Trojan-Spy.Win32.keylogger.aa et autres....
LaserBite
Messages postés
7
Statut
Membre
-
NayruPK -
NayruPK -
Bonjour à tous :)
Je viens poster ici car j'ai un soucis depuis hier, effectivement, j'ai récupéré un ( ou mêmes plusieurs ) trojan malveillant ci après : Trojan-Spy.Win32.keylogger.aa, green screen ou encore Bankfraud.dq...
Mon anti-virus ne les detecte pas, il faut donc que je trouve un solution...
Je pense qu'il faut que je suive la meme démarche que sur ce poste http://www.commentcamarche.net/forum/affich 8307834 trojan spy win32 keylogger aa ou greenscreen#0
Mais moi qui n'y connait pas grand chose, je pense qu'il est préférable que je poste aussi les rapports, enfin je pense... Je vous laisse me répondre, et si quelqu'un est ok pour m'aider, je télécharge et je lance les analyse dessuite..
Merci d'avance
Je viens poster ici car j'ai un soucis depuis hier, effectivement, j'ai récupéré un ( ou mêmes plusieurs ) trojan malveillant ci après : Trojan-Spy.Win32.keylogger.aa, green screen ou encore Bankfraud.dq...
Mon anti-virus ne les detecte pas, il faut donc que je trouve un solution...
Je pense qu'il faut que je suive la meme démarche que sur ce poste http://www.commentcamarche.net/forum/affich 8307834 trojan spy win32 keylogger aa ou greenscreen#0
Mais moi qui n'y connait pas grand chose, je pense qu'il est préférable que je poste aussi les rapports, enfin je pense... Je vous laisse me répondre, et si quelqu'un est ok pour m'aider, je télécharge et je lance les analyse dessuite..
Merci d'avance
A voir également:
- Trojan-Spy.Win32.keylogger.aa et autres....
- Trojan remover - Télécharger - Antivirus & Antimalwares
- Anti trojan - Télécharger - Antivirus & Antimalwares
- Trojan b901 system32 win config 34 ✓ - Forum Virus
- Csrss.exe trojan fr ✓ - Forum Virus
- Trojan win32 - Forum Virus
5 réponses
Une autre solution... Si je formate l'ordi, je n'aurais plus de probleme ? Mon ordi est ressent, je stock tout ce dont j'ai besoin sur le disque D... Formater le disque C est donc une solution ?
je poste quand meme le resultat de Malwarebytes en attendant vos réponses
Malwarebytes' Anti-Malware 1.28
Version de la base de données: 1229
Windows 6.0.6001 Service Pack 1
05/10/2008 23:08:49
mbam-log-2008-10-05 (23-08-49).txt
Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 108253
Temps écoulé: 1 hour(s), 14 minute(s), 20 second(s)
Processus mémoire infecté(s): 1
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 6
Valeur(s) du Registre infectée(s): 4
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 2
Fichier(s) infecté(s): 50
Processus mémoire infecté(s):
C:\ProgramData\srwfufun\wdapelut.exe (Trojan.FakeAlert) -> Unloaded process successfully.
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\CLSID\{6BD9CF10-3623-0D08-AC94-00E86A30E9A1} (Trojan.FakeAlert.H) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\logons (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\typelib (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SYSTEM\currentcontrolset\Services\iTunesMusic (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\wkey (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\mwc (Malware.Trace) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\sysactdsc (Trojan.FakeAlert.H) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\chksmart (Trojan.FakeAlert.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\tjp1mnjsrk (Trojan.FakeAlert.H) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\SystemCheck2 (Trojan.Agent) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\Windows\mslagent (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Windows\System32\smp (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Program Files\ngksggc\SysActDsc.dll (Trojan.FakeAlert.H) -> Quarantined and deleted successfully.
C:\Windows\System32\mdwjehkx.exe (Trojan.FakeAlert.H) -> Delete on reboot.
C:\ProgramData\srwfufun\wdapelut.exe (Trojan.FakeAlert.H) -> Quarantined and deleted successfully.
C:\Program Files\eMule\emule.exe (Rogue.Fake!emule.exe) -> Quarantined and deleted successfully.
C:\Program Files\eMule\LinkCreator.exe (Rogue.Fake!emule.exe) -> Quarantined and deleted successfully.
C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\setup.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Program Files\InstallShield Installation Information\{F61D995D-3555-484F-970B-CC822880696F}\setup.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Program Files\SMCWPCI-G 11g Wireless PCI Adapter Utility\SETUP.EXE (Rogue.Installer) -> Quarantined and deleted successfully.
C:\SMCWPCI-G_Vista_v1.0.0.0\setup.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Users\Florent\AppData\Local\Temp\windfr.exe.bak (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Users\Florent\AppData\Local\Temp\_is6AB3.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Users\Florent\AppData\Local\Temp\_isE11A.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Users\Florent\AppData\Local\Temp\lwpwer.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Windows\System32\smp\msrc.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Windows\a.bat (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Windows\bdn.com (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\iTunesMusic.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\mssecu.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\akttzn.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\anticipator.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\awtoolb.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\bdn.com (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\dpcproxy.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\h@tkeysh@@k.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\hoproxy.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\hxiwlgpm.dat (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\hxiwlgpm.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\msgp.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\mssecu.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\mtr2.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\mwin32.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\netode.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\newsd32.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\ps1.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\psoft1.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\regm64.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\Rundl1.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\ssvchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\sysreq.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\taack.dat (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\taack.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\temp#01.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\VBIEWER.OCX (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\winlogonpc.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\winsystem.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\WINWGPX.EXE (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\Florent\AppData\Local\Temp\TDSSdfee.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Users\Florent\AppData\Local\Temp\windfr.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Users\Florent\AppData\Local\Temp\smchk.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Users\Florent\AppData\Local\Temp\sfsrv.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
Malwarebytes' Anti-Malware 1.28
Version de la base de données: 1229
Windows 6.0.6001 Service Pack 1
05/10/2008 23:08:49
mbam-log-2008-10-05 (23-08-49).txt
Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 108253
Temps écoulé: 1 hour(s), 14 minute(s), 20 second(s)
Processus mémoire infecté(s): 1
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 6
Valeur(s) du Registre infectée(s): 4
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 2
Fichier(s) infecté(s): 50
Processus mémoire infecté(s):
C:\ProgramData\srwfufun\wdapelut.exe (Trojan.FakeAlert) -> Unloaded process successfully.
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\CLSID\{6BD9CF10-3623-0D08-AC94-00E86A30E9A1} (Trojan.FakeAlert.H) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\logons (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\typelib (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SYSTEM\currentcontrolset\Services\iTunesMusic (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\wkey (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\mwc (Malware.Trace) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\sysactdsc (Trojan.FakeAlert.H) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\chksmart (Trojan.FakeAlert.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\tjp1mnjsrk (Trojan.FakeAlert.H) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\SystemCheck2 (Trojan.Agent) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\Windows\mslagent (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Windows\System32\smp (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Program Files\ngksggc\SysActDsc.dll (Trojan.FakeAlert.H) -> Quarantined and deleted successfully.
C:\Windows\System32\mdwjehkx.exe (Trojan.FakeAlert.H) -> Delete on reboot.
C:\ProgramData\srwfufun\wdapelut.exe (Trojan.FakeAlert.H) -> Quarantined and deleted successfully.
C:\Program Files\eMule\emule.exe (Rogue.Fake!emule.exe) -> Quarantined and deleted successfully.
C:\Program Files\eMule\LinkCreator.exe (Rogue.Fake!emule.exe) -> Quarantined and deleted successfully.
C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\setup.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Program Files\InstallShield Installation Information\{F61D995D-3555-484F-970B-CC822880696F}\setup.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Program Files\SMCWPCI-G 11g Wireless PCI Adapter Utility\SETUP.EXE (Rogue.Installer) -> Quarantined and deleted successfully.
C:\SMCWPCI-G_Vista_v1.0.0.0\setup.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Users\Florent\AppData\Local\Temp\windfr.exe.bak (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Users\Florent\AppData\Local\Temp\_is6AB3.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Users\Florent\AppData\Local\Temp\_isE11A.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Users\Florent\AppData\Local\Temp\lwpwer.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Windows\System32\smp\msrc.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Windows\a.bat (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Windows\bdn.com (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\iTunesMusic.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\mssecu.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\akttzn.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\anticipator.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\awtoolb.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\bdn.com (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\dpcproxy.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\h@tkeysh@@k.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\hoproxy.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\hxiwlgpm.dat (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\hxiwlgpm.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\msgp.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\mssecu.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\mtr2.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\mwin32.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\netode.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\newsd32.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\ps1.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\psoft1.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\regm64.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\Rundl1.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\ssvchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\sysreq.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\taack.dat (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\taack.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\temp#01.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\VBIEWER.OCX (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\winlogonpc.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\winsystem.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\WINWGPX.EXE (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\Florent\AppData\Local\Temp\TDSSdfee.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Users\Florent\AppData\Local\Temp\windfr.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Users\Florent\AppData\Local\Temp\smchk.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Users\Florent\AppData\Local\Temp\sfsrv.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
