Flu burung
Résolu/Fermé4 réponses
Bonjour,
je suis tombé sur une machine aujourd'hui qui portait ce virus et je n'ai pas pu le l'enlèver de la machine. Que faire????
je suis tombé sur une machine aujourd'hui qui portait ce virus et je n'ai pas pu le l'enlèver de la machine. Que faire????
Alytchatcho
Messages postés
3
Date d'inscription
samedi 27 octobre 2007
Statut
Membre
Dernière intervention
2 novembre 2007
30 oct. 2007 à 06:45
30 oct. 2007 à 06:45
Ce fameux message apparaît souvant en Bloc note. J'ai eu le même problème il y a une semaine. J'ai remarqué que mon AVG n'était pas à jour. Je l'ai désintallé et mis un antivirus à jour. J'ai scanné ma machine (Win XP SP2) pendant environ 3 heures mais en vain. J'ai ensuite formater le HDD.
Bonjour,
je peux vous aider en vous envoyant sur le site http://www.blackyard.net/?p=188 où vous avez la procedure suivante pour réparer.
Removing The Flu Burung Virus
Posted on October 29, 2007
Filed Under The Yard
Several of my readers have been complaining of being infected by the Flu Burung virus that disables the mouse and brings up endless pop-ups. It is impossible to do any form of work on an infected PC. You will have to download the following tools to repair an infected machine:
Advanced Process Termination v4.0
W32.Rungbu Splitter
ATF-Cleaner by Attribune.org
Please Note: The tools above should be used in the order in which they appear for proper removal of the virus. Carefully follow the steps below exactly to the letter. In rare cases the userinit file may get corrupted which will necessitate you to repair your Windows installation. Blackyard Technologies is not liable for any damage arising from using these software.
Steps for Cleaning Flu Burung/Rungbu/Dizan Virus
1. Navigate to the location of the apt.exe on your machine or removable device. I am assuming that your mouse is not responding hence you will have to use your keyboard. Press the windows icon to open the program menu and navigate to Run using you arrow keys. Alternatively simply press Windows Icon + R.
2. Run the “apt.exe” (preferably as Administrator).
3. You will find a list of all running processes. Click using your mouse (just highlight anything) and use the arrow keys to select the virus processes. Suspend any process with the following names (in capital letters) “CTFMON.EXE, SVCHOST.EXE, SPOOLSV.EXE” running from “c:\Recycled” and displayed with MS Word icon. Use the Suspend 2 button.
4. Kill all the suspended processes one after the other. Use the “Kill 10″ button. Your mouse should be working now.
5. Proceed to Run and type in regedit and hit the Enter button.
6. Change the registry key [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ Winlogon\ userinit] from “C:\Recylcled\SVCHOST.EXE” to “C:\WINDOWS\system32\userinit.exe”.
7. Remove the registry key [HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ Winlogon\ shell] containing data - Explorer.exe, “C:\Recylcled\SVCHOST.EXE”
8. Start DOS prompt and delete the folder “c:\Recycled”. Note: This is a hidden folder. The delete command is “del recycled”. Make sure you navigate to the root c: by entering the command cd\.
9. Run windows search program and look for all files with the extension “scr”. All files displayed with the a MS Word icon are infected with the virus.
10. Identify and separate these files for deletion or manual repair.To manually repair the infected files, run the application “W32.Rungbu Splitter.exe“.
11. Run the “ATF-Cleaner.exe” to clear the temp files and cache
12. Install an updated antivirus to prevent further attacks
If you encounter any problems while using any of the tools above please reply on this blog. I will attempt to respond to all queries to the best of my ability. Happy hunting
Buy Me a Drink...
Al Pacino
je peux vous aider en vous envoyant sur le site http://www.blackyard.net/?p=188 où vous avez la procedure suivante pour réparer.
Removing The Flu Burung Virus
Posted on October 29, 2007
Filed Under The Yard
Several of my readers have been complaining of being infected by the Flu Burung virus that disables the mouse and brings up endless pop-ups. It is impossible to do any form of work on an infected PC. You will have to download the following tools to repair an infected machine:
Advanced Process Termination v4.0
W32.Rungbu Splitter
ATF-Cleaner by Attribune.org
Please Note: The tools above should be used in the order in which they appear for proper removal of the virus. Carefully follow the steps below exactly to the letter. In rare cases the userinit file may get corrupted which will necessitate you to repair your Windows installation. Blackyard Technologies is not liable for any damage arising from using these software.
Steps for Cleaning Flu Burung/Rungbu/Dizan Virus
1. Navigate to the location of the apt.exe on your machine or removable device. I am assuming that your mouse is not responding hence you will have to use your keyboard. Press the windows icon to open the program menu and navigate to Run using you arrow keys. Alternatively simply press Windows Icon + R.
2. Run the “apt.exe” (preferably as Administrator).
3. You will find a list of all running processes. Click using your mouse (just highlight anything) and use the arrow keys to select the virus processes. Suspend any process with the following names (in capital letters) “CTFMON.EXE, SVCHOST.EXE, SPOOLSV.EXE” running from “c:\Recycled” and displayed with MS Word icon. Use the Suspend 2 button.
4. Kill all the suspended processes one after the other. Use the “Kill 10″ button. Your mouse should be working now.
5. Proceed to Run and type in regedit and hit the Enter button.
6. Change the registry key [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ Winlogon\ userinit] from “C:\Recylcled\SVCHOST.EXE” to “C:\WINDOWS\system32\userinit.exe”.
7. Remove the registry key [HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ Winlogon\ shell] containing data - Explorer.exe, “C:\Recylcled\SVCHOST.EXE”
8. Start DOS prompt and delete the folder “c:\Recycled”. Note: This is a hidden folder. The delete command is “del recycled”. Make sure you navigate to the root c: by entering the command cd\.
9. Run windows search program and look for all files with the extension “scr”. All files displayed with the a MS Word icon are infected with the virus.
10. Identify and separate these files for deletion or manual repair.To manually repair the infected files, run the application “W32.Rungbu Splitter.exe“.
11. Run the “ATF-Cleaner.exe” to clear the temp files and cache
12. Install an updated antivirus to prevent further attacks
If you encounter any problems while using any of the tools above please reply on this blog. I will attempt to respond to all queries to the best of my ability. Happy hunting
Buy Me a Drink...
Al Pacino
