Sujet Précédent Sujet Suivant

Wincacontrol.exe

Fermé
jojo - 4 janv. 2007 à 11:59
philae83 Messages postés 12837 Date d'inscription mercredi 3 janvier 2007 Statut Contributeur sécurité Dernière intervention 8 décembre 2009 - 24 janv. 2007 à 12:17
cette application prend 99% des ressources processeurs (peu de mémoire cela-dit).
Je ne vois pas à quoi elle correspond.

Pouvez-vous m'en dire plus ?

http://img164.imageshack.us/img164/8206/wincacontrol1pf2.jpg
http://img186.imageshack.us/img186/1917/wincacontrol2qo9.jpg

33 réponses

  • 1
  • 2
Réponse 1 / 33
philae83 Messages postés 12837 Date d'inscription mercredi 3 janvier 2007 Statut Contributeur sécurité Dernière intervention 8 décembre 2009 206
4 janv. 2007 à 12:03
bonjour,

ceci ressemble à une infection

* Télécharge HijackThis et poste le rapport stp
http://pchelpbordeaux.free.fr/logiciels.html
Tutorial
http://pchelpbordeaux.free.fr/tuto.html
Démo en image
http://pageperso.aol.fr/balltrap34/demohijack.htm
0
Réponse 2 / 33
jojo
4 janv. 2007 à 15:07
Tout d'abord, merci de ton aide.

Je vais t'afficher le rapport de l'ordi avant que le processus wincacontrol ne s'enclenche.
Logfile of HijackThis v1.99.1
Scan saved at 14:57:50, on 04/01/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\system32\wincacontrol.exe
C:\PROGRA~1\NORTON~1\navapw32.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\Lexmark 2300 Series\lxcgmon.exe
C:\Program Files\Lexmark 2300 Series\ezprint.exe
C:\WINDOWS\system32\ctfmon.exe
C:\DOCUME~1\BOULAN~1\LOCALS~1\Temp\bwgo0003e262.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\WINDOWS\system32\lxcgcoms.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: DAPHelper Class - {0000CC75-ACF3-4cac-A0A9-DD3868E06852} - C:\Program Files\DAP\DAPBHO.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Flashget Catch Url Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: BitComet Toolbar Helper - {6A373B7E-496E-424f-A9BE-486A5E9AB018} - C:\Program Files\BitComet Toolbar\v2.0.0.1\BitComet_Toolbar.dll (file missing)
O2 - BHO: HbTools - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - C:\Program Files\HbTools\Bin\4.8.0.0\HbtHostIE.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: gFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: FlashGet - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\Program Files\FlashGet\fgiebar.dll
O3 - Toolbar: DAP Bar - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - C:\Program Files\DAP\DAPIEBar.dll (file missing)
O3 - Toolbar: BitComet Toolbar - {2E608F70-C430-4bc5-96F6-608E02EBA5B2} - C:\Program Files\BitComet Toolbar\v2.0.0.1\BitComet_Toolbar.dll (file missing)
O3 - Toolbar: H&otbar - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - C:\Program Files\HbTools\Bin\4.8.0.0\HbtHostIE.dll (file missing)
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [LaunchApp] LaunApp
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [DownloadAccelerator] C:\PROGRA~1\DAP\DAP.EXE /STARTUP
O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [AltnetPointsManager] c:\program files\altnet\points manager\points manager.exe -s
O4 - HKLM\..\Run: [Bsx3] RunDLL32.EXE C:\WINDOWS\bs3.dll,DllRun
O4 - HKLM\..\Run: [eDonkey2000] C:\Program Files\eDonkey2000\eDonkey2000.exe -t
O4 - HKLM\..\Run: [updmgr] C:\Program Files\Common files\updmgr\updmgr.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [wowexc] C:\WINDOWS\system32\wowexc.exe
O4 - HKLM\..\Run: [wincacontrol] C:\WINDOWS\system32\wincacontrol.exe
O4 - HKLM\..\Run: [PRISMSVR.EXE] "C:\Program Files\NOBRAND\802.11g Wireless USB Adapter\PRISMSVR.EXE" /APPLY
O4 - HKLM\..\Run: [WeatherOnTray] C:\Program Files\HbTools\Bin\4.8.0.0\HbtWeatherOnTray.exe
O4 - HKLM\..\Run: [HbTools] C:\Program Files\HbTools\Bin\4.8.0.0\HbtOEAddOn.exe
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [LXCGCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCGtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [lxcgmon.exe] "C:\Program Files\Lexmark 2300 Series\lxcgmon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 2300 Series\ezprint.exe"
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [Yahoo! Pager] C:\PROGRA~1\YAHOO!\MESSEN~1\ypager.exe -quiet
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [wowexc] C:\WINDOWS\system32\wowexc.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\WANADOO\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.6962\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Logitech Desktop Messenger Agent.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: &Tout télécharger avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Run DAP - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\PROGRA~1\DAP\DAP.EXE (file missing)
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\flashget.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\flashget.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab30149.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab30149.cab
O16 - DPF: {469C7080-8EC8-43A6-AD97-45848113743C} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} - http://files.ea.com/downloads/rtpatch/v2/EARTPX.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab30149.cab
O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} (CRAVOnline Object) - http://www.ravantivirus.com/scan/ravonline.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab30149.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab30149.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = JEROME
O17 - HKLM\Software\..\Telephony: DomainName = JEROME
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = JEROME
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = JEROME
O18 - Protocol: bw+0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: lxcg_device - - C:\WINDOWS\system32\lxcgcoms.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

Le processus wincacontrol, en effet, ne s'enclenche pas directement avec l'allumage du PC ou le lancement de Windows. Apparemment, il s'enclenche d'une manière encore indéterminée.
Je ne peux constater son enclenchement qu'une fois que l'ordi éprouve des difficultés à afficher plusieurs pages en meme temps, ou dès que je constate un ralentissement manifeste des ressources CPU.
Vois-tu, à l'heure actuelle, rien à signaler ; peut-etre meme que d'ici que je ferme l'ordinateur, rien ne se passera ; pourtant, des fois, je constate ce ralentissement manifeste, et je vois s'afficher ce processus wincacontrol (totalement inconnu par ailleurs tel que des recherches sur google ou yahoo l'ont prouvé (résultats nuls)).
Désolé, je reposterai quand le processus se sera enclenché (d'ici peut-etre quelques jours?).
0
Réponse 3 / 33
jojo
4 janv. 2007 à 16:25
Ca y est, wincacontrol s'est lancé maintenant il y a 5 minutes. J'ai flashé avec Hijack.

Logfile of HijackThis v1.99.1
Scan saved at 15:55:28, on 04/01/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\system32\wincacontrol.exe
C:\PROGRA~1\NORTON~1\navapw32.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\Lexmark 2300 Series\lxcgmon.exe
C:\Program Files\Lexmark 2300 Series\ezprint.exe
C:\WINDOWS\system32\ctfmon.exe
C:\DOCUME~1\BOULAN~1\LOCALS~1\Temp\bwgo0003e262.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\WINDOWS\system32\lxcgcoms.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Everest Poker\Everest Poker.exe
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: DAPHelper Class - {0000CC75-ACF3-4cac-A0A9-DD3868E06852} - C:\Program Files\DAP\DAPBHO.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Flashget Catch Url Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: BitComet Toolbar Helper - {6A373B7E-496E-424f-A9BE-486A5E9AB018} - C:\Program Files\BitComet Toolbar\v2.0.0.1\BitComet_Toolbar.dll (file missing)
O2 - BHO: HbTools - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - C:\Program Files\HbTools\Bin\4.8.0.0\HbtHostIE.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: gFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: FlashGet - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\Program Files\FlashGet\fgiebar.dll
O3 - Toolbar: DAP Bar - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - C:\Program Files\DAP\DAPIEBar.dll (file missing)
O3 - Toolbar: BitComet Toolbar - {2E608F70-C430-4bc5-96F6-608E02EBA5B2} - C:\Program Files\BitComet Toolbar\v2.0.0.1\BitComet_Toolbar.dll (file missing)
O3 - Toolbar: H&otbar - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - C:\Program Files\HbTools\Bin\4.8.0.0\HbtHostIE.dll (file missing)
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [LaunchApp] LaunApp
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [DownloadAccelerator] C:\PROGRA~1\DAP\DAP.EXE /STARTUP
O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [AltnetPointsManager] c:\program files\altnet\points manager\points manager.exe -s
O4 - HKLM\..\Run: [Bsx3] RunDLL32.EXE C:\WINDOWS\bs3.dll,DllRun
O4 - HKLM\..\Run: [eDonkey2000] C:\Program Files\eDonkey2000\eDonkey2000.exe -t
O4 - HKLM\..\Run: [updmgr] C:\Program Files\Common files\updmgr\updmgr.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [wowexc] C:\WINDOWS\system32\wowexc.exe
O4 - HKLM\..\Run: [wincacontrol] C:\WINDOWS\system32\wincacontrol.exe
O4 - HKLM\..\Run: [PRISMSVR.EXE] "C:\Program Files\NOBRAND\802.11g Wireless USB Adapter\PRISMSVR.EXE" /APPLY
O4 - HKLM\..\Run: [WeatherOnTray] C:\Program Files\HbTools\Bin\4.8.0.0\HbtWeatherOnTray.exe
O4 - HKLM\..\Run: [HbTools] C:\Program Files\HbTools\Bin\4.8.0.0\HbtOEAddOn.exe
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [LXCGCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCGtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [lxcgmon.exe] "C:\Program Files\Lexmark 2300 Series\lxcgmon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 2300 Series\ezprint.exe"
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [Yahoo! Pager] C:\PROGRA~1\YAHOO!\MESSEN~1\ypager.exe -quiet
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [wowexc] C:\WINDOWS\system32\wowexc.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\WANADOO\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.6962\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Logitech Desktop Messenger Agent.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: &Tout télécharger avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Run DAP - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\PROGRA~1\DAP\DAP.EXE (file missing)
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\flashget.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\flashget.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab30149.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab30149.cab
O16 - DPF: {469C7080-8EC8-43A6-AD97-45848113743C} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} - http://files.ea.com/downloads/rtpatch/v2/EARTPX.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab30149.cab
O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} (CRAVOnline Object) - http://www.ravantivirus.com/scan/ravonline.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab30149.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab30149.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = JEROME
O17 - HKLM\Software\..\Telephony: DomainName = JEROME
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = JEROME
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = JEROME
O18 - Protocol: bw+0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: lxcg_device - - C:\WINDOWS\system32\lxcgcoms.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
0
Réponse 4 / 33
philae83 Messages postés 12837 Date d'inscription mercredi 3 janvier 2007 Statut Contributeur sécurité Dernière intervention 8 décembre 2009 206
4 janv. 2007 à 16:57
re

je t'ai préparé les manips à effectuer, mais après avoir envoyé le message, il me dit qu'il est en cours d'ajout, pour ne pas l'envoyer 2 x, je vais attendre encore un peu
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 33
philae83 Messages postés 12837 Date d'inscription mercredi 3 janvier 2007 Statut Contributeur sécurité Dernière intervention 8 décembre 2009 206
4 janv. 2007 à 17:17
visiblement il n'est pas parti
le voici :

re

* Télécharge CCleaner.
https://www.pcastuces.com/logitheque/ccleaner.htm

Installe le dans un répertoire dédié.

Décoche pendant l'installation

--- les deux cases "Ajouter l'option ... "

--- Contrôler les mises à jour

--- Ajouter la Barre d'Outils Yahoo! CCleaner

puis



ctrl+alt+supp-----onglet processus--------fait un clic droit ------terminer le processus sur :

wincacontrol.exe
updmgr.exe
wowexc.exe
HbtOEAddOn.exe
points manager.exe

puis

Lance HijackThis, coche ces lignes

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
O2 - BHO: DAPHelper Class - {0000CC75-ACF3-4cac-A0A9-DD3868E06852} - C:\Program Files\DAP\DAPBHO.dll
O2 - BHO: BitComet Toolbar Helper - {6A373B7E-496E-424f-A9BE-486A5E9AB018} - C:\Program Files\BitComet Toolbar\v2.0.0.1\BitComet_Toolbar.dll (file missing)
O2 - BHO: HbTools - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - C:\Program Files\HbTools\Bin\4.8.0.0\HbtHostIE.dll (file missing)
O3 - Toolbar: DAP Bar - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - C:\Program Files\DAP\DAPIEBar.dll (file missing)
O3 - Toolbar: BitComet Toolbar - {2E608F70-C430-4bc5-96F6-608E02EBA5B2} - C:\Program Files\BitComet Toolbar\v2.0.0.1\BitComet_Toolbar.dll (file missing)
O3 - Toolbar: H&otbar - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - C:\Program Files\HbTools\Bin\4.8.0.0\HbtHostIE.dll (file missing)
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [DownloadAccelerator] C:\PROGRA~1\DAP\DAP.EXE /STARTUP
O4 - HKLM\..\Run: [AltnetPointsManager] c:\program files\altnet\points manager\points manager.exe -s
O4 - HKLM\..\Run: [Bsx3] RunDLL32.EXE C:\WINDOWS\bs3.dll,DllRun
O4 - HKLM\..\Run: [updmgr] C:\Program Files\Common files\updmgr\updmgr.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [wowexc] C:\WINDOWS\system32\wowexc.exe
O4 - HKLM\..\Run: [wincacontrol] C:\WINDOWS\system32\wincacontrol.exe
O4 - HKLM\..\Run: [WeatherOnTray] C:\Program Files\HbTools\Bin\4.8.0.0\HbtWeatherOnTray.exe
O4 - HKLM\..\Run: [HbTools] C:\Program Files\HbTools\Bin\4.8.0.0\HbtOEAddOn.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [wowexc] C:\WINDOWS\system32\wowexc.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Logitech Desktop Messenger Agent.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Run DAP - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\PROGRA~1\DAP\DAP.EXE (file missing)
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab30149.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab30149.cab
O16 - DPF: {469C7080-8EC8-43A6-AD97-45848113743C} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} - http://files.ea.com/downloads/rtpatch/v2/EARTPX.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab30149.cab
O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} (CRAVOnline Object) - http://www.ravantivirus.com/scan/ravonline.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab30149.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab30149.cab
O18 - Protocol: bw+0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dl
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll

* Ferme toutes les fenêtres Windows, Internet Explorer, Outlook .....sauf le logiciel HijackThis et clique sur Fixer l'objet

puis

* désinstalle via ajout et suppression de programmes si tu les trouves


DAP
altnet
HbTools
BitComet Toolbar

puis

* Assure toi d'avoir accès à tous les fichiers

-démarrer

-poste de travail ou autre dossier

-menu outils

-options de dossier

-onglet affichage



puis



- activer la case : Afficher les fichiers et dossiers cachés

- désactiver la case : Masquer les extensions des fichiers dont le type est connu

- désactiver la case : Masquer les fichier protégés du système d'exploitation



Puis - Appliquer



* et Supprime le(s) fichier(s) ci dessous si il(s) est (sont) présent(s) :


C:\PROGRAMESFILES\DAP
c:\program files\altnet
C:\Program Files\Common files\updmgr
C:\WINDOWS\system32\wowexc.exe
C:\WINDOWS\system32\wincacontrol.exe
C:\Program Files\HbTools
C:\Program Files\BitComet Toolbar

puis

* télécharge AVG Anti-Spyware (ewido)
https://www.avg.com/en-ww/free-antivirus-download

* tu l'installes

* lance AVG Anti-Spyware et clique sur le bouton Mise à jour. Patiente

puis

Lance AVG Anti-Spyware

Clique sur le bouton Analyse (de la barre d'outils)

Puis sur l'onglets Comment réagir, clique sur Actions recommandées. Sélectionne Quarantaine.

Reviens à l'onglet Analyse. Clique sur Analyse complète du système.

A la fin du scan, choisis l'option 3

"Appliquer toutes les actions " en bas.

Clique sur "Enregistrer le rapport".

Ceci génère un rapport en fichier texte qui se trouve dans le dossier Reports du dossier d'AVG Anti-Spyware.
poste le rapport

* lance Ccleaner pour un nettoyage complet

ainsi qu'un nouveau rapport HijackThis
0
Réponse 6 / 33
jojo
5 janv. 2007 à 04:27
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 04:16:12 05/01/2007

+ Résultat de l'analyse:



HKLM\SOFTWARE\Classes\AppID\WeatherOnTray.EXE -> Adware.HotBar : Nettoyé.
HKLM\SOFTWARE\Classes\HbCoreSrv.DynamicProp -> Adware.HotBar : Nettoyé.
HKLM\SOFTWARE\Classes\HbCoreSrv.DynamicProp.1 -> Adware.HotBar : Nettoyé.
HKLM\SOFTWARE\Classes\HbCoreSrv.DynamicProp\CLSID -> Adware.HotBar : Nettoyé.
HKLM\SOFTWARE\Classes\HbCoreSrv.DynamicProp\CurVer -> Adware.HotBar : Nettoyé.
HKLM\SOFTWARE\Classes\HbTools.HbtCommBand -> Adware.HotBar : Nettoyé.
HKLM\SOFTWARE\Classes\HbTools.HbtCommBand.1 -> Adware.HotBar : Nettoyé.
HKLM\SOFTWARE\Classes\HbTools.HbtCommBand\CLSID -> Adware.HotBar : Nettoyé.
HKLM\SOFTWARE\Classes\HbTools.HbtCommBand\CurVer -> Adware.HotBar : Nettoyé.
HKLM\SOFTWARE\Classes\HbTools.HbtTravelCompareBar -> Adware.HotBar : Nettoyé.
HKLM\SOFTWARE\Classes\HbTools.HbtTravelCompareBar.1 -> Adware.HotBar : Nettoyé.
HKLM\SOFTWARE\Classes\HbTools.HbtTravelCompareBar\CLSID -> Adware.HotBar : Nettoyé.
HKLM\SOFTWARE\Classes\HbTools.HbtTravelCompareBar\CurVer -> Adware.HotBar : Nettoyé.
HKLM\SOFTWARE\Classes\HbtCoreSrv.HbtCoreServices -> Adware.HotBar : Nettoyé.
HKLM\SOFTWARE\Classes\HbtCoreSrv.HbtCoreServices.1 -> Adware.HotBar : Nettoyé.
HKLM\SOFTWARE\Classes\HbtCoreSrv.HbtCoreServices\CLSID -> Adware.HotBar : Nettoyé.
HKLM\SOFTWARE\Classes\HbtCoreSrv.HbtCoreServices\CurVer -> Adware.HotBar : Nettoyé.
HKLM\SOFTWARE\Classes\HbtCoreSrv.LfgAx -> Adware.HotBar : Nettoyé.
HKLM\SOFTWARE\Classes\HbtCoreSrv.LfgAx.1 -> Adware.HotBar : Nettoyé.
HKLM\SOFTWARE\Classes\HbtCoreSrv.LfgAx\CLSID -> Adware.HotBar : Nettoyé.
HKLM\SOFTWARE\Classes\HbtCoreSrv.LfgAx\CurVer -> Adware.HotBar : Nettoyé.
HKLM\SOFTWARE\Classes\HbtHostIE.Bho -> Adware.HotBar : Nettoyé.
HKLM\SOFTWARE\Classes\HbtHostIE.Bho.1 -> Adware.HotBar : Nettoyé.
HKLM\SOFTWARE\Classes\HbtHostIE.Bho\CLSID -> Adware.HotBar : Nettoyé.
HKLM\SOFTWARE\Classes\HbtHostIE.Bho\CurVer -> Adware.HotBar : Nettoyé.
HKLM\SOFTWARE\Classes\HbtHostOL.HbtMailAnim -> Adware.HotBar : Nettoyé.
HKLM\SOFTWARE\Classes\HbtHostOL.HbtMailAnim.1 -> Adware.HotBar : Nettoyé.
HKLM\SOFTWARE\Classes\HbtHostOL.HbtMailAnim\CLSID -> Adware.HotBar : Nettoyé.
HKLM\SOFTWARE\Classes\HbtHostOL.HbtMailAnim\CurVer -> Adware.HotBar : Nettoyé.
HKLM\SOFTWARE\Classes\HbtHostOL.HbtWebmailSend -> Adware.HotBar : Nettoyé.
HKLM\SOFTWARE\Classes\HbtHostOL.HbtWebmailSend.1 -> Adware.HotBar : Nettoyé.
HKLM\SOFTWARE\Classes\HbtHostOL.HbtWebmailSend\CLSID -> Adware.HotBar : Nettoyé.
HKLM\SOFTWARE\Classes\HbtHostOL.HbtWebmailSend\CurVer -> Adware.HotBar : Nettoyé.
HKLM\SOFTWARE\Classes\HbtSrv.HbtCoreServices -> Adware.HotBar : Nettoyé.
HKLM\SOFTWARE\Classes\HbtSrv.HbtCoreServices.1 -> Adware.HotBar : Nettoyé.
HKLM\SOFTWARE\Classes\HbtSrv.HbtCoreServices\CLSID -> Adware.HotBar : Nettoyé.
HKLM\SOFTWARE\Classes\HbtSrv.HbtCoreServices\CurVer -> Adware.HotBar : Nettoyé.
HKLM\SOFTWARE\Classes\HbtToolbar.HbtHtmlMenuUI -> Adware.HotBar : Nettoyé.
HKLM\SOFTWARE\Classes\HbtToolbar.HbtHtmlMenuUI.1 -> Adware.HotBar : Nettoyé.
HKLM\SOFTWARE\Classes\HbtToolbar.HbtHtmlMenuUI\CLSID -> Adware.HotBar : Nettoyé.
HKLM\SOFTWARE\Classes\HbtToolbar.HbtHtmlMenuUI\CurVer -> Adware.HotBar : Nettoyé.
HKLM\SOFTWARE\Classes\HbtToolbar.HbtToolbarCtl -> Adware.HotBar : Nettoyé.
HKLM\SOFTWARE\Classes\HbtToolbar.HbtToolbarCtl.1 -> Adware.HotBar : Nettoyé.
HKLM\SOFTWARE\Classes\HbtToolbar.HbtToolbarCtl\CLSID -> Adware.HotBar : Nettoyé.
HKLM\SOFTWARE\Classes\HbtToolbar.HbtToolbarCtl\CurVer -> Adware.HotBar : Nettoyé.
HKLM\SOFTWARE\Classes\HbtTools.HbMain -> Adware.HotBar : Nettoyé.
HKLM\SOFTWARE\Classes\HbtTools.HbMain.1 -> Adware.HotBar : Nettoyé.
HKLM\SOFTWARE\Classes\HbtTools.HbMain\CLSID -> Adware.HotBar : Nettoyé.
HKLM\SOFTWARE\Classes\HbtTools.HbMain\CurVer -> Adware.HotBar : Nettoyé.
HKLM\SOFTWARE\Classes\Wallpaper.WallpaperManager -> Adware.HotBar : Nettoyé.
HKLM\SOFTWARE\Classes\Wallpaper.WallpaperManager.1 -> Adware.HotBar : Nettoyé.
HKLM\SOFTWARE\Classes\Wallpaper.WallpaperManager\CLSID -> Adware.HotBar : Nettoyé.
HKLM\SOFTWARE\Classes\Wallpaper.WallpaperManager\CurVer -> Adware.HotBar : Nettoyé.
HKLM\SOFTWARE\HbTools -> Adware.HotBar : Nettoyé.
HKLM\SOFTWARE\HbTools\HbTools -> Adware.HotBar : Nettoyé.
HKLM\SOFTWARE\HbTools\HbTools\Install -> Adware.HotBar : Nettoyé.
HKLM\SOFTWARE\HbTools\HbTools\MachineInfo -> Adware.HotBar : Nettoyé.
HKLM\SOFTWARE\HbTools\HbTools\Mail -> Adware.HotBar : Nettoyé.
HKLM\SOFTWARE\HbTools\HbTools\PI -> Adware.HotBar : Nettoyé.
HKLM\SOFTWARE\HbTools\HbTools\PI\3.2 -> Adware.HotBar : Nettoyé.
HKLM\SOFTWARE\HbTools\HbTools\Updates -> Adware.HotBar : Nettoyé.
HKLM\SOFTWARE\HbTools\HbTools\Upgrade -> Adware.HotBar : Nettoyé.
HKLM\SOFTWARE\HbTools\Hotbar -> Adware.HotBar : Nettoyé.
HKLM\SOFTWARE\HbTools\Hotbar\Install -> Adware.HotBar : Nettoyé.
HKLM\SOFTWARE\HbTools\Install -> Adware.HotBar : Nettoyé.
HKLM\SOFTWARE\HbTools\Install\CmpMap -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\Common -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\Common\Time -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\Common\Updates -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\HbTools -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\HbTools\EUI -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\HbTools\HtmlPPP -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\HbTools\ImagesHistory -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\HbTools\Install -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\HbTools\MachineInfo -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\HbTools\MultiUrl -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\HbTools\PI -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\HbTools\PI\3.2 -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\HbTools\Sample -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\HbTools\Sample\Hist -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\HbTools\Sample\Hist\sg860 -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\HbTools\Sample\Hist\sg861 -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\HbTools\Sample\Hist\sg887 -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\HbTools\Sample\Hist\sg888 -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\HbTools\Sample\Hist\sg889 -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\HbTools\Sample\Hist\sg910 -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\HbTools\Sample\Hist\sg914 -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\HbTools\Sample\Hist\sg915 -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\HbTools\UserInfo -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\HbTools\Weather -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\HbTools\dynamic -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\HbTools\links -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\HbTools\mail -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\HbTools\options -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\HbTools\updates -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\HostOI -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\HostOI\Updates -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\Install -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\Install\Icons -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\Install\Links -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\Time -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\Time\HostIE -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\Time\HostIE\updates -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\Time\HostOI -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\Time\HostOI\Updates -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\Time\HostOL -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\Time\HostOL\Updates -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\hostol -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\hostol\Mail -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\hostol\Updates -> Adware.HotBar : Nettoyé.
HKU\S-1-5-21-1713393062-3620088570-4063876274-1005\Software\HbTools\hostol\soho -> Adware.HotBar : Nettoyé.
HKLM\SOFTWARE\PerfectNav -> Adware.KeenValue : Nettoyé.
HKLM\SOFTWARE\PerfectNav\BHO -> Adware.KeenValue : Nettoyé.
HKLM\SOFTWARE\PerfectNav\BHO\HomePage -> Adware.KeenValue : Nettoyé.
HKLM\SOFTWARE\PerfectNav\BHO\RedirectURLS -> Adware.KeenValue : Nettoyé.
C:\WINDOWS\system32\P2P Networking -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\MARSHAL.DLL -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\MARSHAL10.DLL -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\MARSHAL11.DLL -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\MARSHAL12.DLL -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\MARSHAL13.DLL -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\MARSHAL14.DLL -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\MARSHAL15.DLL -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\MARSHAL16.DLL -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\MARSHAL17.DLL -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\MARSHAL18.DLL -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\MARSHAL19.DLL -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\MARSHAL2.DLL -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\MARSHAL20.DLL -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\MARSHAL21.DLL -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\MARSHAL22.DLL -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\MARSHAL23.DLL -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\MARSHAL24.DLL -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\MARSHAL25.DLL -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\MARSHAL26.DLL -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\MARSHAL27.DLL -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\MARSHAL28.DLL -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\MARSHAL29.DLL -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\MARSHAL3.DLL -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\MARSHAL30.DLL -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\MARSHAL31.DLL -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\MARSHAL32.DLL -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\MARSHAL33.DLL -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\MARSHAL34.DLL -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\MARSHAL35.DLL -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\MARSHAL36.DLL -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\MARSHAL37.DLL -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\MARSHAL38.DLL -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\MARSHAL39.DLL -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\MARSHAL4.DLL -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\MARSHAL40.DLL -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\MARSHAL41.DLL -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\MARSHAL42.DLL -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\MARSHAL43.DLL -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\MARSHAL44.DLL -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\MARSHAL45.DLL -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\MARSHAL46.DLL -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\MARSHAL47.DLL -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\MARSHAL48.DLL -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\MARSHAL49.DLL -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\MARSHAL5.DLL -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\MARSHAL50.DLL -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\MARSHAL51.DLL -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\MARSHAL52.DLL -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\MARSHAL53.DLL -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\MARSHAL6.DLL -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\MARSHAL7.DLL -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\MARSHAL8.DLL -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\MARSHAL9.DLL -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\P2P Networking.eng -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\P2P Networking10.ENG -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\P2P Networking11.ENG -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\P2P Networking12.ENG -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\P2P Networking13.ENG -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\P2P Networking14.ENG -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\P2P Networking15.ENG -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\P2P Networking16.ENG -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\P2P Networking17.ENG -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\P2P Networking18.ENG -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\P2P Networking19.ENG -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\P2P Networking2.ENG -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\P2P Networking20.ENG -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\P2P Networking21.ENG -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\P2P Networking22.ENG -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\P2P Networking23.ENG -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\P2P Networking24.ENG -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\P2P Networking25.ENG -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\P2P Networking26.ENG -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\P2P Networking27.ENG -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\P2P Networking28.ENG -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\P2P Networking29.ENG -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\P2P Networking3.ENG -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\P2P Networking30.ENG -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\P2P Networking31.ENG -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\P2P Networking32.ENG -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\P2P Networking33.ENG -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\P2P Networking34.ENG -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\P2P Networking35.ENG -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\P2P Networking36.ENG -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\P2P Networking37.ENG -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\P2P Networking38.ENG -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\P2P Networking39.ENG -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\P2P Networking4.ENG -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\P2P Networking40.ENG -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\P2P Networking41.ENG -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\P2P Networking42.ENG -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\P2P Networking43.ENG -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\P2P Networking44.ENG -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\P2P Networking45.ENG -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\P2P Networking46.ENG -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\P2P Networking47.ENG -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\P2P Networking48.ENG -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\P2P Networking49.ENG -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\P2P Networking5.ENG -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\P2P Networking50.ENG -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\P2P Networking51.ENG -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\P2P Networking52.ENG -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\P2P Networking53.ENG -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\P2P Networking6.ENG -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\P2P Networking7.ENG -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\P2P Networking8.ENG -> Adware.P2PNetworking : Nettoyé.
C:\WINDOWS\system32\P2P Networking\P2P Networking9.ENG -> Adware.P2PNetworking : Nettoyé.
C:\Program Files\Fichiers communs\Synacast\SynaLive\EvID4226Patch.exe -> Backdoor.Virkel.A : Nettoyé.
C:\Documents and Settings\BOULANGER\Cookies\boulanger@247realmedia[1].txt -> TrackingCookie.247realmedia : Nettoyé.
C:\Documents and Settings\BOULANGER\Cookies\boulanger@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé.


Fin du rapport
0
Réponse 7 / 33
jojo
5 janv. 2007 à 04:28
Rapport Hijack :

Logfile of HijackThis v1.99.1
Scan saved at 04:24:18, on 05/01/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\System32\hkcmd.exe
C:\PROGRA~1\NORTON~1\navapw32.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\WINDOWS\system32\lxcgcoms.exe
C:\DOCUME~1\BOULAN~1\LOCALS~1\Temp\bwgo0001e6a2.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [LaunchApp] LaunApp
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [eDonkey2000] C:\Program Files\eDonkey2000\eDonkey2000.exe -t
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [PRISMSVR.EXE] "C:\Program Files\NOBRAND\802.11g Wireless USB Adapter\PRISMSVR.EXE" /APPLY
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [lxcgmon.exe] "C:\Program Files\Lexmark 2300 Series\lxcgmon.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.6962\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab30149.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = JEROME
O17 - HKLM\Software\..\Telephony: DomainName = JEROME
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = JEROME
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = JEROME
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: lxcg_device - - C:\WINDOWS\system32\lxcgcoms.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - Unknown owner - C:\WINDOWS\wanmpsvc.exe (file missing)
O23 - Service: WMDM PMSP Service - Unknown owner - C:\WINDOWS\System32\MsPMSPSv.exe (file missing)
0
Réponse 8 / 33
philae83 Messages postés 12837 Date d'inscription mercredi 3 janvier 2007 Statut Contributeur sécurité Dernière intervention 8 décembre 2009 206
5 janv. 2007 à 15:23
Bonjour,

du grand ménage !

lance HijackTHis, coche et fixe cette ligne

O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)

tu avais AOL dans le passé ?
as tu essayé d'installé vista ?

* fait un scan antivirus en ligne
http://www.bitdefender.fr/scan8/ie.html
et poste le rapport ici ensuite
0
Réponse 9 / 33
jojo
6 janv. 2007 à 01:23
Rapport Hijack (après élimination de la-dite ligne) pour le plaisir :

Logfile of HijackThis v1.99.1
Scan saved at 01:20:54, on 06/01/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\System32\hkcmd.exe
C:\PROGRA~1\NORTON~1\navapw32.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\lxcgcoms.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [LaunchApp] LaunApp
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [eDonkey2000] C:\Program Files\eDonkey2000\eDonkey2000.exe -t
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [PRISMSVR.EXE] "C:\Program Files\NOBRAND\802.11g Wireless USB Adapter\PRISMSVR.EXE" /APPLY
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [lxcgmon.exe] "C:\Program Files\Lexmark 2300 Series\lxcgmon.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.6962\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab30149.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = JEROME
O17 - HKLM\Software\..\Telephony: DomainName = JEROME
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = JEROME
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = JEROME
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: lxcg_device - - C:\WINDOWS\system32\lxcgcoms.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - Unknown owner - C:\WINDOWS\wanmpsvc.exe (file missing)
O23 - Service: WMDM PMSP Service - Unknown owner - C:\WINDOWS\System32\MsPMSPSv.exe (file missing)

Ensuite, je poste le rapport Bitdefender (en cours).
0
Réponse 10 / 33
jojo
6 janv. 2007 à 03:58
BitDefender Online Scanner - Rapport virus en temps réel



Généré à: Sat, Jan 06, 2007 - 03:56:02


--------------------------------------------------------------------------------





Info d'analyse



Fichiers scannés
190032

Infectés Fichiers
0








Virus Détectés



Aucun virus trouvé.











--------------------------------------------------------------------------------



Ce sommaire du processus d'analyse sera utilisé par les laboratoires Antivirus BitDefender pour créer des statistiques agréguées sur l'activité des virus dans le monde.
0
Réponse 11 / 33
philae83 Messages postés 12837 Date d'inscription mercredi 3 janvier 2007 Statut Contributeur sécurité Dernière intervention 8 décembre 2009 206
6 janv. 2007 à 12:08
Bonjour,

tout a l'air bien propre maintenant.
As tu encore des soucis ?
0
Réponse 12 / 33
jojo
6 janv. 2007 à 13:13
Ca va.
0
Réponse 13 / 33
jojo
6 janv. 2007 à 13:22
J'ai été abonné à AOL dans le passé ; mais, non, je n'ai pas essayé d'installer Vista. Voilà.
0
Réponse 14 / 33
philae83 Messages postés 12837 Date d'inscription mercredi 3 janvier 2007 Statut Contributeur sécurité Dernière intervention 8 décembre 2009 206
6 janv. 2007 à 13:39
bonjour,

vérifie que les services sont bien désactivés
démarrer-----exécuter----tu tapes services msc et tu les désactives


O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - Unknown owner - C:\WINDOWS\wanmpsvc.exe (file missing)
O23 - Service: WMDM PMSP Service - Unknown owner - C:\WINDOWS\System32\MsPMSPSv.exe (file missing)

0
Réponse 15 / 33
jojo
6 janv. 2007 à 22:16
Je suis allé dans execute de démarrer ; je tape "services msc", mais rien...
0
Réponse 16 / 33
philae83 Messages postés 12837 Date d'inscription mercredi 3 janvier 2007 Statut Contributeur sécurité Dernière intervention 8 décembre 2009 206
6 janv. 2007 à 22:18
excuse moi, j'ai oublié le point
c'est services.msc
0
Réponse 17 / 33
jojo
6 janv. 2007 à 23:19
C'est fait.
0
Réponse 18 / 33
philae83 Messages postés 12837 Date d'inscription mercredi 3 janvier 2007 Statut Contributeur sécurité Dernière intervention 8 décembre 2009 206
6 janv. 2007 à 23:22
et tu en es où sur ton autre topic ?
0
Réponse 19 / 33
jojo
7 janv. 2007 à 00:40
J'ai bien peur de ne pas saisir votre allusion.
0
Réponse 20 / 33
philae83 Messages postés 12837 Date d'inscription mercredi 3 janvier 2007 Statut Contributeur sécurité Dernière intervention 8 décembre 2009 206
7 janv. 2007 à 00:53 
J'ai bien peur de ne pas saisir votre allusion.


je me trompe où c'est toi qui avait remis un autre sujet justement

edit : laisse tomber, ce n'est pas le même jojo. Bonne soirée
0