Précédent
- 1
- 2
Logfile of random's system information tool 1.06 (written by random/random)
Run by Administrateur at 2010-03-05 18:07:49
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 10 GB (55%) free of 18 GB
Total RAM: 247 MB (62% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:07:58, on 05/03/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Safe mode
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\McAfee\VirusScan Enterprise\EngineServer.exe
C:\WINDOWS\Explorer.EXE
F:\rsit\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Administrateur.exe
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptsn.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [16630] C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\iqgfypvt.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: McAfee Engine Service (McAfeeEngineService) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\EngineServer.exe
O23 - Service: Service McAfee Framework (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\WINDOWS\system32\mfevtps.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
Run by Administrateur at 2010-03-05 18:07:49
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 10 GB (55%) free of 18 GB
Total RAM: 247 MB (62% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:07:58, on 05/03/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Safe mode
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\McAfee\VirusScan Enterprise\EngineServer.exe
C:\WINDOWS\Explorer.EXE
F:\rsit\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Administrateur.exe
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptsn.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [16630] C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\iqgfypvt.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: McAfee Engine Service (McAfeeEngineService) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\EngineServer.exe
O23 - Service: Service McAfee Framework (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\WINDOWS\system32\mfevtps.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
All processes killed
Error: Unable to interpret <Code: > in the current context!
========== PROCESSES ==========
Process explorer.exe killed successfully!
========== FILES ==========
File/Folder c:\lsass.exe not found.
========== REGISTRY ==========
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrateur
->Temp folder emptied: 305173 bytes
->Temporary Internet Files folder emptied: 427551 bytes
->Flash cache emptied: 0 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
User: fkouassi
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 934979 bytes
User: kinan
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 482064 bytes
User: mariama
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 147388664 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
User: patricia
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
User: sauve
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
User: SMSCCMBootAcct&.PREST-02
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
User: SMSCliSvcAcct&
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
User: SMSCliSvcAcct&.PREST-02
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
User: SMSCliToknAcct&
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
User: SMSCliToknLocalAcct&
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 4520564 bytes
%systemroot%\System32 .tmp files removed: 5528576 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 53422107 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 67 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 203,00 mb
OTM by OldTimer - Version 3.1.10.0 log created on 03052010_221520
Files moved on Reboot...
File C:\Documents and Settings\Administrateur\Local Settings\Temp\tmp17.tmp not found!
File C:\Documents and Settings\Administrateur\Local Settings\Temp\tmp1E.tmp not found!
Registry entries deleted on Reboot...
Error: Unable to interpret <Code: > in the current context!
========== PROCESSES ==========
Process explorer.exe killed successfully!
========== FILES ==========
File/Folder c:\lsass.exe not found.
========== REGISTRY ==========
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrateur
->Temp folder emptied: 305173 bytes
->Temporary Internet Files folder emptied: 427551 bytes
->Flash cache emptied: 0 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
User: fkouassi
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 934979 bytes
User: kinan
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 482064 bytes
User: mariama
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 147388664 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
User: patricia
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
User: sauve
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
User: SMSCCMBootAcct&.PREST-02
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
User: SMSCliSvcAcct&
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
User: SMSCliSvcAcct&.PREST-02
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
User: SMSCliToknAcct&
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
User: SMSCliToknLocalAcct&
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 4520564 bytes
%systemroot%\System32 .tmp files removed: 5528576 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 53422107 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 67 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 203,00 mb
OTM by OldTimer - Version 3.1.10.0 log created on 03052010_221520
Files moved on Reboot...
File C:\Documents and Settings\Administrateur\Local Settings\Temp\tmp17.tmp not found!
File C:\Documents and Settings\Administrateur\Local Settings\Temp\tmp1E.tmp not found!
Registry entries deleted on Reboot...
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Précédent
- 1
- 2
