Trojan.Eur.GM.c000400110 -- Besoin d'Aide !!

Salut,
Ci-dessous le log.txt puis info.



Logfile of random's system information tool 1.05 (written by random/random)
Run by Utilisateur1 at 2009-01-24 13:59:18
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 65 GB (85%) free of 76 GB
Total RAM: 991 MB (62% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:59:49, on 24/01/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\brss01a.exe
C:\Program Files\a-squared Anti-Malware\a2service.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Microsoft Office\Office10\OUTLOOK.EXE
C:\Program Files\Microsoft Office\Office10\WINWORD.EXE
C:\Documents and Settings\Utilisateur1\Bureau\RSIT.exe
C:\Program Files\trend micro\Utilisateur1.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\LogMeInSystray.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe"
O4 - HKLM\..\Run: [a-squared] "C:\Program Files\a-squared Anti-Malware\a2guard.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{A3FE7FB2-398E-4408-B39C-8B90F2FBA8CB}: NameServer = 85.255.114.14,85.255.112.88
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.114.14,85.255.112.88
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.114.14,85.255.112.88
O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe
O23 - Service: BitDefender Arrakis Server (Arrakis3) - BitDefender S.R.L. https://www.bitdefender.fr/ - C:\Program Files\Fichiers communs\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Sony SPTI Service for DVE (ICDSPTSV) - Sony Corporation - C:\WINDOWS\system32\IcdSptSv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S. R. L. - C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe

Re bonjour,

J'ai fianlement imprimé et scanné le rapport que voici, par contre je n'ai plus de connexions depuis que j'ai lancé malwarebytes ce matin ! est-ce normal?

RAPPORT :

mbam-log-2009-01-26 (10-33-10).txt Malwarebytes' Anti-Malware 1.33 Version de la base de données: 1695 Windows 5.1.2600 Service Pack 3
26/01/2009 10:33:10 mbam-log-2009-01-26 (10-33-10).txt
Type de recherche: Examen complet (C:\|T:\|)
Eléments examinés: 139894
Temps écoulé: 43 minute(s), 23 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 3
valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 6
Dossier(s) infecté(s): 2
Fichier(s) infecté(s): 13
Processus mémoire infecté(s):
(Aucun élément nuisible détecté) .
Module(s) mémoire infecté(s): (Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHlNE\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\aquaplay
(Trojan.DNSChanger) -> Quarantined and deleted successfully.
HKEY_CURRENT_DSER\sOFTWARE\aquaplay (Trojan.DNSChanger) -> Quarantined and
deleted successfully.
HKEY_ci_ASSES_ROOT\aquaplay (Trojan.DNSChanger) -> Quarantined and deleted
successfully.
Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
HKEY_LOCAl__MACHlNE\SYSTEM\CurrentControlSet\servi ces\Tcpi p\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.114.14,85.255.112.88 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHlNE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\lnterfaces \{a3fe7fb2-398e-4408-b39c-8b90f2fba8cb}\NameServer (Trojan.DNSChanger) -> Data: 85.255.114.14,85.255.112.88 -> Quarantined and deleted successfully. HKEY_LOCAL_MACHiNE\SYSTEM\controlSet001\servi ces\Tcpi p\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.114.14,85.255.112.88 -> Quarantined and deleted successrully.
HKEY_l_OCAL_MACHlNE\SYSTEM\ControlSet001\Servi ces\Tcpi p\Parameters\lnterfaces\{a3 fe7fb2-398e-4408-b39c-8b90f2fba8cb}\NameServer (Trojan.DNSChanger) -> Data: 85.255.114.14,85.255.112.88 -> Quarantined and deleted successfully. HKEY_LOCAL_MACHlNE\SYSTEM\ControlSet003\Servi ces\Tcpi p\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.114.14,85.255.112.88 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHlNE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\lnterfaces\{a3 fe7fb2-398e-4408-b39c-8b90f2fba8cb}\NameServer (Trojan.DNSChanger) -> Data: 85.255.114.14,85.255.112.88 -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
C:\resycled (Trojan.DNSChanger) -> Quarantined and deleted successfully.
C:\Program Files\aquaplay (Trojan.DNSChanger) -> Quarantined and deleted
successfully.
Fichier(s) infecté(s):
C:\Program Files\aquaplay\uninstall.exe (Trojan.FakeAlert) -> Quarantined and
deleted successfully.
C:\wiNDOWS\system32\gaopdxmyarsiwe.dll (Trojan.DNSChanger) -> Quarantined and
deleted successfully.
C:\autorun.inf (Trojan.DNSChanger) -> Quarantined and deleted successfully.
C:\resycled\ntldr.com (Trojan.DNSChanger) -> Quarantined and deleted

mbam-log-2009-01-26 (10-33-10).txt successfully.
C:\WlNDOWS\Temp\tempo-023.tmp (Trojan.DNSChanger) -> Quarantined and deleted successfully.
C:\WlNDOWS\Temp\tempo-645.tmp (Trojan.DNSChanger) -> Quarantined and deleted successfully.
C:\WlNDOWS\Temp\tempo-687.tmp (Trojan.DNSChanger) -> Quarantined and deleted successfully.
C:\WlNDOWS\Temp\tempo-995.tmp (Trojan.DNSChanger) -> Quarantined and deleted successfully.
C:\WlNDOWS\Temp\tempo-D35.tmp (Trojan.DNSChanger) -> Quarantined and deleted successfully.
C:\wiNDOWS\Temp\tempo-DD9.tmp (Trojan.DNSChanger) -> Quarantined and deleted successfully.
C:\wiNDOWS\system32\drivers\gaopdxmmokqdkv.sys (Trojan.Agent) -> Quarantined and deleted successfully.
C:\wiNDOWS\system32\drivers\gaopdxsbxnsfty.sys (Trojan.Agent) -> Quarantined and deleted successfully.
C:\wiNDOWS\system32\drivers\gaopdxyrvimism.sys (Trojan.Agent) -> Quarantined and deleted successfully.