anelia

je veux pas abuser tu m'as déjà bien aidé merci j'ai essayé de faire un scan hier avec securitoo pour voir s'il trouvauit encore des trucs mais mon ordi c'est éteind tout seul avant la fin... mais dans l'ensemble je trouve qu'il rame encore, je me damande si je ne vais pas sauvegarder tous mes fichiers et le reformater car ça commence à me gonfler tout ça! (d'ailleurs en ce moment il met un temps fou à écrire ce que je tape) pff je comprends pas pourquoi on a tant de virus et autres vers alors qu'on a un antivirus firwall, est-ce normal?

< EmptyTemp > Temp folders emptied. IE temp folders emptied. File/Folder C:\Documents and Settings\Administrateur\Local Settings\Temp\msl-2696-2 not found. < C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\0D23OPUF\mc-110-12-0000168[1].exe > C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\0D23OPUF\mc-110-12-0000168[1].exe moved successfully. < C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\0D23OPUF\mc-110-12-0000168[2].exe > C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\0D23OPUF\mc-110-12-0000168[2].exe moved successfully. < C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\0D23OPUF\mc-110-12-0000168[3].exe > C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\0D23OPUF\mc-110-12-0000168[3].exe moved successfully. < C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\0D23OPUF\mc-110-12-0000168[4].exe > C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\0D23OPUF\mc-110-12-0000168[4].exe moved successfully. < C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\0XY3816R\mc-110-12-0000168[1].exe > C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\0XY3816R\mc-110-12-0000168[1].exe moved successfully. OTMoveIt2 by OldTimer - Version 1.0.4.3 log created on 09062008_160230

< EmptyTemp > Temp folders emptied. IE temp folders emptied. C:\Documents and Settings\Administrateur\Local Settings\Temp\msl-2696-2 moved successfully. < C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\0D23OPUF\mc-110-12-0000168[1].exe C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\0D23OPUF\mc-110-12-0000168[2].exe > File/Folder C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\0D23OPUF\mc-110-12-0000168[1].exe C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\0D23OPUF\mc-110-12-0000168[2].exe not found. < C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\0D23OPUF\mc-110-12-0000168[3].exe C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\0D23OPUF\mc-110-12-0000168[4].exe C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\0XY3816R\mc-110-12-0000168[1].exe > File/Folder C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\0D23OPUF\mc-110-12-0000168[3].exe C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\0D23OPUF\mc-110-12-0000168[4].exe C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\0XY3816R\mc-110-12-0000168[1].exe not found. OTMoveIt2 by OldTimer - Version 1.0.4.3 log created on 09052008_231125 olala encore erci, j'y comprends vraiment rien

------------------------------------------------------------------------------- KASPERSKY ON-LINE SCANNER REPORT Friday, September 05, 2008 8:16:29 PM Système d'exploitation : Microsoft Windows XP Home Edition, Service Pack 1 (Build 2600) Kaspersky On-line Scanner version : 5.0.84.2 Dernière mise à jour de la base antivirus Kaspersky : 5/09/2008 Enregistrements dans la base antivirus Kaspersky : 1065909 ------------------------------------------------------------------------------- Paramètres d'analyse: Analyser avec la base antivirus suivante: standard Analyser les archives: vrai Analyser les bases de messagerie: vrai Cible de l'analyse - Poste de travail: A:\ C:\ D:\ E:\ F:\ Statistiques de l'analyse: Total d'objets analysés: 76977 Nombre de virus trouvés: 2 Nombre d'objets infectés: 29 / 0 Nombre d'objets suspects: 0 Durée de l'analyse: 02:00:34 Nom de l'objet infecté / Nom du virus / Dernière action C:\Documents and Settings\Administrateur\Local Settings\Temp\msl-2696-2/data0002/data0006 Infecté : Trojan-Dropper.Win32.VB.kk ignoré C:\Documents and Settings\Administrateur\Local Settings\Temp\msl-2696-2/data0002 Infecté : Trojan-Dropper.Win32.VB.kk ignoré C:\Documents and Settings\Administrateur\Local Settings\Temp\msl-2696-2 NSIS: infecté - 2 ignoré C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\0D23OPUF\mc-110-12-0000168[1].exe/data0001 Infecté : Trojan-Downloader.NSIS.Agent.p ignoré C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\0D23OPUF\mc-110-12-0000168[1].exe NSIS: infecté - 1 ignoré C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\0D23OPUF\mc-110-12-0000168[2].exe/data0001 Infecté : Trojan-Downloader.NSIS.Agent.p ignoré C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\0D23OPUF\mc-110-12-0000168[2].exe NSIS: infecté - 1 ignoré C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\0D23OPUF\mc-110-12-0000168[3].exe/data0001 Infecté : Trojan-Downloader.NSIS.Agent.p ignoré C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\0D23OPUF\mc-110-12-0000168[3].exe NSIS: infecté - 1 ignoré C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\0D23OPUF\mc-110-12-0000168[4].exe/data0001 Infecté : Trojan-Downloader.NSIS.Agent.p ignoré C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\0D23OPUF\mc-110-12-0000168[4].exe NSIS: infecté - 1 ignoré C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\0XY3816R\mc-110-12-0000168[1].exe/data0001 Infecté : Trojan-Downloader.NSIS.Agent.p ignoré C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\0XY3816R\mc-110-12-0000168[1].exe NSIS: infecté - 1 ignoré C:\Documents and Settings\LocalService.AUTORITE NT.000\Cookies\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\LocalService.AUTORITE NT.000\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré C:\Documents and Settings\LocalService.AUTORITE NT.000\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré C:\Documents and Settings\LocalService.AUTORITE NT.000\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\LocalService.AUTORITE NT.000\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\LocalService.AUTORITE NT.000\NTUSER.DAT L'objet est verrouillé ignoré C:\Documents and Settings\LocalService.AUTORITE NT.000\ntuser.dat.LOG L'objet est verrouillé ignoré C:\Documents and Settings\Lucie Paquet\Application Data\ispnews\ispn.ini L'objet est verrouillé ignoré C:\Documents and Settings\Lucie Paquet\Application Data\ispnews\ispnc.items L'objet est verrouillé ignoré C:\Documents and Settings\Lucie Paquet\Application Data\ispnews\ispnr.items L'objet est verrouillé ignoré C:\Documents and Settings\Lucie Paquet\Cookies\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\Lucie Paquet\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré C:\Documents and Settings\Lucie Paquet\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré C:\Documents and Settings\Lucie Paquet\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\Lucie Paquet\Local Settings\Historique\History.IE5\MSHist012008090520080906\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\Lucie Paquet\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\Lucie Paquet\NTUSER.DAT L'objet est verrouillé ignoré C:\Documents and Settings\Lucie Paquet\ntuser.dat.LOG L'objet est verrouillé ignoré C:\Documents and Settings\NetworkService.AUTORITE NT.000\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré C:\Documents and Settings\NetworkService.AUTORITE NT.000\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré C:\Documents and Settings\NetworkService.AUTORITE NT.000\NTUSER.DAT L'objet est verrouillé ignoré C:\Documents and Settings\NetworkService.AUTORITE NT.000\ntuser.dat.LOG L'objet est verrouillé ignoré C:\Program Files\Securitoo\av_fw\Anti-Virus\dbupdate.log L'objet est verrouillé ignoré C:\Program Files\Securitoo\av_fw\Anti-Virus\Qrt.log L'objet est verrouillé ignoré C:\Program Files\Securitoo\av_fw\backweb\7431218\Users\Default\Data\cache.dat L'objet est verrouillé ignoré C:\Program Files\Securitoo\av_fw\backweb\7431218\Users\Default\Data\chandir.dat L'objet est verrouillé ignoré C:\Program Files\Securitoo\av_fw\backweb\7431218\Users\Default\Data\chandir.idx L'objet est verrouillé ignoré C:\Program Files\Securitoo\av_fw\backweb\7431218\Users\Default\Data\chn.dat L'objet est verrouillé ignoré C:\Program Files\Securitoo\av_fw\backweb\7431218\Users\Default\Data\chn.idx L'objet est verrouillé ignoré C:\Program Files\Securitoo\av_fw\backweb\7431218\Users\Default\Data\D0000000.FCS L'objet est verrouillé ignoré C:\Program Files\Securitoo\av_fw\backweb\7431218\Users\Default\Data\fsbwupst.log L'objet est verrouillé ignoré C:\Program Files\Securitoo\av_fw\backweb\7431218\Users\Default\Data\inuse.txt L'objet est verrouillé ignoré C:\Program Files\Securitoo\av_fw\backweb\7431218\Users\Default\Data\L0000044.FCS L'objet est verrouillé ignoré C:\Program Files\Securitoo\av_fw\backweb\7431218\Users\Default\Data\main.log L'objet est verrouillé ignoré C:\Program Files\Securitoo\av_fw\backweb\7431218\Users\Default\Data\prs.dat L'objet est verrouillé ignoré C:\Program Files\Securitoo\av_fw\backweb\7431218\Users\Default\Data\prs.idx L'objet est verrouillé ignoré C:\Program Files\Securitoo\av_fw\backweb\7431218\Users\Default\Data\prs_die.dat L'objet est verrouillé ignoré C:\Program Files\Securitoo\av_fw\backweb\7431218\Users\Default\Data\prs_die.idx L'objet est verrouillé ignoré C:\Program Files\Securitoo\av_fw\backweb\7431218\Users\Default\Data\prs_dnd.dat L'objet est verrouillé ignoré C:\Program Files\Securitoo\av_fw\backweb\7431218\Users\Default\Data\prs_dnd.idx L'objet est verrouillé ignoré C:\Program Files\Securitoo\av_fw\backweb\7431218\Users\Default\Data\prs_ext.dat L'objet est verrouillé ignoré C:\Program Files\Securitoo\av_fw\backweb\7431218\Users\Default\Data\prs_ext.idx L'objet est verrouillé ignoré C:\Program Files\Securitoo\av_fw\backweb\7431218\Users\Default\Data\prs_rcv.dat L'objet est verrouillé ignoré C:\Program Files\Securitoo\av_fw\backweb\7431218\Users\Default\Data\prs_rcv.idx L'objet est verrouillé ignoré C:\Program Files\Securitoo\av_fw\backweb\7431218\Users\Default\Data\storydb.dat L'objet est verrouillé ignoré C:\Program Files\Securitoo\av_fw\backweb\7431218\Users\Default\Data\storydb.idx L'objet est verrouillé ignoré C:\Program Files\Securitoo\av_fw\Common\admin.pub L'objet est verrouillé ignoré C:\Program Files\Securitoo\av_fw\Common\policy.bpf L'objet est verrouillé ignoré C:\Program Files\Securitoo\av_fw\Common\policy.ipf L'objet est verrouillé ignoré C:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré C:\System Volume Information\_restore{31F30866-EA22-4AB6-A780-E61895D42D0E}\RP1\A0001044.exe L'objet est verrouillé ignoré C:\System Volume Information\_restore{31F30866-EA22-4AB6-A780-E61895D42D0E}\RP1\A0001045.exe L'objet est verrouillé ignoré C:\System Volume Information\_restore{31F30866-EA22-4AB6-A780-E61895D42D0E}\RP1\A0003051.exe/data0002/data0006 Infecté : Trojan-Dropper.Win32.VB.kk ignoré C:\System Volume Information\_restore{31F30866-EA22-4AB6-A780-E61895D42D0E}\RP1\A0003051.exe/data0002 Infecté : Trojan-Dropper.Win32.VB.kk ignoré C:\System Volume Information\_restore{31F30866-EA22-4AB6-A780-E61895D42D0E}\RP1\A0003051.exe NSIS: infecté - 2 ignoré C:\System Volume Information\_restore{31F30866-EA22-4AB6-A780-E61895D42D0E}\RP1\A0003052.exe L'objet est verrouillé ignoré C:\System Volume Information\_restore{31F30866-EA22-4AB6-A780-E61895D42D0E}\RP1\A0003056.exe L'objet est verrouillé ignoré C:\System Volume Information\_restore{31F30866-EA22-4AB6-A780-E61895D42D0E}\RP1\A0003057.exe L'objet est verrouillé ignoré C:\System Volume Information\_restore{31F30866-EA22-4AB6-A780-E61895D42D0E}\RP1\A0003059.exe L'objet est verrouillé ignoré C:\System Volume Information\_restore{31F30866-EA22-4AB6-A780-E61895D42D0E}\RP1\A0003062.exe L'objet est verrouillé ignoré C:\System Volume Information\_restore{31F30866-EA22-4AB6-A780-E61895D42D0E}\RP1\A0003063.exe L'objet est verrouillé ignoré C:\System Volume Information\_restore{31F30866-EA22-4AB6-A780-E61895D42D0E}\RP1\A0003064.exe/data0001 Infecté : Trojan-Downloader.NSIS.Agent.p ignoré C:\System Volume Information\_restore{31F30866-EA22-4AB6-A780-E61895D42D0E}\RP1\A0003064.exe NSIS: infecté - 1 ignoré C:\System Volume Information\_restore{31F30866-EA22-4AB6-A780-E61895D42D0E}\RP1\A0004048.exe L'objet est verrouillé ignoré C:\System Volume Information\_restore{31F30866-EA22-4AB6-A780-E61895D42D0E}\RP1\A0004049.exe L'objet est verrouillé ignoré C:\System Volume Information\_restore{31F30866-EA22-4AB6-A780-E61895D42D0E}\RP1\A0004053.exe L'objet est verrouillé ignoré C:\System Volume Information\_restore{31F30866-EA22-4AB6-A780-E61895D42D0E}\RP1\A0004054.exe L'objet est verrouillé ignoré C:\System Volume Information\_restore{31F30866-EA22-4AB6-A780-E61895D42D0E}\RP1\A0004055.exe/data0001 Infecté : Trojan-Downloader.NSIS.Agent.p ignoré C:\System Volume Information\_restore{31F30866-EA22-4AB6-A780-E61895D42D0E}\RP1\A0004055.exe NSIS: infecté - 1 ignoré C:\System Volume Information\_restore{31F30866-EA22-4AB6-A780-E61895D42D0E}\RP1\A0005049.exe L'objet est verrouillé ignoré C:\System Volume Information\_restore{31F30866-EA22-4AB6-A780-E61895D42D0E}\RP1\A0005070.exe/data0001 Infecté : Trojan-Downloader.NSIS.Agent.p ignoré C:\System Volume Information\_restore{31F30866-EA22-4AB6-A780-E61895D42D0E}\RP1\A0005070.exe NSIS: infecté - 1 ignoré C:\System Volume Information\_restore{31F30866-EA22-4AB6-A780-E61895D42D0E}\RP1\A0005073.exe L'objet est verrouillé ignoré C:\System Volume Information\_restore{31F30866-EA22-4AB6-A780-E61895D42D0E}\RP1\A0005074.exe L'objet est verrouillé ignoré C:\System Volume Information\_restore{31F30866-EA22-4AB6-A780-E61895D42D0E}\RP1\A0006076.exe L'objet est verrouillé ignoré C:\System Volume Information\_restore{31F30866-EA22-4AB6-A780-E61895D42D0E}\RP1\A0006077.exe L'objet est verrouillé ignoré C:\System Volume Information\_restore{31F30866-EA22-4AB6-A780-E61895D42D0E}\RP1\A0006079.exe L'objet est verrouillé ignoré C:\System Volume Information\_restore{31F30866-EA22-4AB6-A780-E61895D42D0E}\RP1\A0006081.exe L'objet est verrouillé ignoré C:\System Volume Information\_restore{31F30866-EA22-4AB6-A780-E61895D42D0E}\RP1\A0006084.exe/data0001 Infecté : Trojan-Downloader.NSIS.Agent.p ignoré C:\System Volume Information\_restore{31F30866-EA22-4AB6-A780-E61895D42D0E}\RP1\A0006084.exe NSIS: infecté - 1 ignoré C:\System Volume Information\_restore{94AB45AC-D5BF-496C-B4D7-46C0187BD1AD}\RP133\A0043960.exe/data0002/data0006 Infecté : Trojan-Dropper.Win32.VB.kk ignoré C:\System Volume Information\_restore{94AB45AC-D5BF-496C-B4D7-46C0187BD1AD}\RP133\A0043960.exe/data0002 Infecté : Trojan-Dropper.Win32.VB.kk ignoré C:\System Volume Information\_restore{94AB45AC-D5BF-496C-B4D7-46C0187BD1AD}\RP133\A0043960.exe NSIS: infecté - 2 ignoré C:\System Volume Information\_restore{94AB45AC-D5BF-496C-B4D7-46C0187BD1AD}\RP135\change.log L'objet est verrouillé ignoré C:\System Volume Information\_restore{B0E43F59-E5C8-4B28-B4B7-4257E5C031A1}\RP6\A0004800.exe L'objet est verrouillé ignoré C:\System Volume Information\_restore{B0E43F59-E5C8-4B28-B4B7-4257E5C031A1}\RP6\A0004801.exe L'objet est verrouillé ignoré C:\System Volume Information\_restore{B0E43F59-E5C8-4B28-B4B7-4257E5C031A1}\RP6\A0004802.exe/data0001 Infecté : Trojan-Downloader.NSIS.Agent.p ignoré C:\System Volume Information\_restore{B0E43F59-E5C8-4B28-B4B7-4257E5C031A1}\RP6\A0004802.exe NSIS: infecté - 1 ignoré C:\System Volume Information\_restore{B0E43F59-E5C8-4B28-B4B7-4257E5C031A1}\RP6\A0004804.exe L'objet est verrouillé ignoré C:\System Volume Information\_restore{B0E43F59-E5C8-4B28-B4B7-4257E5C031A1}\RP6\A0004805.exe L'objet est verrouillé ignoré C:\System Volume Information\_restore{B0E43F59-E5C8-4B28-B4B7-4257E5C031A1}\RP6\A0004806.exe L'objet est verrouillé ignoré C:\System Volume Information\_restore{C53A14E3-AB2E-412E-9559-FEB406C596FF}\RP260\A0030991.exe L'objet est verrouillé ignoré C:\System Volume Information\_restore{C53A14E3-AB2E-412E-9559-FEB406C596FF}\RP260\A0030993.exe L'objet est verrouillé ignoré C:\System Volume Information\_restore{C53A14E3-AB2E-412E-9559-FEB406C596FF}\RP260\A0030994.exe L'objet est verrouillé ignoré C:\System Volume Information\_restore{C53A14E3-AB2E-412E-9559-FEB406C596FF}\RP260\A0030995.exe L'objet est verrouillé ignoré C:\System Volume Information\_restore{C53A14E3-AB2E-412E-9559-FEB406C596FF}\RP264\A0032104.exe L'objet est verrouillé ignoré C:\WINDOWS\Debug\oakley.log L'objet est verrouillé ignoré C:\WINDOWS\Debug\PASSWD.LOG L'objet est verrouillé ignoré C:\WINDOWS\SchedLgU.Txt L'objet est verrouillé ignoré C:\WINDOWS\SoftwareDistribution\EventCache\{E1AA6023-0E16-4673-9CD3-1B9B1D5487A7}.bin L'objet est verrouillé ignoré C:\WINDOWS\SoftwareDistribution\ReportingEvents.log L'objet est verrouillé ignoré C:\WINDOWS\Sti_Trace.log L'objet est verrouillé ignoré C:\WINDOWS\system32\config\AppEvent.Evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\default L'objet est verrouillé ignoré C:\WINDOWS\system32\config\default.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SAM L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SAM.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SecEvent.Evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SECURITY L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SECURITY.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\software L'objet est verrouillé ignoré C:\WINDOWS\system32\config\software.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SysEvent.Evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\system L'objet est verrouillé ignoré C:\WINDOWS\system32\config\system.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\h323log.txt L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA L'objet est verrouillé ignoré C:\WINDOWS\wiadebug.log L'objet est verrouillé ignoré C:\WINDOWS\wiaservc.log L'objet est verrouillé ignoré C:\WINDOWS\WindowsUpdate.log L'objet est verrouillé ignoré D:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré Analyse terminée.

j'arrive pas j'ai un message me disant qu'il n'arrive pas à mettre à jour la définition des virus et après plus rien.. il ne fait pas l'analyse

bon j'ai tout fait voilà le rapport MSNFix 1.742 C:\Documents and Settings\Lucie Paquet\Bureau\MSNFix Fix exécuté le 05/09/2008 - 14:33:11.21 By Lucie Paquet mode normal ************************ Recherche les fichiers présents Aucun Fichier trouvé ************************ Recherche les dossiers présents Aucun dossier trouvé ************************ Hostsclean Cleanhosts v 0.1.0.7 By Laurent -- Backup : C:\WINDOWS\System32\drivers\etc\hosts-20080905143400 -- original size 0.77 Kb / 20 lines -- Start cleaning Hosts file .... -- final size 0.77 Kb / 20 lines -- entry Found : 0 / Entry check : 310 End .............................. 11.06 Secondes Les fichiers encore présents seront supprimés au prochain redémarrage Aucun Fichier trouvé ************************ Hostsclean Cleanhosts v 0.1.0.7 By Laurent -- Backup : C:\WINDOWS\System32\drivers\etc\hosts-20080905143643 -- original size 0.77 Kb / 20 lines -- Start cleaning Hosts file .... -- final size 0.77 Kb / 20 lines -- entry Found : 0 / Entry check : 310 End .............................. 19.03 Secondes ************************ Fichiers suspects Aucun Fichier trouvé Les fichiers et clés de registre supprimés ont été sauvegardés dans le fichier 05092008_143703.53.zip ************************ HKLM\...\Winlogon\Userinit Userinit = C:\WINDOWS\system32\userinit.exe, Important : http://msnfix.changelog.fr/index.php/2008/05/18/32-alerte ------------------------------------------------------------------------ Auteur : !aur3n7 Contact: http://changelog.fr ------------------------------------------------------------------------ --------------------------------------------- END ---------------------------------------------

merci, voici le 1er rapport : OTViewIt logfile created on: 05/09/2008 07:21:47 - Run 1 OTViewIt by OldTimer - Version 1.0.1.8 Folder = C:\Documents and Settings\Lucie Paquet\Bureau Windows XP Home Edition Service Pack 1 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2800.1106) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 223.48 Mb Total Physical Memory | 104.21 Mb Available Physical Memory | 46.63% Memory free 547.12 Mb Paging File | 321.59 Mb Available in Paging File | 58.78% Paging File free Paging file location(s): C:\pagefile.sys 336 672; %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 14.65 Gb Total Space | 5.09 Gb Free Space | 34.77% Space Free | Partition Type: NTFS Drive D: | 59.90 Gb Total Space | 16.47 Gb Free Space | 27.49% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: LUCIE Current User Name: Lucie Paquet Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Whitelist: On ===== Processes - Non-Microsoft Only ===== [12/02/2007 10:56 AM | 00,032,807 | ---- | M] (Securitoo Portal) - C:\Program Files\Securitoo\av_fw\backweb\7431218\Program\ServiceWrapper-7431218.exe [12/02/2007 10:56 AM | 00,278,581 | ---- | M] (F-Secure Corp.) - C:\Program Files\Securitoo\av_fw\backweb\7431218\Program\fsbwsys.exe [03/26/2008 09:32 AM | 00,290,304 | ---- | M] (F-Secure Corp.) - C:\Program Files\Securitoo\av_fw\Anti-Virus\fsgk32.exe [12/02/2007 10:56 AM | 00,032,807 | ---- | M] (Securitoo Portal) - C:\Program Files\Securitoo\av_fw\backweb\7431218\Program\fspex.exe [03/26/2008 09:32 AM | 00,248,320 | ---- | M] (F-Secure Corp.) - C:\Program Files\Securitoo\av_fw\Anti-Virus\fssm32.exe [03/03/2004 08:09 AM | 05,730,304 | ---- | M] (VIA Technologies, Inc.) - C:\Program Files\VIAudioi\SBADeck\ADeck.exe [02/08/2005 06:00 AM | 00,098,304 | ---- | M] (SEIKO EPSON CORPORATION) - C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FATIACE.EXE ===== Win32 Services - Non-Microsoft Only ===== (BackWeb Plug-in - 7431218) Antivirus Firewall [Auto | Running] [12/02/2007 10:56 AM | 00,032,807 | ---- | M] (Securitoo Portal) - C:\Program Files\Securitoo\av_fw\backweb\7431218\Program\ServiceWrapper-7431218.exe (FSBWSYS) FSBWSYS [Auto | Running] [12/02/2007 10:56 AM | 00,278,581 | ---- | M] (F-Secure Corp.) - C:\Program Files\Securitoo\av_fw\backweb\7431218\Program\fsbwsys.exe ===== Driver Services - Non-Microsoft Only ===== (catchme) catchme [On_Demand | Stopped] File not found - C:\DOCUME~1\LUCIEP~1\LOCALS~1\Temp\catchme.sys (F-Secure Filter) F-Secure File System Filter [Auto | Running] [09/10/2004 05:14 PM | 00,048,720 | ---- | M] () - C:\Program Files\Securitoo\av_fw\Anti-Virus\win2k\FSfilter.sys (F-Secure Gatekeeper) F-Secure Gatekeeper [Auto | Running] [03/26/2008 09:32 AM | 00,055,424 | ---- | M] () - C:\Program Files\Securitoo\av_fw\Anti-Virus\win2k\fsgk.sys (F-Secure Recognizer) F-Secure File System Recognizer [Auto | Running] [06/01/2004 11:03 AM | 00,016,816 | ---- | M] () - C:\Program Files\Securitoo\av_fw\Anti-Virus\win2k\FSrec.sys (FETNDIS) Pilote NT de carte VIA PCI 10/100Mo Fast Ethernet [On_Demand | Running] [08/17/2001 09:13 PM | 00,027,165 | ---- | M] (VIA Technologies, Inc. ) - C:\WINDOWS\system32\drivers\fetnd5.sys (GMSIPCI) GMSIPCI [On_Demand | Stopped] File not found - E:\INSTALL\GMSIPCI.SYS (NTACCESS) NTACCESS [On_Demand | Stopped] File not found - E:\NTACCESS.sys (Secdrv) Secdrv [On_Demand | Stopped] [04/24/2003 02:00 PM | 00,027,440 | ---- | M] () - C:\WINDOWS\system32\drivers\secdrv.sys (SetupNTGLM7X) SetupNTGLM7X [On_Demand | Stopped] File not found - E:\NTGLM7X.sys (Stmatm) ATM/ADSL miniport [On_Demand | Running] [09/19/2003 01:24 PM | 00,060,223 | R--- | M] (STMicroelectronics ) - C:\WINDOWS\system32\drivers\stmatm.sys (TaurusUsb) ADSL Modem USB Service [On_Demand | Running] [09/19/2003 01:24 PM | 00,539,138 | R--- | M] () - C:\WINDOWS\system32\drivers\torususb.sys (VIAudio) Vinyl AC'97 Audio Controller (WDM) [On_Demand | Running] [02/11/2004 07:51 AM | 00,115,840 | R--- | M] (VIA Technologies, Inc.) - C:\WINDOWS\system32\drivers\viaudios.sys ========== Run Keys ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AdslTaskBar" = rundll32.exe stmctrl.dll,TaskBar [09/19/2003 01:24 PM | 00,151,552 | ---- | M] (BeWAN systems ) "AudioDeck" = C:\Program Files\VIAudioi\SBADeck\ADeck.exe [03/03/2004 08:09 AM | 05,730,304 | ---- | M] (VIA Technologies, Inc.) "EPSON Stylus DX3800 Series" = C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P26 "EPSON Stylus DX3800 Series" /O6 "USB001" /M "Stylus DX3800" [02/08/2005 06:00 AM | 00,098,304 | ---- | M] (SEIKO EPSON CORPORATION) "F-Secure Manager" = "C:\Program Files\Securitoo\av_fw\Common\FSM32.EXE" /splash [10/26/2005 03:51 AM | 00,122,929 | ---- | M] (F-Secure Corporation) "F-Secure Startup Wizard" = "C:\Program Files\Securitoo\av_fw\FSGUI\FSSW.EXE" /reboot [10/18/2005 10:29 AM | 00,372,736 | ---- | M] (F-Secure Corporation) "F-Secure TNB" = "C:\Program Files\Securitoo\av_fw\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW [07/18/2005 04:51 PM | 00,700,416 | ---- | M] (F-Secure Corporation) "News Service" = "C:\Program Files\Securitoo\av_fw\FSGUI\ispnews.exe" [05/31/2005 02:45 PM | 00,356,352 | ---- | M] (F-Secure Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "load" = Reg Error: Value load does not exist or could not be read. "run" = Reg Error: Value run does not exist or could not be read. [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "VPbubble" = "C:\Program Files\Nosibay\VPbubble\launcher.exe" [06/03/2008 09:36 AM | 00,239,120 | ---- | M] (vente-privee.com) [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "load" = "run" = Reg Error: Value run does not exist or could not be read. ========== Startup Folders ========== [All Users.WINDOWS Startup Folder - C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage] [12/02/2007 10:56 AM | 00,032,807 | ---- | M] (Securitoo Portal) - C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\Antivirus Firewall.lnk = C:\Program Files\Securitoo\av_fw\backweb\7431218\Program\fspex.exe [Lucie Paquet Startup Folder - C:\Documents and Settings\Lucie Paquet\Menu Démarrer\Programmes\Démarrage] ========== BHO's ========== [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] HKLM CLSID: (AcroIEHlprObj Class) - [11/03/2003 02:17 PM | 00,054,248 | ---- | M] (Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C451C08A-EC37-45DF-AAAD-18B51AB5E837}] HKLM CLSID: (PDFCreator Toolbar Helper) - [06/15/2007 05:37 PM | 00,757,760 | ---- | M] () C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}] HKLM CLSID: (EpsonToolBandKicker Class) - [02/21/2005 10:50 PM | 00,368,640 | ---- | M] (SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll ========== Toolbars ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar] "{31CF9EBE-5755-4A1D-AC25-2834D952D9B4}" HKLM CLSID: (PDFCreator Toolbar) - [06/15/2007 05:37 PM | 00,757,760 | ---- | M] () C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar] "{EE5D279F-081B-4404-994D-C6B60AAEBA6D}" HKLM CLSID: (EPSON Web-To-Page) - [02/21/2005 10:50 PM | 00,368,640 | ---- | M] (SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser] "{31CF9EBE-5755-4A1D-AC25-2834D952D9B4}" HKLM CLSID: (PDFCreator Toolbar) - [06/15/2007 05:37 PM | 00,757,760 | ---- | M] () C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll "{EE5D279F-081B-4404-994D-C6B60AAEBA6D}" HKLM CLSID: (EPSON Web-To-Page) - [02/21/2005 10:50 PM | 00,368,640 | ---- | M] (SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll ========== AppInit_Dlls ========== ========== HKLM Security Providers ========== ========== HKLM Winlogon Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell] = Explorer.exe >Explorer.exe - [04/24/2003 02:00 PM | 01,008,128 | ---- | M] (Microsoft Corporation) C:\WINDOWS\explorer.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit] = C:\WINDOWS\system32\userinit.exe, >C:\WINDOWS\system32\userinit.exe - [04/24/2003 02:00 PM | 00,022,528 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\userinit.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UIHost] = logonui.exe >logonui.exe - [04/24/2003 02:00 PM | 00,505,344 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\logonui.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet] = rundll32 shell32,Control_RunDLL "sysdm.cpl" >rundll32 shell32 - [04/24/2003 02:00 PM | 08,393,216 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll >Control_RunDLL "sysdm.cpl" - [04/24/2003 02:00 PM | 00,274,944 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\sysdm.cpl ========== User's Winlogon Settings ========== ========== Winlogon Notify Settings ========== ========== Policies ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer] Unable to open key or key not present! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System] "dontdisplaylastusername" = 0 "legalnoticecaption" = "legalnoticetext" = "shutdownwithoutlogon" = 1 "undockwithoutlogon" = 1 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer] "NoDriveTypeAutoRun" = 145 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System] Unable to open key or key not present! ========== Lsa Authentication Packages ========== ========== Lsa Security Packages ========== ========== Desktop Components ========== [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0] "FriendlyName" = "Ma page d'accueil" "Source" = "About:Home" "SubscribedURL" = "About:Home" ========== Safeboot Options ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot] "AlternateShell" = cmd.exe ========== Disabled MsConfig Items ========== Unable to open key or key not present! ========== CDRom AutoRun Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom] "AutoRun" = 1 ========== Autorun Files on Drives ========== AUTOEXEC.BAT [] [01/26/2006 08:55 PM | 00,000,000 | ---- | M] () C:\AUTOEXEC.BAT [ NTFS ] ========== MountPoints2 ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{11b24cce-1b3d-11dc-8eae-00110904a9f3}\Shell] "" = None [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{505c2e56-5f84-11dc-8ec6-00110904a9f3}\Shell] "" = None [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{80d6584c-c36c-11dc-bffd-00110904a9f3}\Shell] "" = None [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{886536b2-799a-11dc-8ed9-00110904a9f3}\Shell] "" = None [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{91a698f6-b22f-11dc-bfc2-00110904a9f3}\Shell] "" = None [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{aca88434-442a-11dc-8ebd-00110904a9f3}\Shell] "" = None [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c5d68a6c-a034-11dc-bf83-00110904a9f3}\Shell] "" = None [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cc507bd4-d354-11dc-8028-00110904a9f3}\Shell] "" = None [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ed6813dc-c53e-11dc-8000-00110904a9f3}\Shell] "" = None [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ed6813dd-c53e-11dc-8000-00110904a9f3}\Shell] "" = None ========== DNS Name Servers ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\{94F4736B-6214-4B4C-A2D0-A22A64223B6F}] Servers: | Description: Carte Fast Ethernet compatible VIA ========== Hosts File ========== HOSTS File = (790 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts First 25 entries... 127.0.0.1 localhost ========== Files/Folders - Created Within 30 days ========== [09/01/2008 06:14 PM | -HSD | C] - C:\Config.Msi [09/02/2008 09:47 AM | ---D | C] - C:\tmp [09/02/2008 03:26 PM | ---D | C] - C:\Documents and Settings\All Users.WINDOWS\Application Data\Malwarebytes [09/02/2008 03:26 PM | ---D | C] - C:\Documents and Settings\Lucie Paquet\Application Data\Malwarebytes [08/07/2008 04:42 PM | R--D | C] - C:\Documents and Settings\Lucie Paquet\Mes documents\Mes vidéos [09/02/2008 03:26 PM | 00,000,696 | ---- | C] () - C:\Documents and Settings\All Users.WINDOWS\Bureau\Malwarebytes' Anti-Malware.lnk [08/08/2008 10:06 AM | 03,723,454 | ---- | C] (IZSoftware ) - C:\Documents and Settings\Lucie Paquet\Bureau\IZArc_Setup.exe [08/09/2008 11:35 AM | 00,020,480 | ---- | C] () - C:\Documents and Settings\Lucie Paquet\Bureau\licenciement Nounou.doc [08/11/2008 10:30 AM | 00,273,913 | ---- | C] () - C:\Documents and Settings\Lucie Paquet\Bureau\club haribo.pdf [09/04/2008 08:23 PM | ---D | C] - C:\Documents and Settings\Lucie Paquet\Bureau\Raccourcis Bureau non utilisés [09/05/2008 06:56 AM | 00,001,008 | ---- | C] () - C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\Antivirus Firewall.lnk [09/02/2008 02:32 PM | ---D | C] - C:\Program Files\Navilog1 [09/02/2008 03:26 PM | ---D | C] - C:\Program Files\Malwarebytes' Anti-Malware [09/02/2008 05:18 PM | ---D | C] - C:\Program Files\Trend Micro ========== Files - Modified Within 30 days ========== [1 C:\WINDOWS\System32\*.tmp files] [09/02/2008 09:46 AM | 00,229,592 | ---- | M] () - C:\WINDOWS\System32\FNTCACHE.DAT [09/04/2008 08:18 PM | 00,002,422 | ---- | M] () - C:\WINDOWS\System32\wpa.dbl [7 C:\WINDOWS\*.tmp files] [09/05/2008 06:56 AM | 00,002,048 | --S- | M] () - C:\WINDOWS\bootstat.dat [09/05/2008 06:56 AM | 00,000,006 | -H-- | M] () - C:\WINDOWS\tasks\SA.DAT [09/05/2008 06:57 AM | 00,000,588 | ---- | M] () - C:\WINDOWS\tasks\Scheduled scanning task.job [09/02/2008 05:17 PM | 00,001,285 | ---- | M] () - C:\Documents and Settings\Lucie Paquet\Application Data\QuickZip45.ini [09/01/2008 06:16 PM | 00,107,520 | ---- | M] () - C:\Documents and Settings\Lucie Paquet\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [09/02/2008 03:26 PM | 00,000,696 | ---- | M] () - C:\Documents and Settings\All Users.WINDOWS\Bureau\Malwarebytes' Anti-Malware.lnk [08/08/2008 10:06 AM | 03,723,454 | ---- | M] (IZSoftware ) - C:\Documents and Settings\Lucie Paquet\Bureau\IZArc_Setup.exe [08/09/2008 11:35 AM | 00,020,480 | ---- | M] () - C:\Documents and Settings\Lucie Paquet\Bureau\licenciement Nounou.doc [08/11/2008 10:30 AM | 00,273,913 | ---- | M] () - C:\Documents and Settings\Lucie Paquet\Bureau\club haribo.pdf [09/05/2008 06:56 AM | 00,001,008 | ---- | M] () - C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\Antivirus Firewall.lnk < End of report > et le 2e OTViewIt Extras logfile created on: 05/09/2008 07:21:48 - Run 1 OTViewIt by OldTimer - Version 1.0.1.8 Folder = C:\Documents and Settings\Lucie Paquet\Bureau Windows XP Home Edition Service Pack 1 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2800.1106) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 223.48 Mb Total Physical Memory | 104.21 Mb Available Physical Memory | 46.63% Memory free 547.12 Mb Paging File | 321.59 Mb Available in Paging File | 58.78% Paging File free Paging file location(s): C:\pagefile.sys 336 672; %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 14.65 Gb Total Space | 5.09 Gb Free Space | 34.77% Space Free | Partition Type: NTFS Drive D: | 59.90 Gb Total Space | 16.47 Gb Free Space | 27.49% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] Unable to open key or key not present! ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "C:\Program Files\Securitoo\av_fw\backweb\7431218\Program\fspex.exe" = C:\Program Files\Securitoo\av_fw\backweb\7431218\program\fspex.exe:*:enabled:Antivirus Firewall [12/02/2007 10:56 AM | 00,032,807 | ---- | M] (Securitoo Portal) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\Securitoo\av_fw\backweb\7431218\Program\fspex.exe" = C:\Program Files\Securitoo\av_fw\backweb\7431218\program\fspex.exe:*:enabled:Antivirus Firewall [12/02/2007 10:56 AM | 00,032,807 | ---- | M] (Securitoo Portal) ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .bat [@ = batfile] - "%1" %* .cmd [@ = cmdfile] - "%1" %* .com [@ = comfile] - "%1" %* .exe [@ = exefile] - "%1" %* .pif [@ = piffile] - "%1" %* .scr [@ = scrfile] - "%1" %* ========== Winsock2 Catalogs ========== ========== HKEY_LOCAL_MACHINE Protocol Defaults ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults] - Default Protocols shell - shell protocol not assigned ========== HKEY_CURRENT_USER Protocol Defaults ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults] - Default Protocols shell - shell protocol not assigned ========== Protocol Handlers ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\] ipp: [HKLM - No CLSID value] msdaipp: [HKLM - No CLSID value] ========== Protocol Filters ========== ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator "{0003040C-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 SR-1 Small Business "{0004040C-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 SR-1 Disque 2 "{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email "{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}" = EPSON Scan Assistant "{314F6D08-A8B7-11D8-8446-0050BA1D384D}" = EPSON Image Clip Palette "{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{5DA7BC15-18D3-41A0-9F59-838DA3EAEF17}" = EPSON Easy Photo Print "{67EDD823-135A-4D59-87BD-950616D6E857}" = EPSON Copy Utility 3 "{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD "{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0 "{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}" = EPSON Web-To-Page "{90AF040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office PowerPoint Viewer 2003 "{97C82B44-D408-4F14-9252-47FC1636D23E}_is1" = IZArc 3.81 "{AC76BA86-7AD7-1033-7B44-A00000000001}" = Adobe Reader 6.0.1 "{AEC0CEBC-0FC7-4716-8222-1C4A742719B1}" = Digimax Master "{B90450DF-E781-46FD-B1F1-0C86DA40E443}" = PIF DESIGNER "{E86BC406-944E-41F6-ADE6-2C136734C96B}" = EPSON File Manager "{F196AC50-7C95-42E1-9947-BDAB18BF3C8C}" = Microsoft .NET Framework 2.0 Language Pack - FRA "BackWeb-7431218 Uninstaller" = Securitoo AntiVirus Firewall "eMule" = eMule "EPSON Printer and Utilities" = EPSON Logiciel imprimante "EPSON Scanner" = EPSON Scan "ESDX3800 Guide d'utilisation" = ESDX3800 Guide d'utilisation "HijackThis" = HijackThis 2.0.2 "InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email "KB893803v2" = Windows Installer 3.1 (KB893803) "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0 "Microsoft .NET Framework 2.0 Language Pack - FRA" = Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA "Navilog1_is1" = Navilog1 3.6.5 "PDFCreator Toolbar" = PDFCreator Toolbar "Quick Zip_is1" = Quick Zip 4.60.019 "QuickTime" = QuickTime "ShockwaveFlash" = Macromedia Flash Player 8 "StmAdsl" = BeWAN ADSL modem "VIA Audio Driver Setup Program" = VIA Audio Driver Setup Program "VPbubble" = VPbubble (remove only) "WinRAR archiver" = Archiveur WinRAR ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "uTorrent" = µTorrent ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 03/09/2008 07:33:50 - Computer Name = LUCIE - User Name = User SID not found - Source = Securitoo AntiVirus Description = 3 2008-09-03 09:33:49+02:00 lucie LUCIE\Lucie Paquet Securitoo AntiVirus Scanning of C:\DOCUMENTS AND SETTINGS\LUCIE PAQUET\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\STK9IZSL\594FFB8EF5B9AA11E4FB35D6EB15D8A3[1].JPG was aborted due to exceeded scanning time limit. The file may be in use or reading it was too slow (e.g. network connection was under stress). Error - 03/09/2008 07:36:08 - Computer Name = LUCIE - User Name = User SID not found - Source = Securitoo AntiVirus Description = 4 2008-09-03 09:36:06+02:00 lucie LUCIE\Lucie Paquet Securitoo AntiVirus Scanning of C:\DOCUMENTS AND SETTINGS\LUCIE PAQUET\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\WLMZG5Y3\OPEL_728X90[1].SWF was aborted due to exceeded scanning time limit. The file may be in use or reading it was too slow (e.g. network connection was under stress). Error - 03/09/2008 07:38:28 - Computer Name = LUCIE - User Name = User SID not found - Source = Securitoo AntiVirus Description = 5 2008-09-03 09:38:26+02:00 lucie LUCIE\Lucie Paquet Securitoo AntiVirus Scanning of C:\DOCUMENTS AND SETTINGS\LUCIE PAQUET\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\WLMZG5Y3\33919.18[1].JPG was aborted due to exceeded scanning time limit. The file may be in use or reading it was too slow (e.g. network connection was under stress). Error - 03/09/2008 11:11:26 - Computer Name = LUCIE - User Name = User SID not found - Source = Securitoo AntiVirus Description = 6 2008-09-03 13:11:25+02:00 lucie LUCIE\Lucie Paquet Securitoo AntiVirus Scanning of C:\DOCUMENTS AND SETTINGS\LUCIE PAQUET\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\P32J5PIJ\CSSCRIPTLIB[1].JS was aborted due to exceeded scanning time limit. The file may be in use or reading it was too slow (e.g. network connection was under stress). Error - 03/09/2008 11:24:55 - Computer Name = LUCIE - User Name = User SID not found - Source = Securitoo AntiVirus Description = 7 2008-09-03 13:24:54+02:00 lucie LUCIE\Lucie Paquet Securitoo AntiVirus Scanning of C:\DOCUMENTS AND SETTINGS\LUCIE PAQUET\COOKIES\LUCIE [email protected][2].TXT was aborted due to exceeded scanning time limit. The file may be in use or reading it was too slow (e.g. network connection was under stress). Error - 03/09/2008 14:26:31 - Computer Name = LUCIE - User Name = User SID not found - Source = Securitoo AntiVirus Description = 8 2008-09-03 16:26:31+02:00 lucie LUCIE\Lucie Paquet Securitoo AntiVirus Scanning of C:\DOCUMENTS AND SETTINGS\LUCIE PAQUET\COOKIES\LUCIE [email protected][2].TXT was aborted due to exceeded scanning time limit. The file may be in use or reading it was too slow (e.g. network connection was under stress). Error - 04/09/2008 18:21:30 - Computer Name = LUCIE - User Name = User SID not found - Source = Securitoo AntiVirus Description = 1 2008-09-04 20:21:29+02:00 lucie LUCIE\Lucie Paquet Securitoo AntiVirus Scanning of C:\WINDOWS\SYSTEM32\SHLWAPI.DLL was aborted due to exceeded scanning time limit. The file may be in use or reading it was too slow (e.g. network connection was under stress). Error - 04/09/2008 18:25:05 - Computer Name = LUCIE - User Name = User SID not found - Source = Securitoo AntiVirus Description = 2 2008-09-04 20:25:04+02:00 lucie LUCIE\Lucie Paquet Securitoo AntiVirus Scanning of C:\DOCUMENTS AND SETTINGS\LUCIE PAQUET\COOKIES\LUCIE [email protected][1].TXT was aborted due to exceeded scanning time limit. The file may be in use or reading it was too slow (e.g. network connection was under stress). Error - 04/09/2008 18:32:13 - Computer Name = LUCIE - User Name = User SID not found - Source = Securitoo AntiVirus Description = 3 2008-09-04 20:32:12+02:00 lucie LUCIE\Lucie Paquet Securitoo AntiVirus Scanning of C:\DOCUMENTS AND SETTINGS\LUCIE PAQUET\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\KVSZUFSF\PA_MODULE[1].PHP was aborted due to exceeded scanning time limit. The file may be in use or reading it was too slow (e.g. network connection was under stress). Error - 05/09/2008 04:58:34 - Computer Name = LUCIE - User Name = User SID not found - Source = Securitoo AntiVirus Description = 1 2008-09-05 06:58:31+02:00 lucie LUCIE\Lucie Paquet Securitoo AntiVirus Scanning of C:\WINDOWS\SYSTEM32\RICHED32.DLL was aborted due to exceeded scanning time limit. The file may be in use or reading it was too slow (e.g. network connection was under stress). [ Security Events ] [ System Events ] Error - 01/09/2008 16:18:14 - Computer Name = LUCIE - User Name = User SID not found - Source = Service Control Manager Description = Le service Gestion d'applications s'est arrêté avec l'erreur : %%126 Error - 01/09/2008 16:18:14 - Computer Name = LUCIE - User Name = User SID not found - Source = Service Control Manager Description = Le service Gestion d'applications s'est arrêté avec l'erreur : %%126 Error - 01/09/2008 16:18:14 - Computer Name = LUCIE - User Name = User SID not found - Source = Service Control Manager Description = Le service Gestion d'applications s'est arrêté avec l'erreur : %%126 Error - 01/09/2008 16:18:14 - Computer Name = LUCIE - User Name = User SID not found - Source = Service Control Manager Description = Le service Gestion d'applications s'est arrêté avec l'erreur : %%126 Error - 01/09/2008 16:18:14 - Computer Name = LUCIE - User Name = User SID not found - Source = Service Control Manager Description = Le service Gestion d'applications s'est arrêté avec l'erreur : %%126 Error - 01/09/2008 16:18:14 - Computer Name = LUCIE - User Name = User SID not found - Source = Service Control Manager Description = Le service Gestion d'applications s'est arrêté avec l'erreur : %%126 Error - 01/09/2008 16:18:14 - Computer Name = LUCIE - User Name = User SID not found - Source = Service Control Manager Description = Le service Gestion d'applications s'est arrêté avec l'erreur : %%126 Error - 01/09/2008 16:18:14 - Computer Name = LUCIE - User Name = User SID not found - Source = Service Control Manager Description = Le service Gestion d'applications s'est arrêté avec l'erreur : %%126 Error - 01/09/2008 16:18:14 - Computer Name = LUCIE - User Name = User SID not found - Source = Service Control Manager Description = Le service Gestion d'applications s'est arrêté avec l'erreur : %%126 Error - 01/09/2008 16:18:14 - Computer Name = LUCIE - User Name = User SID not found - Source = Service Control Manager Description = Le service Gestion d'applications s'est arrêté avec l'erreur : %%126 < End of report >

plus de message aujourd'hui !!!! c'est super merci beaucoup par contre je constate un gros ralentissement, pb de temps de réponse, je ne sais pas si ça peut être lié, enfin c'est toujours mieux que les messages d'erreur! encore merci

merci, j'ai fait la manip, j'attends de voir encore merci, je te tiens au courant

malheureusement oui

et la suite qui a été beaucoup plus rapide ouf Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:19:56, on 02/09/2008 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\SECURI~1\av_fw\backweb\7431218\Program\SERVIC~1.EXE C:\Program Files\Securitoo\av_fw\Anti-Virus\fsgk32st.exe C:\Program Files\Securitoo\av_fw\backweb\7431218\program\fsbwsys.exe C:\Program Files\Securitoo\av_fw\Anti-Virus\FSGK32.EXE C:\Program Files\Securitoo\av_fw\Common\FSMA32.EXE C:\Program Files\Securitoo\av_fw\Anti-Virus\fssm32.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Securitoo\av_fw\Common\FSMB32.EXE C:\Program Files\Securitoo\av_fw\backweb\7431218\Program\fspex.exe C:\Program Files\Securitoo\av_fw\Common\FCH32.EXE C:\Program Files\Securitoo\av_fw\Common\FAMEH32.EXE C:\Program Files\Securitoo\av_fw\Anti-Virus\fsqh.exe C:\Program Files\Securitoo\av_fw\Anti-Virus\fsrw.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Securitoo\av_fw\FWES\Program\fsdfwd.exe C:\Program Files\VIAudioi\SBADeck\ADeck.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\WINDOWS\System32\rundll32.exe C:\Program Files\Securitoo\av_fw\Common\FSM32.EXE C:\Program Files\Securitoo\av_fw\FSGUI\ispnews.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE C:\WINDOWS\System32\ctfmon.exe C:\Program Files\Securitoo\av_fw\Anti-Virus\fsav32.exe C:\PROGRA~1\SECURI~1\av_fw\ANTI-S~1\fsaw.exe C:\Program Files\Securitoo\av_fw\FSGUI\fsguidll.exe C:\WINDOWS\System32\wuauclt.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [AudioDeck] C:\Program Files\VIAudioi\SBADeck\ADeck.exe O4 - HKLM\..\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Securitoo\av_fw\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Securitoo\av_fw\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\Securitoo\av_fw\FSGUI\FSSW.EXE" /reboot O4 - HKLM\..\Run: [News Service] "C:\Program Files\Securitoo\av_fw\FSGUI\ispnews.exe" O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P26 "EPSON Stylus DX3800 Series" /O6 "USB001" /M "Stylus DX3800" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [VPbubble] "C:\Program Files\Nosibay\VPbubble\launcher.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Antivirus Firewall.lnk = C:\Program Files\Securitoo\av_fw\backweb\7431218\Program\fspex.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O8 - Extra context menu item: &Bloquer cette fenêtre publicitaire - C:\Program Files\Securitoo\av_fw\Anti-Spyware\blockpopups.htm O9 - Extra button: Protection Internet Explorer - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Securitoo\av_fw\Anti-Spyware\ieshield.dll O9 - Extra 'Tools' menuitem: Protection Internet Explorer... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Securitoo\av_fw\Anti-Spyware\ieshield.dll O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O12 - Plugin for .tiff: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll O17 - HKLM\System\CCS\Services\Tcpip\..\{3083BFEC-A764-47CD-B6B8-7C388EBFFBA3}: NameServer = 86.64.145.144 84.103.237.144 O23 - Service: Antivirus Firewall (BackWeb Plug-in - 7431218) - Securitoo Portal - C:\PROGRA~1\SECURI~1\av_fw\backweb\7431218\Program\SERVIC~1.EXE O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corporation - C:\Program Files\Securitoo\av_fw\Anti-Virus\fsgk32st.exe O23 - Service: FSBWSYS - F-Secure Corp. - C:\Program Files\Securitoo\av_fw\backweb\7431218\program\fsbwsys.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Securitoo\av_fw\FWES\Program\fsdfwd.exe O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\Securitoo\av_fw\Common\FSMA32.EXE -- End of file - 5859 bytes voilà en espérant que tu puisses m'aider à nouveau

merci beaucoup Chrifleur voici donc le 1er rapport Malwarebytes' Anti-Malware 1.26 Version de la base de données: 1103 Windows 5.1.2600 Service Pack 1 02/09/2008 17:04:11 mbam-log-2008-09-02 (17-04-11).txt Type de recherche: Examen complet (C:\|D:\|) Eléments examinés: 128066 Temps écoulé: 1 hour(s), 2 minute(s), 0 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 1 Fichier(s) infecté(s): 7 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): C:\Documents and Settings\LocalService\Application Data\NetMon (Trojan.NetMon) -> Quarantined and deleted successfully. Fichier(s) infecté(s): C:\Documents and Settings\Propriétaire\Local Settings\Temp\cmdinst.exe (Trojan.Proxy) -> Quarantined and deleted successfully. C:\Documents and Settings\Propriétaire\Local Settings\Temp\tsinstall_4_0_4_0_b4.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Program Files\Fichiers communs\mzfo\mzfod\mzfoc.dll (Adware.TargetServer) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{31F30866-EA22-4AB6-A780-E61895D42D0E}\RP1\A0003048.exe (Trojan.Proxy) -> Quarantined and deleted successfully. C:\Documents and Settings\LocalService\Application Data\NetMon\domains.txt (Trojan.NetMon) -> Quarantined and deleted successfully. C:\Documents and Settings\LocalService\Application Data\NetMon\log.txt (Trojan.NetMon) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrateur\Local Settings\Temp\bnaD.tmp (Trojan.Agent) -> Quarantined and deleted successfully. et maintenant je fais la deuxième étape

bonjour, voilà j'ai des fenetres qui s'ouvrent très régulièrement me demandant de me rendre sur regfixit.com, j'ai lu les interventions d'autres internautes sur ce forum, j'ai donc executé navilog, et comme je n'y comprend rien... voici le rapport : Search Navipromo version 3.6.5 commencé le 02/09/2008 à 14:41:02.12 !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!! !!! Postez ce rapport sur le forum pour le faire analyser !!! !!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!! Outil exécuté depuis C:\Program Files\navilog1 Session actuelle : "Lucie Paquet" Mise à jour le 22.08.2008 à 17h30 par IL-MAFIOSO Microsoft Windows XP [version 5.1.2600] Internet Explorer : 6.0.2800.1106 Système de fichiers : NTFS Recherche executé en mode normal *** Recherche Programmes installés *** *** Recherche dossiers dans "C:\WINDOWS" *** *** Recherche dossiers dans "C:\Program Files" *** *** Recherche dossiers dans "C:\Documents and Settings\All Users.WINDOWS\menudm~1\progra~1" *** *** Recherche dossiers dans "C:\Documents and Settings\All Users.WINDOWS\menudm~1" *** *** Recherche dossiers dans "c:\docume~1\alluse~1.win\applic~1" *** *** Recherche dossiers dans "C:\Documents and Settings\Lucie Paquet\applic~1" *** *** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\applic~1" *** *** Recherche dossiers dans "C:\DOCUME~1\PROPRI~1\applic~1" *** *** Recherche dossiers dans "C:\Documents and Settings\Lucie Paquet\locals~1\applic~1" *** *** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" *** *** Recherche dossiers dans "C:\DOCUME~1\PROPRI~1\locals~1\applic~1" *** *** Recherche dossiers dans "C:\Documents and Settings\Lucie Paquet\menudm~1\progra~1" *** *** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\menudm~1\progra~1" *** *** Recherche dossiers dans "C:\DOCUME~1\PROPRI~1\menudm~1\progra~1" *** *** Recherche avec Catchme-rootkit/stealth malware detector par gmer *** pour + d'infos : http://www.gmer.net *** Recherche avec GenericNaviSearch *** !!! Tous ces résultats peuvent révéler des fichiers légitimes !!! !!! A vérifier impérativement avant toute suppression manuelle !!! * Recherche dans "C:\WINDOWS\system32" * * Recherche dans "C:\Documents and Settings\Lucie Paquet\locals~1\applic~1" * * Recherche dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" * * Recherche dans "C:\DOCUME~1\PROPRI~1\locals~1\applic~1" * *** Recherche fichiers *** *** Recherche clés spécifiques dans le Registre *** *** Module de Recherche complémentaire *** (Recherche fichiers spécifiques) 1)Recherche nouveaux fichiers Instant Access : 2)Recherche Heuristique : * Dans "C:\WINDOWS\system32" : * Dans "C:\Documents and Settings\Lucie Paquet\locals~1\applic~1" : * Dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" : * Dans "C:\DOCUME~1\PROPRI~1\locals~1\applic~1" : 3)Recherche Certificats : Certificat Egroup absent ! Certificat Electronic-Group absent ! Certificat Montorgueil absent ! Certificat OOO-Favorit absent ! Certificat Sunny-Day-Design-Ltd absent ! 4)Recherche fichiers connus : *** Analyse terminée le 02/09/2008 à 14:57:20.98 *** j'espère que quelqu'un pourra m'aider car je suis vraiment nulle en informatique merci d'avance