Bonjour, je n'en peu plus entre les trojans et les win32 bagle Aidez moi svp comment faire.

Trojan quelqu'un pour m'aider

Réponse 1 / 6

jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040

slt

tu es infécté par Bagle? alors fais ceci

Télécharge Combofix de sUBs : Renomme le avant toute installation, par exemple, nomme le "KillBagle". aide ici : https://forum.pcastuces.com/sujet.asp?f=25&s=37315

http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Sauvegarde le sur ton bureau et pas ailleurs !

Aide à l’utilisation de combofix ici: https://bibou0007.forumpro.fr/login?redirect=%2Ft121-topic

Double-clic sur combofix, Il va te poser une question, réponds par la touche 1 et entrée pour valider, laisse toi guider.
Attends que combofix ait terminé, un rapport sera créé. Poste le rapport.

-----------

Fais DEMARRER puis EXECUTER et tape mrt puis clique sur ok et suis la procedure (si impossible, passe a la suite)

----------

* Téléchargez ELIBAGLA en bas de cette page http://www.zonavirus.com/datos/descargas/95/elibagla.asp
* Clique sur le bouton Descargar Elibagla cela va télécharger le fichier, placez le sur votre bureau.
* Double-cliquez dessus pour l'ouvrir
* Assurez-vous que dans le menu déroulant Unidad, vous avez bien C:\
* Vérifiquez aussi que l'option en bas de la fenêtre Eliminar Ficheros Automaticamente est bien cochée
* Cliquez sur le bouton Explorar pour lancer l'analyse
------------

colle le rapport d'un scan en ligne
avec un des suivants:

bitdefender en ligne :
http://www.bitdefender.fr/scan_fr/scan8/ie.html

secuser en ligne :
http://www.secuser.com/outils/antivirus.htm

scan en ligne firefox

https://www.trendmicro.com/fr_fr/business.html

p3d Messages postés 30 Statut Membre

bonjour
j'essaye de faire ce que tu m'indique je te tiens au courant
Merci

p3d Messages postés 30 Statut Membre > p3d Messages postés 30 Statut Membre

voila le rapport excuse moi j'ai été long mais le virus me deconnect mon anti virus m'a dit que jétais infecté par un trojan mais je n'arrive pas à le faire disparaitre.

ComboFix 08-04-09.9 - PEIGNON 2008-04-10 17:31:28.6 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.1361 [GMT 2:00]
Endroit: C:\Documents and Settings\PEIGNON\Bureau\Combo-Fix.exe
* Création d'un nouveau point de restauration
* Resident AV is active

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.
TimedOut: progfile.dat

((((((((((((((((((((((((((((( Fichiers créés 2008-03-10 to 2008-04-10 ))))))))))))))))))))))))))))))))))))
.

2008-04-10 15:01 . 2008-04-10 15:01 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-04-10 14:42 . 2008-04-10 14:42 <REP> d-------- C:\WINDOWS\LastGood
2008-04-10 14:07 . 1996-08-20 20:37 15,840 --a------ C:\WINDOWS\system32\Machnm1.exe
2008-04-10 14:07 . 2005-09-25 16:37 5,632 --a------ C:\WINDOWS\system32\Machnm64.sys
2008-04-10 14:07 . 2008-04-10 14:07 3,120 --a------ C:\WINDOWS\system32\118290.54
2008-04-10 14:07 . 2008-04-10 14:07 3,120 --a------ C:\WINDOWS\118294.78
2008-04-10 14:07 . 2003-08-13 00:27 2,304 --a------ C:\WINDOWS\system32\Machnm32.sys
2008-04-10 11:56 . 2008-04-10 12:03 <REP> d-------- C:\Documents and Settings\PEIGNON\Application Data\AVGTOOLBAR
2008-04-10 11:55 . 2008-04-10 11:55 <REP> d-------- C:\Program Files\AVG
2008-04-10 11:55 . 2008-04-10 12:14 <REP> d-------- C:\Documents and Settings\All Users\Application Data\avg8
2008-04-10 11:32 . 2008-04-10 12:07 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-04-10 08:26 . 2008-04-10 08:26 <REP> d-------- C:\Documents and Settings\PEIGNON\Application Data\Bitdefender
2008-04-10 08:25 . 2008-04-10 08:25 <REP> d-------- C:\Program Files\Softwin
2008-04-10 08:25 . 2008-04-10 08:25 <REP> d-------- C:\Program Files\Fichiers communs\Softwin
2008-04-10 08:25 . 2008-04-10 08:26 <REP> d-------- C:\Documents and Settings\All Users\Application Data\BitDefender
2008-04-09 19:20 . 2008-04-09 19:20 <REP> d-------- C:\Program Files\Trend Micro
2008-04-09 17:43 . 2008-04-10 10:21 <REP> d-------- C:\Muestras
2008-04-09 14:52 . 2008-04-09 14:52 <REP> d-------- C:\Program Files\Sophos
2008-04-08 17:58 . 2008-04-09 18:55 <REP> d-------- C:\WINDOWS\BDOSCAN8
2008-04-08 13:55 . 2008-04-08 13:55 <REP> d-------- C:\WINDOWS\dell
2008-04-08 12:23 . 2004-08-05 12:00 13,463,552 --a--c--- C:\WINDOWS\system32\dllcache\hwxjpn.dll
2008-04-08 12:22 . 2004-08-05 12:00 1,677,824 --a--c--- C:\WINDOWS\system32\dllcache\chsbrkr.dll
2008-04-08 12:21 . 2008-04-08 12:21 749 -rah----- C:\WINDOWS\WindowsShell.Manifest
2008-04-08 12:21 . 2008-04-08 12:21 749 -rah----- C:\WINDOWS\system32\wuaucpl.cpl.manifest
2008-04-08 12:21 . 2008-04-08 12:21 749 -rah----- C:\WINDOWS\system32\sapi.cpl.manifest
2008-04-08 12:21 . 2008-04-08 12:21 749 -rah----- C:\WINDOWS\system32\nwc.cpl.manifest
2008-04-08 12:21 . 2008-04-08 12:21 749 -rah----- C:\WINDOWS\system32\ncpa.cpl.manifest
2008-04-08 12:21 . 2008-04-08 12:21 488 -rah----- C:\WINDOWS\system32\logonui.exe.manifest
2008-04-08 12:19 . 2004-08-05 12:00 7,680 --a--c--- C:\WINDOWS\system32\dllcache\inetmgr.exe
2008-04-08 11:14 . 2008-04-08 11:14 <REP> d-------- C:\Program Files\Wireless LAN Utility
2008-04-08 11:06 . 2008-04-08 11:06 <REP> d-------- C:\Program Files\SiSWLAN
2008-04-08 11:06 . 2005-11-02 10:53 215,552 --a------ C:\WINDOWS\system32\drivers\sis163u.sys
2008-04-08 11:06 . 2005-08-04 17:28 49,152 --a------ C:\WINDOWS\system32\unWdWu.exe
2008-04-08 11:06 . 2005-04-14 17:02 31,872 --a------ C:\WINDOWS\system32\drivers\sisnpf.sys
2008-04-08 11:06 . 2008-04-08 11:06 0 --a------ C:\WINDOWS\system32\wunilog.ini
2008-04-08 10:22 . 2008-04-08 10:22 6,656 --ahs---- C:\WINDOWS\system32\Thumbs.db
2008-04-07 18:09 . 2008-04-10 08:34 <REP> d-------- C:\WINDOWS\system32\drivers\downld
2008-04-04 10:20 . 2008-04-04 10:20 <REP> d-------- C:\Program Files\Dassault Systemes
2008-04-04 10:17 . 2008-04-04 10:17 <REP> d-------- C:\Documents and Settings\PEIGNON\Application Data\DassaultSystemes
2008-04-04 10:17 . 2008-04-04 10:20 <REP> d-------- C:\Documents and Settings\All Users\Application Data\DassaultSystemes
2008-04-03 09:42 . 2008-04-03 09:42 <REP> d-------- C:\SEFlex
2008-04-03 09:41 . 2008-04-03 09:41 <REP> d-------- C:\Program Files\Solid Edge Data Migration Component
2008-04-03 09:40 . 2008-04-03 09:40 <REP> d-------- C:\Program Files\Rainbow Technologies
2008-04-03 09:39 . 2008-04-03 09:39 <REP> d-------- C:\Program Files\Solid Edge Electrode Design V20
2008-04-03 09:38 . 2008-04-03 09:38 <REP> d-------- C:\Program Files\Solid Edge Mold Tooling V20
2008-04-03 09:29 . 2008-04-03 09:29 <REP> d-------- C:\Solid Edge Standard Parts
2008-04-03 09:29 . 2008-04-03 09:29 <REP> d-------- C:\Documents and Settings\PEIGNON\Application Data\Unigraphics Solutions
2008-04-03 09:26 . 2008-04-03 09:26 <REP> d-------- C:\SOApolicies
2008-04-03 09:26 . 2008-04-03 09:26 <REP> d-------- C:\Program Files\Solid Edge Tc Administrator V20
2008-04-03 09:26 . 2008-04-03 09:26 <REP> d-------- C:\Change This Folder
2008-04-03 09:11 . 2008-04-03 09:19 <REP> d-------- C:\Program Files\Solid Edge V20
2008-04-02 14:16 . 2008-04-08 11:36 76,974 --a------ C:\WINDOWS\setupapi.old
2008-03-13 11:14 . 2008-03-13 11:15 <REP> d-------- C:\Program Files\AOEMView 2008

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-10 15:32 81,984 ----a-w C:\WINDOWS\system32\bdod.bin
2008-04-10 14:43 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-04-10 10:29 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
2008-04-08 12:59 --------- d-----w C:\Program Files\SetPoint
2008-04-08 07:27 81,920 ----a-w C:\WINDOWS\system32\W32N50.dll
2008-04-08 07:27 17,134 ----a-w C:\WINDOWS\system32\PCANDIS5.sys
2008-03-26 13:00 262,360 ----a-w C:\Documents and Settings\PEIGNON\Application Data\GDIPFONTCACHEV1.DAT
2008-03-13 09:20 --------- d-----w C:\Program Files\Fichiers communs\Autodesk Shared
2008-03-13 09:14 --------- d-----w C:\Documents and Settings\All Users\Application Data\Autodesk
2008-02-26 08:32 --------- d-----w C:\Program Files\Danfoss Socla 2007
2008-02-26 08:24 --------- d-----w C:\Documents and Settings\PEIGNON\Application Data\cadenas
2008-02-14 17:24 --------- d-----w C:\Program Files\TomTom HOME 2
2008-02-14 17:24 --------- d-----w C:\Program Files\TomTom HOME
2008-02-14 17:24 --------- d-----w C:\Documents and Settings\PEIGNON\Application Data\TomTom
2008-02-14 16:50 --------- d-----w C:\Documents and Settings\All Users\Application Data\TomTom
2008-02-13 08:53 --------- d-----w C:\Program Files\Dell
2008-02-13 08:49 --------- d-----w C:\Documents and Settings\All Users\Application Data\Citrix
2008-02-13 08:48 60,968 ----a-w C:\Documents and Settings\PEIGNON\GoToAssistDownloadHelper.exe
2008-02-13 08:48 --------- d-----w C:\Program Files\Citrix
2007-06-14 16:07 278,528 ----a-w C:\Program Files\Fichiers communs\FDEUnInstaller.exe
2007-03-22 16:02 22,845,992 ----a-w C:\Program Files\AdbeRdr80_fr_FR.exe
2004-02-11 03:00 80,014 ----a-w C:\WINDOWS\Fonts\unins000.exe
2007-10-22 12:35 8 --sha-r C:\WINDOWS\system32\E833EEC6A8.sys
2007-10-22 12:46 2,828 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
.

((((((((((((((((((((((((((((( snapshot_2008-04-10_16.20.09.79 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-04-10 15:34:30 53,248 ----a-w C:\WINDOWS\PSEXESVC.EXE
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 12:00 15360]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [ ]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 18:24 1694208]
"TomTomHOME.exe"="C:\Program Files\TomTom HOME 2\HOMERunner.exe" [2008-02-18 12:58 206184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 02:11 132496]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2005-12-20 19:38 28160 C:\WINDOWS\KHALMNPR.Exe]
"Logitech BT Wizard"="LBTWiz.exe" []
"ISUSScheduler"="C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2004-07-27 18:50 81920]
"ISUSPM Startup"="C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 18:50 221184]
"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2006-04-26 09:39 143360]
"DVDLauncher"="C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" [2005-12-09 22:29 49152]
"DLA"="C:\WINDOWS\System32\DLA\DLACTRLW.EXE" [2005-09-08 07:20 122940]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" [2005-06-23 21:33 57344]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-03-17 15:16 7561216]
"nwiz"="nwiz.exe" []
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-08-24 08:50 1838592]
"SigmatelSysTrayApp"="stsystra.exe" [2006-03-20 17:00 282624 C:\WINDOWS\stsystra.exe]
"BDMCon"="C:\Program Files\Softwin\BitDefender10\bdmcon.exe" [2008-04-10 12:35 290816]
"BDAgent"="C:\Program Files\Softwin\BitDefender10\bdagent.exe" [2007-03-26 15:49 69632]
"OoPDFSettingsv6.exe"="C:\Program Files\OFFICE One6.5\OFFICE One PDF Manager\OoPDFSettingsv6.exe" [2003-11-20 11:38 460800]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 12:00 15360]

C:\Documents and Settings\PEIGNON\Menu D‚marrer\Programmes\D‚marrage\
OFFICE One 6.5.lnk - C:\Program Files\OFFICE One6.5\program\quickstart.exe [2004-03-08 07:00:00 36864]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
BTTray.lnk - C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe [2006-06-12 19:29:50 622653]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 10:01:04 83360]
OFFICE One Clock v6.5.lnk - C:\Program Files\OFFICE One6.5\OFFICE One Clock\ooneclockv65.exe [2007-03-07 09:13:26 257536]
OFFICE One Notes v6.5.lnk - C:\Program Files\OFFICE One6.5\OFFICE One Notes\oonotesv65.exe [2007-03-07 09:11:47 559104]
Outil de mise … jour Google.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2007-04-26 14:12:41 125624]
SetPoint.lnk - C:\Program Files\SetPoint\SetPoint.exe [2007-02-28 00:51:45 532480]
SiWake.lnk - C:\Program Files\Wireless LAN Utility\SiWake.exe [2008-04-08 11:14:36 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist]
C:\Program Files\Citrix\GoToAssist\480\G2AWinLogon.dll 2008-02-13 10:48 10792 C:\Program Files\Citrix\GoToAssist\480\g2awinlogon.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
c:\program files\fichiers communs\logitech\bluetooth\LBTWlgn.dll 2006-04-27 12:30 53248 c:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTWlgn.DLL

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=sockspy.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\cadenas\\partsolutions\\software\\lic\\x86\\cnslocal.exe"=
"C:\\Program Files\\cadenas\\partsolutions\\software\\libs\\x86\\websrv.exe"=
"C:\\Program Files\\Dassault Systemes\\B16\\intel_a\\code\\bin\\orbixd.exe"=
"C:\\Program Files\\Dassault Systemes\\B16\\intel_a\\code\\bin\\CNEXT.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"80:TCP"= 80:TCP:Defaut Web Port
"443:TCP"= 443:TCP:https

R1 LUMDriver;LUMDriver;C:\WINDOWS\system32\drivers\LUMDriver.sys [2003-07-11 14:22]
R2 ASFIPmon;Broadcom ASF IP Monitor;"C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe" -service []
R2 BBDemon;Backbone Service;"C:\Program Files\Dassault Systemes\B16\intel_a\code\bin\CATSysDemon.exe" -service []
R2 SMTPSVC;Simple Mail Transfer Protocol (SMTP);C:\WINDOWS\system32\inetsrv\inetinfo.exe [2004-08-05 12:00]
R2 SQLWriter;Enregistreur VSS SQL Server;"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe" [2007-02-10 06:29]
R3 SIS163u;SiS163 USB Wireless LAN Adapter Driver;C:\WINDOWS\system32\DRIVERS\sis163u.sys [2005-11-02 10:53]
R3 SISNPF;SIS Netgroup Packet Filter;C:\WINDOWS\system32\drivers\SISNPF.sys [2005-04-14 17:02]
R3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 23:58]
R3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-05 12:00]
S2 FLEXlm License Manager;FLEXlm License Manager;C:\SEFlex\Program\lmgrd.exe [2007-09-05 14:34]
S2 MSSQL$AUTODESKVAULT;SQL Server (AUTODESKVAULT);"C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sAUTODESKVAULT []
S2 SolidWorks SolidNetWork License Manager;SolidWorks SolidNetWork License Manager;C:\FLEXLM\SolidWorks 2005 SolidNetWork License Manager\lmgrd.exe []
S3 GoToAssist;GoToAssist;"C:\Program Files\Citrix\GoToAssist\480\g2aservice.exe" Start=service []
S3 ZDCndis5;ZDCndis5 Protocol Driver;C:\WINDOWS\system32\ZDCndis5.SYS []

.
**************************************************************************

catchme 0.3.1351 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-10 17:34:51
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.
Temps d'accomplissement: 2008-04-10 17:38:25
ComboFix-quarantined-files.txt 2008-04-10 15:38:18
ComboFix2.txt 2008-04-10 14:21:14
ComboFix3.txt 2008-04-10 09:44:50
ComboFix4.txt 2008-04-09 17:40:27
ComboFix5.txt 2008-04-09 16:28:34
Pre-Run: 118,280,491,008 octets libres
Post-Run: 118,270,570,496 octets libres
.
2008-04-10 10:11:18 --- E O F ---

p3d Messages postés 30 Statut Membre > p3d Messages postés 30 Statut Membre

voila le rapport excuse moi j'ai été long mais le virus me deconnect mon anti virus m'a dit que jétais infecté par un trojan mais je n'arrive pas à le faire disparaitre.

ComboFix 08-04-09.9 - PEIGNON 2008-04-10 17:31:28.6 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.1361 [GMT 2:00]
Endroit: C:\Documents and Settings\PEIGNON\Bureau\Combo-Fix.exe
* Création d'un nouveau point de restauration
* Resident AV is active

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.
TimedOut: progfile.dat

((((((((((((((((((((((((((((( Fichiers créés 2008-03-10 to 2008-04-10 ))))))))))))))))))))))))))))))))))))
.

2008-04-10 15:01 . 2008-04-10 15:01 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-04-10 14:42 . 2008-04-10 14:42 <REP> d-------- C:\WINDOWS\LastGood
2008-04-10 14:07 . 1996-08-20 20:37 15,840 --a------ C:\WINDOWS\system32\Machnm1.exe
2008-04-10 14:07 . 2005-09-25 16:37 5,632 --a------ C:\WINDOWS\system32\Machnm64.sys
2008-04-10 14:07 . 2008-04-10 14:07 3,120 --a------ C:\WINDOWS\system32\118290.54
2008-04-10 14:07 . 2008-04-10 14:07 3,120 --a------ C:\WINDOWS\118294.78
2008-04-10 14:07 . 2003-08-13 00:27 2,304 --a------ C:\WINDOWS\system32\Machnm32.sys
2008-04-10 11:56 . 2008-04-10 12:03 <REP> d-------- C:\Documents and Settings\PEIGNON\Application Data\AVGTOOLBAR
2008-04-10 11:55 . 2008-04-10 11:55 <REP> d-------- C:\Program Files\AVG
2008-04-10 11:55 . 2008-04-10 12:14 <REP> d-------- C:\Documents and Settings\All Users\Application Data\avg8
2008-04-10 11:32 . 2008-04-10 12:07 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-04-10 08:26 . 2008-04-10 08:26 <REP> d-------- C:\Documents and Settings\PEIGNON\Application Data\Bitdefender
2008-04-10 08:25 . 2008-04-10 08:25 <REP> d-------- C:\Program Files\Softwin
2008-04-10 08:25 . 2008-04-10 08:25 <REP> d-------- C:\Program Files\Fichiers communs\Softwin
2008-04-10 08:25 . 2008-04-10 08:26 <REP> d-------- C:\Documents and Settings\All Users\Application Data\BitDefender
2008-04-09 19:20 . 2008-04-09 19:20 <REP> d-------- C:\Program Files\Trend Micro
2008-04-09 17:43 . 2008-04-10 10:21 <REP> d-------- C:\Muestras
2008-04-09 14:52 . 2008-04-09 14:52 <REP> d-------- C:\Program Files\Sophos
2008-04-08 17:58 . 2008-04-09 18:55 <REP> d-------- C:\WINDOWS\BDOSCAN8
2008-04-08 13:55 . 2008-04-08 13:55 <REP> d-------- C:\WINDOWS\dell
2008-04-08 12:23 . 2004-08-05 12:00 13,463,552 --a--c--- C:\WINDOWS\system32\dllcache\hwxjpn.dll
2008-04-08 12:22 . 2004-08-05 12:00 1,677,824 --a--c--- C:\WINDOWS\system32\dllcache\chsbrkr.dll
2008-04-08 12:21 . 2008-04-08 12:21 749 -rah----- C:\WINDOWS\WindowsShell.Manifest
2008-04-08 12:21 . 2008-04-08 12:21 749 -rah----- C:\WINDOWS\system32\wuaucpl.cpl.manifest
2008-04-08 12:21 . 2008-04-08 12:21 749 -rah----- C:\WINDOWS\system32\sapi.cpl.manifest
2008-04-08 12:21 . 2008-04-08 12:21 749 -rah----- C:\WINDOWS\system32\nwc.cpl.manifest
2008-04-08 12:21 . 2008-04-08 12:21 749 -rah----- C:\WINDOWS\system32\ncpa.cpl.manifest
2008-04-08 12:21 . 2008-04-08 12:21 488 -rah----- C:\WINDOWS\system32\logonui.exe.manifest
2008-04-08 12:19 . 2004-08-05 12:00 7,680 --a--c--- C:\WINDOWS\system32\dllcache\inetmgr.exe
2008-04-08 11:14 . 2008-04-08 11:14 <REP> d-------- C:\Program Files\Wireless LAN Utility
2008-04-08 11:06 . 2008-04-08 11:06 <REP> d-------- C:\Program Files\SiSWLAN
2008-04-08 11:06 . 2005-11-02 10:53 215,552 --a------ C:\WINDOWS\system32\drivers\sis163u.sys
2008-04-08 11:06 . 2005-08-04 17:28 49,152 --a------ C:\WINDOWS\system32\unWdWu.exe
2008-04-08 11:06 . 2005-04-14 17:02 31,872 --a------ C:\WINDOWS\system32\drivers\sisnpf.sys
2008-04-08 11:06 . 2008-04-08 11:06 0 --a------ C:\WINDOWS\system32\wunilog.ini
2008-04-08 10:22 . 2008-04-08 10:22 6,656 --ahs---- C:\WINDOWS\system32\Thumbs.db
2008-04-07 18:09 . 2008-04-10 08:34 <REP> d-------- C:\WINDOWS\system32\drivers\downld
2008-04-04 10:20 . 2008-04-04 10:20 <REP> d-------- C:\Program Files\Dassault Systemes
2008-04-04 10:17 . 2008-04-04 10:17 <REP> d-------- C:\Documents and Settings\PEIGNON\Application Data\DassaultSystemes
2008-04-04 10:17 . 2008-04-04 10:20 <REP> d-------- C:\Documents and Settings\All Users\Application Data\DassaultSystemes
2008-04-03 09:42 . 2008-04-03 09:42 <REP> d-------- C:\SEFlex
2008-04-03 09:41 . 2008-04-03 09:41 <REP> d-------- C:\Program Files\Solid Edge Data Migration Component
2008-04-03 09:40 . 2008-04-03 09:40 <REP> d-------- C:\Program Files\Rainbow Technologies
2008-04-03 09:39 . 2008-04-03 09:39 <REP> d-------- C:\Program Files\Solid Edge Electrode Design V20
2008-04-03 09:38 . 2008-04-03 09:38 <REP> d-------- C:\Program Files\Solid Edge Mold Tooling V20
2008-04-03 09:29 . 2008-04-03 09:29 <REP> d-------- C:\Solid Edge Standard Parts
2008-04-03 09:29 . 2008-04-03 09:29 <REP> d-------- C:\Documents and Settings\PEIGNON\Application Data\Unigraphics Solutions
2008-04-03 09:26 . 2008-04-03 09:26 <REP> d-------- C:\SOApolicies
2008-04-03 09:26 . 2008-04-03 09:26 <REP> d-------- C:\Program Files\Solid Edge Tc Administrator V20
2008-04-03 09:26 . 2008-04-03 09:26 <REP> d-------- C:\Change This Folder
2008-04-03 09:11 . 2008-04-03 09:19 <REP> d-------- C:\Program Files\Solid Edge V20
2008-04-02 14:16 . 2008-04-08 11:36 76,974 --a------ C:\WINDOWS\setupapi.old
2008-03-13 11:14 . 2008-03-13 11:15 <REP> d-------- C:\Program Files\AOEMView 2008

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-10 15:32 81,984 ----a-w C:\WINDOWS\system32\bdod.bin
2008-04-10 14:43 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-04-10 10:29 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
2008-04-08 12:59 --------- d-----w C:\Program Files\SetPoint
2008-04-08 07:27 81,920 ----a-w C:\WINDOWS\system32\W32N50.dll
2008-04-08 07:27 17,134 ----a-w C:\WINDOWS\system32\PCANDIS5.sys
2008-03-26 13:00 262,360 ----a-w C:\Documents and Settings\PEIGNON\Application Data\GDIPFONTCACHEV1.DAT
2008-03-13 09:20 --------- d-----w C:\Program Files\Fichiers communs\Autodesk Shared
2008-03-13 09:14 --------- d-----w C:\Documents and Settings\All Users\Application Data\Autodesk
2008-02-26 08:32 --------- d-----w C:\Program Files\Danfoss Socla 2007
2008-02-26 08:24 --------- d-----w C:\Documents and Settings\PEIGNON\Application Data\cadenas
2008-02-14 17:24 --------- d-----w C:\Program Files\TomTom HOME 2
2008-02-14 17:24 --------- d-----w C:\Program Files\TomTom HOME
2008-02-14 17:24 --------- d-----w C:\Documents and Settings\PEIGNON\Application Data\TomTom
2008-02-14 16:50 --------- d-----w C:\Documents and Settings\All Users\Application Data\TomTom
2008-02-13 08:53 --------- d-----w C:\Program Files\Dell
2008-02-13 08:49 --------- d-----w C:\Documents and Settings\All Users\Application Data\Citrix
2008-02-13 08:48 60,968 ----a-w C:\Documents and Settings\PEIGNON\GoToAssistDownloadHelper.exe
2008-02-13 08:48 --------- d-----w C:\Program Files\Citrix
2007-06-14 16:07 278,528 ----a-w C:\Program Files\Fichiers communs\FDEUnInstaller.exe
2007-03-22 16:02 22,845,992 ----a-w C:\Program Files\AdbeRdr80_fr_FR.exe
2004-02-11 03:00 80,014 ----a-w C:\WINDOWS\Fonts\unins000.exe
2007-10-22 12:35 8 --sha-r C:\WINDOWS\system32\E833EEC6A8.sys
2007-10-22 12:46 2,828 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
.

((((((((((((((((((((((((((((( snapshot_2008-04-10_16.20.09.79 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-04-10 15:34:30 53,248 ----a-w C:\WINDOWS\PSEXESVC.EXE
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 12:00 15360]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [ ]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 18:24 1694208]
"TomTomHOME.exe"="C:\Program Files\TomTom HOME 2\HOMERunner.exe" [2008-02-18 12:58 206184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 02:11 132496]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2005-12-20 19:38 28160 C:\WINDOWS\KHALMNPR.Exe]
"Logitech BT Wizard"="LBTWiz.exe" []
"ISUSScheduler"="C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2004-07-27 18:50 81920]
"ISUSPM Startup"="C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 18:50 221184]
"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2006-04-26 09:39 143360]
"DVDLauncher"="C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" [2005-12-09 22:29 49152]
"DLA"="C:\WINDOWS\System32\DLA\DLACTRLW.EXE" [2005-09-08 07:20 122940]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" [2005-06-23 21:33 57344]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-03-17 15:16 7561216]
"nwiz"="nwiz.exe" []
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-08-24 08:50 1838592]
"SigmatelSysTrayApp"="stsystra.exe" [2006-03-20 17:00 282624 C:\WINDOWS\stsystra.exe]
"BDMCon"="C:\Program Files\Softwin\BitDefender10\bdmcon.exe" [2008-04-10 12:35 290816]
"BDAgent"="C:\Program Files\Softwin\BitDefender10\bdagent.exe" [2007-03-26 15:49 69632]
"OoPDFSettingsv6.exe"="C:\Program Files\OFFICE One6.5\OFFICE One PDF Manager\OoPDFSettingsv6.exe" [2003-11-20 11:38 460800]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 12:00 15360]

C:\Documents and Settings\PEIGNON\Menu D‚marrer\Programmes\D‚marrage\
OFFICE One 6.5.lnk - C:\Program Files\OFFICE One6.5\program\quickstart.exe [2004-03-08 07:00:00 36864]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
BTTray.lnk - C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe [2006-06-12 19:29:50 622653]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 10:01:04 83360]
OFFICE One Clock v6.5.lnk - C:\Program Files\OFFICE One6.5\OFFICE One Clock\ooneclockv65.exe [2007-03-07 09:13:26 257536]
OFFICE One Notes v6.5.lnk - C:\Program Files\OFFICE One6.5\OFFICE One Notes\oonotesv65.exe [2007-03-07 09:11:47 559104]
Outil de mise … jour Google.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2007-04-26 14:12:41 125624]
SetPoint.lnk - C:\Program Files\SetPoint\SetPoint.exe [2007-02-28 00:51:45 532480]
SiWake.lnk - C:\Program Files\Wireless LAN Utility\SiWake.exe [2008-04-08 11:14:36 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist]
C:\Program Files\Citrix\GoToAssist\480\G2AWinLogon.dll 2008-02-13 10:48 10792 C:\Program Files\Citrix\GoToAssist\480\g2awinlogon.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
c:\program files\fichiers communs\logitech\bluetooth\LBTWlgn.dll 2006-04-27 12:30 53248 c:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTWlgn.DLL

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=sockspy.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\cadenas\\partsolutions\\software\\lic\\x86\\cnslocal.exe"=
"C:\\Program Files\\cadenas\\partsolutions\\software\\libs\\x86\\websrv.exe"=
"C:\\Program Files\\Dassault Systemes\\B16\\intel_a\\code\\bin\\orbixd.exe"=
"C:\\Program Files\\Dassault Systemes\\B16\\intel_a\\code\\bin\\CNEXT.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"80:TCP"= 80:TCP:Defaut Web Port
"443:TCP"= 443:TCP:https

R1 LUMDriver;LUMDriver;C:\WINDOWS\system32\drivers\LUMDriver.sys [2003-07-11 14:22]
R2 ASFIPmon;Broadcom ASF IP Monitor;"C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe" -service []
R2 BBDemon;Backbone Service;"C:\Program Files\Dassault Systemes\B16\intel_a\code\bin\CATSysDemon.exe" -service []
R2 SMTPSVC;Simple Mail Transfer Protocol (SMTP);C:\WINDOWS\system32\inetsrv\inetinfo.exe [2004-08-05 12:00]
R2 SQLWriter;Enregistreur VSS SQL Server;"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe" [2007-02-10 06:29]
R3 SIS163u;SiS163 USB Wireless LAN Adapter Driver;C:\WINDOWS\system32\DRIVERS\sis163u.sys [2005-11-02 10:53]
R3 SISNPF;SIS Netgroup Packet Filter;C:\WINDOWS\system32\drivers\SISNPF.sys [2005-04-14 17:02]
R3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 23:58]
R3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-05 12:00]
S2 FLEXlm License Manager;FLEXlm License Manager;C:\SEFlex\Program\lmgrd.exe [2007-09-05 14:34]
S2 MSSQL$AUTODESKVAULT;SQL Server (AUTODESKVAULT);"C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sAUTODESKVAULT []
S2 SolidWorks SolidNetWork License Manager;SolidWorks SolidNetWork License Manager;C:\FLEXLM\SolidWorks 2005 SolidNetWork License Manager\lmgrd.exe []
S3 GoToAssist;GoToAssist;"C:\Program Files\Citrix\GoToAssist\480\g2aservice.exe" Start=service []
S3 ZDCndis5;ZDCndis5 Protocol Driver;C:\WINDOWS\system32\ZDCndis5.SYS []

.
**************************************************************************

catchme 0.3.1351 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-10 17:34:51
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.
Temps d'accomplissement: 2008-04-10 17:38:25
ComboFix-quarantined-files.txt 2008-04-10 15:38:18
ComboFix2.txt 2008-04-10 14:21:14
ComboFix3.txt 2008-04-10 09:44:50
ComboFix4.txt 2008-04-09 17:40:27
ComboFix5.txt 2008-04-09 16:28:34
Pre-Run: 118,280,491,008 octets libres
Post-Run: 118,270,570,496 octets libres
.
2008-04-10 10:11:18 --- E O F ---

p3d Messages postés 30 Statut Membre > p3d Messages postés 30 Statut Membre

voila le rapport excuse moi j'ai été long mais le virus me deconnect mon anti virus m'a dit que jétais infecté par un trojan mais je n'arrive pas à le faire disparaitre.

ComboFix 08-04-09.9 - PEIGNON 2008-04-10 17:31:28.6 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.1361 [GMT 2:00]
Endroit: C:\Documents and Settings\PEIGNON\Bureau\Combo-Fix.exe
* Création d'un nouveau point de restauration
* Resident AV is active

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.
TimedOut: progfile.dat

((((((((((((((((((((((((((((( Fichiers créés 2008-03-10 to 2008-04-10 ))))))))))))))))))))))))))))))))))))
.

2008-04-10 15:01 . 2008-04-10 15:01 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-04-10 14:42 . 2008-04-10 14:42 <REP> d-------- C:\WINDOWS\LastGood
2008-04-10 14:07 . 1996-08-20 20:37 15,840 --a------ C:\WINDOWS\system32\Machnm1.exe
2008-04-10 14:07 . 2005-09-25 16:37 5,632 --a------ C:\WINDOWS\system32\Machnm64.sys
2008-04-10 14:07 . 2008-04-10 14:07 3,120 --a------ C:\WINDOWS\system32\118290.54
2008-04-10 14:07 . 2008-04-10 14:07 3,120 --a------ C:\WINDOWS\118294.78
2008-04-10 14:07 . 2003-08-13 00:27 2,304 --a------ C:\WINDOWS\system32\Machnm32.sys
2008-04-10 11:56 . 2008-04-10 12:03 <REP> d-------- C:\Documents and Settings\PEIGNON\Application Data\AVGTOOLBAR
2008-04-10 11:55 . 2008-04-10 11:55 <REP> d-------- C:\Program Files\AVG
2008-04-10 11:55 . 2008-04-10 12:14 <REP> d-------- C:\Documents and Settings\All Users\Application Data\avg8
2008-04-10 11:32 . 2008-04-10 12:07 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-04-10 08:26 . 2008-04-10 08:26 <REP> d-------- C:\Documents and Settings\PEIGNON\Application Data\Bitdefender
2008-04-10 08:25 . 2008-04-10 08:25 <REP> d-------- C:\Program Files\Softwin
2008-04-10 08:25 . 2008-04-10 08:25 <REP> d-------- C:\Program Files\Fichiers communs\Softwin
2008-04-10 08:25 . 2008-04-10 08:26 <REP> d-------- C:\Documents and Settings\All Users\Application Data\BitDefender
2008-04-09 19:20 . 2008-04-09 19:20 <REP> d-------- C:\Program Files\Trend Micro
2008-04-09 17:43 . 2008-04-10 10:21 <REP> d-------- C:\Muestras
2008-04-09 14:52 . 2008-04-09 14:52 <REP> d-------- C:\Program Files\Sophos
2008-04-08 17:58 . 2008-04-09 18:55 <REP> d-------- C:\WINDOWS\BDOSCAN8
2008-04-08 13:55 . 2008-04-08 13:55 <REP> d-------- C:\WINDOWS\dell
2008-04-08 12:23 . 2004-08-05 12:00 13,463,552 --a--c--- C:\WINDOWS\system32\dllcache\hwxjpn.dll
2008-04-08 12:22 . 2004-08-05 12:00 1,677,824 --a--c--- C:\WINDOWS\system32\dllcache\chsbrkr.dll
2008-04-08 12:21 . 2008-04-08 12:21 749 -rah----- C:\WINDOWS\WindowsShell.Manifest
2008-04-08 12:21 . 2008-04-08 12:21 749 -rah----- C:\WINDOWS\system32\wuaucpl.cpl.manifest
2008-04-08 12:21 . 2008-04-08 12:21 749 -rah----- C:\WINDOWS\system32\sapi.cpl.manifest
2008-04-08 12:21 . 2008-04-08 12:21 749 -rah----- C:\WINDOWS\system32\nwc.cpl.manifest
2008-04-08 12:21 . 2008-04-08 12:21 749 -rah----- C:\WINDOWS\system32\ncpa.cpl.manifest
2008-04-08 12:21 . 2008-04-08 12:21 488 -rah----- C:\WINDOWS\system32\logonui.exe.manifest
2008-04-08 12:19 . 2004-08-05 12:00 7,680 --a--c--- C:\WINDOWS\system32\dllcache\inetmgr.exe
2008-04-08 11:14 . 2008-04-08 11:14 <REP> d-------- C:\Program Files\Wireless LAN Utility
2008-04-08 11:06 . 2008-04-08 11:06 <REP> d-------- C:\Program Files\SiSWLAN
2008-04-08 11:06 . 2005-11-02 10:53 215,552 --a------ C:\WINDOWS\system32\drivers\sis163u.sys
2008-04-08 11:06 . 2005-08-04 17:28 49,152 --a------ C:\WINDOWS\system32\unWdWu.exe
2008-04-08 11:06 . 2005-04-14 17:02 31,872 --a------ C:\WINDOWS\system32\drivers\sisnpf.sys
2008-04-08 11:06 . 2008-04-08 11:06 0 --a------ C:\WINDOWS\system32\wunilog.ini
2008-04-08 10:22 . 2008-04-08 10:22 6,656 --ahs---- C:\WINDOWS\system32\Thumbs.db
2008-04-07 18:09 . 2008-04-10 08:34 <REP> d-------- C:\WINDOWS\system32\drivers\downld
2008-04-04 10:20 . 2008-04-04 10:20 <REP> d-------- C:\Program Files\Dassault Systemes
2008-04-04 10:17 . 2008-04-04 10:17 <REP> d-------- C:\Documents and Settings\PEIGNON\Application Data\DassaultSystemes
2008-04-04 10:17 . 2008-04-04 10:20 <REP> d-------- C:\Documents and Settings\All Users\Application Data\DassaultSystemes
2008-04-03 09:42 . 2008-04-03 09:42 <REP> d-------- C:\SEFlex
2008-04-03 09:41 . 2008-04-03 09:41 <REP> d-------- C:\Program Files\Solid Edge Data Migration Component
2008-04-03 09:40 . 2008-04-03 09:40 <REP> d-------- C:\Program Files\Rainbow Technologies
2008-04-03 09:39 . 2008-04-03 09:39 <REP> d-------- C:\Program Files\Solid Edge Electrode Design V20
2008-04-03 09:38 . 2008-04-03 09:38 <REP> d-------- C:\Program Files\Solid Edge Mold Tooling V20
2008-04-03 09:29 . 2008-04-03 09:29 <REP> d-------- C:\Solid Edge Standard Parts
2008-04-03 09:29 . 2008-04-03 09:29 <REP> d-------- C:\Documents and Settings\PEIGNON\Application Data\Unigraphics Solutions
2008-04-03 09:26 . 2008-04-03 09:26 <REP> d-------- C:\SOApolicies
2008-04-03 09:26 . 2008-04-03 09:26 <REP> d-------- C:\Program Files\Solid Edge Tc Administrator V20
2008-04-03 09:26 . 2008-04-03 09:26 <REP> d-------- C:\Change This Folder
2008-04-03 09:11 . 2008-04-03 09:19 <REP> d-------- C:\Program Files\Solid Edge V20
2008-04-02 14:16 . 2008-04-08 11:36 76,974 --a------ C:\WINDOWS\setupapi.old
2008-03-13 11:14 . 2008-03-13 11:15 <REP> d-------- C:\Program Files\AOEMView 2008

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-10 15:32 81,984 ----a-w C:\WINDOWS\system32\bdod.bin
2008-04-10 14:43 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-04-10 10:29 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
2008-04-08 12:59 --------- d-----w C:\Program Files\SetPoint
2008-04-08 07:27 81,920 ----a-w C:\WINDOWS\system32\W32N50.dll
2008-04-08 07:27 17,134 ----a-w C:\WINDOWS\system32\PCANDIS5.sys
2008-03-26 13:00 262,360 ----a-w C:\Documents and Settings\PEIGNON\Application Data\GDIPFONTCACHEV1.DAT
2008-03-13 09:20 --------- d-----w C:\Program Files\Fichiers communs\Autodesk Shared
2008-03-13 09:14 --------- d-----w C:\Documents and Settings\All Users\Application Data\Autodesk
2008-02-26 08:32 --------- d-----w C:\Program Files\Danfoss Socla 2007
2008-02-26 08:24 --------- d-----w C:\Documents and Settings\PEIGNON\Application Data\cadenas
2008-02-14 17:24 --------- d-----w C:\Program Files\TomTom HOME 2
2008-02-14 17:24 --------- d-----w C:\Program Files\TomTom HOME
2008-02-14 17:24 --------- d-----w C:\Documents and Settings\PEIGNON\Application Data\TomTom
2008-02-14 16:50 --------- d-----w C:\Documents and Settings\All Users\Application Data\TomTom
2008-02-13 08:53 --------- d-----w C:\Program Files\Dell
2008-02-13 08:49 --------- d-----w C:\Documents and Settings\All Users\Application Data\Citrix
2008-02-13 08:48 60,968 ----a-w C:\Documents and Settings\PEIGNON\GoToAssistDownloadHelper.exe
2008-02-13 08:48 --------- d-----w C:\Program Files\Citrix
2007-06-14 16:07 278,528 ----a-w C:\Program Files\Fichiers communs\FDEUnInstaller.exe
2007-03-22 16:02 22,845,992 ----a-w C:\Program Files\AdbeRdr80_fr_FR.exe
2004-02-11 03:00 80,014 ----a-w C:\WINDOWS\Fonts\unins000.exe
2007-10-22 12:35 8 --sha-r C:\WINDOWS\system32\E833EEC6A8.sys
2007-10-22 12:46 2,828 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
.

((((((((((((((((((((((((((((( snapshot_2008-04-10_16.20.09.79 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-04-10 15:34:30 53,248 ----a-w C:\WINDOWS\PSEXESVC.EXE
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 12:00 15360]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [ ]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 18:24 1694208]
"TomTomHOME.exe"="C:\Program Files\TomTom HOME 2\HOMERunner.exe" [2008-02-18 12:58 206184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 02:11 132496]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2005-12-20 19:38 28160 C:\WINDOWS\KHALMNPR.Exe]
"Logitech BT Wizard"="LBTWiz.exe" []
"ISUSScheduler"="C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2004-07-27 18:50 81920]
"ISUSPM Startup"="C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 18:50 221184]
"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2006-04-26 09:39 143360]
"DVDLauncher"="C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" [2005-12-09 22:29 49152]
"DLA"="C:\WINDOWS\System32\DLA\DLACTRLW.EXE" [2005-09-08 07:20 122940]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" [2005-06-23 21:33 57344]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-03-17 15:16 7561216]
"nwiz"="nwiz.exe" []
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-08-24 08:50 1838592]
"SigmatelSysTrayApp"="stsystra.exe" [2006-03-20 17:00 282624 C:\WINDOWS\stsystra.exe]
"BDMCon"="C:\Program Files\Softwin\BitDefender10\bdmcon.exe" [2008-04-10 12:35 290816]
"BDAgent"="C:\Program Files\Softwin\BitDefender10\bdagent.exe" [2007-03-26 15:49 69632]
"OoPDFSettingsv6.exe"="C:\Program Files\OFFICE One6.5\OFFICE One PDF Manager\OoPDFSettingsv6.exe" [2003-11-20 11:38 460800]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 12:00 15360]

C:\Documents and Settings\PEIGNON\Menu D‚marrer\Programmes\D‚marrage\
OFFICE One 6.5.lnk - C:\Program Files\OFFICE One6.5\program\quickstart.exe [2004-03-08 07:00:00 36864]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
BTTray.lnk - C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe [2006-06-12 19:29:50 622653]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 10:01:04 83360]
OFFICE One Clock v6.5.lnk - C:\Program Files\OFFICE One6.5\OFFICE One Clock\ooneclockv65.exe [2007-03-07 09:13:26 257536]
OFFICE One Notes v6.5.lnk - C:\Program Files\OFFICE One6.5\OFFICE One Notes\oonotesv65.exe [2007-03-07 09:11:47 559104]
Outil de mise … jour Google.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2007-04-26 14:12:41 125624]
SetPoint.lnk - C:\Program Files\SetPoint\SetPoint.exe [2007-02-28 00:51:45 532480]
SiWake.lnk - C:\Program Files\Wireless LAN Utility\SiWake.exe [2008-04-08 11:14:36 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist]
C:\Program Files\Citrix\GoToAssist\480\G2AWinLogon.dll 2008-02-13 10:48 10792 C:\Program Files\Citrix\GoToAssist\480\g2awinlogon.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
c:\program files\fichiers communs\logitech\bluetooth\LBTWlgn.dll 2006-04-27 12:30 53248 c:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTWlgn.DLL

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=sockspy.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\cadenas\\partsolutions\\software\\lic\\x86\\cnslocal.exe"=
"C:\\Program Files\\cadenas\\partsolutions\\software\\libs\\x86\\websrv.exe"=
"C:\\Program Files\\Dassault Systemes\\B16\\intel_a\\code\\bin\\orbixd.exe"=
"C:\\Program Files\\Dassault Systemes\\B16\\intel_a\\code\\bin\\CNEXT.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"80:TCP"= 80:TCP:Defaut Web Port
"443:TCP"= 443:TCP:https

R1 LUMDriver;LUMDriver;C:\WINDOWS\system32\drivers\LUMDriver.sys [2003-07-11 14:22]
R2 ASFIPmon;Broadcom ASF IP Monitor;"C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe" -service []
R2 BBDemon;Backbone Service;"C:\Program Files\Dassault Systemes\B16\intel_a\code\bin\CATSysDemon.exe" -service []
R2 SMTPSVC;Simple Mail Transfer Protocol (SMTP);C:\WINDOWS\system32\inetsrv\inetinfo.exe [2004-08-05 12:00]
R2 SQLWriter;Enregistreur VSS SQL Server;"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe" [2007-02-10 06:29]
R3 SIS163u;SiS163 USB Wireless LAN Adapter Driver;C:\WINDOWS\system32\DRIVERS\sis163u.sys [2005-11-02 10:53]
R3 SISNPF;SIS Netgroup Packet Filter;C:\WINDOWS\system32\drivers\SISNPF.sys [2005-04-14 17:02]
R3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 23:58]
R3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-05 12:00]
S2 FLEXlm License Manager;FLEXlm License Manager;C:\SEFlex\Program\lmgrd.exe [2007-09-05 14:34]
S2 MSSQL$AUTODESKVAULT;SQL Server (AUTODESKVAULT);"C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sAUTODESKVAULT []
S2 SolidWorks SolidNetWork License Manager;SolidWorks SolidNetWork License Manager;C:\FLEXLM\SolidWorks 2005 SolidNetWork License Manager\lmgrd.exe []
S3 GoToAssist;GoToAssist;"C:\Program Files\Citrix\GoToAssist\480\g2aservice.exe" Start=service []
S3 ZDCndis5;ZDCndis5 Protocol Driver;C:\WINDOWS\system32\ZDCndis5.SYS []

.
**************************************************************************

catchme 0.3.1351 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-10 17:34:51
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.
Temps d'accomplissement: 2008-04-10 17:38:25
ComboFix-quarantined-files.txt 2008-04-10 15:38:18
ComboFix2.txt 2008-04-10 14:21:14
ComboFix3.txt 2008-04-10 09:44:50
ComboFix4.txt 2008-04-09 17:40:27
ComboFix5.txt 2008-04-09 16:28:34
Pre-Run: 118,280,491,008 octets libres
Post-Run: 118,270,570,496 octets libres
.
2008-04-10 10:11:18 --- E O F ---

p3d Messages postés 30 Statut Membre

voila le rapport excuse moi j'ai été long mais le virus me deconnect mon anti virus m'a dit que jétais infecté par un trojan mais je n'arrive pas à le faire disparaitre.

ComboFix 08-04-09.9 - PEIGNON 2008-04-10 17:31:28.6 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.1361 [GMT 2:00]
Endroit: C:\Documents and Settings\PEIGNON\Bureau\Combo-Fix.exe
* Création d'un nouveau point de restauration
* Resident AV is active

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!/b/color
.
TimedOut: progfile.dat

((((((((((((((((((((((((((((( Fichiers créés 2008-03-10 to 2008-04-10 ))))))))))))))))))))))))))))))))))))
.

2008-04-10 15:01 . 2008-04-10 15:01 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-04-10 14:42 . 2008-04-10 14:42 <REP> d-------- C:\WINDOWS\LastGood
2008-04-10 14:07 . 1996-08-20 20:37 15,840 --a------ C:\WINDOWS\system32\Machnm1.exe
2008-04-10 14:07 . 2005-09-25 16:37 5,632 --a------ C:\WINDOWS\system32\Machnm64.sys
2008-04-10 14:07 . 2008-04-10 14:07 3,120 --a------ C:\WINDOWS\system32\118290.54
2008-04-10 14:07 . 2008-04-10 14:07 3,120 --a------ C:\WINDOWS\118294.78
2008-04-10 14:07 . 2003-08-13 00:27 2,304 --a------ C:\WINDOWS\system32\Machnm32.sys
2008-04-10 11:56 . 2008-04-10 12:03 <REP> d-------- C:\Documents and Settings\PEIGNON\Application Data\AVGTOOLBAR
2008-04-10 11:55 . 2008-04-10 11:55 <REP> d-------- C:\Program Files\AVG
2008-04-10 11:55 . 2008-04-10 12:14 <REP> d-------- C:\Documents and Settings\All Users\Application Data\avg8
2008-04-10 11:32 . 2008-04-10 12:07 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-04-10 08:26 . 2008-04-10 08:26 <REP> d-------- C:\Documents and Settings\PEIGNON\Application Data\Bitdefender
2008-04-10 08:25 . 2008-04-10 08:25 <REP> d-------- C:\Program Files\Softwin
2008-04-10 08:25 . 2008-04-10 08:25 <REP> d-------- C:\Program Files\Fichiers communs\Softwin
2008-04-10 08:25 . 2008-04-10 08:26 <REP> d-------- C:\Documents and Settings\All Users\Application Data\BitDefender
2008-04-09 19:20 . 2008-04-09 19:20 <REP> d-------- C:\Program Files\Trend Micro
2008-04-09 17:43 . 2008-04-10 10:21 <REP> d-------- C:\Muestras
2008-04-09 14:52 . 2008-04-09 14:52 <REP> d-------- C:\Program Files\Sophos
2008-04-08 17:58 . 2008-04-09 18:55 <REP> d-------- C:\WINDOWS\BDOSCAN8
2008-04-08 13:55 . 2008-04-08 13:55 <REP> d-------- C:\WINDOWS\dell
2008-04-08 12:23 . 2004-08-05 12:00 13,463,552 --a--c--- C:\WINDOWS\system32\dllcache\hwxjpn.dll
2008-04-08 12:22 . 2004-08-05 12:00 1,677,824 --a--c--- C:\WINDOWS\system32\dllcache\chsbrkr.dll
2008-04-08 12:21 . 2008-04-08 12:21 749 -rah----- C:\WINDOWS\WindowsShell.Manifest
2008-04-08 12:21 . 2008-04-08 12:21 749 -rah----- C:\WINDOWS\system32\wuaucpl.cpl.manifest
2008-04-08 12:21 . 2008-04-08 12:21 749 -rah----- C:\WINDOWS\system32\sapi.cpl.manifest
2008-04-08 12:21 . 2008-04-08 12:21 749 -rah----- C:\WINDOWS\system32\nwc.cpl.manifest
2008-04-08 12:21 . 2008-04-08 12:21 749 -rah----- C:\WINDOWS\system32\ncpa.cpl.manifest
2008-04-08 12:21 . 2008-04-08 12:21 488 -rah----- C:\WINDOWS\system32\logonui.exe.manifest
2008-04-08 12:19 . 2004-08-05 12:00 7,680 --a--c--- C:\WINDOWS\system32\dllcache\inetmgr.exe
2008-04-08 11:14 . 2008-04-08 11:14 <REP> d-------- C:\Program Files\Wireless LAN Utility
2008-04-08 11:06 . 2008-04-08 11:06 <REP> d-------- C:\Program Files\SiSWLAN
2008-04-08 11:06 . 2005-11-02 10:53 215,552 --a------ C:\WINDOWS\system32\drivers\sis163u.sys
2008-04-08 11:06 . 2005-08-04 17:28 49,152 --a------ C:\WINDOWS\system32\unWdWu.exe
2008-04-08 11:06 . 2005-04-14 17:02 31,872 --a------ C:\WINDOWS\system32\drivers\sisnpf.sys
2008-04-08 11:06 . 2008-04-08 11:06 0 --a------ C:\WINDOWS\system32\wunilog.ini
2008-04-08 10:22 . 2008-04-08 10:22 6,656 --ahs---- C:\WINDOWS\system32\Thumbs.db
2008-04-07 18:09 . 2008-04-10 08:34 <REP> d-------- C:\WINDOWS\system32\drivers\downld
2008-04-04 10:20 . 2008-04-04 10:20 <REP> d-------- C:\Program Files\Dassault Systemes
2008-04-04 10:17 . 2008-04-04 10:17 <REP> d-------- C:\Documents and Settings\PEIGNON\Application Data\DassaultSystemes
2008-04-04 10:17 . 2008-04-04 10:20 <REP> d-------- C:\Documents and Settings\All Users\Application Data\DassaultSystemes
2008-04-03 09:42 . 2008-04-03 09:42 <REP> d-------- C:\SEFlex
2008-04-03 09:41 . 2008-04-03 09:41 <REP> d-------- C:\Program Files\Solid Edge Data Migration Component
2008-04-03 09:40 . 2008-04-03 09:40 <REP> d-------- C:\Program Files\Rainbow Technologies
2008-04-03 09:39 . 2008-04-03 09:39 <REP> d-------- C:\Program Files\Solid Edge Electrode Design V20
2008-04-03 09:38 . 2008-04-03 09:38 <REP> d-------- C:\Program Files\Solid Edge Mold Tooling V20
2008-04-03 09:29 . 2008-04-03 09:29 <REP> d-------- C:\Solid Edge Standard Parts
2008-04-03 09:29 . 2008-04-03 09:29 <REP> d-------- C:\Documents and Settings\PEIGNON\Application Data\Unigraphics Solutions
2008-04-03 09:26 . 2008-04-03 09:26 <REP> d-------- C:\SOApolicies
2008-04-03 09:26 . 2008-04-03 09:26 <REP> d-------- C:\Program Files\Solid Edge Tc Administrator V20
2008-04-03 09:26 . 2008-04-03 09:26 <REP> d-------- C:\Change This Folder
2008-04-03 09:11 . 2008-04-03 09:19 <REP> d-------- C:\Program Files\Solid Edge V20
2008-04-02 14:16 . 2008-04-08 11:36 76,974 --a------ C:\WINDOWS\setupapi.old
2008-03-13 11:14 . 2008-03-13 11:15 <REP> d-------- C:\Program Files\AOEMView 2008

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-10 15:32 81,984 ----a-w C:\WINDOWS\system32\bdod.bin
2008-04-10 14:43 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-04-10 10:29 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
2008-04-08 12:59 --------- d-----w C:\Program Files\SetPoint
2008-04-08 07:27 81,920 ----a-w C:\WINDOWS\system32\W32N50.dll
2008-04-08 07:27 17,134 ----a-w C:\WINDOWS\system32\PCANDIS5.sys
2008-03-26 13:00 262,360 ----a-w C:\Documents and Settings\PEIGNON\Application Data\GDIPFONTCACHEV1.DAT
2008-03-13 09:20 --------- d-----w C:\Program Files\Fichiers communs\Autodesk Shared
2008-03-13 09:14 --------- d-----w C:\Documents and Settings\All Users\Application Data\Autodesk
2008-02-26 08:32 --------- d-----w C:\Program Files\Danfoss Socla 2007
2008-02-26 08:24 --------- d-----w C:\Documents and Settings\PEIGNON\Application Data\cadenas
2008-02-14 17:24 --------- d-----w C:\Program Files\TomTom HOME 2
2008-02-14 17:24 --------- d-----w C:\Program Files\TomTom HOME
2008-02-14 17:24 --------- d-----w C:\Documents and Settings\PEIGNON\Application Data\TomTom
2008-02-14 16:50 --------- d-----w C:\Documents and Settings\All Users\Application Data\TomTom
2008-02-13 08:53 --------- d-----w C:\Program Files\Dell
2008-02-13 08:49 --------- d-----w C:\Documents and Settings\All Users\Application Data\Citrix
2008-02-13 08:48 60,968 ----a-w C:\Documents and Settings\PEIGNON\GoToAssistDownloadHelper.exe
2008-02-13 08:48 --------- d-----w C:\Program Files\Citrix
2007-06-14 16:07 278,528 ----a-w C:\Program Files\Fichiers communs\FDEUnInstaller.exe
2007-03-22 16:02 22,845,992 ----a-w C:\Program Files\AdbeRdr80_fr_FR.exe
2004-02-11 03:00 80,014 ----a-w C:\WINDOWS\Fonts\unins000.exe
2007-10-22 12:35 8 --sha-r C:\WINDOWS\system32\E833EEC6A8.sys
2007-10-22 12:46 2,828 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
.

((((((((((((((((((((((((((((( snapshot_2008-04-10_16.20.09.79 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-04-10 15:34:30 53,248 ----a-w C:\WINDOWS\PSEXESVC.EXE
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 12:00 15360]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [ ]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 18:24 1694208]
"TomTomHOME.exe"="C:\Program Files\TomTom HOME 2\HOMERunner.exe" [2008-02-18 12:58 206184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 02:11 132496]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2005-12-20 19:38 28160 C:\WINDOWS\KHALMNPR.Exe]
"Logitech BT Wizard"="LBTWiz.exe" []
"ISUSScheduler"="C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2004-07-27 18:50 81920]
"ISUSPM Startup"="C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 18:50 221184]
"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2006-04-26 09:39 143360]
"DVDLauncher"="C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" [2005-12-09 22:29 49152]
"DLA"="C:\WINDOWS\System32\DLA\DLACTRLW.EXE" [2005-09-08 07:20 122940]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" [2005-06-23 21:33 57344]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-03-17 15:16 7561216]
"nwiz"="nwiz.exe" []
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-08-24 08:50 1838592]
"SigmatelSysTrayApp"="stsystra.exe" [2006-03-20 17:00 282624 C:\WINDOWS\stsystra.exe]
"BDMCon"="C:\Program Files\Softwin\BitDefender10\bdmcon.exe" [2008-04-10 12:35 290816]
"BDAgent"="C:\Program Files\Softwin\BitDefender10\bdagent.exe" [2007-03-26 15:49 69632]
"OoPDFSettingsv6.exe"="C:\Program Files\OFFICE One6.5\OFFICE One PDF Manager\OoPDFSettingsv6.exe" [2003-11-20 11:38 460800]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 12:00 15360]

C:\Documents and Settings\PEIGNON\Menu D‚marrer\Programmes\D‚marrage\
OFFICE One 6.5.lnk - C:\Program Files\OFFICE One6.5\program\quickstart.exe [2004-03-08 07:00:00 36864]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
BTTray.lnk - C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe [2006-06-12 19:29:50 622653]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 10:01:04 83360]
OFFICE One Clock v6.5.lnk - C:\Program Files\OFFICE One6.5\OFFICE One Clock\ooneclockv65.exe [2007-03-07 09:13:26 257536]
OFFICE One Notes v6.5.lnk - C:\Program Files\OFFICE One6.5\OFFICE One Notes\oonotesv65.exe [2007-03-07 09:11:47 559104]
Outil de mise … jour Google.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2007-04-26 14:12:41 125624]
SetPoint.lnk - C:\Program Files\SetPoint\SetPoint.exe [2007-02-28 00:51:45 532480]
SiWake.lnk - C:\Program Files\Wireless LAN Utility\SiWake.exe [2008-04-08 11:14:36 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist]
C:\Program Files\Citrix\GoToAssist\480\G2AWinLogon.dll 2008-02-13 10:48 10792 C:\Program Files\Citrix\GoToAssist\480\g2awinlogon.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
c:\program files\fichiers communs\logitech\bluetooth\LBTWlgn.dll 2006-04-27 12:30 53248 c:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTWlgn.DLL

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=sockspy.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\cadenas\\partsolutions\\software\\lic\\x86\\cnslocal.exe"=
"C:\\Program Files\\cadenas\\partsolutions\\software\\libs\\x86\\websrv.exe"=
"C:\\Program Files\\Dassault Systemes\\B16\\intel_a\\code\\bin\\orbixd.exe"=
"C:\\Program Files\\Dassault Systemes\\B16\\intel_a\\code\\bin\\CNEXT.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"80:TCP"= 80:TCP:Defaut Web Port
"443:TCP"= 443:TCP:https

R1 LUMDriver;LUMDriver;C:\WINDOWS\system32\drivers\LUMDriver.sys [2003-07-11 14:22]
R2 ASFIPmon;Broadcom ASF IP Monitor;"C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe" -service []
R2 BBDemon;Backbone Service;"C:\Program Files\Dassault Systemes\B16\intel_a\code\bin\CATSysDemon.exe" -service []
R2 SMTPSVC;Simple Mail Transfer Protocol (SMTP);C:\WINDOWS\system32\inetsrv\inetinfo.exe [2004-08-05 12:00]
R2 SQLWriter;Enregistreur VSS SQL Server;"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe" [2007-02-10 06:29]
R3 SIS163u;SiS163 USB Wireless LAN Adapter Driver;C:\WINDOWS\system32\DRIVERS\sis163u.sys [2005-11-02 10:53]
R3 SISNPF;SIS Netgroup Packet Filter;C:\WINDOWS\system32\drivers\SISNPF.sys [2005-04-14 17:02]
R3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 23:58]
R3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-05 12:00]
S2 FLEXlm License Manager;FLEXlm License Manager;C:\SEFlex\Program\lmgrd.exe [2007-09-05 14:34]
S2 MSSQL$AUTODESKVAULT;SQL Server (AUTODESKVAULT);"C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sAUTODESKVAULT []
S2 SolidWorks SolidNetWork License Manager;SolidWorks SolidNetWork License Manager;C:\FLEXLM\SolidWorks 2005 SolidNetWork License Manager\lmgrd.exe []
S3 GoToAssist;GoToAssist;"C:\Program Files\Citrix\GoToAssist\480\g2aservice.exe" Start=service []
S3 ZDCndis5;ZDCndis5 Protocol Driver;C:\WINDOWS\system32\ZDCndis5.SYS []

.
**************************************************************************

catchme 0.3.1351 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-10 17:34:51
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.
Temps d'accomplissement: 2008-04-10 17:38:25
ComboFix-quarantined-files.txt 2008-04-10 15:38:18
ComboFix2.txt 2008-04-10 14:21:14
ComboFix3.txt 2008-04-10 09:44:50
ComboFix4.txt 2008-04-09 17:40:27
ComboFix5.txt 2008-04-09 16:28:34
Pre-Run: 118,280,491,008 octets libres
Post-Run: 118,270,570,496 octets libres
.
2008-04-10 10:11:18 --- E O F ---7 message(s) posté(s) depuis le jeudi 10 avril 2008

Réponse 2 / 6

jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040

----------

* Téléchargez ELIBAGLA en bas de cette page http://www.zonavirus.com/datos/descargas/95/elibagla.asp
* Clique sur le bouton Descargar Elibagla cela va télécharger le fichier, placez le sur votre bureau.
* Double-cliquez dessus pour l'ouvrir
* Assurez-vous que dans le menu déroulant Unidad, vous avez bien C:\
* Vérifiquez aussi que l'option en bas de la fenêtre Eliminar Ficheros Automaticamente est bien cochée
* Cliquez sur le bouton Explorar pour lancer l'analyse
------------

colle le rapport d'un scan en ligne
avec un des suivants:

bitdefender en ligne :
http://www.bitdefender.fr/scan_fr/scan8/ie.html

secuser en ligne :
http://www.secuser.com/outils/antivirus.htm

scan en ligne firefox

https://www.trendmicro.com/fr_fr/business.html

p3d Messages postés 30 Statut Membre

j'ai effectué le scan de elibagla rien a dire là je suis en train de faire un scan on line bitdefenders je te ferai passé le rapport

pascalaur Messages postés 3604 Statut Membre 63 > p3d Messages postés 30 Statut Membre

fait un truc avec bite defender vas dans la section antivirus de bitedefender et clic sur personnalise et premiere action "desinfecte le fichier et la deuxieme refuser l'acces et continuer pour la deuxieme pareil

Réponse 3 / 6

^^Marie^^ Messages postés 126523 Date d'inscription Statut Membre Dernière intervention 3 279

**TRIPLON **
https://forums.commentcamarche.net/forum/s/m/p3d

p3d Messages postés 30 Statut Membre

qu'est ce que vous faite ?

Réponse 4 / 6

jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040

je comprends mieux
si tu te fais aider sur plusieurs post...

je ferme

^^Marie^^ Messages postés 126523 Date d'inscription Statut Membre Dernière intervention 3 279

Je lui ai conseillé de rester ici
Je ferme les autres
;;))

p3d Messages postés 30 Statut Membre

mais non c'est la premiere fois que je viens sur un forum je ne sais pas comment cela se passait c'est que j'ai toujours le meme probleme et personne n'arrive a me dire ce que je dois faire.
si tu as une solution c'est urgent merci

p3d Messages postés 30 Statut Membre

ok je ne bouge plus

p3d Messages postés 30 Statut Membre

jlpjlp

salut peux tu m'aider je ne bouge plus de ce post

Réponse 5 / 6

p3d Messages postés 30 Statut Membre

il me faut vraiment quelqu'un meme bitdefender ne s'ouvre en mode sans echec

Réponse 6 / 6

jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040

ok

recolle un rapport hijackhtis et re explique tes soucis

Trojan quelqu'un pour m'aider

6 réponses

Votre réponse

Discussions similaires

Newsletters