Sujet Précédent Sujet Suivant

Virus bds/backdoor.gen + erreurs dd externe 0x80071AC3

Fermé
juliepithon Messages postés 2 Date d'inscription dimanche 31 mars 2013 Statut Membre Dernière intervention 1 avril 2013 - 31 mars 2013 à 19:52
juliepithon Messages postés 2 Date d'inscription dimanche 31 mars 2013 Statut Membre Dernière intervention 1 avril 2013 - 1 avril 2013 à 00:04
Bonjour,





J'ia 2 problèmes : en mettant des fichiers sur mon dd externe, j'ai une erreur de ce type erreur 0x80071AC3 et je ne peux plus sur mon dd ext copier coller, ajouter, supprimer des fichiers... j'ai reformaté le dd externe mas je ne sais pas si c'est suffisant.

2e problème : j'ai bds/backdoor.gen qui a été détecté lors de l'analyse de l'antivirus. Je ne sais pas comment le supprimer...
J'ai besoin d'aide
Merci d'avance

2 réponses

Réponse 1 / 2
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 660
Modifié par Malekal_morte- le 31/03/2013 à 19:53
Salut,

Laisse ton disque dur externe branché.
Lance USBFix : https://www.malekal.com/usbfix-supprimer-virus-usb/
Fais le en suppression et donne le rapport ici dans un nouveau message par un copier/coller.


Like the angel you are, you laugh creating a lightness in my chest,
Your eyes they penetrate me,
(Your answer's always 'maybe')
That's when I got up and left
0
Réponse 2 / 2
juliepithon Messages postés 2 Date d'inscription dimanche 31 mars 2013 Statut Membre Dernière intervention 1 avril 2013
1 avril 2013 à 00:04
############################## | UsbFix V 7.120 | [Deletion]

User: Julie (Administrator) # PC_PORTABLE
Updated 30/03/2013 by El Desaparecido
Started at 23:49:59 | 31/03/2013

Website: https://www.sosvirus.net/
Upload Malware: http://upload.sosvirus.org/
Contact: contact@sosvirus.org

PC: Hewlett-Packard (HP Pavilion dv6 Notebook PC) (x64-based PC)
CPU: Intel(R) Core(TM) i5 CPU M 430 @ 2.27GHz (2267)
RAM -> [Total : 4023 | Free : 1571]
BIOS: Default System BIOS
BOOT: Normal boot

OS: Microsoft Windows 7 Édition Intégrale (6.1.7600 64-Bit) #
WB: Windows Internet Explorer 9.0.8112.16421

SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AV: Avira Desktop [Enabled | Updated]
FW: Windows FireWall Service [Enabled]

C:\ (%systemdrive%) -> Fixed drive # 74 Gb (15 Mb free - 20%) [] # NTFS
D:\ -> CD-ROM
E:\ -> Fixed drive # 466 Gb (234 Mb free - 50%) [JU] # exFAT

################## | El Desaparecido Section |

HKLM\SOFTWARE | Run : [AdobeCS5ServiceManager] - "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
HKLM\SOFTWARE | Run : [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
HKLM\SOFTWARE | Run : [avgnt] - "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
HKLM\SOFTWARE | Run : [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKLM\SOFTWARE | Run : [APSDaemon] - "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
HKLM\SOFTWARE | Run : [iTunesHelper] - "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
HKLM\SOFTWARE | Run : [] -
HKLM\SOFTWARE | Run : [Acrobat Assistant 8.0] - "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"
HKLM\SOFTWARE | Run : [CANAL+ CANALSAT A LA DEMANDE] - "C:\Program Files (x86)\Canal+\CANAL+ CANALSAT A LA DEMANDE\Launcher.exe"
HKLM\SOFTWARE | Run : [DATAMNGR] - C:\PROGRA~2\SEARCH~1\Datamngr\DATAMN~1.EXE
HKLM\SOFTWARE | Run : [BambooCore] - C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
HKLM\SOFTWARE\wow6432Node | Run : [AdobeCS5ServiceManager] - "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
HKLM\SOFTWARE\wow6432Node | Run : [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
HKLM\SOFTWARE\wow6432Node | Run : [avgnt] - "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
HKLM\SOFTWARE\wow6432Node | Run : [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKLM\SOFTWARE\wow6432Node | Run : [APSDaemon] - "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
HKLM\SOFTWARE\wow6432Node | Run : [iTunesHelper] - "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
HKLM\SOFTWARE\wow6432Node | Run : [] -
HKLM\SOFTWARE\wow6432Node | Run : [Acrobat Assistant 8.0] - "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"
HKLM\SOFTWARE\wow6432Node | Run : [CANAL+ CANALSAT A LA DEMANDE] - "C:\Program Files (x86)\Canal+\CANAL+ CANALSAT A LA DEMANDE\Launcher.exe"
HKLM\SOFTWARE\wow6432Node | Run : [DATAMNGR] - C:\PROGRA~2\SEARCH~1\Datamngr\DATAMN~1.EXE
HKLM\SOFTWARE\wow6432Node | Run : [BambooCore] - C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
HKLM\SOFTWARE | RunOnce : [] -
HKLM\SOFTWARE\wow6432Node | RunOnce : [] -
HKU\S-1-5-19\SOFTWARE | Run : [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\SOFTWARE | Run : [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-1996525090-4270169715-2086703820-1000\SOFTWARE | Run : [Sidebar] - C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
HKU\S-1-5-21-1996525090-4270169715-2086703820-1000\SOFTWARE | Run : [Spotify Web Helper] - "C:\Users\Julie\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
HKU\S-1-5-21-1996525090-4270169715-2086703820-1000\SOFTWARE | Run : [Facebook Update] - "C:\Users\Julie\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
HKU\S-1-5-21-1996525090-4270169715-2086703820-1000\SOFTWARE | Run : [Spotify] - "C:\Users\Julie\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
HKU\S-1-5-21-1996525090-4270169715-2086703820-1000\SOFTWARE | Run : [GoogleDriveSync] - "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
HKU\S-1-5-21-1996525090-4270169715-2086703820-1000\SOFTWARE | Run : [RESTART_STICKY_NOTES] - C:\Windows\System32\StikyNot.exe
HKU\S-1-5-21-1996525090-4270169715-2086703820-1000\SOFTWARE | Run : [AdobeBridge] -
HKU\S-1-5-21-1996525090-4270169715-2086703820-1003\SOFTWARE | Run : [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-19\SOFTWARE | RunOnce : [mctadmin] - C:\Windows\System32\mctadmin.exe
HKU\S-1-5-20\SOFTWARE | RunOnce : [mctadmin] - C:\Windows\System32\mctadmin.exe
HKU\S-1-5-21-1996525090-4270169715-2086703820-1003\SOFTWARE | RunOnce : [mctadmin] - C:\Windows\System32\mctadmin.exe
HKU\S-1-5-18\SOFTWARE | RunOnce : [SPReview] - "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"https://support.microsoft.com/en-us/windows/install-windows-7-service-pack-1-sp1-b3da2c0f-cdb6-0572-8596-bab972897f61" /build:7601

################## | Stopped processes |

Stopped! C:\Windows\system32\nvvsvc.exe (848)
Stopped! C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\STacSV64.exe (860)
Stopped! C:\Windows\system32\Hpservice.exe (1256)
Stopped! C:\Program Files\Tablet\Pen\WTabletServiceCon.exe (1348)
Stopped! C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (1388)
Stopped! C:\Windows\system32\nvvsvc.exe (1400)
Stopped! C:\Windows\System32\spoolsv.exe (1684)
Stopped! C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (1720)
Stopped! C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (1928)
Stopped! C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\AESTSr64.exe (2036)
Stopped! C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (1120)
Stopped! C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (1204)
Stopped! C:\Program Files\Bonjour\mDNSResponder.exe (1324)
Stopped! c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (1876)
Stopped! C:\Program Files (x86)\Canal+\CANAL+ CANALSAT A LA DEMANDE\VOD\CanalPlus.VOD.exe (1772)
Stopped! C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (1292)
Stopped! C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (2496)
Stopped! C:\Windows\system32\conhost.exe (2504)
Stopped! C:\Windows\system32\taskhost.exe (2788)
Stopped! C:\Program Files\Tablet\Pen\Pen_TabletUser.exe (2840)
Stopped! C:\Program Files\Tablet\Pen\WacomHost.exe (3056)
Stopped! C:\Program Files\Tablet\Pen\Pen_TouchUser.exe (3012)
Stopped! C:\Windows\system32\sppsvc.exe (3276)
Stopped! C:\Program Files\Tablet\Pen\Pen_Tablet.exe (3444)
Stopped! C:\Program Files\IDT\WDM\sttray64.exe (3884)
Stopped! C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (3892)
Stopped! C:\Program Files\Windows Sidebar\sidebar.exe (3924)
Stopped! C:\Users\Julie\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (3988)
Stopped! C:\Program Files (x86)\Google\Drive\googledrivesync.exe (4056)
Stopped! C:\Windows\System32\StikyNot.exe (1280)
Stopped! C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (3256)
Stopped! C:\Windows\system32\SearchIndexer.exe (3092)
Stopped! C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (1452)
Stopped! C:\Program Files (x86)\iTunes\iTunesHelper.exe (720)
Stopped! C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe (3552)
Stopped! C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE (3648)
Stopped! C:\Program Files (x86)\Google\Drive\googledrivesync.exe (3596)
Stopped! C:\Program Files (x86)\Searchqu Toolbar\Datamngr\datamngrUI.exe (3700)
Stopped! C:\Program Files (x86)\Bamboo Dock\BambooCore.exe (2856)
Stopped! C:\Users\Julie\AppData\Roaming\Dropbox\bin\Dropbox.exe (4016)
Stopped! C:\Program Files\iPod\bin\iPodService.exe (3772)
Stopped! c:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe (4456)
Stopped! C:\Program Files\Windows Media Player\wmpnetwk.exe (5076)
Stopped! c:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe (692)
Stopped! C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (4620)
Stopped! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (3184)
Stopped! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (1968)
Stopped! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (2248)
Stopped! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (3156)
Stopped! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (1784)
Stopped! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (5956)
Stopped! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (3180)
Stopped! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (5528)
Stopped! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (5748)
Stopped! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (5904)
Stopped! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (1680)
Stopped! C:\Windows\system32\taskhost.exe (336)
Stopped! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (5704)
Stopped! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (1076)
Stopped! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (6136)
Stopped! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (5108)
Stopped! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (5708)
Stopped! C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (5624)
Stopped! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (3424)
Stopped! C:\Windows\system32\taskeng.exe (1376)

################## | Files # Infected Folders |

Deleted ! C:\Users\Julie\AppData\Local\Temp\utt69EC.tmp.exe

(!) Temporary files deleted.

################## | Registry |


################## | Mountpoints2 |


################## | Listing |

[09/01/2013 - 22:43:17 | SHD ] C:\$Recycle.Bin
[14/07/2009 - 07:08:56 | SHD ] C:\Documents and Settings
[31/03/2013 - 17:38:45 | ASH | 3163709440] C:\hiberfil.sys
[28/12/2012 - 18:54:47 | D ] C:\Intel
[29/12/2012 - 15:54:08 | RHD ] C:\MSOCache
[28/12/2012 - 23:51:48 | D ] C:\NVIDIA
[31/03/2013 - 17:38:47 | ASH | 4218281984] C:\pagefile.sys
[14/07/2009 - 05:20:08 | D ] C:\PerfLogs
[25/03/2013 - 13:19:56 | D ] C:\Program Files
[25/03/2013 - 16:38:43 | D ] C:\Program Files (x86)
[25/03/2013 - 16:38:43 | HD ] C:\ProgramData
[28/12/2012 - 18:32:03 | SHD ] C:\Recovery
[28/12/2012 - 19:10:44 | D ] C:\SWSetup
[31/03/2013 - 19:54:56 | SHD ] C:\System Volume Information
[28/12/2012 - 19:05:12 | D ] C:\system.sav
[31/03/2013 - 23:56:48 | D ] C:\UsbFix
[31/03/2013 - 23:56:56 | A | 10895] C:\UsbFix [Clean 1] PC_PORTABLE.txt
[28/12/2012 - 23:54:24 | D ] C:\Users
[22/03/2013 - 09:42:44 | D ] C:\Windows
[31/03/2013 - 18:11:00 | SHD ] E:\$RECYCLE.BIN
[28/02/2013 - 21:26:04 | D ] E:\bootstraptuto
[30/03/2013 - 13:58:56 | D ] E:\fiches de paies
[12/03/2013 - 12:59:44 | D ] E:\logiciels
[30/03/2013 - 12:04:28 | D ] E:\quittances
[01/03/2013 - 11:51:42 | D ] E:\perso
[24/01/2012 - 21:46:56 | D ] E:\works

################## | Vaccin |

C:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
E:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)

################## | E.O.F | https://www.sosvirus.net/ |
0

Discussions similaires

Instagram "Désolé, une erreur s'est produite"
bananamilk -
cedric.masdeb -

60 réponses
Erreur vidéo inconnue sur le Freebox Player
mouhaaV2.0 -
moi -

61 réponses
Code erreur 3000
Laurent -
JM -

5 réponses
Free erreur 38 : impossible d'envoyer des SMS
warnawak -
marcellou -

58 réponses
Erreur 3005 sur France TV
Cambodgil -
Cambodgil -

4 réponses