Se connecter / S'enregistrer
Votre question

Pc infecté a l'aide

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
4 Mars 2009 15:33:41

Bonjour,
j'ai un soucis avec mon ordinateur ca a commencé avec un écran bleu avec le message kernel data inpage error ensuite lorsque j'ouvrais une page internet il y a en haut marqué votre ordi est infecté avec un lien menant a un pseudo antivirus antivirus pro xp ou un truc comme ca et pour finir mes contact msn me disent que je leur envoie des liens vers un site nommé hi5 avec paris hilton nue etc je ne peut plus redemarré mon ordinateur qu'en mode sans echec maintenant j'ai donc fait un scan avec antivir dont voila le rapport pouvez vous m'aidez ?
merci



Avira AntiVir Personal
Report file date: mercredi 1 janvier 2070 02:10

Scanning for 1281455 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 3, v.5512) [5.1.2600]
Boot mode: Save mode with network
Username: Administrateur
Computer name: DARKPHOE-C89725

Version information:
BUILD.DAT : 8.2.0.337 16934 Bytes 18/11/2008 13:05:00
AVSCAN.EXE : 8.1.4.10 315649 Bytes 27/11/2008 21:09:20
AVSCAN.DLL : 8.1.4.0 40705 Bytes 26/05/2008 08:56:40
LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 13:44:19
LUKERES.DLL : 8.1.4.0 12033 Bytes 26/05/2008 08:58:52
ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 16:48:44
ANTIVIR1.VDF : 7.1.2.12 3336192 Bytes 11/02/2009 14:58:50
ANTIVIR2.VDF : 7.1.2.105 513536 Bytes 03/03/2009 22:17:01
ANTIVIR3.VDF : 7.1.2.113 59392 Bytes 03/03/2009 22:17:02
Engineversion : 8.2.0.98
AEVDF.DLL : 8.1.1.0 106868 Bytes 30/01/2009 19:07:45
AESCRIPT.DLL : 8.1.1.56 352634 Bytes 26/02/2009 22:29:08
AESCN.DLL : 8.1.1.7 127347 Bytes 13/02/2009 14:59:44
AERDL.DLL : 8.1.1.3 438645 Bytes 06/11/2008 17:37:36
AEPACK.DLL : 8.1.3.8 397684 Bytes 05/02/2009 14:56:48
AEOFFICE.DLL : 8.1.0.36 196987 Bytes 26/02/2009 22:29:07
AEHEUR.DLL : 8.1.0.100 1618295 Bytes 26/02/2009 22:29:06
AEHELP.DLL : 8.1.2.2 119158 Bytes 26/02/2009 22:29:03
AEGEN.DLL : 8.1.1.22 336245 Bytes 26/02/2009 22:29:02
AEEMU.DLL : 8.1.0.9 393588 Bytes 14/10/2008 11:05:56
AECORE.DLL : 8.1.6.6 176501 Bytes 17/02/2009 22:28:39
AEBB.DLL : 8.1.0.3 53618 Bytes 14/10/2008 11:05:56
AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 09:40:05
AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 10:28:01
AVREP.DLL : 8.0.0.2 98344 Bytes 26/10/2008 16:39:49
AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 12:26:40
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 09:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 13:27:49
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 18:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 13:49:40
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 13:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 12/06/2008 14:48:07
RCTEXT.DLL : 8.0.52.0 86273 Bytes 27/06/2008 14:34:37

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: mercredi 1 janvier 2070 02:10

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process '300823.exe' - '1' Module(s) have been scanned
Module is infected -> 'C:\Documents and Settings\Administrateur\300823.exe'
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'system.exe' - '1' Module(s) have been scanned
Scan process 'userinit.exe' - '1' Module(s) have been scanned
Module is infected -> 'C:\windows\system32\userinit.exe'
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
Process '300823.exe' has been terminated
Process 'userinit.exe' has been terminated
C:\Documents and Settings\Administrateur\300823.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was deleted!
C:\windows\system32\userinit.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was deleted!

16 processes with 14 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!

Starting to scan the registry.
C:\RECYCLER\S-1-5-21-4433330076-3138016472-978095942-4455\mwau.exe
[DETECTION] Is the TR/Agent2.eeg Trojan
[NOTE] The file was deleted!

The registry was scanned ( '62' files ).


Starting the file scan:

Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Documents and Settings\Administrateur\708677.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was deleted!
C:\Documents and Settings\Administrateur\Bureau\Ne-Yo - Year Of The Gentleman + Bonus Tracks (2008) by molen.rar
[0] Archive type: RAR
--> Bonus\She Got Her Own.mp3
[DETECTION] Contains recognition pattern of the EXP/ASF.GetCodec.Gen exploit
[NOTE] The file was deleted!
C:\Documents and Settings\Administrateur\Bureau\AH 1.1\ah.dll
[DETECTION] Is the TR/Dldr.Delf.rgy Trojan
[NOTE] The file was deleted!
C:\Documents and Settings\Administrateur\Local Settings\Temp\0453486
[DETECTION] Is the TR/Agent2.egz Trojan
[NOTE] The file was deleted!
C:\Documents and Settings\Administrateur\Local Settings\Temp\1112620
[DETECTION] Is the TR/Agent2.egz Trojan
[NOTE] The file was deleted!
C:\Documents and Settings\Administrateur\Local Settings\Temp\12227.sys
[DETECTION] Is the TR/Rootkit.Gen Trojan
[NOTE] The file was deleted!
C:\Documents and Settings\Administrateur\Local Settings\Temp\1352381
[DETECTION] Is the TR/Agent2.egz Trojan
[NOTE] The file was deleted!
C:\Documents and Settings\Administrateur\Local Settings\Temp\1665382
[DETECTION] Is the TR/Agent2.egz Trojan
[NOTE] The file was deleted!
C:\Documents and Settings\Administrateur\Local Settings\Temp\18711.sys
[DETECTION] Is the TR/Rootkit.Gen Trojan
[NOTE] The file was deleted!
C:\Documents and Settings\Administrateur\Local Settings\Temp\2087648
[DETECTION] Is the TR/Agent2.egz Trojan
[NOTE] The file was deleted!
C:\Documents and Settings\Administrateur\Local Settings\Temp\21062.sys
[DETECTION] Is the TR/Rootkit.Gen Trojan
[NOTE] The file was deleted!
C:\Documents and Settings\Administrateur\Local Settings\Temp\2427353
[DETECTION] Is the TR/Agent2.egz Trojan
[NOTE] The file was deleted!
C:\Documents and Settings\Administrateur\Local Settings\Temp\272.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was deleted!
C:\Documents and Settings\Administrateur\Local Settings\Temp\3118213
[DETECTION] Is the TR/Agent2.egz Trojan
[NOTE] The file was deleted!
C:\Documents and Settings\Administrateur\Local Settings\Temp\32251.sys
[DETECTION] Is the TR/Rootkit.Gen Trojan
[NOTE] The file was deleted!
C:\Documents and Settings\Administrateur\Local Settings\Temp\3453566
[DETECTION] Is the TR/Agent2.egz Trojan
[NOTE] The file was deleted!
C:\Documents and Settings\Administrateur\Local Settings\Temp\38153.sys
[DETECTION] Is the TR/Rootkit.Gen Trojan
[NOTE] The file was deleted!
C:\Documents and Settings\Administrateur\Local Settings\Temp\390.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was deleted!
C:\Documents and Settings\Administrateur\Local Settings\Temp\44261.sys
[DETECTION] Is the TR/Rootkit.Gen Trojan
[NOTE] The file was deleted!
C:\Documents and Settings\Administrateur\Local Settings\Temp\4520810
[DETECTION] Is the TR/Agent2.egz Trojan
[NOTE] The file was deleted!
C:\Documents and Settings\Administrateur\Local Settings\Temp\53611.sys
[DETECTION] Is the TR/Rootkit.Gen Trojan
[NOTE] The file was deleted!
C:\Documents and Settings\Administrateur\Local Settings\Temp\65823.sys
[DETECTION] Is the TR/Rootkit.Gen Trojan
[NOTE] The file was deleted!
C:\Documents and Settings\Administrateur\Local Settings\Temp\7462103
[DETECTION] Is the TR/Agent2.egz Trojan
[NOTE] The file was deleted!
C:\Documents and Settings\Administrateur\Local Settings\Temp\767.exe
[DETECTION] Is the TR/Buzus.aniu Trojan
[NOTE] The file was deleted!
C:\Documents and Settings\Administrateur\Local Settings\Temp\8353366
[DETECTION] Is the TR/Agent2.egz Trojan
[NOTE] The file was deleted!
C:\Documents and Settings\Administrateur\Local Settings\Temp\934.exe
[DETECTION] Is the TR/Buzus.aniu Trojan
[NOTE] The file was deleted!
C:\Documents and Settings\Administrateur\Local Settings\Temp\mousehook.dll
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was deleted!
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\8IJQQ05E\espp[1].exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was deleted!
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\8IJQQ05E\espp[2].exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was deleted!
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\AMMNVGCW\lsp[1].exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was deleted!
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\B6VS2FM9\ag23[1].exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was deleted!
C:\Documents and Settings\Administrateur\Mes documents\LimeWire\Incomplete\T-5088466-hypnose ejaculation precoce(192k 44100 stereo).snd
[DETECTION] Contains recognition pattern of the EXP/ASF.GetCodec.Gen exploit
[NOTE] The file was deleted!
C:\Documents and Settings\Administrateur\Mes documents\LimeWire\Incomplete\JOPFIWNI7ZVQQ2OFVCPYKV5QQMFYW3VP\Desktop Dreamscapes\Desktop Dreamscapes Vol.1_Additional Files.exe
[0] Archive type: CAB SFX (self extracting)
--> \Disk1\asteroid field - black hole.prp
[WARNING] No further files can be extracted from this archive. The archive will be closed
C:\Documents and Settings\Administrateur\Mes documents\LimeWire\Saved\starquake [incl crack by Core].zip
[0] Archive type: ZIP
--> crack.exe
[DETECTION] Is the TR/Drop.Agent.noc Trojan
--> setup.exe
[DETECTION] Is the TR/Drop.Agent.noc Trojan
[NOTE] The file was deleted!
C:\Documents and Settings\Administrateur\Mes documents\Ma musique\Pussycat Dolls - Doll Domination [2008]\09 Magic.mp3
[DETECTION] Contains recognition pattern of the EXP/ASF.GetCodec.Gen exploit
[NOTE] The file was deleted!
C:\Program Files\eMule\Temp\004.part
[0] Archive type: RAR
--> FL Studio 6.0.8_install.exe
[1] Archive type: NSIS
--> Settings/Hat_1-002.wav
[WARNING] No further files can be extracted from this archive. The archive will be closed
C:\Program Files\SAV\sav0.dat
[DETECTION] Is the TR/Fakealert.ACZ Trojan
[NOTE] The file was deleted!
C:\Program Files\SAV\sav1.dat
[DETECTION] Is the TR/Fakealert.acz.1 Trojan
[NOTE] The file was deleted!
C:\Program Files\Windows Trust\Ressources\MS.Controls.exe
[DETECTION] Is the TR/Agent.519361.A Trojan
[NOTE] The file was deleted!
C:\Program Files\Windows Trust\Ressources\MS.TFramework.exe
[DETECTION] Is the TR/Agent.331619.A Trojan
[NOTE] The file was deleted!
C:\RECYCLER\S-1-5-21-1595901572-9676703719-031218397-9750\mwau.exe
[DETECTION] Is the TR/Agent2.eeg Trojan
[NOTE] The file was deleted!
C:\RECYCLER\S-1-5-21-5901695822-8237449452-680260764-9026\mwau.exe
[DETECTION] Is the TR/Agent2.eeg Trojan
[NOTE] The file was deleted!
C:\RECYCLER\S-1-5-21-6102524017-7491491433-844810345-5942\mwau.exe
[DETECTION] Is the TR/Agent2.eeg Trojan
[NOTE] The file was deleted!
C:\WINDOWS\system32\021.exe
[DETECTION] Is the TR/Agent2.eeg Trojan
[NOTE] The file was deleted!
C:\WINDOWS\system32\058.exe
[DETECTION] Is the TR/Agent2.egz Trojan
[NOTE] The file was deleted!
C:\WINDOWS\system32\078.exe
[DETECTION] Is the TR/Agent2.egz Trojan
[NOTE] The file was deleted!
C:\WINDOWS\system32\137.exe
[DETECTION] Is the TR/Agent2.eeg Trojan
[NOTE] The file was deleted!
C:\WINDOWS\system32\160.exe
[DETECTION] Is the TR/Agent2.egz Trojan
[NOTE] The file was deleted!
C:\WINDOWS\system32\246.exe
[DETECTION] Is the TR/Agent2.eeg Trojan
[NOTE] The file was deleted!
C:\WINDOWS\system32\261.exe
[DETECTION] Is the TR/Agent2.egz Trojan
[NOTE] The file was deleted!
C:\WINDOWS\system32\322.exe
[DETECTION] Is the TR/Agent2.egz Trojan
[NOTE] The file was deleted!
C:\WINDOWS\system32\343.exe
[DETECTION] Is the TR/Agent2.eeg Trojan
[NOTE] The file was deleted!
C:\WINDOWS\system32\388.exe
[DETECTION] Is the TR/Agent2.eeg Trojan
[NOTE] The file was deleted!
C:\WINDOWS\system32\415.exe
[DETECTION] Is the TR/Agent2.egz Trojan
[NOTE] The file was deleted!
C:\WINDOWS\system32\465.exe
[DETECTION] Is the TR/Agent2.eeg Trojan
[NOTE] The file was deleted!
C:\WINDOWS\system32\571.exe
[DETECTION] Is the TR/Agent2.egz Trojan
[NOTE] The file was deleted!
C:\WINDOWS\system32\804.exe
[DETECTION] Is the TR/Agent2.egz Trojan
[NOTE] The file was deleted!
C:\WINDOWS\system32\820.exe
[DETECTION] Is the TR/Agent2.eeg Trojan
[NOTE] The file was deleted!
C:\WINDOWS\system32\ntdll64.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was deleted!
C:\WINDOWS\system32\pcehtr.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was deleted!
C:\WINDOWS\system32\qrwgvr.VIR
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was deleted!
C:\WINDOWS\system32\system.exe
[WARNING] The file could not be opened!
C:\WINDOWS\system32\vhgnrdus.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was deleted!
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\5M5BGXAT\lsp[2].exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was deleted!
C:\WINDOWS\system32\dllcache\userinit.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was deleted!
C:\WINDOWS\Temp\8051261
[DETECTION] Is the TR/Agent2.egz Trojan
[NOTE] The file was deleted!
C:\WINDOWS\Temp\mousehook.dll
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was deleted!


End of the scan: mercredi 1 janvier 2070 03:15
Used time: 1:04:43 Hour(s)

The scan has been done completely.

17425 Scanning directories
565317 Files were scanned
70 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
67 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
565245 Files not concerned
7136 Archives were scanned
4 Warnings
67 Notes

merci

Autres pages sur : infecte aide

a c 267 8 Sécurité
4 Mars 2009 16:27:59

Salut,

[#ff0000]/!\ Désactive tes protections résidentes (Antivirus, etc...) /!\[/#f]

  • Télécharge ComboFix ([#ff0000]sUBs[/#f]) sur ton Bureau.
  • Double-clique sur ComboFix.exe (le .exe n'est pas forcément visible) afin de le lancer.
  • Il va te demander d'installer la console de récupération : accepte.
  • Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\Combofix.txt) dans ta prochaine réponse.

    Pour t'aider : Un guide et un tutoriel sur l'utilisation de ComboFix
    4 Mars 2009 17:06:23

    le probleme c'est que je n'ai plus rien sur le bureau ni la barre des taches et quand je fais ctrl alt supp cela me marque le gestionnaire des taches a été desactivé par l'administrateur et cela aussi bien en mode normal qu'en mode sans echec
    je suis dégouté car j'ai plein de photo de ma fille et je ne veut pas formaté pouvez vous m'aidez merci
    Contenus similaires
    a c 267 8 Sécurité
    4 Mars 2009 17:09:15

    Tu peux exécuter ComboFix en mode sans échec ?
    4 Mars 2009 17:12:29

    non je ne peux rien faire ecran noir et impossible d'acceder aux gestionnaire des taches
    a c 267 8 Sécurité
    4 Mars 2009 17:18:23

    Donc tu ne peux rien faire sous Windows ?
    a c 267 8 Sécurité
    4 Mars 2009 17:25:09

    Comment as-tu fait le scan avec Antivir ?
    4 Mars 2009 17:28:53

    ben ca marchait puis quand j'ai redemarré plus rien
    a c 267 8 Sécurité
    4 Mars 2009 17:33:05

    Tu as le CD d'XP ?
    4 Mars 2009 18:08:09

    bon ben je me suis trompé j'ai fais n'importe je n'ai plus aucun de mes fichiers qui apparaissent ce qui est etrange c'est qu'il ne me reste que 20 gigas de libre sur mon dd de 250 mes programmes doivent toujours y etre mais comment les faires apparaitre?
    a c 267 8 Sécurité
    4 Mars 2009 18:11:27

    Qu'as-tu fait exactement ?
    4 Mars 2009 18:16:08

    en fait mes programmes sont sur administrateur et le pc boote sur un autre admin qui a été créé par la nouvelle install en fait j'ai fais installe en conservant le systeme de fichiers tel quels
    a c 267 8 Sécurité
    4 Mars 2009 18:19:41

    Il vaudrait mieux peut-être récupérer tous tes documents puis refaire une installation propre.
    4 Mars 2009 18:44:56

    ok au moins j'ai acces a mes documents je vais les graver puis reformater
    encore merci beaucoup pour ton aide
    a c 267 8 Sécurité
    4 Mars 2009 18:49:09

    Tiens-moi au courant ;) 
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS