foeb

Trojan détecté par windows

j'ai un trojan détéecté par window alert. C'est arrive pendant la minute ou je suis allé voir le but de l'ol ce soir

à mon retour, je ne rigolais plus...
Je suis d'ordinaire bien protégé par Kaspersky Internet secrutiy 6 (ç fait plus de 2 ans que je n'ai pas de virus ou autre merdes)

La j'ai envoyé un scan de KIS et de Spybot, tout à été enlevé et pourtant le message persite à me dire si je veux désinstaller ce trojan (msg en anglais) :
Spyware Alert
Security Warning ! Worm.win32.NetSky detected on your machine etc etc

voici le rapport HiJackThis :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:59:15, on 12/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\Wcescomm.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\PROGRA~1\MICROS~3\rapimgr.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Fichiers communs\Logitech\khalshared\KHALMNPR.EXE
C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = softwarereferral.com...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com...
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com...
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: OFK System - {2F0D1D4D-3B73-4426-8155-4494A3543703} - C:\WINDOWS\blopenvdol.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: The retnsrp - {39623167-B4A7-42CA-A799-D03C5A103B36} - C:\WINDOWS\retnsrp.dll
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe"
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\PROGRA~1\FICHIE~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] "C:\Program Files\Fichiers communs\Logitech\khalshared\KHALMNPR.EXE"
O4 - HKLM\..\Run: [EasyPHP] "D:\STUDIO\PROJETS\IZIShopping\EasyPHP1-8\EasyPHP.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\Wcescomm.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O8 - Extra context menu item: Ajouter au fichier PDF existant - C:Program... Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Ajouter à Kaspersky Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\ie_banner_deny.htm
O8 - Extra context menu item: Convertir en Adobe PDF - C:Program... Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - C:Program... Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - C:Program... Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - C:Program... Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - C:Program... Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - C:Program... Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - C:Program... Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Download &Flash Movies - C:\Program Files\Flash2X\Flash Hunter\save.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - C:PROGRA~1MICROS~2Office10EXCEL.EXE...
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Flash2X Flash Hunter - {77B563A5-2A35-4E6B-BFC8-F4B6BB65D5DF} - C:\Program Files\Flash2X\Flash Hunter\save.htm (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: &Launch Flash Hunter - {77B563A5-2A35-4E6B-BFC8-F4B6BB65D5DF} - C:\Program Files\Flash2X\Flash Hunter\save.htm (file missing) (HKCU)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - www.update.microsoft.com...
O17 - HKLM\System\CCS\Services\Tcpip\..\{C2C3A93A-E50A-4208-AB3C-B7322C63960F}: NameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{C704C47F-36A6-4C02-B7C0-5BE4F859FB12}: NameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{E378D602-6D6B-4335-86C4-1B1B28817ADF}: NameServer = 192.168.1.1
O18 - Protocol: bw+0 - {036DEA31-89B3-404F-BEFE-66AAD0BF0D5B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {036DEA31-89B3-404F-BEFE-66AAD0BF0D5B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {036DEA31-89B3-404F-BEFE-66AAD0BF0D5B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {036DEA31-89B3-404F-BEFE-66AAD0BF0D5B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {036DEA31-89B3-404F-BEFE-66AAD0BF0D5B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {036DEA31-89B3-404F-BEFE-66AAD0BF0D5B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {036DEA31-89B3-404F-BEFE-66AAD0BF0D5B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {036DEA31-89B3-404F-BEFE-66AAD0BF0D5B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {036DEA31-89B3-404F-BEFE-66AAD0BF0D5B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {036DEA31-89B3-404F-BEFE-66AAD0BF0D5B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {036DEA31-89B3-404F-BEFE-66AAD0BF0D5B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {036DEA31-89B3-404F-BEFE-66AAD0BF0D5B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {036DEA31-89B3-404F-BEFE-66AAD0BF0D5B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {036DEA31-89B3-404F-BEFE-66AAD0BF0D5B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {036DEA31-89B3-404F-BEFE-66AAD0BF0D5B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {036DEA31-89B3-404F-BEFE-66AAD0BF0D5B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {036DEA31-89B3-404F-BEFE-66AAD0BF0D5B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {036DEA31-89B3-404F-BEFE-66AAD0BF0D5B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {036DEA31-89B3-404F-BEFE-66AAD0BF0D5B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {036DEA31-89B3-404F-BEFE-66AAD0BF0D5B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {036DEA31-89B3-404F-BEFE-66AAD0BF0D5B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {036DEA31-89B3-404F-BEFE-66AAD0BF0D5B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {036DEA31-89B3-404F-BEFE-66AAD0BF0D5B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {036DEA31-89B3-404F-BEFE-66AAD0BF0D5B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {036DEA31-89B3-404F-BEFE-66AAD0BF0D5B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {036DEA31-89B3-404F-BEFE-66AAD0BF0D5B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {036DEA31-89B3-404F-BEFE-66AAD0BF0D5B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {036DEA31-89B3-404F-BEFE-66AAD0BF0D5B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {036DEA31-89B3-404F-BEFE-66AAD0BF0D5B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {036DEA31-89B3-404F-BEFE-66AAD0BF0D5B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {036DEA31-89B3-404F-BEFE-66AAD0BF0D5B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {036DEA31-89B3-404F-BEFE-66AAD0BF0D5B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {036DEA31-89B3-404F-BEFE-66AAD0BF0D5B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {036DEA31-89B3-404F-BEFE-66AAD0BF0D5B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {036DEA31-89B3-404F-BEFE-66AAD0BF0D5B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {036DEA31-89B3-404F-BEFE-66AAD0BF0D5B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {036DEA31-89B3-404F-BEFE-66AAD0BF0D5B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {036DEA31-89B3-404F-BEFE-66AAD0BF0D5B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {036DEA31-89B3-404F-BEFE-66AAD0BF0D5B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {036DEA31-89B3-404F-BEFE-66AAD0BF0D5B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {036DEA31-89B3-404F-BEFE-66AAD0BF0D5B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {036DEA31-89B3-404F-BEFE-66AAD0BF0D5B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {036DEA31-89B3-404F-BEFE-66AAD0BF0D5B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {036DEA31-89B3-404F-BEFE-66AAD0BF0D5B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {036DEA31-89B3-404F-BEFE-66AAD0BF0D5B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {036DEA31-89B3-404F-BEFE-66AAD0BF0D5B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {036DEA31-89B3-404F-BEFE-66AAD0BF0D5B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {036DEA31-89B3-404F-BEFE-66AAD0BF0D5B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {036DEA31-89B3-404F-BEFE-66AAD0BF0D5B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {036DEA31-89B3-404F-BEFE-66AAD0BF0D5B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {036DEA31-89B3-404F-BEFE-66AAD0BF0D5B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {036DEA31-89B3-404F-BEFE-66AAD0BF0D5B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {036DEA31-89B3-404F-BEFE-66AAD0BF0D5B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {036DEA31-89B3-404F-BEFE-66AAD0BF0D5B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {036DEA31-89B3-404F-BEFE-66AAD0BF0D5B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {036DEA31-89B3-404F-BEFE-66AAD0BF0D5B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {036DEA31-89B3-404F-BEFE-66AAD0BF0D5B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {036DEA31-89B3-404F-BEFE-66AAD0BF0D5B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {036DEA31-89B3-404F-BEFE-66AAD0BF0D5B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {036DEA31-89B3-404F-BEFE-66AAD0BF0D5B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {036DEA31-89B3-404F-BEFE-66AAD0BF0D5B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {036DEA31-89B3-404F-BEFE-66AAD0BF0D5B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {036DEA31-89B3-404F-BEFE-66AAD0BF0D5B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {036DEA31-89B3-404F-BEFE-66AAD0BF0D5B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {036DEA31-89B3-404F-BEFE-66AAD0BF0D5B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {036DEA31-89B3-404F-BEFE-66AAD0BF0D5B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {036DEA31-89B3-404F-BEFE-66AAD0BF0D5B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {036DEA31-89B3-404F-BEFE-66AAD0BF0D5B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {036DEA31-89B3-404F-BEFE-66AAD0BF0D5B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {036DEA31-89B3-404F-BEFE-66AAD0BF0D5B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {036DEA31-89B3-404F-BEFE-66AAD0BF0D5B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {036DEA31-89B3-404F-BEFE-66AAD0BF0D5B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {036DEA31-89B3-404F-BEFE-66AAD0BF0D5B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {036DEA31-89B3-404F-BEFE-66AAD0BF0D5B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {036DEA31-89B3-404F-BEFE-66AAD0BF0D5B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {036DEA31-89B3-404F-BEFE-66AAD0BF0D5B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {036DEA31-89B3-404F-BEFE-66AAD0BF0D5B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll
O21 - SSODL: leorop - {ACC99EB2-C635-43F8-B49D-62B8F9F6A696} - C:\WINDOWS\leorop.dll
O21 - SSODL: nopzet - {151ACCF4-6643-499C-80D9-15B9C3C6ECE6} - C:\WINDOWS\nopzet.dll
O23 - Service: Adobe Version Cue CS3 {fr_FR} (Adobe Version Cue CS3) - Adobe Systems Incorporated - C:\Program Files\Fichiers communs\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Kaspersky Internet Security 6.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

--
End of file - 22804 bytes

ça vient d'ou ? et je le vire comment ?
merci pour l'aide !!

Trojan

darksky1985

le 13 Déc. 07 à 00h57

Salut,

Coches et fix ces lignes, dans hijackthis:

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = softwarereferral.com...
O2 - BHO: OFK System - {2F0D1D4D-3B73-4426-8155-4494A3543703} - C:\WINDOWS\blopenvdol.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: The retnsrp - {39623167-B4A7-42CA-A799-D03C5A103B36} - C:\WINDOWS\retnsrp.dll
O9 - Extra button: Flash2X Flash Hunter - {77B563A5-2A35-4E6B-BFC8-F4B6BB65D5DF} - C:\Program Files\Flash2X\Flash Hunter\save.htm (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: &Launch Flash Hunter - {77B563A5-2A35-4E6B-BFC8-F4B6BB65D5DF} - C:\Program Files\Flash2X\Flash Hunter\save.htm (file missing) (HKCU)
O21 - SSODL: leorop - {ACC99EB2-C635-43F8-B49D-62B8F9F6A696} - C:\WINDOWS\leorop.dll
O21 - SSODL: nopzet - {151ACCF4-6643-499C-80D9-15B9C3C6ECE6} - C:\WINDOWS\nopzet.dll

Ensuite, effectues un scan avec kaspersky en mode sans échec (F8 au démarrage du pc)
Passes également un coup de Ccleaner (nettoyer de fichiers inutiles et de registre, fais les 2)

Modérateur Logiciel Général / Multimédia

foeb

le 13 Déc. 07 à 01h48

ook ok entre temps j'ai essayé Spyware Doctor, ça à l'air d'avoir calmé le jeu !
on verra demain, mais le virus semble éliminé après 2 ou 3 analyses KIS et spybots en plus...
étonnant que kasp seul n'ai pas résolu le problème, mais bon.

bn

foeb

foeb

le 13 Déc. 07 à 10h47

bon, la nuit n'a pas porté conseil, le vers est toujours là...
de plus, à chaque reboot, il s'installe automatiquement 3 raccourcis vers :

Error Cleaner
Privacy Protector
Spyware& malware Protection

j'ai bien fixé dans HiJackThis, mais rien n'y a fait...

HELP!
Edité le 13/12/2007 à 11:07

vyger

le 13 Déc. 07 à 10h56

essaie Spybot - Search & Destroy ( ne pas oublier les MAJ et la Vaccination)

a+

darksky1985

le 13 Déc. 07 à 11h54

As-tu essayé le scan en mode sans échec?

Sinon, essayes le logiciel navilog1 (recherche sur google).

Pour les explication sur son fonctionnement, va voir ici (navilog1 en bas de page)

Surtout, ne fait pas la désinfection tout de suite, fais l'analyse, et post-nous ce qu'elle donne, pour que l'on puisse voir si il y a lieu de désinfecter ou pas.
Edité le 13/12/2007 à 11:54

Modérateur Logiciel Général / Multimédia