Analyse Rapport HijackT Fermé

Question

Bonjour, j' ai vraiment des soucis de spyware/malware/adwre survenue avec mon ordinateur personel qui est aussi mon outil de travail... Le probleme est survenue soudainement, a priori des choses se sont installees sans mon consentements; il faut dire que mon antivirus/firewall etait desactiver a ce moment la. Bref, j' ai essaye de faire le menage et me suis documente sur le net, mais j' ai encore qques soucis. Je precise que j' ai depuis installe Norton Security Center 2006. Voici mon rapport HijackThis, si qqu' un aurait la gentillesse de m' aider a eleiminer les lignes malsaines, par avance merci! Je precise egalement que j' ai aussi desactiver certain programmes inutiles avec l' utilitaire de configuration systeme, ce qui a grandement ameliore mes problemes, mais j' ai un RUN DLL Error message a chaque demarrage, erreur de dll lie a w54277bd.dll, que je retrouve ds mon rapport O4 - HKLM\..\Run: [wnw25179] RUNDLL32.EXE w54277bd.dll,n 003251760000000254277bd Logfile of HijackThis v1.99.1 Scan saved at 12:17:41, on 20/08/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\Program Files\Common Files\Symantec Shared\ccProxy.exe C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\wltrysvc.exe C:\WINDOWS\System32\bcmwltry.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\WINDOWS\system32\CTsvcCDA.EXE C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\ewido anti-spyware 4.0\guard.exe C:\Program Files\lotus
otes
tmulti.exe C:\Program Files\Norton Internet Security\Norton AntiVirus
avapsvc.exe C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe C:\WINDOWS\system32
vsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Tablet.exe C:\WINDOWS\wlancfg.exe C:\Program Files\Creative\Sound Blaster Audigy 2\Surround Mixer\CTSysVol.exe C:\Program Files\Creative\Sound Blaster Audigy 2\SB Performance Utility\CTPowUti.exe C:\Program Files\Creative\Sound Blaster Audigy 2\DVDAudio\CTDVDDET.EXE C:\Program Files\Apoint\Apoint.exe C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe C:\Program Files\Apoint\Apntex.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\system32\WTablet\TabUserW.exe C:\Program Files\802.11 Wireless LAN\WlanMonitor.exe C:\Program Files\Yahoo!\WidgetEngine\YahooWidgetEngine.exe C:\Program Files\Yahoo!\WidgetEngine\YahooWidgetEngine.exe C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE C:\Program Files\ewido anti-spyware 4.0\ewido.exe C:\Program Files\Common Files\Symantec Shared\NMain.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Outlook Express\msimn.exe C:\Documents and Settings\Vi\Desktop\HIJACK\HijackThis.exe C:\Program Files\Messenger\msmsgs.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.dell.com/en-us R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.dell.com/en-us R3 - URLSearchHook: (no name) - 3 - URLSearchHook: (no name) - _{4D25F926-B9FE-4682-BF72-8AB8210D6D75} - (no file) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla	fswshx.dll O2 - BHO: (no name) - {5F8ED6F8-F548-49D1-8BC1-25ECA8446EA4} - C:\WINDOWS\system32\mljjg.dll (file missing) O2 - BHO: SSL encrypt - {746455FE-D059-47e7-AF0E-140E03F5A447} - C:\WINDOWS\system32
sp555.dll O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O2 - BHO: Banner Rotator - {D117A61F-92C3-4450-A0C8-F425B14D4127} - C:\WINDOWS\system32\adrotate.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [wnw25179] RUNDLL32.EXE w54277bd.dll,n 003251760000000254277bd O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\Sound Blaster Audigy 2\Surround Mixer\CTSysVol.exe /r O4 - HKLM\..\Run: [CTPerformanceUtility] C:\Program Files\Creative\Sound Blaster Audigy 2\SB Performance Utility\CTPowUti.exe O4 - HKLM\..\Run: [CTDVDDET] "C:\Program Files\Creative\Sound Blaster Audigy 2\DVDAudio\CTDVDDET.EXE" O4 - HKLM\..\Run: [bacstray] C:\Program Files\Broadcom\BACS\BacsTray.exe O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [adstart] "iexplore.exe" "-embedding http://iesettingsupdate" O4 - HKCU\..\Run: [SetDefaultMIDI] MIDIDef.exe O4 - Startup: Configuration & Monitor Utility.lnk = ? O4 - Startup: Yahoo! Widget Engine.lnk = C:\Program Files\Yahoo!\WidgetEngine\YahooWidgetEngine.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: TabUserW.exe.lnk = C:\WINDOWS\system32\WTablet\TabUserW.exe O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin
pjpi142_03.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin
pjpi142_03.dll O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - https://support.norton.com/sp/en/us/home/current/info O16 - DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} (ActiveDataInfo Class) - https://support.norton.com/sp/en/us/home/current/info O16 - DPF: {44990200-3C9D-426D-81DF-AAB636FA4345} (Symantec SmartIssue) - https://support.norton.com/sp/en/us/home/current/info O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - https://support.norton.com/sp/en/us/home/current/info O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - http://web1.shutterfly.com/downloads/Uploader.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://www.photoways.com/clients/ImageUploader3.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: Multi-user Cleanup Service - IBM Corp - C:\Program Files\lotus
otes
tmulti.exe O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus
avapsvc.exe O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
vsvc32.exe O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\WINDOWS\wlancfg.exe O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe Voici egalement mon dernier scan Ewido qui montre bien qu' il ya encore des choses qui traine car malgre Norton actif, des choses continue a se telecharger sur mon ordi dans mon Temp, meme si je ne suis pas sur internet. --------------------------------------------------------- ewido anti-spyware - Scan Report --------------------------------------------------------- + Created at: 12:16:03 20/08/2006 + Scan result: C:\WINDOWS\g88027734.dll -> Downloader.Delf.aeo : Cleaned with backup (quarantined). C:\WINDOWS\ac3_0002.exe -> Downloader.Small.cyh : Cleaned with backup (quarantined). C:\Documents and Settings\Vi\Local Settings\Temporary Internet Files\Content.IE5\BD0PIBL3\xp-cydoor-728[2].swf -> Not-A-Virus.Hoax.SWF.Alerter.a : Ignored. C:\Documents and Settings\Vi\Cookies\vi@ads.addynamix[2].txt -> TrackingCookie.Addynamix : Cleaned. C:\Documents and Settings\Vi\Cookies\vi@adrevolver[2].txt -> TrackingCookie.Adrevolver : Cleaned. C:\Documents and Settings\Vi\Cookies\vi@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned. C:\Documents and Settings\Vi\Cookies\vi@bluestreak[1].txt -> TrackingCookie.Bluestreak : Cleaned. C:\Documents and Settings\Vi\Cookies\vi@citi.bridgetrack[2].txt -> TrackingCookie.Bridgetrack : Cleaned. C:\Documents and Settings\Vi\Cookies\vi@ad1.clickhype[1].txt -> TrackingCookie.Clickhype : Cleaned. C:\Documents and Settings\Vi\Cookies\vi@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned. C:\Documents and Settings\Vi\Cookies\vi@c.enhance[1].txt -> TrackingCookie.Enhance : Cleaned. C:\Documents and Settings\Vi\Cookies\vi@as-eu.falkag[1].txt -> TrackingCookie.Falkag : Cleaned. C:\Documents and Settings\Vi\Cookies\vi@as-us.falkag[2].txt -> TrackingCookie.Falkag : Cleaned. C:\Documents and Settings\Vi\Cookies\vi@fastclick[2].txt -> TrackingCookie.Fastclick : Cleaned. C:\Documents and Settings\Vi\Cookies\vi@findwhat[1].txt -> TrackingCookie.Findwhat : Cleaned. C:\Documents and Settings\Vi\Cookies\vi@c.goclick[2].txt -> TrackingCookie.Goclick : Cleaned. C:\Documents and Settings\Vi\Cookies\vi@ehg-quiksilver.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned. C:\Documents and Settings\Vi\Cookies\vi@hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned. C:\Documents and Settings\Vi\Cookies\vi@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned. C:\Documents and Settings\Vi\Cookies\vi@questionmarket[2].txt -> TrackingCookie.Questionmarket : Cleaned. C:\Documents and Settings\Vi\Cookies\vi@revenue[2].txt -> TrackingCookie.Revenue : Cleaned. C:\Documents and Settings\Vi\Cookies\vi@edge.ru4[2].txt -> TrackingCookie.Ru4 : Cleaned. C:\Documents and Settings\Vi\Cookies\vi@serving-sys[1].txt -> TrackingCookie.Serving-sys : Cleaned. C:\Documents and Settings\Vi\Cookies\vi@adopt.specificclick[2].txt -> TrackingCookie.Specificclick : Cleaned. C:\Documents and Settings\Vi\Cookies\vi@trafficmp[1].txt -> TrackingCookie.Trafficmp : Cleaned. C:\Documents and Settings\Vi\Cookies\vi@reduxads.valuead[1].txt -> TrackingCookie.Valuead : Cleaned. C:\Documents and Settings\Vi\Cookies\vi@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned. C:\Documents and Settings\Vi\Cookies\vi@yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned. C:\Documents and Settings\Vi\Cookies\vi@c5.zedo[1].txt -> TrackingCookie.Zedo : Cleaned. C:\Documents and Settings\Vi\Cookies\vi@zedo[2].txt -> TrackingCookie.Zedo : Cleaned. C:\WINDOWS\Temp\win523.tmp.exe -> Trojan.Pakes : Cleaned with backup (quarantined). C:\WINDOWS\Temp\win9F6.tmp.exe -> Trojan.Pakes : Cleaned with backup (quarantined). C:\WINDOWS\Temp\winA04.tmp.exe -> Trojan.Pakes : Cleaned with backup (quarantined). C:\WINDOWS\uni_ehhhh.exe -> Trojan.VB.tg : Cleaned with backup (quarantined). C:\WINDOWS\uninst104.exe -> Trojan.VB.tg : Cleaned with backup (quarantined). ::Report end

Regis59 · Answer

SalutTelecharge cecihttps://www.silentrunners.org/Silent%20Runners.vbs Execute le,atends quelques minutes, il va creer ensuite un dossier juste a coté de silent runner sous format texte, copie/colle ce qu il te donneraA+

legnome · Answer

salutj-u-j-u ci joint le lien officiel hijackthisce lien va

j-u-j-u · Answer

Bonjour;tout d' abord, merci bcp de vos reponses, depuis une semaine je me bas contre mon pc et je commencais a etre desespere...J' ai vraiment des soucis depuis que j' ai choppe ces adwares/malware, avec je ne sais pas si c lien mais une perte totale de connection internet depuis hier soir; que j' ai regle en reinstallant ma carte wifi et et en utilisant l' invite de cmd avec un flush dns...Plus qu' un metier, une passion...Est ce lie? Je peux donner les messages d' erreur que j' avais dans l' observateur d' evenement.J' ai vraiment des problemes de ts les cotes : dll error message au demarrage, regle maintenant en desactivant des programmes aux demarrage, pb avec Live update Norton qui se lance des le demmarage en lancant une fenetre I.E, regele de la meme maniere, plus de connexion internet survenue de maniere soudaine, puis plus du tt apres redemarrage...Je n' arrive pas a croire que mon pc qui marchait si bien soit si pourri de trucs indesirables maintenant!!!Bref, voici le log de silent runner :"Silent Runners.vbs", revision 46, https://www.silentrunners.org/Operating System: Windows XP SP2Output limited to non-default values, except where indicated by "{++}"Startup items buried in registry:---------------------------------HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}"SetDefaultMIDI" = "MIDIDef.exe" ["Creative Technology Ltd"]HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}"NvCplDaemon" = "RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup" [MS]"Symantec NetDriver Monitor" = "C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer" [file not found]"nwiz" = "nwiz.exe /install" ["NVIDIA Corporation"]"CTSysVol" = "C:\Program Files\Creative\Sound Blaster Audigy 2\Surround Mixer\CTSysVol.exe /r" ["Creative Technology Ltd"]"CTPerformanceUtility" = "C:\Program Files\Creative\Sound Blaster Audigy 2\SB Performance Utility\CTPowUti.exe" [empty string]"CTDVDDET" = ""C:\Program Files\Creative\Sound Blaster Audigy 2\DVDAudio\CTDVDDET.EXE"" ["Creative Technology Ltd"]"bacstray" = "C:\Program Files\Broadcom\BACS\BacsTray.exe" ["Broadcom Corporation"]"Apoint" = "C:\Program Files\Apoint\Apoint.exe" ["Alps Electric Co., Ltd."]"Acrobat Assistant 7.0" = ""C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"" ["Adobe Systems Inc."]"ccApp" = ""C:\Program Files\Common Files\Symantec Shared\ccApp.exe"" ["Symantec Corporation"]"QuickTime Task" = ""C:\Program Files\QuickTime\qttask.exe" -atboottime" ["Apple Computer, Inc."]"wltray.exe" = "C:\WINDOWS\system32\wltray.exe" ["Belkin Corporation"]HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\(Default) = (no title provided)  -> {HKLM...CLSID} = "Adobe PDF Reader Link Helper"                   \InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll" ["Adobe Systems Incorporated"]{5CA3D70E-1895-11CF-8E15-001234567890}\(Default) = (no title provided)  -> {HKLM...CLSID} = "DriveLetterAccess"                   \InProcServer32\(Default) = "C:\WINDOWS\system32\dla\tfswshx.dll" ["Sonic Solutions"]{746455FE-D059-47e7-AF0E-140E03F5A447}\(Default) = (no title provided)  -> {HKLM...CLSID} = "SSL encrypt"                   \InProcServer32\(Default) = "C:\WINDOWS\system32\nsz11D.dll" [empty string]{9ECB9560-04F9-4bbc-943D-298DDF1699E1}\(Default) = "Norton Internet Security 2006"  -> {HKLM...CLSID} = "CNisExtBho Class"                   \InProcServer32\(Default) = "C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll" ["Symantec Corporation"]{A8F38D8D-E480-4D52-B7A2-731BB6995FDD}\(Default) = "NAV Helper"  -> {HKLM...CLSID} = "CNavExtBho Class"                   \InProcServer32\(Default) = "C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll" ["Symantec Corporation"]{AE7CD045-E861-484f-8273-0445EE161910}\(Default) = (no title provided)  -> {HKLM...CLSID} = "Adobe PDF Conversion Toolbar Helper"                   \InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll" ["Adobe Systems Incorporated"]HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\"{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "Display Panning CPL Extension"  -> {HKLM...CLSID} = "Display Panning CPL Extension"                   \InProcServer32\(Default) = "deskpan.dll" [file not found]"{88895560-9AA2-1069-930E-00AA0030EBC8}" = "HyperTerminal Icon Ext"  -> {HKLM...CLSID} = "HyperTerminal Icon Ext"                   \InProcServer32\(Default) = "C:\WINDOWS\system32\hticons.dll" ["Hilgraeve, Inc."]"{640167b4-59b0-47a6-b335-a6b3c0695aea}" = "Portable Media Devices"  -> {HKLM...CLSID} = "Portable Media Devices"                   \InProcServer32\(Default) = "C:\WINDOWS\system32\audiodev.dll" [MS]"{cc86590a-b60a-48e6-996b-41d25ed39a1e}" = "Portable Media Devices Menu"  -> {HKLM...CLSID} = "Portable Media Devices Menu"                   \InProcServer32\(Default) = "C:\WINDOWS\system32\audiodev.dll" [MS]"{A70C977A-BF00-412C-90B7-034C51DA2439}" = "NvCpl DesktopContext Class"  -> {HKLM...CLSID} = "DesktopContext Class"                   \InProcServer32\(Default) = "C:\WINDOWS\system32\nvcpl.dll" ["NVIDIA Corporation"]"{FFB699E0-306A-11d3-8BD1-00104B6F7516}" = "Play on my TV helper"  -> {HKLM...CLSID} = "NVIDIA CPL Extension"                   \InProcServer32\(Default) = "C:\WINDOWS\system32\nvcpl.dll" ["NVIDIA Corporation"]"{1CDB2949-8F65-4355-8456-263E7C208A5D}" = "Desktop Explorer"  -> {HKLM...CLSID} = "Desktop Explorer"                   \InProcServer32\(Default) = "C:\WINDOWS\system32\nvshell.dll" ["NVIDIA Corporation"]"{1E9B04FB-F9E5-4718-997B-B8DA88302A47}" = "Desktop Explorer Menu"  -> {HKLM...CLSID} = (no title provided)                   \InProcServer32\(Default) = "C:\WINDOWS\system32\nvshell.dll" ["NVIDIA Corporation"]"{1E9B04FB-F9E5-4718-997B-B8DA88302A48}" = "nView Desktop Context Menu"  -> {HKLM...CLSID} = "nView Desktop Context Menu"                   \InProcServer32\(Default) = "C:\WINDOWS\system32\nvshell.dll" ["NVIDIA Corporation"]"{DEE12703-6333-4D4E-8F34-738C4DCC2E04}" = "RecordNow! SendToExt"  -> {HKLM...CLSID} = "RecordNow! SendToExt"                   \InProcServer32\(Default) = "C:\Program Files\Sonic\RecordNow!\shlext.dll" [null data]"{B41DB860-8EE4-11D2-9906-E49FADC173CA}" = "WinRAR shell extension"  -> {HKLM...CLSID} = "WinRAR"                   \InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]"{400CFEE2-39D0-46DC-96DF-E0BB5A4324B3}" = "My Logitech Pictures"  -> {HKLM...CLSID} = "My Logitech Pictures"                   \InProcServer32\(Default) = "C:\Program Files\Logitech\Video\Namespc2.dll" ["Logitech Inc."]"{5CA3D70E-1895-11CF-8E15-001234567890}" = "DriveLetterAccess"  -> {HKLM...CLSID} = "DriveLetterAccess"                   \InProcServer32\(Default) = "C:\WINDOWS\system32\dla\tfswshx.dll" ["Sonic Solutions"]"{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF}" = "iTunes"  -> {HKLM...CLSID} = "iTunes"                   \InProcServer32\(Default) = "C:\Program Files\iTunes\iTunesMiniPlayer.dll" ["Apple Computer, Inc."]"{42042206-2D85-11D3-8CFF-005004838597}" = "Microsoft Office HTML Icon Handler"  -> {HKLM...CLSID} = (no title provided)                   \InProcServer32\(Default) = "C:\Program Files\Microsoft Office\Office10\msohev.dll" [MS]"{21569614-B795-46b1-85F4-E737A8DC09AD}" = "Shell Search Band"  -> {HKLM...CLSID} = "Shell Search Band"                   \InProcServer32\(Default) = "C:\WINDOWS\system32\browseui.dll" [MS]"{e57ce731-33e8-4c51-8354-bb4de9d215d1}" = "Universal Plug and Play Devices"  -> {HKLM...CLSID} = "Universal Plug and Play Devices"                   \InProcServer32\(Default) = "C:\WINDOWS\system32\upnpui.dll" [MS]"{C81DCBCA-8AE2-41FC-9C39-78B160393210}" = "RhinoShExt"  -> {HKLM...CLSID} = "RhinoShExt"                   \InProcServer32\(Default) = "C:\WINDOWS\system32\RhinoShExt.dll" ["Robert McNeel & Associates"]"{6af09ec9-b429-11d4-a1fb-0090960218cb}" = "My Bluetooth Places"  -> {HKLM...CLSID} = "My Bluetooth Places"                   \InProcServer32\(Default) = "C:\WINDOWS\system32\btneighborhood.dll" ["WIDCOMM, Inc."]"{FC9FB64A-1EB2-4CCF-AF5E-1A497A9B5C2D}" = "Messenger Sharing Folders"  -> {HKLM...CLSID} = "Mes dossiers de partage"                   \InProcServer32\(Default) = "C:\Program Files\MSN Messenger\fsshext.8.0.0792.00.dll" [MS]"{D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802}" = "Adobe.Acrobat.ContextMenu"  -> {HKLM...CLSID} = "Acrobat Elements Context Menu"                   \InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 7.0\Acrobat Elements\ContextMenu.dll" ["Adobe Systems Inc."]"{B8323370-FF27-11D2-97B6-204C4F4F5020}" = "SmartFTP Shell Extension DLL"  -> {HKLM...CLSID} = "SmartFTP Shell Extension DLL"                   \InProcServer32\(Default) = "C:\Program Files\SmartFTP Client 2.0\smarthook.dll" ["SmartFTP"]HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\INFECTION WARNING! "{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}" = "Microsoft AntiMalware ShellExecuteHook"  -> {HKLM...CLSID} = "Microsoft AntiMalware ShellExecuteHook"                   \InProcServer32\(Default) = "C:\PROGRA~1\WIFD1F~1\MpShHook.dll" [MS]INFECTION WARNING! "{57B86673-276A-48B2-BAE7-C6DBB3020EB8}" = "ewido anti-spyware 4.0"  -> {HKLM...CLSID} = "CShellExecuteHookImpl Object"                   \InProcServer32\(Default) = "C:\Program Files\ewido anti-spyware 4.0\shellexecutehook.dll" ["Anti-Malware Development a.s."]HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\INFECTION WARNING! WgaLogon\DLLName = "WgaLogon.dll" [MS]HKLM\Software\Classes\Folder\shellex\ColumnHandlers\{F9DB5320-233E-11D1-9F84-707F02C10627}\(Default) = "PDF Column Info"  -> {HKLM...CLSID} = "PDF Shell Extension"                   \InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll" ["Adobe Systems, Inc."]HKLM\Software\Classes\*\shellex\ContextMenuHandlers\Adobe.Acrobat.ContextMenu\(Default) = "{D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802}"  -> {HKLM...CLSID} = "Acrobat Elements Context Menu"                   \InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 7.0\Acrobat Elements\ContextMenu.dll" ["Adobe Systems Inc."]ewido anti-spyware\(Default) = "{8934FCEF-F5B8-468f-951F-78A921CD3920}"  -> {HKLM...CLSID} = "CContextScan Object"                   \InProcServer32\(Default) = "C:\Program Files\ewido anti-spyware 4.0\context.dll" ["Anti-Malware Development a.s."]RhinoShExt\(Default) = "{C81DCBCA-8AE2-41FC-9C39-78B160393210}"  -> {HKLM...CLSID} = "RhinoShExt"                   \InProcServer32\(Default) = "C:\WINDOWS\system32\RhinoShExt.dll" ["Robert McNeel & Associates"]StuffIt Context Menu\(Default) = "{2E336DC0-54F8-11D1-ABD5-447270537467}"  -> {HKLM...CLSID} = "StuffIt Context Menu"                   \InProcServer32\(Default) = "C:\Program Files\Aladdin Systems\StuffIt Standard\StuffItMenu.dll" ["Aladdin Systems, Inc."]Symantec.Norton.Antivirus.IEContextMenu\(Default) = "{FAD61B3D-699D-49B2-BE16-7F82CB4C59CA}"  -> {HKLM...CLSID} = "IEContextMenu Class"                   \InProcServer32\(Default) = "C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll" ["Symantec Corporation"]WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"  -> {HKLM...CLSID} = "WinRAR"                   \InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\ewido anti-spyware\(Default) = "{8934FCEF-F5B8-468f-951F-78A921CD3920}"  -> {HKLM...CLSID} = "CContextScan Object"                   \InProcServer32\(Default) = "C:\Program Files\ewido anti-spyware 4.0\context.dll" ["Anti-Malware Development a.s."]WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"  -> {HKLM...CLSID} = "WinRAR"                   \InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\StuffIt Context Menu\(Default) = "{2E336DC0-54F8-11D1-ABD5-447270537467}"  -> {HKLM...CLSID} = "StuffIt Context Menu"                   \InProcServer32\(Default) = "C:\Program Files\Aladdin Systems\StuffIt Standard\StuffItMenu.dll" ["Aladdin Systems, Inc."]Symantec.Norton.Antivirus.IEContextMenu\(Default) = "{FAD61B3D-699D-49B2-BE16-7F82CB4C59CA}"  -> {HKLM...CLSID} = "IEContextMenu Class"                   \InProcServer32\(Default) = "C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll" ["Symantec Corporation"]WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"  -> {HKLM...CLSID} = "WinRAR"                   \InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]Active Desktop and Wallpaper:-----------------------------Active Desktop is disabled at this entry:HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellStateHKCU\Control Panel\Desktop\"Wallpaper" = "C:\Documents and Settings\Vi\Local Settings\Application Data\Microsoft\Wallpaper1.bmp"Enabled Screen Saver:---------------------HKCU\Control Panel\Desktop\"SCRNSAVE.EXE" = "C:\WINDOWS\System32\logon.scr" [MS]Startup items in "Vi" & "All Users" startup folders:----------------------------------------------------C:\Documents and Settings\Vi\Start Menu\Programs\Startup"Configuration & Monitor Utility" -> shortcut to: "C:\Program Files\802.11 Wireless LAN\WlanMonitor.exe" ["ATMEL"]"Yahoo! Widget Engine" -> shortcut to: "C:\Program Files\Yahoo!\WidgetEngine\YahooWidgetEngine.exe" ["Yahoo! Inc."]C:\Documents and Settings\All Users\Start Menu\Programs\Startup"Adobe Gamma Loader" -> shortcut to: "C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe" ["Adobe Systems, Inc."]"Adobe Gamma" -> shortcut to: "C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe" ["Adobe Systems, Inc."]"BTTray" -> shortcut to: "C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe" ["WIDCOMM, Inc."]"TabUserW.exe" -> shortcut to: "C:\WINDOWS\system32\WTablet\TabUserW.exe" ["Wacom Technology, Corp."]Enabled Scheduled Tasks:------------------------"MP Scheduled Scan" -> launches: "C:\Program Files\Windows Defender\MpCmdRun.exe Scan -RestrictPrivileges" [MS]"Norton AntiVirus - Run Full System Scan - Vi" -> launches: "C:\PROGRA~1\NORTON~1\NORTON~1\Navw32.exe /TASK:"C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Tasks\mycomp.sca"" ["Symantec Corporation"]Winsock2 Service Provider DLLs:-------------------------------Namespace Service ProvidersHKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}000000000001\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]000000000002\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS]000000000003\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]Transport Service ProvidersHKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:%SystemRoot%\system32\mswsock.dll [MS], 01 - 03, 06 - 27%SystemRoot%\system32\rsvpsp.dll [MS], 04 - 05Toolbars, Explorer Bars, Extensions:------------------------------------ToolbarsHKCU\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\"{47833539-D0C5-4125-9FA8-0819E2EAAC93}"  -> {HKLM...CLSID} = "Adobe PDF"                   \InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll" ["Adobe Systems Incorporated"]"{C4069E3A-68F1-403E-B40E-20066696354B}"  -> {HKLM...CLSID} = "Norton AntiVirus"                   \InProcServer32\(Default) = "C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll" ["Symantec Corporation"]HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\"{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7}"  -> {HKLM...CLSID} = "Norton Internet Security 2006"                   \InProcServer32\(Default) = "C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll" ["Symantec Corporation"]"{47833539-D0C5-4125-9FA8-0819E2EAAC93}"  -> {HKLM...CLSID} = "Adobe PDF"                   \InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll" ["Adobe Systems Incorporated"]"{C4069E3A-68F1-403E-B40E-20066696354B}"  -> {HKLM...CLSID} = "Norton AntiVirus"                   \InProcServer32\(Default) = "C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll" ["Symantec Corporation"]HKLM\Software\Microsoft\Internet Explorer\Toolbar\"{47833539-D0C5-4125-9FA8-0819E2EAAC93}" = (no title provided)  -> {HKLM...CLSID} = "Adobe PDF"                   \InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll" ["Adobe Systems Incorporated"]"{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7}" = "Norton Internet Security 2006"  -> {HKLM...CLSID} = "Norton Internet Security 2006"                   \InProcServer32\(Default) = "C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll" ["Symantec Corporation"]"{C4069E3A-68F1-403E-B40E-20066696354B}" = "Norton AntiVirus"  -> {HKLM...CLSID} = "Norton AntiVirus"                   \InProcServer32\(Default) = "C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll" ["Symantec Corporation"]Explorer BarsHKCU\Software\Microsoft\Internet Explorer\Explorer Bars\{21569614-B795-46B1-85F4-E737A8DC09AD}\(Default) = (no title provided)  -> {HKLM...CLSID} = "Shell Search Band"                   \InProcServer32\(Default) = "C:\WINDOWS\system32\browseui.dll" [MS]HKLM\Software\Microsoft\Internet Explorer\Explorer Bars\{182EC0BE-5110-49C8-A062-BEB1D02A220B}\(Default) = (no title provided)  -> {HKLM...CLSID} = "Adobe PDF"                   \InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll" ["Adobe Systems Incorporated"]Extensions (Tools menu items, main toolbar menu buttons)HKLM\Software\Microsoft\Internet Explorer\Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\"MenuText" = "Sun Java Console""CLSIDExtension" = "{08B0E5C0-4FCB-11CF-AAA5-00401C608501}"{85D1F590-48F4-11D9-9669-0800200C9A66}\"MenuText" = "Uninstall BitDefender Online Scanner v8""Exec" = "%windir%\bdoscandel.exe" [null data]{CCA281CA-C863-46EF-9331-5C8D4460577F}\"ButtonText" = "@btrez.dll,-4015""MenuText" = "@btrez.dll,-4017""Script" = "C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm" [null data]{FB5F1910-F110-11D2-BB9E-00C04F795683}\"ButtonText" = "Messenger""MenuText" = "Windows Messenger""Exec" = "C:\Program Files\Messenger\msmsgs.exe" [MS]Running Services (Display Name, Service Name, Path {Service DLL}):------------------------------------------------------------------Automatic LiveUpdate Scheduler, Automatic LiveUpdate Scheduler, ""C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe"" ["Symantec Corporation"]Bluetooth Service, btwdins, "C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe" ["WIDCOMM, Inc."]Broadcom Wireless LAN Tray Service, wltrysvc, "C:\WINDOWS\System32\wltrysvc.exe C:\WINDOWS\System32\bcmwltry.exe" [null data]Creative Service for CDROM Access, Creative Service for CDROM Access, "C:\WINDOWS\system32\CTsvcCDA.EXE" ["Creative Technology Ltd"]ewido anti-spyware 4.0 guard, ewido anti-spyware 4.0 guard, "C:\Program Files\ewido anti-spyware 4.0\guard.exe" ["Anti-Malware Development a.s."]Media Center Receiver Service, ehRecvr, "C:\WINDOWS\eHome\ehRecvr.exe" [MS]Media Center Scheduler Service, ehSched, "C:\WINDOWS\eHome\ehSched.exe" [MS]Multi-user Cleanup Service, Multi-user Cleanup Service, ""C:\Program Files\lotus\notes\ntmulti.exe"" ["IBM Corp"]NICCONFIGSVC, NICCONFIGSVC, "C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe" ["Dell Inc."]Norton AntiVirus Auto-Protect Service, navapsvc, ""C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe"" ["Symantec Corporation"]Norton Protection Center Service, NSCService, ""C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE"" ["Symantec Corporation"]NVIDIA Display Driver Service, NVSvc, "C:\WINDOWS\system32\nvsvc32.exe" ["NVIDIA Corporation"]Service de lancement de WlanCfg, Wlancfg, "C:\WINDOWS\wlancfg.exe SVC" ["Inventel"]Symantec Core LC, Symantec Core LC, ""C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe"" ["Symantec Corporation"]Symantec Event Manager, ccEvtMgr, ""C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"" ["Symantec Corporation"]Symantec Network Drivers Service, SNDSrvc, ""C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe"" ["Symantec Corporation"]Symantec Network Proxy, ccProxy, ""C:\Program Files\Common Files\Symantec Shared\ccProxy.exe"" ["Symantec Corporation"]Symantec Settings Manager, ccSetMgr, ""C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe"" ["Symantec Corporation"]Symantec SPBBCSvc, SPBBCSvc, ""C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe"" ["Symantec Corporation"]TabletService, TabletService, "C:\WINDOWS\system32\Tablet.exe" ["Wacom Technology, Corp."]Windows Defender Service, WinDefend, ""C:\Program Files\Windows Defender\MsMpEng.exe"" [MS]Print Monitors:---------------HKLM\System\CurrentControlSet\Control\Print\Monitors\Adobe PDF Port\Driver = "C:\WINDOWS\system32\AdobePDF.dll" ["Adobe Systems Incorporated."]Bluetooth Printer Port\Driver = "bthcrp.dll" ["WIDCOMM, Inc."]Microsoft Shared Fax Monitor\Driver = "FXSMON.DLL" [MS]----------+ This report excludes default entries except where indicated.+ To see *everywhere* the script checks and *everything* it finds,  launch it from a command prompt or a shortcut with the -all parameter.+ The search for DESKTOP.INI DLL launch points on all local fixed drives  took 306 seconds.+ The search for all Registry CLSIDs containing dormant Explorer Bars  took 10 seconds.---------- (total run time: 358 seconds)Legnome, merci pour Hijack this, je l' ai installe justement et deja fait un rapport; j' ai mis en quarantaine 1 ligne qui etait lie a mon pb de dll error au demarrage; en faisant ca mon pc a tres bien marche apres redemarrage.Je sais pas si j' ai bien fait, mais je n' ai plus mon message d' erreur....Merci de m' accorder un peu de votre temps en tout cas, c vraiment gentil.

legnome · Answer

reattention hijack ne supprime pas le problemeil l empeche juste de se charger au demmarrage!!!!!!!!!!

Regis59 · Answer

salutremet un hijack thisa+

Regis59 · Answer

SalutSilent runner fournit un rapport plus precis et parfois montre des fichiers caches que hijack this ne voit pas. Hijack this a en plus un mode de fixation qui permet la suppression, chose que silent runner n a pas.¤Relance HijackThis, coche les cases devant ces lignes et ensuite clique sur fix checked :O2 - BHO: SSL encrypt - {746455FE-D059-47e7-AF0E-140E03F5A447} - C:\WINDOWS\system32
sz11D.dll et dis moi quels soucis il te reste.a+

j-u-j-u · Answer

Bonjour; j' ai bien effectue ce que tu m as dit de faire; et je n' ai plus du tt de pb de pop et fenetres intempestives; dc je presume que ca a regle une bonne partie du pb; je n' ai pas pu utilise bcp mon pc c 3 derniers jours, dc il faut que je surfe un peu longtemps sur le web afin d' en etre sur...En tt cas merci; je te tiens au courant.j-u-j-u

Regis59 · Answer

SalutOk tiens moi au couranta+

Analyse Rapport HijackT

8 réponses

Discussions similaires