Votre question

smithfraud et drivecleaner ! [résolu]

Tags :
  • Windows
  • Sécurité
Dernière réponse : dans Sécurité et virus
4 Avril 2007 21:05:26

Bsr , voilà j ai un souci :D ès que je vais sur internet , j ai plein de page de pub qui s ouvrent ....
Pffffff mon PC rame ....
Adaware :RAS
Avast :RAS
AVG spyware : virtumonde , supprimé
Spybot : smitfraud toobal888
une page revient sans cesse drivecleaner !!

Que dois je faire , svp ?

Autres pages sur : smithfraud drivecleaner resolu

a b 8 Sécurité
4 Avril 2007 21:06:04

Bonjour,

Télécharge Hijackthis (de Merjin).
Dézippe-le dans un dossier ou sur ton Bureau.

Lance l'application.
Choisis l'option "Do a system scan and save a logfile"
Le Bloc-Notes s'ouvre :
-> Edition / Sélectionner Tout
-> Edition / Copier
Colle le rapport ici.

AIDE : Tuto en vidéo sur Hijackthis
4 Avril 2007 21:10:15

Logfile of HijackThis v1.99.1
Scan saved at 21:10:02, on 04/04/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\freeBrowser\freeBrowser\freeBrowser.exe
C:\Program Files\Shareaza\Shareaza.exe
C:\Program Files\ePrompter\ePrompter.exe
C:\Program Files\Hotmail Popper\hotpop.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\freeBrowser\vlc\vlc.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\LOVATO\Mes documents\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://french.eazel.com/index.php?rvs=hompag
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [freeBrowser] C:\Program Files\freeBrowser\freeBrowser\freeBrowser.exe
O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray
O4 - Startup: ePrompter.lnk = C:\Program Files\ePrompter\ePrompter.exe
O4 - Startup: Hotmail Popper.lnk = C:\Program Files\Hotmail Popper\hotpop.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

Contenus similaires
a b 8 Sécurité
4 Avril 2007 21:12:14

Re,

Télécharge VundoFix.exe (par Atribune) sur ton Bureau.
  • Double-clique VundoFix.exe afin de le lancer
  • Clique sur le bouton Scan for Vundo
  • Lorsque le scan est complété, clique sur le bouton Remove Vundo
  • Une invite te demandera si tu veux supprimer les fichiers, clique YES
  • Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers
  • Tu verras une invite qui t'annonce que ton PC va redémarrer; clique OK
  • Copie/colle le contenu du rapport situé dans C:\vundofix.txt ainsi qu'un nouveau rapport HijackThis dans ta prochaine réponse

    Note: Il est possible que VundoFix soit confronté à un fichier qu'il ne peut supprimer. Si tel est le cas, l'outil se lancera au prochain redémarrage; il faut simplement suivre les instructions ci-haut, à partir de "clique sur le bouton Scan for Vundo".
    4 Avril 2007 21:29:05

    Re,


    VundoFix V6.3.19

    Checking Java version...

    Sun Java not detected
    Scan started at 21:16:17 04/04/2007

    Listing files found while scanning....

    C:\WINDOWS\system32\ikscxotp.dll
    C:\WINDOWS\system32\nnnmnll.dll
    C:\WINDOWS\system32\ptoxcski.ini
    C:\WINDOWS\system32\stutv.bak1
    C:\WINDOWS\system32\stutv.bak2
    C:\WINDOWS\system32\stutv.ini
    C:\WINDOWS\system32\vtmijfck.dll
    C:\WINDOWS\system32\vtuts.dll
    C:\WINDOWS\system32\yturqush.dll

    Beginning removal...

    Attempting to delete C:\WINDOWS\system32\ikscxotp.dll
    C:\WINDOWS\system32\ikscxotp.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\nnnmnll.dll
    C:\WINDOWS\system32\nnnmnll.dll Could not be deleted.

    Attempting to delete C:\WINDOWS\system32\ptoxcski.ini
    C:\WINDOWS\system32\ptoxcski.ini Has been deleted!

    Attempting to delete C:\WINDOWS\system32\stutv.bak1
    C:\WINDOWS\system32\stutv.bak1 Has been deleted!

    Attempting to delete C:\WINDOWS\system32\stutv.bak2
    C:\WINDOWS\system32\stutv.bak2 Has been deleted!

    Attempting to delete C:\WINDOWS\system32\stutv.ini
    C:\WINDOWS\system32\stutv.ini Has been deleted!

    Attempting to delete C:\WINDOWS\system32\vtmijfck.dll
    C:\WINDOWS\system32\vtmijfck.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\vtuts.dll
    C:\WINDOWS\system32\vtuts.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\yturqush.dll
    C:\WINDOWS\system32\yturqush.dll Has been deleted!

    Performing Repairs to the registry.
    Done!

    VundoFix V6.3.19

    Checking Java version...

    Sun Java not detected
    Scan started at 21:21:40 04/04/2007

    Listing files found while scanning....

    C:\WINDOWS\system32\nnnmnll.dll

    Beginning removal...

    Attempting to delete C:\WINDOWS\system32\nnnmnll.dll
    C:\WINDOWS\system32\nnnmnll.dll Has been deleted!

    Performing Repairs to the registry.
    Done!




    Nouveau rapport hijackthis:

    Logfile of HijackThis v1.99.1
    Scan saved at 21:27:16, on 04/04/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16414)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\freeBrowser\freeBrowser\freeBrowser.exe
    C:\Program Files\Shareaza\Shareaza.exe
    C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    C:\Program Files\ePrompter\ePrompter.exe
    C:\Program Files\Hotmail Popper\hotpop.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\freeBrowser\vlc\vlc.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Documents and Settings\LOVATO\Mes documents\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://french.eazel.com/index.php?rvs=hompag
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {9F49D02E-7BFB-4CF1-8CF2-6882E2FF4DD7} - (no file)
    O2 - BHO: (no name) - {C1E56300-2485-4641-B9BA-8867B17D3679} - C:\WINDOWS\system32\vtuts.dll (file missing)
    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKLM\..\Run: [SoundService] rundll32.exe "C:\WINDOWS\system32\ikscxotp.dll",setvm
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [freeBrowser] C:\Program Files\freeBrowser\freeBrowser\freeBrowser.exe
    O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray
    O4 - Startup: ePrompter.lnk = C:\Program Files\ePrompter\ePrompter.exe
    O4 - Startup: Hotmail Popper.lnk = C:\Program Files\Hotmail Popper\hotpop.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O20 - Winlogon Notify: yayyyww - yayyyww.dll (file missing)
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
    O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
    O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe



    a b 8 Sécurité
    4 Avril 2007 21:30:47

    Re,

    Télécharge Clean.zip (de Malekal),
    Décompresse-le sur ton bureau (Clique-Droit/Extraire tout), tu dois obtenir un dossier Clean.
    Ouvre le dossier clean, double-clique sur clean.cmd.
    Choisis l'option 1 puis patiente. Poste ensuite le contenu du rapport.

    4 Avril 2007 21:32:53

    Re,

    Rapport clean par Malekal_morte - http://www.malekal.com
    Option 1, executee le 04/04/2007 a 21:33:16,50

    *** Recherche de fichiers sur C:

    *** Recherche des fichiers dans C:\WINDOWS\

    *** Recherche des fichiers dans C:\WINDOWS\system32
    C:\WINDOWS\system32\mcrh.tmp FOUND
    C:\WINDOWS\system32\SpoonUninstall.exe FOUND

    "C:\Program Files\DivX\Google\Firefox\ffinstaller.exe" FOUND
    *** Fin du rapport !
    a b 8 Sécurité
    4 Avril 2007 21:34:17

    Re,

    Redémarre en mode sans échec

    Ouvre le dossier clean, double-clique sur clean.cmd.
    Choisis l'option 2 puis patiente.

    Redémarre normalement

    - Poste le rapport clean : C:\rapport_clean.txt

  • Fais un scan en ligne Kaspersky avec Internet Explorer :
  • Clique sur
  • Clique maintenant sur J'accepte.
  • Valide l'installation d'un ou de plusieurs ActiveX si c'est nécessaire.
  • Patiente pendant l'installation des Mises à jour.
  • Choisis par la suite l'analyse du Poste de travail
  • Sauvegarde puis colle le rapport généré en fin d'analyse.

    AIDE : Tuto sur le scan en ligne

    NOTE : Si tu reçois le message "La licence de Kaspersky On-line Scanner est périmée", va dans Ajout/Suppression de programmes puis désinstalle On-Line Scanner, reconnecte toi sur le site de Kaspersky pour retenter le scan en ligne.
    4 Avril 2007 22:03:13

    Re, ne désespère pas , cela va arriver ...
    Déjà trois virus et 6 dossiers infectés !!!
    4 Avril 2007 22:18:04

    Re,

    Script execute en mode sans echec
    Rapport clean par Malekal_morte - http://www.malekal.com
    Option 2, executee le 04/04/2007 a 21:37:58,23

    Microsoft Windows XP [version 5.1.2600]

    *** Suppression de fichiers sur C:

    *** Suppression des fichiers dans C:\WINDOWS\

    *** Suppression des fichiers dans C:\WINDOWS\system32
    tentative de suppression de C:\WINDOWS\system32\mcrh.tmp
    tentative de suppression de C:\WINDOWS\system32\SpoonUninstall.exe

    tentative de suppression de "C:\Program Files\DivX\Google\Firefox\ffinstaller.exe"

    *** Suppression des clefs du registre effectuee..
    *** Fin du rapport !


    ------------------------------------------------------------------------------
    Kaspersky:


    Wednesday, April 04, 2007 10:15:07 PM
    Système d'exploitation : Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
    Kaspersky On-line Scanner version : 5.0.83.0
    Dernière mise à jour de la base antivirus Kaspersky : 4/04/2007
    Enregistrements dans la base antivirus Kaspersky : 275070


    Paramètres d'analyse
    Analyser avec la base antivirus suivante standard
    Analyser les archives vrai
    Analyser les bases de messagerie vrai

    Cible de l'analyse Poste de travail
    C:\
    D:\
    E:\
    F:\

    Statistiques de l'analyse
    Total d'objets analysés 46252
    Nombre de virus trouvés 3
    Nombre d'objets infectés 8 / 0
    Nombre d'objets suspects 0
    Durée de l'analyse 00:24:14

    Nom de l'objet infecté Nom du virus Dernière action
    C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\LocalService\Cookies\index.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré

    C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\LocalService\NTUSER.DAT L'objet est verrouillé ignoré

    C:\Documents and Settings\LocalService\ntuser.dat.LOG L'objet est verrouillé ignoré

    C:\Documents and Settings\LOVATO\Application Data\Shareaza\Data\TigerTree.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\LOVATO\Cookies\index.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\LOVATO\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\LOVATO\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré

    C:\Documents and Settings\LOVATO\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\LOVATO\Local Settings\Historique\History.IE5\MSHist012007040420070405\index.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\LOVATO\Local Settings\Temp\~DF36.tmp L'objet est verrouillé ignoré

    C:\Documents and Settings\LOVATO\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\LOVATO\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\LOVATO\NTUSER.DAT L'objet est verrouillé ignoré

    C:\Documents and Settings\LOVATO\ntuser.dat.LOG L'objet est verrouillé ignoré

    C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré

    C:\Documents and Settings\NetworkService\NTUSER.DAT L'objet est verrouillé ignoré

    C:\Documents and Settings\NetworkService\ntuser.dat.LOG L'objet est verrouillé ignoré

    C:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat L'objet est verrouillé ignoré

    C:\Program Files\Alwil Software\Avast4\DATA\Avast4.db L'objet est verrouillé ignoré

    C:\Program Files\Alwil Software\Avast4\DATA\integ\avast.int L'objet est verrouillé ignoré

    C:\Program Files\Alwil Software\Avast4\DATA\log\AshWebSv.ws L'objet est verrouillé ignoré

    C:\Program Files\Alwil Software\Avast4\DATA\log\aswMaiSv.log L'objet est verrouillé ignoré

    C:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log L'objet est verrouillé ignoré

    C:\Program Files\Alwil Software\Avast4\DATA\report\Protection résidente.txt L'objet est verrouillé ignoré

    C:\Program Files\freeBrowser\freeBrowser\FreeBrowser.log L'objet est verrouillé ignoré

    C:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré

    C:\System Volume Information\_restore{D08ABD70-BD34-4259-94B6-4DBF759EC72B}\RP120\A0012739.dll Infecté : Trojan.Win32.BHO.g ignoré

    C:\System Volume Information\_restore{D08ABD70-BD34-4259-94B6-4DBF759EC72B}\RP120\A0012742.dll Infecté : Trojan-Spy.Win32.VBStat.h ignoré

    C:\System Volume Information\_restore{D08ABD70-BD34-4259-94B6-4DBF759EC72B}\RP120\A0012743.dll Infecté : Trojan.Win32.BHO.g ignoré

    C:\System Volume Information\_restore{D08ABD70-BD34-4259-94B6-4DBF759EC72B}\RP128\A0014264.dll Infecté : Packed.Win32.Klone.j ignoré

    C:\System Volume Information\_restore{D08ABD70-BD34-4259-94B6-4DBF759EC72B}\RP128\A0015357.dll Infecté : Trojan-Spy.Win32.VBStat.h ignoré

    C:\System Volume Information\_restore{D08ABD70-BD34-4259-94B6-4DBF759EC72B}\RP128\A0015359.dll Infecté : Trojan-Spy.Win32.VBStat.h ignoré

    C:\System Volume Information\_restore{D08ABD70-BD34-4259-94B6-4DBF759EC72B}\RP128\change.log L'objet est verrouillé ignoré

    C:\VundoFix Backups\vtmijfck.dll.bad Infecté : Trojan-Spy.Win32.VBStat.h ignoré

    C:\VundoFix Backups\yturqush.dll.bad Infecté : Trojan-Spy.Win32.VBStat.h ignoré

    C:\WINDOWS\Debug\PASSWD.LOG L'objet est verrouillé ignoré

    C:\WINDOWS\SchedLgU.Txt L'objet est verrouillé ignoré

    C:\WINDOWS\SoftwareDistribution\EventCache\{DF36EAA5-D17A-4B3F-8CB9-EC6852A26BF6}.bin L'objet est verrouillé ignoré

    C:\WINDOWS\SoftwareDistribution\ReportingEvents.log L'objet est verrouillé ignoré

    C:\WINDOWS\Sti_Trace.log L'objet est verrouillé ignoré

    C:\WINDOWS\system32\CatRoot2\edb.log L'objet est verrouillé ignoré

    C:\WINDOWS\system32\CatRoot2\tmp.edb L'objet est verrouillé ignoré

    C:\WINDOWS\system32\config\Antivirus.Evt L'objet est verrouillé ignoré

    C:\WINDOWS\system32\config\AppEvent.Evt L'objet est verrouillé ignoré

    C:\WINDOWS\system32\config\default L'objet est verrouillé ignoré

    C:\WINDOWS\system32\config\default.LOG L'objet est verrouillé ignoré

    C:\WINDOWS\system32\config\Internet.evt L'objet est verrouillé ignoré

    C:\WINDOWS\system32\config\SAM L'objet est verrouillé ignoré

    C:\WINDOWS\system32\config\SAM.LOG L'objet est verrouillé ignoré

    C:\WINDOWS\system32\config\SecEvent.Evt L'objet est verrouillé ignoré

    C:\WINDOWS\system32\config\SECURITY L'objet est verrouillé ignoré

    C:\WINDOWS\system32\config\SECURITY.LOG L'objet est verrouillé ignoré

    C:\WINDOWS\system32\config\software L'objet est verrouillé ignoré

    C:\WINDOWS\system32\config\software.LOG L'objet est verrouillé ignoré

    C:\WINDOWS\system32\config\SysEvent.Evt L'objet est verrouillé ignoré

    C:\WINDOWS\system32\config\system L'objet est verrouillé ignoré

    C:\WINDOWS\system32\config\system.LOG L'objet est verrouillé ignoré

    C:\WINDOWS\system32\drivers\atapi.sys L'objet est verrouillé ignoré

    C:\WINDOWS\system32\h323log.txt L'objet est verrouillé ignoré

    C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR L'objet est verrouillé ignoré

    C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP L'objet est verrouillé ignoré

    C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER L'objet est verrouillé ignoré

    C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP L'objet est verrouillé ignoré

    C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP L'objet est verrouillé ignoré

    C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA L'objet est verrouillé ignoré

    C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP L'objet est verrouillé ignoré

    C:\WINDOWS\Temp\Perflib_Perfdata_21c.dat L'objet est verrouillé ignoré

    C:\WINDOWS\Temp\_avast4_\Webshlock.txt L'objet est verrouillé ignoré

    C:\WINDOWS\wiadebug.log L'objet est verrouillé ignoré

    C:\WINDOWS\wiaservc.log L'objet est verrouillé ignoré

    C:\WINDOWS\WindowsUpdate.log L'objet est verrouillé ignoré

    D:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré

    D:\System Volume Information\_restore{D08ABD70-BD34-4259-94B6-4DBF759EC72B}\RP128\change.log L'objet est verrouillé ignoré

    D:\temporaires\btih_JFR673T2NKQ675BBJ4B66EWEJKQLYACY.partial L'objet est verrouillé ignoré

    D:\temporaires\btih_NNSHHKLHUXE57RRVP7K6DK3DFW3YZW7Y.partial L'objet est verrouillé ignoré

    D:\temporaires\ed2k_13a2dc80f8ff2cb41b904e06adf265b6.partial L'objet est verrouillé ignoré

    D:\temporaires\ed2k_6a9acd41f9f3f722dc82278a1750333a.partial L'objet est verrouillé ignoré

    D:\temporaires\sha1_2I7ZWHTRUIHKTE257FOGA2XSWQV7TZRB.partial L'objet est verrouillé ignoré

    D:\temporaires\sha1_6P42AQF4NUYVKS3TIK7INDZEWVHBSEN7.partial L'objet est verrouillé ignoré

    D:\temporaires\sha1_6RYBFL5NW2DNRU64NKJVXV4UENDYAMGS.partial L'objet est verrouillé ignoré

    D:\temporaires\sha1_DO3U7ZMXQB25ZADPTWGE3AODM6BAHHS4.partial L'objet est verrouillé ignoré

    D:\temporaires\sha1_GSQKN5VUQ5ZQPEX2LLDNN7BN67675C6D.partial L'objet est verrouillé ignoré

    D:\temporaires\sha1_HNJAMMPPUKEOCTSGR5DLNBXILLVBSHCD.partial L'objet est verrouillé ignoré

    D:\temporaires\sha1_OI63B6OXAYXZYQDEIRXBFLAQ73I2P3KE.partial L'objet est verrouillé ignoré

    D:\temporaires\sha1_R6QT2ZLNDV7YREDSVW4ZEGCYBIJOFCQK.partial L'objet est verrouillé ignoré

    D:\temporaires\sha1_R7FXNZJNQCUVV5PSXDRL3NLC6ZK6DVMD.partial L'objet est verrouillé ignoré

    D:\temporaires\sha1_UYU3VJRPF4DZQMA6K4LETG6ORUV3XMYW.partial L'objet est verrouillé ignoré

    D:\temporaires\sha1_Y5GITV5R7LR4KYYYGVCMT3XCXASAB3VM.partial L'objet est verrouillé ignoré

    Analyse terminée.
    a b 8 Sécurité
    4 Avril 2007 22:22:49

    Désactive puis réactive la restauration du système.
    Reposte un rapport Hijackthis.
    4 Avril 2007 22:24:33

    on fait comment pour desactiver la restauration? Avec Kasprsky je peux fermer, il n y a plus rien à faire?
    4 Avril 2007 22:28:26

    Merci , voici le rapport

    Logfile of HijackThis v1.99.1
    Scan saved at 22:28:46, on 04/04/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16414)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\freeBrowser\freeBrowser\freeBrowser.exe
    C:\Program Files\Shareaza\Shareaza.exe
    C:\Program Files\ePrompter\ePrompter.exe
    C:\Program Files\Hotmail Popper\hotpop.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\freeBrowser\vlc\vlc.exe
    C:\Documents and Settings\LOVATO\Mes documents\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://french.eazel.com/index.php?rvs=hompag
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {9F49D02E-7BFB-4CF1-8CF2-6882E2FF4DD7} - (no file)
    O2 - BHO: (no name) - {C1E56300-2485-4641-B9BA-8867B17D3679} - C:\WINDOWS\system32\vtuts.dll (file missing)
    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKLM\..\Run: [SoundService] rundll32.exe "C:\WINDOWS\system32\ikscxotp.dll",setvm
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [freeBrowser] C:\Program Files\freeBrowser\freeBrowser\freeBrowser.exe
    O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray
    O4 - Startup: ePrompter.lnk = C:\Program Files\ePrompter\ePrompter.exe
    O4 - Startup: Hotmail Popper.lnk = C:\Program Files\Hotmail Popper\hotpop.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O20 - Winlogon Notify: yayyyww - yayyyww.dll (file missing)
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
    O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
    O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

    4 Avril 2007 22:30:48

    Mes excuses je n avais pas fait ce que tu me demandais , voici le rapport apres desactivation puis reactivation :

    Logfile of HijackThis v1.99.1
    Scan saved at 22:31:08, on 04/04/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16414)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\freeBrowser\freeBrowser\freeBrowser.exe
    C:\Program Files\Shareaza\Shareaza.exe
    C:\Program Files\ePrompter\ePrompter.exe
    C:\Program Files\Hotmail Popper\hotpop.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\freeBrowser\vlc\vlc.exe
    C:\Documents and Settings\LOVATO\Mes documents\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://french.eazel.com/index.php?rvs=hompag
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {9F49D02E-7BFB-4CF1-8CF2-6882E2FF4DD7} - (no file)
    O2 - BHO: (no name) - {C1E56300-2485-4641-B9BA-8867B17D3679} - C:\WINDOWS\system32\vtuts.dll (file missing)
    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKLM\..\Run: [SoundService] rundll32.exe "C:\WINDOWS\system32\ikscxotp.dll",setvm
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [freeBrowser] C:\Program Files\freeBrowser\freeBrowser\freeBrowser.exe
    O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray
    O4 - Startup: ePrompter.lnk = C:\Program Files\ePrompter\ePrompter.exe
    O4 - Startup: Hotmail Popper.lnk = C:\Program Files\Hotmail Popper\hotpop.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O20 - Winlogon Notify: yayyyww - yayyyww.dll (file missing)
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
    O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
    O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

    a b 8 Sécurité
    4 Avril 2007 22:31:16

    Re,

    - Lance Hijackthis ->Do a system scan only
    ->Coche les lignes ci-dessous :

    O2 - BHO: (no name) - {9F49D02E-7BFB-4CF1-8CF2-6882E2FF4DD7} - (no file)
    O2 - BHO: (no name) - {C1E56300-2485-4641-B9BA-8867B17D3679} - C:\WINDOWS\system32\vtuts.dll (file missing)
    O4 - HKLM\..\Run: [SoundService] rundll32.exe "C:\WINDOWS\system32\ikscxotp.dll",setvm

    Clique sur Fix checked (en bas à gauche)

    Télécharge OTMoveIt (d'OldTimer). Sauvegarde-le sur ton Bureau.
    Sélectionne TOUS l'emplacement en gras ci-dessous :

    C:\WINDOWS\system32\ikscxotp.dll

    ---> Clique-droit puis Copier

    Double-clique sur OTMoveIt.exe afin de le lancer.
    Fais un Clique-droit sur le cadre de gauche puis choisis Coller.
    Clique maintenant sur [#ff0000]MoveIt![/#f]

    ! Si un fichier ou dossier ne peut être supprimé immédiatement, le logiciel te demandera de redémarrer. Accepte en cliquant sur YES !

    Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
    Le nom du rapport est la date de sa création.
    4 Avril 2007 22:38:02

    Ca ne fonctionne pas , quand je colle le lien en gras ca pe met
    Cannot create file C:\_OTMoveit\Movedfiles\04042007_223719.log
    a b 8 Sécurité
    4 Avril 2007 22:40:23

    Tu peux reposter un rapport Hijackthis ?
    4 Avril 2007 22:41:34

    Logfile of HijackThis v1.99.1
    Scan saved at 22:42:20, on 04/04/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16414)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\freeBrowser\freeBrowser\freeBrowser.exe
    C:\Program Files\Shareaza\Shareaza.exe
    C:\Program Files\ePrompter\ePrompter.exe
    C:\Program Files\Hotmail Popper\hotpop.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\freeBrowser\vlc\vlc.exe
    C:\Documents and Settings\LOVATO\Mes documents\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://french.eazel.com/index.php?rvs=hompag
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [freeBrowser] C:\Program Files\freeBrowser\freeBrowser\freeBrowser.exe
    O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray
    O4 - Startup: ePrompter.lnk = C:\Program Files\ePrompter\ePrompter.exe
    O4 - Startup: Hotmail Popper.lnk = C:\Program Files\Hotmail Popper\hotpop.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O20 - Winlogon Notify: yayyyww - yayyyww.dll (file missing)
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
    O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
    O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

    a b 8 Sécurité
    4 Avril 2007 22:50:21

    Tu as toujours des problèmes ?
    4 Avril 2007 22:53:32

    Apparement oui l ordi est toujours tres tres tres long pour ouvrir ma page internet par ex , je refais sypbot pour voir si il trouve toujours smitfraud ....
    4 Avril 2007 22:54:22

    Smitfraud C Toolbar est toujours la
    a b 8 Sécurité
    4 Avril 2007 22:57:18

    Quel est son emplacement ?
    4 Avril 2007 22:59:08


    --- Search result list ---
    Smitfraud-C.Toolbar888: Réglages (Clé du registre, nothing done)
    HKEY_USERS\S-1-5-21-436374069-776561741-682003330-1004\Software\Microsoft\aldd

    MediaPlex: Cookie traceur (Internet Explorer: LOVATO) (Cookie, nothing done)


    BlueStreak: Cookie traceur (Internet Explorer: LOVATO) (Cookie, nothing done)



    --- Spybot - Search & Destroy version: 1.4 (build: 20050523) ---

    2005-05-31 blindman.exe (1.0.0.1)
    2005-05-31 SpybotSD.exe (1.4.0.3)
    2005-05-31 TeaTimer.exe (1.4.0.2)
    2007-01-27 unins000.exe (51.41.0.0)
    2005-05-31 Update.exe (1.4.0.0)
    2007-01-15 advcheck.dll (1.2.1.0)
    2005-05-31 aports.dll (2.1.0.0)
    2005-05-31 borlndmm.dll (7.0.4.453)
    2005-05-31 delphimm.dll (7.0.4.453)
    2005-05-31 SDHelper.dll (1.4.0.0)
    2007-01-02 Tools.dll (2.0.1.0)
    2005-05-31 UnzDll.dll (1.73.1.1)
    2005-05-31 ZipDll.dll (1.73.2.0)
    2007-04-04 Includes\Cookies.sbi (*)
    2006-12-08 Includes\Dialer.sbi (*)
    2007-04-04 Includes\DialerC.sbi (*)
    2007-04-04 Includes\Hijackers.sbi (*)
    2007-04-04 Includes\HijackersC.sbi (*)
    2006-10-27 Includes\Keyloggers.sbi (*)
    2007-04-04 Includes\KeyloggersC.sbi (*)
    2007-03-21 Includes\Malware.sbi (*)
    2007-04-04 Includes\MalwareC.sbi (*)
    2007-03-21 Includes\PUPS.sbi (*)
    2007-04-04 Includes\PUPSC.sbi (*)
    2007-04-04 Includes\Revision.sbi (*)
    2006-12-08 Includes\Security.sbi (*)
    2007-04-04 Includes\SecurityC.sbi (*)
    2007-03-21 Includes\Spybots.sbi (*)
    2007-04-04 Includes\SpybotsC.sbi (*)
    2005-02-17 Includes\Tracks.uti
    2007-04-04 Includes\Trojans.sbi (*)
    2007-04-04 Includes\TrojansC.sbi (*)



    --- System information ---
    Windows XP (Build: 2600) Service Pack 2
    / Microsoft .NET Framework 2.0: This Security Update is for Microsoft .NET Framework 2.0. \n
    If you later install a more recent service pack, this Security Update will be uninstalled automatically. \n
    For more information, visit http://support.microsoft.com/kb/917283
    / Microsoft .NET Framework 2.0: This Security Update is for Microsoft .NET Framework 2.0. \n
    If you later install a more recent service pack, this Security Update will be uninstalled automatically. \n
    For more information, visit http://support.microsoft.com/kb/922770
    / MSXML4SP2: FIX: ASP stops responding when calling Response.Redirect to another server using msxml4 sp2
    / Windows / SP1: Microsoft Internationalized Domain Names Mitigation APIs
    / Windows / SP1: Microsoft National Language Support Downlevel APIs
    / Windows Media Format 11 SDK: Hotfix for Windows Media Format 11 SDK (KB929399)
    / Windows Media Player 6.4: Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398)
    / Windows Media Player 9: Mise à jour de sécurité pour Lecteur Windows Media 9 (KB917734)
    / Windows XP: Mise à jour de sécurité pour Windows XP (KB923689)
    / Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090)
    / Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 7 (KB929969)
    / Windows XP / SP10: Microsoft Compression Client Pack 1.0 for Windows XP
    / Windows XP / SP3: Correctif Windows XP - KB873339
    / Windows XP / SP3: Correctif Windows XP - KB885835
    / Windows XP / SP3: Correctif Windows XP - KB885836
    / Windows XP / SP3: Correctif Windows XP - KB885884
    / Windows XP / SP3: Correctif Windows XP - KB886185
    / Windows XP / SP3: Correctif Windows XP - KB887472
    / Windows XP / SP3: High Definition Audio Driver Package - KB888111
    / Windows XP / SP3: Correctif Windows XP - KB888302
    / Windows XP / SP3: Correctif Windows XP - KB890859
    / Windows XP / SP3: Correctif Windows XP - KB891781
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB893756)
    / Windows XP / SP3: Windows Installer 3.1 (KB893803)
    / Windows XP / SP3: Mise à jour pour Windows XP (KB894391)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896358)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896423)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896424)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896428)
    / Windows XP / SP3: Mise à jour pour Windows XP (KB898461)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB899587)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB899591)
    / Windows XP / SP3: Mise à jour pour Windows XP (KB900485)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB900725)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB901017)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB901214)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB902400)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB904706)
    / Windows XP / SP3: Mise à jour pour Windows XP (KB904942)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB905414)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB905749)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB908519)
    / Windows XP / SP3: Mise à jour pour Windows XP (KB908531)
    / Windows XP / SP3: Mise à jour pour Windows XP (KB910437)
    / Windows XP / SP3: Mise à jour pour Windows XP (KB911280)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB911562)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB911927)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB912919)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB913580)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB914388)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB914389)
    / Windows XP / SP3: Correctif pour Windows XP (KB914440)
    / Windows XP / SP3: Hotfix for Windows XP (KB915865)
    / Windows XP / SP3: Mise à jour pour Windows XP (KB916595)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB917344)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB917422)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB917953)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB918118)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB918439)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB919007)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB920213)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB920670)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB920683)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB920685)
    / Windows XP / SP3: Mise à jour pour Windows XP (KB920872)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB921398)
    / Windows XP / SP3: Mise à jour pour Windows XP (KB922582)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB922616)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB922819)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB923191)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB923414)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB923694)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB923980)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB924191)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB924270)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB924496)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB924667)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB925454)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB925902)
    / Windows XP / SP3: Hotfix for Windows XP (KB926239)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB926255)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB926436)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB927779)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB927802)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB928255)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB928843)
    / Windows XP / SP3: Mise à jour pour Windows XP (KB929338)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB929969)
    / Windows XP / SP3: Mise à jour pour Windows XP (KB931836)


    --- Startup entries list ---
    Located: HK_LM:Run, !AVG Anti-Spyware
    command: "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    file: C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    size: 6266880
    MD5: 01d90ae5dccbce0c7b52874fec35a608

    Located: HK_LM:Run, !AVG Anti-Spyware
    command: "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    file: C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    size: 6266880
    MD5: 01d90ae5dccbce0c7b52874fec35a608

    Located: HK_LM:Run, avast!
    command: C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    file: C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    size: 108160
    MD5: 26a15d8d5c81a3b053e82b01a5d8208e

    Located: HK_LM:Run, NvCplDaemon
    command: RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    file: C:\WINDOWS\system32\RUNDLL32.EXE
    size: 33792
    MD5: f5402cd47b7389ddc21f92119a906eee

    Located: HK_LM:Run, nwiz
    command: nwiz.exe /install
    file: C:\WINDOWS\system32\nwiz.exe
    size: 1622016
    MD5: 0294e2a5e89bf786f24a9cc2fd753191

    Located: HK_CU:Run, ccleaner
    command: "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
    file: C:\Program Files\CCleaner\ccleaner.exe
    size: 585728
    MD5: 7c662f82574c906c76cf6b09f3007882

    Located: HK_CU:Run, CTFMON.EXE
    command: C:\WINDOWS\system32\ctfmon.exe
    file: C:\WINDOWS\system32\ctfmon.exe
    size: 15360
    MD5: 5584247b568c2e53934873f4b655fe6a

    Located: HK_CU:Run, freeBrowser
    command: C:\Program Files\freeBrowser\freeBrowser\freeBrowser.exe
    file: C:\Program Files\freeBrowser\freeBrowser\freeBrowser.exe
    size: 413696
    MD5: eeb35d7e05de0d3bf14725a597aefb91

    Located: HK_CU:Run, MsnMsgr
    command: "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    file: C:\Program Files\MSN Messenger\MsnMsgr.Exe
    size: 5354792
    MD5: 6b3c274963543b07951ca0e23a9f1fa3

    Located: HK_CU:Run, Shareaza
    command: "C:\Program Files\Shareaza\Shareaza.exe" -tray
    file: C:\Program Files\Shareaza\Shareaza.exe
    size: 4468736
    MD5: 77857fd80dbc1c0aabc23fbdade3ffb2

    Located: Démarrage (tous utilisateurs), Adobe Reader Speed Launch.lnk
    command: C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    file: C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    size: 29696
    MD5: 43362b96870ce8649f4f2ec893da93f0

    Located: Démarrage (tous utilisateurs), Microsoft Office.lnk
    command: C:\Program Files\Microsoft Office\Office10\OSA.EXE
    file: C:\Program Files\Microsoft Office\Office10\OSA.EXE
    size: 83360
    MD5: 5bc65464354a9fd3beaa28e18839734a

    Located: Démarrage (utilisateur), ePrompter.lnk
    command: C:\Program Files\ePrompter\ePrompter.exe
    file: C:\Program Files\ePrompter\ePrompter.exe
    size: 782336
    MD5: 8b08bfc83e1bf5f02f025b3c2259899d

    Located: Démarrage (utilisateur), Hotmail Popper.lnk
    command: C:\Program Files\Hotmail Popper\hotpop.exe
    file: C:\Program Files\Hotmail Popper\hotpop.exe
    size: 1777664
    MD5: 5a3ebe41199f1d058a87a5e4f15609d7

    Located: System.ini, crypt32chain
    command: crypt32.dll
    file: crypt32.dll

    Located: System.ini, cryptnet
    command: cryptnet.dll
    file: cryptnet.dll

    Located: System.ini, cscdll
    command: cscdll.dll
    file: cscdll.dll

    Located: System.ini, ScCertProp
    command: wlnotify.dll
    file: wlnotify.dll

    Located: System.ini, Schedule
    command: wlnotify.dll
    file: wlnotify.dll

    Located: System.ini, sclgntfy
    command: sclgntfy.dll
    file: sclgntfy.dll

    Located: System.ini, SensLogn
    command: WlNotify.dll
    file: WlNotify.dll

    Located: System.ini, termsrv
    command: wlnotify.dll
    file: wlnotify.dll

    Located: System.ini, WgaLogon
    command: WgaLogon.dll
    file: WgaLogon.dll

    Located: System.ini, wlballoon
    command: wlnotify.dll
    file: wlnotify.dll

    Located: System.ini, yayyyww
    command: yayyyww.dll
    file: yayyyww.dll



    --- Browser helper object list ---
    {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} (EpsonToolBandKicker Class)
    BHO name:
    CLSID name: EpsonToolBandKicker Class
    Path: C:\Program Files\EPSON\EPSON Web-To-Page\
    Long name: EPSON Web-To-Page.dll
    Short name: EPSONW~1.DLL
    Date (created): 27/01/2007 22:12:30
    Date (last access): 04/04/2007 21:25:56
    Date (last write): 10/02/2004 15:08:58
    Filesize: 339968
    Attributes: archive
    MD5: 230F34EB9C919978C23E6939120DB35C
    CRC32: D4C5D89F
    Version: 1.0.0.0



    --- ActiveX list ---


    --- Process list ---
    PID: 0 ( 0) [System]
    PID: 608 ( 4) \SystemRoot\System32\smss.exe
    PID: 656 ( 608) \??\C:\WINDOWS\system32\csrss.exe
    PID: 680 ( 608) \??\C:\WINDOWS\system32\winlogon.exe
    PID: 724 ( 680) C:\WINDOWS\system32\services.exe
    size: 108544
    MD5: 732E0B1ABAACE15D80EC19056B0A2AF9
    PID: 736 ( 680) C:\WINDOWS\system32\lsass.exe
    size: 13312
    MD5: 9F3744A5C6F49291A7A685040A013399
    PID: 884 ( 724) C:\WINDOWS\system32\svchost.exe
    size: 14336
    MD5: 1BD6C2F707A275CB7C16FD99FE0F31CA
    PID: 944 ( 724) C:\WINDOWS\system32\svchost.exe
    size: 14336
    MD5: 1BD6C2F707A275CB7C16FD99FE0F31CA
    PID: 1040 ( 724) C:\WINDOWS\System32\svchost.exe
    size: 14336
    MD5: 1BD6C2F707A275CB7C16FD99FE0F31CA
    PID: 1132 ( 724) C:\WINDOWS\system32\svchost.exe
    size: 14336
    MD5: 1BD6C2F707A275CB7C16FD99FE0F31CA
    PID: 1236 ( 724) C:\WINDOWS\system32\svchost.exe
    size: 14336
    MD5: 1BD6C2F707A275CB7C16FD99FE0F31CA
    PID: 1428 ( 724) C:\WINDOWS\system32\spoolsv.exe
    size: 57856
    MD5: DA81EC57ACD4CDC3D4C51CF3D409AF9F
    PID: 1720 (1692) C:\WINDOWS\Explorer.EXE
    size: 1036288
    MD5: 4C33E5B9A6197B6ED215F6CFBA0A2DAA
    PID: 1864 (1720) C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    size: 108160
    MD5: 26A15D8D5C81A3B053E82B01A5D8208E
    PID: 1872 (1720) C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    size: 6266880
    MD5: 01D90AE5DCCBCE0C7B52874FEC35A608
    PID: 1888 (1720) C:\WINDOWS\system32\ctfmon.exe
    size: 15360
    MD5: 5584247B568C2E53934873F4B655FE6A
    PID: 1952 (1720) C:\Program Files\MSN Messenger\MsnMsgr.Exe
    size: 5354792
    MD5: 6B3C274963543B07951CA0E23A9F1FA3
    PID: 1992 (1720) C:\Program Files\freeBrowser\freeBrowser\freeBrowser.exe
    size: 413696
    MD5: EEB35D7E05DE0D3BF14725A597AEFB91
    PID: 2028 (1720) C:\Program Files\Shareaza\Shareaza.exe
    size: 4468736
    MD5: 77857FD80DBC1C0AABC23FBDADE3FFB2
    PID: 160 (1720) C:\Program Files\ePrompter\ePrompter.exe
    size: 782336
    MD5: 8B08BFC83E1BF5F02F025B3C2259899D
    PID: 308 (1720) C:\Program Files\Hotmail Popper\hotpop.exe
    size: 1777664
    MD5: 5A3EBE41199F1D058A87A5E4F15609D7
    PID: 532 ( 724) C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    size: 59008
    MD5: DC995DA2D258C0590C3AE07EC68BFEE6
    PID: 540 ( 724) C:\Program Files\Alwil Software\Avast4\ashServ.exe
    size: 132736
    MD5: 8E33DA0415023EA7A9378AFA04D9BF4D
    PID: 564 ( 724) C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    size: 204800
    MD5: E8FBDCC8D618D1BB84B828F247A6244B
    PID: 844 ( 724) C:\WINDOWS\system32\nvsvc32.exe
    size: 159810
    MD5: 0FEBE37DB6650FAA5965C00545009D1D
    PID: 1064 ( 724) C:\WINDOWS\system32\svchost.exe
    size: 14336
    MD5: 1BD6C2F707A275CB7C16FD99FE0F31CA
    PID: 2512 ( 724) C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    size: 255616
    MD5: AA6691D73782FA5D94E0CED6D27C3DE8
    PID: 2576 ( 724) C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    size: 370304
    MD5: D6B2638DDBFB34AC78B153CDD0792C37
    PID: 3268 ( 724) C:\WINDOWS\System32\alg.exe
    size: 44544
    MD5: 2FE681D10C5FC343DBBC0610B8DD4D24
    PID: 3924 (1992) C:\Program Files\freeBrowser\vlc\vlc.exe
    size: 93184
    MD5: 1B5AA7506823A8DC13B4785D9848FA26
    PID: 1700 (1720) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
    size: 4393096
    MD5: 09CA174A605B480318731E691DC98539
    PID: 3532 (1720) C:\Program Files\Internet Explorer\IEXPLORE.EXE
    size: 623616
    MD5: 93A6A4F5293AE19E3B37021AABCF0902
    PID: 4 ( 0) System


    --- Browser start & search pages list ---
    Spybot - Search & Destroy browser pages report, 04/04/2007 23:00:02

    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
    C:\windows\system32\blank.htm
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
    http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iese...
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
    http://french.eazel.com/index.php?rvs=hompag
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
    http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iese...
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\@
    http://home.microsoft.com/access/autosearch.asp?p=%s
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
    C:\windows\system32\blank.htm
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
    http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iese...
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
    http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
    http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&...
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
    http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iese...
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant
    http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch
    http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm


    --- Winsock Layered Service Provider list ---


    --- Uninstall list ---
    Ad-Aware SE Personal 1.06 (Ad-Aware SE Personal)
    uninstall cmd: C:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG
    publisher: Lavasoft
    help link: http://www.lavasoft.com

    (AddressBook)

    avast! Antivirus 4.7 (avast!)
    version (major): 4
    version (minor): 7
    install location: C:\PROGRA~1\ALWILS~1\Avast4
    install source: C:\DOCUME~1\LOVATO\MESDOC~1
    uninstall cmd: rundll32 C:\PROGRA~1\ALWILS~1\Avast4\Setup\setiface.dll,RunSetup
    publisher: Alwil Software
    help link: http://www.avast.com

    AVG Anti-Spyware 7.5 (AVGAntiSpyware75)
    install location: C:\Program Files\Grisoft\AVG Anti-Spyware 7.5
    uninstall cmd: C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe
    publisher: Grisoft Ltd.
    help link: http://www.grisoft.com

    (Branding)

    CCleaner (remove only) (CCleaner)
    uninstall cmd: "C:\Program Files\CCleaner\uninst.exe"

    (Connection Manager)

    dBpowerAMP Music Converter (dBpowerAMP Music Converter)
    uninstall cmd: "C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpowerAMP Music Converter.dat

    (DirectAnimation)

    (DirectDrawEx)

    DivX Content Uploader 1.1.0 (DivX Content Uploader)
    install location: C:\Program Files\DivX
    uninstall cmd: C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
    publisher: DivX, Inc.

    DVD Shrink 3.2 (DVD Shrink_is1)
    install location: C:\Program Files\DVD Shrink\
    uninstall cmd: "C:\Program Files\DVD Shrink\unins000.exe"
    publisher: DVD Shrink
    help link: http://www.dvdshrink.org

    DVDFab Decrypter 3.0.5.5 (DVDFab Decrypter_is1)
    install date: 20070127
    install location: C:\Program Files\DVDFab Decrypter 3\
    uninstall cmd: "C:\Program Files\DVDFab Decrypter 3\unins000.exe"
    publisher: Fengtao Software Inc.
    help link: http://www.dvdfab.com/

    (DXM_Runtime)

    ePrompter (ePrompter)
    uninstall cmd: C:\Program Files\ePrompter\Uninstall.exe

    EPSON Logiciel imprimante (EPSON Printer and Utilities)
    uninstall cmd: C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R

    EPSON Scan (EPSON Scanner)
    uninstall cmd: C:\Program Files\epson\escndv\setup\setup.exe /r

    ESCX6600 Guide de réf. (ESCX6600 Guide de réf.)
    install location: C:\Program Files\EPSON\TPMANUAL\ESCX6600\REF_G
    uninstall cmd: C:\Program Files\EPSON\TPMANUAL\ESCX6600\REF_G\DOCUNINS.EXE

    ESCX6600 Guide des logiciels (ESCX6600 Guide des logiciels)
    install location: C:\Program Files\EPSON\TPMANUAL\ESCX6600\PQU_G
    uninstall cmd: C:\Program Files\EPSON\TPMANUAL\ESCX6600\PQU_G\DOCUNINS.EXE

    ffdshow [rev 944] [2007-02-20] 1.0 (ffdshow_is1)
    install location: C:\Program Files\Satsuki Decoder Pack\filtres\
    uninstall cmd: "C:\Program Files\Satsuki Decoder Pack\filtres\unins000.exe"

    (Fontcore)

    FpTest 2.0 2.0 (FpTest)
    uninstall cmd: C:\Program Files\FpTest\uninst.exe
    publisher: Freeplayer.org

    freeBrowser 0.9.0 0.9.0 (freeBrowser)
    uninstall cmd: C:\Program Files\freeBrowser\uninst.exe
    publisher: freeBrowser team

    GSpot Codec Information Appliance (GSpot)
    uninstall cmd: C:\Program Files\GSpot\Uninstall.exe

    (HappyIcon)

    HijackThis 1.99.1 1.99.1 (HijackThis)
    uninstall cmd: C:\Documents and Settings\LOVATO\Mes documents\HijackThis.exe /uninstall
    publisher: Soeperman Enterprises Ltd.

    PinnacleHollywood FX 5 (Hollywood FX 5)
    uninstall cmd: C:\WINDOWS\unvise32.exe C:\Program Files\Pinnacle\Hollywood FX 5\uninstal.log

    Hotmail Popper (Hotmail Popper)
    uninstall cmd: C:\WINDOWS\bkuninst.exe C:\Program Files\Hotmail Popper\

    (ICW)

    Microsoft Internationalized Domain Names Mitigation APIs (IDNMitigationAPIs)
    install date: 20070127
    uninstall cmd: "C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation

    (IE40)

    (IE4Data)

    (IE5BAKEX)

    Windows Internet Explorer 7 20061107.210142 (ie7)
    install date: 20070127
    uninstall cmd: "C:\WINDOWS\ie7\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: http://www.microsoft.com/ie

    (IEData)

    Kaspersky On-line Scanner 5.0.83.0 (Kaspersky On-line Scanner)
    estimated size: 6040
    install location: C:\WINDOWS\system32\KASPER~1\KASPER~1
    uninstall cmd: C:\WINDOWS\system32\KASPER~1\KASPER~1\kavuninstall.exe
    publisher: Kaspersky Lab
    contact: Customer Support Department
    help link: http://www.kaspersky.com/support.asp

    Kaspersky Online Scanner 5.0.83.0 (Kaspersky Online Scanner)
    estimated size: 6040
    install location: C:\WINDOWS\system32\KASPER~1\KASPER~1
    uninstall cmd: C:\WINDOWS\system32\KASPER~1\KASPER~1\kavuninstall.exe
    publisher: Kaspersky Lab
    contact: Customer Support Department
    help link: http://www.kaspersky.com/support.asp

    Correctif Windows XP - KB873339 20041117.092459 (KB873339)
    uninstall cmd: C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com?kbid=873339

    (KB884016)

    (KB884267)

    (KB885353)

    Correctif Windows XP - KB885835 20041027.181713 (KB885835)
    uninstall cmd: C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com?kbid=885835

    Correctif Windows XP - KB885836 20041028.173203 (KB885836)
    uninstall cmd: C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com?kbid=885836

    Correctif Windows XP - KB885884 20040924.025457 (KB885884)
    uninstall cmd: C:\WINDOWS\$NtUninstallKB885884$\spuninst\spuninst.exe
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com?kbid=885884

    Correctif Windows XP - KB886185 20041021.090540 (KB886185)
    uninstall cmd: C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com?kbid=886185

    (KB886612)

    (KB887078)

    Correctif Windows XP - KB887472 20041014.162858 (KB887472)
    uninstall cmd: C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com?kbid=887472

    (KB887626)

    High Definition Audio Driver Package - KB888111 20040219.000000 (KB888111WXPSP2)
    uninstall cmd: C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com?kbid=KB888111

    Correctif Windows XP - KB888302 20041207.111426 (KB888302)
    uninstall cmd: C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com?kbid=888302

    (KB888656)

    (KB889858)

    Correctif Windows XP - KB890859 1 (KB890859)
    install date: 20070127
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com?kbid=890859

    (KB891122)

    Correctif Windows XP - KB891781 20050110.165439 (KB891781)
    uninstall cmd: C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com?kbid=891781

    (KB892313)

    (KB893240)

    (KB893241)

    Mise à jour de sécurité pour Windows XP (KB893756) 1 (KB893756)
    install date: 20070127
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com?kbid=893756

    (KB893803)

    Windows Installer 3.1 (KB893803) 3.1 (KB893803v2)
    uninstall cmd: "C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: http://go.microsoft.com/fwlink/?LinkId=42467

    Mise à jour pour Windows XP (KB894391) 1 (KB894391)
    install date: 20070127
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com?kbid=894391

    (KB895181)

    (KB895316)

    (KB895572)

    Mise à jour de sécurité pour Windows XP (KB896358) 1 (KB896358)
    install date: 20070127
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com?kbid=896358

    Mise à jour de sécurité pour Windows XP (KB896423) 1 (KB896423)
    install date: 20070127
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com?kbid=896423

    Mise à jour de sécurité pour Windows XP (KB896424) 1 (KB896424)
    install date: 20070127
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB896424$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com?kbid=896424

    Mise à jour de sécurité pour Windows XP (KB896428) 1 (KB896428)
    install date: 20070127
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com?kbid=896428

    (KB897586)

    Mise à jour pour Windows XP (KB898461) 1 (KB898461)
    install date: 20070127
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com?kbid=898461

    (KB898549)

    Mise à jour de sécurité pour Windows XP (KB899587) 1 (KB899587)
    install date: 20070127
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com?kbid=899587

    Mise à jour de sécurité pour Windows XP (KB899591) 1 (KB899591)
    install date: 20070127
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com?kbid=899591

    (KB900399)

    Mise à jour pour Windows XP (KB900485) 2 (KB900485)
    install date: 20070127
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com?kbid=900485

    Mise à jour de sécurité pour Windows XP (KB900725) 1 (KB900725)
    install date: 20070127
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com?kbid=900725

    Mise à jour de sécurité pour Windows XP (KB901017) 1 (KB901017)
    install date: 20070127
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com?kbid=901017

    Mise à jour de sécurité pour Windows XP (KB901214) 1 (KB901214)
    install date: 20070127
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com?kbid=901214

    (KB902344)

    Mise à jour de sécurité pour Windows XP (KB902400) 1 (KB902400)
    install date: 20070127
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com?kbid=902400

    Mise à jour de sécurité pour Windows XP (KB904706) 2 (KB904706)
    install date: 20070127
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com?kbid=904706

    Mise à jour pour Windows XP (KB904942) 2 (KB904942)
    install date: 20070127
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB904942$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com?kbid=904942

    Mise à jour de sécurité pour Windows XP (KB905414) 1 (KB905414)
    install date: 20070127
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com?kbid=905414

    Mise à jour de sécurité pour Windows XP (KB905749) 1 (KB905749)
    install date: 20070127
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com?kbid=905749

    (KB907658)

    Mise à jour de sécurité pour Windows XP (KB908519) 1 (KB908519)
    install date: 20070127
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com?kbid=908519

    Mise à jour pour Windows XP (KB908531) 2 (KB908531)
    install date: 20070127
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com?kbid=908531

    Mise à jour pour Windows XP (KB910437) 1 (KB910437)
    install date: 20070127
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com?kbid=910437

    Mise à jour pour Windows XP (KB911280) 2 (KB911280)
    install date: 20070127
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com?kbid=911280

    Mise à jour de sécurité pour Windows XP (KB911562) 1 (KB911562)
    install date: 20070127
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com?kbid=911562

    Mise à jour de sécurité pour Lecteur Windows Media (KB911564) (KB911564)
    install date: 20070127
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB911564$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com/?kbid=911564

    (KB911565)

    (KB911854)

    Mise à jour de sécurité pour Windows XP (KB911927) 1 (KB911927)
    install date: 20070127
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com?kbid=911927

    Mise à jour de sécurité pour Windows XP (KB912919) 1 (KB912919)
    install date: 20070127
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com?kbid=912919

    Mise à jour de sécurité pour Windows XP (KB913580) 1 (KB913580)
    install date: 20070127
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com?kbid=913580

    Mise à jour de sécurité pour Windows XP (KB914388) 1 (KB914388)
    install date: 20070127
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com?kbid=914388

    Mise à jour de sécurité pour Windows XP (KB914389) 1 (KB914389)
    install date: 20070127
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com?kbid=914389

    Correctif pour Windows XP (KB914440) 12 (KB914440)
    install date: 20070127
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB914440$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com?kbid=914440

    Hotfix for Windows XP (KB915865) 10 (KB915865)
    install date: 20070127
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB915865$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com?kbid=915865

    Mise à jour pour Windows XP (KB916595) 1 (KB916595)
    install date: 20070127
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com?kbid=916595

    Security Update pour Microsoft .NET Framework 2.0 (KB917283) 1 (KB917283.T1_1ToU93_1)
    uninstall cmd: C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {967B098A-042D-4367-BAC9-8BC11684174F} /package {7131646D-CD3C-40F4-97B9-CD9E4E6262EF}
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com/kb/917283

    Mise à jour de sécurité pour Windows XP (KB917344) 1 (KB917344)
    install date: 20070127
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com?kbid=917344

    Mise à jour de sécurité pour Windows XP (KB917422) 1 (KB917422)
    install date: 20070127
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB917422$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com?kbid=917422

    Mise à jour de sécurité pour Lecteur Windows Media 9 (KB917734) (KB917734_WMP9)
    install date: 20070127
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB917734_WMP9$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com/?kbid=917734

    Mise à jour de sécurité pour Windows XP (KB917953) 1 (KB917953)
    install date: 20070127
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com?kbid=917953

    Mise à jour de sécurité pour Windows XP (KB918118) 1 (KB918118)
    install date: 20070217
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com?kbid=918118

    Mise à jour de sécurité pour Windows XP (KB918439) 1 (KB918439)
    install date: 20070127
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com?kbid=918439

    Mise à jour de sécurité pour Windows XP (KB919007) 1 (KB919007)
    install date: 20070127
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com?kbid=919007

    Mise à jour de sécurité pour Windows XP (KB920213) 1 (KB920213)
    install date: 20070127
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com?kbid=920213

    Mise à jour de sécurité pour Windows XP (KB920670) 1 (KB920670)
    install date: 20070127
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com?kbid=920670

    Mise à jour de sécurité pour Windows XP (KB920683) 1 (KB920683)
    install date: 20070127
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com?kbid=920683

    Mise à jour de sécurité pour Windows XP (KB920685) 1 (KB920685)
    install date: 20070127
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com?kbid=920685

    Mise à jour pour Windows XP (KB920872) 1 (KB920872)
    install date: 20070127
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com?kbid=920872

    Mise à jour de sécurité pour Windows XP (KB921398) 1 (KB921398)
    install date: 20070127
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB921398$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com?kbid=921398

    Mise à jour pour Windows XP (KB922582) 1 (KB922582)
    install date: 20070127
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com?kbid=922582

    Mise à jour de sécurité pour Windows XP (KB922616) 1 (KB922616)
    install date: 20070127
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB922616$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com?kbid=922616

    Security Update for Microsoft .NET Framework 2.0 (KB922770) 1 (KB922770.T1_1ToU168_1)
    uninstall cmd: C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {0E92DD42-76F5-4EF2-B381-F9C1D72BE23D} /package {7131646D-CD3C-40F4-97B9-CD9E4E6262EF}
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com/kb/922770

    Mise à jour de sécurité pour Windows XP (KB922819) 1 (KB922819)
    install date: 20070127
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com?kbid=922819

    Mise à jour de sécurité pour Windows XP (KB923191) 1 (KB923191)
    install date: 20070127
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com?kbid=923191

    Mise à jour de sécurité pour Windows XP (KB923414) 1 (KB923414)
    install date: 20070127
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com?kbid=923414

    Mise à jour de sécurité pour Windows XP (KB923689) (KB923689)
    install date: 20070127
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com?kbid=923689

    Mise à jour de sécurité pour Windows XP (KB923694) 1 (KB923694)
    install date: 20070127
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB923694$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com?kbid=923694

    Mise à jour de sécurité pour Windows XP (KB923789) (KB923789)
    uninstall cmd: C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com?kbid=923789

    Mise à jour de sécurité pour Windows XP (KB923980) 1 (KB923980)
    install date: 20070127
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com?kbid=923980

    Mise à jour de sécurité pour Windows XP (KB924191) 1 (KB924191)
    install date: 20070127
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB924191$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com?kbid=924191

    Mise à jour de sécurité pour Windows XP (KB924270) 1 (KB924270)
    install date: 20070127
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com?kbid=924270

    Mise à jour de sécurité pour Windows XP (KB924496) 1 (KB924496)
    install date: 20070127
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB924496$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com?kbid=924496

    Mise à jour de sécurité pour Windows XP (KB924667) 1 (KB924667)
    install date: 20070217
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com?kbid=924667

    Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398) (KB925398_WMP64)
    install date: 20070127
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB925398_WMP64$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com/?kbid=925398

    Mise à jour de sécurité pour Windows XP (KB925454) 1 (KB925454)
    install date: 20070127
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB925454$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com?kbid=925454

    Mise à jour de sécurité pour Windows XP (KB925902) 1 (KB925902)
    install date: 20070403
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com?kbid=925902

    Hotfix for Windows XP (KB926239) 2 (KB926239)
    install date: 20070216
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB926239$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com?kbid=926239

    Mise à jour de sécurité pour Windows XP (KB926255) 1 (KB926255)
    install date: 20070127
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com?kbid=926255

    Mise à jour de sécurité pour Windows XP (KB926436) 1 (KB926436)
    install date: 20070217
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com?kbid=926436

    Mise à jour de sécurité pour Windows XP (KB927779) 1 (KB927779)
    install date: 20070217
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com?kbid=927779

    Mise à jour de sécurité pour Windows XP (KB927802) 1 (KB927802)
    install date: 20070217
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com?kbid=927802

    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090) 20070117.120000 (KB928090-IE7)
    install date: 20070217
    uninstall cmd: "C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com?kbid=928090

    Mise à jour de sécurité pour Windows XP (KB928255) 1 (KB928255)
    install date: 20070217
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com?kbid=928255

    Mise à jour de sécurité pour Windows XP (KB928843) 1 (KB928843)
    install date: 20070217
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com?kbid=928843

    Mise à jour pour Windows XP (KB929338) 1 (KB929338)
    install date: 20070315
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB929338$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com?kbid=929338

    Hotfix for Windows Media Format 11 SDK (KB929399) (KB929399)
    install date: 20070315
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com/?kbid=929399

    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB929969) 20061222.120000 (KB929969)
    install date: 20070129
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com?kbid=929969

    Mise à jour pour Windows XP (KB931836) 1 (KB931836)
    install date: 20070217
    uninstall cmd: "C:\WINDOWS\$NtUninstallKB931836$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com?kbid=931836

    K-Lite Codec Pack 2.70 Basic 2.70 (KLiteCodecPack_is1)
    install location: C:\Program Files\K-Lite Codec Pack\
    uninstall cmd: "C:\Program Files\K-Lite Codec Pack\unins000.exe"

    Language pack for Ad-Aware SE (Language pack for Ad-Aware SE)
    uninstall cmd: C:\PROGRA~1\Lavasoft\AD-AWA~1\Plugins\Langs\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\Plugins\Langs\INSTALL.LOG
    publisher: Lavasoft
    help link: http://www.lavasoft.de

    Matroska Pack (remove only) (Matroska Pack)
    install location: C:\Program Files\Matroska Pack
    uninstall cmd: C:\Program Files\Matroska Pack\Uninstall.exe

    Microsoft .NET Framework 2.0 (Microsoft .NET Framework 2.0)
    install location: C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\
    uninstall cmd: C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
    publisher: Microsoft Corporation
    help link: http://go.microsoft.com/fwlink/?LinkId=45396

    (MobileOptionPack)

    (MPlayer2)

    Microsoft Compression Client Pack 1.0 for Windows XP 1 (MSCompPackV1)
    install date: 20070216
    uninstall cmd: "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: http://go.microsoft.com/fwlink/?LinkId=74087

    (MSI30-Beta1)

    (MSI30-Beta2)

    (MSI30-KB884016)

    (MSI30-RC1)

    (MSI30-RC2)

    (MSI30a-KB884016)

    (MSI31-Beta)

    (MSI31-RC1)

    Nero 6 (Nero - Burning Rom!UninstallKey)
    uninstall cmd: C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL

    (NetMeeting)

    Microsoft National Language Support Downlevel APIs (NLSDownlevelMapping)
    install date: 20070127
    uninstall cmd: "C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation

    NVIDIA Drivers (NVIDIA Drivers)
    uninstall cmd: C:\WINDOWS\system32\nvudisp.exe UninstallGUI

    (OutlookExpress)

    (PCHealth)
    uninstall cmd: rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf

    Satsuki Decoder Pack (Satsuki Decoder Pack)
    uninstall cmd: C:\Program Files\Satsuki Decoder Pack\Uninstall.exe

    (SchedulingAgent)

    Shareaza version 2.2.3.0 2.2.3.0 (Shareaza_is1)
    install location: C:\Program Files\Shareaza\
    uninstall cmd: "C:\Program Files\Shareaza\Uninstall\unins000.exe"
    publisher: Shareaza Development Team
    comments: Shareaza Ultimate File Sharing
    help link: http://www.shareaza.com/?id=support

    Adobe Flash Player 9 ActiveX 9 (ShockwaveFlash)
    uninstall cmd: C:\WINDOWS\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
    publisher: Adobe Systems
    help link: http://www.adobe.com/go/flashplayer_support/

    SLD Codec Pack (SLD Codec Pack)
    uninstall cmd: C:\Program Files\SLD Codec Pack\uninstall.exe

    Spybot - Search & Destroy 1.4 1.4 (Spybot - Search & Destroy_is1)
    install location: C:\Program Files\Spybot - Search & Destroy\
    uninstall cmd: "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
    publisher: Safer Networking Limited

    VirtualDub 1.6.9 Fr 1.6.9 (VirtualDub 1.6.9 Fr)
    uninstall cmd: C:\Program Files\VirtualDub\UnInstall_VirtualDub.exe

    Windows Genuine Advantage Notifications (KB905474) 1.7.0018.5 (WgaNotify)
    install date: 20070404
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com?kbid=905474

    Windows Media Format 11 runtime (Windows Media Format Runtime)
    uninstall cmd: "C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
    help link: http://go.microsoft.com/fwlink/?LinkId=62768

    Lecteur Windows Media 11 (Windows Media Player)
    uninstall cmd: "C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall

    Archiveur WinRAR (WinRAR archiver)
    uninstall cmd: C:\Program Files\WinRAR\uninstall.exe

    (WMCSetup)

    Windows Media Format 11 runtime (WMFDist11)
    install date: 20070216
    uninstall cmd: "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: http:

    Windows Media Player 11 (wmp11)
    install date: 20070216
    uninstall cmd: "C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: http:

    Sélecteur d'installation de Microsoft Works 2004 (Works2004Setup)
    uninstall cmd: C:\Program Files\Microsoft Works Suite 2004\Setup\Launcher.exe /ARP E:\
    help link: http://www.microsoft.com/france/support/default.asp

    Microsoft User-Mode Driver Framework Feature Pack 1.0 (Wudf01000)
    install date: 20070216
    uninstall cmd: "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    comments: Build Number 5716

    PDFCreator 0.9.3 ({0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D})
    install date: 20070205
    uninstall cmd: C:\Program Files\PDFCreator\unins000.exe
    publisher: Frank Heindörfer, Philip Chinery
    comments: PDFCreator - Opensource
    help link: http://www.sf.net/projects/pdfcreator
    readme: http://www.pdfforge.org

    EPSON CardMonitor ({109D28C7-FB38-483A-9C91-001CB59E2699})
    uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{109D28C7-FB38-483A-9C91-001CB59E2699}\SETUP.EXE" -l0x40c uninst

    AutoUpdate 1.1 ({18D10072035C4515918F7E37EAFAACFC})
    install location: C:\Program Files\DivX

    EPSON PRINT Image Framer Tool2.1 ({23B59ED4-C360-11D7-875B-0090CC005647})
    uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{23B59ED4-C360-11D7-875B-0090CC005647}\SETUP.EXE" -l0x40c anything

    ({23EFDB58-0874-4883-9810-EDA510B19FAE})
    uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{23EFDB58-0874-4883-9810-EDA510B19FAE}\setup.exe" -l0x9

    ({2BB79C8D-9DCC-4861-8A23-AE1B0B45E2B6})
    uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2BB79C8D-9DCC-4861-8A23-AE1B0B45E2B6}\setup.exe" -l0x9

    Avery DesignPro ({2CC982C0-7EAE-11D4-ACC3-0050568AD318})
    uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2CC982C0-7EAE-11D4-ACC3-0050568AD318}\setup.exe" -uninst

    WebFldrs XP 9.50.7523 ({350C940c-3D7C-4EE8-BAA9-00BCB3D54227})
    version: 154279267
    version (major): 9
    version (minor): 50
    estimated size: 2608
    install date: 20070125
    install source: C:\WINDOWS\system32\
    publisher: Microsoft Corporation
    help link: http://www.microsoft.com/windows

    MSXML 4.0 SP2 (KB927978) 4.20.9841.0 ({37477865-A3F1-4772-AD43-AAFC6BCFF99F})
    version: 68429425
    version (major): 4
    version (minor): 20
    estimated size: 2625
    install date: 20070127
    install source: d:\5305e84e62d1c1bf7ea9b443\
    uninstall cmd: MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com/kb/927978

    ({62369F2F77534556AEF4C58152E3BDE5})

    EPSON PhotoQuicker3.5 ({65F5B7AF-3363-11D7-BB6B-00018021113F})
    uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{65F5B7AF-3363-11D7-BB6B-00018021113F}\SETUP.EXE" -l0x40c uninst

    EPSON Copy Utility 3 3.0.0.0 ({67EDD823-135A-4D59-87BD-950616D6E857})
    version: 50331648
    install location: C:\Program Files\EPSON\Utility Suite\Copy Utility
    uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{67EDD823-135A-4D59-87BD-950616D6E857}\Setup.exe" -l0x40c -UnInstall

    ASUSDVD ({6811CAA0-BF12-11D4-9EA1-0050BAE317E1})
    uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall

    EPSON Smart Panel ({6C11D561-620B-47DA-A693-4C597F3CDF40})
    uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6C11D561-620B-47DA-A693-4C597F3CDF40}\Setup.exe" -l0x40c Uninstall

    Microsoft .NET Framework 2.0 2.0.50727 ({7131646D-CD3C-40F4-97B9-CD9E4E6262EF})
    version: 33605159
    version (major): 2
    estimated size: 218792
    install date: 20070129
    install source: C:\DOCUME~1\LOVATO\LOCALS~1\Temp\IXP000.TMP\
    publisher: Microsoft Corporation

    6.2.1 ({7585478E9D9B42108671C12F8714CEFE})
    install location: C:\Program Files\DivX
    uninstall cmd: C:\Program Files\DivX\ConverterUninstall.exe /CONVERTER
    publisher: DivX, Inc.

    ({775FFF70-4A8C-4500-908D-3C34DBEB11D5})
    uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{775FFF70-4A8C-4500-908D-3C34DBEB11D5}\setup.exe" -l0x9

    DivX Codec 6.5.1 ({7B63B2922B174135AFC0E1377DD81EC2})
    install location: C:\Program Files\DivX
    uninstall cmd: C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
    publisher: DivX, Inc.

    EPSON Web-To-Page ({7F14F68C-17FA-4F88-B3FD-7F449C1EBF32})
    install location: C:\Program Files\EPSON\EPSON Web-To-Page
    uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}\SETUP.EXE" -l0x40c -anything

    ({83021AC3-086F-4B77-ACCD-1BD7C9AB211E})
    uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{83021AC3-086F-4B77-ACCD-1BD7C9AB211E}\setup.exe" -l0x9

    Microsoft AutoRoute v11.0 11.00.18.1900 ({8704D51E-25B7-4F23-81E7-AA4F54790220})
    version: 184549394
    version (major): 11
    estimated size: 956735
    install date: 20070317
    install location: C:\Program Files\Microsoft AutoRoute\
    install source: E:\AutoRte\MSMap\
    uninstall cmd: MsiExec.exe /I{8704D51E-25B7-4F23-81E7-AA4F54790220}
    publisher: Microsoft Corporation

    AMD Dual-Core Optimizer 1.0.0.0083 ({886C92E6-4AF1-4290-BB86-4B5064A1BB7D})
    version: 16777216
    version (major): 1
    estimated size: 109
    install date: 20070214
    install source: C:\Program Files\Fichiers communs\Wise Installation Wizard\
    uninstall cmd: MsiExec.exe /X{886C92E6-4AF1-4290-BB86-4B5064A1BB7D}
    publisher: AMD

    DivX Player 6.4.3 ({8ADFC4160D694100B5B8A22DE9DCABD9})
    install location: C:\Program Files\DivX
    uninstall cmd: C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
    publisher: DivXNetworks, Inc.

    Microsoft Office XP Professional avec FrontPage 10.0.2627.5 ({9028040C-6000-11D3-8CFE-0050048383C9})
    version: 167774787
    version (major): 10
    estimated size: 153956
    install date: 20070127
    install location: INSTALLLOCATION
    install source: E:\
    uninstall cmd: MsiExec.exe /I{9028040C-6000-11D3-8CFE-0050048383C9}
    publisher: Microsoft Corporation
    help link: http://www.microsoft.com/support
    readme: C:\Program Files\Microsoft Office\Office10\1036\OFREAD10.HTM

    Studio 9 9.0 ({9E491AB7-4589-48CA-9CBB-874CB2788391})
    version: 150994944
    version (major): 9
    install location: C:\Program Files\Pinnacle\Studio 9
    uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9E491AB7-4589-48CA-9CBB-874CB2788391}\Setup.exe" -l0x40c UNINSTALL
    publisher: Pinnacle Systems

    Apple Software Update 1.0.2.1 ({A50C25D7-62E9-4511-AD70-8E2DA5E79B7D})
    version: 16777218
    version (major): 1
    estimated size: 2460
    install date: 20070305
    install location: C:\Program Files\Apple Software Update\
    install source: C:\Program Files\Apple Software Update\Packages\
    uninstall cmd: MsiExec.exe /I{A50C25D7-62E9-4511-AD70-8E2DA5E79B7D}
    publisher: Apple Computer, Inc.
    contact: Assistance AppleCare
    help link: http://www.apple.com/fr/support/
    help telephone: 0825 888 024

    Adobe Reader 7.0.9 7.0.9 ({AC76BA86-7AD7-1033-7B44-A70900000002})
    version: 117440521
    version (major): 7
    estimated size: 66731
    install date: 20070208
    install source: C:\Program Files\Adobe\Acrobat 7.0\Setup Files\RdrBig709\ENU_\
    uninstall cmd: MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70900000002}
    publisher: Adobe Systems Incorporated
    comments:
    contact:
    help link: http://www.adobe.com/support/main.html
    help telephone:
    readme: C:\Program Files\Adobe\Acrobat 7.0\Reader\Readme.htm

    DivX Converter 6.2.1 ({B13A7C41581B411290FBC0395694E2A9})
    install location: C:\Program Files\DivX
    uninstall cmd: C:\Program Files\DivX\ConverterUninstall.exe /CONVERTER
    publisher: DivX, Inc.

    ({B14F9B26-D695-4C4A-8B11-0FE6CDCC797B})
    uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B14F9B26-D695-4C4A-8B11-0FE6CDCC797B}\setup.exe" -l0x9

    DivX Web Player 1.3.0 ({B7050CBDB2504B34BC2A9CA0A692CC29})
    install location: C:\Program Files\DivX
    uninstall cmd: C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
    publisher: DivX,Inc.

    EPSON PhotoStarter3.1 ({C48817E7-AA05-4151-A99D-1E1E550CE801})
    uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C48817E7-AA05-4151-A99D-1E1E550CE801}\SETUP.EXE" -l0x40c uninst

    ({E213C271-AEFA-481D-A9B4-914D88925B8D})
    uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E213C271-AEFA-481D-A9B4-914D88925B8D}\setup.exe" -l0x9

    Windows Live Messenger 8.0.0812.00 ({E22885AB-B503-46E2-8437-73BBC6BC5487})
    version: 134218540
    version (major): 8
    estimated size: 28317
    install date: 20070127
    install source: C:\DOCUME~1\LOVATO\LOCALS~1\Temp\IXP000.TMP\
    uninstall cmd: MsiExec.exe /I{E22885AB-B503-46E2-8437-73BBC6BC5487}
    publisher: Microsoft Corporation

    Microsoft Works 07.03.0522 ({E6BAE954-487E-488B-BC4E-2E69E54E8117})
    version: 117637642
    version (major): 7
    version (minor): 3
    estimated size: 244269
    install date: 20070317
    install source: E:\msworks\
    uninstall cmd: MsiExec.exe /I{E6BAE954-487E-488B-BC4E-2E69E54E8117}
    publisher: Microsoft Corporation
    comments: Microsoft Works 7.0 installation.
    help link: http://support.microsoft.com
    help telephone:

    1.9.2.1705 ({E9F81423-211E-46B6-9AE0-38568BC5CF6F})
    version: 17367042
    version (major): 1
    version (minor): 9
    estimated size: 3885
    install date: 20070127
    install source: E:\Alcohol 120% v1.9.2.1705 Multilanguage + serial (OK)\
    uninstall cmd: MsiExec.exe /X{E9F81423-211E-46B6-9AE0-38568BC5CF6F}
    help link: alcohol_dev@alcohol-soft.com

    QuickTime 7.1.3.100 ({F07B861C-72B9-40A4-8B1A-AAED4C06A7E8})
    version: 117506051
    version (major): 7
    version (minor): 1
    estimated size: 71803
    install date: 20070127
    install location: C:\Program Files\QuickTime\
    install source: C:\DOCUME~1\LOVATO\LOCALS~1\Temp\IXP917.TMP\
    uninstall cmd: MsiExec.exe /I{F07B861C-72B9-40A4-8B1A-AAED4C06A7E8}
    publisher: Apple Computer, Inc.
    contact: Assistance AppleCare
    help link: http://www.apple.com/fr/support/
    help telephone: (33) 0825 888 024

    SoundMAX 5.10.01.4530 ({F0A37341-D692-11D4-A984-009027EC0A9C})
    version: 50331648
    install date: 20070125
    install location: C:\Program Files\Analog Devices\SoundMAX
    install source: D:\Drivers\Audio\32bit\2K_XP\
    uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\setup.exe" -l0x40c -removeonly
    publisher: Analog Devices



    --- System Services ---
    Service (registry key): .NET CLR Data
    Start: 0
    Type: 0
    Error Control: 0

    Service (registry key): .NET CLR Networking
    Start: 0
    Type: 0
    Error Control: 0

    Service (registry key): .NET Data Provider for Oracle
    Start: 0
    Type: 0
    Error Control: 0

    Service (registry key): .NET Data Provider for SqlServer
    Start: 0
    Type: 0
    Error Control: 0

    Service (registry key): .NETFramework
    Start: 0
    Type: 0
    Error Control: 0

    Service (registry key): a347bus
    Image path: system32\DRIVERS\a347bus.sys
    Image size: 160640
    Image MD5: 1F61CACACB521215F39061789147968C
    Start: 0
    Type: 1
    Error Control: 1

    Service (registry key): a347scsi
    Image path: System32\Drivers\a347scsi.sys
    Image size: 5248
    Image MD5: 113E4B318BBAA7483CA4E582A4D63F49
    Start: 0
    Type: 1
    Error Control: 0

    Service (registry key): Aavmker4
    Display name: avast! Asynchronous Virus Monitor
    Start: 1
    Type: 1
    Error Control: 1

    Service (registry key): Abiosdsk
    Start: 4
    Type: 1
    Error Control: 0

    Service (registry key): abp480n5
    Start: 4
    Type: 1
    Error Control: 1

    Service (registry key): ACPI
    Display name: Pilote ACPI Microsoft
    Image path: system32\DRIVERS\ACPI.sys
    Image size: 188672
    Image MD5: 0BD94FBFC14EA3606CD6CA4C0255BAA3
    Start: 0
    Type: 1
    Error Control: 1

    Service (registry key): ACPIEC
    Start: 4
    Type: 1
    Error Control: 1

    Service (registry key): ADIHdAudAddService
    Display name: ADI UAA Function Driver for High Definition Audio Service
    Image path: system32\drivers\ADIHdAud.sys
    Image size: 229888
    Image MD5: 8CE0A2C740E6E2683B4DEF4E485EA331
    St
    4 Avril 2007 23:00:16

    C'est cela que tu voulais?
    a b 8 Sécurité
    4 Avril 2007 23:02:29

    Re,

  • Télécharge combofix.exe (par sUBs) sur ton Bureau
  • Double clique combofix.exe.
  • Tape sur la touche Y (Yes) pour démarrer le scan.
  • Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.

    NOTE : Le rapport se trouve également ici : C:\Combofix.txt
    4 Avril 2007 23:10:42

    "LOVATO" - 07-04-04 23:04:38 Service Pack 2
    ComboFix 07-04-04.5 - Running from: "C:\Documents and Settings\LOVATO\Bureau"


    (((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


    C:\WINDOWS\system32\nvs2.inf
    C:\WINDOWS\system32\qmpknjmhsv_navps.dat
    C:\WINDOWS\system32\qmpknjmhsv.exe
    C:\WINDOWS\system32\qmpknjmhsv.dat


    ((((((((((((((((((((((((((((((( Files Created from 2007-03-04 to 2007-04-04 ))))))))))))))))))))))))))))))))))


    2007-04-04 21:45 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab
    2007-04-04 21:16 <REP> d-------- C:\VundoFix Backups
    2007-04-04 19:43 3,968 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
    2007-04-04 18:53 79,360 --a------ C:\WINDOWS\system32\swxcacls.exe
    2007-04-04 18:53 53,248 --a------ C:\WINDOWS\system32\Process.exe
    2007-04-04 18:53 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
    2007-04-04 18:53 40,960 --a------ C:\WINDOWS\system32\swsc.exe
    2007-04-04 18:53 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
    2007-04-04 18:53 135,168 --a------ C:\WINDOWS\system32\swreg.exe
    2007-04-04 18:41 94,424 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
    2007-04-04 18:41 90,112 --a------ C:\WINDOWS\system32\AVASTSS.scr
    2007-04-04 18:41 85,952 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
    2007-04-04 18:41 689,280 --a------ C:\WINDOWS\system32\aswBoot.exe
    2007-04-04 18:41 43,176 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
    2007-04-04 18:41 31,560 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
    2007-04-04 18:41 23,352 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
    2007-04-04 18:01 812 --a------ C:\WINDOWS\system32\tmp.reg
    2007-04-04 18:00 <REP> d-------- C:\WINDOWS\pss
    2007-03-25 18:40 2,308 --a------ C:\WINDOWS\mozver.dat
    2007-03-25 18:40 0 --a------ C:\WINDOWS\nsreg.dat
    2007-03-23 20:03 241,066 --a------ C:\WINDOWS\system32\qmpknjmhsv_nav.dat
    2007-03-17 01:34 <REP> d-------- C:\Program Files\Microsoft AutoRoute
    2007-03-17 01:27 <REP> d-------- C:\Program Files\Microsoft Works
    2007-03-17 01:26 <REP> d-------- C:\Program Files\Microsoft Works Suite 2004
    2007-03-09 18:48 <REP> d-------- C:\DOCUME~1\LOVATO\APPLIC~1\ItsLabel


    (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


    2007-04-04 23:05 -------- d-------- C:\Program Files\eprompter
    2007-03-25 18:39 -------- d-------- C:\Program Files\divx
    2007-03-25 13:57 71248 --a------ C:\WINDOWS\system32\perfc00c.dat
    2007-03-25 13:57 458230 --a------ C:\WINDOWS\system32\perfh00c.dat
    2007-03-23 18:29 -------- d-------- C:\DOCUME~1\LOVATO\APPLIC~1\divx
    2007-03-08 17:37 578560 --a------ C:\WINDOWS\system32\user32.dll
    2007-03-08 17:37 40960 --a------ C:\WINDOWS\system32\mf3216.dll
    2007-03-08 17:37 281600 --a------ C:\WINDOWS\system32\gdi32.dll
    2007-03-08 17:33 1843712 --a------ C:\WINDOWS\system32\win32k.sys
    2007-03-05 23:42 -------- d-------- C:\Program Files\apple software update
    2007-02-25 19:13 -------- d-------- C:\DOCUME~1\LOVATO\APPLIC~1\vlc
    2007-02-23 06:29 524288 --a------ C:\WINDOWS\system32\divxsm.exe
    2007-02-23 06:29 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll
    2007-02-23 06:29 200704 --a------ C:\WINDOWS\system32\ssldivx.dll
    2007-02-23 06:29 1044480 --a------ C:\WINDOWS\system32\libdivx.dll
    2007-02-23 06:25 823296 --a------ C:\WINDOWS\system32\divx_xx0c.dll
    2007-02-23 06:25 823296 --a------ C:\WINDOWS\system32\divx_xx07.dll
    2007-02-23 06:25 802816 --a------ C:\WINDOWS\system32\divx_xx11.dll
    2007-02-23 06:25 73728 --a------ C:\WINDOWS\system32\dpl100.dll
    2007-02-23 06:25 639066 --a------ C:\WINDOWS\system32\divx.dll
    2007-02-23 06:25 593920 --a------ C:\WINDOWS\system32\dpugui11.dll
    2007-02-23 06:25 57344 --a------ C:\WINDOWS\system32\dpv11.dll
    2007-02-23 06:25 53248 --a------ C:\WINDOWS\system32\dpugui10.dll
    2007-02-23 06:25 344064 --a------ C:\WINDOWS\system32\dpus11.dll
    2007-02-23 06:25 294912 --a------ C:\WINDOWS\system32\dpu11.dll
    2007-02-23 06:25 294912 --a------ C:\WINDOWS\system32\dpu10.dll
    2007-02-23 06:25 196608 --a------ C:\WINDOWS\system32\dtu100.dll
    2007-02-20 20:48 10752 --a------ C:\WINDOWS\system32\ff_vfw.dll
    2007-02-18 19:45 -------- d-------- C:\Program Files\freebrowser
    2007-02-18 00:26 -------- d-------- C:\Program Files\happyicon
    2007-02-17 00:26 -------- d-------- C:\Program Files\windows media connect 2
    2007-02-16 03:40 124472 --a------ C:\WINDOWS\system32\divxcodecupdatechecker.exe
    2007-02-14 17:11 -------- d-------- C:\Program Files\Fichiers communs\wise installation wizard
    2007-02-06 22:12 86094 --a------ C:\WINDOWS\bpmnt.dll
    2007-02-06 22:12 1101904 --a------ C:\WINDOWS\vsapi32.dll
    2007-02-06 21:58 71749 --a------ C:\WINDOWS\hcextoutput.dll
    2007-02-06 21:58 229957 --a------ C:\WINDOWS\tsc.exe
    2007-02-06 21:57 69689 --a------ C:\WINDOWS\unzip.dll
    2007-02-06 21:57 507904 --a------ C:\WINDOWS\tmupdate.dll
    2007-02-06 21:57 286720 --a------ C:\WINDOWS\patch.exe
    2007-02-05 23:21 -------- d-------- C:\Program Files\pdfcreator
    2007-02-02 21:42 51716 --a------ C:\WINDOWS\system32\pdf995mon.dll
    2007-02-02 21:42 122880 --a------ C:\WINDOWS\system32\pdfmona.dll
    2007-02-02 18:33 34008 --a------ C:\DOCUME~1\LOVATO\APPLIC~1\gdipfontcachev1.dat
    2007-01-27 21:07 36104 --a------ C:\WINDOWS\system32\spoonuninstall-dbpoweramp music converter.dat
    2007-01-26 03:19 129784 --------- C:\WINDOWS\system32\pxafs.dll
    2007-01-26 03:19 118520 --------- C:\WINDOWS\system32\pxinsi64.exe
    2007-01-26 03:19 116472 --------- C:\WINDOWS\system32\pxcpyi64.exe
    2007-01-25 16:58 62 --ahs---- C:\DOCUME~1\LOVATO\APPLIC~1\desktop.ini
    2007-01-25 16:28 0 -rahs---- C:\MSDOS.SYS
    2007-01-25 16:28 0 -rahs---- C:\IO.SYS
    2007-01-25 16:28 0 --a------ C:\CONFIG.SYS
    2007-01-25 16:28 0 --a------ C:\AUTOEXEC.BAT
    2007-01-25 16:26 21892 --a------ C:\WINDOWS\system32\emptyregdb.dat


    (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

    *Note* empty entries & legit default entries are not shown

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
    "CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe"
    "ccleaner"="\"C:\\Program Files\\CCleaner\\ccleaner.exe\" /AUTO"
    "MsnMsgr"="\"C:\\Program Files\\MSN Messenger\\MsnMsgr.Exe\" /background"
    "freeBrowser"="C:\\Program Files\\freeBrowser\\freeBrowser\\freeBrowser.exe"
    "Shareaza"="\"C:\\Program Files\\Shareaza\\Shareaza.exe\" -tray"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
    "NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"
    "nwiz"="nwiz.exe /install"
    "avast!"="C:\\PROGRA~1\\ALWILS~1\\Avast4\\ashDisp.exe"
    "!AVG Anti-Spyware"="\"C:\\Program Files\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized"


    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
    "{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
    "WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
    "DisableRegistryTools"=dword:00000000

    HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\yayyyww

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
    "SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

    HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa
    Authentication Packages REG_MULTI_SZ msv1_0\0\0
    Security Packages REG_MULTI_SZ kerberos\0msv1_0\0schannel\0wdigest\0\0
    Notification Packages REG_MULTI_SZ scecli\0\0

    [HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
    HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
    LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
    NetworkService REG_MULTI_SZ DnsCache\0\0
    DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
    rpcss REG_MULTI_SZ RpcSs\0\0
    imgsvc REG_MULTI_SZ StiSvc\0\0
    termsvcs REG_MULTI_SZ TermService\0\0
    Usnsvc REG_MULTI_SZ usnsvc\0\0
    WudfServiceGroup REG_MULTI_SZ WUDFSvc\0\0



    Contents of the 'Scheduled Tasks' folder
    C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    C:\WINDOWS\tasks\User_Feed_Synchronization-{C9AFA3CA-49CE-4E6A-B140-5E407BB20E60}.job


    ********************************************************************

    catchme 0.2 W2K/XP/Vista - userland rootkit detector by Gmer, 17 October 2006
    http://www.gmer.net

    scanning hidden processes ...

    scanning hidden services ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden processes: 0
    hidden services: 0
    hidden files: 0

    ********************************************************************

    Completion time: 07-04-04 23:07:35
    C:\ComboFix-quarantined-files.txt ... 07-04-04 23:07
    4 Avril 2007 23:22:32

    C'est bon , cest bien cela qu il fallait faire ?
    4 Avril 2007 23:32:04

    Bon plus de nouvelles , on termine demain alors ....
    Merci en tous cas pour ce soir et bonne nuit
    a b 8 Sécurité
    5 Avril 2007 16:59:31

    Re,

  • Fais un scan en ligne Kaspersky avec Internet Explorer :
  • Clique sur
  • Clique maintenant sur J'accepte.
  • Valide l'installation d'un ou de plusieurs ActiveX si c'est nécessaire.
  • Patiente pendant l'installation des Mises à jour.
  • Choisis par la suite l'analyse du Poste de travail
  • Sauvegarde puis colle le rapport généré en fin d'analyse.

    AIDE : Tuto sur le scan en ligne

    NOTE : Si tu reçois le message "La licence de Kaspersky On-line Scanner est périmée", va dans Ajout/Suppression de programmes puis désinstalle On-Line Scanner, reconnecte toi sur le site de Kaspersky pour retenter le scan en ligne.
    5 Avril 2007 20:35:11

    re,
    J ai refait spybot , j ai toujours smithfraud toolbar888.
    Voici le nouveau rapport kaspersky

    Thursday, April 05, 2007 8:33:53 PM
    Système d'exploitation : Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
    Kaspersky On-line Scanner version : 5.0.83.0
    Dernière mise à jour de la base antivirus Kaspersky : 5/04/2007
    Enregistrements dans la base antivirus Kaspersky : 275425


    Paramètres d'analyse
    Analyser avec la base antivirus suivante standard
    Analyser les archives vrai
    Analyser les bases de messagerie vrai

    Cible de l'analyse Poste de travail
    C:\
    D:\
    E:\
    F:\

    Statistiques de l'analyse
    Total d'objets analysés 34216
    Nombre de virus trouvés 1
    Nombre d'objets infectés 2 / 0
    Nombre d'objets suspects 0
    Durée de l'analyse 00:18:18

    Nom de l'objet infecté Nom du virus Dernière action
    C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\LocalService\Cookies\index.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré

    C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\LocalService\NTUSER.DAT L'objet est verrouillé ignoré

    C:\Documents and Settings\LocalService\ntuser.dat.LOG L'objet est verrouillé ignoré

    C:\Documents and Settings\LOVATO\Application Data\Shareaza\Data\TigerTree.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\LOVATO\Cookies\index.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\LOVATO\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\LOVATO\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\LOVATO\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré

    C:\Documents and Settings\LOVATO\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\LOVATO\Local Settings\Historique\History.IE5\MSHist012007040520070406\index.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\LOVATO\Local Settings\Temp\~DFDE36.tmp L'objet est verrouillé ignoré

    C:\Documents and Settings\LOVATO\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\LOVATO\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\LOVATO\NTUSER.DAT L'objet est verrouillé ignoré

    C:\Documents and Settings\LOVATO\ntuser.dat.LOG L'objet est verrouillé ignoré

    C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré

    C:\Documents and Settings\NetworkService\NTUSER.DAT L'objet est verrouillé ignoré

    C:\Documents and Settings\NetworkService\ntuser.dat.LOG L'objet est verrouillé ignoré

    C:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat L'objet est verrouillé ignoré

    C:\Program Files\Alwil Software\Avast4\DATA\Avast4.db L'objet est verrouillé ignoré

    C:\Program Files\Alwil Software\Avast4\DATA\integ\avast.int L'objet est verrouillé ignoré

    C:\Program Files\Alwil Software\Avast4\DATA\log\AshWebSv.ws L'objet est verrouillé ignoré

    C:\Program Files\Alwil Software\Avast4\DATA\log\aswMaiSv.log L'objet est verrouillé ignoré

    C:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log L'objet est verrouillé ignoré

    C:\Program Files\Alwil Software\Avast4\DATA\report\Protection résidente.txt L'objet est verrouillé ignoré

    C:\Program Files\freeBrowser\freeBrowser\FreeBrowser.log L'objet est verrouillé ignoré

    C:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré

    C:\System Volume Information\_restore{D08ABD70-BD34-4259-94B6-4DBF759EC72B}\RP129\change.log L'objet est verrouillé ignoré

    C:\VundoFix Backups\vtmijfck.dll.bad Infecté : Trojan-Spy.Win32.VBStat.h ignoré

    C:\VundoFix Backups\yturqush.dll.bad Infecté : Trojan-Spy.Win32.VBStat.h ignoré

    C:\WINDOWS\Debug\PASSWD.LOG L'objet est verrouillé ignoré

    C:\WINDOWS\SchedLgU.Txt L'objet est verrouillé ignoré

    C:\WINDOWS\SoftwareDistribution\EventCache\{DF36EAA5-D17A-4B3F-8CB9-EC6852A26BF6}.bin L'objet est verrouillé ignoré

    C:\WINDOWS\SoftwareDistribution\ReportingEvents.log L'objet est verrouillé ignoré

    C:\WINDOWS\Sti_Trace.log L'objet est verrouillé ignoré

    C:\WINDOWS\system32\config\Antivirus.Evt L'objet est verrouillé ignoré

    C:\WINDOWS\system32\config\AppEvent.Evt L'objet est verrouillé ignoré

    C:\WINDOWS\system32\config\default L'objet est verrouillé ignoré

    C:\WINDOWS\system32\config\default.LOG L'objet est verrouillé ignoré

    C:\WINDOWS\system32\config\Internet.evt L'objet est verrouillé ignoré

    C:\WINDOWS\system32\config\SAM L'objet est verrouillé ignoré

    C:\WINDOWS\system32\config\SAM.LOG L'objet est verrouillé ignoré

    C:\WINDOWS\system32\config\SecEvent.Evt L'objet est verrouillé ignoré

    C:\WINDOWS\system32\config\SECURITY L'objet est verrouillé ignoré

    C:\WINDOWS\system32\config\SECURITY.LOG L'objet est verrouillé ignoré

    C:\WINDOWS\system32\config\software L'objet est verrouillé ignoré

    C:\WINDOWS\system32\config\software.LOG L'objet est verrouillé ignoré

    C:\WINDOWS\system32\config\SysEvent.Evt L'objet est verrouillé ignoré

    C:\WINDOWS\system32\config\system L'objet est verrouillé ignoré

    C:\WINDOWS\system32\config\system.LOG L'objet est verrouillé ignoré

    C:\WINDOWS\system32\drivers\atapi.sys L'objet est verrouillé ignoré

    C:\WINDOWS\system32\h323log.txt L'objet est verrouillé ignoré

    C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR L'objet est verrouillé ignoré

    C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP L'objet est verrouillé ignoré

    C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER L'objet est verrouillé ignoré

    C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP L'objet est verrouillé ignoré

    C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP L'objet est verrouillé ignoré

    C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA L'objet est verrouillé ignoré

    C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP L'objet est verrouillé ignoré

    C:\WINDOWS\Temp\Perflib_Perfdata_1d4.dat L'objet est verrouillé ignoré

    C:\WINDOWS\Temp\_avast4_\Webshlock.txt L'objet est verrouillé ignoré

    C:\WINDOWS\wiadebug.log L'objet est verrouillé ignoré

    C:\WINDOWS\wiaservc.log L'objet est verrouillé ignoré

    C:\WINDOWS\WindowsUpdate.log L'objet est verrouillé ignoré

    D:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré

    D:\System Volume Information\_restore{D08ABD70-BD34-4259-94B6-4DBF759EC72B}\RP129\change.log L'objet est verrouillé ignoré

    D:\temporaires\btih_JFR673T2NKQ675BBJ4B66EWEJKQLYACY.partial L'objet est verrouillé ignoré

    D:\temporaires\btih_NNSHHKLHUXE57RRVP7K6DK3DFW3YZW7Y.partial L'objet est verrouillé ignoré

    D:\temporaires\ed2k_13a2dc80f8ff2cb41b904e06adf265b6.partial L'objet est verrouillé ignoré

    D:\temporaires\ed2k_6a9acd41f9f3f722dc82278a1750333a.partial L'objet est verrouillé ignoré

    D:\temporaires\sha1_2I7ZWHTRUIHKTE257FOGA2XSWQV7TZRB.partial L'objet est verrouillé ignoré

    D:\temporaires\sha1_6P42AQF4NUYVKS3TIK7INDZEWVHBSEN7.partial L'objet est verrouillé ignoré

    D:\temporaires\sha1_6RYBFL5NW2DNRU64NKJVXV4UENDYAMGS.partial L'objet est verrouillé ignoré

    D:\temporaires\sha1_DO3U7ZMXQB25ZADPTWGE3AODM6BAHHS4.partial L'objet est verrouillé ignoré

    D:\temporaires\sha1_GSQKN5VUQ5ZQPEX2LLDNN7BN67675C6D.partial L'objet est verrouillé ignoré

    D:\temporaires\sha1_HNJAMMPPUKEOCTSGR5DLNBXILLVBSHCD.partial L'objet est verrouillé ignoré

    D:\temporaires\sha1_OI63B6OXAYXZYQDEIRXBFLAQ73I2P3KE.partial L'objet est verrouillé ignoré

    D:\temporaires\sha1_R6QT2ZLNDV7YREDSVW4ZEGCYBIJOFCQK.partial L'objet est verrouillé ignoré

    D:\temporaires\sha1_R7FXNZJNQCUVV5PSXDRL3NLC6ZK6DVMD.partial L'objet est verrouillé ignoré

    D:\temporaires\sha1_RCMLROILYGJ4XAT3HYOY4G4MJL36M2S3.partial L'objet est verrouillé ignoré

    D:\temporaires\sha1_UYU3VJRPF4DZQMA6K4LETG6ORUV3XMYW.partial L'objet est verrouillé ignoré

    D:\temporaires\sha1_Y5GITV5R7LR4KYYYGVCMT3XCXASAB3VM.partial L'objet est verrouillé ignoré

    Analyse terminée.
    a b 8 Sécurité
    5 Avril 2007 20:43:20

    Re,

    Supprime ce dossier :
    C:\VundoFix Backups

    Reposte un rapport Hijackthis.
    5 Avril 2007 20:48:28

    voilà:

    Logfile of HijackThis v1.99.1
    Scan saved at 20:49:19, on 05/04/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16414)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\freeBrowser\freeBrowser\freeBrowser.exe
    C:\Program Files\Shareaza\Shareaza.exe
    C:\Program Files\ePrompter\ePrompter.exe
    C:\Program Files\Hotmail Popper\hotpop.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\freeBrowser\vlc\vlc.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Documents and Settings\LOVATO\Mes documents\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://french.eazel.com/index.php?rvs=hompag
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [freeBrowser] C:\Program Files\freeBrowser\freeBrowser\freeBrowser.exe
    O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray
    O4 - Startup: ePrompter.lnk = C:\Program Files\ePrompter\ePrompter.exe
    O4 - Startup: Hotmail Popper.lnk = C:\Program Files\Hotmail Popper\hotpop.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O20 - Winlogon Notify: yayyyww - yayyyww.dll (file missing)
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
    O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

    a b 8 Sécurité
    5 Avril 2007 20:50:05

    Tu as toujours des pubs ?
    5 Avril 2007 20:53:03

    des pubs plus du tout ,mais ordi lent tres lent ....
    5 Avril 2007 21:02:04

    ok je te remercie pour ton aide, je vais tout lire ...et appliquer .on considere le problème pour lequel j ai demande ton aide est résolu .Spybot nikel! MERCI
    j'edite ...
    20 Novembre 2008 20:25:34

    le meme probleme mercide votre aide Logfile of HijackThis v1.99.1
    Scan saved at 20:21:07, on 20/11/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Orange\Systray\SystrayApp.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\Program Files\Logitech\Video\CameraAssistant.exe
    C:\WINDOWS\system32\ElkCtrl.exe
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\ASUS\AI Gear2\GearHelp.exe
    C:\Program Files\ASUS\Ai Nap\AiNap.exe
    C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
    C:\Program Files\Orange\AntivirusFirewall\Common\FSM32.EXE
    C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
    C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fsgk32st.exe
    C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\FSGK32.EXE
    C:\Program Files\Orange\AntivirusFirewall\Common\FSMA32.EXE
    C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIADE.EXE
    C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    C:\Program Files\Orange\AntivirusFirewall\Common\FSMB32.EXE
    C:\Program Files\Fichiers communs\TerraTec\Remote\TTTvRc.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\Orange\AntivirusFirewall\Common\FCH32.EXE
    C:\WINDOWS\system32\svchost.exe
    C:\documents and settings\bruno\local settings\application data\wseio.exe
    C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
    C:\Program Files\Logitech\SetPoint\SetPoint.exe
    C:\Program Files\Orange\AntivirusFirewall\Common\FAMEH32.EXE
    C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fsqh.exe
    C:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE
    C:\Program Files\Orange\AntivirusFirewall\FSAUA\program\fsaua.exe
    C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fssm32.exe
    C:\Program Files\Orange\AntivirusFirewall\FWES\Program\fsdfwd.exe
    C:\Program Files\Orange\AntivirusFirewall\FSGUI\fsguidll.exe
    C:\Program Files\Orange\AntivirusFirewall\FSAUA\program\fsus.exe
    C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fsav32.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Program Files\Hauppauge\WinTV Nexus\DVB-TV.exe
    C:\WINDOWS\system32\taskmgr.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\Bruno\Bureau\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\SearchURLHook\SearchPageURL.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: &TerraTec Home Cinema - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\PROGRA~1\TerraTec\TERRAT~1\THCDES~1.DLL
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [EPSON Stylus DX4800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIADE.EXE /P26 "EPSON Stylus DX4800 Series" /O6 "USB001" /M "Stylus DX4800"
    O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\Orange\Systray\SystrayApp.exe"
    O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\Orange\SessionManager\SessionManager.exe
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
    O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
    O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [Ai Gear Help] "C:\Program Files\ASUS\AI Gear2\GearHelp.exe"
    O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files\ASUS\Ai Nap\AiNap.exe"
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Orange\AntivirusFirewall\Common\FSM32.EXE" /splash
    O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Orange\AntivirusFirewall\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
    O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKCU\..\Run: [EPSON Stylus DX4800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIADE.EXE /P26 "EPSON Stylus DX4800 Series" /M "Stylus DX4800" /EF "HKCU"
    O4 - HKCU\..\Run: [TerraTec Remote Control] "C:\Program Files\Fichiers communs\TerraTec\Remote\TTTvRc.exe"
    O4 - HKCU\..\Run: [wseio] "c:\documents and settings\bruno\local settings\application data\wseio.exe" wseio
    O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
    O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
    O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
    O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
    O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\program files\orange\antivirusfirewall\fsps\program\fslsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\orange\antivirusfirewall\fsps\program\fslsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\orange\antivirusfirewall\fsps\program\fslsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\orange\antivirusfirewall\fsps\program\fslsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\orange\antivirusfirewall\fsps\program\fslsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\orange\antivirusfirewall\fsps\program\fslsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\orange\antivirusfirewall\fsps\program\fslsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\orange\antivirusfirewall\fsps\program\fslsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\orange\antivirusfirewall\fsps\program\fslsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\orange\antivirusfirewall\fsps\program\fslsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\orange\antivirusfirewall\fsps\program\fslsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\orange\antivirusfirewall\fsps\program\fslsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\orange\antivirusfirewall\fsps\program\fslsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\orange\antivirusfirewall\fsps\program\fslsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\orange\antivirusfirewall\fsps\program\fslsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\orange\antivirusfirewall\fsps\program\fslsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\orange\antivirusfirewall\fsps\program\fslsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\orange\antivirusfirewall\fsps\program\fslsp.dll
    O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/Install...
    O18 - Protocol: bw+0 - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
    O18 - Protocol: offline-8876480 - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
    O20 - Winlogon Notify: LBTWlgn - c:\program files\fichiers communs\logitech\bluetooth\LBTWlgn.dll
    O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
    O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fsgk32st.exe
    O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\Orange\AntivirusFirewall\FSAUA\program\fsaua.exe
    O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Orange\AntivirusFirewall\FWES\Program\fsdfwd.exe
    O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\Orange\AntivirusFirewall\Common\FSMA32.EXE
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTServ.exe
    O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS