Protection ok mais virus détectés

bou69 Messages postés 16 Statut Membre -  
 Utilisateur anonyme -
bonsoir,

Mon pc portable est apparement infecté par 5 virus mais mon anti virus me dit que tout est ok. Comment puis je savoir si l'ordi est vraiment infecté ou non et comment je dois faire pour tout nettoyer car j'ai tenté de les supprimer mais ils ont été placés en quarantaine et je ne peux rien faire pour 2 d'entre eux car ils auraient une trop grande taille de fichier par rapport a la taille de l'archive.

Si je dois faire une analyse ou une recherche, pouvez vous me détailler ce qu'il faut faire car je ne sais pas le faire seule.

D'avance merci
A voir également:

27 réponses

Précédent
  • 1
  • 2
Réponse 21 / 27
Utilisateur anonyme
 
suis le chemin indiqué :

je ne sais même pas ce que c'est

C:\Windows\SysWow64\SYSTEM

===

le rapport :

C:\_OTL\Moved Files\la_date_et_l'heure.txt
0
Réponse 22 / 27
bou69
 
voici le rapport OTL

All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
Process iexplore.exe killed successfully!
No active process named firefox.exe was found!
Process msnmsgr.exe killed successfully!
No active process named Teatimer.exe was found!
========== OTL ==========
Registry value HKEY_USERS\S-1-5-19\\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
C:\Windows\Downloaded Program Files\gp.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Corel File Shell Monitor deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\IndexSearch deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\PaperPort PTD deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SSBkgdUpdate deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\DellSupportCenter not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\swg deleted successfully.
========== FILES ==========
C:\Users\ANOUCK\Desktop\mbam-setup-1.50.1.1100.exe moved successfully.
C:\Users\ANOUCK\AppData\Roaming\GhostObjGAFix.xml moved successfully.
C:\ProgramData\77C39E7C4D.sys moved successfully.
C:\ProgramData\KGyGaAvL.sys moved successfully.
C:\Users\ANOUCK\AppData\Local\tmpDSCN4133.0 moved successfully.
C:\Users\ANOUCK\AppData\Local\tmpDSCN4133.1 moved successfully.
C:\Users\ANOUCK\AppData\Local\tmpDSCN4133.JPG moved successfully.
C:\Users\ANOUCK\AppData\Local\tmpDSCN4159.0 moved successfully.
C:\Users\ANOUCK\AppData\Local\tmpDSCN4159.1 moved successfully.
C:\Users\ANOUCK\AppData\Local\tmpDSCN4159.JPG moved successfully.
C:\Users\ANOUCK\AppData\Local\tmpDSCN4160.0 moved successfully.
C:\Users\ANOUCK\AppData\Local\tmpDSCN4160.1 moved successfully.
C:\Users\ANOUCK\AppData\Local\tmpDSCN4160.JPG moved successfully.
C:\Users\ANOUCK\AppData\Local\tmpDSCN4161.0 moved successfully.
C:\Users\ANOUCK\AppData\Local\tmpDSCN4161.JPG moved successfully.
C:\Users\ANOUCK\AppData\Local\tmpDSCN4165.0 moved successfully.
C:\Users\ANOUCK\AppData\Local\tmpDSCN4165.1 moved successfully.
C:\Users\ANOUCK\AppData\Local\tmpDSCN4165.JPG moved successfully.
C:\Users\ANOUCK\AppData\Local\tmpDSCN4168.0 moved successfully.
C:\Users\ANOUCK\AppData\Local\tmpDSCN4168.1 moved successfully.
C:\Users\ANOUCK\AppData\Local\tmpDSCN4168.2 moved successfully.
C:\Users\ANOUCK\AppData\Local\tmpDSCN4168.3 moved successfully.
C:\Users\ANOUCK\AppData\Local\tmpDSCN4168.JPG moved successfully.
C:\Users\ANOUCK\AppData\Local\tmpDSCN4208.0 moved successfully.
C:\Users\ANOUCK\AppData\Local\tmpDSCN4208.1 moved successfully.
C:\Users\ANOUCK\AppData\Local\tmpDSCN4208.JPG moved successfully.
C:\Users\ANOUCK\AppData\Local\tmpDSCN4228.0 moved successfully.
C:\Users\ANOUCK\AppData\Local\tmpDSCN4228.JPG moved successfully.
C:\Users\ANOUCK\AppData\Local\tmpP1030868[1].0 moved successfully.
C:\Users\ANOUCK\AppData\Local\tmpP1030868[1].JPG moved successfully.
C:\Users\ANOUCK\AppData\Local\tmpP1030870[1].0 moved successfully.
C:\Users\ANOUCK\AppData\Local\tmpP1030870[1].JPG moved successfully.
ADS C:\ProgramData\Temp:EB333CFC deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: ANOUCK
->Temp folder emptied: 190583913 bytes
->Temporary Internet Files folder emptied: 1166837424 bytes
->Java cache emptied: 43639928 bytes
->Flash cache emptied: 55826 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 30976920 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67977 bytes
RecycleBin emptied: 313462 bytes

Total Files Cleaned = 1 366,00 mb


OTL by OldTimer - Version 3.2.23.0 log created on 05242011_210614

Files\Folders moved on Reboot...
C:\Users\ANOUCK\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...
0
Réponse 23 / 27
Utilisateur anonyme
 
1.3 Go d'espace libre en plus :)

et pour ce que je t'ai demandé de verifier ?
0
Réponse 24 / 27
bou69
 
Au sujet de syswow64, je suis retournée voir et je dirais que c'est un peu le même style que win32.

Et l'espace libre en plus c'est les virus qui ont été éliminé ou ça n'a rien à voir?
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 25 / 27
Utilisateur anonyme
 
hello

tu es allé voir dans le dossier "System" dans syswow64 ?
0
Réponse 26 / 27
bou69
 
Oui j'y suis allée mais je ne peux pas l'ouvrir.

Et au sujet des virus, ils sont éradiqués ou pas?
0
Réponse 27 / 27
Utilisateur anonyme
 
précise "je ne peux pas l'ouvrir ?
0

Discussions similaires

Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
Restauration système impossible activer protection du systeme C:
Kate1993 -
Bigfoot -

7 réponses
Atout pique
rustine79 -
marie-pier -

9 réponses
Désinstaller Softonic
Diguimette -
lilidurhone -

5 réponses
Message Apple virus !!
Souclik67 -
MPMP10 -

3 réponses