Trojan Win32 spon

valerieb2 - Dernière réponse le 22 oct 2009 à 18:40

Bonjour,
J'ai un souci, depuis une semaine environ, Avast me signale un Trojan dans Win32. Voici les rapports depuis que j'ai Avast :
2009-02-28 21:57 ˜ 120 Function setifaceUpdatePackages() has failed. Return code is 0xC0000142, dwRes is C0000142.
2009-03-10 20:59 SYSTEM 128 Sign of "Win32:Trojan-gen {Other}" has been found in "C:\Documents and Settings\VALERIE\Local Settings\Temporary Internet Files\Content.IE5\23TTEMNY\TrayKeys[1].exe\{app}\TrayKeys.dll" file.
2009-03-10 21:00 SYSTEM 128 Sign of "Win32:Trojan-gen {Other}" has been found in "C:\Documents and Settings\VALERIE\Local Settings\Temporary Internet Files\Content.IE5\23TTEMNY\TrayKeys[1].exe\{app}\TrayKeys.dll" file.
2009-03-10 21:08 SYSTEM 128 Sign of "Win32:Trojan-gen {Other}" has been found in "C:\Program Files\Tray Keys\TRAYKEYS.DLL" file.
2009-03-10 21:14 VALERIE 156 Sign of "Win32:Trojan-gen {Other}" has been found in "C:\PROGRAM FILES\TRAY KEYS\TRAYKEYS.DLL" file.
2009-03-30 20:18 VALERIE 3984 Sign of "Win32:Trojan-gen {Other}" has been found in "C:\System Volume Information\_restore{DB43D7B6-B69C-4CC6-B163-57C77F91F296}\RP881\A0119868.dll" file.
2009-03-30 20:33 VALERIE 3984 Sign of "Win32:Trojan-gen {Other}" has been found in "C:\WINDOWS\system32\drivers\AnyDVD.sys.bak" file.
2009-04-04 06:05 VALERIE 160 Sign of "WMA:Wimad [Drp]" has been found in "C:\UNZIP\like a hobo 2009.mp3" file.
2009-05-08 08:30 SYSTEM 168 Sign of "JS:Redirector-H2 [Trj]" has been found in "http://www.ige-immo.com/100-a/000_admin/login.php\{gzip}" file.
2009-05-08 08:31 SYSTEM 168 Sign of "JS:Redirector-H2 [Trj]" has been found in "http://www.ige-immo.com/100-a/000_admin/login.php\{gzip}" file.
2009-05-08 08:31 SYSTEM 168 Sign of "JS:Redirector-H2 [Trj]" has been found in "http://www.ige-immo.com/100-a/000_admin/login.php\{gzip}" file.
2009-05-17 19:06 SYSTEM 152 Sign of "Win32:VB-LNK [Trj]" has been found in "C:\UNZIP\02 - solidworks _192kbps_.zip" file.
2009-05-17 19:34 SYSTEM 152 Sign of "Win32:Trojan-gen {Other}" has been found in "C:\UNZIP\SolidWorks 2007 - NTL-Crack.zip\setup.exe" file.
2009-05-17 19:35 SYSTEM 152 Sign of "Win32:Trojan-gen {Other}" has been found in "C:\UNZIP\Solidworks 2009.zip\setup.exe" file.
2009-05-17 19:35 SYSTEM 152 Sign of "Win32:Trojan-gen {Other}" has been found in "C:\UNZIP\SolidWorks 2007 SP1.1 Crack.zip\setup.exe" file.
2009-05-25 15:36 SERVICE LOCAL 2044 AAVM - scanning warning: x_AavmCheckFileDirectEx [UNI]: C:\DOCUMENTS AND SETTINGS\VALERIE\MES DOCUMENTS\BLAGUES\16 E L-ACROBATE MAURIENNAIS.PPS (C:\DOCUMENTS AND SETTINGS\VALERIE\MES DOCUMENTS\BLAGUES\16 E L-ACROBATE MAURIENNAIS.PPS) returning error, 00000005.
2009-05-25 15:36 SERVICE LOCAL 2044 AAVM - scanning warning: x_AavmCheckFileDirectEx [UNI]: C:\DOCUMENTS AND SETTINGS\VALERIE\MES DOCUMENTS\BLAGUES\2468-DEUX_PRETRES_EN_VACANCES_A_HAWAI1.PPS (C:\DOCUMENTS AND SETTINGS\VALERIE\MES DOCUMENTS\BLAGUES\2468-DEUX_PRETRES_EN_VACANCES_A_HAWAI1.PPS) returning error, 00000005.
2009-05-25 15:36 SERVICE LOCAL 2044 AAVM - scanning warning: x_AavmCheckFileDirectEx [UNI]: C:\DOCUMENTS AND SETTINGS\VALERIE\MES DOCUMENTS\BLAGUES\54_VIVRE_DANS_SA_VOITURE_.PPS (C:\DOCUMENTS AND SETTINGS\VALERIE\MES DOCUMENTS\BLAGUES\54_VIVRE_DANS_SA_VOITURE_.PPS) returning error, 00000005.
2009-05-25 15:37 SERVICE LOCAL 2044 AAVM - scanning warning: x_AavmCheckFileDirectEx [UNI]: C:\DOCUMENTS AND SETTINGS\VALERIE\MES DOCUMENTS\BLAGUES\A VOIR ABSOLUMENT.DOC (C:\DOCUMENTS AND SETTINGS\VALERIE\MES DOCUMENTS\BLAGUES\A VOIR ABSOLUMENT.DOC) returning error, 00000005.
2009-05-25 15:37 SERVICE LOCAL 2044 AAVM - scanning warning: x_AavmCheckFileDirectEx [UNI]: C:\DOCUMENTS AND SETTINGS\VALERIE\MES DOCUMENTS\BLAGUES\ACCIDENT_MORTEL_EN_BRETAGNE.PPS (C:\DOCUMENTS AND SETTINGS\VALERIE\MES DOCUMENTS\BLAGUES\ACCIDENT_MORTEL_EN_BRETAGNE.PPS) returning error, 00000005.
2009-05-25 15:37 SERVICE LOCAL 2044 AAVM - scanning warning: x_AavmCheckFileDirectEx [UNI]: C:\DOCUMENTS AND SETTINGS\VALERIE\MES DOCUMENTS\BLAGUES\AGREGEES_1.PPS (C:\DOCUMENTS AND SETTINGS\VALERIE\MES DOCUMENTS\BLAGUES\AGREGEES_1.PPS) returning error, 00000005.
2009-05-25 15:37 SERVICE LOCAL 2044 AAVM - scanning warning: x_AavmCheckFileDirectEx [UNI]: C:\DOCUMENTS AND SETTINGS\VALERIE\MES DOCUMENTS\BLAGUES\ALIREABSOLUMENTIXY.DOC (C:\DOCUMENTS AND SETTINGS\VALERIE\MES DOCUMENTS\BLAGUES\ALIREABSOLUMENTIXY.DOC) returning error, 00000005.
2009-05-25 15:37 SERVICE LOCAL 2044 AAVM - scanning warning: x_AavmCheckFileDirectEx [UNI]: C:\DOCUMENTS AND SETTINGS\VALERIE\MES DOCUMENTS\BLAGUES\ALLEZ LES FILLES.PPS (C:\DOCUMENTS AND SETTINGS\VALERIE\MES DOCUMENTS\BLAGUES\ALLEZ LES FILLES.PPS) returning error, 00000005.
2009-05-25 15:37 SERVICE LOCAL 2044 AAVM - scanning warning: x_AavmCheckFileDirectEx [UNI]: C:\DOCUMENTS AND SETTINGS\VALERIE\MES DOCUMENTS\BLAGUES\ALLO_LE_18.PPS (C:\DOCUMENTS AND SETTINGS\VALERIE\MES DOCUMENTS\BLAGUES\ALLO_LE_18.PPS) returning error, 00000005.
2009-05-25 15:37 SERVICE LOCAL 2044 AAVM - scanning warning: x_AavmCheckFileDirectEx [UNI]: C:\DOCUMENTS AND SETTINGS\VALERIE\MES DOCUMENTS\BLAGUES\ANIMAUX_SUPERBES.PPS (C:\DOCUMENTS AND SETTINGS\VALERIE\MES DOCUMENTS\BLAGUES\ANIMAUX_SUPERBES.PPS) returning error, 00000005.
2009-05-25 15:37 SERVICE LOCAL 2044 AAVM - scanning warning: x_AavmCheckFileDirectEx [UNI]: C:\DOCUMENTS AND SETTINGS\VALERIE\MES DOCUMENTS\BLAGUES\ANIMEAUX(N).PPS (C:\DOCUMENTS AND SETTINGS\VALERIE\MES DOCUMENTS\BLAGUES\ANIMEAUX(N).PPS) returning error, 00000005.
2009-05-25 15:37 SERVICE LOCAL 2044 AAVM - scanning warning: x_AavmCheckFileDirectEx [UNI]: C:\DOCUMENTS AND SETTINGS\VALERIE\MES DOCUMENTS\BLAGUES\ART ALIMENTAIRE 2.PPS (C:\DOCUMENTS AND SETTINGS\VALERIE\MES DOCUMENTS\BLAGUES\ART ALIMENTAIRE 2.PPS) returning error, 00000005.
2009-05-25 15:37 SERVICE LOCAL 2044 AAVM - scanning warning: x_AavmCheckFileDirectEx [UNI]: C:\DOCUMENTS AND SETTINGS\VALERIE\MES DOCUMENTS\BLAGUES\ARTISTES.PPS (C:\DOCUMENTS AND SETTINGS\VALERIE\MES DOCUMENTS\BLAGUES\ARTISTES.PPS) returning error, 00000005.
2009-05-31 08:45 SYSTEM 172 Sign of "Win32:Womble-F [Wrm]" has been found in "C:\Documents and Settings\All Users\Documents\My passwords.doc .exe" file.
2009-05-31 08:46 SYSTEM 172 Sign of "WMF:CVE-2005-4560 [Expl]" has been found in "C:\Documents and Settings\All Users\Documents\Windows serial number.jpg" file.
2009-06-01 06:29 SYSTEM 168 Sign of "JS:CVE-2009-0075-A [Expl]" has been found in "http://www.dllsop.com/index.htm" file.
2009-06-01 06:43 SYSTEM 168 Sign of "JS:CVE-2009-0075-A [Expl]" has been found in "http://www.dllsop.com/index.htm" file.
2009-06-01 06:45 SYSTEM 168 Sign of "JS:CVE-2009-0075-A [Expl]" has been found in "http://www.dllsop.com/index.htm" file.
2009-06-01 06:45 SYSTEM 168 Sign of "JS:CVE-2009-0075-A [Expl]" has been found in "http://www.dllsop.com/index.htm" file.
2009-06-01 06:47 SYSTEM 168 Sign of "JS:CVE-2009-0075-A [Expl]" has been found in "http://www.dllsop.com/index.htm" file.
2009-06-04 07:41 VALERIE 160 Sign of "NSIS:Downloader-B [Adw]" has been found in "C:\DOCUME~1\VALERIE\LOCALS~1\Temp\Répertoire temporaire 1 pour 2007 solidworks.zip\setup.exe\nsis.hdr" file.
2009-06-10 08:14 SYSTEM 192 Sign of "Win32:Womble-F [Wrm]" has been found in "C:\Documents and Settings\All Users\Documents\My passwords.txt .pif" file.
2009-06-24 12:33 SYSTEM 164 Sign of "Win32:Womble-F [Wrm]" has been found in "C:\Documents and Settings\All Users\Documents\GoogleHack.pif" file.
2009-06-24 12:33 SYSTEM 164 Sign of "WMF:CVE-2005-4560 [Expl]" has been found in "C:\Documents and Settings\All Users\Documents\MyWife.jpg" file.
2009-06-24 13:58 SYSTEM 164 Sign of "Win32:Womble-F [Wrm]" has been found in "C:\Documents and Settings\All Users\Documents\GoogleHack.exe" file.
2009-06-24 13:59 SYSTEM 164 Sign of "WMF:CVE-2005-4560 [Expl]" has been found in "C:\Documents and Settings\All Users\Documents\My passwords.jpg" file.
2009-07-16 07:46 SYSTEM 172 Sign of "WMA:Wimad [Drp]" has been found in "C:\UNZIP\medicopter greatest hit 2009.wma" file.
2009-07-16 07:46 SYSTEM 172 Sign of "WMA:Wimad [Drp]" has been found in "C:\UNZIP\medicopter.wma" file.
2009-07-16 12:19 SYSTEM 172 Sign of "WMA:Wimad [Drp]" has been found in "C:\UNZIP\crazy daddy dj frog.mp3" file.
2009-08-20 22:53 SYSTEM 128 Sign of "Win32:BatDropper-B [Drp]" has been found in "http://www.durable.com/var/docs/logiciels/openoffice.exe\durable\generic.exe\wizarddemo\walter\generic.exe\[UPX]" file.
2009-09-05 13:34 SYSTEM 152 Sign of "Win32:Womble-F [Wrm]" has been found in "C:\Documents and Settings\All Users\Documents\WallPaper.exe" file.
2009-09-05 13:34 SYSTEM 152 Sign of "WMF:CVE-2005-4560 [Expl]" has been found in "C:\Documents and Settings\All Users\Documents\My passwords.jpg" file.
2009-09-05 15:24 SYSTEM 152 Sign of "Win32:Womble-F [Wrm]" has been found in "C:\Documents and Settings\All Users\Documents\GoogleHack.pif" file.
2009-09-05 15:24 SYSTEM 152 Sign of "WMF:CVE-2005-4560 [Expl]" has been found in "C:\Documents and Settings\All Users\Documents\OurNewCar.jpg" file.
2009-09-05 17:14 SYSTEM 152 Sign of "Win32:Womble-F [Wrm]" has been found in "C:\Documents and Settings\All Users\Documents\Seduction secrets.txt .exe" file.
2009-09-05 19:46 SYSTEM 152 Sign of "WMF:CVE-2005-4560 [Expl]" has been found in "C:\Documents and Settings\All Users\Documents\OurNewCar.jpg" file.
2009-10-11 08:25 SYSTEM 188 Sign of "Win32:Malware-gen" has been found in "C:\windows\system32\update_temp.exe" file.
2009-10-12 06:35 SYSTEM 172 Sign of "Win32:Malware-gen" has been found in "C:\windows\system32\update_temp.exe" file.
2009-10-12 14:10 SYSTEM 172 Sign of "Win32:Malware-gen" has been found in "C:\windows\system32\update_temp.exe" file.
2009-10-13 03:59 SYSTEM 176 Sign of "Win32:Malware-gen" has been found in "C:\windows\system32\update_temp.exe" file.
2009-10-13 04:19 SYSTEM 176 Sign of "Win32:Malware-gen" has been found in "C:\windows\system32\update_temp.exe" file.
2009-10-15 09:00 SYSTEM 172 Sign of "Win32:Spon [Trj]" has been found in "C:\windows\system32\update_temp.exe" file.
2009-10-15 20:02 SYSTEM 172 Sign of "Win32:Spon [Trj]" has been found in "C:\windows\system32\update_temp.exe" file.
2009-10-16 11:29 SYSTEM 192 Sign of "Win32:Spon [Trj]" has been found in "C:\windows\system32\update_temp.exe" file.
2009-10-17 06:27 VALERIE 172 Sign of "Win32:Spon [Trj]" has been found in "C:\windows\system32\update_temp.exe" file.
2009-10-17 14:00 VALERIE 172 Sign of "Win32:Spon [Trj]" has been found in "C:\windows\system32\update_temp.exe" file.
2009-10-18 08:30 SYSTEM 156 Sign of "Win32:Spon [Trj]" has been found in "C:\windows\system32\update_temp.exe" file.
2009-10-18 16:05 SYSTEM 156 Sign of "Win32:Spon [Trj]" has been found in "C:\windows\system32\update_temp.exe" file.
2009-10-19 07:29 SYSTEM 116 Sign of "Win32:Spon [Trj]" has been found in "C:\windows\system32\update_temp.exe" file.
2009-10-20 05:58 VALERIE 152 Sign of "Win32:Spon [Trj]" has been found in "C:\windows\system32\update_temp.exe" file.
2009-10-21 12:23 VALERIE 160 Sign of "Win32:Spon [Trj]" has been found in "C:\windows\system32\update_temp.exe" file.
2009-10-21 20:16 VALERIE 160 Sign of "Win32:Spon [Trj]" has been found in "C:\windows\system32\update_temp.exe" file.
A chaque fois, je clique sur l'action recommandée, càd mettre en quarantaine, mais il ressort au moins une fois par jour.
J'ai fait un scan en ligne avec Panda, je peux vous le joindre si vous en avez besoin.
Merci d'avance pour votre aide
Cdt,
Valérie

Trojan Win32 spon »

Suggestions

Trojan Win32 spon
Trojan.win32.generic bt » Forum
Virus trojan win32 (Résolu) » Forum
Trojan.win32.generic (Résolu) » Forum
Comment enlever mon virus trojan:win32/si... (Résolu) » Forum
Heur trojan win32 generic » Forum
Trojan.win32.generic.pak cobra (Résolu) » Forum
Virus bloquant acces internet trojan win32 » Forum
Trojan win32 » Forum
Trojan win32 keylogger gen » Forum

Plus

Réponse

valerieb2 27Messages postés 4 juillet 2008Date d'inscription 19 janvier 2012Dernière intervention 22 oct 2009 à 06:05

Ajouter un commentaire

Réponse

valerieb2 27Messages postés 4 juillet 2008Date d'inscription 19 janvier 2012Dernière intervention 22 oct 2009 à 12:24

Bonjour à tous,
Y a t-il quelqu'un pour m'aider à désinfecter mon PC ?
D'avance merci à tous
Valérie

Ajouter un commentaire

Réponse

valerieb2 27Messages postés 4 juillet 2008Date d'inscription 19 janvier 2012Dernière intervention 22 oct 2009 à 18:40

Re-bonjour, dois-je poster un rapport Hijackthis ?
D'avance merci pour votre aide
Valérie

Ajouter un commentaire

Répondre au sujet

Posez votre question

Dossier à la une

5 extensions si vous voulez revenir à l'ancien Facebook

5 extensions si vous voulez revenir à l'ancien Facebook

Vous n'aimez pas le lifting de Facebook ? Le site Mashable propose cinq étapes pour revenir à l'ancienne présentation du réseau social.

Les interviews exclusives

« L'autorépondeur, plus qu'un simple outil d'e-mailing »

Toutes les interviews

Collection CommentÇaMarche.net

Jean-François Pillou

Tout sur le webmastering (2e édition) : Créer et optimiser son site web

Plus de livres

Trojan Win32 spon

Trojan Win32 spon »

5 extensions si vous voulez revenir à l'ancien Facebook

"un outil vraiment simple à la portée de tous"

Tout pour bien utiliser Powerpoint 2010

Tout sur le webmastering (2e édition) : Créer et optimiser son site web

Tout pour bien utiliser Excel 2010

Tout pour bien utiliser l'iPad 4.2

Tout sur le Web 2.0 : Pour être à la pointe du Net