PC infecté de Trojan
Fermé
yannaka
Messages postés
10
Date d'inscription
mercredi 11 juin 2008
Statut
Membre
Dernière intervention
19 décembre 2008
-
11 juin 2008 à 14:35
yannaka Messages postés 10 Date d'inscription mercredi 11 juin 2008 Statut Membre Dernière intervention 19 décembre 2008 - 17 juin 2008 à 07:23
yannaka Messages postés 10 Date d'inscription mercredi 11 juin 2008 Statut Membre Dernière intervention 19 décembre 2008 - 17 juin 2008 à 07:23
A voir également:
- PC infecté de Trojan
- Benchmark pc - Guide
- Reinitialiser pc - Guide
- Pc lent - Guide
- Whatsapp pc - Télécharger - Messagerie
- Double ecran pc - Guide
7 réponses
Bijen
Messages postés
3
Date d'inscription
mercredi 11 juin 2008
Statut
Membre
Dernière intervention
11 juin 2008
11 juin 2008 à 14:36
11 juin 2008 à 14:36
Installez l'anti-virus NOD32 si vous avez l'ADSL. C'est le meilleur contre ça !
Bonne Chance
Bonne Chance
yannaka
Messages postés
10
Date d'inscription
mercredi 11 juin 2008
Statut
Membre
Dernière intervention
19 décembre 2008
11 juin 2008 à 14:38
11 juin 2008 à 14:38
J'ai fait un scan avec Antivir, dont voici le rapport :
Avira AntiVir Personal
Report file date: mardi 10 juin 2008 12:11
Scanning for 1320652 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Normally booted
Username: SYSTEM
Computer name: CLASSE12-1
Version information:
BUILD.DAT : 8.1.00.295 16479 Bytes 09/04/2008 16:24:00
AVSCAN.EXE : 8.1.2.12 311553 Bytes 18/03/2008 09:02:56
AVSCAN.DLL : 8.1.1.0 53505 Bytes 07/02/2008 08:43:37
LUKE.DLL : 8.1.2.9 151809 Bytes 28/02/2008 08:41:23
LUKERES.DLL : 8.1.2.1 12033 Bytes 21/02/2008 08:28:40
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34
ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 13:08:58
ANTIVIR2.VDF : 7.0.4.120 2206720 Bytes 01/06/2008 08:21:43
ANTIVIR3.VDF : 7.0.4.168 243712 Bytes 10/06/2008 08:21:44
Engineversion : 8.1.0.55
AEVDF.DLL : 8.1.0.5 102772 Bytes 25/02/2008 09:58:21
AESCRIPT.DLL : 8.1.0.40 266618 Bytes 10/06/2008 08:21:58
AESCN.DLL : 8.1.0.21 119156 Bytes 10/06/2008 08:21:57
AERDL.DLL : 8.1.0.20 418165 Bytes 10/06/2008 08:21:56
AEPACK.DLL : 8.1.1.5 364918 Bytes 10/06/2008 08:21:54
AEOFFICE.DLL : 8.1.0.18 192890 Bytes 10/06/2008 08:21:53
AEHEUR.DLL : 8.1.0.30 1253750 Bytes 10/06/2008 08:21:51
AEHELP.DLL : 8.1.0.15 115063 Bytes 10/06/2008 08:21:48
AEGEN.DLL : 8.1.0.28 307572 Bytes 10/06/2008 08:21:47
AEEMU.DLL : 8.1.0.6 430451 Bytes 10/06/2008 08:21:46
AECORE.DLL : 8.1.0.31 168310 Bytes 10/06/2008 08:21:45
AVWINLL.DLL : 1.0.0.7 14593 Bytes 23/01/2008 17:07:53
AVPREF.DLL : 8.0.0.1 25857 Bytes 18/02/2008 10:37:50
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:26:47
AVREG.DLL : 8.0.0.0 30977 Bytes 23/01/2008 17:07:49
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23
AVEVTLOG.DLL : 8.0.0.11 114945 Bytes 28/02/2008 08:31:31
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
SMTPLIB.DLL : 1.2.0.19 28929 Bytes 23/01/2008 17:08:39
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10
RCIMAGE.DLL : 8.0.0.35 2371841 Bytes 10/03/2008 14:37:25
RCTEXT.DLL : 8.0.32.0 86273 Bytes 06/03/2008 12:02:11
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: mardi 10 juin 2008 12:11
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'iexplore.exe' - '1' Module(s) have been scanned
Scan process 'DSAgnt.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'yiuemii.exe' - '1' Module(s) have been scanned
Scan process 'HPWNTBX.exe' - '1' Module(s) have been scanned
Scan process 'pmxmiced.exe' - '1' Module(s) have been scanned
Scan process 'PDVDDXSrv.exe' - '1' Module(s) have been scanned
Scan process 'ico.exe' - '1' Module(s) have been scanned
Scan process 'stsystra.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'winvnc4.exe' - '1' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
Scan process 'AsfIpMon.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'a2service.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'aawservice.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
37 processes with 37 modules were scanned
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Starting to scan the registry.
C:\WINDOWS\system32\vtUnnnoN.dll
[DETECTION] Is the Trojan horse TR/Monder.30208.2
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26003
[WARNING]
The registry was scanned ( '30' files ).
Starting the file scan:
Begin scan in 'C:\'
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP147\A0012081.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was moved to '487e584b.qua'!
C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP172\A0014773.exe
[DETECTION] Contains suspicious code HEUR/Malware
[NOTE] The fund was classified as suspicious.
[NOTE] The file was moved to '487e586f.qua'!
C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP173\A0014789.exe
[DETECTION] Contains suspicious code HEUR/Malware
[NOTE] The fund was classified as suspicious.
[NOTE] The file was moved to '487e5875.qua'!
C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP173\A0014790.exe
[DETECTION] Is the Trojan horse TR/Dldr.Small.iwh
[NOTE] The file was moved to '487e5879.qua'!
C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP173\A0014799.sys
[DETECTION] Is the Trojan horse TR/Rootkit.Gen
[NOTE] The file was moved to '487e587c.qua'!
C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP173\A0014882.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '487e5882.qua'!
C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP173\A0014883.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '487e588b.qua'!
C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP174\A0014920.dll
[DETECTION] Is the Trojan horse TR/Downloader.Gen
[NOTE] The file was moved to '487e5890.qua'!
C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP174\A0014922.exe
[DETECTION] Is the Trojan horse TR/Agent.DYH
[NOTE] The file was moved to '487e5893.qua'!
C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP174\A0014924.exe
[DETECTION] Contains suspicious code HEUR/Malware
[NOTE] The fund was classified as suspicious.
[NOTE] The file was moved to '487e5895.qua'!
C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP175\A0015094.exe
[DETECTION] Contains detection pattern of the dropper DR/Delphi.Gen
[NOTE] The file was moved to '487e58a0.qua'!
C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP175\A0015096.dll
[DETECTION] Is the Trojan horse TR/Monder.82944
[NOTE] The file was moved to '487e58a6.qua'!
C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP175\A0015104.dll
[DETECTION] Is the Trojan horse TR/Monder.82944
[NOTE] The file was moved to '487e58a8.qua'!
C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP175\A0015105.dll
[DETECTION] Is the Trojan horse TR/Crypt.PEC2X.Gen
[NOTE] The file was moved to '487e58aa.qua'!
C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP175\A0015120.exe
[DETECTION] Is the Trojan horse TR/MailSkinner.C.1
[NOTE] The file was moved to '487e58ac.qua'!
C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP175\A0015124.exe
[DETECTION] Contains detection pattern of the rootkit RKIT/Agent.aqa
[NOTE] The file was moved to '487e58ae.qua'!
C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP175\A0015125.exe
[DETECTION] Contains detection pattern of the dropper DR/Delphi.Gen
[NOTE] The file was moved to '487e58b0.qua'!
C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP175\A0015126.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '487e58b2.qua'!
C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP175\A0015135.dll
[DETECTION] Is the Trojan horse TR/Click.Agen.32256
[NOTE] The file was moved to '487e58b4.qua'!
C:\WINDOWS\mrofinu1535.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[NOTE] The file was moved to '48bd5915.qua'!
C:\WINDOWS\system32\svchost.exe:ext.exe
[DETECTION] Is the Trojan horse TR/Hijack.Explor.4860
[NOTE] The file was moved to '48b15a56.qua'!
C:\WINDOWS\system32\vtUnnnoN.dll
[DETECTION] Is the Trojan horse TR/Monder.30208.2
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26003
[WARNING]
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\IJ2L4N67\update[1].upd
[DETECTION] Contains detection pattern of the rootkit RKIT/Clbd.BJ
[NOTE] The file was moved to '48b25a74.qua'!
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\IJ2L4N67\update[2].upd
[DETECTION] Contains detection pattern of the rootkit RKIT/Clbd.BJ
[NOTE] The file was moved to '48b25a76.qua'!
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\IJ2L4N67\update[3].upd
[DETECTION] Contains detection pattern of the rootkit RKIT/Clbd.BJ
[NOTE] The file was moved to '48b25a78.qua'!
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\IJ2L4N67\update[4].upd
[DETECTION] Contains detection pattern of the rootkit RKIT/Clbd.BJ
[NOTE] The file was moved to '48b25a7e.qua'!
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\IJ2L4N67\update[5].upd
[DETECTION] Contains detection pattern of the rootkit RKIT/Clbd.BJ
[NOTE] The file was moved to '48b25a82.qua'!
C:\WINDOWS\Temp\NSIS_Install_WMP.exe
[DETECTION] Contains detection pattern of the dropper DR/NaviPromo.BU.35
[NOTE] The file was moved to '48975abc.qua'!
End of the scan: mardi 10 juin 2008 12:41
Used time: 30:43 min
The scan has been done completely.
5518 Scanning directories
257318 Files were scanned
26 viruses and/or unwanted programs were found
3 Files were classified as suspicious:
0 files were deleted
0 files were repaired
27 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
257292 Files not concerned
3484 Archives were scanned
4 Warnings
27 Notes
Avira AntiVir Personal
Report file date: mardi 10 juin 2008 12:11
Scanning for 1320652 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Normally booted
Username: SYSTEM
Computer name: CLASSE12-1
Version information:
BUILD.DAT : 8.1.00.295 16479 Bytes 09/04/2008 16:24:00
AVSCAN.EXE : 8.1.2.12 311553 Bytes 18/03/2008 09:02:56
AVSCAN.DLL : 8.1.1.0 53505 Bytes 07/02/2008 08:43:37
LUKE.DLL : 8.1.2.9 151809 Bytes 28/02/2008 08:41:23
LUKERES.DLL : 8.1.2.1 12033 Bytes 21/02/2008 08:28:40
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34
ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 13:08:58
ANTIVIR2.VDF : 7.0.4.120 2206720 Bytes 01/06/2008 08:21:43
ANTIVIR3.VDF : 7.0.4.168 243712 Bytes 10/06/2008 08:21:44
Engineversion : 8.1.0.55
AEVDF.DLL : 8.1.0.5 102772 Bytes 25/02/2008 09:58:21
AESCRIPT.DLL : 8.1.0.40 266618 Bytes 10/06/2008 08:21:58
AESCN.DLL : 8.1.0.21 119156 Bytes 10/06/2008 08:21:57
AERDL.DLL : 8.1.0.20 418165 Bytes 10/06/2008 08:21:56
AEPACK.DLL : 8.1.1.5 364918 Bytes 10/06/2008 08:21:54
AEOFFICE.DLL : 8.1.0.18 192890 Bytes 10/06/2008 08:21:53
AEHEUR.DLL : 8.1.0.30 1253750 Bytes 10/06/2008 08:21:51
AEHELP.DLL : 8.1.0.15 115063 Bytes 10/06/2008 08:21:48
AEGEN.DLL : 8.1.0.28 307572 Bytes 10/06/2008 08:21:47
AEEMU.DLL : 8.1.0.6 430451 Bytes 10/06/2008 08:21:46
AECORE.DLL : 8.1.0.31 168310 Bytes 10/06/2008 08:21:45
AVWINLL.DLL : 1.0.0.7 14593 Bytes 23/01/2008 17:07:53
AVPREF.DLL : 8.0.0.1 25857 Bytes 18/02/2008 10:37:50
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:26:47
AVREG.DLL : 8.0.0.0 30977 Bytes 23/01/2008 17:07:49
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23
AVEVTLOG.DLL : 8.0.0.11 114945 Bytes 28/02/2008 08:31:31
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
SMTPLIB.DLL : 1.2.0.19 28929 Bytes 23/01/2008 17:08:39
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10
RCIMAGE.DLL : 8.0.0.35 2371841 Bytes 10/03/2008 14:37:25
RCTEXT.DLL : 8.0.32.0 86273 Bytes 06/03/2008 12:02:11
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: mardi 10 juin 2008 12:11
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'iexplore.exe' - '1' Module(s) have been scanned
Scan process 'DSAgnt.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'yiuemii.exe' - '1' Module(s) have been scanned
Scan process 'HPWNTBX.exe' - '1' Module(s) have been scanned
Scan process 'pmxmiced.exe' - '1' Module(s) have been scanned
Scan process 'PDVDDXSrv.exe' - '1' Module(s) have been scanned
Scan process 'ico.exe' - '1' Module(s) have been scanned
Scan process 'stsystra.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'winvnc4.exe' - '1' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
Scan process 'AsfIpMon.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'a2service.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'aawservice.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
37 processes with 37 modules were scanned
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Starting to scan the registry.
C:\WINDOWS\system32\vtUnnnoN.dll
[DETECTION] Is the Trojan horse TR/Monder.30208.2
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26003
[WARNING]
The registry was scanned ( '30' files ).
Starting the file scan:
Begin scan in 'C:\'
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP147\A0012081.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was moved to '487e584b.qua'!
C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP172\A0014773.exe
[DETECTION] Contains suspicious code HEUR/Malware
[NOTE] The fund was classified as suspicious.
[NOTE] The file was moved to '487e586f.qua'!
C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP173\A0014789.exe
[DETECTION] Contains suspicious code HEUR/Malware
[NOTE] The fund was classified as suspicious.
[NOTE] The file was moved to '487e5875.qua'!
C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP173\A0014790.exe
[DETECTION] Is the Trojan horse TR/Dldr.Small.iwh
[NOTE] The file was moved to '487e5879.qua'!
C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP173\A0014799.sys
[DETECTION] Is the Trojan horse TR/Rootkit.Gen
[NOTE] The file was moved to '487e587c.qua'!
C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP173\A0014882.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '487e5882.qua'!
C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP173\A0014883.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '487e588b.qua'!
C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP174\A0014920.dll
[DETECTION] Is the Trojan horse TR/Downloader.Gen
[NOTE] The file was moved to '487e5890.qua'!
C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP174\A0014922.exe
[DETECTION] Is the Trojan horse TR/Agent.DYH
[NOTE] The file was moved to '487e5893.qua'!
C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP174\A0014924.exe
[DETECTION] Contains suspicious code HEUR/Malware
[NOTE] The fund was classified as suspicious.
[NOTE] The file was moved to '487e5895.qua'!
C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP175\A0015094.exe
[DETECTION] Contains detection pattern of the dropper DR/Delphi.Gen
[NOTE] The file was moved to '487e58a0.qua'!
C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP175\A0015096.dll
[DETECTION] Is the Trojan horse TR/Monder.82944
[NOTE] The file was moved to '487e58a6.qua'!
C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP175\A0015104.dll
[DETECTION] Is the Trojan horse TR/Monder.82944
[NOTE] The file was moved to '487e58a8.qua'!
C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP175\A0015105.dll
[DETECTION] Is the Trojan horse TR/Crypt.PEC2X.Gen
[NOTE] The file was moved to '487e58aa.qua'!
C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP175\A0015120.exe
[DETECTION] Is the Trojan horse TR/MailSkinner.C.1
[NOTE] The file was moved to '487e58ac.qua'!
C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP175\A0015124.exe
[DETECTION] Contains detection pattern of the rootkit RKIT/Agent.aqa
[NOTE] The file was moved to '487e58ae.qua'!
C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP175\A0015125.exe
[DETECTION] Contains detection pattern of the dropper DR/Delphi.Gen
[NOTE] The file was moved to '487e58b0.qua'!
C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP175\A0015126.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was moved to '487e58b2.qua'!
C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP175\A0015135.dll
[DETECTION] Is the Trojan horse TR/Click.Agen.32256
[NOTE] The file was moved to '487e58b4.qua'!
C:\WINDOWS\mrofinu1535.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[NOTE] The file was moved to '48bd5915.qua'!
C:\WINDOWS\system32\svchost.exe:ext.exe
[DETECTION] Is the Trojan horse TR/Hijack.Explor.4860
[NOTE] The file was moved to '48b15a56.qua'!
C:\WINDOWS\system32\vtUnnnoN.dll
[DETECTION] Is the Trojan horse TR/Monder.30208.2
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26003
[WARNING]
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\IJ2L4N67\update[1].upd
[DETECTION] Contains detection pattern of the rootkit RKIT/Clbd.BJ
[NOTE] The file was moved to '48b25a74.qua'!
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\IJ2L4N67\update[2].upd
[DETECTION] Contains detection pattern of the rootkit RKIT/Clbd.BJ
[NOTE] The file was moved to '48b25a76.qua'!
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\IJ2L4N67\update[3].upd
[DETECTION] Contains detection pattern of the rootkit RKIT/Clbd.BJ
[NOTE] The file was moved to '48b25a78.qua'!
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\IJ2L4N67\update[4].upd
[DETECTION] Contains detection pattern of the rootkit RKIT/Clbd.BJ
[NOTE] The file was moved to '48b25a7e.qua'!
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\IJ2L4N67\update[5].upd
[DETECTION] Contains detection pattern of the rootkit RKIT/Clbd.BJ
[NOTE] The file was moved to '48b25a82.qua'!
C:\WINDOWS\Temp\NSIS_Install_WMP.exe
[DETECTION] Contains detection pattern of the dropper DR/NaviPromo.BU.35
[NOTE] The file was moved to '48975abc.qua'!
End of the scan: mardi 10 juin 2008 12:41
Used time: 30:43 min
The scan has been done completely.
5518 Scanning directories
257318 Files were scanned
26 viruses and/or unwanted programs were found
3 Files were classified as suspicious:
0 files were deleted
0 files were repaired
27 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
257292 Files not concerned
3484 Archives were scanned
4 Warnings
27 Notes
yannaka
Messages postés
10
Date d'inscription
mercredi 11 juin 2008
Statut
Membre
Dernière intervention
19 décembre 2008
11 juin 2008 à 14:42
11 juin 2008 à 14:42
OK, je vais essayer NOD32. Merci.
Regis59
Messages postés
21143
Date d'inscription
mardi 27 juin 2006
Statut
Contributeur sécurité
Dernière intervention
22 juin 2016
1 320
11 juin 2008 à 15:24
11 juin 2008 à 15:24
Salut
Tu as changé d'antivirus?
A+
Tu as changé d'antivirus?
A+
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
yannaka
Messages postés
10
Date d'inscription
mercredi 11 juin 2008
Statut
Membre
Dernière intervention
19 décembre 2008
11 juin 2008 à 17:49
11 juin 2008 à 17:49
Le PC est au boulot, et je n'y suis pas aujourd'hui, donc je vais essayé NOD32 demain. J'ai essayé a2 et adaware, qui n'ont pas résolu le problème...
Regis59
Messages postés
21143
Date d'inscription
mardi 27 juin 2006
Statut
Contributeur sécurité
Dernière intervention
22 juin 2016
1 320
11 juin 2008 à 20:50
11 juin 2008 à 20:50
Ok.
A mon avis le changement d'antivirus ne changera en aucuns cas l'issue du problème.
Si demain tu as le temps au boulot:
télécharge HijackThis ici:
http://telechargement.zebulon.fr/138-hijackthis-1991.html
Dézippe le dans un dossier prévu à cet effet.
Par exemple C:\hijackthis < Enregistre le bien dans c : !
Démo : (Merci a Balltrap34 pour cette réalisation)
http://pageperso.aol.fr/balltrap34/Hijenr.gif
Lance le puis:
clique sur "do a system scan and save logfile" (cf démo)
faire un copier coller du log entier sur le forum
Démo : (Merci a Balltrap34 pour cette réalisation)
http://pageperso.aol.fr/balltrap34/demohijack.htm
et:
Désactive les logiciels de protection (Antivirus, Antispywares) puis :
Télécharge Combofix sUBs : http://download.bleepingcomputer.com/sUBs/ComboFix.exe
et sauvegarde le sur ton bureau et pas ailleurs!
Double-clic sur combofix, Il va te poser une question, réponds par la touche 1 et entrée pour valider.
Attends que combofix ait terminé, un rapport sera créé. Poste le rapport.
Bon courage
A+
A mon avis le changement d'antivirus ne changera en aucuns cas l'issue du problème.
Si demain tu as le temps au boulot:
télécharge HijackThis ici:
http://telechargement.zebulon.fr/138-hijackthis-1991.html
Dézippe le dans un dossier prévu à cet effet.
Par exemple C:\hijackthis < Enregistre le bien dans c : !
Démo : (Merci a Balltrap34 pour cette réalisation)
http://pageperso.aol.fr/balltrap34/Hijenr.gif
Lance le puis:
clique sur "do a system scan and save logfile" (cf démo)
faire un copier coller du log entier sur le forum
Démo : (Merci a Balltrap34 pour cette réalisation)
http://pageperso.aol.fr/balltrap34/demohijack.htm
et:
Désactive les logiciels de protection (Antivirus, Antispywares) puis :
Télécharge Combofix sUBs : http://download.bleepingcomputer.com/sUBs/ComboFix.exe
et sauvegarde le sur ton bureau et pas ailleurs!
Double-clic sur combofix, Il va te poser une question, réponds par la touche 1 et entrée pour valider.
Attends que combofix ait terminé, un rapport sera créé. Poste le rapport.
Bon courage
A+
yannaka
Messages postés
10
Date d'inscription
mercredi 11 juin 2008
Statut
Membre
Dernière intervention
19 décembre 2008
17 juin 2008 à 07:23
17 juin 2008 à 07:23
Le PC ayant complètement planté, un technicien est venu me le chercher pour essayer de résoudre le problème. Merci beaucoup à ceux qui ont essayé de m'aider !
