Sujet Précédent Sujet Suivant

Aide pour un trojan svp

Résolu/Fermé
ALavie Messages postés 44 Date d'inscription mercredi 21 novembre 2007 Statut Membre Dernière intervention 24 décembre 2007 - 21 nov. 2007 à 08:29
ALavie Messages postés 44 Date d'inscription mercredi 21 novembre 2007 Statut Membre Dernière intervention 24 décembre 2007 - 21 nov. 2007 à 08:42
Bonjour,




J'ai copier 3 rapports que Reg56 a conseiler d'incrire sur le forum les voici :

Voici les 3 rapport que j'ai suivi Regis56(merci pour l'infos), pouvez-vous m'aidé a le suprimer :

---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 13:33:28 2007-11-20

+ Résultat de l'analyse:



HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a} -> Adware.Generic : Ignoré.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\\{c95fe080-8f5d-11d2-a20b-00aa003c157a} -> Adware.Generic : Ignoré.
HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\\{c95fe080-8f5d-11d2-a20b-00aa003c157a} -> Adware.Generic : Ignoré.
HKU\S-1-5-21-1482476501-484763869-682003330-1003\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\\{c95fe080-8f5d-11d2-a20b-00aa003c157a} -> Adware.Generic : Ignoré.
C:\RECYCLER\S-1-5-21-1482476501-484763869-682003330-500\Dc2.sys -> Downloader.Agent.acl : Ignoré.
C:\WINDOWS\system32\drivers\secdrv.sys -> Downloader.Agent.acl : Ignoré.
C:\System Volume Information\_restore{A6EAB0C0-F708-4AAE-A104-E10A95479B13}\RP155\A0057582.sys -> Rootkit.Agent.jp : Ignoré.
C:\Documents and Settings\Marco\Cookies\marco@247realmedia[1].txt -> TrackingCookie.247realmedia : Ignoré.
C:\Documents and Settings\Marco\Cookies\marco@2o7[2].txt -> TrackingCookie.2o7 : Ignoré.
C:\Documents and Settings\Marco\Cookies\marco@anheuserbusch.122.2o7[1].txt -> TrackingCookie.2o7 : Ignoré.
C:\Documents and Settings\Marco\Cookies\marco@brightcove.112.2o7[1].txt -> TrackingCookie.2o7 : Ignoré.
C:\Documents and Settings\Marco\Cookies\marco@bwinde.122.2o7[1].txt -> TrackingCookie.2o7 : Ignoré.
C:\Documents and Settings\Marco\Cookies\marco@homestore.122.2o7[1].txt -> TrackingCookie.2o7 : Ignoré.
C:\Documents and Settings\Marco\Cookies\marco@metacafe.122.2o7[1].txt -> TrackingCookie.2o7 : Ignoré.
C:\Documents and Settings\Marco\Cookies\marco@partygaming.122.2o7[1].txt -> TrackingCookie.2o7 : Ignoré.
C:\Documents and Settings\Marco\Cookies\marco@sevenloadgmbh.112.2o7[1].txt -> TrackingCookie.2o7 : Ignoré.
C:\Documents and Settings\Marco\Cookies\marco@wrigley.122.2o7[1].txt -> TrackingCookie.2o7 : Ignoré.
C:\Documents and Settings\Marco\Cookies\marco@adserver.71i[2].txt -> TrackingCookie.71i : Ignoré.
C:\Documents and Settings\Marco\Cookies\marco@www.abcsearch[1].txt -> TrackingCookie.Abcsearch : Ignoré.
C:\Documents and Settings\Marco\Cookies\marco@2.adbrite[2].txt -> TrackingCookie.Adbrite : Ignoré.
C:\Documents and Settings\Marco\Cookies\marco@3.adbrite[1].txt -> TrackingCookie.Adbrite : Ignoré.
C:\Documents and Settings\Marco\Cookies\marco@adbrite[2].txt -> TrackingCookie.Adbrite : Ignoré.
C:\Documents and Settings\Marco\Cookies\marco@adengage[2].txt -> TrackingCookie.Adengage : Ignoré.
C:\Documents and Settings\Marco\Cookies\marco@ads.adengage[2].txt -> TrackingCookie.Adengage : Ignoré.
C:\Documents and Settings\Marco\Cookies\marco@adrevolver[3].txt -> TrackingCookie.Adrevolver : Ignoré.
C:\Documents and Settings\Marco\Cookies\marco@www.adtrak[2].txt -> TrackingCookie.Adtrak : Ignoré.
C:\Documents and Settings\Marco\Cookies\marco@advertising[2].txt -> TrackingCookie.Advertising : Ignoré.
C:\Documents and Settings\Marco\Cookies\marco@atdmt[2].txt -> TrackingCookie.Atdmt : Ignoré.
C:\Documents and Settings\Marco\Cookies\marco@ads.bridgetrack[2].txt -> TrackingCookie.Bridgetrack : Ignoré.
C:\Documents and Settings\Marco\Cookies\marco@citi.bridgetrack[1].txt -> TrackingCookie.Bridgetrack : Ignoré.
C:\Documents and Settings\Marco\Cookies\marco@www.burstbeacon[2].txt -> TrackingCookie.Burstbeacon : Ignoré.
C:\Documents and Settings\Marco\Cookies\marco@burstnet[1].txt -> TrackingCookie.Burstnet : Ignoré.
C:\Documents and Settings\Marco\Cookies\marco@www.burstnet[1].txt -> TrackingCookie.Burstnet : Ignoré.
C:\Documents and Settings\Marco\Cookies\marco@clickbank[1].txt -> TrackingCookie.Clickbank : Ignoré.
C:\Documents and Settings\Marco\Cookies\marco@ad1.clickhype[1].txt -> TrackingCookie.Clickhype : Ignoré.
C:\Documents and Settings\Marco\Cookies\marco@cz7.clickzs[1].txt -> TrackingCookie.Clickzs : Ignoré.
C:\Documents and Settings\Marco\Cookies\marco@fl01.ct2.comclick[2].txt -> TrackingCookie.Comclick : Ignoré.
C:\Documents and Settings\Marco\Cookies\marco@connextra[2].txt -> TrackingCookie.Connextra : Ignoré.
C:\Documents and Settings\Marco\Cookies\marco@doubleclick[1].txt -> TrackingCookie.Doubleclick : Ignoré.
C:\Documents and Settings\Marco\Cookies\marco@doubleclick[2].txt -> TrackingCookie.Doubleclick : Ignoré.
C:\Documents and Settings\Marco\Cookies\marco@www.epilot[1].txt -> TrackingCookie.Epilot : Ignoré.
C:\Documents and Settings\Marco\Cookies\marco@www.etracker[2].txt -> TrackingCookie.Etracker : Ignoré.
C:\Documents and Settings\Marco\Cookies\marco@fastclick[2].txt -> TrackingCookie.Fastclick : Ignoré.
C:\Documents and Settings\Marco\Cookies\marco@findwhat[2].txt -> TrackingCookie.Findwhat : Ignoré.
C:\Documents and Settings\Marco\Cookies\marco@ehg-aidacruises.hitbox[2].txt -> TrackingCookie.Hitbox : Ignoré.
C:\Documents and Settings\Marco\Cookies\marco@ehg-globalgamingleague.hitbox[2].txt -> TrackingCookie.Hitbox : Ignoré.
C:\Documents and Settings\Marco\Cookies\marco@ehg-mastercard.hitbox[2].txt -> TrackingCookie.Hitbox : Ignoré.
C:\Documents and Settings\Marco\Cookies\marco@ehg-randomhouse.hitbox[1].txt -> TrackingCookie.Hitbox : Ignoré.
C:\Documents and Settings\Marco\Cookies\marco@ehg-seagate.hitbox[2].txt -> TrackingCookie.Hitbox : Ignoré.
C:\Documents and Settings\Marco\Cookies\marco@ehg-tigerdirect2.hitbox[2].txt -> TrackingCookie.Hitbox : Ignoré.
C:\Documents and Settings\Marco\Cookies\marco@counter.hitslink[1].txt -> TrackingCookie.Hitslink : Ignoré.
C:\Documents and Settings\Marco\Cookies\marco@hotlog[2].txt -> TrackingCookie.Hotlog : Ignoré.
C:\Documents and Settings\Marco\Cookies\marco@hypertracker[1].txt -> TrackingCookie.Hypertracker : Ignoré.
C:\Documents and Settings\Marco\Cookies\marco@searchportal.information[1].txt -> TrackingCookie.Information : Ignoré.
C:\Documents and Settings\Marco\Cookies\marco@ivwbox[1].txt -> TrackingCookie.Ivwbox : Ignoré.
C:\Documents and Settings\Marco\Cookies\marco@komtrack[2].txt -> TrackingCookie.Komtrack : Ignoré.
C:\Documents and Settings\Marco\Cookies\marco@server.iad.liveperson[1].txt -> TrackingCookie.Liveperson : Ignoré.
C:\Documents and Settings\Marco\Cookies\marco@image.masterstats[1].txt -> TrackingCookie.Masterstats : Ignoré.
C:\Documents and Settings\Marco\Cookies\marco@auto.search.msn[2].txt -> TrackingCookie.Msn : Ignoré.
C:\Documents and Settings\Marco\Cookies\marco@ssl-hints.netflame[1].txt -> TrackingCookie.Netflame : Ignoré.
C:\Documents and Settings\Marco\Cookies\marco@overture[2].txt -> TrackingCookie.Overture : Ignoré.
C:\Documents and Settings\Marco\Cookies\marco@ads.pointroll[1].txt -> TrackingCookie.Pointroll : Ignoré.
C:\Documents and Settings\Marco\Cookies\marco@pro-market[2].txt -> TrackingCookie.Pro-market : Ignoré.
C:\Documents and Settings\Marco\Cookies\marco@www.pstats[2].txt -> TrackingCookie.Pstats : Ignoré.
C:\Documents and Settings\Marco\Cookies\marco@realmedia[1].txt -> TrackingCookie.Realmedia : Ignoré.
C:\Documents and Settings\Marco\Cookies\marco@revsci[1].txt -> TrackingCookie.Revsci : Ignoré.
C:\Documents and Settings\Marco\Cookies\marco@banners.searchingbooth[1].txt -> TrackingCookie.Searchingbooth : Ignoré.
C:\Documents and Settings\Marco\Cookies\marco@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Ignoré.
C:\Documents and Settings\Marco\Cookies\marco@serving-sys[1].txt -> TrackingCookie.Serving-sys : Ignoré.
C:\Documents and Settings\Marco\Cookies\marco@serving-sys[2].txt -> TrackingCookie.Serving-sys : Ignoré.
C:\Documents and Settings\Marco\Cookies\marco@sexlist[2].txt -> TrackingCookie.Sexlist : Ignoré.
C:\Documents and Settings\Marco\Cookies\marco@counter10.sextracker[1].txt -> TrackingCookie.Sextracker : Ignoré.
C:\Documents and Settings\Marco\Cookies\marco@sextracker[2].txt -> TrackingCookie.Sextracker : Ignoré.
C:\Documents and Settings\Marco\Cookies\marco@smartadserver[1].txt -> TrackingCookie.Smartadserver : Ignoré.
C:\Documents and Settings\Marco\Cookies\marco@smartadserver[2].txt -> TrackingCookie.Smartadserver : Ignoré.
C:\Documents and Settings\Marco\Cookies\marco@smartadserver[4].txt -> TrackingCookie.Smartadserver : Ignoré.
C:\Documents and Settings\Marco\Cookies\marco@php.sales.tfag[1].txt -> TrackingCookie.Tfag : Ignoré.
C:\Documents and Settings\Marco\Cookies\marco@sales.tfag[1].txt -> TrackingCookie.Tfag : Ignoré.
C:\Documents and Settings\Marco\Cookies\marco@media.top-banners[1].txt -> TrackingCookie.Top-banners : Ignoré.
C:\Documents and Settings\Marco\Cookies\marco@login.tracking101[2].txt -> TrackingCookie.Tracking101 : Ignoré.
C:\Documents and Settings\Marco\Cookies\marco@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Ignoré.
C:\Documents and Settings\Marco\Cookies\marco@m.webtrends[2].txt -> TrackingCookie.Webtrends : Ignoré.
C:\Documents and Settings\Marco\Cookies\marco@m.webtrends[3].txt -> TrackingCookie.Webtrends : Ignoré.
C:\Documents and Settings\Marco\Cookies\marco@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Ignoré.
C:\Documents and Settings\Marco\Cookies\marco@zedo[1].txt -> TrackingCookie.Zedo : Ignoré.
C:\WINDOWS\TWFyY28\nqIVsZf.vbs -> Trojan.Small : Ignoré.
C:\WINDOWS\system32\wtssvcc.exe -> Trojan.Small : Ignoré.
C:\WINDOWS\uninstall_nmon.vbs -> Trojan.Small : Ignoré.


Fin du rapport



BitDefender Online Scanner - Real Time Virus Report



Generated at: Wed, Nov 21, 2007 - 01:01:02


--------------------------------------------------------------------------------





Scan Info



Scanned Files
123830

Infected Files
26








Virus Detected



Rootkit.146
1

Trojan.Small.WY
1

Win32.Rootkit.Pandex.A
1

Trojan.vundo.DQL
4

Trojan.Downloader.Agent.BUO
1

Trojan.Downloader.Agent.BHU
1

Trojan.Rootkit.GDX
3

Trojan.Generic.48597
1

Trojan.Downloader.JJEJ
1

Trojan.BHO.AW
1

Trojan.Agent.ABLK
1

Trojan.Downloader.Downloader.DLT
3

Generic.Adw.SaveNow.F5FEB660
1

Backdoor.Generic.1004
1

Trojan.Generic.78149
2

Trojan.PWS.LDPinch.TDD
1

Trojan.Js.Agent.B
1

Trojan.Generic.73311
1










--------------------------------------------------------------------------------



This summary of the scan process will be used by the BitDefender Antivirus Lab to create agregate statistics about virus activity around the world.


Logfile of HijackThis v1.99.1
Scan saved at 01:09:04, on 2007-11-21
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\PROGRA~1\NORTON~1\navapw32.exe
C:\DOCUME~1\Marco\MESDOC~1\ECURIT~1\msiexec.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\Marco\LOCALS~1\Temp\Rar$EX30.718\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: 0 - {17D3566B-5103-4F5B-8C93-B2CC5FE676B1} - C:\Program Files\Messenger\zyrimu175.dll (file missing)
O2 - BHO: (no name) - {4E600D2F-CCD3-4785-816F-307E30F94AEA} - C:\WINDOWS\System32\vtutr.dll (file missing)
O2 - BHO: (no name) - {6AA3809C-6261-456F-8FCA-43FE39ADC5E9} - C:\WINDOWS\System32\awttsqn.dll (file missing)
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {CCABA463-15FA-1D54-DC28-4BE604865897} - C:\WINDOWS\System32\prdfwl.dll (file missing)
O2 - BHO: (no name) - {DCB72016-4624-4148-9384-F493B8B8278D} - C:\Program Files\WindowsUpdate\vigy4444.dll (file missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [vinojozy] C:\Program Files\MSN Gaming Zone\vinojozy77798.exe
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware 2007\Ad-Watch2007.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [Microsft Windows Adapter 5.2.3013] C:\Documents and Settings\Marco\Application Data\suwumohktb.exe
O4 - HKCU\..\Run: [WinAble] C:\Program Files\WinAble\winable.exe
O4 - HKCU\..\Run: [Lrnn] "C:\DOCUME~1\Marco\MESDOC~1\ECURIT~1\msiexec.exe" -vt yazb
O4 - HKCU\..\Run: [Yljp] "C:\Program Files\s?mbols\j?vaw.exe"
O4 - Startup: Registration .LNK = C:\Program Files\Ubisoft\Dark Messiah of Might and Magic\RegistrationReminder.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {8A0DCBDB-6E20-489C-9041-C1E8A0352E75} - http://awbeta.net-nucleus.com/FIX/WinATS.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{A5BCBE84-5D8E-41EC-B424-65753B5DBE48}: NameServer = 206.47.244.14 206.47.244.106
O20 - Winlogon Notify: awttsqn - awttsqn.dll (file missing)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: GhostStartService - Symantec Corporation - C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe



Merci de votre aide
Configuration: Windows XP
Internet Explorer 6.0

merci de votre réponse
A voir également:

1 réponse

Réponse 1 / 1
ALavie Messages postés 44 Date d'inscription mercredi 21 novembre 2007 Statut Membre Dernière intervention 24 décembre 2007
21 nov. 2007 à 08:42
Désoler pour les double messages, c'est la première fois que j'utilse un forum. Un ami ma conseillé de venir ici.
merci
0

Discussions similaires

Comment supprimer le virus Trojan
vitsou -
vitsou -

18 réponses
Aide pour un virus
cerise92700 -
MisteryBean -

41 réponses
Trojan impossible à supprimer!
Gridouu -
Malekal_morte- -

12 réponses
Virus : trojan:win32/wacatac.h!ml
Alky09 -
bazfile -

8 réponses
Comment éliminer manuellement virus trojan?
ballag -
RClog -

12 réponses