Rapport hijackthis

Résolu
Marie-kiri Messages postés 67 Date d'inscription   Statut Membre Dernière intervention   -  
Marie-kiri Messages postés 67 Date d'inscription   Statut Membre Dernière intervention   -
bonjour, j'ai un problème avec mon ordinateur. je trouve qu'il est très lent. De plus il fait beaucoup de bruit (je viens de nettoyer les ventilateurs). Serait-il possible de lire mon rapport hijackthis?
Merci à vous

34 réponses

  • 1
  • 2
Réponse 1 / 34
green day Messages postés 26374 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   2 163
 
Salut

Poste le ;-))

++
0
Réponse 2 / 34
Marie-kiri Messages postés 67 Date d'inscription   Statut Membre Dernière intervention   1
 
le voila!
je crois que tu vas etre horrifié!lol
bon courage



Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 13:36:06, on 14/05/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Palm\Hotsync.exe
C:\Program Files\Sitecom\Logiciel Bluetooth\BTTray.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Sitecom\Logiciel Bluetooth\bin\btwdins.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\CHAUSSAVOINE\Bureau\HiJackThis_v2.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O2 - BHO: (no name) - {584993D2-B1F1-8CE4-2611-446648054C3B} - C:\DOCUME~1\CHAUSS~1\APPLIC~1\EQFILE~1\Global Pop.exe (file missing)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [KAVPersonal50] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe" /minimize
O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [SemanticInsight] C:\Program Files\RXToolBar\Semantic Insight\SemanticInsight.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKLM\..\Policies\Explorer\Run: [homepage.monitor.exe] C:\Program Files\iCodecPack\isamonitor.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: RegFreeze.lnk = C:\Program Files\RegFreeze\regfreeze.exe
O4 - Startup: Outil de détection de support de Cyber-shot Viewer.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O4 - Global Startup: HOTSYNCSHORTCUTNAME.lnk = C:\Program Files\Palm\Hotsync.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: AVG Anti-Spyware 7.5
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZS
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\Sitecom\Logiciel Bluetooth\btsendto_ie_ctx.htm
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?6510ede6b15d45c2a2f0d1d2b2437e73
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?6510ede6b15d45c2a2f0d1d2b2437e73
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Sitecom\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Sitecom\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: AdsGone - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\Program Files\AdsGone\adsgone (file missing)
O9 - Extra 'Tools' menuitem: &AdsGone Settings - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\Program Files\AdsGone\adsgone (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O18 - Filter hijack: text/html - (no CLSID) - (no file)
O21 - SSODL: considerateness - {4d993022-0899-4599-b4b6-0f887d0802e6} - (no file)
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: considerateness - {4d993022-0899-4599-b4b6-0f887d0802e6} - (no file)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation - C:\Program Files\Sitecom\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Administration IIS (IISADMIN) - Unknown owner - C:\WINDOWS\system32\inetsrv\inetinfo.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
O23 - Service: kavsvc - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NMSAccess - Unknown owner - C:\Program Files\CDBurnerXP Pro 3\Tools\NMSAccess.exe (file missing)
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Simple Mail Transfer Protocol (SMTP) (SMTPSVC) - Unknown owner - C:\WINDOWS\system32\inetsrv\inetinfo.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Publication World Wide Web (W3SVC) - Unknown owner - C:\WINDOWS\system32\inetsrv\inetinfo.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe
O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe
0
Réponse 3 / 34
green day Messages postés 26374 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   2 163
 
J'ai déjà vu plus inquiétant :)

fais ce qui est indiqué ic istp

virus methode preliminaire de desinfection version fr

++
0
Réponse 4 / 34
Marie-kiri Messages postés 67 Date d'inscription   Statut Membre Dernière intervention   1
 
RE.
j'arrive pas à faire la sauvegarde du registre. il devrait me proposer d'en faire une, non?
merci
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 34
green day Messages postés 26374 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   2 163
 
re

la sauvegarde du registre ???

++
0
Réponse 6 / 34
Marie-kiri Messages postés 67 Date d'inscription   Statut Membre Dernière intervention   1
 
oui?
pourquoi? y un problème?
j'ai oublié de te dire que je suis nulle en informatique...
dans Ccleaner, il est dit que avant de réparé les erreurs il faut faire une sauvegarde du registre mais je ne sais pas comment faire. Mais j'ai cru comprendre qu'il le proposait automatiquement. mais je dois me trompé.
++
0
Réponse 7 / 34
green day Messages postés 26374 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   2 163
 
Ah ! ok :)

en fait, après avoir réparer les erreurs, ccleaner va te demander si tu veux faire une sauvegarde ou pas, et la tu reponds oui !

++
0
Réponse 8 / 34
Marie-kiri Messages postés 67 Date d'inscription   Statut Membre Dernière intervention   1
 
re
je te poste le rapport de AVG mm si je crois que ca va pas servir.
je vais maintenant faire un scan avec BitDefender au cas ou..

---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 16:39:35 14/05/2007

+ Résultat de l'analyse:



Rien à signaler.



Fin du rapport

merci de tes conseils
++
0
Réponse 9 / 34
Marie-kiri Messages postés 67 Date d'inscription   Statut Membre Dernière intervention   1
 
RE
le scan en ligne de BitDefender est terminé, je te poste le rapport.
qu'en penses-tu?



BitDefender Online Scanner







Scan report generated at: Mon, May 14, 2007 - 18:01:37









Scan path: A:\;C:\;D:\;E:\;















Statistics

Time


01:10:22

Files


289645

Folders


4838

Boot Sectors


3

Archives


7951

Packed Files


26392







Results

Identified Viruses


6

Infected Files


80

Suspect Files


0

Warnings


0

Disinfected


0

Deleted Files


80







Engines Info

Virus Definitions


506209

Engine build


AVCORE v1.0 (build 2397) (i386) (Feb 8 2007 14:24:08)

Scan plugins


14

Archive plugins


38

Unpack plugins


6

E-mail plugins


6

System plugins


1







Scan Settings

First Action


Disinfect

Second Action


Delete

Heuristics


Yes

Enable Warnings


Yes

Scanned Extensions


*;

Exclude Extensions




Scan Emails


Yes

Scan Archives


Yes

Scan Packed


Yes

Scan Files


Yes

Scan Boot


Yes








Scanned File


Status

C:\WINDOWS\system32\windowsautomaticupdates.bat


Infected with: BAT.Installer.A

C:\WINDOWS\system32\windowsautomaticupdates.bat


Disinfection failed

C:\WINDOWS\system32\windowsautomaticupdates.bat


Deleted

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\boredelete.exe


Infected with: GenPack:Trojan.Swizzor.BF

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\boredelete.exe


Disinfection failed

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\boredelete.exe


Deleted

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\error stupid.exe


Infected with: GenPack:Trojan.Swizzor.BF

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\error stupid.exe


Disinfection failed

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\error stupid.exe


Deleted

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\PlatformBurn.exe


Infected with: GenPack:Trojan.Swizzor.BF

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\PlatformBurn.exe


Disinfection failed

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\PlatformBurn.exe


Deleted

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\filmarmy.exe


Infected with: GenPack:Trojan.Swizzor.BF

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\filmarmy.exe


Disinfection failed

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\filmarmy.exe


Deleted

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\bytewarn.exe


Infected with: GenPack:Trojan.Swizzor.BF

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\bytewarn.exe


Disinfection failed

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\bytewarn.exe


Deleted

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\file meow.exe


Infected with: GenPack:Trojan.Swizzor.BF

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\file meow.exe


Disinfection failed

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\file meow.exe


Deleted

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\Book dead.exe


Infected with: Trojan.Downloader.Swizzor.DV

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\Book dead.exe


Deleted

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\Type Download.exe


Infected with: GenPack:Trojan.Swizzor.BF

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\Type Download.exe


Disinfection failed

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\Type Download.exe


Deleted

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\Joystupid.exe


Infected with: GenPack:Trojan.Swizzor.BF

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\Joystupid.exe


Disinfection failed

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\Joystupid.exe


Deleted

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\Team intra.exe


Infected with: GenPack:Trojan.Swizzor.BF

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\Team intra.exe


Disinfection failed

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\Team intra.exe


Deleted

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\warn regs.exe


Infected with: GenPack:Trojan.Swizzor.BF

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\warn regs.exe


Disinfection failed

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\warn regs.exe


Deleted

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\stupid corn.exe


Infected with: GenPack:Trojan.Swizzor.BF

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\stupid corn.exe


Disinfection failed

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\stupid corn.exe


Deleted

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\Stylememo.exe


Infected with: GenPack:Trojan.Swizzor.BF

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\Stylememo.exe


Disinfection failed

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\Stylememo.exe


Deleted

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\CampMeow.exe


Infected with: GenPack:Trojan.Swizzor.BF

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\CampMeow.exe


Disinfection failed

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\CampMeow.exe


Deleted

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\active first.exe


Infected with: GenPack:Trojan.Swizzor.BF

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\active first.exe


Disinfection failed

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\active first.exe


Deleted

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\name base.exe


Infected with: GenPack:Trojan.Swizzor.BF

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\name base.exe


Disinfection failed

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\name base.exe


Deleted

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\birdmemo.exe


Infected with: GenPack:Trojan.Swizzor.BF

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\birdmemo.exe


Disinfection failed

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\birdmemo.exe


Deleted

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\Forkmemo.exe


Infected with: GenPack:Trojan.Swizzor.BF

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\Forkmemo.exe


Disinfection failed

C:\Documents and Settings\All Users\Application Data\Seek Ping Third Plan\Forkmemo.exe


Deleted

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\ljnlxruw.exe


Infected with: Trojan.Downloader.Swizzor.DV

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\ljnlxruw.exe


Deleted

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\AXISNEW.exe


Infected with: GenPack:Trojan.Swizzor.CL

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\AXISNEW.exe


Disinfection failed

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\AXISNEW.exe


Deleted

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\qqnlommk.exe


Infected with: GenPack:Trojan.Swizzor.BF

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\qqnlommk.exe


Disinfection failed

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\qqnlommk.exe


Deleted

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\ycjvibvo.exe


Infected with: GenPack:Trojan.Swizzor.BF

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\ycjvibvo.exe


Disinfection failed

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\ycjvibvo.exe


Deleted

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\mdrqvjth.exe


Infected with: GenPack:Trojan.Swizzor.BF

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\mdrqvjth.exe


Disinfection failed

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\mdrqvjth.exe


Deleted

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\rspejudn.exe


Infected with: GenPack:Trojan.Swizzor.BF

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\rspejudn.exe


Disinfection failed

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\rspejudn.exe


Deleted

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\wqucwifu.exe


Infected with: GenPack:Trojan.Swizzor.BF

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\wqucwifu.exe


Disinfection failed

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\wqucwifu.exe


Deleted

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\esbqxtvz.exe


Infected with: GenPack:Trojan.Swizzor.BF

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\esbqxtvz.exe


Disinfection failed

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\esbqxtvz.exe


Deleted

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\sasdtexb.exe


Infected with: GenPack:Trojan.Swizzor.BF

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\sasdtexb.exe


Disinfection failed

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\sasdtexb.exe


Deleted

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\nxwispvf.exe


Infected with: GenPack:Trojan.Swizzor.BF

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\nxwispvf.exe


Disinfection failed

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\nxwispvf.exe


Deleted

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\rgntibtj.exe


Infected with: GenPack:Trojan.Swizzor.BF

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\rgntibtj.exe


Disinfection failed

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\rgntibtj.exe


Deleted

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\jkdrbcuv.exe


Infected with: GenPack:Trojan.Swizzor.BF

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\jkdrbcuv.exe


Disinfection failed

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\jkdrbcuv.exe


Deleted

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\huzdldvx.exe


Infected with: GenPack:Trojan.Swizzor.BF

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\huzdldvx.exe


Disinfection failed

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\huzdldvx.exe


Deleted

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\rbogdelw.exe


Infected with: GenPack:Trojan.Swizzor.BF

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\rbogdelw.exe


Disinfection failed

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\rbogdelw.exe


Deleted

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\perolsug.exe


Infected with: GenPack:Trojan.Swizzor.BF

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\perolsug.exe


Disinfection failed

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\perolsug.exe


Deleted

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\wqhayzcv.exe


Infected with: GenPack:Trojan.Swizzor.BF

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\wqhayzcv.exe


Disinfection failed

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\wqhayzcv.exe


Deleted

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\xaxnyjqd.exe


Infected with: GenPack:Trojan.Swizzor.BF

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\xaxnyjqd.exe


Disinfection failed

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\xaxnyjqd.exe


Deleted

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\wzlvepxc.exe


Infected with: GenPack:Trojan.Swizzor.BF

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\wzlvepxc.exe


Disinfection failed

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\wzlvepxc.exe


Deleted

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\pepqjmkf.exe


Infected with: GenPack:Trojan.Swizzor.BF

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\pepqjmkf.exe


Disinfection failed

C:\Documents and Settings\CHAUSSAVOINE\Application Data\Else plus\pepqjmkf.exe


Deleted

C:\Program Files\MyWebSearch\bar\1.bin\M3PLUGIN.DLL


Detected with: Adware.ToolBar.MyWebSearch.L

C:\Program Files\MyWebSearch\bar\1.bin\M3PLUGIN.DLL


Disinfection failed

C:\Program Files\MyWebSearch\bar\1.bin\M3PLUGIN.DLL


Deleted

C:\Program Files\mailskinner\OESkinner.dll


Infected with: Trojan.Mailskinner.DLL

C:\Program Files\mailskinner\OESkinner.dll


Disinfection failed

C:\Program Files\mailskinner\OESkinner.dll


Deleted

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506621.bat


Infected with: BAT.Installer.A

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506621.bat


Disinfection failed

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506621.bat


Deleted

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506622.exe


Infected with: GenPack:Trojan.Swizzor.BF

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506622.exe


Disinfection failed

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506622.exe


Deleted

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506623.exe


Infected with: GenPack:Trojan.Swizzor.BF

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506623.exe


Disinfection failed

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506623.exe


Deleted

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506624.exe


Infected with: GenPack:Trojan.Swizzor.BF

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506624.exe


Disinfection failed

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506624.exe


Deleted

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506625.exe


Infected with: GenPack:Trojan.Swizzor.BF

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506625.exe


Disinfection failed

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506625.exe


Deleted

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506626.exe


Infected with: GenPack:Trojan.Swizzor.BF

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506626.exe


Disinfection failed

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506626.exe


Deleted

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506627.exe


Infected with: GenPack:Trojan.Swizzor.BF

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506627.exe


Disinfection failed

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506627.exe


Deleted

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506628.exe


Infected with: Trojan.Downloader.Swizzor.DV

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506628.exe


Deleted

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506629.exe


Infected with: GenPack:Trojan.Swizzor.BF

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506629.exe


Disinfection failed

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506629.exe


Deleted

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506630.exe


Infected with: GenPack:Trojan.Swizzor.BF

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506630.exe


Disinfection failed

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506630.exe


Deleted

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506631.exe


Infected with: GenPack:Trojan.Swizzor.BF

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506631.exe


Disinfection failed

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506631.exe


Deleted

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506632.exe


Infected with: GenPack:Trojan.Swizzor.BF

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506632.exe


Disinfection failed

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506632.exe


Deleted

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506633.exe


Infected with: GenPack:Trojan.Swizzor.BF

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506633.exe


Disinfection failed

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506633.exe


Deleted

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506634.exe


Infected with: GenPack:Trojan.Swizzor.BF

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506634.exe


Disinfection failed

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506634.exe


Deleted

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506635.exe


Infected with: GenPack:Trojan.Swizzor.BF

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506635.exe


Disinfection failed

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506635.exe


Deleted

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506636.exe


Infected with: GenPack:Trojan.Swizzor.BF

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506636.exe


Disinfection failed

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506636.exe


Deleted

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506637.exe


Infected with: GenPack:Trojan.Swizzor.BF

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506637.exe


Disinfection failed

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506637.exe


Deleted

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506638.exe


Infected with: GenPack:Trojan.Swizzor.BF

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506638.exe


Disinfection failed

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506638.exe


Deleted

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506639.exe


Infected with: GenPack:Trojan.Swizzor.BF

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506639.exe


Disinfection failed

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506639.exe


Deleted

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506640.exe


Infected with: Trojan.Downloader.Swizzor.DV

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506640.exe


Deleted

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506641.exe


Infected with: GenPack:Trojan.Swizzor.CL

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506641.exe


Disinfection failed

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506641.exe


Deleted

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506642.exe


Infected with: GenPack:Trojan.Swizzor.BF

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506642.exe


Disinfection failed

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506642.exe


Deleted

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506643.exe


Infected with: GenPack:Trojan.Swizzor.BF

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506643.exe


Disinfection failed

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506643.exe


Deleted

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506644.exe


Infected with: GenPack:Trojan.Swizzor.BF

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506644.exe


Disinfection failed

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506644.exe


Deleted

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506645.exe


Infected with: GenPack:Trojan.Swizzor.BF

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506645.exe


Disinfection failed

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506645.exe


Deleted

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506646.exe


Infected with: GenPack:Trojan.Swizzor.BF

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506646.exe


Disinfection failed

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506646.exe


Deleted

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506647.exe


Infected with: GenPack:Trojan.Swizzor.BF

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506647.exe


Disinfection failed

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506647.exe


Deleted

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506648.exe


Infected with: GenPack:Trojan.Swizzor.BF

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506648.exe


Disinfection failed

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506648.exe


Deleted

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506649.exe


Infected with: GenPack:Trojan.Swizzor.BF

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506649.exe


Disinfection failed

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506649.exe


Deleted

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506650.exe


Infected with: GenPack:Trojan.Swizzor.BF

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506650.exe


Disinfection failed

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506650.exe


Deleted

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506651.exe


Infected with: GenPack:Trojan.Swizzor.BF

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506651.exe


Disinfection failed

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506651.exe


Deleted

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506652.exe


Infected with: GenPack:Trojan.Swizzor.BF

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506652.exe


Disinfection failed

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506652.exe


Deleted

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506653.exe


Infected with: GenPack:Trojan.Swizzor.BF

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506653.exe


Disinfection failed

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506653.exe


Deleted

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506654.exe


Infected with: GenPack:Trojan.Swizzor.BF

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506654.exe


Disinfection failed

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506654.exe


Deleted

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506655.exe


Infected with: GenPack:Trojan.Swizzor.BF

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506655.exe


Disinfection failed

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506655.exe


Deleted

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506656.exe


Infected with: GenPack:Trojan.Swizzor.BF

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506656.exe


Disinfection failed

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506656.exe


Deleted

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506657.exe


Infected with: GenPack:Trojan.Swizzor.BF

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506657.exe


Disinfection failed

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506657.exe


Deleted

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506658.exe


Infected with: GenPack:Trojan.Swizzor.BF

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506658.exe


Disinfection failed

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506658.exe


Deleted

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506659.DLL


Detected with: Adware.ToolBar.MyWebSearch.L

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506659.DLL


Disinfection failed

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506659.DLL


Deleted

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506660.dll


Infected with: Trojan.Mailskinner.DLL

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506660.dll


Disinfection failed

C:\System Volume Information\_restore{0863191E-1F64-456A-A135-E2605EBC1D45}\RP1009\A0506660.dll


Deleted

c grave?
merci
a+
0
Réponse 10 / 34
Marie-kiri Messages postés 67 Date d'inscription   Statut Membre Dernière intervention   1
 
je te poste le rapport Hijackthis que je viens de faire.
ca fait beaucoup de boulot qd mm!!

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 18:07:55, on 14/05/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Palm\Hotsync.exe
C:\Program Files\Sitecom\Logiciel Bluetooth\BTTray.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Sitecom\Logiciel Bluetooth\bin\btwdins.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
C:\Documents and Settings\CHAUSSAVOINE\Bureau\anti-virus\HiJackThis_v2.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O2 - BHO: (no name) - {584993D2-B1F1-8CE4-2611-446648054C3B} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [KAVPersonal50] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe" /minimize
O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKLM\..\Policies\Explorer\Run: [homepage.monitor.exe] C:\Program Files\iCodecPack\isamonitor.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Outil de détection de support de Cyber-shot Viewer.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O4 - Global Startup: HOTSYNCSHORTCUTNAME.lnk = C:\Program Files\Palm\Hotsync.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: AVG Anti-Spyware 7.5
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZS
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\Sitecom\Logiciel Bluetooth\btsendto_ie_ctx.htm
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?6510ede6b15d45c2a2f0d1d2b2437e73
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?6510ede6b15d45c2a2f0d1d2b2437e73
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Sitecom\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Sitecom\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: AdsGone - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\Program Files\AdsGone\adsgone (file missing)
O9 - Extra 'Tools' menuitem: &AdsGone Settings - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\Program Files\AdsGone\adsgone (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O18 - Filter hijack: text/html - (no CLSID) - (no file)
O21 - SSODL: considerateness - {4d993022-0899-4599-b4b6-0f887d0802e6} - (no file)
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: considerateness - {4d993022-0899-4599-b4b6-0f887d0802e6} - (no file)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation - C:\Program Files\Sitecom\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Administration IIS (IISADMIN) - Unknown owner - C:\WINDOWS\system32\inetsrv\inetinfo.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
O23 - Service: kavsvc - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NMSAccess - Unknown owner - C:\Program Files\CDBurnerXP Pro 3\Tools\NMSAccess.exe (file missing)
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Simple Mail Transfer Protocol (SMTP) (SMTPSVC) - Unknown owner - C:\WINDOWS\system32\inetsrv\inetinfo.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Publication World Wide Web (W3SVC) - Unknown owner - C:\WINDOWS\system32\inetsrv\inetinfo.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe
O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe
0
Réponse 11 / 34
green day Messages postés 26374 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   2 163
 
ok, où en sont tes soucis ???

++
0
Réponse 12 / 34
Marie-kiri Messages postés 67 Date d'inscription   Statut Membre Dernière intervention   1
 
re
il est bcp plus rapide mais il fait toujours autant de bruit, je pense qu'un des ventilateurs doit etre changer.
que dise les différents rapport que j'ai posté?
merci
++
0
Réponse 13 / 34
green day Messages postés 26374 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   2 163
 
Beaucoup de saletés, mais ils ont été supprimé !

# Désactiver la Restauration du système

* Cliquez sur le bouton Démarrer.
* Cliquez avec le bouton droit de la souris sur Poste de travail puis cliquez sur Propriétés.
* Dans l'onglet Restauration du système, sélectionnez l'option Désactiver la Restauration du système ou Désactiver la Restauration du système sur tous les lecteurs

( tu pourras la réactivé à la fin de la manip )


# Relance HijackThis : choisis " do a scan only" coche la case devant les lignes ci-dessous et clique en bas sur "fix checked" :

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC


R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC

R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
R3 - URLSearchHook: (no name) - - (no file)

O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O2 - BHO: (no name) - {584993D2-B1F1-8CE4-2611-446648054C3B} - (no file)


O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1

O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZS
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm

O22 - SharedTaskScheduler: considerateness - {4d993022-0899-4599-b4b6-0f887d0802e6} - (no file)

ensuite cherche et supprime ce logiciel :

MyWebSearch Search

et enfin :

# Télécharge ceci: (merci a S!RI pour ce petit programme).

http://siri.urz.free.fr/Fix/SmitfraudFix.zip

Exécute le, Double click sur Smitfraudfix.cmd choisit l’option 1,
voila a quoi cela ressemble : http://siri.urz.free.fr/Fix/SmitfraudFix.php
il va générer un rapport : copie/colle le sur le poste stp.


@+

La sagesse, c'est d'avoir des rêves suffisamment grands pour ne pas les
perdre de vue lorsqu'on les poursuit. (Oscar Wilde)
0
Réponse 14 / 34
Marie-kiri Messages postés 67 Date d'inscription   Statut Membre Dernière intervention   1
 
j'ai un message d'erreur qui s'affiche qd je veux supprimer MyWebsearch. le message dit : impossible de supprimer MWSBAR.DLL
j'ai chercher dans ajout/suppression de programme, je le trouve pas. comment faire pour le supprimer?
merci
++
0
Réponse 15 / 34
green day Messages postés 26374 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   2 163
 
ok, passe à la suite; on verra au fur et à mesure !

++
0
Réponse 16 / 34
Marie-kiri Messages postés 67 Date d'inscription   Statut Membre Dernière intervention   1
 
voila le rapprt:

SmitFraudFix v2.181

Rapport fait à 19:45:55,10, 14/05/2007
Executé à partir de C:\Documents and Settings\CHAUSSAVOINE\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est FAT32
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\windows\system32\pvwgnut.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Palm\Hotsync.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Sitecom\Logiciel Bluetooth\bin\btwdins.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\cmd.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts


»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\CHAUSSAVOINE


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\CHAUSSAVOINE\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer


»»»»»»»»»»»»»»»»»»»»»»»»


»»»»»»»»»»»»»»»»»»»»»»»» Bureau


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files


»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues


»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"


»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» pe386-msguard-lzx32-huy32



»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: Realtek RTL8139/810x Family Fast Ethernet NIC #2 - Miniport d'ordonnancement de paquets
DNS Server Search Order: 212.27.54.252
DNS Server Search Order: 212.27.53.252

Description: Realtek RTL8139/810x Family Fast Ethernet NIC #2 - Miniport d'ordonnancement de paquets
DNS Server Search Order: 212.27.54.252
DNS Server Search Order: 212.27.53.252

HKLM\SYSTEM\CCS\Services\Tcpip\..\{4FC48CF4-7B48-4E66-9277-0E8ECE90E3E0}: DhcpNameServer=212.27.54.252 212.27.53.252
HKLM\SYSTEM\CCS\Services\Tcpip\..\{D4060057-96F4-4625-AE5E-1CBD391F47BB}: DhcpNameServer=212.27.54.252 212.27.53.252
HKLM\SYSTEM\CS1\Services\Tcpip\..\{4FC48CF4-7B48-4E66-9277-0E8ECE90E3E0}: DhcpNameServer=212.27.54.252 212.27.53.252
HKLM\SYSTEM\CS1\Services\Tcpip\..\{D4060057-96F4-4625-AE5E-1CBD391F47BB}: DhcpNameServer=212.27.54.252 212.27.53.252
HKLM\SYSTEM\CS3\Services\Tcpip\..\{4FC48CF4-7B48-4E66-9277-0E8ECE90E3E0}: DhcpNameServer=212.27.54.252 212.27.53.252
HKLM\SYSTEM\CS3\Services\Tcpip\..\{D4060057-96F4-4625-AE5E-1CBD391F47BB}: DhcpNameServer=212.27.54.252 212.27.53.252
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=212.27.54.252 212.27.53.252
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=212.27.54.252 212.27.53.252
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=212.27.54.252 212.27.53.252


»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin

merci de ton aide encore une fois
0
Réponse 17 / 34
green day Messages postés 26374 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   2 163
 
ok,

Télécharge Blacklight (de F-Secure) :

https://europe.f-secure.com/exclude/blacklight/index.shtml

et sauvegarde le sur ton Bureau.

Double-clique blbeta.exe et accepte la licence ;clique Scan puis Next

Tu verras une liste de fichiers détectés apparaître. Tu verras également un rapport, sur ton Bureau, nommé fsbl.xxxxxxx.log (les xxxxxxx sont des chiffres).

Copie et colle le contenu de ce rapport dans ta prochaine réponse

++
0
Réponse 18 / 34
Marie-kiri Messages postés 67 Date d'inscription   Statut Membre Dernière intervention   1
 
voila encore un rapport (ca en fait des rapport de pster en 1 journée!! lol)

05/14/07 19:56:12 [Info]: BlackLight Engine 1.0.61 initialized
05/14/07 19:56:12 [Info]: OS: 5.1 build 2600 (Service Pack 2)
05/14/07 19:56:12 [Note]: 7019 4
05/14/07 19:56:12 [Note]: 7005 0
05/14/07 19:56:28 [Note]: 7006 0
05/14/07 19:56:28 [Note]: 7011 1648
05/14/07 19:56:29 [Note]: 7026 0
05/14/07 19:56:29 [Note]: 7026 0
05/14/07 19:56:29 [Note]: 7015 404
05/14/07 19:56:29 [Note]: 7015 5
05/14/07 19:56:29 [Note]: 7015 1236
05/14/07 19:56:29 [Note]: 7015 5
05/14/07 19:56:29 [Note]: 7015 1764
05/14/07 19:56:29 [Note]: 7015 5
05/14/07 19:56:29 [Note]: 7024 3
05/14/07 19:56:29 [Info]: Hidden process: C:\windows\system32\pvwgnut.exe
05/14/07 19:56:37 [Note]: FSRAW library version 1.7.1021
05/14/07 19:57:01 [Info]: Hidden file: C:\windows\system32\pvwgnut.exe
05/14/07 19:57:02 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\PVWGNUT.DAT
05/14/07 19:57:02 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\PVWGNU~1.DAT
05/14/07 19:57:02 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\PVWGNU~2.DAT


voila
0
Réponse 19 / 34
green day Messages postés 26374 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   2 163
 
Ouep ! mais c'est vite fait à lire :)

tu as encore pas mal de bébétes ...

Prendre connaissance du contenu du lien suivant:
http://www.f-secure.com/products/license-terms/eult_fra.pdf
Tu as donc pris connaissance et accepté les conditions d'utilisations du programme blacklight qui est inclus dans le dossier compressé navilog1.zip que tu vas télécharger.
Maintenant fais un clic droit sur ce lien :
http://perso.orange.fr/il.mafioso/Navifix/navilog1.zip
Enregistrer la cible (du lien) sous... et enregistre-le sur ton bureau.
Fais un clic droit sur navilog1.zip et choisis "tout extraire"
Ensuite double clique sur navilog1.bat
Laisses-toi guider. Au menu principal, choisis 1 et valides.
(ne fais pas le choix 2 sans notre avis/accord)
Patientes jusqu'au message :
*** Analyse Termine le ..... ***
Appuies sur une touche comme demandé, le blocnote va s'ouvrir.
Copies-colles l'intégralité dans une réponse. Refermes le blocnote.
Le rapport est en outre sauvegardé à la racine du disque (fixnavi.txt)

++
0
Réponse 20 / 34
Marie-kiri Messages postés 67 Date d'inscription   Statut Membre Dernière intervention   1
 
je ne peu pas "tout extraire", un message me dit "aucune archive trouvée"
kes ke je doi faire?
++
0

Discussions similaires

Impossible d'afficher le rapport de tableau croisé dynamique sur un rapport
Utilisateur anonyme -
TomH. -

13 réponses
écrire un rapport de travail
asi -
REGINALD -

3 réponses
impossible d'afficher le tableau dynamique sur un rapport existant
Pierre -
Adrien71 -

3 réponses
Problém affichage du tableau croisé dynamique
BK -
Raymond PENTIER -

2 réponses
Tableau croisé dynamique
Joh67 -
Joh67 -

2 réponses