[ virus ou trojant] Besoin d'aide

Bonjour , j'ai besoin d'aide s'il vous plait

Depuis peu mon anti virus détecte assez souvent des virus ou troyen.. avec beaucoup de mal j'ai réussi il me semblait a m'en dépêtré mais je ne pense pas que la menace soit totalement éradiqué.

A explorant le forum afin d'avacancer le travail J'ai pu voir que vous fonctionné beaucoup avec HijackThis J'ai donc fait un scan en voici le rapport.
Je join un rapport d'ewido ainsi qu'un scan avec Bit defendre Online fin de complété un eventuel manque d'information.

Je suis prête et disponible a recevoir toutes aides pouvant m'aider.

Merci d'avoir pris quelque minute pour avoir lu ce post et je l'espère recevoir un peu d'aide.

@ bientôt

Logfile of HijackThis v1.99.1
Scan saved at 11:08:58, on 07/11/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\RUNDLL32.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Belkin\Belkin Wireless Network Utility\WLService.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Belkin\Belkin Wireless Network Utility\WLanCfgG.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINDOWS\System32\services.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINDOWS\TEMP\winBC76.tmp
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\Program Files\Alwil Software\Avast4\ashSimpl.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Alwil Software\Avast4\ashSimpl.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\nou\LOCALS~1\Temp\Rar$EX00.907\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = LanguedocWarez Rien que pour le plaisir!
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [spoolsvv] C:\WINDOWS\System32\spoolsvv.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [WinMedia] C:\WINDOWS\loader8108921.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.safety.live.com/resource/download/scanner/wlscbase8460.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/default.aspx
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: MsgPlusLoader.dll
O20 - Winlogon Notify: rpcc - C:\WINDOWS\System32\rpcc.dll (file missing)
O20 - Winlogon Notify: winsys2freg - C:\Documents and Settings\All Users\Documents\Settings\winsys2f.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Belkin 54g Wireless USB Network Adapter (Belkin 54g Wireless USB Network Adapter Service) - Unknown owner - C:\Program Files\Belkin\Belkin Wireless Network Utility\WLService.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: Microsoft authenticate service (MsaSvc) - Unknown owner - C:\WINDOWS\System32\msasvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------

+ Created at: 14:38:32 07/11/2006

+ Scan result:

C:\mjbvlado.exe -> Backdoor.Pakes : No action taken.
C:\Documents and Settings\nou\Local Settings\Temp\2.dlb -> Downloader.Tibs.gc : No action taken.
C:\Documents and Settings\nou\Local Settings\Temp\6.dlb -> Downloader.Tibs.gc : No action taken.
C:\Documents and Settings\nou\Local Settings\Temp\7.dlb -> Downloader.Tibs.gc : No action taken.
C:\Documents and Settings\nou\Local Settings\Temp\Temporary Internet Files\Content.IE5\WD2FKPUR\loader[1].exe -> Downloader.Tiny.bm : No action taken.
[1184] C:\Documents and Settings\All Users\Documents\Settings\winsys2f.dll -> Proxy.Xorpix.at : No action taken.
C:\Documents and Settings\nou\Cookies\nou@247realmedia[1].txt -> TrackingCookie.247realmedia : No action taken.
C:\Documents and Settings\nou\Cookies\nou@2o7[2].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\nou\Cookies\nou@adtech[2].txt -> TrackingCookie.Adtech : No action taken.
C:\Documents and Settings\nou\Cookies\nou@bluestreak[2].txt -> TrackingCookie.Bluestreak : No action taken.
C:\Documents and Settings\nou\Cookies\nou@com[1].txt -> TrackingCookie.Com : No action taken.
C:\Documents and Settings\nou\Cookies\nou@fl01.ct2.comclick[1].txt -> TrackingCookie.Comclick : No action taken.
C:\Documents and Settings\nou\Cookies\nou@estat[1].txt -> TrackingCookie.Estat : No action taken.
C:\Documents and Settings\nou\Cookies\nou@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : No action taken.
C:\Documents and Settings\nou\Cookies\nou@tacoda[1].txt -> TrackingCookie.Tacoda : No action taken.
C:\Documents and Settings\nou\Cookies\nou@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : No action taken.
C:\Documents and Settings\nou\Cookies\nou@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : No action taken.
C:\Documents and Settings\nou\Cookies\nou@weborama[2].txt -> TrackingCookie.Weborama : No action taken.
C:\WINDOWS\system32\msasvc.exe -> Trojan.Sinowal.bh : No action taken.
[964] C:\WINDOWS\System32\msasvc.exe -> Trojan.Sinowal.bh : No action taken.

::Report end

______________________________________________________

BitDefender Online Scanner

Scan report generated at: Tue, Nov 07, 2006 - 12:50:18

Scan path: A:\;C:\;D:\;E:\;

Statistics

Time
01:13:47

Files
131743

Folders
2871

Boot Sectors
2

Archives
2302

Packed Files
8794

Results

Identified Viruses
4

Infected Files
5

Suspect Files
0

Warnings
0

Disinfected
0

Deleted Files
5

Engines Info

Virus Definitions
312708

Engine build
AVCORE v1.0 (build 2310) (i386) (Apr 17 2006 16:24:38)

Scan plugins
13

Archive plugins
38

Unpack plugins
6

E-mail plugins
6

System plugins
1

Scan Settings

First Action
Disinfect

Second Action
Delete

Heuristics
Yes

Enable Warnings
Yes

Scanned Extensions
*;

Exclude Extensions

Scan Emails
Yes

Scan Archives
Yes

Scan Packed
Yes

Scan Files
Yes

Scan Boot
Yes

Scanned File
Status

C:\System Volume Information\_restore{EE5C1D49-E816-48D3-9EEF-82DEDEB6497C}\RP18\A0002648.exe=>(NSIS o)=>zlib_nsis0002
Infected with: Trojan.Dropper.VB

C:\System Volume Information\_restore{EE5C1D49-E816-48D3-9EEF-82DEDEB6497C}\RP18\A0002648.exe=>(NSIS o)=>zlib_nsis0002
Disinfection failed

C:\System Volume Information\_restore{EE5C1D49-E816-48D3-9EEF-82DEDEB6497C}\RP18\A0002648.exe=>(NSIS o)=>zlib_nsis0002
Deleted

C:\System Volume Information\_restore{EE5C1D49-E816-48D3-9EEF-82DEDEB6497C}\RP18\A0002648.exe=>(NSIS o)
Update failed

C:\System Volume Information\_restore{EE5C1D49-E816-48D3-9EEF-82DEDEB6497C}\RP86\A0022921.exe
Infected with: Trojan.Downloader.Small.CPT

C:\System Volume Information\_restore{EE5C1D49-E816-48D3-9EEF-82DEDEB6497C}\RP86\A0022921.exe
Deleted

C:\System Volume Information\_restore{EE5C1D49-E816-48D3-9EEF-82DEDEB6497C}\RP86\A0022991.dll
Infected with: Generic.Malware.SMdldg.D37C9328

C:\System Volume Information\_restore{EE5C1D49-E816-48D3-9EEF-82DEDEB6497C}\RP86\A0022991.dll
Disinfection failed

C:\System Volume Information\_restore{EE5C1D49-E816-48D3-9EEF-82DEDEB6497C}\RP86\A0022991.dll
Deleted

C:\WINDOWS\msagent\agentsvr.exe
Infected with: Win32.Mixor.A@mm

C:\WINDOWS\msagent\agentsvr.exe
Disinfection failed

C:\WINDOWS\msagent\agentsvr.exe
Deleted

C:\WINDOWS\system32\dllcache\agentsvr.exe
Infected with: Win32.Mixor.A@mm

C:\WINDOWS\system32\dllcache\agentsvr.exe
Disinfection failed

C:\WINDOWS\system32\dllcache\agentsvr.exe
Deleted

voila voila :/
UNe question aussi, les fichiers placé en quarentaire par ewido doivent-ils etre suprimé ?