Bonjour à tous,
Suite à un problème récurrent de trojan et autre adw identifiés par avast
(plus précisément Win32:Agent-IU, Win32:Adan-094 et Win32:Adan078), j'ai découvert ce site.
Ce post s'adresse à Kristopher ou autre Zorro de l'informatique qui saurait me guider afin de nettoyer et protéger au mieux mon PC (il tourne sous windows XP family version MOE).
j'applique la "méthode préliminaire de désinfection" donnée par Kristopher dans son post du 2006-05-02
Voici les rapports obtenus :
---------------------------------------------------------
ewido anti-malware - Rapport de scan
---------------------------------------------------------
+ Créé le: 15:28:54, 15/05/2006
+ Somme de contrôle: 87194B3D
+ Résultats du scan:
[1116] VM_003B0000 -> Downloader.Agent.tc : Erreur durant le nettoyage
:mozilla.6:C:\Documents and Settings\marie\Application Data\Mozilla\Firefox\Profiles\c0sil38q.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyer et sauvegarder
:mozilla.7:C:\Documents and Settings\marie\Application Data\Mozilla\Firefox\Profiles\c0sil38q.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyer et sauvegarder
:mozilla.8:C:\Documents and Settings\marie\Application Data\Mozilla\Firefox\Profiles\c0sil38q.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyer et sauvegarder
:mozilla.9:C:\Documents and Settings\marie\Application Data\Mozilla\Firefox\Profiles\c0sil38q.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyer et sauvegarder
:mozilla.10:C:\Documents and Settings\marie\Application Data\Mozilla\Firefox\Profiles\c0sil38q.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyer et sauvegarder
:mozilla.11:C:\Documents and Settings\marie\Application Data\Mozilla\Firefox\Profiles\c0sil38q.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyer et sauvegarder
:mozilla.13:C:\Documents and Settings\marie\Application Data\Mozilla\Firefox\Profiles\c0sil38q.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyer et sauvegarder
:mozilla.21:C:\Documents and Settings\marie\Application Data\Mozilla\Firefox\Profiles\c0sil38q.default\cookies.txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder
:mozilla.22:C:\Documents and Settings\marie\Application Data\Mozilla\Firefox\Profiles\c0sil38q.default\cookies.txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder
:mozilla.24:C:\Documents and Settings\marie\Application Data\Mozilla\Firefox\Profiles\c0sil38q.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder
:mozilla.25:C:\Documents and Settings\marie\Application Data\Mozilla\Firefox\Profiles\c0sil38q.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder
:mozilla.26:C:\Documents and Settings\marie\Application Data\Mozilla\Firefox\Profiles\c0sil38q.default\cookies.txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder
:mozilla.27:C:\Documents and Settings\marie\Application Data\Mozilla\Firefox\Profiles\c0sil38q.default\cookies.txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder
:mozilla.28:C:\Documents and Settings\marie\Application Data\Mozilla\Firefox\Profiles\c0sil38q.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder
:mozilla.30:C:\Documents and Settings\marie\Application Data\Mozilla\Firefox\Profiles\c0sil38q.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyer et sauvegarder
:mozilla.53:C:\Documents and Settings\marie\Application Data\Mozilla\Firefox\Profiles\c0sil38q.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyer et sauvegarder
:mozilla.58:C:\Documents and Settings\marie\Application Data\Mozilla\Firefox\Profiles\c0sil38q.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyer et sauvegarder
:mozilla.63:C:\Documents and Settings\marie\Application Data\Mozilla\Firefox\Profiles\c0sil38q.default\cookies.txt -> TrackingCookie.Adtech : Nettoyer et sauvegarder
:mozilla.64:C:\Documents and Settings\marie\Application Data\Mozilla\Firefox\Profiles\c0sil38q.default\cookies.txt -> TrackingCookie.Adtech : Nettoyer et sauvegarder
:mozilla.75:C:\Documents and Settings\marie\Application Data\Mozilla\Firefox\Profiles\c0sil38q.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyer et sauvegarder
:mozilla.76:C:\Documents and Settings\marie\Application Data\Mozilla\Firefox\Profiles\c0sil38q.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyer et sauvegarder
:mozilla.77:C:\Documents and Settings\marie\Application Data\Mozilla\Firefox\Profiles\c0sil38q.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyer et sauvegarder
:mozilla.78:C:\Documents and Settings\marie\Application Data\Mozilla\Firefox\Profiles\c0sil38q.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyer et sauvegarder
:mozilla.79:C:\Documents and Settings\marie\Application Data\Mozilla\Firefox\Profiles\c0sil38q.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyer et sauvegarder
:mozilla.81:C:\Documents and Settings\marie\Application Data\Mozilla\Firefox\Profiles\c0sil38q.default\cookies.txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder
:mozilla.82:C:\Documents and Settings\marie\Application Data\Mozilla\Firefox\Profiles\c0sil38q.default\cookies.txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder
:mozilla.84:C:\Documents and Settings\marie\Application Data\Mozilla\Firefox\Profiles\c0sil38q.default\cookies.txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder
:mozilla.85:C:\Documents and Settings\marie\Application Data\Mozilla\Firefox\Profiles\c0sil38q.default\cookies.txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder
:mozilla.87:C:\Documents and Settings\marie\Application Data\Mozilla\Firefox\Profiles\c0sil38q.default\cookies.txt -> TrackingCookie.Estat : Nettoyer et sauvegarder
:mozilla.106:C:\Documents and Settings\marie\Application Data\Mozilla\Firefox\Profiles\c0sil38q.default\cookies.txt -> TrackingCookie.Advertising : Nettoyer et sauvegarder
:mozilla.129:C:\Documents and Settings\marie\Application Data\Mozilla\Firefox\Profiles\c0sil38q.default\cookies.txt -> TrackingCookie.Falkag : Nettoyer et sauvegarder
:mozilla.130:C:\Documents and Settings\marie\Application Data\Mozilla\Firefox\Profiles\c0sil38q.default\cookies.txt -> TrackingCookie.Falkag : Nettoyer et sauvegarder
:mozilla.131:C:\Documents and Settings\marie\Application Data\Mozilla\Firefox\Profiles\c0sil38q.default\cookies.txt -> TrackingCookie.Falkag : Nettoyer et sauvegarder
:mozilla.132:C:\Documents and Settings\marie\Application Data\Mozilla\Firefox\Profiles\c0sil38q.default\cookies.txt -> TrackingCookie.Falkag : Nettoyer et sauvegarder
:mozilla.144:C:\Documents and Settings\marie\Application Data\Mozilla\Firefox\Profiles\c0sil38q.default\cookies.txt -> TrackingCookie.Casalemedia : Nettoyer et sauvegarder
:mozilla.153:C:\Documents and Settings\marie\Application Data\Mozilla\Firefox\Profiles\c0sil38q.default\cookies.txt -> TrackingCookie.Com : Nettoyer et sauvegarder
:mozilla.155:C:\Documents and Settings\marie\Application Data\Mozilla\Firefox\Profiles\c0sil38q.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyer et sauvegarder
:mozilla.156:C:\Documents and Settings\marie\Application Data\Mozilla\Firefox\Profiles\c0sil38q.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyer et sauvegarder
:mozilla.157:C:\Documents and Settings\marie\Application Data\Mozilla\Firefox\Profiles\c0sil38q.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyer et sauvegarder
:mozilla.158:C:\Documents and Settings\marie\Application Data\Mozilla\Firefox\Profiles\c0sil38q.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyer et sauvegarder
:mozilla.159:C:\Documents and Settings\marie\Application Data\Mozilla\Firefox\Profiles\c0sil38q.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyer et sauvegarder
:mozilla.160:C:\Documents and Settings\marie\Application Data\Mozilla\Firefox\Profiles\c0sil38q.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyer et sauvegarder
:mozilla.161:C:\Documents and Settings\marie\Application Data\Mozilla\Firefox\Profiles\c0sil38q.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyer et sauvegarder
:mozilla.162:C:\Documents and Settings\marie\Application Data\Mozilla\Firefox\Profiles\c0sil38q.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyer et sauvegarder
:mozilla.212:C:\Documents and Settings\marie\Application Data\Mozilla\Firefox\Profiles\c0sil38q.default\cookies.txt -> TrackingCookie.Questionmarket : Nettoyer et sauvegarder
:mozilla.221:C:\Documents and Settings\marie\Application Data\Mozilla\Firefox\Profiles\c0sil38q.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyer et sauvegarder
:mozilla.222:C:\Documents and Settings\marie\Application Data\Mozilla\Firefox\Profiles\c0sil38q.default\cookies.txt -> TrackingCookie.Tribalfusion : Nettoyer et sauvegarder
:mozilla.229:C:\Documents and Settings\marie\Application Data\Mozilla\Firefox\Profiles\c0sil38q.default\cookies.txt -> TrackingCookie.Adserver : Nettoyer et sauvegarder
:mozilla.230:C:\Documents and Settings\marie\Application Data\Mozilla\Firefox\Profiles\c0sil38q.default\cookies.txt -> TrackingCookie.Adserver : Nettoyer et sauvegarder
:mozilla.232:C:\Documents and Settings\marie\Application Data\Mozilla\Firefox\Profiles\c0sil38q.default\cookies.txt -> TrackingCookie.Zedo : Nettoyer et sauvegarder
:mozilla.233:C:\Documents and Settings\marie\Application Data\Mozilla\Firefox\Profiles\c0sil38q.default\cookies.txt -> TrackingCookie.Zedo : Nettoyer et sauvegarder
:mozilla.235:C:\Documents and Settings\marie\Application Data\Mozilla\Firefox\Profiles\c0sil38q.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyer et sauvegarder
:mozilla.236:C:\Documents and Settings\marie\Application Data\Mozilla\Firefox\Profiles\c0sil38q.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyer et sauvegarder
:mozilla.258:C:\Documents and Settings\marie\Application Data\Mozilla\Firefox\Profiles\c0sil38q.default\cookies.txt -> TrackingCookie.Comclick : Nettoyer et sauvegarder
:mozilla.259:C:\Documents and Settings\marie\Application Data\Mozilla\Firefox\Profiles\c0sil38q.default\cookies.txt -> TrackingCookie.Comclick : Nettoyer et sauvegarder
:mozilla.260:C:\Documents and Settings\marie\Application Data\Mozilla\Firefox\Profiles\c0sil38q.default\cookies.txt -> TrackingCookie.Comclick : Nettoyer et sauvegarder
:mozilla.265:C:\Documents and Settings\marie\Application Data\Mozilla\Firefox\Profiles\c0sil38q.default\cookies.txt -> TrackingCookie.Masterstats : Nettoyer et sauvegarder
:mozilla.268:C:\Documents and Settings\marie\Application Data\Mozilla\Firefox\Profiles\c0sil38q.default\cookies.txt -> TrackingCookie.Casinotropez : Nettoyer et sauvegarder
:mozilla.269:C:\Documents and Settings\marie\Application Data\Mozilla\Firefox\Profiles\c0sil38q.default\cookies.txt -> TrackingCookie.Falkag : Nettoyer et sauvegarder
:mozilla.270:C:\Documents and Settings\marie\Application Data\Mozilla\Firefox\Profiles\c0sil38q.default\cookies.txt -> TrackingCookie.Liveperson : Nettoyer et sauvegarder
:mozilla.271:C:\Documents and Settings\marie\Application Data\Mozilla\Firefox\Profiles\c0sil38q.default\cookies.txt -> TrackingCookie.Liveperson : Nettoyer et sauvegarder
C:\Documents and Settings\marie\Cookies\marie@2o7[2].txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder
C:\Documents and Settings\marie\Cookies\marie@as-us.falkag[2].txt -> TrackingCookie.Falkag : Nettoyer et sauvegarder
C:\Documents and Settings\marie\Cookies\marie@as1.falkag[2].txt -> TrackingCookie.Falkag : Nettoyer et sauvegarder
C:\Documents and Settings\marie\Cookies\marie@bluestreak[2].txt -> TrackingCookie.Bluestreak : Nettoyer et sauvegarder
C:\Documents and Settings\marie\Cookies\marie@c.goclick[2].txt -> TrackingCookie.Goclick : Nettoyer et sauvegarder
C:\Documents and Settings\marie\Cookies\marie@casalemedia[2].txt -> TrackingCookie.Casalemedia : Nettoyer et sauvegarder
C:\Documents and Settings\marie\Cookies\marie@cs.sexcounter[2].txt -> TrackingCookie.Sexcounter : Nettoyer et sauvegarder
C:\Documents and Settings\marie\Cookies\marie@estat[1].txt -> TrackingCookie.Estat : Nettoyer et sauvegarder
C:\Documents and Settings\marie\Cookies\marie@findwhat[1].txt -> TrackingCookie.Findwhat : Nettoyer et sauvegarder
C:\Documents and Settings\marie\Cookies\marie@fl01.ct2.comclick[1].txt -> TrackingCookie.Comclick : Nettoyer et sauvegarder
C:\Documents and Settings\marie\Cookies\marie@hestia.sextrail.trakkerd[2].txt -> TrackingCookie.Trakkerd : Nettoyer et sauvegarder
C:\Documents and Settings\marie\Cookies\marie@hotlog[2].txt -> TrackingCookie.Hotlog : Nettoyer et sauvegarder
C:\Documents and Settings\marie\Cookies\marie@image.masterstats[1].txt -> TrackingCookie.Masterstats : Nettoyer et sauvegarder
C:\Documents and Settings\marie\Cookies\marie@overture[1].txt -> TrackingCookie.Overture : Nettoyer et sauvegarder
C:\Documents and Settings\marie\Cookies\marie@paycounter[2].txt -> TrackingCookie.Paycounter : Nettoyer et sauvegarder
C:\Documents and Settings\marie\Cookies\marie@serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyer et sauvegarder
C:\Documents and Settings\marie\Cookies\marie@spylog[2].txt -> TrackingCookie.Spylog : Nettoyer et sauvegarder
C:\Documents and Settings\marie\Cookies\marie@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Nettoyer et sauvegarder
C:\Documents and Settings\marie\Cookies\marie@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Nettoyer et sauvegarder
C:\Documents and Settings\marie\Cookies\marie@weborama[1].txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder
C:\Documents and Settings\marie\Cookies\marie@wreport.weborama[2].txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder
C:\Documents and Settings\marie\Cookies\marie@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder
C:\Documents and Settings\marie\Cookies\marie@xxxcounter[1].txt -> TrackingCookie.Xxxcounter : Nettoyer et sauvegarder
C:\Documents and Settings\marie\Cookies\marie@yadro[1].txt -> TrackingCookie.Yadro : Nettoyer et sauvegarder
C:\Documents and Settings\marie\Cookies\marie@z1.adserver[1].txt -> TrackingCookie.Adserver : Nettoyer et sauvegarder
C:\Documents and Settings\marie\Local Settings\Temporary Internet Files\Content.IE5\8L0PEFGX\e[1].htm -> Not-A-Virus.Constructor.Perl.Msdds.b : Nettoyer et sauvegarder
C:\Documents and Settings\marie\Local Settings\Temporary Internet Files\Content.IE5\GH2FGXMF\count[3].htm -> Downloader.Inor.a : Nettoyer et sauvegarder
C:\Documents and Settings\marie\Local Settings\Temporary Internet Files\Content.IE5\WLI74HMF\count[3].htm -> Downloader.Inor.a : Nettoyer et sauvegarder
C:\System Volume Information\_restore{B9A68D16-36C8-411C-9C80-2FF906A9E355}\RP42\A0037040.exe -> Downloader.Agent.tc : Nettoyer et sauvegarder
C:\System Volume Information\_restore{B9A68D16-36C8-411C-9C80-2FF906A9E355}\RP42\A0037049.exe -> Downloader.Agent.tc : Nettoyer et sauvegarder
C:\System Volume Information\_restore{B9A68D16-36C8-411C-9C80-2FF906A9E355}\RP42\A0038050.exe -> Downloader.Agent.tc : Nettoyer et sauvegarder
C:\System Volume Information\_restore{B9A68D16-36C8-411C-9C80-2FF906A9E355}\RP42\A0039050.exe -> Downloader.Agent.tc : Nettoyer et sauvegarder
C:\System Volume Information\_restore{B9A68D16-36C8-411C-9C80-2FF906A9E355}\RP42\A0041062.exe -> Downloader.Agent.tc : Nettoyer et sauvegarder
C:\System Volume Information\_restore{B9A68D16-36C8-411C-9C80-2FF906A9E355}\RP42\A0042062.exe -> Downloader.Agent.tc : Nettoyer et sauvegarder
C:\System Volume Information\_restore{B9A68D16-36C8-411C-9C80-2FF906A9E355}\RP42\A0043062.exe -> Downloader.Agent.tc : Nettoyer et sauvegarder
C:\System Volume Information\_restore{B9A68D16-36C8-411C-9C80-2FF906A9E355}\RP42\A0043079.exe -> Downloader.Agent.tc : Nettoyer et sauvegarder
C:\System Volume Information\_restore{B9A68D16-36C8-411C-9C80-2FF906A9E355}\RP42\A0044080.exe -> Downloader.Agent.tc : Nettoyer et sauvegarder
C:\System Volume Information\_restore{B9A68D16-36C8-411C-9C80-2FF906A9E355}\RP43\A0044097.exe -> Downloader.Agent.tc : Nettoyer et sauvegarder
C:\System Volume Information\_restore{B9A68D16-36C8-411C-9C80-2FF906A9E355}\RP43\A0045098.exe -> Downloader.Agent.tc : Nettoyer et sauvegarder
C:\System Volume Information\_restore{B9A68D16-36C8-411C-9C80-2FF906A9E355}\RP43\A0045108.exe -> Downloader.Agent.tc : Nettoyer et sauvegarder
C:\System Volume Information\_restore{B9A68D16-36C8-411C-9C80-2FF906A9E355}\RP43\A0045126.exe -> Downloader.Agent.tc : Nettoyer et sauvegarder
C:\System Volume Information\_restore{B9A68D16-36C8-411C-9C80-2FF906A9E355}\RP43\A0045154.exe -> Downloader.Agent.tc : Nettoyer et sauvegarder
C:\System Volume Information\_restore{B9A68D16-36C8-411C-9C80-2FF906A9E355}\RP44\A0045180.exe -> Downloader.Agent.tc : Nettoyer et sauvegarder
C:\System Volume Information\_restore{B9A68D16-36C8-411C-9C80-2FF906A9E355}\RP44\A0045195.exe -> Downloader.Agent.tc : Nettoyer et sauvegarder
C:\System Volume Information\_restore{B9A68D16-36C8-411C-9C80-2FF906A9E355}\RP45\A0045215.exe -> Downloader.Agent.tc : Nettoyer et sauvegarder
C:\System Volume Information\_restore{B9A68D16-36C8-411C-9C80-2FF906A9E355}\RP45\A0045227.exe -> Downloader.Agent.tc : Nettoyer et sauvegarder
C:\System Volume Information\_restore{B9A68D16-36C8-411C-9C80-2FF906A9E355}\RP46\A0045249.exe -> Downloader.Agent.tc : Nettoyer et sauvegarder
C:\System Volume Information\_restore{B9A68D16-36C8-411C-9C80-2FF906A9E355}\RP46\A0045266.exe -> Downloader.Agent.tc : Nettoyer et sauvegarder
C:\System Volume Information\_restore{B9A68D16-36C8-411C-9C80-2FF906A9E355}\RP46\A0045278.exe -> Downloader.Agent.tc : Nettoyer et sauvegarder
C:\System Volume Information\_restore{B9A68D16-36C8-411C-9C80-2FF906A9E355}\RP47\A0045296.exe -> Downloader.Agent.tc : Nettoyer et sauvegarder
C:\System Volume Information\_restore{B9A68D16-36C8-411C-9C80-2FF906A9E355}\RP48\A0045388.exe -> Downloader.Agent.tc : Nettoyer et sauvegarder
C:\System Volume Information\_restore{B9A68D16-36C8-411C-9C80-2FF906A9E355}\RP48\A0046380.exe -> Downloader.Agent.tc : Nettoyer et sauvegarder
C:\System Volume Information\_restore{B9A68D16-36C8-411C-9C80-2FF906A9E355}\RP48\A0046394.exe -> Downloader.Agent.tc : Nettoyer et sauvegarder
C:\System Volume Information\_restore{B9A68D16-36C8-411C-9C80-2FF906A9E355}\RP48\A0046421.exe -> Downloader.Agent.tc : Nettoyer et sauvegarder
C:\System Volume Information\_restore{B9A68D16-36C8-411C-9C80-2FF906A9E355}\RP48\A0046465.exe -> Downloader.Agent.tc : Nettoyer et sauvegarder
C:\System Volume Information\_restore{B9A68D16-36C8-411C-9C80-2FF906A9E355}\RP48\A0046478.exe -> Downloader.Agent.tc : Nettoyer et sauvegarder
C:\System Volume Information\_restore{B9A68D16-36C8-411C-9C80-2FF906A9E355}\RP49\A0046535.exe -> Downloader.Agent.tc : Nettoyer et sauvegarder
C:\System Volume Information\_restore{B9A68D16-36C8-411C-9C80-2FF906A9E355}\RP49\A0046548.exe -> Downloader.Agent.tc : Nettoyer et sauvegarder
C:\System Volume Information\_restore{B9A68D16-36C8-411C-9C80-2FF906A9E355}\RP50\A0046572.exe -> Downloader.Agent.tc : Nettoyer et sauvegarder
C:\System Volume Information\_restore{B9A68D16-36C8-411C-9C80-2FF906A9E355}\RP50\A0046579.exe -> Downloader.Agent.tc : Nettoyer et sauvegarder
C:\System Volume Information\_restore{B9A68D16-36C8-411C-9C80-2FF906A9E355}\RP51\A0046601.exe -> Downloader.Agent.tc : Nettoyer et sauvegarder
C:\System Volume Information\_restore{B9A68D16-36C8-411C-9C80-2FF906A9E355}\RP52\A0046623.exe -> Downloader.Agent.tc : Nettoyer et sauvegarder
C:\System Volume Information\_restore{B9A68D16-36C8-411C-9C80-2FF906A9E355}\RP52\A0046640.exe -> Downloader.Agent.tc : Nettoyer et sauvegarder
C:\System Volume Information\_restore{B9A68D16-36C8-411C-9C80-2FF906A9E355}\RP52\A0046668.exe -> Downloader.Agent.tc : Nettoyer et sauvegarder
C:\System Volume Information\_restore{B9A68D16-36C8-411C-9C80-2FF906A9E355}\RP52\A0046681.exe -> Downloader.Agent.tc : Nettoyer et sauvegarder
C:\System Volume Information\_restore{B9A68D16-36C8-411C-9C80-2FF906A9E355}\RP53\A0046709.exe -> Downloader.Agent.tc : Nettoyer et sauvegarder
C:\System Volume Information\_restore{B9A68D16-36C8-411C-9C80-2FF906A9E355}\RP53\A0047709.exe -> Downloader.Agent.tc : Nettoyer et sauvegarder
C:\System Volume Information\_restore{B9A68D16-36C8-411C-9C80-2FF906A9E355}\RP54\A0047731.exe -> Downloader.Agent.tc : Nettoyer et sauvegarder
C:\System Volume Information\_restore{B9A68D16-36C8-411C-9C80-2FF906A9E355}\RP54\A0047819.exe -> Downloader.Agent.tc : Nettoyer et sauvegarder
C:\System Volume Information\_restore{B9A68D16-36C8-411C-9C80-2FF906A9E355}\RP54\A0047855.exe -> Downloader.Agent.tc : Nettoyer et sauvegarder
C:\System Volume Information\_restore{B9A68D16-36C8-411C-9C80-2FF906A9E355}\RP54\A0047868.exe -> Downloader.Agent.tc : Nettoyer et sauvegarder
C:\System Volume Information\_restore{B9A68D16-36C8-411C-9C80-2FF906A9E355}\RP56\A0047911.exe -> Downloader.Agent.tc : Nettoyer et sauvegarder
C:\System Volume Information\_restore{B9A68D16-36C8-411C-9C80-2FF906A9E355}\RP57\A0047941.exe -> Downloader.Agent.tc : Nettoyer et sauvegarder
C:\System Volume Information\_restore{B9A68D16-36C8-411C-9C80-2FF906A9E355}\RP61\A0048040.exe -> Downloader.Agent.tc : Nettoyer et sauvegarder
C:\System Volume Information\_restore{B9A68D16-36C8-411C-9C80-2FF906A9E355}\RP62\A0048057.exe -> Downloader.Agent.tc : Nettoyer et sauvegarder
C:\System Volume Information\_restore{B9A68D16-36C8-411C-9C80-2FF906A9E355}\RP62\A0048072.exe -> Downloader.Agent.tc : Nettoyer et sauvegarder
C:\System Volume Information\_restore{B9A68D16-36C8-411C-9C80-2FF906A9E355}\RP62\A0048095.exe -> Downloader.Agent.tc : Nettoyer et sauvegarder
C:\System Volume Information\_restore{B9A68D16-36C8-411C-9C80-2FF906A9E355}\RP63\A0048113.exe -> Downloader.Agent.tc : Nettoyer et sauvegarder
C:\System Volume Information\_restore{B9A68D16-36C8-411C-9C80-2FF906A9E355}\RP64\A0048137.exe -> Downloader.Agent.tc : Nettoyer et sauvegarder
C:\System Volume Information\_restore{B9A68D16-36C8-411C-9C80-2FF906A9E355}\RP64\A0048181.exe -> Downloader.Agent.tc : Nettoyer et sauvegarder
C:\System Volume Information\_restore{B9A68D16-36C8-411C-9C80-2FF906A9E355}\RP64\A0048193.exe -> Downloader.Agent.tc : Nettoyer et sauvegarder
C:\System Volume Information\_restore{B9A68D16-36C8-411C-9C80-2FF906A9E355}\RP64\A0048208.exe -> Downloader.Agent.tc : Nettoyer et sauvegarder
C:\System Volume Information\_restore{B9A68D16-36C8-411C-9C80-2FF906A9E355}\RP64\A0048282.exe -> Downloader.Agent.tc : Nettoyer et sauvegarder
C:\System Volume Information\_restore{B9A68D16-36C8-411C-9C80-2FF906A9E355}\RP64\A0048298.exe -> Downloader.Agent.tc : Nettoyer et sauvegarder
C:\System Volume Information\_restore{B9A68D16-36C8-411C-9C80-2FF906A9E355}\RP65\A0048319.exe -> Downloader.Agent.tc : Nettoyer et sauvegarder
C:\System Volume Information\_restore{B9A68D16-36C8-411C-9C80-2FF906A9E355}\RP65\A0048562.exe -> Downloader.Agent.tc : Nettoyer et sauvegarder
C:\System Volume Information\_restore{B9A68D16-36C8-411C-9C80-2FF906A9E355}\RP66\A0048580.exe -> Downloader.Agent.tc : Nettoyer et sauvegarder
C:\System Volume Information\_restore{B9A68D16-36C8-411C-9C80-2FF906A9E355}\RP66\A0048592.exe -> Downloader.Agent.tc : Nettoyer et sauvegarder
C:\System Volume Information\_restore{B9A68D16-36C8-411C-9C80-2FF906A9E355}\RP66\A0048605.exe -> Downloader.Agent.tc : Nettoyer et sauvegarder
C:\System Volume Information\_restore{B9A68D16-36C8-411C-9C80-2FF906A9E355}\RP68\A0048651.exe -> Downloader.Agent.tc : Nettoyer et sauvegarder
C:\System Volume Information\_restore{B9A68D16-36C8-411C-9C80-2FF906A9E355}\RP68\A0049648.exe -> Downloader.Agent.tc : Nettoyer et sauvegarder
C:\System Volume Information\_restore{B9A68D16-36C8-411C-9C80-2FF906A9E355}\RP68\A0049658.exe -> Downloader.Agent.tc : Nettoyer et sauvegarder
C:\System Volume Information\_restore{B9A68D16-36C8-411C-9C80-2FF906A9E355}\RP68\A0049670.exe -> Downloader.Agent.tc : Nettoyer et sauvegarder
C:\System Volume Information\_restore{B9A68D16-36C8-411C-9C80-2FF906A9E355}\RP69\A0049700.exe -> Downloader.Agent.tc : Nettoyer et sauvegarder
C:\System Volume Information\_restore{B9A68D16-36C8-411C-9C80-2FF906A9E355}\RP69\A0049711.exe -> Downloader.Agent.tc : Nettoyer et sauvegarder
C:\System Volume Information\_restore{B9A68D16-36C8-411C-9C80-2FF906A9E355}\RP69\A0049726.exe -> Downloader.Agent.tc : Nettoyer et sauvegarder
C:\System Volume Information\_restore{B9A68D16-36C8-411C-9C80-2FF906A9E355}\RP70\A0049765.exe -> Downloader.Agent.tc : Nettoyer et sauvegarder
C:\WINDOWS\system32\favset.exe -> Hijacker.Small.kg : Nettoyer et sauvegarder
C:\WINDOWS\system32\filesafer23.exe -> Hijacker.Small : Nettoyer et sauvegarder
C:\WINDOWS\system32\howiper.exe -> Trojan.Small.gq : Nettoyer et sauvegarder
::Fin du rapport
--------------------------------------
BitDefender Online Scanner
--------------------------------------
Scan report generated at: Mon, May 15, 2006 - 16:04:05
Scan path: A:\;C:\;D:\;E:\;
Statistics
Time
00:28:05
Files
220268
Folders
3420
Boot Sectors
3
Archives
1450
Packed Files
9042
Results
Identified Viruses
5
Infected Files
6
Suspect Files
1
Warnings
0
Disinfected
0
Deleted Files
7
Engines Info
Virus Definitions
374922
Engine build
AVCORE v1.0 (build 2310) (i386) (Apr 17 2006 16:24:38)
Scan plugins
13
Archive plugins
40
Unpack plugins
4
E-mail plugins
6
System plugins
1
Scan Settings
First Action
Disinfect
Second Action
Delete
Heuristics
Yes
Enable Warnings
Yes
Scanned Extensions
*;
Exclude Extensions
Scan Emails
Yes
Scan Archives
Yes
Scan Packed
Yes
Scan Files
Yes
Scan Boot
Yes
Scanned File
Status
C:\Documents and Settings\marie\Local Settings\Temporary Internet Files\Content.IE5\89MNW1U7\trf2[1].htm
Suspected of: Trojan.Downloader.HTML.Agent.A
C:\Documents and Settings\marie\Local Settings\Temporary Internet Files\Content.IE5\89MNW1U7\trf2[1].htm
Disinfection failed
C:\Documents and Settings\marie\Local Settings\Temporary Internet Files\Content.IE5\89MNW1U7\trf2[1].htm
Deleted
C:\Documents and Settings\marie\Local Settings\Temporary Internet Files\Content.IE5\8L0PEFGX\sploit[1].anr
Infected with: Exploit.Win32.MS05-002.Gen
C:\Documents and Settings\marie\Local Settings\Temporary Internet Files\Content.IE5\8L0PEFGX\sploit[1].anr
Disinfection failed
C:\Documents and Settings\marie\Local Settings\Temporary Internet Files\Content.IE5\8L0PEFGX\sploit[1].anr
Deleted
C:\Documents and Settings\marie\Local Settings\Temporary Internet Files\Content.IE5\IPCRAH25\2__[1].htm
Infected with: Exploit.Phel.Gen
C:\Documents and Settings\marie\Local Settings\Temporary Internet Files\Content.IE5\IPCRAH25\2__[1].htm
Disinfection failed
C:\Documents and Settings\marie\Local Settings\Temporary Internet Files\Content.IE5\IPCRAH25\2__[1].htm
Deleted
C:\Program Files\ewido anti-malware\Quarantine\fil64CCA100.dat=>(gzip)
Infected with: Trojan.Downloader.HTML.Agent.B
C:\Program Files\ewido anti-malware\Quarantine\fil64CCA100.dat=>(gzip)
Disinfection failed
C:\Program Files\ewido anti-malware\Quarantine\fil64CCA100.dat=>(gzip)
Deleted
C:\Program Files\ewido anti-malware\Quarantine\fil64CCA100.dat
Update failed
C:\Program Files\ewido anti-malware\Quarantine\fil6BB6F900.dat=>(gzip)
Infected with: Trojan.Downloader.HTML.Agent.B
C:\Program Files\ewido anti-malware\Quarantine\fil6BB6F900.dat=>(gzip)
Disinfection failed
C:\Program Files\ewido anti-malware\Quarantine\fil6BB6F900.dat=>(gzip)
Deleted
C:\Program Files\ewido anti-malware\Quarantine\fil6BB6F900.dat
Update failed
C:\System Volume Information\_restore{B9A68D16-36C8-411C-9C80-2FF906A9E355}\RP70\A0049776.exe
Infected with: Trojan.Downloader.Small.AOR
C:\System Volume Information\_restore{B9A68D16-36C8-411C-9C80-2FF906A9E355}\RP70\A0049776.exe
Disinfection failed
C:\System Volume Information\_restore{B9A68D16-36C8-411C-9C80-2FF906A9E355}\RP70\A0049776.exe
Deleted
C:\System Volume Information\_restore{B9A68D16-36C8-411C-9C80-2FF906A9E355}\RP70\A0049778.exe
Infected with: Trojan.Downloader.Small.AOQ
C:\System Volume Information\_restore{B9A68D16-36C8-411C-9C80-2FF906A9E355}\RP70\A0049778.exe
Disinfection failed
C:\System Volume Information\_restore{B9A68D16-36C8-411C-9C80-2FF906A9E355}\RP70\A0049778.exe
Deleted
BitDefender Online Scanner - Real Time Virus Report
Generated at: Mon, May 15, 2006 - 16:08:29
--------------------------------------------------------------------------------
Scan Info
Scanned Files
220342
Infected Files
7
Virus Detected
Exploit.Phel.Gen
1
Trojan.Downloader.Small.AOQ
1
Trojan.Downloader.Small.AOR
1
Trojan.Downloader.HTML.Agent.A
1
Trojan.Downloader.HTML.Agent.B
2
Exploit.Win32.MS05-002.Gen
1
--------------------------------------------------------------------
Logfile of HijackThis v1.99.1
Scan saved at 16:12:22, on 15/05/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\system32\nvraidservice.exe
C:\Program Files\ASUS\Asus Probe\AsusProb.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\PROGRA~1\MESSAG~1\StartMessager.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\marie\Mes documents\Les Install\Logiciels téléchargés\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL (file missing)
O1 - Hosts: localhost 127.0.0.1
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [NVRaidService] C:\WINDOWS\system32\nvraidservice.exe
O4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Asus Probe\AsusProb.exe
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [MessagerStarter Wanadoo] C:\PROGRA~1\MESSAG~1\StartMessager.exe Messager Wanadoo
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [WOOKIT] C:\Program Files\Wanadoo\EspaceWanadoo.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
O4 - HKLM\..\Run: [Cloneur Expert Monitor] "C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe"
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [exe.zrtmd] C:\WINDOWS\system32\dmtrz.exe
O4 - HKLM\..\Run: [exe.sxsmd] C:\WINDOWS\system32\dmsxs.exe
O4 - HKLM\..\Run: [exe.jljmd] C:\WINDOWS\system32\dmjlj.exe
O4 - HKLM\..\Run: [exe.dqwmd] C:\WINDOWS\system32\dmwqd.exe
O4 - HKLM\..\Run: [exe.dkimd] C:\WINDOWS\system32\dmikd.exe
O4 - HKLM\..\Run: [exe.yjomd] C:\WINDOWS\system32\dmojy.exe
O4 - HKLM\..\Run: [exe.vosmd] C:\WINDOWS\system32\dmsov.exe
O4 - HKLM\..\Run: [exe.kjimd] C:\WINDOWS\system32\dmijk.exe
O4 - HKLM\..\Run: [exe.whlmd] C:\WINDOWS\system32\dmlhw.exe
O4 - HKLM\..\Run: [exe.rfmmd] C:\WINDOWS\system32\dmmfr.exe
O4 - HKLM\..\Run: [exe.mtsmd] C:\WINDOWS\system32\dmstm.exe
O4 - HKLM\..\Run: [exe.dmgmd] C:\WINDOWS\system32\dmgmd.exe
O4 - HKLM\..\Run: [exe.cpvmd] C:\WINDOWS\system32\dmvpc.exe
O4 - HKLM\..\Run: [exe.fvbmd] C:\WINDOWS\system32\dmbvf.exe
O4 - HKLM\..\Run: [exe.zsbmd] C:\WINDOWS\system32\dmbsz.exe
O4 - HKLM\..\Run: [exe.jkqmd] C:\WINDOWS\system32\dmqkj.exe
O4 - HKLM\..\Run: [exe.jitmd] C:\WINDOWS\system32\dmtij.exe
O4 - HKLM\..\Run: [exe.sffmd] C:\WINDOWS\system32\dmffs.exe
O4 - HKLM\..\Run: [exe.nbxmd] C:\WINDOWS\system32\dmxbn.exe
O4 - HKLM\..\Run: [exe.ugomd] C:\WINDOWS\system32\dmogu.exe
O4 - HKLM\..\Run: [exe.mqkmd] C:\WINDOWS\system32\dmkqm.exe
O4 - HKLM\..\Run: [exe.eormd] C:\WINDOWS\system32\dmroe.exe
O4 - HKLM\..\Run: [exe.napmd] C:\WINDOWS\system32\dmpan.exe
O4 - HKLM\..\Run: [exe.utzmd] C:\WINDOWS\system32\dmztu.exe
O4 - HKLM\..\Run: [exe.upimd] C:\WINDOWS\system32\dmipu.exe
O4 - HKLM\..\Run: [exe.rmsmd] C:\WINDOWS\system32\dmsmr.exe
O4 - HKLM\..\Run: [exe.jlnmd] C:\WINDOWS\system32\dmnlj.exe
O4 - HKLM\..\Run: [exe.hytmd] C:\WINDOWS\system32\dmtyh.exe
O4 - HKLM\..\Run: [exe.mybmd] C:\WINDOWS\system32\dmbym.exe
O4 - HKLM\..\Run: [exe.vtnmd] C:\WINDOWS\system32\dmntv.exe
O4 - HKLM\..\Run: [exe.mcpmd] C:\WINDOWS\system32\dmpcm.exe
O4 - HKLM\..\Run: [exe.kkmmd] C:\WINDOWS\system32\dmmkk.exe
O4 - HKLM\..\Run: [exe.gtumd] C:\WINDOWS\system32\dmutg.exe
O4 - HKLM\..\Run: [exe.pojmd] C:\WINDOWS\system32\dmjop.exe
O4 - HKLM\..\Run: [exe.hiemd] C:\WINDOWS\system32\dmeih.exe
O4 - HKLM\..\Run: [exe.ffnmd] C:\WINDOWS\system32\dmnff.exe
O4 - HKLM\..\Run: [exe.cznmd] C:\WINDOWS\system32\dmnzc.exe
O4 - HKLM\..\Run: [exe.pdymd] C:\WINDOWS\system32\dmydp.exe
O4 - HKLM\..\Run: [exe.zgdmd] C:\WINDOWS\system32\dmdgz.exe
O4 - HKLM\..\Run: [exe.vbkmd] C:\WINDOWS\system32\dmkbv.exe
O4 - HKLM\..\Run: [exe.agomd] C:\WINDOWS\system32\dmoga.exe
O4 - HKLM\..\Run: [exe.nfjmd] C:\WINDOWS\system32\dmjfn.exe
O4 - HKLM\..\Run: [exe.ytumd] C:\WINDOWS\system32\dmuty.exe
O4 - HKLM\..\Run: [exe.zalmd] C:\WINDOWS\system32\dmlaz.exe
O4 - HKLM\..\Run: [exe.muumd] C:\WINDOWS\system32\dmuum.exe
O4 - HKLM\..\Run: [exe.xwqmd] C:\WINDOWS\system32\dmqwx.exe
O4 - HKLM\..\Run: [exe.bcemd] C:\WINDOWS\system32\dmecb.exe
O4 - HKLM\..\Run: [exe.gtlmd] C:\WINDOWS\system32\dmltg.exe
O4 - HKLM\..\Run: [exe.hhlmd] C:\WINDOWS\system32\dmlhh.exe
O4 - HKLM\..\Run: [exe.psemd] C:\WINDOWS\system32\dmesp.exe
O4 - HKLM\..\Run: [exe.duwmd] C:\WINDOWS\system32\dmwud.exe
O4 - HKLM\..\Run: [exe.puzmd] C:\WINDOWS\system32\dmzup.exe
O4 - HKLM\..\Run: [exe.befmd] C:\WINDOWS\system32\dmfeb.exe
O4 - HKLM\..\Run: [exe.iwtmd] C:\WINDOWS\system32\dmtwi.exe
O4 - HKLM\..\Run: [exe.dzymd] C:\WINDOWS\system32\dmyzd.exe
O4 - HKLM\..\Run: [exe.fscmd] C:\WINDOWS\system32\dmcsf.exe
O4 - HKLM\..\Run: [exe.fpcmd] C:\WINDOWS\system32\dmcpf.exe
O4 - HKLM\..\Run: [exe.ibqmd] C:\WINDOWS\system32\dmqbi.exe
O4 - HKLM\..\Run: [exe.ffkmd] C:\WINDOWS\system32\dmkff.exe
O4 - HKLM\..\Run: [exe.tremd] C:\WINDOWS\system32\dmert.exe
O4 - HKLM\..\Run: [exe.buqmd] C:\WINDOWS\system32\dmqub.exe
O4 - HKLM\..\Run: [exe.edamd] C:\WINDOWS\system32\dmade.exe
O4 - HKLM\..\Run: [exe.qztmd] C:\WINDOWS\system32\dmtzq.exe
O4 - HKLM\..\Run: [exe.vsemd] C:\WINDOWS\system32\dmesv.exe
O4 - HKLM\..\Run: [exe.silmd] C:\WINDOWS\system32\dmlis.exe
O4 - HKLM\..\Run: [exe.avymd] C:\WINDOWS\system32\dmyva.exe
O4 - HKLM\..\Run: [yaemu.exe] C:\WINDOWS\system32\yaemu.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [UnSpyPC] "C:\Program Files\UnSpyPC\UnSpyPC.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Global Startup: Barre d'état système d'ATI CATALYST.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Scan and protect your PC - {BF69DF00-4734-477F-8257-27CD04F88779} - C:\Program Files\UnSpyPC\UnSpyPC.exe (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Scan and protect your PC - {BF69DF00-4734-477F-8257-27CD04F88779} - C:\Program Files\UnSpyPC\UnSpyPC.exe (file missing) (HKCU)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{210801DE-DFE7-458A-B4F5-1B89738CF1A3}: NameServer = 85.255.115.46 85.255.112.230
O17 - HKLM\System\CCS\Services\Tcpip\..\{426DC526-FCF5-4EA1-9D3A-1875EB543A07}: NameServer = 85.255.115.46,85.255.112.230
O17 - HKLM\System\CCS\Services\Tcpip\..\{B28B0D39-787D-45F4-B0F4-AAF0920DCDFB}: NameServer = 85.255.115.46,85.255.112.230
O17 - HKLM\System\CS2\Services\Tcpip\..\{210801DE-DFE7-458A-B4F5-1B89738CF1A3}: NameServer = 85.255.115.46 85.255.112.230
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
Merci d'avance
Exemple de rapport de stage
