Version anglaise Version espagnoleVersion française

Vendredi 5 septembre 2008 - 08:14:19
inscrits : 953621
connectés : 13836
questions/jour : 4806
Taux de réponse : 77.45%

Inscrivez-vous, c'est gratuit ! (mot de passe oublié)

Par Pertinence Date Nom d'utilisateur dans

Posez votre question Forum Virus/Sécurité

Options Ils ont besoin de votre aide

08:12 écran noire sur acer (Windows)
08:11 Strong SRT 6410 Version logicielle (Matériel/Hardware)
08:11 barre outil WORD (Windows)
08:07 BESOIN DE PILOTE D INSTALLATION... (Logiciels/Pilotes)
08:07 API et PDT de Paypal (Webmastering)
07:59 Skin en access (Programmation)

Tous les messages sans réponse

Statut : Résolu

Pb Virus nombreux

atchoum83440, le dimanche 18 mai 2008 à 17:14:50

Bonjour, a tous

J'ai mon cousin qui ma laissé son ordi
j'ai antivir qui n'arrete pas de trouver des virus
Ces virus sont apparus a la suite du virus qui se balader sur msn photo.zip que j'ai déjà réglé mis ceux là je n'y arrive pas

TR/Zapchast.GB.5
TR/CRYPT.XPACK.GEN
TR/PrivacySet.A
TR/Agent.3648.1
PHISH/FraudTool.DrAntispy.BP

J'ai déà fait un rapport de Hijackthis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:06:00, on 18/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avscan.exe
C:\WINDOWS\system32\ntvdm.exe
C:\Program Files\Hercules\WiFi Station\WiFiStation.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,(Default) = Download Directory
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neufportail.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O3 - Toolbar: Compagnon Web Encarta - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [48c53323] rundll32.exe "C:\WINDOWS\system32\tpixxjtn.dll",b
O4 - HKLM\..\Run: [BM4bf600bf] Rundll32.exe "C:\WINDOWS\system32\nweiilgq.dll",s
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Acer WLAN 11g USB Dongle.lnk = C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk.disabled
O4 - Global Startup: WiFi Station.lnk = ?
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17D72920-7A15-11D4-921E-0080C8DA7A5E} (AimSp32 Class) - http://www.stylist4all.com/IE20020716/save/makeover.cab
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.mypix.com/fr/fr/importer/ImageUploader4.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://www.photoways.com/clients/uploader_v2.2.0.6.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{9CE55A1F-0656-4D25-83DA-F68DB0125369}: NameServer = 192.168.1.1
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
End of file - 8945 bytes

et dans quelque mintues je rajouterai celui d'antivir

Merci de votre Aide

La config dee l'ordi est un XP famillial avec Antivir et Spybot Mozilla et IE 7.0

Configuration: Windows XP
Internet Explorer 7.0

Répondre à atchoum83440 Signaler ce message aux modérateurs Aller au dernier message

30 réponses 12

Ce message vous semble utile, votez !
Signaler ce message aux modérateurs

sasukedu91, le dimanche 18 mai 2008 à 17:19:19

suis le guide http://www.infos-du-net.com/forum/278396-11-tuto-malwarebytes-anti-malware-mbam et poste ton rapport sa peut durer longtemps mais sa en vaut la peine oublie pas de mettre scan municieux keskil y a naruto tu tes fait bobo
si je repond pas c'est que je suis pas sur le pc et sa peut durer longtemps

Répondre à sasukedu91

Ce message vous semble utile, votez !
Signaler ce message aux modérateurs

shion-ares, le dimanche 18 mai 2008 à 17:19:36

bonjour

- Télécharge MalwareByte's Anti-Malware :
- Installe le programme puis lance le stp.
- Fais les mises à jour (clique sur "Mises à jour" puis "Recherche de mises à jour") puis ferme le programme.
NB : Si tu as besoin : Tuto

http://www.malekal.com/tutorial_MalwareBytes_AntiMalware.php

Répondre à shion-ares

Ce message vous semble utile, votez !
Signaler ce message aux modérateurs

sasukedu91, le dimanche 18 mai 2008 à 17:22:55

merci de la repetition ;{ keskil y a naruto tu tes fait bobo
si je repond pas c'est que je suis pas sur le pc et sa peut durer longtemps

Répondre à sasukedu91

Ce message vous semble utile, votez !
Signaler ce message aux modérateurs

jessydu54, le dimanche 18 mai 2008 à 17:24:55

fais ca avec antivir:

reglages pour antivir :

une fois antivir ouvert click surconfiguration et coche la case "expert mode" puis sur l´onglet scanner dans la fenetre du dessous tu va voir : rootkit search click sur le petit + pour deployer et coche la case a coté de ton disk dur
puis click sur configuration en haut a droite; dans la nouvelle fenetre a gauche >scanner > coche "scan all files" et en dessous >scanner priority = High
coche : allow stopping the scanner, comme cela tu peux faire une pause pendant le scan si tu le desir.
puis sur la droite coche les case suivantes :
scan boot sectors of selected drives
scan master boot sectors
scan memory
search foe rootkit before scan
decoche :
ignore off line files
toujours a gauche > scan > deploie > heuristique > macrovirus heuristic = coché et en dessous > win32 heuristic la case coché et high detection level

aussi clic sur guard puis coche scan archive puis tu decoche les 3 case en dessous puis ok

puis fais un scan en mode normale et mode sans échec fais un scan et supprime tous se qu'il trouve

Répondre à jessydu54

Ce message vous semble utile, votez !
Signaler ce message aux modérateurs

atchoum83440, le dimanche 18 mai 2008 à 17:55:58

Voila le rapport de Antivir celui de Malwarebytes's arrive dans quelque second

Avira AntiVir Personal
Report file date: dimanche 18 mai 2008 16:48

Scanning for 1276115 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Normally booted
Username: SYSTEM
Computer name: PINCHAULT

Version information:
BUILD.DAT : 8.1.00.295 16479 Bytes 09/04/2008 16:24:00
AVSCAN.EXE : 8.1.2.12 311553 Bytes 24/04/2008 19:40:46
AVSCAN.DLL : 8.1.1.0 53505 Bytes 24/04/2008 19:40:46
LUKE.DLL : 8.1.2.9 151809 Bytes 24/04/2008 19:40:46
LUKERES.DLL : 8.1.2.1 12033 Bytes 24/04/2008 19:40:46
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 13:27:15
ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 14:08:25
ANTIVIR2.VDF : 7.0.4.53 1848832 Bytes 17/05/2008 15:17:11
ANTIVIR3.VDF : 7.0.4.54 2048 Bytes 17/05/2008 15:17:11
Engineversion : 8.1.0.46
AEVDF.DLL : 8.1.0.5 102772 Bytes 24/04/2008 19:40:53
AESCRIPT.DLL : 8.1.0.33 266618 Bytes 17/05/2008 15:18:22
AESCN.DLL : 8.1.0.18 119156 Bytes 17/05/2008 15:18:17
AERDL.DLL : 8.1.0.20 418165 Bytes 27/04/2008 17:31:15
AEPACK.DLL : 8.1.1.5 364918 Bytes 17/05/2008 15:18:12
AEOFFICE.DLL : 8.1.0.18 192890 Bytes 24/04/2008 19:40:53
AEHEUR.DLL : 8.1.0.29 1253750 Bytes 17/05/2008 15:18:00
AEHELP.DLL : 8.1.0.14 115063 Bytes 24/04/2008 19:40:53
AEGEN.DLL : 8.1.0.21 303477 Bytes 17/05/2008 15:17:25
AEEMU.DLL : 8.1.0.6 430451 Bytes 07/05/2008 17:09:28
AECORE.DLL : 8.1.0.29 168311 Bytes 17/05/2008 15:17:16
AVWINLL.DLL : 1.0.0.7 14593 Bytes 24/04/2008 19:40:46
AVPREF.DLL : 8.0.0.1 25857 Bytes 24/04/2008 19:40:46
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 12:16:24
AVREG.DLL : 8.0.0.0 30977 Bytes 24/04/2008 19:40:46
AVARKT.DLL : 1.0.0.23 307457 Bytes 24/04/2008 19:40:46
AVEVTLOG.DLL : 8.0.0.11 114945 Bytes 24/04/2008 19:40:46
SQLITE3.DLL : 3.3.17.1 339968 Bytes 24/04/2008 19:40:46
SMTPLIB.DLL : 1.2.0.19 28929 Bytes 24/04/2008 19:40:46
NETNT.DLL : 8.0.0.1 7937 Bytes 24/04/2008 19:40:46
RCIMAGE.DLL : 8.0.0.35 2371841 Bytes 24/04/2008 19:40:42
RCTEXT.DLL : 8.0.32.0 86273 Bytes 24/04/2008 19:40:42

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, D:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: high

Start of the scan: dimanche 18 mai 2008 16:48

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'guardgui.exe' - '1' Module(s) have been scanned
Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
Scan process 'dllhost.exe' - '1' Module(s) have been scanned
Scan process 'ehmsas.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '1' Module(s) have been scanned
Scan process 'FxSvr2.exe' - '1' Module(s) have been scanned
Scan process 'ZDWlan.exe' - '1' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'mcrdsvc.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'LSSrvc.exe' - '1' Module(s) have been scanned
Scan process 'MsgPlus.exe' - '1' Module(s) have been scanned
Scan process 'LogiTray.exe' - '1' Module(s) have been scanned
Scan process 'LVCOMSX.EXE' - '1' Module(s) have been scanned
Scan process 'ehSched.exe' - '1' Module(s) have been scanned
Scan process 'hpztsb07.exe' - '1' Module(s) have been scanned
Scan process 'eRAgent.exe' - '1' Module(s) have been scanned
Scan process 'ehrecvr.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'ehtray.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
41 processes with 41 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
[WARNING] Le périphérique n'est pas prêt.
Master boot sector HD2
[INFO] No virus was found!
[WARNING] Le périphérique n'est pas prêt.
Master boot sector HD3
[INFO] No virus was found!
[WARNING] Le périphérique n'est pas prêt.
Master boot sector HD4
[INFO] No virus was found!
[WARNING] Le périphérique n'est pas prêt.

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!

Starting to scan the registry.
The registry was scanned ( '40' files ).

Starting the file scan:

Begin scan in 'C:\' <ACER>
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Documents and Settings\BOB FAMILY\gbo.MSNFix
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[NOTE] The file was moved to '489f42c3.qua'!
C:\Documents and Settings\BOB FAMILY\Local Settings\Temporary Internet Files\Content.IE5\5MDDFSKO\yaypalassamosvala[1]
[DETECTION] Is the Trojan horse TR/PrivacySet.A
[NOTE] The file was moved to '48a943f4.qua'!
C:\Documents and Settings\BOB FAMILY\Local Settings\Temporary Internet Files\Content.IE5\W1WM4872\moorate[1]
[DETECTION] Is the Trojan horse TR/Agent.3648.1
[NOTE] The file was moved to '489f4491.qua'!
C:\Program Files\MalwareAlarm\pv.exe
[DETECTION] Contains detection pattern of the Phish-File/Email PHISH/FraudTool.DrAntispy.BP
[NOTE] The file was moved to '485e47ff.qua'!
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP406\A0054666.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[NOTE] The file was moved to '486049aa.qua'!
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP406\A0054689.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[NOTE] The file was moved to '486049ab.qua'!
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP406\A0054691.exe
[DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Agent.gze Backdoor server programs
[NOTE] The file was moved to '49cbd224.qua'!
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP406\A0054699.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[NOTE] The file was moved to '486049ad.qua'!
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP409\A0054989.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was moved to '486049c2.qua'!
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP409\A0054990.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was moved to '49cbd24b.qua'!
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP409\A0054991.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was moved to '486049c4.qua'!
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP409\A0054992.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was moved to '486049c3.qua'!
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP409\A0054993.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was moved to '49cbd24c.qua'!
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP409\A0054994.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was moved to '486049c5.qua'!
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP409\A0055000.dll
[DETECTION] Is the Trojan horse TR/Agent.3648.1
[NOTE] The file was moved to '49cbd24d.qua'!
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP409\A0055001.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was moved to '486049c6.qua'!
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP409\A0055002.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was moved to '49cbd24f.qua'!
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP409\A0055003.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was moved to '49cbd24e.qua'!
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP409\A0055004.dll
[DETECTION] Is the Trojan horse TR/Vundo.GH
[NOTE] The file was moved to '486049c7.qua'!
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP409\A0055005.dll
[DETECTION] Is the Trojan horse TR/Agent.3648.1
[NOTE] The file was moved to '486049d8.qua'!
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP409\A0055006.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was moved to '49cbd251.qua'!
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP409\A0055007.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was moved to '486049da.qua'!
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP409\A0055959.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was moved to '49cbd240.qua'!
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP409\A0055960.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was moved to '486049c9.qua'!
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP410\A0058240.dll
[DETECTION] Is the Trojan horse TR/PCK.Monder.104448
[NOTE] The file was moved to '486049dd.qua'!
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP411\A0059242.dll
[DETECTION] Is the Trojan horse TR/PCK.Monder.96256.1
[NOTE] The file was moved to '486049e2.qua'!
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP415\A0059626.dll
[DETECTION] Is the Trojan horse TR/Monder.106560
[NOTE] The file was moved to '486049f6.qua'!
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP415\A0059647.dll
[DETECTION] Is the Trojan horse TR/Monder.96832
[NOTE] The file was moved to '486049f7.qua'!
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP417\A0059890.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was moved to '48604a06.qua'!
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP417\A0060866.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was moved to '48604a07.qua'!
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP418\A0060914.dll
[DETECTION] Is the Trojan horse TR/Monder.DJ
[NOTE] The file was moved to '48604a0d.qua'!
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP419\A0060958.dll
[DETECTION] Is the Trojan horse TR/Monder.DO
[NOTE] The file was moved to '48604a14.qua'!
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP420\A0061005.dll
[DETECTION] Is the Trojan horse TR/Monder.EO
[NOTE] The file was moved to '48604a1b.qua'!
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP423\A0062098.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[NOTE] The file was moved to '48604a2e.qua'!
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP423\A0062141.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was moved to '48604a31.qua'!
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP425\A0062272.exe
[DETECTION] Contains detection pattern of the Phish-File/Email PHISH/FraudTool.DrAntispy.BP
[NOTE] The file was moved to '48604a3e.qua'!
C:\WINDOWS\xpupdate.exe
[DETECTION] Is the Trojan horse TR/Peed.A.280
[NOTE] The file was moved to '48a54a9d.qua'!
C:\WINDOWS\system32\cibvxohs.exe
[DETECTION] Is the Trojan horse TR/PrivacySet.A
[NOTE] The file was moved to '48924fdc.qua'!
C:\WINDOWS\system32\hggdayvw.dll
[DETECTION] Is the Trojan horse TR/Zapchast.GB.5
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26003
[WARNING]
C:\WINDOWS\system32\hggdedee.dll
[DETECTION] Is the Trojan horse TR/Vundo.GL.1
[NOTE] The file was moved to '48975048.qua'!
C:\WINDOWS\system32\hicekmst.exe
[DETECTION] Is the Trojan horse TR/PrivacySet.A
[NOTE] The file was moved to '4893504a.qua'!
C:\WINDOWS\system32\ihjthgea.exe
[DETECTION] Is the Trojan horse TR/PrivacySet.A
[NOTE] The file was moved to '489a504f.qua'!
C:\WINDOWS\system32\jcbvojjc.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was moved to '48925051.qua'!
C:\WINDOWS\system32\kkwxblkk.exe
[DETECTION] Is the Trojan horse TR/PrivacySet.A
[NOTE] The file was moved to '48a75062.qua'!
C:\WINDOWS\system32\ljdlvddx.dll
[DETECTION] Is the Trojan horse TR/Agent.3648.1
[NOTE] The file was moved to '48945067.qua'!
C:\WINDOWS\system32\mroqhwlg.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was moved to '489f5084.qua'!
C:\WINDOWS\system32\mvwnksil.dll
[DETECTION] Is the Trojan horse TR/Agent.3648.1
[NOTE] The file was moved to '48a75095.qua'!
C:\WINDOWS\system32\mxydnimo.dll
[DETECTION] Is the Trojan horse TR/PCK.Monder.96320.1
[NOTE] The file was moved to '48a95097.qua'!
C:\WINDOWS\system32\ngggnfvi.dll
[DETECTION] Is the Trojan horse TR/Monder.EO
[NOTE] The file was moved to '4897508a.qua'!
C:\WINDOWS\system32\shikspfi.exe
[DETECTION] Is the Trojan horse TR/PrivacySet.A
[NOTE] The file was moved to '489950c9.qua'!
C:\WINDOWS\system32\smeykwkf.exe
[DETECTION] Is the Trojan horse TR/PrivacySet.A
[NOTE] The file was moved to '489550d0.qua'!
Begin scan in 'D:\' <ACERDATA>

End of the scan: dimanche 18 mai 2008 17:53
Used time: 1:05:50 min

The scan has been done completely.

6173 Scanning directories
405182 Files were scanned
51 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
50 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
405131 Files not concerned
8423 Archives were scanned
7 Warnings
50 Notes

Répondre à atchoum83440

Ce message vous semble utile, votez !
Signaler ce message aux modérateurs

sasukedu91, le dimanche 18 mai 2008 à 17:57:12

supprime moi cette ville de virus!!!!!!!!!! keskil y a naruto tu tes fait bobo
si je repond pas c'est que je suis pas sur le pc et sa peut durer longtemps

Répondre à sasukedu91

Ce message vous semble utile, votez !
Signaler ce message aux modérateurs

jessydu54, le dimanche 18 mai 2008 à 17:56:59

Répondre à jessydu54

Ce message vous semble utile, votez !
Signaler ce message aux modérateurs

atchoum83440, le dimanche 18 mai 2008 à 17:57:57

C'est fait mais il revienne en permanence

Répondre à atchoum83440

Ce message vous semble utile, votez !
Signaler ce message aux modérateurs

jessydu54, le dimanche 18 mai 2008 à 17:58:19

oui tu supprime tous se qui est dans la quarantaine d'antivir!

Répondre à jessydu54

Ce message vous semble utile, votez !
Signaler ce message aux modérateurs

atchoum83440, le dimanche 18 mai 2008 à 17:59:22

fais aussi même en si général je choisi direct de del

Répondre à atchoum83440

Ce message vous semble utile, votez !
Signaler ce message aux modérateurs

sasukedu91, le dimanche 18 mai 2008 à 17:59:43

Répondre à sasukedu91

Ce message vous semble utile, votez !
Signaler ce message aux modérateurs

jessydu54, le dimanche 18 mai 2008 à 18:00:00

alors le rapport de malwarebytes?

Répondre à jessydu54

Ce message vous semble utile, votez !
Signaler ce message aux modérateurs

jessydu54, le dimanche 18 mai 2008 à 18:00:37

autrement fais ca:

* Télécharger Combifix (by Subs) sur cette page :
* http://download.bleepingcomputer.com/sUBs/ComboFix.exe
* Enregistrez le sur le bureau
* Déconnectez vous d'internet et fermez toutes tes applications et programmes
* Double-cliquez sur combo-fix.exe
* Appuyer sur la touche Y (Yes) pour démarrer le scan
* Le rapport sera crée sous la racine: C:\Combofix.txt

Remarque : combo se charge de supprimer un certain nombre de fichiers infectés liés à bagle.
Il est impératif de télécharger combo par le lien donné précédemment ( version renommée ) ou alors de renommer vous même combo ( clic droit sur le fichier < renommer ), car sinon Combo sera totalement inefficace face à Bagle !
(vous pouver renomer combofix en n'importe quoi comme killer ou tuer etc...)

vous me poster le rapport

Répondre à jessydu54

Ce message vous semble utile, votez !
Signaler ce message aux modérateurs

sasukedu91, le dimanche 18 mai 2008 à 18:01:41

sa c'est apres ou pendant mais le plus imortant c malwerbytes keskil y a naruto tu tes fait bobo
si je repond pas c'est que je suis pas sur le pc et sa peut durer longtemps

Répondre à sasukedu91

Ce message vous semble utile, votez !
Signaler ce message aux modérateurs

atchoum83440, le dimanche 18 mai 2008 à 18:18:07

Voila le rapport de Malwarebytes'

Malwarebytes' Anti-Malware 1.12
Version de la base de données: 762

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 128082
Temps écoulé: 24 minute(s), 46 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 13
Valeur(s) du Registre infectée(s): 3
Elément(s) de données du Registre infecté(s): 2
Dossier(s) infecté(s): 2
Fichier(s) infecté(s): 37

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
C:\WINDOWS\system32\hggdayvw.dll (Trojan.Vundo) -> Unloaded module successfully.

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{447c8d02-7f35-42f7-8da5-c4d0a8c876b7} (Trojan.Vundo) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{447c8d02-7f35-42f7-8da5-c4d0a8c876b7} (Trojan.Vundo) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{5e87b2e0-66d7-4256-a14f-10a21af45b2a} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5e87b2e0-66d7-4256-a14f-10a21af45b2a} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{5e87b2e0-66d7-4256-a14f-10a21af45b2a} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\BM4bf600bf (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\ADP (Rogue.Multiple) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\hggdayvw -> Delete on reboot.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\hggdayvw -> Delete on reboot.

Dossier(s) infecté(s):
C:\Program Files\MalwareAlarm (Rogue.Malware.Alarm) -> Quarantined and deleted successfully.
C:\Documents and Settings\BOB FAMILY\Local Settings\Temp\NI.UGA6PV_0001_N122M1202 (Rogue.Multiple) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\WINDOWS\system32\djjowpdr.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rdpwojjd.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hggdayvw.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\wvyadggh.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wvyadggh.ini2 (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nfdgevyr.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ryvegdfn.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xhwynplu.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ulpnywhx.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\BOB FAMILY\Local Settings\Temp\prfjtjfa.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\BOB FAMILY\Local Settings\Temporary Internet Files\Content.IE5\F2T6F01A\query[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Program Files\MalwareAlarm\MalwareAlarm0.dll (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\MalwareAlarm\MalwareAlarm1.dll (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\MalwareAlarm\MalwareAlarm3.dll (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP410\A0058243.dll (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP410\A0058244.dll (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP410\A0058245.dll (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP426\A0065353.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP426\A0065386.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP426\A0065395.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP426\A0065396.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jxrchprh.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\KCMDNIns.exe (Trojan.Inject) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nfqpolie.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\scbsicuo.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Program Files\MalwareAlarm\MalwareAlarm.lic (Rogue.Malware.Alarm) -> Quarantined and deleted successfully.
C:\Program Files\MalwareAlarm\MalwareAlarm0.ma (Rogue.Malware.Alarm) -> Quarantined and deleted successfully.
C:\Program Files\MalwareAlarm\MalwareAlarm1.ma (Rogue.Malware.Alarm) -> Quarantined and deleted successfully.
C:\Program Files\MalwareAlarm\mfc71.dll (Rogue.Malware.Alarm) -> Quarantined and deleted successfully.
C:\Program Files\MalwareAlarm\msvcp71.dll (Rogue.Malware.Alarm) -> Quarantined and deleted successfully.
C:\Program Files\MalwareAlarm\msvcr71.dll (Rogue.Malware.Alarm) -> Quarantined and deleted successfully.
C:\Program Files\MalwareAlarm\Uninstall.exe (Rogue.Malware.Alarm) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gebyvts.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\cbxvusq.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ljjklki.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vtusrpm.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\yaywuts.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

Je dois redemarrermon ordi et je re

Répondre à atchoum83440

Ce message vous semble utile, votez !
Signaler ce message aux modérateurs

sasukedu91, le dimanche 18 mai 2008 à 18:21:20

supprime moi tout c'est virus keskil y a naruto tu tes fait bobo
si je repond pas c'est que je suis pas sur le pc et sa peut durer longtemps

Répondre à sasukedu91

Ce message vous semble utile, votez !
Signaler ce message aux modérateurs

jessydu54, le dimanche 18 mai 2008 à 18:19:06

ok reposte moi un log hijackthis

Répondre à jessydu54

Ce message vous semble utile, votez !
Signaler ce message aux modérateurs

jessydu54, le dimanche 18 mai 2008 à 18:23:10

il les a supprimer !!

Quarantined and deleted successfully.

veut dire il les a mis en quarantaine et il les a supprimer avec succer!!

Répondre à jessydu54

Ce message vous semble utile, votez !
Signaler ce message aux modérateurs

sasukedu91, le dimanche 18 mai 2008 à 18:24:40

ok (je l'avai pas vue XD) esque