Pc fou

tekk Messages postés 299 Statut Membre -  
aranjuez31 Messages postés 8161 Date d'inscription   Statut Contributeur -
bonjours mon pc est fous la page ineternet se ferme otomatiquement et windows media player aussi je vien de le formater il y a 3 semaine et deje il dérape et pourten jé un anti verus mise a jour symentec aidé moi s'il vous plait
Configuration: windows xp sp2

6 réponses

  1. ^^Marie^^ Messages postés 41884 Date d'inscription   Statut Membre Dernière intervention   3 280
     
    Salut,

    Autant repartir sur de bonnes bases ::::::

    Il est important d’effectuer la manip dans sa totalité.

    Télécharge et colle les 3 rapports :

    A - ad-aware version 1.06

    (ici) http://www.florensac-chasse-trap.com/ section virus/logiciel de securite
    voir demo
    http://pageperso.aol.fr/balltrap34/adwseflash.zip

    B - spybot version 1.4

    (ici) http://www.florensac-chasse-trap.com/ section virus/logiciel de securite
    voir demo d utilisation
    http://pageperso.aol.fr/Balltrap34/demo%20spybot.htm

    C - Ccleaner : ( nettoyeur de registre, cookies+temps+tempos+prefetch+historique+etc..)
    Télécharge ici :
    https://www.ccleaner.com/ccleaner/download
    Tutorial ici:
    https://www.vulgarisation-informatique.com/nettoyer-windows-ccleaner.php

    D - Ewido (download)- gratuit même après 14 jours d’essai
    http://perso.wanadoo.fr/entraide-hijackthis/Ewido/
    Copie/COLLE le rapport généré sur ce forum
    Pour certaines versions de Windows antérieures à XP, Ewido peut ne pas être compatible
    Dans ce cas, il te faudra utiliser a-squared free et demander une clef pour son usage gratuit
    https://www.emsisoft.com/fr/

    E - Scan online avec BitDefender (fonctionne uniquement sous Internet Explorer en acceptant l’ activX)
    https://assiste.com/404_La_page_demandee_n_existe_pas.php
    http://www.bitdefender.fr/scan8/ie.html
    Copie/COLLE le rapport entier

    F - Hijackthis - Outil de diagnostic et réparation
    lire démo
    http://pageperso.aol.fr/balltrap34/Hijenr.gif
    http://pageperso.aol.fr/balltrap34/demohijack.htm
    Télécharge version française ici
    http://telechargement.zebulon.fr/160-patch-francais-pour-hijackthis-1991.html
    Copie/colle le rapport

    Bon courage

    A++
    0
  2. aranjuez31 Messages postés 8161 Date d'inscription   Statut Contributeur 354
     
    up !
    0
  3. tekk Messages postés 299 Statut Membre 12
     
    voici les raport

    Ad-Aware SE Build 1.06r1
    Logfile Created on:mercredi 14 juin 2006 07:57:01
    Created with Ad-Aware SE Personal, free for private use.
    Using definitions file:SE1R111 08.06.2006
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

    References detected during the scan:
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    MRU List(TAC index:0):12 total references
    Tracking Cookie(TAC index:3):1 total references
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

    Ad-Aware SE Settings
    ===========================
    Set : Search for negligible risk entries
    Set : Safe mode (always request confirmation)
    Set : Scan active processes
    Set : Scan registry
    Set : Deep-scan registry
    Set : Scan my IE Favorites for banned URLs
    Set : Scan within archives
    Set : Scan my Hosts file

    Extended Ad-Aware SE Settings
    ===========================
    Set : Unload recognized processes & modules during scan
    Set : Scan registry for all users instead of current user only
    Set : Always try to unload modules before deletion
    Set : During removal, unload Explorer and IE if necessary
    Set : Let Windows remove files in use at next reboot
    Set : Delete quarantined objects after restoring
    Set : Include basic Ad-Aware settings in log file
    Set : Include additional Ad-Aware settings in log file
    Set : Include reference summary in log file
    Set : Include alternate data stream details in log file
    Set : Play sound at scan completion if scan locates critical objects

    14-06-2006 07:57:01 - Scan started. (Smart mode)

    Listing running processes
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

    #:1 [smss.exe]
    FilePath : \SystemRoot\System32\
    ProcessID : 476
    ThreadCreationTime : 14-06-2006 05:44:29
    BasePriority : Normal

    #:2 [csrss.exe]
    FilePath : \??\C:\WINDOWS\system32\
    ProcessID : 700
    ThreadCreationTime : 14-06-2006 05:44:34
    BasePriority : Normal

    #:3 [winlogon.exe]
    FilePath : \??\C:\WINDOWS\system32\
    ProcessID : 724
    ThreadCreationTime : 14-06-2006 05:44:34
    BasePriority : High

    #:4 [services.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 768
    ThreadCreationTime : 14-06-2006 05:44:35
    BasePriority : Normal
    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 5.1.2600.2180
    ProductName : Système d'exploitation Microsoft® Windows®
    CompanyName : Microsoft Corporation
    FileDescription : Applications Services et Contrôleur
    InternalName : services.exe
    LegalCopyright : © Microsoft Corporation. Tous droits réservés.
    OriginalFilename : services.exe

    #:5 [lsass.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 780
    ThreadCreationTime : 14-06-2006 05:44:35
    BasePriority : Normal
    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 5.1.2600.2180
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : LSA Shell (Export Version)
    InternalName : lsass.exe
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : lsass.exe

    #:6 [svchost.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 932
    ThreadCreationTime : 14-06-2006 05:44:36
    BasePriority : Normal
    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 5.1.2600.2180
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Generic Host Process for Win32 Services
    InternalName : svchost.exe
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : svchost.exe

    #:7 [svchost.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 1012
    ThreadCreationTime : 14-06-2006 05:44:36
    BasePriority : Normal
    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 5.1.2600.2180
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Generic Host Process for Win32 Services
    InternalName : svchost.exe
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : svchost.exe

    #:8 [svchost.exe]
    FilePath : C:\WINDOWS\System32\
    ProcessID : 1072
    ThreadCreationTime : 14-06-2006 05:44:36
    BasePriority : Normal
    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 5.1.2600.2180
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Generic Host Process for Win32 Services
    InternalName : svchost.exe
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : svchost.exe

    #:9 [svchost.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 1140
    ThreadCreationTime : 14-06-2006 05:44:37
    BasePriority : Normal
    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 5.1.2600.2180
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Generic Host Process for Win32 Services
    InternalName : svchost.exe
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : svchost.exe

    #:10 [svchost.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 1188
    ThreadCreationTime : 14-06-2006 05:44:37
    BasePriority : Normal
    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 5.1.2600.2180
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Generic Host Process for Win32 Services
    InternalName : svchost.exe
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : svchost.exe

    #:11 [ccsetmgr.exe]
    FilePath : C:\Program Files\Fichiers communs\Symantec Shared\
    ProcessID : 1248
    ThreadCreationTime : 14-06-2006 05:44:37
    BasePriority : Normal
    FileVersion : 103.5.1.9
    ProductVersion : 103.5.1.9
    ProductName : Client and Host Security Platform
    CompanyName : Symantec Corporation
    FileDescription : Symantec Settings Manager Service
    InternalName : ccSetMgr
    LegalCopyright : Copyright (c) 2000-2005 Symantec Corporation. All rights reserved.
    OriginalFilename : ccSetMgr.exe

    #:12 [ccevtmgr.exe]
    FilePath : C:\Program Files\Fichiers communs\Symantec Shared\
    ProcessID : 1340
    ThreadCreationTime : 14-06-2006 05:44:38
    BasePriority : Normal
    FileVersion : 103.5.1.9
    ProductVersion : 103.5.1.9
    ProductName : Client and Host Security Platform
    CompanyName : Symantec Corporation
    FileDescription : Symantec Event Manager Service
    InternalName : ccEvtMgr
    LegalCopyright : Copyright (c) 2000-2005 Symantec Corporation. All rights reserved.
    OriginalFilename : ccEvtMgr.exe

    #:13 [spoolsv.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 1644
    ThreadCreationTime : 14-06-2006 05:44:39
    BasePriority : Normal
    FileVersion : 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)
    ProductVersion : 5.1.2600.2696
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Spooler SubSystem App
    InternalName : spoolsv.exe
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : spoolsv.exe

    #:14 [explorer.exe]
    FilePath : C:\WINDOWS\
    ProcessID : 1652
    ThreadCreationTime : 14-06-2006 05:44:39
    BasePriority : Normal
    FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 6.00.2900.2180
    ProductName : Système d'exploitation Microsoft® Windows®
    CompanyName : Microsoft Corporation
    FileDescription : Explorateur Windows
    InternalName : explorer
    LegalCopyright : © Microsoft Corporation. Tous droits réservés.
    OriginalFilename : EXPLORER.EXE

    #:15 [mainserv.exe]
    FilePath : C:\Program Files\APC\APC PowerChute Personal Edition\
    ProcessID : 1776
    ThreadCreationTime : 14-06-2006 05:44:39
    BasePriority : Normal
    FileVersion : 1, 4, 0, 0
    ProductVersion : 1, 4, 0, 0
    ProductName : APC PowerChute Personal Edition
    CompanyName : American Power Conversion Corporation
    FileDescription : Battery backup management service
    InternalName : PowerChute
    LegalCopyright : Copyright © 2003
    OriginalFilename : PowerChute
    Comments : Battery backup management service

    #:16 [svchost.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 1816
    ThreadCreationTime : 14-06-2006 05:44:39
    BasePriority : Normal
    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 5.1.2600.2180
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Generic Host Process for Win32 Services
    InternalName : svchost.exe
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : svchost.exe

    #:17 [defwatch.exe]
    FilePath : C:\Program Files\Symantec AntiVirus\
    ProcessID : 1832
    ThreadCreationTime : 14-06-2006 05:44:39
    BasePriority : Normal
    FileVersion : 10.0.0.359
    ProductVersion : 10.0.0.359
    ProductName : Symantec AntiVirus
    CompanyName : Symantec Corporation
    FileDescription : Virus Definition Daemon
    InternalName : DefWatch
    LegalCopyright : Copyright 1998 - 2005 Symantec Corporation. All rights reserved.
    OriginalFilename : DefWatch.exe

    #:18 [ewidoctrl.exe]
    FilePath : C:\Program Files\ewido anti-malware\
    ProcessID : 1880
    ThreadCreationTime : 14-06-2006 05:44:39
    BasePriority : Normal
    FileVersion : 3, 0, 0, 1
    ProductVersion : 3, 0, 0, 1
    ProductName : ewido control
    CompanyName : ewido networks
    FileDescription : ewido control
    InternalName : ewido control
    LegalCopyright : Copyright © 2004
    OriginalFilename : ewidoctrl.exe

    #:19 [ewidoguard.exe]
    FilePath : C:\Program Files\ewido anti-malware\
    ProcessID : 1912
    ThreadCreationTime : 14-06-2006 05:44:39
    BasePriority : Normal
    FileVersion : 3, 0, 0, 1
    ProductVersion : 3, 0, 0, 1
    ProductName : guard
    CompanyName : ewido networks
    FileDescription : guard
    InternalName : guard
    LegalCopyright : Copyright © 2004
    OriginalFilename : guard.exe

    #:20 [nvsvc32.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 1964
    ThreadCreationTime : 14-06-2006 05:44:40
    BasePriority : Normal
    FileVersion : 6.14.10.6573
    ProductVersion : 6.14.10.6573
    ProductName : NVIDIA Driver Helper Service, Version 65.73
    CompanyName : NVIDIA Corporation
    FileDescription : NVIDIA Driver Helper Service, Version 65.73
    InternalName : NVSVC
    LegalCopyright : (C) NVIDIA Corporation. All rights reserved.
    OriginalFilename : nvsvc32.exe

    #:21 [smagent.exe]
    FilePath : C:\Program Files\Analog Devices\SoundMAX\
    ProcessID : 2012
    ThreadCreationTime : 14-06-2006 05:44:40
    BasePriority : Normal
    FileVersion : 3, 2, 6, 0
    ProductVersion : 3, 2, 6, 0
    ProductName : SoundMAX service agent
    CompanyName : Analog Devices, Inc.
    FileDescription : SoundMAX service agent component
    InternalName : SMAgent
    LegalCopyright : Copyright © 2002
    OriginalFilename : SMAgent.exe

    #:22 [svchost.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 2028
    ThreadCreationTime : 14-06-2006 05:44:40
    BasePriority : Normal
    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 5.1.2600.2180
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Generic Host Process for Win32 Services
    InternalName : svchost.exe
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : svchost.exe

    #:23 [rtvscan.exe]
    FilePath : C:\Program Files\Symantec AntiVirus\
    ProcessID : 164
    ThreadCreationTime : 14-06-2006 05:44:41
    BasePriority : Normal
    FileVersion : 10.0.0.359
    ProductVersion : 10.0.0.359
    ProductName : Symantec AntiVirus
    CompanyName : Symantec Corporation
    FileDescription : Symantec AntiVirus
    LegalCopyright : Copyright 1991 - 2005 Symantec Corporation. All rights reserved.

    #:24 [ccapp.exe]
    FilePath : C:\Program Files\Fichiers communs\Symantec Shared\
    ProcessID : 316
    ThreadCreationTime : 14-06-2006 05:44:42
    BasePriority : Normal
    FileVersion : 103.5.1.9
    ProductVersion : 103.5.1.9
    ProductName : Client and Host Security Platform
    CompanyName : Symantec Corporation
    FileDescription : Symantec User Session
    InternalName : ccApp
    LegalCopyright : Copyright (c) 2000-2005 Symantec Corporation. All rights reserved.
    OriginalFilename : ccApp.exe

    #:25 [vptray.exe]
    FilePath : C:\PROGRA~1\SYMANT~1\
    ProcessID : 436
    ThreadCreationTime : 14-06-2006 05:44:42
    BasePriority : Normal
    FileVersion : 10.0.0.359
    ProductVersion : 10.0.0.359
    ProductName : Symantec AntiVirus
    CompanyName : Symantec Corporation
    FileDescription : Symantec AntiVirus
    LegalCopyright : Copyright 1991 - 2005 Symantec Corporation. All rights reserved.

    #:26 [shwicon2k.exe]
    FilePath : C:\Program Files\Multimedia Card Reader\
    ProcessID : 512
    ThreadCreationTime : 14-06-2006 05:44:42
    BasePriority : Idle
    FileVersion : 1, 4, 0, 8
    ProductVersion : 1, 4, 0, 8
    ProductName : Multimedia Card Reader
    CompanyName : Alcor Micro, Corp.
    FileDescription : Sunkist
    InternalName : Sunkist
    LegalCopyright : Copyright c 2002
    OriginalFilename : Sunkist.exe
    Comments : 6362 4.5 Slot 2000/XP

    #:27 [wdfmgr.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 544
    ThreadCreationTime : 14-06-2006 05:44:42
    BasePriority : Normal
    FileVersion : 5.2.3790.1230 built by: DNSRV(bld4act)
    ProductVersion : 5.2.3790.1230
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Windows User Mode Driver Manager
    InternalName : WdfMgr
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : WdfMgr.exe

    #:28 [vsnpstd3.exe]
    FilePath : C:\WINDOWS\
    ProcessID : 556
    ThreadCreationTime : 14-06-2006 05:44:42
    BasePriority : Normal
    FileVersion : 1, 0, 1, 1
    ProductVersion : 1, 0, 1, 1
    ProductName : CameraMonitor Application
    FileDescription : CameraMonitor MFC Application
    InternalName : CameraMonitor
    LegalCopyright : Copyright © 2002-2004
    OriginalFilename : CameraMonitor.EXE

    #:29 [mspmspsv.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 656
    ThreadCreationTime : 14-06-2006 05:44:43
    BasePriority : Normal
    FileVersion : 7.01.00.3055
    ProductVersion : 7.01.00.3055
    ProductName : Microsoft (R) DRM
    CompanyName : Microsoft Corporation
    FileDescription : WMDM PMSP Service
    InternalName : MSPMSPSV.EXE
    LegalCopyright : Copyright (C) Microsoft Corp. 1981-2000
    OriginalFilename : MSPMSPSV.EXE

    #:30 [hpcmpmgr.exe]
    FilePath : C:\Program Files\HP\hpcoretech\
    ProcessID : 996
    ThreadCreationTime : 14-06-2006 05:44:44
    BasePriority : Normal
    FileVersion : 2.1.1.0
    ProductVersion : 2.1.5
    ProductName : hp coretech (COmponent REuse TECHnology)
    CompanyName : Hewlett-Packard Company
    FileDescription : HP Framework Component Manager Service
    InternalName : HPComponentManagerService module
    LegalCopyright : Copyright (C) Hewlett-Packard. 2002-2004
    OriginalFilename : HpCmpMgr.exe

    #:31 [hpwuschd2.exe]
    FilePath : C:\Program Files\HP\HP Software Update\
    ProcessID : 1096
    ThreadCreationTime : 14-06-2006 05:44:44
    BasePriority : Normal
    FileVersion : 50.0.146.000
    ProductVersion : 050.000.146.000
    ProductName : hp digital imaging - hp all-in-one series
    CompanyName : Hewlett-Packard Co.
    FileDescription : Hewlett-Packard Product Assistant
    InternalName : hpwuSchd2
    LegalCopyright : Copyright (C) Hewlett-Packard Co. 1995-2004
    OriginalFilename : hpwuSchd2.exe
    Comments : Hewlett-Packard Product Assistant

    #:32 [ctfmon.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 1164
    ThreadCreationTime : 14-06-2006 05:44:45
    BasePriority : Normal
    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 5.1.2600.2180
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : CTF Loader
    InternalName : CTFMON
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : CTFMON.EXE

    #:33 [msnmsgr.exe]
    FilePath : C:\Program Files\MSN Messenger\
    ProcessID : 1500
    ThreadCreationTime : 14-06-2006 05:44:47
    BasePriority : Normal
    FileVersion : 7.5.0324
    ProductVersion : 7.5.0324
    ProductName : MSN Messenger
    CompanyName : Microsoft Corporation
    FileDescription : MSN Messenger
    InternalName : msnmsgr
    LegalCopyright : Copyright (c) Microsoft Corporation 1997-2004
    LegalTrademarks : Microsoft(R) is a registered trademark of Microsoft Corporation in the U.S. and/or other countries.
    OriginalFilename : msnmsgr.exe

    #:34 [yahoom~1.exe]
    FilePath : C:\PROGRA~1\Yahoo!\MESSEN~1\
    ProcessID : 1772
    ThreadCreationTime : 14-06-2006 05:44:49
    BasePriority : Normal
    FileVersion : 7,5,0,814
    ProductVersion : 7,5,0,814
    ProductName : Yahoo! Messenger
    CompanyName : Yahoo! Inc.
    FileDescription : Yahoo! Messenger
    LegalCopyright : (c) 1998-2006 Yahoo! Inc. All rights reserved.

    #:35 [alg.exe]
    FilePath : C:\WINDOWS\System32\
    ProcessID : 2212
    ThreadCreationTime : 14-06-2006 05:44:51
    BasePriority : Normal
    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 5.1.2600.2180
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Application Layer Gateway Service
    InternalName : ALG.exe
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : ALG.exe

    #:36 [dslmon.exe]
    FilePath : C:\Program Files\SAGEM\SAGEM F@st 800-840\
    ProcessID : 2388
    ThreadCreationTime : 14-06-2006 05:44:54
    BasePriority : Normal
    FileVersion : 1, 0, 0, 1
    ProductVersion : 1, 0, 0, 1
    ProductName : DSLMON Application
    FileDescription : ADIMON MFC Application
    InternalName : DSLMON
    LegalCopyright : Copyright (C) 2000
    OriginalFilename : ADIMON.EXE

    #:37 [hpqtra08.exe]
    FilePath : C:\Program Files\HP\Digital Imaging\bin\
    ProcessID : 2472
    ThreadCreationTime : 14-06-2006 05:44:56
    BasePriority : Normal
    FileVersion : 45.4.157.000
    ProductVersion : 045.004.157.000
    ProductName : hp digital imaging - hp all-in-one series
    CompanyName : Hewlett-Packard Co.
    FileDescription : HP Digital Imaging Monitor
    InternalName : HPQTRA00
    LegalCopyright : Copyright (C) Hewlett-Packard Co. 1995-2004
    OriginalFilename : HPQTRA00.EXE
    Comments : HP Digital Imaging Monitor

    #:38 [apcsystray.exe]
    FilePath : C:\Program Files\APC\APC PowerChute Personal Edition\
    ProcessID : 2816
    ThreadCreationTime : 14-06-2006 05:45:01
    BasePriority : Normal
    FileVersion : 1, 4, 0, 0
    ProductVersion : 1, 4, 0, 0
    ProductName : APC PowerChute Personal Edition
    CompanyName : American Power Conversion Corporation
    FileDescription : PowerChute system tray power icon
    InternalName : PowerChute
    LegalCopyright : Copyright © 2003
    OriginalFilename : PowerChute
    Comments : PowerChute system tray power icon

    #:39 [hpqgalry.exe]
    FilePath : C:\Program Files\HP\Digital Imaging\bin\
    ProcessID : 2872
    ThreadCreationTime : 14-06-2006 05:45:03
    BasePriority : Normal

    #:40 [hpdarc.exe]
    FilePath : C:\Program Files\HP\hpcoretech\comp\
    ProcessID : 3276
    ThreadCreationTime : 14-06-2006 05:45:31
    BasePriority : Normal
    FileVersion : 2.1.5
    ProductVersion : 2.1.5
    ProductName : hp coretech (COmponent REuse TECHnology)
    CompanyName : Hewlett-Packard Company
    FileDescription : HP Data Archive Module
    InternalName : HP Data Archive Module
    LegalCopyright : Copyright (C) Hewlett-Packard. 2002-2004
    OriginalFilename : hpdarc.exe

    #:41 [espacewanadoo.exe]
    FilePath : C:\Program Files\Wanadoo\
    ProcessID : 3432
    ThreadCreationTime : 14-06-2006 05:45:50
    BasePriority : Normal
    FileVersion : 5.9 (3)
    ProductVersion : 5.9 (3)
    ProductName : Kit de Connexion et de Services
    CompanyName : France Télécom R&D
    FileDescription : Espace Client
    InternalName : EspaceClient
    LegalCopyright : Copyright (C) France Télécom R&D 1999-2003
    OriginalFilename : EspaceClient.exe

    #:42 [comcomp.exe]
    FilePath : C:\Program Files\Wanadoo\
    ProcessID : 3448
    ThreadCreationTime : 14-06-2006 05:45:52
    BasePriority : Normal
    FileVersion : 11.0 (9)
    ProductVersion : 11.0 (9)
    ProductName : Kit de Connexion et de Services
    CompanyName : France Télécom R&D
    FileDescription : Module de communication
    InternalName : ComComp
    LegalCopyright : Copyright (C) France Télécom R&D 1999-2003
    OriginalFilename : ComComp.exe

    #:43 [toaster.exe]
    FilePath : C:\PROGRA~1\Wanadoo\
    ProcessID : 3468
    ThreadCreationTime : 14-06-2006 05:45:52
    BasePriority : Normal
    FileVersion : 1, 0, 0, 1
    ProductVersion : 1, 0, 0, 1
    ProductName : Application Toaster
    CompanyName : France Telecom R&D
    FileDescription : Application MFC Toaster
    InternalName : Toaster
    LegalCopyright : Copyright France Telecom R&D (C) 2004
    OriginalFilename : Toaster.EXE

    #:44 [inactivity.exe]
    FilePath : C:\PROGRA~1\Wanadoo\
    ProcessID : 3476
    ThreadCreationTime : 14-06-2006 05:45:52
    BasePriority : Normal
    FileVersion : 1, 0, 0, 1
    ProductVersion : 1, 0, 0, 1
    ProductName : Application Inactivity
    FileDescription : Application MFC Inactivity
    InternalName : Inactivity
    LegalCopyright : Copyright France Telecom R&D (C) 2004
    OriginalFilename : Inactivity.EXE

    #:45 [pollingmodule.exe]
    FilePath : C:\PROGRA~1\Wanadoo\
    ProcessID : 3484
    ThreadCreationTime : 14-06-2006 05:45:53
    BasePriority : Normal
    FileVersion : 1, 0, 0, 1
    ProductVersion : 1, 0, 0, 1
    ProductName : Application PollingModule
    FileDescription : Application PollingModule
    InternalName : PollingModule
    LegalCopyright : Copyright France Telecom R&D (C) 2004
    OriginalFilename : PollingModule.EXE

    #:46 [alertm~1.exe]
    FilePath : C:\PROGRA~1\Wanadoo\
    ProcessID : 3500
    ThreadCreationTime : 14-06-2006 05:45:53
    BasePriority : Normal
    FileVersion : 1, 0, 0, 1
    ProductVersion : 1, 0, 0, 1
    ProductName : Application AlertModule
    FileDescription : Application MFC AlertModule
    InternalName : AlertModule
    LegalCopyright : Copyright (C) 2003
    OriginalFilename : AlertModule.EXE

    #:47 [watch.exe]
    FilePath : C:\Program Files\Wanadoo\
    ProcessID : 3668
    ThreadCreationTime : 14-06-2006 05:45:54
    BasePriority : Normal
    FileVersion : 11.0 (2)
    ProductVersion : 11.0 (2)
    ProductName : Kit de Connexion et de Services
    CompanyName : France Télécom R&D
    FileDescription : Surveillance des modifications
    InternalName : Watch
    LegalCopyright : Copyright (C) France Télécom R&D 1999-2003
    OriginalFilename : Watch.exe

    #:48 [wuauclt.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 2824
    ThreadCreationTime : 14-06-2006 05:47:19
    BasePriority : Normal
    FileVersion : 5.8.0.2469 built by: lab01_n(wmbla)
    ProductVersion : 5.8.0.2469
    ProductName : Système d'exploitation Microsoft® Windows®
    CompanyName : Microsoft Corporation
    FileDescription : Mises à jour automatiques
    InternalName : wuauclt.exe
    LegalCopyright : © Microsoft Corporation. Tous droits réservés.
    OriginalFilename : wuauclt.exe

    #:49 [maxthon.exe]
    FilePath : C:\Program Files\Maxthon\
    ProcessID : 4080
    ThreadCreationTime : 14-06-2006 05:52:03
    BasePriority : Normal
    FileVersion : 1, 1, 0, 90
    ProductVersion : 1, 1, 0, 90
    ProductName : Maxthon Application
    CompanyName : MY Soft Technology
    FileDescription : Maxthon Web Browser
    InternalName : Maxthon
    LegalCopyright : Copyright (C) 2002
    LegalTrademarks : Maxthon
    OriginalFilename : Maxthon.EXE

    #:50 [hpzipm12.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 1976
    ThreadCreationTime : 14-06-2006 05:52:30
    BasePriority : Normal
    FileVersion : 9, 0, 0, 0
    ProductVersion : 9, 0, 0, 0
    ProductName : HP PML
    CompanyName : HP
    FileDescription : PML Driver
    InternalName : PmlDrv
    LegalCopyright : Copyright © 1998, 1999 Hewlett-Packard Company
    OriginalFilename : PmlDrv.exe

    #:51 [securitysuite.exe]
    FilePath : C:\Program Files\ewido anti-malware\
    ProcessID : 3704
    ThreadCreationTime : 14-06-2006 05:55:20
    BasePriority : Normal
    FileVersion : 3, 5, 0, 0
    ProductVersion : 3, 5, 0, 0
    ProductName : ewido anti-malware
    CompanyName : ewido networks
    FileDescription : anti-malware
    InternalName : GuiLoader
    LegalCopyright : © 2003 ewido networks
    OriginalFilename : SecuritySuite.exe

    #:52 [ad-aware.exe]
    FilePath : C:\Program Files\Lavasoft\Ad-Aware SE Personal\
    ProcessID : 3796
    ThreadCreationTime : 14-06-2006 05:55:37
    BasePriority : Normal
    FileVersion : 6.2.0.236
    ProductVersion : SE 106
    ProductName : Lavasoft Ad-Aware SE
    CompanyName : Lavasoft Sweden
    FileDescription : Ad-Aware SE Core application
    InternalName : Ad-Aware.exe
    LegalCopyright : Copyright © Lavasoft AB Sweden
    OriginalFilename : Ad-Aware.exe
    Comments : All Rights Reserved

    Memory scan result:
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    New critical objects: 0
    Objects found so far: 0

    Started registry scan
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

    Registry Scan result:
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    New critical objects: 0
    Objects found so far: 0

    Started deep registry scan
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

    Deep registry scan result:
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    New critical objects: 0
    Objects found so far: 0

    Started Tracking Cookie scan
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

    Tracking Cookie Object Recognized!
    Type : IECache Entry
    Data : user@www.smartadserver[1].txt
    TAC Rating : 3
    Category : Data Miner
    Comment : Hits:1
    Value : Cookie:user@www.smartadserver.com/
    Expires : 27-11-2010 01:00:00
    LastSync : Hits:1
    UseCount : 0
    Hits : 1

    Tracking cookie scan result:
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    New critical objects: 1
    Objects found so far: 1

    Deep scanning and examining files...
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

    Disk Scan Result for C:\WINDOWS
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    New critical objects: 0
    Objects found so far: 1

    Disk Scan Result for C:\WINDOWS\system32
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    New critical objects: 0
    Objects found so far: 1

    Disk Scan Result for C:\DOCUME~1\user\LOCALS~1\Temp\
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    New critical objects: 0
    Objects found so far: 1

    Scanning Hosts file......
    Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

    Hosts file scan result:
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    1 entries scanned.
    New critical objects:0
    Objects found so far: 1

    MRU List Object Recognized!
    Location: : C:\Documents and Settings\user\recent
    Description : list of recently opened documents

    MRU List Object Recognized!
    Location: : software\microsoft\directdraw\mostrecentapplication
    Description : most recent application to use microsoft directdraw

    MRU List Object Recognized!
    Location: : S-1-5-21-1935655697-1614895754-725345543-1003\software\microsoft\mediaplayer\medialibraryui
    Description : last selected node in the microsoft windows media player media library

    MRU List Object Recognized!
    Location: : S-1-5-21-1935655697-1614895754-725345543-1003\software\microsoft\mediaplayer\player\recentfilelist
    Description : list of recently used files in microsoft windows media player

    MRU List Object Recognized!
    Location: : S-1-5-21-1935655697-1614895754-725345543-1003\software\microsoft\mediaplayer\preferences
    Description : last playlist index loaded in microsoft windows media player

    MRU List Object Recognized!
    Location: : S-1-5-21-1935655697-1614895754-725345543-1003\software\microsoft\mediaplayer\preferences
    Description : last playlist loaded in microsoft windows media player

    MRU List Object Recognized!
    Location: : S-1-5-21-1935655697-1614895754-725345543-1003\software\microsoft\mediaplayer\preferences
    Description : last search path used in microsoft windows media player

    MRU List Object Recognized!
    Location: : S-1-5-21-1935655697-1614895754-725345543-1003\software\microsoft\search assistant\acmru
    Description : list of recent search terms used with the search assistant

    MRU List Object Recognized!
    Location: : S-1-5-21-1935655697-1614895754-725345543-1003\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru
    Description : list of recent programs opened

    MRU List Object Recognized!
    Location: : S-1-5-21-1935655697-1614895754-725345543-1003\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru
    Description : list of recently saved files, stored according to file extension

    MRU List Object Recognized!
    Location: : S-1-5-21-1935655697-1614895754-725345543-1003\software\microsoft\windows\currentversion\explorer\recentdocs
    Description : list of recent documents opened

    MRU List Object Recognized!
    Location: : S-1-5-21-1935655697-1614895754-725345543-1003\software\microsoft\windows media\wmsdk\general
    Description : windows media sdk

    Performing conditional scans...
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

    Conditional scan result:
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    New critical objects: 0
    Objects found so far: 13

    08:01:16 Scan Complete

    Summary Of This Scan
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    Total scanning time:00:04:14.766
    Objects scanned:95428
    Objects identified:1
    Objects ignored:0
    New critical objects:1

    Logfile of HijackThis v1.99.1
    Scan saved at 08:06:40, on 14/06/2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
    C:\Program Files\Symantec AntiVirus\DefWatch.exe
    C:\Program Files\ewido anti-malware\ewidoctrl.exe
    C:\Program Files\ewido anti-malware\ewidoguard.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Symantec AntiVirus\Rtvscan.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
    C:\PROGRA~1\SYMANT~1\VPTray.exe
    C:\Program Files\Multimedia Card Reader\shwicon2k.exe
    C:\WINDOWS\vsnpstd3.exe
    C:\WINDOWS\system32\MsPMSPSv.exe
    C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE
    C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
    C:\Program Files\HP\hpcoretech\comp\hpdarc.exe
    C:\Program Files\Wanadoo\EspaceWanadoo.exe
    C:\Program Files\Wanadoo\ComComp.exe
    C:\PROGRA~1\Wanadoo\Toaster.exe
    C:\PROGRA~1\Wanadoo\Inactivity.exe
    C:\PROGRA~1\Wanadoo\PollingModule.exe
    C:\PROGRA~1\Wanadoo\ALERTM~1.EXE
    C:\Program Files\Wanadoo\Watch.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Maxthon\Maxthon.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe
    C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ie/defaults/su/msgr7/*https://fr.search.yahoo.com/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo / Internet avec Planet Tunisie
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: PBlockHelper Class - {4115122B-85FF-4DD3-9515-F075BEDE5EB5} - C:\Program Files\Wanadoo Booster\PBHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
    O2 - BHO: BHO pour Compagnon Web Encarta - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL
    O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
    O3 - Toolbar: Compagnon Web Encarta - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL
    O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
    O4 - HKLM\..\Run: [Sunkist2k] C:\Program Files\Multimedia Card Reader\shwicon2k.exe
    O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
    O4 - Global Startup: APC UPS Status.lnk = ?
    O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
    O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site....
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{D27ADEA2-8420-457D-9F1D-309888A70AED}: NameServer = 193.95.122.40 193.95.93.77
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
    O23 - Service: APC UPS Service - American Power Conversion Corporation - C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
    O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
    O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
    O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPodService - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
    O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
    O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
    0
  4. aranjuez31 Messages postés 8161 Date d'inscription   Statut Contributeur 354
     
    bjr
    fais attention à ce qui t'est ddé, amigo

    qd je relis , je vois ces ddes :
    D - Ewido (download)- gratuit même après 14 jours d’essai
    http://perso.wanadoo.fr/entraide-hijackthis/Ewido/
    Copie/COLLE le rapport généré sur ce forum<====!!!
    E - Scan online avec BitDefender (fonctionne uniquement sous Internet Explorer en acceptant l’ activX)
    https://assiste.com/404_La_page_demandee_n_existe_pas.php
    http://www.bitdefender.fr/scan8/ie.html
    Copie/COLLE le rapport entier <====!!!

    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. aranjuez31 Messages postés 8161 Date d'inscription   Statut Contributeur 354
     
    re

    cette ligne doit requérir ton attention :
    O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
    =========
    telecharge ceci si tu ne l'as pas fait :
    C - Ccleaner : ( nettoyeur de registre, cookies+temps+tempos+prefetch+historique+etc..)
    Télécharge ici :
    https://www.ccleaner.com/ccleaner/download
    Tutorial ici:
    https://www.vulgarisation-informatique.com/nettoyer-windows-ccleaner.php
    =========
    mets-toi en sans échec ( au redémarrage tu tapotes f8 à l'apparition des tableaux du bios)
    +
    ouvre hijack
    coche et fixe ces lignes :
    O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll<==voir tratement plus bas

    O4 - HKLM\..\Run: [Sunkist2k] C:\Program Files\Multimedia Card Reader\shwicon2k.exe

    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

    O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"

    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background

    O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet

    O4 - Global Startup: APC UPS Status.lnk = ?

    O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe

    O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe

    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site....
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab

    O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
    +
    regarde dans démarrer>pano config>ajout/suppr de progr
    recherche
    MSN Apps
    si tu trouves, tu enléves
    +
    suis ce chemin
    démarrer>poste de travail>HDD
    C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
    recherche et supprime
    stmain.dll
    +
    si tu ne trouves pas
    démarrer>rechercher "stmain.dll ",
    supprime
    +
    fais fonctionner spybot+ad-aware+ewido
    vide leurs quarantaines
    +
    fais fonctionner Ccleaner (nettoyeur+erreurs)
    +
    vide poubelle
    +
    redémarre en mode normam
    +
    recolle un nouvel hijack

    0
  7. aranjuez31 Messages postés 8161 Date d'inscription   Statut Contributeur 354
     
    re
    peux-tu me préciser la version de symantec que tu emploies
    car je ne la connais pas
    je lis la mention d'antivirus
    mais pas celle du p-feu ??
    0