Wincacontrol.exe - Page 2

Précédent
  • 1
  • 2
  1. jojo
     
    Vous pouvez me réinterpéter ça svp (scan hijack d'aujourdh'ui), car j'ai l'impression que ça re-déconne. /
    Dites-moi si je me trompe.

    Logfile of HijackThis v1.99.1
    Scan saved at 15:50:32, on 10/01/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.5730.0011)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\WINDOWS\system32\cisvc.exe
    C:\Program Files\ewido anti-spyware 4.0\guard.exe
    C:\Program Files\Norton AntiVirus\navapsvc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\AGRSMMSG.exe
    C:\WINDOWS\System32\hkcmd.exe
    C:\PROGRA~1\NORTON~1\navapw32.exe
    C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
    C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\WINDOWS\system32\lxcgcoms.exe
    C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.6962\GoogleToolbarNotifier.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\WINDOWS\system32\cidaemon.exe
    C:\Program Files\Hijackthis Version Française\hijackthis vf.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O4 - HKLM\..\Run: [LaunchApp] LaunApp
    O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
    O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [eDonkey2000] C:\Program Files\eDonkey2000\eDonkey2000.exe -t
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [PRISMSVR.EXE] "C:\Program Files\NOBRAND\802.11g Wireless USB Adapter\PRISMSVR.EXE" /APPLY
    O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
    O4 - HKLM\..\Run: [lxcgmon.exe] "C:\Program Files\Lexmark 2300 Series\lxcgmon.exe"
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.6962\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    O9 - Extra button: WH GBP Casino - {37236812-C1A2-4529-A9CE-CFE04E3DF08A} - C:\Documents and Settings\BOULANGER\Bureau\WH GBP Casino.lnk
    O9 - Extra 'Tools' menuitem: WH GBP Casino - {37236812-C1A2-4529-A9CE-CFE04E3DF08A} - C:\Documents and Settings\BOULANGER\Bureau\WH GBP Casino.lnk
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
    O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab30149.cab
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = JEROME
    O17 - HKLM\Software\..\Telephony: DomainName = JEROME
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = JEROME
    O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = JEROME
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: offline-8876480 - {4DA190A6-75F4-430B-80B2-C5740633634A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
    O23 - Service: lxcg_device - - C:\WINDOWS\system32\lxcgcoms.exe
    O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
    0
  2. philae83 Messages postés 12854 Statut Contributeur sécurité 206
     
    Bonjour,

    qu'est-ce que c'est que
    O9 - Extra button: WH GBP Casino - {37236812-C1A2-4529-A9CE-CFE04E3DF08A} - C:\Documents and Settings\BOULANGER\Bureau\WH GBP Casino.lnk
    O9 - Extra 'Tools' menuitem: WH GBP Casino - {37236812-C1A2-4529-A9CE-CFE04E3DF08A} - C:\Documents and Settings\BOULANGER\Bureau\WH GBP Casino.lnk

    0
  3. jojo
     
    ben j'en sais rien ! c'est vous le chef, ici !
    0
  4. philae83 Messages postés 12854 Statut Contributeur sécurité 206
     
    bonsoir,

    je ne suis pas chef, mais j'ai rien trouvé de bien intéressant concernant ton "truc". Et puis sur le bureau tu dois bien savoir ce que c'est ?
    c'est récent ? depuis quand est-il là ?
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. jojo
     
    Salut!
    Ben, j'ai bein réfléchi. Si ça se trouve sur le bureau, ça doit etre un raccourci vers "William Hill Poker".

    Sinon, j'ai un autre PC, qui lui a connu un nombre important de problèmes ces dernières années... je profite du fait que tu m'aies fait connaitre Hijackthis et Antivir pour te demander s'il y a du ménage à faire dans le falsh Hijack que voici (normalement, y en a à faire) :

    Logfile of HijackThis v1.99.1
    Scan saved at 19:21:20, on 15/01/2007
    Platform: Windows XP (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 (6.00.2600.0000)

    Running processes:
    D:\WINDOWS\System32\smss.exe
    D:\WINDOWS\system32\winlogon.exe
    D:\WINDOWS\system32\services.exe
    D:\WINDOWS\system32\lsass.exe
    D:\WINDOWS\system32\svchost.exe
    D:\WINDOWS\System32\svchost.exe
    D:\WINDOWS\system32\spoolsv.exe
    D:\WINDOWS\Explorer.EXE
    D:\WINDOWS\System32\bcmwltry.exe
    D:\Program Files\Lexmark 2300 Series\ezprint.exe
    D:\WINDOWS\System32\atiptaxx.exe
    D:\WINDOWS\System32\ctfmon.exe
    D:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    D:\WINDOWS\System32\svchost.exe
    D:\WINDOWS\System32\lxcgcoms.exe
    D:\Program Files\Internet Explorer\IEXPLORE.EXE
    D:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5746\GoogleToolbarNotifier.exe
    D:\Documents and Settings\wam\Local Settings\Temporary Internet Files\Content.IE5\8NR8ZJWG\HijackThis[1].exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = 192.168.0
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: (no name) - {00D6A7E7-4A97-456f-848A-3B75BF7554D7} - (no file)
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: Easy Gif Animator Toolbar Helper - {3873A5A5-C3F8-4830-ABF5-9C83C8347B09} - D:\Program Files\Easy Gif Animator Extension\v3.2.0.0\EasyGifAnimator_Toolbar.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - D:\Program Files\MSN Apps\ST\01.02.3000.1001\en-xu\stmain.dll (file missing)
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program files\google\googletoolbar1.dll
    O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - D:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\fr\msntb.dll (file missing)
    O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - D:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\fr\msntb.dll (file missing)
    O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
    O3 - Toolbar: Easy Gif Animator Toolbar - {8AAE1BCA-A973-423F-9232-7007D8CED2C7} - D:\Program Files\Easy Gif Animator Extension\v3.2.0.0\EasyGifAnimator_Toolbar.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINDOWS\System32\msdxm.ocx
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\program files\google\googletoolbar1.dll
    O4 - HKLM\..\Run: [LogitechVideoRepair] D:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [bcmwltry] bcmwltry.exe
    O4 - HKLM\..\Run: [lxcgmon.exe] "D:\Program Files\Lexmark 2300 Series\lxcgmon.exe"
    O4 - HKLM\..\Run: [EzPrint] "D:\Program Files\Lexmark 2300 Series\ezprint.exe"
    O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
    O4 - HKLM\..\Run: [LXCGCATS] rundll32 D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCGtime.dll,_RunDLLEntry@16
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "D:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\ctfmon.exe
    O4 - HKCU\..\Run: [LDM] D:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKCU\..\Run: [Steam] "d:\progra~1\valve\steam\steam.exe" -silent
    O4 - HKCU\..\Run: [MsnMsgr] "D:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [swg] D:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5746\GoogleToolbarNotifier.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = D:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office\OSA9.EXE
    O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - D:\WINDOWS\web\related.htm
    O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - D:\WINDOWS\web\related.htm
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\MSMSGS.EXE (file missing)
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\MSMSGS.EXE (file missing)
    O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
    O17 - HKLM\System\CCS\Services\Tcpip\..\{47FD4825-B786-46FF-B1B3-11B00E6F2CD4}: NameServer = 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\..\{CD2B1EA1-3B84-423A-91CE-62D6BB954E0D}: NameServer = 80.10.246.1,80.10.246.132
    O18 - Protocol: bw+0 - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: offline-8876480 - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O20 - Winlogon Notify: WgaLogon - D:\WINDOWS\SYSTEM32\WgaLogon.dll
    O23 - Service: Ati HotKey Poller - Unknown owner - D:\WINDOWS\System32\Ati2evxx.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: lxcg_device - Unknown owner - D:\WINDOWS\System32\lxcgcoms.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\System32\nvsvc32.exe
    0
  7. jojo
     
    Tiens, je te poste aussi le rapport Antivir :

    AntiVir PersonalEdition Classic
    Report file date: lundi 15 janvier 2007 20:04

    Scanning for 569934 virus strains and unwanted programs.

    Licensed to: Avira AntiVir PersonalEdition Classic
    Serial number: 0000149996-ADJIE-0001
    Platform: Windows XP
    Windows version: (plain) [5.1.2600]
    Username: wam
    Computer name: BIPBOP

    Version information:
    BUILD.DAT : 217 12749 Bytes 05/12/2006 17:00:00
    AVSCAN.EXE : 7.0.3.2 208936 Bytes 05/12/2006 15:30:07
    AVSCAN.DLL : 7.0.3.1 35880 Bytes 05/12/2006 16:00:22
    LUKE.DLL : 7.0.3.2 143400 Bytes 31/10/2006 16:07:46
    LUKERES.DLL : 7.0.2.0 9256 Bytes 05/12/2006 16:00:22
    ANTIVIR0.VDF : 6.35.0.1 7371264 Bytes 31/05/2006 15:30:06
    ANTIVIR1.VDF : 6.36.1.24 2212864 Bytes 14/11/2006 09:12:08
    ANTIVIR2.VDF : 6.36.1.113 221696 Bytes 01/12/2006 09:12:12
    ANTIVIR3.VDF : 6.37.0.3 6144 Bytes 01/12/2006 09:12:14
    AVEWIN32.DLL : 7.3.0.15 1982976 Bytes 04/12/2006 17:18:38
    AVPREF.DLL : 7.0.2.0 23592 Bytes 03/11/2006 10:53:44
    AVREP.DLL : 6.37.0.3 983080 Bytes 01/12/2006 09:05:52
    AVRPBASE.DLL : 7.0.0.0 2162728 Bytes 30/03/2006 08:43:31
    AVPACK32.DLL : 7.2.0.5 368680 Bytes 23/10/2006 15:21:31
    AVREG.DLL : 7.0.1.1 30760 Bytes 23/10/2006 10:52:27
    NETNT.DLL : No Information!
    RCIMAGE.DLL : 7.0.1.3 2097192 Bytes 08/11/2006 12:26:26
    RCTEXT.DLL : 7.0.12.1 77864 Bytes 05/12/2006 16:00:21

    Configuration settings for the scan:
    Jobname..........................: Local Drives
    Configuration file...............: D:\Program Files\AntiVir PersonalEdition Classic\alldrives.avp
    Logging..........................: low
    Primary action...................: interactive
    Secondary action.................: ignore
    Scan master boot sector..........: off
    Scan boot sector.................: on
    Boot sectors.....................: G:,
    Scan memory......................: on
    Process scan.....................: on
    Scan registry....................: on
    Scan all files...................: Intelligent file selection
    Scan archives....................: on
    Recursion depth..................: 20
    Smart extensions.................: on
    Macro heuristic..................: on
    File heuristic...................: medium
    Expanded search settings.........: 0x00007000

    Start of the scan: lundi 15 janvier 2007 20:04

    The scan of running processes will be started
    Scan process 'avscan.exe' - '1' Modules have been scanned
    Scan process 'avcenter.exe' - '1' Modules have been scanned
    Scan process 'avgnt.exe' - '1' Modules have been scanned
    Scan process 'avguard.exe' - '1' Modules have been scanned
    Scan process 'sched.exe' - '1' Modules have been scanned
    Scan process 'IEXPLORE.EXE' - '1' Modules have been scanned
    Scan process 'lxcgcoms.exe' - '1' Modules have been scanned
    Scan process 'wdfmgr.exe' - '1' Modules have been scanned
    Scan process 'svchost.exe' - '1' Modules have been scanned
    Scan process 'LogitechDesktopMessenger.exe' - '1' Modules have been scanned
    Scan process 'ctfmon.exe' - '1' Modules have been scanned
    Scan process 'atiptaxx.exe' - '1' Modules have been scanned
    Scan process 'ezprint.exe' - '1' Modules have been scanned
    Scan process 'bcmwltry.exe' - '1' Modules have been scanned
    Scan process 'explorer.exe' - '1' Modules have been scanned
    Scan process 'spoolsv.exe' - '1' Modules have been scanned
    Scan process 'svchost.exe' - '1' Modules have been scanned
    Scan process 'svchost.exe' - '1' Modules have been scanned
    Scan process 'svchost.exe' - '1' Modules have been scanned
    Scan process 'svchost.exe' - '1' Modules have been scanned
    Scan process 'lsass.exe' - '1' Modules have been scanned
    Scan process 'services.exe' - '1' Modules have been scanned
    Scan process 'winlogon.exe' - '1' Modules have been scanned
    Scan process 'csrss.exe' - '1' Modules have been scanned
    Scan process 'smss.exe' - '1' Modules have been scanned
    25 processes with 25 modules were scanned

    Start scanning boot sectors:
    Boot sector 'C:\'
    [NOTE] No virus was found!
    Boot sector 'D:\'
    [NOTE] No virus was found!
    Boot sector 'F:\'
    [NOTE] No virus was found!

    Starting to scan the registry.
    The registry was scanned ( 24 files ).

    Starting the file scan:

    Begin scan in 'C:\'
    C:\Program Files\Kazaa Lite Resurrection\mp3shield.exe
    [DETECTION] Contains suspicious code HEUR/Crypted
    [INFO] The file was moved to '45ded595.qua'!
    C:\System Volume Information\_restore{A8172783-2F2B-4F3A-8E28-B64BDA20B6E9}\RP133\A0075113.exe
    [DETECTION] Contains suspicious code HEUR/Crypted
    [INFO] The file was moved to '45dbd7ac.qua'!
    Begin scan in 'D:\'
    D:\hiberfil.sys
    [WARNING] The file could not be opened!
    D:\pagefile.sys
    [WARNING] The file could not be opened!
    D:\Program Files\Common files\SearchUpgrader\SearchUpgrader.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Keenval.3
    [INFO] The file was moved to '460cd9bd.qua'!
    D:\RECYCLER\NPROTECT\00001843.EXE
    [DETECTION] Contains suspicious code HEUR/Crypted
    [INFO] The file was moved to '45dbdd9a.qua'!
    Begin scan in 'F:\' <DRV4_VOL1>
    F:\tedmùp^m\102.part
    [0] Archive type: ACE
    --> Rage Against The Machine\video\Thumbs.db
    [WARNING] Error creating the file
    --> Rage Against The Machine\mp3\2000 - Renegades\Thumbs.db
    [WARNING] No further files can be extracted from this archive. The archive will be closed
    [WARNING] No further files can be extracted from this archive. The archive will be closed
    Begin scan in 'E:\' <F:\>
    The path E:\ could not be found!
    Le périphérique n'est pas prêt.

    Begin scan in 'G:\' <New_Compilation>

    End of the scan: lundi 15 janvier 2007 21:37
    Used time: 1:32:59 min

    The scan has been done completely.

    4169 Scanning directories
    200722 Files were scanned
    4 viruses and/or unwanted programs were found
    0 files were deleted
    0 files were repaired
    4 files were moved to quarantine
    0 files were renamed
    2 Files cannot be scanned
    200718 Files not concerned
    1748 Archives were scanned
    5 Warnings
    0 Notes
    0
  8. philae83 Messages postés 12854 Statut Contributeur sécurité 206
     
    bonsoir,

    donc si j'ai bien compris, c ton autre pc ?

    virer des lignes inutiles

    lance hijackthis coche et fixe

    O2 - BHO: (no name) - {00D6A7E7-4A97-456f-848A-3B75BF7554D7} - (no file)
    O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - D:\Program Files\MSN Apps\ST\01.02.3000.1001\en-xu\stmain.dll (file missing)
    O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - D:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\fr\msntb.dll (file missing)
    O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - D:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\fr\msntb.dll (file missing)
    O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
    O4 - HKLM\..\Run: [bcmwltry] bcmwltry.exe
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "D:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\ctfmon.exe
    O4 - HKCU\..\Run: [LDM] D:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = D:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office\OSA9.EXE
    O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - D:\WINDOWS\web\related.htm
    O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - D:\WINDOWS\web\related.htm
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\MSMSGS.EXE (file missing)
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\MSMSGS.EXE (file missing)
    O18 - Protocol: bw+0 - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {8C1677CE-3B74-4881-ADAD-993AE55182CB} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    0
  9. jojo
     
    Voici le nouveau rapport Hijack :

    Logfile of HijackThis v1.99.1
    Scan saved at 01:49:43, on 18/01/2007
    Platform: Windows XP (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 (6.00.2600.0000)

    Running processes:
    D:\WINDOWS\System32\smss.exe
    D:\WINDOWS\system32\winlogon.exe
    D:\WINDOWS\system32\services.exe
    D:\WINDOWS\system32\lsass.exe
    D:\WINDOWS\system32\svchost.exe
    D:\WINDOWS\System32\svchost.exe
    D:\WINDOWS\system32\spoolsv.exe
    D:\WINDOWS\Explorer.EXE
    D:\Program Files\AntiVir PersonalEdition Classic\sched.exe
    D:\Program Files\Lexmark 2300 Series\ezprint.exe
    D:\WINDOWS\System32\atiptaxx.exe
    D:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
    D:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
    D:\WINDOWS\System32\svchost.exe
    D:\Program Files\Google\GoogleToolbarNotifier\1.2.908.8472\GoogleToolbarNotifier.exe
    D:\Documents and Settings\wam\Bureau\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = 192.168.0
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: Easy Gif Animator Toolbar Helper - {3873A5A5-C3F8-4830-ABF5-9C83C8347B09} - D:\Program Files\Easy Gif Animator Extension\v3.2.0.0\EasyGifAnimator_Toolbar.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program files\google\googletoolbar3.dll
    O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
    O3 - Toolbar: Easy Gif Animator Toolbar - {8AAE1BCA-A973-423F-9232-7007D8CED2C7} - D:\Program Files\Easy Gif Animator Extension\v3.2.0.0\EasyGifAnimator_Toolbar.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINDOWS\System32\msdxm.ocx
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\program files\google\googletoolbar3.dll
    O4 - HKLM\..\Run: [LogitechVideoRepair] D:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [lxcgmon.exe] "D:\Program Files\Lexmark 2300 Series\lxcgmon.exe"
    O4 - HKLM\..\Run: [EzPrint] "D:\Program Files\Lexmark 2300 Series\ezprint.exe"
    O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
    O4 - HKLM\..\Run: [LXCGCATS] rundll32 D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCGtime.dll,_RunDLLEntry@16
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [avgnt] "D:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKCU\..\Run: [Steam] "d:\progra~1\valve\steam\steam.exe" -silent
    O4 - HKCU\..\Run: [MsnMsgr] "D:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O9 - Extra button: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - D:\Program Files\UltimateBet\UltimateBet.exe
    O9 - Extra 'Tools' menuitem: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - D:\Program Files\UltimateBet\UltimateBet.exe
    O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
    O17 - HKLM\System\CCS\Services\Tcpip\..\{47FD4825-B786-46FF-B1B3-11B00E6F2CD4}: NameServer = 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\..\{CD2B1EA1-3B84-423A-91CE-62D6BB954E0D}: NameServer = 80.10.246.1,80.10.246.132
    O20 - Winlogon Notify: WgaLogon - D:\WINDOWS\SYSTEM32\WgaLogon.dll
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - D:\Program Files\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - D:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Ati HotKey Poller - Unknown owner - D:\WINDOWS\System32\Ati2evxx.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\System32\nvsvc32.exe
    0
  10. philae83 Messages postés 12854 Statut Contributeur sécurité 206
     
    Bonsoir,

    relance HijackThis, coche et fixe cette ligne

    O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)

    puis fait un scan antivirus en ligne ici et poste le rapport au format texte stp
    http://www.bitdefender.fr/scan8/ie.html
    0
  11. jojo
     
    //-----------------------------------------------------------------
    //
    // Fichier journal BitDefender
    //
    // Créé le: 21/01/2007 19:34:41
    //
    //-----------------------------------------------------------------

    Statistiques

    Chemin cible: C:\
    D:\
    F:\
    Dossiers : 4181
    Fichiers : 321548
    Archives : 1871
    Fichiers empaquetés : 42885
    Virus trouvés : 1
    Fichiers infectés : 3
    Alertes : 0
    Fichiers suspects : 0
    Fichiers désinfectés : 0
    Fichiers effacés : 0
    Fichiers copiés : 0
    Fichiers déplacés : 3
    Fichiers renommés : 0
    Erreurs I/O : 25
    Temps d'analyse := 04:14:01
    Fichiers/seconde :21

    Définitions virus : 389906
    Plugins d'analyse : 14
    Plugins archives : 38
    Plug-ins décompression : 6
    Plug-ins messagerie : 6
    Plug-ins système : 1

    Options d'analyse

    Détection
    [X] Analyser le secteur de boot
    [X] Analyser les archives
    [X] Analyser les fichiers en paquets
    [X] Analyser la messagerie

    Masque fichiers
    [ ] Programmes
    [X] Tous les fichiers
    [ ] Extensions définies par l'utilisateur:
    [ ] Exclure les extensions: ;

    Action

    Objets infectés
    [ ] Ignorer
    [X] Désinfecter
    [ ] Effacer
    [ ] Copier
    [ ] Déplacer dans le dossier infectés
    [ ] Renommer
    [ ] Demander l'action

    Seconde action
    [ ] Ignorer
    [ ] Effacer
    [ ] Copier
    [X] Déplacer dans le dossier infectés
    [ ] Renommer
    [ ] Demander l'action

    Options d'analyse
    [X] Activer les alertes
    [X] Activer l'heuristique
    [ ] Afficher tous les fichiers dans le journal
    [X] Fichier journal : vscan.log
    [ ] Rajouter au rapport existant

    Sommaire :

    C:\System Volume Information\_restore{F9FD103F-868D-482F-A657-6369914C8BD5}\RP45\A0007892.exe Infectés avec Adware.Navexcel.A
    C:\System Volume Information\_restore{F9FD103F-868D-482F-A657-6369914C8BD5}\RP45\A0007892.exe Désinfection impossible
    C:\System Volume Information\_restore{F9FD103F-868D-482F-A657-6369914C8BD5}\RP45\A0007892.exe Déplacé
    C:\System Volume Information\_restore{F9FD103F-868D-482F-A657-6369914C8BD5}\RP45\A0007893.exe Infectés avec Adware.Navexcel.A
    C:\System Volume Information\_restore{F9FD103F-868D-482F-A657-6369914C8BD5}\RP45\A0007893.exe Désinfection impossible
    C:\System Volume Information\_restore{F9FD103F-868D-482F-A657-6369914C8BD5}\RP45\A0007893.exe Déplacé
    C:\System Volume Information\_restore{F9FD103F-868D-482F-A657-6369914C8BD5}\RP45\A0007894.dll Infectés avec Adware.Navexcel.A
    C:\System Volume Information\_restore{F9FD103F-868D-482F-A657-6369914C8BD5}\RP45\A0007894.dll Désinfection impossible
    C:\System Volume Information\_restore{F9FD103F-868D-482F-A657-6369914C8BD5}\RP45\A0007894.dll Déplacé
    Fichiers analysés
    0
  12. philae83 Messages postés 12854 Statut Contributeur sécurité 206
     
    Bonjour,

    c'est ok,
    démarrer-----------panneau de configuration------------système----------

    onglet Restauration système-----------coche la case (Désactiver la restauration système)--------------

    redémarre l'ordinateur
    puis ré active la.
    0
  13. jojo
     
    Nouveau rapport Hijack :

    Logfile of HijackThis v1.99.1
    Scan saved at 01:49:58, on 24/01/2007
    Platform: Windows XP (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 (6.00.2600.0000)

    Running processes:
    D:\WINDOWS\System32\smss.exe
    D:\WINDOWS\system32\winlogon.exe
    D:\WINDOWS\system32\services.exe
    D:\WINDOWS\system32\lsass.exe
    D:\WINDOWS\system32\svchost.exe
    D:\WINDOWS\System32\svchost.exe
    D:\WINDOWS\system32\spoolsv.exe
    D:\Program Files\AntiVir PersonalEdition Classic\sched.exe
    D:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
    D:\WINDOWS\System32\svchost.exe
    D:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
    D:\WINDOWS\Explorer.EXE
    D:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
    D:\Program Files\UltimateBet\UltimateBet.exe
    D:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    D:\Program Files\Internet Explorer\IEXPLORE.EXE
    D:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
    d:\program files\softwin\bitdefender free edition\bdmcon.exe
    D:\Program Files\Everest Poker\Everest Poker.exe
    D:\Documents and Settings\wam\Bureau\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = 192.168.0
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O4 - HKLM\..\Run: [avgnt] "D:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [BDMCon] D:\Program Files\Softwin\BitDefender Free Edition\\bdmcon.exe
    O4 - HKLM\..\Run: [BDNewsAgent] D:\Program Files\Softwin\BitDefender Free Edition\\bdnagent.exe
    O4 - HKLM\..\Run: [TkBellExe] "D:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKCU\..\Run: [msnmsgr] "D:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
    O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
    O17 - HKLM\System\CCS\Services\Tcpip\..\{47FD4825-B786-46FF-B1B3-11B00E6F2CD4}: NameServer = 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\..\{CD2B1EA1-3B84-423A-91CE-62D6BB954E0D}: NameServer = 80.10.246.1,80.10.246.132
    O20 - Winlogon Notify: WgaLogon - D:\WINDOWS\SYSTEM32\WgaLogon.dll
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - D:\Program Files\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - D:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Ati HotKey Poller - Unknown owner - D:\WINDOWS\System32\Ati2evxx.exe
    O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - D:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\System32\nvsvc32.exe
    O23 - Service: BitDefender Communicator (XCOMM) - Softwin - D:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
    0
  14. philae83 Messages postés 12854 Statut Contributeur sécurité 206
     
    Bonjour,

    Antivir ou bitdefender comme antivirus, il faut choisir, et en supprimer 1
    jamais 2 antivirus en résident.

    de + ton système d'exploitation n'étant pas à jour, tu ferais bien d'installer un firewall et de lire ceci :
    securite proteger un ordinateur contre les malwares d internet
    0
Précédent
  • 1
  • 2