uggy34

OUBLI DE MA PART Je n'avais pas trouvé les fichiers à supprimer dans C:\WINDOWS\Downloaded Program Files, par contre ANTIVIR les a trouvés, je les ai supprimés après être passer en quarantaine. @+

salut ANTIVIR installé avec le nouveau lien - MAJ et scan réalisé en mode sans échec. ci-joint logfile. Bien qu'il date de 2000 le micro a retrouvé un peu de jeunesse et s'est fait une belle toilette, Je suis encore gêné par msn messanger que je n'utilise pas qui se trouve dans mon menu demarrage, je ne retouve pas l'endroit ou ilfautle décocher. MERCI Avira AntiVir Personal Report file date: vendredi 16 mai 2008 22:15 Scanning for 1165085 virus strains and unwanted programs. Licensed to: Avira AntiVir PersonalEdition Classic Serial number: 0000149996-ADJIE-0001 Platform: Windows XP Windows version: (plain) [5.1.2600] Boot mode: Save mode Username: JM Computer name: BONO Version information: BUILD.DAT : 8.1.00.295 16479 Bytes 09/04/2008 16:24:00 AVSCAN.EXE : 8.1.2.12 311553 Bytes 18/03/2008 09:02:56 AVSCAN.DLL : 8.1.1.0 53505 Bytes 07/02/2008 08:43:37 LUKE.DLL : 8.1.2.9 151809 Bytes 28/02/2008 08:41:23 LUKERES.DLL : 8.1.2.1 12033 Bytes 21/02/2008 08:28:40 ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34 ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 13:08:58 ANTIVIR2.VDF : 7.0.3.62 337408 Bytes 21/03/2008 19:12:34 ANTIVIR3.VDF : 7.0.3.68 57856 Bytes 25/03/2008 08:27:50 Engineversion : 8.1.0.28 AEVDF.DLL : 8.1.0.5 102772 Bytes 25/02/2008 09:58:21 AESCRIPT.DLL : 8.1.0.19 229754 Bytes 07/04/2008 15:34:44 AESCN.DLL : 8.1.0.12 115060 Bytes 07/04/2008 15:34:44 AERDL.DLL : 8.1.0.19 418164 Bytes 07/04/2008 15:34:44 AEPACK.DLL : 8.1.1.0 364918 Bytes 18/03/2008 11:20:42 AEOFFICE.DLL : 8.1.0.15 192889 Bytes 07/04/2008 15:34:44 AEHEUR.DLL : 8.1.0.15 1147253 Bytes 07/04/2008 15:34:44 AEHELP.DLL : 8.1.0.11 115061 Bytes 07/04/2008 15:34:43 AEGEN.DLL : 8.1.0.15 299379 Bytes 07/04/2008 15:34:43 AEEMU.DLL : 8.1.0.5 430450 Bytes 07/04/2008 15:34:43 AECORE.DLL : 8.1.0.25 168309 Bytes 08/04/2008 09:58:32 AVWINLL.DLL : 1.0.0.7 14593 Bytes 23/01/2008 17:07:53 AVPREF.DLL : 8.0.0.1 25857 Bytes 18/02/2008 10:37:50 AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:26:47 AVREG.DLL : 8.0.0.0 30977 Bytes 23/01/2008 17:07:49 AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23 AVEVTLOG.DLL : 8.0.0.11 114945 Bytes 28/02/2008 08:31:31 SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02 SMTPLIB.DLL : 1.2.0.19 28929 Bytes 23/01/2008 17:08:39 NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10 RCIMAGE.DLL : 8.0.0.35 2371841 Bytes 10/03/2008 14:37:25 RCTEXT.DLL : 8.0.32.0 86273 Bytes 06/03/2008 12:02:11 Configuration settings for the scan: Jobname..........................: Local Drives Configuration file...............: c:\program files\avira\antivir personaledition classic\alldrives.avp Logging..........................: low Primary action...................: interactive Secondary action.................: ignore Scan master boot sector..........: on Scan boot sector.................: on Boot sectors.....................: C:, A:, D:, E:, F:, Scan memory......................: on Process scan.....................: on Scan registry....................: on Search for rootkits..............: off Scan all files...................: All files Scan archives....................: on Recursion depth..................: 20 Smart extensions.................: on Deviating archive types..........: +BSD Mailbox, +Netscape/Mozilla Mailbox, +Eudora Mailbox, +Squid cache, +Pegasus Mailbox, +MS Outlook Mailbox, Macro heuristic..................: on File heuristic...................: medium Deviating risk categories........: +APPL,+GAME,+JOKE,+PCK,+SPR, Start of the scan: vendredi 16 mai 2008 22:15 The scan of running processes will be started Scan process 'avscan.exe' - '1' Module(s) have been scanned Scan process 'avcenter.exe' - '1' Module(s) have been scanned Scan process 'avgnt.exe' - '1' Module(s) have been scanned Scan process 'explorer.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'lsass.exe' - '1' Module(s) have been scanned Scan process 'services.exe' - '1' Module(s) have been scanned Scan process 'winlogon.exe' - '1' Module(s) have been scanned Scan process 'csrss.exe' - '1' Module(s) have been scanned Scan process 'smss.exe' - '1' Module(s) have been scanned 11 processes with 11 modules were scanned Starting master boot sector scan: Master boot sector HD0 [iNFO] No virus was found! Start scanning boot sectors: Boot sector 'C:\' [iNFO] No virus was found! Boot sector 'A:\' [iNFO] In the drive 'A:\' no data medium is inserted! Starting to scan the registry. The registry was scanned ( '26' files ). Starting the file scan: Begin scan in 'C:\' C:\pagefile.sys [WARNING] The file could not be opened! C:\Program Files\Navilog1\reboot.exe [DETECTION] Contains detection pattern of the SPR/Tool.Reboot.C program [NOTE] The file was moved to '48906f82.qua'! C:\WINDOWS\Downloaded Program Files\UDC6V_0001_D19M0709NetInstaller.exe [DETECTION] Contains detection pattern of the SPR/Dldr.WinFixer.M.6 program [NOTE] The file was moved to '4871767a.qua'! C:\WINDOWS\Downloaded Program Files\USDR6V_0001_D18M3107NetInstaller.exe [DETECTION] Contains detection pattern of the SPR/Dldr.WinFixer.L.24 program [NOTE] The file was moved to '487276a8.qua'! C:\WINDOWS\Downloaded Program Files\CONFLICT.1\UDC6V_0001_D19M0709NetInstaller.exe [DETECTION] Contains detection pattern of the SPR/Dldr.WinFixer.M.6 program [NOTE] The file was moved to '4871769f.qua'! C:\WINDOWS\Downloaded Program Files\CONFLICT.1\USDR6V_0001_D18M3107NetInstaller.exe [DETECTION] Contains detection pattern of the SPR/Dldr.WinFixer.L.24 program [NOTE] The file was moved to '487276b6.qua'! C:\WINDOWS\Downloaded Program Files\CONFLICT.2\UDC6V_0001_D19M0709NetInstaller.exe [DETECTION] Contains detection pattern of the SPR/Dldr.WinFixer.M.6 program [NOTE] The file was moved to '487176ad.qua'! C:\WINDOWS\system32\drivers\sptd.sys [WARNING] The file could not be opened! C:\WINDOWS\system32\drivers\vaxscsi.sys [WARNING] The file could not be opened! Begin scan in 'A:\' Search path A:\ could not be opened! Le périphérique n'est pas prêt. Begin scan in 'D:\' Search path D:\ could not be opened! Le périphérique n'est pas prêt. Begin scan in 'E:\' Search path E:\ could not be opened! Le périphérique n'est pas prêt. Begin scan in 'F:\' Search path F:\ could not be opened! Le périphérique n'est pas prêt. End of the scan: samedi 17 mai 2008 08:23 Used time: 10:08:26 min The scan has been done completely. 4949 Scanning directories 99339 Files were scanned 6 viruses and/or unwanted programs were found 0 Files were classified as suspicious: 0 files were deleted 0 files were repaired 6 files were moved to quarantine 0 files were renamed 3 Files cannot be scanned 99333 Files not concerned 1883 Archives were scanned 3 Warnings 6 Notes

Salut , je t'apporte une bonne nouvelle , le micro s'arrête, j'ai réalisé les manips que tu m'as conseillées. navilog2 démarrage mode echec puis j'ai réinstallé avec le cd de driver le logiciel de la souris ( qui je viens de m'apercevoir n'est prévu pour XP) et je l'ai supprimé dans le panneau de config. LE MICRO S'ARRETE Encore merci pour ton aide, je conseillerai ce site à mes amis. Au niveau de la protection de mon micro, je n'ai que avast, je suis souvent polué par des pubs qui arrivent lorsque je suis sur le net. Faut-il que j'installe une application contre les spams et également du style ad-ware .

Bonjour, j'ai réalisé les manips dans l'ordre, le problème persiste, le scan de kaspersky n'a détecté aucun virus... ------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER REPORT Wednesday, May 14, 2008 7:06:35 AM Operating System: Microsoft Windows XP Professional, (Build 2600) Kaspersky Online Scanner version: 5.0.98.0 Kaspersky Anti-Virus database last update: 13/05/2008 Kaspersky Anti-Virus database records: 688920 ------------------------------------------------------------------------------- Scan Settings: Scan using the following antivirus database: standard Scan Archives: true Scan Mail Bases: true Scan Target - My Computer: A:\ C:\ D:\ E:\ F:\ Scan Statistics: Total number of scanned objects: 74545 Number of viruses found: 0 Number of infected objects: 0 Number of suspicious objects: 0 Duration of the scan process: 02:02:39 Infected Object Name / Virus Name / Last Action C:\Documents and Settings\JM\Application Data\Skype\jmddepoussan\call256.dbb Object is locked skipped C:\Documents and Settings\JM\Application Data\Skype\jmddepoussan\callmember256.dbb Object is locked skipped C:\Documents and Settings\JM\Application Data\Skype\jmddepoussan\chat256.dbb Object is locked skipped C:\Documents and Settings\JM\Application Data\Skype\jmddepoussan\chat512.dbb Object is locked skipped C:\Documents and Settings\JM\Application Data\Skype\jmddepoussan\chatmember256.dbb Object is locked skipped C:\Documents and Settings\JM\Application Data\Skype\jmddepoussan\chatmsg256.dbb Object is locked skipped C:\Documents and Settings\JM\Application Data\Skype\jmddepoussan\chatmsg512.dbb Object is locked skipped C:\Documents and Settings\JM\Application Data\Skype\jmddepoussan\chatsync\09\09794a2bd79b7ca2.dat Object is locked skipped C:\Documents and Settings\JM\Application Data\Skype\jmddepoussan\chatsync\1e\1e5e4aade02d4d2c.dat Object is locked skipped C:\Documents and Settings\JM\Application Data\Skype\jmddepoussan\chatsync\a6\a607c52922db9598.dat Object is locked skipped C:\Documents and Settings\JM\Application Data\Skype\jmddepoussan\contactgroup256.dbb Object is locked skipped C:\Documents and Settings\JM\Application Data\Skype\jmddepoussan\dyncontent\bundle.dat Object is locked skipped C:\Documents and Settings\JM\Application Data\Skype\jmddepoussan\index2.dat Object is locked skipped C:\Documents and Settings\JM\Application Data\Skype\jmddepoussan\profile16384.dbb Object is locked skipped C:\Documents and Settings\JM\Application Data\Skype\jmddepoussan\transfer1024.dbb Object is locked skipped C:\Documents and Settings\JM\Application Data\Skype\jmddepoussan\transfer256.dbb Object is locked skipped C:\Documents and Settings\JM\Application Data\Skype\jmddepoussan\transfer512.dbb Object is locked skipped C:\Documents and Settings\JM\Application Data\Skype\jmddepoussan\user1024.dbb Object is locked skipped C:\Documents and Settings\JM\Application Data\Skype\jmddepoussan\user16384.dbb Object is locked skipped C:\Documents and Settings\JM\Application Data\Skype\jmddepoussan\user256.dbb Object is locked skipped C:\Documents and Settings\JM\Application Data\Skype\jmddepoussan\user4096.dbb Object is locked skipped C:\Documents and Settings\JM\Application Data\Skype\jmddepoussan\voicemail256.dbb Object is locked skipped C:\Documents and Settings\JM\Cookies\index.dat Object is locked skipped C:\Documents and Settings\JM\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\JM\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\JM\Local Settings\Historique\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\JM\Local Settings\Historique\History.IE5\MSHist012008051420080515\index.dat Object is locked skipped C:\Documents and Settings\JM\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\JM\NTUSER.DAT Object is locked skipped C:\Documents and Settings\JM\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\logs\starwind.2008-05-13.23-45-33.log Object is locked skipped C:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat Object is locked skipped C:\Program Files\Alwil Software\Avast4\DATA\Avast4.db Object is locked skipped C:\Program Files\Alwil Software\Avast4\DATA\log\AshWebSv.ws Object is locked skipped C:\Program Files\Alwil Software\Avast4\DATA\log\aswAr.log Object is locked skipped C:\Program Files\Alwil Software\Avast4\DATA\log\aswMaiSv.log Object is locked skipped C:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log Object is locked skipped C:\Program Files\Alwil Software\Avast4\DATA\report\Protection résidente.txt Object is locked skipped C:\System Volume Information\_restore{DDCEC2FD-0632-42D0-B7DD-E3D7E2E11F0C}\RP471\change.log Object is locked skipped C:\WINDOWS\Debug\oakley.log Object is locked skipped C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped C:\WINDOWS\SchedLgU.Txt Object is locked skipped C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped C:\WINDOWS\Sti_Trace.log Object is locked skipped C:\WINDOWS\system32\config\Antivirus.Evt Object is locked skipped C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\default Object is locked skipped C:\WINDOWS\system32\config\default.LOG Object is locked skipped C:\WINDOWS\system32\config\SAM Object is locked skipped C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\SECURITY Object is locked skipped C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped C:\WINDOWS\system32\config\software Object is locked skipped C:\WINDOWS\system32\config\software.LOG Object is locked skipped C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\system Object is locked skipped C:\WINDOWS\system32\config\system.LOG Object is locked skipped C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat Object is locked skipped C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat Object is locked skipped C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\WINDOWS\system32\drivers\sptd.sys Object is locked skipped C:\WINDOWS\system32\drivers\vaxscsi.sys Object is locked skipped C:\WINDOWS\system32\h323log.txt Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped C:\WINDOWS\Temp\Perflib_Perfdata_560.dat Object is locked skipped C:\WINDOWS\Temp\_avast4_\Webshlock.txt Object is locked skipped C:\WINDOWS\wiadebug.log Object is locked skipped C:\WINDOWS\wiaservc.log Object is locked skipped C:\WINDOWS\WindowsUpdate.log Object is locked skipped Scan process completed. CI-JOINT EGALEMENT LE FIXNAVI Search Navipromo version 3.5.7 commencé le 13/05/2008 à 21:47:57,28 !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!! !!! Postez ce rapport sur le forum pour le faire analyser !!! !!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!! Outil exécuté depuis C:\Program Files\navilog1 Session actuelle : "JM" Mise à jour le 11.05.2008 à 18h00 par IL-MAFIOSO Microsoft Windows XP [version 5.1.2600] Internet Explorer : 6.0.2600.0000 Système de fichiers : NTFS Recherche executé en mode normal *** Recherche Programmes installés *** Instant Access *** Recherche dossiers dans "C:\WINDOWS" *** *** Recherche dossiers dans "C:\Program Files" *** *** Recherche dossiers dans "c:\docume~1\alluse~1\applic~1" *** *** Recherche dossiers dans "c:\docume~1\alluse~1\menudm~1\progra~1" *** *** Recherche dossiers dans "C:\Documents and Settings\JM\applic~1" *** *** Recherche dossiers dans "C:\DOCUME~1\ELISA\applic~1" *** *** Recherche dossiers dans "C:\DOCUME~1\MATIAS\applic~1" *** *** Recherche dossiers dans "C:\DOCUME~1\VAL\applic~1" *** *** Recherche dossiers dans "C:\Documents and Settings\JM\locals~1\applic~1" *** *** Recherche dossiers dans "C:\DOCUME~1\ELISA\locals~1\applic~1" *** *** Recherche dossiers dans "C:\DOCUME~1\MATIAS\locals~1\applic~1" *** *** Recherche dossiers dans "C:\DOCUME~1\VAL\locals~1\applic~1" *** *** Recherche dossiers dans "C:\Documents and Settings\JM\menudm~1\progra~1" *** *** Recherche dossiers dans "C:\DOCUME~1\ELISA\menudm~1\progra~1" *** *** Recherche dossiers dans "C:\DOCUME~1\MATIAS\menudm~1\progra~1" *** *** Recherche dossiers dans "C:\DOCUME~1\VAL\menudm~1\progra~1" *** *** Recherche avec Catchme-rootkit/stealth malware detector par gmer *** pour + d'infos : http://www.gmer.net Fichier(s) caché(s) : C:\Program Files\Navilog1\Backupnavi\iccwhhlv.dat C:\Program Files\Navilog1\Backupnavi\iccwhhlv.exe C:\Program Files\Navilog1\Backupnavi\iccwhhlv_nav.dat C:\Program Files\Navilog1\Backupnavi\iccwhhlv_navps.dat C:\WINDOWS\system32\iccwhhlv.dat C:\WINDOWS\system32\iccwhhlv.exe C:\WINDOWS\system32\iccwhhlv_navps.dat *** Recherche avec GenericNaviSearch *** !!! Tous ces résultats peuvent révéler des fichiers légitimes !!! !!! A vérifier impérativement avant toute suppression manuelle !!! * Recherche dans "C:\WINDOWS\system32" * Fichiers trouvés : iccwhhlv.exe trouvé ! * Recherche dans "C:\Documents and Settings\JM\locals~1\applic~1" * * Recherche dans "C:\DOCUME~1\ELISA\locals~1\applic~1" * * Recherche dans "C:\DOCUME~1\MATIAS\locals~1\applic~1" * * Recherche dans "C:\DOCUME~1\VAL\locals~1\applic~1" * *** Recherche fichiers *** *** Recherche clés spécifiques dans le Registre *** HKEY_CURRENT_USER\Software\Lanconfig trouvé ! *** Module de Recherche complémentaire *** (Recherche fichiers spécifiques) 1)Recherche nouveaux fichiers Instant Access : 2)Recherche Heuristique : * Dans "C:\WINDOWS\system32" : iccwhhlv.dat trouvé ! * Dans "C:\Documents and Settings\JM\locals~1\applic~1" : * Dans "C:\DOCUME~1\ELISA\locals~1\applic~1" : * Dans "C:\DOCUME~1\MATIAS\locals~1\applic~1" : * Dans "C:\DOCUME~1\VAL\locals~1\applic~1" : 3)Recherche Certificats : Certificat Egroup trouvé ! Certificat Electronic-Group trouvé ! Certificat OOO-Favorit trouvé ! Certificat Sunny-Day-Design-Ltd absent ! 4)Recherche fichiers connus : *** Analyse terminée le 13/05/2008 à 21:59:00,35 ***