comment supprimer le trojan win 32

Bonjour,

probleme de trojan sur mon ordi et je sais pas comment le virer !!!! trojan win 32

Est ce que quelqu'un peut m'aider

merci d'avance

salut


Télécharger :
AVG Antispyware 7.5 : faire les mises à jours

= Installer
= Clic : Mise à jour
-----------------------
= Redémarrer en mode Sans Échec (le démarrage peut prendre plusieurs minutes)
Attention, pas d’accès à internet dans ce mode. Enregistrer ou imprimer les consignes. Relancer le Pc et tapoter la touche F8 ( ou F5 pour certains) , jusqu’à l’apparition des inscriptions avec choix de démarrage
Avec les touches « flèches », sélectionner Mode sans échec ==> entrée ==>nom utilisateur habituel
------------------------
= Dans ANALYSE ( en forme de loupe )
==> Paramètres ==> sous COMMENT REAGIR==>clic sur Actions recommandées ==>Quarantaine
==> Clic : Analyse complète du système
En fin de scan ( qui est assez long)
==> Clic Appliquer toutes les actions <== ceci Très important
==> Clic Sauvegarder rapport puis Enregistrer sous et choisir bureau
------------------------
En mode normal
Copier/coller le rapport ( qui est sur le bureau) dans la réponse

Télécharger sur le bureau
Hijackthis
= clic droit dessus ==> renommer ==> écrire : test.exe ( à la place de hijackthis.exe) <== Important
=Double-clic dessus
= Clic Do a system scan and save the log
= copier le rapport, le coller dans la réponse
Si problème voir l’aide ci-dessou :
aide hijackthis

Voila le rapport Hijackthis

Jespère que tu pourra m aider !!! car moi je comprends pas grand chose !!

Scan saved at 14:45:51, on 09/05/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Shareaza\Shareaza.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Elsa\Mes documents\Installation logitiels\HiJackThis_v2.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {2034BA2F-6FAC-49EF-99EB-5F58BB828997} - C:\WINDOWS\system32\nnllk.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5F5DBBCA-FE31-4BCA-9D7F-7FC403DE0402} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {9BCF6A6B-F5CD-4AFF-BC9E-1B7E2528C8B3} - C:\WINDOWS\system32\ibulpemb.dll
O2 - BHO: (no name) - {D651AFF4-9590-424d-BD1E-8E33E090DFB3} - C:\WINDOWS\system32\nuskwgif.dll
O2 - BHO: (no name) - {E44527F6-1296-4A84-B67D-A6CEA6ED4B69} - (no file)
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
O4 - HKLM\..\Run: [WindowsService] rundll32.exe "C:\WINDOWS\system32\wtlhjklr.dll",realset
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: Sites Perso - {06FE5D05-8F11-11d2-804F-00105A133818} - http://compaqnet.ifrance.com/heberg/accueil (file missing)
O9 - Extra 'Tools' menuitem: Compaq France - {06FE5D05-8F11-11d2-804F-00105A133818} - http://compaqnet.ifrance.com/heberg/accueil (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1171801255293
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall.trendmicro.com/housecall/xscan53.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{7E301008-4014-45E4-BB8C-F33AC72EB12C}: NameServer = 212.27.54.252,212.27.53.252
O20 - Winlogon Notify: cbaxw - C:\WINDOWS\system32\cbaxw.dll (file missing)
O20 - Winlogon Notify: iiffdcd - iiffdcd.dll (file missing)
O20 - Winlogon Notify: mljjhij - mljjhij.dll (file missing)
O20 - Winlogon Notify: nnllk - C:\WINDOWS\system32\nnllk.dll
O20 - Winlogon Notify: pmnnopq - pmnnopq.dll (file missing)
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\Imapi.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\System32\mnmsrvc.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\System32\wbem\wmiapsrv.exe
O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe

--
End of file - 7602 bytes

bonjour
infection Vundo

Télécharger sur le Bureau.
VundoFix

= Double-clic VundoFix.exe.
= Clic OK
=Attendre le redemarrage de Vundofix
=Clic Scan for Vundo
= le scan est assez long , à la fin
=Clic Remove Vundo
= Puis yes
= Le Bureau disparaît un moment lors de la suppression des fichiers.
=Message shutdown
=clic OK
=Redémarrage auto
Note : il peut y avoir plusieurs redémarrages
=copier le rapport qui est dans C:\vundofix.txt
+
renommer hijackthis comme demandé dans le message de Thegame
refaire ensuite un rapport

avg anti-spyware ne veut pas faire de mise a jour

que dois je faire?

merci

fais ce que as dit land3

on va commencé par ça

Tu peux aussi scanner sans avoir fait la mise à jour ce n'est pas indispensable.
Puis tu dois faire ce que propose land3.

Salut

ok c'est ce que je suis en train de faire

je vous tiens au courant

ok

mes salutations à gros sabots au passage

voila le rapport vundox.text (enfin je crois)


VundoFix V6.3.9

Checking Java version...

Sun Java not detected
Scan started at 04:42:56 22/02/2007

Listing files found while scanning....

C:\WINDOWS\System32\byxxvts.dll
C:\WINDOWS\system32\efcyayx.dll
C:\WINDOWS\system32\fptlqquc.dll
C:\WINDOWS\system32\jumqmfgl.dll
C:\WINDOWS\system32\pguiyfov.dll
C:\WINDOWS\system32\qhmewdyf.dll
C:\WINDOWS\system32\siilmvji.exe
C:\WINDOWS\System32\wvwvw.bak1
C:\WINDOWS\System32\wvwvw.bak2
C:\WINDOWS\System32\wvwvw.dll
C:\WINDOWS\System32\wvwvw.ini
C:\WINDOWS\System32\wvwvw.ini2
C:\WINDOWS\System32\wvwvw.tmp

Beginning removal...

Attempting to delete C:\WINDOWS\System32\byxxvts.dll
C:\WINDOWS\System32\byxxvts.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\efcyayx.dll
C:\WINDOWS\system32\efcyayx.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\fptlqquc.dll
C:\WINDOWS\system32\fptlqquc.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\jumqmfgl.dll
C:\WINDOWS\system32\jumqmfgl.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\pguiyfov.dll
C:\WINDOWS\system32\pguiyfov.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\qhmewdyf.dll
C:\WINDOWS\system32\qhmewdyf.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\siilmvji.exe
C:\WINDOWS\system32\siilmvji.exe Has been deleted!

Attempting to delete C:\WINDOWS\System32\wvwvw.bak1
C:\WINDOWS\System32\wvwvw.bak1 Has been deleted!

Attempting to delete C:\WINDOWS\System32\wvwvw.bak2
C:\WINDOWS\System32\wvwvw.bak2 Has been deleted!

Attempting to delete C:\WINDOWS\System32\wvwvw.dll
C:\WINDOWS\System32\wvwvw.dll Has been deleted!

Attempting to delete C:\WINDOWS\System32\wvwvw.ini
C:\WINDOWS\System32\wvwvw.ini Has been deleted!

Attempting to delete C:\WINDOWS\System32\wvwvw.ini2
C:\WINDOWS\System32\wvwvw.ini2 Has been deleted!

Attempting to delete C:\WINDOWS\System32\wvwvw.tmp
C:\WINDOWS\System32\wvwvw.tmp Has been deleted!

Performing Repairs to the registry.
Done!

VundoFix V6.3.9

Checking Java version...

Sun Java not detected
Scan started at 15:15:10 22/02/2007

Listing files found while scanning....


VundoFix V6.3.9

Checking Java version...

Sun Java not detected
Scan started at 15:21:56 22/02/2007

Listing files found while scanning....

No infected files were found.


VundoFix V6.3.9

Checking Java version...

Sun Java not detected
Scan started at 17:25:17 22/02/2007

Listing files found while scanning....

C:\WINDOWS\system32\jumqmfgl.dll
C:\WINDOWS\system32\pguiyfov.dll

Beginning removal...

Performing Repairs to the registry.
Done!

VundoFix V6.3.9

Checking Java version...

Sun Java not detected
Scan started at 18:02:53 22/02/2007

Listing files found while scanning....

C:\WINDOWS\system32\jumqmfgl.dll
C:\WINDOWS\system32\pguiyfov.dll

Beginning removal...

VundoFix V6.3.9

Checking Java version...

Sun Java not detected
Scan started at 19:57:09 22/02/2007

Listing files found while scanning....

C:\WINDOWS\system32\jumqmfgl.dll
C:\WINDOWS\system32\pguiyfov.dll

Beginning removal...

Performing Repairs to the registry.
Done!

VundoFix V6.3.9

Checking Java version...

Sun Java not detected
Scan started at 01:26:55 23/02/2007

Listing files found while scanning....


VundoFix V6.3.9

Checking Java version...

Sun Java not detected
Scan started at 19:41:05 25/02/2007

Listing files found while scanning....

No infected files were found.


VundoFix V6.3.21

Checking Java version...

Sun Java not detected
Scan started at 15:08:41 09/05/2007

Listing files found while scanning....

C:\WINDOWS\system32\adhpkqou.dll
C:\WINDOWS\system32\aqldshxg.dll
C:\WINDOWS\system32\bniusoas.dll
C:\WINDOWS\system32\ersbvyop.dll
C:\WINDOWS\system32\fhaolwgl.ini
C:\WINDOWS\system32\ilxfqqup.dll
C:\WINDOWS\system32\lcsruqml.dll
C:\WINDOWS\system32\ldnsitaq.dll
C:\WINDOWS\system32\lgwloahf.dll
C:\WINDOWS\system32\ljcsqswx.dll
C:\WINDOWS\system32\mnhdooym.dll
C:\WINDOWS\system32\nnllk.dll
C:\WINDOWS\system32\nuskwgif.dll
C:\WINDOWS\system32\rlccfvfs.ini
C:\WINDOWS\system32\saosuinb.ini
C:\WINDOWS\system32\sfvfcclr.dll
C:\WINDOWS\system32\wmnokatj.dll
C:\WINDOWS\system32\xngrgupq.dll

Beginning removal...

Attempting to delete C:\WINDOWS\system32\adhpkqou.dll
C:\WINDOWS\system32\adhpkqou.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\aqldshxg.dll
C:\WINDOWS\system32\aqldshxg.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\bniusoas.dll
C:\WINDOWS\system32\bniusoas.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\ersbvyop.dll
C:\WINDOWS\system32\ersbvyop.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\fhaolwgl.ini
C:\WINDOWS\system32\fhaolwgl.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\ilxfqqup.dll
C:\WINDOWS\system32\ilxfqqup.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\lcsruqml.dll
C:\WINDOWS\system32\lcsruqml.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\ldnsitaq.dll
C:\WINDOWS\system32\ldnsitaq.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\lgwloahf.dll
C:\WINDOWS\system32\lgwloahf.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\ljcsqswx.dll
C:\WINDOWS\system32\ljcsqswx.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\mnhdooym.dll
C:\WINDOWS\system32\mnhdooym.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\nnllk.dll
C:\WINDOWS\system32\nnllk.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\nuskwgif.dll
C:\WINDOWS\system32\nuskwgif.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\rlccfvfs.ini
C:\WINDOWS\system32\rlccfvfs.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\saosuinb.ini
C:\WINDOWS\system32\saosuinb.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\sfvfcclr.dll
C:\WINDOWS\system32\sfvfcclr.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\wmnokatj.dll
C:\WINDOWS\system32\wmnokatj.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\xngrgupq.dll
C:\WINDOWS\system32\xngrgupq.dll Has been deleted!

Performing Repairs to the registry.
Done!


et maintenant?


[ Ce message a été modifié par : : labohemienne le 09-05-2007 15:32 ]