Antivirus 2008 y

tchet -  
 skwal -
Bonjour,
Comment doit-on faire pour éliminer ce putain de virus?????
Configuration: Windows Vista
Internet Explorer 7.0

5 réponses

  1. brahim33 Messages postés 6827 Statut Membre 1 166
     
    ta ka le suprimè apre lavoire detectè
    0
  2. crisous974 Messages postés 67 Statut Membre 1
     
    corse la recherche antivirus configure le ds les parametres et met reparer ou supprimer les fichier mais avec confimation car il ne fo surtout pas supprimer les fichier systeme
    si tu conné reellemen ton ordi sur le bout des doigt tu parcour ton ordi et tu supprime manuellmen les fichier ki ne doivent pas etre la!!!
    0
  3. tchet
     
    ComboFix 08-06-16.5 - tchet 2008-06-19 0:34:56.3 - NTFSx86
    Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6000.0.1252.1.1036.18.997 [GMT 2:00]
    Endroit: C:\Users\tchet\Desktop\ComboFix.exe
    .

    ((((((((((((((((((((((((((((( Fichiers créés 2008-05-18 to 2008-06-18 ))))))))))))))))))))))))))))))))))))
    .

    2008-06-18 23:21 . 2008-06-18 23:21 <REP> d-------- C:\Program Files\Enigma Software Group
    2008-06-18 22:02 . 2008-06-18 22:20 <REP> d-------- C:\Program Files\RogueRemover FREE
    2008-06-15 23:24 . 2008-06-17 16:44 <REP> d-------- C:\Users\tchet\AppData\Roaming\Antivirus2008y
    2008-06-14 13:12 . 2008-04-23 06:27 1,244,672 --a------ C:\Windows\System32\mcmde.dll
    2008-06-14 13:12 . 2008-04-23 06:27 428,032 --a------ C:\Windows\System32\EncDec.dll
    2008-06-14 13:12 . 2008-04-23 06:27 292,352 --a------ C:\Windows\System32\psisdecd.dll
    2008-06-14 13:12 . 2008-04-23 06:26 218,624 --a------ C:\Windows\System32\psisrndr.ax
    2008-06-14 13:12 . 2008-04-23 06:26 80,896 --a------ C:\Windows\System32\MSNP.ax
    2008-06-14 13:12 . 2008-04-23 06:26 68,608 --a------ C:\Windows\System32\Mpeg2Data.ax
    2008-06-14 13:12 . 2008-04-23 06:26 57,856 --a------ C:\Windows\System32\MSDvbNP.ax
    2008-06-11 10:15 . 2008-04-25 06:22 1,831,424 --a------ C:\Windows\System32\inetcpl.cpl
    2008-06-11 10:15 . 2008-04-26 10:02 1,327,104 --a------ C:\Windows\System32\quartz.dll
    2008-06-11 10:15 . 2008-04-25 06:23 826,368 --a------ C:\Windows\System32\wininet.dll
    2008-06-11 10:15 . 2008-05-10 03:21 113,664 --a------ C:\Windows\System32\drivers\rmcast.sys
    2008-06-11 10:15 . 2008-05-10 05:30 14,848 --a------ C:\Windows\System32\wshrm.dll
    2008-06-03 16:24 . 2003-03-12 13:50 140 --ah----- C:\WM800918.bin
    2008-06-03 16:24 . 2003-01-21 01:20 140 --ah----- C:\Windows\AJ820503.bin
    2008-06-03 16:21 . 2008-06-03 16:21 <REP> d-------- C:\Users\tchet\AppData\Roaming\Druide
    2008-06-03 16:15 . 2008-06-03 16:22 141 --a------ C:\Windows\Antidote.ini
    2008-06-03 16:14 . 2008-06-03 16:20 <REP> d-------- C:\Program Files\Druide
    2008-05-31 11:55 . 2008-03-08 02:37 4,247,552 --a------ C:\Windows\System32\GameUXLegacyGDFs.dll
    2008-05-31 11:55 . 2008-03-08 06:30 1,686,528 --a------ C:\Windows\System32\gameux.dll

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-06-18 19:36 27,335 ----a-w C:\Users\tchet\AppData\Roaming\nvModes.dat
    2008-06-18 09:27 --------- d-----w C:\Users\tchet\AppData\Roaming\VersionTracker Pro
    2008-06-16 12:27 --------- d-----w C:\Program Files\Windows Live Toolbar
    2008-06-15 22:18 --------- d-----w C:\ProgramData\Microsoft Help
    2008-06-12 11:53 --------- d-----w C:\Program Files\Windows Mail
    2008-06-05 07:36 --------- d-----w C:\Users\tchet\AppData\Roaming\U3
    2008-04-30 13:27 --------- d-----w C:\ProgramData\CyberLink
    2008-04-30 13:16 --------- d-----w C:\Program Files\Everest Poker
    2008-04-28 20:03 --------- d-----w C:\Users\tchet\AppData\Roaming\vlc
    2008-04-28 20:02 --------- d-----w C:\Program Files\VideoLAN
    2008-04-25 04:23 56,320 ----a-w C:\Windows\System32\iesetup.dll
    2008-04-25 04:23 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
    2008-04-25 04:22 26,624 ----a-w C:\Windows\System32\ieUnatt.exe
    2007-10-19 13:28 174 --sha-w C:\Program Files\desktop.ini
    .

    ((((((((((((((((((((((((((((( snapshot@2008-06-18_23.54.05,29 )))))))))))))))))))))))))))))))))))))))))
    .
    - 2008-06-18 21:50:58 6,156,288 ----a-w C:\Windows\erdnt\Hiv-backup\schema.dat
    + 2008-06-18 22:34:50 6,156,288 ----a-w C:\Windows\erdnt\Hiv-backup\schema.dat
    .
    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-10 02:33 1232896]
    "WindowsWelcomeCenter"="oobefldr.dll" [2006-11-02 14:34 2159104 C:\Windows\System32\oobefldr.dll]
    "MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:55 5674352]
    "Acer Tour Reminder"="" []
    "ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2006-11-02 14:35 125440]
    "Gestionnaire Antidote.exe"="C:\Program Files\Druide\Antidote\Gestionnaire Antidote.exe" [2007-11-30 02:52 533944]
    "Antivirus2008y"="C:\Program Files\Antivirus2008y\antvrs.exe" [ ]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "RtHDVCpl"="RtHDVCpl.exe" [2007-07-06 05:06 4669440 C:\Windows\RtHDVCpl.exe]
    "eDataSecurity Loader"="C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2007-04-25 16:33 457216]
    "eAudio"="C:\Acer\Empowering Technology\eAudio\eAudio.exe" [2007-06-11 14:54 1286144]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-03-08 04:38 40048]
    "Acer Tour"="" []
    "NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-07-25 14:53 86016]
    "NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-07-25 14:53 8433664]
    "NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-07-25 14:53 81920]
    "SetPanel"="C:\Acer\APanel\APanel.cmd" [ ]
    "LManager"="C:\PROGRA~1\LAUNCH~1\LManager.exe" [2007-08-15 11:21 772616]
    "PlayMovie"="C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe" [2007-05-24 13:38 206952]
    "Skytel"="Skytel.exe" [2007-06-15 10:45 1826816 C:\Windows\SkyTel.exe]
    "WarReg_PopUp"="C:\Acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 21:48 57344]
    "PLFSetL"="C:\Windows\PLFSetL.exe" [2007-07-05 12:35 94208]
    "Apoint"="C:\Program Files\Apoint2K\Apoint.exe" [2007-06-06 10:06 159744]
    "eRecoveryService"="" []
    "Acer Tour Reminder"="C:\Acer\AcerTour\Reminder.exe" [2007-05-22 15:49 151552]
    "Symantec PIF AlertEng"="C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2007-03-12 10:22 517768]
    "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 15:00 79224]
    "PWRISOVM.EXE"="C:\Program Files\PowerISO\PWRISOVM.EXE" [2006-11-06 10:27 200704]
    "SpyHunter Security Suite"="C:\Program Files\Enigma Software Group\SpyHunter\SHStartup.exe" [2008-01-23 15:48 344064]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "Acer Tour Reminder"="C:\Acer\AcerTour\Reminder.exe" [2007-05-22 15:49 151552]
    "Gestionnaire Antidote.exe"="C:\Program Files\Druide\Antidote\Gestionnaire Antidote.exe" [2007-11-30 02:52 533944]

    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
    Empowering Technology Launcher.lnk - C:\Acer\Empowering Technology\eAPLauncher.exe [2007-07-26 04:17:00 535336]
    VersionTrackerPro.lnk - C:\Windows\Installer\{C1EDC38F-2760-4A4E-9CED-95B53024134C}\New_Shortcut_S1699_A8EB5A2133B04A97AEEFDFB17E2E701D.exe [2008-01-28 11:32:58 53248]
    WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE [2007-06-06 12:10:02 394856]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
    @="Driver"

    [HKEY_LOCAL_MACHINE\software\microsoft\security center]
    "UacDisableNotify"=dword:00000001
    "InternetSettingsDisableNotify"=dword:00000001
    "AutoUpdateDisableNotify"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
    "{59DE5281-D76E-4158-8705-CF329C4E4652}"= Profile=Private|C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe:Acer Arcade Deluxe
    "{F7BE5145-CFB9-4EF6-B59F-1DE503F9CE8D}"= C:\Program Files\Acer Arcade Deluxe\VideoMagician\VideoMagician.exe:VideoMagician
    "{C86DBA55-A3E3-4F9D-96E7-A08610EB6934}"= C:\Program Files\Acer Arcade Deluxe\HomeMedia\HomeMedia.exe:HomeMedia
    "{C65B0CFD-D277-4C74-BB3B-50A605A73447}"= C:\Program Files\Acer Arcade Deluxe\DV Wizard\DV Wizard.exe:DV Wizard
    "{6A4D07C6-A732-400B-A8D0-00EA48F483BE}"= C:\Program Files\Acer Arcade Deluxe\DVDivine\DVDivine.exe:DVDivine
    "{73644098-2451-47DA-8165-70E41B5E8D5C}"= C:\Program Files\Acer Arcade Deluxe\Play Movie\PlayMovie.exe:Play Movie
    "{BDBE6B14-ACA1-4CEC-ADDE-9F62643061C6}"= C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe:Play Movie Resident Program
    "{58D2156C-A4F3-41AC-8E79-3381384621DD}"= C:\Program Files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)
    "{44BDA4C2-5645-4DE4-A4A0-2A9A7CBE4EBF}"= C:\Program Files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)
    "{FEA7F429-D15B-41C0-AF8E-46F483564323}"= TCP:6004|C:\Program Files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
    "{0A298764-9C9C-4548-AD70-80EADCB27ACF}"= C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe:Acer Arcade Deluxe

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
    "DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
    "C:\\Acer\\Empowering Technology\\eDataSecurity\\eDSfsu.exe"= C:\Acer\Empowering Technology\eDataSecurity\eDSfsu.exe:*:Enabled:eDSfsu
    "C:\\Acer\\Empowering Technology\\eDataSecurity\\encryption.exe"= C:\Acer\Empowering Technology\eDataSecurity\encryption.exe:*:Enabled:encryption
    "C:\\Acer\\Empowering Technology\\eDataSecurity\\decryption.exe"= C:\Acer\Empowering Technology\eDataSecurity\decryption.exe:*:Enabled:decryption

    R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};C:\Program Files\Acer Arcade Deluxe\Play Movie\[u]0/u00.fcl [2006-11-02 16:51]
    R2 aswMonFlt;aswMonFlt;C:\Windows\system32\DRIVERS\aswMonFlt.sys [2007-12-04 16:52]
    R2 SpyHunter3 Service;SpyHunter3 Service;"C:\Program Files\Enigma Software Group\SpyHunter\SHService.exe" [2008-01-23 15:48]
    R3 enecir;ENE CIR Receiver;C:\Windows\system32\DRIVERS\enecir.sys [2007-05-16 14:47]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{86862557-7cb9-11dc-89da-001b385708e6}]
    \shell\AutoRun\command - nideiect.com
    \shell\explore\Command - nideiect.com
    \shell\open\Command - nideiect.com

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8686255a-7cb9-11dc-89da-001b385708e6}]
    \shell\AutoRun\command - J:\LaunchU3.exe -a

    *Newly Created Service* - CATCHME
    *Newly Created Service* - MCHINJDRV
    .
    Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
    "2008-06-18 09:29:18 C:\Windows\Tasks\User_Feed_Synchronization-{A0F87F9F-83D2-456D-A26C-583E25DF0E37}.job"
    - C:\Windows\system32\msfeedssync.exe
    "2008-06-18 22:11:01 C:\Windows\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"
    - C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
    .
    **************************************************************************

    catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-06-19 00:36:31
    Windows 6.0.6000 NTFS

    Balayage processus cachés ...

    Balayage caché autostart entries ...

    Balayage des fichiers cachés ...

    Scan terminé avec succès
    Les fichiers cachés: 0

    **************************************************************************
    .
    Temps d'accomplissement: 2008-06-19 0:37:26
    ComboFix-quarantined-files.txt 2008-06-18 22:37:14
    ComboFix2.txt 2008-06-18 22:07:32
    ComboFix3.txt 2008-06-18 21:54:31

    Pre-Run: 21,076,254,720 octets libres
    Post-Run: 20,959,674,368 octets libres

    161 --- E O F --- 2008-06-18 09:32:32
    0
  4. crisous974 Messages postés 67 Statut Membre 1
     
    sur ton scan jvoi po ou es le fichier infecté dis moi ou il es ds ce k va ala source du fichier et supprime le
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. skwal
     
    essaye "Kapersky internet security", tu m'en dira des nouvelles, car j'etait salement infecte et il a tout nettoye
    0