S.O.S plein de virus sur mon ordi je en sais plus quoi faire (Résolu!) (1/5)

ComboFix 08-01-09.2 - Loïc 2008-01-10 18:43:23.2 - NTFSx86 Running from: C:\Documents and Settings\Loïc\Bureau\ComboFix.exe Command switches used :: and Settings\Loïc\Bureau\ComboFix.exe . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\WIN64\system32\adefe.ini C:\WIN64\system32\adefe.ini2 C:\WIN64\system32\eetxbttf.ini C:\WIN64\system32\erbmeiba.dll C:\WIN64\system32\f3 C:\WIN64\system32\fttbxtee.dll C:\WIN64\system32\gguefgxm.dll C:\WIN64\system32\h1 C:\WIN64\system32\hthcpwiv.dll C:\WIN64\system32\igosjmxh.ini C:\WIN64\system32\jvpvwnwv.ini C:\WIN64\system32\l4 C:\WIN64\system32\l4\swdrv83122.exe C:\WIN64\system32\nipxlyrf.ini C:\WIN64\system32\pac.txt C:\WIN64\system32\qulfouud.dll C:\WIN64\system32\rlpmobku.ini C:\WIN64\system32\rpdwwwhc.dll C:\WIN64\system32\ruxptfmf.ini C:\WIN64\system32\rvvvjoih.dll C:\WIN64\system32\sskgfaev.dll C:\WIN64\system32\uelmnebv.dll C:\WIN64\system32\uwjqvmcl.ini C:\WIN64\system32\vbenmleu.ini C:\WIN64\system32\wlvejtcq.dll C:\WIN64\system32\xjjlqhbf.ini C:\WIN64\system32\yxhpjwwh.ini . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\LEGACY_DOMAINSERVICE ((((((((((((((((((((((((((((( Fichiers cr‚‚s 2007-12-10 to 2008-01-10 )))))))))))))))))))))))))))))))))))) . 2008-01-09 17:54 . 2000-08-31 08:00 51,200 --a------ C:\WIN64\NirCmd.exe 2008-01-06 20:03 . 2008-01-08 18:22 714 ---hs---- C:\WIN64\system32\ldkuxugv.ini 2008-01-06 20:02 . 2008-01-06 20:02 90,176 --a------ C:\WIN64\system32\vguxukdl.dll 2008-01-06 19:59 . 2008-01-06 19:59 75,840 --a------ C:\WIN64\system32\yxjjkarh.dll 2008-01-06 14:38 . 2008-01-06 14:39 <REP> d-------- C:\Program Files\Opera 2008-01-06 13:38 . 2008-01-06 13:38 907 --a------ C:\WIN64\Active Setup Log.BAK 2008-01-05 18:28 . 2008-01-06 19:58 474 ---hs---- C:\WIN64\system32\fqynswin.ini 2008-01-04 18:12 . 2008-01-04 18:12 90,176 --a------ C:\WIN64\system32\kougpcws.dll 2008-01-04 18:12 . 2008-01-04 18:12 654 ---hs---- C:\WIN64\system32\swcpguok.ini 2008-01-04 18:08 . 2008-01-04 18:08 79,424 --a------ C:\WIN64\system32\aeixnbwa.dll 2008-01-02 12:51 . 2008-01-04 18:07 594 ---hs---- C:\WIN64\system32\iaqckedb.ini 2008-01-01 12:47 . 2008-01-02 12:47 474 ---hs---- C:\WIN64\system32\tpegchxj.ini 2007-12-29 18:09 . 2007-12-29 18:09 78,912 --a------ C:\WIN64\system32\epkxaqxf.dll 2007-12-29 18:07 . 2007-12-29 18:07 294 ---hs---- C:\WIN64\system32\bwbeamkm.ini 2007-12-29 18:06 . 2007-12-29 18:06 90,176 --a------ C:\WIN64\system32\mkmaebwb.dll 2007-12-29 10:16 . 2007-12-31 14:01 71 --a------ C:\WIN64\pex.INI 2007-12-29 10:10 . 2007-12-31 14:00 151 --a------ C:\WIN64\Ulead32.ini 2007-12-29 10:08 . 2002-12-25 19:55 32,768 --------- C:\WIN64\system32\UleadPhotoExplorer8_Res.dll 2007-12-29 10:08 . 2002-11-01 14:28 24,576 --------- C:\WIN64\system32\Ulead Photo Explorer 8.scr 2007-12-29 10:03 . 2003-09-11 10:49 114,688 --------- C:\WIN64\system32\UPSCR.Scr 2007-12-29 10:03 . 2004-03-18 16:28 40,960 --a------ C:\WIN64\system32\Ulead Photo Express ScreenSaver.scr 2007-12-29 09:58 . 2007-12-29 10:07 <REP> d-------- C:\Program Files\Fichiers communs\Ulead Systems 2007-12-29 09:57 . 2007-12-29 10:07 <REP> d-------- C:\Program Files\Ulead Systems 2007-12-28 18:09 . 2007-12-29 10:13 <REP> d-------- C:\Program Files\Digital Camera 2007-12-28 18:09 . 2007-02-26 21:28 55,808 --a------ C:\WIN64\system32\drivers\nvtcam.sys 2007-12-28 18:09 . 2004-04-12 14:32 41,760 --a------ C:\WIN64\system\VFWWDM.DRV 2007-12-28 18:09 . 2007-02-26 21:28 24,192 --a------ C:\WIN64\system32\drivers\NVTCAMD2.SYS 2007-12-28 12:13 . 2007-12-28 12:13 <REP> d-------- C:\Program Files\Shareaza 2007-12-27 17:32 . 2007-12-27 17:32 81,984 --a------ C:\WIN64\system32\tqwoumwm.dll 2007-12-27 17:29 . 2007-12-27 17:29 90,176 --a------ C:\WIN64\system32\ehiekwyk.dll 2007-12-27 17:29 . 2007-12-27 17:59 954 ---hs---- C:\WIN64\system32\kywkeihe.ini 2007-12-26 16:56 . 2007-12-26 17:02 <REP> d-------- C:\Program Files\Windows Live Safety Center 2007-12-26 16:28 . 2007-12-27 17:27 774 ---hs---- C:\WIN64\system32\fwtjedhf.ini 2007-12-25 18:09 . 2007-12-25 19:19 <REP> d-------- C:\Program Files\Hunting Unlimited 3 2007-12-25 17:17 . 2008-01-09 16:31 1,355 --a------ C:\WIN64\imsins.BAK 2007-12-25 16:24 . 2007-12-26 16:24 594 ---hs---- C:\WIN64\system32\mmwxtnxr.ini 2007-12-24 18:42 . 2007-12-24 19:07 <REP> d-------- C:\Documents and Settings\All Users.WIN64\Application Data\Messenger Plus! 2007-12-24 18:02 . 2007-12-24 18:15 <REP> d-------- C:\Program Files\Windows Live 2007-12-24 16:40 . 2007-12-24 18:41 <REP> d-------- C:\Program Files\Messenger Plus! Live 2007-12-24 13:50 . 2007-12-25 16:19 414 ---hs---- C:\WIN64\system32\byjabnlh.ini 2007-12-24 10:31 . 2007-12-24 10:31 <REP> d-------- C:\Program Files\CCleaner 2007-12-23 13:47 . 2007-12-23 14:49 594 ---hs---- C:\WIN64\system32\cpkanhep.ini 2007-12-23 13:43 . 2007-12-23 13:43 78,912 --a------ C:\WIN64\system32\gdesfqbt.dll 2007-12-21 18:08 . 2007-12-23 13:38 474 ---hs---- C:\WIN64\system32\niaegerx.ini 2007-12-21 18:05 . 2007-12-21 18:05 80,448 --a------ C:\WIN64\system32\bpdihpba.dll 2007-12-20 17:09 . 2007-12-20 17:09 80,448 --a------ C:\WIN64\system32\hovnjcbj.dll 2007-12-20 17:06 . 2007-12-20 17:06 294 ---hs---- C:\WIN64\system32\uriueink.ini 2007-12-19 11:14 . 2007-12-19 19:06 414 ---hs---- C:\WIN64\system32\gpejobce.ini 2007-12-19 11:09 . 2007-12-19 11:09 80,448 --a------ C:\WIN64\system32\apqsylmo.dll 2007-12-18 18:32 . 2007-12-18 18:32 <REP> d-------- C:\Documents and Settings\All Users.WIN64\Application Data\nView_Profiles 2007-12-17 20:17 . 2007-12-17 20:17 294 ---hs---- C:\WIN64\system32\huwbdhja.ini 2007-12-17 20:14 . 2007-12-17 20:14 80,448 --a------ C:\WIN64\system32\yqalmlqo.dll 2007-12-16 20:17 . 2007-12-17 17:12 354 ---hs---- C:\WIN64\system32\pyvkxnif.ini 2007-12-16 20:13 . 2007-12-16 20:13 80,448 --a------ C:\WIN64\system32\pyqyeecp.dll 2007-12-15 20:11 . 2007-12-15 20:11 80,448 --a------ C:\WIN64\system32\qjywllmv.dll 2007-12-15 20:08 . 2007-12-15 20:08 294 ---hs---- C:\WIN64\system32\avffvurp.ini 2007-12-14 19:16 . 2007-12-14 19:16 80,448 --a------ C:\WIN64\system32\xsqpnprh.dll 2007-12-14 19:13 . 2007-12-14 19:13 294 ---hs---- C:\WIN64\system32\wmwnodae.ini 2007-12-13 19:14 . 2007-12-14 18:31 414 ---hs---- C:\WIN64\system32\bpljxvmo.ini 2007-12-13 19:11 . 2007-12-13 19:11 80,448 --a------ C:\WIN64\system32\pkkjojrw.dll 2007-12-13 17:56 . 2007-12-13 17:56 <REP> d-------- C:\Program Files\Citrix 2007-12-12 19:15 . 2007-12-13 17:13 354 ---hs---- C:\WIN64\system32\jlerauwm.ini 2007-12-12 19:12 . 2007-12-12 19:12 80,448 --a------ C:\WIN64\system32\gjreayiu.dll 2007-12-12 18:43 . 2007-12-12 18:43 <REP> d-------- C:\WIN64\nview 2007-12-12 18:43 . 2003-10-06 14:16 98,304 --a------ C:\WIN64\system32\nvudisp.exe 2007-12-12 18:43 . 2003-10-06 14:16 9,801 --a------ C:\WIN64\system32\nvdisp.nvu 2007-12-11 19:12 . 2007-12-11 19:12 80,448 --a------ C:\WIN64\system32\xjfwcfac.dll 2007-12-10 18:17 . 2007-12-10 18:17 80,448 --a------ C:\WIN64\system32\irmgjaid.dll . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2007-12-29 09:07 --------- d--h--w C:\Program Files\InstallShield Installation Information 2007-12-29 09:07 --------- d-----w C:\Documents and Settings\All Users.WIN64\Application Data\Ulead Systems 2007-12-24 17:01 --------- d-----w C:\Documents and Settings\All Users.WIN64\Application Data\WLInstaller 2007-12-24 09:34 --------- d-----w C:\Documents and Settings\All Users.WIN64\Application Data\Spybot - Search & Destroy 2007-12-07 19:01 --------- d-----w C:\Documents and Settings\All Users.WIN64\Application Data\WindowsLiveInstaller 2007-12-04 17:05 --------- dcsh--w C:\Program Files\Fichiers communs\WindowsLiveInstaller 2007-12-04 14:56 93,264 ----a-w C:\WIN64\system32\drivers\aswmon.sys 2007-12-04 14:55 94,544 ----a-w C:\WIN64\system32\drivers\aswmon2.sys 2007-12-04 14:53 23,152 ----a-w C:\WIN64\system32\drivers\aswRdr.sys 2007-12-04 14:51 42,912 ----a-w C:\WIN64\system32\drivers\aswTdi.sys 2007-12-04 14:49 26,624 ----a-w C:\WIN64\system32\drivers\aavmker4.sys 2007-12-02 17:43 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\Talkback 2007-11-15 20:40 --------- d-----w C:\Program Files\Ulead Systems(2) 2007-11-15 20:40 --------- d-----w C:\Program Files\K-Lite Codec Pack 2007-11-13 10:25 20,480 ----a-w C:\WIN64\system32\drivers\secdrv.sys 2007-11-11 15:49 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared 2007-11-11 09:29 --------- d-----w C:\Program Files\Philips . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{8488698d-e70d-44e0-aaf3-30882e9b49fe}] 2008-01-06 19:59 75840 --a------ C:\WIN64\system32\yxjjkarh.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EA10316E-62D4-4DBE-B1C0-2C145FD5D0C1}] C:\WIN64\system32\efeda.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 11:34 5724184] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224] "a4c30d5f"="C:\WIN64\system32\vguxukdl.dll" [2008-01-06 20:02 90176] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoSMHelp"= 1 (0x1) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon] "UIHost"="LogonUI.EXE" [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\yayyawv] yayyawv.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\a4c30d5f] C:\WIN64\system32\pehnakpc.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVFX Engine] C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent] --a------ 2004-08-03 23:55 110592 C:\WIN64\system32\bthprops.cpl [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DWQueuedReporting] --a------ 2005-04-25 12:45 36040 C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr] --a------ 2007-10-18 11:34 5724184 C:\Program Files\Windows Live\Messenger\msnmsgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] --a------ 2001-07-09 09:50 155648 C:\WIN64\system32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon] C:\WIN64\system32\NvCpl.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter] --a------ 2003-10-06 14:16 49152 C:\WIN64\system32\NVMCTRAY.DLL [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz] --a------ 2003-10-06 14:16 741376 C:\WIN64\system32\nwiz.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] --a------ 2007-10-19 20:16 286720 C:\Program Files\K-Lite Codec Pack\QuickTime\QTTask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Shareaza] --a------ 2007-12-02 04:30 4677632 C:\Program Files\Shareaza\Shareaza.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] --a------ 2007-09-25 01:11 132496 C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] --a------ 2007-11-05 16:33 185632 C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vptray] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "WMPNetworkSvc"=3 (0x3) "WLSetupSvc"=3 (0x3) "usnjsvc"=3 (0x3) "Spooler"=2 (0x2) "RemoteRegistry"=2 (0x2) "RDSessMgr"=3 (0x3) "RasMan"=3 (0x3) "RasAuto"=3 (0x3) "ose"=3 (0x3) "ERSvc"=2 (0x2) "DomainService"=2 (0x2) "BthServ"=2 (0x2) R3 P1171VID;Creative WebCam Notebook #2;C:\WIN64\system32\DRIVERS\P1171Vid.sys [2004-03-19 00:00] R3 USB_RNDIS_51;Broadcom USB Remote NDIS Device Driver;C:\WIN64\system32\DRIVERS\usb8023.sys [2004-08-03 22:04] . Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es' "2007-11-08 18:22:13 C:\WIN64\Tasks\AppleSoftwareUpdate.job" - C:\Program Files\Apple Software Update\SoftwareUpdate.exe . ************************************************************************** catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-01-10 18:53:34 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- PROCESS: C:\WIN64\system32\winlogon.exe -> C:\WIN64\system32\NavLogon.dll . Completion time: 2008-01-10 19:01:03 - machine was rebooted [Lo‹c] ComboFix-quarantined-files.txt 2008-01-10 18:00:55 . 2008-01-09 15:34:14 --- E O F ---

S.O.S plein de virus sur mon ordi je en sais plus quoi faire

Participer! →

moa88 →

Le 9 janvier à 17:38 #

jacko17 →

Le 9 janvier à 17:42 #

moa88 →

Le 9 janvier à 17:51 #

jacko17 →

Le 9 janvier à 17:51 #

Superbowser888 →

Le 10 janvier à 10:05 #

jacko17 →

Le 10 janvier à 10:07 #

moa88 →

Le 10 janvier à 19:06 #

jacko17 →

Le 10 janvier à 19:10 #

moa88 →

Le 10 janvier à 19:14 #

jacko17 →

Le 10 janvier à 19:15 #

Participer! →

Sujets Connexes

Arakien & WéWé

Du nouveau ?

Forums

Navigation

Publicité

Connectés

Recherche

Concours

Partenaires

	S.O.S plein de virus sur mon ordi je en sais plus quoi faire
	» Liste des Forums » Virus, troyens, etc... » Discussion