surdose de virus

Question

Bonjour,
j'ai attraper un virus vraiment agrressif et il bouffe totalement mon ordinateur et il me bloque l'accès au panneau de configuration et au registre.

voici mon rapport hijackthis et kaspersky en espérant que sa va aider 
p.s : Malware Defender, Protect Your Privacy et System Error Fixer sont des programme qui ce sont ajouter et meme en les supprimant revienne en boucle ( et je peut plus aller sur mon c:)

RAPPORT KASPERSKY:
File name / Threat name / Threats count
winlogon.exe\hgGyawuV.dll/winlogon.exe\hgGyawuV.dll	Infected: Trojan.Win32.Monderb.gjo	1
C:\Documents and Settings\Administrateur\sccs.exe/C:\Documents and Settings\Administrateur\sccs.exe	Infected: Trojan-Downloader.Win32.Small.addd	1
C:\Documents and Settings\Administrateur\css.exe/C:\Documents and Settings\Administrateur\css.exe	Infected: Trojan-Clicker.Win32.Delf.ayu	1
C:\Program Files\PCHealthCenter\1.exe/C:\Program Files\PCHealthCenter\1.exe	Infected: Backdoor.Win32.Frauder.kx	1
C:\Program Files\PCHealthCenter\2.exe/C:\Program Files\PCHealthCenter\2.exe	Infected: Backdoor.Win32.Frauder.kx	1
C:\Program Files\PCHealthCenter\3.exe/C:\Program Files\PCHealthCenter\3.exe	Infected: Backdoor.Win32.Frauder.kx	1
C:\Program Files\PCHealthCenter\4.exe/C:\Program Files\PCHealthCenter\4.exe	Infected: Backdoor.Win32.Frauder.kx	1
C:\Program Files\MicroAV\MicroAV.exe//PE_Patch/C:\Program Files\MicroAV\MicroAV.exe//PE_Patch	Infected: not-a-virus:FraudTool.Win32.AntiVirus2008.em	1
C:\Program Files\PCHealthCenter\7.exe/C:\Program Files\PCHealthCenter\7.exe	Infected: Backdoor.Win32.Frauder.kx	1
C:\Documents and Settings\Administrateur\css.exe	Infected: Trojan-Clicker.Win32.Delf.ayu	1
C:\Documents and Settings\Administrateur\Local Settings\Temp\pwrmgr.exe	Infected: Backdoor.Win32.Frauder.kx	6
C:\Documents and Settings\Administrateur\Local Settings\Temp\pwrmgr.exe	Infected: not-a-virus:FraudTool.Win32.MSAntivirus.av	1
C:\Documents and Settings\Administrateur\Local Settings\Temp\pwrmgr.exe	Infected: not-a-virus:FraudTool.Win32.AntiVirus2008.em	1
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\QNV4XZ8L\Uninstaller[1].exe	Infected: Backdoor.Win32.Frauder.kx	6
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\QNV4XZ8L\Uninstaller[1].exe	Infected: not-a-virus:FraudTool.Win32.MSAntivirus.av	1
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\QNV4XZ8L\Uninstaller[1].exe	Infected: not-a-virus:FraudTool.Win32.AntiVirus2008.em	1
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\XT7RY0EF\cstuff[1].ico	Infected: Trojan-Clicker.Win32.Delf.ayu	1
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\XT7RY0EF\scom[1].ico	Infected: Trojan-Downloader.Win32.Small.addd	1
C:\Documents and Settings\Administrateur\Mes documents\Downloads\converter\Cavalera Conspiracy - Inflikted (2008).wma	Infected: Trojan-Downloader.WMA.GetCodec.a	1
C:\Documents and Settings\Administrateur\Mes documents\Downloads\Fraps 2.9.4 Retail + Keygen\Fraps setup.exe	Infected: Trojan-Downloader.Win32.Agent.agnb	1
C:\Documents and Settings\Administrateur\Mes documents\LimeWire\Incomplete\T-460090-we will rock you pink chick teaches another girl how to fist her (very hot).mpg	Infected: Trojan-Downloader.WMA.GetCodec.e	1
C:\Documents and Settings\Administrateur\Mes documents\LimeWire\Incomplete\T-5745425-riders on sotrm door.mp3	Infected: Trojan-Downloader.WMA.Wimad.n	1
C:\Documents and Settings\Administrateur\Mes documents\Mes fichiers reçus\Nouveau dossier	hemehostpital	hemehostpital.iso	Infected: Trojan.Win32.Monderc.gen	1
C:\Documents and Settings\Administrateur\sccs.exe	Infected: Trojan-Downloader.Win32.Small.addd	1
C:\Program Files\MicroAV\MicroAV.cpl	Infected: not-a-virus:FraudTool.Win32.MSAntivirus.av	1
C:\Program Files\MicroAV\MicroAV.exe	Infected: not-a-virus:FraudTool.Win32.AntiVirus2008.em	1
C:\Program Files\PCHealthCenter\0.exe	Infected: Backdoor.Win32.Frauder.kx	1
C:\Program Files\PCHealthCenter\1.exe	Infected: Backdoor.Win32.Frauder.kx	1
C:\Program Files\PCHealthCenter\2.exe	Infected: Backdoor.Win32.Frauder.kx	1
C:\Program Files\PCHealthCenter\3.exe	Infected: Backdoor.Win32.Frauder.kx	1
C:\Program Files\PCHealthCenter\4.exe	Infected: Backdoor.Win32.Frauder.kx	1
C:\Program Files\PCHealthCenter\5.exe	Infected: not-a-virus:FraudTool.Win32.MSAntivirus.av	1
C:\Program Files\PCHealthCenter\5.exe	Infected: not-a-virus:FraudTool.Win32.AntiVirus2008.em	1
C:\Program Files\PCHealthCenter\7.exe	Infected: Backdoor.Win32.Frauder.kx	1
C:\WINDOWS\system32\28463\AQFX.006	Infected: not-a-virus:Monitor.Win32.Ardamax.jk	1
C:\WINDOWS\system32\28463\AQFX.007	Infected: not-a-virus:Monitor.Win32.Ardamax.o	1
C:\WINDOWS\system32\MicroAV.cpl	Infected: not-a-virus:FraudTool.Win32.MSAntivirus.av	1
C:\WINDOWS\system32\Sys\TND.006	Infected: not-a-virus:Monitor.Win32.Ardamax.24	1
C:\WINDOWS\system32\Sys\TND.007	Infected: not-a-virus:Monitor.Win32.Ardamax.24	1
C:\WINDOWS\system32\Sys\TND.exe	Infected: not-a-virus:Monitor.Win32.Ardamax.24	1
C:\WINDOWS\system32\YUR30A.exe	Infected: Backdoor.Win32.Frauder.kx	1
C:\WINDOWS\system32\YUR30B.exe	Infected: Backdoor.Win32.Frauder.kx	1
C:\WINDOWS\system32\YUR30C.exe	Infected: Backdoor.Win32.Frauder.kx	1
C:\WINDOWS\system32\YUR30D.exe	Infected: Backdoor.Win32.Frauder.kx	1
C:\WINDOWS\system32\YUR313.exe	Infected: Backdoor.Win32.Frauder.kx	1
C:\x	Infected: Backdoor.Win32.Frauder.kx	1





ET RAPPORT HIJACKTHIS: 

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Razer\Reclusaazerhid.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Documents and Settings\Administrateur\sccs.exe
C:\Documents and Settings\Administrateur\css.exe
C:\Windows\system32\YUR4A.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Creative\Shared Files\CTDevSrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32
vsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Razer\Reclusaazertra.exe
C:\WINDOWS\system32\imapi.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\NOTEPAD.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://softwarereferral.com/jump.php?wmid=6010&mid=MjI6Ojg5&lid=2
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Reclusa] C:\Program Files\Razer\Reclusaazerhid.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Sccs] C:\Documents and Settings\Administrateur\sccs.exe
O4 - HKLM\..\Run: [Css] C:\Documents and Settings\Administrateur\css.exe
O4 - HKLM\..\Run: [\YUR1F.exe] C:\Windows\system32\YUR1F.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe"
O4 - HKLM\..\Run: [\YUR4A.exe] C:\Windows\system32\YUR4A.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [\YUR1F.exe] C:\Windows\system32\YUR1F.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.3.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://ma-config.com/activex/hardwaredetection_3_0_3_1.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-01.sun.com/s/ESD44/JSCDL/jdk/6u7/jinstall-6u7-windows-i586-jc.cab?e=1221335082131&h=b6d0bc48c67cc4bc45ee4618ca4fb756/&filename=jinstall-6u7-windows-i586-jc.cab
O18 - Protocol: bw+0 - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O21 - SSODL: qmafxprs - {E93EA581-4811-45B6-B6DB-29369EF776B5} - C:\WINDOWS\qmafxprs.dll
O21 - SSODL: lfstbwvd - {E055AA7E-1D9E-4071-B2E1-07B9BD11FDB7} - C:\WINDOWS\lfstbwvd.dll
O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: CT Device Query service (CTDevice_Srv) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTDevSrv.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
vsvc32.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

archet9 · Answer

bjr
Fais un scan avec cet antispyware : 

Telecharge malwarebytes + tutoriel : 

-> https://www.malekal.com/tutoriel-malwarebyte-anti-malware/ 

Tu l´instale; le programme va se mettre automatiquement a jour. 

Une fois a jour, le programme va se lancer; click sur l´onglet parametre, et coche la case : "Arreter internet explorer pendant la suppression". 

Click maintenant sur l´onglet recherche et coche la case : "executer un examun complet". 

Puis click sur "rechercher". 

Laisse le scanner le pc... 

Si des elements on ete trouvés > click sur supprimer la selection. 

si il t´es demandé de redemarrer > click sur "yes". 

A la fin un rapport va s´ouvrir; sauvegarde le de maniere a le retrouver en vu de le poster sur le forum. 

Copie et colle le rapport stp.

Utilisateur anonyme · Answer

bonjour

A LIRE JUSQU'EN BAS


Télécharges ComboFix à partir d'un de ces liens :
En premier
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
http://www.geekstogo.com/forum/files/file/197-combofix-by-subs/

A lire
https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix

Et important, enregistre le sur le bureau.

Avant d'utiliser ComboFix :

? Déconnecte toi d'internet et referme les fenêtres de tous les programmes en cours.

? Désactive provisoirement et seulement le temps de l'utilisation de ComboFix, la protection en temps réel de ton Antivirus et de tes Antispywares, qui peuvent gêner fortement la procédure de recherche et de nettoyage de l'outil.


Une fois fait, sur ton bureau double-clic sur Combofix.exe.

- Répond oui au message d'avertissement, pour que le programme commence à procéder à l'analyse du pc.

/!\ Pendant la durée de cette étape, ne te sert pas du pc et n'ouvre aucun programmes.

- En fin de scan il est possible que ComboFix ait besoin de redémarrer le pc pour finaliser la désinfection\recherche, laisses-le faire.

- Un rapport s'ouvrira ensuite dans le bloc notes, ce fichier rapport Combofix.txt, est automatiquement sauvegardé et rangé à C:\Combofix.txt)

? Réactive la protection en temps réel de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet.

? Reviens sur le forum, et copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message.

killmoulie · Answer

message pour shion-ares:

mon rapport:

ComboFix 08-10-08.02 - Administrateur 2008-10-08 19:05:02.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.1.1036.18.2691 [GMT -4:00]
Lancé depuis: C:\Documents and Settings\Administrateur\Bureau\ComboFix.exe
* Un nouveau point de restauration a été créé

[COLOR=RED][B]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/B][/COLOR]
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Program Files\MicroAV
C:\Program Files\MicroAV\MicroAV.cpl
C:\Program Files\MicroAV\MicroAV.exe
C:\Program Files\MicroAV\MicroAV.ooo
C:\Program Files\MicroAV\MicroAV0.dat
C:\Program Files\MicroAV\MicroAV1.dat
C:\Program Files\PCHealthCenter
C:\Program Files\PCHealthCenter\[u]0[/u].exe
C:\Program Files\PCHealthCenter\[u]0[/u].gif
C:\Program Files\PCHealthCenter\1.exe
C:\Program Files\PCHealthCenter\1.gif
C:\Program Files\PCHealthCenter\1.ico
C:\Program Files\PCHealthCenter\2.exe
C:\Program Files\PCHealthCenter\2.gif
C:\Program Files\PCHealthCenter\2.ico
C:\Program Files\PCHealthCenter\3.exe
C:\Program Files\PCHealthCenter\3.gif
C:\Program Files\PCHealthCenter\4.exe
C:\Program Files\PCHealthCenter\5.exe
C:\Program Files\PCHealthCenter\7.exe
C:\Program Files\PCHealthCenter\sc.html
C:\WINDOWS\epab.exe
C:\WINDOWS\lfstbwvd.dll
C:\WINDOWS\olnmraew.dll
C:\WINDOWS\qmafxprs.dll
C:\WINDOWS\system32\1.ico
C:\WINDOWS\system32\2.ico
C:\WINDOWS\system32\28463
C:\WINDOWS\system32\28463\AKV.exe
C:\WINDOWS\system32\28463\AQFX.001
C:\WINDOWS\system32\28463\AQFX.002
C:\WINDOWS\system32\28463\AQFX.006
C:\WINDOWS\system32\28463\AQFX.007
C:\WINDOWS\system32\28463\AQFX.exe
C:\WINDOWS\system32\AutoRun.inf
C:\WINDOWS\system32\awtqNFWo.dll
C:\WINDOWS\system32\del.bat
C:\WINDOWS\system32\hgGyawuV.dll
C:\WINDOWS\system32\mlJdayax.dll
C:\WINDOWS\system32\xayadJlm.ini
C:\WINDOWS\system32\xayadJlm.ini2
C:\WINDOWS\vortsgbqnqm.dll
C:\x

.
((((((((((((((((((((((((((((( Fichiers créés du 2008-09-08 au 2008-10-08 ))))))))))))))))))))))))))))))))))))
.

2008-10-08 05:41 . 2008-10-07 08:14 74,752 --a------ C:\WINDOWS\system32\YUR4A.exe
2008-10-08 05:40 . 2008-10-08 19:04 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-10-08 05:25 . 2008-10-08 05:25 <REP> d-------- C:\Program Files\Trend Micro
2008-10-08 05:21 . 2008-10-07 08:14 24,064 --a------ C:\WINDOWS\system32\YURA.exe
2008-10-08 02:27 . 2008-10-07 08:14 167,424 --a------ C:\WINDOWS\system32\MicroAV.cpl
2008-10-08 02:27 . 2008-10-08 00:16 86,016 --a------ C:\WINDOWS\qkeftmxn.exe
2008-10-08 02:19 . 2008-10-08 02:19 <REP> d-------- C:\Program Files\Microsoft Works
2008-10-08 02:17 . 2008-10-08 02:17 <REP> d-------- C:\WINDOWS\SHELLNEW
2008-10-08 02:16 . 2008-10-08 02:16 <REP> dr-h----- C:\MSOCache
2008-10-08 02:16 . 2008-10-08 05:55 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-10-08 00:48 . 2008-10-08 00:48 <REP> d-------- C:\Program Files\EtiketaGoGo
2008-10-08 00:48 . 1998-07-13 00:00 119,568 --a------ C:\WINDOWS\system32\VB6FR.DLL
2008-10-06 23:18 . 2008-10-07 01:15 <REP> d-------- C:\Program Files\WowCartographe
2008-10-06 20:49 . 2008-10-06 20:49 <REP> d-------- C:\Program Files\Creative
2008-10-06 20:49 . 2008-10-08 02:27 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Creative
2008-10-06 20:49 . 2006-10-06 14:17 53,248 --------- C:\WINDOWS\Ctregrun.exe
2008-10-06 20:49 . 1999-12-13 09:01 44,032 --------- C:\WINDOWS\system32\CTSVCCDA.EXE
2008-10-06 20:49 . 1999-11-18 09:00 25,088 --------- C:\WINDOWS\system32\CTSVCCTL.EXE
2008-10-06 07:46 . 2008-10-06 07:46 <REP> d-------- C:\Logs
2008-10-06 02:07 . 2008-10-06 02:07 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Download Manager
2008-10-06 01:58 . 2008-10-06 01:58 <REP> d-------- C:\Program Files\Jasc Software Inc
2008-10-06 01:58 . 2008-10-06 01:59 <REP> d-------- C:\Program Files\Fichiers communs\Jasc Software Inc
2008-10-06 01:58 . 2008-10-06 01:58 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Jasc Software Inc
2008-10-06 01:41 . 2008-10-06 01:41 848 --ahs---- C:\WINDOWS\system32\KGyGaAvL.sys
2008-10-06 01:39 . 2008-10-06 01:39 <REP> d-------- C:\Program Files\Corel
2008-10-06 01:00 . 2008-10-06 01:03 <REP> d-------- C:\Program Files\Windows Live Safety Center
2008-10-05 22:25 . 2008-10-05 22:25 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Acreon
2008-10-05 22:16 . 2008-10-05 22:16 <REP> d-------- C:\Program Files\Teamspeak2_RC2
2008-10-05 22:16 . 2008-10-07 00:36 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\teamspeak2
2008-10-05 22:16 . 2008-10-05 22:16 34,064 --a------ C:\WINDOWS\system32\lhacm.acm
2008-10-05 21:11 . 2008-10-06 08:26 <REP> d-------- C:\Program Files\World of Warcraft
2008-10-05 21:11 . 2008-10-05 21:11 <REP> d-------- C:\Program Files\Fichiers communs\Blizzard Entertainment
2008-10-05 15:47 . 2008-10-05 15:47 479,232 ---hs---- C:\Documents and Settings\Administrateur\css.exe
2008-10-05 15:47 . 2008-10-05 15:47 103,936 ---hs---- C:\Documents and Settings\Administrateur\sccs.exe
2008-10-05 14:58 . 2008-10-05 14:58 <REP> d-------- C:\Fraps
2008-10-04 21:06 . 2008-10-04 21:06 <REP> d--h----- C:\WINDOWS\PIF
2008-10-02 21:14 . 2008-10-02 21:24 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\vlc
2008-10-02 21:13 . 2008-10-02 21:13 <REP> d-------- C:\Program Files\VideoLAN
2008-10-01 22:11 . 2008-10-01 22:11 <REP> d-------- C:\Goodok
2008-10-01 22:05 . 2008-10-01 22:08 <REP> d-------- C:\Program Files\GoodOk Mp3 Amr Ogg AAC M4V Converter
2008-10-01 22:05 . 2008-10-01 22:05 34 --ah----- C:\WINDOWS\system32\VideoConverter_sysquict.dat
2008-10-01 21:55 . 2008-10-01 22:05 <REP> d-------- C:\Program Files\M4A to MP3 Converter
2008-09-30 09:14 . 2008-04-13 19:33 221,184 --a------ C:\WINDOWS\system32\wmpns.dll
2008-09-28 19:09 . 2008-09-30 09:01 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\DivX
2008-09-28 19:00 . 2008-10-05 14:46 <REP> d-------- C:\Program Files\DivX
2008-09-28 15:28 . 2008-09-28 15:28 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Games
2008-09-28 15:27 . 2008-09-28 15:27 <REP> d-------- C:\Documents and Settings\All Users\Application Data\InstallShield
2008-09-28 15:26 . 2008-09-28 15:26 278,984 --a------ C:\WINDOWS\system32\drivers\atksgt.sys
2008-09-28 15:26 . 2008-09-28 15:26 25,416 --a------ C:\WINDOWS\system32\drivers\lirsgt.sys
2008-09-26 07:47 . 2008-09-26 07:47 <REP> d-------- C:\Documents and Settings\Administrateur\WINDOWS
2008-09-26 07:47 . 2008-09-26 07:47 283,648 --a------ C:\WINDOWS\uninst.exe
2008-09-22 17:03 . 2008-09-22 17:03 <REP> d-------- C:\swsetup
2008-09-20 00:02 . 2008-09-28 18:45 <REP> d-------- C:\Program Files\Nitto 1320 Legends
2008-09-15 20:12 . 2008-09-15 20:12 3,067 --a------ C:\WINDOWS\system32\dtu_fr.qm
2008-09-15 20:11 . 2008-09-15 20:11 161,096 --a------ C:\WINDOWS\system32\DivXCodecVersionChecker.exe
2008-09-13 15:47 . 2008-10-05 18:44 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\LimeWire
2008-09-13 15:45 . 2008-09-13 15:45 <REP> d-------- C:\WINDOWS\Sun
2008-09-13 15:45 . 2008-06-10 02:32 73,728 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-09-13 15:44 . 2008-09-13 15:45 <REP> d-------- C:\Program Files\Java
2008-09-13 15:43 . 2008-09-13 15:43 <REP> d-------- C:\Program Files\Fichiers communs\Java
2008-09-13 15:41 . 2008-09-13 15:42 <REP> d-------- C:\Program Files\LimeWire
2008-09-11 17:15 . 2008-09-11 17:15 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\skypePM
2008-09-11 17:15 . 2008-09-11 17:15 56 --ah----- C:\WINDOWS\system32\ezsidmv.dat
2008-09-11 17:14 . 2008-10-05 14:37 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Skype
2008-09-10 17:58 . 2008-09-10 17:58 <REP> d-------- C:\Program Files\Kaspersky Lab
2008-09-10 17:58 . 2008-09-10 18:11 96,976 --a------ C:\WINDOWS\system32\drivers\klin.dat
2008-09-10 17:58 . 2008-09-10 17:58 87,855 --a------ C:\WINDOWS\system32\drivers\klick.dat
2008-09-10 17:57 . 2008-09-12 16:47 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
2008-09-09 21:54 . 2008-10-05 14:47 <REP> d-------- C:\Program Files\ma-config.com
2008-09-09 21:54 . 2008-10-05 14:47 <REP> d-------- C:\Documents and Settings\All Users\Application Data\ma-config.com
2008-09-09 20:37 . 2008-09-09 20:45 <REP> d-------- C:\Program Files\freshney.org
2008-09-09 20:27 . 2008-09-09 20:27 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\OpenOffice.org2
2008-09-09 20:12 . 2002-12-29 01:14 81,920 --a------ C:\WINDOWS\system32\Startup.cpl
2008-09-08 19:09 . 2008-09-25 20:10 <REP> d-------- C:\Program Files\mIRC
2008-09-08 19:09 . 2008-09-29 19:55 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\mIRC
2008-09-08 17:22 . 2008-09-08 17:22 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\FastStone
2008-09-08 07:56 . 2008-10-05 15:45 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-09-08 07:56 . 2008-09-10 18:08 124,688 --a------ C:\WINDOWS\system32\MSWINSCK.OCX

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-07 00:49 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-10-06 00:58 --------- d-----w C:\Program Files\Steam
2008-10-05 23:32 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\uTorrent
2008-10-05 18:45 --------- d-----w C:\Program Files\Fichiers communs\Ahead
2008-10-05 18:33 --------- d-----w C:\Program Files\Diablo II
2008-10-05 17:32 --------- d-----w C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-09-28 19:15 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
2008-09-26 11:53 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\Ahead
2008-09-24 00:18 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\Ventrilo
2008-09-10 00:36 --------- d-----w C:\Program Files\MagicISO
2008-09-10 00:31 --------- d-----w C:\Program Files\Windows Live
2008-09-10 00:27 --------- d-----w C:\Program Files\OpenOffice.org 2.2
2008-09-10 00:26 --------- d-----w C:\Program Files\CyberLink
2008-09-07 23:53 43,520 ----a-w C:\WINDOWS\system32\CmdLineExt03.dll
2008-09-07 23:45 21,840 ----atw C:\WINDOWS\system32\SIntfNT.dll
2008-09-07 23:45 17,212 ----atw C:\WINDOWS\system32\SIntf32.dll
2008-09-07 23:45 12,067 ----atw C:\WINDOWS\system32\SIntf16.dll
2008-09-07 06:16 --------- d-----w C:\Documents and Settings\All Users\Application Data\NOS
2008-09-07 05:31 --------- d-----w C:\Program Files\NOS
2008-09-07 05:26 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-09-07 05:24 --------- d-----w C:\Program Files\Google
2008-09-06 07:00 --------- d-----w C:\Program Files\MSXML 4.0
2008-09-05 12:16 --------- d-----w C:\Documents and Settings\All Users\Application Data\FLEXnet
2008-09-04 23:34 --------- d-----w C:\Program Files\Bonjour
2008-09-04 23:31 --------- d-----w C:\Program Files\Fichiers communs\Macrovision Shared
2008-09-04 23:00 --------- d-----w C:\Program Files\Hewlett-Packard
2008-09-04 23:00 --------- d-----w C:\Program Files\Fichiers communs\HP
2008-09-04 23:00 --------- d-----w C:\Program Files\Fichiers communs\Hewlett-Packard
2008-09-04 22:59 --------- d-----w C:\Program Files\HP
2008-09-04 22:59 --------- d-----w C:\Documents and Settings\All Users\Application Data\Hewlett-Packard
2008-09-04 22:55 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\Logitech
2008-09-04 22:53 118,784 ------r C:\WINDOWS\bwUnin-7.2.0.137-8876480SL.exe
2008-09-04 22:53 --------- d-----w C:\Program Files\Logitech
2008-09-04 22:53 --------- d-----w C:\Program Files\Fichiers communs\Logitech
2008-09-04 22:51 --------- d-----w C:\Program Files\Razer
2008-09-04 22:49 --------- d-----w C:\Program Files\Microsoft LifeChat
2008-09-04 22:31 --------- d-----w C:\Program Files\Ventrilo
2008-09-04 22:30 --------- d-----w C:\Program Files\Smart Projects
2008-09-04 22:17 --------- dcsh--w C:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-09-04 22:16 --------- d-----w C:\Program Files\uTorrent
2008-09-04 22:14 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-09-04 19:29 --------- d-----w C:\Program Files\DreamCatcher
2008-08-20 19:31 --------- d-----w C:\Program Files\Analog Devices
2008-08-20 19:25 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\InstallShield
2008-08-20 17:29 --------- d-----w C:\Program Files\microsoft frontpage
2008-08-20 17:27 --------- d-----w C:\Program Files\Services en ligne
2008-07-31 14:41 68,616 ----a-w C:\WINDOWS\system32\XAPOFX1_1.dll
2008-07-31 14:41 238,088 ----a-w C:\WINDOWS\system32\xactengine3_2.dll
2008-07-31 14:40 509,448 ----a-w C:\WINDOWS\system32\XAudio2_2.dll
2008-07-30 00:21 218,376 ----a-w C:\WINDOWS\system32\klogon.dll
2008-07-19 02:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll
2008-07-19 02:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe
2008-07-19 02:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll
2008-07-19 02:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll
2008-07-19 02:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll
2008-07-19 02:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll
2008-07-19 02:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll
2008-07-19 02:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll
2008-07-19 02:07 270,880 ----a-w C:\WINDOWS\system32\mucltui.dll
2008-07-19 02:07 210,976 ----a-w C:\WINDOWS\system32\muweb.dll
2008-07-16 20:02 1,571,840 ----a-w C:\WINDOWS\system32\sfcfiles.dll
2008-07-16 20:01 58,880 ----a-w C:\WINDOWS\system32\dmutil.dll
2008-07-16 20:01 52,736 ----a-w C:\WINDOWS\system32\wzcsapi.dll
2008-07-16 20:01 483,840 ----a-w C:\WINDOWS\system32\wzcsvc.dll
2008-07-16 20:01 47,616 ----a-w C:\WINDOWS\system32\iyuv_32.dll
2008-07-16 20:01 35,328 ----a-w C:\WINDOWS\system32\pid.dll
2008-07-16 20:01 20,992 ----a-w C:\WINDOWS\system32\hid.dll
2008-07-16 20:01 2,025,984 ----a-w C:\WINDOWS\system32\ntkrnlpa.exe
2008-07-16 20:01 16,896 ----a-w C:\WINDOWS\system32\msyuv.dll
2008-07-16 19:55 1,013,248 ----a-w C:\WINDOWS\system32\syssetup.dll
2008-07-12 12:18 467,984 ----a-w C:\WINDOWS\system32\d3dx10_39.dll
2008-07-12 12:18 3,851,784 ----a-w C:\WINDOWS\system32\D3DX9_39.dll
2008-07-12 12:18 1,493,528 ----a-w C:\WINDOWS\system32\D3DCompiler_39.dll
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-13 15360]
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2008-09-04 32768]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-09-11 68856]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2008-04-13 1695232]
"\YUR2.exe"="C:\Windows\system32\YUR2.exe" [2008-10-07 74752]
"\YUR3.exe"="C:\Windows\system32\YUR3.exe" [2008-10-07 25088]
"\YUR4.exe"="C:\Windows\system32\YUR4.exe" [2008-10-07 25088]
"\YUR5.exe"="C:\Windows\system32\YUR5.exe" [2008-10-07 24064]
"\YUR6.exe"="C:\Windows\system32\YUR6.exe" [2008-10-07 24064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2008-05-16 86016]
"Reclusa"="C:\Program Files\Razer\Reclusa\razerhid.exe" [2007-03-07 167936]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"Sccs"="C:\Documents and Settings\Administrateur\sccs.exe" [2008-10-05 103936]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2008-05-16 13529088]
"\YUR4A.exe"="C:\Windows\system32\YUR4A.exe" [2008-10-07 74752]
"AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe" [2008-07-29 206088]
"\YUR2.exe"="C:\Windows\system32\YUR2.exe" [2008-10-07 74752]
"\YUR3.exe"="C:\Windows\system32\YUR3.exe" [2008-10-07 25088]
"\YUR4.exe"="C:\Windows\system32\YUR4.exe" [2008-10-07 25088]
"\YUR5.exe"="C:\Windows\system32\YUR5.exe" [2008-10-07 24064]
"\YUR6.exe"="C:\Windows\system32\YUR6.exe" [2008-10-07 24064]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2004-12-10 C:\WINDOWS\KHALMNPR.Exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-13 15360]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2008-09-04 450560]
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [2008-09-04 434176]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\uTorrent\\uTorrent.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\Steam\\SteamApps\\killmoulie\\counter-strike source\\hl2.exe"=
"C:\\Program Files\\mIRC\\mirc.exe"=
"C:\\Documents and Settings\\All Users\\Application Data\\Kaspersky Lab Setup Files\\Kaspersky Anti-Virus 2009\\french\\setup.exe"=
"C:\\Documents and Settings\\All Users\\Application Data\\Kaspersky Lab Setup Files\\Kaspersky Internet Security 7.0.1.325\\French\\setup.exe"=
"C:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"=

R0 klbg;Kaspersky Lab Boot Guard Driver;C:\WINDOWS\system32\drivers\klbg.sys [2008-01-29 32784]
R0 mv61xx;mv61xx;C:\WINDOWS\system32\DRIVERS\mv61xx.sys [2006-07-28 68736]
R0 nvgts;nvgts;C:\WINDOWS\system32\DRIVERS\nvgts.sys [2007-08-10 102400]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;C:\WINDOWS\system32\DRIVERS\klim5.sys [2008-04-30 24592]
R3 RecFltr;Reclusa Keyboard;C:\WINDOWS\system32\Drivers\RecFltr.sys [2007-01-18 41984]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08
.
- - - - ORPHELINS SUPPRIMES - - - -

BHO-{46B95367-6BA4-4137-B830-53B1FF284056} - C:\WINDOWS\system32\hgGyawuV.dll
BHO-{98EE2CB9-193C-4CDF-89F1-F8E228295B4B} - C:\WINDOWS\vortsgbqnqm.dll
BHO-{E078B0C0-3ED9-4032-9C08-B9DE06EF5410} - C:\WINDOWS\system32\mlJdayax.dll
HKCU-Run-\YUR1F.exe - C:\Windows\system32\YUR1F.exe
HKCU-Run-\YUR17.exe - C:\Windows\system32\YUR17.exe
HKLM-Run-\YUR1F.exe - C:\Windows\system32\YUR1F.exe
HKLM-Run-\YUR17.exe - C:\Windows\system32\YUR17.exe
ShellExecuteHooks-{46B95367-6BA4-4137-B830-53B1FF284056} - C:\WINDOWS\system32\hgGyawuV.dll
SSODL-qmafxprs-{E93EA581-4811-45B6-B6DB-29369EF776B5} - C:\WINDOWS\qmafxprs.dll
SSODL-lfstbwvd-{E055AA7E-1D9E-4071-B2E1-07B9BD11FDB7} - C:\WINDOWS\lfstbwvd.dll

.
------- Examen supplémentaire -------
.
R0 -: HKCU-Main,Start Page = hxxp://softwarereferral.com/jump.php?wmid=6010&mid=MjI6Ojg5&lid=2
R1 -: HKCU-Internet Settings,ProxyOverride = *.local
O8 -: E&xporter vers Microsoft Excel - C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O18 -: Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - %~$path:i

O16 -: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.3.cab
C:\WINDOWS\Downloaded Program Files\DownloadManagerV2.inf
C:\WINDOWS\Downloaded Program Files\Manager.exe
C:\WINDOWS\Downloaded Program Files\DownloadManagerV2.ocx

O16 -: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - hxxp://ma-config.com/activex/hardwaredetection_3_0_3_1.cab
C:\WINDOWS\Downloaded Program Files\hardwaredetection.inf
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-08 19:12:11
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

C:\WINDOWS\system32\YUR2.exe 74752 bytes executable
C:\WINDOWS\system32\YUR3.exe 25088 bytes executable
C:\WINDOWS\system32\YUR4.exe 25088 bytes executable
C:\WINDOWS\system32\YUR5.exe 24064 bytes executable
C:\WINDOWS\system32\YUR6.exe 24064 bytes executable

Scan terminé avec succès
Fichiers cachés: 5

**************************************************************************
.
------------------------ Autres processus actifs ------------------------
.
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTSVCCDA.EXE
C:\Program Files\Creative\Shared Files\CTDevSrv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Razer\Reclusa\razertra.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\PCHealthCenter\[u]0[/u].exe
C:\Program Files\PCHealthCenter\1.exe
C:\Program Files\PCHealthCenter\[u]0[/u].exe
C:\Program Files\PCHealthCenter\2.exe
C:\Program Files\PCHealthCenter\3.exe
C:\Program Files\PCHealthCenter\4.exe
C:\Program Files\MicroAV\MicroAV.exe
.
**************************************************************************
.
Heure de fin: 2008-10-08 19:25:49 - La machine a redémarré
ComboFix-quarantined-files.txt 2008-10-08 23:25:18

Avant-CF: 107 463 786 496 octets libres
Après-CF: 108,739,788,800 octets libres

332 --- E O F --- 2008-10-08 07:04:39

killmoulie · Answer

et pour archet 9 :

mon rapport:

Malwarebytes' Anti-Malware 1.28
Version de la base de données: 1244
Windows 5.1.2600 Service Pack 3

2008-10-08 20:30:32
mbam-log-2008-10-08 (20-30-27).txt

Type de recherche: Examen complet (C:\|)
Eléments examinés: 117944
Temps écoulé: 47 minute(s), 9 second(s)

Processus mémoire infecté(s): 1
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 3
Valeur(s) du Registre infectée(s): 12
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 65

Processus mémoire infecté(s):
C:\Documents and Settings\Administrateur\sccs.exe (Trojan.Agent) -> No action taken.

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\olnmraew.blke (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\olnmraew.toolbar.1 (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\MicroAV (Rogue.MicroAntivirus) -> No action taken.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sccs (Trojan.Agent) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\yur2.exe (Trojan.FakeAlert) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\yur2.exe (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\yur3.exe (Trojan.FakeAlert) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\yur3.exe (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\yur4.exe (Trojan.FakeAlert) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\yur4.exe (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\yur5.exe (Trojan.FakeAlert) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\yur5.exe (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\yur6.exe (Trojan.FakeAlert) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\yur6.exe (Trojan.FakeAlert) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\yur4a.exe (Trojan.FakeAlert) -> No action taken.

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProductId (Trojan.FakeAlert) -> Bad: (VIRUS ALERT!) Good: (76413-641-0086403-23126) -> No action taken.

Dossier(s) infecté(s):
C:\Program Files\PCHealthCenter (Trojan.Fakealert) -> No action taken.

Fichier(s) infecté(s):
C:\Documents and Settings\Administrateur\sccs.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\YUR2.exe (Trojan.FakeAlert) -> No action taken.
C:\WINDOWS\system32\YUR3.exe (Trojan.FakeAlert) -> No action taken.
C:\WINDOWS\system32\YUR4.exe (Trojan.FakeAlert) -> No action taken.
C:\WINDOWS\system32\YUR5.exe (Trojan.FakeAlert) -> No action taken.
C:\WINDOWS\system32\YUR6.exe (Trojan.FakeAlert) -> No action taken.
C:\WINDOWS\system32\YUR4A.exe (Trojan.FakeAlert) -> No action taken.
C:\x (Trojan.FakeAlert) -> No action taken.
C:\Program Files\PCHealthCenter\0.exe (Trojan.FakeAlert) -> No action taken.
C:\Program Files\PCHealthCenter\1.exe (Trojan.FakeAlert) -> No action taken.
C:\Program Files\PCHealthCenter\2.exe (Trojan.FakeAlert) -> No action taken.
C:\Program Files\PCHealthCenter\3.exe (Trojan.FakeAlert) -> No action taken.
C:\Program Files\PCHealthCenter\4.exe (Trojan.FakeAlert) -> No action taken.
C:\Program Files\PCHealthCenter\5.exe (Trojan.FakeAlert) -> No action taken.
C:\Program Files\PCHealthCenter\7.exe (Trojan.FakeAlert) -> No action taken.
C:\QooBox\Quarantine\C\x.vir (Trojan.FakeAlert) -> No action taken.
C:\QooBox\Quarantine\C\Program Files\PCHealthCenter\0.exe.vir (Trojan.FakeAlert) -> No action taken.
C:\QooBox\Quarantine\C\Program Files\PCHealthCenter\1.exe.vir (Trojan.FakeAlert) -> No action taken.
C:\QooBox\Quarantine\C\Program Files\PCHealthCenter\2.exe.vir (Trojan.FakeAlert) -> No action taken.
C:\QooBox\Quarantine\C\Program Files\PCHealthCenter\3.exe.vir (Trojan.FakeAlert) -> No action taken.
C:\QooBox\Quarantine\C\Program Files\PCHealthCenter\4.exe.vir (Trojan.FakeAlert) -> No action taken.
C:\QooBox\Quarantine\C\Program Files\PCHealthCenter\5.exe.vir (Trojan.FakeAlert) -> No action taken.
C:\QooBox\Quarantine\C\Program Files\PCHealthCenter\7.exe.vir (Trojan.FakeAlert) -> No action taken.
C:\QooBox\Quarantine\C\WINDOWS\epab.exe.vir (Trojan.FakeAlert) -> No action taken.
C:\QooBox\Quarantine\C\WINDOWS\qmafxprs.dll.vir (Trojan.Zlob) -> No action taken.
C:\QooBox\Quarantine\C\WINDOWS\system32\awtqNFWo.dll.vir (Trojan.Vundo) -> No action taken.
C:\QooBox\Quarantine\C\WINDOWS\system32\hgGyawuV.dll.vir (Trojan.Vundo) -> No action taken.
C:\QooBox\Quarantine\C\WINDOWS\system32\mlJdayax.dll.vir (Trojan.Vundo) -> No action taken.
C:\System Volume Information\_restore{6C748EA0-A256-419D-9E64-5D6146BF5196}\RP72\A0013900.exe (Trojan.FakeAlert) -> No action taken.
C:\System Volume Information\_restore{6C748EA0-A256-419D-9E64-5D6146BF5196}\RP72\A0013901.exe (Trojan.FakeAlert) -> No action taken.
C:\System Volume Information\_restore{6C748EA0-A256-419D-9E64-5D6146BF5196}\RP72\A0013902.exe (Trojan.FakeAlert) -> No action taken.
C:\System Volume Information\_restore{6C748EA0-A256-419D-9E64-5D6146BF5196}\RP72\A0013903.exe (Trojan.FakeAlert) -> No action taken.
C:\System Volume Information\_restore{6C748EA0-A256-419D-9E64-5D6146BF5196}\RP72\A0013904.exe (Trojan.FakeAlert) -> No action taken.
C:\System Volume Information\_restore{6C748EA0-A256-419D-9E64-5D6146BF5196}\RP72\A0013905.exe (Trojan.FakeAlert) -> No action taken.
C:\System Volume Information\_restore{6C748EA0-A256-419D-9E64-5D6146BF5196}\RP72\A0013906.exe (Trojan.FakeAlert) -> No action taken.
C:\System Volume Information\_restore{6C748EA0-A256-419D-9E64-5D6146BF5196}\RP72\A0013907.exe (Trojan.FakeAlert) -> No action taken.
C:\System Volume Information\_restore{6C748EA0-A256-419D-9E64-5D6146BF5196}\RP72\A0013908.exe (Trojan.FakeAlert) -> No action taken.
C:\System Volume Information\_restore{6C748EA0-A256-419D-9E64-5D6146BF5196}\RP74\A0014900.exe (Trojan.FakeAlert) -> No action taken.
C:\System Volume Information\_restore{6C748EA0-A256-419D-9E64-5D6146BF5196}\RP76\A0015944.exe (Trojan.FakeAlert) -> No action taken.
C:\System Volume Information\_restore{6C748EA0-A256-419D-9E64-5D6146BF5196}\RP76\A0015913.exe (Trojan.FakeAlert) -> No action taken.
C:\System Volume Information\_restore{6C748EA0-A256-419D-9E64-5D6146BF5196}\RP76\A0015914.exe (Trojan.FakeAlert) -> No action taken.
C:\System Volume Information\_restore{6C748EA0-A256-419D-9E64-5D6146BF5196}\RP76\A0015916.exe (Trojan.FakeAlert) -> No action taken.
C:\System Volume Information\_restore{6C748EA0-A256-419D-9E64-5D6146BF5196}\RP76\A0015918.exe (Trojan.FakeAlert) -> No action taken.
C:\System Volume Information\_restore{6C748EA0-A256-419D-9E64-5D6146BF5196}\RP76\A0015919.exe (Trojan.FakeAlert) -> No action taken.
C:\System Volume Information\_restore{6C748EA0-A256-419D-9E64-5D6146BF5196}\RP76\A0015920.exe (Trojan.FakeAlert) -> No action taken.
C:\System Volume Information\_restore{6C748EA0-A256-419D-9E64-5D6146BF5196}\RP76\A0015921.exe (Trojan.FakeAlert) -> No action taken.
C:\System Volume Information\_restore{6C748EA0-A256-419D-9E64-5D6146BF5196}\RP76\A0015924.dll (Trojan.Zlob) -> No action taken.
C:\System Volume Information\_restore{6C748EA0-A256-419D-9E64-5D6146BF5196}\RP76\A0015931.exe (Trojan.FakeAlert) -> No action taken.
C:\System Volume Information\_restore{6C748EA0-A256-419D-9E64-5D6146BF5196}\RP76\A0015933.dll (Trojan.Vundo) -> No action taken.
C:\System Volume Information\_restore{6C748EA0-A256-419D-9E64-5D6146BF5196}\RP76\A0015934.dll (Trojan.Vundo) -> No action taken.
C:\System Volume Information\_restore{6C748EA0-A256-419D-9E64-5D6146BF5196}\RP76\A0015935.dll (Trojan.Vundo) -> No action taken.
C:\System Volume Information\_restore{6C748EA0-A256-419D-9E64-5D6146BF5196}\RP76\A0015936.exe (Trojan.FakeAlert) -> No action taken.
C:\WINDOWS\system32\YURA.exe (Trojan.FakeAlert) -> No action taken.
C:\Program Files\PCHealthCenter\0.gif (Trojan.Fakealert) -> No action taken.
C:\Program Files\PCHealthCenter\1.gif (Trojan.Fakealert) -> No action taken.
C:\Program Files\PCHealthCenter\1.ico (Trojan.Fakealert) -> No action taken.
C:\Program Files\PCHealthCenter\2.gif (Trojan.Fakealert) -> No action taken.
C:\Program Files\PCHealthCenter\2.ico (Trojan.Fakealert) -> No action taken.
C:\Program Files\PCHealthCenter\3.gif (Trojan.Fakealert) -> No action taken.
C:\Program Files\PCHealthCenter\sc.html (Trojan.Fakealert) -> No action taken.
C:\WINDOWS\system32\1.ico (Malware.Trace) -> No action taken.
C:\WINDOWS\system32\2.ico (Malware.Trace) -> No action taken.
C:\Documents and Settings\Administrateur\css.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\qkeftmxn.exe (Trojan.FakeAlert) -> No action taken.
C:\WINDOWS\system32\MicroAV.cpl (Rogue.MicroAntivirus) -> No action taken.

Utilisateur anonyme · Answer

bonjour

relance MBAM va dans quarantaine et supprime tout 

ensuite reposte un log hijackthis stp

killmoulie · Answer

et voila 


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 08:24, on 2008-10-09
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Creative\Shared Files\CTDevSrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32
vsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Razer\Reclusaazerhid.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Razer\Reclusaazertra.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ca/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Reclusa] C:\Program Files\Razer\Reclusaazerhid.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.3.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://ma-config.com/activex/hardwaredetection_3_0_3_1.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-01.sun.com/s/ESD44/JSCDL/jdk/6u7/jinstall-6u7-windows-i586-jc.cab?e=1221335082131&h=b6d0bc48c67cc4bc45ee4618ca4fb756/&filename=jinstall-6u7-windows-i586-jc.cab
O18 - Protocol: bw+0 - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {D68A5E31-6D2C-430C-87AC-4B715C80E778} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Kaspersky Anti-Virus (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe (file missing)
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: CT Device Query service (CTDevice_Srv) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTDevSrv.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
vsvc32.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

Utilisateur anonyme · Answer

ceci  
C:\Program Files\Logitech\Desktop Messenger tu peux supprimer via ajout suppression de programme cela ne sert a rien

Surdose de virus

7 réponses

Votre réponse

Discussions similaires

Newsletters