Bonjour, j'ai eu le même message de ZoneLabs ZoneAlarm security, mais en plus de ça j'ai une alerte qui dit: "CFT Loader (qui appelle CFTMON) WAS PREVENTED FROM MONITORING YOUR MOUSE AND KEYBOARD STROKES (PROTECTED)".
Escan (gratuit, presque) en safe mode a trouvé des Trojans dans SYSTEM32 mais mais NORTON n'a rien détecté et plusieurs autres produit antivirus.
voice un extrait du LOG:
File C:\WINDOWS\Downloaded Program Files\YSBactivex.dll infected by Trojan-Downloader.Win32.IstBar.gen
File C:\WINDOWS\system32\qlink32.dll tagged as not-a-virus:AdWare.Win32.Suggestor.o
File C:\WINDOWS\SYSTEM32\racdocvw.exe infected by Trojan.Win32.Crypt.t
File C:\WINDOWS\SYSTEM32\webquota.exe infected by Trojan.Win32.Crypt.t
File C:\WINDOWS\SYSTEM32\winvtmsg.dll infected by Trojan.Win32.Crypt.t
File C:\Program Files\Vidreal\ace.dll infected by Trojan.Win32.Crypt.t
File C:\Program Files\Vidreal\fdetus35.exe infected by Trojan.Win32.Crypt.t
File C:\Program Files\Vidreal\srccdrom.exe infected by Trojan.Win32.Crypt.t
File C:\Program Files\Vidreal\WinGenerics.dll infected by Trojan.Win32.Crypt.t
un autre forum m'a donné ces instructions:
AW: RACDOCVW.exe is attempting to connect to a DNS server
--------------------------------------------------------------------------------
Hello John ... you are welcome
You will want to copy the text from this post and save it as a text file (*.txt) or print it because you will be working offline (in safemode) to resolve your problem and not have access to this forum.
Follow these STEPS.
STEP 1
Download
of the trial version:
eScan
NOTE: -> Every version of eScan also discovers adware files but these files must become deleted manually, anyway.
If you don't have a zip-tool we suggest zipgenius (It is free).
You MUST Unzip 'mwav.exe' to 'C:\bases_x' (case sensitive, any other folder and it won't work properly)
After installing some systems automatically start up the program, if this happens close it, you don't want to run it now.
Open 'My Computer'
Double click on 'C:'
Double click on the folder 'bases_x'
Now in that root folder look for 'kavupd.exe' and double click on it. (We are updating eScan to the latest definitions.)
NOTE: You must read and then click 'ok' to the License Agreement'.
STEP 2
Now turn off your computer and remove the network cable/phone line from your machine.
Reboot your computer in Safe Mode
STEP 3
Open 'My Computer'
Double click on 'C:'
Double click on the folder 'bases_x'
Double click on 'mwavscan.com'
Now close all other windows, browsers, and programs other then eScan before continuing
Checkmark: Memory, StartUp-Folders, Drive, All Local Drives, Registry, System Folders, Services
Now select 'Scan All Files'
Finally, click on 'Scan' (The program will take several hours to run)
When the first virus is discovered, you will get a warning 'Virus Detected'. Click 'ok'.
When the scan is complete, click 'View Log' and Save it as 'mwav.log'!
STEP 4
Reconnect your network cable/phone line
Reboot your system into normal mode.
STEP 5
Open 'My Computer'
Double click on 'C:'
Double click on the folder 'bases_x'
Find the 'mwav.log' file in the directory.
Open it with an editor (Notepad will do fine)
Look for the files which are tagged as "virus" or "infected"
Copy&paste all these files tagged as "virus" or "infected" in a new document and save to your desktop
STEP 6
Run Hijackthis again and have it save a new log file.
Step 7
Post every file of eScan by looking for "infected" and "tagged as" to this thread:
It looks like this:
File C:\WINDOWS\sssasasb32.exe infected by "Trojan-Downloader.Win32.Agent.ig" Virus. Action Taken
File C:\Documents and Settings\Name\Local Settings\Application Data\Wildtangent\0F.dat tagged as not-a-virus:AdWare.WildTangent.b. No Action Taken.
Also post the total results:
=>Total Number of Files Scanned:
=>Total Number of Virus(es) Found:
=>Total Number of Disinfected Files:
=>Total Number of Files Renamed:
=>Total Number of Deleted Files:
=>Total Number of Errors:
***** Scanning complete. *****
STEP 8
Using the free version of eScan, please load down this free tool
eScan-Check1.10 to delete the found malware.
Unzip 'eScan-Check1.10' to 'C:\escheck' (case sensitive, any other folder and it won't work properly)
Open 'My Computer'
Double click on 'C:'
Double click on the folder 'bases_x'
Now in that root folder look for 'mwav.log' and double click on it.
NOTE: Use 'eScan-Check1.10' and put a checkmark onto the Icon 'Backup der gelöschten Dateien anlegen' (Make a Backup of the deleted files) and 'Alle Dateien beim Neustart löschen' (Delete all files on Reboot) -> put a checkmark to all files which are "tagged as not-a-virus:AdWare..." and "infected by.." and click onto the Button 'Dateien löschen' (Delete Files).
NOTE: If you want to re-scan your system with the eScan once more, you MUST first delete the 'mwav.log' otherwise you won't get a good result of the new scan.
Finally, post the new Hijackthis logfile!
http://forum.hijackthis.de/showthread.php?t=10682&page=2
__________________
Si votre probleme est similaire je vous donnerai les résultats de l'opération.
Application load error fear 2
