Sujet Précédent Sujet Suivant

Quick web search about:blank virus

Fermé
flo - 10 juil. 2005 à 19:01
balltrap34 Messages postés 16240 Date d'inscription jeudi 8 janvier 2004 Statut Contributeur sécurité Dernière intervention 28 novembre 2009 - 11 juil. 2005 à 00:09
Bonjour j'ai le meme pb que plusieurs personnes, mais comme on donne des soluces différentes pour chacun.... pourriez vous me dire ce qui ne va pas dans mon hijack? la page de démarrage web est quick web search about blank et ceci meme apres avoir fait fonctionné ad aware, norton et tout et tout....merci de m'aider à me débarasser de ce virus!!! voici mon hijack :
Logfile of HijackThis v1.99.1
Scan saved at 18:49:55, on 10/07/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\HighCriteria\TotalRecorder\TotRecSched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
E:\Common\Bin\WinCinemaMgr.exe
C:\Program Files\Yahoo!\Messenger\ypager.exe
C:\WINDOWS\iejq32.exe
C:\Program Files\SpyCatcher\Scheduler daemon.exe
C:\Program Files\SpyCatcher\Protector.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Flo\Mes documents\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.free.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\jgidc.dll/sp.html#37049
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\jgidc.dll/sp.html#37049
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.free.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\jgidc.dll/sp.html#37049
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\jgidc.dll/sp.html#37049
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\jgidc.dll/sp.html#37049
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\jgidc.dll/sp.html#37049
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\jgidc.dll/sp.html#37049
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ie/defaults/su/ymsgr6/fr/*http://fr.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: Class - {EF01F15D-1C88-898A-CFE9-8CA24B095BC3} - C:\WINDOWS\system32\mfczw32.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp3\winampa.exe"
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [UStorag] c:\program files\u-storage tools2.70\ustorage.exe sys_auto_run C:\Program Files\U-Storage Tools2.70
O4 - HKLM\..\Run: [Uninstall_TBPS] C:\WINDOWS\Temp\TBuninst.exe /remove
O4 - HKLM\..\Run: [TotalRecorderScheduler] "C:\Program Files\HighCriteria\TotalRecorder\TotRecSched.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [iexplore.exe] C:\Program Files\Internet Explorer\iexplore.exe
O4 - HKLM\..\Run: [atlxt.exe] C:\WINDOWS\atlxt.exe
O4 - HKLM\..\Run: [iejq32.exe] C:\WINDOWS\iejq32.exe
O4 - HKLM\..\Run: [GhostSurfDelSatellite] "C:\Program Files\SpyCatcher\DeleteSatellite.exe"
O4 - HKLM\..\RunOnce: [ipon.exe] C:\WINDOWS\ipon.exe
O4 - HKLM\..\RunOnce: [mssr.exe] C:\WINDOWS\mssr.exe
O4 - HKLM\..\RunOnce: [iefq32.exe] C:\WINDOWS\iefq32.exe
O4 - HKLM\..\RunOnce: [ieuj32.exe] C:\WINDOWS\system32\ieuj32.exe
O4 - HKLM\..\RunOnce: [apihc32.exe] C:\WINDOWS\apihc32.exe
O4 - HKLM\..\RunOnce: [syshq32.exe] C:\WINDOWS\system32\syshq32.exe
O4 - HKLM\..\RunOnce: [d3oh.exe] C:\WINDOWS\system32\d3oh.exe
O4 - HKLM\..\RunOnce: [sdkyu.exe] C:\WINDOWS\system32\sdkyu.exe
O4 - HKLM\..\RunOnce: [ntws.exe] C:\WINDOWS\ntws.exe
O4 - HKLM\..\RunOnce: [d3cs.exe] C:\WINDOWS\d3cs.exe
O4 - HKLM\..\RunOnce: [addur32.exe] C:\WINDOWS\addur32.exe
O4 - HKLM\..\RunOnce: [crjx.exe] C:\WINDOWS\system32\crjx.exe
O4 - HKLM\..\RunOnce: [GhostSurfDelSatellite] "C:\Program Files\SpyCatcher\DeleteSatellite.exe" nowait
O4 - HKLM\..\RunOnce: [d3rd32.exe] C:\WINDOWS\system32\d3rd32.exe
O4 - HKLM\..\RunOnce: [winqy.exe] C:\WINDOWS\system32\winqy.exe
O4 - HKLM\..\RunOnce: [sdktq.exe] C:\WINDOWS\sdktq.exe
O4 - HKLM\..\RunOnce: [mfcsd.exe] C:\WINDOWS\system32\mfcsd.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\ypager.exe" -quiet
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Tracks Eraser Pro] C:\Program Files\Acesoft\Tracks Eraser Pro\te.exe min
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = E:\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Kaspersky Anti-Hacker.lnk = ?
O4 - Global Startup: EPSON Status Monitor 3 Environment Check.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV03.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: teleir_cert - https://static.ir.dgi.minefi.gouv.fr/secure/connexion/archives/ie4n4/teleir_cert.cab
O16 - DPF: Yahoo! Chat - http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/c381/chat.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
O17 - HKLM\System\CCS\Services\Tcpip\..\{39C8F023-99EA-40EA-B9A4-B6A6BBC69FF3}: NameServer = 212.27.32.176,212.27.32.177
O18 - Protocol: bw+0 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: AutoComplete Service (Autocomplete) - Acesoft - C:\Program Files\Acesoft\Tracks Eraser Pro\autocomp.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PC-cillin PersonalFirewall (PCCPFW) - Unknown owner - C:\Program Files\Trend Micro\PC-cillin 9\PCCPFW.exe (file missing)
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: Trend NT Realtime Service (Tmntsrv) - Unknown owner - C:\Program Files\Trend Micro\PC-cillin 9\Tmntsrv.exe (file missing)
A voir également:

5 réponses

Réponse 1 / 5
jean38 Messages postés 2534 Date d'inscription samedi 16 avril 2005 Statut Contributeur Dernière intervention 17 juillet 2017 47
10 juil. 2005 à 19:20
OK alors,

imprime cela pour ne rien oublier, c'est important tout reprend sa formae initial si tu oublies qqchose

A/ si tu ne les as pas, telecharge:


Ad-Aware SE 1.06
http://www.lavasoftusa.com/software/adaware/
Spybot S&D 1.4
http://www.safer-networking.org/fr/index.html
-aide en image:(merci a Balltrap34)
http://pageperso.aol.fr/Balltrap34/demo%20spybot.htm

puis Clean Up 40 :
http://pageperso.aol.fr/balltrap34/CleanUp40.exe
-aide en image:(merci a Balltrap34)
http://pageperso.aol.fr/balltrap34/democleanup.htm
ne les utilise pas tout de suite

idem si tu ne l’as pas A2 free sur http://www.emsisoft.net/fr/software/download/

met à jour spybot, ad aware et a2 free sur internet (tu trouves l’option dans les menus) mais ne lance pas les scan.



Clean Up 40 :
http://pageperso.aol.fr/balltrap34/CleanUp40.exe

About:Buster.
Tu le télécharges sur :
http://www.majorgeeks.com/download4289.html
clik "Check for updates".
telecharge les mises a jour
mais attend pour l'utiliser


1) clic droit sur poste de travail
propriété
restauration systeme
coche desactivé puis appliquer

2) demarrer
panneau de configuration
outil
option des dossiers
affichage,
coche afficher dossier cachés
decoche : masquer extension des fichiers dont le type est connu
masquer les fichiers protégés du systeme d'exploitation.

3) demarre en mode sans echec.
Soit tu tapotte sur la touche F8 alancement de Windows et tu choisi sans echec (pas d’inquiétude pour l’aspect de l’ecran)

4) lance hijack, ferme le bloc note et coche les cases devant les lignes, à la fin valide à l’aide du bouton fix checked:

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\jgidc.dll/sp.html#37049

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\jgidc.dll/sp.html#37049

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\jgidc.dll/sp.html#37049

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\jgidc.dll/sp.html#37049

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\jgidc.dll/sp.html#37049

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\jgidc.dll/sp.html#37049

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\jgidc.dll/sp.html#37049

R3 - Default URLSearchHook is missing

O4 - HKLM\..\Run: [Uninstall_TBPS] C:\WINDOWS\Temp\TBuninst.exe /remove

O4 - HKLM\..\Run: [atlxt.exe] C:\WINDOWS\atlxt.exe
O4 - HKLM\..\Run: [iejq32.exe] C:\WINDOWS\iejq32.exe
O4 - HKLM\..\Run: [GhostSurfDelSatellite] "C:\Program Files\SpyCatcher\DeleteSatellite.exe" <sauf si veux le garder mais??
O4 - HKLM\..\RunOnce: [ipon.exe] C:\WINDOWS\ipon.exe
O4 - HKLM\..\RunOnce: [mssr.exe] C:\WINDOWS\mssr.exe
O4 - HKLM\..\RunOnce: [iefq32.exe] C:\WINDOWS\iefq32.exe
O4 - HKLM\..\RunOnce: [ieuj32.exe] C:\WINDOWS\system32\ieuj32.exe
O4 - HKLM\..\RunOnce: [apihc32.exe] C:\WINDOWS\apihc32.exe
O4 - HKLM\..\RunOnce: [syshq32.exe] C:\WINDOWS\system32\syshq32.exe
O4 - HKLM\..\RunOnce: [d3oh.exe] C:\WINDOWS\system32\d3oh.exe
O4 - HKLM\..\RunOnce: [sdkyu.exe] C:\WINDOWS\system32\sdkyu.exe
O4 - HKLM\..\RunOnce: [ntws.exe] C:\WINDOWS\ntws.exe
O4 - HKLM\..\RunOnce: [d3cs.exe] C:\WINDOWS\d3cs.exe
O4 - HKLM\..\RunOnce: [addur32.exe] C:\WINDOWS\addur32.exe
O4 - HKLM\..\RunOnce: [crjx.exe] C:\WINDOWS\system32\crjx.exe
O4 - HKLM\..\RunOnce: [d3rd32.exe] C:\WINDOWS\system32\d3rd32.exe
O4 - HKLM\..\RunOnce: [winqy.exe] C:\WINDOWS\system32\winqy.exe
O4 - HKLM\..\RunOnce: [sdktq.exe] C:\WINDOWS\sdktq.exe
O4 - HKLM\..\RunOnce: [mfcsd.exe] C:\WINDOWS\system32\mfcsd.exe

O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)


5) supprime les fichiers

C:\WINDOWS\atlxt.exe
C:\WINDOWS\iejq32.exe
C:\Program Files\SpyCatcher< sauf si tu le souhaite mais ???


7) lance about:buster
passe le deux fois de suite

8) lance clean up
tu relances tes scan ad aware
puis spy boot
puis a2 free
et vire tout ce qu'ils trouvent (c'est un peu long mais tu devrais t'en sortir).


vide ta poubelle et redemarre en mode normal, c'est à dire avant de redemarrer, tu refais les manip de départ mais en recochant ... pour retrouver la config de départ.

redemarre
refait un log
0
flo
10 juil. 2005 à 21:59
re bonjour, et merci pour la réponse!!!
MAIS, ça fait toujours les memes pb...
j'ai fait chaque etape pourtant, sauf, je n'ai pu cocher :
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\jgidc.dll/sp.html#37049

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\jgidc.dll/sp.html#37049

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\jgidc.dll/sp.html#37049

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\jgidc.dll/sp.html#37049

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\jgidc.dll/sp.html#37049

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\jgidc.dll/sp.html#37049

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\jgidc.dll/sp.html#37049



ces lignes n'existent pas dans mon hijack ou alors avec un nom de fichier different...fallait il les cocher quand meme?
0
Réponse 2 / 5
jean38 Messages postés 2534 Date d'inscription samedi 16 avril 2005 Statut Contributeur Dernière intervention 17 juillet 2017 47
10 juil. 2005 à 22:17
refaits un log hijack, je comprends rien.

je sais plus a quelle etape tu en es.

jean
0
flo
10 juil. 2005 à 22:21
j'ai fini toutes les étapes...
je disais juste que certaines lignes que tu m'as dit de cocher n'existaient pas dans mon hijack...

Logfile of HijackThis v1.99.1
Scan saved at 22:17:03, on 10/07/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\adduu.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\HighCriteria\TotalRecorder\TotRecSched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
D:\Program Files\Overnet\eDonkey2000\eDonkey2000.exe
C:\Program Files\AdwareDelete\adwaredelete.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AdwareDelete\adwaredelete.exe
C:\Program Files\Yahoo!\Messenger\ypager.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
E:\Common\Bin\WinCinemaMgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Flo\Mes documents\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.free.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\eyxvn.dll/sp.html#37049
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\eyxvn.dll/sp.html#37049
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\eyxvn.dll/sp.html#37049
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\eyxvn.dll/sp.html#37049
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\eyxvn.dll/sp.html#37049
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\eyxvn.dll/sp.html#37049
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\eyxvn.dll/sp.html#37049
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ie/defaults/su/ymsgr6/fr/*http://fr.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: Class - {C8F7745A-EDC7-09F6-2A66-3DBD317341D5} - C:\WINDOWS\adduu.dll
O2 - BHO: Class - {EF01F15D-1C88-898A-CFE9-8CA24B095BC3} - C:\WINDOWS\system32\mfczw32.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp3\winampa.exe"
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [UStorag] c:\program files\u-storage tools2.70\ustorage.exe sys_auto_run C:\Program Files\U-Storage Tools2.70
O4 - HKLM\..\Run: [TotalRecorderScheduler] "C:\Program Files\HighCriteria\TotalRecorder\TotRecSched.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [iexplore.exe] C:\Program Files\Internet Explorer\iexplore.exe
O4 - HKLM\..\Run: [eDonkey2000] D:\Program Files\Overnet\eDonkey2000\eDonkey2000.exe -t
O4 - HKLM\..\Run: [AdwareDelete] C:\Program Files\AdwareDelete\adwaredelete.exe /h
O4 - HKLM\..\Run: [apiet32.exe] C:\WINDOWS\apiet32.exe
O4 - HKLM\..\Run: [atluv.exe] C:\WINDOWS\atluv.exe
O4 - HKLM\..\Run: [adduu.exe] C:\WINDOWS\adduu.exe
O4 - HKLM\..\RunOnce: [sysrv.exe] C:\WINDOWS\sysrv.exe
O4 - HKLM\..\RunOnce: [appft.exe] C:\WINDOWS\appft.exe
O4 - HKLM\..\RunOnce: [apihg.exe] C:\WINDOWS\apihg.exe
O4 - HKLM\..\RunOnce: [apijr32.exe] C:\WINDOWS\apijr32.exe
O4 - HKLM\..\RunOnce: [ntwu.exe] C:\WINDOWS\ntwu.exe
O4 - HKLM\..\RunOnce: [ntnk.exe] C:\WINDOWS\ntnk.exe
O4 - HKLM\..\RunOnce: [winhl32.exe] C:\WINDOWS\system32\winhl32.exe
O4 - HKLM\..\RunOnce: [d3by32.exe] C:\WINDOWS\d3by32.exe
O4 - HKLM\..\RunOnce: [ipkh.exe] C:\WINDOWS\ipkh.exe
O4 - HKLM\..\RunOnce: [d3lc32.exe] C:\WINDOWS\system32\d3lc32.exe
O4 - HKLM\..\RunOnce: [sysyk.exe] C:\WINDOWS\sysyk.exe
O4 - HKLM\..\RunOnce: [iekp.exe] C:\WINDOWS\iekp.exe
O4 - HKLM\..\RunOnce: [apixv.exe] C:\WINDOWS\system32\apixv.exe
O4 - HKLM\..\RunOnce: [atlco32.exe] C:\WINDOWS\atlco32.exe
O4 - HKLM\..\RunOnce: [mfcdu32.exe] C:\WINDOWS\mfcdu32.exe
O4 - HKLM\..\RunOnce: [netrw.exe] C:\WINDOWS\netrw.exe
O4 - HKLM\..\RunOnce: [ielg32.exe] C:\WINDOWS\system32\ielg32.exe
O4 - HKLM\..\RunOnce: [ntqk32.exe] C:\WINDOWS\system32\ntqk32.exe
O4 - HKLM\..\RunOnce: [d3du.exe] C:\WINDOWS\d3du.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\ypager.exe" -quiet
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Tracks Eraser Pro] C:\Program Files\Acesoft\Tracks Eraser Pro\te.exe min
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = E:\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Kaspersky Anti-Hacker.lnk = ?
O4 - Global Startup: EPSON Status Monitor 3 Environment Check.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV03.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: teleir_cert - https://static.ir.dgi.minefi.gouv.fr/secure/connexion/archives/ie4n4/teleir_cert.cab
O16 - DPF: Yahoo! Chat - http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/c381/chat.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
O17 - HKLM\System\CCS\Services\Tcpip\..\{39C8F023-99EA-40EA-B9A4-B6A6BBC69FF3}: NameServer = 212.27.32.176,212.27.32.177
O18 - Protocol: bw+0 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Workstation NetLogon Service ( 11Fßä#·ºÄÖ`I) - Unknown owner - C:\WINDOWS\sysrv.exe" /s (file missing)
O23 - Service: AutoComplete Service (Autocomplete) - Acesoft - C:\Program Files\Acesoft\Tracks Eraser Pro\autocomp.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PC-cillin PersonalFirewall (PCCPFW) - Unknown owner - C:\Program Files\Trend Micro\PC-cillin 9\PCCPFW.exe (file missing)
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: Trend NT Realtime Service (Tmntsrv) - Unknown owner - C:\Program Files\Trend Micro\PC-cillin 9\Tmntsrv.exe (file missing)
0
Réponse 3 / 5
jean38 Messages postés 2534 Date d'inscription samedi 16 avril 2005 Statut Contributeur Dernière intervention 17 juillet 2017 47
10 juil. 2005 à 22:29
et bien regarde, tu vois bien qu'elles existent?????

donc reprends ligne par ligne le post precedent et refais tout.


1) clic droit sur poste de travail
propriété
restauration systeme
coche desactivé puis appliquer

2) demarrer
panneau de configuration
outil
option des dossiers
affichage,
coche afficher dossier cachés
decoche : masquer extension des fichiers dont le type est connu
masquer les fichiers protégés du systeme d'exploitation.

3) demarre en mode sans echec.
Soit tu tapotte sur la touche F8 alancement de Windows et tu choisis sans echec (pas d’inquiétude pour l’aspect de l’ecran)
si pas dans ce mode la manip ne sert à rien

4) lance hijack, ferme le bloc note et coche les cases devant les lignes, à la fin valide à l’aide du bouton fix checked:
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\eyxvn.dll/sp.html#37049

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\eyxvn.dll/sp.html#37049

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\eyxvn.dll/sp.html#37049

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\eyxvn.dll/sp.html#37049

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\eyxvn.dll/sp.html#37049

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\eyxvn.dll/sp.html#37049

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\eyxvn.dll/sp.html#37049

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 

R3 - Default URLSearchHook is missing

O4 - HKLM\..\Run: [AdwareDelete] C:\Program Files\AdwareDelete\adwaredelete.exe /h
O4 - HKLM\..\Run: [apiet32.exe] C:\WINDOWS\apiet32.exe
O4 - HKLM\..\Run: [atluv.exe] C:\WINDOWS\atluv.exe
O4 - HKLM\..\Run: [adduu.exe] C:\WINDOWS\adduu.exe
O4 - HKLM\..\RunOnce: [sysrv.exe] C:\WINDOWS\sysrv.exe
O4 - HKLM\..\RunOnce: [appft.exe] C:\WINDOWS\appft.exe
O4 - HKLM\..\RunOnce: [apihg.exe] C:\WINDOWS\apihg.exe
O4 - HKLM\..\RunOnce: [apijr32.exe] C:\WINDOWS\apijr32.exe
O4 - HKLM\..\RunOnce: [ntwu.exe] C:\WINDOWS\ntwu.exe
O4 - HKLM\..\RunOnce: [ntnk.exe] C:\WINDOWS\ntnk.exe
O4 - HKLM\..\RunOnce: [winhl32.exe] C:\WINDOWS\system32\winhl32.exe
O4 - HKLM\..\RunOnce: [d3by32.exe] C:\WINDOWS\d3by32.exe
O4 - HKLM\..\RunOnce: [ipkh.exe] C:\WINDOWS\ipkh.exe
O4 - HKLM\..\RunOnce: [d3lc32.exe] C:\WINDOWS\system32\d3lc32.exe
O4 - HKLM\..\RunOnce: [sysyk.exe] C:\WINDOWS\sysyk.exe
O4 - HKLM\..\RunOnce: [iekp.exe] C:\WINDOWS\iekp.exe
O4 - HKLM\..\RunOnce: [apixv.exe] C:\WINDOWS\system32\apixv.exe
O4 - HKLM\..\RunOnce: [atlco32.exe] C:\WINDOWS\atlco32.exe
O4 - HKLM\..\RunOnce: [mfcdu32.exe] C:\WINDOWS\mfcdu32.exe
O4 - HKLM\..\RunOnce: [netrw.exe] C:\WINDOWS\netrw.exe
O4 - HKLM\..\RunOnce: [ielg32.exe] C:\WINDOWS\system32\ielg32.exe
O4 - HKLM\..\RunOnce: [ntqk32.exe] C:\WINDOWS\system32\ntqk32.exe
O4 - HKLM\..\RunOnce: [d3du.exe] C:\WINDOWS\d3du.exe

5) supprime les fichiers
C:\Program Files\AdwareDelete<< le dossier
C:\WINDOWS\apiet32.exe
C:\WINDOWS\atluv.exe
C:\WINDOWS\adduu.exe


7) lance about:buster
passe le deux fois de suite

8) lance clean up
tu relances tes scan ad aware
puis spy boot
puis a2 free
et vire tout ce qu'ils trouvent (c'est un peu long mais tu devrais t'en sortir).


vide ta poubelle et redemarre en mode normal, c'est à dire avant de redemarrer, tu refais les manip de départ mais en recochant ... pour retrouver la config de départ.

redemarre
refait un log
0
Réponse 4 / 5
flo
10 juil. 2005 à 23:55
ça ne fonctionne toujours pas, pourtant j'ai tout fait comme indiqué.... revoici mon hijack :

Logfile of HijackThis v1.99.1
Scan saved at 23:50:35, on 10/07/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\netta32.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\HighCriteria\TotalRecorder\TotRecSched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
D:\Program Files\Overnet\eDonkey2000\eDonkey2000.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Yahoo!\Messenger\ypager.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
E:\Common\Bin\WinCinemaMgr.exe
C:\Documents and Settings\Flo\Mes documents\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.free.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\system32\hbace.dll/sp.html#37049
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\hbace.dll/sp.html#37049
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\system32\hbace.dll/sp.html#37049
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\system32\hbace.dll/sp.html#37049
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\hbace.dll/sp.html#37049
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\system32\hbace.dll/sp.html#37049
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\system32\hbace.dll/sp.html#37049
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ie/defaults/su/ymsgr6/fr/*http://fr.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: Class - {EF01F15D-1C88-898A-CFE9-8CA24B095BC3} - C:\WINDOWS\system32\mfczw32.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp3\winampa.exe"
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [UStorag] c:\program files\u-storage tools2.70\ustorage.exe sys_auto_run C:\Program Files\U-Storage Tools2.70
O4 - HKLM\..\Run: [TotalRecorderScheduler] "C:\Program Files\HighCriteria\TotalRecorder\TotRecSched.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [iexplore.exe] C:\Program Files\Internet Explorer\iexplore.exe
O4 - HKLM\..\Run: [eDonkey2000] D:\Program Files\Overnet\eDonkey2000\eDonkey2000.exe -t
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [netta32.exe] C:\WINDOWS\system32\netta32.exe
O4 - HKLM\..\RunOnce: [crqn32.exe] C:\WINDOWS\system32\crqn32.exe
O4 - HKLM\..\RunOnce: [apisp32.exe] C:\WINDOWS\system32\apisp32.exe
O4 - HKLM\..\RunOnce: [crmw.exe] C:\WINDOWS\crmw.exe
O4 - HKLM\..\RunOnce: [d3vi32.exe] C:\WINDOWS\d3vi32.exe
O4 - HKLM\..\RunOnce: [SpybotSnD] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - HKLM\..\RunOnce: [iegv.exe] C:\WINDOWS\iegv.exe
O4 - HKLM\..\RunOnce: [addtd.exe] C:\WINDOWS\addtd.exe
O4 - HKLM\..\RunOnce: [addvh32.exe] C:\WINDOWS\addvh32.exe
O4 - HKLM\..\RunOnce: [iezr.exe] C:\WINDOWS\iezr.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\ypager.exe" -quiet
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Tracks Eraser Pro] C:\Program Files\Acesoft\Tracks Eraser Pro\te.exe min
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = E:\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Kaspersky Anti-Hacker.lnk = ?
O4 - Global Startup: EPSON Status Monitor 3 Environment Check.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV03.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: teleir_cert - https://static.ir.dgi.minefi.gouv.fr/secure/connexion/archives/ie4n4/teleir_cert.cab
O16 - DPF: Yahoo! Chat - http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/c381/chat.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
O17 - HKLM\System\CCS\Services\Tcpip\..\{39C8F023-99EA-40EA-B9A4-B6A6BBC69FF3}: NameServer = 212.27.32.176,212.27.32.177
O18 - Protocol: bw+0 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {AFE73E5C-9C18-4064-8917-F2416F3F8F00} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: AutoComplete Service (Autocomplete) - Acesoft - C:\Program Files\Acesoft\Tracks Eraser Pro\autocomp.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PC-cillin PersonalFirewall (PCCPFW) - Unknown owner - C:\Program Files\Trend Micro\PC-cillin 9\PCCPFW.exe (file missing)
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: Trend NT Realtime Service (Tmntsrv) - Unknown owner - C:\Program Files\Trend Micro\PC-cillin 9\Tmntsrv.exe (file missing)

HELP!!!!
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 5
balltrap34 Messages postés 16240 Date d'inscription jeudi 8 janvier 2004 Statut Contributeur sécurité Dernière intervention 28 novembre 2009 331
11 juil. 2005 à 00:09
salut utilise se prog
http://pageperso.aol.fr/Balltrap34/SpHjfix.exe
et recoche les lignes mise plus haut
0

Discussions similaires

Search web or type URL
josygot -
Malekal_morte- -

3 réponses
Avis site about you
ANTON777 -
Cobb -

2 réponses
QuickShare c'est quoi ce truc
edelweiss2604 -
edelweiss2604 -

41 réponses