Virus Trojan Swizzor Résolu

Question

Bonjour,

La dernière analyse de mon ordi faite par BitDefender m'indique que j'ai un virus nommé "Trojan swizzor". Seulement il m'est impossible de m'en débarasser et depuis cette dernière analyse BitDefender ne démarre plus dès que j'allume le PC et tout fonctionne très lentement ! 

J'espère que vous pourrez m'aider à trouver une solution,

Voici ce que HijackThis m'affiche :

Logfile of HijackThis v1.99.1
Scan saved at 17:50:25, on 04/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\MMTrayLSI.exe
C:\WINDOWS\system32\MMTray2k.exe
C:\WINDOWS\system32\MMTray.exe
C:\Program Files\Softwin\BitDefender10\bdmcon.exe
C:\Program Files\Softwin\BitDefender10\bdagent.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\AUhEYb40.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\DOCUME~1\Elodie\LOCALS~1\Temp\Répertoire temporaire 1 pour hijackthis_199.zip\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.neuf.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://actus.sfr.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://actus.sfr.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://actus.sfr.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://actus.sfr.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [MMTrayLSI] MMTrayLSI.exe
O4 - HKLM\..\Run: [MMTray2K] MMTray2k.exe
O4 - HKLM\..\Run: [MMTray] MMTray.exe
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
O4 - HKLM\..\Run: [face bin load show] C:\Documents and Settings\All Users\Application Data	itle tool face bin\Mail Kind.exe
O4 - Global Startup: BitDefender Free Edition v10.lnk = C:\Program Files\Softwin\BitDefender10\bdmcon.exe
O8 - Extra context menu item: &Search - http://ko.bar.need2find.com/KO/menusearch.html?p=KO
O9 - Extra button: @C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll,-115 - {BB8A8834-A0A1-4d70-A21A-72FF89AA737A} - (no file)
O9 - Extra 'Tools' menuitem: ImageShack Toolbar - {BB8A8834-A0A1-4d70-A21A-72FF89AA737A} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://toolbar.imageshack.us
O16 - DPF: Tinypic Publisher - http://tinypic.com/images/goodbye.jpg
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - 
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} - 
O16 - DPF: {317153FE-B7FB-419B-AC87-0B2EC97D7A04} (VB2S ActiveX Control) - http://www.subdo.com/activex/vb2s.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Filter: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - (no file)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender10\vsserv.exe" /service (file missing)
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)

Merci !

evasion60/PCA · Answer

Bonjour, et bienvenue sur CCM

...Je regarde / réponse dans un moment 

Edite, deux infections visibles 
Merci de télécharger la dernière version d'HijackThis V:2.0.0.2
Supprime ta version obsolète
Vide ta corbeille 

Ensuite :
-1- Télécharge Toolbar-S&D d'Eric71, AngelDark, Sham_Rock et XmichouX sur ton Bureau,
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2

Double-clique sur Toolbar-S&D afin de lancer l'installation, un raccourci sera ajouté sur le Bureau. 
Double-clique dessus pour démarrer l'outil; choisis la langue.
Sous Vista, faire un clic droit et "Exécuter en tant qu'administrateur" (Elévation des privilèges), puis -> Continuer.
Tape 1 puis sur la touche [Entrée] afin de lancer la recherche.
Patiente jusqu'à la fin de la recherche.
À la fin du scan, le rapport s'ouvrira dans le Bloc-notes.
Poste ce rapport, par copier/coller, dans ta prochaine réponse. 

Le rapport se trouve également sous : C:\TB.txt
Aide en image : https://sites.google.com/site/toolbarsd/aideenimages

-2- Télécharge lopS&D d'Eric71 et AngelDark,
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2

Double-clique sur le fichier téléchargé pour installer le logiciel.
Double-clique sur le racourci créé pour lancer le programme,
Choisis la langue,
Sélectionne l'option 1. L'outil scanne plusieurs dossiers sensibles. Cela peut durer quelques minutes. Laisse l'analyse se dérouler.
Le bloc-note va s'ouvrir. Poste son contenu dans ta prochaine réponse.


Reviens donc dans ta prochaine réponse avec les deux rapports : TB-S&D // Lop-S&D
Bonne réception, et à te lire

elodie · Answer

Merci pour la rapidité de vos réponses !

Voici tout d'abord le rapport TB-S&D :

-----------\\ ToolBar S&D 1.2.1 XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : Processeur Intel Pentium III )
BIOS : Award Modular BIOS v6.00PG
USER : Elodie ( Administrator )
BOOT : Normal boot
Antivirus : Bitdefender Antivirus 8.0 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total : 18 Go Free : 9 Go
D:\ (CD or DVD)
E:\ (CD or DVD)

"C:\ToolBar SD" ( MAJ : 24-09-2008|21:50 )
Option : [1] ( 04/10/2008|18:35 )

-----------\\ Recherche de Fichiers / Dossiers ...

C:\Program Files\FunWebProducts
C:\DOCUME~1\Elodie\Cookies\elodie@hotbar[1].txt
C:\DOCUME~1\Elodie\Cookies\elodie@www.hotbar[1].txt
C:\Program Files\Need2Find
C:\Program Files\Need2Find\bar
C:\Program Files\VVSN
C:\Program Files\VVSN\vvsn.cfg
C:\DOCUME~1\Elodie\Cookies\elodie@www.zango[1].txt
C:\WINDOWS\iun6002.exe
C:\WINDOWS\smdat32a.sys
C:\WINDOWS\smdat32m.sys
C:\WINDOWS\FONTS\acrsec.fon
C:\WINDOWS\FONTS\acrsecB.fon
C:\WINDOWS\FONTS\acrsecI.fon

-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="https://www.google.fr/?gws_rd=ssl"
"Search Page"="https://actus.sfr.fr"
"Default_Page_URL"="http://home.neuf.fr"
"Search Bar"="https://actus.sfr.fr"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Default_Search_URL"="https://actus.sfr.fr"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home"
"Search Bar"="https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm"

--------------------\\ Recherche d'autres infections

C:\Program Files\Instant Access
C:\Program Files\Instant Access\Center
C:\Program Files\Instant Access\Dialer
[b]==> EGDACCESS <==/b

C:\WINDOWS\Tasks\At1.job
C:\WINDOWS\Tasks\At10.job
C:\WINDOWS\Tasks\At11.job
C:\WINDOWS\Tasks\At12.job
C:\WINDOWS\Tasks\At13.job
C:\WINDOWS\Tasks\At14.job
C:\WINDOWS\Tasks\At15.job
C:\WINDOWS\Tasks\At16.job
C:\WINDOWS\Tasks\At17.job
C:\WINDOWS\Tasks\At18.job
C:\WINDOWS\Tasks\At19.job
C:\WINDOWS\Tasks\At2.job
C:\WINDOWS\Tasks\At20.job
C:\WINDOWS\Tasks\At21.job
C:\WINDOWS\Tasks\At22.job
C:\WINDOWS\Tasks\At23.job
C:\WINDOWS\Tasks\At24.job
C:\WINDOWS\Tasks\At25.job
C:\WINDOWS\Tasks\At26.job
C:\WINDOWS\Tasks\At27.job
C:\WINDOWS\Tasks\At28.job
C:\WINDOWS\Tasks\At29.job
C:\WINDOWS\Tasks\At3.job
C:\WINDOWS\Tasks\At30.job
C:\WINDOWS\Tasks\At31.job
C:\WINDOWS\Tasks\At32.job
C:\WINDOWS\Tasks\At33.job
C:\WINDOWS\Tasks\At34.job
C:\WINDOWS\Tasks\At35.job
C:\WINDOWS\Tasks\At36.job
C:\WINDOWS\Tasks\At37.job
C:\WINDOWS\Tasks\At38.job
C:\WINDOWS\Tasks\At39.job
C:\WINDOWS\Tasks\At4.job
C:\WINDOWS\Tasks\At40.job
C:\WINDOWS\Tasks\At41.job
C:\WINDOWS\Tasks\At42.job
C:\WINDOWS\Tasks\At43.job
C:\WINDOWS\Tasks\At44.job
C:\WINDOWS\Tasks\At45.job
C:\WINDOWS\Tasks\At46.job
C:\WINDOWS\Tasks\At47.job
C:\WINDOWS\Tasks\At48.job
C:\WINDOWS\Tasks\At49.job
C:\WINDOWS\Tasks\At5.job
C:\WINDOWS\Tasks\At50.job
C:\WINDOWS\Tasks\At51.job
C:\WINDOWS\Tasks\At52.job
C:\WINDOWS\Tasks\At53.job
C:\WINDOWS\Tasks\At54.job
C:\WINDOWS\Tasks\At55.job
C:\WINDOWS\Tasks\At56.job
C:\WINDOWS\Tasks\At57.job
C:\WINDOWS\Tasks\At58.job
C:\WINDOWS\Tasks\At59.job
C:\WINDOWS\Tasks\At6.job
C:\WINDOWS\Tasks\At60.job
C:\WINDOWS\Tasks\At61.job
C:\WINDOWS\Tasks\At62.job
C:\WINDOWS\Tasks\At63.job
C:\WINDOWS\Tasks\At64.job
C:\WINDOWS\Tasks\At65.job
C:\WINDOWS\Tasks\At66.job
C:\WINDOWS\Tasks\At67.job
C:\WINDOWS\Tasks\At68.job
C:\WINDOWS\Tasks\At69.job
C:\WINDOWS\Tasks\At7.job
C:\WINDOWS\Tasks\At70.job
C:\WINDOWS\Tasks\At71.job
C:\WINDOWS\Tasks\At72.job
C:\WINDOWS\Tasks\At8.job
C:\WINDOWS\Tasks\At9.job

--------------------\\ ROGUES ..

C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinAntiVirus Pro 2006

1 - "C:\ToolBar SD\TB_1.txt" - 04/10/2008|18:39 - Option : [1]

-----------\\ Fin du rapport a 18:39:47,70

Et voici le rapport de Lop-S&D :

--------------------\\ Lop S&D 4.2.4-5 XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : Processeur Intel Pentium III )
BIOS : Award Modular BIOS v6.00PG
USER : Elodie ( Administrator )
BOOT : Normal boot
Antivirus : Bitdefender Antivirus 8.0 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total : 18 Go Free : 9 Go
D:\ (CD or DVD)
E:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 02-10-2008|23:42 )
Option : [1] ( 04/10/2008|18:44 )

--------------------\\ Listing des dossiers dans APPLIC~1

[24/09/2008|13:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[02/02/2006|16:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems
[13/12/2007|16:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BitDefender
[27/03/2006|18:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY
[15/12/2006|09:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CA
[26/01/2006|15:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[07/07/2007|10:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LightScribe
[12/06/2006|19:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macrovision
[11/08/2008|18:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[13/12/2007|16:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[25/12/2005|11:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Newsoft
[04/10/2008|13:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NOS
[01/07/2006|09:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\River Past G4
[04/07/2008|13:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Corporation
[27/09/2008|14:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\title tool face bin
[27/03/2006|15:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinAntiVirus Pro 2006
[01/07/2006|10:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[03/12/2007|23:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WindowsLiveInstaller
[01/12/2007|17:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[28/02/2008|19:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion

[22/12/2005|16:48] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[24/09/2008|13:34] C:\DOCUME~1\Elodie\APPLIC~1\Adobe
[29/03/2006|13:01] C:\DOCUME~1\Elodie\APPLIC~1\AdobeUM
[22/01/2008|22:36] C:\DOCUME~1\Elodie\APPLIC~1\Ahead
[30/05/2006|17:56] C:\DOCUME~1\Elodie\APPLIC~1\ArcSoft
[05/06/2006|10:22] C:\DOCUME~1\Elodie\APPLIC~1\AVS Video Converter
[13/12/2007|16:33] C:\DOCUME~1\Elodie\APPLIC~1\Bitdefender
[28/02/2008|11:15] C:\DOCUME~1\Elodie\APPLIC~1\BitDownload
[26/06/2007|14:30] C:\DOCUME~1\Elodie\APPLIC~1\CVitae
[05/03/2006|11:00] C:\DOCUME~1\Elodie\APPLIC~1\DMCache
[18/07/2007|11:18] C:\DOCUME~1\Elodie\APPLIC~1\dvdcss
[14/09/2008|00:13] C:\DOCUME~1\Elodie\APPLIC~1\gtk-2.0
[04/05/2006|13:41] C:\DOCUME~1\Elodie\APPLIC~1\Help
[30/05/2006|14:00] C:\DOCUME~1\Elodie\APPLIC~1\Identities
[26/12/2005|16:25] C:\DOCUME~1\Elodie\APPLIC~1\Inkscape
[13/12/2007|16:09] C:\DOCUME~1\Elodie\APPLIC~1\Lavasoft
[25/09/2008|15:41] C:\DOCUME~1\Elodie\APPLIC~1\Leadertech
[12/01/2008|12:41] C:\DOCUME~1\Elodie\APPLIC~1\Macromedia
[10/02/2008|12:53] C:\DOCUME~1\Elodie\APPLIC~1\Microsoft
[03/02/2008|10:58] C:\DOCUME~1\Elodie\APPLIC~1\Mozilla
[22/01/2008|18:50] C:\DOCUME~1\Elodie\APPLIC~1\Nero
[03/02/2008|10:58] C:\DOCUME~1\Elodie\APPLIC~1\Netscape
[29/12/2005|19:34] C:\DOCUME~1\Elodie\APPLIC~1\Nvu
[03/12/2007|23:37] C:\DOCUME~1\Elodie\APPLIC~1\OpenOffice.org2
[02/02/2006|17:12] C:\DOCUME~1\Elodie\APPLIC~1\Opera
[03/02/2008|10:53] C:\DOCUME~1\Elodie\APPLIC~1\Photodex
[13/06/2007|20:17] C:\DOCUME~1\Elodie\APPLIC~1\Real
[05/06/2006|10:18] C:\DOCUME~1\Elodie\APPLIC~1\River Past G4
[03/04/2007|18:02] C:\DOCUME~1\Elodie\APPLIC~1\Screenshot Sender
[04/07/2008|14:12] C:\DOCUME~1\Elodie\APPLIC~1\Sony Corporation
[24/09/2008|14:04] C:\DOCUME~1\Elodie\APPLIC~1\Sony Ericsson
[26/10/2007|21:56] C:\DOCUME~1\Elodie\APPLIC~1\Sun
[24/09/2008|14:09] C:\DOCUME~1\Elodie\APPLIC~1\Teleca
[15/06/2007|19:06] C:\DOCUME~1\Elodie\APPLIC~1\vlc
[29/02/2008|14:11] C:\DOCUME~1\Elodie\APPLIC~1\Vso
[17/07/2008|10:31] C:\DOCUME~1\Elodie\APPLIC~1\ZoomBrowser EX

[22/12/2005|16:58] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[18/07/2008|20:02] C:\DOCUME~1\NETWOR~1\APPLIC~1\Macromedia
[19/07/2008|11:31] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[27/09/2008 23:00][--a------] C:\WINDOWS\tasks\At72.job
[29/09/2008 22:00][--a------] C:\WINDOWS\tasks\At71.job
[01/10/2008 21:00][--a------] C:\WINDOWS\tasks\At70.job
[03/10/2008 20:00][--a------] C:\WINDOWS\tasks\At69.job
[03/10/2008 19:00][--a------] C:\WINDOWS\tasks\At68.job
[04/10/2008 18:00][--a------] C:\WINDOWS\tasks\At67.job
[04/10/2008 17:00][--a------] C:\WINDOWS\tasks\At66.job
[04/10/2008 16:00][--a------] C:\WINDOWS\tasks\At65.job
[04/10/2008 15:00][--a------] C:\WINDOWS\tasks\At64.job
[04/10/2008 14:01][--a------] C:\WINDOWS\tasks\At63.job
[04/10/2008 13:00][--a------] C:\WINDOWS\tasks\At62.job
[04/10/2008 12:01][--a------] C:\WINDOWS\tasks\At61.job
[28/09/2008 11:01][--a------] C:\WINDOWS\tasks\At60.job
[04/10/2008 10:00][--a------] C:\WINDOWS\tasks\At59.job
[20/09/2008 09:58][--a------] C:\WINDOWS\tasks\At58.job
[25/09/2008 08:00][--a------] C:\WINDOWS\tasks\At57.job
[20/09/2008 09:58][--a------] C:\WINDOWS\tasks\At56.job
[20/09/2008 09:58][--a------] C:\WINDOWS\tasks\At55.job
[20/09/2008 09:58][--a------] C:\WINDOWS\tasks\At54.job
[20/09/2008 09:58][--a------] C:\WINDOWS\tasks\At53.job
[20/09/2008 09:58][--a------] C:\WINDOWS\tasks\At52.job
[20/09/2008 09:58][--a------] C:\WINDOWS\tasks\At51.job
[20/09/2008 09:58][--a------] C:\WINDOWS\tasks\At50.job
[20/09/2008 09:58][--a------] C:\WINDOWS\tasks\At49.job
[27/09/2008 23:00][--a------] C:\WINDOWS\tasks\At48.job
[29/09/2008 22:00][--a------] C:\WINDOWS\tasks\At47.job
[01/10/2008 21:00][--a------] C:\WINDOWS\tasks\At46.job
[03/10/2008 20:00][--a------] C:\WINDOWS\tasks\At45.job
[03/10/2008 19:00][--a------] C:\WINDOWS\tasks\At44.job
[04/10/2008 18:00][--a------] C:\WINDOWS\tasks\At43.job
[04/10/2008 17:00][--a------] C:\WINDOWS\tasks\At42.job
[04/10/2008 16:00][--a------] C:\WINDOWS\tasks\At41.job
[04/10/2008 15:00][--a------] C:\WINDOWS\tasks\At40.job
[04/10/2008 14:00][--a------] C:\WINDOWS\tasks\At39.job
[04/10/2008 13:00][--a------] C:\WINDOWS\tasks\At38.job
[04/10/2008 12:00][--a------] C:\WINDOWS\tasks\At37.job
[28/09/2008 11:00][--a------] C:\WINDOWS\tasks\At36.job
[04/10/2008 10:00][--a------] C:\WINDOWS\tasks\At35.job
[23/08/2008 09:00][--a------] C:\WINDOWS\tasks\At34.job
[25/09/2008 08:00][--a------] C:\WINDOWS\tasks\At33.job
[18/07/2008 11:34][--a------] C:\WINDOWS\tasks\At32.job
[18/07/2008 11:34][--a------] C:\WINDOWS\tasks\At31.job
[18/07/2008 11:34][--a------] C:\WINDOWS\tasks\At30.job
[18/07/2008 11:34][--a------] C:\WINDOWS\tasks\At29.job
[18/07/2008 11:34][--a------] C:\WINDOWS\tasks\At28.job
[14/08/2008 02:00][--a------] C:\WINDOWS\tasks\At27.job
[19/08/2008 01:00][--a------] C:\WINDOWS\tasks\At26.job
[08/09/2008 00:43][--a------] C:\WINDOWS\tasks\At25.job
[27/09/2008 23:00][--a------] C:\WINDOWS\tasks\At24.job
[29/09/2008 22:00][--a------] C:\WINDOWS\tasks\At23.job
[01/10/2008 21:00][--a------] C:\WINDOWS\tasks\At22.job
[03/10/2008 20:00][--a------] C:\WINDOWS\tasks\At21.job
[03/10/2008 19:00][--a------] C:\WINDOWS\tasks\At20.job
[04/10/2008 18:00][--a------] C:\WINDOWS\tasks\At19.job
[04/10/2008 17:00][--a------] C:\WINDOWS\tasks\At18.job
[04/10/2008 16:00][--a------] C:\WINDOWS\tasks\At17.job
[04/10/2008 15:00][--a------] C:\WINDOWS\tasks\At16.job
[04/10/2008 14:00][--a------] C:\WINDOWS\tasks\At15.job
[04/10/2008 13:00][--a------] C:\WINDOWS\tasks\At14.job
[04/10/2008 12:00][--a------] C:\WINDOWS\tasks\At13.job
[28/09/2008 11:00][--a------] C:\WINDOWS\tasks\At12.job
[04/10/2008 10:00][--a------] C:\WINDOWS\tasks\At11.job
[23/08/2008 09:00][--a------] C:\WINDOWS\tasks\At10.job
[25/09/2008 08:00][--a------] C:\WINDOWS\tasks\At9.job
[18/07/2008 11:20][--a------] C:\WINDOWS\tasks\At8.job
[18/07/2008 11:20][--a------] C:\WINDOWS\tasks\At7.job
[18/07/2008 11:20][--a------] C:\WINDOWS\tasks\At6.job
[18/07/2008 11:20][--a------] C:\WINDOWS\tasks\At5.job
[18/07/2008 11:20][--a------] C:\WINDOWS\tasks\At4.job
[14/08/2008 02:00][--a------] C:\WINDOWS\tasks\At3.job
[19/08/2008 01:00][--a------] C:\WINDOWS\tasks\At2.job
[19/08/2008 00:47][--a------] C:\WINDOWS\tasks\At1.job
[04/10/2008 16:20][--ah-----] C:\WINDOWS\tasks\SA.DAT
[28/09/2001 19:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[16/05/2008|10:11] C:\Program Files\AbiSuite2
[01/08/2002|18:44] C:\Program Files\Accessoires
[09/01/2005|17:36] C:\Program Files\ACE Mega CoDecS Pack
[31/01/2006|15:10] C:\Program Files\Adesign
[27/09/2008|10:18] C:\Program Files\Adobe
[23/09/2007|14:56] C:\Program Files\Alwil Software
[04/10/2008|13:42] C:\Program Files\a-squared Free
[28/02/2008|11:27] C:\Program Files\BitDownload
[09/05/2008|21:44] C:\Program Files\BitTorrent Fastest Tool
[01/05/2004|13:00] C:\Program Files\BSPLAYER
[06/08/2006|22:17] C:\Program Files\CCleaner
[20/08/2007|13:39] C:\Program Files\CVitae
[30/11/2003|15:51] C:\Program Files\directx
[04/10/2008|11:44] C:\Program Files\eMule
[13/12/2007|16:57] C:\Program Files\EnergyPlugIn
[02/07/2006|13:55] C:\Program Files\eZ
[04/10/2008|16:50] C:\Program Files\Fichiers communs
[24/08/2008|17:39] C:\Program Files\Foreignword
[22/02/2008|16:06] C:\Program Files\FunWebProducts
[20/04/2008|15:39] C:\Program Files\GIMP-2.0
[06/07/2007|19:25] C:\Program Files\Google
[15/02/2008|18:33] C:\Program Files\ImTOO
[29/01/2005|15:22] C:\Program Files\Infogrames
[04/09/2008|22:20] C:\Program Files\InstallShield Installation Information
[19/08/2005|15:04] C:\Program Files\Instant Access
[14/08/2008|11:32] C:\Program Files\Internet Explorer
[19/06/2008|13:49] C:\Program Files\Java
[14/08/2008|11:48] C:\Program Files\Messenger
[29/07/2008|19:21] C:\Program Files\Messenger Plus! Live
[22/12/2005|16:49] C:\Program Files\microsoft frontpage
[10/02/2008|16:56] C:\Program Files\Movie Maker
[04/10/2008|18:25] C:\Program Files\Mozilla Firefox
[27/09/2008|10:25] C:\Program Files\Mozilla Firefox 3 Beta 1
[17/09/2005|19:36] C:\Program Files\MSN Apps
[22/12/2005|16:39] C:\Program Files\MSN Gaming Zone
[04/07/2007|09:48] C:\Program Files\MSN Messenger
[17/09/2005|19:26] C:\Program Files\MSN Toolbar
[26/01/2006|19:49] C:\Program Files\Need2Find
[07/07/2007|10:09] C:\Program Files\Nero
[22/12/2005|16:43] C:\Program Files\NetMeeting
[22/08/2007|17:14] C:\Program Files\Neuf
[25/01/2006|14:21] C:\Program Files\neuf telecom
[04/10/2008|13:39] C:\Program Files\NOS
[03/12/2007|23:49] C:\Program Files\OpenOffice.org 2.3
[14/06/2007|10:24] C:\Program Files\Outlook Express
[02/07/2006|14:51] C:\Program Files\PhotoFiltre
[01/08/2002|18:44] C:\Program Files\PLUS!
[02/08/2002|17:14] C:\Program Files\Publication Web
[17/09/2005|19:27] C:\Program Files\QMgr
[03/06/2007|14:53] C:\Program Files\Real
[14/02/2007|18:34] C:\Program Files\SAGEM
[22/12/2005|16:44] C:\Program Files\Services en ligne
[13/12/2007|13:13] C:\Program Files\Softwin
[18/08/2008|15:00] C:\Program Files\Sony
[04/07/2008|13:52] C:\Program Files\Sony Corporation
[09/01/2005|17:23] C:\Program Files\Symantec
[22/04/2006|09:32] C:\Program Files\TBONBin
[09/05/2008|21:44] C:\Program Files\torrent_search
[04/10/2008|18:32] C:\Program Files\Trend Micro
[01/08/2002|19:05] C:\Program Files\Uninstall Information
[16/05/2008|10:22] C:\Program Files\URUSoft
[15/06/2007|17:09] C:\Program Files\VideoLAN
[29/02/2008|14:12] C:\Program Files\vso
[21/06/2005|15:50] C:\Program Files\VVSN
[28/09/2008|13:12] C:\Program Files\Webteh
[03/12/2007|23:42] C:\Program Files\Windows Live
[13/06/2007|20:27] C:\Program Files\Windows Media Connect 2
[13/06/2007|20:37] C:\Program Files\Windows Media Player
[30/01/2006|17:01] C:\Program Files\Windows NT
[22/12/2005|16:44] C:\Program Files\WindowsUpdate
[01/03/2008|09:59] C:\Program Files\WinRAR
[22/12/2005|16:49] C:\Program Files\xerox
[22/12/2005|18:56] C:\Program Files\XviD

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[19/08/2003|16:13] C:\Program Files\Fichiers communs\Adaptec Shared
[20/07/2006|11:10] C:\Program Files\Fichiers communs\Adobe
[02/02/2006|16:23] C:\Program Files\Fichiers communs\Adobe Systems Shared
[19/08/2008|16:21] C:\Program Files\Fichiers communs\Ahead
[13/04/2003|11:52] C:\Program Files\Fichiers communs\aolshare
[04/06/2006|10:32] C:\Program Files\Fichiers communs\AVSMedia
[17/07/2008|10:09] C:\Program Files\Fichiers communs\Canon
[07/07/2006|16:03] C:\Program Files\Fichiers communs\GTK
[26/01/2006|15:48] C:\Program Files\Fichiers communs\InstallShield
[07/07/2007|10:24] C:\Program Files\Fichiers communs\LightScribe
[12/06/2006|19:04] C:\Program Files\Fichiers communs\Macrovision Shared
[02/02/2008|17:47] C:\Program Files\Fichiers communs\MAGIX Shared
[04/10/2008|16:33] C:\Program Files\Fichiers communs\Microsoft Shared
[22/12/2005|16:43] C:\Program Files\Fichiers communs\MSSoap
[22/12/2005|17:25] C:\Program Files\Fichiers communs\ODBC
[13/06/2007|20:18] C:\Program Files\Fichiers communs\Real
[01/08/2002|18:49] C:\Program Files\Fichiers communs\SERVICES
[13/12/2007|16:11] C:\Program Files\Fichiers communs\Softwin
[04/07/2008|13:56] C:\Program Files\Fichiers communs\Sony Shared
[22/12/2005|17:24] C:\Program Files\Fichiers communs\SpeechEngines
[02/08/2002|16:56] C:\Program Files\Fichiers communs\Symantec Shared
[14/06/2007|10:24] C:\Program Files\Fichiers communs\SYSTEM
[04/10/2008|16:50] C:\Program Files\Fichiers communs\Teleca Shared
[01/12/2007|18:12] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[06/08/2006|23:02] C:\Program Files\Fichiers communs\WinSoftware

--------------------\\ Process

( 30 Processes )

iexplore.exe ~ [PID:7568]

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\DOCUME~1\ALLUSE~1\APPLIC~1\title tool face bin
C:\DOCUME~1\Elodie\APPLIC~1\BitDownload
C:\DOCUME~1\Elodie\APPLIC~1\BitDownload\Data
C:\Program Files\BitDownload
C:\Program Files\BitDownload\BitDownload.TRC
C:\Program Files\BitDownload\ZM
C:\Program Files\BitTorrent Fastest Tool
C:\Program Files\BitTorrent Fastest Tool\BitP.exe
C:\Program Files\BitTorrent Fastest Tool\INSTALL.LOG

--------------------\\ Verification du Registre

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"face bin load show"="C:\\Documents and Settings\\All Users\\Application Data\\title tool face bin\\Mail Kind.exe"

--------------------\\ Verification du fichier Hosts

Fichier Hosts MODIFIE

127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
127.0.0.1 download.cdn.errorsafe.com ## added by CiD
127.0.0.1 download.cdn.winsoftware.com ## added by CiD
127.0.0.1 download.errorsafe.com ## added by CiD
127.0.0.1 download.systemdoctor.com ## added by CiD
127.0.0.1 download.winantispyware.com ## added by CiD
127.0.0.1 download.windrivecleaner.com ## added by CiD
127.0.0.1 download.winfixer.com ## added by CiD
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go.winantivirus.com ## added by CiD
127.0.0.1 hk.winantivirus.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winantivirus.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb.winantivirus.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure.winantivirus.com ## added by CiD
127.0.0.1 support.winantivirus.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 ulog.winantivirus.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winantivirus.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winantivirus.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 [i]ww/iw.drivecleaner.com ## added by CiD
127.0.0.1 [i]ww/iw.errorprotector.com ## added by CiD
127.0.0.1 [i]ww/iw.errorsafe.com ## added by CiD
127.0.0.1 [i]ww/iw.systemdoctor.com ## added by CiD
127.0.0.1 [i]ww/iw.utils.winfixer.com ## added by CiD
127.0.0.1 [i]ww/iw.win-anti-virus-pro.com ## added by CiD
127.0.0.1 [i]ww/iw.win-virus-pro.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispam.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispy.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispyware.com ## added by CiD
127.0.0.1 [i]ww/iw.winantivirus.com ## added by CiD
127.0.0.1 [i]ww/iw.winantiviruspro.com ## added by CiD
127.0.0.1 [i]ww/iw.windrivecleaner.com ## added by CiD
127.0.0.1 [i]ww/iw.windrivesafe.com ## added by CiD
127.0.0.1 [i]ww/iw.winfixer.com ## added by CiD
127.0.0.1 [i]ww/iw.winfixer2006.com ## added by CiD
127.0.0.1 [i]ww/iw.winsoftware.com ## added by CiD

-> 72 [ 70 ## added by CiD ]

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-04 18:48:05
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 85

--------------------\\ Recherche d'autres infections

C:\Program Files\Instant Access
C:\Program Files\Instant Access\Center
C:\Program Files\Instant Access\Dialer
[b]==> EGDACCESS <==/b

C:\WINDOWS\Tasks\At1.job
C:\WINDOWS\Tasks\At10.job
C:\WINDOWS\Tasks\At11.job
C:\WINDOWS\Tasks\At12.job
C:\WINDOWS\Tasks\At13.job
C:\WINDOWS\Tasks\At14.job
C:\WINDOWS\Tasks\At15.job
C:\WINDOWS\Tasks\At16.job
C:\WINDOWS\Tasks\At17.job
C:\WINDOWS\Tasks\At18.job
C:\WINDOWS\Tasks\At19.job
C:\WINDOWS\Tasks\At2.job
C:\WINDOWS\Tasks\At20.job
C:\WINDOWS\Tasks\At21.job
C:\WINDOWS\Tasks\At22.job
C:\WINDOWS\Tasks\At23.job
C:\WINDOWS\Tasks\At24.job
C:\WINDOWS\Tasks\At25.job
C:\WINDOWS\Tasks\At26.job
C:\WINDOWS\Tasks\At27.job
C:\WINDOWS\Tasks\At28.job
C:\WINDOWS\Tasks\At29.job
C:\WINDOWS\Tasks\At3.job
C:\WINDOWS\Tasks\At30.job
C:\WINDOWS\Tasks\At31.job
C:\WINDOWS\Tasks\At32.job
C:\WINDOWS\Tasks\At33.job
C:\WINDOWS\Tasks\At34.job
C:\WINDOWS\Tasks\At35.job
C:\WINDOWS\Tasks\At36.job
C:\WINDOWS\Tasks\At37.job
C:\WINDOWS\Tasks\At38.job
C:\WINDOWS\Tasks\At39.job
C:\WINDOWS\Tasks\At4.job
C:\WINDOWS\Tasks\At40.job
C:\WINDOWS\Tasks\At41.job
C:\WINDOWS\Tasks\At42.job
C:\WINDOWS\Tasks\At43.job
C:\WINDOWS\Tasks\At44.job
C:\WINDOWS\Tasks\At45.job
C:\WINDOWS\Tasks\At46.job
C:\WINDOWS\Tasks\At47.job
C:\WINDOWS\Tasks\At48.job
C:\WINDOWS\Tasks\At49.job
C:\WINDOWS\Tasks\At5.job
C:\WINDOWS\Tasks\At50.job
C:\WINDOWS\Tasks\At51.job
C:\WINDOWS\Tasks\At52.job
C:\WINDOWS\Tasks\At53.job
C:\WINDOWS\Tasks\At54.job
C:\WINDOWS\Tasks\At55.job
C:\WINDOWS\Tasks\At56.job
C:\WINDOWS\Tasks\At57.job
C:\WINDOWS\Tasks\At58.job
C:\WINDOWS\Tasks\At59.job
C:\WINDOWS\Tasks\At6.job
C:\WINDOWS\Tasks\At60.job
C:\WINDOWS\Tasks\At61.job
C:\WINDOWS\Tasks\At62.job
C:\WINDOWS\Tasks\At63.job
C:\WINDOWS\Tasks\At64.job
C:\WINDOWS\Tasks\At65.job
C:\WINDOWS\Tasks\At66.job
C:\WINDOWS\Tasks\At67.job
C:\WINDOWS\Tasks\At68.job
C:\WINDOWS\Tasks\At69.job
C:\WINDOWS\Tasks\At7.job
C:\WINDOWS\Tasks\At70.job
C:\WINDOWS\Tasks\At71.job
C:\WINDOWS\Tasks\At72.job
C:\WINDOWS\Tasks\At8.job
C:\WINDOWS\Tasks\At9.job

--------------------\\ ROGUES ..

C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinAntiVirus Pro 2006

[F:129][D:22]-> C:\DOCUME~1\Elodie\LOCALS~1\Temp
[F:101][D:0]-> C:\DOCUME~1\Elodie\Cookies
[F:672][D:4]-> C:\DOCUME~1\Elodie\LOCALS~1\TEMPOR~1\content.IE5
[F:2][D:0]-> C:\Recycled

1 - "C:\Lop SD\LopR_1.txt" - 04/10/2008|18:25 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 04/10/2008|18:51 - Option : [1]

--------------------\\ Fin du rapport a 18:51:46

elodie · Answer

Merci pour la rapidité de vos réponses !

Voici tout d'abord le rapport TB-S&D :

-----------\\ ToolBar S&D 1.2.1 XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : Processeur Intel Pentium III )
BIOS : Award Modular BIOS v6.00PG
USER : Elodie ( Administrator )
BOOT : Normal boot
Antivirus : Bitdefender Antivirus 8.0 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total : 18 Go Free : 9 Go
D:\ (CD or DVD)
E:\ (CD or DVD)

"C:\ToolBar SD" ( MAJ : 24-09-2008|21:50 )
Option : [1] ( 04/10/2008|18:35 )

-----------\\ Recherche de Fichiers / Dossiers ...

C:\Program Files\FunWebProducts
C:\DOCUME~1\Elodie\Cookies\elodie@hotbar[1].txt
C:\DOCUME~1\Elodie\Cookies\elodie@www.hotbar[1].txt
C:\Program Files\Need2Find
C:\Program Files\Need2Find\bar
C:\Program Files\VVSN
C:\Program Files\VVSN\vvsn.cfg
C:\DOCUME~1\Elodie\Cookies\elodie@www.zango[1].txt
C:\WINDOWS\iun6002.exe
C:\WINDOWS\smdat32a.sys
C:\WINDOWS\smdat32m.sys
C:\WINDOWS\FONTS\acrsec.fon
C:\WINDOWS\FONTS\acrsecB.fon
C:\WINDOWS\FONTS\acrsecI.fon

-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="https://www.google.fr/?gws_rd=ssl"
"Search Page"="https://actus.sfr.fr"
"Default_Page_URL"="http://home.neuf.fr"
"Search Bar"="https://actus.sfr.fr"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Default_Search_URL"="https://actus.sfr.fr"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home"
"Search Bar"="https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm"

--------------------\\ Recherche d'autres infections

C:\Program Files\Instant Access
C:\Program Files\Instant Access\Center
C:\Program Files\Instant Access\Dialer
[b]==> EGDACCESS <==/b

C:\WINDOWS\Tasks\At1.job
C:\WINDOWS\Tasks\At10.job
C:\WINDOWS\Tasks\At11.job
C:\WINDOWS\Tasks\At12.job
C:\WINDOWS\Tasks\At13.job
C:\WINDOWS\Tasks\At14.job
C:\WINDOWS\Tasks\At15.job
C:\WINDOWS\Tasks\At16.job
C:\WINDOWS\Tasks\At17.job
C:\WINDOWS\Tasks\At18.job
C:\WINDOWS\Tasks\At19.job
C:\WINDOWS\Tasks\At2.job
C:\WINDOWS\Tasks\At20.job
C:\WINDOWS\Tasks\At21.job
C:\WINDOWS\Tasks\At22.job
C:\WINDOWS\Tasks\At23.job
C:\WINDOWS\Tasks\At24.job
C:\WINDOWS\Tasks\At25.job
C:\WINDOWS\Tasks\At26.job
C:\WINDOWS\Tasks\At27.job
C:\WINDOWS\Tasks\At28.job
C:\WINDOWS\Tasks\At29.job
C:\WINDOWS\Tasks\At3.job
C:\WINDOWS\Tasks\At30.job
C:\WINDOWS\Tasks\At31.job
C:\WINDOWS\Tasks\At32.job
C:\WINDOWS\Tasks\At33.job
C:\WINDOWS\Tasks\At34.job
C:\WINDOWS\Tasks\At35.job
C:\WINDOWS\Tasks\At36.job
C:\WINDOWS\Tasks\At37.job
C:\WINDOWS\Tasks\At38.job
C:\WINDOWS\Tasks\At39.job
C:\WINDOWS\Tasks\At4.job
C:\WINDOWS\Tasks\At40.job
C:\WINDOWS\Tasks\At41.job
C:\WINDOWS\Tasks\At42.job
C:\WINDOWS\Tasks\At43.job
C:\WINDOWS\Tasks\At44.job
C:\WINDOWS\Tasks\At45.job
C:\WINDOWS\Tasks\At46.job
C:\WINDOWS\Tasks\At47.job
C:\WINDOWS\Tasks\At48.job
C:\WINDOWS\Tasks\At49.job
C:\WINDOWS\Tasks\At5.job
C:\WINDOWS\Tasks\At50.job
C:\WINDOWS\Tasks\At51.job
C:\WINDOWS\Tasks\At52.job
C:\WINDOWS\Tasks\At53.job
C:\WINDOWS\Tasks\At54.job
C:\WINDOWS\Tasks\At55.job
C:\WINDOWS\Tasks\At56.job
C:\WINDOWS\Tasks\At57.job
C:\WINDOWS\Tasks\At58.job
C:\WINDOWS\Tasks\At59.job
C:\WINDOWS\Tasks\At6.job
C:\WINDOWS\Tasks\At60.job
C:\WINDOWS\Tasks\At61.job
C:\WINDOWS\Tasks\At62.job
C:\WINDOWS\Tasks\At63.job
C:\WINDOWS\Tasks\At64.job
C:\WINDOWS\Tasks\At65.job
C:\WINDOWS\Tasks\At66.job
C:\WINDOWS\Tasks\At67.job
C:\WINDOWS\Tasks\At68.job
C:\WINDOWS\Tasks\At69.job
C:\WINDOWS\Tasks\At7.job
C:\WINDOWS\Tasks\At70.job
C:\WINDOWS\Tasks\At71.job
C:\WINDOWS\Tasks\At72.job
C:\WINDOWS\Tasks\At8.job
C:\WINDOWS\Tasks\At9.job

--------------------\\ ROGUES ..

C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinAntiVirus Pro 2006

1 - "C:\ToolBar SD\TB_1.txt" - 04/10/2008|18:39 - Option : [1]

-----------\\ Fin du rapport a 18:39:47,70

Et voici le rapport de Lop-S&D :

--------------------\\ Lop S&D 4.2.4-5 XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : Processeur Intel Pentium III )
BIOS : Award Modular BIOS v6.00PG
USER : Elodie ( Administrator )
BOOT : Normal boot
Antivirus : Bitdefender Antivirus 8.0 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total : 18 Go Free : 9 Go
D:\ (CD or DVD)
E:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 02-10-2008|23:42 )
Option : [1] ( 04/10/2008|18:44 )

--------------------\\ Listing des dossiers dans APPLIC~1

[24/09/2008|13:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[02/02/2006|16:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems
[13/12/2007|16:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BitDefender
[27/03/2006|18:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY
[15/12/2006|09:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CA
[26/01/2006|15:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[07/07/2007|10:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LightScribe
[12/06/2006|19:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macrovision
[11/08/2008|18:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[13/12/2007|16:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[25/12/2005|11:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Newsoft
[04/10/2008|13:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NOS
[01/07/2006|09:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\River Past G4
[04/07/2008|13:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Corporation
[27/09/2008|14:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\title tool face bin
[27/03/2006|15:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinAntiVirus Pro 2006
[01/07/2006|10:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[03/12/2007|23:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WindowsLiveInstaller
[01/12/2007|17:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[28/02/2008|19:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion

[22/12/2005|16:48] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[24/09/2008|13:34] C:\DOCUME~1\Elodie\APPLIC~1\Adobe
[29/03/2006|13:01] C:\DOCUME~1\Elodie\APPLIC~1\AdobeUM
[22/01/2008|22:36] C:\DOCUME~1\Elodie\APPLIC~1\Ahead
[30/05/2006|17:56] C:\DOCUME~1\Elodie\APPLIC~1\ArcSoft
[05/06/2006|10:22] C:\DOCUME~1\Elodie\APPLIC~1\AVS Video Converter
[13/12/2007|16:33] C:\DOCUME~1\Elodie\APPLIC~1\Bitdefender
[28/02/2008|11:15] C:\DOCUME~1\Elodie\APPLIC~1\BitDownload
[26/06/2007|14:30] C:\DOCUME~1\Elodie\APPLIC~1\CVitae
[05/03/2006|11:00] C:\DOCUME~1\Elodie\APPLIC~1\DMCache
[18/07/2007|11:18] C:\DOCUME~1\Elodie\APPLIC~1\dvdcss
[14/09/2008|00:13] C:\DOCUME~1\Elodie\APPLIC~1\gtk-2.0
[04/05/2006|13:41] C:\DOCUME~1\Elodie\APPLIC~1\Help
[30/05/2006|14:00] C:\DOCUME~1\Elodie\APPLIC~1\Identities
[26/12/2005|16:25] C:\DOCUME~1\Elodie\APPLIC~1\Inkscape
[13/12/2007|16:09] C:\DOCUME~1\Elodie\APPLIC~1\Lavasoft
[25/09/2008|15:41] C:\DOCUME~1\Elodie\APPLIC~1\Leadertech
[12/01/2008|12:41] C:\DOCUME~1\Elodie\APPLIC~1\Macromedia
[10/02/2008|12:53] C:\DOCUME~1\Elodie\APPLIC~1\Microsoft
[03/02/2008|10:58] C:\DOCUME~1\Elodie\APPLIC~1\Mozilla
[22/01/2008|18:50] C:\DOCUME~1\Elodie\APPLIC~1\Nero
[03/02/2008|10:58] C:\DOCUME~1\Elodie\APPLIC~1\Netscape
[29/12/2005|19:34] C:\DOCUME~1\Elodie\APPLIC~1\Nvu
[03/12/2007|23:37] C:\DOCUME~1\Elodie\APPLIC~1\OpenOffice.org2
[02/02/2006|17:12] C:\DOCUME~1\Elodie\APPLIC~1\Opera
[03/02/2008|10:53] C:\DOCUME~1\Elodie\APPLIC~1\Photodex
[13/06/2007|20:17] C:\DOCUME~1\Elodie\APPLIC~1\Real
[05/06/2006|10:18] C:\DOCUME~1\Elodie\APPLIC~1\River Past G4
[03/04/2007|18:02] C:\DOCUME~1\Elodie\APPLIC~1\Screenshot Sender
[04/07/2008|14:12] C:\DOCUME~1\Elodie\APPLIC~1\Sony Corporation
[24/09/2008|14:04] C:\DOCUME~1\Elodie\APPLIC~1\Sony Ericsson
[26/10/2007|21:56] C:\DOCUME~1\Elodie\APPLIC~1\Sun
[24/09/2008|14:09] C:\DOCUME~1\Elodie\APPLIC~1\Teleca
[15/06/2007|19:06] C:\DOCUME~1\Elodie\APPLIC~1\vlc
[29/02/2008|14:11] C:\DOCUME~1\Elodie\APPLIC~1\Vso
[17/07/2008|10:31] C:\DOCUME~1\Elodie\APPLIC~1\ZoomBrowser EX

[22/12/2005|16:58] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[18/07/2008|20:02] C:\DOCUME~1\NETWOR~1\APPLIC~1\Macromedia
[19/07/2008|11:31] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[27/09/2008 23:00][--a------] C:\WINDOWS\tasks\At72.job
[29/09/2008 22:00][--a------] C:\WINDOWS\tasks\At71.job
[01/10/2008 21:00][--a------] C:\WINDOWS\tasks\At70.job
[03/10/2008 20:00][--a------] C:\WINDOWS\tasks\At69.job
[03/10/2008 19:00][--a------] C:\WINDOWS\tasks\At68.job
[04/10/2008 18:00][--a------] C:\WINDOWS\tasks\At67.job
[04/10/2008 17:00][--a------] C:\WINDOWS\tasks\At66.job
[04/10/2008 16:00][--a------] C:\WINDOWS\tasks\At65.job
[04/10/2008 15:00][--a------] C:\WINDOWS\tasks\At64.job
[04/10/2008 14:01][--a------] C:\WINDOWS\tasks\At63.job
[04/10/2008 13:00][--a------] C:\WINDOWS\tasks\At62.job
[04/10/2008 12:01][--a------] C:\WINDOWS\tasks\At61.job
[28/09/2008 11:01][--a------] C:\WINDOWS\tasks\At60.job
[04/10/2008 10:00][--a------] C:\WINDOWS\tasks\At59.job
[20/09/2008 09:58][--a------] C:\WINDOWS\tasks\At58.job
[25/09/2008 08:00][--a------] C:\WINDOWS\tasks\At57.job
[20/09/2008 09:58][--a------] C:\WINDOWS\tasks\At56.job
[20/09/2008 09:58][--a------] C:\WINDOWS\tasks\At55.job
[20/09/2008 09:58][--a------] C:\WINDOWS\tasks\At54.job
[20/09/2008 09:58][--a------] C:\WINDOWS\tasks\At53.job
[20/09/2008 09:58][--a------] C:\WINDOWS\tasks\At52.job
[20/09/2008 09:58][--a------] C:\WINDOWS\tasks\At51.job
[20/09/2008 09:58][--a------] C:\WINDOWS\tasks\At50.job
[20/09/2008 09:58][--a------] C:\WINDOWS\tasks\At49.job
[27/09/2008 23:00][--a------] C:\WINDOWS\tasks\At48.job
[29/09/2008 22:00][--a------] C:\WINDOWS\tasks\At47.job
[01/10/2008 21:00][--a------] C:\WINDOWS\tasks\At46.job
[03/10/2008 20:00][--a------] C:\WINDOWS\tasks\At45.job
[03/10/2008 19:00][--a------] C:\WINDOWS\tasks\At44.job
[04/10/2008 18:00][--a------] C:\WINDOWS\tasks\At43.job
[04/10/2008 17:00][--a------] C:\WINDOWS\tasks\At42.job
[04/10/2008 16:00][--a------] C:\WINDOWS\tasks\At41.job
[04/10/2008 15:00][--a------] C:\WINDOWS\tasks\At40.job
[04/10/2008 14:00][--a------] C:\WINDOWS\tasks\At39.job
[04/10/2008 13:00][--a------] C:\WINDOWS\tasks\At38.job
[04/10/2008 12:00][--a------] C:\WINDOWS\tasks\At37.job
[28/09/2008 11:00][--a------] C:\WINDOWS\tasks\At36.job
[04/10/2008 10:00][--a------] C:\WINDOWS\tasks\At35.job
[23/08/2008 09:00][--a------] C:\WINDOWS\tasks\At34.job
[25/09/2008 08:00][--a------] C:\WINDOWS\tasks\At33.job
[18/07/2008 11:34][--a------] C:\WINDOWS\tasks\At32.job
[18/07/2008 11:34][--a------] C:\WINDOWS\tasks\At31.job
[18/07/2008 11:34][--a------] C:\WINDOWS\tasks\At30.job
[18/07/2008 11:34][--a------] C:\WINDOWS\tasks\At29.job
[18/07/2008 11:34][--a------] C:\WINDOWS\tasks\At28.job
[14/08/2008 02:00][--a------] C:\WINDOWS\tasks\At27.job
[19/08/2008 01:00][--a------] C:\WINDOWS\tasks\At26.job
[08/09/2008 00:43][--a------] C:\WINDOWS\tasks\At25.job
[27/09/2008 23:00][--a------] C:\WINDOWS\tasks\At24.job
[29/09/2008 22:00][--a------] C:\WINDOWS\tasks\At23.job
[01/10/2008 21:00][--a------] C:\WINDOWS\tasks\At22.job
[03/10/2008 20:00][--a------] C:\WINDOWS\tasks\At21.job
[03/10/2008 19:00][--a------] C:\WINDOWS\tasks\At20.job
[04/10/2008 18:00][--a------] C:\WINDOWS\tasks\At19.job
[04/10/2008 17:00][--a------] C:\WINDOWS\tasks\At18.job
[04/10/2008 16:00][--a------] C:\WINDOWS\tasks\At17.job
[04/10/2008 15:00][--a------] C:\WINDOWS\tasks\At16.job
[04/10/2008 14:00][--a------] C:\WINDOWS\tasks\At15.job
[04/10/2008 13:00][--a------] C:\WINDOWS\tasks\At14.job
[04/10/2008 12:00][--a------] C:\WINDOWS\tasks\At13.job
[28/09/2008 11:00][--a------] C:\WINDOWS\tasks\At12.job
[04/10/2008 10:00][--a------] C:\WINDOWS\tasks\At11.job
[23/08/2008 09:00][--a------] C:\WINDOWS\tasks\At10.job
[25/09/2008 08:00][--a------] C:\WINDOWS\tasks\At9.job
[18/07/2008 11:20][--a------] C:\WINDOWS\tasks\At8.job
[18/07/2008 11:20][--a------] C:\WINDOWS\tasks\At7.job
[18/07/2008 11:20][--a------] C:\WINDOWS\tasks\At6.job
[18/07/2008 11:20][--a------] C:\WINDOWS\tasks\At5.job
[18/07/2008 11:20][--a------] C:\WINDOWS\tasks\At4.job
[14/08/2008 02:00][--a------] C:\WINDOWS\tasks\At3.job
[19/08/2008 01:00][--a------] C:\WINDOWS\tasks\At2.job
[19/08/2008 00:47][--a------] C:\WINDOWS\tasks\At1.job
[04/10/2008 16:20][--ah-----] C:\WINDOWS\tasks\SA.DAT
[28/09/2001 19:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[16/05/2008|10:11] C:\Program Files\AbiSuite2
[01/08/2002|18:44] C:\Program Files\Accessoires
[09/01/2005|17:36] C:\Program Files\ACE Mega CoDecS Pack
[31/01/2006|15:10] C:\Program Files\Adesign
[27/09/2008|10:18] C:\Program Files\Adobe
[23/09/2007|14:56] C:\Program Files\Alwil Software
[04/10/2008|13:42] C:\Program Files\a-squared Free
[28/02/2008|11:27] C:\Program Files\BitDownload
[09/05/2008|21:44] C:\Program Files\BitTorrent Fastest Tool
[01/05/2004|13:00] C:\Program Files\BSPLAYER
[06/08/2006|22:17] C:\Program Files\CCleaner
[20/08/2007|13:39] C:\Program Files\CVitae
[30/11/2003|15:51] C:\Program Files\directx
[04/10/2008|11:44] C:\Program Files\eMule
[13/12/2007|16:57] C:\Program Files\EnergyPlugIn
[02/07/2006|13:55] C:\Program Files\eZ
[04/10/2008|16:50] C:\Program Files\Fichiers communs
[24/08/2008|17:39] C:\Program Files\Foreignword
[22/02/2008|16:06] C:\Program Files\FunWebProducts
[20/04/2008|15:39] C:\Program Files\GIMP-2.0
[06/07/2007|19:25] C:\Program Files\Google
[15/02/2008|18:33] C:\Program Files\ImTOO
[29/01/2005|15:22] C:\Program Files\Infogrames
[04/09/2008|22:20] C:\Program Files\InstallShield Installation Information
[19/08/2005|15:04] C:\Program Files\Instant Access
[14/08/2008|11:32] C:\Program Files\Internet Explorer
[19/06/2008|13:49] C:\Program Files\Java
[14/08/2008|11:48] C:\Program Files\Messenger
[29/07/2008|19:21] C:\Program Files\Messenger Plus! Live
[22/12/2005|16:49] C:\Program Files\microsoft frontpage
[10/02/2008|16:56] C:\Program Files\Movie Maker
[04/10/2008|18:25] C:\Program Files\Mozilla Firefox
[27/09/2008|10:25] C:\Program Files\Mozilla Firefox 3 Beta 1
[17/09/2005|19:36] C:\Program Files\MSN Apps
[22/12/2005|16:39] C:\Program Files\MSN Gaming Zone
[04/07/2007|09:48] C:\Program Files\MSN Messenger
[17/09/2005|19:26] C:\Program Files\MSN Toolbar
[26/01/2006|19:49] C:\Program Files\Need2Find
[07/07/2007|10:09] C:\Program Files\Nero
[22/12/2005|16:43] C:\Program Files\NetMeeting
[22/08/2007|17:14] C:\Program Files\Neuf
[25/01/2006|14:21] C:\Program Files\neuf telecom
[04/10/2008|13:39] C:\Program Files\NOS
[03/12/2007|23:49] C:\Program Files\OpenOffice.org 2.3
[14/06/2007|10:24] C:\Program Files\Outlook Express
[02/07/2006|14:51] C:\Program Files\PhotoFiltre
[01/08/2002|18:44] C:\Program Files\PLUS!
[02/08/2002|17:14] C:\Program Files\Publication Web
[17/09/2005|19:27] C:\Program Files\QMgr
[03/06/2007|14:53] C:\Program Files\Real
[14/02/2007|18:34] C:\Program Files\SAGEM
[22/12/2005|16:44] C:\Program Files\Services en ligne
[13/12/2007|13:13] C:\Program Files\Softwin
[18/08/2008|15:00] C:\Program Files\Sony
[04/07/2008|13:52] C:\Program Files\Sony Corporation
[09/01/2005|17:23] C:\Program Files\Symantec
[22/04/2006|09:32] C:\Program Files\TBONBin
[09/05/2008|21:44] C:\Program Files\torrent_search
[04/10/2008|18:32] C:\Program Files\Trend Micro
[01/08/2002|19:05] C:\Program Files\Uninstall Information
[16/05/2008|10:22] C:\Program Files\URUSoft
[15/06/2007|17:09] C:\Program Files\VideoLAN
[29/02/2008|14:12] C:\Program Files\vso
[21/06/2005|15:50] C:\Program Files\VVSN
[28/09/2008|13:12] C:\Program Files\Webteh
[03/12/2007|23:42] C:\Program Files\Windows Live
[13/06/2007|20:27] C:\Program Files\Windows Media Connect 2
[13/06/2007|20:37] C:\Program Files\Windows Media Player
[30/01/2006|17:01] C:\Program Files\Windows NT
[22/12/2005|16:44] C:\Program Files\WindowsUpdate
[01/03/2008|09:59] C:\Program Files\WinRAR
[22/12/2005|16:49] C:\Program Files\xerox
[22/12/2005|18:56] C:\Program Files\XviD

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[19/08/2003|16:13] C:\Program Files\Fichiers communs\Adaptec Shared
[20/07/2006|11:10] C:\Program Files\Fichiers communs\Adobe
[02/02/2006|16:23] C:\Program Files\Fichiers communs\Adobe Systems Shared
[19/08/2008|16:21] C:\Program Files\Fichiers communs\Ahead
[13/04/2003|11:52] C:\Program Files\Fichiers communs\aolshare
[04/06/2006|10:32] C:\Program Files\Fichiers communs\AVSMedia
[17/07/2008|10:09] C:\Program Files\Fichiers communs\Canon
[07/07/2006|16:03] C:\Program Files\Fichiers communs\GTK
[26/01/2006|15:48] C:\Program Files\Fichiers communs\InstallShield
[07/07/2007|10:24] C:\Program Files\Fichiers communs\LightScribe
[12/06/2006|19:04] C:\Program Files\Fichiers communs\Macrovision Shared
[02/02/2008|17:47] C:\Program Files\Fichiers communs\MAGIX Shared
[04/10/2008|16:33] C:\Program Files\Fichiers communs\Microsoft Shared
[22/12/2005|16:43] C:\Program Files\Fichiers communs\MSSoap
[22/12/2005|17:25] C:\Program Files\Fichiers communs\ODBC
[13/06/2007|20:18] C:\Program Files\Fichiers communs\Real
[01/08/2002|18:49] C:\Program Files\Fichiers communs\SERVICES
[13/12/2007|16:11] C:\Program Files\Fichiers communs\Softwin
[04/07/2008|13:56] C:\Program Files\Fichiers communs\Sony Shared
[22/12/2005|17:24] C:\Program Files\Fichiers communs\SpeechEngines
[02/08/2002|16:56] C:\Program Files\Fichiers communs\Symantec Shared
[14/06/2007|10:24] C:\Program Files\Fichiers communs\SYSTEM
[04/10/2008|16:50] C:\Program Files\Fichiers communs\Teleca Shared
[01/12/2007|18:12] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[06/08/2006|23:02] C:\Program Files\Fichiers communs\WinSoftware

--------------------\\ Process

( 30 Processes )

iexplore.exe ~ [PID:7568]

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\DOCUME~1\ALLUSE~1\APPLIC~1\title tool face bin
C:\DOCUME~1\Elodie\APPLIC~1\BitDownload
C:\DOCUME~1\Elodie\APPLIC~1\BitDownload\Data
C:\Program Files\BitDownload
C:\Program Files\BitDownload\BitDownload.TRC
C:\Program Files\BitDownload\ZM
C:\Program Files\BitTorrent Fastest Tool
C:\Program Files\BitTorrent Fastest Tool\BitP.exe
C:\Program Files\BitTorrent Fastest Tool\INSTALL.LOG

--------------------\\ Verification du Registre

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"face bin load show"="C:\\Documents and Settings\\All Users\\Application Data\\title tool face bin\\Mail Kind.exe"

--------------------\\ Verification du fichier Hosts

Fichier Hosts MODIFIE

127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
127.0.0.1 download.cdn.errorsafe.com ## added by CiD
127.0.0.1 download.cdn.winsoftware.com ## added by CiD
127.0.0.1 download.errorsafe.com ## added by CiD
127.0.0.1 download.systemdoctor.com ## added by CiD
127.0.0.1 download.winantispyware.com ## added by CiD
127.0.0.1 download.windrivecleaner.com ## added by CiD
127.0.0.1 download.winfixer.com ## added by CiD
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go.winantivirus.com ## added by CiD
127.0.0.1 hk.winantivirus.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winantivirus.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb.winantivirus.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure.winantivirus.com ## added by CiD
127.0.0.1 support.winantivirus.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 ulog.winantivirus.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winantivirus.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winantivirus.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 [i]ww/iw.drivecleaner.com ## added by CiD
127.0.0.1 [i]ww/iw.errorprotector.com ## added by CiD
127.0.0.1 [i]ww/iw.errorsafe.com ## added by CiD
127.0.0.1 [i]ww/iw.systemdoctor.com ## added by CiD
127.0.0.1 [i]ww/iw.utils.winfixer.com ## added by CiD
127.0.0.1 [i]ww/iw.win-anti-virus-pro.com ## added by CiD
127.0.0.1 [i]ww/iw.win-virus-pro.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispam.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispy.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispyware.com ## added by CiD
127.0.0.1 [i]ww/iw.winantivirus.com ## added by CiD
127.0.0.1 [i]ww/iw.winantiviruspro.com ## added by CiD
127.0.0.1 [i]ww/iw.windrivecleaner.com ## added by CiD
127.0.0.1 [i]ww/iw.windrivesafe.com ## added by CiD
127.0.0.1 [i]ww/iw.winfixer.com ## added by CiD
127.0.0.1 [i]ww/iw.winfixer2006.com ## added by CiD
127.0.0.1 [i]ww/iw.winsoftware.com ## added by CiD

-> 72 [ 70 ## added by CiD ]

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-04 18:48:05
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 85

--------------------\\ Recherche d'autres infections

C:\Program Files\Instant Access
C:\Program Files\Instant Access\Center
C:\Program Files\Instant Access\Dialer
[b]==> EGDACCESS <==/b

C:\WINDOWS\Tasks\At1.job
C:\WINDOWS\Tasks\At10.job
C:\WINDOWS\Tasks\At11.job
C:\WINDOWS\Tasks\At12.job
C:\WINDOWS\Tasks\At13.job
C:\WINDOWS\Tasks\At14.job
C:\WINDOWS\Tasks\At15.job
C:\WINDOWS\Tasks\At16.job
C:\WINDOWS\Tasks\At17.job
C:\WINDOWS\Tasks\At18.job
C:\WINDOWS\Tasks\At19.job
C:\WINDOWS\Tasks\At2.job
C:\WINDOWS\Tasks\At20.job
C:\WINDOWS\Tasks\At21.job
C:\WINDOWS\Tasks\At22.job
C:\WINDOWS\Tasks\At23.job
C:\WINDOWS\Tasks\At24.job
C:\WINDOWS\Tasks\At25.job
C:\WINDOWS\Tasks\At26.job
C:\WINDOWS\Tasks\At27.job
C:\WINDOWS\Tasks\At28.job
C:\WINDOWS\Tasks\At29.job
C:\WINDOWS\Tasks\At3.job
C:\WINDOWS\Tasks\At30.job
C:\WINDOWS\Tasks\At31.job
C:\WINDOWS\Tasks\At32.job
C:\WINDOWS\Tasks\At33.job
C:\WINDOWS\Tasks\At34.job
C:\WINDOWS\Tasks\At35.job
C:\WINDOWS\Tasks\At36.job
C:\WINDOWS\Tasks\At37.job
C:\WINDOWS\Tasks\At38.job
C:\WINDOWS\Tasks\At39.job
C:\WINDOWS\Tasks\At4.job
C:\WINDOWS\Tasks\At40.job
C:\WINDOWS\Tasks\At41.job
C:\WINDOWS\Tasks\At42.job
C:\WINDOWS\Tasks\At43.job
C:\WINDOWS\Tasks\At44.job
C:\WINDOWS\Tasks\At45.job
C:\WINDOWS\Tasks\At46.job
C:\WINDOWS\Tasks\At47.job
C:\WINDOWS\Tasks\At48.job
C:\WINDOWS\Tasks\At49.job
C:\WINDOWS\Tasks\At5.job
C:\WINDOWS\Tasks\At50.job
C:\WINDOWS\Tasks\At51.job
C:\WINDOWS\Tasks\At52.job
C:\WINDOWS\Tasks\At53.job
C:\WINDOWS\Tasks\At54.job
C:\WINDOWS\Tasks\At55.job
C:\WINDOWS\Tasks\At56.job
C:\WINDOWS\Tasks\At57.job
C:\WINDOWS\Tasks\At58.job
C:\WINDOWS\Tasks\At59.job
C:\WINDOWS\Tasks\At6.job
C:\WINDOWS\Tasks\At60.job
C:\WINDOWS\Tasks\At61.job
C:\WINDOWS\Tasks\At62.job
C:\WINDOWS\Tasks\At63.job
C:\WINDOWS\Tasks\At64.job
C:\WINDOWS\Tasks\At65.job
C:\WINDOWS\Tasks\At66.job
C:\WINDOWS\Tasks\At67.job
C:\WINDOWS\Tasks\At68.job
C:\WINDOWS\Tasks\At69.job
C:\WINDOWS\Tasks\At7.job
C:\WINDOWS\Tasks\At70.job
C:\WINDOWS\Tasks\At71.job
C:\WINDOWS\Tasks\At72.job
C:\WINDOWS\Tasks\At8.job
C:\WINDOWS\Tasks\At9.job

--------------------\\ ROGUES ..

C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinAntiVirus Pro 2006

[F:129][D:22]-> C:\DOCUME~1\Elodie\LOCALS~1\Temp
[F:101][D:0]-> C:\DOCUME~1\Elodie\Cookies
[F:672][D:4]-> C:\DOCUME~1\Elodie\LOCALS~1\TEMPOR~1\content.IE5
[F:2][D:0]-> C:\Recycled

1 - "C:\Lop SD\LopR_1.txt" - 04/10/2008|18:25 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 04/10/2008|18:51 - Option : [1]

--------------------\\ Fin du rapport a 18:51:46

evasion60/PCA · Answer

Re => OK 

...Désactive ton antivirus, ton antipsyware résidant (spybot par exemple) durant la phase de nettoyage. Voir ici.
Double clique sur le raccourci de Toolbar-S&D présent sur ton bureau. 

...Relance Lop-S&D :
Double-clique sur le raccourci et choisis l'option 2. Cela va supprimer l'infection et provoquer une réinitialisation du fichier hosts.
A la fin de la suppression, une recherche sera re-lancée.
Le bloc-note s'ouvre. Edite son contenu dans ta prochaine réponse.

...Relance Toolbarr-S&D :
Au menu principal, choisis l'option 2 et valide par la touche [Entrée]. 
/!\ Ne ferme pas la fenêtre lors de la suppression /!\ 

Un rapport sera généré. Poste ce rapport avec un nouveau rapport Hijackthis.
Note : Pour les utilisateurs de Vista, ToolBar-SD se charge de désactiver le "Contrôle des comptes utilisateurs" (UAC), il va redémarrer l'ordinateur et réactiver l'UAC.

Désinstallation : 

Dans ajout/suppression des programmes, désinstalle Toolbar-S&D et redémarre le pc.
Supprime éventuellement Toolbar-S&D dans C:\Program Files


... Reviens dans ta réponse avec les deux rapports / STP
A te lire

elodie · Answer

Voici les 3 rapports :

--------------------\\ Lop S&D 4.2.4-5 XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : Processeur Intel Pentium III )
BIOS : Award Modular BIOS v6.00PG
USER : Elodie ( Administrator )
BOOT : Normal boot
Antivirus : Bitdefender Antivirus 8.0 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total : 18 Go Free : 9 Go
D:\ (CD or DVD)
E:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 02-10-2008|23:42 )
Option : [2] ( 04/10/2008|20:01 )

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

Supprime! - C:\DOCUME~1\Elodie\APPLIC~1\BitDownload\Data
Supprime! - C:\Program Files\BitDownload\BitDownload.TRC
Supprime! - C:\Program Files\BitDownload\ZM
Supprime! - C:\Program Files\BitTorrent Fastest Tool\BitP.exe
Supprime! - C:\Program Files\BitTorrent Fastest Tool\INSTALL.LOG
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\title tool face bin
Supprime! - C:\DOCUME~1\Elodie\APPLIC~1\BitDownload
Supprime! - C:\Program Files\BitDownload
Supprime! - C:\Program Files\BitTorrent Fastest Tool
-
[ Fichier Hosts ] .. Restaure!

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

--------------------\\ Listing des dossiers dans APPLIC~1

[24/09/2008|13:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[02/02/2006|16:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems
[13/12/2007|16:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BitDefender
[27/03/2006|18:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY
[15/12/2006|09:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CA
[26/01/2006|15:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[07/07/2007|10:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LightScribe
[12/06/2006|19:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macrovision
[11/08/2008|18:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[13/12/2007|16:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[25/12/2005|11:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Newsoft
[04/10/2008|13:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NOS
[01/07/2006|09:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\River Past G4
[04/07/2008|13:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Corporation
[27/03/2006|15:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinAntiVirus Pro 2006
[01/07/2006|10:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[03/12/2007|23:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WindowsLiveInstaller
[01/12/2007|17:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[28/02/2008|19:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion

[22/12/2005|16:48] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[24/09/2008|13:34] C:\DOCUME~1\Elodie\APPLIC~1\Adobe
[29/03/2006|13:01] C:\DOCUME~1\Elodie\APPLIC~1\AdobeUM
[22/01/2008|22:36] C:\DOCUME~1\Elodie\APPLIC~1\Ahead
[30/05/2006|17:56] C:\DOCUME~1\Elodie\APPLIC~1\ArcSoft
[05/06/2006|10:22] C:\DOCUME~1\Elodie\APPLIC~1\AVS Video Converter
[13/12/2007|16:33] C:\DOCUME~1\Elodie\APPLIC~1\Bitdefender
[26/06/2007|14:30] C:\DOCUME~1\Elodie\APPLIC~1\CVitae
[05/03/2006|11:00] C:\DOCUME~1\Elodie\APPLIC~1\DMCache
[18/07/2007|11:18] C:\DOCUME~1\Elodie\APPLIC~1\dvdcss
[14/09/2008|00:13] C:\DOCUME~1\Elodie\APPLIC~1\gtk-2.0
[04/05/2006|13:41] C:\DOCUME~1\Elodie\APPLIC~1\Help
[30/05/2006|14:00] C:\DOCUME~1\Elodie\APPLIC~1\Identities
[26/12/2005|16:25] C:\DOCUME~1\Elodie\APPLIC~1\Inkscape
[13/12/2007|16:09] C:\DOCUME~1\Elodie\APPLIC~1\Lavasoft
[25/09/2008|15:41] C:\DOCUME~1\Elodie\APPLIC~1\Leadertech
[12/01/2008|12:41] C:\DOCUME~1\Elodie\APPLIC~1\Macromedia
[10/02/2008|12:53] C:\DOCUME~1\Elodie\APPLIC~1\Microsoft
[03/02/2008|10:58] C:\DOCUME~1\Elodie\APPLIC~1\Mozilla
[22/01/2008|18:50] C:\DOCUME~1\Elodie\APPLIC~1\Nero
[03/02/2008|10:58] C:\DOCUME~1\Elodie\APPLIC~1\Netscape
[29/12/2005|19:34] C:\DOCUME~1\Elodie\APPLIC~1\Nvu
[03/12/2007|23:37] C:\DOCUME~1\Elodie\APPLIC~1\OpenOffice.org2
[02/02/2006|17:12] C:\DOCUME~1\Elodie\APPLIC~1\Opera
[03/02/2008|10:53] C:\DOCUME~1\Elodie\APPLIC~1\Photodex
[13/06/2007|20:17] C:\DOCUME~1\Elodie\APPLIC~1\Real
[05/06/2006|10:18] C:\DOCUME~1\Elodie\APPLIC~1\River Past G4
[03/04/2007|18:02] C:\DOCUME~1\Elodie\APPLIC~1\Screenshot Sender
[04/07/2008|14:12] C:\DOCUME~1\Elodie\APPLIC~1\Sony Corporation
[24/09/2008|14:04] C:\DOCUME~1\Elodie\APPLIC~1\Sony Ericsson
[26/10/2007|21:56] C:\DOCUME~1\Elodie\APPLIC~1\Sun
[24/09/2008|14:09] C:\DOCUME~1\Elodie\APPLIC~1\Teleca
[15/06/2007|19:06] C:\DOCUME~1\Elodie\APPLIC~1\vlc
[29/02/2008|14:11] C:\DOCUME~1\Elodie\APPLIC~1\Vso
[17/07/2008|10:31] C:\DOCUME~1\Elodie\APPLIC~1\ZoomBrowser EX

[22/12/2005|16:58] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[18/07/2008|20:02] C:\DOCUME~1\NETWOR~1\APPLIC~1\Macromedia
[19/07/2008|11:31] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[27/09/2008 23:00][--a------] C:\WINDOWS\tasks\At72.job
[29/09/2008 22:00][--a------] C:\WINDOWS\tasks\At71.job
[01/10/2008 21:00][--a------] C:\WINDOWS\tasks\At70.job
[04/10/2008 20:00][--a------] C:\WINDOWS\tasks\At69.job
[04/10/2008 19:00][--a------] C:\WINDOWS\tasks\At68.job
[04/10/2008 18:00][--a------] C:\WINDOWS\tasks\At67.job
[04/10/2008 17:00][--a------] C:\WINDOWS\tasks\At66.job
[04/10/2008 16:00][--a------] C:\WINDOWS\tasks\At65.job
[04/10/2008 15:00][--a------] C:\WINDOWS\tasks\At64.job
[04/10/2008 14:01][--a------] C:\WINDOWS\tasks\At63.job
[04/10/2008 13:00][--a------] C:\WINDOWS\tasks\At62.job
[04/10/2008 12:01][--a------] C:\WINDOWS\tasks\At61.job
[28/09/2008 11:01][--a------] C:\WINDOWS\tasks\At60.job
[04/10/2008 10:00][--a------] C:\WINDOWS\tasks\At59.job
[20/09/2008 09:58][--a------] C:\WINDOWS\tasks\At58.job
[25/09/2008 08:00][--a------] C:\WINDOWS\tasks\At57.job
[20/09/2008 09:58][--a------] C:\WINDOWS\tasks\At56.job
[20/09/2008 09:58][--a------] C:\WINDOWS\tasks\At55.job
[20/09/2008 09:58][--a------] C:\WINDOWS\tasks\At54.job
[20/09/2008 09:58][--a------] C:\WINDOWS\tasks\At53.job
[20/09/2008 09:58][--a------] C:\WINDOWS\tasks\At52.job
[20/09/2008 09:58][--a------] C:\WINDOWS\tasks\At51.job
[20/09/2008 09:58][--a------] C:\WINDOWS\tasks\At50.job
[20/09/2008 09:58][--a------] C:\WINDOWS\tasks\At49.job
[27/09/2008 23:00][--a------] C:\WINDOWS\tasks\At48.job
[29/09/2008 22:00][--a------] C:\WINDOWS\tasks\At47.job
[01/10/2008 21:00][--a------] C:\WINDOWS\tasks\At46.job
[04/10/2008 20:00][--a------] C:\WINDOWS\tasks\At45.job
[04/10/2008 19:00][--a------] C:\WINDOWS\tasks\At44.job
[04/10/2008 18:00][--a------] C:\WINDOWS\tasks\At43.job
[04/10/2008 17:00][--a------] C:\WINDOWS\tasks\At42.job
[04/10/2008 16:00][--a------] C:\WINDOWS\tasks\At41.job
[04/10/2008 15:00][--a------] C:\WINDOWS\tasks\At40.job
[04/10/2008 14:00][--a------] C:\WINDOWS\tasks\At39.job
[04/10/2008 13:00][--a------] C:\WINDOWS\tasks\At38.job
[04/10/2008 12:00][--a------] C:\WINDOWS\tasks\At37.job
[28/09/2008 11:00][--a------] C:\WINDOWS\tasks\At36.job
[04/10/2008 10:00][--a------] C:\WINDOWS\tasks\At35.job
[23/08/2008 09:00][--a------] C:\WINDOWS\tasks\At34.job
[25/09/2008 08:00][--a------] C:\WINDOWS\tasks\At33.job
[18/07/2008 11:34][--a------] C:\WINDOWS\tasks\At32.job
[18/07/2008 11:34][--a------] C:\WINDOWS\tasks\At31.job
[18/07/2008 11:34][--a------] C:\WINDOWS\tasks\At30.job
[18/07/2008 11:34][--a------] C:\WINDOWS\tasks\At29.job
[18/07/2008 11:34][--a------] C:\WINDOWS\tasks\At28.job
[14/08/2008 02:00][--a------] C:\WINDOWS\tasks\At27.job
[19/08/2008 01:00][--a------] C:\WINDOWS\tasks\At26.job
[08/09/2008 00:43][--a------] C:\WINDOWS\tasks\At25.job
[27/09/2008 23:00][--a------] C:\WINDOWS\tasks\At24.job
[29/09/2008 22:00][--a------] C:\WINDOWS\tasks\At23.job
[01/10/2008 21:00][--a------] C:\WINDOWS\tasks\At22.job
[04/10/2008 20:00][--a------] C:\WINDOWS\tasks\At21.job
[04/10/2008 19:00][--a------] C:\WINDOWS\tasks\At20.job
[04/10/2008 18:00][--a------] C:\WINDOWS\tasks\At19.job
[04/10/2008 17:00][--a------] C:\WINDOWS\tasks\At18.job
[04/10/2008 16:00][--a------] C:\WINDOWS\tasks\At17.job
[04/10/2008 15:00][--a------] C:\WINDOWS\tasks\At16.job
[04/10/2008 14:00][--a------] C:\WINDOWS\tasks\At15.job
[04/10/2008 13:00][--a------] C:\WINDOWS\tasks\At14.job
[04/10/2008 12:00][--a------] C:\WINDOWS\tasks\At13.job
[28/09/2008 11:00][--a------] C:\WINDOWS\tasks\At12.job
[04/10/2008 10:00][--a------] C:\WINDOWS\tasks\At11.job
[23/08/2008 09:00][--a------] C:\WINDOWS\tasks\At10.job
[25/09/2008 08:00][--a------] C:\WINDOWS\tasks\At9.job
[18/07/2008 11:20][--a------] C:\WINDOWS\tasks\At8.job
[18/07/2008 11:20][--a------] C:\WINDOWS\tasks\At7.job
[18/07/2008 11:20][--a------] C:\WINDOWS\tasks\At6.job
[18/07/2008 11:20][--a------] C:\WINDOWS\tasks\At5.job
[18/07/2008 11:20][--a------] C:\WINDOWS\tasks\At4.job
[14/08/2008 02:00][--a------] C:\WINDOWS\tasks\At3.job
[19/08/2008 01:00][--a------] C:\WINDOWS\tasks\At2.job
[19/08/2008 00:47][--a------] C:\WINDOWS\tasks\At1.job
[04/10/2008 16:20][--ah-----] C:\WINDOWS\tasks\SA.DAT
[28/09/2001 19:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[16/05/2008|10:11] C:\Program Files\AbiSuite2
[01/08/2002|18:44] C:\Program Files\Accessoires
[09/01/2005|17:36] C:\Program Files\ACE Mega CoDecS Pack
[31/01/2006|15:10] C:\Program Files\Adesign
[27/09/2008|10:18] C:\Program Files\Adobe
[23/09/2007|14:56] C:\Program Files\Alwil Software
[04/10/2008|13:42] C:\Program Files\a-squared Free
[01/05/2004|13:00] C:\Program Files\BSPLAYER
[06/08/2006|22:17] C:\Program Files\CCleaner
[20/08/2007|13:39] C:\Program Files\CVitae
[30/11/2003|15:51] C:\Program Files\directx
[04/10/2008|11:44] C:\Program Files\eMule
[13/12/2007|16:57] C:\Program Files\EnergyPlugIn
[02/07/2006|13:55] C:\Program Files\eZ
[04/10/2008|16:50] C:\Program Files\Fichiers communs
[24/08/2008|17:39] C:\Program Files\Foreignword
[22/02/2008|16:06] C:\Program Files\FunWebProducts
[20/04/2008|15:39] C:\Program Files\GIMP-2.0
[06/07/2007|19:25] C:\Program Files\Google
[15/02/2008|18:33] C:\Program Files\ImTOO
[29/01/2005|15:22] C:\Program Files\Infogrames
[04/09/2008|22:20] C:\Program Files\InstallShield Installation Information
[19/08/2005|15:04] C:\Program Files\Instant Access
[14/08/2008|11:32] C:\Program Files\Internet Explorer
[19/06/2008|13:49] C:\Program Files\Java
[14/08/2008|11:48] C:\Program Files\Messenger
[29/07/2008|19:21] C:\Program Files\Messenger Plus! Live
[22/12/2005|16:49] C:\Program Files\microsoft frontpage
[10/02/2008|16:56] C:\Program Files\Movie Maker
[04/10/2008|19:44] C:\Program Files\Mozilla Firefox
[27/09/2008|10:25] C:\Program Files\Mozilla Firefox 3 Beta 1
[17/09/2005|19:36] C:\Program Files\MSN Apps
[22/12/2005|16:39] C:\Program Files\MSN Gaming Zone
[04/07/2007|09:48] C:\Program Files\MSN Messenger
[17/09/2005|19:26] C:\Program Files\MSN Toolbar
[26/01/2006|19:49] C:\Program Files\Need2Find
[07/07/2007|10:09] C:\Program Files\Nero
[22/12/2005|16:43] C:\Program Files\NetMeeting
[22/08/2007|17:14] C:\Program Files\Neuf
[25/01/2006|14:21] C:\Program Files\neuf telecom
[04/10/2008|13:39] C:\Program Files\NOS
[03/12/2007|23:49] C:\Program Files\OpenOffice.org 2.3
[14/06/2007|10:24] C:\Program Files\Outlook Express
[02/07/2006|14:51] C:\Program Files\PhotoFiltre
[01/08/2002|18:44] C:\Program Files\PLUS!
[02/08/2002|17:14] C:\Program Files\Publication Web
[17/09/2005|19:27] C:\Program Files\QMgr
[03/06/2007|14:53] C:\Program Files\Real
[14/02/2007|18:34] C:\Program Files\SAGEM
[22/12/2005|16:44] C:\Program Files\Services en ligne
[13/12/2007|13:13] C:\Program Files\Softwin
[18/08/2008|15:00] C:\Program Files\Sony
[04/07/2008|13:52] C:\Program Files\Sony Corporation
[09/01/2005|17:23] C:\Program Files\Symantec
[22/04/2006|09:32] C:\Program Files\TBONBin
[09/05/2008|21:44] C:\Program Files\torrent_search
[04/10/2008|18:32] C:\Program Files\Trend Micro
[01/08/2002|19:05] C:\Program Files\Uninstall Information
[16/05/2008|10:22] C:\Program Files\URUSoft
[15/06/2007|17:09] C:\Program Files\VideoLAN
[29/02/2008|14:12] C:\Program Files\vso
[21/06/2005|15:50] C:\Program Files\VVSN
[28/09/2008|13:12] C:\Program Files\Webteh
[03/12/2007|23:42] C:\Program Files\Windows Live
[13/06/2007|20:27] C:\Program Files\Windows Media Connect 2
[13/06/2007|20:37] C:\Program Files\Windows Media Player
[30/01/2006|17:01] C:\Program Files\Windows NT
[22/12/2005|16:44] C:\Program Files\WindowsUpdate
[01/03/2008|09:59] C:\Program Files\WinRAR
[22/12/2005|16:49] C:\Program Files\xerox
[22/12/2005|18:56] C:\Program Files\XviD

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[19/08/2003|16:13] C:\Program Files\Fichiers communs\Adaptec Shared
[20/07/2006|11:10] C:\Program Files\Fichiers communs\Adobe
[02/02/2006|16:23] C:\Program Files\Fichiers communs\Adobe Systems Shared
[19/08/2008|16:21] C:\Program Files\Fichiers communs\Ahead
[13/04/2003|11:52] C:\Program Files\Fichiers communs\aolshare
[04/06/2006|10:32] C:\Program Files\Fichiers communs\AVSMedia
[17/07/2008|10:09] C:\Program Files\Fichiers communs\Canon
[07/07/2006|16:03] C:\Program Files\Fichiers communs\GTK
[26/01/2006|15:48] C:\Program Files\Fichiers communs\InstallShield
[07/07/2007|10:24] C:\Program Files\Fichiers communs\LightScribe
[12/06/2006|19:04] C:\Program Files\Fichiers communs\Macrovision Shared
[02/02/2008|17:47] C:\Program Files\Fichiers communs\MAGIX Shared
[04/10/2008|16:33] C:\Program Files\Fichiers communs\Microsoft Shared
[22/12/2005|16:43] C:\Program Files\Fichiers communs\MSSoap
[22/12/2005|17:25] C:\Program Files\Fichiers communs\ODBC
[13/06/2007|20:18] C:\Program Files\Fichiers communs\Real
[01/08/2002|18:49] C:\Program Files\Fichiers communs\SERVICES
[13/12/2007|16:11] C:\Program Files\Fichiers communs\Softwin
[04/07/2008|13:56] C:\Program Files\Fichiers communs\Sony Shared
[22/12/2005|17:24] C:\Program Files\Fichiers communs\SpeechEngines
[02/08/2002|16:56] C:\Program Files\Fichiers communs\Symantec Shared
[14/06/2007|10:24] C:\Program Files\Fichiers communs\SYSTEM
[04/10/2008|16:50] C:\Program Files\Fichiers communs\Teleca Shared
[01/12/2007|18:12] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[06/08/2006|23:02] C:\Program Files\Fichiers communs\WinSoftware

--------------------\\ Process

( 27 Processes )

iexplore.exe ~ [PID:6684]

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-04 20:07:01
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 85

--------------------\\ Recherche d'autres infections

C:\Program Files\Instant Access
C:\Program Files\Instant Access\Center
C:\Program Files\Instant Access\Dialer
[b]==> EGDACCESS <==/b

C:\WINDOWS\Tasks\At1.job
C:\WINDOWS\Tasks\At10.job
C:\WINDOWS\Tasks\At11.job
C:\WINDOWS\Tasks\At12.job
C:\WINDOWS\Tasks\At13.job
C:\WINDOWS\Tasks\At14.job
C:\WINDOWS\Tasks\At15.job
C:\WINDOWS\Tasks\At16.job
C:\WINDOWS\Tasks\At17.job
C:\WINDOWS\Tasks\At18.job
C:\WINDOWS\Tasks\At19.job
C:\WINDOWS\Tasks\At2.job
C:\WINDOWS\Tasks\At20.job
C:\WINDOWS\Tasks\At21.job
C:\WINDOWS\Tasks\At22.job
C:\WINDOWS\Tasks\At23.job
C:\WINDOWS\Tasks\At24.job
C:\WINDOWS\Tasks\At25.job
C:\WINDOWS\Tasks\At26.job
C:\WINDOWS\Tasks\At27.job
C:\WINDOWS\Tasks\At28.job
C:\WINDOWS\Tasks\At29.job
C:\WINDOWS\Tasks\At3.job
C:\WINDOWS\Tasks\At30.job
C:\WINDOWS\Tasks\At31.job
C:\WINDOWS\Tasks\At32.job
C:\WINDOWS\Tasks\At33.job
C:\WINDOWS\Tasks\At34.job
C:\WINDOWS\Tasks\At35.job
C:\WINDOWS\Tasks\At36.job
C:\WINDOWS\Tasks\At37.job
C:\WINDOWS\Tasks\At38.job
C:\WINDOWS\Tasks\At39.job
C:\WINDOWS\Tasks\At4.job
C:\WINDOWS\Tasks\At40.job
C:\WINDOWS\Tasks\At41.job
C:\WINDOWS\Tasks\At42.job
C:\WINDOWS\Tasks\At43.job
C:\WINDOWS\Tasks\At44.job
C:\WINDOWS\Tasks\At45.job
C:\WINDOWS\Tasks\At46.job
C:\WINDOWS\Tasks\At47.job
C:\WINDOWS\Tasks\At48.job
C:\WINDOWS\Tasks\At49.job
C:\WINDOWS\Tasks\At5.job
C:\WINDOWS\Tasks\At50.job
C:\WINDOWS\Tasks\At51.job
C:\WINDOWS\Tasks\At52.job
C:\WINDOWS\Tasks\At53.job
C:\WINDOWS\Tasks\At54.job
C:\WINDOWS\Tasks\At55.job
C:\WINDOWS\Tasks\At56.job
C:\WINDOWS\Tasks\At57.job
C:\WINDOWS\Tasks\At58.job
C:\WINDOWS\Tasks\At59.job
C:\WINDOWS\Tasks\At6.job
C:\WINDOWS\Tasks\At60.job
C:\WINDOWS\Tasks\At61.job
C:\WINDOWS\Tasks\At62.job
C:\WINDOWS\Tasks\At63.job
C:\WINDOWS\Tasks\At64.job
C:\WINDOWS\Tasks\At65.job
C:\WINDOWS\Tasks\At66.job
C:\WINDOWS\Tasks\At67.job
C:\WINDOWS\Tasks\At68.job
C:\WINDOWS\Tasks\At69.job
C:\WINDOWS\Tasks\At7.job
C:\WINDOWS\Tasks\At70.job
C:\WINDOWS\Tasks\At71.job
C:\WINDOWS\Tasks\At72.job
C:\WINDOWS\Tasks\At8.job
C:\WINDOWS\Tasks\At9.job

--------------------\\ ROGUES ..

C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinAntiVirus Pro 2006

[F:128][D:22]-> C:\DOCUME~1\Elodie\LOCALS~1\Temp
[F:116][D:0]-> C:\DOCUME~1\Elodie\Cookies
[F:1718][D:4]-> C:\DOCUME~1\Elodie\LOCALS~1\TEMPOR~1\content.IE5
[F:2][D:0]-> C:\Recycled

1 - "C:\Lop SD\LopR_1.txt" - 04/10/2008|18:25 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 04/10/2008|18:51 - Option : [1]
3 - "C:\Lop SD\LopR_3.txt" - 04/10/2008|20:14 - Option : [2]

--------------------\\ Fin du rapport a 20:14:09

-----------\\ ToolBar S&D 1.2.1 XP/Vista

( : )
USER : Elodie ( Administrator )
Antivirus : Bitdefender Antivirus 8.0 (Activated)

"C:\ToolBar SD" ( MAJ : 24-09-2008|21:50 )
Option : [2] ( 04/10/2008|20:25 )

-----------\\ SUPPRESSION

Supprime! - C:\DOCUME~1\Elodie\Cookies\elodie@hotbar[1].txt
Supprime! - C:\DOCUME~1\Elodie\Cookies\elodie@www.hotbar[1].txt
Supprime! - C:\Program Files\Need2Find\bar
Supprime! - C:\Program Files\VVSN\vvsn.cfg
Supprime! - C:\WINDOWS\iun6002.exe
Supprime! - C:\WINDOWS\smdat32a.sys
Supprime! - C:\WINDOWS\smdat32m.sys
Supprime! - C:\WINDOWS\FONTS\acrsec.fon
Supprime! - C:\WINDOWS\FONTS\acrsecB.fon
Supprime! - C:\WINDOWS\FONTS\acrsecI.fon
Supprime! - C:\Program Files\FunWebProducts
Supprime! - C:\Program Files\Need2Find
Supprime! - C:\Program Files\VVSN

-----------\\ Recherche de Fichiers / Dossiers ...

C:\DOCUME~1\Elodie\Cookies\elodie@www.zango[2].txt

-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="https://www.google.fr/?gws_rd=ssl"
"Search Page"="https://actus.sfr.fr"
"Default_Page_URL"="http://home.neuf.fr"
"Search Bar"="https://actus.sfr.fr"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Default_Search_URL"="https://actus.sfr.fr"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Start Page"="https://www.msn.com/fr-fr/"
"Search Bar"="https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm"

--------------------\\ Recherche d'autres infections

C:\Program Files\Instant Access
C:\Program Files\Instant Access\Center
C:\Program Files\Instant Access\Dialer
[b]==> EGDACCESS <==/b

C:\WINDOWS\Tasks\At1.job
C:\WINDOWS\Tasks\At10.job
C:\WINDOWS\Tasks\At11.job
C:\WINDOWS\Tasks\At12.job
C:\WINDOWS\Tasks\At13.job
C:\WINDOWS\Tasks\At14.job
C:\WINDOWS\Tasks\At15.job
C:\WINDOWS\Tasks\At16.job
C:\WINDOWS\Tasks\At17.job
C:\WINDOWS\Tasks\At18.job
C:\WINDOWS\Tasks\At19.job
C:\WINDOWS\Tasks\At2.job
C:\WINDOWS\Tasks\At20.job
C:\WINDOWS\Tasks\At21.job
C:\WINDOWS\Tasks\At22.job
C:\WINDOWS\Tasks\At23.job
C:\WINDOWS\Tasks\At24.job
C:\WINDOWS\Tasks\At25.job
C:\WINDOWS\Tasks\At26.job
C:\WINDOWS\Tasks\At27.job
C:\WINDOWS\Tasks\At28.job
C:\WINDOWS\Tasks\At29.job
C:\WINDOWS\Tasks\At3.job
C:\WINDOWS\Tasks\At30.job
C:\WINDOWS\Tasks\At31.job
C:\WINDOWS\Tasks\At32.job
C:\WINDOWS\Tasks\At33.job
C:\WINDOWS\Tasks\At34.job
C:\WINDOWS\Tasks\At35.job
C:\WINDOWS\Tasks\At36.job
C:\WINDOWS\Tasks\At37.job
C:\WINDOWS\Tasks\At38.job
C:\WINDOWS\Tasks\At39.job
C:\WINDOWS\Tasks\At4.job
C:\WINDOWS\Tasks\At40.job
C:\WINDOWS\Tasks\At41.job
C:\WINDOWS\Tasks\At42.job
C:\WINDOWS\Tasks\At43.job
C:\WINDOWS\Tasks\At44.job
C:\WINDOWS\Tasks\At45.job
C:\WINDOWS\Tasks\At46.job
C:\WINDOWS\Tasks\At47.job
C:\WINDOWS\Tasks\At48.job
C:\WINDOWS\Tasks\At49.job
C:\WINDOWS\Tasks\At5.job
C:\WINDOWS\Tasks\At50.job
C:\WINDOWS\Tasks\At51.job
C:\WINDOWS\Tasks\At52.job
C:\WINDOWS\Tasks\At53.job
C:\WINDOWS\Tasks\At54.job
C:\WINDOWS\Tasks\At55.job
C:\WINDOWS\Tasks\At56.job
C:\WINDOWS\Tasks\At57.job
C:\WINDOWS\Tasks\At58.job
C:\WINDOWS\Tasks\At59.job
C:\WINDOWS\Tasks\At6.job
C:\WINDOWS\Tasks\At60.job
C:\WINDOWS\Tasks\At61.job
C:\WINDOWS\Tasks\At62.job
C:\WINDOWS\Tasks\At63.job
C:\WINDOWS\Tasks\At64.job
C:\WINDOWS\Tasks\At65.job
C:\WINDOWS\Tasks\At66.job
C:\WINDOWS\Tasks\At67.job
C:\WINDOWS\Tasks\At68.job
C:\WINDOWS\Tasks\At69.job
C:\WINDOWS\Tasks\At7.job
C:\WINDOWS\Tasks\At70.job
C:\WINDOWS\Tasks\At71.job
C:\WINDOWS\Tasks\At72.job
C:\WINDOWS\Tasks\At8.job
C:\WINDOWS\Tasks\At9.job

--------------------\\ ROOTKIT !!

Rootkit Rustock ! .. [HKLM\..\CurrentControlSet\Enum\Root\LEGACY_DXDSS]
Rootkit Rustock ! .. [HKLM\..\CurrentControlSet\Enum\Root\LEGACY_FNHOJE]
Rootkit Pandex ! .. [HKLM\..\CurrentControlSet\Enum\Root\LEGACY_KSYS]
Rootkit Bagle ! .. [HKLM\..\CurrentControlSet\Services\LEGACY_SROSA]
Rootkit Rustock ! .. [HKLM\..\CurrentControlSet\Services\LEGACY_SYSLDR]
Rootkit Rustock ! .. [HKLM\..\CurrentControlSet\Enum\Root\LEGACY_SYSLDR]
Rootkit Rustock ! .. [HKLM\..\CurrentControlSet\Services\LEGACY_XPDX]
Rootkit Rustock ! .. [HKLM\..\CurrentControlSet\Enum\Root\LEGACY_XPDX]
Rootkit Rustock ! .. [HKLM\..\CurrentControlSet\Enum\Root\LEGACY_XPDT]
Rootkit Rustock ! .. [HKLM\..\CurrentControlSet\Enum\Root\dxdss]
Rootkit Bagle ! .. [HKLM\..\CurrentControlSet\Enum\Root\rosa]
Rootkit Bagle ! .. [HKLM\..\CurrentControlSet\Services\srosa]
Rootkit Bagle ! .. [HKLM\..\CurrentControlSet\Enum\Root\srosa]
Rootkit Rustock ! .. [HKLM\..\CurrentControlSet\Services\sysldr]
Rootkit Tibs ! .. [HKLM\..\CurrentControlSet\Enum\Root\tdssserv]
Rootkit Rustock ! .. [HKLM\..\CurrentControlSet\Services\xpdx]
Rootkit Rustock ! .. [HKLM\..\CurrentControlSet\Enum\Root\xpdx]
Rootkit Rustock ! .. [HKLM\..\CurrentControlSet\Services\xpdt]

--------------------\\ ROGUES ..

C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinAntiVirus Pro 2006

1 - "C:\ToolBar SD\TB_1.txt" - 04/10/2008|18:39 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 04/10/2008|20:33 - Option : [2]

-----------\\ Fin du rapport a 20:33:08,43

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:45:45, on 04/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
C:\WINDOWS\system32\MMTrayLSI.exe
C:\WINDOWS\system32\MMTray2k.exe
C:\WINDOWS\system32\MMTray.exe
C:\Program Files\Softwin\BitDefender10\bdmcon.exe
C:\Program Files\Softwin\BitDefender10\bdagent.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.neuf.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://actus.sfr.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://actus.sfr.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://actus.sfr.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://actus.sfr.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [MMTrayLSI] MMTrayLSI.exe
O4 - HKLM\..\Run: [MMTray2K] MMTray2k.exe
O4 - HKLM\..\Run: [MMTray] MMTray.exe
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: BitDefender Free Edition v10.lnk = C:\Program Files\Softwin\BitDefender10\bdmcon.exe
O9 - Extra button: @C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll,-115 - {BB8A8834-A0A1-4d70-A21A-72FF89AA737A} - (no file)
O9 - Extra 'Tools' menuitem: ImageShack Toolbar - {BB8A8834-A0A1-4d70-A21A-72FF89AA737A} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://toolbar.imageshack.us
O16 - DPF: Tinypic Publisher - http://tinypic.com/images/goodbye.jpg
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} -
O16 - DPF: {317153FE-B7FB-419B-AC87-0B2EC97D7A04} (VB2S ActiveX Control) - http://www.subdo.com/activex/vb2s.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab
O18 - Filter hijack: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - (no file)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe

evasion60/PCA · Answer

Bonjour

... C'est du lourd ton affaire !!!
Nous continuons :

Télécharger smitfraudfix (de S!Ri) sur le bureau. 
http://siri.urz.free.fr/Fix/SmitfraudFix.exe

Clique sur smitfraudfix.exe 
Choisis l'option 1 et colle dans ta réponse le rapport généré par smitfraudfix. Ce rapport se trouve dans la fenêtre du bloc-note qui s’ouvre. 
Ferme l'application en tapant sur la touche Q. 

Reviens dans ta réponse avec son rapport / STP
Bonne réception, et à te lire

elodie · Answer

Désolée de répondre aussi tard ! Merci de votre réponse.

Voici le rapport établi par smitfraudfix :



SmitFraudFix v2.357

Rapport fait à 15:54:30,16, 08/10/2008
Executé à partir de C:\Documents and Settings\Elodie\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
C:\WINDOWS\system32\MMTrayLSI.exe
C:\WINDOWS\system32\MMTray2k.exe
C:\WINDOWS\system32\MMTray.exe
C:\Program Files\Softwin\BitDefender10\bdmcon.exe
C:\Program Files\Softwin\BitDefender10\bdagent.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\cmd.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts


»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS

C:\WINDOWS\Tasks\At?.job PRESENT !
C:\WINDOWS\Tasks\At??.job PRESENT !

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Elodie


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Elodie\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Elodie\Favoris


»»»»»»»»»»»»»»»»»»»»»»»» Bureau


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files 


»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues


»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau
 
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"
 

»»»»»»»»»»»»»»»»»»»»»»»» o4Patch
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

o4Patch
Credits: Malware Analysis & Diagnostic
Code: S!Ri



»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri



»»»»»»»»»»»»»»»»»»»»»»»» VACFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» 404Fix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» AntiXPVSTFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

AntiXPVSTFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri



»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="sockspy.dll"


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\WINDOWS\system32\userinit.exe,"
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» RK



»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: Palladia 300/400 Usb Adsl Modem - Miniport d'ordonnancement de paquets
DNS Server Search Order: 192.168.30.1
DNS Server Search Order: 0.0.0.0

Description: Palladia 300/400 Usb Adsl Modem - Miniport d'ordonnancement de paquets
DNS Server Search Order: 192.168.1.1

HKLM\SYSTEM\CCS\Services\Tcpip\..\{0AFD7432-56C3-4BFB-A881-38317C53D3B8}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CCS\Services\Tcpip\..\{87E4EA2A-2FC1-466D-8BDE-0854F8FFF7EF}: DhcpNameServer=192.168.30.1 0.0.0.0
HKLM\SYSTEM\CS1\Services\Tcpip\..\{87E4EA2A-2FC1-466D-8BDE-0854F8FFF7EF}: DhcpNameServer=192.168.30.1 0.0.0.0
HKLM\SYSTEM\CS2\Services\Tcpip\..\{0AFD7432-56C3-4BFB-A881-38317C53D3B8}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS2\Services\Tcpip\..\{87E4EA2A-2FC1-466D-8BDE-0854F8FFF7EF}: DhcpNameServer=192.168.30.1 0.0.0.0
HKLM\SYSTEM\CS3\Services\Tcpip\..\{0AFD7432-56C3-4BFB-A881-38317C53D3B8}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS3\Services\Tcpip\..\{87E4EA2A-2FC1-466D-8BDE-0854F8FFF7EF}: DhcpNameServer=192.168.30.1 0.0.0.0
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1


»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin

evasion60/PCA · Answer

Bonsoir Elodie 

Prière d'imprimer ces instructions, ou de les coller dans un fichier texte pour lecture en mode Sans Échec.
Redémarre en mode sans échec en tapotant sur F5 ou F8 au démarrage... ( impératif le mode sans échec, pour cette procédure  )
Double cliquer sur Smitfraudfix.exe. 
Sélectionner 2 pour supprimer les fichiers responsables de l'infection. 
A la question Voulez-vous nettoyer le registre ?], répondre O (oui) afin de débloquer le fond d'écran et supprimer les clés de démarrage automatique de l'infection. Le fix déterminera si le fichier wininet.dll est infecté.  
A la question Corriger le fichier infecté ? répondre O (oui) pour remplacer le fichier corrompu. 
Quitter le programme en appuyant sur Q. 
Redémarrer normalement et coller sur le forum le rapport généré.

Bonne réception, et à te lire

elodie · Answer

Voici le rapport :

SmitFraudFix v2.357

Rapport fait à 19:28:30,19, 09/10/2008
Executé à partir de C:\Documents and Settings\Elodie\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode sans echec

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus


»»»»»»»»»»»»»»»»»»»»»»»» hosts

127.0.0.1       localhost

»»»»»»»»»»»»»»»»»»»»»»»» VACFix

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix

S!Ri's WS2Fix: LSP not Found.


»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés

C:\WINDOWS\Tasks\At?.job supprimé
C:\WINDOWS\Tasks\At??.job supprimé

»»»»»»»»»»»»»»»»»»»»»»»» IEDFix

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri



»»»»»»»»»»»»»»»»»»»»»»»» 404Fix

404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» AntiXPVSTFix

AntiXPVSTFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri



»»»»»»»»»»»»»»»»»»»»»»»» RK


»»»»»»»»»»»»»»»»»»»»»»»» DNS

HKLM\SYSTEM\CCS\Services\Tcpip\..\{0AFD7432-56C3-4BFB-A881-38317C53D3B8}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CCS\Services\Tcpip\..\{87E4EA2A-2FC1-466D-8BDE-0854F8FFF7EF}: DhcpNameServer=192.168.30.1 0.0.0.0
HKLM\SYSTEM\CS1\Services\Tcpip\..\{87E4EA2A-2FC1-466D-8BDE-0854F8FFF7EF}: DhcpNameServer=192.168.30.1 0.0.0.0
HKLM\SYSTEM\CS2\Services\Tcpip\..\{0AFD7432-56C3-4BFB-A881-38317C53D3B8}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS2\Services\Tcpip\..\{87E4EA2A-2FC1-466D-8BDE-0854F8FFF7EF}: DhcpNameServer=192.168.30.1 0.0.0.0
HKLM\SYSTEM\CS3\Services\Tcpip\..\{0AFD7432-56C3-4BFB-A881-38317C53D3B8}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS3\Services\Tcpip\..\{87E4EA2A-2FC1-466D-8BDE-0854F8FFF7EF}: DhcpNameServer=192.168.30.1 0.0.0.0
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1


»»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre
 
Nettoyage terminé. 
 
»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Après SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin


Merci !

evasion60/PCA · Answer

Bonsoir Elodie

... Désolé du retard dans mes réponses => j'ai encore un job qui me prend bcps de temps ( bientot la quille ) 

On peut faire un point sur le fonctionnement de la machine, après ce "grand nettoyage" ?

Merci de ta réponse, => je vais être un peu plus dispo cette fin de semaine 

Bonne réception, et à te lire

elodie · Answer

Bonjour !

L'ordinateur va beaucoup mieux depuis cette dernière manipulation. Il est vraiment plus rapide qu'avant, ne se bloque plus aussi facilement et surtout les pages internet ne disparaissent plus soudainement sans raison !

Merci pour le temps que vous avez m'avez consacré.

Je vous souhaite une bonne fin de journée,

Et merci encore,

Elodie

evasion60/PCA · Answer

Elodie, 

...ne te sauves pas comme cela /// Je dois te faire supprimer tous les logiciels  de désinfection que nous avons utilisés !

-1- Télécharge OTMoveIt2 (de Old_Timer) sur ton Bureau.
http://download.bleepingcomputer.com/oldtimer/OTMoveIt2.exe

double-clique sur OTMoveIt2.exe pour le lancer.
Clique sur " Clean-up " => cela va supprimer nos outils téléchargés, les back-up, archives de désinfection, et lui même !

-2- Applique ceci / STP :
https://forum.pcastuces.com/default.asp

Surtout la " restauration système " de Windows, puis la partie défragmentation des disques durs, puis pour terminer sur les mises à jours importantes 

Bonne réception, et à te lire

elodie · Answer

Désolée ! J'ai cru que c'était terminé.

J'ai bien télécharger OTMoveIt2 et redémarrer le pc ensuite seulement j'ai du mal avec l'étape 2. Lorsque je clique sur le lien, je tombe sur un forum mais j'ai du mal à savoir où je dois me diriger ensuite. Je suppose que je dois cliquer sur Windows XP.
Pourriez vous me l'indiquer svp ?

Merci !

evasion60/PCA · Answer

Bonjour Elodie

... Pour le point n°2, c'est normal que tu tombes sur le forum de PC Astuce , je te demande d'appliquer les recommandations qui sont dessus soit 

-Désactiver la restaurant système de Windows
-De recréer un nouveau pint de restauration sain, donc d'aujourd'hui
- De défragmenter tes disques durs
- etc .....


Bonne réception
Tu pourras noter ton sujet comme " résolu "

elodie · Answer

D'accord, j'ai compris !
Merci énormément pour votre aide !

Virus Trojan Swizzor

15 réponses

Votre réponse

Discussions similaires

Newsletters