Tout est bloqué
Résolu
espoooir
Messages postés
131
Date d'inscription
Statut
Membre
Dernière intervention
-
espoooir Messages postés 131 Date d'inscription Statut Membre Dernière intervention -
espoooir Messages postés 131 Date d'inscription Statut Membre Dernière intervention -
Bonjour,
J'ai un grand problème !! mon pc deviens trés lent et je ne pouvais ni ouvrire le gestionnaire de tache ni le registre ni faire la restauration du système ,ni encore afficher mes dossiers cacher en fin tout est bloqué ...
j'ai AVG comme un anti virus .
S'il te plais aidez moi car je ne veux pas le formater .
Merci
J'ai un grand problème !! mon pc deviens trés lent et je ne pouvais ni ouvrire le gestionnaire de tache ni le registre ni faire la restauration du système ,ni encore afficher mes dossiers cacher en fin tout est bloqué ...
j'ai AVG comme un anti virus .
S'il te plais aidez moi car je ne veux pas le formater .
Merci
A voir également:
- Tout est bloqué
- Code puk bloqué - Guide
- Téléphone bloqué code verrouillage - Guide
- Pavé tactile bloqué - Guide
- Compte gmail bloqué - Guide
- Comment savoir si on est bloqué sur messenger - Guide
164 réponses
Le rapport ToolBar S&D .
-----------\\ ToolBar S&D 1.2.8 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.00GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : yasmin ( Administrator )
BOOT : Normal boot
Antivirus : AVG Anti-Virus Free 8.5 (Activated)
A:\ (USB)
C:\ (Local Disk) - FAT32 - Total:26 Go (Free:13 Go)
D:\ (Local Disk) - FAT32 - Total:24 Go (Free:4 Go)
E:\ (Local Disk) - FAT32 - Total:24 Go (Free:23 Go)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)
J:\ (CD or DVD)
"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [1] ( 04/07/2009|21:40 )
-----------\\ Recherche de Fichiers / Dossiers ...
C:\Program Files\P2P_Energy
C:\Program Files\P2P_Energy\UNWISE.EXE
C:\Program Files\P2P_Energy\toolbar.cfg
C:\Program Files\P2P_Energy\tbP2P_.dll
C:\Program Files\P2P_Energy\INSTALL.LOG
-----------\\ Extensions
(khaled) - {c95a4e8e-816d-4655-8c79-d736da1adb6d} => hotspot_shield
(khaled) - {991A772A-BA13-4c1d-A9EF-F897F31DEC7D} => megaupload
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="https://www.google.dz/?gws_rd=ssl"
"Start Page Redirect Cache"="https://www.msn.com/fr-fr?ocid=iehp"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="http://french.ircfast.com/fr/index.php?rvs=hompag"
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="http://french.ircfast.com/fr/index.php?rvs=hompag"
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
1 - "C:\ToolBar SD\TB_1.txt" - 19/06/2009|18:36 - Option : [2]
2 - "C:\ToolBar SD\TB_2.txt" - 04/07/2009|21:40 - Option : [1]
3 - "C:\ToolBar SD\TB_3.txt" - 04/07/2009|21:41 - Option : [1]
-----------\\ Fin du rapport a 21:41:28,04
-----------\\ ToolBar S&D 1.2.8 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.00GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : yasmin ( Administrator )
BOOT : Normal boot
Antivirus : AVG Anti-Virus Free 8.5 (Activated)
A:\ (USB)
C:\ (Local Disk) - FAT32 - Total:26 Go (Free:13 Go)
D:\ (Local Disk) - FAT32 - Total:24 Go (Free:4 Go)
E:\ (Local Disk) - FAT32 - Total:24 Go (Free:23 Go)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)
J:\ (CD or DVD)
"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [1] ( 04/07/2009|21:40 )
-----------\\ Recherche de Fichiers / Dossiers ...
C:\Program Files\P2P_Energy
C:\Program Files\P2P_Energy\UNWISE.EXE
C:\Program Files\P2P_Energy\toolbar.cfg
C:\Program Files\P2P_Energy\tbP2P_.dll
C:\Program Files\P2P_Energy\INSTALL.LOG
-----------\\ Extensions
(khaled) - {c95a4e8e-816d-4655-8c79-d736da1adb6d} => hotspot_shield
(khaled) - {991A772A-BA13-4c1d-A9EF-F897F31DEC7D} => megaupload
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="https://www.google.dz/?gws_rd=ssl"
"Start Page Redirect Cache"="https://www.msn.com/fr-fr?ocid=iehp"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="http://french.ircfast.com/fr/index.php?rvs=hompag"
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="http://french.ircfast.com/fr/index.php?rvs=hompag"
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
1 - "C:\ToolBar SD\TB_1.txt" - 19/06/2009|18:36 - Option : [2]
2 - "C:\ToolBar SD\TB_2.txt" - 04/07/2009|21:40 - Option : [1]
3 - "C:\ToolBar SD\TB_3.txt" - 04/07/2009|21:41 - Option : [1]
-----------\\ Fin du rapport a 21:41:28,04
Evite P2P energy... !
Et le P2P tout court !!!
Sinon, on n'aura jamais terminé.
Peux-tu me faire un topo sur l'état du PC stp.
**********
Nettoyage avec ToolBar S&D :
!! Déconnectes toi et fermes toute tes applications en cours le temps de la manipulation !!
* Relance Toolbar-S&D par double clique sur le raccourci
* Tape l’option 2 (Nettoyage) puis tapes sur Entrée.
Notes :
=>Ne touche à rien lors de la suppression !
Un rapport sera généré à la fin du processus : postes l’intégralité de son contenu dans ta prochaine réponse
accompagné d’un nouveau rapport RSIT pour analyse ...
Et le P2P tout court !!!
Sinon, on n'aura jamais terminé.
Peux-tu me faire un topo sur l'état du PC stp.
**********
Nettoyage avec ToolBar S&D :
!! Déconnectes toi et fermes toute tes applications en cours le temps de la manipulation !!
* Relance Toolbar-S&D par double clique sur le raccourci
* Tape l’option 2 (Nettoyage) puis tapes sur Entrée.
Notes :
=>Ne touche à rien lors de la suppression !
Un rapport sera généré à la fin du processus : postes l’intégralité de son contenu dans ta prochaine réponse
accompagné d’un nouveau rapport RSIT pour analyse ...
Le rapport ToolBar S&D
-----------\\ ToolBar S&D 1.2.8 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.00GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : yasmin ( Administrator )
BOOT : Normal boot
Antivirus : AVG Anti-Virus Free 8.5 (Activated)
A:\ (USB)
C:\ (Local Disk) - FAT32 - Total:26 Go (Free:13 Go)
D:\ (Local Disk) - FAT32 - Total:24 Go (Free:4 Go)
E:\ (Local Disk) - FAT32 - Total:24 Go (Free:23 Go)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)
J:\ (CD or DVD)
"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [2] ( 05/07/2009| 0:50 )
-----------\\ SUPPRESSION
Supprime! - C:\Program Files\P2P_Energy
-----------\\ Recherche de Fichiers / Dossiers ...
-----------\\ Extensions
(khaled) - {c95a4e8e-816d-4655-8c79-d736da1adb6d} => hotspot_shield
(khaled) - {991A772A-BA13-4c1d-A9EF-F897F31DEC7D} => megaupload
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="https://www.google.dz/?gws_rd=ssl"
"Start Page Redirect Cache"="https://www.msn.com/fr-fr?ocid=iehp"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="http://french.ircfast.com/fr/index.php?rvs=hompag"
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="https://www.msn.com/fr-fr/"
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
1 - "C:\ToolBar SD\TB_1.txt" - 19/06/2009|18:36 - Option : [2]
2 - "C:\ToolBar SD\TB_2.txt" - 04/07/2009|21:40 - Option : [1]
3 - "C:\ToolBar SD\TB_3.txt" - 04/07/2009|21:41 - Option : [1]
4 - "C:\ToolBar SD\TB_4.txt" - 05/07/2009| 0:50 - Option : [2]
-----------\\ Fin du rapport a 0:51:00,01
-----------\\ ToolBar S&D 1.2.8 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.00GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : yasmin ( Administrator )
BOOT : Normal boot
Antivirus : AVG Anti-Virus Free 8.5 (Activated)
A:\ (USB)
C:\ (Local Disk) - FAT32 - Total:26 Go (Free:13 Go)
D:\ (Local Disk) - FAT32 - Total:24 Go (Free:4 Go)
E:\ (Local Disk) - FAT32 - Total:24 Go (Free:23 Go)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)
J:\ (CD or DVD)
"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [2] ( 05/07/2009| 0:50 )
-----------\\ SUPPRESSION
Supprime! - C:\Program Files\P2P_Energy
-----------\\ Recherche de Fichiers / Dossiers ...
-----------\\ Extensions
(khaled) - {c95a4e8e-816d-4655-8c79-d736da1adb6d} => hotspot_shield
(khaled) - {991A772A-BA13-4c1d-A9EF-F897F31DEC7D} => megaupload
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="https://www.google.dz/?gws_rd=ssl"
"Start Page Redirect Cache"="https://www.msn.com/fr-fr?ocid=iehp"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="http://french.ircfast.com/fr/index.php?rvs=hompag"
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="https://www.msn.com/fr-fr/"
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
1 - "C:\ToolBar SD\TB_1.txt" - 19/06/2009|18:36 - Option : [2]
2 - "C:\ToolBar SD\TB_2.txt" - 04/07/2009|21:40 - Option : [1]
3 - "C:\ToolBar SD\TB_3.txt" - 04/07/2009|21:41 - Option : [1]
4 - "C:\ToolBar SD\TB_4.txt" - 05/07/2009| 0:50 - Option : [2]
-----------\\ Fin du rapport a 0:51:00,01
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Et le rapport RSIT ....
Logfile of random's system information tool 1.06 (written by random/random)
Run by yasmin at 2009-07-05 00:53:18
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 14 GB (52%) free of 27 GB
Total RAM: 991 MB (49% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:53:27, on 05/07/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\rnamfler\naofsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\CYB2K.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Documents and Settings\yasmin.BINGOOOO\Bureau\RSIT.exe
C:\Program Files\trend micro\yasmin.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.dz/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://french.ircfast.com/fr/index.php?rvs=hompag
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\YAHOO!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Ask.com Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\YAHOO!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O3 - Toolbar: Ask.com Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [scvhost] mirc.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [C2K] C:\WINDOWS\CYB2K.EXE
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RESEAU')
O4 - HKUS\S-1-5-21-1085031214-1409082233-682003330-1003\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background (User 'khaled')
O4 - HKUS\S-1-5-21-1085031214-1409082233-682003330-1003\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet (User 'khaled')
O4 - HKUS\S-1-5-21-1085031214-1409082233-682003330-1003\..\Run: [HiChatter] C:\Program Files\Beyluxe Messenger\beyluxe messenger.exe (User 'khaled')
O4 - HKUS\S-1-5-21-1085031214-1409082233-682003330-1003\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized (User 'khaled')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Add to VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\PROGRA~1\NUCLEA~1\VideoGet\Plugins\VIDEOG~1.DLL
O9 - Extra 'Tools' menuitem: Add to &VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\PROGRA~1\NUCLEA~1\VideoGet\Plugins\VIDEOG~1.DLL
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Communication Services (CCOMSVC) - Unknown owner - C:\WINDOWS\CComSvc.exe (file missing)
O23 - Service: Service Google Update (gupdate1c9f0feeee88006) (gupdate1c9f0feeee88006) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Office Source Engine (ose) - Unknown owner - C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE (file missing)
O23 - Service: RdnaoFlSvc - Unknown owner - C:\Program Files\rnamfler\naofsvc.exe
O23 - Service: ServiceLayer - Unknown owner - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (file missing)
Logfile of random's system information tool 1.06 (written by random/random)
Run by yasmin at 2009-07-05 00:53:18
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 14 GB (52%) free of 27 GB
Total RAM: 991 MB (49% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:53:27, on 05/07/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\rnamfler\naofsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\CYB2K.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Documents and Settings\yasmin.BINGOOOO\Bureau\RSIT.exe
C:\Program Files\trend micro\yasmin.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.dz/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://french.ircfast.com/fr/index.php?rvs=hompag
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\YAHOO!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Ask.com Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\YAHOO!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O3 - Toolbar: Ask.com Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [scvhost] mirc.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [C2K] C:\WINDOWS\CYB2K.EXE
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RESEAU')
O4 - HKUS\S-1-5-21-1085031214-1409082233-682003330-1003\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background (User 'khaled')
O4 - HKUS\S-1-5-21-1085031214-1409082233-682003330-1003\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet (User 'khaled')
O4 - HKUS\S-1-5-21-1085031214-1409082233-682003330-1003\..\Run: [HiChatter] C:\Program Files\Beyluxe Messenger\beyluxe messenger.exe (User 'khaled')
O4 - HKUS\S-1-5-21-1085031214-1409082233-682003330-1003\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized (User 'khaled')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Add to VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\PROGRA~1\NUCLEA~1\VideoGet\Plugins\VIDEOG~1.DLL
O9 - Extra 'Tools' menuitem: Add to &VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\PROGRA~1\NUCLEA~1\VideoGet\Plugins\VIDEOG~1.DLL
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Communication Services (CCOMSVC) - Unknown owner - C:\WINDOWS\CComSvc.exe (file missing)
O23 - Service: Service Google Update (gupdate1c9f0feeee88006) (gupdate1c9f0feeee88006) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Office Source Engine (ose) - Unknown owner - C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE (file missing)
O23 - Service: RdnaoFlSvc - Unknown owner - C:\Program Files\rnamfler\naofsvc.exe
O23 - Service: ServiceLayer - Unknown owner - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (file missing)
J'ai ce message quand j'ai voulu réinstaller oovoo ....
"Erreur de CRC : Le fichier C:\Programme Filles\oovoo\oovoo.exe ne correspond pas au fichier dans le fichier.cab de l'assistant d'installation. Le support à partir duquel vous exécutez l'installation est peut être altéré;contactez votre revendeur de logiciel."
Abandonner Recommencer Ignore
"Erreur de CRC : Le fichier C:\Programme Filles\oovoo\oovoo.exe ne correspond pas au fichier dans le fichier.cab de l'assistant d'installation. Le support à partir duquel vous exécutez l'installation est peut être altéré;contactez votre revendeur de logiciel."
Abandonner Recommencer Ignore
/!\ Procédure réservée à espoooir. Ne tentez pas de la reproduire si vous avez un problème similaire sous peine de planter votre machine /!\
Télécharge OTM (de Old_Timer) sur ton Bureau.
= = = = >>> En cliquant ici <<< = = = =
Une fois installé sur le bureau, double-clique sur OTMoveIt.exe pour le lancer.
Assure toi que la case Unregister Dll’s and Ocx’s soit bien cochée
Copie la liste qui se trouve en gras ci-dessous, et colle-la dans le cadre de gauche de OTMoveIt :
Paste Instructions for Items to be moved.
:Processes
explorer.exe
:Services
abp470n5
FXDRV
FXDrv32
:Files
C:\Program Files\Ask.com
C:\Windows\system32\mirc.exe
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
C:\32788R22FWJFW.0.tmp
:reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D4027C7F-154A-4066-A1AD-4243D8127440}=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
:Commands
[purity]
[emptytemp]
[Reboot]
Clique sur MoveIt! pour lancer la suppression.
Après avoir fait Moveit!, une fenêtre s’affiche :
"The system requires a reboot to finish removing files. Do you want to reboot now ?"
Réponds Yes.
Le résultat apparaîtra dans le cadre "Results".
Clique sur Exit pour fermer.
Poste le rapport situé dans C:\_OTMoveIt\MovedFiles.
Télécharge OTM (de Old_Timer) sur ton Bureau.
= = = = >>> En cliquant ici <<< = = = =
Une fois installé sur le bureau, double-clique sur OTMoveIt.exe pour le lancer.
Assure toi que la case Unregister Dll’s and Ocx’s soit bien cochée
Copie la liste qui se trouve en gras ci-dessous, et colle-la dans le cadre de gauche de OTMoveIt :
Paste Instructions for Items to be moved.
:Processes
explorer.exe
:Services
abp470n5
FXDRV
FXDrv32
:Files
C:\Program Files\Ask.com
C:\Windows\system32\mirc.exe
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
C:\32788R22FWJFW.0.tmp
:reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D4027C7F-154A-4066-A1AD-4243D8127440}=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
:Commands
[purity]
[emptytemp]
[Reboot]
Clique sur MoveIt! pour lancer la suppression.
Après avoir fait Moveit!, une fenêtre s’affiche :
"The system requires a reboot to finish removing files. Do you want to reboot now ?"
Réponds Yes.
Le résultat apparaîtra dans le cadre "Results".
Clique sur Exit pour fermer.
Poste le rapport situé dans C:\_OTMoveIt\MovedFiles.
Bonjour ,
Le rapport OTM ...
All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== SERVICES/DRIVERS ==========
Service\Driver abp470n5 deleted successfully.
Service\Driver FXDRV deleted successfully.
Service\Driver FXDrv32 deleted successfully.
========== FILES ==========
C:\Program Files\Ask.com moved successfully.
File/Folder C:\Windows\system32\mirc.exe not found.
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job moved successfully.
C:\32788R22FWJFW.0.tmp\N_ moved successfully.
C:\32788R22FWJFW.0.tmp\License moved successfully.
C:\32788R22FWJFW.0.tmp moved successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: All Users
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: khaled
->Temp folder emptied: 731297694 bytes
->Temporary Internet Files folder emptied: 28380761 bytes
->Java cache emptied: 22392198 bytes
->FireFox cache emptied: 7134411 bytes
->Google Chrome cache emptied: 6393571 bytes
User: Administrateur
->Temporary Internet Files folder emptied: 32768 bytes
User: Administrateur.BINGOOOO
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: yasmin.BINGOOOO
File delete failed. C:\Documents and Settings\yasmin.BINGOOOO\Local Settings\Temp\~DFEC40.tmp scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\yasmin.BINGOOOO\Local Settings\Temp\~DFED0B.tmp scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\yasmin.BINGOOOO\Local Settings\Temp\BIT50.tmp scheduled to be deleted on reboot.
->Temp folder emptied: 255772839 bytes
->Temporary Internet Files folder emptied: 7988130 bytes
->Google Chrome cache emptied: 577 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2133582 bytes
%systemroot%\System32 .tmp files removed: 3072 bytes
Windows Temp folder emptied: 462 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 1012,45 mb
OTM by OldTimer - Version 3.0.0.4 log created on 07052009_191457
Files moved on Reboot...
File C:\Documents and Settings\yasmin.BINGOOOO\Local Settings\Temp\~DFEC40.tmp not found!
File C:\Documents and Settings\yasmin.BINGOOOO\Local Settings\Temp\~DFED0B.tmp not found!
C:\Documents and Settings\yasmin.BINGOOOO\Local Settings\Temp\BIT50.tmp moved successfully.
Registry entries deleted on Reboot...
Le rapport OTM ...
All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== SERVICES/DRIVERS ==========
Service\Driver abp470n5 deleted successfully.
Service\Driver FXDRV deleted successfully.
Service\Driver FXDrv32 deleted successfully.
========== FILES ==========
C:\Program Files\Ask.com moved successfully.
File/Folder C:\Windows\system32\mirc.exe not found.
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job moved successfully.
C:\32788R22FWJFW.0.tmp\N_ moved successfully.
C:\32788R22FWJFW.0.tmp\License moved successfully.
C:\32788R22FWJFW.0.tmp moved successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: All Users
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: khaled
->Temp folder emptied: 731297694 bytes
->Temporary Internet Files folder emptied: 28380761 bytes
->Java cache emptied: 22392198 bytes
->FireFox cache emptied: 7134411 bytes
->Google Chrome cache emptied: 6393571 bytes
User: Administrateur
->Temporary Internet Files folder emptied: 32768 bytes
User: Administrateur.BINGOOOO
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: yasmin.BINGOOOO
File delete failed. C:\Documents and Settings\yasmin.BINGOOOO\Local Settings\Temp\~DFEC40.tmp scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\yasmin.BINGOOOO\Local Settings\Temp\~DFED0B.tmp scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\yasmin.BINGOOOO\Local Settings\Temp\BIT50.tmp scheduled to be deleted on reboot.
->Temp folder emptied: 255772839 bytes
->Temporary Internet Files folder emptied: 7988130 bytes
->Google Chrome cache emptied: 577 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2133582 bytes
%systemroot%\System32 .tmp files removed: 3072 bytes
Windows Temp folder emptied: 462 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 1012,45 mb
OTM by OldTimer - Version 3.0.0.4 log created on 07052009_191457
Files moved on Reboot...
File C:\Documents and Settings\yasmin.BINGOOOO\Local Settings\Temp\~DFEC40.tmp not found!
File C:\Documents and Settings\yasmin.BINGOOOO\Local Settings\Temp\~DFED0B.tmp not found!
C:\Documents and Settings\yasmin.BINGOOOO\Local Settings\Temp\BIT50.tmp moved successfully.
Registry entries deleted on Reboot...
ça a l'air pas mal.
Envoie un nouveau rapport RSIT.
On finit ce soir.
Je serai absent à partir de demain...
Envoie un nouveau rapport RSIT.
On finit ce soir.
Je serai absent à partir de demain...
Le rapport RSIT..
Logfile of random's system information tool 1.06 (written by random/random)
Run by yasmin at 2009-07-05 20:03:20
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 15 GB (55%) free of 27 GB
Total RAM: 991 MB (38% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:03:29, on 05/07/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\rnamfler\naofsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\CYB2K.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Documents and Settings\yasmin.BINGOOOO\Bureau\RSIT.exe
C:\Program Files\trend micro\yasmin.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.dz/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://french.ircfast.com/fr/index.php?rvs=hompag
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\YAHOO!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\YAHOO!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [scvhost] mirc.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [C2K] C:\WINDOWS\CYB2K.EXE
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [oovoo.exe] C:\Program Files\ooVoo\oovoo.exe /minimized
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RESEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Add to VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\PROGRA~1\NUCLEA~1\VideoGet\Plugins\VIDEOG~1.DLL
O9 - Extra 'Tools' menuitem: Add to &VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\PROGRA~1\NUCLEA~1\VideoGet\Plugins\VIDEOG~1.DLL
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{61660CE9-6389-40FF-AE67-69FC1A27B687}: NameServer = 41.221.20.4 213.140.2.12
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Communication Services (CCOMSVC) - Unknown owner - C:\WINDOWS\CComSvc.exe (file missing)
O23 - Service: Service Google Update (gupdate1c9f0feeee88006) (gupdate1c9f0feeee88006) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Office Source Engine (ose) - Unknown owner - C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE (file missing)
O23 - Service: RdnaoFlSvc - Unknown owner - C:\Program Files\rnamfler\naofsvc.exe
O23 - Service: ServiceLayer - Unknown owner - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (file missing)
Logfile of random's system information tool 1.06 (written by random/random)
Run by yasmin at 2009-07-05 20:03:20
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 15 GB (55%) free of 27 GB
Total RAM: 991 MB (38% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:03:29, on 05/07/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\rnamfler\naofsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\CYB2K.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Documents and Settings\yasmin.BINGOOOO\Bureau\RSIT.exe
C:\Program Files\trend micro\yasmin.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.dz/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://french.ircfast.com/fr/index.php?rvs=hompag
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\YAHOO!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\YAHOO!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [scvhost] mirc.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [C2K] C:\WINDOWS\CYB2K.EXE
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [oovoo.exe] C:\Program Files\ooVoo\oovoo.exe /minimized
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RESEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Add to VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\PROGRA~1\NUCLEA~1\VideoGet\Plugins\VIDEOG~1.DLL
O9 - Extra 'Tools' menuitem: Add to &VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\PROGRA~1\NUCLEA~1\VideoGet\Plugins\VIDEOG~1.DLL
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{61660CE9-6389-40FF-AE67-69FC1A27B687}: NameServer = 41.221.20.4 213.140.2.12
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Communication Services (CCOMSVC) - Unknown owner - C:\WINDOWS\CComSvc.exe (file missing)
O23 - Service: Service Google Update (gupdate1c9f0feeee88006) (gupdate1c9f0feeee88006) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Office Source Engine (ose) - Unknown owner - C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE (file missing)
O23 - Service: RdnaoFlSvc - Unknown owner - C:\Program Files\rnamfler\naofsvc.exe
O23 - Service: ServiceLayer - Unknown owner - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (file missing)
Avant de terminer :
Analyse ces fichiers :
Sur le site de virustotal :
https://www.virustotal.com/gui/
Parcourir > Sélectionne ton fichier > Analyser, patiente que l’analyse soit terminée.
Poste bien les rapports en m’indiquant à chaque rapport envoyé le nom du fichier concerné !
(Si VirusTotal indique que le fichier a déjà été analysé, clique sur le bouton Ré-analyse le fichier maintenant).
Analyse ces fichiers :
C:\WINDOWS\system32\vgamfil.dll C:\WINDOWS\system32\srchin.dll C:\WINDOWS\system32\gdwfil.dll
Sur le site de virustotal :
https://www.virustotal.com/gui/
Parcourir > Sélectionne ton fichier > Analyser, patiente que l’analyse soit terminée.
Poste bien les rapports en m’indiquant à chaque rapport envoyé le nom du fichier concerné !
(Si VirusTotal indique que le fichier a déjà été analysé, clique sur le bouton Ré-analyse le fichier maintenant).
Le rapport d'analyse ... :\WINDOWS\system32\vgamfil.dll
Antivirus Version Dernière mise à jour Résultat
a-squared 4.5.0.18 2009.07.05 -
AhnLab-V3 5.0.0.2 2009.07.05 -
AntiVir 7.9.0.204 2009.07.05 -
Antiy-AVL 2.0.3.1 2009.07.03 -
Authentium 5.1.2.4 2009.07.04 -
Avast 4.8.1335.0 2009.07.05 -
AVG 8.5.0.386 2009.07.05 -
BitDefender 7.2 2009.07.05 -
CAT-QuickHeal 10.00 2009.07.03 -
ClamAV 0.94.1 2009.07.03 -
Comodo 1538 2009.07.02 -
DrWeb 5.0.0.12182 2009.07.05 -
eSafe 7.0.17.0 2009.07.02 -
eTrust-Vet 31.6.6596 2009.07.03 -
F-Prot 4.4.4.56 2009.07.04 -
F-Secure 8.0.14470.0 2009.07.05 -
Fortinet 3.117.0.0 2009.07.03 -
GData 19 2009.07.05 -
Ikarus T3.1.1.64.0 2009.07.05 -
Jiangmin 11.0.706 2009.07.05 -
K7AntiVirus 7.10.783 2009.07.03 -
Kaspersky 7.0.0.125 2009.07.05 -
McAfee 5667 2009.07.05 -
McAfee+Artemis 5667 2009.07.05 -
McAfee-GW-Edition 6.8.5 2009.07.05 -
Microsoft 1.4803 2009.07.05 -
NOD32 4219 2009.07.05 -
Norman 6.01.09 2009.07.04 -
nProtect 2009.1.8.0 2009.07.05 -
Panda 10.0.0.14 2009.07.05 -
PCTools 4.4.2.0 2009.07.05 -
Prevx 3.0 2009.07.05 -
Rising 21.36.62.00 2009.07.05 -
Sophos 4.43.0 2009.07.05 -
Sunbelt 3.2.1858.2 2009.07.05 -
Symantec 1.4.4.12 2009.07.05 -
TheHacker 6.3.4.3.362 2009.07.04 -
TrendMicro 8.950.0.1094 2009.07.05 -
VBA32 3.12.10.7 2009.07.05 -
ViRobot 2009.7.3.1818 2009.07.03 -
VirusBuster 4.6.5.0 2009.07.05 -
Information additionnelle
File size: 4826 bytes
MD5...: 4b36c08e22a856ff5dd59c55979996cc
SHA1..: 694d9c2ad7b2df63f845cab4d4c1cffc9917172a
SHA256: 29bfb970987ca40929d777681189aec277d7d366c224f22149ded83f8122ddf7
ssdeep: 96:o8FXaeYnxMEV1h5wpgcxezAtP21Zpj4kXFvwjepdWt1rs8Ejp0908aoe8:HFX
hMV1h5wpgBzAx8ZB4KFoqWt1rs8AW
PEiD..: -
TrID..: File type identification
Unknown!
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
-
Antivirus Version Dernière mise à jour Résultat
a-squared 4.5.0.18 2009.07.05 -
AhnLab-V3 5.0.0.2 2009.07.05 -
AntiVir 7.9.0.204 2009.07.05 -
Antiy-AVL 2.0.3.1 2009.07.03 -
Authentium 5.1.2.4 2009.07.04 -
Avast 4.8.1335.0 2009.07.05 -
AVG 8.5.0.386 2009.07.05 -
BitDefender 7.2 2009.07.05 -
CAT-QuickHeal 10.00 2009.07.03 -
ClamAV 0.94.1 2009.07.03 -
Comodo 1538 2009.07.02 -
DrWeb 5.0.0.12182 2009.07.05 -
eSafe 7.0.17.0 2009.07.02 -
eTrust-Vet 31.6.6596 2009.07.03 -
F-Prot 4.4.4.56 2009.07.04 -
F-Secure 8.0.14470.0 2009.07.05 -
Fortinet 3.117.0.0 2009.07.03 -
GData 19 2009.07.05 -
Ikarus T3.1.1.64.0 2009.07.05 -
Jiangmin 11.0.706 2009.07.05 -
K7AntiVirus 7.10.783 2009.07.03 -
Kaspersky 7.0.0.125 2009.07.05 -
McAfee 5667 2009.07.05 -
McAfee+Artemis 5667 2009.07.05 -
McAfee-GW-Edition 6.8.5 2009.07.05 -
Microsoft 1.4803 2009.07.05 -
NOD32 4219 2009.07.05 -
Norman 6.01.09 2009.07.04 -
nProtect 2009.1.8.0 2009.07.05 -
Panda 10.0.0.14 2009.07.05 -
PCTools 4.4.2.0 2009.07.05 -
Prevx 3.0 2009.07.05 -
Rising 21.36.62.00 2009.07.05 -
Sophos 4.43.0 2009.07.05 -
Sunbelt 3.2.1858.2 2009.07.05 -
Symantec 1.4.4.12 2009.07.05 -
TheHacker 6.3.4.3.362 2009.07.04 -
TrendMicro 8.950.0.1094 2009.07.05 -
VBA32 3.12.10.7 2009.07.05 -
ViRobot 2009.7.3.1818 2009.07.03 -
VirusBuster 4.6.5.0 2009.07.05 -
Information additionnelle
File size: 4826 bytes
MD5...: 4b36c08e22a856ff5dd59c55979996cc
SHA1..: 694d9c2ad7b2df63f845cab4d4c1cffc9917172a
SHA256: 29bfb970987ca40929d777681189aec277d7d366c224f22149ded83f8122ddf7
ssdeep: 96:o8FXaeYnxMEV1h5wpgcxezAtP21Zpj4kXFvwjepdWt1rs8Ejp0908aoe8:HFX
hMV1h5wpgBzAx8ZB4KFoqWt1rs8AW
PEiD..: -
TrID..: File type identification
Unknown!
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
-
Le rapport d'analyse ...C:\WINDOWS\system32\srchin.dll
Antivirus Version Dernière mise à jour Résultat
a-squared 4.5.0.18 2009.07.05 -
AhnLab-V3 5.0.0.2 2009.07.05 -
AntiVir 7.9.0.204 2009.07.05 -
Antiy-AVL 2.0.3.1 2009.07.03 -
Authentium 5.1.2.4 2009.07.04 -
Avast 4.8.1335.0 2009.07.05 -
AVG 8.5.0.386 2009.07.05 -
BitDefender 7.2 2009.07.05 -
CAT-QuickHeal 10.00 2009.07.03 -
ClamAV 0.94.1 2009.07.03 -
Comodo 1538 2009.07.02 -
DrWeb 5.0.0.12182 2009.07.05 -
eSafe 7.0.17.0 2009.07.02 -
eTrust-Vet 31.6.6596 2009.07.03 -
F-Prot 4.4.4.56 2009.07.04 -
F-Secure 8.0.14470.0 2009.07.05 -
Fortinet 3.117.0.0 2009.07.03 -
GData 19 2009.07.05 -
Ikarus T3.1.1.64.0 2009.07.05 -
Jiangmin 11.0.706 2009.07.05 -
K7AntiVirus 7.10.783 2009.07.03 -
Kaspersky 7.0.0.125 2009.07.05 -
McAfee 5667 2009.07.05 -
McAfee+Artemis 5667 2009.07.05 -
McAfee-GW-Edition 6.8.5 2009.07.05 -
Microsoft 1.4803 2009.07.05 -
NOD32 4219 2009.07.05 -
Norman 6.01.09 2009.07.04 -
nProtect 2009.1.8.0 2009.07.05 -
Panda 10.0.0.14 2009.07.05 -
PCTools 4.4.2.0 2009.07.05 -
Rising 21.36.62.00 2009.07.05 -
Sophos 4.43.0 2009.07.05 -
Sunbelt 3.2.1858.2 2009.07.05 -
Symantec 1.4.4.12 2009.07.05 -
TheHacker 6.3.4.3.362 2009.07.04 -
TrendMicro 8.950.0.1094 2009.07.05 -
VBA32 3.12.10.7 2009.07.05 -
ViRobot 2009.7.3.1818 2009.07.03 -
VirusBuster 4.6.5.0 2009.07.05 -
Information additionnelle
File size: 3444 bytes
MD5...: dadde7d502cd206e92b4a8501d16d6d0
SHA1..: ba0ef12af684876ae91859e8531a93ed6d16754c
SHA256: 769eb0af6ff79f97bc7553a524d20a5fcebab3622653700dd0b5952b780e2691
ssdeep: 48:Aw3BbEyXl9l+Lit2ZROBayqb0COHr8EWQ4lHoD3hLsPfxkO12xHKRooAwTvK7
3Qn:3BbXlP+D3OBI4ZoQOO3efxYxHKfukUmf
PEiD..: -
TrID..: File type identification
-
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
-
Antivirus Version Dernière mise à jour Résultat
a-squared 4.5.0.18 2009.07.05 -
AhnLab-V3 5.0.0.2 2009.07.05 -
AntiVir 7.9.0.204 2009.07.05 -
Antiy-AVL 2.0.3.1 2009.07.03 -
Authentium 5.1.2.4 2009.07.04 -
Avast 4.8.1335.0 2009.07.05 -
AVG 8.5.0.386 2009.07.05 -
BitDefender 7.2 2009.07.05 -
CAT-QuickHeal 10.00 2009.07.03 -
ClamAV 0.94.1 2009.07.03 -
Comodo 1538 2009.07.02 -
DrWeb 5.0.0.12182 2009.07.05 -
eSafe 7.0.17.0 2009.07.02 -
eTrust-Vet 31.6.6596 2009.07.03 -
F-Prot 4.4.4.56 2009.07.04 -
F-Secure 8.0.14470.0 2009.07.05 -
Fortinet 3.117.0.0 2009.07.03 -
GData 19 2009.07.05 -
Ikarus T3.1.1.64.0 2009.07.05 -
Jiangmin 11.0.706 2009.07.05 -
K7AntiVirus 7.10.783 2009.07.03 -
Kaspersky 7.0.0.125 2009.07.05 -
McAfee 5667 2009.07.05 -
McAfee+Artemis 5667 2009.07.05 -
McAfee-GW-Edition 6.8.5 2009.07.05 -
Microsoft 1.4803 2009.07.05 -
NOD32 4219 2009.07.05 -
Norman 6.01.09 2009.07.04 -
nProtect 2009.1.8.0 2009.07.05 -
Panda 10.0.0.14 2009.07.05 -
PCTools 4.4.2.0 2009.07.05 -
Rising 21.36.62.00 2009.07.05 -
Sophos 4.43.0 2009.07.05 -
Sunbelt 3.2.1858.2 2009.07.05 -
Symantec 1.4.4.12 2009.07.05 -
TheHacker 6.3.4.3.362 2009.07.04 -
TrendMicro 8.950.0.1094 2009.07.05 -
VBA32 3.12.10.7 2009.07.05 -
ViRobot 2009.7.3.1818 2009.07.03 -
VirusBuster 4.6.5.0 2009.07.05 -
Information additionnelle
File size: 3444 bytes
MD5...: dadde7d502cd206e92b4a8501d16d6d0
SHA1..: ba0ef12af684876ae91859e8531a93ed6d16754c
SHA256: 769eb0af6ff79f97bc7553a524d20a5fcebab3622653700dd0b5952b780e2691
ssdeep: 48:Aw3BbEyXl9l+Lit2ZROBayqb0COHr8EWQ4lHoD3hLsPfxkO12xHKRooAwTvK7
3Qn:3BbXlP+D3OBI4ZoQOO3efxYxHKfukUmf
PEiD..: -
TrID..: File type identification
-
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
-
Et le rapport d'analyse ...C:\WINDOWS\system32\gdwfil.dll
Antivirus Version Dernière mise à jour Résultat
a-squared 4.5.0.18 2009.07.05 -
AhnLab-V3 5.0.0.2 2009.07.05 -
AntiVir 7.9.0.204 2009.07.05 -
Antiy-AVL 2.0.3.1 2009.07.03 -
Authentium 5.1.2.4 2009.07.04 -
Avast 4.8.1335.0 2009.07.05 -
AVG 8.5.0.386 2009.07.05 -
BitDefender 7.2 2009.07.05 -
CAT-QuickHeal 10.00 2009.07.03 -
ClamAV 0.94.1 2009.07.03 -
Comodo 1538 2009.07.02 -
DrWeb 5.0.0.12182 2009.07.05 -
eSafe 7.0.17.0 2009.07.02 -
eTrust-Vet 31.6.6596 2009.07.03 -
F-Prot 4.4.4.56 2009.07.04 -
F-Secure 8.0.14470.0 2009.07.05 -
Fortinet 3.117.0.0 2009.07.03 -
GData 19 2009.07.05 -
Ikarus T3.1.1.64.0 2009.07.05 -
Jiangmin 11.0.706 2009.07.05 -
K7AntiVirus 7.10.783 2009.07.03 -
Kaspersky 7.0.0.125 2009.07.05 -
McAfee 5667 2009.07.05 -
McAfee+Artemis 5667 2009.07.05 -
McAfee-GW-Edition 6.8.5 2009.07.05 -
Microsoft 1.4803 2009.07.05 -
NOD32 4219 2009.07.05 -
Norman 6.01.09 2009.07.04 -
nProtect 2009.1.8.0 2009.07.05 -
Panda 10.0.0.14 2009.07.05 -
PCTools 4.4.2.0 2009.07.05 -
Prevx 3.0 2009.07.05 -
Rising 21.36.62.00 2009.07.05 -
Sophos 4.43.0 2009.07.05 -
Sunbelt 3.2.1858.2 2009.07.05 -
Symantec 1.4.4.12 2009.07.05 -
TheHacker 6.3.4.3.362 2009.07.04 -
TrendMicro 8.950.0.1094 2009.07.05 -
VBA32 3.12.10.7 2009.07.05 -
ViRobot 2009.7.3.1818 2009.07.03 -
VirusBuster 4.6.5.0 2009.07.05 -
Information additionnelle
File size: 1378 bytes
MD5...: bc8d842e0e1f2c095019e8138f167e3a
SHA1..: 035ae1bca4c37032d89c850de2c1156f7f8e98f3
SHA256: 8da92c8eb8037de375a2bc80ac6de30f1acad7b28082f7e66888dccaea1cb0d6
ssdeep: 24:EWKil7c7lU/JE2ZMEOWGst2Dfy2gWOuZSluTdCaRfAfGg0a7ldz7yVM6XmDy+
zRG:iHlUBE2ft8fyZESluTdCaRfAtldYXmDo
PEiD..: -
TrID..: File type identification
Unknown!
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
Antivirus Version Dernière mise à jour Résultat
a-squared 4.5.0.18 2009.07.05 -
AhnLab-V3 5.0.0.2 2009.07.05 -
AntiVir 7.9.0.204 2009.07.05 -
Antiy-AVL 2.0.3.1 2009.07.03 -
Authentium 5.1.2.4 2009.07.04 -
Avast 4.8.1335.0 2009.07.05 -
AVG 8.5.0.386 2009.07.05 -
BitDefender 7.2 2009.07.05 -
CAT-QuickHeal 10.00 2009.07.03 -
ClamAV 0.94.1 2009.07.03 -
Comodo 1538 2009.07.02 -
DrWeb 5.0.0.12182 2009.07.05 -
eSafe 7.0.17.0 2009.07.02 -
eTrust-Vet 31.6.6596 2009.07.03 -
F-Prot 4.4.4.56 2009.07.04 -
F-Secure 8.0.14470.0 2009.07.05 -
Fortinet 3.117.0.0 2009.07.03 -
GData 19 2009.07.05 -
Ikarus T3.1.1.64.0 2009.07.05 -
Jiangmin 11.0.706 2009.07.05 -
K7AntiVirus 7.10.783 2009.07.03 -
Kaspersky 7.0.0.125 2009.07.05 -
McAfee 5667 2009.07.05 -
McAfee+Artemis 5667 2009.07.05 -
McAfee-GW-Edition 6.8.5 2009.07.05 -
Microsoft 1.4803 2009.07.05 -
NOD32 4219 2009.07.05 -
Norman 6.01.09 2009.07.04 -
nProtect 2009.1.8.0 2009.07.05 -
Panda 10.0.0.14 2009.07.05 -
PCTools 4.4.2.0 2009.07.05 -
Prevx 3.0 2009.07.05 -
Rising 21.36.62.00 2009.07.05 -
Sophos 4.43.0 2009.07.05 -
Sunbelt 3.2.1858.2 2009.07.05 -
Symantec 1.4.4.12 2009.07.05 -
TheHacker 6.3.4.3.362 2009.07.04 -
TrendMicro 8.950.0.1094 2009.07.05 -
VBA32 3.12.10.7 2009.07.05 -
ViRobot 2009.7.3.1818 2009.07.03 -
VirusBuster 4.6.5.0 2009.07.05 -
Information additionnelle
File size: 1378 bytes
MD5...: bc8d842e0e1f2c095019e8138f167e3a
SHA1..: 035ae1bca4c37032d89c850de2c1156f7f8e98f3
SHA256: 8da92c8eb8037de375a2bc80ac6de30f1acad7b28082f7e66888dccaea1cb0d6
ssdeep: 24:EWKil7c7lU/JE2ZMEOWGst2Dfy2gWOuZSluTdCaRfAfGg0a7ldz7yVM6XmDy+
zRG:iHlUBE2ft8fyZESluTdCaRfAtldYXmDo
PEiD..: -
TrID..: File type identification
Unknown!
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
Très bien, merci.
Relance Hijackthis.
Clique sur "Do a system scan only".
Coche ces lignes :
Clic ensuite sur fix checked.
Ferme Hijackthis.
**********
Désinstalle SweetIM toolbar depuis l'ajout / suppression de programmes.
On passe à la fin de désinfection ?
Relance Hijackthis.
Clique sur "Do a system scan only".
Coche ces lignes :
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\YAHOO!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [scvhost] mirc.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RESEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
Clic ensuite sur fix checked.
Ferme Hijackthis.
**********
Désinstalle SweetIM toolbar depuis l'ajout / suppression de programmes.
On passe à la fin de désinfection ?