Virus particulièrement pernicieux
sergke
Messages postés
1
Statut
Membre
-
colibri3810 Messages postés 840 Statut Membre -
colibri3810 Messages postés 840 Statut Membre -
Bonjour,
J'ai probablement été infecté par un malware très retors. Ce malware:
1) rend le lancement de windows parfois erratique: il arrive une fois sur deux que le démarrage de windows s'arrête inopinément dans ce cas je suis contraint de mettre l'ordi hors tension puis le rallumer;
2) installe un browser hijacker : je fais une recherche google banale (avec firefox) : lorsque je clique sur le premier lien proposé ce n'est pas la page web désirée mais bien un site porno (souvent porntube : le youtube du XXX) qui de plus tente d'installer un autre malware en forçant l'utilisateur à cliquer sur OK (seule solution pour empêcher cette installation : arrêter firefox avec ctrl-alt-delete) Il s'agit d'un problème lié au virus "go google" : lorsque l'on passe sur le lien (en bleu)proposé par google : on ne voit pas au bas de l'écran la page désirée mais bien un lien "go google" (solution :faire copier -coller des coordonnés web affichées en vert par google). De plus un pop-up (loteries bidons, donc arnaque) peut apparaitre de temps à autre;
3) m'empêche de me connecter au serveurs de mise à jour des mes différents logiciels de sécurité
- impossible de mettre à jour windows (message : the page cannot be displayed) résultat du diagnostic microsoft : mon parefeu bitdefender 2008 total security empêcherait toute connection FTP
- en ce qui concerne ma suite de sécurité principale bitdefender2008 total security, la mise à jour échoue, impossibilité de se connecter au serveur depuis ce matin
- idem en ce qui concerne malwarebytes'antimalware: impossible de le mettre à jour
- un problème semble également concerner Ad-aware 2007 de lavasoft , installé avec son module payant ad-watch
- enfin lorsque je veux transmettre à trendmicro mon rapport hijackthis (version 2.0.2), la connexion échoue
4) enfin un "bip" peut sonner par intermittence
Je vous informe que j'ai installé hier malwarebytes'antimalware suite à la probable contamination par un programme rogue (pro antispyware 2009) Il a pu débusquer hier plusieurs programmes malicieux dont des troyens j'ai également téléchargé, installé et fait tourner smitfraudfix (résultat: rien à signaler)
Pour l'instant je fais une analyse approfondie du système avec malwarebytes'antimalware et avec mon anti-virus bitdefender2008 total security.
Voici mon fichier log d'hijackthis
Les logs de malwarebytes'antimalware suivront
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:57:30, on 19/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\netdde.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
C:\Program Files\NCH Software\BroadCam\broadCam.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\clipsrv.exe
C:\WINDOWS\System32\dllhost.exe
C:\WINDOWS\system32\beidservicecrl.exe
C:\WINDOWS\system32\beidservicepcsc.exe
C:\WINDOWS\System32\gearsec.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\imapi.exe
C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe
C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Norton Password Manager\AcctMgr.exe
C:\program files\topthemesxp\txp.exe
C:\HP\KBD\KBD.EXE
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\System32\hphmon05.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\HPPAVI~1\Pavilion\XPHWWBS4\plugin\bin\PCHButton.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\WINDOWS\system32\IoCtlSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\MICROS~3\rapimgr.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\Ad-Watch2007.exe
C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
C:\Program Files\Micro Application\PC Anonyme\IJStealth4Svc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\dllhost.exe
C:\WINDOWS\System32\vssvc.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\WINDOWS\System32\dmadmin.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\Raxco\PerfectDisk\PDSched.exe
C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\System32\regsvr32.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\BitDefender\BitDefender 2008\uiscan.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\HiJackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.be/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Share Accelerator MM Toolbar - {4596013b-6c31-408b-a266-deae5c086dc2} - C:\Program Files\Share_Accelerator_MM\tbSha1.dll
N3 - Netscape 7: user_pref("browser.startup.homepage", "http://www.netscape.fr"); (C:\Documents and Settings\PROPRIÉTAIRE\Application Data\Mozilla\Profiles\default\meumuh1n.slt\prefs.js)
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CPROGRA%7E1%5CNetscape%5CNetscape%5Csearchplugins%5CNetscape_France.src"); (C:\Documents and Settings\PROPRIÉTAIRE\Application Data\Mozilla\Profiles\default\meumuh1n.slt\prefs.js)
O1 - Hosts: 212.150.54.250 dv-networks.com
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Share Accelerator MM Toolbar - {4596013b-6c31-408b-a266-deae5c086dc2} - C:\Program Files\Share_Accelerator_MM\tbSha1.dll
O2 - BHO: PopUpBlocker ; XpTuner2004 - {49E0E0F0-5C30-11D4-945D-000000000010} - C:\PROGRA~1\SIMONT~1\XPTUNE~1\PopUp.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: BHO pour Compagnon Web Encarta - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL
O2 - BHO: mxlivemedia browser enhancer - {BFE30D16-4805-ABE0-F57C-1FCC1FEBEAB0} - C:\WINDOWS\system32\joympicyexqv.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: SYSTRAN Personal 5.0 - {A5899B52-3AF9-4F56-85FE-AD7B3BE8490F} - C:\Program Files\SYSTRAN\5.0\Personal\IEPlugIn.dll
O3 - Toolbar: Compagnon Web Encarta - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL
O3 - Toolbar: Share Accelerator MM Toolbar - {4596013b-6c31-408b-a266-deae5c086dc2} - C:\Program Files\Share_Accelerator_MM\tbSha1.dll
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O4 - HKLM\..\Run: [AcctMgr] C:\Program Files\Norton Password Manager\AcctMgr.exe /startup
O4 - HKLM\..\Run: [TXP] c:\program files\topthemesxp\txp.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [AAWTray] C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware 2007\Ad-Watch2007.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [Cloneur Expert Monitor] "C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe"
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HPPAVI~1\Pavilion\XPHWWBS4\plugin\bin\PCHButton.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: SYSTRAN: &Effacer le cache de traduction - C:\Program Files\Systran\Premium\menuClearCache.html
O8 - Extra context menu item: SYSTRAN: &Options - C:\Program Files\Systran\Premium\menuConfigure.html
O8 - Extra context menu item: SYSTRAN: &Traduire - C:\Program Files\Systran\Premium\menuTranslate.html
O8 - Extra context menu item: SYSTRAN: En®istrement - C:\Program Files\Systran\Premium\menuRegister.html
O8 - Extra context menu item: SYSTRAN: Rechercher les &mises à jour - C:\Program Files\Systran\Premium\menuUpdate.html
O8 - Extra context menu item: SYSTRAN: Traduire les &cadres - C:\Program Files\Systran\Premium\menuTranslateAll.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: @sysiecom.dll,-2100 - {703436F1-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Premium\MenuTranslate.html
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2102 - {703436F1-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Premium\MenuTranslate.html
O9 - Extra button: @sysiecom.dll,-2103 - {703436F2-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Premium\MenuTranslateAll.html
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2105 - {703436F2-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Premium\MenuTranslateAll.html
O9 - Extra button: @sysiecom.dll,-2115 - {703436F3-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Premium\MenuConfigure.html
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2117 - {703436F3-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Premium\MenuConfigure.html
O9 - Extra button: (no name) - {703436F4-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Premium\MenuClearCache.html
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2108 - {703436F4-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Premium\MenuClearCache.html
O9 - Extra button: (no name) - {703436F5-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Premium\MenuRegister.html
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2111 - {703436F5-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Premium\MenuRegister.html
O9 - Extra button: (no name) - {703436F6-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Premium\MenuUpdates.html (file missing)
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2114 - {703436F6-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Premium\MenuUpdates.html (file missing)
O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Broken Internet access because of LSP provider 'c:\program files\newdotnet\newdotnet6_38.dll' missing
O15 - Trusted Zone: https://www.driverscloud.com/
O15 - Trusted Zone: https://www.meetic.fr/
O15 - Trusted Zone: http://service1.symantec.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {49232000-16E4-426C-A231-62846947304B} - http://ipgweb.cce.hp.com/rdqemea/downloads/sysinfo.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - https://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://charon777.free.fr/plugins/hardwaredetection_2_0_4_9.cab
O16 - DPF: {EBF85371-A38F-485B-B28F-0B4C82D25937} (CUpdateCtl Object) - http://update.hpphoto.com/download/HPSWUpdate.ocx
O18 - Protocol: bw+0 - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
O23 - Service: BroadCam Service (BroadCamService) - Unknown owner - C:\Program Files\NCH Software\BroadCam\broadCam.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: eID CRL Service - Zetes - C:\WINDOWS\system32\beidservicecrl.exe
O23 - Service: eID Privacy Service - Zetes - C:\WINDOWS\system32\beidservicepcsc.exe
O23 - Service: Service de sécurité matérielle (GEARSecurity) - GEAR Software - C:\WINDOWS\System32\gearsec.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
O23 - Service: PDScheduler (PDSched) - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDSched.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoCtlSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Stealth Service Helper (StealthInjectorService) - Softwareentwicklung Remus - C:\Program Files\Micro Application\PC Anonyme\IJStealth4Svc.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
J'ai probablement été infecté par un malware très retors. Ce malware:
1) rend le lancement de windows parfois erratique: il arrive une fois sur deux que le démarrage de windows s'arrête inopinément dans ce cas je suis contraint de mettre l'ordi hors tension puis le rallumer;
2) installe un browser hijacker : je fais une recherche google banale (avec firefox) : lorsque je clique sur le premier lien proposé ce n'est pas la page web désirée mais bien un site porno (souvent porntube : le youtube du XXX) qui de plus tente d'installer un autre malware en forçant l'utilisateur à cliquer sur OK (seule solution pour empêcher cette installation : arrêter firefox avec ctrl-alt-delete) Il s'agit d'un problème lié au virus "go google" : lorsque l'on passe sur le lien (en bleu)proposé par google : on ne voit pas au bas de l'écran la page désirée mais bien un lien "go google" (solution :faire copier -coller des coordonnés web affichées en vert par google). De plus un pop-up (loteries bidons, donc arnaque) peut apparaitre de temps à autre;
3) m'empêche de me connecter au serveurs de mise à jour des mes différents logiciels de sécurité
- impossible de mettre à jour windows (message : the page cannot be displayed) résultat du diagnostic microsoft : mon parefeu bitdefender 2008 total security empêcherait toute connection FTP
- en ce qui concerne ma suite de sécurité principale bitdefender2008 total security, la mise à jour échoue, impossibilité de se connecter au serveur depuis ce matin
- idem en ce qui concerne malwarebytes'antimalware: impossible de le mettre à jour
- un problème semble également concerner Ad-aware 2007 de lavasoft , installé avec son module payant ad-watch
- enfin lorsque je veux transmettre à trendmicro mon rapport hijackthis (version 2.0.2), la connexion échoue
4) enfin un "bip" peut sonner par intermittence
Je vous informe que j'ai installé hier malwarebytes'antimalware suite à la probable contamination par un programme rogue (pro antispyware 2009) Il a pu débusquer hier plusieurs programmes malicieux dont des troyens j'ai également téléchargé, installé et fait tourner smitfraudfix (résultat: rien à signaler)
Pour l'instant je fais une analyse approfondie du système avec malwarebytes'antimalware et avec mon anti-virus bitdefender2008 total security.
Voici mon fichier log d'hijackthis
Les logs de malwarebytes'antimalware suivront
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:57:30, on 19/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\netdde.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
C:\Program Files\NCH Software\BroadCam\broadCam.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\clipsrv.exe
C:\WINDOWS\System32\dllhost.exe
C:\WINDOWS\system32\beidservicecrl.exe
C:\WINDOWS\system32\beidservicepcsc.exe
C:\WINDOWS\System32\gearsec.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\imapi.exe
C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe
C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Norton Password Manager\AcctMgr.exe
C:\program files\topthemesxp\txp.exe
C:\HP\KBD\KBD.EXE
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\System32\hphmon05.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\HPPAVI~1\Pavilion\XPHWWBS4\plugin\bin\PCHButton.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\WINDOWS\system32\IoCtlSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\MICROS~3\rapimgr.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\Ad-Watch2007.exe
C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
C:\Program Files\Micro Application\PC Anonyme\IJStealth4Svc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\dllhost.exe
C:\WINDOWS\System32\vssvc.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\WINDOWS\System32\dmadmin.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\Raxco\PerfectDisk\PDSched.exe
C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\System32\regsvr32.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\BitDefender\BitDefender 2008\uiscan.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\HiJackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.be/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Share Accelerator MM Toolbar - {4596013b-6c31-408b-a266-deae5c086dc2} - C:\Program Files\Share_Accelerator_MM\tbSha1.dll
N3 - Netscape 7: user_pref("browser.startup.homepage", "http://www.netscape.fr"); (C:\Documents and Settings\PROPRIÉTAIRE\Application Data\Mozilla\Profiles\default\meumuh1n.slt\prefs.js)
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CPROGRA%7E1%5CNetscape%5CNetscape%5Csearchplugins%5CNetscape_France.src"); (C:\Documents and Settings\PROPRIÉTAIRE\Application Data\Mozilla\Profiles\default\meumuh1n.slt\prefs.js)
O1 - Hosts: 212.150.54.250 dv-networks.com
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Share Accelerator MM Toolbar - {4596013b-6c31-408b-a266-deae5c086dc2} - C:\Program Files\Share_Accelerator_MM\tbSha1.dll
O2 - BHO: PopUpBlocker ; XpTuner2004 - {49E0E0F0-5C30-11D4-945D-000000000010} - C:\PROGRA~1\SIMONT~1\XPTUNE~1\PopUp.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: BHO pour Compagnon Web Encarta - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL
O2 - BHO: mxlivemedia browser enhancer - {BFE30D16-4805-ABE0-F57C-1FCC1FEBEAB0} - C:\WINDOWS\system32\joympicyexqv.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: SYSTRAN Personal 5.0 - {A5899B52-3AF9-4F56-85FE-AD7B3BE8490F} - C:\Program Files\SYSTRAN\5.0\Personal\IEPlugIn.dll
O3 - Toolbar: Compagnon Web Encarta - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL
O3 - Toolbar: Share Accelerator MM Toolbar - {4596013b-6c31-408b-a266-deae5c086dc2} - C:\Program Files\Share_Accelerator_MM\tbSha1.dll
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O4 - HKLM\..\Run: [AcctMgr] C:\Program Files\Norton Password Manager\AcctMgr.exe /startup
O4 - HKLM\..\Run: [TXP] c:\program files\topthemesxp\txp.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [AAWTray] C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware 2007\Ad-Watch2007.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [Cloneur Expert Monitor] "C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe"
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HPPAVI~1\Pavilion\XPHWWBS4\plugin\bin\PCHButton.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: SYSTRAN: &Effacer le cache de traduction - C:\Program Files\Systran\Premium\menuClearCache.html
O8 - Extra context menu item: SYSTRAN: &Options - C:\Program Files\Systran\Premium\menuConfigure.html
O8 - Extra context menu item: SYSTRAN: &Traduire - C:\Program Files\Systran\Premium\menuTranslate.html
O8 - Extra context menu item: SYSTRAN: En®istrement - C:\Program Files\Systran\Premium\menuRegister.html
O8 - Extra context menu item: SYSTRAN: Rechercher les &mises à jour - C:\Program Files\Systran\Premium\menuUpdate.html
O8 - Extra context menu item: SYSTRAN: Traduire les &cadres - C:\Program Files\Systran\Premium\menuTranslateAll.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: @sysiecom.dll,-2100 - {703436F1-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Premium\MenuTranslate.html
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2102 - {703436F1-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Premium\MenuTranslate.html
O9 - Extra button: @sysiecom.dll,-2103 - {703436F2-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Premium\MenuTranslateAll.html
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2105 - {703436F2-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Premium\MenuTranslateAll.html
O9 - Extra button: @sysiecom.dll,-2115 - {703436F3-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Premium\MenuConfigure.html
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2117 - {703436F3-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Premium\MenuConfigure.html
O9 - Extra button: (no name) - {703436F4-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Premium\MenuClearCache.html
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2108 - {703436F4-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Premium\MenuClearCache.html
O9 - Extra button: (no name) - {703436F5-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Premium\MenuRegister.html
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2111 - {703436F5-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Premium\MenuRegister.html
O9 - Extra button: (no name) - {703436F6-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Premium\MenuUpdates.html (file missing)
O9 - Extra 'Tools' menuitem: @sysiecom.dll,-2114 - {703436F6-3E1F-11d3-8F6B-00105A2A1D59} - C:\Program Files\Systran\Premium\MenuUpdates.html (file missing)
O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Broken Internet access because of LSP provider 'c:\program files\newdotnet\newdotnet6_38.dll' missing
O15 - Trusted Zone: https://www.driverscloud.com/
O15 - Trusted Zone: https://www.meetic.fr/
O15 - Trusted Zone: http://service1.symantec.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {49232000-16E4-426C-A231-62846947304B} - http://ipgweb.cce.hp.com/rdqemea/downloads/sysinfo.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - https://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://charon777.free.fr/plugins/hardwaredetection_2_0_4_9.cab
O16 - DPF: {EBF85371-A38F-485B-B28F-0B4C82D25937} (CUpdateCtl Object) - http://update.hpphoto.com/download/HPSWUpdate.ocx
O18 - Protocol: bw+0 - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {B43CFE74-6DFB-424B-AC43-7BFA41718FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
O23 - Service: BroadCam Service (BroadCamService) - Unknown owner - C:\Program Files\NCH Software\BroadCam\broadCam.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: eID CRL Service - Zetes - C:\WINDOWS\system32\beidservicecrl.exe
O23 - Service: eID Privacy Service - Zetes - C:\WINDOWS\system32\beidservicepcsc.exe
O23 - Service: Service de sécurité matérielle (GEARSecurity) - GEAR Software - C:\WINDOWS\System32\gearsec.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
O23 - Service: PDScheduler (PDSched) - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDSched.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoCtlSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Stealth Service Helper (StealthInjectorService) - Softwareentwicklung Remus - C:\Program Files\Micro Application\PC Anonyme\IJStealth4Svc.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
A voir également:
- Virus particulièrement pernicieux
- Virus mcafee - Accueil - Piratage
- Virus informatique - Guide
- Panda anti virus gratuit - Télécharger - Antivirus & Antimalwares
- Undisclosed-recipients virus - Guide
- Ordinateur bloqué virus - Accueil - Arnaque
