Sujet Précédent Sujet Suivant

[Virus] Infésté par Win32.Gael.3266

stef93110 Messages postés 12 Statut Membre -  
stef93110 Messages postés 12 Statut Membre -
Bonjour à tous,

Je viens lancer un appel à l'aide pour me debarrasser de Win32.Gael.3266.

J'ai fait cette année pour la première fois l'acquisition de licences Norton Internet security 2006 pour ne plus avoir de problème mais j'ai pas l'impression que cela m'ait porté chance... :D

LE firewall et l'antivirus sont tous les deux à jour, aucun souci de ce coté la, cependant je n'arrive plus ou presque à éxecuter un fichier apres telechargement. JE souspconnais un virus depuis quelques jours alors j'ai fini par realiser un test antivirus en ligne avec Bitdefender qui lui l'en a trouvé un paquet...

Norton ne voit toujours rien...et j'aimerais autant que possible ne pas formater mon systeme qui date de moins de 15 jours suite à des deboirs avec un jeu ..que j'ai fini par mettre à jour apres des soirees entieres à se prendre la tete (mais bon si y a pas d'autre moyen on en repassera par la)

Donc premiere etape, voici le log hijackthis de ce soir... si quelqu'un peut me donner un coup de main ca m'aiderait bien car j'ai essayé de suivre un post de ce forum sur le meme sujet mais mon probleme etant l'execution d'exe...apres telechargement je ne peut pas executer avg...j'ai essayé le fichier est corrompu...

Logfile of HijackThis v1.99.1
Scan saved at 20:51:17, on 12/11/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\Razer\Copperhead\razerhid.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\Program Files\00 Installed by stef\Logitec Di novo\MediaLife\MediaLifeService.exe
C:\WINDOWS\system32\netdde.exe
C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\00 Installed by stef\SuperCopier2\SuperCopier2.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\00 Installed by stef\Logitec Di novo\SetPoint\SetPoint.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program Files\Razer\Copperhead\razertra.exe
C:\Program Files\Razer\Copperhead\razerofa.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\tlntsvr.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Stef\Bureau\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [Copperhead] C:\Program Files\Razer\Copperhead\razerhid.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\00 Installed by stef\Logitec Di novo\MediaLife\MediaLifeService.exe"
O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\00 Installed by stef\SuperCopier2\SuperCopier2.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\00 Installed by stef\Logitec Di novo\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O11 - Options group: [INTERNATIONAL] International*
O15 - Trusted Zone: https://rilh-montreuil.xooit.com/index.php
O17 - HKLM\System\CCS\Services\Tcpip\..\{B30BBF2C-F3D4-4FB2-A00C-777CB67575FF}: NameServer = 192.168.1.1
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe" -k runservice (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe

Merci
A voir également:

7 réponses

Réponse 1 / 7
stef93110 Messages postés 12 Statut Membre
 
Salut,
PLZ si quelqu'un pouvait jeter un coup d'oeil a mon log et m'aiguiller sur une piste ca m'aiderait beaucoup...
Merci
0
Utilisateur anonyme
 
Salut,

Fait ce scan anti-virus en ligne avec Internet Explorer, accepte l'active X; la barre anti-popup du SP2(en haut) va se mettre à clignoter, clic dessus et choisis "accepter l'active X" pour faire fonctionner le scan anti-virus.
Une fois qu'il a terminé colle le rapport ici stp

_Online Scanner
_Kaspersky Online Scanner
_My Computer

https://www.kaspersky.fr/downloads

0
stef93110 Messages postés 12 Statut Membre > Utilisateur anonyme
 
Ok je fais ca en rentrant du bureau, je mets à jour le post dans la soirée.

Merci pour ton aide
0
stef93110 Messages postés 12 Statut Membre > Utilisateur anonyme
 
Salut,

J'ai fais un scan Kapersky comme mentionné, il a trouvé 16 fichiers infectés mais j'ai pas trouvé comment obtenir le log...ni le nom des virus dont il est question...
Comment obtenir le log?
0
Utilisateur anonyme > stef93110 Messages postés 12 Statut Membre
 
il faut que tu cliques sur sauvegarder le rapport quelque chose comme ça, regarde bien c'est possible ça devrait être juste en dessous de la fin de le fenêtre du scanne si mes souvenirs sont bons
0
stef93110 Messages postés 12 Statut Membre > stef93110 Messages postés 12 Statut Membre
 
Désolé mais je trouve pas, j'ai mis une copie d'ecran ici:
http://ssau.free.fr/Kapersky.JPG

(JE viens de le relancer des fois que j'ai loupé quelquechose au moment ou il s'est fini)

Desolé de jouer le boulet :D
0
Réponse 2 / 7
Utilisateur anonyme
 
j'arrive pas à y accèder fait la herberger ici stp
https://www.cjoint.com/
0
Réponse 3 / 7
stef93110 Messages postés 12 Statut Membre
 
Voila le l'image..j'espere que tu peux y acceder

https://www.cjoint.com/?loaUV6ubGG

merci
LA le scan est reparti pour un tour (et la j'ai desactivé Norton ce que je n'avais pas fait la premiere fois

merci
0
Utilisateur anonyme
 
ah oui mais la j'vois pas lol car comme tu l'as dit tu as relancé le scan

En dessous de cette même fenêtre, à la fin du scanne tu aura un bouton "enregistrer le rapport" quelque chose comme ça ;-)

Parcontre ce n'etait pas obligé de femer Norton
0
Réponse 4 / 7
stef93110 Messages postés 12 Statut Membre
 
lol j'ai du louper quelque chose...je te post ça ASAP.
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 7
stef93110 Messages postés 12 Statut Membre
 
Voila le log

KASPERSKY ONLINE SCANNER REPORT
Tuesday, November 14, 2006 8:13:26 AM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.83.0
Kaspersky Anti-Virus database last update: 14/11/2006
Kaspersky Anti-Virus database records: 227454

Scan Settings
Scan using the following antivirus database standard
Scan Archives true
Scan Mail Bases true

Scan Target My Computer
A:\
C:\
D:\
E:\
F:\
G:\
H:\
I:\
J:\
K:\

Scan Statistics
Total number of scanned objects 111976
Number of viruses found 1
Number of infected objects 16 / 0
Number of suspicious objects 0
Duration of the scan process 01:21:12

Infected Object Name Virus Name Last Action
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\Confid.log Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\Content.log Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\Privacy.log Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\Restrict.log Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\settings.dat Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\WebHist.log Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Symantec\HPPAppActivity.log Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Symantec\HPPHomePageActivity.log Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\2006-11-13_Log.ALUSchedulerSvc.LiveUpdate Object is locked skipped

C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped

C:\Documents and Settings\Stef\Application Data\Opera\opera\mail\indexer\indexer.dat Object is locked skipped

C:\Documents and Settings\Stef\Application Data\Opera\opera\mail\lexicon\lexicon.dat Object is locked skipped

C:\Documents and Settings\Stef\Application Data\Opera\opera\mail\mailbase.dat Object is locked skipped

C:\Documents and Settings\Stef\Application Data\Skype\stef93110\call256.dbb Object is locked skipped

C:\Documents and Settings\Stef\Application Data\Skype\stef93110\callmember256.dbb Object is locked skipped

C:\Documents and Settings\Stef\Application Data\Skype\stef93110\chat512.dbb Object is locked skipped

C:\Documents and Settings\Stef\Application Data\Skype\stef93110\chatmsg256.dbb Object is locked skipped

C:\Documents and Settings\Stef\Application Data\Skype\stef93110\chatmsg512.dbb Object is locked skipped

C:\Documents and Settings\Stef\Application Data\Skype\stef93110\contactgroup256.dbb Object is locked skipped

C:\Documents and Settings\Stef\Application Data\Skype\stef93110\index2.dat Object is locked skipped

C:\Documents and Settings\Stef\Application Data\Skype\stef93110\profile256.dbb Object is locked skipped

C:\Documents and Settings\Stef\Application Data\Skype\stef93110\transfer512.dbb Object is locked skipped

C:\Documents and Settings\Stef\Application Data\Skype\stef93110\user1024.dbb Object is locked skipped

C:\Documents and Settings\Stef\Application Data\Skype\stef93110\user16384.dbb Object is locked skipped

C:\Documents and Settings\Stef\Application Data\Skype\stef93110\user256.dbb Object is locked skipped

C:\Documents and Settings\Stef\Application Data\Skype\stef93110\voicemail256.dbb Object is locked skipped

C:\Documents and Settings\Stef\Application Data\Symantec\PendingAlertsQueue.log Object is locked skipped

C:\Documents and Settings\Stef\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\Stef\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat Object is locked skipped

C:\Documents and Settings\Stef\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\Stef\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\Stef\Local Settings\Historique\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\Stef\Local Settings\Historique\History.IE5\MSHist012006111420061115\index.dat Object is locked skipped

C:\Documents and Settings\Stef\Local Settings\Temp\hsperfdata_Stef\4620 Object is locked skipped

C:\Documents and Settings\Stef\Local Settings\Temp\~DF1D1E.tmp Object is locked skipped

C:\Documents and Settings\Stef\Local Settings\Temp\~DF1D29.tmp Object is locked skipped

C:\Documents and Settings\Stef\Local Settings\Temp\~DF4ED2.tmp Object is locked skipped

C:\Documents and Settings\Stef\Local Settings\Temp\~DF4EDD.tmp Object is locked skipped

C:\Documents and Settings\Stef\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped

C:\Documents and Settings\Stef\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\Stef\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\Stef\ntuser.dat.LOG Object is locked skipped

C:\Program Files\Fichiers communs\Symantec Shared\AntiSpam\Log\Spam.log Object is locked skipped

C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcrst.dll Object is locked skipped

C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\EPERSIST.DAT Object is locked skipped

C:\Program Files\Fichiers communs\Symantec Shared\SNDALRT.log Object is locked skipped

C:\Program Files\Fichiers communs\Symantec Shared\SNDCON.log Object is locked skipped

C:\Program Files\Fichiers communs\Symantec Shared\SNDDBG.log Object is locked skipped

C:\Program Files\Fichiers communs\Symantec Shared\SNDFW.log Object is locked skipped

C:\Program Files\Fichiers communs\Symantec Shared\SNDIDS.log Object is locked skipped

C:\Program Files\Fichiers communs\Symantec Shared\SNDSYS.log Object is locked skipped

C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\LOGS\BBConfig.log Object is locked skipped

C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\LOGS\BBDebug.log Object is locked skipped

C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\LOGS\BBDetect.log Object is locked skipped

C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\LOGS\BBNotify.log Object is locked skipped

C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\LOGS\BBRefr.log Object is locked skipped

C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\LOGS\BBSetCfg.log Object is locked skipped

C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\LOGS\BBSetCfg2.log Object is locked skipped

C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\LOGS\BBSetDev.log Object is locked skipped

C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\LOGS\BBSetLoc.log Object is locked skipped

C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\LOGS\BBSetUsr.log Object is locked skipped

C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\LOGS\BBSMNot.log Object is locked skipped

C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\LOGS\BBSMReg.log Object is locked skipped

C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\LOGS\BBSMRSt.log Object is locked skipped

C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\LOGS\BBStHash.log Object is locked skipped

C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\LOGS\BBStMSI.log Object is locked skipped

C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\LOGS\BBValid.log Object is locked skipped

C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\LOGS\SPPolicy.log Object is locked skipped

C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\LOGS\SPStart.log Object is locked skipped

C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\LOGS\SPStop.log Object is locked skipped

C:\Program Files\Norton Internet Security\Norton AntiVirus\AVApp.log Object is locked skipped

C:\Program Files\Norton Internet Security\Norton AntiVirus\AVError.log Object is locked skipped

C:\Program Files\Norton Internet Security\Norton AntiVirus\AVVirus.log Object is locked skipped

C:\Program Files\Norton Internet Security\Norton AntiVirus\Savrt\0031NAV~.TMP Object is locked skipped

C:\Program Files\Norton Internet Security\Norton AntiVirus\Savrt\0653NAV~.TMP Object is locked skipped

C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\logs\access_log Object is locked skipped

C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\logs\error.log Object is locked skipped

C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\logs\error_log Object is locked skipped

C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\logs\ssl_request_log Object is locked skipped

C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped

C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped

C:\WINDOWS\SchedLgU.Txt Object is locked skipped

C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped

C:\WINDOWS\Sti_Trace.log Object is locked skipped

C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped

C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped

C:\WINDOWS\system32\config\ACEEvent.evt Object is locked skipped

C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\default Object is locked skipped

C:\WINDOWS\system32\config\DEFAULT.LOG Object is locked skipped

C:\WINDOWS\system32\config\Internet.evt Object is locked skipped

C:\WINDOWS\system32\config\SAM Object is locked skipped

C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped

C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\SECURITY Object is locked skipped

C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped

C:\WINDOWS\system32\config\software Object is locked skipped

C:\WINDOWS\system32\config\SOFTWARE.LOG Object is locked skipped

C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\system Object is locked skipped

C:\WINDOWS\system32\config\SYSTEM.LOG Object is locked skipped

C:\WINDOWS\system32\h323log.txt Object is locked skipped

C:\WINDOWS\system32\nmp.log Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped

C:\WINDOWS\system32\_nvidia_xxx_.log Object is locked skipped

C:\WINDOWS\wiadebug.log Object is locked skipped

C:\WINDOWS\wiaservc.log Object is locked skipped

C:\WINDOWS\WindowsUpdate.log Object is locked skipped

D:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped

D:\System Volume Information\_restore{0EB3CDFA-2093-4062-A732-31D18B0B0AB3}\RP133\A0204805.exe Infected: Virus.Win32.Tenga.a skipped

D:\System Volume Information\_restore{0EB3CDFA-2093-4062-A732-31D18B0B0AB3}\RP133\A0204817.exe Infected: Virus.Win32.Tenga.a skipped

D:\System Volume Information\_restore{0EB3CDFA-2093-4062-A732-31D18B0B0AB3}\RP133\A0205011.exe Infected: Virus.Win32.Tenga.a skipped

D:\System Volume Information\_restore{0EB3CDFA-2093-4062-A732-31D18B0B0AB3}\RP134\A0208087.exe Infected: Virus.Win32.Tenga.a skipped

D:\System Volume Information\_restore{0EB3CDFA-2093-4062-A732-31D18B0B0AB3}\RP134\A0208281.exe Infected: Virus.Win32.Tenga.a skipped

D:\System Volume Information\_restore{0EB3CDFA-2093-4062-A732-31D18B0B0AB3}\RP134\A0208293.exe Infected: Virus.Win32.Tenga.a skipped

D:\System Volume Information\_restore{0EB3CDFA-2093-4062-A732-31D18B0B0AB3}\RP134\A0209786.exe Infected: Virus.Win32.Tenga.a skipped

D:\System Volume Information\_restore{0EB3CDFA-2093-4062-A732-31D18B0B0AB3}\RP134\A0209798.exe Infected: Virus.Win32.Tenga.a skipped

D:\System Volume Information\_restore{0EB3CDFA-2093-4062-A732-31D18B0B0AB3}\RP134\A0209992.exe Infected: Virus.Win32.Tenga.a skipped

D:\System Volume Information\_restore{0EB3CDFA-2093-4062-A732-31D18B0B0AB3}\RP135\A0212757.exe Infected: Virus.Win32.Tenga.a skipped

D:\System Volume Information\_restore{0EB3CDFA-2093-4062-A732-31D18B0B0AB3}\RP135\A0212951.exe Infected: Virus.Win32.Tenga.a skipped

D:\System Volume Information\_restore{0EB3CDFA-2093-4062-A732-31D18B0B0AB3}\RP135\A0212963.exe Infected: Virus.Win32.Tenga.a skipped

D:\System Volume Information\_restore{0EB3CDFA-2093-4062-A732-31D18B0B0AB3}\RP135\A0215519.exe Infected: Virus.Win32.Tenga.a skipped

D:\System Volume Information\_restore{0EB3CDFA-2093-4062-A732-31D18B0B0AB3}\RP135\A0215531.exe Infected: Virus.Win32.Tenga.a skipped

D:\System Volume Information\_restore{0EB3CDFA-2093-4062-A732-31D18B0B0AB3}\RP135\A0215726.exe Infected: Virus.Win32.Tenga.a skipped

E:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped

E:\System Volume Information\_restore{D2FB1788-6623-4E7B-843D-538E3A98FC12}\RP29\A0042053.exe Infected: Virus.Win32.Tenga.a skipped

Scan process completed.
0
Utilisateur anonyme
 
ok, donc:

Clique sur démarrer, clique droit sur poste de travail, propriétés, restauration du système, coche la case "désactiver la restauration du système" puis clique sur "appliquer" ensuite décoche cette même case puis clique sur "appliquer" puis "ok"

Pour effacer les points infectés


Redémarres le PC en mode sans échec : tu tapotes sur la touche F8 de ton clavier (ou F5 ) et tu choisis le mode sans échec)

Puis fait un nettoyage complet avec Ccleaner et redémarre ton PC normalement ça semblera ok ;-)

Fait ce nettoyage: (à faire réguliérement)

¤Telecharges et installes ceci:
CCleaner:
Ccleaner

dans la colonne de gauche clic sur "erreurs" coches toutes les cases, puis cliques en bas sur "chercher des erreurs" une fois finit, cliques sur "reparer les erreurs" et tu aura un message pour sauvegarder ta base de registre tu dis "oui" puis tu recommences jusqu'a ce qu'il te trouve plus d'erreurs.
Les sauvegardes que tu aura faites tu pourra les supprimer si ton ordinateur n'a plus de problémes

¤Relance Ccleaner, vas dans l'onglet "nettoyeur" present sur la gauche, decoches la derniere case (Avancé si elle est cochée) puis clic sur "lancer le nettoyage"

Si tu as besoin d'aide pour Ccleaner, regarde ce tutoriel:
http://www.tutopat.com/viewtopic.php?t=305
0
Réponse 6 / 7
stef93110 Messages postés 12 Statut Membre
 
Salut Boulepate62

J'ai fait la manip, je relance une analyse Kapersky pour voir si c ok maintenant, je post le resultat ce soir.

Est ce que le pb venait de Norton? Comment est ce possible qu il ne voit pas les virus?

Je te tiens au courant ce soir.

Merci pour ton aide
0
Utilisateur anonyme
 
ok ;-)

tout les anti-virus n'ont pas la meme base virale voilà pourquoi il ne l'a pas vu de plus c'est pas trop le top Norton ;-)
0
stef93110 Messages postés 12 Statut Membre > Utilisateur anonyme
 
Re,

Le resultat du scan fait dans la matinée est identique au precedent,
je le mets ci dessous pour info.
Ccleaner je l'avais deja et ces nettoyages, je les fait regulierement (mais j'ai respecté ton mode opératoire a la lettre)

Tuesday, November 14, 2006 7:07:30 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.83.0
Kaspersky Anti-Virus database last update: 14/11/2006
Kaspersky Anti-Virus database records: 227501


Scan Settings
Scan using the following antivirus database standard
Scan Archives true
Scan Mail Bases true

Scan Target My Computer
A:\
C:\
D:\
E:\
F:\
G:\
H:\
I:\
J:\
K:\

Scan Statistics
Total number of scanned objects 108996
Number of viruses found 1
Number of infected objects 16 / 0
Number of suspicious objects 0
Duration of the scan process 01:16:49

Infected Object Name Virus Name Last Action
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\Confid.log Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\Content.log Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\Privacy.log Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\Restrict.log Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\settings.dat Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\WebHist.log Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Symantec\HPPAppActivity.log Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Symantec\HPPHomePageActivity.log Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\2006-11-14_Log.ALUSchedulerSvc.LiveUpdate Object is locked skipped

C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped

C:\Documents and Settings\Stef\Application Data\Skype\stef93110\call256.dbb Object is locked skipped

C:\Documents and Settings\Stef\Application Data\Skype\stef93110\callmember256.dbb Object is locked skipped

C:\Documents and Settings\Stef\Application Data\Skype\stef93110\chat512.dbb Object is locked skipped

C:\Documents and Settings\Stef\Application Data\Skype\stef93110\chatmsg256.dbb Object is locked skipped

C:\Documents and Settings\Stef\Application Data\Skype\stef93110\chatmsg512.dbb Object is locked skipped

C:\Documents and Settings\Stef\Application Data\Skype\stef93110\contactgroup256.dbb Object is locked skipped

C:\Documents and Settings\Stef\Application Data\Skype\stef93110\index2.dat Object is locked skipped

C:\Documents and Settings\Stef\Application Data\Skype\stef93110\profile256.dbb Object is locked skipped

C:\Documents and Settings\Stef\Application Data\Skype\stef93110\transfer512.dbb Object is locked skipped

C:\Documents and Settings\Stef\Application Data\Skype\stef93110\user1024.dbb Object is locked skipped

C:\Documents and Settings\Stef\Application Data\Skype\stef93110\user16384.dbb Object is locked skipped

C:\Documents and Settings\Stef\Application Data\Skype\stef93110\user256.dbb Object is locked skipped

C:\Documents and Settings\Stef\Application Data\Skype\stef93110\voicemail256.dbb Object is locked skipped

C:\Documents and Settings\Stef\Application Data\Symantec\PendingAlertsQueue.log Object is locked skipped

C:\Documents and Settings\Stef\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\Stef\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\Stef\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\Stef\Local Settings\Historique\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\Stef\Local Settings\Temp\~DFED0F.tmp Object is locked skipped

C:\Documents and Settings\Stef\Local Settings\Temp\~DFED20.tmp Object is locked skipped

C:\Documents and Settings\Stef\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped

C:\Documents and Settings\Stef\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\Stef\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\Stef\ntuser.dat.LOG Object is locked skipped

C:\Program Files\Fichiers communs\Symantec Shared\AntiSpam\Log\Spam.log Object is locked skipped

C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcrst.dll Object is locked skipped

C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\EPERSIST.DAT Object is locked skipped

C:\Program Files\Fichiers communs\Symantec Shared\SNDALRT.log Object is locked skipped

C:\Program Files\Fichiers communs\Symantec Shared\SNDCON.log Object is locked skipped

C:\Program Files\Fichiers communs\Symantec Shared\SNDDBG.log Object is locked skipped

C:\Program Files\Fichiers communs\Symantec Shared\SNDFW.log Object is locked skipped

C:\Program Files\Fichiers communs\Symantec Shared\SNDIDS.log Object is locked skipped

C:\Program Files\Fichiers communs\Symantec Shared\SNDSYS.log Object is locked skipped

C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\LOGS\BBConfig.log Object is locked skipped

C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\LOGS\BBDebug.log Object is locked skipped

C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\LOGS\BBDetect.log Object is locked skipped

C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\LOGS\BBNotify.log Object is locked skipped

C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\LOGS\BBRefr.log Object is locked skipped

C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\LOGS\BBSetCfg.log Object is locked skipped

C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\LOGS\BBSetCfg2.log Object is locked skipped

C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\LOGS\BBSetDev.log Object is locked skipped

C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\LOGS\BBSetLoc.log Object is locked skipped

C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\LOGS\BBSetUsr.log Object is locked skipped

C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\LOGS\BBSMNot.log Object is locked skipped

C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\LOGS\BBSMReg.log Object is locked skipped

C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\LOGS\BBSMRSt.log Object is locked skipped

C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\LOGS\BBStHash.log Object is locked skipped

C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\LOGS\BBStMSI.log Object is locked skipped

C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\LOGS\BBValid.log Object is locked skipped

C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\LOGS\SPPolicy.log Object is locked skipped

C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\LOGS\SPStart.log Object is locked skipped

C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\LOGS\SPStop.log Object is locked skipped

C:\Program Files\Norton Internet Security\Norton AntiVirus\AVApp.log Object is locked skipped

C:\Program Files\Norton Internet Security\Norton AntiVirus\AVError.log Object is locked skipped

C:\Program Files\Norton Internet Security\Norton AntiVirus\AVVirus.log Object is locked skipped

C:\Program Files\Norton Internet Security\Norton AntiVirus\Savrt\0140NAV~.TMP Object is locked skipped

C:\Program Files\Norton Internet Security\Norton AntiVirus\Savrt\0351NAV~.TMP Object is locked skipped

C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\logs\access_log Object is locked skipped

C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\logs\error.log Object is locked skipped

C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\logs\error_log Object is locked skipped

C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\logs\ssl_request_log Object is locked skipped

C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped

C:\System Volume Information\_restore{20A9DA13-40C8-42B8-80F0-34E8BA928608}\RP2\change.log Object is locked skipped

C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped

C:\WINDOWS\SchedLgU.Txt Object is locked skipped

C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped

C:\WINDOWS\Sti_Trace.log Object is locked skipped

C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped

C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped

C:\WINDOWS\system32\config\ACEEvent.evt Object is locked skipped

C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\default Object is locked skipped

C:\WINDOWS\system32\config\DEFAULT.LOG Object is locked skipped

C:\WINDOWS\system32\config\Internet.evt Object is locked skipped

C:\WINDOWS\system32\config\SAM Object is locked skipped

C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped

C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\SECURITY Object is locked skipped

C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped

C:\WINDOWS\system32\config\software Object is locked skipped

C:\WINDOWS\system32\config\SOFTWARE.LOG Object is locked skipped

C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\system Object is locked skipped

C:\WINDOWS\system32\config\SYSTEM.LOG Object is locked skipped

C:\WINDOWS\system32\h323log.txt Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped

C:\WINDOWS\system32\_nvidia_xxx_.log Object is locked skipped

C:\WINDOWS\wiadebug.log Object is locked skipped

C:\WINDOWS\wiaservc.log Object is locked skipped

C:\WINDOWS\WindowsUpdate.log Object is locked skipped

D:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped

D:\System Volume Information\_restore{0EB3CDFA-2093-4062-A732-31D18B0B0AB3}\RP133\A0204805.exe Infected: Virus.Win32.Tenga.a skipped

D:\System Volume Information\_restore{0EB3CDFA-2093-4062-A732-31D18B0B0AB3}\RP133\A0204817.exe Infected: Virus.Win32.Tenga.a skipped

D:\System Volume Information\_restore{0EB3CDFA-2093-4062-A732-31D18B0B0AB3}\RP133\A0205011.exe Infected: Virus.Win32.Tenga.a skipped

D:\System Volume Information\_restore{0EB3CDFA-2093-4062-A732-31D18B0B0AB3}\RP134\A0208087.exe Infected: Virus.Win32.Tenga.a skipped

D:\System Volume Information\_restore{0EB3CDFA-2093-4062-A732-31D18B0B0AB3}\RP134\A0208281.exe Infected: Virus.Win32.Tenga.a skipped

D:\System Volume Information\_restore{0EB3CDFA-2093-4062-A732-31D18B0B0AB3}\RP134\A0208293.exe Infected: Virus.Win32.Tenga.a skipped

D:\System Volume Information\_restore{0EB3CDFA-2093-4062-A732-31D18B0B0AB3}\RP134\A0209786.exe Infected: Virus.Win32.Tenga.a skipped

D:\System Volume Information\_restore{0EB3CDFA-2093-4062-A732-31D18B0B0AB3}\RP134\A0209798.exe Infected: Virus.Win32.Tenga.a skipped

D:\System Volume Information\_restore{0EB3CDFA-2093-4062-A732-31D18B0B0AB3}\RP134\A0209992.exe Infected: Virus.Win32.Tenga.a skipped

D:\System Volume Information\_restore{0EB3CDFA-2093-4062-A732-31D18B0B0AB3}\RP135\A0212757.exe Infected: Virus.Win32.Tenga.a skipped

D:\System Volume Information\_restore{0EB3CDFA-2093-4062-A732-31D18B0B0AB3}\RP135\A0212951.exe Infected: Virus.Win32.Tenga.a skipped

D:\System Volume Information\_restore{0EB3CDFA-2093-4062-A732-31D18B0B0AB3}\RP135\A0212963.exe Infected: Virus.Win32.Tenga.a skipped

D:\System Volume Information\_restore{0EB3CDFA-2093-4062-A732-31D18B0B0AB3}\RP135\A0215519.exe Infected: Virus.Win32.Tenga.a skipped

D:\System Volume Information\_restore{0EB3CDFA-2093-4062-A732-31D18B0B0AB3}\RP135\A0215531.exe Infected: Virus.Win32.Tenga.a skipped

D:\System Volume Information\_restore{0EB3CDFA-2093-4062-A732-31D18B0B0AB3}\RP135\A0215726.exe Infected: Virus.Win32.Tenga.a skipped

E:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped

E:\System Volume Information\_restore{D2FB1788-6623-4E7B-843D-538E3A98FC12}\RP29\A0042053.exe Infected: Virus.Win32.Tenga.a skipped

Scan process completed.
0
Réponse 7 / 7
Utilisateur anonyme
 
Salut,

ok, refais un nettoyage avec Ccleaner, en mode sans echec

- Redemarres ton pc, dès l'allumage de celui-ci tapote la touche F8 (ou F5 si F8 ne fonctionne pas), à l'écran qui va apparaitre choisis "mode sans echec" attends un peu..

Ta restauration du système est infecté sur tes disques D: et E: donc;

Alors ceci; C:\System Volume Information\_restore indique que ta restauration du systeme etait infecté ou est infecté, pour être sûr, nous allons créer un point propre.

Clic sur "demarrer", cliques droit sur "poste de travail", "propriétés", onglet "restauration du systeme"

¤ coches la case "desactiver la Restauration du systéme sur tous les lecteurs", puis clic ur "appliquer"
¤ decoches la case et clic sur "appliquer" puis "ok".

Maintenant, que l'ont à effacés les point infectés, nous allons créer un point propre:

Clic sur "demarrer", "tous les programmes", "accessoires", "outils système", "restauration du système", choisis "créer un point de restauration" nommes le " ccm" par exemple, cliques sur "créer" puis "ok".
Voilà, maintenant le point de restauration est créer si un jour tu décides tu pourra revenir en arriere à la date que tu l'as créer donc à ce jour; en fesant la marche arriére tu pourra remettre ton ordinateur à la date ou l'on à créer ce point de restauration mais tu perdra les modifications que tu aura faites entre deux.

Tu me dira ou en est ton problème ;-)
0
stef93110 Messages postés 12 Statut Membre
 
Salut,

J'ai refait toutes les etapes hier soir, relancé le scan et j'avais exactement le meme log que la premiere fois. Est ce que cela veut dire que malgré la suppression des points de restauration, les fichiers verolés dans l'arborescence des points de restauration sont restés?

En rentrant du bureau ce soir je créerai comme indiqué un point de restau propre. Mais y a til un objectif de test derriere cette action ou c juste pour faire un backup en cas de merdouille?

Question: Comment se fait il que je n'ai pas le droit d'acceder au reps System Volume Information des disques D: et E: seulement? (ceci dit ils pesent O kb maintenant, mais sur ces deux lecteurs j ai un message d'erreur "Accès refusé" que je n'obtiens pas sur les autres). Peut on supprimer ces repertoires sans danger (j'envisage la methode brutale sous DOS par ex...lol)

Autre question: Kapersky en ligne me semble faire une detection mais pas de reparation, si?
Faudrait peut etre que je vire Norton provisoirement pour installer un autre antivirus et je procede au nettoyage?

MErci pour tes reponses, pour les tests ca se fera ce soir

++
0
stef93110 Messages postés 12 Statut Membre
 
Salut,

J'ai recréé un point de restauration mais j'ai toujours les memes problemes...
T'aurais une suggestion? :)

Merci
0

Discussions similaires

Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
Problème avec "PUADIManager:Win32/OfferCore
Knaki -
bazfile -

3 réponses
virus Artemis!
mabiche37 -
Malekal_morte- -

14 réponses
Désinstaller Softonic
Diguimette -
lilidurhone -

5 réponses
Message Apple virus !!
Souclik67 -
MPMP10 -

3 réponses