picflute
-
Compteur de contenus
7 -
Inscription
-
Dernière visite
Type de contenu
Profils
Forums
Blogs
Tout ce qui a été posté par picflute
-
Analyse log hijackthis: tftp.exe infeste et impossible a supprimer
picflute a répondu à un(e) sujet de picflute dans Analyses et éradication malwares
OK je pense savoir pourquoi j'ai plus de resau: j'ai eu la bonne idde de cleaner le PC en mode sans echec avec prise en charge reseau au lieu du mode sans echec tout court. Sais-tu comment recuperer ma connexion car je pense que mon pb est resolu mais que je m'en ai creer un autre -
Analyse log hijackthis: tftp.exe infeste et impossible a supprimer
picflute a répondu à un(e) sujet de picflute dans Analyses et éradication malwares
Bon la, c'est de pire en pire, je narrive meme plus a surfer, recupere mes mails, me connecter a msn, comme si le debit etait subitement tres tres lent. Mon modem fonctionne bien car j'ai un laptop qui est connect en wifi dessus et ca marche (la preuve avec ce message). Si tu as une idde, ca m'interesse parce qu'a part reinstaller XP, je vois pas.... Ca m'embete car ka manip de la dernier fois avait marche: reboot en sans echec puis clean.... Chui perdu la.... -
Analyse log hijackthis: tftp.exe infeste et impossible a supprimer
picflute a répondu à un(e) sujet de picflute dans Analyses et éradication malwares
Oui je suis au courant des failles de SP1 mais on ne peut les combler d'une maniere ou d'une autre par un soft? Pour les sites, je suis alle sur des sites pour faire des scripts en java, des pages perso, etc... Au fait, je suis en train de refaire les manip ci-dessus et ma connexion internet est devenue subitment lente, je comprends vraiment rien a ce virus... -
Analyse log hijackthis: tftp.exe infeste et impossible a supprimer
picflute a répondu à un(e) sujet de picflute dans Analyses et éradication malwares
Rebonjour, Mon pb est revenu. tjs pareil: tftp.exe est infect, puis msinnt.exe, uyjbeo.exe, etc... puis plus la possibilite d'ouvrir le gestionnaire de staches. Je vais refaire la meme manip mais comment faire pour ne plus etre infeste par ce virus? Il semble que c'est un trou de securite de WXP SP1? Y'a pas un truc pour corriger cette faille ou pour virer ce virus juste avec un soft? Merci -
Analyse log hijackthis: tftp.exe infeste et impossible a supprimer
picflute a répondu à un(e) sujet de picflute dans Analyses et éradication malwares
Merci mais je vois ca ds le rapport de kaspersky: C:\Program Files\ESET\infected\AF5HVFAA.NQF Infected: Backdoor.Win32.Rbot.bvz skipped Comme etre sur que j'ai vire le virus? et psui je vois tjs 5 processus SVCHOST.exe dont un a 20meg C normal ca? et si ct pas un virus, ct quoi qlors? -
Analyse log hijackthis: tftp.exe infeste et impossible a supprimer
picflute a répondu à un(e) sujet de picflute dans Analyses et éradication malwares
Merci beaucoup de votre reponse rapide et detaillee. Apres avoir suivi pas a pas vos instructions, voici le compte-rendu: Rapport CLEAN: Script execute en mode sans echec Rapport clean par Malekal_morte - http://www.malekal.com Option 2, executee le 25/02/2007 a 15:37:27,29 Microsoft Windows XP [version 5.1.2600] *** Suppression de fichiers sur C: *** Suppression des fichiers dans C:\WINDOWS\ *** Suppression des fichiers dans C:\WINDOWS\system32 *** Suppression des clefs du registre effectuee.. *** Fin du rapport ! Rapport AVG: --------------------------------------------------------- AVG Anti-Spyware - Rapport d'analyse --------------------------------------------------------- + Créé à: 16:14:11 25/02/2007 + Résultat de l'analyse: :mozilla.44:C:\Documents and Settings\Cyrille\Application Data\Mozilla\Firefox\Profiles\q4949ysa.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé. :mozilla.46:C:\Documents and Settings\Cyrille\Application Data\Mozilla\Firefox\Profiles\q4949ysa.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé. :mozilla.25:C:\Documents and Settings\Cyrille\Application Data\Mozilla\Firefox\Profiles\q4949ysa.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé. :mozilla.26:C:\Documents and Settings\Cyrille\Application Data\Mozilla\Firefox\Profiles\q4949ysa.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé. :mozilla.77:C:\Documents and Settings\Cyrille\Application Data\Mozilla\Firefox\Profiles\q4949ysa.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé. :mozilla.78:C:\Documents and Settings\Cyrille\Application Data\Mozilla\Firefox\Profiles\q4949ysa.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé. :mozilla.79:C:\Documents and Settings\Cyrille\Application Data\Mozilla\Firefox\Profiles\q4949ysa.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé. :mozilla.80:C:\Documents and Settings\Cyrille\Application Data\Mozilla\Firefox\Profiles\q4949ysa.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé. :mozilla.81:C:\Documents and Settings\Cyrille\Application Data\Mozilla\Firefox\Profiles\q4949ysa.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé. :mozilla.82:C:\Documents and Settings\Cyrille\Application Data\Mozilla\Firefox\Profiles\q4949ysa.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé. :mozilla.32:C:\Documents and Settings\Cyrille\Application Data\Mozilla\Firefox\Profiles\q4949ysa.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé. :mozilla.33:C:\Documents and Settings\Cyrille\Application Data\Mozilla\Firefox\Profiles\q4949ysa.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé. :mozilla.47:C:\Documents and Settings\Cyrille\Application Data\Mozilla\Firefox\Profiles\q4949ysa.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé. :mozilla.93:C:\Documents and Settings\Cyrille\Application Data\Mozilla\Firefox\Profiles\q4949ysa.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé. Fin du rapport Rapport Kaspersky: ------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER REPORT Sunday, February 25, 2007 6:07:58 PM Operating System: Microsoft Windows XP Professional, Service Pack 1 (Build 2600) Kaspersky Online Scanner version: 5.0.83.0 Kaspersky Anti-Virus database last update: 25/02/2007 Kaspersky Anti-Virus database records: 257927 ------------------------------------------------------------------------------- Scan Settings: Scan using the following antivirus database: standard Scan Archives: true Scan Mail Bases: true Scan Target - My Computer: A:\ C:\ D:\ F:\ G:\ Scan Statistics: Total number of scanned objects: 46114 Number of viruses found: 1 Number of infected objects: 1 / 0 Number of suspicious objects: 0 Duration of the scan process: 01:37:49 Infected Object Name / Virus Name / Last Action C:\WINDOWS\system32\config\system.LOG Object is locked skipped C:\WINDOWS\system32\config\software.LOG Object is locked skipped C:\WINDOWS\system32\config\default.LOG Object is locked skipped C:\WINDOWS\system32\config\SAM Object is locked skipped C:\WINDOWS\system32\config\DEFAULT Object is locked skipped C:\WINDOWS\system32\config\SECURITY Object is locked skipped C:\WINDOWS\system32\config\SOFTWARE Object is locked skipped C:\WINDOWS\system32\config\SYSTEM Object is locked skipped C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped C:\WINDOWS\system32\drivers\sptd.sys Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped C:\WINDOWS\system32\h323log.txt Object is locked skipped C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped C:\WINDOWS\Sti_Trace.log Object is locked skipped C:\WINDOWS\wiaservc.log Object is locked skipped C:\WINDOWS\wiadebug.log Object is locked skipped C:\WINDOWS\SchedLgU.Txt Object is locked skipped C:\WINDOWS\WindowsUpdate.log Object is locked skipped C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped C:\WINDOWS\$_hpcst$.hpc Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\Cyrille\NTUSER.DAT Object is locked skipped C:\Documents and Settings\Cyrille\Local Settings\Temp\Perflib_Perfdata_724.dat Object is locked skipped C:\Documents and Settings\Cyrille\Local Settings\Historique\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\Cyrille\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\Cyrille\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\Cyrille\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\Cyrille\Cookies\index.dat Object is locked skipped C:\Documents and Settings\Cyrille\ntuser.dat.LOG Object is locked skipped C:\Program Files\ESET\logs\virlog.dat Object is locked skipped C:\Program Files\ESET\logs\warnlog.dat Object is locked skipped C:\Program Files\ESET\cache\CACHE.NDB Object is locked skipped C:\Program Files\ESET\infected\AF5HVFAA.NQF Infected: Backdoor.Win32.Rbot.bvz skipped C:\Program Files\Sunbelt Software\Personal Firewall\logs\debug.log Object is locked skipped C:\Program Files\Sunbelt Software\Personal Firewall\logs\debug.log.idx Object is locked skipped C:\Program Files\Sunbelt Software\Personal Firewall\logs\error.log Object is locked skipped C:\Program Files\Sunbelt Software\Personal Firewall\logs\error.log.idx Object is locked skipped C:\Program Files\Sunbelt Software\Personal Firewall\logs\hips.log Object is locked skipped C:\Program Files\Sunbelt Software\Personal Firewall\logs\hips.log.idx Object is locked skipped C:\Program Files\Sunbelt Software\Personal Firewall\logs\ids.log Object is locked skipped C:\Program Files\Sunbelt Software\Personal Firewall\logs\ids.log.idx Object is locked skipped C:\Program Files\Sunbelt Software\Personal Firewall\logs\network.log Object is locked skipped C:\Program Files\Sunbelt Software\Personal Firewall\logs\network.log.idx Object is locked skipped C:\Program Files\Sunbelt Software\Personal Firewall\logs\system.log Object is locked skipped C:\Program Files\Sunbelt Software\Personal Firewall\logs\system.log.idx Object is locked skipped C:\Program Files\Sunbelt Software\Personal Firewall\logs\warning.log Object is locked skipped C:\Program Files\Sunbelt Software\Personal Firewall\logs\warning.log.idx Object is locked skipped C:\Program Files\Sunbelt Software\Personal Firewall\logs\web.log Object is locked skipped C:\Program Files\Sunbelt Software\Personal Firewall\logs\web.log.idx Object is locked skipped C:\System Volume Information\_restore{30FC1567-310E-4D27-B17E-5421591F537D}\RP700\change.log Object is locked skipped Scan process completed. Nouveau rapport Hijackthis: Logfile of HijackThis v1.99.1 Scan saved at 18:10:23, on 25/02/2007 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe C:\Program Files\Messenger Plus! 3\MsgPlus.exe C:\Program Files\Logitech\Video\LogiTray.exe C:\WINDOWS\Logi_MwX.Exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\System32\LVCOMSX.EXE C:\Program Files\Eset\nod32kui.exe C:\Program Files\Acronis\TrueImage\TimounterMonitor.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\Bluetack\ProtoWall\ProtoWall.exe C:\Program Files\TuneUp Utilities 2006\MemOptimizer.exe C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE C:\Program Files\Eset\nod32krn.exe C:\WINDOWS\System32\nvsvc32.exe C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Logitech\SetPoint\KEM.exe C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe C:\Program Files\Quick ShutDown\qsd.exe C:\Program Files\Logitech\Video\FxSvr2.exe C:\Program Files\Logitech\SetPoint\KHALMNPR.EXE C:\WINDOWS\system32\taskmgr.exe C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe C:\Program Files\SoftChris\Finance 2003\Finance2003.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file) O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST1.03.0000.1005\en-xu\stmain.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar1.02.5000.1021\fr\msntb.dll O2 - BHO: gFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\PROGRA~1\FLASHGET\getflash.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\fgiebar.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar1.02.5000.1021\fr\msntb.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImage\TimounterMonitor.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe" /WinStart O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [ProtoWall] C:\Program Files\Bluetack\ProtoWall\ProtoWall.exe O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2006\MemOptimizer.exe" autostart O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE" O4 - Startup: Quick ShutDown.lnk = C:\Program Files\Quick ShutDown\qsd.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Bloc Notes - {AF4F850B-68FF-404C-8417-549F86B1E236} - notepad.exe (file missing) O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\flashget.exe O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\flashget.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O14 - IERESET.INF: START_PAGE_URL=http://www.google.fr/ O16 - DPF: teleir_cert - https://static.ir.dgi.minefi.gouv.fr/secure...teleir_cert.cab O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} - http://housecall60.trendmicro.com/housecall/xscan60.cab O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/200411...meInstaller.exe O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1123612552122 O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab O16 - DPF: {6DB731A3-B074-4118-8B1C-32511C65D836} - http://www.mypixmania.com/fr/fr/tools/activex/fpu.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} - http://www.ravantivirus.com/scan/ravonline.cab O16 - DPF: {B2B0AEDF-7CDF-4792-BB67-7654AD1E1B13} - O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} - http://messenger.msn.com/download/msnmesse...pdownloader.cab O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697516} (NsvPlayX Control) - http://www.nullsoft.com/nsv/embed/nsvplayx_vp6_mp3.cab O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} - https://www-secure.symantec.com/techsupp/asa/SymAData.cab O16 - DPF: {E55FD215-A32E-43FE-A777-A7E8F165F551} - http://data.flatcast.com/NpFv415.dll O18 - Protocol: bw+0 - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0s - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40 - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0 - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: offline-8876480 - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing) O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe Voila, pour moi, ca ne veut pas dire qd chose a part le rapport de kaspersky qui me parle d'un virus mais me donne pas le nom, mais j'espere que pour vous, ca va vous aider a comprendre mon pb. Merci de votre aide. -
Bonjour, J'explique mon pb: depuis qlque tps, j'ai parfois ma souris qui se bloque au demarrage, des difficultes a eteindre mon PC, et NOD32 qui me parle d'un virus infectant eim.exe et tftp.exe Comme j'ai pas mal de garde-fous tels spybot, ccleaner, adaware personnal, nod32, je les ai fait tourner mais pas gd chose de trouver et rien en rapport avec mes pbs. En cherchant sur les forums, il semble que ce virus infectant eim.exe, trouve comme etant newheur_pe par NOD32, me fous la zone sur les fichier du genre TFTPxxx.exe et cree des freezes comme j'ai. Je viens de lancer W32/blaster removal de microsoft et il a rien toruve. Alors, j'ai essaiye maintenant A-sqared free, avast mais j'ai tjs mes pbs. De plus, je commence a perdre des choses du genre: config mozilla, connexion skype, etc... J'ai aussi remarque que j'avais beacoup de processus de SVCHOST.exe qui me bouffe pas mal de memoires et qui parfois prend tt mon CPU. SOuent, d'ailleurs, je ne peux pas ouvrir le gestionnaire des taches. J'ai tourne Hijackthis pensant trouver eim.exe ou tftp.exe mais non, rien. Comme je ne sais pas l'analyser, je colle le log ci-dessous. Si vous pouvez m'aider, ce serait super car je n'arrive pas a m'en sortir. Personne n'a pu m'aider ailleurs sur d'autres forums alors je tente ici, on sait jamais. Merci. Logfile of HijackThis v1.99.1 Scan saved at 13:59:02, on 25/02/2007 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Messenger Plus! 3\MsgPlus.exe C:\Program Files\Logitech\Video\LogiTray.exe C:\WINDOWS\Logi_MwX.Exe C:\WINDOWS\System32\LVCOMSX.EXE C:\Program Files\Eset\nod32kui.exe C:\Program Files\Acronis\TrueImage\TimounterMonitor.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Softwin\BitDefender8\bdnagent.exe C:\Program Files\Logitech\Video\FxSvr2.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Bluetack\ProtoWall\ProtoWall.exe C:\Program Files\TuneUp Utilities 2006\MemOptimizer.exe C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Logitech\SetPoint\KEM.exe C:\Program Files\Quick ShutDown\qsd.exe C:\Program Files\Logitech\SetPoint\KHALMNPR.EXE C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Eset\nod32krn.exe C:\WINDOWS\System32\nvsvc32.exe C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\taskmgr.exe C:\Program Files\Skype\Plugin Manager\SkypePM.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: 69.50.166.11 google.co.uk O1 - Hosts: 69.50.166.11 google.es O1 - Hosts: 69.50.166.11 google.com.au O1 - Hosts: 69.50.166.12 www.go.com O1 - Hosts: 69.50.166.12 go.com O1 - Hosts: 69.50.166.13 astalavista.com O1 - Hosts: 69.50.166.13 www.astalavista.com O1 - Hosts: 69.50.166.13 astalavista.box.sk O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file) O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST1.03.0000.1005\en-xu\stmain.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar1.02.5000.1021\fr\msntb.dll O2 - BHO: gFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\PROGRA~1\FLASHGET\getflash.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\fgiebar.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar1.02.5000.1021\fr\msntb.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImage\TimounterMonitor.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe" /WinStart O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [ProtoWall] C:\Program Files\Bluetack\ProtoWall\ProtoWall.exe O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2006\MemOptimizer.exe" autostart O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - Startup: Quick ShutDown.lnk = C:\Program Files\Quick ShutDown\qsd.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Bloc Notes - {AF4F850B-68FF-404C-8417-549F86B1E236} - notepad.exe (file missing) O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\flashget.exe O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\flashget.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O14 - IERESET.INF: START_PAGE_URL=http://www.google.fr/ O16 - DPF: teleir_cert - https://static.ir.dgi.minefi.gouv.fr/secure...teleir_cert.cab O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} - http://housecall60.trendmicro.com/housecall/xscan60.cab O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/200411...meInstaller.exe O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1123612552122 O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab O16 - DPF: {6DB731A3-B074-4118-8B1C-32511C65D836} - http://www.mypixmania.com/fr/fr/tools/activex/fpu.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} - http://www.ravantivirus.com/scan/ravonline.cab O16 - DPF: {B2B0AEDF-7CDF-4792-BB67-7654AD1E1B13} - O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} - http://messenger.msn.com/download/msnmesse...pdownloader.cab O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697516} (NsvPlayX Control) - http://www.nullsoft.com/nsv/embed/nsvplayx_vp6_mp3.cab O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} - https://www-secure.symantec.com/techsupp/asa/SymAData.cab O16 - DPF: {E55FD215-A32E-43FE-A777-A7E8F165F551} - http://data.flatcast.com/NpFv415.dll O18 - Protocol: bw+0 - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0s - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40 - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0 - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: offline-8876480 - {91ABE3F5-BF6E-4A94-9F2F-6B74E9BC610C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing) O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe