Wincacontrol.exe

jojo -  
philae83 Messages postés 12854 Statut Contributeur sécurité -
cette application prend 99% des ressources processeurs (peu de mémoire cela-dit).
Je ne vois pas à quoi elle correspond.

Pouvez-vous m'en dire plus ?

http://img164.imageshack.us/img164/8206/wincacontrol1pf2.jpg
http://img186.imageshack.us/img186/1917/wincacontrol2qo9.jpg
Configuration: Windows XP
Internet Explorer 7.0

33 réponses

  • 1
  • 2
  1. philae83 Messages postés 12854 Statut Contributeur sécurité 206
     
    bonjour,

    ceci ressemble à une infection

    * Télécharge HijackThis et poste le rapport stp
    http://pchelpbordeaux.free.fr/logiciels.html
    Tutorial
    http://pchelpbordeaux.free.fr/tuto.html
    Démo en image
    http://pageperso.aol.fr/balltrap34/demohijack.htm
    0
  2. jojo
     
    Tout d'abord, merci de ton aide.

    Je vais t'afficher le rapport de l'ordi avant que le processus wincacontrol ne s'enclenche.
    Logfile of HijackThis v1.99.1
    Scan saved at 14:57:50, on 04/01/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.5730.0011)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\cisvc.exe
    C:\Program Files\Norton AntiVirus\navapsvc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\wanmpsvc.exe
    C:\WINDOWS\System32\MsPMSPSv.exe
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\WINDOWS\System32\igfxtray.exe
    C:\WINDOWS\System32\hkcmd.exe
    C:\WINDOWS\system32\wincacontrol.exe
    C:\PROGRA~1\NORTON~1\navapw32.exe
    C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
    C:\Program Files\Lexmark 2300 Series\lxcgmon.exe
    C:\Program Files\Lexmark 2300 Series\ezprint.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\DOCUME~1\BOULAN~1\LOCALS~1\Temp\bwgo0003e262.exe
    C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    C:\WINDOWS\system32\lxcgcoms.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Hijackthis Version Française\hijackthis vf.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: DAPHelper Class - {0000CC75-ACF3-4cac-A0A9-DD3868E06852} - C:\Program Files\DAP\DAPBHO.dll
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: Flashget Catch Url Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
    O2 - BHO: BitComet Toolbar Helper - {6A373B7E-496E-424f-A9BE-486A5E9AB018} - C:\Program Files\BitComet Toolbar\v2.0.0.1\BitComet_Toolbar.dll (file missing)
    O2 - BHO: HbTools - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - C:\Program Files\HbTools\Bin\4.8.0.0\HbtHostIE.dll (file missing)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O2 - BHO: gFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
    O3 - Toolbar: FlashGet - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\Program Files\FlashGet\fgiebar.dll
    O3 - Toolbar: DAP Bar - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - C:\Program Files\DAP\DAPIEBar.dll (file missing)
    O3 - Toolbar: BitComet Toolbar - {2E608F70-C430-4bc5-96F6-608E02EBA5B2} - C:\Program Files\BitComet Toolbar\v2.0.0.1\BitComet_Toolbar.dll (file missing)
    O3 - Toolbar: H&otbar - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - C:\Program Files\HbTools\Bin\4.8.0.0\HbtHostIE.dll (file missing)
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O4 - HKLM\..\Run: [LaunchApp] LaunApp
    O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
    O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
    O4 - HKLM\..\Run: [DownloadAccelerator] C:\PROGRA~1\DAP\DAP.EXE /STARTUP
    O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [AltnetPointsManager] c:\program files\altnet\points manager\points manager.exe -s
    O4 - HKLM\..\Run: [Bsx3] RunDLL32.EXE C:\WINDOWS\bs3.dll,DllRun
    O4 - HKLM\..\Run: [eDonkey2000] C:\Program Files\eDonkey2000\eDonkey2000.exe -t
    O4 - HKLM\..\Run: [updmgr] C:\Program Files\Common files\updmgr\updmgr.exe
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
    O4 - HKLM\..\Run: [wowexc] C:\WINDOWS\system32\wowexc.exe
    O4 - HKLM\..\Run: [wincacontrol] C:\WINDOWS\system32\wincacontrol.exe
    O4 - HKLM\..\Run: [PRISMSVR.EXE] "C:\Program Files\NOBRAND\802.11g Wireless USB Adapter\PRISMSVR.EXE" /APPLY
    O4 - HKLM\..\Run: [WeatherOnTray] C:\Program Files\HbTools\Bin\4.8.0.0\HbtWeatherOnTray.exe
    O4 - HKLM\..\Run: [HbTools] C:\Program Files\HbTools\Bin\4.8.0.0\HbtOEAddOn.exe
    O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
    O4 - HKLM\..\Run: [LXCGCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCGtime.dll,_RunDLLEntry@16
    O4 - HKLM\..\Run: [lxcgmon.exe] "C:\Program Files\Lexmark 2300 Series\lxcgmon.exe"
    O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 2300 Series\ezprint.exe"
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKCU\..\Run: [Yahoo! Pager] C:\PROGRA~1\YAHOO!\MESSEN~1\ypager.exe -quiet
    O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
    O4 - HKCU\..\Run: [wowexc] C:\WINDOWS\system32\wowexc.exe
    O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\WANADOO\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.6962\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - Global Startup: Logitech Desktop Messenger Agent.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    O8 - Extra context menu item: &Tout télécharger avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
    O8 - Extra context menu item: &Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O9 - Extra button: Run DAP - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\PROGRA~1\DAP\DAP.EXE (file missing)
    O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
    O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\flashget.exe
    O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\flashget.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab30149.cab
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab30149.cab
    O16 - DPF: {469C7080-8EC8-43A6-AD97-45848113743C} - https://www.afternic.com/domains/downloadv3.com
    O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} - http://files.ea.com/downloads/rtpatch/v2/EARTPX.cab
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab30149.cab
    O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} (CRAVOnline Object) - http://www.ravantivirus.com/scan/ravonline.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab30149.cab
    O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab30149.cab
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = JEROME
    O17 - HKLM\Software\..\Telephony: DomainName = JEROME
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = JEROME
    O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = JEROME
    O18 - Protocol: bw+0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: offline-8876480 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: lxcg_device - - C:\WINDOWS\system32\lxcgcoms.exe
    O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

    Le processus wincacontrol, en effet, ne s'enclenche pas directement avec l'allumage du PC ou le lancement de Windows. Apparemment, il s'enclenche d'une manière encore indéterminée.
    Je ne peux constater son enclenchement qu'une fois que l'ordi éprouve des difficultés à afficher plusieurs pages en meme temps, ou dès que je constate un ralentissement manifeste des ressources CPU.
    Vois-tu, à l'heure actuelle, rien à signaler ; peut-etre meme que d'ici que je ferme l'ordinateur, rien ne se passera ; pourtant, des fois, je constate ce ralentissement manifeste, et je vois s'afficher ce processus wincacontrol (totalement inconnu par ailleurs tel que des recherches sur google ou yahoo l'ont prouvé (résultats nuls)).
    Désolé, je reposterai quand le processus se sera enclenché (d'ici peut-etre quelques jours?).
    0
  3. jojo
     
    Ca y est, wincacontrol s'est lancé maintenant il y a 5 minutes. J'ai flashé avec Hijack.

    Logfile of HijackThis v1.99.1
    Scan saved at 15:55:28, on 04/01/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.5730.0011)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\cisvc.exe
    C:\Program Files\Norton AntiVirus\navapsvc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\wanmpsvc.exe
    C:\WINDOWS\System32\MsPMSPSv.exe
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\AGRSMMSG.exe
    C:\WINDOWS\System32\igfxtray.exe
    C:\WINDOWS\System32\hkcmd.exe
    C:\WINDOWS\system32\wincacontrol.exe
    C:\PROGRA~1\NORTON~1\navapw32.exe
    C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
    C:\Program Files\Lexmark 2300 Series\lxcgmon.exe
    C:\Program Files\Lexmark 2300 Series\ezprint.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\DOCUME~1\BOULAN~1\LOCALS~1\Temp\bwgo0003e262.exe
    C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    C:\WINDOWS\system32\lxcgcoms.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\WINDOWS\system32\cidaemon.exe
    C:\Program Files\Everest Poker\Everest Poker.exe
    C:\Program Files\Hijackthis Version Française\hijackthis vf.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: DAPHelper Class - {0000CC75-ACF3-4cac-A0A9-DD3868E06852} - C:\Program Files\DAP\DAPBHO.dll
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: Flashget Catch Url Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
    O2 - BHO: BitComet Toolbar Helper - {6A373B7E-496E-424f-A9BE-486A5E9AB018} - C:\Program Files\BitComet Toolbar\v2.0.0.1\BitComet_Toolbar.dll (file missing)
    O2 - BHO: HbTools - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - C:\Program Files\HbTools\Bin\4.8.0.0\HbtHostIE.dll (file missing)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O2 - BHO: gFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
    O3 - Toolbar: FlashGet - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\Program Files\FlashGet\fgiebar.dll
    O3 - Toolbar: DAP Bar - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - C:\Program Files\DAP\DAPIEBar.dll (file missing)
    O3 - Toolbar: BitComet Toolbar - {2E608F70-C430-4bc5-96F6-608E02EBA5B2} - C:\Program Files\BitComet Toolbar\v2.0.0.1\BitComet_Toolbar.dll (file missing)
    O3 - Toolbar: H&otbar - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - C:\Program Files\HbTools\Bin\4.8.0.0\HbtHostIE.dll (file missing)
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O4 - HKLM\..\Run: [LaunchApp] LaunApp
    O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
    O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
    O4 - HKLM\..\Run: [DownloadAccelerator] C:\PROGRA~1\DAP\DAP.EXE /STARTUP
    O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [AltnetPointsManager] c:\program files\altnet\points manager\points manager.exe -s
    O4 - HKLM\..\Run: [Bsx3] RunDLL32.EXE C:\WINDOWS\bs3.dll,DllRun
    O4 - HKLM\..\Run: [eDonkey2000] C:\Program Files\eDonkey2000\eDonkey2000.exe -t
    O4 - HKLM\..\Run: [updmgr] C:\Program Files\Common files\updmgr\updmgr.exe
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
    O4 - HKLM\..\Run: [wowexc] C:\WINDOWS\system32\wowexc.exe
    O4 - HKLM\..\Run: [wincacontrol] C:\WINDOWS\system32\wincacontrol.exe
    O4 - HKLM\..\Run: [PRISMSVR.EXE] "C:\Program Files\NOBRAND\802.11g Wireless USB Adapter\PRISMSVR.EXE" /APPLY
    O4 - HKLM\..\Run: [WeatherOnTray] C:\Program Files\HbTools\Bin\4.8.0.0\HbtWeatherOnTray.exe
    O4 - HKLM\..\Run: [HbTools] C:\Program Files\HbTools\Bin\4.8.0.0\HbtOEAddOn.exe
    O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
    O4 - HKLM\..\Run: [LXCGCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCGtime.dll,_RunDLLEntry@16
    O4 - HKLM\..\Run: [lxcgmon.exe] "C:\Program Files\Lexmark 2300 Series\lxcgmon.exe"
    O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 2300 Series\ezprint.exe"
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKCU\..\Run: [Yahoo! Pager] C:\PROGRA~1\YAHOO!\MESSEN~1\ypager.exe -quiet
    O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
    O4 - HKCU\..\Run: [wowexc] C:\WINDOWS\system32\wowexc.exe
    O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\WANADOO\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.6962\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - Global Startup: Logitech Desktop Messenger Agent.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    O8 - Extra context menu item: &Tout télécharger avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
    O8 - Extra context menu item: &Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O9 - Extra button: Run DAP - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\PROGRA~1\DAP\DAP.EXE (file missing)
    O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
    O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\flashget.exe
    O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\flashget.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab30149.cab
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab30149.cab
    O16 - DPF: {469C7080-8EC8-43A6-AD97-45848113743C} - https://www.afternic.com/domains/downloadv3.com
    O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} - http://files.ea.com/downloads/rtpatch/v2/EARTPX.cab
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab30149.cab
    O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} (CRAVOnline Object) - http://www.ravantivirus.com/scan/ravonline.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab30149.cab
    O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab30149.cab
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = JEROME
    O17 - HKLM\Software\..\Telephony: DomainName = JEROME
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = JEROME
    O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = JEROME
    O18 - Protocol: bw+0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: offline-8876480 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: lxcg_device - - C:\WINDOWS\system32\lxcgcoms.exe
    O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
    0
  4. philae83 Messages postés 12854 Statut Contributeur sécurité 206
     
    re

    je t'ai préparé les manips à effectuer, mais après avoir envoyé le message, il me dit qu'il est en cours d'ajout, pour ne pas l'envoyer 2 x, je vais attendre encore un peu
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. philae83 Messages postés 12854 Statut Contributeur sécurité 206
     
    visiblement il n'est pas parti
    le voici :

    re

    * Télécharge CCleaner.
    https://www.pcastuces.com/logitheque/ccleaner.htm

    Installe le dans un répertoire dédié.

    Décoche pendant l'installation

    --- les deux cases "Ajouter l'option ... "

    --- Contrôler les mises à jour

    --- Ajouter la Barre d'Outils Yahoo! CCleaner

    puis

    ctrl+alt+supp-----onglet processus--------fait un clic droit ------terminer le processus sur :

    wincacontrol.exe
    updmgr.exe
    wowexc.exe
    HbtOEAddOn.exe
    points manager.exe

    puis

    Lance HijackThis, coche ces lignes

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
    O2 - BHO: DAPHelper Class - {0000CC75-ACF3-4cac-A0A9-DD3868E06852} - C:\Program Files\DAP\DAPBHO.dll
    O2 - BHO: BitComet Toolbar Helper - {6A373B7E-496E-424f-A9BE-486A5E9AB018} - C:\Program Files\BitComet Toolbar\v2.0.0.1\BitComet_Toolbar.dll (file missing)
    O2 - BHO: HbTools - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - C:\Program Files\HbTools\Bin\4.8.0.0\HbtHostIE.dll (file missing)
    O3 - Toolbar: DAP Bar - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - C:\Program Files\DAP\DAPIEBar.dll (file missing)
    O3 - Toolbar: BitComet Toolbar - {2E608F70-C430-4bc5-96F6-608E02EBA5B2} - C:\Program Files\BitComet Toolbar\v2.0.0.1\BitComet_Toolbar.dll (file missing)
    O3 - Toolbar: H&otbar - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - C:\Program Files\HbTools\Bin\4.8.0.0\HbtHostIE.dll (file missing)
    O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
    O4 - HKLM\..\Run: [DownloadAccelerator] C:\PROGRA~1\DAP\DAP.EXE /STARTUP
    O4 - HKLM\..\Run: [AltnetPointsManager] c:\program files\altnet\points manager\points manager.exe -s
    O4 - HKLM\..\Run: [Bsx3] RunDLL32.EXE C:\WINDOWS\bs3.dll,DllRun
    O4 - HKLM\..\Run: [updmgr] C:\Program Files\Common files\updmgr\updmgr.exe
    O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
    O4 - HKLM\..\Run: [wowexc] C:\WINDOWS\system32\wowexc.exe
    O4 - HKLM\..\Run: [wincacontrol] C:\WINDOWS\system32\wincacontrol.exe
    O4 - HKLM\..\Run: [WeatherOnTray] C:\Program Files\HbTools\Bin\4.8.0.0\HbtWeatherOnTray.exe
    O4 - HKLM\..\Run: [HbTools] C:\Program Files\HbTools\Bin\4.8.0.0\HbtOEAddOn.exe
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
    O4 - HKCU\..\Run: [wowexc] C:\WINDOWS\system32\wowexc.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - Global Startup: Logitech Desktop Messenger Agent.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O9 - Extra button: Run DAP - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\PROGRA~1\DAP\DAP.EXE (file missing)
    O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab30149.cab
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab30149.cab
    O16 - DPF: {469C7080-8EC8-43A6-AD97-45848113743C} - https://www.afternic.com/domains/downloadv3.com
    O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} - http://files.ea.com/downloads/rtpatch/v2/EARTPX.cab
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab30149.cab
    O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} (CRAVOnline Object) - http://www.ravantivirus.com/scan/ravonline.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab30149.cab
    O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab30149.cab
    O18 - Protocol: bw+0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dl
    O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll

    * Ferme toutes les fenêtres Windows, Internet Explorer, Outlook .....sauf le logiciel HijackThis et clique sur Fixer l'objet

    puis

    * désinstalle via ajout et suppression de programmes si tu les trouves

    DAP
    altnet
    HbTools
    BitComet Toolbar

    puis

    * Assure toi d'avoir accès à tous les fichiers

    -démarrer

    -poste de travail ou autre dossier

    -menu outils

    -options de dossier

    -onglet affichage

    puis

    - activer la case : Afficher les fichiers et dossiers cachés

    - désactiver la case : Masquer les extensions des fichiers dont le type est connu

    - désactiver la case : Masquer les fichier protégés du système d'exploitation

    Puis - Appliquer

    * et Supprime le(s) fichier(s) ci dessous si il(s) est (sont) présent(s) :

    C:\PROGRAMESFILES\DAP
    c:\program files\altnet
    C:\Program Files\Common files\updmgr
    C:\WINDOWS\system32\wowexc.exe
    C:\WINDOWS\system32\wincacontrol.exe
    C:\Program Files\HbTools
    C:\Program Files\BitComet Toolbar

    puis

    * télécharge AVG Anti-Spyware (ewido)
    https://www.avg.com/en-ww/free-antivirus-download

    * tu l'installes

    * lance AVG Anti-Spyware et clique sur le bouton Mise à jour. Patiente

    puis

    Lance AVG Anti-Spyware

    Clique sur le bouton Analyse (de la barre d'outils)

    Puis sur l'onglets Comment réagir, clique sur Actions recommandées. Sélectionne Quarantaine.

    Reviens à l'onglet Analyse. Clique sur Analyse complète du système.

    A la fin du scan, choisis l'option 3

    "Appliquer toutes les actions " en bas.

    Clique sur "Enregistrer le rapport".

    Ceci génère un rapport en fichier texte qui se trouve dans le dossier Reports du dossier d'AVG Anti-Spyware.
    poste le rapport

    * lance Ccleaner pour un nettoyage complet

    ainsi qu'un nouveau rapport HijackThis
    0
  7. jojo
     
    ---------------------------------------------------------
    AVG Anti-Spyware - Rapport d'analyse
    ---------------------------------------------------------

    + Créé à: 04:16:12 05/01/2007

    + Résultat de l'analyse:

    HKLM\SOFTWARE\Classes\AppID\WeatherOnTray.EXE -> Adware.HotBar : Nettoyé.
    HKLM\SOFTWARE\Classes\HbCoreSrv.DynamicProp -> Adware.HotBar : Nettoyé.
    HKLM\SOFTWARE\Classes\HbCoreSrv.DynamicProp.1 -> Adware.HotBar : Nettoyé.
    HKLM\SOFTWARE\Classes\HbCoreSrv.DynamicProp\CLSID -> Adware.HotBar : Nettoyé.
    HKLM\SOFTWARE\Classes\HbCoreSrv.DynamicProp\CurVer -> Adware.HotBar : Nettoyé.
    HKLM\SOFTWARE\Classes\HbTools.HbtCommBand -> Adware.HotBar : Nettoyé.
    HKLM\SOFTWARE\Classes\HbTools.HbtCommBand.1 -> Adware.HotBar : Nettoyé.
    HKLM\SOFTWARE\Classes\HbTools.HbtCommBand\CLSID -> Adware.HotBar : Nettoyé.
    HKLM\SOFTWARE\Classes\HbTools.HbtCommBand\CurVer -> Adware.HotBar : Nettoyé.
    HKLM\SOFTWARE\Classes\HbTools.HbtTravelCompareBar -> Adware.HotBar : Nettoyé.
    HKLM\SOFTWARE\Classes\HbTools.HbtTravelCompareBar.1 -> Adware.HotBar : Nettoyé.
    HKLM\SOFTWARE\Classes\HbTools.HbtTravelCompareBar\CLSID -> Adware.HotBar : Nettoyé.
    HKLM\SOFTWARE\Classes\HbTools.HbtTravelCompareBar\CurVer -> Adware.HotBar : Nettoyé.
    HKLM\SOFTWARE\Classes\HbtCoreSrv.HbtCoreServices -> Adware.HotBar : Nettoyé.
    HKLM\SOFTWARE\Classes\HbtCoreSrv.HbtCoreServices.1 -> Adware.HotBar : Nettoyé.
    HKLM\SOFTWARE\Classes\HbtCoreSrv.HbtCoreServices\CLSID -> Adware.HotBar : Nettoyé.
    HKLM\SOFTWARE\Classes\HbtCoreSrv.HbtCoreServices\CurVer -> Adware.HotBar : Nettoyé.
    HKLM\SOFTWARE\Classes\HbtCoreSrv.LfgAx -> Adware.HotBar : Nettoyé.
    HKLM\SOFTWARE\Classes\HbtCoreSrv.LfgAx.1 -> Adware.HotBar : Nettoyé.
    HKLM\SOFTWARE\Classes\HbtCoreSrv.LfgAx\CLSID -> Adware.HotBar : Nettoyé.
    HKLM\SOFTWARE\Classes\HbtCoreSrv.LfgAx\CurVer -> Adware.HotBar : Nettoyé.
    HKLM\SOFTWARE\Classes\HbtHostIE.Bho -> Adware.HotBar : Nettoyé.
    HKLM\SOFTWARE\Classes\HbtHostIE.Bho.1 -> Adware.HotBar : Nettoyé.
    HKLM\SOFTWARE\Classes\HbtHostIE.Bho\CLSID -> Adware.HotBar : Nettoyé.
    HKLM\SOFTWARE\Classes\HbtHostIE.Bho\CurVer -> Adware.HotBar : Nettoyé.
    HKLM\SOFTWARE\Classes\HbtHostOL.HbtMailAnim -> Adware.HotBar : Nettoyé.
    HKLM\SOFTWARE\Classes\HbtHostOL.HbtMailAnim.1 -> Adware.HotBar : Nettoyé.
    HKLM\SOFTWARE\Classes\HbtHostOL.HbtMailAnim\CLSID -> Adware.HotBar : Nettoyé.
    HKLM\SOFTWARE\Classes\HbtHostOL.HbtMailAnim\CurVer -> Adware.HotBar : Nettoyé.
    HKLM\SOFTWARE\Classes\HbtHostOL.HbtWebmailSend -> Adware.HotBar : Nettoyé.
    HKLM\SOFTWARE\Classes\HbtHostOL.HbtWebmailSend.1 -> Adware.HotBar : Nettoyé.
    HKLM\SOFTWARE\Classes\HbtHostOL.HbtWebmailSend\CLSID -> Adware.HotBar : Nettoyé.
    HKLM\SOFTWARE\Classes\HbtHostOL.HbtWebmailSend\CurVer -> Adware.HotBar : Nettoyé.
    HKLM\SOFTWARE\Classes\HbtSrv.HbtCoreServices -> Adware.HotBar : Nettoyé.
    HKLM\SOFTWARE\Classes\HbtSrv.HbtCoreServices.1 -> Adware.HotBar : Nettoyé.
    HKLM\SOFTWARE\Classes\HbtSrv.HbtCoreServices\CLSID -> Adware.HotBar : Nettoyé.
    HKLM\SOFTWARE\Classes\HbtSrv.HbtCoreServices\CurVer -> Adware.HotBar : Nettoyé.
    HKLM\SOFTWARE\Classes\HbtToolbar.HbtHtmlMenuUI -> Adware.HotBar : Nettoyé.
    HKLM\SOFTWARE\Classes\HbtToolbar.HbtHtmlMenuUI.1 -> Adware.HotBar : Nettoyé.
    HKLM\SOFTWARE\Classes\HbtToolbar.HbtHtmlMenuUI\CLSID -> Adware.HotBar : Nettoyé.
    HKLM\SOFTWARE\Classes\HbtToolbar.HbtHtmlMenuUI\CurVer -> Adware.HotBar : Nettoyé.
    HKLM\SOFTWARE\Classes\HbtToolbar.HbtToolbarCtl -> Adware.HotBar : Nettoyé.
    HKLM\SOFTWARE\Classes\HbtToolbar.HbtToolbarCtl.1 -> Adware.HotBar : Nettoyé.
    HKLM\SOFTWARE\Classes\HbtToolbar.HbtToolbarCtl\CLSID -> Adware.HotBar : Nettoyé.
    HKLM\SOFTWARE\Classes\HbtToolbar.HbtToolbarCtl\CurVer -> Adware.HotBar : Nettoyé.
    HKLM\SOFTWARE\Classes\HbtTools.HbMain -> Adware.HotBar : Nettoyé.
    HKLM\SOFTWARE\Classes\HbtTools.HbMain.1 -> Adware.HotBar : Nettoyé.
    HKLM\SOFTWARE\Classes\HbtTools.HbMain\CLSID -> Adware.HotBar : Nettoyé.
    HKLM\SOFTWARE\Classes\HbtTools.HbMain\CurVer -> Adware.HotBar : Nettoyé.
    HKLM\SOFTWARE\Classes\Wallpaper.WallpaperManager -> Adware.HotBar : Nettoyé.
    HKLM\SOFTWARE\Classes\Wallpaper.WallpaperManager.1 -> Adware.HotBar : Nettoyé.
    HKLM\SOFTWARE\Classes\Wallpaper.WallpaperManager\CLSID -> Adware.HotBar : Nettoyé.
    HKLM\SOFTWARE\Classes\Wallpaper.WallpaperManager\CurVer -> Adware.HotBar : Nettoyé.
    HKLM\SOFTWARE\HbTools -> Adware.HotBar : Nettoyé.
    HKLM\SOFTWARE\HbTools\HbTools -> Adware.HotBar : Nettoyé.
    HKLM\SOFTWARE\HbTools\HbTools\Install -> Adware.HotBar : Nettoyé.
    HKLM\SOFTWARE\HbTools\HbTools\MachineInfo -> Adware.HotBar : Nettoyé.
    HKLM\SOFTWARE\HbTools\HbTools\Mail -> Adware.HotBar : Nettoyé.
    HKLM\SOFTWARE\HbTools\HbTools\PI -> Adware.HotBar : Nettoyé.
    HKLM\SOFTWARE\HbTools\HbTools\PI\3.2 -> Adware.HotBar : Nettoyé.
    HKLM\SOFTWARE\HbTools\HbTools\Updates -> Adware.HotBar : Nettoyé.
    HKLM\SOFTWARE\HbTools\HbTools\Upgrade -> Adware.HotBar : Nettoyé.
    HKLM\SOFTWARE\HbTools\Hotbar -> Adware.HotBar : Nettoyé.
    HKLM\SOFTWARE\HbTools\Hotbar\Install -> Adware.HotBar : Nettoyé.
    HKLM\SOFTWARE\HbTools\Install -> Adware.HotBar : Nettoyé.
    HKLM\SOFTWARE\HbTools\Install\CmpMap -> Adware.HotBar : Nettoyé.
    HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools -> Adware.HotBar : Nettoyé.
    HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\Common -> Adware.HotBar : Nettoyé.
    HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\Common\Time -> Adware.HotBar : Nettoyé.
    HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\Common\Updates -> Adware.HotBar : Nettoyé.
    HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\HbTools -> Adware.HotBar : Nettoyé.
    HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\HbTools\EUI -> Adware.HotBar : Nettoyé.
    HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\HbTools\HtmlPPP -> Adware.HotBar : Nettoyé.
    HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\HbTools\ImagesHistory -> Adware.HotBar : Nettoyé.
    HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\HbTools\Install -> Adware.HotBar : Nettoyé.
    HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\HbTools\MachineInfo -> Adware.HotBar : Nettoyé.
    HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\HbTools\MultiUrl -> Adware.HotBar : Nettoyé.
    HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\HbTools\PI -> Adware.HotBar : Nettoyé.
    HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\HbTools\PI\3.2 -> Adware.HotBar : Nettoyé.
    HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\HbTools\Sample -> Adware.HotBar : Nettoyé.
    HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\HbTools\Sample\Hist -> Adware.HotBar : Nettoyé.
    HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\HbTools\Sample\Hist\sg860 -> Adware.HotBar : Nettoyé.
    HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\HbTools\Sample\Hist\sg861 -> Adware.HotBar : Nettoyé.
    HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\HbTools\Sample\Hist\sg887 -> Adware.HotBar : Nettoyé.
    HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\HbTools\Sample\Hist\sg888 -> Adware.HotBar : Nettoyé.
    HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\HbTools\Sample\Hist\sg889 -> Adware.HotBar : Nettoyé.
    HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\HbTools\Sample\Hist\sg910 -> Adware.HotBar : Nettoyé.
    HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\HbTools\Sample\Hist\sg914 -> Adware.HotBar : Nettoyé.
    HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\HbTools\Sample\Hist\sg915 -> Adware.HotBar : Nettoyé.
    HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\HbTools\UserInfo -> Adware.HotBar : Nettoyé.
    HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\HbTools\Weather -> Adware.HotBar : Nettoyé.
    HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\HbTools\dynamic -> Adware.HotBar : Nettoyé.
    HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\HbTools\links -> Adware.HotBar : Nettoyé.
    HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\HbTools\mail -> Adware.HotBar : Nettoyé.
    HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\HbTools\options -> Adware.HotBar : Nettoyé.
    HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\HbTools\updates -> Adware.HotBar : Nettoyé.
    HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\HostOI -> Adware.HotBar : Nettoyé.
    HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\HostOI\Updates -> Adware.HotBar : Nettoyé.
    HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\Install -> Adware.HotBar : Nettoyé.
    HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\Install\Icons -> Adware.HotBar : Nettoyé.
    HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\Install\Links -> Adware.HotBar : Nettoyé.
    HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\Time -> Adware.HotBar : Nettoyé.
    HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\Time\HostIE -> Adware.HotBar : Nettoyé.
    HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\Time\HostIE\updates -> Adware.HotBar : Nettoyé.
    HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\Time\HostOI -> Adware.HotBar : Nettoyé.
    HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\Time\HostOI\Updates -> Adware.HotBar : Nettoyé.
    HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\Time\HostOL -> Adware.HotBar : Nettoyé.
    HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\Time\HostOL\Updates -> Adware.HotBar : Nettoyé.
    HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\hostol -> Adware.HotBar : Nettoyé.
    HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\hostol\Mail -> Adware.HotBar : Nettoyé.
    HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\hostol\Updates -> Adware.HotBar : Nettoyé.
    HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\hostol\soho -> Adware.HotBar : Nettoyé.
    HKLM\SOFTWARE\PerfectNav -> Adware.KeenValue : Nettoyé.
    HKLM\SOFTWARE\PerfectNav\BHO -> Adware.KeenValue : Nettoyé.
    HKLM\SOFTWARE\PerfectNav\BHO\HomePage -> Adware.KeenValue : Nettoyé.
    HKLM\SOFTWARE\PerfectNav\BHO\RedirectURLS -> Adware.KeenValue : Nettoyé.
    C:\WINDOWS\system32\P2P Networking -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\MARSHAL.DLL -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\MARSHAL10.DLL -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\MARSHAL11.DLL -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\MARSHAL12.DLL -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\MARSHAL13.DLL -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\MARSHAL14.DLL -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\MARSHAL15.DLL -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\MARSHAL16.DLL -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\MARSHAL17.DLL -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\MARSHAL18.DLL -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\MARSHAL19.DLL -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\MARSHAL2.DLL -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\MARSHAL20.DLL -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\MARSHAL21.DLL -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\MARSHAL22.DLL -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\MARSHAL23.DLL -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\MARSHAL24.DLL -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\MARSHAL25.DLL -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\MARSHAL26.DLL -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\MARSHAL27.DLL -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\MARSHAL28.DLL -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\MARSHAL29.DLL -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\MARSHAL3.DLL -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\MARSHAL30.DLL -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\MARSHAL31.DLL -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\MARSHAL32.DLL -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\MARSHAL33.DLL -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\MARSHAL34.DLL -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\MARSHAL35.DLL -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\MARSHAL36.DLL -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\MARSHAL37.DLL -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\MARSHAL38.DLL -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\MARSHAL39.DLL -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\MARSHAL4.DLL -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\MARSHAL40.DLL -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\MARSHAL41.DLL -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\MARSHAL42.DLL -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\MARSHAL43.DLL -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\MARSHAL44.DLL -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\MARSHAL45.DLL -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\MARSHAL46.DLL -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\MARSHAL47.DLL -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\MARSHAL48.DLL -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\MARSHAL49.DLL -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\MARSHAL5.DLL -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\MARSHAL50.DLL -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\MARSHAL51.DLL -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\MARSHAL52.DLL -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\MARSHAL53.DLL -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\MARSHAL6.DLL -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\MARSHAL7.DLL -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\MARSHAL8.DLL -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\MARSHAL9.DLL -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\P2P Networking.eng -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\P2P Networking10.ENG -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\P2P Networking11.ENG -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\P2P Networking12.ENG -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\P2P Networking13.ENG -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\P2P Networking14.ENG -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\P2P Networking15.ENG -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\P2P Networking16.ENG -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\P2P Networking17.ENG -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\P2P Networking18.ENG -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\P2P Networking19.ENG -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\P2P Networking2.ENG -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\P2P Networking20.ENG -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\P2P Networking21.ENG -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\P2P Networking22.ENG -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\P2P Networking23.ENG -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\P2P Networking24.ENG -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\P2P Networking25.ENG -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\P2P Networking26.ENG -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\P2P Networking27.ENG -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\P2P Networking28.ENG -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\P2P Networking29.ENG -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\P2P Networking3.ENG -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\P2P Networking30.ENG -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\P2P Networking31.ENG -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\P2P Networking32.ENG -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\P2P Networking33.ENG -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\P2P Networking34.ENG -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\P2P Networking35.ENG -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\P2P Networking36.ENG -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\P2P Networking37.ENG -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\P2P Networking38.ENG -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\P2P Networking39.ENG -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\P2P Networking4.ENG -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\P2P Networking40.ENG -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\P2P Networking41.ENG -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\P2P Networking42.ENG -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\P2P Networking43.ENG -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\P2P Networking44.ENG -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\P2P Networking45.ENG -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\P2P Networking46.ENG -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\P2P Networking47.ENG -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\P2P Networking48.ENG -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\P2P Networking49.ENG -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\P2P Networking5.ENG -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\P2P Networking50.ENG -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\P2P Networking51.ENG -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\P2P Networking52.ENG -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\P2P Networking53.ENG -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\P2P Networking6.ENG -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\P2P Networking7.ENG -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\P2P Networking8.ENG -> Adware.P2PNetworking : Nettoyé.
    C:\WINDOWS\system32\P2P Networking\P2P Networking9.ENG -> Adware.P2PNetworking : Nettoyé.
    C:\Program Files\Fichiers communs\Synacast\SynaLive\EvID4226Patch.exe -> Backdoor.Virkel.A : Nettoyé.
    C:\Documents and Settings\BOULANGER\Cookies\boulanger@247realmedia[1].txt -> TrackingCookie.247realmedia : Nettoyé.
    C:\Documents and Settings\BOULANGER\Cookies\boulanger@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé.

    Fin du rapport
    0
  8. jojo
     
    Rapport Hijack :

    Logfile of HijackThis v1.99.1
    Scan saved at 04:24:18, on 05/01/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.5730.0011)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
    C:\WINDOWS\system32\cisvc.exe
    C:\Program Files\Norton AntiVirus\navapsvc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\AGRSMMSG.exe
    C:\WINDOWS\System32\hkcmd.exe
    C:\PROGRA~1\NORTON~1\navapw32.exe
    C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
    C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    C:\WINDOWS\system32\lxcgcoms.exe
    C:\DOCUME~1\BOULAN~1\LOCALS~1\Temp\bwgo0001e6a2.exe
    C:\WINDOWS\system32\cidaemon.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\WINDOWS\system32\msiexec.exe
    C:\Program Files\Hijackthis Version Française\hijackthis vf.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O4 - HKLM\..\Run: [LaunchApp] LaunApp
    O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
    O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [eDonkey2000] C:\Program Files\eDonkey2000\eDonkey2000.exe -t
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [PRISMSVR.EXE] "C:\Program Files\NOBRAND\802.11g Wireless USB Adapter\PRISMSVR.EXE" /APPLY
    O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
    O4 - HKLM\..\Run: [lxcgmon.exe] "C:\Program Files\Lexmark 2300 Series\lxcgmon.exe"
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.6962\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab
    O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab30149.cab
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = JEROME
    O17 - HKLM\Software\..\Telephony: DomainName = JEROME
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = JEROME
    O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = JEROME
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: offline-8876480 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: lxcg_device - - C:\WINDOWS\system32\lxcgcoms.exe
    O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - Unknown owner - C:\WINDOWS\wanmpsvc.exe (file missing)
    O23 - Service: WMDM PMSP Service - Unknown owner - C:\WINDOWS\System32\MsPMSPSv.exe (file missing)
    0
  9. philae83 Messages postés 12854 Statut Contributeur sécurité 206
     
    Bonjour,

    du grand ménage !

    lance HijackTHis, coche et fixe cette ligne

    O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)

    tu avais AOL dans le passé ?
    as tu essayé d'installé vista ?

    * fait un scan antivirus en ligne
    http://www.bitdefender.fr/scan8/ie.html
    et poste le rapport ici ensuite
    0
  10. jojo
     
    Rapport Hijack (après élimination de la-dite ligne) pour le plaisir :

    Logfile of HijackThis v1.99.1
    Scan saved at 01:20:54, on 06/01/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.5730.0011)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\WINDOWS\system32\cisvc.exe
    C:\Program Files\Norton AntiVirus\navapsvc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\AGRSMMSG.exe
    C:\WINDOWS\System32\hkcmd.exe
    C:\PROGRA~1\NORTON~1\navapw32.exe
    C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
    C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
    C:\WINDOWS\system32\lxcgcoms.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\system32\cidaemon.exe
    C:\Program Files\Hijackthis Version Française\hijackthis vf.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O4 - HKLM\..\Run: [LaunchApp] LaunApp
    O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
    O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [eDonkey2000] C:\Program Files\eDonkey2000\eDonkey2000.exe -t
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [PRISMSVR.EXE] "C:\Program Files\NOBRAND\802.11g Wireless USB Adapter\PRISMSVR.EXE" /APPLY
    O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
    O4 - HKLM\..\Run: [lxcgmon.exe] "C:\Program Files\Lexmark 2300 Series\lxcgmon.exe"
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.6962\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab
    O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab30149.cab
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = JEROME
    O17 - HKLM\Software\..\Telephony: DomainName = JEROME
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = JEROME
    O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = JEROME
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: offline-8876480 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: lxcg_device - - C:\WINDOWS\system32\lxcgcoms.exe
    O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - Unknown owner - C:\WINDOWS\wanmpsvc.exe (file missing)
    O23 - Service: WMDM PMSP Service - Unknown owner - C:\WINDOWS\System32\MsPMSPSv.exe (file missing)

    Ensuite, je poste le rapport Bitdefender (en cours).
    0
  11. jojo
     
    BitDefender Online Scanner - Rapport virus en temps réel

    Généré à: Sat, Jan 06, 2007 - 03:56:02

    --------------------------------------------------------------------------------

    Info d'analyse

    Fichiers scannés
    190032

    Infectés Fichiers
    0

    Virus Détectés

    Aucun virus trouvé.

    --------------------------------------------------------------------------------

    Ce sommaire du processus d'analyse sera utilisé par les laboratoires Antivirus BitDefender pour créer des statistiques agréguées sur l'activité des virus dans le monde.
    0
  12. philae83 Messages postés 12854 Statut Contributeur sécurité 206
     
    Bonjour,

    tout a l'air bien propre maintenant.
    As tu encore des soucis ?
    0
  13. jojo
     
    J'ai été abonné à AOL dans le passé ; mais, non, je n'ai pas essayé d'installer Vista. Voilà.
    0
  14. philae83 Messages postés 12854 Statut Contributeur sécurité 206
     
    bonjour,

    vérifie que les services sont bien désactivés
    démarrer-----exécuter----tu tapes services msc et tu les désactives

    O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - Unknown owner - C:\WINDOWS\wanmpsvc.exe (file missing)
    O23 - Service: WMDM PMSP Service - Unknown owner - C:\WINDOWS\System32\MsPMSPSv.exe (file missing)

    0
  15. jojo
     
    Je suis allé dans execute de démarrer ; je tape "services msc", mais rien...
    0
  16. philae83 Messages postés 12854 Statut Contributeur sécurité 206
     
    excuse moi, j'ai oublié le point
    c'est services.msc
    0
  17. philae83 Messages postés 12854 Statut Contributeur sécurité 206
     
    et tu en es où sur ton autre topic ?
    0
  18. jojo
     
    J'ai bien peur de ne pas saisir votre allusion.
    0
  19. philae83 Messages postés 12854 Statut Contributeur sécurité 206
     
    J'ai bien peur de ne pas saisir votre allusion.


    je me trompe où c'est toi qui avait remis un autre sujet justement

    edit : laisse tomber, ce n'est pas le même jojo. Bonne soirée
    0
  • 1
  • 2