Sujet Précédent Sujet Suivant

Pb virus impossible à éradiquer

vange -  
 ruivo pardal -
Bonjour,

Il me semble qu'un virus dans mon ordinateur (je travaille sous windows XP professionel) n'est détecté par aucun antivirus...
J'ai essayé Norton, Mcafee, les scans en ligne, mais rien n'est détecté.
Seul Kaspersky, après mise à jour, a détecté des fichiers infectés par Wootbot,
Rbot, Agobot, Dyfuca, TrojanDownloader.Istbar.gj, 180solutions.a et small.vv ...
Pb : après désinfection, les pbs persistent :
- Impossible de démarrer en mode normal ma session habituelle, l'écran se fige comme pour un plantage, au moment du chargement de mes données
- Je démarre donc en mode sans échec mais à chaque fois Kaspersky détecte wootbot et Rbot dans la base de registre
- Impossible de faire la mise à jour Windows !

J'ai essayé le désinfecteur pour wootbot qui n'a rien trouvé...

Encore autre chose : dans le gestionnaire des tâches, la suppression d'un programme svchost.exe provoque l'apparition de la fenetre "l'ordinateur va redémarrer dans 1 minute" que l'on désactive avec "shutdown -a"....

Que faire ? Aidez moi s'il vous plait, je crois que je deviens fou !!

Je vous joins le log de Hijack this :
Logfile of HijackThis v1.98.2
Scan saved at 15:11:58, on 11/12/2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\ftp.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\msngf.exe
C:\Documents and Settings\Vange\Bureau\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.wanadoo.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://home.free.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [TCASUTIEXE] TCAUDIAG.exe -off
O4 - HKLM\..\Run: [DeltTray] DeltTray.exe
O4 - HKLM\..\Run: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -minimize
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Windows TaskAd] C:\Program Files\Windows TaskAd\WinTaskAd.exe
O4 - HKLM\..\Run: [KAVPersonal50] C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe /minimize
O4 - HKLM\..\Run: [Start Uppings] mssupdate.exe
O4 - HKLM\..\Run: [Starting up] wvsvc.exe
O4 - HKLM\..\Run: [Msn Config] msngf.exe
O4 - HKLM\..\RunServices: [Start Uppings] mssupdate.exe
O4 - HKLM\..\RunServices: [Microsoft Update] wuampd.exe
O4 - HKLM\..\RunServices: [HP Deskjet 500] HP_DeskJet_500.exe
O4 - HKLM\..\RunServices: [Sepate Security Firewall] sepate.exe
O4 - HKLM\..\RunServices: [Microsoft Windows Security] spvsper.exe
O4 - HKLM\..\RunServices: [Starting up] wvsvc.exe
O4 - HKLM\..\RunServices: [Msn Config] msngf.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk.disabled
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: NkvMon.exe.lnk.disabled
O9 - Extra button: ICQ 4 - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) - http://encyclo.voila.fr/JS/tdserver.cab
O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab
O16 - DPF: {161A7465-FEEE-4B40-8A85-ED752B93F73E} - file://E:\IntraLaunch.CAB
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/17f2a22069b82a6db917/netzip/RdxIE601_fr.cab
O16 - DPF: {72C23FEC-3AF9-48FC-9597-241A8EBDFE0A} (InstallShield International Setup Player) - http://ftp.hp.com/pub/automatic/player/isetupML.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.inoculer.com/antivirus/Msie/bitdefender.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} (CRAVOnline Object) - http://www.ravantivirus.com/scan/ravonline.cab
O16 - DPF: {C36112BF-2FA3-4694-8603-3B510EA3B465} (Lycos File Upload Component) - http://f002.mail.caramail.lycos.fr/app/uploader/FileUploader.cab
O16 - DPF: {FB48C7B0-EB66-4BE6-A1C5-9DDF3C37249A} (MCSendMessageHandler Class) - http://xtraz.icq.com/xtraz/activex/MISBH.cab
O18 - Protocol: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll

Merci d'avance pour votre aide !
A voir également:

23 réponses

  • 1
  • 2
Réponse 1 / 23
bernie61
 
salut
sur ordi sain tu charges Stinger de McAfee
ou bien celci

* tu charges Sysclean Package là:
http://fr.trendmicro-europe.com/enterprise/support/tsc.php
et le fichier dernière version signatures virus « LTPxxx.ZIP » (xxx représente les chiffres indiquant la version ) là
http://fr.trendmicro-europe.com/enterprise/support/pattern.php
*tu décomprimes le ltpxxx.zip et place le fichier ltp$vpn.xxx dans le même répertoire que Sysclean
* tu redémarres en mode sans échec
*tu lances le scan en cliquant sur sysclean.com et il est créé un fichier sysclean.log dans ce répertoire ;

a+
0
vange
 
merci beaucoup bernie !
J'essaye ça, et je te communique le résultat

Vange
0
vange
 
Re-bonjour bernie,
Voila j'ai fait le scan avec sysclean, je te communique le log et les infos de TSCDebug.
Pour les symptômes ça me fait de plus en plus penser à Sasser...



/--------------------------------------------------------------\
| Trend Micro Sysclean Package |
| Copyright 2002, Trend Micro, Inc. |
| http://www.trendmicro.com |
\--------------------------------------------------------------/


2004-12-11, 18:56:04, Auto-clean mode specified.
2004-12-11, 18:56:04, Running scanner "C:\Documents and Settings\Administrateur\Bureau\TSC.BIN"...
2004-12-11, 18:57:23, Scanner "C:\Documents and Settings\Administrateur\Bureau\TSC.BIN" has finished running.
2004-12-11, 18:57:23, TSC Log:

Damage Cleanup Engine (DCE) 3.8(Build 1019)
Windows XP(Build 2600: )

Start time : sam. déc. 11 2004 18:56:04

Load Damage Cleanup Template (DCT) "C:\Documents and Settings\Administrateur\Bureau\tsc.ptn" (version 465) [success]
WORM_KORGO[virus found]
-->delete process("EXPLORER.EXE","","") success
-->delete registry value("HKEY_LOCAL_MACHINE","Software\Microsoft\Windows\CurrentVersion\Run","Cryptographic Service") success
-->delete file("C:\WINDOWS\System32\ytphuv.exe","","") success
-->delete registry value("HKEY_LOCAL_MACHINE","Software\Microsoft\Wireless","ID") success
-->create process("C:\WINDOWS\EXPLORER.EXE","","") success
WORM_RBOT.QQ[virus found]
-->delete registry data("HKEY_LOCAL_MACHINE","Software\Microsoft\Windows\CurrentVersion\RunServices","wvsvc.exe") success
-->modify registry value("HKEY_LOCAL_MACHINE","SYSTEM\CurrentControlSet\Control\Lsa","restrictanonymous") success
-->modify registry value("HKEY_LOCAL_MACHINE","Software\Microsoft\Ole","EnableDCOM") success
WORM_WOOTBOT.DV[virus found]
-->delete registry data("HKEY_USERS",".DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run","guardpc.exe") success
-->delete registry data("HKEY_USERS",".DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce","guardpc.exe") success
WORM_RBOT.AMP[virus found]
-->delete registry data("HKEY_LOCAL_MACHINE","Software\Microsoft\Windows\CurrentVersion\Run","mod3.exe") success
-->delete file("C:\WINDOWS\System32\mod3.exe","","") success
-->delete registry data("HKEY_LOCAL_MACHINE","Software\Microsoft\Windows\CurrentVersion\RunServices","mod3.exe") success
-->modify registry value("HKEY_LOCAL_MACHINE","Software\Microsoft\OLE","EnableDCOM") success
-->modify registry value("HKEY_LOCAL_MACHINE","System\CurrentControlSet\Control\Lsa","RestrictAnonymous") success

Complete time : sam. déc. 11 2004 18:57:02
Execute pattern count(1559), Virus found count(4), Virus clean count(4), Clean failed count(0)

2004-12-11, 18:57:59, An error occurred while scanning file "C:\Documents and Settings\Administrateur\NTUSER.DAT": Accès refusé.
2004-12-11, 18:57:59, An error occurred while scanning file "C:\Documents and Settings\Administrateur\NTUSER.DAT.LOG": Accès refusé.
2004-12-11, 18:58:05, An error occurred while scanning file "C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat": Accès refusé.
2004-12-11, 18:58:05, An error occurred while scanning file "C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG": Accès refusé.
2004-12-11, 18:58:44, Could not set file for reading on "C:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson\user.dmp": Accès refusé.
2004-12-11, 18:59:00, An error occurred while scanning file "C:\Documents and Settings\LocalService\NTUSER.DAT": Accès refusé.
2004-12-11, 18:59:00, An error occurred while scanning file "C:\Documents and Settings\LocalService\ntuser.dat.LOG": Accès refusé.
2004-12-11, 18:59:00, An error occurred while scanning file "C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat": Accès refusé.
2004-12-11, 18:59:00, An error occurred while scanning file "C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG": Accès refusé.
2004-12-11, 18:59:01, An error occurred while scanning file "C:\Documents and Settings\NetworkService\NTUSER.DAT": Accès refusé.
2004-12-11, 18:59:01, An error occurred while scanning file "C:\Documents and Settings\NetworkService\ntuser.dat.LOG": Accès refusé.
2004-12-11, 18:59:01, An error occurred while scanning file "C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat": Accès refusé.
2004-12-11, 18:59:01, An error occurred while scanning file "C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG": Accès refusé.
2004-12-11, 19:15:07, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB824141$\sysmain.sdb": Accès refusé.
2004-12-11, 19:15:07, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB824141$\user32.dll": Accès refusé.
2004-12-11, 19:15:07, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB824141$\win32k.sys": Accès refusé.
2004-12-11, 19:15:07, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB828035$\msgsvc.dll": Accès refusé.
2004-12-11, 19:15:07, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB828035$\wkssvc.dll": Accès refusé.
2004-12-11, 19:15:07, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB828741$\catsrv.dll": Accès refusé.
2004-12-11, 19:15:07, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB828741$\catsrvut.dll": Accès refusé.
2004-12-11, 19:15:07, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB828741$\clbcatex.dll": Accès refusé.
2004-12-11, 19:15:07, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB828741$\clbcatq.dll": Accès refusé.
2004-12-11, 19:15:07, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB828741$\colbact.dll": Accès refusé.
2004-12-11, 19:15:07, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB828741$\comadmin.dll": Accès refusé.
2004-12-11, 19:15:07, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB828741$\comrepl.exe": Accès refusé.
2004-12-11, 19:15:07, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB828741$\comsvcs.dll": Accès refusé.
2004-12-11, 19:15:07, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB828741$\comuid.dll": Accès refusé.
2004-12-11, 19:15:07, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB828741$\es.dll": Accès refusé.
2004-12-11, 19:15:07, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB828741$\migregdb.exe": Accès refusé.
2004-12-11, 19:15:07, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB828741$\msdtcprx.dll": Accès refusé.
2004-12-11, 19:15:07, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB828741$\msdtctm.dll": Accès refusé.
2004-12-11, 19:15:07, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB828741$\msdtcuiu.dll": Accès refusé.
2004-12-11, 19:15:07, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB828741$\mtxclu.dll": Accès refusé.
2004-12-11, 19:15:07, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB828741$\mtxoci.dll": Accès refusé.
2004-12-11, 19:15:07, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB828741$\ole32.dll": Accès refusé.
2004-12-11, 19:15:07, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB828741$\rpcrt4.dll": Accès refusé.
2004-12-11, 19:15:07, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB828741$\rpcss.dll": Accès refusé.
2004-12-11, 19:15:07, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB828741$\txflog.dll": Accès refusé.
2004-12-11, 19:15:08, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB833987$\sxs.dll": Accès refusé.
2004-12-11, 19:15:08, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB835732$\browser.dll": Accès refusé.
2004-12-11, 19:15:08, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB835732$\callcont.dll": Accès refusé.
2004-12-11, 19:15:08, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB835732$\cmdevtgprov.dll": Accès refusé.
2004-12-11, 19:15:08, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB835732$\evtgprov.dll": Accès refusé.
2004-12-11, 19:15:08, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB835732$\gdi32.dll": Accès refusé.
2004-12-11, 19:15:08, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB835732$\h323.tsp": Accès refusé.
2004-12-11, 19:15:08, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB835732$\h323msp.dll": Accès refusé.
2004-12-11, 19:15:08, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB835732$\helpctr.exe": Accès refusé.
2004-12-11, 19:15:08, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB835732$\ipnathlp.dll": Accès refusé.
2004-12-11, 19:15:08, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB835732$\lsasrv.dll": Accès refusé.
2004-12-11, 19:15:08, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB835732$\mf3216.dll": Accès refusé.
2004-12-11, 19:15:08, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB835732$\msasn1.dll": Accès refusé.
2004-12-11, 19:15:08, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB835732$\msgina.dll": Accès refusé.
2004-12-11, 19:15:08, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB835732$\mst120.dll": Accès refusé.
2004-12-11, 19:15:08, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB835732$\netapi32.dll": Accès refusé.
2004-12-11, 19:15:08, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB835732$\nmcom.dll": Accès refusé.
2004-12-11, 19:15:08, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB835732$\rtcdll.dll": Accès refusé.
2004-12-11, 19:15:08, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB835732$\schannel.dll": Accès refusé.
2004-12-11, 19:15:08, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB837001$\dao360.dll": Accès refusé.
2004-12-11, 19:15:08, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB837001$\expsrv.dll": Accès refusé.
2004-12-11, 19:15:08, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB837001$\msexch40.dll": Accès refusé.
2004-12-11, 19:15:08, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB837001$\msexcl40.dll": Accès refusé.
2004-12-11, 19:15:08, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB837001$\msjet40.dll": Accès refusé.
2004-12-11, 19:15:08, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB837001$\msjetol1.dll": Accès refusé.
2004-12-11, 19:15:08, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB837001$\msjetoledb40.dll": Accès refusé.
2004-12-11, 19:15:08, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB837001$\msjint40.dll": Accès refusé.
2004-12-11, 19:15:08, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB837001$\msjter40.dll": Accès refusé.
2004-12-11, 19:15:08, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB837001$\msjtes40.dll": Accès refusé.
2004-12-11, 19:15:08, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB837001$\msltus40.dll": Accès refusé.
2004-12-11, 19:15:08, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB837001$\mspbde40.dll": Accès refusé.
2004-12-11, 19:15:08, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB837001$\msrd2x40.dll": Accès refusé.
2004-12-11, 19:15:08, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB837001$\msrd3x40.dll": Accès refusé.
2004-12-11, 19:15:08, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB837001$\msrepl40.dll": Accès refusé.
2004-12-11, 19:15:08, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB837001$\mstext40.dll": Accès refusé.
2004-12-11, 19:15:08, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB837001$\mswdat10.dll": Accès refusé.
2004-12-11, 19:15:08, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB837001$\mswstr10.dll": Accès refusé.
2004-12-11, 19:15:08, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB837001$\msxbde40.dll": Accès refusé.
2004-12-11, 19:15:08, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB837001$\vbajet32.dll": Accès refusé.
2004-12-11, 19:15:08, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB839645$\shell32.dll": Accès refusé.
2004-12-11, 19:15:11, Could not set file for reading on "C:\WINDOWS\$NtUninstallQ309521$\dxmasf.dll": Accès refusé.
2004-12-11, 19:15:11, Could not set file for reading on "C:\WINDOWS\$NtUninstallQ309521$\httpod51.dll": Accès refusé.
2004-12-11, 19:15:11, Could not set file for reading on "C:\WINDOWS\$NtUninstallQ309521$\sfcfiles.dll": Accès refusé.
2004-12-11, 19:15:11, Could not set file for reading on "C:\WINDOWS\$NtUninstallQ309521$\ssinc51.dll": Accès refusé.
2004-12-11, 19:15:11, Could not set file for reading on "C:\WINDOWS\$NtUninstallQ309521$\spuninst\spuninst.exe": Accès refusé.
2004-12-11, 19:15:11, Could not set file for reading on "C:\WINDOWS\$NtUninstallQ309521$\spuninst\spuninst.inf": Accès refusé.
2004-12-11, 19:15:11, Could not set file for reading on "C:\WINDOWS\$NtUninstallQ314862$\qmgr.dll": Accès refusé.
2004-12-11, 19:15:11, Could not set file for reading on "C:\WINDOWS\$NtUninstallQ314862$\spuninst\spuninst.exe": Accès refusé.
2004-12-11, 19:15:11, Could not set file for reading on "C:\WINDOWS\$NtUninstallQ314862$\spuninst\spuninst.inf": Accès refusé.
2004-12-11, 19:15:11, Could not set file for reading on "C:\WINDOWS\$NtUninstallQ315000$\netsetup.exe": Accès refusé.
2004-12-11, 19:15:11, Could not set file for reading on "C:\WINDOWS\$NtUninstallQ315000$\ssdpapi.dll": Accès refusé.
2004-12-11, 19:15:11, Could not set file for reading on "C:\WINDOWS\$NtUninstallQ315000$\ssdpsrv.dll": Accès refusé.
2004-12-11, 19:15:11, Could not set file for reading on "C:\WINDOWS\$NtUninstallQ315000$\upnp.dll": Accès refusé.
2004-12-11, 19:15:11, Could not set file for reading on "C:\WINDOWS\$NtUninstallQ315000$\spuninst\spuninst.exe": Accès refusé.
2004-12-11, 19:15:11, Could not set file for reading on "C:\WINDOWS\$NtUninstallQ315000$\spuninst\spuninst.inf": Accès refusé.
2004-12-11, 19:15:12, Could not set file for reading on "C:\WINDOWS\$NtUninstallQ323172$\reg00003": Accès refusé.
2004-12-11, 19:15:12, Could not set file for reading on "C:\WINDOWS\$NtUninstallQ323172$\reg00005": Accès refusé.
2004-12-11, 19:15:12, Could not set file for reading on "C:\WINDOWS\$NtUninstallQ323172$\reg00008": Accès refusé.
2004-12-11, 19:15:12, Could not set file for reading on "C:\WINDOWS\$NtUninstallQ323172$\reg00009": Accès refusé.
2004-12-11, 19:15:12, Could not set file for reading on "C:\WINDOWS\$NtUninstallQ323172$\reg00010": Accès refusé.
2004-12-11, 19:15:12, Could not set file for reading on "C:\WINDOWS\$NtUninstallQ323172$\reg00011": Accès refusé.
2004-12-11, 19:15:13, Could not set file for reading on "C:\WINDOWS\$NtUninstallQ328940$\reg00003": Accès refusé.
2004-12-11, 19:15:14, Could not set file for reading on "C:\WINDOWS\$NtUninstallQ828026$\msdxm.ocx": Accès refusé.
2004-12-11, 19:15:14, Could not set file for reading on "C:\WINDOWS\$NtUninstallQ828026$\wmpcore.dll": Accès refusé.
2004-12-11, 19:16:57, Could not set file for reading on "C:\WINDOWS\Prefetch\101_45095.EXE-084C89C1.pf": Accès refusé.
2004-12-11, 19:16:57, Could not set file for reading on "C:\WINDOWS\Prefetch\ACRORD32.EXE-0781811F.pf": Accès refusé.
2004-12-11, 19:16:57, Could not set file for reading on "C:\WINDOWS\Prefetch\AGENTSVR.EXE-002E45AB.pf": Accès refusé.
2004-12-11, 19:16:57, Could not set file for reading on "C:\WINDOWS\Prefetch\AGOBTGUI.COM-24905603.pf": Accès refusé.
2004-12-11, 19:16:57, Could not set file for reading on "C:\WINDOWS\Prefetch\AUPDATE.EXE-2253CB60.pf": Accès refusé.
2004-12-11, 19:16:57, Could not set file for reading on "C:\WINDOWS\Prefetch\AUTORUN.EXE-223CD859.pf": Accès refusé.
2004-12-11, 19:16:57, Could not set file for reading on "C:\WINDOWS\Prefetch\AVDAT.EXE-06933A3A.pf": Accès refusé.
2004-12-11, 19:16:57, Could not set file for reading on "C:\WINDOWS\Prefetch\AVDAT.EXE-0792C2BE.pf": Accès refusé.
2004-12-11, 19:16:57, Could not set file for reading on "C:\WINDOWS\Prefetch\AVP32.EXE-0CB2B8AF.pf": Accès refusé.
2004-12-11, 19:16:57, Could not set file for reading on "C:\WINDOWS\Prefetch\AVPCC.EXE-18FA9A5D.pf": Accès refusé.
2004-12-11, 19:16:57, Could not set file for reading on "C:\WINDOWS\Prefetch\AVPUPD.EXE-0D87FF20.pf": Accès refusé.
2004-12-11, 19:16:57, Could not set file for reading on "C:\WINDOWS\Prefetch\AVPVLIST.EXE-389074A2.pf": Accès refusé.
2004-12-11, 19:16:57, Could not set file for reading on "C:\WINDOWS\Prefetch\CCPWDSVC.EXE-17E7D8E4.pf": Accès refusé.
2004-12-11, 19:16:57, Could not set file for reading on "C:\WINDOWS\Prefetch\CONNECT.EXE-00FB7A5C.pf": Accès refusé.
2004-12-11, 19:16:57, Could not set file for reading on "C:\WINDOWS\Prefetch\CUBASESX.EXE-11F9695D.pf": Accès refusé.
2004-12-11, 19:16:57, Could not set file for reading on "C:\WINDOWS\Prefetch\DEFRAG.EXE-273F131E.pf": Accès refusé.
2004-12-11, 19:16:57, Could not set file for reading on "C:\WINDOWS\Prefetch\DFRGNTFS.EXE-269967DF.pf": Accès refusé.
2004-12-11, 19:16:57, Could not set file for reading on "C:\WINDOWS\Prefetch\DRWTSN32.EXE-2B4B52AC.pf": Accès refusé.
2004-12-11, 19:16:57, Could not set file for reading on "C:\WINDOWS\Prefetch\DUMPREP.EXE-1B46F901.pf": Accès refusé.
2004-12-11, 19:16:57, Could not set file for reading on "C:\WINDOWS\Prefetch\DWWIN.EXE-30875ADC.pf": Accès refusé.
2004-12-11, 19:16:57, Could not set file for reading on "C:\WINDOWS\Prefetch\EMULE.EXE-2A971BEB.pf": Accès refusé.
2004-12-11, 19:16:57, Could not set file for reading on "C:\WINDOWS\Prefetch\EULA.EXE-00FBAD16.pf": Accès refusé.
2004-12-11, 19:16:57, Could not set file for reading on "C:\WINDOWS\Prefetch\EXPLORER.EXE-082F38A9.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\F-SASSER.EXE-3ABC5137.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\FIXBLAST.EXE-127B527C.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\FIX_EXPLOREZIP.EXE-02050707.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\FIX_IWORM.COM-1A649A01.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\FIX_KLEZ.COM-2827AA78.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\GLB3.TMP-2CC81CBB.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\GLB72.TMP-27F1212D.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\GLJC.TMP-059E3EA3.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\HELPCTR.EXE-3862B6F5.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\HELPSVC.EXE-2878DDA2.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\HIJACKTHIS.EXE-124928B8.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\HPDARC.EXE-18B11979.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\HPOSM.EXE-0770134B.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\HPTSKMGR.EXE-32EF71D7.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\HPZENG09.EXE-21FF5F4F.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\HPZIPM12.EXE-145E7369.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\HPZSTC09.EXE-3AFDDA16.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\ICQLITE.EXE-2D093781.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\ICQLSRP.EXE-35D37486.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\IEXPLORE.EXE-27122324.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\IKERNEL.EXE-048903CE.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\IKERNEL.EXE-0F497BD1.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\KAVPERSPRO4.5.0.94FRE.EXE-159172E9.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\KAVSS.EXE-08175788.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\KLAV.EXE-1441B99C.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\Layout.ini": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\LOGON.SCR-151EFAEA.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\LOGONUI.EXE-0AF22957.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\LUCOMS~1.EXE-02DB5950.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\MCAGENT.EXE-168D195B.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\MCAPPINS.EXE-0CD4D2C0.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\MCAPPINS.EXE-10638A3A.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\MCAPPINS.EXE-292B1244.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\MCAPPINS.EXE-2C8E3169.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\MCAPPINS.EXE-3AD75A65.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\MCDASH.EXE-26506D96.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\MCINFO.EXE-35A0A279.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\MCMNHDLR.EXE-1D1F2FA0.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\MCMNHDLR.EXE-25682BF9.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\MCREGWIZ.EXE-20498823.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\MCSHIELD.EXE-15F93AD5.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\MCUPDATE.EXE-19916285.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\MCUPDMGR.EXE-21452C82.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\MCUPDMGR.EXE-2963FAB2.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\MCUPDUI.EXE-27129637.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\MCVSESCN.EXE-00F61003.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\MCVSFTSN.EXE-28693C17.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\MCVSMAP.EXE-155ED7D3.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\MCVSRTE.EXE-0CAB2150.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\MCVSSHLD.EXE-251E55A0.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\MGHTML.EXE-31D79FA5.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\MSI2F.TMP-39C87B51.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\MSI31.TMP-20191AC5.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\MSIEXEC.EXE-2F8A8CAE.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\MSINFO32.EXE-002AF0E6.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\MWAV.EXE-1B9DAE10.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\MWAVSCAN.COM-11EA0875.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\NAVAPSVC.EXE-2F1BA240.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\NAVW32.EXE-24F56911.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\NAVW32.EXE-2F9B64D1.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\NDETECT.EXE-16E64095.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\NMAIN.EXE-34D44D63.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\NOTEPAD.EXE-336351A9.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\NTOSBOOT-B00DFAAD.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\POWERPNT.EXE-0CAC7674.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\RASAUTOU.EXE-18B88A68.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\REALEVENT.EXE-34F30ACA.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\REGEDIT.EXE-1B606482.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\RUNDLL32.EXE-13791507.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\RUNDLL32.EXE-207199BC.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\RUNDLL32.EXE-2406F4A4.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\RUNDLL32.EXE-268BFF96.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\RUNDLL32.EXE-42C4EDF2.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\RUNDLL32.EXE-451FC2C0.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\RUNDLL32.EXE-4A5A9D78.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\SBSERV.EXE-2B0326DC.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\SETA.TMP-32BB8605.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\SETF.TMP-0685AB5A.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\SETUP.EXE-003973A6.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\SETUP.EXE-0A51177F.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\SETUP.EXE-13CD5199.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\SETUP.EXE-21285811.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\SETUP.EXE-3363FC93.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\SETUP.EXE-380A66EA.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\SEVINST.EXE-02F8F64B.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\SEVINST.EXE-3B278953.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\SVCHOST.EXE-3530F672.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\TASKMGR.EXE-20256C55.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\WINAMP.EXE-0D0189CA.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\WINRAR.EXE-39C6DAD9.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\WINWORD.EXE-29F5CB89.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\WMIPRVSE.EXE-28F301A9.pf": Accès refusé.
2004-12-11, 19:16:58, Could not set file for reading on "C:\WINDOWS\Prefetch\WUAUCLT.EXE-399A8E72.pf": Accès refusé.
2004-12-11, 19:19:16, An error occurred while scanning file "C:\WINDOWS\system32\ftpupd.exe": Accès refusé.
2004-12-11, 19:19:49, An error occurred while scanning file "C:\WINDOWS\system32\config\default": Accès refusé.
2004-12-11, 19:19:49, An error occurred while scanning file "C:\WINDOWS\system32\config\default.LOG": Accès refusé.
2004-12-11, 19:19:49, An error occurred while scanning file "C:\WINDOWS\system32\config\SAM": Accès refusé.
2004-12-11, 19:19:49, An error occurred while scanning file "C:\WINDOWS\system32\config\SAM.LOG": Accès refusé.
2004-12-11, 19:19:49, An error occurred while scanning file "C:\WINDOWS\system32\config\SECURITY": Accès refusé.
2004-12-11, 19:19:49, An error occurred while scanning file "C:\WINDOWS\system32\config\SECURITY.LOG": Accès refusé.
2004-12-11, 19:19:49, An error occurred while scanning file "C:\WINDOWS\system32\config\software": Accès refusé.
2004-12-11, 19:19:49, An error occurred while scanning file "C:\WINDOWS\system32\config\software.LOG": Accès refusé.
2004-12-11, 19:19:49, An error occurred while scanning file "C:\WINDOWS\system32\config\system": Accès refusé.
2004-12-11, 19:19:49, An error occurred while scanning file "C:\WINDOWS\system32\config\system.LOG": Accès refusé.
2004-12-11, 19:20:53, Running scanner "C:\Documents and Settings\Administrateur\Bureau\VSCANTM.BIN"...
2004-12-11, 19:38:22, Files Detected:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 12/11/2004 19:20:53
VSAPI Engine Version : 7.000-1004
VSCANTM Version : 1.1-1001
Virus Pattern Version : 287 (80564 Patterns) (2004/12/09) (228700)
Command Line: C:\Documents and Settings\Administrateur\Bureau\VSCANTM.BIN /NBPM /S /CLEANALL /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 C:\*.* /P=C:\Documents and Settings\Administrateur\Bureau

C:\Program Files\Internet Optimizer\actalert.exe [TROJ_DYFUCA.CR]
C:\Program Files\Internet Optimizer\update\actalert.exe [TROJ_DYFUCA.CR]
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\CXINW1M7\actalert[1].exe [TROJ_DYFUCA.CR]
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\CXINW1M7\istrecover[1].exe [TROJ_ISTBAR.AC]
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\SHI7WXYZ\x[1].exe [WORM_KORGO.V]
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\WXYB0DER\istsvc[1].exe [TROJ_CLICKER.F]
C:\WINDOWS\system32\svcshost.exe [WORM_WOOTBOT.BU]
C:\WINDOWS\system32\wvsvc.exe [WORM_RBOT.QQ]
60069 files have been read.
60069 files have been checked.
42575 files have been scanned.
64150 files have been scanned. (including files in archived)
8 files containing viruses.
Found 8 viruses totally.
Maybe 0 viruses totally.
Stop At : 12/11/2004 19:38:22
---------*---------*---------*---------*---------*---------*---------*---------*
2004-12-11, 19:38:22, Files Clean:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 12/11/2004 19:20:53
VSAPI Engine Version : 7.000-1004
VSCANTM Version : 1.1-1001
Virus Pattern Version : 287 (80564 Patterns) (2004/12/09) (228700)
Command Line: C:\Documents and Settings\Administrateur\Bureau\VSCANTM.BIN /NBPM /S /CLEANALL /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 C:\*.* /P=C:\Documents and Settings\Administrateur\Bureau

Success Clean [ TROJ_ISTBAR.AC]( 1) from C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\CXINW1M7\istrecover[1].exe
Success Clean [ WORM_KORGO.V]( 1) from C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\SHI7WXYZ\x[1].exe
Success Clean [ TROJ_CLICKER.F]( 1) from C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\WXYB0DER\istsvc[1].exe
60069 files have been read.
60069 files have been checked.
42575 files have been scanned.
64150 files have been scanned. (including files in archived)
8 files containing viruses.
Found 8 viruses totally.
Maybe 0 viruses totally.
Stop At : 12/11/2004 19:38:22 17 minutes 26 seconds (1045.92 seconds) has elapsed.

---------*---------*---------*---------*---------*---------*---------*---------*
2004-12-11, 19:38:22, Clean Fail:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 12/11/2004 19:20:53
VSAPI Engine Version : 7.000-1004
VSCANTM Version : 1.1-1001
Virus Pattern Version : 287 (80564 Patterns) (2004/12/09) (228700)
Command Line: C:\Documents and Settings\Administrateur\Bureau\VSCANTM.BIN /NBPM /S /CLEANALL /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 C:\*.* /P=C:\Documents and Settings\Administrateur\Bureau

60069 files have been read.
60069 files have been checked.
42575 files have been scanned.
64150 files have been scanned. (including files in archived)
8 files containing viruses.
Found 8 viruses totally.
Maybe 0 viruses totally.
Stop At : 12/11/2004 19:38:22 17 minutes 26 seconds (1045.92 seconds) has elapsed.

---------*---------*---------*---------*---------*---------*---------*---------*
2004-12-11, 19:38:22, Scanner "C:\Documents and Settings\Administrateur\Bureau\VSCANTM.BIN" has finished running.
2004-12-11, 20:11:37, An error was detected on "D:\System Volume Information\*.*": Accès refusé.
2004-12-11, 20:13:20, Running scanner "C:\Documents and Settings\Administrateur\Bureau\VSCANTM.BIN"...
2004-12-11, 20:24:56, Files Detected:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 12/11/2004 20:13:20
VSAPI Engine Version : 7.000-1004
VSCANTM Version : 1.1-1001
Virus Pattern Version : 287 (80564 Patterns) (2004/12/09) (228700)
Command Line: C:\Documents and Settings\Administrateur\Bureau\VSCANTM.BIN /NBPM /S /CLEANALL /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 D:\*.* /P=C:\Documents and Settings\Administrateur\Bureau

47605 files have been read.
47605 files have been checked.
41529 files have been scanned.
42307 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 12/11/2004 20:24:56
---------*---------*---------*---------*---------*---------*---------*---------*
2004-12-11, 20:24:56, Files Clean:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 12/11/2004 20:13:20
VSAPI Engine Version : 7.000-1004
VSCANTM Version : 1.1-1001
Virus Pattern Version : 287 (80564 Patterns) (2004/12/09) (228700)
Command Line: C:\Documents and Settings\Administrateur\Bureau\VSCANTM.BIN /NBPM /S /CLEANALL /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 D:\*.* /P=C:\Documents and Settings\Administrateur\Bureau

47605 files have been read.
47605 files have been checked.
41529 files have been scanned.
42307 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 12/11/2004 20:24:56 11 minutes 33 seconds (692.38 seconds) has elapsed.

---------*---------*---------*---------*---------*---------*---------*---------*
2004-12-11, 20:24:56, Clean Fail:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 12/11/2004 20:13:20
VSAPI Engine Version : 7.000-1004
VSCANTM Version : 1.1-1001
Virus Pattern Version : 287 (80564 Patterns) (2004/12/09) (228700)
Command Line: C:\Documents and Settings\Administrateur\Bureau\VSCANTM.BIN /NBPM /S /CLEANALL /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 D:\*.* /P=C:\Documents and Settings\Administrateur\Bureau

47605 files have been read.
47605 files have been checked.
41529 files have been scanned.
42307 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 12/11/2004 20:24:56 11 minutes 33 seconds (692.38 seconds) has elapsed.

---------*---------*---------*---------*---------*---------*---------*---------*
2004-12-11, 20:24:56, Scanner "C:\Documents and Settings\Administrateur\Bureau\VSCANTM.BIN" has finished running.

Debug Information Level=0
BackupRegKeyValue[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run:Cryptographic Service]
BackupFile[C:\WINDOWS\System32\ytphuv.exe]
BackupRegKeyValue[HKEY_LOCAL_MACHINE\Software\Microsoft\Wireless:ID]
BackupRegKey[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices]
BackupRegKeyValue[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa:restrictanonymous]
BackupRegKeyValue[HKEY_LOCAL_MACHINE\Software\Microsoft\Ole:EnableDCOM]
BackupRegKey[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
BackupRegKey[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
BackupRegKey[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
BackupRegKey[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]
BackupRegKey[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
BackupRegKey[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
BackupRegKey[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
BackupFile[C:\WINDOWS\System32\mod3.exe]


Merci encore,
Vange
0
bernie61
 
re
semble ok en effet, mais installe un Firewall sérieux (pas celui XP)
et qqs utilitaires comme ceux-ci
anti adware de lavasoft là gratuit
http://www.lavasoftusa.com/support/download/
Et SpySwepper là :
http://www.webroot.com/products/spysweeper/
et surtout celui là Spybot S&D là:
http://www.safer-networking.org/en/index.html
à lancer avec MAJ (mise à jour)
il existe màj logicielle pour DSOexploit officielle là http://www.safer-networking.org/files/spybotsd131tx.exe mais si pas de chargement
alors à charger là http://www.majorgeeks.com/download4392.html
pour configurer spybotS&D,

a+
0
Réponse 2 / 23
ghis30 Messages postés 211 Statut Membre 17
 
Je sais pas si c'est sasser, mais si c'est sasser essaye ca:
http://www.01net.com/telecharger/windows/Utilitaire/antivirus/fiches/50071.html
0
Réponse 3 / 23
vange
 
Les problèmes reviennent !

J'ai fait plusieurs scans antivirus, notamment avec spybot et adaware. J'ai également installé le firewall ZoneAlarm (qui est effectivement assailli toutes les 3 secondes par des intrus...).
Cependant au redémarrage (mode sans échec) les virus reviennent toujours plus nombreux : DyFuca, SideFind, TopMoxie, CoolWebSearch...
En plus, je n'arrive toujours pas à démarrer en mode normal : le système reste figé.

J'ai essayé de mettre à jour Windows, mais c'est impossible (message d'erreur).

Que dois-je faire ? Est-il possible d'éviter le formatage ?

Merci pour votre aide

Vange
0
Réponse 4 / 23
bernie61
 
salut
refais HijackThis et copie/colle le rapport ici
a+
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 23
vange
 
bonsoir bernie,

Voila le rapport hijackthis après "nettoyage" (spybot, adaware, kaspersky, trojanhunter) :
Logfile of HijackThis v1.98.2
Scan saved at 17:02:11, on 12/12/2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\ZoneLabs\vsmon.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Adobe\Acrobat 5.0\Reader\AcroRd32.exe
C:\Documents and Settings\Vange\Bureau\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.wanadoo.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://home.free.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {00000010-6F7D-442C-93E3-4A4827C2E4C8} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [TCASUTIEXE] TCAUDIAG.exe -off
O4 - HKLM\..\Run: [DeltTray] DeltTray.exe
O4 - HKLM\..\Run: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -minimize
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Windows TaskAd] C:\Program Files\Windows TaskAd\WinTaskAd.exe
O4 - HKLM\..\Run: [KAVPersonal50] C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe /minimize
O4 - HKLM\..\Run: [sais] c:\program files\180solutions\sais.exe
O4 - HKLM\..\Run: [Sepate Security Firewall] sepate.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\McAfee.com\Agent\McUpdate.exe
O4 - HKLM\..\Run: [MCAgentExe] C:\PROGRA~1\McAfee.com\Agent\McAgent.exe
O4 - HKLM\..\Run: [McRegWiz] c:\PROGRA~1\mcafee.com\agent\mcregwiz.exe /autorun
O4 - HKLM\..\Run: [MSN service] msnmgr21.exe
O4 - HKLM\..\Run: [Software\Microsoft\Windows\CurrentVersion\RunServices] winauth.exe
O4 - HKLM\..\Run: [mod3] mod3.exe
O4 - HKLM\..\Run: [Microsoft Windows Security] spvsper.exe
O4 - HKLM\..\Run: [Cryptographic Service] C:\WINDOWS\System32\ytphuv.exe
O4 - HKLM\..\Run: [Microsoft Windows Update] svcshost.exe
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\RunServices: [Microsoft Update] wuampd.exe
O4 - HKLM\..\RunServices: [Sepate Security Firewall] sepate.exe
O4 - HKLM\..\RunServices: [Microsoft Windows Security] spvsper.exe
O4 - HKLM\..\RunServices: [wvsvc] wvsvc.exe
O4 - HKLM\..\RunServices: [Microsoft Windows Securety] wurguar.exe
O4 - HKLM\..\RunServices: [M1cr0s0ft S3rcurity] systemconfig.exe
O4 - HKLM\..\RunServices: [NvCplScan] nvsc32.exe
O4 - HKLM\..\RunServices: [MSN service] msnmgr21.exe
O4 - HKLM\..\RunServices: [Software\Microsoft\Windows\CurrentVersion\RunServices] winauth.exe
O4 - HKLM\..\RunServices: [mod3] mod3.exe
O4 - HKLM\..\RunServices: [Microsoft Windows Update] svcshost.exe
O4 - HKLM\..\RunOnce: [Software\Microsoft\Windows\CurrentVersion\RunServices] winauth.exe
O4 - HKLM\..\RunOnce: [Microsoft Windows Security] spvsper.exe
O4 - HKLM\..\RunOnce: [Microsoft Windows Update] svcshost.exe
O4 - HKLM\..\RunOnce: [SpyBotSnD] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk.disabled
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: NkvMon.exe.lnk.disabled
O9 - Extra button: ICQ 4 - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) - http://encyclo.voila.fr/JS/tdserver.cab
O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab
O16 - DPF: {161A7465-FEEE-4B40-8A85-ED752B93F73E} - file://E:\IntraLaunch.CAB
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/17f2a22069b82a6db917/netzip/RdxIE601_fr.cab
O16 - DPF: {72C23FEC-3AF9-48FC-9597-241A8EBDFE0A} (InstallShield International Setup Player) - http://ftp.hp.com/pub/automatic/player/isetupML.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.inoculer.com/antivirus/Msie/bitdefender.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} (CRAVOnline Object) - http://www.ravantivirus.com/scan/ravonline.cab
O16 - DPF: {C36112BF-2FA3-4694-8603-3B510EA3B465} (Lycos File Upload Component) - http://f002.mail.caramail.lycos.fr/app/uploader/FileUploader.cab
O16 - DPF: {FB48C7B0-EB66-4BE6-A1C5-9DDF3C37249A} (MCSendMessageHandler Class) - http://xtraz.icq.com/xtraz/activex/MISBH.cab
O18 - Protocol: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll

A plus,

Vange
0
Réponse 6 / 23
bernie61
 
re salut
il y a du boulot, garde ton calme
Désintaller 180 solution par Démarrer/panneauConfig/ajoutSuppressionProgrammes
c:\program files\180solutions\sais.exe
sinon redémarrer mode sans échec et tout effacer dans ce répertoire

Vérifie ces pgm :
sepate.exe >>> rechercher et à effacer (mode sans échec)
mod3.exe >> rechercher et à checker propriétés si tu connais
Si pas sûr tu zip le fichier et efface le .EXE

Relances HijackThis et cocher toutes ces lignes, puis FIX :
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {00000010-6F7D-442C-93E3-4A4827C2E4C8} - (no file)
O4 - HKLM\..\Run: [sais] c:\program files\180solutions\sais.exe
O4 - HKLM\..\Run: [Sepate Security Firewall] sepate.exe
O4 - HKLM\..\Run: [MSN service] msnmgr21.exe
O4 - HKLM\..\Run: [Software\Microsoft\Windows\CurrentVersion\RunServices] winauth.exe
O4 - HKLM\..\Run: [Microsoft Windows Security] spvsper.exe
O4 - HKLM\..\Run: [Cryptographic Service] C:\WINDOWS\System32\ytphuv.exe
O4 - HKLM\..\Run: [Microsoft Windows Update] svcshost.exe
O4 - HKLM\..\RunServices: [Microsoft Update] wuampd.exe
O4 - HKLM\..\RunServices: [Sepate Security Firewall] sepate.exe
O4 - HKLM\..\RunServices: [Microsoft Windows Security] spvsper.exe
O4 - HKLM\..\RunServices: [wvsvc] wvsvc.exe
O4 - HKLM\..\RunServices: [Microsoft Windows Securety] wurguar.exe
O4 - HKLM\..\RunServices: [M1cr0s0ft S3rcurity] systemconfig.exe
O4 - HKLM\..\RunServices: [MSN service] msnmgr21.exe
O4 - HKLM\..\RunServices: [Software\Microsoft\Windows\CurrentVersion\RunServices] winauth.exe
O4 - HKLM\..\RunServices: [Microsoft Windows Update] svcshost.exe
O4 - HKLM\..\RunOnce: [Software\Microsoft\Windows\CurrentVersion\RunServices] winauth.exe
O4 - HKLM\..\RunOnce: [Microsoft Windows Security] spvsper.exe
O4 - HKLM\..\RunOnce: [Microsoft Windows Update] svcshost.exe

A cocher et FIX si inconnu
O4 - HKLM\..\Run: [mod3] mod3.exe
O4 - HKLM\..\RunServices: [mod3] mod3.exe >> 2ème X bizar ça sent l’infection check bien

efface ensuite tous les temps
redémarre et refais HijackThis pour contrôle
a+
0
Réponse 7 / 23
vange
 
Re bonsoir,

Malheureusement les problèmes persistent ...
J'ai suivi tes conseils mais je n'ai pas trouvé sepate.exe ni mod3.exe dans la machine (j'ai fait une recherche sur tout l'ordinateur avec fichiers cachés).
J'ai supprimé les entrées dans hijackthis.
Je ne sais pas si ça a un rapport, mais 1 fichier tmp est impossible à supprimer : ~DF4B2E.tmp

Le redémarrage en mode normal est impossible. En mode sans échec, j'ai toujours dans le gestionnaire des tâches le svchost suspect (sa suppression provoque l'arret du système au bout de une minute sans la commande shutdown -a).

Voila le log de hijackthis :
Logfile of HijackThis v1.98.2
Scan saved at 20:11:01, on 12/12/2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\ZoneLabs\vsmon.exe
C:\Documents and Settings\Vange\Bureau\HijackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.wanadoo.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://home.free.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [TCASUTIEXE] TCAUDIAG.exe -off
O4 - HKLM\..\Run: [DeltTray] DeltTray.exe
O4 - HKLM\..\Run: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -minimize
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Windows TaskAd] C:\Program Files\Windows TaskAd\WinTaskAd.exe
O4 - HKLM\..\Run: [KAVPersonal50] C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe /minimize
O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [MCAgentExe] C:\PROGRA~1\McAfee.com\Agent\McAgent.exe
O4 - HKLM\..\Run: [McRegWiz] c:\PROGRA~1\mcafee.com\agent\mcregwiz.exe /autorun
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\RunServices: [NvCplScan] nvsc32.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk.disabled
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: NkvMon.exe.lnk.disabled
O9 - Extra button: ICQ 4 - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) - http://encyclo.voila.fr/JS/tdserver.cab
O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab
O16 - DPF: {161A7465-FEEE-4B40-8A85-ED752B93F73E} - file://E:\IntraLaunch.CAB
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/17f2a22069b82a6db917/netzip/RdxIE601_fr.cab
O16 - DPF: {72C23FEC-3AF9-48FC-9597-241A8EBDFE0A} (InstallShield International Setup Player) - http://ftp.hp.com/pub/automatic/player/isetupML.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.inoculer.com/antivirus/Msie/bitdefender.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} (CRAVOnline Object) - http://www.ravantivirus.com/scan/ravonline.cab
O16 - DPF: {C36112BF-2FA3-4694-8603-3B510EA3B465} (Lycos File Upload Component) - http://f002.mail.caramail.lycos.fr/app/uploader/FileUploader.cab
O16 - DPF: {FB48C7B0-EB66-4BE6-A1C5-9DDF3C37249A} (MCSendMessageHandler Class) - http://xtraz.icq.com/xtraz/activex/MISBH.cab
O18 - Protocol: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll

Merci pour ton aide et pour ta patience !

Vange
0
Réponse 8 / 23
bernie61
 
re
applique ceci et fais nouvelle recherche
*Pour scan complet il faut pouvoir scanner tous les dossiers donc faire :
Démarrer/PanneauConfiguration/OptionsDossiers /ongletAffichage et là cocher les lignes
- afficher les fichiers et dossier cachés
- afficher contenu dossier système
décocher
- masquer fichiers protégés du dossier système
Puis cliquer APPLIQUER à TOUS les Dossiers
a+
0
Réponse 9 / 23
bernie61
 
re salut
Vérifie ces pgm :
c:\PROGRA~1\mcafee.com\agent\mcregwiz.exe /autorun >>>propriétés vérifie si McAfee
Si pas sûr tu zip le fichier et efface le .EXE

Relances HijackThis et cocher toutes ces lignes, puis FIX :
O4 - HKLM\..\RunServices: [NvCplScan] nvsc32.exe >>virus Sdbot

A cocher et Fix si inconnu
O4 - HKLM\..\Run: [McRegWiz] c:\PROGRA~1\mcafee.com\agent\mcregwiz.exe /autorun
O16 - DPF: {C36112BF-2FA3-4694-8603-3B510EA3B465} (Lycos File Upload Component) – http ://f002.mail.caramail.lycos.fr/app/uploader/FileUploader.cab
O16 - DPF: {72C23FEC-3AF9-48FC-9597-241A8EBDFE0A} (InstallShield International Setup Player) – http ://ftp.hp.com/pub/automatic/player/isetupML.cab
O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) – http ://encyclo.voila.fr/JS/tdserver.cab

fais une mise à jour Windows
efface à nouveau tous temp
et redémarre et relance HijackThis

a+
0
Réponse 10 / 23
vange
 
ça commence à aller mieux: windows démarre normalement !

Malheureusement, le virus lié à svchost est toujours là ... et windows update ne fonctionne plus du tout (message d'erreur à chaque fois que j'essaye de télécharger la mise à jour).

Voici le nouveau log de hijackthis :
Logfile of HijackThis v1.98.2
Scan saved at 23:02:30, on 12/12/2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\DeltTray.exe
C:\Program Files\ICQLite\ICQLite.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\Documents and Settings\Vange\Bureau\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.wanadoo.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [TCASUTIEXE] TCAUDIAG.exe -off
O4 - HKLM\..\Run: [DeltTray] DeltTray.exe
O4 - HKLM\..\Run: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -minimize
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Windows TaskAd] C:\Program Files\Windows TaskAd\WinTaskAd.exe
O4 - HKLM\..\Run: [KAVPersonal50] C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe /minimize
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk.disabled
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: NkvMon.exe.lnk.disabled
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Program Files\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O9 - Extra button: ICQ 4 - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab
O16 - DPF: {161A7465-FEEE-4B40-8A85-ED752B93F73E} - file://E:\IntraLaunch.CAB
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/17f2a22069b82a6db917/netzip/RdxIE601_fr.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.inoculer.com/antivirus/Msie/bitdefender.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} (CRAVOnline Object) - http://www.ravantivirus.com/scan/ravonline.cab
O16 - DPF: {FB48C7B0-EB66-4BE6-A1C5-9DDF3C37249A} (MCSendMessageHandler Class) - http://xtraz.icq.com/xtraz/activex/MISBH.cab
O18 - Protocol: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll

Le fichier svchost.exe dans le gestionnaire des tâches est-il lié à SdBot ? Est-ce qu'il se peut qu'il désactive windows update ?

Merci pour ton aide précieuse !

Vange
0
Réponse 11 / 23
bernie61
 
re
non svchost est process normal

mais pour ton virus applique ceci
* tu charges Sysclean Package là:
http://fr.trendmicro-europe.com/enterprise/support/tsc.php
et le fichier dernière version signatures virus « LTPxxx.ZIP » (xxx représente les chiffres indiquant la version ) là
http://fr.trendmicro-europe.com/enterprise/support/pattern.php
*tu décomprimes le ltpxxx.zip et place le fichier ltp$vpn.xxx dans le même répertoire que Sysclean
* tu redémarres en mode sans échec
*tu lances le scan en cliquant sur sysclean.com et il est créé un fichier sysclean.log dans ce répertoire ;

et ensuite refais HijackThis pour voir
courage on va y arriver
a+
0
Réponse 12 / 23
vange
 
Bonsoir,

je viens de faire le scan avec sysclean, et le virus wootbot revient à chaque fois ...
Je pense qu'il supprime les clés correspondantes dans la base de registre mais il ne trouve pas les programmes dans le poste de travail...
Voila le log :

2004-12-13, 15:21:07, Auto-clean mode specified.
2004-12-13, 15:21:07, Running scanner "C:\Documents and Settings\Vange\Bureau\TSC.BIN"...
2004-12-13, 15:22:28, Scanner "C:\Documents and Settings\Vange\Bureau\TSC.BIN" has finished running.
2004-12-13, 15:22:28, TSC Log:

Damage Cleanup Engine (DCE) 3.8(Build 1019)
Windows XP(Build 2600: )

Start time : lun. déc. 13 2004 00:00:44

Load Damage Cleanup Template (DCT) "C:\Documents and Settings\Vange\Bureau\tsc.ptn" (version 465) [success]
WORM_WOOTBOT.BU[virus found]
-->delete registry data("HKEY_USERS",".DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run","svcshost.exe") success
-->delete registry data("HKEY_USERS",".DEFAULT\Software\Microsoft\Windows\CurrentVersion\Runonce","svcshost.exe") success
WORM_WOOTBOT.DV[virus found]
-->delete registry data("HKEY_USERS",".DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run","guardpc.exe") success
-->delete registry data("HKEY_USERS",".DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce","guardpc.exe") success

Complete time : lun. déc. 13 2004 00:01:08
Execute pattern count(1559), Virus found count(2), Virus clean count(2), Clean failed count(0)

Damage Cleanup Engine (DCE) 3.8(Build 1019)
Windows XP(Build 2600: )

Start time : lun. déc. 13 2004 15:21:07

Load Damage Cleanup Template (DCT) "C:\Documents and Settings\Vange\Bureau\tsc.ptn" (version 465) [success]

Complete time : lun. déc. 13 2004 15:22:28
Execute pattern count(1559), Virus found count(0), Virus clean count(0), Clean failed count(0)

2004-12-13, 15:23:19, An error occurred while scanning file "C:\Documents and Settings\Administrateur\NTUSER.DAT": Accès refusé.
2004-12-13, 15:23:19, An error occurred while scanning file "C:\Documents and Settings\Administrateur\NTUSER.DAT.LOG": Accès refusé.
2004-12-13, 15:23:30, An error occurred while scanning file "C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat": Accès refusé.
2004-12-13, 15:23:30, An error occurred while scanning file "C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG": Accès refusé.
2004-12-13, 15:24:19, Could not set file for reading on "C:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson\user.dmp": Accès refusé.
2004-12-13, 16:17:40, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB824141$\sysmain.sdb": Accès refusé.
2004-12-13, 16:17:40, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB824141$\user32.dll": Accès refusé.
2004-12-13, 16:17:40, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB824141$\win32k.sys": Accès refusé.
2004-12-13, 16:17:41, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB828035$\msgsvc.dll": Accès refusé.
2004-12-13, 16:17:41, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB828035$\wkssvc.dll": Accès refusé.
2004-12-13, 16:17:41, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB828741$\catsrv.dll": Accès refusé.
2004-12-13, 16:17:41, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB828741$\catsrvut.dll": Accès refusé.
2004-12-13, 16:17:41, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB828741$\clbcatex.dll": Accès refusé.
2004-12-13, 16:17:41, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB828741$\clbcatq.dll": Accès refusé.
2004-12-13, 16:17:41, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB828741$\colbact.dll": Accès refusé.
2004-12-13, 16:17:41, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB828741$\comadmin.dll": Accès refusé.
2004-12-13, 16:17:41, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB828741$\comrepl.exe": Accès refusé.
2004-12-13, 16:17:41, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB828741$\comsvcs.dll": Accès refusé.
2004-12-13, 16:17:41, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB828741$\comuid.dll": Accès refusé.
2004-12-13, 16:17:41, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB828741$\es.dll": Accès refusé.
2004-12-13, 16:17:41, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB828741$\migregdb.exe": Accès refusé.
2004-12-13, 16:17:41, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB828741$\msdtcprx.dll": Accès refusé.
2004-12-13, 16:17:41, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB828741$\msdtctm.dll": Accès refusé.
2004-12-13, 16:17:41, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB828741$\msdtcuiu.dll": Accès refusé.
2004-12-13, 16:17:41, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB828741$\mtxclu.dll": Accès refusé.
2004-12-13, 16:17:41, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB828741$\mtxoci.dll": Accès refusé.
2004-12-13, 16:17:41, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB828741$\ole32.dll": Accès refusé.
2004-12-13, 16:17:41, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB828741$\rpcrt4.dll": Accès refusé.
2004-12-13, 16:17:41, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB828741$\rpcss.dll": Accès refusé.
2004-12-13, 16:17:41, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB828741$\txflog.dll": Accès refusé.
2004-12-13, 16:17:41, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB833987$\sxs.dll": Accès refusé.
2004-12-13, 16:17:43, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB835732$\browser.dll": Accès refusé.
2004-12-13, 16:17:43, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB835732$\callcont.dll": Accès refusé.
2004-12-13, 16:17:43, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB835732$\cmdevtgprov.dll": Accès refusé.
2004-12-13, 16:17:43, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB835732$\evtgprov.dll": Accès refusé.
2004-12-13, 16:17:43, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB835732$\gdi32.dll": Accès refusé.
2004-12-13, 16:17:43, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB835732$\h323.tsp": Accès refusé.
2004-12-13, 16:17:43, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB835732$\h323msp.dll": Accès refusé.
2004-12-13, 16:17:43, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB835732$\helpctr.exe": Accès refusé.
2004-12-13, 16:17:43, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB835732$\ipnathlp.dll": Accès refusé.
2004-12-13, 16:17:43, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB835732$\lsasrv.dll": Accès refusé.
2004-12-13, 16:17:43, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB835732$\mf3216.dll": Accès refusé.
2004-12-13, 16:17:43, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB835732$\msasn1.dll": Accès refusé.
2004-12-13, 16:17:43, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB835732$\msgina.dll": Accès refusé.
2004-12-13, 16:17:43, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB835732$\mst120.dll": Accès refusé.
2004-12-13, 16:17:43, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB835732$\netapi32.dll": Accès refusé.
2004-12-13, 16:17:43, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB835732$\nmcom.dll": Accès refusé.
2004-12-13, 16:17:43, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB835732$\rtcdll.dll": Accès refusé.
2004-12-13, 16:17:43, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB835732$\schannel.dll": Accès refusé.
2004-12-13, 16:17:43, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB837001$\dao360.dll": Accès refusé.
2004-12-13, 16:17:43, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB837001$\expsrv.dll": Accès refusé.
2004-12-13, 16:17:43, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB837001$\msexch40.dll": Accès refusé.
2004-12-13, 16:17:43, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB837001$\msexcl40.dll": Accès refusé.
2004-12-13, 16:17:43, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB837001$\msjet40.dll": Accès refusé.
2004-12-13, 16:17:43, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB837001$\msjetol1.dll": Accès refusé.
2004-12-13, 16:17:43, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB837001$\msjetoledb40.dll": Accès refusé.
2004-12-13, 16:17:43, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB837001$\msjint40.dll": Accès refusé.
2004-12-13, 16:17:43, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB837001$\msjter40.dll": Accès refusé.
2004-12-13, 16:17:43, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB837001$\msjtes40.dll": Accès refusé.
2004-12-13, 16:17:43, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB837001$\msltus40.dll": Accès refusé.
2004-12-13, 16:17:43, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB837001$\mspbde40.dll": Accès refusé.
2004-12-13, 16:17:43, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB837001$\msrd2x40.dll": Accès refusé.
2004-12-13, 16:17:43, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB837001$\msrd3x40.dll": Accès refusé.
2004-12-13, 16:17:43, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB837001$\msrepl40.dll": Accès refusé.
2004-12-13, 16:17:43, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB837001$\mstext40.dll": Accès refusé.
2004-12-13, 16:17:43, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB837001$\mswdat10.dll": Accès refusé.
2004-12-13, 16:17:43, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB837001$\mswstr10.dll": Accès refusé.
2004-12-13, 16:17:43, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB837001$\msxbde40.dll": Accès refusé.
2004-12-13, 16:17:43, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB837001$\vbajet32.dll": Accès refusé.
2004-12-13, 16:17:43, Could not set file for reading on "C:\WINDOWS\$NtUninstallKB839645$\shell32.dll": Accès refusé.
2004-12-13, 16:18:09, Could not set file for reading on "C:\WINDOWS\$NtUninstallQ309521$\dxmasf.dll": Accès refusé.
2004-12-13, 16:18:09, Could not set file for reading on "C:\WINDOWS\$NtUninstallQ309521$\httpod51.dll": Accès refusé.
2004-12-13, 16:18:09, Could not set file for reading on "C:\WINDOWS\$NtUninstallQ309521$\sfcfiles.dll": Accès refusé.
2004-12-13, 16:18:09, Could not set file for reading on "C:\WINDOWS\$NtUninstallQ309521$\ssinc51.dll": Accès refusé.
2004-12-13, 16:18:09, Could not set file for reading on "C:\WINDOWS\$NtUninstallQ309521$\spuninst\spuninst.exe": Accès refusé.
2004-12-13, 16:18:09, Could not set file for reading on "C:\WINDOWS\$NtUninstallQ309521$\spuninst\spuninst.inf": Accès refusé.
2004-12-13, 16:18:09, Could not set file for reading on "C:\WINDOWS\$NtUninstallQ314862$\qmgr.dll": Accès refusé.
2004-12-13, 16:18:09, Could not set file for reading on "C:\WINDOWS\$NtUninstallQ314862$\spuninst\spuninst.exe": Accès refusé.
2004-12-13, 16:18:09, Could not set file for reading on "C:\WINDOWS\$NtUninstallQ314862$\spuninst\spuninst.inf": Accès refusé.
2004-12-13, 16:18:09, Could not set file for reading on "C:\WINDOWS\$NtUninstallQ315000$\netsetup.exe": Accès refusé.
2004-12-13, 16:18:09, Could not set file for reading on "C:\WINDOWS\$NtUninstallQ315000$\ssdpapi.dll": Accès refusé.
2004-12-13, 16:18:09, Could not set file for reading on "C:\WINDOWS\$NtUninstallQ315000$\ssdpsrv.dll": Accès refusé.
2004-12-13, 16:18:09, Could not set file for reading on "C:\WINDOWS\$NtUninstallQ315000$\upnp.dll": Accès refusé.
2004-12-13, 16:18:09, Could not set file for reading on "C:\WINDOWS\$NtUninstallQ315000$\spuninst\spuninst.exe": Accès refusé.
2004-12-13, 16:18:09, Could not set file for reading on "C:\WINDOWS\$NtUninstallQ315000$\spuninst\spuninst.inf": Accès refusé.
2004-12-13, 16:18:12, Could not set file for reading on "C:\WINDOWS\$NtUninstallQ323172$\reg00003": Accès refusé.
2004-12-13, 16:18:12, Could not set file for reading on "C:\WINDOWS\$NtUninstallQ323172$\reg00005": Accès refusé.
2004-12-13, 16:18:12, Could not set file for reading on "C:\WINDOWS\$NtUninstallQ323172$\reg00008": Accès refusé.
2004-12-13, 16:18:12, Could not set file for reading on "C:\WINDOWS\$NtUninstallQ323172$\reg00009": Accès refusé.
2004-12-13, 16:18:12, Could not set file for reading on "C:\WINDOWS\$NtUninstallQ323172$\reg00010": Accès refusé.
2004-12-13, 16:18:12, Could not set file for reading on "C:\WINDOWS\$NtUninstallQ323172$\reg00011": Accès refusé.
2004-12-13, 16:18:14, Could not set file for reading on "C:\WINDOWS\$NtUninstallQ328940$\reg00003": Accès refusé.
2004-12-13, 16:18:19, Could not set file for reading on "C:\WINDOWS\$NtUninstallQ828026$\msdxm.ocx": Accès refusé.
2004-12-13, 16:18:19, Could not set file for reading on "C:\WINDOWS\$NtUninstallQ828026$\wmpcore.dll": Accès refusé.
2004-12-13, 16:22:52, Could not set file for reading on "C:\WINDOWS\Prefetch\101_45095.EXE-084C89C1.pf": Accès refusé.
2004-12-13, 16:22:52, Could not set file for reading on "C:\WINDOWS\Prefetch\ACRORD32.EXE-0781811F.pf": Accès refusé.
2004-12-13, 16:22:52, Could not set file for reading on "C:\WINDOWS\Prefetch\AGENTSVR.EXE-002E45AB.pf": Accès refusé.
2004-12-13, 16:22:52, Could not set file for reading on "C:\WINDOWS\Prefetch\AGOBTGUI.COM-24905603.pf": Accès refusé.
2004-12-13, 16:22:52, Could not set file for reading on "C:\WINDOWS\Prefetch\AUPDATE.EXE-2253CB60.pf": Accès refusé.
2004-12-13, 16:22:52, Could not set file for reading on "C:\WINDOWS\Prefetch\AUTORUN.EXE-223CD859.pf": Accès refusé.
2004-12-13, 16:22:52, Could not set file for reading on "C:\WINDOWS\Prefetch\AVDAT.EXE-06933A3A.pf": Accès refusé.
2004-12-13, 16:22:52, Could not set file for reading on "C:\WINDOWS\Prefetch\AVDAT.EXE-0792C2BE.pf": Accès refusé.
2004-12-13, 16:22:52, Could not set file for reading on "C:\WINDOWS\Prefetch\AVP32.EXE-0CB2B8AF.pf": Accès refusé.
2004-12-13, 16:22:52, Could not set file for reading on "C:\WINDOWS\Prefetch\AVPCC.EXE-18FA9A5D.pf": Accès refusé.
2004-12-13, 16:22:52, Could not set file for reading on "C:\WINDOWS\Prefetch\AVPUPD.EXE-0D87FF20.pf": Accès refusé.
2004-12-13, 16:22:52, Could not set file for reading on "C:\WINDOWS\Prefetch\AVPVLIST.EXE-389074A2.pf": Accès refusé.
2004-12-13, 16:22:52, Could not set file for reading on "C:\WINDOWS\Prefetch\CCPWDSVC.EXE-17E7D8E4.pf": Accès refusé.
2004-12-13, 16:22:52, Could not set file for reading on "C:\WINDOWS\Prefetch\CONNECT.EXE-00FB7A5C.pf": Accès refusé.
2004-12-13, 16:22:52, Could not set file for reading on "C:\WINDOWS\Prefetch\CUBASESX.EXE-11F9695D.pf": Accès refusé.
2004-12-13, 16:22:52, Could not set file for reading on "C:\WINDOWS\Prefetch\DEFRAG.EXE-273F131E.pf": Accès refusé.
2004-12-13, 16:22:52, Could not set file for reading on "C:\WINDOWS\Prefetch\DFRGNTFS.EXE-269967DF.pf": Accès refusé.
2004-12-13, 16:22:52, Could not set file for reading on "C:\WINDOWS\Prefetch\DRWTSN32.EXE-2B4B52AC.pf": Accès refusé.
2004-12-13, 16:22:52, Could not set file for reading on "C:\WINDOWS\Prefetch\DUMPREP.EXE-1B46F901.pf": Accès refusé.
2004-12-13, 16:22:52, Could not set file for reading on "C:\WINDOWS\Prefetch\DWWIN.EXE-30875ADC.pf": Accès refusé.
2004-12-13, 16:22:52, Could not set file for reading on "C:\WINDOWS\Prefetch\EMULE.EXE-2A971BEB.pf": Accès refusé.
2004-12-13, 16:22:52, Could not set file for reading on "C:\WINDOWS\Prefetch\EULA.EXE-00FBAD16.pf": Accès refusé.
2004-12-13, 16:22:52, Could not set file for reading on "C:\WINDOWS\Prefetch\EXPLORER.EXE-082F38A9.pf": Accès refusé.
2004-12-13, 16:22:52, Could not set file for reading on "C:\WINDOWS\Prefetch\F-SASSER.EXE-3ABC5137.pf": Accès refusé.
2004-12-13, 16:22:52, Could not set file for reading on "C:\WINDOWS\Prefetch\FIXBLAST.EXE-127B527C.pf": Accès refusé.
2004-12-13, 16:22:52, Could not set file for reading on "C:\WINDOWS\Prefetch\FIX_EXPLOREZIP.EXE-02050707.pf": Accès refusé.
2004-12-13, 16:22:52, Could not set file for reading on "C:\WINDOWS\Prefetch\FIX_IWORM.COM-1A649A01.pf": Accès refusé.
2004-12-13, 16:22:52, Could not set file for reading on "C:\WINDOWS\Prefetch\FIX_KLEZ.COM-2827AA78.pf": Accès refusé.
2004-12-13, 16:22:52, Could not set file for reading on "C:\WINDOWS\Prefetch\GLB3.TMP-2CC81CBB.pf": Accès refusé.
2004-12-13, 16:22:52, Could not set file for reading on "C:\WINDOWS\Prefetch\GLB72.TMP-27F1212D.pf": Accès refusé.
2004-12-13, 16:22:52, Could not set file for reading on "C:\WINDOWS\Prefetch\GLJC.TMP-059E3EA3.pf": Accès refusé.
2004-12-13, 16:22:52, Could not set file for reading on "C:\WINDOWS\Prefetch\HELPCTR.EXE-3862B6F5.pf": Accès refusé.
2004-12-13, 16:22:52, Could not set file for reading on "C:\WINDOWS\Prefetch\HELPSVC.EXE-2878DDA2.pf": Accès refusé.
2004-12-13, 16:22:52, Could not set file for reading on "C:\WINDOWS\Prefetch\HIJACKTHIS.EXE-124928B8.pf": Accès refusé.
2004-12-13, 16:22:52, Could not set file for reading on "C:\WINDOWS\Prefetch\HPDARC.EXE-18B11979.pf": Accès refusé.
2004-12-13, 16:22:52, Could not set file for reading on "C:\WINDOWS\Prefetch\HPOSM.EXE-0770134B.pf": Accès refusé.
2004-12-13, 16:22:52, Could not set file for reading on "C:\WINDOWS\Prefetch\HPTSKMGR.EXE-32EF71D7.pf": Accès refusé.
2004-12-13, 16:22:52, Could not set file for reading on "C:\WINDOWS\Prefetch\HPZENG09.EXE-21FF5F4F.pf": Accès refusé.
2004-12-13, 16:22:52, Could not set file for reading on "C:\WINDOWS\Prefetch\HPZIPM12.EXE-145E7369.pf": Accès refusé.
2004-12-13, 16:22:52, Could not set file for reading on "C:\WINDOWS\Prefetch\HPZSTC09.EXE-3AFDDA16.pf": Accès refusé.
2004-12-13, 16:22:52, Could not set file for reading on "C:\WINDOWS\Prefetch\ICQLITE.EXE-2D093781.pf": Accès refusé.
2004-12-13, 16:22:52, Could not set file for reading on "C:\WINDOWS\Prefetch\ICQLSRP.EXE-35D37486.pf": Accès refusé.
2004-12-13, 16:22:52, Could not set file for reading on "C:\WINDOWS\Prefetch\IEXPLORE.EXE-27122324.pf": Accès refusé.
2004-12-13, 16:22:52, Could not set file for reading on "C:\WINDOWS\Prefetch\IKERNEL.EXE-048903CE.pf": Accès refusé.
2004-12-13, 16:22:52, Could not set file for reading on "C:\WINDOWS\Prefetch\IKERNEL.EXE-0F497BD1.pf": Accès refusé.
2004-12-13, 16:22:52, Could not set file for reading on "C:\WINDOWS\Prefetch\KAV.EXE-11323A12.pf": Accès refusé.
2004-12-13, 16:22:53, Could not set file for reading on "C:\WINDOWS\Prefetch\KAVPERSPRO4.5.0.94FRE.EXE-159172E9.pf": Accès refusé.
2004-12-13, 16:22:53, Could not set file for reading on "C:\WINDOWS\Prefetch\KAVSS.EXE-08175788.pf": Accès refusé.
2004-12-13, 16:22:53, Could not set file for reading on "C:\WINDOWS\Prefetch\KLAV.EXE-1441B99C.pf": Accès refusé.
2004-12-13, 16:22:53, Could not set file for reading on "C:\WINDOWS\Prefetch\Layout.ini": Accès refusé.
2004-12-13, 16:22:53, Could not set file for reading on "C:\WINDOWS\Prefetch\LIVEUPDATE.EXE-03B6C2F9.pf": Accès refusé.
2004-12-13, 16:22:53, Could not set file for reading on "C:\WINDOWS\Prefetch\LOGON.SCR-151EFAEA.pf": Accès refusé.
2004-12-13, 16:22:53, Could not set file for reading on "C:\WINDOWS\Prefetch\LOGONUI.EXE-0AF22957.pf": Accès refusé.
2004-12-13, 16:22:53, Could not set file for reading on "C:\WINDOWS\Prefetch\LUCOMS~1.EXE-02DB5950.pf": Accès refusé.
2004-12-13, 16:22:53, Could not set file for reading on "C:\WINDOWS\Prefetch\MCAGENT.EXE-168D195B.pf": Accès refusé.
2004-12-13, 16:22:53, Could not set file for reading on "C:\WINDOWS\Prefetch\MCAPPINS.EXE-0CD4D2C0.pf": Accès refusé.
2004-12-13, 16:22:53, Could not set file for reading on "C:\WINDOWS\Prefetch\MCAPPINS.EXE-10638A3A.pf": Accès refusé.
2004-12-13, 16:22:53, Could not set file for reading on "C:\WINDOWS\Prefetch\MCAPPINS.EXE-292B1244.pf": Accès refusé.
2004-12-13, 16:22:53, Could not set file for reading on "C:\WINDOWS\Prefetch\MCAPPINS.EXE-2C8E3169.pf": Accès refusé.
2004-12-13, 16:22:53, Could not set file for reading on "C:\WINDOWS\Prefetch\MCAPPINS.EXE-3AD75A65.pf": Accès refusé.
2004-12-13, 16:22:53, Could not set file for reading on "C:\WINDOWS\Prefetch\MCDASH.EXE-26506D96.pf": Accès refusé.
2004-12-13, 16:22:53, Could not set file for reading on "C:\WINDOWS\Prefetch\MCINFO.EXE-35A0A279.pf": Accès refusé.
2004-12-13, 16:22:53, Could not set file for reading on "C:\WINDOWS\Prefetch\MCMNHDLR.EXE-1D1F2FA0.pf": Accès refusé.
2004-12-13, 16:22:53, Could not set file for reading on "C:\WINDOWS\Prefetch\MCMNHDLR.EXE-25682BF9.pf": Accès refusé.
2004-12-13, 16:22:53, Could not set file for reading on "C:\WINDOWS\Prefetch\MCREGWIZ.EXE-20498823.pf": Accès refusé.
2004-12-13, 16:22:53, Could not set file for reading on "C:\WINDOWS\Prefetch\MCSHIELD.EXE-15F93AD5.pf": Accès refusé.
2004-12-13, 16:22:53, Could not set file for reading on "C:\WINDOWS\Prefetch\MCUPDATE.EXE-19916285.pf": Accès refusé.
2004-12-13, 16:22:53, Could not set file for reading on "C:\WINDOWS\Prefetch\MCUPDMGR.EXE-21452C82.pf": Accès refusé.
2004-12-13, 16:22:53, Could not set file for reading on "C:\WINDOWS\Prefetch\MCUPDMGR.EXE-2963FAB2.pf": Accès refusé.
2004-12-13, 16:22:53, Could not set file for reading on "C:\WINDOWS\Prefetch\MCUPDUI.EXE-27129637.pf": Accès refusé.
2004-12-13, 16:22:53, Could not set file for reading on "C:\WINDOWS\Prefetch\MCVSESCN.EXE-00F61003.pf": Accès refusé.
2004-12-13, 16:22:53, Could not set file for reading on "C:\WINDOWS\Prefetch\MCVSFTSN.EXE-28693C17.pf": Accès refusé.
2004-12-13, 16:22:53, Could not set file for reading on "C:\WINDOWS\Prefetch\MCVSMAP.EXE-155ED7D3.pf": Accès refusé.
2004-12-13, 16:22:53, Could not set file for reading on "C:\WINDOWS\Prefetch\MCVSRTE.EXE-0CAB2150.pf": Accès refusé.
2004-12-13, 16:22:53, Could not set file for reading on "C:\WINDOWS\Prefetch\MCVSSHLD.EXE-251E55A0.pf": Accès refusé.
2004-12-13, 16:22:53, Could not set file for reading on "C:\WINDOWS\Prefetch\MGHTML.EXE-31D79FA5.pf": Accès refusé.
2004-12-13, 16:22:53, Could not set file for reading on "C:\WINDOWS\Prefetch\MSI2F.TMP-39C87B51.pf": Accès refusé.
2004-12-13, 16:22:53, Could not set file for reading on "C:\WINDOWS\Prefetch\MSI31.TMP-20191AC5.pf": Accès refusé.
2004-12-13, 16:22:53, Could not set file for reading on "C:\WINDOWS\Prefetch\MSIEXEC.EXE-2F8A8CAE.pf": Accès refusé.
2004-12-13, 16:22:53, Could not set file for reading on "C:\WINDOWS\Prefetch\MSINFO32.EXE-002AF0E6.pf": Accès refusé.
2004-12-13, 16:22:53, Could not set file for reading on "C:\WINDOWS\Prefetch\MWAV.EXE-1B9DAE10.pf": Accès refusé.
2004-12-13, 16:22:53, Could not set file for reading on "C:\WINDOWS\Prefetch\MWAVSCAN.COM-11EA0875.pf": Accès refusé.
2004-12-13, 16:22:53, Could not set file for reading on "C:\WINDOWS\Prefetch\NAVAPSVC.EXE-2F1BA240.pf": Accès refusé.
2004-12-13, 16:22:53, Could not set file for reading on "C:\WINDOWS\Prefetch\NAVW32.EXE-24F56911.pf": Accès refusé.
2004-12-13, 16:22:53, Could not set file for reading on "C:\WINDOWS\Prefetch\NAVW32.EXE-2F9B64D1.pf": Accès refusé.
2004-12-13, 16:22:53, Could not set file for reading on "C:\WINDOWS\Prefetch\NDETECT.EXE-16E64095.pf": Accès refusé.
2004-12-13, 16:22:53, Could not set file for reading on "C:\WINDOWS\Prefetch\NMAIN.EXE-34D44D63.pf": Accès refusé.
2004-12-13, 16:22:53, Could not set file for reading on "C:\WINDOWS\Prefetch\NOTEPAD.EXE-336351A9.pf": Accès refusé.
2004-12-13, 16:22:53, Could not set file for reading on "C:\WINDOWS\Prefetch\NTOSBOOT-B00DFAAD.pf": Accès refusé.
2004-12-13, 16:22:53, Could not set file for reading on "C:\WINDOWS\Prefetch\POWERPNT.EXE-0CAC7674.pf": Accès refusé.
2004-12-13, 16:22:53, Could not set file for reading on "C:\WINDOWS\Prefetch\RASAUTOU.EXE-18B88A68.pf": Accès refusé.
2004-12-13, 16:22:53, Could not set file for reading on "C:\WINDOWS\Prefetch\REALEVENT.EXE-34F30ACA.pf": Accès refusé.
2004-12-13, 16:22:53, Could not set file for reading on "C:\WINDOWS\Prefetch\REGEDIT.EXE-1B606482.pf": Accès refusé.
2004-12-13, 16:22:53, Could not set file for reading on "C:\WINDOWS\Prefetch\RUNDLL32.EXE-13791507.pf": Accès refusé.
2004-12-13, 16:22:53, Could not set file for reading on "C:\WINDOWS\Prefetch\RUNDLL32.EXE-207199BC.pf": Accès refusé.
2004-12-13, 16:22:53, Could not set file for reading on "C:\WINDOWS\Prefetch\RUNDLL32.EXE-2406F4A4.pf": Accès refusé.
2004-12-13, 16:22:53, Could not set file for reading on "C:\WINDOWS\Prefetch\RUNDLL32.EXE-268BFF96.pf": Accès refusé.
2004-12-13, 16:22:53, Could not set file for reading on "C:\WINDOWS\Prefetch\RUNDLL32.EXE-26DA8C9B.pf": Accès refusé.
2004-12-13, 16:22:53, Could not set file for reading on "C:\WINDOWS\Prefetch\RUNDLL32.EXE-42C4EDF2.pf": Accès refusé.
2004-12-13, 16:22:53, Could not set file for reading on "C:\WINDOWS\Prefetch\RUNDLL32.EXE-451FC2C0.pf": Accès refusé.
2004-12-13, 16:22:53, Could not set file for reading on "C:\WINDOWS\Prefetch\RUNDLL32.EXE-4A5A9D78.pf": Accès refusé.
2004-12-13, 16:22:53, Could not set file for reading on "C:\WINDOWS\Prefetch\SBSERV.EXE-2B0326DC.pf": Accès refusé.
2004-12-13, 16:22:53, Could not set file for reading on "C:\WINDOWS\Prefetch\SETA.TMP-32BB8605.pf": Accès refusé.
2004-12-13, 16:22:53, Could not set file for reading on "C:\WINDOWS\Prefetch\SETF.TMP-0685AB5A.pf": Accès refusé.
2004-12-13, 16:22:53, Could not set file for reading on "C:\WINDOWS\Prefetch\SETUP.EXE-003973A6.pf": Accès refusé.
2004-12-13, 16:22:53, Could not set file for reading on "C:\WINDOWS\Prefetch\SETUP.EXE-0A51177F.pf": Accès refusé.
2004-12-13, 16:22:53, Could not set file for reading on "C:\WINDOWS\Prefetch\SETUP.EXE-13CD5199.pf": Accès refusé.
2004-12-13, 16:22:53, Could not set file for reading on "C:\WINDOWS\Prefetch\SETUP.EXE-21285811.pf": Accès refusé.
2004-12-13, 16:22:53, Could not set file for reading on "C:\WINDOWS\Prefetch\SETUP.EXE-3363FC93.pf": Accès refusé.
2004-12-13, 16:22:53, Could not set file for reading on "C:\WINDOWS\Prefetch\SETUP.EXE-380A66EA.pf": Accès refusé.
2004-12-13, 16:22:53, Could not set file for reading on "C:\WINDOWS\Prefetch\SEVINST.EXE-02F8F64B.pf": Accès refusé.
2004-12-13, 16:22:53, Could not set file for reading on "C:\WINDOWS\Prefetch\SEVINST.EXE-3B278953.pf": Accès refusé.
2004-12-13, 16:22:53, Could not set file for reading on "C:\WINDOWS\Prefetch\SHUTDOWN.EXE-12DAD820.pf": Accès refusé.
2004-12-13, 16:22:53, Could not set file for reading on "C:\WINDOWS\Prefetch\SPYBOTSD.EXE-1344276B.pf": Accès refusé.
2004-12-13, 16:22:53, Could not set file for reading on "C:\WINDOWS\Prefetch\SVCHOST.EXE-3530F672.pf": Accès refusé.
2004-12-13, 16:22:53, Could not set file for reading on "C:\WINDOWS\Prefetch\SYSCLEAN.COM-1CE6D8BC.pf": Accès refusé.
2004-12-13, 16:22:53, Could not set file for reading on "C:\WINDOWS\Prefetch\SYSCLEAN.EXE-076A33F2.pf": Accès refusé.
2004-12-13, 16:22:53, Could not set file for reading on "C:\WINDOWS\Prefetch\TASKMGR.EXE-20256C55.pf": Accès refusé.
2004-12-13, 16:22:53, Could not set file for reading on "C:\WINDOWS\Prefetch\TROJANHUNTER.EXE-37AF8485.pf": Accès refusé.
2004-12-13, 16:22:53, Could not set file for reading on "C:\WINDOWS\Prefetch\TSC.BIN-1C972E68.pf": Accès refusé.
2004-12-13, 16:22:53, Could not set file for reading on "C:\WINDOWS\Prefetch\WINAMP.EXE-0D0189CA.pf": Accès refusé.
2004-12-13, 16:22:53, Could not set file for reading on "C:\WINDOWS\Prefetch\WINRAR.EXE-39C6DAD9.pf": Accès refusé.
2004-12-13, 16:22:53, Could not set file for reading on "C:\WINDOWS\Prefetch\WINWORD.EXE-29F5CB89.pf": Accès refusé.
2004-12-13, 16:22:53, Could not set file for reading on "C:\WINDOWS\Prefetch\WMIPRVSE.EXE-28F301A9.pf": Accès refusé.
2004-12-13, 16:22:53, Could not set file for reading on "C:\WINDOWS\Prefetch\WUPDMGR.EXE-2F30BEAB.pf": Accès refusé.
2004-12-13, 16:30:20, An error occurred while scanning file "C:\WINDOWS\system32\config\default": Accès refusé.
2004-12-13, 16:30:20, An error occurred while scanning file "C:\WINDOWS\system32\config\default.LOG": Accès refusé.
2004-12-13, 16:30:20, An error occurred while scanning file "C:\WINDOWS\system32\config\SAM": Accès refusé.
2004-12-13, 16:30:20, An error occurred while scanning file "C:\WINDOWS\system32\config\SAM.LOG": Accès refusé.
2004-12-13, 16:30:20, An error occurred while scanning file "C:\WINDOWS\system32\config\SECURITY": Accès refusé.
2004-12-13, 16:30:20, An error occurred while scanning file "C:\WINDOWS\system32\config\SECURITY.LOG": Accès refusé.
2004-12-13, 16:30:20, An error occurred while scanning file "C:\WINDOWS\system32\config\software": Accès refusé.
2004-12-13, 16:30:20, An error occurred while scanning file "C:\WINDOWS\system32\config\software.LOG": Accès refusé.
2004-12-13, 16:30:21, An error occurred while scanning file "C:\WINDOWS\system32\config\system": Accès refusé.
2004-12-13, 16:30:21, An error occurred while scanning file "C:\WINDOWS\system32\config\system.LOG": Accès refusé.
2004-12-13, 16:33:52, Running scanner "C:\Documents and Settings\Vange\Bureau\VSCANTM.BIN"...
2004-12-13, 17:01:44, Files Detected:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 12/13/2004 16:33:53
VSAPI Engine Version : 7.000-1004
VSCANTM Version : 1.1-1001
Virus Pattern Version : 291 (80706 Patterns) (2004/12/12) (229100)
Command Line: C:\Documents and Settings\Vange\Bureau\VSCANTM.BIN /NBPM /S /CLEANALL /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 C:\*.* /P=C:\Documents and Settings\Vange\Bureau

59983 files have been read.
59983 files have been checked.
42429 files have been scanned.
63950 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 12/13/2004 17:01:44
---------*---------*---------*---------*---------*---------*---------*---------*
2004-12-13, 17:01:44, Files Clean:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 12/13/2004 16:33:53
VSAPI Engine Version : 7.000-1004
VSCANTM Version : 1.1-1001
Virus Pattern Version : 291 (80706 Patterns) (2004/12/12) (229100)
Command Line: C:\Documents and Settings\Vange\Bureau\VSCANTM.BIN /NBPM /S /CLEANALL /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 C:\*.* /P=C:\Documents and Settings\Vange\Bureau

59983 files have been read.
59983 files have been checked.
42429 files have been scanned.
63950 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 12/13/2004 17:01:44 27 minutes 45 seconds (1665.05 seconds) has elapsed.

---------*---------*---------*---------*---------*---------*---------*---------*
2004-12-13, 17:01:44, Clean Fail:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 12/13/2004 16:33:53
VSAPI Engine Version : 7.000-1004
VSCANTM Version : 1.1-1001
Virus Pattern Version : 291 (80706 Patterns) (2004/12/12) (229100)
Command Line: C:\Documents and Settings\Vange\Bureau\VSCANTM.BIN /NBPM /S /CLEANALL /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 C:\*.* /P=C:\Documents and Settings\Vange\Bureau

59983 files have been read.
59983 files have been checked.
42429 files have been scanned.
63950 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 12/13/2004 17:01:44 27 minutes 45 seconds (1665.05 seconds) has elapsed.

---------*---------*---------*---------*---------*---------*---------*---------*
2004-12-13, 17:01:44, Scanner "C:\Documents and Settings\Vange\Bureau\VSCANTM.BIN" has finished running.
2004-12-13, 20:36:09, An error was detected on "D:\System Volume Information\*.*": Accès refusé.
2004-12-13, 20:49:31, Running scanner "C:\Documents and Settings\Vange\Bureau\VSCANTM.BIN"...
2004-12-13, 21:12:13, Files Detected:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 12/13/2004 20:49:32
VSAPI Engine Version : 7.000-1004
VSCANTM Version : 1.1-1001
Virus Pattern Version : 291 (80706 Patterns) (2004/12/12) (229100)
Command Line: C:\Documents and Settings\Vange\Bureau\VSCANTM.BIN /NBPM /S /CLEANALL /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 D:\*.* /P=C:\Documents and Settings\Vange\Bureau

47606 files have been read.
47606 files have been checked.
41530 files have been scanned.
42308 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 12/13/2004 21:12:13
---------*---------*---------*---------*---------*---------*---------*---------*
2004-12-13, 21:12:13, Files Clean:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 12/13/2004 20:49:32
VSAPI Engine Version : 7.000-1004
VSCANTM Version : 1.1-1001
Virus Pattern Version : 291 (80706 Patterns) (2004/12/12) (229100)
Command Line: C:\Documents and Settings\Vange\Bureau\VSCANTM.BIN /NBPM /S /CLEANALL /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 D:\*.* /P=C:\Documents and Settings\Vange\Bureau

47606 files have been read.
47606 files have been checked.
41530 files have been scanned.
42308 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 12/13/2004 21:12:13 22 minutes 35 seconds (1355.16 seconds) has elapsed.

---------*---------*---------*---------*---------*---------*---------*---------*
2004-12-13, 21:12:13, Clean Fail:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 12/13/2004 20:49:32
VSAPI Engine Version : 7.000-1004
VSCANTM Version : 1.1-1001
Virus Pattern Version : 291 (80706 Patterns) (2004/12/12) (229100)
Command Line: C:\Documents and Settings\Vange\Bureau\VSCANTM.BIN /NBPM /S /CLEANALL /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 D:\*.* /P=C:\Documents and Settings\Vange\Bureau

47606 files have been read.
47606 files have been checked.
41530 files have been scanned.
42308 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 12/13/2004 21:12:13 22 minutes 35 seconds (1355.16 seconds) has elapsed.

---------*---------*---------*---------*---------*---------*---------*---------*
2004-12-13, 21:12:13, Scanner "C:\Documents and Settings\Vange\Bureau\VSCANTM.BIN" has finished running.

Et le log de hijackthis :

Logfile of HijackThis v1.98.2
Scan saved at 21:26:37, on 13/12/2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\DeltTray.exe
C:\Program Files\ICQLite\ICQLite.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Vange\Bureau\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.wanadoo.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [TCASUTIEXE] TCAUDIAG.exe -off
O4 - HKLM\..\Run: [DeltTray] DeltTray.exe
O4 - HKLM\..\Run: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -minimize
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Windows TaskAd] C:\Program Files\Windows TaskAd\WinTaskAd.exe
O4 - HKLM\..\Run: [KAVPersonal50] C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe /minimize
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -trayboot
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk.disabled
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: NkvMon.exe.lnk.disabled
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Program Files\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O9 - Extra button: ICQ 4 - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab
O16 - DPF: {161A7465-FEEE-4B40-8A85-ED752B93F73E} - file://E:\IntraLaunch.CAB
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/17f2a22069b82a6db917/netzip/RdxIE601_fr.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.inoculer.com/antivirus/Msie/bitdefender.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} (CRAVOnline Object) - http://www.ravantivirus.com/scan/ravonline.cab
O16 - DPF: {FB48C7B0-EB66-4BE6-A1C5-9DDF3C37249A} (MCSendMessageHandler Class) - http://xtraz.icq.com/xtraz/activex/MISBH.cab
O18 - Protocol: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll

Comment supprimer wootbot ?

Merci, et à bientôt

Vange
0
Réponse 13 / 23
bernie61
 
salut
le virus qui revien est wootbot.DV et non l'autre .DU à mon avis s'est une nouvelle infection, pas l'ancienne
N'OUVRE PAS les fichiers/email que tu connais pas

et installe A2free antitrojan
http://www.emsisoft.com/en/

a+
0
Réponse 14 / 23
bernie61
 
re suite
Tu dois mettre à jour WINdows Urgent

O4 - HKLM\..\Run: [KAVPersonal50] C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe /minimize >> ! minimize = configure Kaspersky moyen ou haute protection

Vérifie ces pgm :
C:\Program Files\Windows TaskAd\WinTaskAd.exe >> tu connais ??
Si pas sûr tu zip le fichier et efface le .EXE

Relances HijackThis et cocher toutes ces lignes, puis FIX :
Si inconnu à cocher et FIX
O4 - HKLM\..\Run: [Windows TaskAd] C:\Program Files\Windows TaskAd\WinTaskAd.exe

a+
0
Réponse 15 / 23
vange
 
Re,

J'ai déjà essayé de mettre à jour, mais ça ne fonctionne pas : sur le site de windows update j'ai un message d'erreur. Pourtant, jusqu'ici les mises à jours se faisaient sans pbs...

D'où peut venir ce problème ?

a +

Vange
0
Réponse 16 / 23
bernie61
 
re
vérifie si c'est configuré comme indiqué ci dessous
ACTIVE_X et SCRIPT
Tu fais Démarrer/PanneauConfiguration/optionInternet/Sécurité et là avec icône Internet « Personnaliser le niveau », tu a des lignes « Contrôle ActiveX et Plugin »à cocher AUTORISER

a+
0
Réponse 17 / 23
vange
 
re
les lignes contrôle ActiveX et Plugin sont bien cochées autoriser mais cela ne fonctionne toujours pas.

a+

Vange
0
Réponse 18 / 23
bernie61
 
re
les autres sites fonctionnent??
alors regardes un peu là
Démarrer/PanneauConfig/optionInternet/ onglet sécurité/siteSensible et là le bouton SITE tu cliq et passe en revue les nom si WINdows ni serait pas?

sinon aussi Démarer/panneauConfig/système onglet MiseàJour
et coche MàJ automatique, redémarre

a+
0
Réponse 19 / 23
vange
 
re
non, ce n'est pas un site sensible, et j'ai vérifié la m à j automatique : elle est sensée se faire automatiquement tous les jours (sauf que là elle ne se fait plus...).

Merci pour ta disponibilité et ta patience, j'avoue que là je n'y comprends plus rien !

Vange
0
Réponse 20 / 23
bernie61
 
re
tu peux installer a2free (poste 16 ci dessus) ?
A=
0

Discussions similaires

Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
Désinstaller Softonic
Diguimette -
lilidurhone -

5 réponses
virus Artemis!
mabiche37 -
Malekal_morte- -

14 réponses
Message Apple virus !!
Souclik67 -
MPMP10 -

3 réponses
Erreur 0x800700E1
Didiervd -
Viktimz -

11 réponses