Rapport hijackthis
eyestorm
Messages postés
42
Statut
Membre
-
eyestorm Messages postés 42 Statut Membre -
eyestorm Messages postés 42 Statut Membre -
voici mon rapport hijach this, qu'est ce qu'il faut que je fix?
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
C:\WINDOWS\system32\TPSMain.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
C:\Program Files\TOSHIBA\Commandes TOSHIBA\TFncKy.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0T1.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\Fichiers communs\Real\Update_OB\RealOneMessageCenter.exe
C:\PROGRA~1\MICROS~2\Office\OUTLOOK.EXE
C:\WINDOWS\msagent\AgentSvr.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\saaoui2\Local Settings\Temporary Internet Files\Content.IE5\89A70LUF\HijackThis[1].exe
C:\Program Files\Messenger\msmsgs.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: C:\WINDOWS\system32\miamore.dll - {1559C6FD-8BDE-476E-98C7-871E59193FCE} - C:\WINDOWS\system32\miamore.dll
O2 - BHO: IEHelperObj Class - {6754A456-BAD9-11D4-93D3-00B0D03A2F91} - C:\PROGRA~1\Odigo\Bin\OdigoBHO.dll (file missing)
O2 - BHO: C:\WINDOWS\system32\atmpvc.dll - {7DBA5E61-9C51-4365-ACD2-DE684E133F8C} - C:\WINDOWS\system32\atmpvc.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: C:\WINDOWS\system32\trustac.dll - {C2E07B68-2F46-4DBB-8261-285794B7F8DE} - C:\WINDOWS\system32\trustac.dll
O2 - BHO: C:\WINDOWS\system32\clbcatix.dll - {D4DFC1D8-2D2E-4962-B0D0-389FBA0F76B5} - C:\WINDOWS\system32\clbcatix.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [ccApp] C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
O4 - HKLM\..\Run: [ccRegVfy] C:\Program Files\Fichiers communs\Symantec Shared\ccRegVfy.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
O4 - HKLM\..\Run: [pdfw] C:\Program Files\Amic Utilities\PDF Writer Pro\pdfwload.exe
O4 - HKLM\..\Run: [pdfc] C:\Program Files\Adolix\Adolix PDF Converter\pdfcload.exe
O4 - HKLM\..\Run: [EPSON Stylus C46 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0T1.EXE /P23 "EPSON Stylus C46 Series" /O5 "LPT1:" /M "Stylus C46"
O4 - HKLM\..\Run: [EPSON Stylus C46 Series (Copie 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0T1.EXE /P33 "EPSON Stylus C46 Series (Copie 1)" /O6 "USB001" /M "Stylus C46"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\clbcatix.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\clbcatix.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.coolwebsearch.com
O15 - Trusted Zone: *.searchmeup.com
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1103583814998
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} (CRAVOnline Object) - http://www.ravantivirus.com/scan/ravonline.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O20 - Winlogon Notify: clbcatex - C:\WINDOWS\system32\clbcatix.dll
O20 - Winlogon Notify: eventss - C:\WINDOWS\system32\atmpvc.dll
O20 - Winlogon Notify: gg - C:\WINDOWS\system32\trustac.dll
O20 - Winlogon Notify: lindows - C:\WINDOWS\system32\miamore.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
merci
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
C:\WINDOWS\system32\TPSMain.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
C:\Program Files\TOSHIBA\Commandes TOSHIBA\TFncKy.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0T1.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\Fichiers communs\Real\Update_OB\RealOneMessageCenter.exe
C:\PROGRA~1\MICROS~2\Office\OUTLOOK.EXE
C:\WINDOWS\msagent\AgentSvr.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\saaoui2\Local Settings\Temporary Internet Files\Content.IE5\89A70LUF\HijackThis[1].exe
C:\Program Files\Messenger\msmsgs.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: C:\WINDOWS\system32\miamore.dll - {1559C6FD-8BDE-476E-98C7-871E59193FCE} - C:\WINDOWS\system32\miamore.dll
O2 - BHO: IEHelperObj Class - {6754A456-BAD9-11D4-93D3-00B0D03A2F91} - C:\PROGRA~1\Odigo\Bin\OdigoBHO.dll (file missing)
O2 - BHO: C:\WINDOWS\system32\atmpvc.dll - {7DBA5E61-9C51-4365-ACD2-DE684E133F8C} - C:\WINDOWS\system32\atmpvc.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: C:\WINDOWS\system32\trustac.dll - {C2E07B68-2F46-4DBB-8261-285794B7F8DE} - C:\WINDOWS\system32\trustac.dll
O2 - BHO: C:\WINDOWS\system32\clbcatix.dll - {D4DFC1D8-2D2E-4962-B0D0-389FBA0F76B5} - C:\WINDOWS\system32\clbcatix.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [ccApp] C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
O4 - HKLM\..\Run: [ccRegVfy] C:\Program Files\Fichiers communs\Symantec Shared\ccRegVfy.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
O4 - HKLM\..\Run: [pdfw] C:\Program Files\Amic Utilities\PDF Writer Pro\pdfwload.exe
O4 - HKLM\..\Run: [pdfc] C:\Program Files\Adolix\Adolix PDF Converter\pdfcload.exe
O4 - HKLM\..\Run: [EPSON Stylus C46 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0T1.EXE /P23 "EPSON Stylus C46 Series" /O5 "LPT1:" /M "Stylus C46"
O4 - HKLM\..\Run: [EPSON Stylus C46 Series (Copie 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0T1.EXE /P33 "EPSON Stylus C46 Series (Copie 1)" /O6 "USB001" /M "Stylus C46"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\clbcatix.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\clbcatix.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.coolwebsearch.com
O15 - Trusted Zone: *.searchmeup.com
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1103583814998
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} (CRAVOnline Object) - http://www.ravantivirus.com/scan/ravonline.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O20 - Winlogon Notify: clbcatex - C:\WINDOWS\system32\clbcatix.dll
O20 - Winlogon Notify: eventss - C:\WINDOWS\system32\atmpvc.dll
O20 - Winlogon Notify: gg - C:\WINDOWS\system32\trustac.dll
O20 - Winlogon Notify: lindows - C:\WINDOWS\system32\miamore.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
merci
A voir également:
- Rapport hijackthis
- Hijackthis - Télécharger - Antivirus & Antimalwares
- Plan rapport de stage - Guide
- Rapport de crash windows - Guide
- Impression rapport de stage ✓ - Forum Word
- Modifier rapport d'échelle pdf xchange viewer ✓ - Forum PDF
2 réponses
Bonsoir
Télécharge cwshredder là :
http://www.intermute.com/products/cwshredder.html
Installe puis redémarre en mode sans echec.
Lance cws.
Relog et poste.
@+
Télécharge cwshredder là :
http://www.intermute.com/products/cwshredder.html
Installe puis redémarre en mode sans echec.
Lance cws.
Relog et poste.
@+
salut
voici le log avec cws
RUN: [ATIModeChange] Ati2mdxx.exe
RUN: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
RUN: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
RUN: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
RUN: [AGRSMMSG] AGRSMMSG.exe
RUN: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
RUN: [TPSMain] TPSMain.exe
RUN: [NDSTray.exe] NDSTray.exe
RUN: [SmoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
RUN: [TFncKy] TFncKy.exe
RUN: [ccApp] C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
RUN: [ccRegVfy] C:\Program Files\Fichiers communs\Symantec Shared\ccRegVfy.exe
RUN: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
RUN: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
RUN: [pdfw] C:\Program Files\Amic Utilities\PDF Writer Pro\pdfwload.exe
RUN: [pdfc] C:\Program Files\Adolix\Adolix PDF Converter\pdfcload.exe
RUN: [EPSON Stylus C46 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0T1.EXE /P23 "EPSON Stylus C46 Series" /O5 "LPT1:" /M "Stylus C46"
RUN: [EPSON Stylus C46 Series (Copie 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0T1.EXE /P33 "EPSON Stylus C46 Series (Copie 1)" /O6 "USB001" /M "Stylus C46"
RUN: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
RUN: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
RUN: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
RUN: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
**** Browser Helper Objects ****
BHO: [AcroIEHlprObj Class] C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
BHO: [C:\WINDOWS\system32\miamore.dll] C:\WINDOWS\system32\miamore.dll
BHO: [IEHelperObj Class] C:\PROGRA~1\Odigo\Bin\OdigoBHO.dll
BHO: [C:\WINDOWS\system32\atmpvc.dll] C:\WINDOWS\system32\atmpvc.dll
BHO: [Google Toolbar Helper] c:\program files\google\googletoolbar1.dll
BHO: [AcroIEToolbarHelper Class] C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
BHO: [CNavExtBho Class] C:\Program Files\Norton AntiVirus\NavShExt.dll
BHO: [C:\WINDOWS\system32\trustac.dll] C:\WINDOWS\system32\trustac.dll
BHO: [C:\WINDOWS\system32\clbcatix.dll] C:\WINDOWS\system32\clbcatix.dll
BHO: [EpsonToolBandKicker Class] C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
**** IE Toolbars ****
TOOLBAR: [Norton AntiVirus] C:\Program Files\Norton AntiVirus\NavShExt.dll
TOOLBAR: [&Google] c:\program files\google\googletoolbar1.dll
TOOLBAR: [Adobe PDF] C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
TOOLBAR: [EPSON Web-To-Page] C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
**** IE Extensions ****
IEExt: []
IEExt: [Recherche]
IEExt: [Messenger] C:\Program Files\Messenger\msmsgs.exe
**** Hosts File Entries ****
HOSTS: 127.0.0.1 localhost
HOSTS: 127.0.0.1 localhost
**** IE Settings ****
Default Page: http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default Search: http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Local Page: C:\WINDOWS\system32\blank.htm
Search Page: http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
**** IE Context Menu (Right click) ****
IEContext: [&Google Search] res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
IEContext: [Backward Links] res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
IEContext: [Cached Snapshot of Page] res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
IEContext: [Similar Pages] res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
IEContext: [Translate into English] res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
**** Layered Service Providers ****
LSP: MSAFD Tcpip [TCP/IP]
LSP: MSAFD Tcpip [UDP/IP]
LSP: RSVP UDP Service Provider
LSP: RSVP TCP Service Provider
LSP: MSAFD Irda [IrDA]
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{5142CDC4-59ED-4986-B20F-AB3F1B1CF981}] SEQPACKET 4
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{5142CDC4-59ED-4986-B20F-AB3F1B1CF981}] DATAGRAM 4
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{76856B98-6066-4D6E-85F3-0BC6D3D37E81}] SEQPACKET 3
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{76856B98-6066-4D6E-85F3-0BC6D3D37E81}] DATAGRAM 3
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{B07D02A1-1BB6-4E17-B500-6BE73FFD97A8}] SEQPACKET 0
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{B07D02A1-1BB6-4E17-B500-6BE73FFD97A8}] DATAGRAM 0
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{15892CE6-EFCB-425B-8825-B1869BD1A5BA}] SEQPACKET 1
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{15892CE6-EFCB-425B-8825-B1869BD1A5BA}] DATAGRAM 1
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{8805D968-9DDD-4D3C-AB61-40184C9C796A}] SEQPACKET 2
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{8805D968-9DDD-4D3C-AB61-40184C9C796A}] DATAGRAM 2
**** Blocked Control Panel Items ****
BLOCKED: [ncpa.cpl] No
BLOCKED: [odbccp32.cpl] No
**** Downloaded Program Files ****
{14B87622-7E19-4EA8-93B3-97215F77A6BC} [http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab] C:\WINDOWS\Downloaded Program Files\MessengerStatsPAClient.dll
{6414512B-B978-451D-A0D8-FCFDF33E833C} [http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1103583814998]
{8AD9C840-044E-11D1-B3E9-00805F499D93} [http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab]
{9A9307A0-7DA4-4DAF-B042-5009F29E09E1} [http://www.pandasoftware.com/activescan/as5/asinst.cab]
{A3009861-330C-4E10-822B-39D16EC8829D} [http://www.ravantivirus.com/scan/ravonline.cab] C:\WINDOWS\Downloaded Program Files\ravupdt.ini C:\WINDOWS\Downloaded Program Files\ravonline.dll C:\WINDOWS\Downloaded Program Files\ravscan.dll C:\WINDOWS\Downloaded Program Files\ravupdt.dll
{B8BE5E93-A60C-4D26-A2DC-220313175592} [http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab]
{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA} [http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab]
**** Custom IE Search Items ****
SEARCH: [SearchAssistant] http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
SEARCH: [CustomizeSearch] http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
@+
voici le log avec cws
RUN: [ATIModeChange] Ati2mdxx.exe
RUN: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
RUN: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
RUN: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
RUN: [AGRSMMSG] AGRSMMSG.exe
RUN: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
RUN: [TPSMain] TPSMain.exe
RUN: [NDSTray.exe] NDSTray.exe
RUN: [SmoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
RUN: [TFncKy] TFncKy.exe
RUN: [ccApp] C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
RUN: [ccRegVfy] C:\Program Files\Fichiers communs\Symantec Shared\ccRegVfy.exe
RUN: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
RUN: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
RUN: [pdfw] C:\Program Files\Amic Utilities\PDF Writer Pro\pdfwload.exe
RUN: [pdfc] C:\Program Files\Adolix\Adolix PDF Converter\pdfcload.exe
RUN: [EPSON Stylus C46 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0T1.EXE /P23 "EPSON Stylus C46 Series" /O5 "LPT1:" /M "Stylus C46"
RUN: [EPSON Stylus C46 Series (Copie 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0T1.EXE /P33 "EPSON Stylus C46 Series (Copie 1)" /O6 "USB001" /M "Stylus C46"
RUN: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
RUN: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
RUN: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
RUN: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
**** Browser Helper Objects ****
BHO: [AcroIEHlprObj Class] C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
BHO: [C:\WINDOWS\system32\miamore.dll] C:\WINDOWS\system32\miamore.dll
BHO: [IEHelperObj Class] C:\PROGRA~1\Odigo\Bin\OdigoBHO.dll
BHO: [C:\WINDOWS\system32\atmpvc.dll] C:\WINDOWS\system32\atmpvc.dll
BHO: [Google Toolbar Helper] c:\program files\google\googletoolbar1.dll
BHO: [AcroIEToolbarHelper Class] C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
BHO: [CNavExtBho Class] C:\Program Files\Norton AntiVirus\NavShExt.dll
BHO: [C:\WINDOWS\system32\trustac.dll] C:\WINDOWS\system32\trustac.dll
BHO: [C:\WINDOWS\system32\clbcatix.dll] C:\WINDOWS\system32\clbcatix.dll
BHO: [EpsonToolBandKicker Class] C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
**** IE Toolbars ****
TOOLBAR: [Norton AntiVirus] C:\Program Files\Norton AntiVirus\NavShExt.dll
TOOLBAR: [&Google] c:\program files\google\googletoolbar1.dll
TOOLBAR: [Adobe PDF] C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
TOOLBAR: [EPSON Web-To-Page] C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
**** IE Extensions ****
IEExt: []
IEExt: [Recherche]
IEExt: [Messenger] C:\Program Files\Messenger\msmsgs.exe
**** Hosts File Entries ****
HOSTS: 127.0.0.1 localhost
HOSTS: 127.0.0.1 localhost
**** IE Settings ****
Default Page: http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default Search: http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Local Page: C:\WINDOWS\system32\blank.htm
Search Page: http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
**** IE Context Menu (Right click) ****
IEContext: [&Google Search] res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
IEContext: [Backward Links] res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
IEContext: [Cached Snapshot of Page] res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
IEContext: [Similar Pages] res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
IEContext: [Translate into English] res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
**** Layered Service Providers ****
LSP: MSAFD Tcpip [TCP/IP]
LSP: MSAFD Tcpip [UDP/IP]
LSP: RSVP UDP Service Provider
LSP: RSVP TCP Service Provider
LSP: MSAFD Irda [IrDA]
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{5142CDC4-59ED-4986-B20F-AB3F1B1CF981}] SEQPACKET 4
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{5142CDC4-59ED-4986-B20F-AB3F1B1CF981}] DATAGRAM 4
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{76856B98-6066-4D6E-85F3-0BC6D3D37E81}] SEQPACKET 3
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{76856B98-6066-4D6E-85F3-0BC6D3D37E81}] DATAGRAM 3
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{B07D02A1-1BB6-4E17-B500-6BE73FFD97A8}] SEQPACKET 0
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{B07D02A1-1BB6-4E17-B500-6BE73FFD97A8}] DATAGRAM 0
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{15892CE6-EFCB-425B-8825-B1869BD1A5BA}] SEQPACKET 1
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{15892CE6-EFCB-425B-8825-B1869BD1A5BA}] DATAGRAM 1
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{8805D968-9DDD-4D3C-AB61-40184C9C796A}] SEQPACKET 2
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{8805D968-9DDD-4D3C-AB61-40184C9C796A}] DATAGRAM 2
**** Blocked Control Panel Items ****
BLOCKED: [ncpa.cpl] No
BLOCKED: [odbccp32.cpl] No
**** Downloaded Program Files ****
{14B87622-7E19-4EA8-93B3-97215F77A6BC} [http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab] C:\WINDOWS\Downloaded Program Files\MessengerStatsPAClient.dll
{6414512B-B978-451D-A0D8-FCFDF33E833C} [http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1103583814998]
{8AD9C840-044E-11D1-B3E9-00805F499D93} [http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab]
{9A9307A0-7DA4-4DAF-B042-5009F29E09E1} [http://www.pandasoftware.com/activescan/as5/asinst.cab]
{A3009861-330C-4E10-822B-39D16EC8829D} [http://www.ravantivirus.com/scan/ravonline.cab] C:\WINDOWS\Downloaded Program Files\ravupdt.ini C:\WINDOWS\Downloaded Program Files\ravonline.dll C:\WINDOWS\Downloaded Program Files\ravscan.dll C:\WINDOWS\Downloaded Program Files\ravupdt.dll
{B8BE5E93-A60C-4D26-A2DC-220313175592} [http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab]
{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA} [http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab]
**** Custom IE Search Items ****
SEARCH: [SearchAssistant] http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
SEARCH: [CustomizeSearch] http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
@+
