virus

Bonjour, voici mes rapport :

VundoFix V6.5.8

Checking Java version...

Java version is 1.5.0.6
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.7
Old versions of java are exploitable and should be removed.

Scan started at 00:16:39 10/09/2007

Listing files found while scanning....

No infected files were found.


Beginning removal...

VundoFix V6.5.8

Checking Java version...

Java version is 1.5.0.6
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.7
Old versions of java are exploitable and should be removed.

Scan started at 00:53:05 10/09/2007

Listing files found while scanning....

No infected files were found.


Beginning removal...

Beginning removal...

Beginning removal...

VundoFix V6.5.8

Checking Java version...

Java version is 1.5.0.6
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.7
Old versions of java are exploitable and should be removed.

Scan started at 01:18:37 10/09/2007

Listing files found while scanning....

No infected files were found.


Beginning removal...

Beginning removal...

VundoFix V6.5.8

Checking Java version...

Java version is 1.5.0.6
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.7
Old versions of java are exploitable and should be removed.

Scan started at 01:33:41 10/09/2007

Listing files found while scanning....

No infected files were found.


Beginning removal...

Beginning removal...

VundoFix V6.5.8

Checking Java version...

Java version is 1.5.0.6
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.7
Old versions of java are exploitable and should be removed.

Scan started at 21:32:26 10/09/2007

Listing files found while scanning....

No infected files were found.


VundoFix V6.5.8

Checking Java version...

Java version is 1.5.0.6
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.7
Old versions of java are exploitable and should be removed.

Scan started at 22:21:45 10/09/2007

Listing files found while scanning....

No infected files were found.


VundoFix V6.5.8

Checking Java version...

Java version is 1.5.0.6
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.7
Old versions of java are exploitable and should be removed.

Scan started at 22:31:40 10/09/2007

Listing files found while scanning....


VundoFix V6.5.8

Checking Java version...

Java version is 1.5.0.6
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.7
Old versions of java are exploitable and should be removed.

Scan started at 22:35:33 10/09/2007

Listing files found while scanning....

No infected files were found.

No infected files were found.


Beginning removal...

Beginning removal...

maintenant le 2nd :

[09/10/2007, 22:42:21] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\sofiane\Bureau\VirtumundoBeGone.exe" )
[09/10/2007, 22:42:23] - Detected System Information:
[09/10/2007, 22:42:23] - Windows Version: 5.1.2600, Service Pack 2
[09/10/2007, 22:42:23] - Current Username: sofiane (Admin)
[09/10/2007, 22:42:23] - Windows is in NORMAL mode.
[09/10/2007, 22:42:23] - Searching for Browser Helper Objects:
[09/10/2007, 22:42:23] - BHO 1: {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} (SWEETIE Class)
[09/10/2007, 22:42:23] - BHO 2: {53707962-6F74-2D53-2644-206D7942484F} ()
[09/10/2007, 22:42:23] - WARNING: BHO has no default name. Checking for Winlogon reference.
[09/10/2007, 22:42:23] - Checking for HKLM\...\Winlogon\Notify\SDHelper
[09/10/2007, 22:42:23] - Key not found: HKLM\...\Winlogon\Notify\SDHelper, continuing.
[09/10/2007, 22:42:23] - BHO 3: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[09/10/2007, 22:42:23] - BHO 4: {7E853D72-626A-48EC-A868-BA8D5E23E045} ()
[09/10/2007, 22:42:23] - WARNING: BHO has no default name. Checking for Winlogon reference.
[09/10/2007, 22:42:23] - No filename found. Continuing.
[09/10/2007, 22:42:23] - BHO 5: {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
[09/10/2007, 22:42:23] - BHO 6: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (Google Toolbar Notifier BHO)
[09/10/2007, 22:42:23] - Finished Searching Browser Helper Objects
[09/10/2007, 22:42:23] - Finishing up...
[09/10/2007, 22:42:23] - Nothing found! Exiting...
et le 3 rapport ;
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:46:53, on 10/09/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
C:\Program Files\MarkAny\ContentSafer\MAAgent.exe
C:\WINDOWS\vVX1000.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\wdfmgr.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Documents and Settings\sofiane\Bureau\VundoFix.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\sofiane\LOCALS~1\Temp\Rar$EX01.422\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.badgalsclub.com/cgi-bin/TGP/frame.cgi
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://g.msn.fr/8SEFRFR030000TBR/FRWCompleteTBSiteFinalDEFAULT
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar5.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar5.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SMSTray] C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
O4 - HKLM\..\Run: [MAAgent] C:\Program Files\MarkAny\ContentSafer\MAAgent.exe
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [VX1000] C:\WINDOWS\vVX1000.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [wdfmgr.exe] C:\WINDOWS\wdfmgr.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: Interface Chat Voila - http://chat4.x-echo.com/version8/Applet/vchatsign.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {7DBFDA8E-D33B-11D4-9269-00600868E56E} - http://www.edipole.fr/kits/WebInstall.dll
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner - rundll32.exe (file missing)
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: MysqlInventime - Unknown owner - c:\mysql\bin\mysqld-nt.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe

--
End of file - 8290 bytes
le dernier rapport :
MSNFix 1.495

C:\VundoFix Backups\MSNFix
Fix exécuté le 10/09/2007 - 22:58:39,23 By sofiane
mode normal


************************ Recherche les dossiers présents

... C:\Temp\
... C:\WINDOWS\system32\openfile\
... C:\WINDOWS\system32\updatelinkmsn\




************************ Suppression des fichiers



************************ Suppression des dossiers

.. OK ... C:\Temp\
.. OK ... C:\WINDOWS\system32\openfile\
.. OK ... C:\WINDOWS\system32\updatelinkmsn\


************************ Nettoyage du registre



************************ Fichiers suspects

/!\ ces fichiers nécessitent un avis expérimenté avant toute intervention

[C:\WINDOWS\Z058_jpg.zip] 6EEBEEC6DDE2503D3394A242AF1D5CF6
[C:\WINDOWS\system32\ygpss.scr] FDF159E6C4EE927B245C4B1C83882C10


Les fichiers et clés de registre supprimés ont été sauvegardés dans le fichier 10092007_22593082.zip


------------------------------------------------------------------------
Auteur : !aur3n7 Contact: http://changelog.fr
------------------------------------------------------------------------

--------------------------------------------- END ---------------------------------------------

Voilà, j'espère que ça va marcher, merci bien

on peut avoir une petite description de ton problème ? O_o

Bonjour pour un nettoyage

telecharge Ccleaner
et installer ==> Sur la page qui offre plusieurs choix , ne laisser cochés que les 2 premiers :
« ajouter un raccourci sur le bureau » et « ajouter un raccourci dans le menu démarrer »
----------------------- ---------------

Télécharge AVG AntiSpyware 7.5

= Installer
= Clic : Mise à jour
-----------------------
= Redémarrer en mode Sans Échec (le démarrage peut prendre plusieurs minutes)
Attention, pas d’accès à internet dans ce mode. Enregistrer ou imprimer les consignes. Relancer le Pc et tapoter la touche F8 ( ou F5 pour certains) , jusqu’à l’apparition des inscriptions avec choix de démarrage
Avec les touches « flèches », sélectionner Mode sans échec ==> entrée ==>nom utilisateur habituel
------------------------
Lancer Ccleaner ==> Analyse puis lancer le nettoyage
---------------------
Lancer AVG anti-spy

= Dans ANALYSE
==> Paramètres ==> sous COMMENT REAGIR==>Actions recommandées ==>Quarantaine
==> Clic : Analyse complète du système
En fin de scan ( qui est assez long)
==> Clic Appliquer toutes les actions
==> Clic Sauvegarder rapport puis Enregistrer sous et choisir bureau
En mode normal

tu poste le rapport AVG + un nouveau hijackthis

=======================================================
merci de mettre tous les rapports sous Spoiler

pour cela sélectionner la totalité de chaque rapport mis dans la case réponse
et clic sur le point d'interrogation en bas à droite de cette case
(à coté de TeX)