Bat/fgake.Privdanger
Forum Sécurité - Virus : Bat/fgake.Privdanger
Bonjour,
je suis nouveau sur ce forum et je vous demande svp d'aide au sujet du virus en cause. Voici le rapport HijackThis :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:54:17, on 19/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Comodo\Firewall\CPF.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\rnamfler\naomf.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\SILVA\Bureau\logiciels.programmes\galarneau\Galarneau.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\SMC\SMCWUSB-G2 Wireless Utility\ZDWlan.exe
C:\Program Files\Comodo\Firewall\cmdagent.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
c:\program files\rnamfler\radprcmp.exe
C:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://softwarereferral.com/jump.p [...] Ojg5&lid=2
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: etlrlws - {0B49006A-D3A9-42B0-96FC-2EE5C819C09D} - C:\WINDOWS\etlrlws.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\CPF.exe" /background
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [wrna3ls] C:\Program Files\rnamfler\naomf.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Meteo] C:\Documents and Settings\SILVA\Bureau\logiciels.programmes\galarneau\Galarneau.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: SMCWUSB-G2 Wireless Utility.lnk = C:\Program Files\SMC\SMCWUSB-G2 Wireless Utility\ZDWlan.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/wi [...] 2378702484
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mi [...] 2390556812
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/d [...] DEXAXO.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://fichiers.touslesdrivers.com [...] 0_4_12.cab
O16 - DPF: {DEAAB234-9D25-4D31-A3F7-162AD10CE98E} (FileUpload Control) - http://www.zaoza.fr/ActiveX/1.1.0.12/FileUpload.cab
O18 - Protocol: bw+0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: offline-8876480 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O21 - SSODL: altvxvm - {11653723-9E61-4098-AD62-A7DD14F8B63B} - C:\WINDOWS\altvxvm.dll
O21 - SSODL: bokpkov - {64D68249-7CC5-46FD-8A87-E9B621617501} - C:\WINDOWS\bokpkov.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe
O23 - Service: RdnaoFlSvc - Unknown owner - C:\Program Files\rnamfler\naofsvc.exe (file missing)
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 20818 bytes
Bonjour,
Télécharge MalwareBytes' Anti-Malwares 
< ici
Double clique sur mbam-setup.exe pour lancer l'installation
Autorise le téléchargement des mises à jour !
Redémarre en mode sans echec ( > Mode Sans Echec < )
Double clique sur le raccourci Malwarebytes présent sur ton bureau
Coche Exécuter un examen complet , puis clique sur [Rechercher]
A la fin du scan , clique sur [Afficher les resultats]
Si objets infectés sont trouvés , clique sur [Supprimer la sélection]
Poste le rapport ( il se trouve aussi dans l'onglet Rapports/Logs )
Répondre à Angeldark
Merci beaucoup.
Je pense que c'est résolu. Par contre j'avais 30 problèmes et j'ai fait supprimer. maintenant que j'ouvre le logiciel il n'y a rien, alors je ne peux pas faire un rapport !!!
Bonne journée
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 03:58:02, on 20/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Comodo\Firewall\CPF.exe
C:\Program Files\rnamfler\naomf.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\SILVA\Bureau\logiciels.programmes\galarneau\Galarneau.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\SMC\SMCWUSB-G2 Wireless Utility\ZDWlan.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Comodo\Firewall\cmdagent.exe
c:\program files\rnamfler\radprcmp.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Documents and Settings\SILVA\Bureau\logiciels.programmes\galarneau\Galarneau.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://softwarereferral.com/jump.p [...] Ojg5&lid=2
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\CPF.exe" /background
O4 - HKLM\..\Run: [wrna3ls] C:\Program Files\rnamfler\naomf.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Meteo] C:\Documents and Settings\SILVA\Bureau\logiciels.programmes\galarneau\Galarneau.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: SMCWUSB-G2 Wireless Utility.lnk = C:\Program Files\SMC\SMCWUSB-G2 Wireless Utility\ZDWlan.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/wi [...] 2378702484
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mi [...] 2390556812
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/d [...] DEXAXO.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://fichiers.touslesdrivers.com [...] 0_4_12.cab
O16 - DPF: {DEAAB234-9D25-4D31-A3F7-162AD10CE98E} (FileUpload Control) - http://www.zaoza.fr/ActiveX/1.1.0.12/FileUpload.cab
O18 - Protocol: bw+0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: offline-8876480 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe
O23 - Service: RdnaoFlSvc - Unknown owner - C:\Program Files\rnamfler\naofsvc.exe (file missing)
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 20318 bytes
Tu peux relancer le scan ? Fais ça ensuite :
Désactive tes protections résidentes (antivirus, Spybot...) !
- Télécharge Combofix (sUBs) sur ton Bureau.
- Double clique sur combofix.exe afin de le lancer.
- Tape sur la touche 1 (Yes) pour démarrer le scan.
- Lorsque le scan sera complété, un rapport apparaîtra. Poste ce rapport dans ta prochaine réponse.
Répondre à Angeldark
Encore un grand merci
Voici le rapport (je ne comprend rien !!!!) :
ComboFix 08-03-20.5 - SILVA 2008-03-21 11:46:23.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.597 [GMT 1:00]
Endroit: C:\Documents and Settings\SILVA\Bureau\ComboFix.exe
* Création d'un nouveau point de restauration
[color=red]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/color]
.
[color=purple]The following files were disabled during the run:[/color]
C:\Program Files\rnamfler\radprlib.dll
C:\Program Files\rnamfler\radhslib.dll
((((((((((((((((((((((((((((( Fichiers créés 2008-02-21 to 2008-03-21 ))))))))))))))))))))))))))))))))))))
.
2008-03-20 11:29 . 2004-08-03 23:10 51,328 --a------ C:\WINDOWS\system32\drivers\msdv.sys
2008-03-20 11:29 . 2004-08-03 23:10 51,328 --a--c--- C:\WINDOWS\system32\dllcache\msdv.sys
2008-03-20 11:29 . 2004-08-03 23:10 48,128 --a------ C:\WINDOWS\system32\drivers\61883.sys
2008-03-20 11:29 . 2004-08-03 23:10 48,128 --a--c--- C:\WINDOWS\system32\dllcache\61883.sys
2008-03-20 11:29 . 2004-08-03 23:10 38,912 --a------ C:\WINDOWS\system32\drivers\avc.sys
2008-03-20 11:29 . 2004-08-03 23:10 38,912 --a--c--- C:\WINDOWS\system32\dllcache\avc.sys
2008-03-20 10:56 . 2008-03-20 12:35 17 --a------ C:\WINDOWS\MovingPicture.ini
2008-03-20 10:47 . 2008-03-20 10:51 455 --a------ C:\WINDOWS\VFO.VST
2008-03-20 10:47 . 2008-03-20 10:47 51 --a------ C:\WINDOWS\system32\blue.SITENAME
2008-03-20 09:02 . 2008-03-20 09:02 <REP> d-------- C:\WINDOWS\system32\QuickTime
2008-03-20 09:02 . 2008-03-20 09:02 <REP> d-------- C:\Program Files\QuickTime
2008-03-20 09:02 . 2008-03-20 09:02 <REP> d-------- C:\Documents and Settings\All Users\Application Data\QuickTime
2008-03-20 09:02 . 2002-01-23 18:10 86,016 --a------ C:\WINDOWS\unvise32qt.exe
2008-03-20 09:01 . 2008-03-20 09:01 <REP> d-------- C:\Program Files\proDAD
2008-03-20 08:54 . 2008-03-20 08:54 <REP> d-------- C:\Program Files\AdorageI-SAL
2008-03-20 08:54 . 2008-03-20 08:56 <REP> d-------- C:\Program Files\AdorageI-GfxDatas
2008-03-20 08:32 . 2002-09-24 11:12 2,653,888 --a------ C:\WINDOWS\system32\LTRDG13n.OCX
2008-03-20 08:32 . 2002-09-24 11:12 534,192 --a------ C:\WINDOWS\system32\LTRVW13N.OCX
2008-03-20 08:32 . 2002-09-24 11:12 466,624 --a------ C:\WINDOWS\system32\LTRPR13n.DLL
2008-03-20 08:32 . 2005-07-12 14:25 401,408 --a------ C:\WINDOWS\system32\pvmjpg30.dll
2008-03-20 08:32 . 2002-09-24 11:12 194,248 --a------ C:\WINDOWS\system32\LTRFD13n.DLL
2008-03-20 08:32 . 2002-09-24 11:12 185,856 --a------ C:\WINDOWS\system32\lfpng13s.dll
2008-03-20 08:32 . 2002-09-24 11:12 79,360 --a------ C:\WINDOWS\system32\lfeps13s.dll
2008-03-20 08:32 . 2002-09-24 11:12 74,752 --a------ C:\WINDOWS\system32\lfgif13s.dll
2008-03-20 08:30 . 2003-03-16 00:15 90,112 --a------ C:\WINDOWS\unvise32.exe
2008-03-20 08:23 . 2008-03-20 08:23 <REP> d-------- C:\Program Files\SmartSound Software
2008-03-20 08:23 . 2008-03-20 08:23 <REP> d-------- C:\Documents and Settings\All Users\Application Data\SmartSound Software Inc
2008-03-20 08:22 . 2003-11-25 06:02 196,096 --a------ C:\WINDOWS\system32\macd32.dll
2008-03-20 08:22 . 2005-06-02 19:28 171,008 --a------ C:\WINDOWS\system32\drivers\MarvinBus.sys
2008-03-20 08:22 . 2003-11-25 06:02 138,752 --a------ C:\WINDOWS\system32\mase32.dll
2008-03-20 08:22 . 2003-11-25 06:02 136,192 --a------ C:\WINDOWS\system32\mamc32.dll
2008-03-20 08:22 . 2004-07-02 17:28 84,992 --a------ C:\WINDOWS\system32\ATL70.DLL
2008-03-20 08:22 . 2003-11-25 06:02 57,856 --a------ C:\WINDOWS\system32\masd32.dll
2008-03-20 08:22 . 2004-02-24 13:04 41,219 --a------ C:\WINDOWS\RSETPATH.exe
2008-03-20 08:22 . 2003-11-25 06:02 27,648 --a------ C:\WINDOWS\system32\ma32.dll
2008-03-20 08:22 . 2008-03-20 14:42 1,289 --a------ C:\WINDOWS\VFO.INI
2008-03-20 08:20 . 2008-03-20 11:13 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Pinnacle Studio
2008-03-20 08:20 . 2004-01-23 17:44 49,152 --a------ C:\WINDOWS\system32\PCLEGetGuid.dll
2008-03-20 08:15 . 2008-03-20 10:49 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Pinnacle
2008-03-20 08:14 . 2008-03-20 08:31 <REP> d-------- C:\Program Files\Pinnacle
2008-03-20 08:14 . 2005-02-09 12:59 14,165 --a------ C:\WINDOWS\system32\drivers\Pclepci.sys
2008-03-19 21:06 . 2008-03-19 21:06 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Malwarebytes
2008-03-19 21:05 . 2008-02-06 13:26 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage réseau
2008-03-19 21:05 . 2008-02-06 13:26 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage d'impression
2008-03-19 21:05 . 2008-02-06 13:04 <REP> d--h----- C:\Documents and Settings\Administrateur\Modèles
2008-03-19 21:05 . 2008-02-06 13:26 <REP> d-------- C:\Documents and Settings\Administrateur\Mes documents
2008-03-19 21:05 . 2008-02-06 13:26 <REP> dr------- C:\Documents and Settings\Administrateur\Menu Démarrer
2008-03-19 21:05 . 2008-02-06 13:26 <REP> d-------- C:\Documents and Settings\Administrateur\Favoris
2008-03-19 21:05 . 2008-02-06 13:26 <REP> d-------- C:\Documents and Settings\Administrateur\Bureau
2008-03-19 20:52 . 2008-03-19 20:52 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-03-19 20:52 . 2008-03-19 20:52 <REP> d-------- C:\Documents and Settings\SILVA\Application Data\Malwarebytes
2008-03-19 20:52 . 2008-03-19 20:52 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-03-19 18:01 . 2008-03-19 18:01 <REP> d-------- C:\Program Files\Trend Micro
2008-03-18 18:08 . 2008-03-18 18:08 <REP> d-------- C:\Program Files\Fichiers communs\Adobe Systems Shared
2008-03-18 12:45 . 2008-03-18 12:45 <REP> d-------- C:\Program Files\Fichiers communs\Macrovision Shared
2008-03-18 11:21 . 2008-03-18 11:21 <REP> d-------- C:\Program Files\Microsoft SQL Server Compact Edition
2008-03-17 19:07 . 2008-03-17 19:07 <REP> d-------- C:\Program Files\Fichiers communs\SourceTec
2008-03-17 18:58 . 2008-03-17 18:58 <REP> d-------- C:\Program Files\SourceTec
2008-03-17 11:31 . 2008-03-17 11:31 <REP> d-------- C:\Program Files\Clic
2008-03-17 02:57 . 2008-03-17 02:57 <REP> d-------- C:\Documents and Settings\SILVA\dwhelper
2008-03-15 05:22 . 2008-03-15 05:22 <REP> d-------- C:\WINDOWS\Sun
2008-03-14 04:45 . 2008-03-14 04:45 <REP> d-------- C:\Documents and Settings\SILVA\Application Data\Comodo
2008-03-14 04:45 . 2008-03-14 04:45 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Comodo
2008-03-14 04:43 . 2008-03-10 18:16 216 --a------ C:\boot.ini.comodofirewall
2008-03-14 04:42 . 2008-03-14 04:42 <REP> d-------- C:\Program Files\Comodo
2008-03-12 03:56 . 2008-03-12 03:56 <REP> d-------- C:\Program Files\PowerpointImageExtractor_V1_2
2008-03-11 15:08 . 2008-03-13 10:42 1,025,694 --a------ C:\WINDOWS\setupapi.log.5.old
2008-03-11 15:08 . 2008-03-12 13:37 1,025,694 --a------ C:\WINDOWS\setupapi.log.4.old
2008-03-11 15:08 . 2008-03-14 10:33 1,025,343 --a------ C:\WINDOWS\setupapi.log.10.old
2008-03-11 15:08 . 2008-03-14 10:12 1,024,844 --a------ C:\WINDOWS\setupapi.log.9.old
2008-03-11 15:08 . 2008-03-15 05:11 1,024,834 --a------ C:\WINDOWS\setupapi.log.11.old
2008-03-11 15:08 . 2008-03-14 09:04 1,024,485 --a------ C:\WINDOWS\setupapi.log.6.old
2008-03-11 15:08 . 2008-03-14 09:50 1,024,430 --a------ C:\WINDOWS\setupapi.log.8.old
2008-03-11 15:08 . 2008-03-14 09:29 1,024,430 --a------ C:\WINDOWS\setupapi.log.7.old
2008-03-11 03:28 . 2008-03-18 13:02 <REP> d-------- C:\Documents and Settings\All Users\Application Data\SecTaskMan
2008-03-11 03:27 . 2008-03-18 18:03 <REP> d-------- C:\Program Files\Security Task Manager
2008-03-10 12:22 . 2008-03-10 17:44 <REP> d-------- C:\Program Files\Visicom Media
2008-03-10 12:22 . 2008-03-10 17:44 <REP> d-------- C:\Documents and Settings\SILVA\Application Data\EoRezo
2008-03-08 11:44 . 2008-03-08 11:44 <REP> d-------- C:\Program Files\Real
2008-03-08 11:44 . 2008-03-08 11:44 <REP> d-------- C:\Program Files\Fichiers communs\xing shared
2008-03-08 11:44 . 2008-03-08 11:44 <REP> d-------- C:\Program Files\Fichiers communs\Real
2008-03-08 10:14 . 2008-03-08 10:14 65 --a------ C:\WINDOWS\FISHUI.INI
2008-03-08 00:39 . 2008-03-08 08:38 <REP> d-------- C:\Documents and Settings\SILVA\Application Data\Teleca
2008-03-08 00:39 . 2008-03-08 00:39 <REP> d-------- C:\Documents and Settings\SILVA\Application Data\Sony Ericsson
2008-03-08 00:38 . 2008-03-11 08:30 1,024,425 --a------ C:\WINDOWS\setupapi.log.2.old
2008-03-08 00:38 . 2008-03-11 08:51 1,024,305 --a------ C:\WINDOWS\setupapi.log.3.old
2008-03-08 00:38 . 2008-03-10 15:36 1,024,049 --a------ C:\WINDOWS\setupapi.log.1.old
2008-03-08 00:36 . 2008-03-08 00:36 <REP> d-------- C:\Program Files\Sony Ericsson
2008-03-08 00:36 . 2008-03-08 00:37 <REP> d-------- C:\Program Files\Fichiers communs\Teleca Shared
2008-03-08 00:36 . 2008-03-08 00:37 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Teleca
2008-03-08 00:36 . 2008-03-08 00:37 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Sony Ericsson
2008-03-08 00:35 . 2008-03-20 08:21 <REP> d-------- C:\WINDOWS\Downloaded Installations
2008-03-08 00:34 . 2008-03-08 00:34 <REP> d-------- C:\Program Files\Disc2Phone
2008-03-05 04:34 . 2008-03-19 16:00 <REP> d-------- C:\Program Files\SpywareBlaster
2008-03-05 04:34 . 2008-03-19 16:00 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-03-05 04:34 . 2005-08-25 18:19 115,920 --a------ C:\WINDOWS\system32\MSINET.OCX
2008-02-29 11:50 . 2008-02-29 11:50 <REP> d-------- C:\Program Files\sisagp
2008-02-29 11:49 . 2008-02-29 11:49 <REP> d-------- C:\Documents and Settings\SILVA\Application Data\ATI
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-21 10:40 0 ----a-w C:\WINDOWS\system32\drivers\lvuvc.hs
2008-03-21 10:40 0 ----a-w C:\WINDOWS\system32\drivers\logiflt.iad
2008-03-20 15:28 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-03-20 15:21 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-03-19 08:25 --------- d-----w C:\Documents and Settings\SILVA\Application Data\BitTorrent
2008-03-19 08:25 --------- d-----w C:\Documents and Settings\SILVA\Application Data\Azureus
2008-03-19 08:17 --------- d--h--r C:\Program Files\rnamfler
2008-03-18 11:56 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-03-18 11:13 --------- d-----w C:\Program Files\eMule
2008-03-18 10:22 --------- d-----w C:\Program Files\Windows Live
2008-03-18 10:16 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-03-15 04:26 --------- d-----w C:\Program Files\Java
2008-03-12 08:02 --------- d-----w C:\Documents and Settings\SILVA\Application Data\Roxio
2008-03-10 14:42 --------- d-----w C:\Program Files\Azureus
2008-02-29 10:44 --------- d-----w C:\Program Files\ATI Technologies
2008-02-28 08:47 --------- d-----w C:\Documents and Settings\All Users\Application Data\PC Suite
2008-02-17 07:05 65,024 ----a-w C:\WINDOWS\IFinst26.exe
2008-02-17 07:05 --------- d-----w C:\Program Files\XviD
2008-02-17 07:05 --------- d-----w C:\Program Files\Lame MP3 Codec
2008-02-17 07:04 --------- d-----w C:\Program Files\Samsung
2008-02-17 07:04 --------- d-----w C:\Documents and Settings\SILVA\Application Data\DataCast
2008-02-17 06:57 --------- d-----w C:\Program Files\VirginMega
2008-02-17 06:57 --------- d-----w C:\Documents and Settings\All Users\Application Data\Downloaded Installations
2008-02-17 06:55 --------- d-----w C:\Program Files\Windows Media Connect 2
2008-02-14 13:51 --------- d-----w C:\Program Files\Google
2008-02-14 13:49 --------- d-----w C:\Program Files\Photodex
2008-02-14 13:22 --------- d-----w C:\Program Files\BitTorrent
2008-02-14 13:15 --------- d-----w C:\Documents and Settings\SILVA\Application Data\Photodex
2008-02-14 13:11 --------- d-----w C:\Program Files\Fichiers communs\Java
2008-02-14 08:30 --------- d-----w C:\Documents and Settings\SILVA\Application Data\uTorrent
2008-02-14 08:28 --------- d-----w C:\Program Files\Get-Torrent
2008-02-14 08:06 --------- d-----w C:\Program Files\uTorrent
2008-02-13 11:15 --------- d-----w C:\Documents and Settings\All Users\Application Data\Azureus
2008-02-13 10:15 --------- d-----w C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-02-13 10:14 --------- d-----w C:\Program Files\Lavasoft
2008-02-13 10:14 --------- d-----w C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-02-12 18:25 --------- d-----w C:\Program Files\CCleaner
2008-02-11 17:27 --------- d-----w C:\Documents and Settings\SILVA\Application Data\Samsung
2008-02-11 17:08 --------- d-----w C:\Documents and Settings\SILVA\Application Data\PC Suite
2008-02-11 12:29 --------- d-----w C:\Documents and Settings\SILVA\Application Data\Nokia Multimedia Player
2008-02-11 12:29 --------- d-----w C:\Documents and Settings\SILVA\Application Data\Nokia
2008-02-11 12:26 --------- d-----w C:\Program Files\PC Connectivity Solution
2008-02-11 12:26 --------- d-----w C:\Program Files\Nokia
2008-02-11 12:26 --------- d-----w C:\Program Files\Fichiers communs\PCSuite
2008-02-11 12:26 --------- d-----w C:\Program Files\Fichiers communs\Nokia
2008-02-11 12:26 --------- d-----w C:\Program Files\DIFX
2008-02-11 12:24 --------- d-----w C:\Documents and Settings\All Users\Application Data\Installations
2008-02-11 08:47 --------- d-----w C:\Program Files\Microsoft Works
2008-02-11 08:46 --------- d-----w C:\Program Files\MSBuild
2008-02-11 08:12 --------- d-----w C:\Documents and Settings\All Users\Application Data\Roxio
2008-02-11 08:11 --------- d-----w C:\Program Files\Roxio
2008-02-11 08:05 --------- d-----w C:\Program Files\Fichiers communs\Roxio Shared
2008-02-11 07:48 --------- d-----w C:\Program Files\Kit ADSL
2008-02-11 07:30 --------- d-----w C:\Program Files\Neuf
2008-02-11 03:37 --------- d-----w C:\Program Files\Codecs
2008-02-11 03:33 --------- d-----w C:\Documents and Settings\All Users\Application Data\Macrovision
2008-02-10 20:44 --------- d-----w C:\Program Files\PhotoFiltre
2008-02-10 19:48 --------- d---a-w C:\Program Files\RecordNow
2008-02-10 19:44 --------- d-----w C:\Documents and Settings\SILVA\Application Data\Leadertech
2008-02-10 19:27 --------- d-----w C:\Program Files\Office
2008-02-09 20:39 --------- dcsh--w C:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-02-08 17:35 --------- d-----w C:\Documents and Settings\SILVA\Application Data\Media Player Classic
2008-02-08 14:19 --------- d-----w C:\Program Files\Realtek AC97
2008-02-08 14:15 9,472 ----a-w C:\WINDOWS\system32\drivers\sisperf.sys
2008-02-08 14:15 49,024 ----a-w C:\WINDOWS\system32\drivers\sisidex.sys
2008-02-08 14:15 4,096 ----a-w C:\WINDOWS\system32\drivers\siside.sys
2008-02-08 14:15 139,264 ----a-w C:\WINDOWS\system32\IDEproperty.dll
2008-02-08 08:56 --------- d-----w C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-02-08 08:18 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
2008-02-08 08:03 60,416 ----a-w C:\WINDOWS\ALCFDRTM.EXE
2008-02-07 22:29 --------- d-----w C:\Program Files\Setup Files
2008-02-07 22:26 --------- d-----w C:\Program Files\MSI
2008-02-07 21:52 --------- d-----w C:\Program Files\Hewlett-Packard
2008-02-07 21:44 --------- d-----w C:\Program Files\Realtek
2008-02-07 21:43 --------- d-----w C:\Documents and Settings\SILVA\Application Data\InstallShield
2008-02-07 21:37 --------- d-----w C:\Program Files\Satsuki Decoder Pack
2008-02-07 18:12 --------- d-----w C:\Program Files\Lavalys
2008-02-07 14:51 --------- d-----w C:\Documents and Settings\SILVA\Application Data\Ahead
2008-02-07 12:59 --------- d-----w C:\Program Files\Fichiers communs\logishrd
2008-02-07 12:40 --------- d-----w C:\Program Files\MSXML 4.0
2008-02-07 12:29 118,784 ------r C:\WINDOWS\bwUnin-7.2.0.157-8876480SL.exe
2008-02-07 12:29 --------- d-----w C:\Program Files\Logitech
2008-02-07 12:27 --------- d-----w C:\Program Files\Fichiers communs\Logitech
2008-02-07 12:26 --------- d-----w C:\Documents and Settings\All Users\Application Data\Logitech
2008-02-07 10:55 --------- d-----w C:\Program Files\Avira
2008-02-07 10:55 --------- d-----w C:\Documents and Settings\All Users\Application Data\Avira
2008-02-07 10:25 --------- d-----w C:\Program Files\SMC
2008-02-06 13:37 --------- d-----w C:\Program Files\CyberLink
2008-02-06 13:37 --------- d-----w C:\Documents and Settings\All Users\Application Data\CyberLink
2008-02-06 13:30 --------- d-----w C:\Program Files\Ahead
2008-02-06 13:29 --------- d-----w C:\Documents and Settings\All Users\Application Data\Ahead
2008-02-06 13:28 --------- d-----w C:\Program Files\Fichiers communs\Nero
2008-02-06 13:12 --------- d-----w C:\Program Files\Fichiers communs\Ahead
2008-02-06 12:08 --------- d-----w C:\Program Files\microsoft frontpage
2008-02-06 12:07 --------- d-----w C:\Program Files\Services en ligne
2008-02-01 07:40 40,960 ----a-w C:\WINDOWS\system32\MAMACExtract.dll
2008-02-01 07:40 110,592 ----a-w C:\WINDOWS\system32\TG_DUMP0708.DLL
2008-01-24 15:36 4,127,488 ----a-r C:\WINDOWS\system32\drivers\alcxwdm.sys
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 13:00 15360]
"Meteo"="C:\Documents and Settings\SILVA\Bureau\logiciels.programmes\galarneau\Galarneau.exe" [2008-01-06 22:03 1090560]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PinnacleDriverCheck"="C:\WINDOWS\system32\\PSDrvCheck.exe" [2004-03-11 01:26 406016]
"wrna3ls"="C:\Program Files\rnamfler\naomf.exe" [2006-04-01 10:45 1253960]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 13:00 15360]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-03-27 15:58 1744896]
C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
SMCWUSB-G2 Wireless Utility.lnk - C:\Program Files\SMC\SMCWUSB-G2 Wireless Utility\ZDWlan.exe [2008-02-07 11:25:51 491520]
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Gamma Loader.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Gamma Loader.lnk
backup=C:\WINDOWS\pss\Adobe Gamma Loader.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logitech Desktop Messenger.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech Desktop Messenger.lnk
backup=C:\WINDOWS\pss\Logitech Desktop Messenger.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk
backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^SILVA^Menu Démarrer^Programmes^Démarrage^PowerReg Scheduler V3.exe]
path=C:\Documents and Settings\SILVA\Menu Démarrer\Programmes\Démarrage\PowerReg Scheduler V3.exe
backup=C:\WINDOWS\pss\PowerReg Scheduler V3.exeStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a------ 2008-01-11 22:16 39792 C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICCC]
--a------ 2006-01-02 16:41 45056 C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avgnt]
--a------ 2008-02-07 11:56 249896 C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent DNA]
C:\Program Files\DNA\btdna.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\COMODO Firewall Pro]
--a------ 2008-03-14 04:48 1115728 C:\Program Files\Comodo\Firewall\CPF.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EoEngine]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EoWeather]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
--a------ 2007-08-24 07:00 33648 C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM]
--a------ 2008-02-07 13:29 36864 C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LiveMonitor]
C:\Program Files\MSI\Live Update 3\LMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechCommunicationsManager]
--a------ 2006-06-26 09:46 497200 C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]
--a------ 2006-06-26 10:34 614960 C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LVCOMSX]
--a------ 2006-06-26 10:33 243248 C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Meteo]
C:\Documents and Settings\SILVA\Bureau\Galarneau\Galarneau.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--a------ 2004-10-13 17:24 1694208 C:\Program Files\Messenger\msmsgs.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2001-07-09 10:50 155648 C:\WINDOWS\system32\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OHE]
C:\Program Files\Ohé\OHE.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]
--a------ 2007-03-23 13:20 227328 C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-03-20 09:02 98304 C:\Program Files\QuickTime\qttask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
--a------ 2003-10-27 02:04 32768 C:\Program Files\Roxio\Roxio DVDMax Player\PDVDServ.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxioAudioCentral]
--a------ 2003-07-15 12:38 319488 C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxioDragToDisc]
--a------ 2004-11-03 16:54 868352 C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxioEngineUtility]
--a------ 2003-05-01 18:44 65536 C:\Program Files\Fichiers communs\Roxio Shared\System\EngUtil.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMSTray]
--a------ 2007-09-20 08:23 132624 C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
-ra------ 2005-10-26 16:17 159744 C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
--a------ 2007-04-16 15:28 577536 C:\WINDOWS\soundman.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2008-02-22 04:25 144784 C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
--a------ 2008-02-20 18:53 68856 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
--a------ 2008-03-08 11:44 185896 C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\wrna3ls]
--a------ 2006-04-01 10:45 1253960 C:\Program Files\rnamfler\naomf.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"C:\\WINDOWS\\system32\\dpvsetup.exe"=
"C:\\WINDOWS\\system32\\rundll32.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"C:\\Program Files\\Azureus\\Azureus.exe"=
"C:\\Program Files\\uTorrent\\uTorrent.exe"=
"C:\\Program Files\\BitTorrent\\bittorrent.exe"=
"C:\\WINDOWS\\system32\\muzapp.exe"=
"C:\\Program Files\\Pinnacle\\Studio 10\\programs\\RM.exe"=
"C:\\Program Files\\Pinnacle\\Studio 10\\programs\\Studio.exe"=
"C:\\Program Files\\Pinnacle\\Studio 10\\programs\\PMSRegisterFile.exe"=
"C:\\Program Files\\Pinnacle\\Studio 10\\programs\\umi.exe"=
R3 ES1370;Creative AudioPCI (ES1370), SB PCI 64/128 (WDM);C:\WINDOWS\system32\drivers\ES1370MP.sys [2002-08-05 11:17]
R3 ZD1211BU(SMC);802.11g Wireless USB2.0 Adapter Driver(SMC);C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys [2006-08-24 13:44]
S3 athrusb;802.11g Wireless USB2.0 Adapter driver;C:\WINDOWS\system32\DRIVERS\athrusb.sys [2007-01-29 13:56]
S3 Gudclmdkhos;Gudclmdkhos;C:\WINDOWS\system32\drivers\i8042prt.sys [2004-08-05 13:00]
S3 MBAMCatchMe;MBAMCatchMe;C:\Program Files\Malwarebytes' Anti-Malware\catchme.sys [2008-03-09 17:29]
S3 PCASp50;PCASp50 NDIS Protocol Driver;C:\WINDOWS\system32\Drivers\PCASp50.sys [2005-11-19 02:13]
S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 23:08]
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-21 11:51:28
Windows 5.1.2600 Service Pack 2 NTFS
Balayage processus cachés ...
Balayage caché autostart entries ...
Balayage des fichiers cachés ...
Scan terminé avec succès
Les fichiers cachés: 0
**************************************************************************
.
--------------------- DLLs a chargé sous des processus courants ---------------------
PROCESS: C:\WINDOWS\system32\winlogon.exe
-> C:\Program Files\rnamfler\radprlib.dll
PROCESS: C:\WINDOWS\system32\lsass.exe
-> C:\Program Files\rnamfler\radprlib.dll
PROCESS: C:\WINDOWS\explorer.exe
-> C:\Program Files\rnamfler\radprlib.dll
-> C:\Program Files\rnamfler\radhslib.dll
PROCESS: C:\WINDOWS\system32\csrss.exe
-> C:\Program Files\rnamfler\radprlib.dll
.
Temps d'accomplissement: 2008-03-21 11:53:01
.
2008-03-20 15:28:51 --- E O F ---
Reposte un rapport Hijackthis.
Répondre à Angeldark
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:40:38, on 21/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\rnamfler\naomf.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Comodo\Firewall\cmdagent.exe
C:\Program Files\Comodo\Firewall\CPF.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\SMC\SMCWUSB-G2 Wireless Utility\ZDWlan.exe
C:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
c:\program files\rnamfler\radprcmp.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Documents and Settings\SILVA\Bureau\logiciels.programmes\galarneau\Galarneau.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://softwarereferral.com/jump.p [...] Ojg5&lid=2
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\\PSDrvCheck.exe
O4 - HKLM\..\Run: [wrna3ls] C:\Program Files\rnamfler\naomf.exe
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\CPF.exe" /background
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Meteo] C:\Documents and Settings\SILVA\Bureau\logiciels.programmes\galarneau\Galarneau.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: SMCWUSB-G2 Wireless Utility.lnk = C:\Program Files\SMC\SMCWUSB-G2 Wireless Utility\ZDWlan.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/wi [...] 2378702484
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mi [...] 2390556812
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/d [...] DEXAXO.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://fichiers.touslesdrivers.com [...] 0_4_12.cab
O16 - DPF: {DEAAB234-9D25-4D31-A3F7-162AD10CE98E} (FileUpload Control) - http://www.zaoza.fr/ActiveX/1.1.0.12/FileUpload.cab
O18 - Protocol: bw+0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: offline-8876480 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe
O23 - Service: RdnaoFlSvc - Unknown owner - C:\Program Files\rnamfler\naofsvc.exe (file missing)
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 20311 bytes
Re,
Désactive tes protections résidentes (antivirus...) !
Copie (Ctrl+C) le texte se situant dans le cadre ci-dessous :
Registry:: |
Ouvre le Bloc-Notes puis colle (Ctrl+V) le texte précedemment copié.
Sauvegarde ce fichier sous le nom de CFScript.txt.
Glisse maintenant le fichier CFScript.txt dans Combofix.exe comme ci-dessous :
Cela va relancer Combofix, tape sur 1 puis valide. Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un rapport Hijackthis.
NOTE : S'il n'y a pas de rédémarrage, poste quand même les rapports demandés.
Message édité par Angeldark le 21-03-2008 à 21:16:14
Répondre à Angeldark
Je suis confus, car je ne trouve pas !!!
par contre mon pare feu m'avertis assez souvent de "rnamfler"
Je fais recherche et je n'ai rien trouvé non plus.
affaire à suivre
Bonne journée
Tu ne trouves pas ?
Répondre à Angeldark
Il y a 2507 utilisateurs connus et inconnus. Pour voir la liste des connectés connus, cliquez ici.
