Virus TOTAL SECURITY

melkiorboy -  
audi68 Messages postés 626 Statut Membre -
Bonjour,
j'ai chopper je ne sais comment le virus total security .....le probleme est que je ne peux ouvrir aucun fichier .exe sauf IE et que je ne peux demarrer mon pc en mode sans echec....a mon avis un formatage s'impose a moins que quelqu'un pourrait m'aider..??

merci d'avance.
A voir également:

8 réponses

Réponse 1 / 8
melkiorboy
 
je viens de voir que quelqu'un a fait un post similaire au mien sauf que comme je vous l'ai dit je ne peux ouvrir aucun fichier.exe donc meme le RSIT ne fonctionne pas.
0
Réponse 2 / 8
Fasi
 
bonjours,

Ça ça va fonctionner !

Procédure de téléchargement de ComboFix.exe.
• Faites un clic-droit sur le lien de ComboFix (par sUBs) >>
>> http://download.bleepingcomputer.com/sUBs/ComboFix.exe

• Sélectionnez soit avec :
- Internet Explorer : Enregistrer la cible sous...
- Firefox : Enregistrer la cible du lien sous...

► Renommer ComboFix.exe pour CB-F.exe et sauvegarder le sur votre bureau.


Procédures d'utilisation de ComboFix exe

/|\ Désactivez votre antivirus, Spybot et autre protection.. /|\
/|\ Fermez tous les applications, n'ouvrez aucun programmes, /|\
/|\ Si ComboFix a besoin de redémarrer, laisser le aller. /|\


Double-cliquer sur Combofix et [Exécuter]
• Si vous utilisez Windows Vista, cliquer sur le bouton [Continuer],
• À la ’’Limitation de garantie du logiciel’’ -> [Oui],
• Installerez la ’’Console de récupération’’ -> [Oui], (<<<<<- IMPORTANT)
• Attendre la fermeture de l’outil (plus d’une 40aines d’étapes).

/|\ Notez qu'une fois que vous avez lancé ComboFix, /|\
/|\ Vous ne devez pas cliquer dans la fenêtre de ComboFix, /|\
/|\ Cela pourrait même endommager Windows. /|\

► Afficher le rapport de ComboFix (C:\Combofix.txt).

Réactiver l'antivirus et autre protection.
0
Réponse 3 / 8
melkiorboy
 
Combofix ne se lance pas comme je vous ai dit je ne peux lancer aucun fichier .exe mais merci quand même...;-)
0
Réponse 4 / 8
audi68 Messages postés 626 Statut Membre 9
 
Salut j avais le meme probleme que toi hier

je ne pouvais lancer aucun fichier .exe et enregistrer aucun fichier que j ai pu telecharger d internet

J ai du les transferer depuis un autre ordi attend Narco!4 se connect il va certainement pouvoir t aider regarde mon topic
https://forums.commentcamarche.net/forum/affich-14228846-virus-total-security-er-runstock-q#8
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 8
Fasi
 
re,


ComboFix n'a certainement pas été renommer durant le téléchargement, ..soit avant qu'il ne soit sur le bureau (disque dur).
Sinon vous auriez été capable de le lancer.

Quel est votre version de Windows Vista ou XP
0
Réponse 6 / 8
vin1111
 
bonjour,
je me permets de copier mon rapport combofix ici... j ai créé un sujet de forum sur ce virus et j ia pas eu de suite apres mon raport anti malware.

ComboFix 09-09-03.02 - Brigitte 04/09/2009 20:00.1.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.510.260 [GMT 2:00]
Running from: c:\documents and settings\Brigitte\Bureau\CB-F.exe
AV: Antivirus BitDefender *On-access scanning enabled* (Updated) {6C4BB89C-B0ED-4F41-A29C-4373888923BB}
AV: avast! antivirus 4.8.1351 [VPS 090904-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: Pare-feu BitDefender *enabled* {4055920F-2E99-48A8-A270-4243D2B8F242}
FW: PC Tools Firewall Plus *disabled* {ABBD5028-5A95-4B6D-996E-98D64AE88D52}
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Application Data\vafuli._dl
c:\documents and settings\All Users\Application Data\ylozosumod.ban
c:\documents and settings\All Users\Documents\avux.reg
c:\documents and settings\All Users\Documents\erupym.reg
c:\documents and settings\All Users\Documents\hujy._dl
c:\documents and settings\All Users\Documents\inyzixowor.dl
c:\documents and settings\All Users\Documents\iqycav.exe
c:\documents and settings\All Users\Documents\ityfeh.scr
c:\documents and settings\All Users\Documents\jama.inf
c:\documents and settings\All Users\Documents\kyvifu.bat
c:\documents and settings\All Users\Documents\luno.exe
c:\documents and settings\All Users\Documents\ozetub.scr
c:\documents and settings\All Users\Documents\ryvyraqer.com
c:\documents and settings\All Users\Documents\tyzesoqy._dl
c:\documents and settings\All Users\Documents\uryrom.vbs
c:\documents and settings\All Users\Documents\uvuwaxuxon.com
c:\documents and settings\All Users\Documents\xutufo.vbs
c:\documents and settings\All Users\Documents\ysew.reg
c:\documents and settings\All Users\Documents\yzuro.inf
c:\documents and settings\Brigitte\Application Data\akepek.dl
c:\documents and settings\Brigitte\Application Data\bylydap.dl
c:\documents and settings\Brigitte\Application Data\esolis.lib
c:\documents and settings\Brigitte\Application Data\fihinytudy._sy
c:\documents and settings\Brigitte\Application Data\ifeqo.bin
c:\documents and settings\Brigitte\Application Data\kyco.vbs
c:\documents and settings\Brigitte\Local Settings\Application Data\gabywod.exe
c:\documents and settings\Brigitte\Local Settings\Application Data\qepenu.bat
c:\documents and settings\Brigitte\Local Settings\Application Data\sikiqohal.ban
c:\documents and settings\Brigitte\Local Settings\Application Data\uqorov._dl
c:\documents and settings\Brigitte\Local Settings\Application Data\zupaf.bin
c:\documents and settings\LocalService\Application Data\akigani._sy
c:\documents and settings\LocalService\Application Data\dasupisoc.ban
c:\documents and settings\LocalService\Application Data\hehym.reg
c:\documents and settings\LocalService\Application Data\osewityvob.vbs
c:\documents and settings\LocalService\Application Data\wemojuved.exe
c:\documents and settings\LocalService\Cookies\arosacasaz._dl
c:\documents and settings\LocalService\Cookies\otinuzarif.sys
c:\documents and settings\LocalService\Cookies\uvenabo.scr
c:\documents and settings\LocalService\Local Settings\Application Data\epej.dl
c:\documents and settings\LocalService\Local Settings\Application Data\idikafozen.exe
c:\documents and settings\LocalService\Local Settings\Application Data\nutyzexifa.ban
c:\documents and settings\LocalService\Local Settings\Application Data\uhuj.dll
c:\documents and settings\LocalService\Local Settings\Temporary Internet Files\vepuryf.dat
c:\program files\Fichiers communs\darupu.pif
c:\program files\Fichiers communs\ebugir.bin
c:\program files\Fichiers communs\lymycanim.sys
c:\program files\Fichiers communs\ogoxa.vbs
c:\program files\Fichiers communs\olavuky.sys
c:\program files\Fichiers communs\sasogylyd.inf
c:\program files\Fichiers communs\uzaxyfixe.reg
c:\program files\Fichiers communs\vewip._dl
c:\program files\Fichiers communs\yvuj.bat
c:\program files\QUAD Utilities
c:\recycler\S-1-5-21-73586283-329068152-725345543-500
c:\windows\aned.inf
c:\windows\axyse.scr
c:\windows\dykulaxah._dl
c:\windows\ehuj.dl
c:\windows\ibekis.sys
c:\windows\Installer\100031.msp
c:\windows\Installer\100032.msp
c:\windows\Installer\100038.msp
c:\windows\Installer\100ab0.msp
c:\windows\Installer\110ada.msp
c:\windows\Installer\113d73.msp
c:\windows\Installer\136b21.msp
c:\windows\Installer\151b71.msp
c:\windows\Installer\151b72.msp
c:\windows\Installer\151b78.msp
c:\windows\Installer\16a06b.msp
c:\windows\Installer\18a1b9.msp
c:\windows\Installer\1a534eb.msp
c:\windows\Installer\1dce1a.msp
c:\windows\Installer\1dce20.msp
c:\windows\Installer\1dce21.msp
c:\windows\Installer\1f84f64.msp
c:\windows\Installer\1f84f65.msp
c:\windows\Installer\1f84f6b.msp
c:\windows\Installer\232bf7.msp
c:\windows\Installer\2c7ccb.msp
c:\windows\Installer\2c7cd1.msp
c:\windows\Installer\2c7cd2.msp
c:\windows\Installer\3f732.msp
c:\windows\Installer\55351c.msp
c:\windows\Installer\5ae87.msp
c:\windows\Installer\5ae88.msp
c:\windows\Installer\5ae8e.msp
c:\windows\Installer\76321e.msp
c:\windows\Installer\7c05b1.msp
c:\windows\Installer\7e741.msp
c:\windows\Installer\7ec936.msp
c:\windows\Installer\89bd98.msp
c:\windows\Installer\c3df8.msp
c:\windows\Installer\c3dfe.msp
c:\windows\Installer\eb11fa.msp
c:\windows\kybylupyry.sys
c:\windows\muhidy._dl
c:\windows\nyvenetemo.scr
c:\windows\ogadumejuz.bat
c:\windows\ohugos.bin
c:\windows\oqije.reg
c:\windows\oraveqav.exe
c:\windows\orydunasu.reg
c:\windows\ovuw.pif
c:\windows\system32\cyra.bat
c:\windows\system32\ebuzuci.ban
c:\windows\system32\ecyf.vbs
c:\windows\system32\emutyk.vbs
c:\windows\system32\jaqaq.bat
c:\windows\system32\jiqotufeh.sys
c:\windows\system32\katakizo.dll
c:\windows\system32\MSVolumeRDFr.dll
c:\windows\system32\odyp.sys
c:\windows\system32\siricu.ban
c:\windows\system32\uhoqagipug.bat
c:\windows\system32\upore._dl
c:\windows\system32\uzuhic.pif
c:\windows\system32\yponedug.reg
c:\windows\system32\yquqosemi.scr
c:\windows\system32\yqyfyzoga.pif
c:\windows\system32\zuwowutemi.scr
c:\windows\tiho.bin
c:\windows\vypiz.bin
c:\windows\wivitob.bin
c:\windows\wyhihehy.sys

.
((((((((((((((((((((((((( Files Created from 2009-08-04 to 2009-09-04 )))))))))))))))))))))))))))))))
.

2009-09-04 13:37 . 2009-09-04 13:37 -------- d-----w- c:\documents and settings\All Users\Application Data\CanonIJPLM
2009-09-04 13:04 . 2009-09-04 17:23 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-09-04 13:04 . 2009-09-04 13:04 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-09-04 12:37 . 2009-08-24 12:05 206256 ----a-w- c:\windows\system32\drivers\PCTCore.sys
2009-09-04 12:37 . 2009-08-19 09:01 86888 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys
2009-09-04 12:37 . 2009-08-27 07:17 229176 ----a-w- c:\windows\system32\drivers\pctgntdi.sys
2009-09-04 12:35 . 2009-08-14 10:44 32552 ----a-w- c:\windows\system32\drivers\pctNdis-DNS.sys
2009-09-04 12:35 . 2009-08-14 10:44 70280 ----a-w- c:\windows\system32\drivers\pctNdis-PacketFilter.sys
2009-09-04 12:35 . 2009-07-29 07:54 46592 ----a-w- c:\windows\system32\drivers\pctNdis.sys
2009-09-04 12:35 . 2009-08-14 10:44 114832 ----a-w- c:\windows\system32\drivers\pctplfw.sys
2009-09-04 12:35 . 2009-09-04 13:40 -------- d-----w- c:\program files\PC Tools Firewall Plus
2009-09-04 12:17 . 2009-09-04 12:17 -------- d-----w- c:\documents and settings\Brigitte\Application Data\Yahoo!
2009-09-04 12:17 . 2009-09-04 12:28 -------- d-----w- c:\program files\Yahoo!
2009-09-04 12:17 . 2009-09-04 12:18 -------- d-----w- c:\program files\CCleaner
2009-09-04 12:02 . 2009-09-04 12:02 -------- d-----w- c:\documents and settings\Brigitte\Application Data\Malwarebytes
2009-09-04 12:02 . 2009-08-03 11:36 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-09-04 12:02 . 2009-09-04 12:02 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-09-04 12:02 . 2009-09-04 12:02 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-09-04 12:02 . 2009-08-03 11:36 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-09-04 11:50 . 2008-04-13 17:33 21504 -c--a-w- c:\windows\system32\dllcache\hidserv.dll
2009-09-04 11:50 . 2008-04-13 17:33 21504 ----a-w- c:\windows\system32\hidserv.dll
2009-09-04 11:50 . 2008-04-13 17:05 14720 -c--a-w- c:\windows\system32\dllcache\kbdhid.sys
2009-09-04 11:50 . 2008-04-13 17:05 14720 ----a-w- c:\windows\system32\drivers\kbdhid.sys
2009-08-28 15:05 . 2004-10-11 17:21 372736 ----a-r- c:\windows\system32\LVUI2RC.dll
2009-08-28 15:05 . 2004-10-11 17:18 22016 ----a-r- c:\windows\system32\drivers\LVUSBSta.sys
2009-08-28 15:05 . 2004-10-11 17:14 106496 ----a-r- c:\windows\system32\lvcoinst.dll
2009-08-28 15:05 . 2004-10-11 17:22 211712 ----a-r- c:\windows\system32\drivers\LV561AV.SYS
2009-08-28 15:05 . 2004-10-11 17:18 204800 ----a-r- c:\windows\system32\LVUI2.dll
2009-08-28 15:05 . 2004-10-11 17:16 204800 ----a-r- c:\windows\system32\lvcodec2.dll
2009-08-28 14:09 . 2004-12-14 17:16 53248 ----a-r- c:\windows\system32\InstMed.exe
2009-08-28 13:47 . 1998-11-13 11:16 308224 ----a-w- c:\windows\IsUn040c.exe
2009-08-28 09:04 . 2009-08-28 09:06 -------- d-----w- c:\program files\eMule
2009-08-26 12:08 . 2009-08-26 12:16 -------- d-----w- c:\documents and settings\Brigitte\Application Data\uTorrent
2009-08-26 09:52 . 2008-04-13 09:36 42368 -c--a-w- c:\windows\system32\dllcache\agp440.sys
2009-08-26 09:52 . 2008-04-13 09:36 42368 ----a-w- c:\windows\system32\drivers\agp440.sys
2009-08-26 09:11 . 2009-08-26 09:11 -------- d-----w- c:\documents and settings\Brigitte\Local Settings\Application Data\Conduit
2009-08-26 09:11 . 2009-08-26 09:12 -------- d-----w- c:\documents and settings\Brigitte\Local Settings\Application Data\Shareware.Pro-FR
2009-08-26 09:11 . 2009-08-26 09:11 -------- d-----w- c:\program files\Conduit
2009-08-26 09:11 . 2009-08-26 09:11 -------- d-----w- c:\program files\Shareware.Pro-FR
2009-08-25 14:49 . 2009-08-17 16:04 51376 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-08-25 14:49 . 2009-08-17 16:04 23152 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-08-25 14:49 . 2009-08-17 16:03 26944 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2009-08-25 14:49 . 2009-08-17 16:06 93392 ----a-w- c:\windows\system32\drivers\aswmon.sys
2009-08-25 14:49 . 2009-08-17 16:06 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2009-08-25 14:49 . 2009-08-17 16:05 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2009-08-25 14:49 . 2009-08-17 16:05 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2009-08-25 14:49 . 2009-08-17 16:02 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-08-25 14:49 . 2009-08-17 16:10 1279456 ----a-w- c:\windows\system32\aswBoot.exe
2009-08-25 14:49 . 2009-08-25 14:49 -------- d-----w- c:\program files\Alwil Software
2009-08-25 14:40 . 2009-09-04 13:39 -------- d-----w- c:\documents and settings\Brigitte\Application Data\PCToolsFirewallPlus
2009-08-25 14:32 . 2009-09-04 12:37 -------- d-----w- c:\program files\Fichiers communs\PC Tools
2009-08-21 17:49 . 2009-08-21 17:49 17440 ----a-w- c:\windows\niwosir.com
2009-08-21 17:49 . 2009-08-21 17:49 13968 ----a-w- c:\windows\system32\yfefosul.com
2009-08-18 18:05 . 2009-08-18 18:05 -------- d-sh--w- c:\documents and settings\LocalService\PrivacIE
2009-08-18 18:04 . 2009-08-18 18:04 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Google
2009-08-18 18:04 . 2009-08-18 18:04 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Conduit
2009-08-18 18:04 . 2009-08-18 18:06 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Torrent_Searcher_TB
2009-08-18 18:04 . 2009-08-18 18:04 -------- d-----r- c:\documents and settings\LocalService\Favoris
2009-08-18 17:05 . 2009-08-18 18:19 -------- d-----w- c:\documents and settings\Brigitte\Local Settings\Application Data\Google
2009-08-18 15:13 . 2009-08-18 15:13 -------- d-sh--w- c:\documents and settings\Brigitte\IECompatCache
2009-08-18 13:22 . 2009-08-18 13:22 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2009-08-18 13:22 . 2009-08-18 13:22 -------- d-sh--w- c:\documents and settings\Brigitte\PrivacIE
2009-08-18 13:11 . 2009-08-18 13:11 131 ----a-w- c:\documents and settings\Brigitte\Local Settings\Application Data\fusioncache.dat
2009-08-18 13:11 . 2009-08-18 13:15 -------- d-----w- c:\documents and settings\Brigitte\Local Settings\Application Data\ApplicationHistory
2009-08-18 12:41 . 2009-08-18 12:41 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2009-08-18 12:36 . 2009-08-18 12:36 -------- d-sh--w- c:\documents and settings\Brigitte\IETldCache
2009-08-18 12:31 . 2009-08-18 12:35 -------- d-----w- c:\program files\Microsoft Silverlight
2009-08-18 12:29 . 2006-06-29 11:07 14048 ------w- c:\windows\system32\spmsg2.dll
2009-08-18 12:25 . 2009-07-03 16:57 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2009-08-18 12:25 . 2009-07-03 16:57 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2009-08-18 12:25 . 2009-08-18 12:26 -------- d-----w- c:\windows\ie8updates
2009-08-18 12:24 . 2009-07-01 07:08 101376 -c----w- c:\windows\system32\dllcache\iecompat.dll
2009-08-18 12:22 . 2009-08-18 12:24 -------- dc-h--w- c:\windows\ie8
2009-08-17 14:46 . 2009-08-17 14:46 -------- d-----w- c:\documents and settings\Brigitte\Application Data\Windows Search
2009-08-17 12:55 . 2009-08-17 12:55 -------- d-----w- c:\documents and settings\Brigitte\Application Data\Windows Desktop Search
2009-08-17 12:54 . 2009-08-18 13:32 -------- d-----w- c:\program files\Windows Desktop Search
2009-08-17 12:54 . 2009-08-17 12:54 -------- d-----w- c:\windows\system32\GroupPolicy
2009-08-17 12:52 . 2008-03-07 17:02 98304 -c----w- c:\windows\system32\dllcache\nlhtml.dll
2009-08-17 12:52 . 2008-03-07 17:02 29696 -c----w- c:\windows\system32\dllcache\mimefilt.dll
2009-08-17 12:52 . 2008-03-07 17:02 192000 -c----w- c:\windows\system32\dllcache\offfilt.dll
2009-08-17 12:49 . 2009-08-17 12:49 -------- d-----w- c:\windows\system32\URTTEMP
2009-08-17 12:12 . 2009-08-17 12:12 14108 ----a-w- c:\program files\Fichiers communs\zypeh.dat
2009-08-17 12:12 . 2009-08-17 12:12 12060 ----a-w- c:\windows\bijudyqyn.com
2009-08-16 07:43 . 2009-08-16 07:43 11624 ----a-w- c:\windows\vovyluteve.com
2009-08-15 08:49 . 2008-04-13 11:15 574976 -c--a-w- c:\windows\system32\dllcache\ntfs.sys
2009-08-12 18:12 . 2004-08-19 15:09 221184 ----a-w- c:\windows\system32\wmpns.dll
2009-08-12 09:18 . 2009-07-10 13:27 1315328 -c----w- c:\windows\system32\dllcache\msoe.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-09-04 17:57 . 2009-07-07 17:37 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-08-28 14:09 . 2009-05-26 17:12 -------- d-----w- c:\program files\Fichiers communs\Logitech
2009-08-28 14:05 . 2008-03-21 10:22 -------- d-----w- c:\program files\Fichiers communs\InstallShield
2009-08-26 12:16 . 2001-09-28 12:00 94956 ----a-w- c:\windows\system32\perfc00C.dat
2009-08-26 12:16 . 2001-09-28 12:00 535550 ----a-w- c:\windows\system32\perfh00C.dat
2009-08-26 09:16 . 2009-05-23 07:33 -------- d-----w- c:\documents and settings\Brigitte\Application Data\MSN6
2009-08-26 07:16 . 2009-08-26 07:16 17155 ----a-w- c:\documents and settings\All Users\Application Data\tyni.dat
2009-08-25 14:44 . 2009-06-11 10:52 -------- d-----w- c:\program files\Bonjour
2009-08-21 17:49 . 2009-08-21 17:49 15807 ----a-w- c:\documents and settings\All Users\Application Data\petu.dat
2009-08-21 13:20 . 2009-06-20 17:16 -------- d-----w- c:\program files\Fichiers communs\BitDefender
2009-08-21 12:56 . 2009-05-25 17:16 81984 ----a-w- c:\windows\system32\bdod.bin
2009-08-18 18:24 . 2009-06-21 18:34 -------- d-----w- c:\documents and settings\All Users\Application Data\ScanSoft
2009-08-18 17:53 . 2009-08-18 17:53 976 ----a-w- c:\windows\system32\bda66.tmp
2009-08-18 17:40 . 2009-08-18 17:40 14680 ----a-w- c:\windows\system32\bda50.tmp
2009-08-18 17:40 . 2009-08-18 17:40 5688 ----a-w- c:\windows\system32\bda47.tmp
2009-08-18 12:30 . 2009-05-29 12:02 -------- d-----w- c:\program files\Microsoft
2009-08-14 04:58 . 2009-09-04 12:37 7396 ----a-w- c:\windows\system32\drivers\pctcore.cat
2009-08-05 09:00 . 2001-09-28 12:00 205312 ----a-w- c:\windows\system32\mswebdvd.dll
2009-07-17 19:03 . 2001-09-28 12:00 58880 ----a-w- c:\windows\system32\atl.dll
2009-07-16 12:57 . 2009-07-16 12:57 68274 ----a-w- c:\documents and settings\Brigitte\temps11.vbs
2009-07-16 12:26 . 2009-06-03 12:43 1410 ----a-w- c:\documents and settings\Brigitte\errorlog.tmp
2009-07-13 21:43 . 2008-03-21 16:05 286208 ----a-w- c:\windows\system32\wmpdxm.dll
2009-07-11 10:24 . 2009-05-22 10:17 86176 ----a-w- c:\documents and settings\Brigitte\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-07-10 17:47 . 2009-07-10 17:47 -------- d-----w- c:\program files\MSBuild
2009-07-10 17:47 . 2009-07-10 17:47 -------- d-----w- c:\program files\Reference Assemblies
2009-07-03 16:57 . 2001-09-28 12:00 915456 ----a-w- c:\windows\system32\wininet.dll
2009-06-25 08:26 . 2001-09-28 12:00 736768 ----a-w- c:\windows\system32\lsasrv.dll
2009-06-25 08:26 . 2001-09-28 12:00 56832 ----a-w- c:\windows\system32\secur32.dll
2009-06-25 08:26 . 2001-09-28 12:00 54272 ----a-w- c:\windows\system32\wdigest.dll
2009-06-25 08:26 . 2001-09-28 12:00 147456 ----a-w- c:\windows\system32\schannel.dll
2009-06-25 08:26 . 2001-09-28 12:00 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-06-25 08:26 . 2001-09-28 12:00 301568 ----a-w- c:\windows\system32\kerberos.dll
2009-06-24 11:18 . 2001-09-28 12:00 92928 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2009-06-16 14:40 . 2001-09-28 12:00 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-06-16 14:40 . 2001-09-28 12:00 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-06-15 10:44 . 2001-09-28 12:00 78848 ----a-w- c:\windows\system32\telnet.exe
2009-06-15 10:44 . 2001-09-28 12:00 82944 ----a-w- c:\windows\system32\tlntsess.exe
2009-06-10 14:14 . 2001-09-28 12:00 85504 ----a-w- c:\windows\system32\avifil32.dll
2009-06-10 07:21 . 2008-03-21 09:52 2066432 ----a-w- c:\windows\system32\mstscax.dll
2009-06-10 06:15 . 2001-09-28 12:00 132096 ----a-w- c:\windows\system32\wkssvc.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{280b5d37-4a76-467a-b3d6-942fca90acde}"= "c:\program files\Shareware.Pro-FR\tbShar.dll" [2009-02-16 1882136]

[HKEY_CLASSES_ROOT\clsid\{280b5d37-4a76-467a-b3d6-942fca90acde}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{280b5d37-4a76-467a-b3d6-942fca90acde}]
2009-02-16 13:44 1882136 ----a-w- c:\program files\Shareware.Pro-FR\tbShar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{280b5d37-4a76-467a-b3d6-942fca90acde}"= "c:\program files\Shareware.Pro-FR\tbShar.dll" [2009-02-16 1882136]

[HKEY_CLASSES_ROOT\clsid\{280b5d37-4a76-467a-b3d6-942fca90acde}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{280B5D37-4A76-467A-B3D6-942FCA90ACDE}"= "c:\program files\Shareware.Pro-FR\tbShar.dll" [2009-02-16 1882136]

[HKEY_CLASSES_ROOT\clsid\{280b5d37-4a76-467a-b3d6-942fca90acde}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Fichiers communs\Ahead\lib\NMBgMonitor.exe" [2005-09-03 94208]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\System32\igfxtray.exe" [2002-10-15 155648]
"HotKeysCmds"="c:\windows\System32\hkcmd.exe" [2002-10-15 114688]
"ORAHSSSessionManager"="c:\program files\OrangeHSS\SessionManager\SessionManager.exe" [2007-12-12 107248]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-05-26 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-06-05 292136]
"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2007-04-03 644696]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2007-04-03 1603152]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-08-17 81000]
"TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2008-06-15 151597]
"LVCOMSX"="c:\windows\system32\LVCOMSX.EXE" [2004-12-14 221184]
"LogitechVideoRepair"="c:\program files\Logitech\Video\ISStart.exe" [2004-12-14 458752]
"LogitechVideoTray"="c:\program files\Logitech\Video\LogiTray.exe" [2004-12-14 217088]
"00PCTFW"="c:\program files\PC Tools Firewall Plus\FirewallGUI.exe" [2009-08-27 2971608]
"SoundMan"="SOUNDMAN.EXE" - c:\windows\SOUNDMAN.EXE [2003-04-25 54784]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-13 15360]

c:\documents and settings\Brigitte\Menu D‚marrer\Programmes\D‚marrage\
Lancement rapide d'Adobe Reader.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-23 29696]

c:\documents and settings\Brigitte\Menu D‚marrer\Programmes\D‚marrage\
Lancement rapide d'Adobe Reader.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-23 29696]

c:\documents and settings\Brigitte\Menu D‚marrer\Programmes\D‚marrage\
Lancement rapide d'Adobe Reader.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-23 29696]

c:\documents and settings\All Users\Application Data\Microsoft\Shortcuts\
Lancement rapide d'Adobe Reader.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-23 29696]
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]

c:\documents and settings\Brigitte\Menu D‚marrer\Programmes\D‚marrage\
Lancement rapide d'Adobe Reader.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-23 29696]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\OrangeHSS\\Connectivity\\ConnectivityManager.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Sony Ericsson\\Update Service\\Update Service.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [25/08/2009 16:49 114768]
R1 pctgntdi;pctgntdi;c:\windows\system32\drivers\pctgntdi.sys [04/09/2009 14:37 229176]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [25/08/2009 16:49 20560]
R2 PCTAppEvent;PCTAppEvent Driver;c:\windows\system32\drivers\PCTAppEvent.sys [04/09/2009 14:37 86888]
R3 PCTFW-DNS;PCTools Firewall - DNS driver;c:\windows\system32\drivers\pctNdis-DNS.sys [04/09/2009 14:35 32552]
R3 PCTFW-PacketFilter;PCTools Firewall - Packet filter driver;c:\windows\system32\drivers\pctNdis-PacketFilter.sys [04/09/2009 14:35 70280]
R3 pctNDIS;PC Tools Driver;c:\windows\system32\drivers\pctNdis.sys [04/09/2009 14:35 46592]
S1 soqwx32;soqwx32;\??\c:\windows\system32\drivers\soqwx32.sys --> c:\windows\system32\drivers\soqwx32.sys [?]
S2 wlidsvc;Windows Live ID Sign-in Assistant;c:\program files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVC.EXE [30/03/2009 16:28 1533808]
S3 EloBus;Elobus Filter Driver;c:\windows\system32\DRIVERS\EloBus.sys --> c:\windows\system32\DRIVERS\EloBus.sys [?]
S3 EloSer;Elo Serial Driver;c:\windows\system32\DRIVERS\EloSer.sys --> c:\windows\system32\DRIVERS\EloSer.sys [?]
S3 pctplfw;pctplfw;c:\windows\system32\drivers\pctplfw.sys [04/09/2009 14:35 114832]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
- - - - ORPHANS REMOVED - - - -

HKLM-Run-Internet Connection Wizard Setup Tool - c:\program files\Internet Explorer\Connection Wizard\icwsetup.exe
HKLM-Run-AtiCwd32 - Aticwd32.exe
HKLM-Run-AtiKey - Atitask.exe
HKLM-Run-NWEReboot - (no file)


.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.fr/
mStart Page = hxxp://www.tropal.net/
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
Trusted Zone: chat-land.org
DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-09-04 20:08
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\h–€|ÿÿÿÿ¤•€|ù•9~*]
"C040110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
Completion time: 2009-09-04 20:10
ComboFix-quarantined-files.txt 2009-09-04 18:10

Pre-Run: 7 762 444 288 octets libres
Post-Run: 8 093 700 096 octets libres

403 --- E O F --- 2009-08-26 12:31
0
Réponse 7 / 8
vin1111
 
Que faut il faire apres..? svp... le virus ne s affiche plus comme avant mais il rame il doit toujours etre present.. merci
0
Réponse 8 / 8
audi68 Messages postés 626 Statut Membre 9
 
Fait cela
https://www.micro-astuce.com/securite/NanoScan-Panda.php
0

Discussions similaires

SecurityHealth est a désactiver ou pas au démarrage de W10 Pro 64 ?
Walti55 -
Walti55 -

2 réponses
désinstaller 360 antivirus
xituxo -
bazfile -

9 réponses
Security boot fail lors du démarrage
Steu -
Thiecoss -

5 réponses
Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
Analyse de l'appli "AI SECURITY"
cl06 -
CCMBot -

1 réponse