Sujet Précédent Sujet Suivant

C:/windows/system32/vtutq.dll

BiBi -  
 bibi2007 -
Bonjour,
J'ai bien peur de répéter des choses dont on a parlé précédemment; mais j'ai parcouru les solutions et c'est du chinois pour moi (je suis assez novice en informatique!). Voici le message que mon antivirus AVAST m'affiche comme "virus":
c:/windows/system32/vtutq.dll
Queq'un pourrait m'aider à résoudre ce problème? MERCI D'avance!
BIBI

1 réponse

Réponse 1 / 1
bibi2007
 
Bonjour,
Voici le rapport que j'ai obtenu après le scan proposé:

[11/20/2007, 19:59:15] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\Proprietaire\Mes documents\Downloads\Programs\VirtumundoBeGone.exe" )
[11/20/2007, 19:59:29] - Detected System Information:
[11/20/2007, 19:59:29] - Windows Version: 5.1.2600, Service Pack 2
[11/20/2007, 19:59:29] - Current Username: Proprietaire (Admin)
[11/20/2007, 19:59:29] - Windows is in NORMAL mode.
[11/20/2007, 19:59:29] - Searching for Browser Helper Objects:
[11/20/2007, 19:59:29] - BHO 1: {0055C089-8582-441B-A0BF-17B458C2A3A8} (IDMIEHlprObj Class)
[11/20/2007, 19:59:29] - BHO 2: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Aide pour le lien d'Adobe PDF Reader)
[11/20/2007, 19:59:29] - BHO 3: {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} (SWEETIE Class)
[11/20/2007, 19:59:29] - BHO 4: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[11/20/2007, 19:59:29] - BHO 5: {7C2CE8E0-F46B-4159-86F6-BBD42C0564B8} ()
[11/20/2007, 19:59:29] - WARNING: BHO has no default name. Checking for Winlogon reference.
[11/20/2007, 19:59:29] - Checking for HKLM\...\Winlogon\Notify\vtutq
[11/20/2007, 19:59:29] - Found: HKLM\...\Winlogon\Notify\vtutq - This is probably Virtumundo.
[11/20/2007, 19:59:29] - Assigning {7C2CE8E0-F46B-4159-86F6-BBD42C0564B8} MSEvents Object
[11/20/2007, 19:59:29] - BHO list has been changed! Starting over...
[11/20/2007, 19:59:29] - BHO 1: {0055C089-8582-441B-A0BF-17B458C2A3A8} (IDMIEHlprObj Class)
[11/20/2007, 19:59:30] - BHO 2: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Aide pour le lien d'Adobe PDF Reader)
[11/20/2007, 19:59:30] - BHO 3: {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} (SWEETIE Class)
[11/20/2007, 19:59:30] - BHO 4: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[11/20/2007, 19:59:30] - BHO 5: {7C2CE8E0-F46B-4159-86F6-BBD42C0564B8} (MSEvents Object)
[11/20/2007, 19:59:30] - ALERT: Found MSEvents Object!
[11/20/2007, 19:59:30] - BHO 6: {7E853D72-626A-48EC-A868-BA8D5E23E045} ()
[11/20/2007, 19:59:30] - WARNING: BHO has no default name. Checking for Winlogon reference.
[11/20/2007, 19:59:30] - No filename found. Continuing.
[11/20/2007, 19:59:30] - BHO 7: {9030D464-4C02-4ABF-8ECC-5164760863C6} (Windows Live Sign-in Helper)
[11/20/2007, 19:59:30] - BHO 8: {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
[11/20/2007, 19:59:30] - BHO 9: {AE7CD045-E861-484f-8273-0445EE161910} (AcroIEToolbarHelper Class)
[11/20/2007, 19:59:30] - BHO 10: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (Google Toolbar Notifier BHO)
[11/20/2007, 19:59:31] - BHO 11: {F4002052-AB29-4B33-8C8D-0E99084564EC} ()
[11/20/2007, 19:59:31] - WARNING: BHO has no default name. Checking for Winlogon reference.
[11/20/2007, 19:59:31] - Checking for HKLM\...\Winlogon\Notify\vtuvvur
[11/20/2007, 19:59:31] - Found: HKLM\...\Winlogon\Notify\vtuvvur - This is probably Virtumundo.
[11/20/2007, 19:59:31] - Assigning {F4002052-AB29-4B33-8C8D-0E99084564EC} MSEvents Object
[11/20/2007, 19:59:31] - BHO list has been changed! Starting over...
[11/20/2007, 19:59:31] - BHO 1: {0055C089-8582-441B-A0BF-17B458C2A3A8} (IDMIEHlprObj Class)
[11/20/2007, 19:59:31] - BHO 2: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Aide pour le lien d'Adobe PDF Reader)
[11/20/2007, 19:59:31] - BHO 3: {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} (SWEETIE Class)
[11/20/2007, 19:59:31] - BHO 4: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[11/20/2007, 19:59:31] - BHO 5: {7C2CE8E0-F46B-4159-86F6-BBD42C0564B8} (MSEvents Object)
[11/20/2007, 19:59:31] - ALERT: Found MSEvents Object!
[11/20/2007, 19:59:31] - BHO 6: {7E853D72-626A-48EC-A868-BA8D5E23E045} ()
[11/20/2007, 19:59:31] - WARNING: BHO has no default name. Checking for Winlogon reference.
[11/20/2007, 19:59:31] - No filename found. Continuing.
[11/20/2007, 19:59:31] - BHO 7: {9030D464-4C02-4ABF-8ECC-5164760863C6} (Windows Live Sign-in Helper)
[11/20/2007, 19:59:31] - BHO 8: {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
[11/20/2007, 19:59:31] - BHO 9: {AE7CD045-E861-484f-8273-0445EE161910} (AcroIEToolbarHelper Class)
[11/20/2007, 19:59:31] - BHO 10: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (Google Toolbar Notifier BHO)
[11/20/2007, 19:59:31] - BHO 11: {F4002052-AB29-4B33-8C8D-0E99084564EC} (MSEvents Object)
[11/20/2007, 19:59:31] - ALERT: Found MSEvents Object!
[11/20/2007, 19:59:31] - Finished Searching Browser Helper Objects
[11/20/2007, 19:59:31] - *** Detected MSEvents Object
[11/20/2007, 19:59:31] - Trying to remove MSEvents Object...
[11/20/2007, 19:59:33] - Terminating Process: IEXPLORE.EXE
[11/20/2007, 19:59:36] - Terminating Process: RUNDLL32.EXE
[11/20/2007, 19:59:38] - Disabling Automatic Shell Restart
[11/20/2007, 19:59:38] - Terminating Process: EXPLORER.EXE
[11/20/2007, 19:59:40] - Suspending the NT Session Manager System Service
[11/20/2007, 19:59:41] - Terminating Windows NT Logon/Logoff Manager
[11/20/2007, 19:59:42] - Re-enabling Automatic Shell Restart
[11/20/2007, 19:59:42] - File to disable: C:\WINDOWS\system32\vtutq.dll
[11/20/2007, 19:59:42] - Renaming C:\WINDOWS\system32\vtutq.dll -> C:\WINDOWS\system32\vtutq.dll.vir
[11/20/2007, 19:59:44] - ! File rename was unsucessful.
[11/20/2007, 19:59:44] - Attempting to Deny Access to C:\WINDOWS\system32\vtutq.dll
[11/20/2007, 19:59:45] - *** IMPORTANT: Delete/Rename/Move on reboot (like Killbox) MAY NOT work.
[11/20/2007, 19:59:45] - ERROR: Le mappage entre les noms de compte et les ID de sйcuritй n'a pas йtй effectuй.

[11/20/2007, 19:59:45] - *** IMPORTANT: The file is disabled and will need to be deleted by the user.
[11/20/2007, 19:59:45] - Removing HKLM\...\Browser Helper Objects\{7C2CE8E0-F46B-4159-86F6-BBD42C0564B8}
[11/20/2007, 19:59:45] - Removing HKCR\CLSID\{7C2CE8E0-F46B-4159-86F6-BBD42C0564B8}
[11/20/2007, 19:59:46] - Adding Kill Bit for ActiveX for GUID: {7C2CE8E0-F46B-4159-86F6-BBD42C0564B8}
[11/20/2007, 19:59:46] - Deleting ATLEvents/MSEvents Registry entries
[11/20/2007, 19:59:46] - Removing HKLM\...\Winlogon\Notify\vtutq
[11/20/2007, 19:59:46] - Searching for Browser Helper Objects:
[11/20/2007, 19:59:46] - BHO 1: {0055C089-8582-441B-A0BF-17B458C2A3A8} (IDMIEHlprObj Class)
[11/20/2007, 19:59:46] - BHO 2: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Aide pour le lien d'Adobe PDF Reader)
[11/20/2007, 19:59:46] - BHO 3: {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} (SWEETIE Class)
[11/20/2007, 19:59:46] - BHO 4: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[11/20/2007, 19:59:46] - BHO 5: {7E853D72-626A-48EC-A868-BA8D5E23E045} ()
[11/20/2007, 19:59:46] - WARNING: BHO has no default name. Checking for Winlogon reference.
[11/20/2007, 19:59:46] - No filename found. Continuing.
[11/20/2007, 19:59:46] - BHO 6: {9030D464-4C02-4ABF-8ECC-5164760863C6} (Windows Live Sign-in Helper)
[11/20/2007, 19:59:46] - BHO 7: {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
[11/20/2007, 19:59:47] - BHO 8: {AE7CD045-E861-484f-8273-0445EE161910} (AcroIEToolbarHelper Class)
[11/20/2007, 19:59:47] - BHO 9: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (Google Toolbar Notifier BHO)
[11/20/2007, 19:59:47] - BHO 10: {F4002052-AB29-4B33-8C8D-0E99084564EC} (MSEvents Object)
[11/20/2007, 19:59:47] - ALERT: Found MSEvents Object!
[11/20/2007, 19:59:47] - Finished Searching Browser Helper Objects
[11/20/2007, 19:59:47] - *** Detected MSEvents Object
[11/20/2007, 19:59:47] - Trying to remove MSEvents Object...
[11/20/2007, 19:59:48] - Terminating Process: IEXPLORE.EXE
[11/20/2007, 19:59:48] - Terminating Process: RUNDLL32.EXE
[11/20/2007, 19:59:48] - Disabling Automatic Shell Restart
[11/20/2007, 19:59:48] - Terminating Process: EXPLORER.EXE
[11/20/2007, 19:59:48] - Suspending the NT Session Manager System Service
[11/20/2007, 19:59:48] - Terminating Windows NT Logon/Logoff Manager
[11/20/2007, 19:59:48] - Re-enabling Automatic Shell Restart
[11/20/2007, 19:59:48] - File to disable: C:\WINDOWS\system32\vtuvvur.dll
[11/20/2007, 19:59:48] - Renaming C:\WINDOWS\system32\vtuvvur.dll -> C:\WINDOWS\system32\vtuvvur.dll.vir
[11/20/2007, 19:59:48] - ! File rename was unsucessful.
[11/20/2007, 19:59:48] - Attempting to Deny Access to C:\WINDOWS\system32\vtuvvur.dll
[11/20/2007, 19:59:48] - *** IMPORTANT: Delete/Rename/Move on reboot (like Killbox) MAY NOT work.
[11/20/2007, 19:59:48] - ERROR: Le mappage entre les noms de compte et les ID de sйcuritй n'a pas йtй effectuй.

[11/20/2007, 19:59:48] - *** IMPORTANT: The file is disabled and will need to be deleted by the user.
[11/20/2007, 19:59:49] - Removing HKLM\...\Browser Helper Objects\{F4002052-AB29-4B33-8C8D-0E99084564EC}
[11/20/2007, 19:59:49] - Removing HKCR\CLSID\{F4002052-AB29-4B33-8C8D-0E99084564EC}
[11/20/2007, 19:59:49] - Adding Kill Bit for ActiveX for GUID: {F4002052-AB29-4B33-8C8D-0E99084564EC}
[11/20/2007, 19:59:49] - Deleting ATLEvents/MSEvents Registry entries
[11/20/2007, 19:59:49] - Removing HKLM\...\Winlogon\Notify\vtuvvur
[11/20/2007, 19:59:49] - Searching for Browser Helper Objects:
[11/20/2007, 19:59:49] - BHO 1: {0055C089-8582-441B-A0BF-17B458C2A3A8} (IDMIEHlprObj Class)
[11/20/2007, 19:59:49] - BHO 2: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Aide pour le lien d'Adobe PDF Reader)
[11/20/2007, 19:59:49] - BHO 3: {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} (SWEETIE Class)
[11/20/2007, 19:59:49] - BHO 4: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[11/20/2007, 19:59:49] - BHO 5: {7E853D72-626A-48EC-A868-BA8D5E23E045} ()
[11/20/2007, 19:59:49] - WARNING: BHO has no default name. Checking for Winlogon reference.
[11/20/2007, 19:59:49] - No filename found. Continuing.
[11/20/2007, 19:59:49] - BHO 6: {9030D464-4C02-4ABF-8ECC-5164760863C6} (Windows Live Sign-in Helper)
[11/20/2007, 19:59:49] - BHO 7: {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
[11/20/2007, 19:59:49] - BHO 8: {AE7CD045-E861-484f-8273-0445EE161910} (AcroIEToolbarHelper Class)
[11/20/2007, 19:59:49] - BHO 9: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (Google Toolbar Notifier BHO)
[11/20/2007, 19:59:49] - Finished Searching Browser Helper Objects
[11/20/2007, 19:59:49] - Finishing up...
[11/20/2007, 19:59:49] - A restart is needed.
[11/20/2007, 20:00:08] - Attempting to Restart via STOP error (Blue Screen!)

[11/20/2007, 20:09:02] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\Proprietaire\Mes documents\Downloads\Programs\VirtumundoBeGone.exe" )
[11/20/2007, 20:09:11] - Detected System Information:
[11/20/2007, 20:09:12] - Windows Version: 5.1.2600, Service Pack 2
[11/20/2007, 20:09:12] - Current Username: Proprietaire (Admin)
[11/20/2007, 20:09:12] - Windows is in NORMAL mode.
[11/20/2007, 20:09:12] - Searching for Browser Helper Objects:
[11/20/2007, 20:09:12] - BHO 1: {0055C089-8582-441B-A0BF-17B458C2A3A8} (IDMIEHlprObj Class)
[11/20/2007, 20:09:12] - BHO 2: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Aide pour le lien d'Adobe PDF Reader)
[11/20/2007, 20:09:12] - BHO 3: {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} (SWEETIE Class)
[11/20/2007, 20:09:12] - BHO 4: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[11/20/2007, 20:09:12] - BHO 5: {7E853D72-626A-48EC-A868-BA8D5E23E045} ()
[11/20/2007, 20:09:12] - WARNING: BHO has no default name. Checking for Winlogon reference.
[11/20/2007, 20:09:12] - No filename found. Continuing.
[11/20/2007, 20:09:12] - BHO 6: {9030D464-4C02-4ABF-8ECC-5164760863C6} (Windows Live Sign-in Helper)
[11/20/2007, 20:09:12] - BHO 7: {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
[11/20/2007, 20:09:12] - BHO 8: {AE7CD045-E861-484f-8273-0445EE161910} (AcroIEToolbarHelper Class)
[11/20/2007, 20:09:12] - BHO 9: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (Google Toolbar Notifier BHO)
[11/20/2007, 20:09:12] - Finished Searching Browser Helper Objects
[11/20/2007, 20:09:12] - Finishing up...
[11/20/2007, 20:09:12] - Nothing found! Exiting...

[11/21/2007, 18:40:16] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\Proprietaire\Mes documents\Downloads\Programs\VirtumundoBeGone.exe" )
[11/21/2007, 18:40:20] - Detected System Information:
[11/21/2007, 18:40:20] - Windows Version: 5.1.2600, Service Pack 2
[11/21/2007, 18:40:20] - Current Username: Proprietaire (Admin)
[11/21/2007, 18:40:20] - Windows is in NORMAL mode.
[11/21/2007, 18:40:20] - Searching for Browser Helper Objects:
[11/21/2007, 18:40:21] - BHO 1: {0055C089-8582-441B-A0BF-17B458C2A3A8} (IDMIEHlprObj Class)
[11/21/2007, 18:40:21] - BHO 2: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Aide pour le lien d'Adobe PDF Reader)
[11/21/2007, 18:40:21] - BHO 3: {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} (SWEETIE Class)
[11/21/2007, 18:40:21] - BHO 4: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[11/21/2007, 18:40:21] - BHO 5: {7E853D72-626A-48EC-A868-BA8D5E23E045} ()
[11/21/2007, 18:40:21] - WARNING: BHO has no default name. Checking for Winlogon reference.
[11/21/2007, 18:40:21] - No filename found. Continuing.
[11/21/2007, 18:40:21] - BHO 6: {9030D464-4C02-4ABF-8ECC-5164760863C6} (Windows Live Sign-in Helper)
[11/21/2007, 18:40:21] - BHO 7: {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
[11/21/2007, 18:40:22] - BHO 8: {AE7CD045-E861-484f-8273-0445EE161910} (AcroIEToolbarHelper Class)
[11/21/2007, 18:40:22] - BHO 9: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (Google Toolbar Notifier BHO)
[11/21/2007, 18:40:22] - Finished Searching Browser Helper Objects
[11/21/2007, 18:40:22] - Finishing up...
[11/21/2007, 18:40:22] - Nothing found! Exiting...

NB: mon antivirus m'affiche un seul message (au départ c'était 3 messages) de virus qui est le suivant:
Win32:Virtumonde-CI [Adw]
Qu'en pensez-vous? Dois-je procéder autrement? Ce "virus" ne veut pazs être supprimé ni être mis en quarantaine!
Merce de votre aide!
Bibi
0