débutant et premiers virus

3 réponses

sty

27/01/2005 à 04:48

En cette heure matinale, bonjour,
voilà je transmets la question dun ami qui débute sur internet, peu de
connaissances informatqique, pour le moment(!), et déjà 3 virus car il
a oublié de mettre son AV en résident.
Voici les virus qu'Avast à trouvés, merci de nous donner un coup de
main :

21/12/2004 22:18:12
SYSTEM 1252 Sign of "Win32:Qdownl [Trj]" has been found in
"C:\DOCUME~1\All\LOCALS~1\Temp\nsc92.tmp\edow.exe" file.

21/12/2004 22:19:44
SYSTEM 1252 Sign of "Win32:Trojan-gen. {VC}" has been found in
"C:\Program Files\whInstall\WhAgent.exe" file.

21/12/2004 22:20:39
SYSTEM 1252 Sign of "Win32:Trojan-gen. {VC}" has been found in
"C:\Program Files\whInstall\WhSurvey.exe" file.

21/12/2004 22:22:41
SYSTEM 1252 Sign of "Win32:Trojan-gen. {Other}" has been found in
"C:\Program Files\whInstall\whiehlpr.dll" file.

21/12/2004 22:23:59
SYSTEM 1252 Sign of "Win32:Trojan-gen. {Other}" has been found in
"C:\PROGRA~1\WHINST~1\whiehlpr.dll" file.

07/01/2005 19:03:03
All 2504 Sign of "Win32:Trojan-gen. {Other}" has been found in
"C:\Documents and Settings\All\Local Settings\Temp\cd_clint.dll" file.

07/01/2005 19:13:27
All 2504 Sign of "Win32:Trojan-gen. {Other}" has been found in
"C:\Program Files\MyWay\myBar\1.bin\NPMYWAY.DLL" file.

07/01/2005 19:18:03
All 2504 Sign of "Win32:Trojan-gen. {VC}" has been found in "C:\Program
Files\whInstall\WhSurvey.exe" file.

22/01/2005 18:24:31
SYSTEM 1412 Sign of "Win32:Trojan-gen. {Other}" has been found in
"C:\System Volume
Information\_restore{9339E06F-0258-48E2-A5A6-9F708A7F91E4}\RP66\A0008864.DLL"
file.

22/01/2005 19:23:33
SYSTEM 1412 Sign of "Win32:Trojan-gen. {VC}" has been found in
"C:\System Volume
Information\_restore{9339E06F-0258-48E2-A5A6-9F708A7F91E4}\RP66\A0008865.exe"
file.

--
sty

3 réponses

Jaco

27/01/2005 à 16:17

"sty" a écrit dans le message de
news:

En cette heure matinale, bonjour,
voilà je transmets la question dun ami qui débute sur internet, peu de
connaissances informatqique, pour le moment(!), et déjà 3 virus car il
a oublié de mettre son AV en résident.
Voici les virus qu'Avast à trouvés, merci de nous donner un coup de
main :

21/12/2004 22:18:12
SYSTEM 1252 Sign of "Win32:Qdownl [Trj]" has been found in
"C:DOCUME~1AllLOCALS~1Tempnsc92.tmpedow.exe" file.

21/12/2004 22:19:44
SYSTEM 1252 Sign of "Win32:Trojan-gen. {VC}" has been found in
"C:Program FileswhInstallWhAgent.exe" file.

21/12/2004 22:20:39
SYSTEM 1252 Sign of "Win32:Trojan-gen. {VC}" has been found in
"C:Program FileswhInstallWhSurvey.exe" file.

21/12/2004 22:22:41
SYSTEM 1252 Sign of "Win32:Trojan-gen. {Other}" has been found in
"C:Program FileswhInstallwhiehlpr.dll" file.

21/12/2004 22:23:59
SYSTEM 1252 Sign of "Win32:Trojan-gen. {Other}" has been found in
"C:PROGRA~1WHINST~1whiehlpr.dll" file.

07/01/2005 19:03:03
All 2504 Sign of "Win32:Trojan-gen. {Other}" has been found in
"C:Documents and SettingsAllLocal SettingsTempcd_clint.dll" file.

07/01/2005 19:13:27
All 2504 Sign of "Win32:Trojan-gen. {Other}" has been found in
"C:Program FilesMyWaymyBar1.binNPMYWAY.DLL" file.

07/01/2005 19:18:03
All 2504 Sign of "Win32:Trojan-gen. {VC}" has been found in "C:Program
FileswhInstallWhSurvey.exe" file.

22/01/2005 18:24:31
SYSTEM 1412 Sign of "Win32:Trojan-gen. {Other}" has been found in
"C:System Volume

Information_restore{9339E06F-0258-48E2-A5A6-9F708A7F91E4}RP66A0008864.DLL

file.

22/01/2005 19:23:33
SYSTEM 1412 Sign of "Win32:Trojan-gen. {VC}" has been found in
"C:System Volume

Information_restore{9339E06F-0258-48E2-A5A6-9F708A7F91E4}RP66A0008865.exe

file.

--
sty

pour le second (Win32:Trojan-gen, qui a infecté plusieurs fichiers) :
http://www.infos-du-net.com/forum/37791-11-win32-trojan-gen
pour le premier, il est en effet, un peu dur de l'éradiquer même quand on le
détecte.
Essaye l'antivirus en ligne du site www.secuser.com :
http://www.secuser.com/outils/antivirus.htm

"sty" <sty.invalid@wanadoo.fr> a écrit dans le message de
news:mn.d9207d510af461bc.23768@wanadoo.fr...

En cette heure matinale, bonjour,
voilà je transmets la question dun ami qui débute sur internet, peu de
connaissances informatqique, pour le moment(!), et déjà 3 virus car il
a oublié de mettre son AV en résident.
Voici les virus qu'Avast à trouvés, merci de nous donner un coup de
main :

21/12/2004 22:18:12
SYSTEM 1252 Sign of "Win32:Qdownl [Trj]" has been found in
"C:DOCUME~1AllLOCALS~1Tempnsc92.tmpedow.exe" file.

21/12/2004 22:19:44
SYSTEM 1252 Sign of "Win32:Trojan-gen. {VC}" has been found in
"C:Program FileswhInstallWhAgent.exe" file.

21/12/2004 22:20:39
SYSTEM 1252 Sign of "Win32:Trojan-gen. {VC}" has been found in
"C:Program FileswhInstallWhSurvey.exe" file.

21/12/2004 22:22:41
SYSTEM 1252 Sign of "Win32:Trojan-gen. {Other}" has been found in
"C:Program FileswhInstallwhiehlpr.dll" file.

21/12/2004 22:23:59
SYSTEM 1252 Sign of "Win32:Trojan-gen. {Other}" has been found in
"C:PROGRA~1WHINST~1whiehlpr.dll" file.

07/01/2005 19:03:03
All 2504 Sign of "Win32:Trojan-gen. {Other}" has been found in
"C:Documents and SettingsAllLocal SettingsTempcd_clint.dll" file.

07/01/2005 19:13:27
All 2504 Sign of "Win32:Trojan-gen. {Other}" has been found in
"C:Program FilesMyWaymyBar1.binNPMYWAY.DLL" file.

07/01/2005 19:18:03
All 2504 Sign of "Win32:Trojan-gen. {VC}" has been found in "C:Program
FileswhInstallWhSurvey.exe" file.

22/01/2005 18:24:31
SYSTEM 1412 Sign of "Win32:Trojan-gen. {Other}" has been found in
"C:System Volume

Information_restore{9339E06F-0258-48E2-A5A6-9F708A7F91E4}RP66A0008864.DLL

file.

22/01/2005 19:23:33
SYSTEM 1412 Sign of "Win32:Trojan-gen. {VC}" has been found in
"C:System Volume

Information_restore{9339E06F-0258-48E2-A5A6-9F708A7F91E4}RP66A0008865.exe

file.

--
sty

Vous avez filtré cet utilisateur ! Consultez son message

"sty" a écrit dans le message de
news:

En cette heure matinale, bonjour,
voilà je transmets la question dun ami qui débute sur internet, peu de
connaissances informatqique, pour le moment(!), et déjà 3 virus car il
a oublié de mettre son AV en résident.
Voici les virus qu'Avast à trouvés, merci de nous donner un coup de
main :

21/12/2004 22:18:12
SYSTEM 1252 Sign of "Win32:Qdownl [Trj]" has been found in
"C:DOCUME~1AllLOCALS~1Tempnsc92.tmpedow.exe" file.

21/12/2004 22:19:44
SYSTEM 1252 Sign of "Win32:Trojan-gen. {VC}" has been found in
"C:Program FileswhInstallWhAgent.exe" file.

21/12/2004 22:20:39
SYSTEM 1252 Sign of "Win32:Trojan-gen. {VC}" has been found in
"C:Program FileswhInstallWhSurvey.exe" file.

21/12/2004 22:22:41
SYSTEM 1252 Sign of "Win32:Trojan-gen. {Other}" has been found in
"C:Program FileswhInstallwhiehlpr.dll" file.

21/12/2004 22:23:59
SYSTEM 1252 Sign of "Win32:Trojan-gen. {Other}" has been found in
"C:PROGRA~1WHINST~1whiehlpr.dll" file.

07/01/2005 19:03:03
All 2504 Sign of "Win32:Trojan-gen. {Other}" has been found in
"C:Documents and SettingsAllLocal SettingsTempcd_clint.dll" file.

07/01/2005 19:13:27
All 2504 Sign of "Win32:Trojan-gen. {Other}" has been found in
"C:Program FilesMyWaymyBar1.binNPMYWAY.DLL" file.

07/01/2005 19:18:03
All 2504 Sign of "Win32:Trojan-gen. {VC}" has been found in "C:Program
FileswhInstallWhSurvey.exe" file.

22/01/2005 18:24:31
SYSTEM 1412 Sign of "Win32:Trojan-gen. {Other}" has been found in
"C:System Volume

Information_restore{9339E06F-0258-48E2-A5A6-9F708A7F91E4}RP66A0008864.DLL

file.

22/01/2005 19:23:33
SYSTEM 1412 Sign of "Win32:Trojan-gen. {VC}" has been found in
"C:System Volume

Information_restore{9339E06F-0258-48E2-A5A6-9F708A7F91E4}RP66A0008865.exe

file.

--
sty

joke0

27/01/2005 à 17:42

Salut,

sty:

21/12/2004 22:18:12
SYSTEM 1252 Sign of "Win32:Qdownl [Trj]" has been
found in "C:DOCUME~1AllLOCALS~1Tempnsc92.tmpedow.exe"
file.

Récupéré par les contrôles ActiveX de la bouse Internet
Explorer.

21/12/2004 22:19:44
SYSTEM 1252 Sign of "Win32:Trojan-gen. {VC}" has been
found in "C:Program FileswhInstallWhAgent.exe" file.

Pareil. Et pareil aussi pour les autres.

C:System Volume Information

Ça, c'est la fantastique restauration système. Pour la
désactiver:
http://www.lacave.net/~jokeuse/usenet/faq-fcsv.html#a8.5

Pour nettoyer:

<copié>

1/ Internet Explorer
Revoir les réglages des contrôles activeX dans IExplorer:
('Outils' > 'Options')

ActiveX signés: demander (ou interdire)
ActiveX non-signés: refuser
iframe: refuser

Et fais bien attention aux boîtes de dialogue qui s'ouvrent
quand tu surfes: ne clique pas 'Ok' sans lire ;-)

2/ Nettoyage
Ceci fonctionne dans la très grande majorité des cas:

1- Désactivez la restauration système (sous WinME et XP
uniquement). Aide:
http://www.lacave.net/~jokeuse/usenet/faq-fcsv.html#a8.5

2- Redémarrez en mode sans échec (touche F8 au tout début du
chargement de Windows, choix "safe mode" ou "mode sans échec")

Ne pas lancer Internet Explorer et Outlook Express.

3- Effacez le(s) fichier(s) détectés si possible (à la main
donc). Passez un coup d'antivirus (configuré en mode
désinfection automatique),

4- Remettre la restauration système lorsque le ménage est fait.
Évitez de la remettre en "automatique".

5- Redémarrer normalement.

</copié>

--
joke0

sty

28/01/2005 à 03:17

Merci beaucoup, je vous tiens au courant :-) .
A plus.

--
sty

débutant et premiers virus

3 réponses

Veuillez sélectionner un problème