High-Tech Santé Médecine Droit-Finances

Grippe A

Que dois-je faire ?

Rechercher : dans
Par :

Trojan horse

Dernière réponse le 31 jui 2004 à 01:20:11 romain, le 5 jui 2004 à 20:06:54 
 Signaler ce message aux modérateurs

Bonjour je souhaiterai savoir comment se débarrasser de "the trojan horse TR/Dlr.Wintri.BC.1 "paske moi j y arrive pa et sa commence a me prendre la téte alors je ne dirai k une chose "HELP !! " merci d avance !

Meilleures réponses pour « trojan horse » dans :
Introduction aux chevaux de Troie VoirLes chevaux de Troie On appelle « Cheval de Troie » (en anglais trojan horse) un programme informatique effectuant des opérations malicieuses à l'insu de l'utilisateur. Le nom « Cheval de Troie » provient d'une légende narrée dans l'Iliade (de...
Posez votre question Répondre

1

bernie61, le 5 jui 2004 à 21:44:33

Salut
Pour un trojan, toujours même procédure: l'effacer là où il est selon ton alerte; c'est plus facile si tu effaces en mode sans échec ou VGA et s'il est dans Restore ou System Volume... alors désactiver restauration système sur XP ou windowsMe;
A+

   
Répondre à bernie61

2

romain, le 5 jui 2004 à 21:49:33

Toujours pa d réponse a mon probléme : j ai un trojan horse mon antivirus le détecte j le supprime mai a chak foi ke je redémarre mon PC il revient j ai téléchargé antitrojan shield et trojan remover mai ils ne détecte rien QUE FAIRE ? je n y connai pa grand chose alors si quelqu un pouvait m ai der sa serait sympa MERCI

   
Répondre à romain

3

bernie61, le 5 jui 2004 à 21:54:16

Re salut
ouvre le fichier .log de ton antivirus pour savoir où est ton trojan si tu sais plus et suis le post 1 ci-dessus
A+

   
Répondre à bernie61

4

romain, le 5 jui 2004 à 22:06:07

Voila ce k il ya dans log :05/07/2004,21:59 AVGuard has scanned the following file:
C:\DOCUMENTS AND SETTINGS\ROMAIN\BUREAU\TRJSETUP.EXE
[INFO] User access to the file has been allowed.
Requesting PID=652 Mode=OPEN DesiredAccess=0x00000001 CreateOptions=0x00000060
05/07/2004,21:59 AVGuard has scanned the following file:
C:\DOCUMENTS AND SETTINGS\ROMAIN\BUREAU\NFS UNDERGROUND.LNK
[INFO] User access to the file has been allowed.
Requesting PID=652 Mode=OPEN DesiredAccess=0x00000001 CreateOptions=0x00000060
05/07/2004,21:59 AVGuard has scanned the following file:
C:\PROGRAM FILES\WINRAR\RAREXT.DLL
[INFO] User access to the file has been allowed.
Requesting PID=652 Mode=OPEN DesiredAccess=0x00000001 CreateOptions=0x00000060
05/07/2004,21:59 AVGuard has scanned the following file:
C:\PROGRAM FILES\EA GAMES\NFS UNDERGROUND\SPEED.EXE
[INFO] User access to the file has been allowed.
Requesting PID=652 Mode=OPEN DesiredAccess=0x00000001 CreateOptions=0x00000064
05/07/2004,21:59 AVGuard has scanned the following file:
C:\PROGRA~1\TROJAN~1\TRSHLEX.DLL
[INFO] User access to the file has been allowed.
Requesting PID=652 Mode=OPEN DesiredAccess=0x00000001 CreateOptions=0x00000060
05/07/2004,21:59 AVGuard has scanned the following file:
C:\WINDOWS\SYSTEM32\SYNCUI.DLL
[INFO] User access to the file has been allowed.
Requesting PID=652 Mode=OPEN DesiredAccess=0x00000001 CreateOptions=0x00000060
05/07/2004,21:59 AVGuard has scanned the following file:
C:\PROGRAM FILES\AVPERSONAL\AVSHLEXT.DLL
[INFO] User access to the file has been allowed.
Requesting PID=652 Mode=OPEN DesiredAccess=0x00000001 CreateOptions=0x00000060
05/07/2004,22:00 AVGuard has scanned the following file:
C:\DOCUMENTS AND SETTINGS\ALL USERS\MENU DéMARRER\PROGRAMMES\ACCESSOIRES\OUTILS SYSTèME\NETTOYAGE DE DISQUE.LNK
[INFO] User access to the file has been allowed.
Requesting PID=652 Mode=OPEN DesiredAccess=0x00000001 CreateOptions=0x00000060
05/07/2004,22:00 WARNING: AVGuard detected a problem in the file
C:\DOCUMENTS AND SETTINGS\ALL USERS\MENU DéMARRER\PROGRAMMES\ADOBE
[ERROR] Unable to open the file [13].
Error Code: 13
INFO: The access to the file has been denied!
[INFO] User access to the file has been allowed.
Requesting PID=652 Mode=OPEN DesiredAccess=0x00000001 CreateOptions=0x00004020
05/07/2004,22:00 AVGuard has scanned the following file:
C:\WINDOWS\SYSTEM32\SHGINA.DLL
[INFO] User access to the file has been allowed.
Requesting PID=652 Mode=OPEN DesiredAccess=0x00000001 CreateOptions=0x00000060
05/07/2004,22:00 AVGuard has scanned the following file:
C:\WINDOWS\SYSTEM32\DUSER.DLL
[INFO] User access to the file has been allowed.
Requesting PID=652 Mode=OPEN DesiredAccess=0x00000001 CreateOptions=0x00000060
05/07/2004,22:00 AVGuard has scanned the following file:
C:\WINDOWS\SYSTEM32\MSGINA.DLL
[INFO] User access to the file has been allowed.
Requesting PID=652 Mode=OPEN DesiredAccess=0x00000001 CreateOptions=0x00000060
05/07/2004,22:00 AVGuard has scanned the following file:
C:\WINDOWS\SYSTEM32\ODBC32.DLL
[INFO] User access to the file has been allowed.
Requesting PID=652 Mode=OPEN DesiredAccess=0x00000001 CreateOptions=0x00000060
05/07/2004,22:00 AVGuard has scanned the following file:
C:\WINDOWS\SYSTEM32\ODBCINT.DLL
[INFO] User access to the file has been allowed.
Requesting PID=652 Mode=OPEN DesiredAccess=0x00000001 CreateOptions=0x00000060
05/07/2004,22:00 AVGuard has scanned the following file:
C:\WINDOWS\RESOURCES\THEMES\LUNA\SHELL\NORMALCOLOR\SHELLSTYL­E.DLL
[INFO] User access to the file has been allowed.
Requesting PID=652 Mode=OPEN DesiredAccess=0x00000001 CreateOptions=0x00000060
05/07/2004,22:00 AVGuard has scanned the following file:
C:\DOCUMENTS AND SETTINGS\VIDAL GUILLAUME\MES DOCUMENTS\DESKTOP.INI
[INFO] User access to the file has been allowed.
Requesting PID=652 Mode=OPEN DesiredAccess=0x00000001 CreateOptions=0x00000060
05/07/2004,22:00 AVGuard has scanned the following file:
C:\WINDOWS\SYSTEM32\WIASHEXT.DLL
[INFO] User access to the file has been allowed.
Requesting PID=652 Mode=OPEN DesiredAccess=0x00000001 CreateOptions=0x00000060
05/07/2004,22:00 AVGuard has scanned the following file:
C:\WINDOWS\SYSTEM32\STI.DLL
[INFO] User access to the file has been allowed.
Requesting PID=1928 Mode=OPEN DesiredAccess=0x00000001 CreateOptions=0x00000060
05/07/2004,22:00 AVGuard has scanned the following file:
C:\UNWISE.EXE
[INFO] User access to the file has been allowed.
Requesting PID=652 Mode=OPEN DesiredAccess=0x00000001 CreateOptions=0x00000060
05/07/2004,22:00 WARNING: AVGuard detected a problem in the file
C:\PROGRAM FILES
[ERROR] Unable to open the file [13].
Error Code: 13
INFO: The access to the file has been denied!
[INFO] User access to the file has been allowed.
Requesting PID=652 Mode=OPEN DesiredAccess=0x00000001 CreateOptions=0x00004020
05/07/2004,22:00 WARNING: AVGuard detected a problem in the file
C:\PROGRAM FILES\DIRECTX
[ERROR] Unable to open the file [13].
Error Code: 13
INFO: The access to the file has been denied!
[INFO] User access to the file has been allowed.
Requesting PID=652 Mode=OPEN DesiredAccess=0x00000001 CreateOptions=0x00000010
05/07/2004,22:00 WARNING: AVGuard detected a problem in the file
C:\PROGRAM FILES\EMULE
[ERROR] Unable to open the file [13].
Error Code: 13
INFO: The access to the file has been denied!
[INFO] User access to the file has been allowed.
Requesting PID=652 Mode=OPEN DesiredAccess=0x00000001 CreateOptions=0x00004020
05/07/2004,22:00 WARNING: AVGuard detected a problem in the file
C:\PROGRAM FILES\COMPLUS APPLICATIONS
[ERROR] Unable to open the file [13].
Error Code: 13
INFO: The access to the file has been denied!
[INFO] User access to the file has been allowed.
Requesting PID=652 Mode=OPEN DesiredAccess=0x00000001 CreateOptions=0x00004020
05/07/2004,22:00 WARNING: AVGuard detected a problem in the file
C:\PROGRAM FILES\EA GAMES
[ERROR] Unable to open the file [13].
Error Code: 13
INFO: The access to the file has been denied!
[INFO] User access to the file has been allowed.
Requesting PID=652 Mode=OPEN DesiredAccess=0x00000001 CreateOptions=0x00004020
05/07/2004,22:00 WARNING: AVGuard detected a problem in the file
C:\PROGRAM FILES\COMMON FILES
[ERROR] Unable to open the file [13].
Error Code: 13
INFO: The access to the file has been denied!
[INFO] User access to the file has been allowed.
Requesting PID=652 Mode=OPEN DesiredAccess=0x00000001 CreateOptions=0x00004020
05/07/2004,22:00 WARNING: AVGuard detected a problem in the file
C:\PROGRAM FILES\FICHIERS COMMUNS
[ERROR] Unable to open the file [13].
Error Code: 13
INFO: The access to the file has been denied!
[INFO] User access to the file has been allowed.
Requesting PID=652 Mode=OPEN DesiredAccess=0x00000001 CreateOptions=0x00004020
05/07/2004,22:00 WARNING: AVGuard detected a problem in the file
C:\PROGRAM FILES\CLEANER 5 EZ
[ERROR] Unable to open the file [13].
Error Code: 13
INFO: The access to the file has been denied!
[INFO] User access to the file has been allowed.
Requesting PID=652 Mode=OPEN DesiredAccess=0x00000001 CreateOptions=0x00004020
05/07/2004,22:00 WARNING: AVGuard detected a problem in the file
C:\PROGRAM FILES\AVPERSONAL
[ERROR] Unable to open the file [13].
Error Code: 13
INFO: The access to the file has been denied!
[INFO] User access to the file has been allowed.
Requesting PID=652 Mode=OPEN DesiredAccess=0x00000001 CreateOptions=0x00004020
05/07/2004,22:00 AVGuard has scanned the following file:
C:\PROGRAM FILES\AVPERSONAL\DELUS.EXE
[INFO] User access to the file has been allowed.
Requesting PID=652 Mode=OPEN DesiredAccess=0x00000001 CreateOptions=0x00000860
05/07/2004,22:00 AVGuard has scanned the following file:
C:\PROGRAM FILES\AVPERSONAL\AVNT.EXE
[INFO] User access to the file has been allowed.
Requesting PID=652 Mode=OPEN DesiredAccess=0x00000001 CreateOptions=0x00000860
05/07/2004,22:00 WARNING: AVGuard detected a problem in the file
C:\PROGRAM FILES\AVPERSONAL\INFECTED
[ERROR] Unable to open the file [13].
Error Code: 13
INFO: The access to the file has been denied!
[INFO] User access to the file has been allowed.
Requesting PID=652 Mode=OPEN DesiredAccess=0x00000001 CreateOptions=0x00004020
05/07/2004,22:02 AVGuard has scanned the following file:
C:\RECYCLER\S-1-5-21-1715567821-436374069-839522115-1005\INF­O2
[INFO] User access to the file has been allowed.
Requesting PID=652 Mode=OPEN DesiredAccess=0x00000001 CreateOptions=0x00000860
05/07/2004,22:02 AVGuard has scanned the following file:
C:\RECYCLER\S-1-5-21-1715567821-436374069-839522115-1005\INF­O2
[INFO] User access to the file has been allowed.
Requesting PID=652 Mode=CLOSE DesiredAccess=0x00000002 CreateOptions=0x00000860

   
Répondre à romain

5

bernie61, le 5 jui 2004 à 22:55:24

Resalut
ouvre le fichier NTGRDRT.LOG de ton AntiVir et regarde là;
A+

   
Répondre à bernie61

6

Karina, le 5 jui 2004 à 23:18:32

Bonjour,
Moi aussi j'ai le probleme des chevaux :o( . Et pour en revenir au conseil numero 1 : comment fait on pour effacer les virus Troj en mode sans echec ???
Merci beaucoup
Karine

   
Répondre à Karina

7

bernie61, le 5 jui 2004 à 23:22:02
   
Répondre à bernie61

8

Karine, le 5 jui 2004 à 23:29:42

Merci Bernie,
Je vais essayer en suivant les conseils du lien...
Karine

   
Répondre à Karine

9

Thomas, le 8 jui 2004 à 11:54:40

Bien le bonjour.
De mon côté, le Trojan Horse a eu la bonne idée de se mettre sur mon anti virus. (Symantec, dans le system32 pour faciliter les choses).
Donc quand j'essaye de le supprimer, il refuse vu qu'il est sur un programme ouvert
Et vu que c'est sur un portable que le boulot a prêté durant lecongé maternité, j'hésite à supprimer des applica

   
Répondre à Thomas

10

bernie61, le 8 jui 2004 à 21:10:06
   
Répondre à bernie61

11

 Gaelgroove, le 31 jui 2004 à 01:20:11

Salut a tous.
Pour tous les petits problémes de ce genre rien de telle qu'un petit tour dans la base des registres.
Menu démarrer,exécuter et vous tapez Regedit.
Puis dans edition,rechercher et là vous tapez le noms du trojan plusieur fois,effacer dans la partie de droite les lignes qui comporte
le NOM.
Retapez le nom dans rechcher jusqu'a la fenêtre: Recherch dans le registre terminé.
Voilà,il n'y à plus qu'a essayer.
Gaelgroove de Lens.@+

   
Répondre à Gaelgroove
Posez votre question Répondre
Ils ont besoin de votre aide