3ba2.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP372\A0033356.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '495e3ba3.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP372\A0033358.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '48235fac.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP372\A0033362.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '495e3ba5.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP372\A0033363.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '48235fab.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP372\A0033365.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '495e3ba4.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP372\A0033368.dll
[DETECTION] Is the Trojan horse TR/Vundo.GH
[INFO] The file was moved to '48235fad.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP372\A0033370.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '48235fae.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP372\A0033371.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '495e3ba7.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP372\A0033374.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '495e3ba9.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP372\A0033376.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '495e3ba6.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP372\A0033377.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '48235faf.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP372\A0033378.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '495e3bb8.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP372\A0033392.dll
[DETECTION] Is the Trojan horse TR/Trash.Gen
[INFO] The file was moved to '48235fa2.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP372\A0033393.dll
[DETECTION] Is the Trojan horse TR/Trash.Gen
[INFO] The file was moved to '495e3bab.qua'!
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP373\A0033443.exe
[0] Archive type: ZIP SFX (self extracting)

Si tu veux les supprimer la seule solution c'est

Demarrer >>Clic droit post de travail >>Propriété >>Restauration du systeme>>coche la case désactiver la réstauration !

Une fois désactiver refait un scan antivir et post le !

Ensuite on remetra la restauration

++
••RiverToo••
0
Réponse 12 / 18
dou-l Messages postés 2871 Statut Membre 61
 
pk c intrusion

:@

Rest sur tes topik moi je vien pas sur les tioen !
0
Réponse 13 / 18
shaolin44
 
Salut dou-l

le truc c'est que j'ai déjà utilisé Vundofix hier et que la présence des trojans semble toujours identique, tu crois que je dois refaire la manip avec vundofix ?
0
Réponse 14 / 18
••RiverToo•• Messages postés 1098 Statut Membre 53
 
dou-l a ce que je vois ce n'est pas ton topic non plus :x donc ...

Je voulais juste aider jessydu54 !
0
Réponse 15 / 18
Utilisateur anonyme
 
merci rivertoo de m'aider
0
Réponse 16 / 18
dou-l Messages postés 2871 Statut Membre 61
 
ué mas bon enfin je le laisse finir jveu voir ce qu'il faity.

bonne journée a toi

+
0
Réponse 17 / 18
shaolin44
 
SAlut et merci à tous de m'aider,

Vous me proposez 3 manips différentes pour régler le problème, lequel je dois faire ?
0
Réponse 18 / 18
Utilisateur anonyme
 
fait zen 1 apres l'autre
0

Discussions similaires

Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
Comment désactiver Le code USSD *35*0000#
Mbunya -
Panth33ra -

1 réponse
suffixe de portable +35....
hbk64 -
Anna -

8 réponses
35 GO à l'étranger
Laurence -
Laurence -

2 réponses
Désinstaller Softonic
Diguimette -
lilidurhone -

5 réponses