voici le rapport online kaspersky.

Bit defender a semblé s'appercevoir de la présence de ces virus en même temps que kas les trouvait. Celà veut-il dire que bit def est moins balaise et qu'il faut envisager de changer, ou alors c'est normal ?

Dois-je me sécuriser encore plus qu'avec bit def et ssd ?

Sûrement être plus méfiant et agir avec plus de dicernement lors de ma navigation, ok.

Si tu as des suggestions...

@ + et merci beaucoup.





Saturday, January 19, 2008 7:45:32 PM

Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)

Kaspersky Online Scanner version:

Kaspersky Anti-Virus database last update: 19/01/2008

Kaspersky Anti-Virus database records: 523769

Scan Settings

Scan using the following antivirus database extended

Scan Archives true

Scan Mail Bases true

Scan Target My Computer








Scan Statistics

Total number of scanned objects 56725

Number of viruses found 5

Number of infected objects 21

Number of suspicious objects 0

Duration of the scan process 01:33:27


Infected Object Name Virus Name Last Action

C:\Documents and Settings\gae\Application Data\Bitdefender\Desktop\Profiles\asdict.dat Object is locked skipped

C:\Documents and Settings\gae\Bureau\gae\logiciels téléchargés\Navilog1.exe/file09 Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped

C:\Documents and Settings\gae\Bureau\gae\logiciels téléchargés\Navilog1.exe Inno: infected - 1 skipped

C:\Documents and Settings\gae\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\gae\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\gae\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\gae\Local Settings\Application Data\Mozilla\Firefox\Profiles\dphlgg4x.default\Cache\1C4D570Bd01/data0000.bin/stream/data0005


Infected: skipped

C:\Documents and Settings\gae\Local Settings\Application Data\Mozilla\Firefox\Profiles\dphlgg4x.default\Cache\1C4D570Bd01/data0000.bin/stream Infected: skipped

C:\Documents and Settings\gae\Local Settings\Application Data\Mozilla\Firefox\Profiles\dphlgg4x.default\Cache\1C4D570Bd01/data0000.bin Infected: skipped

C:\Documents and Settings\gae\Local Settings\Application Data\Mozilla\Firefox\Profiles\dphlgg4x.default\Cache\1C4D570Bd01 EmbeddedEXE: infected - 3



C:\Documents and Settings\gae\Local Settings\Application Data\Mozilla\Firefox\Profiles\dphlgg4x.default\Cache\1C4D570Bd01 UPX: infected - 3 skipped

C:\Documents and Settings\gae\Local Settings\Application Data\Mozilla\Firefox\Profiles\dphlgg4x.default\Cache\1C4D570Bd01 PE_Patch.UPX: infected - 3



C:\Documents and Settings\gae\Local Settings\Application Data\Mozilla\Firefox\Profiles\dphlgg4x.default\Cache\2D25FD38d01 Infected:


not-a-virus:Downloader.Win32.WinFixer.cs skipped

C:\Documents and Settings\gae\Local Settings\Application Data\Mozilla\Firefox\Profiles\dphlgg4x.default\Cache\6FA78EBBd01/mwsSetup.CommonCodebase.exe


Infected: not-a-virus:AdTool.Win32.MyWebSearch.bc skipped

C:\Documents and Settings\gae\Local Settings\Application Data\Mozilla\Firefox\Profiles\dphlgg4x.default\Cache\6FA78EBBd01 CAB: infected - 1 skipped

C:\Documents and Settings\gae\Local Settings\Historique\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\gae\Local Settings\Temp\hazqw3bo.exe/mwsSetup.CommonCodebase.exe Infected: not-a-virus:AdTool.Win32.MyWebSearch.bc



C:\Documents and Settings\gae\Local Settings\Temp\hazqw3bo.exe CAB: infected - 1 skipped

C:\Documents and Settings\gae\Local Settings\Temp\hpotdd006.log Object is locked skipped

C:\Documents and Settings\gae\Local Settings\Temp\sv5h2.tmp\sv5h3.tmp Object is locked skipped

C:\Documents and Settings\gae\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked



C:\Documents and Settings\gae\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\gae\ntuser.dat Object is locked skipped

C:\Documents and Settings\gae\ntuser.dat.LOG Object is locked skipped

C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\ntuser.dat Object is locked skipped

C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped

C:\Documents and Settings\NetworkService\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\NetworkService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\NetworkService\ntuser.dat Object is locked skipped

C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped

C:\Program Files\Navilog1\reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped

C:\Program Files\Softwin\BitDefender10\aspdict.dat Object is locked skipped

C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped

C:\System Volume Information\_restore{127E83D8-D463-4E7B-98EB-C46E6308C91E}\RP117\A0017028.exe/data0000.bin/stream/data0005 Infected: skipped

C:\System Volume Information\_restore{127E83D8-D463-4E7B-98EB-C46E6308C91E}\RP117\A0017028.exe/data0000.bin/stream Infected: skipped

C:\System Volume Information\_restore{127E83D8-D463-4E7B-98EB-C46E6308C91E}\RP117\A0017028.exe/data0000.bin Infected: skipped

C:\System Volume Information\_restore{127E83D8-D463-4E7B-98EB-C46E6308C91E}\RP117\A0017028.exe EmbeddedEXE: infected - 3 skipped

C:\System Volume Information\_restore{127E83D8-D463-4E7B-98EB-C46E6308C91E}\RP117\A0017028.exe UPX: infected - 3 skipped

C:\System Volume Information\_restore{127E83D8-D463-4E7B-98EB-C46E6308C91E}\RP117\A0017028.exe PE_Patch.UPX: infected - 3 skipped

C:\System Volume Information\_restore{127E83D8-D463-4E7B-98EB-C46E6308C91E}\RP118\change.log Object is locked skipped

C:\System Volume Information\_restore{127E83D8-D463-4E7B-98EB-C46E6308C91E}\RP78\A0007384.exe Infected: not-a-virus:AdWare.Win32.Agent.zk



C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped

C:\WINDOWS\SchedLgU.Txt Object is locked skipped

C:\WINDOWS\SoftwareDistribution\EventCache\{A6CFBC52-534B-42C5-A191-DD0BB4401446}.bin Object is locked skipped

C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped

C:\WINDOWS\Sti_Trace.log Object is locked skipped

C:\WINDOWS\system32\bdss.log Object is locked skipped

C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped

C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped

C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\default Object is locked skipped

C:\WINDOWS\system32\config\default.LOG Object is locked skipped

C:\WINDOWS\system32\config\Internet.evt Object is locked skipped

C:\WINDOWS\system32\config\SAM Object is locked skipped

C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped

C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\SECURITY Object is locked skipped

C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped

C:\WINDOWS\system32\config\software Object is locked skipped

C:\WINDOWS\system32\config\software.LOG Object is locked skipped

C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\system Object is locked skipped

C:\WINDOWS\system32\config\system.LOG Object is locked skipped

C:\WINDOWS\system32\h323log.txt Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped

C:\WINDOWS\Temp\tmp00006e3b\tmp00000000 Object is locked skipped

C:\WINDOWS\wiadebug.log Object is locked skipped

C:\WINDOWS\wiaservc.log Object is locked skipped

C:\WINDOWS\WindowsUpdate.log Object is locked skipped

Scan process complete

Bonsoir, :P


Angelique s'est absentée, elle m'a demandé de prendre le relais temporairement.


Renouvelle la démarche avec Atf-cleaner, mais en mode sans échec, Firefox fermé.


Si tu ne sais pas démarrer en mode sans échec, c'est comme ceci :

(En mode sans échec : seul les processus systèmes sont lancés il est donc plus facile de supprimer ce qui est infecté.)
Au redémarrage de l'ordinateur, une fois le chargement du BIOS terminé,

Il y a un écran noir qui apparaît rapidement, tapote par alternance les touches [F8] et [F5] jusqu’à l'affichage du menu des options avancées de Windows. Sélectionne "Mode sans échec"et appuyer sur [Entrée].

aide visuelle.


Puis renouvelle une analyse en ligne avec Kaspersky de sorte de voir si cela a bien fonctionné.

Je vais faire tout ça.

Pendant que je lisais ton post, bit def m'a envoyé ceci:

"Le fichier c:\documents and settings\gae\local settings\application data\mozilla\firefox\profiles\dphlgg4x.default\cache.trash\trash\cache\6fa78ebbd01

est infect avec


J'ai l'impression d'être très fragile, et qu'il-y-a quelque chose qui cloche sérieusement.

@ tout, merci.




Voici le rapport kaspersky.

Je n'avais pas supprimé les fichiers infectés de la quarantaine dans bit def, je l'ai fait après le scan online.




Saturday, January 19, 2008 11:02:08 PM

Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)

Kaspersky Online Scanner version:

Kaspersky Anti-Virus database last update: 19/01/2008

Kaspersky Anti-Virus database records: 523972

Scan Settings

Scan using the following antivirus database extended

Scan Archives true

Scan Mail Bases true

Scan Target My Computer








Scan Statistics

Total number of scanned objects 55973

Number of viruses found 2

Number of infected objects 9

Number of suspicious objects 0

Duration of the scan process 01:36:40


Infected Object Name Virus Name Last Action

C:\Documents and Settings\gae\Application Data\Bitdefender\Desktop\Profiles\asdict.dat Object is locked skipped

C:\Documents and Settings\gae\Application Data\Mozilla\Firefox\Profiles\dphlgg4x.default\cert8.db Object is locked skipped

C:\Documents and Settings\gae\Application Data\Mozilla\Firefox\Profiles\dphlgg4x.default\history.dat Object is locked skipped

C:\Documents and Settings\gae\Application Data\Mozilla\Firefox\Profiles\dphlgg4x.default\key3.db Object is locked skipped

C:\Documents and Settings\gae\Application Data\Mozilla\Firefox\Profiles\dphlgg4x.default\parent.lock Object is locked skipped

C:\Documents and Settings\gae\Application Data\Mozilla\Firefox\Profiles\dphlgg4x.default\search.sqlite Object is locked skipped

C:\Documents and Settings\gae\Application Data\Mozilla\Firefox\Profiles\dphlgg4x.default\urlclassifier2.sqlite Object is locked skipped

C:\Documents and Settings\gae\Bureau\gae\logiciels téléchargés\Navilog1.exe/file09 Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped

C:\Documents and Settings\gae\Bureau\gae\logiciels téléchargés\Navilog1.exe Inno: infected - 1 skipped

C:\Documents and Settings\gae\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\gae\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\gae\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\gae\Local Settings\Application Data\Mozilla\Firefox\Profiles\dphlgg4x.default\Cache\_CACHE_001_ Object is locked skipped

C:\Documents and Settings\gae\Local Settings\Application Data\Mozilla\Firefox\Profiles\dphlgg4x.default\Cache\_CACHE_002_ Object is locked skipped

C:\Documents and Settings\gae\Local Settings\Application Data\Mozilla\Firefox\Profiles\dphlgg4x.default\Cache\_CACHE_003_ Object is locked skipped

C:\Documents and Settings\gae\Local Settings\Application Data\Mozilla\Firefox\Profiles\dphlgg4x.default\Cache\_CACHE_MAP_ Object is locked skipped

C:\Documents and Settings\gae\Local Settings\Historique\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\gae\Local Settings\Historique\History.IE5\MSHist012008011920080120\index.dat Object is locked skipped

C:\Documents and Settings\gae\Local Settings\Temp\hpotdd000.log Object is locked skipped

C:\Documents and Settings\gae\Local Settings\Temp\svlke.tmp\svlkf.tmp Object is locked skipped

C:\Documents and Settings\gae\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped

C:\Documents and Settings\gae\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\gae\ntuser.dat Object is locked skipped

C:\Documents and Settings\gae\ntuser.dat.LOG Object is locked skipped

C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\ntuser.dat Object is locked skipped

C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped

C:\Documents and Settings\NetworkService\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\NetworkService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\NetworkService\ntuser.dat Object is locked skipped

C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped

C:\Program Files\Navilog1\reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped

C:\Program Files\Softwin\BitDefender10\aspdict.dat Object is locked skipped

C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped

C:\System Volume Information\_restore{127E83D8-D463-4E7B-98EB-C46E6308C91E}\RP117\A0017028.exe/data0000.bin/stream/data0005 Infected: skipped

C:\System Volume Information\_restore{127E83D8-D463-4E7B-98EB-C46E6308C91E}\RP117\A0017028.exe/data0000.bin/stream Infected: skipped

C:\System Volume Information\_restore{127E83D8-D463-4E7B-98EB-C46E6308C91E}\RP117\A0017028.exe/data0000.bin Infected: skipped

C:\System Volume Information\_restore{127E83D8-D463-4E7B-98EB-C46E6308C91E}\RP117\A0017028.exe EmbeddedEXE: infected - 3 skipped

C:\System Volume Information\_restore{127E83D8-D463-4E7B-98EB-C46E6308C91E}\RP117\A0017028.exe UPX: infected - 3 skipped

C:\System Volume Information\_restore{127E83D8-D463-4E7B-98EB-C46E6308C91E}\RP117\A0017028.exe PE_Patch.UPX: infected - 3 skipped

C:\System Volume Information\_restore{127E83D8-D463-4E7B-98EB-C46E6308C91E}\RP118\change.log Object is locked skipped

C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped

C:\WINDOWS\SchedLgU.Txt Object is locked skipped

C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped

C:\WINDOWS\Sti_Trace.log Object is locked skipped

C:\WINDOWS\system32\bdss.log Object is locked skipped

C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\default Object is locked skipped

C:\WINDOWS\system32\config\default.LOG Object is locked skipped

C:\WINDOWS\system32\config\Internet.evt Object is locked skipped

C:\WINDOWS\system32\config\SAM Object is locked skipped

C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped

C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\SECURITY Object is locked skipped

C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped

C:\WINDOWS\system32\config\software Object is locked skipped

C:\WINDOWS\system32\config\software.LOG Object is locked skipped

C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\system Object is locked skipped

C:\WINDOWS\system32\config\system.LOG Object is locked skipped

C:\WINDOWS\system32\h323log.txt Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped

C:\WINDOWS\Temp\tmp000009f9\tmp00000000 Object is locked skipped

C:\WINDOWS\wiadebug.log Object is locked skipped

C:\WINDOWS\wiaservc.log Object is locked skipped

C:\WINDOWS\WindowsUpdate.log Object is locked skipped

Scan process completed.

Ton rapport Kaspersky ne montre que la trace de navilog1 que tu pourras desinstaller et supp. C:\Program Files\Navilog1 ainsi que C:\Documents and Settings\gae\Bureau\gae\logiciels téléchargés\Navilog1.exe


ainsi que des points de restauration infectés à supprimer de cette maniere::


supp et recreer un point de restauration>


**on va essayer de desactiver le cache de FF de cette maniere::




surf comme ça pour le moment voir si ton soucie se reproduit???


ouvre une console cmd, et tape la ligne ci dessous en respectant les espaces::


del /q /f C:\Documents and Settings\gae\Local Settings\Temp\*.*

  angelique a dit :
surf comme ça pour le moment voir si ton soucie se reproduit???


ouvre une console cmd, et tape la ligne ci dessous en respectant les espaces::


del /q /f C:\Documents and Settings\gae\Local Settings\Temp\*.*





Bien, alors voilà mes différentes tentatives de cmd, toutes infructueuses,c'est quoi (ou moi) qui merdouille ?

@ +, merci.


Microsoft Windows XP [version 5.1.2600]

© Copyright 1985-2001 Microsoft Corp.


C:\Documents and Settings\gae>del/q/f C:\Documents and Settings\gae\Local Settin


Le chemin d'accès spécifié est introuvable.


C:\Documents and Settings\gae> C:\Documents and Settings\gae\Local Settings\Temp


'C:\Documents' n'est pas reconnu en tant que commande interne

ou externe, un programme exécutable ou un fichier de commandes.


C:\Documents and Settings\gae>

  angelique a dit :
t'as pas respecté les espaces^^


C:\Documents and Settings\gae>del /q /f C:\Documents and Settings\gae\Local Settings\Temp\*.*




Aie, aie, aie, ça marche pas.

C:\Documents and Settings\gae>del[esp] /q[esp] /f[esp] C:\Documents[esp] and[esp] Settings\gae\Local[esp]Settings\Temp\*.*

Voilà ce que je tape dans démarrer,éxécuter,cmd.

Je comprends pas..;

@ +


tu dois mal t'y prendre , regarde la capt::


==> la touche "tab" te permet une fois la 1ere lettre tapé d'afficher le bon repertoire apres cd.... !


Microsoft Windows XP [version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.

C:\Documents and Settings\phreak>cd "Local Settings"

C:\Documents and Settings\phreak\Local Settings>cd temp

C:\Documents and Settings\phreak\Local Settings\Temp>del *.*
C:\Documents and Settings\phreak\Local Settings\Temp\*.*, êtes-vous sûr (O/N) ?

C:\Documents and Settings\phreak\Local Settings\Temp>exit


phreak est le nom d'user sur ce PC comme toi "gae"::




----- ou en es tu par rapport à ton probleme d'origine??

