Bonjour,
Comme plusieurs d'entre-nous j'ai ces fameuses publicités de sécurité qui s'affichent et j'ai besoin de votre aide.
1ère analyse :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:35:58, on 12.05.2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Common Files\Logitech\LCD Manager\LCDMon.exe
C:\Program Files\Common Files\logishrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragTaskBar.exe
C:\Program Files\ESET\nod32kui.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\TomTom HOME 2\HOMERunner.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\C-CHANNEL\PayPen\PayPen.exe
C:\Program Files\Common Files\Logitech\LCD Manager\Applets\LCDClock.exe
C:\Program Files\Common Files\Logitech\LCD Manager\Applets\LCDCountdown.exe
C:\Program Files\Common Files\Logitech\LCD Manager\Applets\LCDMedia.exe
C:\Program Files\Common Files\Logitech\LCD Manager\Applets\LCDPOP3.exe
C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\C-CHANNEL\PayPen\CPenOCR.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\C-CHANNEL\PayPen\CPenDesk.exe
C:\Windows\system32\conime.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\PROGRA~1\Ashampoo\ASHAMP~2\bin\DEFRAG~3.EXE
C:\PROGRA~1\Ashampoo\ASHAMP~2\bin\defragActivityMonitor.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\notepad.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ch/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program Files\Common Files\Logitech\LCD Manager\LCDMon.exe"
O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Common Files\Logitech\G-series Software\LGDCore.exe" /SHOWHIDE
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [DefragTaskBar] "C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragTaskBar.exe"
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: PayPen.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Sélection intelligente HP - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O13 - Gopher Prefix:
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O18 - Protocol: bw+0 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
O23 - Service: AshampooDefragService - - C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\aDefragService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: PCLEPCI - Pinnacle Systems GmbH - C:\Windows\system32\drivers\pclepci.sys
O23 - Service: TeamViewer 3 (TeamViewer) - Unknown owner - C:\Program Files\TeamViewer3\TeamViewer_Host.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software GmbH - C:\Windows\System32\TuneUpDefragService.exe
--
End of file - 22356 bytes
2ème analyse :
Search Navipromo version 3.5.3 commencé le 12.05.2008 à 11:19:37.92
!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!
Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "Alain"
Mise à jour le 09.04.2008 à 20h00 par IL-MAFIOSO
Microsoft Windows Vista 6.0.6001
Internet Explorer : 7.0.6001.18000
Système de fichiers : NTFS
Executé en mode normal
*** Recherche Programmes installés ***
*** Recherche dossiers dans C:\Windows ***
*** Recherche dossiers dans C:\Program Files ***
*** Recherche dossiers dans C:\ProgramData ***
*** Recherche dossiers dans C:\ProgramData\Microsoft\Windows\Start Menu\Programs ***
...\WebMediaPlayer trouvé !
*** Recherche dossiers dans c:\users\alain\appdata\roaming\microsoft\windows\start menu\programs ***
*** Recherche dossiers dans C:\Users\Alain\AppData\Local\virtualstore\Program Files ***
*** Recherche dossiers dans C:\Users\Alain\AppData\Roaming ***
*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net
Fichier(s) caché(s) :
C:\Users\Alain\AppData\Local\Microsoft\pppnsby.dat
C:\Users\Alain\AppData\Local\Microsoft\pppnsby.exe
C:\Users\Alain\AppData\Local\Microsoft\pppnsby_nav.dat
C:\Users\Alain\AppData\Local\Microsoft\pppnsby_navps.dat
*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!
* Recherche dans C:\Windows\system32 *
Fichiers trouvés :
kavkawsigs.exe trouvé !
kavkawsigs.exe trouvé !
* Recherche dans C:\Users\Alain\AppData\Local\Microsoft *
* Recherche dans C:\Users\Alain\AppData\Local\virtualstore\windows\system32 *
* Recherche dans C:\Users\Alain\AppData\Local *
*** Recherche fichiers ***
C:\Windows\pack.epk trouvé !
C:\Windows\system32\nvs2.inf trouvé !
*** Recherche clés spécifiques dans le Registre ***
HKEY_CURRENT_USER\Software\Lanconfig trouvé !
*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Recherche nouveaux fichiers Instant Access :
2)Recherche Heuristique :
* Dans C:\Windows\system32 :
* Dans C:\Users\Alain\AppData\Local\Microsoft :
jpvfwg.dat trouvé !
jpvfwg_nav.dat trouvé !
jpvfwg_navps.dat trouvé !
pppnsby.dat trouvé !
pppnsby_nav.dat trouvé !
pppnsby_navps.dat trouvé !
* Dans C:\Users\Alain\AppData\Local\virtualstore\windows\system32 :
* Dans C:\Users\Alain\AppData\Local :
3)Recherche Certificats :
Certificat Egroup trouvé !
Certificat Electronic-Group trouvé !
Certificat OOO-Favorit trouvé !
Certificat Sunny-Day-Design-Ltd absent !
4)Recherche fichiers connus :
*** Analyse terminée le 12.05.2008 à 11:30:01.97 ***
Merci d'avance pour la suite à donner.
Publicités intempestives {résolu}
Modérateur: Modérateurs
Règles du forum
Les désinfections sont prises en charge par un groupe spécifique, tout le monde ne peut pas intervenir pour désinfecter les machines (règles).
Les procédures sont sur-mesure, ne faites pas la même chose chez vous (explications).
Un topic par machine, chacun crée le sien. 
Les désinfections sont prises en charge par un groupe spécifique, tout le monde ne peut pas intervenir pour désinfecter les machines (règles). Les procédures sont sur-mesure, ne faites pas la même chose chez vous (explications). Un topic par machine, chacun crée le sien.
7 messages
• Page 1 sur 1
Publicités intempestives {résolu}
par telocin » 12 Mai 2008 10:38
Dernière édition par telocin le 12 Mai 2008 13:17, édité 1 fois.
Je sais qu'on ne sait jamais...
Amicales salutations.
Télo
Amicales salutations.
Télo
- telocin
- Libellulien Junior
- Messages: 167
- Inscription: 27 Juil 2006 20:32
- Localisation: Genève - Suisse
Re: Publicités intempestives
par Falkra » 12 Mai 2008 10:42
Bonjour, désactive l'uac, relance fix navilog, choisis l'option 2.
Poste le rapport obtenu + un nouveau HijackThis.
Désactive l'UAC-User Account Control -contrôle des comptes utilisateurs (surtout, bien penser à le réactiver après la désinfection).
* Démarrer > Panneau de Configuration
* Double clique sur l'icône Comptes d'utilisateurs
* Clique ensuite sur Désactiver et valide.
* Double-clique sur le raccourci Navilog1 présent sur le bureau et laisse-toi guider.
* Au menu principal, choisis 2 et valide.
* Le programme va t'informer qu'il va alors redémarrer ton PC.
* Ferme toutes les fenêtres ouvertes et enregistre tes documents personnels ouverts.
* Appuie sur une touche comme demandé. (Si ton PC ne redémarre pas automatiquement, fais-le toi même).
* Au redémarrage de ton PC, choisis ta session habituelle. Attends le message :
* Le bloc note va s'ouvrir: sauvegarde le rapport de manière à le retrouver.
* Referme le bloc note. Ton bureau va réapparaitre
PS: Si ton bureau ne réapparait pas, fais CTRL+ALT+SUPP pour ouvrir le gestionnaire de tâches.
Puis rends-toi à l'onglet "processus". Clique en haut à gauche sur fichiers et choisis "exécuter"
Tape explorer.exe et valide. Cela fera revenir ton bureau.
Note:
Si tu ne trouves pas le rapport, il se nomme cleannavi.txt et se trouve dans C:\
Donc celui-là + un HJT frais.
Réactive l'Uac.
@ toute.
Poste le rapport obtenu + un nouveau HijackThis.
Désactive l'UAC-User Account Control -contrôle des comptes utilisateurs (surtout, bien penser à le réactiver après la désinfection).
* Démarrer > Panneau de Configuration
* Double clique sur l'icône Comptes d'utilisateurs
* Clique ensuite sur Désactiver et valide.
* Double-clique sur le raccourci Navilog1 présent sur le bureau et laisse-toi guider.
* Au menu principal, choisis 2 et valide.
* Le programme va t'informer qu'il va alors redémarrer ton PC.
* Ferme toutes les fenêtres ouvertes et enregistre tes documents personnels ouverts.
* Appuie sur une touche comme demandé. (Si ton PC ne redémarre pas automatiquement, fais-le toi même).
* Au redémarrage de ton PC, choisis ta session habituelle. Attends le message :
*** Nettoyage Termine le ..... ***
* Le bloc note va s'ouvrir: sauvegarde le rapport de manière à le retrouver.
* Referme le bloc note. Ton bureau va réapparaitre
PS: Si ton bureau ne réapparait pas, fais CTRL+ALT+SUPP pour ouvrir le gestionnaire de tâches.
Puis rends-toi à l'onglet "processus". Clique en haut à gauche sur fichiers et choisis "exécuter"
Tape explorer.exe et valide. Cela fera revenir ton bureau.
Note:
Si tu ne trouves pas le rapport, il se nomme cleannavi.txt et se trouve dans C:\
Donc celui-là + un HJT frais.
Réactive l'Uac.
@ toute.
-
Falkra - Admin libellules.ch
- Messages: 24424
- Inscription: 30 Jan 2005 13:44
- Localisation: 127.0.0.1
Re: Publicités intempestives
par telocin » 12 Mai 2008 11:12
Re, sur ma tour, l'UAC est désactivé en permanence car ça m'incommode dans la rapidité de l'ouverture de mes divers programme et je suis le seul utilisateur ; est-ce une erreur ?
Copie du rapport :
lean Navipromo version 3.5.3 commencé le 12.05.2008 à 11:51:07.55
Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "Alain"
Mise à jour le 09.04.2008 à 20h00 par IL-MAFIOSO
Microsoft Windows Vista 6.0.6001
Internet Explorer : 7.0.6001.18000
Système de fichiers : NTFS
Mode suppression automatique
avec prise en charge résultats Catchme et GNS
*** Creation backups fichiers trouvés par Catchme ***
Copie vers "C:\Program Files\navilog1\Backupnavi"
Copie C:\Users\Alain\AppData\Local\Microsoft\pppnsby.dat réalisée avec succès !
Copie C:\Users\Alain\AppData\Local\Microsoft\pppnsby.exe réalisée avec succès !
Copie C:\Users\Alain\AppData\Local\Microsoft\pppnsby_nav.dat réalisée avec succès !
Copie C:\Users\Alain\AppData\Local\Microsoft\pppnsby_navps.dat réalisée avec succès !
*** Suppression des fichiers trouvés avec Catchme ***
C:\Users\Alain\AppData\Local\Microsoft\pppnsby.dat supprimé !
C:\Users\Alain\AppData\Local\Microsoft\pppnsby.exe supprimé !
C:\Users\Alain\AppData\Local\Microsoft\pppnsby_nav.dat supprimé !
C:\Users\Alain\AppData\Local\Microsoft\pppnsby_navps.dat supprimé !
** 2ème passage avec résultats Catchme **
* Dans C:\Windows\system32 *
* Dans C:\Users\Alain\AppData\Local\Microsoft *
* Dans C:\Users\Alain\AppData\Local\virtualstore\windows\system32 *
* Dans C:\Users\Alain\AppData\Local *
*** Suppression avec sauvegardes résultats GenericNaviSearch ***
* Suppression dans C:\Windows\System32 *
kavkawsigs.exe trouvé !
Copie kavkawsigs.exe réalisée avec succès !
kavkawsigs.exe supprimé !
* Suppression dans C:\Users\Alain\AppData\Local\Microsoft *
* Suppression dans C:\Users\Alain\AppData\Local\virtualstore\windows\system32 *
* Suppression dans C:\Users\Alain\AppData\Local *
*** Suppression dossiers dans C:\Windows ***
*** Suppression dossiers dans C:\Program Files ***
*** Suppression dossiers dans C:\ProgramData ***
*** Suppression dossiers dans C:\ProgramData\Microsoft\Windows\Start Menu\Programs ***
...\WebMediaPlayer ...suppression...
...\WebMediaPlayer supprimé !
*** Suppression dossiers dans c:\users\alain\appdata\roaming\microsoft\windows\start menu\programs ***
*** Suppression dossiers dans C:\Users\Alain\AppData\Local\virtualstore\Program Files ***
*** Suppression dossiers dans C:\Users\Alain\AppData\Roaming ***
*** Suppression fichiers ***
C:\Windows\pack.epk supprimé !
C:\Windows\system32\nvs2.inf supprimé !
*** Suppression fichiers temporaires ***
Nettoyage contenu C:\Windows\Temp effectué !
Nettoyage contenu C:\Users\Alain\AppData\Local\Temp effectué !
*** Traitement Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Suppression avec sauvegardes nouveaux fichiers Instant Access :
2)Recherche, création sauvegardes et suppression Heuristique :
* Dans C:\Windows\system32 *
* Dans C:\Users\Alain\AppData\Local\Microsoft *
jpvfwg.dat trouvé !
Copie jpvfwg.dat réalisée avec succès !
jpvfwg.dat supprimé !
jpvfwg_nav.dat trouvé !
Copie jpvfwg_nav.dat réalisée avec succès !
jpvfwg_nav.dat supprimé !
jpvfwg_navps.dat trouvé !
Copie jpvfwg_navps.dat réalisée avec succès !
jpvfwg_navps.dat supprimé !
* Dans C:\Users\Alain\AppData\Local\virtualstore\windows\system32 *
* Dans C:\Users\Alain\AppData\Local *
*** Sauvegarde du Registre vers dossier Safebackup ***
sauvegarde du Registre réalisée avec succès !
*** Nettoyage Registre ***
Nettoyage Registre Ok
*** Certificats ***
Certificat Egroup supprimé !
Certificat Electronic-Group supprimé !
Certificat OOO-Favorit supprimé !
Certificat Sunny-Day-Design-Ltdt absent !
*** Nettoyage terminé le 12.05.2008 à 12:03:46.37 ***
Copie du rapport :
lean Navipromo version 3.5.3 commencé le 12.05.2008 à 11:51:07.55
Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "Alain"
Mise à jour le 09.04.2008 à 20h00 par IL-MAFIOSO
Microsoft Windows Vista 6.0.6001
Internet Explorer : 7.0.6001.18000
Système de fichiers : NTFS
Mode suppression automatique
avec prise en charge résultats Catchme et GNS
*** Creation backups fichiers trouvés par Catchme ***
Copie vers "C:\Program Files\navilog1\Backupnavi"
Copie C:\Users\Alain\AppData\Local\Microsoft\pppnsby.dat réalisée avec succès !
Copie C:\Users\Alain\AppData\Local\Microsoft\pppnsby.exe réalisée avec succès !
Copie C:\Users\Alain\AppData\Local\Microsoft\pppnsby_nav.dat réalisée avec succès !
Copie C:\Users\Alain\AppData\Local\Microsoft\pppnsby_navps.dat réalisée avec succès !
*** Suppression des fichiers trouvés avec Catchme ***
C:\Users\Alain\AppData\Local\Microsoft\pppnsby.dat supprimé !
C:\Users\Alain\AppData\Local\Microsoft\pppnsby.exe supprimé !
C:\Users\Alain\AppData\Local\Microsoft\pppnsby_nav.dat supprimé !
C:\Users\Alain\AppData\Local\Microsoft\pppnsby_navps.dat supprimé !
** 2ème passage avec résultats Catchme **
* Dans C:\Windows\system32 *
* Dans C:\Users\Alain\AppData\Local\Microsoft *
* Dans C:\Users\Alain\AppData\Local\virtualstore\windows\system32 *
* Dans C:\Users\Alain\AppData\Local *
*** Suppression avec sauvegardes résultats GenericNaviSearch ***
* Suppression dans C:\Windows\System32 *
kavkawsigs.exe trouvé !
Copie kavkawsigs.exe réalisée avec succès !
kavkawsigs.exe supprimé !
* Suppression dans C:\Users\Alain\AppData\Local\Microsoft *
* Suppression dans C:\Users\Alain\AppData\Local\virtualstore\windows\system32 *
* Suppression dans C:\Users\Alain\AppData\Local *
*** Suppression dossiers dans C:\Windows ***
*** Suppression dossiers dans C:\Program Files ***
*** Suppression dossiers dans C:\ProgramData ***
*** Suppression dossiers dans C:\ProgramData\Microsoft\Windows\Start Menu\Programs ***
...\WebMediaPlayer ...suppression...
...\WebMediaPlayer supprimé !
*** Suppression dossiers dans c:\users\alain\appdata\roaming\microsoft\windows\start menu\programs ***
*** Suppression dossiers dans C:\Users\Alain\AppData\Local\virtualstore\Program Files ***
*** Suppression dossiers dans C:\Users\Alain\AppData\Roaming ***
*** Suppression fichiers ***
C:\Windows\pack.epk supprimé !
C:\Windows\system32\nvs2.inf supprimé !
*** Suppression fichiers temporaires ***
Nettoyage contenu C:\Windows\Temp effectué !
Nettoyage contenu C:\Users\Alain\AppData\Local\Temp effectué !
*** Traitement Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Suppression avec sauvegardes nouveaux fichiers Instant Access :
2)Recherche, création sauvegardes et suppression Heuristique :
* Dans C:\Windows\system32 *
* Dans C:\Users\Alain\AppData\Local\Microsoft *
jpvfwg.dat trouvé !
Copie jpvfwg.dat réalisée avec succès !
jpvfwg.dat supprimé !
jpvfwg_nav.dat trouvé !
Copie jpvfwg_nav.dat réalisée avec succès !
jpvfwg_nav.dat supprimé !
jpvfwg_navps.dat trouvé !
Copie jpvfwg_navps.dat réalisée avec succès !
jpvfwg_navps.dat supprimé !
* Dans C:\Users\Alain\AppData\Local\virtualstore\windows\system32 *
* Dans C:\Users\Alain\AppData\Local *
*** Sauvegarde du Registre vers dossier Safebackup ***
sauvegarde du Registre réalisée avec succès !
*** Nettoyage Registre ***
Nettoyage Registre Ok
*** Certificats ***
Certificat Egroup supprimé !
Certificat Electronic-Group supprimé !
Certificat OOO-Favorit supprimé !
Certificat Sunny-Day-Design-Ltdt absent !
*** Nettoyage terminé le 12.05.2008 à 12:03:46.37 ***
Je sais qu'on ne sait jamais...
Amicales salutations.
Télo
Amicales salutations.
Télo
- telocin
- Libellulien Junior
- Messages: 167
- Inscription: 27 Juil 2006 20:32
- Localisation: Genève - Suisse
Re: Publicités intempestives
par telocin » 12 Mai 2008 11:16
Voici la 2è annalyse :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:15:13, on 12.05.2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\conime.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Common Files\Logitech\LCD Manager\LCDMon.exe
C:\Program Files\Common Files\logishrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragTaskBar.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\ESET\nod32kui.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\TomTom HOME 2\HOMERunner.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\C-CHANNEL\PayPen\PayPen.exe
C:\Program Files\Common Files\Logitech\LCD Manager\Applets\LCDClock.exe
C:\Program Files\Common Files\Logitech\LCD Manager\Applets\LCDCountdown.exe
C:\Program Files\Common Files\Logitech\LCD Manager\Applets\LCDMedia.exe
C:\Program Files\Common Files\Logitech\LCD Manager\Applets\LCDPOP3.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\C-CHANNEL\PayPen\CPenOCR.exe
C:\Program Files\C-CHANNEL\PayPen\CPenDesk.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Windows\System32\mobsync.exe
C:\PROGRA~1\Ashampoo\ASHAMP~2\bin\DEFRAG~3.EXE
C:\PROGRA~1\Ashampoo\ASHAMP~2\bin\defragActivityMonitor.exe
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ch/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program Files\Common Files\Logitech\LCD Manager\LCDMon.exe"
O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Common Files\Logitech\G-series Software\LGDCore.exe" /SHOWHIDE
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [DefragTaskBar] "C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragTaskBar.exe"
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: PayPen.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Sélection intelligente HP - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O13 - Gopher Prefix:
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O18 - Protocol: bw+0 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
O23 - Service: AshampooDefragService - - C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\aDefragService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: PCLEPCI - Pinnacle Systems GmbH - C:\Windows\system32\drivers\pclepci.sys
O23 - Service: TeamViewer 3 (TeamViewer) - Unknown owner - C:\Program Files\TeamViewer3\TeamViewer_Host.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software GmbH - C:\Windows\System32\TuneUpDefragService.exe
--
End of file - 22226 bytes
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:15:13, on 12.05.2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\conime.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Common Files\Logitech\LCD Manager\LCDMon.exe
C:\Program Files\Common Files\logishrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragTaskBar.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\ESET\nod32kui.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\TomTom HOME 2\HOMERunner.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\C-CHANNEL\PayPen\PayPen.exe
C:\Program Files\Common Files\Logitech\LCD Manager\Applets\LCDClock.exe
C:\Program Files\Common Files\Logitech\LCD Manager\Applets\LCDCountdown.exe
C:\Program Files\Common Files\Logitech\LCD Manager\Applets\LCDMedia.exe
C:\Program Files\Common Files\Logitech\LCD Manager\Applets\LCDPOP3.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\C-CHANNEL\PayPen\CPenOCR.exe
C:\Program Files\C-CHANNEL\PayPen\CPenDesk.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Windows\System32\mobsync.exe
C:\PROGRA~1\Ashampoo\ASHAMP~2\bin\DEFRAG~3.EXE
C:\PROGRA~1\Ashampoo\ASHAMP~2\bin\defragActivityMonitor.exe
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ch/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program Files\Common Files\Logitech\LCD Manager\LCDMon.exe"
O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Common Files\Logitech\G-series Software\LGDCore.exe" /SHOWHIDE
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [DefragTaskBar] "C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragTaskBar.exe"
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: PayPen.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Sélection intelligente HP - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O13 - Gopher Prefix:
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O18 - Protocol: bw+0 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {497927A0-BD35-40CF-881E-9A1952DE8B43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
O23 - Service: AshampooDefragService - - C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\aDefragService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: PCLEPCI - Pinnacle Systems GmbH - C:\Windows\system32\drivers\pclepci.sys
O23 - Service: TeamViewer 3 (TeamViewer) - Unknown owner - C:\Program Files\TeamViewer3\TeamViewer_Host.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software GmbH - C:\Windows\System32\TuneUpDefragService.exe
--
End of file - 22226 bytes
Je sais qu'on ne sait jamais...
Amicales salutations.
Télo
Amicales salutations.
Télo
- telocin
- Libellulien Junior
- Messages: 167
- Inscription: 27 Juil 2006 20:32
- Localisation: Genève - Suisse
Re: Publicités intempestives
par Falkra » 12 Mai 2008 11:22
Le rapport est clean (mais tout n'apparait pas forcément dedans).
Tu utilises le firewall de Vista ?
Ton infection vient de WebMediaPlayer, un logiciel purement infectieux en fait, qu'il ne faut pas installer, voir ici :
http://www.libellules.ch/dotclear/index ... e-la-peste
As-tu encore des symptômes infectieux sur la machine ?
Tu utilises le firewall de Vista ?
Ton infection vient de WebMediaPlayer, un logiciel purement infectieux en fait, qu'il ne faut pas installer, voir ici :
http://www.libellules.ch/dotclear/index ... e-la-peste
As-tu encore des symptômes infectieux sur la machine ?
-
Falkra - Admin libellules.ch
- Messages: 24424
- Inscription: 30 Jan 2005 13:44
- Localisation: 127.0.0.1
Re: Publicités intempestives
par telocin » 12 Mai 2008 11:26
Oui le pare-feu windows avec nod 32 2.7 et j'ai désactivé defender qui est gourmand et freine un peu.
Ligne VDSL avec routeur zyxel P-2802 HWL
Autrement pour le reste ça parait OK.
Immense merci.
Ligne VDSL avec routeur zyxel P-2802 HWL
Autrement pour le reste ça parait OK.
Immense merci.
Je sais qu'on ne sait jamais...
Amicales salutations.
Télo
Amicales salutations.
Télo
- telocin
- Libellulien Junior
- Messages: 167
- Inscription: 27 Juil 2006 20:32
- Localisation: Genève - Suisse
Re: Publicités intempestives
par Falkra » 12 Mai 2008 13:03
Ok, impeccable alors.
Ne jamais installer ceci :
# Go-astro
# GoRecord
# HotTVPlayer
# MailSkinner
# Messenger Skinner
# Instant Access
# InternetGameBox
# Sudoplanet
# Le site www.games-desktop.com (n'y allez pas)
# WebMediaplayer
Si tu as des doutes sur un programme, consulte la crapthèque d'assiste.
Certaines des saletés que tu avais s'attrapent par le navigateur, je te conseille d'utiliser StripMyRights pour le protéger, cela retire les droits administrateur au navigateur, et les malwares en ont besoin pour t'infecter. Je te recommande la lecture de ce tuto d'oGu : Tuto StripMyRights.
D'autant que tu n'utilises pas l'UAC. Si tu veux les avantages sans les inconvénients, jette peut-être oeil à ce programme, TweakUAC :
http://www.libellules.ch/dotclear/index ... 2-tweakuac
Tu peux marquer résolu dans le titre, (en éditant le premier post, le titre devient modifiable).
Cela n'empêche pas si tu as des questions d'en poser et de continuer la discussion.
Ne jamais installer ceci :
# Go-astro
# GoRecord
# HotTVPlayer
# MailSkinner
# Messenger Skinner
# Instant Access
# InternetGameBox
# Sudoplanet
# Le site www.games-desktop.com (n'y allez pas)
# WebMediaplayer
Si tu as des doutes sur un programme, consulte la crapthèque d'assiste.
Certaines des saletés que tu avais s'attrapent par le navigateur, je te conseille d'utiliser StripMyRights pour le protéger, cela retire les droits administrateur au navigateur, et les malwares en ont besoin pour t'infecter. Je te recommande la lecture de ce tuto d'oGu : Tuto StripMyRights.
D'autant que tu n'utilises pas l'UAC. Si tu veux les avantages sans les inconvénients, jette peut-être oeil à ce programme, TweakUAC :
http://www.libellules.ch/dotclear/index ... 2-tweakuac
Tu peux marquer résolu dans le titre, (en éditant le premier post, le titre devient modifiable).
Cela n'empêche pas si tu as des questions d'en poser et de continuer la discussion.
-
Falkra - Admin libellules.ch
- Messages: 24424
- Inscription: 30 Jan 2005 13:44
- Localisation: 127.0.0.1
7 messages
• Page 1 sur 1
Qui est en ligne
Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 3 invités
Développé par phpBB® Forum Software © phpBB Group
Traduction par phpBB-fr.com
Traduction par phpBB-fr.com
phpBB Metro Theme by PixelGoose Studio