ordinateur infecté.au secours! Fermé

Question

Bonjour,
mon ordi est infecté par divers virus et trojans (win32... , trojans , adware et autres...)
j'ai passé avast au demarage et il a enlevé ces virus qui sont revenus des le scan suivant.
spybot donne des messages de modification du registre incessants.

je ne sais pas quoi faire.
quelqu'un peut-il m'aider?

merci d'avance

lecristal · Answer

http://forum.telecharger.01net.com/forum/high-tech/PRODUITS/Questions-techniques/anti-malware-sujet_197382_1.htm
fais nous cela pour commencer

dabigben · Answer

enfait si avast les mets en quarantaine (dans un dossier bien spécifique) c'est normal qu'il les redetecte quand tu rescanne;-) mé sinon, je n'aurais de cesse que de le repeter sans fin : la seule solution contre les virus si tu en est infesté, c'est le formatage et surtout, apres le formatage, mettre un antivirus avant de brancher le cable ethernet pour la premiere fois (ou le wifi koi)

lecristal · Answer

un peu juste le formatage d'office
je pense qu'il y a des logiciels de reparations avant de faire cela
non

dabigben · Answer

bof ya toujour des virus qui n'existent pas dans les base de definition de virus de nos antivirus
et puis le formatage c'est une vrai jouissance!! non je déconne enfin bref c'est sur que si il n'y a qu'un virus, c'est pas la peine de formater mais si yen a 15 ou voir meme 150 d'apres ce que j'ai deja vu, la, c'est la seule soluce

lecristal · Answer

oui
je sais
mais cela se fait en dernier recour
je sais que personne n'est a l'abri d'un virus
le formatage
je crois qu'il faut le faire tous les ans
afin qu'il puisse retrouver un seconde jeunesse

dabigben · Answer

microsoft préconise le formatage tout les 6mois

lecristal · Answer

ben
je ne le savais pas
cela ne regarde qu'eux
ce n'est pas eux qui font le boulot   :))))))))

dabigben · Answer

en meme temps si eux ils l'avouent , c'est qu'il doit y avoir des raison, et pis un petit formatage c'est vite fé si c'est pas trop le bordel sur ton pc et si t'as pa un dossier wow qui fé 40000Giga koi!

lecristal · Answer

oui je sais 
le plis dur mise a jour de windows
les pilotes
les logiels a installer de nouveaux
recollé tes dossiers sauvegarder 

ben oui
quand meme 2 heures au moins

aecdec · Answer

tout d'abord merci de voler à mon secours.

voilà le rapport demandé:

Malwarebytes' Anti-Malware 1.19
Version de la base de données: 910
Windows 5.1.2600 Service Pack 2

14:38:13 01/07/2008
mbam-log-7-1-2008 (14-38-13).txt

Type de recherche: Examen complet (C:\|D:\|F:\|)
Eléments examinés: 284308
Temps écoulé: 1 hour(s), 32 minute(s), 8 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 13
Valeur(s) du Registre infectée(s): 4
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 4
Fichier(s) infecté(s): 51

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\CLSID\{d2eeb637-a4a5-4bbb-8c0c-96af821110c2} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\bfgtoolbar.bfgtoolbar (Adware.OneToolBar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\bfgtoolbar.bfgtoolbartoggle button (Adware.OneToolBar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{4e7bd74f-2b8d-469e-86bd-fd60bb9aae3b} (Adware.OneToolBar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\bfgtoolbar.bfgtoolbarmenu button (Adware.OneToolBar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{4e7bd74f-2b8d-469e-86bd-fd60bb9aae3c} (Adware.OneToolBar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Juan (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\gxvpsafm.bkvd (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\gxvpsafm.toolbar.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\bfgtoolbar (Adware.OneToolBar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bfgtoolbar (Adware.OneToolBar) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{4e7bd74f-2b8d-469e-86bd-fd60bb9aae3a} (Adware.OneToolBar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\48c53323 (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\pntqkflv (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\qegbdmwf (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Program Files\PCHealthCenter (Trojan.Fakealert) -> Quarantined and deleted successfully.
C:\Program Files\VAV (Rogue.VistaAntivirus2008) -> Quarantined and deleted successfully.
C:\Documents and Settings\papa\Application Data\bfgtoolbar (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\papa\Application Data\bfgtoolbar\NewCfg (Adware.OneToolBar) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\WINDOWS\system32\kumcwuny.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ynuwcmuk.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\papa\Local Settings\Temporary Internet Files\Content.IE5\FQF1ERY2\css4[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\papa\Local Settings\Temporary Internet Files\Content.IE5\H6846QGL\kb456456[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\papa\Local Settings\Temporary Internet Files\Content.IE5\IPR2NI7N\kb456456[2] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\5.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP463\A0111611.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP463\A0111647.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\0.gif (Trojan.Fakealert) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\1.gif (Trojan.Fakealert) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\2.gif (Trojan.Fakealert) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\3.gif (Trojan.Fakealert) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\sc.html (Trojan.Fakealert) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\sex1.ico (Trojan.Fakealert) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\sex2.ico (Trojan.Fakealert) -> Quarantined and deleted successfully.
C:\Program Files\VAV\vav.ooo (Rogue.VistaAntivirus2008) -> Quarantined and deleted successfully.
C:\Documents and Settings\papa\Application Data\bfgtoolbar\1.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\papa\Application Data\bfgtoolbar\10.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\papa\Application Data\bfgtoolbar\2.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\papa\Application Data\bfgtoolbar\20off.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\papa\Application Data\bfgtoolbar\3.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\papa\Application Data\bfgtoolbar\4.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\papa\Application Data\bfgtoolbar\5.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\papa\Application Data\bfgtoolbar\6.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\papa\Application Data\bfgtoolbar\7.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\papa\Application Data\bfgtoolbar\8.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\papa\Application Data\bfgtoolbar\9.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\papa\Application Data\bfgtoolbar\action.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\papa\Application Data\bfgtoolbar\atlantis.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\papa\Application Data\bfgtoolbar\bfgtoolbarDLL.zip (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\papa\Application Data\bfgtoolbar\bfgtoolbartb0500.cfg (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\papa\Application Data\bfgtoolbar\bfgtoolbartb0500.cfg125418656 (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\papa\Application Data\bfgtoolbar\bfgtoolbartb0500.cfg126270968 (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\papa\Application Data\bfgtoolbar\bfg_greetings.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\papa\Application Data\bfgtoolbar\card.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\papa\Application Data\bfgtoolbar\COMBOSEARCH.acs (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\papa\Application Data\bfgtoolbar\ErrorLog.txt (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\papa\Application Data\bfgtoolbar\logo.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\papa\Application Data\bfgtoolbar\mahjong.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\papa\Application Data\bfgtoolbar\mygames.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\papa\Application Data\bfgtoolbar\mygamestoolbar.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\papa\Application Data\bfgtoolbar
ew.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\papa\Application Data\bfgtoolbar
ewgames.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\papa\Application Data\bfgtoolbar\puzzle.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\papa\Application Data\bfgtoolbar\search.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\papa\Application Data\bfgtoolbar\search.bmp193156312 (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\papa\Application Data\bfgtoolbar	hereef.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\papa\Application Data\bfgtoolbar	opten.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\papa\Application Data\bfgtoolbar\webgames.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\papa\Application Data\bfgtoolbar\word.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\WINDOWS\cookies.ini (Malware.Trace) -> Quarantined and deleted successfully.

que dois je faire ensuite ?

merci lecristal de ne pas me conseiller le formatage comme premiere solution.
je l'aurais fais seule , mais je prefere demander l'aide des pros qui , pour ceux qui veulent vraiment aider les debutants, essayent d'arranger les choses avnt d'en arriver aux solutions extremes.

à bientot

aecdec · Answer

oups !!
désolée de vous deranger , je vais changer de forum
à plus !!!

lecristal · Answer

merci pour les remarques
tu la fait peur

lecristal · Answer

non s'est pas bien cela
peut etre pas dans les regles du forum de CCM

lecristal · Answer

bon cela n'est pas grave
il est partis
sniffffffffffffffffffffffff

aecdec · Answer

pour lecristal:

j'ai fais ce que tu m'as demandé.
apres vous vous foutez de moi !
et en plus c'est moi qui suis pas dans les regles du forum ...

merci pour l'entraide !

vous etes vraiment sympa

c'est pas grave , snifff
comme vous le dites !!!

allez , vous n'etes pas sympa 

bonne journée quand meme et je vous embrasse

Anne

lecristal · Answer

bon cela est dommage
je lui ai fait un petit message de sympathis 
mais bon pas de reponse
encore dommage

Frappe Misere · Answer

dabigben = KA helpeur des bacs à sable.
depuis quand Krosoft invite à formater tous les 6 mois ? donne l'article stp.
j'espere qu un jour tu postera un probleme qu on puisse t envoyer boulet de la meme façon.

(courage Anne, si tu repasses par là, tout le monde n'est pas aussi idiot)

Utilisateur anonyme · Answer

microsoft préconise le formatage tout les 6mois

depuis quand Krosoft invite à formater tous les 6 mois ? donne l'article stp. 

Et même s'il le préconisait, même s'il y avait un article, microsoft n'est PAS l'informatique...

icewall · Answer

c'est grave la depuis quand CCM ne prend pas en complte un rapport de securité ??



...

^^Marie^^ · Answer

Le pauvre aecdec, il a du être largué, là .....................

Ordinateur infecté.au secours!

25 réponses

Discussions similaires