Trojan quelqu'un pour m'aider

p3d Messages postés 30 Statut Membre -  
jlpjlp Messages postés 52399 Statut Contributeur sécurité -
Bonjour,
je n'en peu plus entre les trojans et les win32 bagle
Aidez moi svp comment faire.
Configuration: Windows XP
Internet Explorer 6.0

6 réponses

  1. jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 041
     
    slt

    tu es infécté par Bagle? alors fais ceci

    Télécharge Combofix de sUBs : Renomme le avant toute installation, par exemple, nomme le "KillBagle". aide ici : https://forum.pcastuces.com/sujet.asp?f=25&s=37315

    http://download.bleepingcomputer.com/sUBs/ComboFix.exe
    Sauvegarde le sur ton bureau et pas ailleurs !

    Aide à l’utilisation de combofix ici: https://bibou0007.forumpro.fr/login?redirect=%2Ft121-topic

    Double-clic sur combofix, Il va te poser une question, réponds par la touche 1 et entrée pour valider, laisse toi guider.
    Attends que combofix ait terminé, un rapport sera créé. Poste le rapport.

    -----------

    Fais DEMARRER puis EXECUTER et tape mrt puis clique sur ok et suis la procedure (si impossible, passe a la suite)

    ----------

    * Téléchargez ELIBAGLA en bas de cette page http://www.zonavirus.com/datos/descargas/95/elibagla.asp
    * Clique sur le bouton Descargar Elibagla cela va télécharger le fichier, placez le sur votre bureau.
    * Double-cliquez dessus pour l'ouvrir
    * Assurez-vous que dans le menu déroulant Unidad, vous avez bien C:\
    * Vérifiquez aussi que l'option en bas de la fenêtre Eliminar Ficheros Automaticamente est bien cochée
    * Cliquez sur le bouton Explorar pour lancer l'analyse
    ------------

    colle le rapport d'un scan en ligne
    avec un des suivants:

    bitdefender en ligne :
    http://www.bitdefender.fr/scan_fr/scan8/ie.html

    secuser en ligne :
    http://www.secuser.com/outils/antivirus.htm

    scan en ligne firefox

    https://www.trendmicro.com/fr_fr/business.html
    0
    1. p3d Messages postés 30 Statut Membre
       
      bonjour
      j'essaye de faire ce que tu m'indique je te tiens au courant
      Merci
      0
      1. p3d Messages postés 30 Statut Membre > p3d Messages postés 30 Statut Membre
         
        voila le rapport excuse moi j'ai été long mais le virus me deconnect mon anti virus m'a dit que jétais infecté par un trojan mais je n'arrive pas à le faire disparaitre.


        ComboFix 08-04-09.9 - PEIGNON 2008-04-10 17:31:28.6 - NTFSx86
        Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.1361 [GMT 2:00]
        Endroit: C:\Documents and Settings\PEIGNON\Bureau\Combo-Fix.exe
        * Création d'un nouveau point de restauration
        * Resident AV is active


        [color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
        .
        TimedOut: progfile.dat

        ((((((((((((((((((((((((((((( Fichiers créés 2008-03-10 to 2008-04-10 ))))))))))))))))))))))))))))))))))))
        .

        2008-04-10 15:01 . 2008-04-10 15:01 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab
        2008-04-10 14:42 . 2008-04-10 14:42 <REP> d-------- C:\WINDOWS\LastGood
        2008-04-10 14:07 . 1996-08-20 20:37 15,840 --a------ C:\WINDOWS\system32\Machnm1.exe
        2008-04-10 14:07 . 2005-09-25 16:37 5,632 --a------ C:\WINDOWS\system32\Machnm64.sys
        2008-04-10 14:07 . 2008-04-10 14:07 3,120 --a------ C:\WINDOWS\system32\118290.54
        2008-04-10 14:07 . 2008-04-10 14:07 3,120 --a------ C:\WINDOWS\118294.78
        2008-04-10 14:07 . 2003-08-13 00:27 2,304 --a------ C:\WINDOWS\system32\Machnm32.sys
        2008-04-10 11:56 . 2008-04-10 12:03 <REP> d-------- C:\Documents and Settings\PEIGNON\Application Data\AVGTOOLBAR
        2008-04-10 11:55 . 2008-04-10 11:55 <REP> d-------- C:\Program Files\AVG
        2008-04-10 11:55 . 2008-04-10 12:14 <REP> d-------- C:\Documents and Settings\All Users\Application Data\avg8
        2008-04-10 11:32 . 2008-04-10 12:07 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
        2008-04-10 08:26 . 2008-04-10 08:26 <REP> d-------- C:\Documents and Settings\PEIGNON\Application Data\Bitdefender
        2008-04-10 08:25 . 2008-04-10 08:25 <REP> d-------- C:\Program Files\Softwin
        2008-04-10 08:25 . 2008-04-10 08:25 <REP> d-------- C:\Program Files\Fichiers communs\Softwin
        2008-04-10 08:25 . 2008-04-10 08:26 <REP> d-------- C:\Documents and Settings\All Users\Application Data\BitDefender
        2008-04-09 19:20 . 2008-04-09 19:20 <REP> d-------- C:\Program Files\Trend Micro
        2008-04-09 17:43 . 2008-04-10 10:21 <REP> d-------- C:\Muestras
        2008-04-09 14:52 . 2008-04-09 14:52 <REP> d-------- C:\Program Files\Sophos
        2008-04-08 17:58 . 2008-04-09 18:55 <REP> d-------- C:\WINDOWS\BDOSCAN8
        2008-04-08 13:55 . 2008-04-08 13:55 <REP> d-------- C:\WINDOWS\dell
        2008-04-08 12:23 . 2004-08-05 12:00 13,463,552 --a--c--- C:\WINDOWS\system32\dllcache\hwxjpn.dll
        2008-04-08 12:22 . 2004-08-05 12:00 1,677,824 --a--c--- C:\WINDOWS\system32\dllcache\chsbrkr.dll
        2008-04-08 12:21 . 2008-04-08 12:21 749 -rah----- C:\WINDOWS\WindowsShell.Manifest
        2008-04-08 12:21 . 2008-04-08 12:21 749 -rah----- C:\WINDOWS\system32\wuaucpl.cpl.manifest
        2008-04-08 12:21 . 2008-04-08 12:21 749 -rah----- C:\WINDOWS\system32\sapi.cpl.manifest
        2008-04-08 12:21 . 2008-04-08 12:21 749 -rah----- C:\WINDOWS\system32\nwc.cpl.manifest
        2008-04-08 12:21 . 2008-04-08 12:21 749 -rah----- C:\WINDOWS\system32\ncpa.cpl.manifest
        2008-04-08 12:21 . 2008-04-08 12:21 488 -rah----- C:\WINDOWS\system32\logonui.exe.manifest
        2008-04-08 12:19 . 2004-08-05 12:00 7,680 --a--c--- C:\WINDOWS\system32\dllcache\inetmgr.exe
        2008-04-08 11:14 . 2008-04-08 11:14 <REP> d-------- C:\Program Files\Wireless LAN Utility
        2008-04-08 11:06 . 2008-04-08 11:06 <REP> d-------- C:\Program Files\SiSWLAN
        2008-04-08 11:06 . 2005-11-02 10:53 215,552 --a------ C:\WINDOWS\system32\drivers\sis163u.sys
        2008-04-08 11:06 . 2005-08-04 17:28 49,152 --a------ C:\WINDOWS\system32\unWdWu.exe
        2008-04-08 11:06 . 2005-04-14 17:02 31,872 --a------ C:\WINDOWS\system32\drivers\sisnpf.sys
        2008-04-08 11:06 . 2008-04-08 11:06 0 --a------ C:\WINDOWS\system32\wunilog.ini
        2008-04-08 10:22 . 2008-04-08 10:22 6,656 --ahs---- C:\WINDOWS\system32\Thumbs.db
        2008-04-07 18:09 . 2008-04-10 08:34 <REP> d-------- C:\WINDOWS\system32\drivers\downld
        2008-04-04 10:20 . 2008-04-04 10:20 <REP> d-------- C:\Program Files\Dassault Systemes
        2008-04-04 10:17 . 2008-04-04 10:17 <REP> d-------- C:\Documents and Settings\PEIGNON\Application Data\DassaultSystemes
        2008-04-04 10:17 . 2008-04-04 10:20 <REP> d-------- C:\Documents and Settings\All Users\Application Data\DassaultSystemes
        2008-04-03 09:42 . 2008-04-03 09:42 <REP> d-------- C:\SEFlex
        2008-04-03 09:41 . 2008-04-03 09:41 <REP> d-------- C:\Program Files\Solid Edge Data Migration Component
        2008-04-03 09:40 . 2008-04-03 09:40 <REP> d-------- C:\Program Files\Rainbow Technologies
        2008-04-03 09:39 . 2008-04-03 09:39 <REP> d-------- C:\Program Files\Solid Edge Electrode Design V20
        2008-04-03 09:38 . 2008-04-03 09:38 <REP> d-------- C:\Program Files\Solid Edge Mold Tooling V20
        2008-04-03 09:29 . 2008-04-03 09:29 <REP> d-------- C:\Solid Edge Standard Parts
        2008-04-03 09:29 . 2008-04-03 09:29 <REP> d-------- C:\Documents and Settings\PEIGNON\Application Data\Unigraphics Solutions
        2008-04-03 09:26 . 2008-04-03 09:26 <REP> d-------- C:\SOApolicies
        2008-04-03 09:26 . 2008-04-03 09:26 <REP> d-------- C:\Program Files\Solid Edge Tc Administrator V20
        2008-04-03 09:26 . 2008-04-03 09:26 <REP> d-------- C:\Change This Folder
        2008-04-03 09:11 . 2008-04-03 09:19 <REP> d-------- C:\Program Files\Solid Edge V20
        2008-04-02 14:16 . 2008-04-08 11:36 76,974 --a------ C:\WINDOWS\setupapi.old
        2008-03-13 11:14 . 2008-03-13 11:15 <REP> d-------- C:\Program Files\AOEMView 2008

        .
        (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
        .
        2008-04-10 15:32 81,984 ----a-w C:\WINDOWS\system32\bdod.bin
        2008-04-10 14:43 --------- d--h--w C:\Program Files\InstallShield Installation Information
        2008-04-10 10:29 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
        2008-04-08 12:59 --------- d-----w C:\Program Files\SetPoint
        2008-04-08 07:27 81,920 ----a-w C:\WINDOWS\system32\W32N50.dll
        2008-04-08 07:27 17,134 ----a-w C:\WINDOWS\system32\PCANDIS5.sys
        2008-03-26 13:00 262,360 ----a-w C:\Documents and Settings\PEIGNON\Application Data\GDIPFONTCACHEV1.DAT
        2008-03-13 09:20 --------- d-----w C:\Program Files\Fichiers communs\Autodesk Shared
        2008-03-13 09:14 --------- d-----w C:\Documents and Settings\All Users\Application Data\Autodesk
        2008-02-26 08:32 --------- d-----w C:\Program Files\Danfoss Socla 2007
        2008-02-26 08:24 --------- d-----w C:\Documents and Settings\PEIGNON\Application Data\cadenas
        2008-02-14 17:24 --------- d-----w C:\Program Files\TomTom HOME 2
        2008-02-14 17:24 --------- d-----w C:\Program Files\TomTom HOME
        2008-02-14 17:24 --------- d-----w C:\Documents and Settings\PEIGNON\Application Data\TomTom
        2008-02-14 16:50 --------- d-----w C:\Documents and Settings\All Users\Application Data\TomTom
        2008-02-13 08:53 --------- d-----w C:\Program Files\Dell
        2008-02-13 08:49 --------- d-----w C:\Documents and Settings\All Users\Application Data\Citrix
        2008-02-13 08:48 60,968 ----a-w C:\Documents and Settings\PEIGNON\GoToAssistDownloadHelper.exe
        2008-02-13 08:48 --------- d-----w C:\Program Files\Citrix
        2007-06-14 16:07 278,528 ----a-w C:\Program Files\Fichiers communs\FDEUnInstaller.exe
        2007-03-22 16:02 22,845,992 ----a-w C:\Program Files\AdbeRdr80_fr_FR.exe
        2004-02-11 03:00 80,014 ----a-w C:\WINDOWS\Fonts\unins000.exe
        2007-10-22 12:35 8 --sha-r C:\WINDOWS\system32\E833EEC6A8.sys
        2007-10-22 12:46 2,828 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
        .

        ((((((((((((((((((((((((((((( snapshot_2008-04-10_16.20.09.79 )))))))))))))))))))))))))))))))))))))))))
        .
        + 2008-04-10 15:34:30 53,248 ----a-w C:\WINDOWS\PSEXESVC.EXE
        .
        ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
        .
        .
        REGEDIT4
        *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

        [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
        "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 12:00 15360]
        "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [ ]
        "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 18:24 1694208]
        "TomTomHOME.exe"="C:\Program Files\TomTom HOME 2\HOMERunner.exe" [2008-02-18 12:58 206184]

        [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
        "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 02:11 132496]
        "Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2005-12-20 19:38 28160 C:\WINDOWS\KHALMNPR.Exe]
        "Logitech BT Wizard"="LBTWiz.exe" []
        "ISUSScheduler"="C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2004-07-27 18:50 81920]
        "ISUSPM Startup"="C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 18:50 221184]
        "IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2006-04-26 09:39 143360]
        "DVDLauncher"="C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" [2005-12-09 22:29 49152]
        "DLA"="C:\WINDOWS\System32\DLA\DLACTRLW.EXE" [2005-09-08 07:20 122940]
        "Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" [2005-06-23 21:33 57344]
        "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
        "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-03-17 15:16 7561216]
        "nwiz"="nwiz.exe" []
        "Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-08-24 08:50 1838592]
        "SigmatelSysTrayApp"="stsystra.exe" [2006-03-20 17:00 282624 C:\WINDOWS\stsystra.exe]
        "BDMCon"="C:\Program Files\Softwin\BitDefender10\bdmcon.exe" [2008-04-10 12:35 290816]
        "BDAgent"="C:\Program Files\Softwin\BitDefender10\bdagent.exe" [2007-03-26 15:49 69632]
        "OoPDFSettingsv6.exe"="C:\Program Files\OFFICE One6.5\OFFICE One PDF Manager\OoPDFSettingsv6.exe" [2003-11-20 11:38 460800]

        [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
        "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 12:00 15360]

        C:\Documents and Settings\PEIGNON\Menu D‚marrer\Programmes\D‚marrage\
        OFFICE One 6.5.lnk - C:\Program Files\OFFICE One6.5\program\quickstart.exe [2004-03-08 07:00:00 36864]

        C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
        BTTray.lnk - C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe [2006-06-12 19:29:50 622653]
        Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 10:01:04 83360]
        OFFICE One Clock v6.5.lnk - C:\Program Files\OFFICE One6.5\OFFICE One Clock\ooneclockv65.exe [2007-03-07 09:13:26 257536]
        OFFICE One Notes v6.5.lnk - C:\Program Files\OFFICE One6.5\OFFICE One Notes\oonotesv65.exe [2007-03-07 09:11:47 559104]
        Outil de mise … jour Google.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2007-04-26 14:12:41 125624]
        SetPoint.lnk - C:\Program Files\SetPoint\SetPoint.exe [2007-02-28 00:51:45 532480]
        SiWake.lnk - C:\Program Files\Wireless LAN Utility\SiWake.exe [2008-04-08 11:14:36 155648]

        [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist]
        C:\Program Files\Citrix\GoToAssist\480\G2AWinLogon.dll 2008-02-13 10:48 10792 C:\Program Files\Citrix\GoToAssist\480\g2awinlogon.dll

        [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
        c:\program files\fichiers communs\logitech\bluetooth\LBTWlgn.dll 2006-04-27 12:30 53248 c:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTWlgn.DLL

        [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
        "AppInit_DLLs"=sockspy.dll

        [HKEY_LOCAL_MACHINE\software\microsoft\security center]
        "AntiVirusOverride"=dword:00000001

        [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
        "EnableFirewall"= 0 (0x0)

        [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
        "%windir%\\system32\\sessmgr.exe"=
        "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
        "C:\\Program Files\\cadenas\\partsolutions\\software\\lic\\x86\\cnslocal.exe"=
        "C:\\Program Files\\cadenas\\partsolutions\\software\\libs\\x86\\websrv.exe"=
        "C:\\Program Files\\Dassault Systemes\\B16\\intel_a\\code\\bin\\orbixd.exe"=
        "C:\\Program Files\\Dassault Systemes\\B16\\intel_a\\code\\bin\\CNEXT.exe"=

        [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
        "80:TCP"= 80:TCP:Defaut Web Port
        "443:TCP"= 443:TCP:https

        R1 LUMDriver;LUMDriver;C:\WINDOWS\system32\drivers\LUMDriver.sys [2003-07-11 14:22]
        R2 ASFIPmon;Broadcom ASF IP Monitor;"C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe" -service []
        R2 BBDemon;Backbone Service;"C:\Program Files\Dassault Systemes\B16\intel_a\code\bin\CATSysDemon.exe" -service []
        R2 SMTPSVC;Simple Mail Transfer Protocol (SMTP);C:\WINDOWS\system32\inetsrv\inetinfo.exe [2004-08-05 12:00]
        R2 SQLWriter;Enregistreur VSS SQL Server;"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe" [2007-02-10 06:29]
        R3 SIS163u;SiS163 USB Wireless LAN Adapter Driver;C:\WINDOWS\system32\DRIVERS\sis163u.sys [2005-11-02 10:53]
        R3 SISNPF;SIS Netgroup Packet Filter;C:\WINDOWS\system32\drivers\SISNPF.sys [2005-04-14 17:02]
        R3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 23:58]
        R3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-05 12:00]
        S2 FLEXlm License Manager;FLEXlm License Manager;C:\SEFlex\Program\lmgrd.exe [2007-09-05 14:34]
        S2 MSSQL$AUTODESKVAULT;SQL Server (AUTODESKVAULT);"C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sAUTODESKVAULT []
        S2 SolidWorks SolidNetWork License Manager;SolidWorks SolidNetWork License Manager;C:\FLEXLM\SolidWorks 2005 SolidNetWork License Manager\lmgrd.exe []
        S3 GoToAssist;GoToAssist;"C:\Program Files\Citrix\GoToAssist\480\g2aservice.exe" Start=service []
        S3 ZDCndis5;ZDCndis5 Protocol Driver;C:\WINDOWS\system32\ZDCndis5.SYS []

        .
        **************************************************************************

        catchme 0.3.1351 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
        Rootkit scan 2008-04-10 17:34:51
        Windows 5.1.2600 Service Pack 2 NTFS

        Balayage processus cachés ...

        Balayage caché autostart entries ...

        Balayage des fichiers cachés ...

        Scan terminé avec succès
        Les fichiers cachés: 0

        **************************************************************************
        .
        Temps d'accomplissement: 2008-04-10 17:38:25
        ComboFix-quarantined-files.txt 2008-04-10 15:38:18
        ComboFix2.txt 2008-04-10 14:21:14
        ComboFix3.txt 2008-04-10 09:44:50
        ComboFix4.txt 2008-04-09 17:40:27
        ComboFix5.txt 2008-04-09 16:28:34
        Pre-Run: 118,280,491,008 octets libres
        Post-Run: 118,270,570,496 octets libres
        .
        2008-04-10 10:11:18 --- E O F ---
        0
      2. p3d Messages postés 30 Statut Membre > p3d Messages postés 30 Statut Membre
         
        voila le rapport excuse moi j'ai été long mais le virus me deconnect mon anti virus m'a dit que jétais infecté par un trojan mais je n'arrive pas à le faire disparaitre.


        ComboFix 08-04-09.9 - PEIGNON 2008-04-10 17:31:28.6 - NTFSx86
        Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.1361 [GMT 2:00]
        Endroit: C:\Documents and Settings\PEIGNON\Bureau\Combo-Fix.exe
        * Création d'un nouveau point de restauration
        * Resident AV is active


        [color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
        .
        TimedOut: progfile.dat

        ((((((((((((((((((((((((((((( Fichiers créés 2008-03-10 to 2008-04-10 ))))))))))))))))))))))))))))))))))))
        .

        2008-04-10 15:01 . 2008-04-10 15:01 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab
        2008-04-10 14:42 . 2008-04-10 14:42 <REP> d-------- C:\WINDOWS\LastGood
        2008-04-10 14:07 . 1996-08-20 20:37 15,840 --a------ C:\WINDOWS\system32\Machnm1.exe
        2008-04-10 14:07 . 2005-09-25 16:37 5,632 --a------ C:\WINDOWS\system32\Machnm64.sys
        2008-04-10 14:07 . 2008-04-10 14:07 3,120 --a------ C:\WINDOWS\system32\118290.54
        2008-04-10 14:07 . 2008-04-10 14:07 3,120 --a------ C:\WINDOWS\118294.78
        2008-04-10 14:07 . 2003-08-13 00:27 2,304 --a------ C:\WINDOWS\system32\Machnm32.sys
        2008-04-10 11:56 . 2008-04-10 12:03 <REP> d-------- C:\Documents and Settings\PEIGNON\Application Data\AVGTOOLBAR
        2008-04-10 11:55 . 2008-04-10 11:55 <REP> d-------- C:\Program Files\AVG
        2008-04-10 11:55 . 2008-04-10 12:14 <REP> d-------- C:\Documents and Settings\All Users\Application Data\avg8
        2008-04-10 11:32 . 2008-04-10 12:07 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
        2008-04-10 08:26 . 2008-04-10 08:26 <REP> d-------- C:\Documents and Settings\PEIGNON\Application Data\Bitdefender
        2008-04-10 08:25 . 2008-04-10 08:25 <REP> d-------- C:\Program Files\Softwin
        2008-04-10 08:25 . 2008-04-10 08:25 <REP> d-------- C:\Program Files\Fichiers communs\Softwin
        2008-04-10 08:25 . 2008-04-10 08:26 <REP> d-------- C:\Documents and Settings\All Users\Application Data\BitDefender
        2008-04-09 19:20 . 2008-04-09 19:20 <REP> d-------- C:\Program Files\Trend Micro
        2008-04-09 17:43 . 2008-04-10 10:21 <REP> d-------- C:\Muestras
        2008-04-09 14:52 . 2008-04-09 14:52 <REP> d-------- C:\Program Files\Sophos
        2008-04-08 17:58 . 2008-04-09 18:55 <REP> d-------- C:\WINDOWS\BDOSCAN8
        2008-04-08 13:55 . 2008-04-08 13:55 <REP> d-------- C:\WINDOWS\dell
        2008-04-08 12:23 . 2004-08-05 12:00 13,463,552 --a--c--- C:\WINDOWS\system32\dllcache\hwxjpn.dll
        2008-04-08 12:22 . 2004-08-05 12:00 1,677,824 --a--c--- C:\WINDOWS\system32\dllcache\chsbrkr.dll
        2008-04-08 12:21 . 2008-04-08 12:21 749 -rah----- C:\WINDOWS\WindowsShell.Manifest
        2008-04-08 12:21 . 2008-04-08 12:21 749 -rah----- C:\WINDOWS\system32\wuaucpl.cpl.manifest
        2008-04-08 12:21 . 2008-04-08 12:21 749 -rah----- C:\WINDOWS\system32\sapi.cpl.manifest
        2008-04-08 12:21 . 2008-04-08 12:21 749 -rah----- C:\WINDOWS\system32\nwc.cpl.manifest
        2008-04-08 12:21 . 2008-04-08 12:21 749 -rah----- C:\WINDOWS\system32\ncpa.cpl.manifest
        2008-04-08 12:21 . 2008-04-08 12:21 488 -rah----- C:\WINDOWS\system32\logonui.exe.manifest
        2008-04-08 12:19 . 2004-08-05 12:00 7,680 --a--c--- C:\WINDOWS\system32\dllcache\inetmgr.exe
        2008-04-08 11:14 . 2008-04-08 11:14 <REP> d-------- C:\Program Files\Wireless LAN Utility
        2008-04-08 11:06 . 2008-04-08 11:06 <REP> d-------- C:\Program Files\SiSWLAN
        2008-04-08 11:06 . 2005-11-02 10:53 215,552 --a------ C:\WINDOWS\system32\drivers\sis163u.sys
        2008-04-08 11:06 . 2005-08-04 17:28 49,152 --a------ C:\WINDOWS\system32\unWdWu.exe
        2008-04-08 11:06 . 2005-04-14 17:02 31,872 --a------ C:\WINDOWS\system32\drivers\sisnpf.sys
        2008-04-08 11:06 . 2008-04-08 11:06 0 --a------ C:\WINDOWS\system32\wunilog.ini
        2008-04-08 10:22 . 2008-04-08 10:22 6,656 --ahs---- C:\WINDOWS\system32\Thumbs.db
        2008-04-07 18:09 . 2008-04-10 08:34 <REP> d-------- C:\WINDOWS\system32\drivers\downld
        2008-04-04 10:20 . 2008-04-04 10:20 <REP> d-------- C:\Program Files\Dassault Systemes
        2008-04-04 10:17 . 2008-04-04 10:17 <REP> d-------- C:\Documents and Settings\PEIGNON\Application Data\DassaultSystemes
        2008-04-04 10:17 . 2008-04-04 10:20 <REP> d-------- C:\Documents and Settings\All Users\Application Data\DassaultSystemes
        2008-04-03 09:42 . 2008-04-03 09:42 <REP> d-------- C:\SEFlex
        2008-04-03 09:41 . 2008-04-03 09:41 <REP> d-------- C:\Program Files\Solid Edge Data Migration Component
        2008-04-03 09:40 . 2008-04-03 09:40 <REP> d-------- C:\Program Files\Rainbow Technologies
        2008-04-03 09:39 . 2008-04-03 09:39 <REP> d-------- C:\Program Files\Solid Edge Electrode Design V20
        2008-04-03 09:38 . 2008-04-03 09:38 <REP> d-------- C:\Program Files\Solid Edge Mold Tooling V20
        2008-04-03 09:29 . 2008-04-03 09:29 <REP> d-------- C:\Solid Edge Standard Parts
        2008-04-03 09:29 . 2008-04-03 09:29 <REP> d-------- C:\Documents and Settings\PEIGNON\Application Data\Unigraphics Solutions
        2008-04-03 09:26 . 2008-04-03 09:26 <REP> d-------- C:\SOApolicies
        2008-04-03 09:26 . 2008-04-03 09:26 <REP> d-------- C:\Program Files\Solid Edge Tc Administrator V20
        2008-04-03 09:26 . 2008-04-03 09:26 <REP> d-------- C:\Change This Folder
        2008-04-03 09:11 . 2008-04-03 09:19 <REP> d-------- C:\Program Files\Solid Edge V20
        2008-04-02 14:16 . 2008-04-08 11:36 76,974 --a------ C:\WINDOWS\setupapi.old
        2008-03-13 11:14 . 2008-03-13 11:15 <REP> d-------- C:\Program Files\AOEMView 2008

        .
        (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
        .
        2008-04-10 15:32 81,984 ----a-w C:\WINDOWS\system32\bdod.bin
        2008-04-10 14:43 --------- d--h--w C:\Program Files\InstallShield Installation Information
        2008-04-10 10:29 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
        2008-04-08 12:59 --------- d-----w C:\Program Files\SetPoint
        2008-04-08 07:27 81,920 ----a-w C:\WINDOWS\system32\W32N50.dll
        2008-04-08 07:27 17,134 ----a-w C:\WINDOWS\system32\PCANDIS5.sys
        2008-03-26 13:00 262,360 ----a-w C:\Documents and Settings\PEIGNON\Application Data\GDIPFONTCACHEV1.DAT
        2008-03-13 09:20 --------- d-----w C:\Program Files\Fichiers communs\Autodesk Shared
        2008-03-13 09:14 --------- d-----w C:\Documents and Settings\All Users\Application Data\Autodesk
        2008-02-26 08:32 --------- d-----w C:\Program Files\Danfoss Socla 2007
        2008-02-26 08:24 --------- d-----w C:\Documents and Settings\PEIGNON\Application Data\cadenas
        2008-02-14 17:24 --------- d-----w C:\Program Files\TomTom HOME 2
        2008-02-14 17:24 --------- d-----w C:\Program Files\TomTom HOME
        2008-02-14 17:24 --------- d-----w C:\Documents and Settings\PEIGNON\Application Data\TomTom
        2008-02-14 16:50 --------- d-----w C:\Documents and Settings\All Users\Application Data\TomTom
        2008-02-13 08:53 --------- d-----w C:\Program Files\Dell
        2008-02-13 08:49 --------- d-----w C:\Documents and Settings\All Users\Application Data\Citrix
        2008-02-13 08:48 60,968 ----a-w C:\Documents and Settings\PEIGNON\GoToAssistDownloadHelper.exe
        2008-02-13 08:48 --------- d-----w C:\Program Files\Citrix
        2007-06-14 16:07 278,528 ----a-w C:\Program Files\Fichiers communs\FDEUnInstaller.exe
        2007-03-22 16:02 22,845,992 ----a-w C:\Program Files\AdbeRdr80_fr_FR.exe
        2004-02-11 03:00 80,014 ----a-w C:\WINDOWS\Fonts\unins000.exe
        2007-10-22 12:35 8 --sha-r C:\WINDOWS\system32\E833EEC6A8.sys
        2007-10-22 12:46 2,828 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
        .

        ((((((((((((((((((((((((((((( snapshot_2008-04-10_16.20.09.79 )))))))))))))))))))))))))))))))))))))))))
        .
        + 2008-04-10 15:34:30 53,248 ----a-w C:\WINDOWS\PSEXESVC.EXE
        .
        ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
        .
        .
        REGEDIT4
        *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

        [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
        "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 12:00 15360]
        "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [ ]
        "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 18:24 1694208]
        "TomTomHOME.exe"="C:\Program Files\TomTom HOME 2\HOMERunner.exe" [2008-02-18 12:58 206184]

        [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
        "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 02:11 132496]
        "Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2005-12-20 19:38 28160 C:\WINDOWS\KHALMNPR.Exe]
        "Logitech BT Wizard"="LBTWiz.exe" []
        "ISUSScheduler"="C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2004-07-27 18:50 81920]
        "ISUSPM Startup"="C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 18:50 221184]
        "IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2006-04-26 09:39 143360]
        "DVDLauncher"="C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" [2005-12-09 22:29 49152]
        "DLA"="C:\WINDOWS\System32\DLA\DLACTRLW.EXE" [2005-09-08 07:20 122940]
        "Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" [2005-06-23 21:33 57344]
        "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
        "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-03-17 15:16 7561216]
        "nwiz"="nwiz.exe" []
        "Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-08-24 08:50 1838592]
        "SigmatelSysTrayApp"="stsystra.exe" [2006-03-20 17:00 282624 C:\WINDOWS\stsystra.exe]
        "BDMCon"="C:\Program Files\Softwin\BitDefender10\bdmcon.exe" [2008-04-10 12:35 290816]
        "BDAgent"="C:\Program Files\Softwin\BitDefender10\bdagent.exe" [2007-03-26 15:49 69632]
        "OoPDFSettingsv6.exe"="C:\Program Files\OFFICE One6.5\OFFICE One PDF Manager\OoPDFSettingsv6.exe" [2003-11-20 11:38 460800]

        [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
        "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 12:00 15360]

        C:\Documents and Settings\PEIGNON\Menu D‚marrer\Programmes\D‚marrage\
        OFFICE One 6.5.lnk - C:\Program Files\OFFICE One6.5\program\quickstart.exe [2004-03-08 07:00:00 36864]

        C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
        BTTray.lnk - C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe [2006-06-12 19:29:50 622653]
        Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 10:01:04 83360]
        OFFICE One Clock v6.5.lnk - C:\Program Files\OFFICE One6.5\OFFICE One Clock\ooneclockv65.exe [2007-03-07 09:13:26 257536]
        OFFICE One Notes v6.5.lnk - C:\Program Files\OFFICE One6.5\OFFICE One Notes\oonotesv65.exe [2007-03-07 09:11:47 559104]
        Outil de mise … jour Google.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2007-04-26 14:12:41 125624]
        SetPoint.lnk - C:\Program Files\SetPoint\SetPoint.exe [2007-02-28 00:51:45 532480]
        SiWake.lnk - C:\Program Files\Wireless LAN Utility\SiWake.exe [2008-04-08 11:14:36 155648]

        [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist]
        C:\Program Files\Citrix\GoToAssist\480\G2AWinLogon.dll 2008-02-13 10:48 10792 C:\Program Files\Citrix\GoToAssist\480\g2awinlogon.dll

        [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
        c:\program files\fichiers communs\logitech\bluetooth\LBTWlgn.dll 2006-04-27 12:30 53248 c:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTWlgn.DLL

        [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
        "AppInit_DLLs"=sockspy.dll

        [HKEY_LOCAL_MACHINE\software\microsoft\security center]
        "AntiVirusOverride"=dword:00000001

        [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
        "EnableFirewall"= 0 (0x0)

        [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
        "%windir%\\system32\\sessmgr.exe"=
        "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
        "C:\\Program Files\\cadenas\\partsolutions\\software\\lic\\x86\\cnslocal.exe"=
        "C:\\Program Files\\cadenas\\partsolutions\\software\\libs\\x86\\websrv.exe"=
        "C:\\Program Files\\Dassault Systemes\\B16\\intel_a\\code\\bin\\orbixd.exe"=
        "C:\\Program Files\\Dassault Systemes\\B16\\intel_a\\code\\bin\\CNEXT.exe"=

        [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
        "80:TCP"= 80:TCP:Defaut Web Port
        "443:TCP"= 443:TCP:https

        R1 LUMDriver;LUMDriver;C:\WINDOWS\system32\drivers\LUMDriver.sys [2003-07-11 14:22]
        R2 ASFIPmon;Broadcom ASF IP Monitor;"C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe" -service []
        R2 BBDemon;Backbone Service;"C:\Program Files\Dassault Systemes\B16\intel_a\code\bin\CATSysDemon.exe" -service []
        R2 SMTPSVC;Simple Mail Transfer Protocol (SMTP);C:\WINDOWS\system32\inetsrv\inetinfo.exe [2004-08-05 12:00]
        R2 SQLWriter;Enregistreur VSS SQL Server;"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe" [2007-02-10 06:29]
        R3 SIS163u;SiS163 USB Wireless LAN Adapter Driver;C:\WINDOWS\system32\DRIVERS\sis163u.sys [2005-11-02 10:53]
        R3 SISNPF;SIS Netgroup Packet Filter;C:\WINDOWS\system32\drivers\SISNPF.sys [2005-04-14 17:02]
        R3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 23:58]
        R3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-05 12:00]
        S2 FLEXlm License Manager;FLEXlm License Manager;C:\SEFlex\Program\lmgrd.exe [2007-09-05 14:34]
        S2 MSSQL$AUTODESKVAULT;SQL Server (AUTODESKVAULT);"C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sAUTODESKVAULT []
        S2 SolidWorks SolidNetWork License Manager;SolidWorks SolidNetWork License Manager;C:\FLEXLM\SolidWorks 2005 SolidNetWork License Manager\lmgrd.exe []
        S3 GoToAssist;GoToAssist;"C:\Program Files\Citrix\GoToAssist\480\g2aservice.exe" Start=service []
        S3 ZDCndis5;ZDCndis5 Protocol Driver;C:\WINDOWS\system32\ZDCndis5.SYS []

        .
        **************************************************************************

        catchme 0.3.1351 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
        Rootkit scan 2008-04-10 17:34:51
        Windows 5.1.2600 Service Pack 2 NTFS

        Balayage processus cachés ...

        Balayage caché autostart entries ...

        Balayage des fichiers cachés ...

        Scan terminé avec succès
        Les fichiers cachés: 0

        **************************************************************************
        .
        Temps d'accomplissement: 2008-04-10 17:38:25
        ComboFix-quarantined-files.txt 2008-04-10 15:38:18
        ComboFix2.txt 2008-04-10 14:21:14
        ComboFix3.txt 2008-04-10 09:44:50
        ComboFix4.txt 2008-04-09 17:40:27
        ComboFix5.txt 2008-04-09 16:28:34
        Pre-Run: 118,280,491,008 octets libres
        Post-Run: 118,270,570,496 octets libres
        .
        2008-04-10 10:11:18 --- E O F ---
        0
      3. p3d Messages postés 30 Statut Membre > p3d Messages postés 30 Statut Membre
         
        voila le rapport excuse moi j'ai été long mais le virus me deconnect mon anti virus m'a dit que jétais infecté par un trojan mais je n'arrive pas à le faire disparaitre.


        ComboFix 08-04-09.9 - PEIGNON 2008-04-10 17:31:28.6 - NTFSx86
        Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.1361 [GMT 2:00]
        Endroit: C:\Documents and Settings\PEIGNON\Bureau\Combo-Fix.exe
        * Création d'un nouveau point de restauration
        * Resident AV is active


        [color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
        .
        TimedOut: progfile.dat

        ((((((((((((((((((((((((((((( Fichiers créés 2008-03-10 to 2008-04-10 ))))))))))))))))))))))))))))))))))))
        .

        2008-04-10 15:01 . 2008-04-10 15:01 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab
        2008-04-10 14:42 . 2008-04-10 14:42 <REP> d-------- C:\WINDOWS\LastGood
        2008-04-10 14:07 . 1996-08-20 20:37 15,840 --a------ C:\WINDOWS\system32\Machnm1.exe
        2008-04-10 14:07 . 2005-09-25 16:37 5,632 --a------ C:\WINDOWS\system32\Machnm64.sys
        2008-04-10 14:07 . 2008-04-10 14:07 3,120 --a------ C:\WINDOWS\system32\118290.54
        2008-04-10 14:07 . 2008-04-10 14:07 3,120 --a------ C:\WINDOWS\118294.78
        2008-04-10 14:07 . 2003-08-13 00:27 2,304 --a------ C:\WINDOWS\system32\Machnm32.sys
        2008-04-10 11:56 . 2008-04-10 12:03 <REP> d-------- C:\Documents and Settings\PEIGNON\Application Data\AVGTOOLBAR
        2008-04-10 11:55 . 2008-04-10 11:55 <REP> d-------- C:\Program Files\AVG
        2008-04-10 11:55 . 2008-04-10 12:14 <REP> d-------- C:\Documents and Settings\All Users\Application Data\avg8
        2008-04-10 11:32 . 2008-04-10 12:07 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
        2008-04-10 08:26 . 2008-04-10 08:26 <REP> d-------- C:\Documents and Settings\PEIGNON\Application Data\Bitdefender
        2008-04-10 08:25 . 2008-04-10 08:25 <REP> d-------- C:\Program Files\Softwin
        2008-04-10 08:25 . 2008-04-10 08:25 <REP> d-------- C:\Program Files\Fichiers communs\Softwin
        2008-04-10 08:25 . 2008-04-10 08:26 <REP> d-------- C:\Documents and Settings\All Users\Application Data\BitDefender
        2008-04-09 19:20 . 2008-04-09 19:20 <REP> d-------- C:\Program Files\Trend Micro
        2008-04-09 17:43 . 2008-04-10 10:21 <REP> d-------- C:\Muestras
        2008-04-09 14:52 . 2008-04-09 14:52 <REP> d-------- C:\Program Files\Sophos
        2008-04-08 17:58 . 2008-04-09 18:55 <REP> d-------- C:\WINDOWS\BDOSCAN8
        2008-04-08 13:55 . 2008-04-08 13:55 <REP> d-------- C:\WINDOWS\dell
        2008-04-08 12:23 . 2004-08-05 12:00 13,463,552 --a--c--- C:\WINDOWS\system32\dllcache\hwxjpn.dll
        2008-04-08 12:22 . 2004-08-05 12:00 1,677,824 --a--c--- C:\WINDOWS\system32\dllcache\chsbrkr.dll
        2008-04-08 12:21 . 2008-04-08 12:21 749 -rah----- C:\WINDOWS\WindowsShell.Manifest
        2008-04-08 12:21 . 2008-04-08 12:21 749 -rah----- C:\WINDOWS\system32\wuaucpl.cpl.manifest
        2008-04-08 12:21 . 2008-04-08 12:21 749 -rah----- C:\WINDOWS\system32\sapi.cpl.manifest
        2008-04-08 12:21 . 2008-04-08 12:21 749 -rah----- C:\WINDOWS\system32\nwc.cpl.manifest
        2008-04-08 12:21 . 2008-04-08 12:21 749 -rah----- C:\WINDOWS\system32\ncpa.cpl.manifest
        2008-04-08 12:21 . 2008-04-08 12:21 488 -rah----- C:\WINDOWS\system32\logonui.exe.manifest
        2008-04-08 12:19 . 2004-08-05 12:00 7,680 --a--c--- C:\WINDOWS\system32\dllcache\inetmgr.exe
        2008-04-08 11:14 . 2008-04-08 11:14 <REP> d-------- C:\Program Files\Wireless LAN Utility
        2008-04-08 11:06 . 2008-04-08 11:06 <REP> d-------- C:\Program Files\SiSWLAN
        2008-04-08 11:06 . 2005-11-02 10:53 215,552 --a------ C:\WINDOWS\system32\drivers\sis163u.sys
        2008-04-08 11:06 . 2005-08-04 17:28 49,152 --a------ C:\WINDOWS\system32\unWdWu.exe
        2008-04-08 11:06 . 2005-04-14 17:02 31,872 --a------ C:\WINDOWS\system32\drivers\sisnpf.sys
        2008-04-08 11:06 . 2008-04-08 11:06 0 --a------ C:\WINDOWS\system32\wunilog.ini
        2008-04-08 10:22 . 2008-04-08 10:22 6,656 --ahs---- C:\WINDOWS\system32\Thumbs.db
        2008-04-07 18:09 . 2008-04-10 08:34 <REP> d-------- C:\WINDOWS\system32\drivers\downld
        2008-04-04 10:20 . 2008-04-04 10:20 <REP> d-------- C:\Program Files\Dassault Systemes
        2008-04-04 10:17 . 2008-04-04 10:17 <REP> d-------- C:\Documents and Settings\PEIGNON\Application Data\DassaultSystemes
        2008-04-04 10:17 . 2008-04-04 10:20 <REP> d-------- C:\Documents and Settings\All Users\Application Data\DassaultSystemes
        2008-04-03 09:42 . 2008-04-03 09:42 <REP> d-------- C:\SEFlex
        2008-04-03 09:41 . 2008-04-03 09:41 <REP> d-------- C:\Program Files\Solid Edge Data Migration Component
        2008-04-03 09:40 . 2008-04-03 09:40 <REP> d-------- C:\Program Files\Rainbow Technologies
        2008-04-03 09:39 . 2008-04-03 09:39 <REP> d-------- C:\Program Files\Solid Edge Electrode Design V20
        2008-04-03 09:38 . 2008-04-03 09:38 <REP> d-------- C:\Program Files\Solid Edge Mold Tooling V20
        2008-04-03 09:29 . 2008-04-03 09:29 <REP> d-------- C:\Solid Edge Standard Parts
        2008-04-03 09:29 . 2008-04-03 09:29 <REP> d-------- C:\Documents and Settings\PEIGNON\Application Data\Unigraphics Solutions
        2008-04-03 09:26 . 2008-04-03 09:26 <REP> d-------- C:\SOApolicies
        2008-04-03 09:26 . 2008-04-03 09:26 <REP> d-------- C:\Program Files\Solid Edge Tc Administrator V20
        2008-04-03 09:26 . 2008-04-03 09:26 <REP> d-------- C:\Change This Folder
        2008-04-03 09:11 . 2008-04-03 09:19 <REP> d-------- C:\Program Files\Solid Edge V20
        2008-04-02 14:16 . 2008-04-08 11:36 76,974 --a------ C:\WINDOWS\setupapi.old
        2008-03-13 11:14 . 2008-03-13 11:15 <REP> d-------- C:\Program Files\AOEMView 2008

        .
        (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
        .
        2008-04-10 15:32 81,984 ----a-w C:\WINDOWS\system32\bdod.bin
        2008-04-10 14:43 --------- d--h--w C:\Program Files\InstallShield Installation Information
        2008-04-10 10:29 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
        2008-04-08 12:59 --------- d-----w C:\Program Files\SetPoint
        2008-04-08 07:27 81,920 ----a-w C:\WINDOWS\system32\W32N50.dll
        2008-04-08 07:27 17,134 ----a-w C:\WINDOWS\system32\PCANDIS5.sys
        2008-03-26 13:00 262,360 ----a-w C:\Documents and Settings\PEIGNON\Application Data\GDIPFONTCACHEV1.DAT
        2008-03-13 09:20 --------- d-----w C:\Program Files\Fichiers communs\Autodesk Shared
        2008-03-13 09:14 --------- d-----w C:\Documents and Settings\All Users\Application Data\Autodesk
        2008-02-26 08:32 --------- d-----w C:\Program Files\Danfoss Socla 2007
        2008-02-26 08:24 --------- d-----w C:\Documents and Settings\PEIGNON\Application Data\cadenas
        2008-02-14 17:24 --------- d-----w C:\Program Files\TomTom HOME 2
        2008-02-14 17:24 --------- d-----w C:\Program Files\TomTom HOME
        2008-02-14 17:24 --------- d-----w C:\Documents and Settings\PEIGNON\Application Data\TomTom
        2008-02-14 16:50 --------- d-----w C:\Documents and Settings\All Users\Application Data\TomTom
        2008-02-13 08:53 --------- d-----w C:\Program Files\Dell
        2008-02-13 08:49 --------- d-----w C:\Documents and Settings\All Users\Application Data\Citrix
        2008-02-13 08:48 60,968 ----a-w C:\Documents and Settings\PEIGNON\GoToAssistDownloadHelper.exe
        2008-02-13 08:48 --------- d-----w C:\Program Files\Citrix
        2007-06-14 16:07 278,528 ----a-w C:\Program Files\Fichiers communs\FDEUnInstaller.exe
        2007-03-22 16:02 22,845,992 ----a-w C:\Program Files\AdbeRdr80_fr_FR.exe
        2004-02-11 03:00 80,014 ----a-w C:\WINDOWS\Fonts\unins000.exe
        2007-10-22 12:35 8 --sha-r C:\WINDOWS\system32\E833EEC6A8.sys
        2007-10-22 12:46 2,828 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
        .

        ((((((((((((((((((((((((((((( snapshot_2008-04-10_16.20.09.79 )))))))))))))))))))))))))))))))))))))))))
        .
        + 2008-04-10 15:34:30 53,248 ----a-w C:\WINDOWS\PSEXESVC.EXE
        .
        ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
        .
        .
        REGEDIT4
        *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

        [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
        "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 12:00 15360]
        "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [ ]
        "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 18:24 1694208]
        "TomTomHOME.exe"="C:\Program Files\TomTom HOME 2\HOMERunner.exe" [2008-02-18 12:58 206184]

        [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
        "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 02:11 132496]
        "Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2005-12-20 19:38 28160 C:\WINDOWS\KHALMNPR.Exe]
        "Logitech BT Wizard"="LBTWiz.exe" []
        "ISUSScheduler"="C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2004-07-27 18:50 81920]
        "ISUSPM Startup"="C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 18:50 221184]
        "IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2006-04-26 09:39 143360]
        "DVDLauncher"="C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" [2005-12-09 22:29 49152]
        "DLA"="C:\WINDOWS\System32\DLA\DLACTRLW.EXE" [2005-09-08 07:20 122940]
        "Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" [2005-06-23 21:33 57344]
        "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
        "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-03-17 15:16 7561216]
        "nwiz"="nwiz.exe" []
        "Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-08-24 08:50 1838592]
        "SigmatelSysTrayApp"="stsystra.exe" [2006-03-20 17:00 282624 C:\WINDOWS\stsystra.exe]
        "BDMCon"="C:\Program Files\Softwin\BitDefender10\bdmcon.exe" [2008-04-10 12:35 290816]
        "BDAgent"="C:\Program Files\Softwin\BitDefender10\bdagent.exe" [2007-03-26 15:49 69632]
        "OoPDFSettingsv6.exe"="C:\Program Files\OFFICE One6.5\OFFICE One PDF Manager\OoPDFSettingsv6.exe" [2003-11-20 11:38 460800]

        [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
        "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 12:00 15360]

        C:\Documents and Settings\PEIGNON\Menu D‚marrer\Programmes\D‚marrage\
        OFFICE One 6.5.lnk - C:\Program Files\OFFICE One6.5\program\quickstart.exe [2004-03-08 07:00:00 36864]

        C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
        BTTray.lnk - C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe [2006-06-12 19:29:50 622653]
        Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 10:01:04 83360]
        OFFICE One Clock v6.5.lnk - C:\Program Files\OFFICE One6.5\OFFICE One Clock\ooneclockv65.exe [2007-03-07 09:13:26 257536]
        OFFICE One Notes v6.5.lnk - C:\Program Files\OFFICE One6.5\OFFICE One Notes\oonotesv65.exe [2007-03-07 09:11:47 559104]
        Outil de mise … jour Google.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2007-04-26 14:12:41 125624]
        SetPoint.lnk - C:\Program Files\SetPoint\SetPoint.exe [2007-02-28 00:51:45 532480]
        SiWake.lnk - C:\Program Files\Wireless LAN Utility\SiWake.exe [2008-04-08 11:14:36 155648]

        [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist]
        C:\Program Files\Citrix\GoToAssist\480\G2AWinLogon.dll 2008-02-13 10:48 10792 C:\Program Files\Citrix\GoToAssist\480\g2awinlogon.dll

        [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
        c:\program files\fichiers communs\logitech\bluetooth\LBTWlgn.dll 2006-04-27 12:30 53248 c:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTWlgn.DLL

        [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
        "AppInit_DLLs"=sockspy.dll

        [HKEY_LOCAL_MACHINE\software\microsoft\security center]
        "AntiVirusOverride"=dword:00000001

        [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
        "EnableFirewall"= 0 (0x0)

        [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
        "%windir%\\system32\\sessmgr.exe"=
        "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
        "C:\\Program Files\\cadenas\\partsolutions\\software\\lic\\x86\\cnslocal.exe"=
        "C:\\Program Files\\cadenas\\partsolutions\\software\\libs\\x86\\websrv.exe"=
        "C:\\Program Files\\Dassault Systemes\\B16\\intel_a\\code\\bin\\orbixd.exe"=
        "C:\\Program Files\\Dassault Systemes\\B16\\intel_a\\code\\bin\\CNEXT.exe"=

        [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
        "80:TCP"= 80:TCP:Defaut Web Port
        "443:TCP"= 443:TCP:https

        R1 LUMDriver;LUMDriver;C:\WINDOWS\system32\drivers\LUMDriver.sys [2003-07-11 14:22]
        R2 ASFIPmon;Broadcom ASF IP Monitor;"C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe" -service []
        R2 BBDemon;Backbone Service;"C:\Program Files\Dassault Systemes\B16\intel_a\code\bin\CATSysDemon.exe" -service []
        R2 SMTPSVC;Simple Mail Transfer Protocol (SMTP);C:\WINDOWS\system32\inetsrv\inetinfo.exe [2004-08-05 12:00]
        R2 SQLWriter;Enregistreur VSS SQL Server;"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe" [2007-02-10 06:29]
        R3 SIS163u;SiS163 USB Wireless LAN Adapter Driver;C:\WINDOWS\system32\DRIVERS\sis163u.sys [2005-11-02 10:53]
        R3 SISNPF;SIS Netgroup Packet Filter;C:\WINDOWS\system32\drivers\SISNPF.sys [2005-04-14 17:02]
        R3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 23:58]
        R3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-05 12:00]
        S2 FLEXlm License Manager;FLEXlm License Manager;C:\SEFlex\Program\lmgrd.exe [2007-09-05 14:34]
        S2 MSSQL$AUTODESKVAULT;SQL Server (AUTODESKVAULT);"C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sAUTODESKVAULT []
        S2 SolidWorks SolidNetWork License Manager;SolidWorks SolidNetWork License Manager;C:\FLEXLM\SolidWorks 2005 SolidNetWork License Manager\lmgrd.exe []
        S3 GoToAssist;GoToAssist;"C:\Program Files\Citrix\GoToAssist\480\g2aservice.exe" Start=service []
        S3 ZDCndis5;ZDCndis5 Protocol Driver;C:\WINDOWS\system32\ZDCndis5.SYS []

        .
        **************************************************************************

        catchme 0.3.1351 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
        Rootkit scan 2008-04-10 17:34:51
        Windows 5.1.2600 Service Pack 2 NTFS

        Balayage processus cachés ...

        Balayage caché autostart entries ...

        Balayage des fichiers cachés ...

        Scan terminé avec succès
        Les fichiers cachés: 0

        **************************************************************************
        .
        Temps d'accomplissement: 2008-04-10 17:38:25
        ComboFix-quarantined-files.txt 2008-04-10 15:38:18
        ComboFix2.txt 2008-04-10 14:21:14
        ComboFix3.txt 2008-04-10 09:44:50
        ComboFix4.txt 2008-04-09 17:40:27
        ComboFix5.txt 2008-04-09 16:28:34
        Pre-Run: 118,280,491,008 octets libres
        Post-Run: 118,270,570,496 octets libres
        .
        2008-04-10 10:11:18 --- E O F ---
        0
    2. p3d Messages postés 30 Statut Membre
       
      voila le rapport excuse moi j'ai été long mais le virus me deconnect mon anti virus m'a dit que jétais infecté par un trojan mais je n'arrive pas à le faire disparaitre.


      ComboFix 08-04-09.9 - PEIGNON 2008-04-10 17:31:28.6 - NTFSx86
      Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.1361 [GMT 2:00]
      Endroit: C:\Documents and Settings\PEIGNON\Bureau\Combo-Fix.exe
      * Création d'un nouveau point de restauration
      * Resident AV is active


      [color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!/b/color
      .
      TimedOut: progfile.dat

      ((((((((((((((((((((((((((((( Fichiers créés 2008-03-10 to 2008-04-10 ))))))))))))))))))))))))))))))))))))
      .

      2008-04-10 15:01 . 2008-04-10 15:01 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab
      2008-04-10 14:42 . 2008-04-10 14:42 <REP> d-------- C:\WINDOWS\LastGood
      2008-04-10 14:07 . 1996-08-20 20:37 15,840 --a------ C:\WINDOWS\system32\Machnm1.exe
      2008-04-10 14:07 . 2005-09-25 16:37 5,632 --a------ C:\WINDOWS\system32\Machnm64.sys
      2008-04-10 14:07 . 2008-04-10 14:07 3,120 --a------ C:\WINDOWS\system32\118290.54
      2008-04-10 14:07 . 2008-04-10 14:07 3,120 --a------ C:\WINDOWS\118294.78
      2008-04-10 14:07 . 2003-08-13 00:27 2,304 --a------ C:\WINDOWS\system32\Machnm32.sys
      2008-04-10 11:56 . 2008-04-10 12:03 <REP> d-------- C:\Documents and Settings\PEIGNON\Application Data\AVGTOOLBAR
      2008-04-10 11:55 . 2008-04-10 11:55 <REP> d-------- C:\Program Files\AVG
      2008-04-10 11:55 . 2008-04-10 12:14 <REP> d-------- C:\Documents and Settings\All Users\Application Data\avg8
      2008-04-10 11:32 . 2008-04-10 12:07 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
      2008-04-10 08:26 . 2008-04-10 08:26 <REP> d-------- C:\Documents and Settings\PEIGNON\Application Data\Bitdefender
      2008-04-10 08:25 . 2008-04-10 08:25 <REP> d-------- C:\Program Files\Softwin
      2008-04-10 08:25 . 2008-04-10 08:25 <REP> d-------- C:\Program Files\Fichiers communs\Softwin
      2008-04-10 08:25 . 2008-04-10 08:26 <REP> d-------- C:\Documents and Settings\All Users\Application Data\BitDefender
      2008-04-09 19:20 . 2008-04-09 19:20 <REP> d-------- C:\Program Files\Trend Micro
      2008-04-09 17:43 . 2008-04-10 10:21 <REP> d-------- C:\Muestras
      2008-04-09 14:52 . 2008-04-09 14:52 <REP> d-------- C:\Program Files\Sophos
      2008-04-08 17:58 . 2008-04-09 18:55 <REP> d-------- C:\WINDOWS\BDOSCAN8
      2008-04-08 13:55 . 2008-04-08 13:55 <REP> d-------- C:\WINDOWS\dell
      2008-04-08 12:23 . 2004-08-05 12:00 13,463,552 --a--c--- C:\WINDOWS\system32\dllcache\hwxjpn.dll
      2008-04-08 12:22 . 2004-08-05 12:00 1,677,824 --a--c--- C:\WINDOWS\system32\dllcache\chsbrkr.dll
      2008-04-08 12:21 . 2008-04-08 12:21 749 -rah----- C:\WINDOWS\WindowsShell.Manifest
      2008-04-08 12:21 . 2008-04-08 12:21 749 -rah----- C:\WINDOWS\system32\wuaucpl.cpl.manifest
      2008-04-08 12:21 . 2008-04-08 12:21 749 -rah----- C:\WINDOWS\system32\sapi.cpl.manifest
      2008-04-08 12:21 . 2008-04-08 12:21 749 -rah----- C:\WINDOWS\system32\nwc.cpl.manifest
      2008-04-08 12:21 . 2008-04-08 12:21 749 -rah----- C:\WINDOWS\system32\ncpa.cpl.manifest
      2008-04-08 12:21 . 2008-04-08 12:21 488 -rah----- C:\WINDOWS\system32\logonui.exe.manifest
      2008-04-08 12:19 . 2004-08-05 12:00 7,680 --a--c--- C:\WINDOWS\system32\dllcache\inetmgr.exe
      2008-04-08 11:14 . 2008-04-08 11:14 <REP> d-------- C:\Program Files\Wireless LAN Utility
      2008-04-08 11:06 . 2008-04-08 11:06 <REP> d-------- C:\Program Files\SiSWLAN
      2008-04-08 11:06 . 2005-11-02 10:53 215,552 --a------ C:\WINDOWS\system32\drivers\sis163u.sys
      2008-04-08 11:06 . 2005-08-04 17:28 49,152 --a------ C:\WINDOWS\system32\unWdWu.exe
      2008-04-08 11:06 . 2005-04-14 17:02 31,872 --a------ C:\WINDOWS\system32\drivers\sisnpf.sys
      2008-04-08 11:06 . 2008-04-08 11:06 0 --a------ C:\WINDOWS\system32\wunilog.ini
      2008-04-08 10:22 . 2008-04-08 10:22 6,656 --ahs---- C:\WINDOWS\system32\Thumbs.db
      2008-04-07 18:09 . 2008-04-10 08:34 <REP> d-------- C:\WINDOWS\system32\drivers\downld
      2008-04-04 10:20 . 2008-04-04 10:20 <REP> d-------- C:\Program Files\Dassault Systemes
      2008-04-04 10:17 . 2008-04-04 10:17 <REP> d-------- C:\Documents and Settings\PEIGNON\Application Data\DassaultSystemes
      2008-04-04 10:17 . 2008-04-04 10:20 <REP> d-------- C:\Documents and Settings\All Users\Application Data\DassaultSystemes
      2008-04-03 09:42 . 2008-04-03 09:42 <REP> d-------- C:\SEFlex
      2008-04-03 09:41 . 2008-04-03 09:41 <REP> d-------- C:\Program Files\Solid Edge Data Migration Component
      2008-04-03 09:40 . 2008-04-03 09:40 <REP> d-------- C:\Program Files\Rainbow Technologies
      2008-04-03 09:39 . 2008-04-03 09:39 <REP> d-------- C:\Program Files\Solid Edge Electrode Design V20
      2008-04-03 09:38 . 2008-04-03 09:38 <REP> d-------- C:\Program Files\Solid Edge Mold Tooling V20
      2008-04-03 09:29 . 2008-04-03 09:29 <REP> d-------- C:\Solid Edge Standard Parts
      2008-04-03 09:29 . 2008-04-03 09:29 <REP> d-------- C:\Documents and Settings\PEIGNON\Application Data\Unigraphics Solutions
      2008-04-03 09:26 . 2008-04-03 09:26 <REP> d-------- C:\SOApolicies
      2008-04-03 09:26 . 2008-04-03 09:26 <REP> d-------- C:\Program Files\Solid Edge Tc Administrator V20
      2008-04-03 09:26 . 2008-04-03 09:26 <REP> d-------- C:\Change This Folder
      2008-04-03 09:11 . 2008-04-03 09:19 <REP> d-------- C:\Program Files\Solid Edge V20
      2008-04-02 14:16 . 2008-04-08 11:36 76,974 --a------ C:\WINDOWS\setupapi.old
      2008-03-13 11:14 . 2008-03-13 11:15 <REP> d-------- C:\Program Files\AOEMView 2008

      .
      (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2008-04-10 15:32 81,984 ----a-w C:\WINDOWS\system32\bdod.bin
      2008-04-10 14:43 --------- d--h--w C:\Program Files\InstallShield Installation Information
      2008-04-10 10:29 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
      2008-04-08 12:59 --------- d-----w C:\Program Files\SetPoint
      2008-04-08 07:27 81,920 ----a-w C:\WINDOWS\system32\W32N50.dll
      2008-04-08 07:27 17,134 ----a-w C:\WINDOWS\system32\PCANDIS5.sys
      2008-03-26 13:00 262,360 ----a-w C:\Documents and Settings\PEIGNON\Application Data\GDIPFONTCACHEV1.DAT
      2008-03-13 09:20 --------- d-----w C:\Program Files\Fichiers communs\Autodesk Shared
      2008-03-13 09:14 --------- d-----w C:\Documents and Settings\All Users\Application Data\Autodesk
      2008-02-26 08:32 --------- d-----w C:\Program Files\Danfoss Socla 2007
      2008-02-26 08:24 --------- d-----w C:\Documents and Settings\PEIGNON\Application Data\cadenas
      2008-02-14 17:24 --------- d-----w C:\Program Files\TomTom HOME 2
      2008-02-14 17:24 --------- d-----w C:\Program Files\TomTom HOME
      2008-02-14 17:24 --------- d-----w C:\Documents and Settings\PEIGNON\Application Data\TomTom
      2008-02-14 16:50 --------- d-----w C:\Documents and Settings\All Users\Application Data\TomTom
      2008-02-13 08:53 --------- d-----w C:\Program Files\Dell
      2008-02-13 08:49 --------- d-----w C:\Documents and Settings\All Users\Application Data\Citrix
      2008-02-13 08:48 60,968 ----a-w C:\Documents and Settings\PEIGNON\GoToAssistDownloadHelper.exe
      2008-02-13 08:48 --------- d-----w C:\Program Files\Citrix
      2007-06-14 16:07 278,528 ----a-w C:\Program Files\Fichiers communs\FDEUnInstaller.exe
      2007-03-22 16:02 22,845,992 ----a-w C:\Program Files\AdbeRdr80_fr_FR.exe
      2004-02-11 03:00 80,014 ----a-w C:\WINDOWS\Fonts\unins000.exe
      2007-10-22 12:35 8 --sha-r C:\WINDOWS\system32\E833EEC6A8.sys
      2007-10-22 12:46 2,828 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
      .

      ((((((((((((((((((((((((((((( snapshot_2008-04-10_16.20.09.79 )))))))))))))))))))))))))))))))))))))))))
      .
      + 2008-04-10 15:34:30 53,248 ----a-w C:\WINDOWS\PSEXESVC.EXE
      .
      ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      REGEDIT4
      *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 12:00 15360]
      "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [ ]
      "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 18:24 1694208]
      "TomTomHOME.exe"="C:\Program Files\TomTom HOME 2\HOMERunner.exe" [2008-02-18 12:58 206184]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 02:11 132496]
      "Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2005-12-20 19:38 28160 C:\WINDOWS\KHALMNPR.Exe]
      "Logitech BT Wizard"="LBTWiz.exe" []
      "ISUSScheduler"="C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2004-07-27 18:50 81920]
      "ISUSPM Startup"="C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 18:50 221184]
      "IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2006-04-26 09:39 143360]
      "DVDLauncher"="C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" [2005-12-09 22:29 49152]
      "DLA"="C:\WINDOWS\System32\DLA\DLACTRLW.EXE" [2005-09-08 07:20 122940]
      "Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" [2005-06-23 21:33 57344]
      "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
      "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-03-17 15:16 7561216]
      "nwiz"="nwiz.exe" []
      "Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-08-24 08:50 1838592]
      "SigmatelSysTrayApp"="stsystra.exe" [2006-03-20 17:00 282624 C:\WINDOWS\stsystra.exe]
      "BDMCon"="C:\Program Files\Softwin\BitDefender10\bdmcon.exe" [2008-04-10 12:35 290816]
      "BDAgent"="C:\Program Files\Softwin\BitDefender10\bdagent.exe" [2007-03-26 15:49 69632]
      "OoPDFSettingsv6.exe"="C:\Program Files\OFFICE One6.5\OFFICE One PDF Manager\OoPDFSettingsv6.exe" [2003-11-20 11:38 460800]

      [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
      "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 12:00 15360]

      C:\Documents and Settings\PEIGNON\Menu D‚marrer\Programmes\D‚marrage\
      OFFICE One 6.5.lnk - C:\Program Files\OFFICE One6.5\program\quickstart.exe [2004-03-08 07:00:00 36864]

      C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
      BTTray.lnk - C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe [2006-06-12 19:29:50 622653]
      Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 10:01:04 83360]
      OFFICE One Clock v6.5.lnk - C:\Program Files\OFFICE One6.5\OFFICE One Clock\ooneclockv65.exe [2007-03-07 09:13:26 257536]
      OFFICE One Notes v6.5.lnk - C:\Program Files\OFFICE One6.5\OFFICE One Notes\oonotesv65.exe [2007-03-07 09:11:47 559104]
      Outil de mise … jour Google.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2007-04-26 14:12:41 125624]
      SetPoint.lnk - C:\Program Files\SetPoint\SetPoint.exe [2007-02-28 00:51:45 532480]
      SiWake.lnk - C:\Program Files\Wireless LAN Utility\SiWake.exe [2008-04-08 11:14:36 155648]

      [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist]
      C:\Program Files\Citrix\GoToAssist\480\G2AWinLogon.dll 2008-02-13 10:48 10792 C:\Program Files\Citrix\GoToAssist\480\g2awinlogon.dll

      [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
      c:\program files\fichiers communs\logitech\bluetooth\LBTWlgn.dll 2006-04-27 12:30 53248 c:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTWlgn.DLL

      [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
      "AppInit_DLLs"=sockspy.dll

      [HKEY_LOCAL_MACHINE\software\microsoft\security center]
      "AntiVirusOverride"=dword:00000001

      [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
      "EnableFirewall"= 0 (0x0)

      [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplicat­ions\List]
      "%windir%\\system32\\sessmgr.exe"=
      "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
      "C:\\Program Files\\cadenas\\partsolutions\\software\\lic\\x86\\cnslocal.exe"=
      "C:\\Program Files\\cadenas\\partsolutions\\software\\libs\\x86\\websrv.exe"=
      "C:\\Program Files\\Dassault Systemes\\B16\\intel_a\\code\\bin\\orbixd.exe"=
      "C:\\Program Files\\Dassault Systemes\\B16\\intel_a\\code\\bin\\CNEXT.exe"=

      [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\­List]
      "80:TCP"= 80:TCP:Defaut Web Port
      "443:TCP"= 443:TCP:https

      R1 LUMDriver;LUMDriver;C:\WINDOWS\system32\drivers\LUMDriver.sys [2003-07-11 14:22]
      R2 ASFIPmon;Broadcom ASF IP Monitor;"C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe" -service []
      R2 BBDemon;Backbone Service;"C:\Program Files\Dassault Systemes\B16\intel_a\code\bin\CATSysDemon.exe" -service []
      R2 SMTPSVC;Simple Mail Transfer Protocol (SMTP);C:\WINDOWS\system32\inetsrv\inetinfo.exe [2004-08-05 12:00]
      R2 SQLWriter;Enregistreur VSS SQL Server;"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe" [2007-02-10 06:29]
      R3 SIS163u;SiS163 USB Wireless LAN Adapter Driver;C:\WINDOWS\system32\DRIVERS\sis163u.sys [2005-11-02 10:53]
      R3 SISNPF;SIS Netgroup Packet Filter;C:\WINDOWS\system32\drivers\SISNPF.sys [2005-04-14 17:02]
      R3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 23:58]
      R3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-05 12:00]
      S2 FLEXlm License Manager;FLEXlm License Manager;C:\SEFlex\Program\lmgrd.exe [2007-09-05 14:34]
      S2 MSSQL$AUTODESKVAULT;SQL Server (AUTODESKVAULT);"C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sAUTODESKVAULT []
      S2 SolidWorks SolidNetWork License Manager;SolidWorks SolidNetWork License Manager;C:\FLEXLM\SolidWorks 2005 SolidNetWork License Manager\lmgrd.exe []
      S3 GoToAssist;GoToAssist;"C:\Program Files\Citrix\GoToAssist\480\g2aservice.exe" Start=service []
      S3 ZDCndis5;ZDCndis5 Protocol Driver;C:\WINDOWS\system32\ZDCndis5.SYS []

      .
      **************************************************************************

      catchme 0.3.1351 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
      Rootkit scan 2008-04-10 17:34:51
      Windows 5.1.2600 Service Pack 2 NTFS

      Balayage processus cachés ...

      Balayage caché autostart entries ...

      Balayage des fichiers cachés ...

      Scan terminé avec succès
      Les fichiers cachés: 0

      **************************************************************************
      .
      Temps d'accomplissement: 2008-04-10 17:38:25
      ComboFix-quarantined-files.txt 2008-04-10 15:38:18
      ComboFix2.txt 2008-04-10 14:21:14
      ComboFix3.txt 2008-04-10 09:44:50
      ComboFix4.txt 2008-04-09 17:40:27
      ComboFix5.txt 2008-04-09 16:28:34
      Pre-Run: 118,280,491,008 octets libres
      Post-Run: 118,270,570,496 octets libres
      .
      2008-04-10 10:11:18 --- E O F ---7 message(s) posté(s) depuis le jeudi 10 avril 2008
      0
  2. jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 041
     
    ----------

    * Téléchargez ELIBAGLA en bas de cette page http://www.zonavirus.com/datos/descargas/95/elibagla.asp
    * Clique sur le bouton Descargar Elibagla cela va télécharger le fichier, placez le sur votre bureau.
    * Double-cliquez dessus pour l'ouvrir
    * Assurez-vous que dans le menu déroulant Unidad, vous avez bien C:\
    * Vérifiquez aussi que l'option en bas de la fenêtre Eliminar Ficheros Automaticamente est bien cochée
    * Cliquez sur le bouton Explorar pour lancer l'analyse
    ------------

    colle le rapport d'un scan en ligne
    avec un des suivants:

    bitdefender en ligne :
    http://www.bitdefender.fr/scan_fr/scan8/ie.html

    secuser en ligne :
    http://www.secuser.com/outils/antivirus.htm

    scan en ligne firefox

    https://www.trendmicro.com/fr_fr/business.html
    0
    1. p3d Messages postés 30 Statut Membre
       
      j'ai effectué le scan de elibagla rien a dire là je suis en train de faire un scan on line bitdefenders je te ferai passé le rapport
      0
      1. pascalaur Messages postés 3604 Statut Membre 65 > p3d Messages postés 30 Statut Membre
         
        fait un truc avec bite defender vas dans la section antivirus de bitedefender et clic sur personnalise et premiere action "desinfecte le fichier et la deuxieme refuser l'acces et continuer pour la deuxieme pareil
        0
  3. jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 041
     
    je comprends mieux
    si tu te fais aider sur plusieurs post...

    je ferme
    0
    1. ^^Marie^^ Messages postés 41884 Date d'inscription   Statut Membre Dernière intervention   3 280
       
      Je lui ai conseillé de rester ici
      Je ferme les autres
      ;;))
      0
    2. p3d Messages postés 30 Statut Membre
       
      mais non c'est la premiere fois que je viens sur un forum je ne sais pas comment cela se passait c'est que j'ai toujours le meme probleme et personne n'arrive a me dire ce que je dois faire.
      si tu as une solution c'est urgent merci
      0
    3. p3d Messages postés 30 Statut Membre
       
      ok je ne bouge plus
      0
    4. p3d Messages postés 30 Statut Membre
       
      jlpjlp

      salut peux tu m'aider je ne bouge plus de ce post
      0
  4. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  5. p3d Messages postés 30 Statut Membre
     
    il me faut vraiment quelqu'un meme bitdefender ne s'ouvre en mode sans echec
    0
  6. jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 041
     
    ok

    recolle un rapport hijackhtis et re explique tes soucis
    0