Problème trojan Crypt.XPACK.Gen

Logiciel & apps Logiciel Général
1

Bonjour à tous,
j’ouvre ce forum car j 'ai un gros problème, depuis quelques jours, avast me détècte des trojan, j’ai beau les mettre en quarantaine ils reviennent. on m’a conseillé de mettre antivir. j’ai fait une analyse et il m a bien trouvé des trojans que j ai supprimer. après l analyse terminée, j ai voulu la refaire et la d autres trojan, du nom de Crypt.XPACK.Gen!!! je ne sais plus quoi faire. je mets le rapport d antivir et si quelqu un peut m aider sil vous plait!! merci beaucoup.

Avira AntiVir Personal
Report file date: dimanche 25 mai 2008 22:34

Scanning for 1287458 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows Vista
Windows version: (plain) [6.0.6000]
Boot mode: Normally booted
Username: SYSTEM
Computer name: PC-DE-NENETTE

Version information:
BUILD.DAT : 8.1.00.295 16479 Bytes 09/04/2008 16:24:00
AVSCAN.EXE : 8.1.2.12 311553 Bytes 18/03/2008 09:02:56
AVSCAN.DLL : 8.1.1.0 53505 Bytes 07/02/2008 08:43:37
LUKE.DLL : 8.1.2.9 151809 Bytes 28/02/2008 08:41:23
LUKERES.DLL : 8.1.2.1 12033 Bytes 21/02/2008 08:28:40
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34
ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 13:08:58
ANTIVIR2.VDF : 7.0.4.53 1848832 Bytes 17/05/2008 19:50:16
ANTIVIR3.VDF : 7.0.4.89 171520 Bytes 25/05/2008 19:50:19
Engineversion : 8.1.0.46
AEVDF.DLL : 8.1.0.5 102772 Bytes 25/02/2008 09:58:21
AESCRIPT.DLL : 8.1.0.33 266618 Bytes 25/05/2008 19:50:41
AESCN.DLL : 8.1.0.18 119156 Bytes 25/05/2008 19:50:40
AERDL.DLL : 8.1.0.20 418165 Bytes 25/05/2008 19:50:39
AEPACK.DLL : 8.1.1.5 364918 Bytes 25/05/2008 19:50:37
AEOFFICE.DLL : 8.1.0.18 192890 Bytes 25/05/2008 19:50:35
AEHEUR.DLL : 8.1.0.29 1253750 Bytes 25/05/2008 19:50:33
AEHELP.DLL : 8.1.0.14 115063 Bytes 25/05/2008 19:50:24
AEGEN.DLL : 8.1.0.21 303477 Bytes 25/05/2008 19:50:23
AEEMU.DLL : 8.1.0.6 430451 Bytes 25/05/2008 19:50:22
AECORE.DLL : 8.1.0.29 168311 Bytes 25/05/2008 19:50:20
AVWINLL.DLL : 1.0.0.7 14593 Bytes 23/01/2008 17:07:53
AVPREF.DLL : 8.0.0.1 25857 Bytes 18/02/2008 10:37:50
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:26:47
AVREG.DLL : 8.0.0.0 30977 Bytes 23/01/2008 17:07:49
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23
AVEVTLOG.DLL : 8.0.0.11 114945 Bytes 28/02/2008 08:31:31
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
SMTPLIB.DLL : 1.2.0.19 28929 Bytes 23/01/2008 17:08:39
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10
RCIMAGE.DLL : 8.0.0.35 2371841 Bytes 10/03/2008 14:37:25
RCTEXT.DLL : 8.0.32.0 86273 Bytes 06/03/2008 12:02:11

Configuration settings for the scan:
Jobname…: Complete system scan
Configuration file…: C:\Program Files\Avira\AntiVir PersonalEdition Classic\sysscan.avp
Logging…: low
Primary action…: interactive
Secondary action…: ignore
Scan master boot sector…: on
Scan boot sector…: on
Boot sectors…: C:,
Scan memory…: on
Process scan…: on
Scan registry…: on
Search for rootkits…: off
Scan all files…: All files
Scan archives…: on
Recursion depth…: 20
Smart extensions…: on
Macro heuristic…: on
File heuristic…: medium

Start of the scan: dimanche 25 mai 2008 22:34

The scan of running processes will be started
Scan process ‘avscan.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘AcroRd32.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘avcenter.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘avgnt.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘avguard.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘sched.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘ApntEx.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘SPMgr.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘ApMsgFwd.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘VAIOUpdt.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘taskeng.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘igfxsrvc.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘igfxext.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘WUDFHost.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘VzFw.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘igfxsrvc.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘igfxext.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘VESMgrSub.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘VzCdbSvc.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘XAudio.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘SearchIndexer.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘svchost.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘VCSW.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘VESMgr.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘svchost.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘svchost.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘NSUService.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘svchost.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘GoogleDesktop.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘ehmsas.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘BTTray.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘GoogleDesktop.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘ehtray.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘msnmsgr.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘LANUtil.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘zlclient.exe’ - ‘0’ Module(s) have been scanned
Scan process ‘realsched.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘ccApp.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘jusched.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘igfxsrvc.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘GoogleDesktop.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘ISBMgr.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘Apoint.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘igfxpers.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘hkcmd.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘MSASCui.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘explorer.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘taskeng.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘dwm.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘svchost.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘spoolsv.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘ccSvcHst.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘vsmon.exe’ - ‘0’ Module(s) have been scanned
Scan process ‘svchost.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘svchost.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘SLsvc.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘audiodg.exe’ - ‘0’ Module(s) have been scanned
Scan process ‘svchost.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘svchost.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘svchost.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘svchost.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘svchost.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘svchost.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘winlogon.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘lsm.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘lsass.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘services.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘wininit.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘csrss.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘csrss.exe’ - ‘1’ Module(s) have been scanned
Scan process ‘smss.exe’ - ‘1’ Module(s) have been scanned
68 processes with 68 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
[WARNING] Le périphérique n’est pas prêt.
[INFO] Please restart the search with Administrator rights
Master boot sector HD2
[INFO] No virus was found!
[WARNING] Le périphérique n’est pas prêt.
[INFO] Please restart the search with Administrator rights

Start scanning boot sectors:
Boot sector ‘C:’
[INFO] No virus was found!

Starting to scan the registry.
The registry was scanned ( ‘13’ files ).

Starting the file scan:

Begin scan in ‘C:’
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Users\Nenette\AppData\Local\Temp\pMdbyAPg.dll
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[NOTE] The file was deleted!
C:\Windows\System32\drivers\sptd.sys
[WARNING] The file could not be opened!

End of the scan: dimanche 25 mai 2008 23:07
Used time: 33:07 min

The scan has been done completely.

13420 Scanning directories
221983 Files were scanned
1 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
1 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
221982 Files not concerned
1388 Archives were scanned
4 Warnings
1 Notes

voila le rapport! alors la j attends de voir si antivir m en detecte d autre. je vais refaire une analyse dans la semaine, mais si quelqu un peut m aider!!?? merci beaucoup
2

Bonsoir,

Peux-tu faire une analyse ac HijackThis et envoyer le rapport ?

3

je viens de mettre spybot et ad-aware, tous les deux m ont virés pas mal de virus. je viens de refaire une analyse avec antivir, il n’a rien trouvé!! merci de ton aide!!

mais là j ai un autre problème, quand j’allume mon ordi, 2 fenêtres d’erreur dll s’affiche donc voici le chemin:
C:\users\nom de l’odi\appdata\local\temp\spcxgswm.dll
C:\users\nom de l’ordi\appdata\local\temp\gjfuwitx.dll

cela est un message d’erreur disant que ces fichiers sont manquants et je ne sais pas comment résoudre ces problèmes. merci si quelqu’un peut m aider!

4

c est quoi navilog1 stp???

j en ai télécharger 2, et c était des virus
5

Bonsoir

Navilog1 n’est pas un virus, ms un nettoyeur

6

j’ai fait un nettoyage avec CCleaner, et apparement j aurais un virus dans internet explorer! et plusieurs analyse il semble etre partit!! je vous tiendré au courant dans le week end!
merci de votre aide

7

mon souci viendré d explorer, il plante souvent sans aucune raison! je sais pas si c est un virus, ou si je dois reformater l’ordi, ce qui j éspère je n aurais pas besoin!!!
donc voila si quelqu un peut m aider merci