Sujet Précédent Sujet Suivant

BDS/IRC.Zapchast.A3 problème non résolu

Fermé
crawford2 Messages postés 87 Date d'inscription mercredi 29 août 2007 Statut Membre Dernière intervention 22 novembre 2008 - 11 sept. 2007 à 22:37
Le sioux Messages postés 4894 Date d'inscription dimanche 27 mai 2007 Statut Contributeur sécurité Dernière intervention 6 mars 2023 - 12 sept. 2007 à 20:34
Bonjour,
pourriez-vous m'aide, je n'arrive pas a éliminer le virus BDS/IRC.Zapchast.A3!
Voici un rapport Hijackthis suivit d'un rapport d'un antivirus Avira Antivir:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 07:54:48, on 01/06/2001
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Safe mode with network support

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\UTILISATEUR\Bureau\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.sn/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {F622601B-0FB3-4B78-BE90-21963BAF921C} - C:\WINDOWS\System32\xxwtr.dll (file missing)
O3 - Toolbar: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtaET2S.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [PepID] C:\WINDOWS\System32\pepid.exe
O4 - HKLM\..\Run: [msennger] C:\Program Files\taskmngr\tasket.com
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [superproxy] C:\WINDOWS\superproxy.exe
O4 - HKCU\..\Run: [hohohhaha] C:\Program Files\taskmngr\tasket.com
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Pense-bête.lnk = C:\Program Files\Mindscape\PrintMaster\PMREMIND.EXE
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Symantec Fax Starter Edition Port.lnk = C:\Program Files\Microsoft Office\Office\1036\OLFSNT40.EXE
O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\6.3.2.62-7288971L\Program\register.exe
O4 - Global Startup: DSLMON.lnk = ?
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by120fd.bay120.hotmail.msn.com/resources/MsnPUpld.cab
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: Logitech QuickCam Manager - Unknown owner - C:\WINDOWS\System32\dllcache\mlqm.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Microsoft Agent - Unknown owner - C:\WINDOWS\System32\dllcache\nsch0st.exe
O23 - Service: Microsoft authenticate service (MsaSvc) - Unknown owner - C:\WINDOWS\System32\msasvc.exe (file missing)
O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\System32\ScsiAccess.EXE (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZONELABS\vsmon.exe
O23 - Service: Windows Terminal Services - Unknown owner - C:\WINDOWS\system32\spoolvc.exe (file missing)
End of file - 5554 bytes


Voila,


AntiVir PersonalEdition Classic
Report file date: vendredi 1 juin 2001 15:03

Scanning for 1036370 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 1) [5.1.2600]
Username: UTILISATEUR
Computer name: ACER-OINPT4WFVC

Version information:
BUILD.DAT : 268 15604 Bytes 31/08/2007 13:04:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:30
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:52
LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:48
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:22
ANTIVIR0.VDF : 6.35.0.1 7371264 Bytes 31/05/2006 12:32:42
ANTIVIR1.VDF : 6.39.0.129 7251968 Bytes 10/07/2007 12:32:48
ANTIVIR2.VDF : 6.39.1.43 1542656 Bytes 25/08/2007 17:21:02
ANTIVIR3.VDF : 6.39.1.51 29696 Bytes 28/08/2007 07:22:36
AVEWIN32.DLL : 7.6.0.5 2789888 Bytes 29/08/2007 17:09:10
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:28
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:18
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24
AVPACK32.DLL : 7.3.0.15 360488 Bytes 03/08/2007 08:46:02
AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:08
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:34
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:20
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 11:09:44
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 12:38:14
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:38
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:22

Configuration settings for the scan:
Jobname..........................: Local Drives
Configuration file...............: c:\program files\avira\antivir personaledition classic\alldrives.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: E:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: vendredi 1 juin 2001 15:03

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'guard.exe' - '1' Module(s) have been scanned
Scan process 'Explorer.EXE' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
13 processes with 13 modules were scanned

Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Boot sector 'D:\'
[NOTE] No virus was found!
Boot sector 'A:\'
[NOTE] In the drive 'A:\' no data medium is inserted!

Starting to scan the registry.
The registry was scanned ( '40' files ).


Starting the file scan:

Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP352\A0279408.dll
[DETECTION] Is the Trojan horse TR/Agent.123952
[INFO] The file was moved to '3b49a884.qua'!
C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP352\A0279410.dll
[DETECTION] Is the Trojan horse TR/PSW.Gamania.B
[INFO] The file was moved to '3b49a887.qua'!
C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP352\A0279411.dll
[DETECTION] Is the Trojan horse TR/Agent.123952
[INFO] The file was moved to '3b49a88a.qua'!
C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP352\A0279412.dll
[DETECTION] Is the Trojan horse TR/PSW.Gamania.B
[INFO] The file was moved to '3b49a88b.qua'!
C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP352\A0279414.dll
[DETECTION] Is the Trojan horse TR/PSW.Gamania.B
[INFO] The file was moved to '3b49a88d.qua'!
C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP352\A0279416.dll
[DETECTION] Is the Trojan horse TR/Juan.H
[INFO] The file was moved to '3b49a88f.qua'!
C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP352\A0279417.dll
[DETECTION] Is the Trojan horse TR/Agent.123952
[INFO] The file was moved to '3b49a890.qua'!
C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP352\A0279422.DLL
[DETECTION] Is the Trojan horse TR/Virtumonde.26730
[INFO] The file was moved to '3b49a892.qua'!
C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP352\A0279425.DLL
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '3b49a894.qua'!
C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP316\A0200999.DLL
[DETECTION] Is the Trojan horse TR/PSW.Gamania.B
[INFO] The file was moved to '3b49a8c1.qua'!
C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP316\A0201041.dll
[DETECTION] Is the Trojan horse TR/PSW.Gamania.B
[INFO] The file was moved to '3b49a8c3.qua'!
C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP316\A0201052.dll
[DETECTION] Is the Trojan horse TR/PSW.Gamania.B
[INFO] The file was moved to '3b49a8c5.qua'!
C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP316\A0202052.dll
[DETECTION] Is the Trojan horse TR/PSW.Gamania.B
[INFO] The file was moved to '3b49a8c7.qua'!
C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP317\A0202081.dll
[DETECTION] Is the Trojan horse TR/PSW.Gamania.B
[INFO] The file was moved to '3b49a8ca.qua'!
C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP318\A0202142.dll
[DETECTION] Is the Trojan horse TR/PSW.Gamania.B
[INFO] The file was moved to '3b49a8ce.qua'!
C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP318\A0202155.dll
[DETECTION] Is the Trojan horse TR/PSW.Gamania.B
[INFO] The file was moved to '3b49a8d0.qua'!
C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP323\A0209324.dll
[DETECTION] Is the Trojan horse TR/PSW.Gamania.B
[INFO] The file was moved to '3b49a8d3.qua'!
C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP323\A0212324.dll
[DETECTION] Is the Trojan horse TR/PSW.Gamania.B
[INFO] The file was moved to '3b49a8d5.qua'!
C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP323\A0212342.dll
[DETECTION] Is the Trojan horse TR/PSW.Gamania.B
[INFO] The file was moved to '3b49a8d7.qua'!
C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP327\A0217459.dll
[DETECTION] Is the Trojan horse TR/PSW.Gamania.B
[INFO] The file was moved to '3b49a8db.qua'!
C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP327\A0217460.DLL
[DETECTION] Is the Trojan horse TR/PSW.Gamania.B
[INFO] The file was moved to '3b49a8dd.qua'!
C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP327\A0218464.DLL
[DETECTION] Is the Trojan horse TR/PSW.Gamania.B
[INFO] The file was moved to '3b49a8de.qua'!
C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP335\A0235739.dll
[DETECTION] Is the Trojan horse TR/PSW.Gamania.B
[INFO] The file was moved to '3b49a8e2.qua'!
C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP335\A0236739.dll
[DETECTION] Is the Trojan horse TR/PSW.Gamania.B
[INFO] The file was moved to '3b49a8e4.qua'!
C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP314\A0191919.dll
[DETECTION] Is the Trojan horse TR/PSW.Gamania.B
[INFO] The file was moved to '3b48a9b3.qua'!
C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP319\A0203184.DLL
[DETECTION] Is the Trojan horse TR/PSW.Gamania.B
[INFO] The file was moved to '3b49a9b7.qua'!
C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP319\A0203196.dll
[DETECTION] Is the Trojan horse TR/PSW.Gamania.B
[INFO] The file was moved to '3b49a9b9.qua'!
C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP321\A0209244.dll
[DETECTION] Is the Trojan horse TR/PSW.Gamania.B
[INFO] The file was moved to '3b49a9bd.qua'!
C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP321\A0209259.dll
[DETECTION] Is the Trojan horse TR/PSW.Gamania.B
[INFO] The file was moved to '3b49a9bf.qua'!
C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP324\A0214364.dll
[DETECTION] Is the Trojan horse TR/PSW.Gamania.B
[INFO] The file was moved to '3b49a9c4.qua'!
C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP324\A0215374.dll
[DETECTION] Is the Trojan horse TR/PSW.Gamania.B
[INFO] The file was moved to '3b49a9c6.qua'!
C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP325\A0216383.dll
[DETECTION] Is the Trojan horse TR/PSW.Gamania.B
[INFO] The file was moved to '3b49a9c8.qua'!
C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP326\A0216413.dll
[DETECTION] Is the Trojan horse TR/PSW.Gamania.B
[INFO] The file was moved to '3b49a9cb.qua'!
C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP328\A0221481.dll
[DETECTION] Is the Trojan horse TR/PSW.Gamania.B
[INFO] The file was moved to '3b49a9cf.qua'!
C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP328\A0222481.dll
[DETECTION] Is the Trojan horse TR/PSW.Gamania.B
[INFO] The file was moved to '3b49a9d1.qua'!
C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP328\A0222491.dll
[DETECTION] Is the Trojan horse TR/PSW.Gamania.B
[INFO] The file was moved to '3b49a9d2.qua'!
C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP328\A0223491.dll
[DETECTION] Is the Trojan horse TR/PSW.Gamania.B
[INFO] The file was moved to '3b49a9d5.qua'!
C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP330\A0225528.dll
[DETECTION] Is the Trojan horse TR/PSW.Gamania.B
[INFO] The file was moved to '3b49a9d8.qua'!
C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP330\A0226528.dll
[DETECTION] Is the Trojan horse TR/PSW.Gamania.B
[INFO] The file was moved to '3b49a9da.qua'!
C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP330\A0227528.dll
[DETECTION] Is the Trojan horse TR/PSW.Gamania.B
[INFO] The file was moved to '3b49a9e0.qua'!
C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP330\A0229552.dll
[DETECTION] Is the Trojan horse TR/PSW.Gamania.B
[INFO] The file was moved to '3b49a9e1.qua'!
C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP331\A0233561.dll
[DETECTION] Is the Trojan horse TR/PSW.Gamania.B
[INFO] The file was moved to '3b49a9e4.qua'!
C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP332\A0233571.dll
[DETECTION] Is the Trojan horse TR/PSW.Gamania.B
[INFO] The file was moved to '3b49a9e5.qua'!
C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP332\A0233580.dll
[DETECTION] Is the Trojan horse TR/PSW.Gamania.B
[INFO] The file was moved to '3ac46b26.qua'!
C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP332\A0233591.dll
[DETECTION] Is the Trojan horse TR/PSW.Gamania.B
[INFO] The file was moved to '3b49a9e6.qua'!
C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP332\A0233602.dll
[DETECTION] Is the Trojan horse TR/PSW.Gamania.B
[INFO] The file was moved to '3ac46b27.qua'!
C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP333\A0233627.DLL
[DETECTION] Is the Trojan horse TR/PSW.Gamania.B
[INFO] The file was moved to '3b49a9e8.qua'!
C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP336\A0237765.dll
[DETECTION] Is the Trojan horse TR/PSW.Gamania.B
[INFO] The file was moved to '3b49a9ea.qua'!
C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP346\A0251054.exe
[DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Vanebot.B Backdoor server programs
[INFO] The file was moved to '3b49a9f3.qua'!
C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP353\A0279454.exe
[DETECTION] Is the Trojan horse TR/Dldr.Tibs.HH.2
[INFO] The file was moved to '3b49a9fb.qua'!
C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP353\A0279455.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[INFO] The file was moved to '3ac46b3c.qua'!
C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP353\A0279456.exe
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[INFO] The file was moved to '3b49a9fd.qua'!
C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP353\A0279459.dll
[DETECTION] Is the Trojan horse TR/PSW.Sinowal.I.9
[INFO] The file was moved to '3b49a9fc.qua'!
C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP353\A0279460.exe
[DETECTION] Is the Trojan horse TR/Fotomoto.A
[INFO] The file was moved to '3ac46b3d.qua'!
C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP353\A0279461.exe
[DETECTION] Is the Trojan horse TR/Fotomoto.A
[INFO] The file was moved to '3b49a9fe.qua'!
C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP353\A0279462.exe
[DETECTION] Is the Trojan horse TR/Fotomoto.A
[INFO] The file was moved to '3ac46b3e.qua'!
C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP353\A0279463.exe
[DETECTION] Is the Trojan horse TR/Fotomoto.A
[INFO] The file was moved to '3b49a9ff.qua'!
C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP353\A0279464.exe
[DETECTION] Is the Trojan horse TR/Fotomoto.A
[INFO] The file was moved to '3ac468c0.qua'!
C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP353\A0279465.exe
[DETECTION] Is the Trojan horse TR/Fotomoto.A
[INFO] The file was moved to '3ac46b3f.qua'!
C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP353\A0279466.exe
[DETECTION] Is the Trojan horse TR/Fotomoto.A
[INFO] The file was moved to '3b49a980.qua'!
C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP353\A0279467.exe
[DETECTION] Is the Trojan horse TR/Fotomoto.A
[INFO] The file was moved to '3ac46b41.qua'!
C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP353\A0279468.exe
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '3b49aa01.qua'!
C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP353\A0279469.exe
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '3ac468c2.qua'!
C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP353\A0279470.exe
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '3b49aa03.qua'!
C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP353\A0279471.exe
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '3ac468c4.qua'!
C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP353\A0279472.exe
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '3b49aa00.qua'!
C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP353\A0279473.dll
[DETECTION] Is the Trojan horse TR/Dldr.ConHook.Gen
[INFO] The file was moved to '3ac468c1.qua'!
C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP353\A0279474.dll
[DETECTION] Is the Trojan horse TR/Dldr.ConHook.Gen
[INFO] The file was moved to '3b49aa02.qua'!
C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP353\A0279475.dll
[DETECTION] Is the Trojan horse TR/Dldr.ConHook.Gen
[INFO] The file was moved to '3b49aa05.qua'!
C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP353\A0279476.dll
[DETECTION] Is the Trojan horse TR/Dldr.ConHook.Gen
[INFO] The file was moved to '3ac468c6.qua'!
C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP353\A0279477.dll
[DETECTION] Is the Trojan horse TR/Dldr.ConHook.Gen
[INFO] The file was moved to '3b49aa07.qua'!
C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP353\A0279478.dll
[DETECTION] Is the Trojan horse TR/Dldr.ConHook.Gen
[INFO] The file was moved to '3ac468c8.qua'!
C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP353\A0279479.dll
[DETECTION] Is the Trojan horse TR/Dldr.ConHook.Gen
[INFO] The file was moved to '3ac468c3.qua'!
C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP354\A0289937.com
[DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/IRC.Zapchast.A3 Backdoor server programs
[INFO] The file was moved to '3b49aa2d.qua'!
C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP354\A0289938.exe
[DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Vanebot.B Backdoor server programs
[INFO] The file was moved to '3b49aa2e.qua'!
C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP354\A0289939.exe
[DETECTION] Contains detection pattern of the worm WORM/SdBot.147456
[INFO] The file was moved to '3ac468ef.qua'!
C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP354\A0289940.exe
[DETECTION] Is the Trojan horse TR/Click.Agen.7168
[INFO] The file was moved to '3b49aa2f.qua'!
C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP354\A0289941.INS
[DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/IRC.Zapchast.A3 Backdoor server programs
[INFO] The file was moved to '3ac468f0.qua'!
C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP354\A0289942.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.618496.47
[INFO] The file was moved to '3b49aa31.qua'!
C:\System Volume Information\_restore{178FAAAA-1FB2-4211-B6D7-D05B4173FB4C}\RP354\A0289943.INS
[DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/IRC.Zapchast.A3 Backdoor server programs
[INFO] The file was moved to '3b49aa30.qua'!
C:\VundoFix Backups\atmefeoe.dll.bad
[DETECTION] Is the Trojan horse TR/Spy.VBStat.B.1
[INFO] The file was moved to '3b84aa89.qua'!
C:\VundoFix Backups\bsmnkcco.dll.bad
[DETECTION] Is the Trojan horse TR/Spy.VBStat.B.1
[INFO] The file was moved to '3b84aa88.qua'!
C:\VundoFix Backups\byxyvtt.dll.bad
[DETECTION] Is the Trojan horse TR/Virtumonde.26730
[INFO] The file was moved to '3b8faa8f.qua'!
C:\VundoFix Backups\cokdbeag.dll.bad
[DETECTION] Is the Trojan horse TR/Spy.Agent.132660
[INFO] The file was moved to '3b82aa85.qua'!
C:\VundoFix Backups\dslqdalw.dll.bad
[DETECTION] Is the Trojan horse TR/Agent.123952
[INFO] The file was moved to '3b83aa8a.qua'!
C:\VundoFix Backups\efcabby.dll.bad
[DETECTION] Is the Trojan horse TR/Virtumonde.26730
[INFO] The file was moved to '3b7aaa7d.qua'!
C:\VundoFix Backups\elujapqi.dll.bad
[DETECTION] Is the Trojan horse TR/PSW.Gamania.B
[INFO] The file was moved to '3b8caa83.qua'!
C:\VundoFix Backups\eumsjvmr.dll.bad
[DETECTION] Is the Trojan horse TR/Spy.VBStat.B.1
[INFO] The file was moved to '3b84aa8d.qua'!
C:\VundoFix Backups\fefraxwq.dll.bad
[DETECTION] Is the Trojan horse TR/Spy.VBStat.B.1
[INFO] The file was moved to '3b7daa7d.qua'!
C:\VundoFix Backups\hjcfdrwg.dll.bad
[DETECTION] Is the Trojan horse TR/Agent.123952
[INFO] The file was moved to '3b7aaa83.qua'!
C:\VundoFix Backups\ictaqjkg.dll.bad
[DETECTION] Is the Trojan horse TR/PSW.Gamania.B
[INFO] The file was moved to '3b8baa7c.qua'!
C:\VundoFix Backups\idkkevhx.dll.bad
[DETECTION] Is the Trojan horse TR/Dldr.ConHook.Gen
[INFO] The file was moved to '3b82aa7d.qua'!
C:\VundoFix Backups\ifucpyvu.dll.bad
[DETECTION] Is the Trojan horse TR/Agent.123952
[INFO] The file was moved to '3b8caa80.qua'!
C:\VundoFix Backups\jqdsujwp.dll.bad
[DETECTION] Is the Trojan horse TR/PSW.Gamania.B
[INFO] The file was moved to '3b7baa8b.qua'!
C:\VundoFix Backups\jyahufqk.dll.bad
[DETECTION] Is the Trojan horse TR/PSW.Gamania.B
[INFO] The file was moved to '3b78aa93.qua'!
C:\VundoFix Backups\kmxgrloa.dll.bad
[DETECTION] Is the Trojan horse TR/PSW.Gamania.B
[INFO] The file was moved to '3b8faa88.qua'!
C:\VundoFix Backups\leuxdpum.dll.bad
[DETECTION] Is the Trojan horse TR/Agent.123952
[INFO] The file was moved to '3a071d31.qua'!
C:\VundoFix Backups\lfjycdgw.dll.bad
[DETECTION] Is the Trojan horse TR/Juan.E
[INFO] The file was moved to '3b81aa81.qua'!
C:\VundoFix Backups\ncycvmfs.dll.bad
[DETECTION] Is the Trojan horse TR/PSW.Gamania.B
[INFO] The file was moved to '3b90aa7f.qua'!
C:\VundoFix Backups\nniaettu.dll.bad
[DETECTION] Is the Trojan horse TR/Agent.123952
[INFO] The file was moved to '3b80aa8a.qua'!
C:\VundoFix Backups\qgpdlclu.dll.bad
[DETECTION] Is the Trojan horse TR/Dldr.ConHook.Gen
[INFO] The file was moved to '3b87aa84.qua'!
C:\VundoFix Backups\qrhasdfn.dll.bad
[DETECTION] Is the Trojan horse TR/PSW.Gamania.B
[INFO] The file was moved to '3b7faa8f.qua'!
C:\VundoFix Backups\rfupsnxu.dll.bad
[DETECTION] Is the Trojan horse TR/Spy.VBStat.B.1
[INFO] The file was moved to '3b8caa84.qua'!
C:\VundoFix Backups\rjltidok.dll.bad
[DETECTION] Is the Trojan horse TR/PSW.Gamania.B
[INFO] The file was moved to '3b83aa88.qua'!
C:\VundoFix Backups\rlsqnqwt.dll.bad
[DETECTION] Is the Trojan horse TR/Agent.123952
[INFO] The file was moved to '3b8aaa8a.qua'!
C:\VundoFix Backups\sieknoyp.dll.bad
[DETECTION] Is the Trojan horse TR/Agent.123952
[INFO] The file was moved to '3b7caa88.qua'!
C:\VundoFix Backups\unvxqfdr.dll.bad
[DETECTION] Is the Trojan horse TR/Agent.123952
[INFO] The file was moved to '3b8daa8e.qua'!
C:\VundoFix Backups\uriipasp.dll.bad
[DETECTION] Is the Trojan horse TR/Agent.123952
[INFO] The file was moved to '3b80aa92.qua'!
C:\VundoFix Backups\wcsbjxko.dll.bad
[DETECTION] Is the Trojan horse TR/PSW.Gamania.B
[INFO] The file was moved to '3b8aaa83.qua'!
C:\VundoFix Backups\wdtyifdg.dll.bad
[DETECTION] Is the Trojan horse TR/Agent.123952
[INFO] The file was moved to '3b8baa85.qua'!
C:\VundoFix Backups\whtplvpp.dll.bad
[DETECTION] Is the Trojan horse TR/PSW.Gamania.B
[INFO] The file was moved to '3b8baa89.qua'!
C:\VundoFix Backups\xwujmnaa.dll.bad
[DETECTION] Is the Trojan horse TR/PSW.Gamania.B
[INFO] The file was moved to '3b8caa98.qua'!
C:\VundoFix Backups\xxwtr.dll.bad
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '3b8eaa99.qua'!
C:\VundoFix Backups\ylyedbur.dll.bad
[DETECTION] Is the Trojan horse TR/Juan.H
[INFO] The file was moved to '3b90aa8e.qua'!
C:\VundoFix Backups\ysjfehmv.dll.bad
[DETECTION] Is the Trojan horse TR/Agent.123952
[INFO] The file was moved to '3b81aa95.qua'!
C:\qoobox\Quarantine\C\DOCUME~1\UTILIS~1\APPLIC~1\Microsoft\Internet Explorer\Desktop.htt.vir
[DETECTION] Contains detection pattern of the HTML script virus HTML/Ficticious
[INFO] The file was moved to '3b8aaa88.qua'!
C:\qoobox\Quarantine\C\WINDOWS\system32\dlh9jkd1q2.exe.vir
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[INFO] The file was moved to '3af06740.qua'!
C:\qoobox\Quarantine\C\WINDOWS\system32\dlh9jkd1q6.exe.vir
[DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
[INFO] The file was moved to '3b7faa91.qua'!
C:\qoobox\Quarantine\C\WINDOWS\system32\dmmwhgsd.exe.vir
[DETECTION] Is the Trojan horse TR/Fotomoto.A
[INFO] The file was moved to '3b84aa90.qua'!
C:\qoobox\Quarantine\C\WINDOWS\system32\jlvwrgfb.exe.vir
[DETECTION] Is the Trojan horse TR/Fotomoto.A
[INFO] The file was moved to '3b8daa90.qua'!
C:\qoobox\Quarantine\C\WINDOWS\system32\xfhwhxdf.exe.vir
[DETECTION] Is the Trojan horse TR/Fotomoto.A
[INFO] The file was moved to '3b7faa8a.qua'!
C:\qoobox\Quarantine\C\WINDOWS\system32\blscudua.exe.vir
[DETECTION] Is the Trojan horse TR/Fotomoto.A
[INFO] The file was moved to '3b8aaa90.qua'!
C:\qoobox\Quarantine\C\WINDOWS\system32\vqbaoebb.exe.vir
[DETECTION] Is the Trojan horse TR/Fotomoto.A
[INFO] The file was moved to '3b79aa96.qua'!
C:\qoobox\Quarantine\C\WINDOWS\system32\lpsnwbmn.exe.vir
[DETECTION] Is the Trojan horse TR/Fotomoto.A
[INFO] The file was moved to '3b8aaa95.qua'!
C:\qoobox\Quarantine\C\WINDOWS\system32\mxukhqbh.exe.vir
[DETECTION] Is the Trojan horse TR/Fotomoto.A
[INFO] The file was moved to '3b8caa9d.qua'!
C:\qoobox\Quarantine\C\WINDOWS\system32\gyimvlhp.exe.vir
[DETECTION] Is the Trojan horse TR/Fotomoto.A
[INFO] The file was moved to '3b80aa9f.qua'!
C:\qoobox\Quarantine\C\WINDOWS\system32\jmstqsqw.exe.vir
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '3b8aaa93.qua'!
C:\qoobox\Quarantine\C\WINDOWS\system32\jaxtgryd.exe.vir
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '3b8faa87.qua'!
C:\qoobox\Quarantine\C\WINDOWS\system32\mqmosdnr.exe.vir
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '3b84aa98.qua'!
C:\qoobox\Quarantine\C\WINDOWS\system32\haolmfao.exe.vir
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '3b86aa88.qua'!
C:\qoobox\Quarantine\C\WINDOWS\system32\crchvihr.exe.vir
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '3b7aaa99.qua'!
C:\qoobox\Quarantine\C\WINDOWS\system32\ftpdtmah.dll.vir
[DETECTION] Is the Trojan horse TR/Dldr.ConHook.Gen
[INFO] The file was moved to '3b87aa9c.qua'!
C:\qoobox\Quarantine\C\WINDOWS\system32\ookrwkop.dll.vir
[DETECTION] Is the Trojan horse TR/Dldr.ConHook.Gen
[INFO] The file was moved to '3b82aa97.qua'!
C:\qoobox\Quarantine\C\WINDOWS\system32\mhfssgtq.dll.vir
[DETECTION] Is the Trojan horse TR/Dldr.ConHook.Gen
[INFO] The file was moved to '3b7daa90.qua'!
C:\qoobox\Quarantine\C\WINDOWS\system32\ntefdwnp.dll.vir
[DETECTION] Is the Trojan horse TR/Dldr.ConHook.Gen
[INFO] The file was moved to '3b7caa9d.qua'!
C:\qoobox\Quarantine\C\WINDOWS\system32\olnlnidp.dll.vir
[DETECTION] Is the Trojan horse TR/Dldr.ConHook.Gen
[INFO] The file was moved to '3b85aa95.qua'!
C:\qoobox\Quarantine\C\WINDOWS\system32\gxqavusr.dll.vir
[DETECTION] Is the Trojan horse TR/Dldr.ConHook.Gen
[INFO] The file was moved to '3b88aaa1.qua'!
C:\qoobox\Quarantine\C\WINDOWS\system32\vwvtincj.dll.vir
[DETECTION] Is the Trojan horse TR/Dldr.ConHook.Gen
[INFO] The file was moved to '3b8daaa1.qua'!
C:\qoobox\Quarantine\C\Program Files\Fichiers communs\Microsoft Shared\Web Folders\ibm00001.dll.vir
[DETECTION] Is the Trojan horse TR/PSW.Sinowal.I.9
[INFO] The file was moved to '3b84aa8c.qua'!
Begin scan in 'D:\' <ACERDATA>
Begin scan in 'A:\'
Search path A:\ could not be opened!
Le périphérique n'est pas prêt.

Begin scan in 'E:\'
Search path E:\ could not be opened!
Le périphérique n'est pas prêt.



End of the scan: vendredi 1 juin 2001 15:44
Used time: 40:56 min

The scan has been done completely.

4344 Scanning directories
197942 Files were scanned
139 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
139 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
197803 Files not concerned
6114 Archives were scanned
1 Warnings
0 Notes



Voila, merci d'avance...

6 réponses

Réponse 1 / 6
Le sioux Messages postés 4894 Date d'inscription dimanche 27 mai 2007 Statut Contributeur sécurité Dernière intervention 6 mars 2023 496
12 sept. 2007 à 06:32
Bonjour crawford2

Antivir a bien bosé, vide le contenu de sa quarantaine, ton pc reste tout de meme infecté... on va s occuper de cela ensemble ;)

EDIT Mais tu es encore en SP1 !! il faudra mettre windows a jour

Je te conseille d'enregistrer la page en sélectionnant toutes les lignes puis de copier cette sélection dans un fichier texte sur ton PC pour pouvoir appliquer la procedure correctement.
(Note: tu n'auras pas accès à Internet à partir du moment ou tu redemarreras en mode sans echec)
Il faut exécuter toutes les étapes, sans interruption, dans l'ordre exact indiqué ci-dessous.
Si un élément te paraît obscur, demande des explications avant de commencer la désinfection

1) VundoFix

Télécharge VundoFix.exe (par Atribune) http://www.atribune.org/content/view/24/2/ sur ton Bureau.

* Double-clique VundoFix.exe afin de le lancer
* Clique sur le bouton Scan for Vundo
* Lorsque le scan est complété, clique sur le bouton Remove Vundo
* Une invite te demandera si tu veux supprimer les fichiers, clique YES
* Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers
* Tu verras une invite qui t'annonce que ton PC va redémarrer; clique OK

Note: Il est possible que VundoFix soit confronté à un fichier qu'il ne peut supprimer. Si tel est le cas, l'outil se lancera au prochain redémarrage; il faut simplement suivre les instructions ci-haut, à partir de "clique sur le bouton Scan for Vundo".


2) Télécharge SDFix (créé par AndyManchesta)
http://mickael.barroux.free.fr/securite/sdfix.php
et sauvegarde le sur ton Bureau.

Double clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau.

3) Redémarre ton ordinateur en mode sans échec

Au redémarrage de l'ordinateur, une fois le chargement du BIOS terminé, il y a un écran noir qui apparaît rapidement, appuyer sur la touche [F8] ou [F5] jusqu'à l'affichage du menu des options avancées de Windows.
Sélectionner "Mode sans échec" et appuyer sur [Entrée]

4 )SDFix (créé par AndyManchesta):

* Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.bat pour lancer le script.
* Appuie sur Y pour commencer le processus de nettoyage.
* Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
* Appuie sur une touche pour redémarrer le PC.
* Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
* Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
* Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
* Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.

5) Rapports

* Copie/colle le contenu du rapport situé dans C:\vundofix.txt ainsi que le rapport de SDFix contenu du fichier Report.txt et un nouveau rapport HijackThis dans ta prochaine réponse

@+
0
Réponse 2 / 6
crawford2 Messages postés 87 Date d'inscription mercredi 29 août 2007 Statut Membre Dernière intervention 22 novembre 2008 1
12 sept. 2007 à 17:25
Bonjour,
merci beaucoups de vous etre penché sur mon cas, heu je termine la mise a jour de windows et je vous envois mes rapports dés que possible!
Merci
0
Réponse 3 / 6
Le sioux Messages postés 4894 Date d'inscription dimanche 27 mai 2007 Statut Contributeur sécurité Dernière intervention 6 mars 2023 496
12 sept. 2007 à 17:34
Bonjour Crawford

Avec plaisir .

A tout a l heure, bon courage.
0
Réponse 4 / 6
crawford2 Messages postés 87 Date d'inscription mercredi 29 août 2007 Statut Membre Dernière intervention 22 novembre 2008 1
12 sept. 2007 à 17:44
Merci! :)
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 6
crawford2 Messages postés 87 Date d'inscription mercredi 29 août 2007 Statut Membre Dernière intervention 22 novembre 2008 1
12 sept. 2007 à 20:23
Bon dsl, apparemtn il n'y a pas de vundo trouvés?
Ca veut dire quoi? je continue la procedure ou je fais autre chose?
0
Réponse 6 / 6
Le sioux Messages postés 4894 Date d'inscription dimanche 27 mai 2007 Statut Contributeur sécurité Dernière intervention 6 mars 2023 496
12 sept. 2007 à 20:34
Bonsoir Crawford

Je t ai noté

Il faut exécuter toutes les étapes, sans interruption, dans l'ordre exact indiqué ci-dessous. ;)

Fais ce qui suit, puis poste les rapports par la suite

@+
0

Discussions similaires

Je ne peux pas mettre mon écran en 1920x1080
Woriix2 -
jeannets -

23 réponses
probleme curseur incontrolable
benett49 -
chichi -

43 réponses
déplacement curseur fou incontrolable
david -
david -

17 réponses
comment indiqué qu'un probleme a été resolu ?
dodie -
moska -

3 réponses
Sourie devient incontrôlable par moment
Eliasdu66 -
Obsiper -

5 réponses