Virus et cheval de troie

bonjour,

j'ai installé cleaner j'ai bien tout suivie
j'ai mis a jour avast mais j'ai tour en bas à droite écrit près de l'heure virus alert
que dois-je faire
et mon problème dans démarrer n'est pas résolu je n'ai aucun programme
tenez moi au courant
a+

Bons conseils, cependant ils ne résoudront pas les différents problèmes exposés ~~ Faites nous confiance ~~

Mettez Toujours vos navigateurs internet à jour ! (IE7, Mozi­lla 3.0.1)

~~

bonjour ,
j'ai fais ce que vous m'avez dis et ça a marché merci pour tout
mais toujours problème pour le panneau de configuration qui est désactivé et je n'arrive pas à le réactiver
a+ bonne journée

bonjour,

voici lLogfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:56: VIRUS ALERT!, on 16/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIADE.EXE
C:\Program Files\filehippo.com\UpdateChecker.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\PROGRA~1\Magentic\bin\MgApp.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\IncrediMail\bin\IncMail.exe
C:\Program Files\IncrediMail\bin\IMApp.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\ANGELI~1\LOCALS~1\Temp\Rar$EX0k.k10\HijackThis.e­xe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredimail.com/french/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: QXK Olive - {265E6540-2B95-4A81-9AF9-1456522F975B} - C:\WINDOWS\nfavxwdbkvn.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVGTOOLBAR - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL (file missing)
O2 - BHO: (no name) - {A596175D-BBC7-476A-A152-FBA652B64505} - C:\WINDOWS\system32\rqRIaYoo.dll (file missing)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: (no name) - {BD7EA6B9-E5D4-477B-91DF-53F5D48A88AF} - C:\WINDOWS\system32\ssqPiijg.dll (file missing)
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: AVGTOOLBAR - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL (file missing)
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Magentic] C:\PROGRA~1\Magentic\bin\Magentic.exe /c
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [EPSON Stylus DX4800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIADE.EXE /P26 "EPSON Stylus DX4800 Series" /M "Stylus DX4800" /EF "HKCU"
O4 - HKCU\..\Run: [filehippo.com] "C:\Program Files\filehippo.com\UpdateChecker.exe" /background
O4 - Global Startup: KODAK Software Updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} - http://3dlifeplayer.dl.3dvia.com/player/install/installer.exe
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (file missing)
O20 - AppInit_DLLs: avgrsstx.dll
O20 - Winlogon Notify: rqRIaYoo - rqRIaYoo.dll (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - Unknown owner - C:\PROGRA~1\AVG\AVG8\avgemc.exe (file missing)
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Cyclon Webcam Service (StkSSrv) - Unknown owner - C:\WINDOWS\System32\StkSrv2K.exe (file missing)
End of file - 6758 bytes
e rapport demandé

bonjour ,

j'ai essayer de faire comme vous m'avez dis en mode sans echec mais j ai beau cliqué sur Y rien ne se passe
je vous envoi ce que j'ai pu trouver
bon journée


1 SDFix.exe: Unknown method in SDFix\apps\leg2.txt
2 SDFix.exe: Unknown method in SDFix\apps\legacy.txt
3 SDFix.exe: Unknown method in SDFix\apps\legacybk.txt
4 SDFix.exe: Unknown method in SDFix\apps\Rem.txt
5 SDFix.exe: Unknown method in SDFix\apps\Rem2.txt
6 SDFix.exe: Unknown method in SDFix\apps\srv2.txt
7 SDFix.exe: Unknown method in SDFix\apps\srv2bk.txt
8 SDFix.exe: Unknown method in SDFix\apps\svc.txt
9 SDFix.exe: Unknown method in SDFix\apps\svcbk.txt
10 SDFix.exe: Unknown method in SDFix\RunThis.bat
11 SDFix.exe: No files to extract

bonjour,

voici ce que j'ai obtenu

[b]SDFix: Version 1.217 /b
Run by Angelique et Teddy on 18/08/2008 at 13:57

Microsoft Windows XP [version 5.1.2600]
Running From: C:\Documents and Settings\Angelique et Teddy\Mes documents\SDFix

[b]Checking Services /b:


Restoring Default Security Values
Restoring Default Hosts File
Restoring Time Format To Remove Fake Virus Alert

Rebooting


[b]Checking Files /b:

Trojan Files Found:

C:\Documents and Settings\Angelique et Teddy\Application Data\Microsoft\Internet Explorer\Quick Launch\Antivirus-2008pro.lnk - Deleted
C:\Documents and Settings\All Users\Application Data\System Doctor Free\Data\Abbr - Deleted
C:\Documents and Settings\All Users\Application Data\System Doctor Free\Data\ActivationCode - Deleted
C:\Documents and Settings\Angelique et Teddy\Application Data\TmpRecentIcons\Vista Antivirus 2008.lnk - Deleted
C:\Documents and Settings\Angelique et Teddy\Favoris\Spyware&Malware Protection.url - Deleted
C:\WINDOWS\privacy_danger\index.htm - Deleted
C:\WINDOWS\privacy_danger\images\capt.gif - Deleted
C:\WINDOWS\privacy_danger\images\danger.jpg - Deleted
C:\WINDOWS\privacy_danger\images\down.gif - Deleted
C:\WINDOWS\privacy_danger\images\spacer.gif - Deleted
C:\Program Files\Antivirus 2008 PRO\vscan.tsi - Deleted
C:\Program Files\Antivirus 2008 PRO\zlib.dll - Deleted
C:\Program Files\VAV\vav.ooo - Deleted
C:\Program Files\VAV\vav0.dat - Deleted
C:\Program Files\VAV\vav1.dat - Deleted
C:\Documents and Settings\Angelique et Teddy\Application Data\TmpRecentIcons\Vista Antivirus 2008.lnk - Deleted
C:\Documents and Settings\Angelique et Teddy\Bureau\antivirus-2008pro.lnk - Deleted
C:\WINDOWS\eqvwamkl.dll - Deleted
C:\WINDOWS\system32\tdssinit.dll - Deleted
C:\WINDOWS\system32\tdssl.dll - Deleted
C:\WINDOWS\system32\tdsslog.dll - Deleted
C:\WINDOWS\system32\tdssmain.dll - Deleted
C:\WINDOWS\system32\tdssservers.dat - Deleted



Folder C:\Documents and Settings\All Users\Application Data\SalesMon - Removed
Folder C:\Documents and Settings\All Users\Application Data\System Doctor Free - Removed
Folder C:\Program Files\AntiSpywareExpert - Removed
Folder C:\Program Files\Antivirus 2008 PRO - Removed
Folder C:\Program Files\VAV - Removed
Folder C:\WINDOWS\privacy_danger - Removed


Removing Temp Files

[b]ADS Check /b:



[b]Final Check /b:

catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-18 14:20:13
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

scanning hidden registry entries ...

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup]
"LogLevel"=dword:00000000

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0


[b]Remaining Services /b:




Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\AVG\\AVG8\\avgemc.exe"="C:\\Program Files\\AVG\\AVG8\\avgemc.exe:*:Disabled:avgemc.exe"
"C:\\Program Files\\AVG\\AVG8\\avgnsx.exe"="C:\\Program Files\\AVG\\AVG8\\avgnsx.exe:*:Disabled:avgnsx.exe"
"C:\\Program Files\\AVG\\AVG8\\avgupd.exe"="C:\\Program Files\\AVG\\AVG8\\avgupd.exe:*:Disabled:avgupd.exe"
"C:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe"="C:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe:*:Disabled:Kodak Software Updater"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Disabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Disabled:Windows Live Messenger (Phone)"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Disabled:Windows Messenger"
"C:\\Program Files\\IncrediMail\\bin\\IncMail.exe"="C:\\Program Files\\IncrediMail\\bin\\IncMail.exe:*:Enabled:IncrediMail"
"C:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"="C:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe:*:Enabled:EasyShare"
"C:\\Program Files\\Magentic\\bin\\Magentic.exe"="C:\\Program Files\\Magentic\\bin\\Magentic.exe:*:Enabled:Magentic"
"C:\\Program Files\\Magentic\\bin\\MgApp.exe"="C:\\Program Files\\Magentic\\bin\\MgApp.exe:*:Enabled:Magentic"
"C:\\Program Files\\Magentic\\bin\\MgImp.exe"="C:\\Program Files\\Magentic\\bin\\MgImp.exe:*:Enabled:Magentic"
"C:\\Program Files\\IncrediMail\\bin\\ImApp.exe"="C:\\Program Files\\IncrediMail\\bin\\ImApp.exe:*:Enabled:IncrediMail"
"C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"="C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe:*:Enabled:IncrediMail"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[b]Remaining Files /b:


File Backups: - C:\DOCUME~1\ANGELI~1\MESDOC~1\SDFix\backups\backups.zip

[b]Files with Hidden Attributes /b:

Sat 2 Feb 2008 4,348 ..SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Sun 27 Jul 2008 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
Tue 12 Aug 2008 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv02.tmp"
Wed 13 Aug 2008 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv03.tmp"
Thu 8 May 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\24af2a69c06a4de03e35dc89d706475f\BITF.tmp"
Wed 13 Aug 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\8171d23d6d072d8b50d065ca55a754fb\BITB.tmp"
Thu 27 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\8b6d906fd5974a905eb1cc67c000b099\BIT22.tmp"
Thu 27 Dec 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\b6b8211a5dc0636ae3d15bf626ce10d3\BIT11.tmp"
Wed 13 Aug 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\be077a0a5c65554c0fa221a5c8a0529b\BITC.tmp"
Fri 15 Aug 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\f7db876e78b88fd8276fd7d29cb7e4eb\BIT10.tmp"
Sat 2 Feb 2008 4,348 ...H. --- "C:\Documents and Settings\Angelique et Teddy\Mes documents\Ma musique\Sauvegarde de la licence\drmv1key.bak"
Sat 2 Feb 2008 20 A..H. --- "C:\Documents and Settings\Angelique et Teddy\Mes documents\Ma musique\Sauvegarde de la licence\drmv1lic.bak"
Thu 27 Dec 2007 312 A.SH. --- "C:\Documents and Settings\Angelique et Teddy\Mes documents\Ma musique\Sauvegarde de la licence\drmv2key.bak"

[b]Finished!/b

bonne journée a+

bonjour,
j'ai bien fait ce que vous m'avez dis
je vous remercie pour votre aide elle m'a été très précieuse
mais j'aurai une dernière question je crois que j'ai plus anti virus sur mon ordi et je sais que ce n'ai pas bon
voici la liste et dite moi ce que je peux supprimé et comment:

Avast (c'est mon anti virus que je veux garder)
ad-aware, ad watch, software updat
ccleaner
anti-virus 2008 pro (je n'arrive pas à le désinstaller , je suis aller dans ajouter/suppression de programmes mais je n'ai aucun icone pour le supprimer

antispyware expert
merci d'avance pour la réponse
bonne soirée