Posté le 03-03-2005 à 17:48:47    voila j'ai le virus funner-A (w32.funner) et norton me l'a detecter eet il me dirige vers symantec  
http://securityresponse.symantec.c [...] unner.html  
et il me dise d'ajouter une valeur dans un dossier nommée winlogon que je n'ai pas  
voila ce k'il dise :  
When W32.Funner is executed, it performs the following actions:  
 
 
Copies itself as:  
 
%System%\IEXPLORE.EXE  
%System%\EXPLORE.EXE or %System%\EXPLORER.EXE  
%Windir%\rundll32.exe  
%System%\userinit32.exe  
c:\funny.exe  
 
and executes the first three files listed.  
 
Notes:  
The three files make sure that the other two are running and will restart them if any are stopped.  
These files require the MSVBVM60.DLL file, which is a component of the Microsoft Visual Basic run-time environment.  
%System% is a variable that refers to the System folder. By default this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).  
%Windir% is a variable that refers to the Windows installation folder. By default, this is C:\Windows or C:\Winnt.  
 
Creates a log file named %System%\bsfirst2.log.  
 
Adds the value:  
 
"Userinit"="userinit32.exe,"  
 
to the registry key:  
 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon  
 
so that the userinit32.exe runs when you start Windows.  
 
Adds the value:  
 
"MMSystem"="%Windir%\rundll32.exe "%System%\mmsystem.dll"", RunDll32"  
 
to some of the following registry keys:  
 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run  
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce  
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run  
 
so that the rundll32.exe runs when you start Windows.  
 
May add the line:  
 
Shell = %System%\explore.exe  
 
to the [boot] section of the system.ini file.  
 
Attempts to send c:\funny.exe to contacts in the Microsoft MSN Messenger instant message program.  
 
 
May contact the www.78p.com domain and download various components.

Ce qui compte c'est pas trop ce que fait le virus mais ce qu'il faut faire pour s'en debarasser non ? a mon avis tu n'a pas copier/coller ce qu'il fallait...

lol ouais,

si kelkun pe me doner un lien pour le désinfection

http://securityresponse.symantec.c [...] unner.html
 
:::::: Removal Instructions ::::::
 
Disable System Restore (Windows Me/XP).  
Update the virus definitions.  
Restart the computer in Safe mode or VGA mode.  
Run a full system scan and delete all the files detected as W32.Funner.  
Reverse the changes made to the registry.  
Reverse the changes made to the System.ini file  
Remove entries from the Hosts file
 
lis bien alors...

bein en bas de la page, t'a les "removal instructions"...
http://securityresponse.symantec.c [...] unner.html

kelkun pe me le dire en francais

http://translate.google.com/translate_t  

j'ai fai un scan avec a²free et rien

je ne compren pa ce k'il vau faire donc si kelkun pe m'expliquer clairement
merci