Se connecter / S'enregistrer
Votre question

Bat/fgake.Privdanger

Tags :
  • Internet Explorer
  • Sécurité
Dernière réponse : dans Sécurité et virus
19 Mars 2008 19:56:19

Bonjour,
je suis nouveau sur ce forum et je vous demande svp d'aide au sujet du virus en cause. Voici le rapport HijackThis :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:54:17, on 19/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Comodo\Firewall\CPF.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\rnamfler\naomf.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\SILVA\Bureau\logiciels.programmes\galarneau\Galarneau.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\SMC\SMCWUSB-G2 Wireless Utility\ZDWlan.exe
C:\Program Files\Comodo\Firewall\cmdagent.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
c:\program files\rnamfler\radprcmp.exe
C:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://softwarereferral.com/jump.php?wmid=6010&mid=MjI6...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: etlrlws - {0B49006A-D3A9-42B0-96FC-2EE5C819C09D} - C:\WINDOWS\etlrlws.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\CPF.exe" /background
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [wrna3ls] C:\Program Files\rnamfler\naomf.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Meteo] C:\Documents and Settings\SILVA\Bureau\logiciels.programmes\galarneau\Galarneau.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: SMCWUSB-G2 Wireless Utility.lnk = C:\Program Files\SMC\SMCWUSB-G2 Wireless Utility\ZDWlan.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Co...
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.c...
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://fichiers.touslesdrivers.com/fichiers/hardwaredet...
O16 - DPF: {DEAAB234-9D25-4D31-A3F7-162AD10CE98E} (FileUpload Control) - http://www.zaoza.fr/ActiveX/1.1.0.12/FileUpload.cab
O18 - Protocol: bw+0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: offline-8876480 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O21 - SSODL: altvxvm - {11653723-9E61-4098-AD62-A7DD14F8B63B} - C:\WINDOWS\altvxvm.dll
O21 - SSODL: bokpkov - {64D68249-7CC5-46FD-8A87-E9B621617501} - C:\WINDOWS\bokpkov.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe
O23 - Service: RdnaoFlSvc - Unknown owner - C:\Program Files\rnamfler\naofsvc.exe (file missing)
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 20818 bytes

Autres pages sur : bat fgake privdanger

a b 8 Sécurité
19 Mars 2008 20:46:00

Bonjour,

Télécharge MalwareBytes' Anti-Malwares < ici

Double clique sur mbam-setup.exe pour lancer l'installation
Autorise le téléchargement des mises à jour !

Redémarre en mode sans echec ( > Mode Sans Echec < )

Double clique sur le raccourci Malwarebytes présent sur ton bureau
Coche Exécuter un examen complet , puis clique sur [Rechercher]
A la fin du scan , clique sur [Afficher les resultats]
Si objets infectés sont trouvés , clique sur [Supprimer la sélection]

Poste le rapport ( il se trouve aussi dans l'onglet Rapports/Logs )
20 Mars 2008 03:55:44

Merci beaucoup.
Je pense que c'est résolu. Par contre j'avais 30 problèmes et j'ai fait supprimer. maintenant que j'ouvre le logiciel il n'y a rien, alors je ne peux pas faire un rapport !!!
Bonne journée

20 Mars 2008 03:59:29

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 03:58:02, on 20/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Comodo\Firewall\CPF.exe
C:\Program Files\rnamfler\naomf.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\SILVA\Bureau\logiciels.programmes\galarneau\Galarneau.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\SMC\SMCWUSB-G2 Wireless Utility\ZDWlan.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Comodo\Firewall\cmdagent.exe
c:\program files\rnamfler\radprcmp.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Documents and Settings\SILVA\Bureau\logiciels.programmes\galarneau\Galarneau.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://softwarereferral.com/jump.php?wmid=6010&mid=MjI6...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\CPF.exe" /background
O4 - HKLM\..\Run: [wrna3ls] C:\Program Files\rnamfler\naomf.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Meteo] C:\Documents and Settings\SILVA\Bureau\logiciels.programmes\galarneau\Galarneau.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: SMCWUSB-G2 Wireless Utility.lnk = C:\Program Files\SMC\SMCWUSB-G2 Wireless Utility\ZDWlan.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Co...
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.c...
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://fichiers.touslesdrivers.com/fichiers/hardwaredet...
O16 - DPF: {DEAAB234-9D25-4D31-A3F7-162AD10CE98E} (FileUpload Control) - http://www.zaoza.fr/ActiveX/1.1.0.12/FileUpload.cab
O18 - Protocol: bw+0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: offline-8876480 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe
O23 - Service: RdnaoFlSvc - Unknown owner - C:\Program Files\rnamfler\naofsvc.exe (file missing)
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 20318 bytes
a b 8 Sécurité
20 Mars 2008 15:44:40

Tu peux relancer le scan ? Fais ça ensuite :

[#ff0000]Désactive tes protections résidentes (antivirus, Spybot...) ![/#f]

  • Télécharge Combofix ([#ff0000]sUBs[/#f]) sur ton Bureau.
  • Double clique sur combofix.exe afin de le lancer.
  • Tape sur la touche 1 (Yes) pour démarrer le scan.
  • Lorsque le scan sera complété, un rapport apparaîtra. Poste ce rapport dans ta prochaine réponse.
    21 Mars 2008 11:55:21

    Encore un grand merci
    Voici le rapport (je ne comprend rien !!!!) :

    ComboFix 08-03-20.5 - SILVA 2008-03-21 11:46:23.1 - NTFSx86
    Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.597 [GMT 1:00]
    Endroit: C:\Documents and Settings\SILVA\Bureau\ComboFix.exe
    * Création d'un nouveau point de restauration

    AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
    .
    The following files were disabled during the run:
    C:\Program Files\rnamfler\radprlib.dll
    C:\Program Files\rnamfler\radhslib.dll


    ((((((((((((((((((((((((((((( Fichiers créés 2008-02-21 to 2008-03-21 ))))))))))))))))))))))))))))))))))))
    .

    2008-03-20 11:29 . 2004-08-03 23:10 51,328 --a------ C:\WINDOWS\system32\drivers\msdv.sys
    2008-03-20 11:29 . 2004-08-03 23:10 51,328 --a--c--- C:\WINDOWS\system32\dllcache\msdv.sys
    2008-03-20 11:29 . 2004-08-03 23:10 48,128 --a------ C:\WINDOWS\system32\drivers\61883.sys
    2008-03-20 11:29 . 2004-08-03 23:10 48,128 --a--c--- C:\WINDOWS\system32\dllcache\61883.sys
    2008-03-20 11:29 . 2004-08-03 23:10 38,912 --a------ C:\WINDOWS\system32\drivers\avc.sys
    2008-03-20 11:29 . 2004-08-03 23:10 38,912 --a--c--- C:\WINDOWS\system32\dllcache\avc.sys
    2008-03-20 10:56 . 2008-03-20 12:35 17 --a------ C:\WINDOWS\MovingPicture.ini
    2008-03-20 10:47 . 2008-03-20 10:51 455 --a------ C:\WINDOWS\VFO.VST
    2008-03-20 10:47 . 2008-03-20 10:47 51 --a------ C:\WINDOWS\system32\blue.SITENAME
    2008-03-20 09:02 . 2008-03-20 09:02 <REP> d-------- C:\WINDOWS\system32\QuickTime
    2008-03-20 09:02 . 2008-03-20 09:02 <REP> d-------- C:\Program Files\QuickTime
    2008-03-20 09:02 . 2008-03-20 09:02 <REP> d-------- C:\Documents and Settings\All Users\Application Data\QuickTime
    2008-03-20 09:02 . 2002-01-23 18:10 86,016 --a------ C:\WINDOWS\unvise32qt.exe
    2008-03-20 09:01 . 2008-03-20 09:01 <REP> d-------- C:\Program Files\proDAD
    2008-03-20 08:54 . 2008-03-20 08:54 <REP> d-------- C:\Program Files\AdorageI-SAL
    2008-03-20 08:54 . 2008-03-20 08:56 <REP> d-------- C:\Program Files\AdorageI-GfxDatas
    2008-03-20 08:32 . 2002-09-24 11:12 2,653,888 --a------ C:\WINDOWS\system32\LTRDG13n.OCX
    2008-03-20 08:32 . 2002-09-24 11:12 534,192 --a------ C:\WINDOWS\system32\LTRVW13N.OCX
    2008-03-20 08:32 . 2002-09-24 11:12 466,624 --a------ C:\WINDOWS\system32\LTRPR13n.DLL
    2008-03-20 08:32 . 2005-07-12 14:25 401,408 --a------ C:\WINDOWS\system32\pvmjpg30.dll
    2008-03-20 08:32 . 2002-09-24 11:12 194,248 --a------ C:\WINDOWS\system32\LTRFD13n.DLL
    2008-03-20 08:32 . 2002-09-24 11:12 185,856 --a------ C:\WINDOWS\system32\lfpng13s.dll
    2008-03-20 08:32 . 2002-09-24 11:12 79,360 --a------ C:\WINDOWS\system32\lfeps13s.dll
    2008-03-20 08:32 . 2002-09-24 11:12 74,752 --a------ C:\WINDOWS\system32\lfgif13s.dll
    2008-03-20 08:30 . 2003-03-16 00:15 90,112 --a------ C:\WINDOWS\unvise32.exe
    2008-03-20 08:23 . 2008-03-20 08:23 <REP> d-------- C:\Program Files\SmartSound Software
    2008-03-20 08:23 . 2008-03-20 08:23 <REP> d-------- C:\Documents and Settings\All Users\Application Data\SmartSound Software Inc
    2008-03-20 08:22 . 2003-11-25 06:02 196,096 --a------ C:\WINDOWS\system32\macd32.dll
    2008-03-20 08:22 . 2005-06-02 19:28 171,008 --a------ C:\WINDOWS\system32\drivers\MarvinBus.sys
    2008-03-20 08:22 . 2003-11-25 06:02 138,752 --a------ C:\WINDOWS\system32\mase32.dll
    2008-03-20 08:22 . 2003-11-25 06:02 136,192 --a------ C:\WINDOWS\system32\mamc32.dll
    2008-03-20 08:22 . 2004-07-02 17:28 84,992 --a------ C:\WINDOWS\system32\ATL70.DLL
    2008-03-20 08:22 . 2003-11-25 06:02 57,856 --a------ C:\WINDOWS\system32\masd32.dll
    2008-03-20 08:22 . 2004-02-24 13:04 41,219 --a------ C:\WINDOWS\RSETPATH.exe
    2008-03-20 08:22 . 2003-11-25 06:02 27,648 --a------ C:\WINDOWS\system32\ma32.dll
    2008-03-20 08:22 . 2008-03-20 14:42 1,289 --a------ C:\WINDOWS\VFO.INI
    2008-03-20 08:20 . 2008-03-20 11:13 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Pinnacle Studio
    2008-03-20 08:20 . 2004-01-23 17:44 49,152 --a------ C:\WINDOWS\system32\PCLEGetGuid.dll
    2008-03-20 08:15 . 2008-03-20 10:49 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Pinnacle
    2008-03-20 08:14 . 2008-03-20 08:31 <REP> d-------- C:\Program Files\Pinnacle
    2008-03-20 08:14 . 2005-02-09 12:59 14,165 --a------ C:\WINDOWS\system32\drivers\Pclepci.sys
    2008-03-19 21:06 . 2008-03-19 21:06 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Malwarebytes
    2008-03-19 21:05 . 2008-02-06 13:26 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage réseau
    2008-03-19 21:05 . 2008-02-06 13:26 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage d'impression
    2008-03-19 21:05 . 2008-02-06 13:04 <REP> d--h----- C:\Documents and Settings\Administrateur\Modèles
    2008-03-19 21:05 . 2008-02-06 13:26 <REP> d-------- C:\Documents and Settings\Administrateur\Mes documents
    2008-03-19 21:05 . 2008-02-06 13:26 <REP> dr------- C:\Documents and Settings\Administrateur\Menu Démarrer
    2008-03-19 21:05 . 2008-02-06 13:26 <REP> d-------- C:\Documents and Settings\Administrateur\Favoris
    2008-03-19 21:05 . 2008-02-06 13:26 <REP> d-------- C:\Documents and Settings\Administrateur\Bureau
    2008-03-19 20:52 . 2008-03-19 20:52 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
    2008-03-19 20:52 . 2008-03-19 20:52 <REP> d-------- C:\Documents and Settings\SILVA\Application Data\Malwarebytes
    2008-03-19 20:52 . 2008-03-19 20:52 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2008-03-19 18:01 . 2008-03-19 18:01 <REP> d-------- C:\Program Files\Trend Micro
    2008-03-18 18:08 . 2008-03-18 18:08 <REP> d-------- C:\Program Files\Fichiers communs\Adobe Systems Shared
    2008-03-18 12:45 . 2008-03-18 12:45 <REP> d-------- C:\Program Files\Fichiers communs\Macrovision Shared
    2008-03-18 11:21 . 2008-03-18 11:21 <REP> d-------- C:\Program Files\Microsoft SQL Server Compact Edition
    2008-03-17 19:07 . 2008-03-17 19:07 <REP> d-------- C:\Program Files\Fichiers communs\SourceTec
    2008-03-17 18:58 . 2008-03-17 18:58 <REP> d-------- C:\Program Files\SourceTec
    2008-03-17 11:31 . 2008-03-17 11:31 <REP> d-------- C:\Program Files\Clic
    2008-03-17 02:57 . 2008-03-17 02:57 <REP> d-------- C:\Documents and Settings\SILVA\dwhelper
    2008-03-15 05:22 . 2008-03-15 05:22 <REP> d-------- C:\WINDOWS\Sun
    2008-03-14 04:45 . 2008-03-14 04:45 <REP> d-------- C:\Documents and Settings\SILVA\Application Data\Comodo
    2008-03-14 04:45 . 2008-03-14 04:45 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Comodo
    2008-03-14 04:43 . 2008-03-10 18:16 216 --a------ C:\boot.ini.comodofirewall
    2008-03-14 04:42 . 2008-03-14 04:42 <REP> d-------- C:\Program Files\Comodo
    2008-03-12 03:56 . 2008-03-12 03:56 <REP> d-------- C:\Program Files\PowerpointImageExtractor_V1_2
    2008-03-11 15:08 . 2008-03-13 10:42 1,025,694 --a------ C:\WINDOWS\setupapi.log.5.old
    2008-03-11 15:08 . 2008-03-12 13:37 1,025,694 --a------ C:\WINDOWS\setupapi.log.4.old
    2008-03-11 15:08 . 2008-03-14 10:33 1,025,343 --a------ C:\WINDOWS\setupapi.log.10.old
    2008-03-11 15:08 . 2008-03-14 10:12 1,024,844 --a------ C:\WINDOWS\setupapi.log.9.old
    2008-03-11 15:08 . 2008-03-15 05:11 1,024,834 --a------ C:\WINDOWS\setupapi.log.11.old
    2008-03-11 15:08 . 2008-03-14 09:04 1,024,485 --a------ C:\WINDOWS\setupapi.log.6.old
    2008-03-11 15:08 . 2008-03-14 09:50 1,024,430 --a------ C:\WINDOWS\setupapi.log.8.old
    2008-03-11 15:08 . 2008-03-14 09:29 1,024,430 --a------ C:\WINDOWS\setupapi.log.7.old
    2008-03-11 03:28 . 2008-03-18 13:02 <REP> d-------- C:\Documents and Settings\All Users\Application Data\SecTaskMan
    2008-03-11 03:27 . 2008-03-18 18:03 <REP> d-------- C:\Program Files\Security Task Manager
    2008-03-10 12:22 . 2008-03-10 17:44 <REP> d-------- C:\Program Files\Visicom Media
    2008-03-10 12:22 . 2008-03-10 17:44 <REP> d-------- C:\Documents and Settings\SILVA\Application Data\EoRezo
    2008-03-08 11:44 . 2008-03-08 11:44 <REP> d-------- C:\Program Files\Real
    2008-03-08 11:44 . 2008-03-08 11:44 <REP> d-------- C:\Program Files\Fichiers communs\xing shared
    2008-03-08 11:44 . 2008-03-08 11:44 <REP> d-------- C:\Program Files\Fichiers communs\Real
    2008-03-08 10:14 . 2008-03-08 10:14 65 --a------ C:\WINDOWS\FISHUI.INI
    2008-03-08 00:39 . 2008-03-08 08:38 <REP> d-------- C:\Documents and Settings\SILVA\Application Data\Teleca
    2008-03-08 00:39 . 2008-03-08 00:39 <REP> d-------- C:\Documents and Settings\SILVA\Application Data\Sony Ericsson
    2008-03-08 00:38 . 2008-03-11 08:30 1,024,425 --a------ C:\WINDOWS\setupapi.log.2.old
    2008-03-08 00:38 . 2008-03-11 08:51 1,024,305 --a------ C:\WINDOWS\setupapi.log.3.old
    2008-03-08 00:38 . 2008-03-10 15:36 1,024,049 --a------ C:\WINDOWS\setupapi.log.1.old
    2008-03-08 00:36 . 2008-03-08 00:36 <REP> d-------- C:\Program Files\Sony Ericsson
    2008-03-08 00:36 . 2008-03-08 00:37 <REP> d-------- C:\Program Files\Fichiers communs\Teleca Shared
    2008-03-08 00:36 . 2008-03-08 00:37 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Teleca
    2008-03-08 00:36 . 2008-03-08 00:37 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Sony Ericsson
    2008-03-08 00:35 . 2008-03-20 08:21 <REP> d-------- C:\WINDOWS\Downloaded Installations
    2008-03-08 00:34 . 2008-03-08 00:34 <REP> d-------- C:\Program Files\Disc2Phone
    2008-03-05 04:34 . 2008-03-19 16:00 <REP> d-------- C:\Program Files\SpywareBlaster
    2008-03-05 04:34 . 2008-03-19 16:00 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
    2008-03-05 04:34 . 2005-08-25 18:19 115,920 --a------ C:\WINDOWS\system32\MSINET.OCX
    2008-02-29 11:50 . 2008-02-29 11:50 <REP> d-------- C:\Program Files\sisagp
    2008-02-29 11:49 . 2008-02-29 11:49 <REP> d-------- C:\Documents and Settings\SILVA\Application Data\ATI

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-03-21 10:40 0 ----a-w C:\WINDOWS\system32\drivers\lvuvc.hs
    2008-03-21 10:40 0 ----a-w C:\WINDOWS\system32\drivers\logiflt.iad
    2008-03-20 15:28 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
    2008-03-20 15:21 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-03-19 08:25 --------- d-----w C:\Documents and Settings\SILVA\Application Data\BitTorrent
    2008-03-19 08:25 --------- d-----w C:\Documents and Settings\SILVA\Application Data\Azureus
    2008-03-19 08:17 --------- d--h--r C:\Program Files\rnamfler
    2008-03-18 11:56 --------- d-----w C:\Program Files\Fichiers communs\Adobe
    2008-03-18 11:13 --------- d-----w C:\Program Files\eMule
    2008-03-18 10:22 --------- d-----w C:\Program Files\Windows Live
    2008-03-18 10:16 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
    2008-03-15 04:26 --------- d-----w C:\Program Files\Java
    2008-03-12 08:02 --------- d-----w C:\Documents and Settings\SILVA\Application Data\Roxio
    2008-03-10 14:42 --------- d-----w C:\Program Files\Azureus
    2008-02-29 10:44 --------- d-----w C:\Program Files\ATI Technologies
    2008-02-28 08:47 --------- d-----w C:\Documents and Settings\All Users\Application Data\PC Suite
    2008-02-17 07:05 65,024 ----a-w C:\WINDOWS\IFinst26.exe
    2008-02-17 07:05 --------- d-----w C:\Program Files\XviD
    2008-02-17 07:05 --------- d-----w C:\Program Files\Lame MP3 Codec
    2008-02-17 07:04 --------- d-----w C:\Program Files\Samsung
    2008-02-17 07:04 --------- d-----w C:\Documents and Settings\SILVA\Application Data\DataCast
    2008-02-17 06:57 --------- d-----w C:\Program Files\VirginMega
    2008-02-17 06:57 --------- d-----w C:\Documents and Settings\All Users\Application Data\Downloaded Installations
    2008-02-17 06:55 --------- d-----w C:\Program Files\Windows Media Connect 2
    2008-02-14 13:51 --------- d-----w C:\Program Files\Google
    2008-02-14 13:49 --------- d-----w C:\Program Files\Photodex
    2008-02-14 13:22 --------- d-----w C:\Program Files\BitTorrent
    2008-02-14 13:15 --------- d-----w C:\Documents and Settings\SILVA\Application Data\Photodex
    2008-02-14 13:11 --------- d-----w C:\Program Files\Fichiers communs\Java
    2008-02-14 08:30 --------- d-----w C:\Documents and Settings\SILVA\Application Data\uTorrent
    2008-02-14 08:28 --------- d-----w C:\Program Files\Get-Torrent
    2008-02-14 08:06 --------- d-----w C:\Program Files\uTorrent
    2008-02-13 11:15 --------- d-----w C:\Documents and Settings\All Users\Application Data\Azureus
    2008-02-13 10:15 --------- d-----w C:\Documents and Settings\All Users\Application Data\Lavasoft
    2008-02-13 10:14 --------- d-----w C:\Program Files\Lavasoft
    2008-02-13 10:14 --------- d-----w C:\Program Files\Fichiers communs\Wise Installation Wizard
    2008-02-12 18:25 --------- d-----w C:\Program Files\CCleaner
    2008-02-11 17:27 --------- d-----w C:\Documents and Settings\SILVA\Application Data\Samsung
    2008-02-11 17:08 --------- d-----w C:\Documents and Settings\SILVA\Application Data\PC Suite
    2008-02-11 12:29 --------- d-----w C:\Documents and Settings\SILVA\Application Data\Nokia Multimedia Player
    2008-02-11 12:29 --------- d-----w C:\Documents and Settings\SILVA\Application Data\Nokia
    2008-02-11 12:26 --------- d-----w C:\Program Files\PC Connectivity Solution
    2008-02-11 12:26 --------- d-----w C:\Program Files\Nokia
    2008-02-11 12:26 --------- d-----w C:\Program Files\Fichiers communs\PCSuite
    2008-02-11 12:26 --------- d-----w C:\Program Files\Fichiers communs\Nokia
    2008-02-11 12:26 --------- d-----w C:\Program Files\DIFX
    2008-02-11 12:24 --------- d-----w C:\Documents and Settings\All Users\Application Data\Installations
    2008-02-11 08:47 --------- d-----w C:\Program Files\Microsoft Works
    2008-02-11 08:46 --------- d-----w C:\Program Files\MSBuild
    2008-02-11 08:12 --------- d-----w C:\Documents and Settings\All Users\Application Data\Roxio
    2008-02-11 08:11 --------- d-----w C:\Program Files\Roxio
    2008-02-11 08:05 --------- d-----w C:\Program Files\Fichiers communs\Roxio Shared
    2008-02-11 07:48 --------- d-----w C:\Program Files\Kit ADSL
    2008-02-11 07:30 --------- d-----w C:\Program Files\Neuf
    2008-02-11 03:37 --------- d-----w C:\Program Files\Codecs
    2008-02-11 03:33 --------- d-----w C:\Documents and Settings\All Users\Application Data\Macrovision
    2008-02-10 20:44 --------- d-----w C:\Program Files\PhotoFiltre
    2008-02-10 19:48 --------- d---a-w C:\Program Files\RecordNow
    2008-02-10 19:44 --------- d-----w C:\Documents and Settings\SILVA\Application Data\Leadertech
    2008-02-10 19:27 --------- d-----w C:\Program Files\Office
    2008-02-09 20:39 --------- dcsh--w C:\Program Files\Fichiers communs\WindowsLiveInstaller
    2008-02-08 17:35 --------- d-----w C:\Documents and Settings\SILVA\Application Data\Media Player Classic
    2008-02-08 14:19 --------- d-----w C:\Program Files\Realtek AC97
    2008-02-08 14:15 9,472 ----a-w C:\WINDOWS\system32\drivers\sisperf.sys
    2008-02-08 14:15 49,024 ----a-w C:\WINDOWS\system32\drivers\sisidex.sys
    2008-02-08 14:15 4,096 ----a-w C:\WINDOWS\system32\drivers\siside.sys
    2008-02-08 14:15 139,264 ----a-w C:\WINDOWS\system32\IDEproperty.dll
    2008-02-08 08:56 --------- d-----w C:\Program Files\Microsoft CAPICOM 2.1.0.2
    2008-02-08 08:18 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
    2008-02-08 08:03 60,416 ----a-w C:\WINDOWS\ALCFDRTM.EXE
    2008-02-07 22:29 --------- d-----w C:\Program Files\Setup Files
    2008-02-07 22:26 --------- d-----w C:\Program Files\MSI
    2008-02-07 21:52 --------- d-----w C:\Program Files\Hewlett-Packard
    2008-02-07 21:44 --------- d-----w C:\Program Files\Realtek
    2008-02-07 21:43 --------- d-----w C:\Documents and Settings\SILVA\Application Data\InstallShield
    2008-02-07 21:37 --------- d-----w C:\Program Files\Satsuki Decoder Pack
    2008-02-07 18:12 --------- d-----w C:\Program Files\Lavalys
    2008-02-07 14:51 --------- d-----w C:\Documents and Settings\SILVA\Application Data\Ahead
    2008-02-07 12:59 --------- d-----w C:\Program Files\Fichiers communs\logishrd
    2008-02-07 12:40 --------- d-----w C:\Program Files\MSXML 4.0
    2008-02-07 12:29 118,784 ------r C:\WINDOWS\bwUnin-7.2.0.157-8876480SL.exe
    2008-02-07 12:29 --------- d-----w C:\Program Files\Logitech
    2008-02-07 12:27 --------- d-----w C:\Program Files\Fichiers communs\Logitech
    2008-02-07 12:26 --------- d-----w C:\Documents and Settings\All Users\Application Data\Logitech
    2008-02-07 10:55 --------- d-----w C:\Program Files\Avira
    2008-02-07 10:55 --------- d-----w C:\Documents and Settings\All Users\Application Data\Avira
    2008-02-07 10:25 --------- d-----w C:\Program Files\SMC
    2008-02-06 13:37 --------- d-----w C:\Program Files\CyberLink
    2008-02-06 13:37 --------- d-----w C:\Documents and Settings\All Users\Application Data\CyberLink
    2008-02-06 13:30 --------- d-----w C:\Program Files\Ahead
    2008-02-06 13:29 --------- d-----w C:\Documents and Settings\All Users\Application Data\Ahead
    2008-02-06 13:28 --------- d-----w C:\Program Files\Fichiers communs\Nero
    2008-02-06 13:12 --------- d-----w C:\Program Files\Fichiers communs\Ahead
    2008-02-06 12:08 --------- d-----w C:\Program Files\microsoft frontpage
    2008-02-06 12:07 --------- d-----w C:\Program Files\Services en ligne
    2008-02-01 07:40 40,960 ----a-w C:\WINDOWS\system32\MAMACExtract.dll
    2008-02-01 07:40 110,592 ----a-w C:\WINDOWS\system32\TG_DUMP0708.DLL
    2008-01-24 15:36 4,127,488 ----a-r C:\WINDOWS\system32\drivers\alcxwdm.sys
    .

    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 13:00 15360]
    "Meteo"="C:\Documents and Settings\SILVA\Bureau\logiciels.programmes\galarneau\Galarneau.exe" [2008-01-06 22:03 1090560]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "PinnacleDriverCheck"="C:\WINDOWS\system32\\PSDrvCheck.exe" [2004-03-11 01:26 406016]
    "wrna3ls"="C:\Program Files\rnamfler\naomf.exe" [2006-04-01 10:45 1253960]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 13:00 15360]
    "Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-03-27 15:58 1744896]

    C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
    SMCWUSB-G2 Wireless Utility.lnk - C:\Program Files\SMC\SMCWUSB-G2 Wireless Utility\ZDWlan.exe [2008-02-07 11:25:51 491520]

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Gamma Loader.lnk]
    path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Gamma Loader.lnk
    backup=C:\WINDOWS\pss\Adobe Gamma Loader.lnkCommon Startup

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logitech Desktop Messenger.lnk]
    path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech Desktop Messenger.lnk
    backup=C:\WINDOWS\pss\Logitech Desktop Messenger.lnkCommon Startup

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
    path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk
    backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup

    [HKLM\~\startupfolder\C:^Documents and Settings^SILVA^Menu Démarrer^Programmes^Démarrage^PowerReg Scheduler V3.exe]
    path=C:\Documents and Settings\SILVA\Menu Démarrer\Programmes\Démarrage\PowerReg Scheduler V3.exe
    backup=C:\WINDOWS\pss\PowerReg Scheduler V3.exeStartup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
    --a------ 2008-01-11 22:16 39792 C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICCC]
    --a------ 2006-01-02 16:41 45056 C:\Program Files\ATI Technologies\ATI.ACE\cli.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avgnt]
    --a------ 2008-02-07 11:56 249896 C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent DNA]
    C:\Program Files\DNA\btdna.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\COMODO Firewall Pro]
    --a------ 2008-03-14 04:48 1115728 C:\Program Files\Comodo\Firewall\CPF.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EoEngine]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EoWeather]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
    --a------ 2007-08-24 07:00 33648 C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM]
    --a------ 2008-02-07 13:29 36864 C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LiveMonitor]
    C:\Program Files\MSI\Live Update 3\LMonitor.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechCommunicationsManager]
    --a------ 2006-06-26 09:46 497200 C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]
    --a------ 2006-06-26 10:34 614960 C:\Program Files\Logitech\QuickCam10\QuickCam10.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LVCOMSX]
    --a------ 2006-06-26 10:33 243248 C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Meteo]
    C:\Documents and Settings\SILVA\Bureau\Galarneau\Galarneau.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
    --a------ 2004-10-13 17:24 1694208 C:\Program Files\Messenger\msmsgs.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
    --a------ 2001-07-09 10:50 155648 C:\WINDOWS\system32\NeroCheck.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OHE]
    C:\Program Files\Ohé\OHE.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]
    --a------ 2007-03-23 13:20 227328 C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    --a------ 2008-03-20 09:02 98304 C:\Program Files\QuickTime\qttask.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
    --a------ 2003-10-27 02:04 32768 C:\Program Files\Roxio\Roxio DVDMax Player\PDVDServ.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxioAudioCentral]
    --a------ 2003-07-15 12:38 319488 C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxioDragToDisc]
    --a------ 2004-11-03 16:54 868352 C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxioEngineUtility]
    --a------ 2003-05-01 18:44 65536 C:\Program Files\Fichiers communs\Roxio Shared\System\EngUtil.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMSTray]
    --a------ 2007-09-20 08:23 132624 C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
    -ra------ 2005-10-26 16:17 159744 C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
    --a------ 2007-04-16 15:28 577536 C:\WINDOWS\soundman.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
    --a------ 2008-02-22 04:25 144784 C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
    --a------ 2008-02-20 18:53 68856 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
    --a------ 2008-03-08 11:44 185896 C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\wrna3ls]
    --a------ 2006-04-01 10:45 1253960 C:\Program Files\rnamfler\naomf.exe

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
    "C:\\WINDOWS\\system32\\dpvsetup.exe"=
    "C:\\WINDOWS\\system32\\rundll32.exe"=
    "C:\\Program Files\\Messenger\\msmsgs.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
    "C:\\Program Files\\eMule\\emule.exe"=
    "C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
    "C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
    "C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
    "C:\\Program Files\\Azureus\\Azureus.exe"=
    "C:\\Program Files\\uTorrent\\uTorrent.exe"=
    "C:\\Program Files\\BitTorrent\\bittorrent.exe"=
    "C:\\WINDOWS\\system32\\muzapp.exe"=
    "C:\\Program Files\\Pinnacle\\Studio 10\\programs\\RM.exe"=
    "C:\\Program Files\\Pinnacle\\Studio 10\\programs\\Studio.exe"=
    "C:\\Program Files\\Pinnacle\\Studio 10\\programs\\PMSRegisterFile.exe"=
    "C:\\Program Files\\Pinnacle\\Studio 10\\programs\\umi.exe"=

    R3 ES1370;Creative AudioPCI (ES1370), SB PCI 64/128 (WDM);C:\WINDOWS\system32\drivers\ES1370MP.sys [2002-08-05 11:17]
    R3 ZD1211BU(SMC);802.11g Wireless USB2.0 Adapter Driver(SMC);C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys [2006-08-24 13:44]
    S3 athrusb;802.11g Wireless USB2.0 Adapter driver;C:\WINDOWS\system32\DRIVERS\athrusb.sys [2007-01-29 13:56]
    S3 Gudclmdkhos;Gudclmdkhos;C:\WINDOWS\system32\drivers\i8042prt.sys [2004-08-05 13:00]
    S3 MBAMCatchMe;MBAMCatchMe;C:\Program Files\Malwarebytes' Anti-Malware\catchme.sys [2008-03-09 17:29]
    S3 PCASp50;PCASp50 NDIS Protocol Driver;C:\WINDOWS\system32\Drivers\PCASp50.sys [2005-11-19 02:13]
    S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 23:08]

    .
    **************************************************************************

    catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-03-21 11:51:28
    Windows 5.1.2600 Service Pack 2 NTFS

    Balayage processus cachés ...

    Balayage caché autostart entries ...

    Balayage des fichiers cachés ...

    Scan terminé avec succès
    Les fichiers cachés: 0

    **************************************************************************
    .
    --------------------- DLLs a chargé sous des processus courants ---------------------

    PROCESS: C:\WINDOWS\system32\winlogon.exe
    -> C:\Program Files\rnamfler\radprlib.dll

    PROCESS: C:\WINDOWS\system32\lsass.exe
    -> C:\Program Files\rnamfler\radprlib.dll

    PROCESS: C:\WINDOWS\explorer.exe
    -> C:\Program Files\rnamfler\radprlib.dll
    -> C:\Program Files\rnamfler\radhslib.dll

    PROCESS: C:\WINDOWS\system32\csrss.exe
    -> C:\Program Files\rnamfler\radprlib.dll
    .
    Temps d'accomplissement: 2008-03-21 11:53:01
    .
    2008-03-20 15:28:51 --- E O F ---
    a b 8 Sécurité
    21 Mars 2008 17:55:40

    Reposte un rapport Hijackthis.
    21 Mars 2008 19:41:16

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 19:40:38, on 21/03/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16608)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\WINDOWS\system32\spoolsv.exe
    c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\rnamfler\naomf.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\Comodo\Firewall\cmdagent.exe
    C:\Program Files\Comodo\Firewall\CPF.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
    C:\Program Files\SMC\SMCWUSB-G2 Wireless Utility\ZDWlan.exe
    C:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\MsPMSPSv.exe
    c:\program files\rnamfler\radprcmp.exe
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Documents and Settings\SILVA\Bureau\logiciels.programmes\galarneau\Galarneau.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://softwarereferral.com/jump.php?wmid=6010&mid=MjI6...
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\\PSDrvCheck.exe
    O4 - HKLM\..\Run: [wrna3ls] C:\Program Files\rnamfler\naomf.exe
    O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\CPF.exe" /background
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Meteo] C:\Documents and Settings\SILVA\Bureau\logiciels.programmes\galarneau\Galarneau.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: SMCWUSB-G2 Wireless Utility.lnk = C:\Program Files\SMC\SMCWUSB-G2 Wireless Utility\ZDWlan.exe
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Co...
    O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.c...
    O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://fichiers.touslesdrivers.com/fichiers/hardwaredet...
    O16 - DPF: {DEAAB234-9D25-4D31-A3F7-162AD10CE98E} (FileUpload Control) - http://www.zaoza.fr/ActiveX/1.1.0.12/FileUpload.cab
    O18 - Protocol: bw+0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
    O18 - Protocol: offline-8876480 - {339E482C-4E49-4557-A8FB-B58EA5761EA8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
    O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe
    O23 - Service: RdnaoFlSvc - Unknown owner - C:\Program Files\rnamfler\naofsvc.exe (file missing)
    O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

    --
    End of file - 20311 bytes
    a b 8 Sécurité
    21 Mars 2008 21:11:43

    Re,

    [#ff0000]Désactive tes protections résidentes (antivirus...) ![/#f]
    Copie (Ctrl+C) le texte se situant dans le cadre ci-dessous :


    Folder::
    C:\Program Files\rnamfler

    Registry::
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "wrna3ls"=-


    Ouvre le Bloc-Notes puis colle (Ctrl+V) le texte précedemment copié.
    Sauvegarde ce fichier sous le nom de CFScript.txt.

    Glisse maintenant le fichier CFScript.txt dans Combofix.exe comme ci-dessous :


    Cela va relancer Combofix, tape sur 1 puis valide. Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un rapport Hijackthis.
    [#ff0000]NOTE : S'il n'y a pas de rédémarrage, poste quand même les rapports demandés.[/#f]
    22 Mars 2008 10:19:22

    Je suis confus, car je ne trouve pas !!!
    par contre mon pare feu m'avertis assez souvent de "rnamfler"
    Je fais recherche et je n'ai rien trouvé non plus.
    affaire à suivre

    Bonne journée
    a b 8 Sécurité
    22 Mars 2008 12:02:08

    Tu ne trouves pas ?
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS