Sujet Précédent Sujet Suivant

Rapport hijackthis

Résolu
Marie-kiri Messages postés 67 Statut Membre -  
Marie-kiri Messages postés 67 Statut Membre -
bonjour, j'ai un problème avec mon ordinateur. je trouve qu'il est très lent. De plus il fait beaucoup de bruit (je viens de nettoyer les ventilateurs). Serait-il possible de lire mon rapport hijackthis?
Merci à vous
A voir également:

34 réponses

  • 1
  • 2
Réponse 1 / 34
green day Messages postés 26722 Statut Modérateur, Contributeur sécurité 2 163
 
Salut

Poste le ;-))

++
0
Réponse 2 / 34
Marie-kiri Messages postés 67 Statut Membre 1
 
le voila!
je crois que tu vas etre horrifié!lol
bon courage

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 13:36:06, on 14/05/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Palm\Hotsync.exe
C:\Program Files\Sitecom\Logiciel Bluetooth\BTTray.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Sitecom\Logiciel Bluetooth\bin\btwdins.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\CHAUSSAVOINE\Bureau\HiJackThis_v2.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O2 - BHO: (no name) - {584993D2-B1F1-8CE4-2611-446648054C3B} - C:\DOCUME~1\CHAUSS~1\APPLIC~1\EQFILE~1\Global Pop.exe (file missing)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [KAVPersonal50] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe" /minimize
O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [SemanticInsight] C:\Program Files\RXToolBar\Semantic Insight\SemanticInsight.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKLM\..\Policies\Explorer\Run: [homepage.monitor.exe] C:\Program Files\iCodecPack\isamonitor.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: RegFreeze.lnk = C:\Program Files\RegFreeze\regfreeze.exe
O4 - Startup: Outil de détection de support de Cyber-shot Viewer.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O4 - Global Startup: HOTSYNCSHORTCUTNAME.lnk = C:\Program Files\Palm\Hotsync.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: AVG Anti-Spyware 7.5
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZS
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\Sitecom\Logiciel Bluetooth\btsendto_ie_ctx.htm
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?6510ede6b15d45c2a2f0d1d2b2437e73
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?6510ede6b15d45c2a2f0d1d2b2437e73
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Sitecom\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Sitecom\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: AdsGone - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\Program Files\AdsGone\adsgone (file missing)
O9 - Extra 'Tools' menuitem: &AdsGone Settings - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\Program Files\AdsGone\adsgone (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O18 - Filter hijack: text/html - (no CLSID) - (no file)
O21 - SSODL: considerateness - {4d993022-0899-4599-b4b6-0f887d0802e6} - (no file)
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: considerateness - {4d993022-0899-4599-b4b6-0f887d0802e6} - (no file)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation - C:\Program Files\Sitecom\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Administration IIS (IISADMIN) - Unknown owner - C:\WINDOWS\system32\inetsrv\inetinfo.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
O23 - Service: kavsvc - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NMSAccess - Unknown owner - C:\Program Files\CDBurnerXP Pro 3\Tools\NMSAccess.exe (file missing)
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Simple Mail Transfer Protocol (SMTP) (SMTPSVC) - Unknown owner - C:\WINDOWS\system32\inetsrv\inetinfo.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Publication World Wide Web (W3SVC) - Unknown owner - C:\WINDOWS\system32\inetsrv\inetinfo.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe
O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe
0
Réponse 3 / 34
green day Messages postés 26722 Statut Modérateur, Contributeur sécurité 2 163
 
J'ai déjà vu plus inquiétant :)

fais ce qui est indiqué ic istp

virus methode preliminaire de desinfection version fr

++
0
Réponse 4 / 34
Marie-kiri Messages postés 67 Statut Membre 1
 
RE.
j'arrive pas à faire la sauvegarde du registre. il devrait me proposer d'en faire une, non?
merci
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 34
green day Messages postés 26722 Statut Modérateur, Contributeur sécurité 2 163
 
re

la sauvegarde du registre ???

++
0
Réponse 6 / 34
Marie-kiri Messages postés 67 Statut Membre 1
 
oui?
pourquoi? y un problème?
j'ai oublié de te dire que je suis nulle en informatique...
dans Ccleaner, il est dit que avant de réparé les erreurs il faut faire une sauvegarde du registre mais je ne sais pas comment faire. Mais j'ai cru comprendre qu'il le proposait automatiquement. mais je dois me trompé.
++
0
Réponse 7 / 34
green day Messages postés 26722 Statut Modérateur, Contributeur sécurité 2 163
 
Ah ! ok :)

en fait, après avoir réparer les erreurs, ccleaner va te demander si tu veux faire une sauvegarde ou pas, et la tu reponds oui !

++
0
Réponse 8 / 34
Marie-kiri Messages postés 67 Statut Membre 1
 
re
je te poste le rapport de AVG mm si je crois que ca va pas servir.
je vais maintenant faire un scan avec BitDefender au cas ou..

---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 16:39:35 14/05/2007

+ Résultat de l'analyse:

Rien à signaler.

Fin du rapport

merci de tes conseils
++
0
Réponse 9 / 34
Marie-kiri Messages postés 67 Statut Membre 1
 
RE
le scan en ligne de BitDefender est terminé, je te poste le rapport.
qu'en penses-tu?

BitDefender Online Scanner

Scan report generated at: Mon, May 14, 2007 - 18:01:37

Scan path: A:\;C:\;D:\;E:\;

Statistics

Time

01:10:22

Files

289645

Folders

4838

Boot Sectors

3

Archives

7951

Packed Files

26392

Results

Identified Viruses

6

Infected Files

80

Suspect Files

0

Warnings

0

Disinfected

0

Deleted Files

80

Engines Info

Virus Definitions

506209

Engine build

AVCORE v1.0 (build 2397) (i386) (Feb 8 2007 14:24:08)

Scan plugins

14

Archive plugins

38

Unpack plugins

6

E-mail plugins

6

System plugins

1

Scan Settings

First Action

Disinfect

Second Action

Delete

Heuristics

Yes

Enable Warnings

Yes

Scanned Extensions

*;

Exclude Extensions

Scan Emails

Yes

Scan Archives

Yes

Scan Packed

Yes

Scan Files

Yes

Scan Boot

Yes

Scanned File

Status

C:\WINDOWS\system32\windowsautomaticupdates.bat

Infected with: BAT.Installer.A

C:\WINDOWS\system32\windowsautomaticupdates.bat

Disinfection failed

C:\WINDOWS\system32\windowsautomaticupdates.bat

Deleted

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\boredelete.exe

Infected with: GenPack:Trojan.Swizzor.BF

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\boredelete.exe

Disinfection failed

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\boredelete.exe

Deleted

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\error stupid.exe

Infected with: GenPack:Trojan.Swizzor.BF

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\error stupid.exe

Disinfection failed

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\error stupid.exe

Deleted

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\PlatformBurn.exe

Infected with: GenPack:Trojan.Swizzor.BF

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\PlatformBurn.exe

Disinfection failed

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\PlatformBurn.exe

Deleted

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\filmarmy.exe

Infected with: GenPack:Trojan.Swizzor.BF

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\filmarmy.exe

Disinfection failed

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\filmarmy.exe

Deleted

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\bytewarn.exe

Infected with: GenPack:Trojan.Swizzor.BF

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\bytewarn.exe

Disinfection failed

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\bytewarn.exe

Deleted

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\file meow.exe

Infected with: GenPack:Trojan.Swizzor.BF

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\file meow.exe

Disinfection failed

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\file meow.exe

Deleted

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\Book dead.exe

Infected with: Trojan.Downloader.Swizzor.DV

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\Book dead.exe

Deleted

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\Type Download.exe

Infected with: GenPack:Trojan.Swizzor.BF

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\Type Download.exe

Disinfection failed

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\Type Download.exe

Deleted

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\Joystupid.exe

Infected with: GenPack:Trojan.Swizzor.BF

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\Joystupid.exe

Disinfection failed

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\Joystupid.exe

Deleted

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\Team intra.exe

Infected with: GenPack:Trojan.Swizzor.BF

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\Team intra.exe

Disinfection failed

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\Team intra.exe

Deleted

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\warn regs.exe

Infected with: GenPack:Trojan.Swizzor.BF

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\warn regs.exe

Disinfection failed

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\warn regs.exe

Deleted

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\stupid corn.exe

Infected with: GenPack:Trojan.Swizzor.BF

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\stupid corn.exe

Disinfection failed

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\stupid corn.exe

Deleted

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\Stylememo.exe

Infected with: GenPack:Trojan.Swizzor.BF

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\Stylememo.exe

Disinfection failed

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\Stylememo.exe

Deleted

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\CampMeow.exe

Infected with: GenPack:Trojan.Swizzor.BF

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\CampMeow.exe

Disinfection failed

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\CampMeow.exe

Deleted

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\active first.exe

Infected with: GenPack:Trojan.Swizzor.BF

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\active first.exe

Disinfection failed

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\active first.exe

Deleted

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\name base.exe

Infected with: GenPack:Trojan.Swizzor.BF

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\name base.exe

Disinfection failed

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\name base.exe

Deleted

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\birdmemo.exe

Infected with: GenPack:Trojan.Swizzor.BF

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\birdmemo.exe

Disinfection failed

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\birdmemo.exe

Deleted

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\Forkmemo.exe

Infected with: GenPack:Trojan.Swizzor.BF

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\Forkmemo.exe

Disinfection failed

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\Forkmemo.exe

Deleted

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\ljnlxruw.exe

Infected with: Trojan.Downloader.Swizzor.DV

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\ljnlxruw.exe

Deleted

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\AXISNEW.exe

Infected with: GenPack:Trojan.Swizzor.CL

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\AXISNEW.exe

Disinfection failed

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\AXISNEW.exe

Deleted

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\qqnlommk.exe

Infected with: GenPack:Trojan.Swizzor.BF

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\qqnlommk.exe

Disinfection failed

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\qqnlommk.exe

Deleted

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\ycjvibvo.exe

Infected with: GenPack:Trojan.Swizzor.BF

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\ycjvibvo.exe

Disinfection failed

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\ycjvibvo.exe

Deleted

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\mdrqvjth.exe

Infected with: GenPack:Trojan.Swizzor.BF

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\mdrqvjth.exe

Disinfection failed

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\mdrqvjth.exe

Deleted

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\rspejudn.exe

Infected with: GenPack:Trojan.Swizzor.BF

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\rspejudn.exe

Disinfection failed

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\rspejudn.exe

Deleted

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\wqucwifu.exe

Infected with: GenPack:Trojan.Swizzor.BF

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\wqucwifu.exe

Disinfection failed

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\wqucwifu.exe

Deleted

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\esbqxtvz.exe

Infected with: GenPack:Trojan.Swizzor.BF

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\esbqxtvz.exe

Disinfection failed

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\esbqxtvz.exe

Deleted

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\sasdtexb.exe

Infected with: GenPack:Trojan.Swizzor.BF

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\sasdtexb.exe

Disinfection failed

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\sasdtexb.exe

Deleted

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\nxwispvf.exe

Infected with: GenPack:Trojan.Swizzor.BF

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\nxwispvf.exe

Disinfection failed

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\nxwispvf.exe

Deleted

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\rgntibtj.exe

Infected with: GenPack:Trojan.Swizzor.BF

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\rgntibtj.exe

Disinfection failed

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\rgntibtj.exe

Deleted

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\jkdrbcuv.exe

Infected with: GenPack:Trojan.Swizzor.BF

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\jkdrbcuv.exe

Disinfection failed

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\jkdrbcuv.exe

Deleted

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\huzdldvx.exe

Infected with: GenPack:Trojan.Swizzor.BF

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\huzdldvx.exe

Disinfection failed

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\huzdldvx.exe

Deleted

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\rbogdelw.exe

Infected with: GenPack:Trojan.Swizzor.BF

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\rbogdelw.exe

Disinfection failed

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\rbogdelw.exe

Deleted

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\perolsug.exe

Infected with: GenPack:Trojan.Swizzor.BF

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\perolsug.exe

Disinfection failed

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\perolsug.exe

Deleted

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\wqhayzcv.exe

Infected with: GenPack:Trojan.Swizzor.BF

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\wqhayzcv.exe

Disinfection failed

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\wqhayzcv.exe

Deleted

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\xaxnyjqd.exe

Infected with: GenPack:Trojan.Swizzor.BF

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\xaxnyjqd.exe

Disinfection failed

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\xaxnyjqd.exe

Deleted

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\wzlvepxc.exe

Infected with: GenPack:Trojan.Swizzor.BF

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\wzlvepxc.exe

Disinfection failed

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\wzlvepxc.exe

Deleted

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\pepqjmkf.exe

Infected with: GenPack:Trojan.Swizzor.BF

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\pepqjmkf.exe

Disinfection failed

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\pepqjmkf.exe

Deleted

C:\Program Files\MyWebSearch\bar\1.bin\M3PLUGIN.DLL

Detected with: Adware.ToolBar.MyWebSearch.L

C:\Program Files\MyWebSearch\bar\1.bin\M3PLUGIN.DLL

Disinfection failed

C:\Program Files\MyWebSearch\bar\1.bin\M3PLUGIN.DLL

Deleted

C:\Program Files\mailskinner\OESkinner.dll

Infected with: Trojan.Mailskinner.DLL

C:\Program Files\mailskinner\OESkinner.dll

Disinfection failed

C:\Program Files\mailskinner\OESkinner.dll

Deleted

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506621.bat

Infected with: BAT.Installer.A

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506621.bat

Disinfection failed

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506621.bat

Deleted

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506622.exe

Infected with: GenPack:Trojan.Swizzor.BF

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506622.exe

Disinfection failed

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506622.exe

Deleted

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506623.exe

Infected with: GenPack:Trojan.Swizzor.BF

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506623.exe

Disinfection failed

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506623.exe

Deleted

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506624.exe

Infected with: GenPack:Trojan.Swizzor.BF

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506624.exe

Disinfection failed

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506624.exe

Deleted

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506625.exe

Infected with: GenPack:Trojan.Swizzor.BF

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506625.exe

Disinfection failed

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506625.exe

Deleted

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506626.exe

Infected with: GenPack:Trojan.Swizzor.BF

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506626.exe

Disinfection failed

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506626.exe

Deleted

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506627.exe

Infected with: GenPack:Trojan.Swizzor.BF

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506627.exe

Disinfection failed

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506627.exe

Deleted

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506628.exe

Infected with: Trojan.Downloader.Swizzor.DV

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506628.exe

Deleted

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506629.exe

Infected with: GenPack:Trojan.Swizzor.BF

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506629.exe

Disinfection failed

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506629.exe

Deleted

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506630.exe

Infected with: GenPack:Trojan.Swizzor.BF

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506630.exe

Disinfection failed

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506630.exe

Deleted

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506631.exe

Infected with: GenPack:Trojan.Swizzor.BF

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506631.exe

Disinfection failed

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506631.exe

Deleted

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506632.exe

Infected with: GenPack:Trojan.Swizzor.BF

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506632.exe

Disinfection failed

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506632.exe

Deleted

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506633.exe

Infected with: GenPack:Trojan.Swizzor.BF

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506633.exe

Disinfection failed

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506633.exe

Deleted

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506634.exe

Infected with: GenPack:Trojan.Swizzor.BF

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506634.exe

Disinfection failed

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506634.exe

Deleted

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506635.exe

Infected with: GenPack:Trojan.Swizzor.BF

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506635.exe

Disinfection failed

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506635.exe

Deleted

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506636.exe

Infected with: GenPack:Trojan.Swizzor.BF

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506636.exe

Disinfection failed

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506636.exe

Deleted

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506637.exe

Infected with: GenPack:Trojan.Swizzor.BF

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506637.exe

Disinfection failed

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506637.exe

Deleted

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506638.exe

Infected with: GenPack:Trojan.Swizzor.BF

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506638.exe

Disinfection failed

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506638.exe

Deleted

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506639.exe

Infected with: GenPack:Trojan.Swizzor.BF

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506639.exe

Disinfection failed

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506639.exe

Deleted

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506640.exe

Infected with: Trojan.Downloader.Swizzor.DV

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506640.exe

Deleted

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506641.exe

Infected with: GenPack:Trojan.Swizzor.CL

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506641.exe

Disinfection failed

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506641.exe

Deleted

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506642.exe

Infected with: GenPack:Trojan.Swizzor.BF

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506642.exe

Disinfection failed

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506642.exe

Deleted

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506643.exe

Infected with: GenPack:Trojan.Swizzor.BF

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506643.exe

Disinfection failed

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506643.exe

Deleted

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506644.exe

Infected with: GenPack:Trojan.Swizzor.BF

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506644.exe

Disinfection failed

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506644.exe

Deleted

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506645.exe

Infected with: GenPack:Trojan.Swizzor.BF

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506645.exe

Disinfection failed

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506645.exe

Deleted

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506646.exe

Infected with: GenPack:Trojan.Swizzor.BF

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506646.exe

Disinfection failed

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506646.exe

Deleted

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506647.exe

Infected with: GenPack:Trojan.Swizzor.BF

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506647.exe

Disinfection failed

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506647.exe

Deleted

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506648.exe

Infected with: GenPack:Trojan.Swizzor.BF

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506648.exe

Disinfection failed

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506648.exe

Deleted

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506649.exe

Infected with: GenPack:Trojan.Swizzor.BF

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506649.exe

Disinfection failed

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506649.exe

Deleted

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506650.exe

Infected with: GenPack:Trojan.Swizzor.BF

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506650.exe

Disinfection failed

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506650.exe

Deleted

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506651.exe

Infected with: GenPack:Trojan.Swizzor.BF

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506651.exe

Disinfection failed

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506651.exe

Deleted

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506652.exe

Infected with: GenPack:Trojan.Swizzor.BF

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506652.exe

Disinfection failed

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506652.exe

Deleted

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506653.exe

Infected with: GenPack:Trojan.Swizzor.BF

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506653.exe

Disinfection failed

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506653.exe

Deleted

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506654.exe

Infected with: GenPack:Trojan.Swizzor.BF

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506654.exe

Disinfection failed

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506654.exe

Deleted

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506655.exe

Infected with: GenPack:Trojan.Swizzor.BF

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506655.exe

Disinfection failed

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506655.exe

Deleted

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506656.exe

Infected with: GenPack:Trojan.Swizzor.BF

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506656.exe

Disinfection failed

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506656.exe

Deleted

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506657.exe

Infected with: GenPack:Trojan.Swizzor.BF

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506657.exe

Disinfection failed

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506657.exe

Deleted

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506658.exe

Infected with: GenPack:Trojan.Swizzor.BF

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506658.exe

Disinfection failed

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506658.exe

Deleted

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506659.DLL

Detected with: Adware.ToolBar.MyWebSearch.L

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506659.DLL

Disinfection failed

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506659.DLL

Deleted

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506660.dll

Infected with: Trojan.Mailskinner.DLL

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506660.dll

Disinfection failed

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506660.dll

Deleted

c grave?
merci
a+
0
Réponse 10 / 34
Marie-kiri Messages postés 67 Statut Membre 1
 
je te poste le rapport Hijackthis que je viens de faire.
ca fait beaucoup de boulot qd mm!!

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 18:07:55, on 14/05/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Palm\Hotsync.exe
C:\Program Files\Sitecom\Logiciel Bluetooth\BTTray.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Sitecom\Logiciel Bluetooth\bin\btwdins.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
C:\Documents and Settings\CHAUSSAVOINE\Bureau\anti-virus\HiJackThis_v2.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O2 - BHO: (no name) - {584993D2-B1F1-8CE4-2611-446648054C3B} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [KAVPersonal50] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe" /minimize
O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKLM\..\Policies\Explorer\Run: [homepage.monitor.exe] C:\Program Files\iCodecPack\isamonitor.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Outil de détection de support de Cyber-shot Viewer.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O4 - Global Startup: HOTSYNCSHORTCUTNAME.lnk = C:\Program Files\Palm\Hotsync.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: AVG Anti-Spyware 7.5
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZS
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\Sitecom\Logiciel Bluetooth\btsendto_ie_ctx.htm
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?6510ede6b15d45c2a2f0d1d2b2437e73
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?6510ede6b15d45c2a2f0d1d2b2437e73
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Sitecom\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Sitecom\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: AdsGone - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\Program Files\AdsGone\adsgone (file missing)
O9 - Extra 'Tools' menuitem: &AdsGone Settings - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\Program Files\AdsGone\adsgone (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O18 - Filter hijack: text/html - (no CLSID) - (no file)
O21 - SSODL: considerateness - {4d993022-0899-4599-b4b6-0f887d0802e6} - (no file)
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: considerateness - {4d993022-0899-4599-b4b6-0f887d0802e6} - (no file)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation - C:\Program Files\Sitecom\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Administration IIS (IISADMIN) - Unknown owner - C:\WINDOWS\system32\inetsrv\inetinfo.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
O23 - Service: kavsvc - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NMSAccess - Unknown owner - C:\Program Files\CDBurnerXP Pro 3\Tools\NMSAccess.exe (file missing)
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Simple Mail Transfer Protocol (SMTP) (SMTPSVC) - Unknown owner - C:\WINDOWS\system32\inetsrv\inetinfo.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Publication World Wide Web (W3SVC) - Unknown owner - C:\WINDOWS\system32\inetsrv\inetinfo.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe
O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe
0
Réponse 11 / 34
green day Messages postés 26722 Statut Modérateur, Contributeur sécurité 2 163
 
ok, où en sont tes soucis ???

++
0
Réponse 12 / 34
Marie-kiri Messages postés 67 Statut Membre 1
 
re
il est bcp plus rapide mais il fait toujours autant de bruit, je pense qu'un des ventilateurs doit etre changer.
que dise les différents rapport que j'ai posté?
merci
++
0
Réponse 13 / 34
green day Messages postés 26722 Statut Modérateur, Contributeur sécurité 2 163
 
Beaucoup de saletés, mais ils ont été supprimé !

# Désactiver la Restauration du système

* Cliquez sur le bouton Démarrer.
* Cliquez avec le bouton droit de la souris sur Poste de travail puis cliquez sur Propriétés.
* Dans l'onglet Restauration du système, sélectionnez l'option Désactiver la Restauration du système ou Désactiver la Restauration du système sur tous les lecteurs

( tu pourras la réactivé à la fin de la manip )

# Relance HijackThis : choisis " do a scan only" coche la case devant les lignes ci-dessous et clique en bas sur "fix checked" :

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC

R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
R3 - URLSearchHook: (no name) - - (no file)

O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O2 - BHO: (no name) - {584993D2-B1F1-8CE4-2611-446648054C3B} - (no file)

O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1

O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZS
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm

O22 - SharedTaskScheduler: considerateness - {4d993022-0899-4599-b4b6-0f887d0802e6} - (no file)

ensuite cherche et supprime ce logiciel :

MyWebSearch Search

et enfin :

# Télécharge ceci: (merci a S!RI pour ce petit programme).

http://siri.urz.free.fr/Fix/SmitfraudFix.zip

Exécute le, Double click sur Smitfraudfix.cmd choisit l’option 1,
voila a quoi cela ressemble : http://siri.urz.free.fr/Fix/SmitfraudFix.php
il va générer un rapport : copie/colle le sur le poste stp.

@+

La sagesse, c'est d'avoir des rêves suffisamment grands pour ne pas les
perdre de vue lorsqu'on les poursuit. (Oscar Wilde)
0
Réponse 14 / 34
Marie-kiri Messages postés 67 Statut Membre 1
 
j'ai un message d'erreur qui s'affiche qd je veux supprimer MyWebsearch. le message dit : impossible de supprimer MWSBAR.DLL
j'ai chercher dans ajout/suppression de programme, je le trouve pas. comment faire pour le supprimer?
merci
++
0
Réponse 15 / 34
green day Messages postés 26722 Statut Modérateur, Contributeur sécurité 2 163
 
ok, passe à la suite; on verra au fur et à mesure !

++
0
Réponse 16 / 34
Marie-kiri Messages postés 67 Statut Membre 1
 
voila le rapprt:

SmitFraudFix v2.181

Rapport fait à 19:45:55,10, 14/05/2007
Executé à partir de C:\Documents and Settings\CHAUSSAVOINE\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est FAT32
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\windows\system32\pvwgnut.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Palm\Hotsync.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Sitecom\Logiciel Bluetooth\bin\btwdins.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\cmd.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts

»»»»»»»»»»»»»»»»»»»»»»»» C:\

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles

»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\CHAUSSAVOINE

»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\CHAUSSAVOINE\Application Data

»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer

»»»»»»»»»»»»»»»»»»»»»»»»

»»»»»»»»»»»»»»»»»»»»»»»» Bureau

»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files

»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues

»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"

»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""

»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""

»»»»»»»»»»»»»»»»»»»»»»»» pe386-msguard-lzx32-huy32

»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: Realtek RTL8139/810x Family Fast Ethernet NIC #2 - Miniport d'ordonnancement de paquets
DNS Server Search Order: 212.27.54.252
DNS Server Search Order: 212.27.53.252

Description: Realtek RTL8139/810x Family Fast Ethernet NIC #2 - Miniport d'ordonnancement de paquets
DNS Server Search Order: 212.27.54.252
DNS Server Search Order: 212.27.53.252

HKLM\SYSTEM\CCS\Services\Tcpip\..\{4FC48CF4-7B48-4E66-9277-0E8ECE90E3E0}: DhcpNameServer=212.27.54.252 212.27.53.252
HKLM\SYSTEM\CCS\Services\Tcpip\..\{D4060057-96F4-4625-AE5E-1CBD391F47BB}: DhcpNameServer=212.27.54.252 212.27.53.252
HKLM\SYSTEM\CS1\Services\Tcpip\..\{4FC48CF4-7B48-4E66-9277-0E8ECE90E3E0}: DhcpNameServer=212.27.54.252 212.27.53.252
HKLM\SYSTEM\CS1\Services\Tcpip\..\{D4060057-96F4-4625-AE5E-1CBD391F47BB}: DhcpNameServer=212.27.54.252 212.27.53.252
HKLM\SYSTEM\CS3\Services\Tcpip\..\{4FC48CF4-7B48-4E66-9277-0E8ECE90E3E0}: DhcpNameServer=212.27.54.252 212.27.53.252
HKLM\SYSTEM\CS3\Services\Tcpip\..\{D4060057-96F4-4625-AE5E-1CBD391F47BB}: DhcpNameServer=212.27.54.252 212.27.53.252
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=212.27.54.252 212.27.53.252
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=212.27.54.252 212.27.53.252
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=212.27.54.252 212.27.53.252

»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll

»»»»»»»»»»»»»»»»»»»»»»»» Fin

merci de ton aide encore une fois
0
Réponse 17 / 34
green day Messages postés 26722 Statut Modérateur, Contributeur sécurité 2 163
 
ok,

Télécharge Blacklight (de F-Secure) :

https://europe.f-secure.com/exclude/blacklight/index.shtml

et sauvegarde le sur ton Bureau.

Double-clique blbeta.exe et accepte la licence ;clique Scan puis Next

Tu verras une liste de fichiers détectés apparaître. Tu verras également un rapport, sur ton Bureau, nommé fsbl.xxxxxxx.log (les xxxxxxx sont des chiffres).

Copie et colle le contenu de ce rapport dans ta prochaine réponse

++
0
Réponse 18 / 34
Marie-kiri Messages postés 67 Statut Membre 1
 
voila encore un rapport (ca en fait des rapport de pster en 1 journée!! lol)

05/14/07 19:56:12 [Info]: BlackLight Engine 1.0.61 initialized
05/14/07 19:56:12 [Info]: OS: 5.1 build 2600 (Service Pack 2)
05/14/07 19:56:12 [Note]: 7019 4
05/14/07 19:56:12 [Note]: 7005 0
05/14/07 19:56:28 [Note]: 7006 0
05/14/07 19:56:28 [Note]: 7011 1648
05/14/07 19:56:29 [Note]: 7026 0
05/14/07 19:56:29 [Note]: 7026 0
05/14/07 19:56:29 [Note]: 7015 404
05/14/07 19:56:29 [Note]: 7015 5
05/14/07 19:56:29 [Note]: 7015 1236
05/14/07 19:56:29 [Note]: 7015 5
05/14/07 19:56:29 [Note]: 7015 1764
05/14/07 19:56:29 [Note]: 7015 5
05/14/07 19:56:29 [Note]: 7024 3
05/14/07 19:56:29 [Info]: Hidden process: C:\windows\system32\pvwgnut.exe
05/14/07 19:56:37 [Note]: FSRAW library version 1.7.1021
05/14/07 19:57:01 [Info]: Hidden file: C:\windows\system32\pvwgnut.exe
05/14/07 19:57:02 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\PVWGNUT.DAT
05/14/07 19:57:02 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\PVWGNU~1.DAT
05/14/07 19:57:02 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\PVWGNU~2.DAT

voila
0
Réponse 19 / 34
green day Messages postés 26722 Statut Modérateur, Contributeur sécurité 2 163
 
Ouep ! mais c'est vite fait à lire :)

tu as encore pas mal de bébétes ...

Prendre connaissance du contenu du lien suivant:
http://www.f-secure.com/products/license-terms/eult_fra.pdf
Tu as donc pris connaissance et accepté les conditions d'utilisations du programme blacklight qui est inclus dans le dossier compressé navilog1.zip que tu vas télécharger.
Maintenant fais un clic droit sur ce lien :
http://perso.orange.fr/il.mafioso/Navifix/navilog1.zip
Enregistrer la cible (du lien) sous... et enregistre-le sur ton bureau.
Fais un clic droit sur navilog1.zip et choisis "tout extraire"
Ensuite double clique sur navilog1.bat
Laisses-toi guider. Au menu principal, choisis 1 et valides.
(ne fais pas le choix 2 sans notre avis/accord)
Patientes jusqu'au message :
*** Analyse Termine le ..... ***
Appuies sur une touche comme demandé, le blocnote va s'ouvrir.
Copies-colles l'intégralité dans une réponse. Refermes le blocnote.
Le rapport est en outre sauvegardé à la racine du disque (fixnavi.txt)

++
0
Réponse 20 / 34
Marie-kiri Messages postés 67 Statut Membre 1
 
je ne peu pas "tout extraire", un message me dit "aucune archive trouvée"
kes ke je doi faire?
++
0

Discussions similaires

Impossible d'afficher le rapport de tableau croisé dynamique sur un rapport
Utilisateur anonyme -
TomH. -

13 réponses
écrire un rapport de travail
asi -
REGINALD -

3 réponses
impossible d'afficher le tableau dynamique sur un rapport existant
Pierre -
Adrien71 -

3 réponses
Problém affichage du tableau croisé dynamique
BK -
Raymond PENTIER -

2 réponses
Theme de rapport de stage option comptabilité
sana saydou -
Raymond PENTIER -

2 réponses