Posez votre question Signaler

Tr/dropper.gen [Résolu]

barnes37 - Dernière réponse le 30 mars 2009 à 15:48
Bonjour,
Je suis harcelé par ce virus TR/DROPPER.GEN
Antivir me signale sa présence et me demande de le mettre en quarantaine,ce que je fais;mais cela ne l'empêche pas de revenir sans cesse.
Comment m'en débarrasser?
Voici le rapport de l'analyse antivir :
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, H:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: lundi 30 mars 2009 13:10
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '1' Module(s) have been scanned
Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
Scan process 'jucheck.exe' - '1' Module(s) have been scanned
Scan process 'usnsvc.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'FTCOMModule.exe' - '1' Module(s) have been scanned
Scan process 'OraConfigRecover.exe' - '1' Module(s) have been scanned
Scan process 'CoreCom.exe' - '1' Module(s) have been scanned
Scan process 'ConnectivityManager.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lxbycoms.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'NMIndexStoreSvr.exe' - '1' Module(s) have been scanned
Scan process 'iPodService.exe' - '1' Module(s) have been scanned
Scan process 'NMIndexingService.exe' - '1' Module(s) have been scanned
Scan process 'soffice.bin' - '1' Module(s) have been scanned
Scan process 'soffice.exe' - '1' Module(s) have been scanned
Scan process 'ceymgya.exe' - '1' Module(s) have been scanned
Scan process 'msmsgs.exe' - '1' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'NMBgMonitor.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'vVX1000.exe' - '1' Module(s) have been scanned
Scan process 'ezprint.exe' - '1' Module(s) have been scanned
Scan process 'lxbymon.exE' - '1' Module(s) have been scanned
Scan process 'iTunesHelper.exe' - '1' Module(s) have been scanned
Scan process 'AlertModule.exe' - '1' Module(s) have been scanned
Scan process 'brs.exe' - '1' Module(s) have been scanned
Scan process 'Launcher.exe' - '1' Module(s) have been scanned
Scan process 'PDVD8Serv.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'SystrayApp.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'RTHDCPL.EXE' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
Scan process 'MSCamS32.exe' - '1' Module(s) have been scanned
Scan process 'FTRTSVC.exe' - '1' Module(s) have been scanned
Scan process 'mDNSResponder.exe' - '1' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
56 processes with 56 modules were scanned
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD2
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD3
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD4
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'H:\'
[INFO] No virus was found!
Starting to scan the registry.
The registry was scanned ( '58' files ).
Starting the file scan:
Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{60FA3411-1F92-4BFD-976F-961DE0290D2B}\RP172\A0044009.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '4a00abc7.qua'!
C:\System Volume Information\_restore{60FA3411-1F92-4BFD-976F-961DE0290D2B}\RP173\A0045128.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '4a00abd5.qua'!
Begin scan in 'H:\' <ACERDATA>
End of the scan: lundi 30 mars 2009 13:32
Used time: 21:49 Minute(s)
The scan has been done completely.
6083 Scanning directories
205579 Files were scanned
2 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
2 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
205576 Files not concerned
2461 Archives were scanned
5 Warnings
2 Notes
Merci pour votre aide
Lire la suite 

Tr/dropper.gen »

Suggestions
Plus
3 réponses
Réponse
+0
moins plus
jlpjlp 50297Messages postés 18 mai 2007Date d'inscription 28 mai 2012Dernière intervention 30 mars 2009 à 13:51
slt
cela va etre rapide!

vire ce qui est en quarantaine dans antivir

puis


Désactive ta restauration systeme puis redemarre ton ordi puis réactive là comme ceci:
http://www.informatruc.com/desactiver_restauration.php



voilà tu peux mettre résolu !

 Ajouter un commentaire
barnes37 - 30 mars 2009 à 15:39
Merci pour ton aide;je ne sais pas comment feraient les internautes du dimanche comme moi sans ce forum ;)
Ajouter un commentaire
Réponse
+0
moins plus
jlpjlp 50297Messages postés 18 mai 2007Date d'inscription 28 mai 2012Dernière intervention 30 mars 2009 à 15:48
ok

bonne suite


rq: toute infection debutant par C:\System Volume Information\_restore ...

est dans ta restauration alors il suffit de la désactiver pour la purger puis la remettre

 Ajouter un commentaire
Ajouter un commentaire
Posez votre question
Ce document intitulé « tr/dropper.gen » issu de CommentCaMarche (www.commentcamarche.net) est mis à disposition sous les termes de la licence Creative Commons. Vous pouvez copier, modifier des copies de cette page, dans les conditions fixées par la licence, tant que cette note apparaît clairement.
Dossier à la une
Passage au tout numérique : quel coût pour les particuliers ?