[Virus] infecté par Win32:Trojan-gen. {Other} Résolu/Fermé

Question

Bonjour a tous en voulant allez sur un site internet mon antivirus avast a detecté un virus et voici le rapport du journal :24/12/2005 01:02:52	Pascal Lombart	3908	Function setifaceUpdatePackages() has failed. Return code is 0x000004C7, dwRes is 000004C7.  24/12/2005 01:26:14	Pascal Lombart	3908	Function setifaceUpdatePackages() has failed. Return code is 0x000004C7, dwRes is 000004C7.  24/12/2005 12:49:07	Pascal Lombart	1192	Function setifaceUpdatePackages() has failed. Return code is 0x2000001A, dwRes is 2000001A.  06/01/2006 17:01:03	SYSTEM	1992	Function setifaceUpdatePackages() has failed. Return code is 0x20000011, dwRes is 20000011.  06/01/2006 17:01:03	SYSTEM	1992	An error has occured while attempting to update. Please check the logs.  04/02/2006 12:36:08	SYSTEM	548	Sign of "VBS:Malware [Script]" has been found in "http://www.chez.com/oranginarouge93/cool.html" file.  04/02/2006 12:36:31	SYSTEM	548	Sign of "VBS:Malware [Script]" has been found in "C:\Documents and Settings\Pascal Lombart\Local Settings\Application Data\Mozilla\Firefox\Profiles\3cfz9ssc.default\Cache\BE355B62d01" file.  07/03/2006 18:10:50	Pascal Lombart	1952	Sign of "Win32:Small-EL [Trj]" has been found in "C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\ibm00001.dll" file.  07/03/2006 18:11:14	Pascal Lombart	1952	Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\Documents and Settings\Pascal Lombart\Local Settings\Temporary Internet Files\Content.IE5\K1WRU9KX\country[1].htm" file.  07/03/2006 18:11:18	Pascal Lombart	1952	Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\WINDOWS\country.exe" file.  07/03/2006 18:11:21	Pascal Lombart	1952	Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\Documents and Settings\Pascal Lombart\Local Settings\Temporary Internet Files\Content.IE5\DCCRTH01\country[1].htm" file.  07/03/2006 18:11:24	Pascal Lombart	1952	Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\Documents and Settings\Pascal Lombart\Local Settings\Temporary Internet Files\Content.IE5\DCCRTH01\country[2].htm" file.  07/03/2006 18:11:27	Pascal Lombart	1952	Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\Documents and Settings\Pascal Lombart\Local Settings\Temporary Internet Files\Content.IE5\K1WRU9KX\country[1].htm" file.  07/03/2006 18:11:29	Pascal Lombart	1952	Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\Documents and Settings\Pascal Lombart\Local Settings\Temporary Internet Files\Content.IE5\K1WRU9KX\country[2].htm" file.  07/03/2006 18:11:32	Pascal Lombart	1952	Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\Documents and Settings\Pascal Lombart\Local Settings\Temporary Internet Files\Content.IE5\DCCRTH01\country[1].htm" file.  07/03/2006 18:11:35	Pascal Lombart	1952	Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\Documents and Settings\Pascal Lombart\Local Settings\Temporary Internet Files\Content.IE5\K1WRU9KX\country[1].htm" file.  07/03/2006 18:11:54	Pascal Lombart	1952	Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\Documents and Settings\Pascal Lombart\Local Settings\Temporary Internet Files\Content.IE5\K1WRU9KX\country[2].htm" file.  07/03/2006 18:12:27	Pascal Lombart	1952	Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\Documents and Settings\Pascal Lombart\Local Settings\Temporary Internet Files\Content.IE5\DCCRTH01\country[1].htm" file.  07/03/2006 18:12:30	Pascal Lombart	1952	Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\Documents and Settings\Pascal Lombart\Local Settings\Temporary Internet Files\Content.IE5\K1WRU9KX\country[1].htm" file.  07/03/2006 18:12:40	Pascal Lombart	1952	Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\WINDOWS\country.exe" file.  07/03/2006 18:13:29	Pascal Lombart	1952	Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\WINDOWS\tool4.exe" file.  07/03/2006 18:13:32	Pascal Lombart	1952	Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\WINDOWS\tool4.exe" file.  07/03/2006 18:13:35	Pascal Lombart	1952	Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\WINDOWS\tool5.exe" file.  07/03/2006 18:13:40	Pascal Lombart	1952	Sign of "Win32:Trojano-2873 [Trj]" has been found in "C:\Documents and Settings\Pascal Lombart\Local Settings\Temporary Internet Files\Content.IE5\IH4V25Y5\MTE3NDI6ODoxNg[1].exe" file.  07/03/2006 18:13:49	Pascal Lombart	1952	Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\WINDOWS\tool4.exe" file.  07/03/2006 18:13:52	Pascal Lombart	1952	Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\WINDOWS\tool5.exe" file.  07/03/2006 18:13:56	Pascal Lombart	1952	Sign of "Win32:Agent-HX [Trj]" has been found in "C:\Documents and Settings\Pascal Lombart\Local Settings\Temporary Internet Files\Content.IE5\ALZ7UF36\sb82[1].exe\[UPX]" file.  07/03/2006 18:16:20	Pascal Lombart	1952	Sign of "Win32:Trojano-2873 [Trj]" has been found in "C:\MTE3NDI6ODoxNg.exe" file.  07/03/2006 18:16:23	Pascal Lombart	1952	Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\WINDOWS\tool4.exe" file.  07/03/2006 18:16:43	Pascal Lombart	1952	Sign of "Win32:Trojano-2873 [Trj]" has been found in "C:\MTE3NDI6ODoxNg.exe" file.  07/03/2006 18:17:43	Pascal Lombart	1952	Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\WINDOWS\tool5.exe" file.  07/03/2006 18:21:05	Pascal Lombart	1952	Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\Documents and Settings\Pascal Lombart\Local Settings\Temporary Internet Files\Content.IE5\SDKHU7KP\freeprodtb[1].exe" file.  07/03/2006 18:21:23	Pascal Lombart	1952	Sign of "Win32:Agent-HX [Trj]" has been found in "C:\DOCUME~1\PASCAL~1\LOCALS~1\Temp\~dfte14.tmp\[UPX]" file.  07/03/2006 18:21:31	Pascal Lombart	1952	Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\WINDOWS\tool4.exe" file.  07/03/2006 18:21:33	Pascal Lombart	1952	Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\WINDOWS\tool5.exe" file.  07/03/2006 18:22:29	Pascal Lombart	1952	Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\Documents and Settings\Pascal Lombart\Bureau\freeprodtb.exe" file.  07/03/2006 18:22:38	Pascal Lombart	1952	Sign of "Win32:Adware-gen. [Adw]" has been found in "C:\Documents and Settings\Pascal Lombart\Bureau\freeprodtb.exe" file.  07/03/2006 18:22:58	Pascal Lombart	1952	Sign of "Win32:Prox [Wrm]" has been found in "C:\Documents and Settings\Pascal Lombart\Local Settings\Temporary Internet Files\Content.IE5\ALZ7UF36\igl[1].exe\[PECompact]" file.  07/03/2006 18:23:00	Pascal Lombart	1952	Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\WINDOWS\tool5.exe" file.  07/03/2006 18:23:05	Pascal Lombart	1952	Sign of "Win32:Prox [Wrm]" has been found in "C:\DOCUME~1\PASCAL~1\LOCALS~1\Temp\48.tmp\[PECompact]" file.  07/03/2006 18:23:24	Pascal Lombart	1952	Sign of "Win32:Trojano-3110 [Trj]" has been found in "C:\Documents and Settings\Pascal Lombart\Local Settings\Temporary Internet Files\Content.IE5\K1WRU9KX\unme[1].exe" file.   Mais entre temp ce virus ma bloquer mon par feu windows, il me l a desactivez .J ai donc redemarrez le pc en mode sans echec fait un scan avec ad aware puis ccleaner et mon antiviru avast .Une fois que j ai tout sacanner et supprimez j ai redemarrez le pc en mode normal mais mon pare feu est toujours desactivez et meme je ne pouvait plus allez sur mozilla ou exlorer j ai donc fait ctr+alt+supp et j ai terminer un processus qui me parraissait suspect et comme par hasard mozilla est revenu normal ! Pouvez vous m aidez a supprimez ce virus svp merci d avance?!

aranjuez31 · Answer

bjr avant tt examen d hijackthis faire ds l ordre 1/ - telech ewido (dowload) http://www.ewido.net/fr/download/ copie/COLLE rapport entier 2/ - scan online sous IE http://www.bitdefender.fr/bd/site/search.php# copie/COLLE rapport entier 3/ _ telech http://telechargement.zebulon.fr/160-patch-francais-pour-hijackthis-1991.html lis les tutos http://pageperso.aol.fr/balltrap34/Hijenr.gif http://pageperso.aol.fr/balltrap34/demohijack.htm

pompierdu08 · Answer

Bon voila les rapports:Rapport de bit defender:Info d'analyse	Fichiers scannés	327029Infectés Fichier3Virus DétectésTrojan.Downloader.Agent.AFL1Trojan.Downloader.Sysm2.A1BehavesLike:Win32.ExplorerHijackC:\WINDOWS\system32\dcom_14.dll	Infecté par: Trojan.Downloader.Agent.AFLC:\WINDOWS\system32\dcom_14.dll	Echec de la désinfectionC:\WINDOWS\system32\dcom_14.dll	Echec de la suppressionC:\WINDOWS\system32\syst6.exe	Infecté par: BehavesLike:Win32.ExplorerHijackC:\WINDOWS\system32\syst6.exe	Echec de la désinfectionC:\WINDOWS\system32\syst6.exe	SuppriméC:\WINDOWS\system32	mp_365.dll	Infecté par: Trojan.Downloader.Sysm2.AC:\WINDOWS\system32	mp_365.dll	Echec de la désinfectionC:\WINDOWS\system32	mp_365.dll	Echec de la suppressionRapport de ewido anti malware:Résultats du scan:	:mozilla.16:C:\Documents and Settings\Pascal Lombart\Application Data\Mozilla\Firefox\Profiles\3cfz9ssc.default\cookies.txt -> TrackingCookie.Estat : Nettoyer et sauvegarderEt j ai aussi fait un scan avec Hijackthis et j ai supprimer se qui n allait pas .Que doit je faire ensuite ?! svp

aranjuez31 · Answer

hellosuite1/ - telech ewido (dowload) http://www.ewido.net/fr/download/ copie/COLLE rapport entier 3/ _ telech http://telechargement.zebulon.fr/160-patch-francais-pour-hijackthis-1991.html lis les tutos http://pageperso.aol.fr/balltrap34/Hijenr.gif http://pageperso.aol.fr/balltrap34/demohijack.htm ==============="""Et j ai aussi fait un scan avec Hijackthis et j ai supprimer se qui n allait pas ."""ah oui ! T un spécialiste ?aprés le rapport hijack , on bossera en sans échec - possible de d autres programmes de nettoyage soient nécessaires - c est suivant le type de bestioles

pompierdu08 · Answer

Merci bien aranjuez31 pour ton aide mon probleme est resolu

[Virus] infecté par Win32:Trojan-gen. {Other}

4 réponses

Discussions similaires