demande analyse d'un log hIJACK THISFermé

Question

Bonjour,Je constate depuis quelques temps quen mon PC tourne au ralenti.Pouvez vous me dire s'il certaines choses vous paraissent suspectes ou inutiles?Merci d'avance et bravo pour votre boulotStartupList report, 23/04/2004, 20:41:38StartupList version: 1.52Started from : C:\Program Files\HijackThis.EXEDetected: Windows XP SP1 (WinNT 5.01.2600)Detected: Internet Explorer v6.00 SP1 (6.00.2800.1106)* Using default options==================================================Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\System32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exeC:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exeC:\WINDOWS\SOUNDMAN.EXEC:\PROGRA~1\MESSAG~1\StartMessager.exeC:\WINDOWS\System32undll32.exeC:\Program Files\Fichiers communs\Symantec Shared\ccApp.exeC:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exeC:\WINDOWS\System32\ctfmon.exeC:\Program Files\AOL 8.0\aoltray.exeC:\Program Files\FinePixViewer\QuickDCF.exeC:\WINDOWS\system32\spoolsv.exeC:\PROGRA~1\NORTON~1\NORTON~2\GHOSTS~2.EXEC:\Program Files\Norton SystemWorks\Norton AntiVirus
avapsvc.exeC:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXEC:\PROGRA~1\NORTON~1\SPEEDD~1
opdb.exeC:\WINDOWS\wanmpsvc.exeC:\Program Files\AOL 8.0\waol.exeC:\Program Files\AOL 8.0\shellmon.exeC:\Program Files\eMule\emule.exeC:\WINDOWS\explorer.exeC:\Program Files\RamBoost XPambxpfr.exeC:\Program Files\HijackThis.exeC:\Program Files\Messenger\msmsgs.exe--------------------------------------------------Listing of startup folders:Shell folders Common Startup:[C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage]Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exeAOL 8.0 Icône AOL.lnk = C:\Program Files\AOL 8.0\aoltray.exeExif Launcher.lnk = ?--------------------------------------------------Checking Windows NT UserInit:[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]UserInit = C:\WINDOWS\system32\userinit.exe,--------------------------------------------------Autorun entries from Registry:HKLM\Software\Microsoft\Windows\CurrentVersion\RunBluetoothAuthenticationAgent = rundll32.exe irprops.cpl,,BluetoothAuthenticationAgentATIPTA = C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exeSoundMan = SOUNDMAN.EXENeroCheck = C:\WINDOWS\System32\NeroCheck.exeREGSHAVE = C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUNAdslTaskBar = rundll32.exe stmctrl.dll,TaskBarccApp = "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"ccRegVfy = "C:\Program Files\Fichiers communs\Symantec Shared\ccRegVfy.exe"GhostStartTrayApp = C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exeMSConfig = C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto--------------------------------------------------Autorun entries from Registry:HKCU\Software\Microsoft\Windows\CurrentVersion\RunCTFMON.EXE = C:\WINDOWS\System32\ctfmon.exeMSMSGS = "C:\Program Files\Messenger\msmsgs.exe" /background--------------------------------------------------Shell & screensaver key from C:\WINDOWS\SYSTEM.INI:Shell=*INI section not found*SCRNSAVE.EXE=*INI section not found*drivers=*INI section not found*Shell & screensaver key from Registry:Shell=Explorer.exeSCRNSAVE.EXE=C:\WINDOWS\System32\ssmypics.scrdrivers=*Registry value not found*Policies Shell key:HKCU\..\Policies: Shell=*Registry key not found*HKLM\..\Policies: Shell=*Registry value not found*--------------------------------------------------Enumerating Browser Helper Objects:(no name) - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}NAV Helper - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll - {BDF3E430-B101-42AD-A544-FADC6B084872}--------------------------------------------------Enumerating Task Scheduler jobs:Norton AntiVirus - Scan my computer.jobNorton SystemWorks One Button Checkup.jobSymantec NetDetect.job--------------------------------------------------Enumerating Download Program Files:[A3Cab1]CODEBASE = http://www.globalcashsolutions.com/kithtml/A3Cab1.CABOSD = C:\WINDOWS\Downloaded Program Files\OSD12D.OSD[HouseCall Control]InProcServer32 = C:\WINDOWS\DOWNLO~1\xscan53.ocxCODEBASE = http://a840.g.akamai.net/7/840/537/2003120501/housecall.antivirus.com/housecall/xscan53.cab[WWWInstall Class]InProcServer32 = C:\WINDOWS\Downloaded Program Files\WebInstall.dllCODEBASE = http://www.edipole.fr/kits/WebInstall.dll--------------------------------------------------Enumerating ShellServiceObjectDelayLoad items:PostBootReminder: C:\WINDOWS\system32\SHELL32.dllCDBurn: C:\WINDOWS\system32\SHELL32.dllWebCheck: C:\WINDOWS\System32\webcheck.dllSysTray: C:\WINDOWS\System32\stobject.dll--------------------------------------------------End of report, 5 755 bytesReport generated in 0,562 secondsCommand line options:   /verbose  - to add additional info on each section   /complete - to include empty sections and unsuspicious data   /full     - to include several rarely-important sections   /force9x  - to include Win9x-only startups even if running on WinNT   /forcent  - to include WinNT-only startups even if running on Win9x   /forceall - to include all Win9x and WinNT startups, regardless of platform   /history  - to list version history only

Angel · Answer

Salut,Tu peux analyser ton log à cette adresse : http://prcwin.free.fr/

darkcrystal33 · Answer

ton log n'est pas standard...rescanne et met un log complet.*** http://vil.nai.com/vil/stinger/ ****** http://www.ravantivirus.com/scan/ ***

Demande analyse d'un log hIJACK THIS

2 réponses

Discussions similaires

Newsletters