Voici les 3 rapports :
--------------------\\ Lop S&D 4.2.4-5 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : Processeur Intel Pentium III )
BIOS : Award Modular BIOS v6.00PG
USER : Elodie ( Administrator )
BOOT : Normal boot
Antivirus : Bitdefender Antivirus 8.0 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total : 18 Go Free : 9 Go
D:\ (CD or DVD)
E:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 02-10-2008|23:42 )
Option : [2] ( 04/10/2008|20:01 )
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
Supprime! - C:\DOCUME~1\Elodie\APPLIC~1\BitDownload\Data
Supprime! - C:\Program Files\BitDownload\BitDownload.TRC
Supprime! - C:\Program Files\BitDownload\ZM
Supprime! - C:\Program Files\BitTorrent Fastest Tool\BitP.exe
Supprime! - C:\Program Files\BitTorrent Fastest Tool\INSTALL.LOG
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\title tool face bin
Supprime! - C:\DOCUME~1\Elodie\APPLIC~1\BitDownload
Supprime! - C:\Program Files\BitDownload
Supprime! - C:\Program Files\BitTorrent Fastest Tool
-
[ Fichier Hosts ] .. Restaure!
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans APPLIC~1
[24/09/2008|13:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[02/02/2006|16:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems
[13/12/2007|16:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BitDefender
[27/03/2006|18:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY
[15/12/2006|09:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CA
[26/01/2006|15:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[07/07/2007|10:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LightScribe
[12/06/2006|19:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macrovision
[11/08/2008|18:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[13/12/2007|16:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[25/12/2005|11:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Newsoft
[04/10/2008|13:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NOS
[01/07/2006|09:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\River Past G4
[04/07/2008|13:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Corporation
[27/03/2006|15:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinAntiVirus Pro 2006
[01/07/2006|10:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[03/12/2007|23:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WindowsLiveInstaller
[01/12/2007|17:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[28/02/2008|19:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion
[22/12/2005|16:48] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[24/09/2008|13:34] C:\DOCUME~1\Elodie\APPLIC~1\Adobe
[29/03/2006|13:01] C:\DOCUME~1\Elodie\APPLIC~1\AdobeUM
[22/01/2008|22:36] C:\DOCUME~1\Elodie\APPLIC~1\Ahead
[30/05/2006|17:56] C:\DOCUME~1\Elodie\APPLIC~1\ArcSoft
[05/06/2006|10:22] C:\DOCUME~1\Elodie\APPLIC~1\AVS Video Converter
[13/12/2007|16:33] C:\DOCUME~1\Elodie\APPLIC~1\Bitdefender
[26/06/2007|14:30] C:\DOCUME~1\Elodie\APPLIC~1\CVitae
[05/03/2006|11:00] C:\DOCUME~1\Elodie\APPLIC~1\DMCache
[18/07/2007|11:18] C:\DOCUME~1\Elodie\APPLIC~1\dvdcss
[14/09/2008|00:13] C:\DOCUME~1\Elodie\APPLIC~1\gtk-2.0
[04/05/2006|13:41] C:\DOCUME~1\Elodie\APPLIC~1\Help
[30/05/2006|14:00] C:\DOCUME~1\Elodie\APPLIC~1\Identities
[26/12/2005|16:25] C:\DOCUME~1\Elodie\APPLIC~1\Inkscape
[13/12/2007|16:09] C:\DOCUME~1\Elodie\APPLIC~1\Lavasoft
[25/09/2008|15:41] C:\DOCUME~1\Elodie\APPLIC~1\Leadertech
[12/01/2008|12:41] C:\DOCUME~1\Elodie\APPLIC~1\Macromedia
[10/02/2008|12:53] C:\DOCUME~1\Elodie\APPLIC~1\Microsoft
[03/02/2008|10:58] C:\DOCUME~1\Elodie\APPLIC~1\Mozilla
[22/01/2008|18:50] C:\DOCUME~1\Elodie\APPLIC~1\Nero
[03/02/2008|10:58] C:\DOCUME~1\Elodie\APPLIC~1\Netscape
[29/12/2005|19:34] C:\DOCUME~1\Elodie\APPLIC~1\Nvu
[03/12/2007|23:37] C:\DOCUME~1\Elodie\APPLIC~1\OpenOffice.org2
[02/02/2006|17:12] C:\DOCUME~1\Elodie\APPLIC~1\Opera
[03/02/2008|10:53] C:\DOCUME~1\Elodie\APPLIC~1\Photodex
[13/06/2007|20:17] C:\DOCUME~1\Elodie\APPLIC~1\Real
[05/06/2006|10:18] C:\DOCUME~1\Elodie\APPLIC~1\River Past G4
[03/04/2007|18:02] C:\DOCUME~1\Elodie\APPLIC~1\Screenshot Sender
[04/07/2008|14:12] C:\DOCUME~1\Elodie\APPLIC~1\Sony Corporation
[24/09/2008|14:04] C:\DOCUME~1\Elodie\APPLIC~1\Sony Ericsson
[26/10/2007|21:56] C:\DOCUME~1\Elodie\APPLIC~1\Sun
[24/09/2008|14:09] C:\DOCUME~1\Elodie\APPLIC~1\Teleca
[15/06/2007|19:06] C:\DOCUME~1\Elodie\APPLIC~1\vlc
[29/02/2008|14:11] C:\DOCUME~1\Elodie\APPLIC~1\Vso
[17/07/2008|10:31] C:\DOCUME~1\Elodie\APPLIC~1\ZoomBrowser EX
[22/12/2005|16:58] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[18/07/2008|20:02] C:\DOCUME~1\NETWOR~1\APPLIC~1\Macromedia
[19/07/2008|11:31] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[27/09/2008 23:00][--a------] C:\WINDOWS\tasks\At72.job
[29/09/2008 22:00][--a------] C:\WINDOWS\tasks\At71.job
[01/10/2008 21:00][--a------] C:\WINDOWS\tasks\At70.job
[04/10/2008 20:00][--a------] C:\WINDOWS\tasks\At69.job
[04/10/2008 19:00][--a------] C:\WINDOWS\tasks\At68.job
[04/10/2008 18:00][--a------] C:\WINDOWS\tasks\At67.job
[04/10/2008 17:00][--a------] C:\WINDOWS\tasks\At66.job
[04/10/2008 16:00][--a------] C:\WINDOWS\tasks\At65.job
[04/10/2008 15:00][--a------] C:\WINDOWS\tasks\At64.job
[04/10/2008 14:01][--a------] C:\WINDOWS\tasks\At63.job
[04/10/2008 13:00][--a------] C:\WINDOWS\tasks\At62.job
[04/10/2008 12:01][--a------] C:\WINDOWS\tasks\At61.job
[28/09/2008 11:01][--a------] C:\WINDOWS\tasks\At60.job
[04/10/2008 10:00][--a------] C:\WINDOWS\tasks\At59.job
[20/09/2008 09:58][--a------] C:\WINDOWS\tasks\At58.job
[25/09/2008 08:00][--a------] C:\WINDOWS\tasks\At57.job
[20/09/2008 09:58][--a------] C:\WINDOWS\tasks\At56.job
[20/09/2008 09:58][--a------] C:\WINDOWS\tasks\At55.job
[20/09/2008 09:58][--a------] C:\WINDOWS\tasks\At54.job
[20/09/2008 09:58][--a------] C:\WINDOWS\tasks\At53.job
[20/09/2008 09:58][--a------] C:\WINDOWS\tasks\At52.job
[20/09/2008 09:58][--a------] C:\WINDOWS\tasks\At51.job
[20/09/2008 09:58][--a------] C:\WINDOWS\tasks\At50.job
[20/09/2008 09:58][--a------] C:\WINDOWS\tasks\At49.job
[27/09/2008 23:00][--a------] C:\WINDOWS\tasks\At48.job
[29/09/2008 22:00][--a------] C:\WINDOWS\tasks\At47.job
[01/10/2008 21:00][--a------] C:\WINDOWS\tasks\At46.job
[04/10/2008 20:00][--a------] C:\WINDOWS\tasks\At45.job
[04/10/2008 19:00][--a------] C:\WINDOWS\tasks\At44.job
[04/10/2008 18:00][--a------] C:\WINDOWS\tasks\At43.job
[04/10/2008 17:00][--a------] C:\WINDOWS\tasks\At42.job
[04/10/2008 16:00][--a------] C:\WINDOWS\tasks\At41.job
[04/10/2008 15:00][--a------] C:\WINDOWS\tasks\At40.job
[04/10/2008 14:00][--a------] C:\WINDOWS\tasks\At39.job
[04/10/2008 13:00][--a------] C:\WINDOWS\tasks\At38.job
[04/10/2008 12:00][--a------] C:\WINDOWS\tasks\At37.job
[28/09/2008 11:00][--a------] C:\WINDOWS\tasks\At36.job
[04/10/2008 10:00][--a------] C:\WINDOWS\tasks\At35.job
[23/08/2008 09:00][--a------] C:\WINDOWS\tasks\At34.job
[25/09/2008 08:00][--a------] C:\WINDOWS\tasks\At33.job
[18/07/2008 11:34][--a------] C:\WINDOWS\tasks\At32.job
[18/07/2008 11:34][--a------] C:\WINDOWS\tasks\At31.job
[18/07/2008 11:34][--a------] C:\WINDOWS\tasks\At30.job
[18/07/2008 11:34][--a------] C:\WINDOWS\tasks\At29.job
[18/07/2008 11:34][--a------] C:\WINDOWS\tasks\At28.job
[14/08/2008 02:00][--a------] C:\WINDOWS\tasks\At27.job
[19/08/2008 01:00][--a------] C:\WINDOWS\tasks\At26.job
[08/09/2008 00:43][--a------] C:\WINDOWS\tasks\At25.job
[27/09/2008 23:00][--a------] C:\WINDOWS\tasks\At24.job
[29/09/2008 22:00][--a------] C:\WINDOWS\tasks\At23.job
[01/10/2008 21:00][--a------] C:\WINDOWS\tasks\At22.job
[04/10/2008 20:00][--a------] C:\WINDOWS\tasks\At21.job
[04/10/2008 19:00][--a------] C:\WINDOWS\tasks\At20.job
[04/10/2008 18:00][--a------] C:\WINDOWS\tasks\At19.job
[04/10/2008 17:00][--a------] C:\WINDOWS\tasks\At18.job
[04/10/2008 16:00][--a------] C:\WINDOWS\tasks\At17.job
[04/10/2008 15:00][--a------] C:\WINDOWS\tasks\At16.job
[04/10/2008 14:00][--a------] C:\WINDOWS\tasks\At15.job
[04/10/2008 13:00][--a------] C:\WINDOWS\tasks\At14.job
[04/10/2008 12:00][--a------] C:\WINDOWS\tasks\At13.job
[28/09/2008 11:00][--a------] C:\WINDOWS\tasks\At12.job
[04/10/2008 10:00][--a------] C:\WINDOWS\tasks\At11.job
[23/08/2008 09:00][--a------] C:\WINDOWS\tasks\At10.job
[25/09/2008 08:00][--a------] C:\WINDOWS\tasks\At9.job
[18/07/2008 11:20][--a------] C:\WINDOWS\tasks\At8.job
[18/07/2008 11:20][--a------] C:\WINDOWS\tasks\At7.job
[18/07/2008 11:20][--a------] C:\WINDOWS\tasks\At6.job
[18/07/2008 11:20][--a------] C:\WINDOWS\tasks\At5.job
[18/07/2008 11:20][--a------] C:\WINDOWS\tasks\At4.job
[14/08/2008 02:00][--a------] C:\WINDOWS\tasks\At3.job
[19/08/2008 01:00][--a------] C:\WINDOWS\tasks\At2.job
[19/08/2008 00:47][--a------] C:\WINDOWS\tasks\At1.job
[04/10/2008 16:20][--ah-----] C:\WINDOWS\tasks\SA.DAT
[28/09/2001 19:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[16/05/2008|10:11] C:\Program Files\AbiSuite2
[01/08/2002|18:44] C:\Program Files\Accessoires
[09/01/2005|17:36] C:\Program Files\ACE Mega CoDecS Pack
[31/01/2006|15:10] C:\Program Files\Adesign
[27/09/2008|10:18] C:\Program Files\Adobe
[23/09/2007|14:56] C:\Program Files\Alwil Software
[04/10/2008|13:42] C:\Program Files\a-squared Free
[01/05/2004|13:00] C:\Program Files\BSPLAYER
[06/08/2006|22:17] C:\Program Files\CCleaner
[20/08/2007|13:39] C:\Program Files\CVitae
[30/11/2003|15:51] C:\Program Files\directx
[04/10/2008|11:44] C:\Program Files\eMule
[13/12/2007|16:57] C:\Program Files\EnergyPlugIn
[02/07/2006|13:55] C:\Program Files\eZ
[04/10/2008|16:50] C:\Program Files\Fichiers communs
[24/08/2008|17:39] C:\Program Files\Foreignword
[22/02/2008|16:06] C:\Program Files\FunWebProducts
[20/04/2008|15:39] C:\Program Files\GIMP-2.0
[06/07/2007|19:25] C:\Program Files\Google
[15/02/2008|18:33] C:\Program Files\ImTOO
[29/01/2005|15:22] C:\Program Files\Infogrames
[04/09/2008|22:20] C:\Program Files\InstallShield Installation Information
[19/08/2005|15:04] C:\Program Files\Instant Access
[14/08/2008|11:32] C:\Program Files\Internet Explorer
[19/06/2008|13:49] C:\Program Files\Java
[14/08/2008|11:48] C:\Program Files\Messenger
[29/07/2008|19:21] C:\Program Files\Messenger Plus! Live
[22/12/2005|16:49] C:\Program Files\microsoft frontpage
[10/02/2008|16:56] C:\Program Files\Movie Maker
[04/10/2008|19:44] C:\Program Files\Mozilla Firefox
[27/09/2008|10:25] C:\Program Files\Mozilla Firefox 3 Beta 1
[17/09/2005|19:36] C:\Program Files\MSN Apps
[22/12/2005|16:39] C:\Program Files\MSN Gaming Zone
[04/07/2007|09:48] C:\Program Files\MSN Messenger
[17/09/2005|19:26] C:\Program Files\MSN Toolbar
[26/01/2006|19:49] C:\Program Files\Need2Find
[07/07/2007|10:09] C:\Program Files\Nero
[22/12/2005|16:43] C:\Program Files\NetMeeting
[22/08/2007|17:14] C:\Program Files\Neuf
[25/01/2006|14:21] C:\Program Files\neuf telecom
[04/10/2008|13:39] C:\Program Files\NOS
[03/12/2007|23:49] C:\Program Files\OpenOffice.org 2.3
[14/06/2007|10:24] C:\Program Files\Outlook Express
[02/07/2006|14:51] C:\Program Files\PhotoFiltre
[01/08/2002|18:44] C:\Program Files\PLUS!
[02/08/2002|17:14] C:\Program Files\Publication Web
[17/09/2005|19:27] C:\Program Files\QMgr
[03/06/2007|14:53] C:\Program Files\Real
[14/02/2007|18:34] C:\Program Files\SAGEM
[22/12/2005|16:44] C:\Program Files\Services en ligne
[13/12/2007|13:13] C:\Program Files\Softwin
[18/08/2008|15:00] C:\Program Files\Sony
[04/07/2008|13:52] C:\Program Files\Sony Corporation
[09/01/2005|17:23] C:\Program Files\Symantec
[22/04/2006|09:32] C:\Program Files\TBONBin
[09/05/2008|21:44] C:\Program Files\torrent_search
[04/10/2008|18:32] C:\Program Files\Trend Micro
[01/08/2002|19:05] C:\Program Files\Uninstall Information
[16/05/2008|10:22] C:\Program Files\URUSoft
[15/06/2007|17:09] C:\Program Files\VideoLAN
[29/02/2008|14:12] C:\Program Files\vso
[21/06/2005|15:50] C:\Program Files\VVSN
[28/09/2008|13:12] C:\Program Files\Webteh
[03/12/2007|23:42] C:\Program Files\Windows Live
[13/06/2007|20:27] C:\Program Files\Windows Media Connect 2
[13/06/2007|20:37] C:\Program Files\Windows Media Player
[30/01/2006|17:01] C:\Program Files\Windows NT
[22/12/2005|16:44] C:\Program Files\WindowsUpdate
[01/03/2008|09:59] C:\Program Files\WinRAR
[22/12/2005|16:49] C:\Program Files\xerox
[22/12/2005|18:56] C:\Program Files\XviD
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[19/08/2003|16:13] C:\Program Files\Fichiers communs\Adaptec Shared
[20/07/2006|11:10] C:\Program Files\Fichiers communs\Adobe
[02/02/2006|16:23] C:\Program Files\Fichiers communs\Adobe Systems Shared
[19/08/2008|16:21] C:\Program Files\Fichiers communs\Ahead
[13/04/2003|11:52] C:\Program Files\Fichiers communs\aolshare
[04/06/2006|10:32] C:\Program Files\Fichiers communs\AVSMedia
[17/07/2008|10:09] C:\Program Files\Fichiers communs\Canon
[07/07/2006|16:03] C:\Program Files\Fichiers communs\GTK
[26/01/2006|15:48] C:\Program Files\Fichiers communs\InstallShield
[07/07/2007|10:24] C:\Program Files\Fichiers communs\LightScribe
[12/06/2006|19:04] C:\Program Files\Fichiers communs\Macrovision Shared
[02/02/2008|17:47] C:\Program Files\Fichiers communs\MAGIX Shared
[04/10/2008|16:33] C:\Program Files\Fichiers communs\Microsoft Shared
[22/12/2005|16:43] C:\Program Files\Fichiers communs\MSSoap
[22/12/2005|17:25] C:\Program Files\Fichiers communs\ODBC
[13/06/2007|20:18] C:\Program Files\Fichiers communs\Real
[01/08/2002|18:49] C:\Program Files\Fichiers communs\SERVICES
[13/12/2007|16:11] C:\Program Files\Fichiers communs\Softwin
[04/07/2008|13:56] C:\Program Files\Fichiers communs\Sony Shared
[22/12/2005|17:24] C:\Program Files\Fichiers communs\SpeechEngines
[02/08/2002|16:56] C:\Program Files\Fichiers communs\Symantec Shared
[14/06/2007|10:24] C:\Program Files\Fichiers communs\SYSTEM
[04/10/2008|16:50] C:\Program Files\Fichiers communs\Teleca Shared
[01/12/2007|18:12] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[06/08/2006|23:02] C:\Program Files\Fichiers communs\WinSoftware
--------------------\\ Process
( 27 Processes )
iexplore.exe ~ [PID:6684]
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2008-10-04 20:07:01
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 85
--------------------\\ Recherche d'autres infections
C:\Program Files\Instant Access
C:\Program Files\Instant Access\Center
C:\Program Files\Instant Access\Dialer
[b]==> EGDACCESS <==
/b
C:\WINDOWS\Tasks\At1.job
C:\WINDOWS\Tasks\At10.job
C:\WINDOWS\Tasks\At11.job
C:\WINDOWS\Tasks\At12.job
C:\WINDOWS\Tasks\At13.job
C:\WINDOWS\Tasks\At14.job
C:\WINDOWS\Tasks\At15.job
C:\WINDOWS\Tasks\At16.job
C:\WINDOWS\Tasks\At17.job
C:\WINDOWS\Tasks\At18.job
C:\WINDOWS\Tasks\At19.job
C:\WINDOWS\Tasks\At2.job
C:\WINDOWS\Tasks\At20.job
C:\WINDOWS\Tasks\At21.job
C:\WINDOWS\Tasks\At22.job
C:\WINDOWS\Tasks\At23.job
C:\WINDOWS\Tasks\At24.job
C:\WINDOWS\Tasks\At25.job
C:\WINDOWS\Tasks\At26.job
C:\WINDOWS\Tasks\At27.job
C:\WINDOWS\Tasks\At28.job
C:\WINDOWS\Tasks\At29.job
C:\WINDOWS\Tasks\At3.job
C:\WINDOWS\Tasks\At30.job
C:\WINDOWS\Tasks\At31.job
C:\WINDOWS\Tasks\At32.job
C:\WINDOWS\Tasks\At33.job
C:\WINDOWS\Tasks\At34.job
C:\WINDOWS\Tasks\At35.job
C:\WINDOWS\Tasks\At36.job
C:\WINDOWS\Tasks\At37.job
C:\WINDOWS\Tasks\At38.job
C:\WINDOWS\Tasks\At39.job
C:\WINDOWS\Tasks\At4.job
C:\WINDOWS\Tasks\At40.job
C:\WINDOWS\Tasks\At41.job
C:\WINDOWS\Tasks\At42.job
C:\WINDOWS\Tasks\At43.job
C:\WINDOWS\Tasks\At44.job
C:\WINDOWS\Tasks\At45.job
C:\WINDOWS\Tasks\At46.job
C:\WINDOWS\Tasks\At47.job
C:\WINDOWS\Tasks\At48.job
C:\WINDOWS\Tasks\At49.job
C:\WINDOWS\Tasks\At5.job
C:\WINDOWS\Tasks\At50.job
C:\WINDOWS\Tasks\At51.job
C:\WINDOWS\Tasks\At52.job
C:\WINDOWS\Tasks\At53.job
C:\WINDOWS\Tasks\At54.job
C:\WINDOWS\Tasks\At55.job
C:\WINDOWS\Tasks\At56.job
C:\WINDOWS\Tasks\At57.job
C:\WINDOWS\Tasks\At58.job
C:\WINDOWS\Tasks\At59.job
C:\WINDOWS\Tasks\At6.job
C:\WINDOWS\Tasks\At60.job
C:\WINDOWS\Tasks\At61.job
C:\WINDOWS\Tasks\At62.job
C:\WINDOWS\Tasks\At63.job
C:\WINDOWS\Tasks\At64.job
C:\WINDOWS\Tasks\At65.job
C:\WINDOWS\Tasks\At66.job
C:\WINDOWS\Tasks\At67.job
C:\WINDOWS\Tasks\At68.job
C:\WINDOWS\Tasks\At69.job
C:\WINDOWS\Tasks\At7.job
C:\WINDOWS\Tasks\At70.job
C:\WINDOWS\Tasks\At71.job
C:\WINDOWS\Tasks\At72.job
C:\WINDOWS\Tasks\At8.job
C:\WINDOWS\Tasks\At9.job
--------------------\\ ROGUES ..
C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinAntiVirus Pro 2006
[F:128][D:22]-> C:\DOCUME~1\Elodie\LOCALS~1\Temp
[F:116][D:0]-> C:\DOCUME~1\Elodie\Cookies
[F:1718][D:4]-> C:\DOCUME~1\Elodie\LOCALS~1\TEMPOR~1\content.IE5
[F:2][D:0]-> C:\Recycled
1 - "C:\Lop SD\LopR_1.txt" - 04/10/2008|18:25 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 04/10/2008|18:51 - Option : [1]
3 - "C:\Lop SD\LopR_3.txt" - 04/10/2008|20:14 - Option : [2]
--------------------\\ Fin du rapport a 20:14:09
-----------\\ ToolBar S&D 1.2.1 XP/Vista
( : )
USER : Elodie ( Administrator )
Antivirus : Bitdefender Antivirus 8.0 (Activated)
"C:\ToolBar SD" ( MAJ : 24-09-2008|21:50 )
Option : [2] ( 04/10/2008|20:25 )
-----------\\ SUPPRESSION
Supprime! - C:\DOCUME~1\Elodie\Cookies\elodie@hotbar[1].txt
Supprime! - C:\DOCUME~1\Elodie\Cookies\elodie@www.hotbar[1].txt
Supprime! - C:\Program Files\Need2Find\bar
Supprime! - C:\Program Files\VVSN\vvsn.cfg
Supprime! - C:\WINDOWS\iun6002.exe
Supprime! - C:\WINDOWS\smdat32a.sys
Supprime! - C:\WINDOWS\smdat32m.sys
Supprime! - C:\WINDOWS\FONTS\acrsec.fon
Supprime! - C:\WINDOWS\FONTS\acrsecB.fon
Supprime! - C:\WINDOWS\FONTS\acrsecI.fon
Supprime! - C:\Program Files\FunWebProducts
Supprime! - C:\Program Files\Need2Find
Supprime! - C:\Program Files\VVSN
-----------\\ Recherche de Fichiers / Dossiers ...
C:\DOCUME~1\Elodie\Cookies\elodie@www.zango[2].txt
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="
http://www.google.fr/"
"Search Page"="
http://recherche.neuf.fr/"
"Default_Page_URL"="
http://home.neuf.fr"
"Search Bar"="
http://recherche.neuf.fr/ie/default.html"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="
http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Default_Search_URL"="
http://recherche.neuf.fr/"
"Search Page"="
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Start Page"="
http://www.msn.com/"
"Search Bar"="
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"
--------------------\\ Recherche d'autres infections
C:\Program Files\Instant Access
C:\Program Files\Instant Access\Center
C:\Program Files\Instant Access\Dialer
[b]==> EGDACCESS <==
/b
C:\WINDOWS\Tasks\At1.job
C:\WINDOWS\Tasks\At10.job
C:\WINDOWS\Tasks\At11.job
C:\WINDOWS\Tasks\At12.job
C:\WINDOWS\Tasks\At13.job
C:\WINDOWS\Tasks\At14.job
C:\WINDOWS\Tasks\At15.job
C:\WINDOWS\Tasks\At16.job
C:\WINDOWS\Tasks\At17.job
C:\WINDOWS\Tasks\At18.job
C:\WINDOWS\Tasks\At19.job
C:\WINDOWS\Tasks\At2.job
C:\WINDOWS\Tasks\At20.job
C:\WINDOWS\Tasks\At21.job
C:\WINDOWS\Tasks\At22.job
C:\WINDOWS\Tasks\At23.job
C:\WINDOWS\Tasks\At24.job
C:\WINDOWS\Tasks\At25.job
C:\WINDOWS\Tasks\At26.job
C:\WINDOWS\Tasks\At27.job
C:\WINDOWS\Tasks\At28.job
C:\WINDOWS\Tasks\At29.job
C:\WINDOWS\Tasks\At3.job
C:\WINDOWS\Tasks\At30.job
C:\WINDOWS\Tasks\At31.job
C:\WINDOWS\Tasks\At32.job
C:\WINDOWS\Tasks\At33.job
C:\WINDOWS\Tasks\At34.job
C:\WINDOWS\Tasks\At35.job
C:\WINDOWS\Tasks\At36.job
C:\WINDOWS\Tasks\At37.job
C:\WINDOWS\Tasks\At38.job
C:\WINDOWS\Tasks\At39.job
C:\WINDOWS\Tasks\At4.job
C:\WINDOWS\Tasks\At40.job
C:\WINDOWS\Tasks\At41.job
C:\WINDOWS\Tasks\At42.job
C:\WINDOWS\Tasks\At43.job
C:\WINDOWS\Tasks\At44.job
C:\WINDOWS\Tasks\At45.job
C:\WINDOWS\Tasks\At46.job
C:\WINDOWS\Tasks\At47.job
C:\WINDOWS\Tasks\At48.job
C:\WINDOWS\Tasks\At49.job
C:\WINDOWS\Tasks\At5.job
C:\WINDOWS\Tasks\At50.job
C:\WINDOWS\Tasks\At51.job
C:\WINDOWS\Tasks\At52.job
C:\WINDOWS\Tasks\At53.job
C:\WINDOWS\Tasks\At54.job
C:\WINDOWS\Tasks\At55.job
C:\WINDOWS\Tasks\At56.job
C:\WINDOWS\Tasks\At57.job
C:\WINDOWS\Tasks\At58.job
C:\WINDOWS\Tasks\At59.job
C:\WINDOWS\Tasks\At6.job
C:\WINDOWS\Tasks\At60.job
C:\WINDOWS\Tasks\At61.job
C:\WINDOWS\Tasks\At62.job
C:\WINDOWS\Tasks\At63.job
C:\WINDOWS\Tasks\At64.job
C:\WINDOWS\Tasks\At65.job
C:\WINDOWS\Tasks\At66.job
C:\WINDOWS\Tasks\At67.job
C:\WINDOWS\Tasks\At68.job
C:\WINDOWS\Tasks\At69.job
C:\WINDOWS\Tasks\At7.job
C:\WINDOWS\Tasks\At70.job
C:\WINDOWS\Tasks\At71.job
C:\WINDOWS\Tasks\At72.job
C:\WINDOWS\Tasks\At8.job
C:\WINDOWS\Tasks\At9.job
--------------------\\ ROOTKIT !!
Rootkit Rustock ! .. [HKLM\..\CurrentControlSet\Enum\Root\LEGACY_DXDSS]
Rootkit Rustock ! .. [HKLM\..\CurrentControlSet\Enum\Root\LEGACY_FNHOJE]
Rootkit Pandex ! .. [HKLM\..\CurrentControlSet\Enum\Root\LEGACY_KSYS]
Rootkit Bagle ! .. [HKLM\..\CurrentControlSet\Services\LEGACY_SROSA]
Rootkit Rustock ! .. [HKLM\..\CurrentControlSet\Services\LEGACY_SYSLDR]
Rootkit Rustock ! .. [HKLM\..\CurrentControlSet\Enum\Root\LEGACY_SYSLDR]
Rootkit Rustock ! .. [HKLM\..\CurrentControlSet\Services\LEGACY_XPDX]
Rootkit Rustock ! .. [HKLM\..\CurrentControlSet\Enum\Root\LEGACY_XPDX]
Rootkit Rustock ! .. [HKLM\..\CurrentControlSet\Enum\Root\LEGACY_XPDT]
Rootkit Rustock ! .. [HKLM\..\CurrentControlSet\Enum\Root\dxdss]
Rootkit Bagle ! .. [HKLM\..\CurrentControlSet\Enum\Root\rosa]
Rootkit Bagle ! .. [HKLM\..\CurrentControlSet\Services\srosa]
Rootkit Bagle ! .. [HKLM\..\CurrentControlSet\Enum\Root\srosa]
Rootkit Rustock ! .. [HKLM\..\CurrentControlSet\Services\sysldr]
Rootkit Tibs ! .. [HKLM\..\CurrentControlSet\Enum\Root\tdssserv]
Rootkit Rustock ! .. [HKLM\..\CurrentControlSet\Services\xpdx]
Rootkit Rustock ! .. [HKLM\..\CurrentControlSet\Enum\Root\xpdx]
Rootkit Rustock ! .. [HKLM\..\CurrentControlSet\Services\xpdt]
--------------------\\ ROGUES ..
C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinAntiVirus Pro 2006
1 - "C:\ToolBar SD\TB_1.txt" - 04/10/2008|18:39 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 04/10/2008|20:33 - Option : [2]
-----------\\ Fin du rapport a 20:33:08,43
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:45:45, on 04/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
C:\WINDOWS\system32\MMTrayLSI.exe
C:\WINDOWS\system32\MMTray2k.exe
C:\WINDOWS\system32\MMTray.exe
C:\Program Files\Softwin\BitDefender10\bdmcon.exe
C:\Program Files\Softwin\BitDefender10\bdagent.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://home.neuf.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://recherche.neuf.fr/ie/default.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://recherche.neuf.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://recherche.neuf.fr/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
http://recherche.neuf.fr/ie/default.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [MMTrayLSI] MMTrayLSI.exe
O4 - HKLM\..\Run: [MMTray2K] MMTray2k.exe
O4 - HKLM\..\Run: [MMTray] MMTray.exe
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: BitDefender Free Edition v10.lnk = C:\Program Files\Softwin\BitDefender10\bdmcon.exe
O9 - Extra button: @C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll,-115 - {BB8A8834-A0A1-4d70-A21A-72FF89AA737A} - (no file)
O9 - Extra 'Tools' menuitem: ImageShack Toolbar - {BB8A8834-A0A1-4d70-A21A-72FF89AA737A} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone:
http://toolbar.imageshack.us
O16 - DPF: Tinypic Publisher -
http://tinypic.com/flix/tinypic_publisher.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} -
O16 - DPF: {317153FE-B7FB-419B-AC87-0B2EC97D7A04} (VB2S ActiveX Control) -
http://www.subdo.com/activex/vb2s.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) -
http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -
http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab
O18 - Filter hijack: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - (no file)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
