Virus or not virus? This is the question!!!Résolu/Fermé

Question

Bonjour,

Après analyse de mon PC avec Kaspersky 2009 il me trouve les problemes suivants à corriger:

31/08/2008 18:19:42	Détectés: https://securelist.fr/	
c:\program files\foxit software\foxit reader\foxit reader.exe
		
31/08/2008 18:19:49	Détectés: https://securelist.fr/	
c:\program files\microsoft office\office11\powerpnt.exe
		
31/08/2008 18:19:51	Détectés: https://securelist.fr/	
c:\program files\microsoft office\office11\excel.exe
		
31/08/2008 18:20:03	Détectés: https://securelist.fr/	
c:\program files\microsoft office\office11\winword.exe	
	
31/08/2008 18:20:22	Détectés: https://securelist.fr/	
c:\program files\macromedia\dreamweaver 8\dreamweaver.exe	
	
31/08/2008 18:20:29	Détectés: https://securelist.fr/	
c:\windows\system32\java.exe		

31/08/2008 18:20:34	Détectés: https://securelist.fr/	
c:\windows\system32\java.exe	
	
31/08/2008 19:09:05	Détectés: not-a-virus:AdWare.Win32.MegaSearch.n	
c:\System Volume Information\_restore{7D8B8824-2015-4EC2-81D4-88B31578A8D5}\RP5\A0003123.exe/data0007/data0159		

31/08/2008 19:09:08	Non réparés: not-a-virus:AdWare.Win32.MegaSearch.n	
c:\System Volume Information\_restore{7D8B8824-2015-4EC2-81D4-88B31578A8D5}\RP5\A0003123.exe/data0007/data0159	Reporté	

31/08/2008 19:10:31	Détectés: Trojan-Spy.Win32.Banker.nlh	
c:\System Volume Information\_restore{7D8B8824-2015-4EC2-81D4-88B31578A8D5}\RP5\A0003093.exe/file20		

31/08/2008 19:10:31	Non réparés: Trojan-Spy.Win32.Banker.nlh	
c:\System Volume Information\_restore{7D8B8824-2015-4EC2-81D4-88B31578A8D5}\RP5\A0003093.exe/file20	Reporté	

31/08/2008 19:25:48	Détectés: Backdoor.Win32.Rbot.aea	
c:\System Volume Information\_restore{7D8B8824-2015-4EC2-81D4-88B31578A8D5}\RP54\A0014056.exe/data0000		

31/08/2008 19:25:48	Non réparés: Backdoor.Win32.Rbot.aea	
c:\System Volume Information\_restore{7D8B8824-2015-4EC2-81D4-88B31578A8D5}\RP54\A0014056.exe/data0000	Reporté	

31/08/2008 19:25:50	Détectés: HackTool.Win32.Homac	
c:\System Volume Information\_restore{7D8B8824-2015-4EC2-81D4-88B31578A8D5}\RP54\A0014056.exe/data0001/FSG		

31/08/2008 19:30:43	Détectés: EICAR-Test-File	
c:\System Volume Information\_restore{7D8B8824-2015-4EC2-81D4-88B31578A8D5}\RP60\A0017388.com/CryptFF.b		

31/08/2008 19:30:43	Non réparés: EICAR-Test-File
c:\System Volume Information\_restore{7D8B8824-2015-4EC2-81D4-88B31578A8D5}\RP60\A0017388.com/CryptFF.b	Reporté	

31/08/2008 19:35:26	Détectés: https://securelist.fr/	c:\Documents and Settings\Abdul\Bureau\a trier\A TRIER\Archives Clichy\Real\RealPlayer\realplay.exe

31/08/2008 19:45:00	Détectés: https://securelist.fr/	
c:\Documents and Settings\Invité\Local Settings\Temp\mProjector957005698\FlashPlayer.3.1.1e.ocx
		
31/08/2008 19:47:22	Détectés: https://securelist.fr/	
c:\program files\foxit software\foxit reader\foxit reader.exe		

31/08/2008 19:47:35	Détectés: https://securelist.fr/	
c:\program files\Java\jre1.6.0_06\bin\java.exe		

POUVEZ-VOUS M'AIDER A SAVOIR CE QUE JE PEUX OU PAS SUPPRIMER SVP ???

MERCI INFINIMENT J'AI PEUR DE FAIRE UNE BETISE.

luca84 · Answer

Tout les trojan tu ne peut que les supprimer dsl

ABCLOVE · Answer

oui les trojans j'avais compris mais pour le reste???

comme winword.exe il me le met en extrêment dangereux !!! 

je comprends rien aidez moi svp et avec des réponses sérieuses...

chimay8 · Answer

il dit simplement que tu as des failles de sécurité qui sont dangereuses

31/08/2008 18:19:42 Détectés: https://securelist.fr/ 
c:\program files\foxit software\foxit reader\foxit reader.exe 

31/08/2008 18:19:49 Détectés: https://securelist.fr/ 
c:\program files\microsoft office\office11\powerpnt.exe 

31/08/2008 18:19:51 Détectés: https://securelist.fr/ 
c:\program files\microsoft office\office11\excel.exe 

31/08/2008 18:20:03 Détectés: https://securelist.fr/ 
c:\program files\microsoft office\office11\winword.exe 

31/08/2008 18:20:22 Détectés: https://securelist.fr/ 
c:\program files\macromedia\dreamweaver 8\dreamweaver.exe 

31/08/2008 18:20:29 Détectés: https://securelist.fr/ 
c:\windows\system32\java.exe 

31/08/2008 18:20:34 Détectés: https://securelist.fr/ 
c:\windows\system32\java.exe

31/08/2008 19:35:26 Détectés: https://securelist.fr/ c:\Documents and Settings\Abdul\Bureau\a trier\A TRIER\Archives Clichy\Real\RealPlayer\realplay.exe 

31/08/2008 19:45:00 Détectés: https://securelist.fr/ 
c:\Documents and Settings\Invité\Local Settings\Temp\mProjector957005698\FlashPlayer.3.1.1e.ocx 

31/08/2008 19:47:22 Détectés: https://securelist.fr/ 
c:\program files\foxit software\foxit reader\foxit reader.exe 

31/08/2008 19:47:35 Détectés: https://securelist.fr/ 
c:\program files\Java\jre1.6.0_06\bin\java.exe

bref,fais les mises à jour de ces programmes

et pour les autres,

c:\System Volume Information\_restore <----- ca veux dire qu'ils sont dans tes points de restauration système

pour ca


Suppression des points de restauration : 
1.Ouvre le Menu Démarrer 
2.Clique-droit sur Poste de travail 
3.Clique sur Propriétés 
4.Positionne-toi dans l'onglet Restauration du système 
5.Coche "Désactiver la restauration système" 
6.Valide par Ok 
7.Redémarre ton pc
8.Reproduis les manipulations 1 à 3 
9.Décoche "Désactiver la restauration système" 
10.Valide par Ok

ABCLOVE · Answer

OK MERCI JE FAIS TOUS CA

sympa c cool a+ bonne continu

chimay8 · Answer

hep,
pour java

fais ceci

Télécharge JavaRa.zip  de Paul 'Prm753' McLain et Fred de Vries. 
Décompresse le fichier sur ton bureau (clique droit > Extraire tout.)
Double-clique sur le répertoire JavaRa obtenu.
Puis double-clique sur le fichier JavaRa.exe (le .exe peut ne pas s'afficher)
Clique sur Search For Updates. 
Sélectionne Update Using jucheck.exe puis clique sur Search.  
Autorise le processus à se connecter s'il te le demande, clique sur Install et suis les instructions d'installation. Cela prendra quelques minutes.
Quand l'installation est terminée, revient à l'écran de JavaRa et clique sur Remove Older Versions.
Clique sur Oui pour confirmer. L'outil va travailler, clique ensuite sur Ok, puis une deuxième fois sur Ok.
Un rapport va s'ouvrir, copie-colle le dans ta prochaine réponse.
Note : le rapport se trouve aussi à la racine de la partition système, en général C:\ sous le nom JavaRa.log 
(c:\JavaRa.log)
Ferme l'application.

breizh-222 · Answer

javara.zipJavaRa 1.12 Removal Log.

Report follows after line.

------------------------------------

The JavaRa removal process was started on Tue Dec 16 22:38:23 2008

Found and removed: C:\Program Files\Java\jre1.5.0_03

Found and removed: C:\Program Files\Java\jre1.5.0_11

Found and removed: C:\Program Files\Java\jre1.6.0_07

Found and removed: Software\JavaSoft\Java2D\1.5.0_03

Found and removed: Software\JavaSoft\Java2D\1.5.0_11

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D510003

Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D511001

Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D510003

Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D511001

Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D510003

Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D511001

Found and removed: SOFTWARE\Classes\JavaPlugin.150_03

Found and removed: SOFTWARE\Classes\JavaPlugin.150_11

Found and removed: SOFTWARE\Classes\JavaWebStart.isInstalled.1.5.0.0

Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.5.0_03

Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.5.0_11

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5.0_03

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5.0_11

Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D510003

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D511001

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D510003

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D511001

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0150030}

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0150110}

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.5.0_03

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.5.0_11

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_02

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_03

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_04

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2.0_01

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\C:\Program Files\Java\jre1.5.0_03\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\C:\Program Files\Java\jre1.5.0_11\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\C:\Program Files\Java\jre1.6.0_07\bin\

------------------------------------

Finished reporting.

Virus or not virus? This is the question!!!

6 réponses

Discussions similaires

Newsletters