Aller au contenu

celinette

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    3

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par celinette

  1. celinette
    ET voici RSIT Bon courage pour décripter ce qui pour moi est du chinois et merci !!! Logfile of random's system information tool 1.06 (written by random/random) Run by vigny at 2009-12-09 20:14:42 Microsoft Windows XP Édition familiale Service Pack 3 System drive C: has 118 GB (75%) free of 157 GB Total RAM: 1023 MB (58% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:14:46, on 09/12/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\IncrediMail\bin\IMApp.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\AskBarDis\bar\bin\AskService.exe C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\IncrediMail\bin\ImNotfy.exe C:\WINDOWS\System32\svchost.exe c:\program files\avira\antivir desktop\avcenter.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\vigny\Bureau\RSIT.exe C:\Program Files\trend micro\vigny.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: VMN Toolbar - {A057A204-BACC-4D26-8287-79A187E26987} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: VMN Toolbar - {A057A204-BACC-4D26-8287-79A187E26987} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\vigny\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [incrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [tcactive] C:\Program Files\The Cleaner\tcap.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: DipisoftUpdate.lnk = C:\Program Files\Dipisoft\DUpdate.exe O4 - Global Startup: Serveur de connexion PsiWin 2.3.lnk = C:\Program Files\Psion\PsiWin\Psconsv.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab O20 - AppInit_DLLs: winmm.dll O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: ASKService - Unknown owner - C:\Program Files\AskBarDis\bar\bin\AskService.exe O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe -- End of file - 7295 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\AppleSoftwareUpdate.job C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1614895754-1275210071-1177238915-1004Core.job C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1614895754-1275210071-1177238915-1004UA.job C:\WINDOWS\tasks\User_Feed_Synchronization-{73889A2A-B71D-4927-87C0-D427FFAF9D7E}.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}] AskBar BHO - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2009-04-02 333192] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-8287-79A187E26987}] VMN Toolbar - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL [2007-09-24 1966080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-12-05 263280] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-12-05 764912] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-11 73728] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {A057A204-BACC-4D26-8287-79A187E26987} - VMN Toolbar - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL [2007-09-24 1966080] {3041d03e-fd4b-44e0-b742-2d9b88305f98} - Ask Toolbar - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2009-04-02 333192] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-12-05 263280] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Cmaudio"=RunDll32 cmicnfg.cpl,CMICtrlWnd [] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696] "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-05-26 413696] "avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153] "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360] "Google Update"=C:\Documents and Settings\vigny\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-06-09 133104] "IncrediMail"=C:\Program Files\IncrediMail\bin\IncMail.exe [2009-09-07 251336] "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-12-05 39408] "tcactive"=C:\Program Files\The Cleaner\tcap.exe [2009-11-22 2800640] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage DipisoftUpdate.lnk - C:\Program Files\Dipisoft\DUpdate.exe Serveur de connexion PsiWin 2.3.lnk - C:\Program Files\Psion\PsiWin\Psconsv.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLS"="winmm.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent] C:\WINDOWS\system32\Ati2evxx.dll [2006-02-21 61440] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-13 240128] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 "NoDriveAutoRun"=145 "HonorAutoRunSetting"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= "NoDriveAutoRun"= "NoDriveTypeAutoRun"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger" "C:\Program Files\World of Warcraft\Launcher.exe"="C:\Program Files\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher" "C:\Program Files\Curse\CurseClient.exe"="C:\Program Files\Curse\CurseClient.exe:*:Enabled:Curse Client" "C:\Program Files\World of Warcraft\WoW-3.2.2.10482-to-3.2.2.10505-frFR-downloader.exe"="C:\Program Files\World of Warcraft\WoW-3.2.2.10482-to-3.2.2.10505-frFR-downloader.exe:*:Enabled:Blizzard Downloader" "C:\Program Files\Avira\AntiVir Desktop\update.exe"="C:\Program Files\Avira\AntiVir Desktop\update.exe:*:Enabled:update" "C:\Program Files\IncrediMail\bin\ImApp.exe"="C:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail" "C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail" "C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail" "C:\Program Files\Magentic\bin\MgImp.exe"="C:\Program Files\Magentic\bin\MgImp.exe:*:Enabled:Magentic" "C:\Program Files\Magentic\bin\Magentic.exe"="C:\Program Files\Magentic\bin\Magentic.exe:*:Enabled:Magentic" "C:\Program Files\Magentic\bin\MgApp.exe"="C:\Program Files\Magentic\bin\MgApp.exe:*:Enabled:Magentic" "C:\Documents and Settings\vigny\Local Settings\Temp\ImInstaller\3d_magic_installer.exe"="C:\Documents and Settings\vigny\Local Settings\Temp\ImInstaller\3d_magic_installer.exe:*:Enabled:IncrediMail Installer" "C:\Program Files\Codemasters\Le Seigneur des anneaux Online\lotroclient.exe"="C:\Program Files\Codemasters\Le Seigneur des anneaux Online\lotroclient.exe:*:Enabled:lotroclient" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" ======List of files/folders created in the last 1 months====== 2009-12-09 18:01:32 ----A---- C:\RootRepeal report 12-09-09 (18-01-32).txt 2009-12-09 17:41:37 ----D---- C:\Program Files\7-Zip 2009-12-09 16:23:09 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$ 2009-12-09 16:23:05 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$ 2009-12-09 16:22:52 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$ 2009-12-09 16:22:24 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$ 2009-12-09 16:22:19 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$ 2009-12-09 16:22:16 ----A---- C:\WINDOWS\imsins.BAK 2009-12-09 16:22:12 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$ 2009-12-09 11:25:49 ----D---- C:\Documents and Settings\vigny\Application Data\thecleaner 2009-12-09 11:25:33 ----D---- C:\Program Files\The Cleaner 2009-12-09 11:13:23 ----RASHD---- C:\autorun.inf 2009-12-09 11:07:45 ----A---- C:\UsbFix.txt 2009-12-09 11:03:17 ----D---- C:\Program Files\trend micro 2009-12-09 11:03:16 ----D---- C:\rsit 2009-12-09 10:55:34 ----A---- C:\TB.txt 2009-12-09 10:55:12 ----D---- C:\ToolBar SD 2009-12-08 22:15:42 ----A---- C:\TCleaner.txt 2009-12-08 21:18:53 ----D---- C:\UsbFix 2009-12-08 20:26:16 ----D---- C:\Documents and Settings\vigny\Application Data\Malwarebytes 2009-12-08 20:26:08 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2009-12-08 20:26:08 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2009-12-08 19:22:05 ----D---- C:\WINDOWS\system32\XPSViewer 2009-12-08 19:22:00 ----D---- C:\Program Files\MSBuild 2009-12-08 19:21:58 ----D---- C:\WINDOWS\system32\en-US 2009-12-08 19:21:50 ----D---- C:\Program Files\Reference Assemblies 2009-12-08 19:21:27 ----N---- C:\WINDOWS\system32\prntvpt.dll 2009-12-08 19:21:26 ----N---- C:\WINDOWS\system32\xpssvcs.dll 2009-12-08 19:21:26 ----N---- C:\WINDOWS\system32\xpsshhdr.dll 2009-12-08 19:21:26 ----D---- C:\8ec05fd40366d8d72fa7ee3cc97b2f 2009-12-08 19:19:39 ----SHD---- C:\Config.Msi 2009-12-08 12:37:22 ----D---- C:\Documents and Settings\vigny\Application Data\Turbine 2009-12-08 12:26:21 ----D---- C:\WINDOWS\SxsCaPendDel 2009-12-08 12:20:28 ----RSD---- C:\WINDOWS\assembly 2009-12-08 12:20:28 ----D---- C:\WINDOWS\Microsoft.NET 2009-12-08 12:20:26 ----D---- C:\WINDOWS\system32\URTTemp 2009-12-08 11:42:52 ----D---- C:\Program Files\Codemasters 2009-12-06 17:49:40 ----D---- C:\Program Files\Tracker Software 2009-12-05 19:50:24 ----A---- C:\WINDOWS\system32\javaws.exe 2009-12-05 19:50:24 ----A---- C:\WINDOWS\system32\javaw.exe 2009-12-05 19:50:24 ----A---- C:\WINDOWS\system32\java.exe 2009-12-05 15:48:15 ----D---- C:\Documents and Settings\vigny\Application Data\Google 2009-11-30 16:49:42 ----D---- C:\Program Files\JRE 2009-11-27 18:49:15 ----D---- C:\Documents and Settings\vigny\Application Data\Yahoo! 2009-11-27 18:49:13 ----D---- C:\Program Files\Yahoo! 2009-11-27 18:49:10 ----D---- C:\Program Files\CCleaner 2009-11-27 18:47:09 ----D---- C:\WINDOWS\pss 2009-11-25 11:57:26 ----HDC---- C:\WINDOWS\$NtUninstallKB976098-v2$ 2009-11-25 11:57:21 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$ 2009-11-19 20:33:18 ----D---- C:\Documents and Settings\All Users\Application Data\PhotoMail 2009-11-19 20:33:16 ----D---- C:\Program Files\PhotoMail Maker 2009-11-11 18:56:35 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$ ======List of files/folders modified in the last 1 months====== 2009-12-09 18:52:46 ----D---- C:\WINDOWS\Prefetch 2009-12-09 18:49:50 ----D---- C:\WINDOWS\Temp 2009-12-09 18:49:39 ----D---- C:\WINDOWS\system32\CatRoot2 2009-12-09 18:27:26 ----A---- C:\WINDOWS\SchedLgU.Txt 2009-12-09 17:48:23 ----D---- C:\WINDOWS\system32\drivers 2009-12-09 17:41:37 ----RD---- C:\Program Files 2009-12-09 17:10:09 ----D---- C:\WINDOWS\system32 2009-12-09 17:10:09 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2009-12-09 17:09:02 ----D---- C:\WINDOWS 2009-12-09 16:26:20 ----SHD---- C:\WINDOWS\Installer 2009-12-09 16:25:31 ----D---- C:\WINDOWS\WinSxS 2009-12-09 16:23:12 ----RSHDC---- C:\WINDOWS\system32\dllcache 2009-12-09 16:23:12 ----HD---- C:\WINDOWS\inf 2009-12-09 16:23:02 ----D---- C:\WINDOWS\system32\CatRoot 2009-12-09 16:22:44 ----D---- C:\Program Files\Internet Explorer 2009-12-09 16:22:30 ----HD---- C:\WINDOWS\$hf_mig$ 2009-12-09 16:19:19 ----D---- C:\WINDOWS\Debug 2009-12-09 14:50:24 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2009-12-09 13:52:50 ----D---- C:\Program Files\Spybot - Search & Destroy 2009-12-09 13:48:08 ----SH---- C:\boot.ini 2009-12-09 13:48:08 ----A---- C:\WINDOWS\win.ini 2009-12-09 13:48:08 ----A---- C:\WINDOWS\system.ini 2009-12-09 12:11:50 ----A---- C:\WINDOWS\BRWMARK.INI 2009-12-09 12:11:50 ----A---- C:\WINDOWS\BRPP2KA.INI 2009-12-09 11:48:44 ----D---- C:\Program Files\Socooc3D 2009-12-09 11:12:27 ----SHD---- C:\RECYCLER 2009-12-09 08:36:06 ----D---- C:\WINDOWS\Network Diagnostic 2009-12-08 22:31:57 ----SHD---- C:\System Volume Information 2009-12-08 22:31:57 ----D---- C:\WINDOWS\system32\Restore 2009-12-08 19:21:56 ----RSD---- C:\WINDOWS\Fonts 2009-12-08 19:21:35 ----D---- C:\WINDOWS\system32\spool 2009-12-08 12:36:36 ----SD---- C:\Documents and Settings\vigny\Application Data\Microsoft 2009-12-08 12:26:09 ----D---- C:\WINDOWS\system32\DirectX 2009-12-08 12:22:21 ----D---- C:\WINDOWS\Registration 2009-12-06 22:27:32 ----D---- C:\Python26 2009-12-06 12:50:43 ----D---- C:\Documents and Settings\All Users\Application Data\Barbie Fashion Show 2009-12-05 19:50:23 ----D---- C:\Program Files\Java 2009-12-05 14:44:22 ----D---- C:\Program Files\Google 2009-12-05 14:44:03 ----D---- C:\Documents and Settings\All Users\Application Data\Google 2009-12-05 14:43:44 ----D---- C:\Program Files\Zylom Games 2009-12-05 14:43:44 ----D---- C:\Documents and Settings\vigny\Application Data\Zylom 2009-12-05 14:43:44 ----D---- C:\Documents and Settings\vigny\Application Data\Identities 2009-12-05 10:41:10 ----D---- C:\Program Files\Fichiers communs 2009-12-01 21:06:19 ----A---- C:\WINDOWS\system32\MRT.exe 2009-11-30 16:49:41 ----D---- C:\Program Files\OpenOffice.org 3 2009-11-30 09:49:14 ----D---- C:\ikea 2009-11-29 14:23:20 ----D---- C:\Documents and Settings\vigny\Application Data\VSO 2009-11-26 18:16:51 ----D---- C:\Program Files\Mozilla Firefox ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 AmdK7;Pilote de processeur AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2008-04-13 41856] R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [] R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104] R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14720] R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-10-14 28520] R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-10-14 55656] R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-02-21 1505792] R3 cmuda;C-Media WDM Audio Interface; C:\WINDOWS\system32\drivers\cmuda.sys [2009-01-17 754560] R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2006-07-14 14448] R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] R3 RTL8023xp;NETGEAR FA311v2 PCI Adapter; C:\WINDOWS\system32\DRIVERS\FA311XP.SYS [2006-01-24 78720] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] S3 FETNDIS;Pilote NT de carte VIA PCI 10/100Mo Fast Ethernet; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165] S3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5b.sys [2003-11-11 41984] S3 gkmixern;gkmixern; \??\C:\DOCUME~1\vigny\LOCALS~1\Temp\gkmixern.sys [] S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288] S3 NTSIM;NTSIM; \??\C:\WINDOWS\system32\ntsim.sys [] S3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2008-04-13 20992] S3 Ser2pl;Prolific Serial port driver; C:\WINDOWS\system32\DRIVERS\ser2pl.sys [2003-07-16 43264] S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-10-14 108289] R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-10-14 185089] R2 ASKService;ASKService; C:\Program Files\AskBarDis\bar\bin\AskService.exe [2009-04-02 464264] R2 ASKUpgrade;ASKUpgrade; C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe [2009-04-02 234888] R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-02-21 405504] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-10-11 153376] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-12-05 182768] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2005-02-24 73728] S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF-----------------
  2. celinette
    merci de vous intérésser à mon cas ! voici mbam que je viens de faire : Malwarebytes' Anti-Malware 1.42 Version de la base de données: 3328 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 09/12/2009 20:10:55 mbam-log-2009-12-09 (20-10-55).txt Type de recherche: Examen complet (C:\|) Eléments examinés: 199624 Temps écoulé: 1 hour(s), 2 minute(s), 10 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté) C'est toujours cette réponse ... je fais Rsit et je le poste aussi le plus vite possible encore merci
  3. celinette
    Je me tourne vers vous car mon ordinateur a attrapé le TR/PSW.Kates.cu.1. J'ai suivis tout les messages concernant l'élimination de trojan. J'ai donc utiliser les logiciels suivants : Usbfix - RSIT - Malwarebytes' Anti-Malware - Spybot - CleanX II - ToolsCleaner en suivant à la lettre des méthodes, notement en mode sans echec pour certains. C'est sans résultat. A chaque démarage mon antivirus me dit : C:\Documents and Settings\vigny\Local Settings\Temp\omsni.tmp [RESULTAT] Contient le cheval de Troie TR/PSW.Kates.cu.1. (avira antivir personnel) Je suis vraiment désespérée Je pense qu'il faut un sacré savoir pour se sortir d'un ennuis comme celui là ! Merci si quelqu'un pouvait me venir en aide !? Céline
×
×
  • Créer...