Se connecter / S'enregistrer
Votre question

Virus win32:VBStat-C, win32:BHO-BS,win32:trojan-gen[Resolu]

Tags :
  • Virus
  • Sécurité
Dernière réponse : dans Sécurité et virus
26 Mars 2007 18:41:44

Bonjour,
J'ai deja fait un post hier mais personne n'est venu à mon aide.
Avast me detecte les virus win32:VBStat-C,win32:BHO-BS et win32:trojan-gen.
J'ai essayé pas mal de chose en lisant sur le forum mais rien n'y fait.
Merci d'avance pour votre aide,parce que là je rame!

Autres pages sur : virus win32 vbstat win32 bho win32 trojan gen resolu

a b 8 Sécurité
26 Mars 2007 18:51:01

Bonjour,

Télécharge Hijackthis (de Merjin).
Dézippe-le dans un dossier ou sur ton Bureau.

Lance l'application.
Choisis l'option "Do a system scan and save a logfile"
Le Bloc-Notes s'ouvre :
-> Edition / Sélectionner Tout
-> Edition / Copier
Colle le rapport ici.

AIDE : Tuto en vidéo sur Hijackthis
26 Mars 2007 18:58:02

Voici le rapport Hijackthis:

Logfile of HijackThis v1.99.1
Scan saved at 18:51:17, on 26/03/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\system32\locator.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
C:\Program Files\DAEMON Tools\daemon.exe
C:\WINDOWS\system32\lclock.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Documents and Settings\bruno\Bureau\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [SoundService] rundll32.exe "C:\WINDOWS\system32\cohowjfq.dll",setvm
O4 - HKCU\..\Run: [LClock] lclock.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm
O9 - Extra 'Tools' menuitem: Traduire - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm
O9 - Extra button: (no name) - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm
O9 - Extra 'Tools' menuitem: Personnaliser les options de traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm
O9 - Extra button: Traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm (HKCU)
O9 - Extra 'Tools' menuitem: Traduire - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm (HKCU)
O9 - Extra button: (no name) - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm (HKCU)
O9 - Extra 'Tools' menuitem: Personnaliser les options de traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm (HKCU)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://www.touslesdrivers.com/fichiers/hardwaredetectio...
O17 - HKLM\System\CCS\Services\Tcpip\..\{46519CD3-BE74-417C-AB63-038B30F6237E}: NameServer = 192.168.1.1
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe

Contenus similaires
a b 8 Sécurité
26 Mars 2007 19:12:04

Re,

Télécharge VundoFix.exe (par Atribune) sur ton Bureau.
  • Double-clique VundoFix.exe afin de le lancer
  • Clique sur le bouton Scan for Vundo
  • Lorsque le scan est complété, clique sur le bouton Remove Vundo
  • Une invite te demandera si tu veux supprimer les fichiers, clique YES
  • Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers
  • Tu verras une invite qui t'annonce que ton PC va redémarrer; clique OK
  • Copie/colle le contenu du rapport situé dans C:\vundofix.txt ainsi qu'un nouveau rapport HijackThis dans ta prochaine réponse

    Note: Il est possible que VundoFix soit confronté à un fichier qu'il ne peut supprimer. Si tel est le cas, l'outil se lancera au prochain redémarrage; il faut simplement suivre les instructions ci-haut, à partir de "clique sur le bouton Scan for Vundo".
    26 Mars 2007 19:36:36

    Voici le rapport Vundo:


    VundoFix V6.3.17

    Checking Java version...

    Java version is 1.5.0.6
    Old versions of java are exploitable and should be removed.

    Java version is 1.5.0.10

    Java version is 1.5.0.11

    Scan started at 19:22:09 26/03/2007

    Listing files found while scanning....

    C:\WINDOWS\system32\gfrejtct.dll
    C:\WINDOWS\system32\mnnmp.bak1
    C:\WINDOWS\system32\mnnmp.ini
    C:\WINDOWS\system32\pmnnm.dll

    Beginning removal...

    Attempting to delete C:\WINDOWS\system32\gfrejtct.dll
    C:\WINDOWS\system32\gfrejtct.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\mnnmp.bak1
    C:\WINDOWS\system32\mnnmp.bak1 Has been deleted!

    Attempting to delete C:\WINDOWS\system32\mnnmp.ini
    C:\WINDOWS\system32\mnnmp.ini Has been deleted!

    Attempting to delete C:\WINDOWS\system32\pmnnm.dll
    C:\WINDOWS\system32\pmnnm.dll Has been deleted!

    Performing Repairs to the registry.
    Done!

    Et le nouveau rapport Hijackthis:

    Logfile of HijackThis v1.99.1
    Scan saved at 19:30:00, on 26/03/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16414)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
    C:\WINDOWS\system32\oodag.exe
    C:\WINDOWS\system32\svchost.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
    C:\Program Files\DAEMON Tools\daemon.exe
    C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
    C:\WINDOWS\system32\lclock.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Documents and Settings\bruno\Bureau\hijackthis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {182B90A3-F372-438A-800C-6814B4DE417B} - C:\WINDOWS\system32\mljjjij.dll
    O2 - BHO: (no name) - {1C5A1CD7-D7D8-496B-8B77-39DBC03AD5E6} - C:\WINDOWS\system32\pmnnm.dll (file missing)
    O2 - BHO: (no name) - {506EFB4C-30EC-4F08-BB7D-9CA22732A9Cf} - C:\WINDOWS\system32\lrokowix.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: (no name) - {57E218E6-5A80-4f0c-AB25-83598F25D7E9} - C:\WINDOWS\system32\gfrejtct.dll (file missing)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
    O2 - BHO: (no name) - {7ECF1BD9-AA49-496D-872B-3EF8085BA2F8} - C:\WINDOWS\system32\pmkhg.dll (file missing)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
    O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKLM\..\Run: [SoundService] rundll32.exe "C:\WINDOWS\system32\cohowjfq.dll",setvm
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
    O4 - HKCU\..\Run: [LClock] lclock.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
    O9 - Extra button: Traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm
    O9 - Extra 'Tools' menuitem: Traduire - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm
    O9 - Extra button: (no name) - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm
    O9 - Extra 'Tools' menuitem: Personnaliser les options de traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm
    O9 - Extra button: Traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm (HKCU)
    O9 - Extra 'Tools' menuitem: Traduire - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm (HKCU)
    O9 - Extra button: (no name) - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm (HKCU)
    O9 - Extra 'Tools' menuitem: Personnaliser les options de traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm (HKCU)
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
    O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://www.touslesdrivers.com/fichiers/hardwaredetectio...
    O17 - HKLM\System\CCS\Services\Tcpip\..\{46519CD3-BE74-417C-AB63-038B30F6237E}: NameServer = 192.168.1.1
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: mljjjij - C:\WINDOWS\SYSTEM32\mljjjij.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
    O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
    O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
    O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe

    a b 8 Sécurité
    26 Mars 2007 19:38:58

    Re,

    Télécharge Combofix
    Sauvegarde-le sur ton Bureau et pas ailleurs !

    Clique sur le menu Démarrer puis Executer, copie/colle ceci :
    "%userprofile%\Bureau\combofix.exe" /v mljjjij
    Clique sur [OK]. Suis les invites.

    Attends que Combofix ait terminé, un rapport sera créé. Poste le rapport.
    26 Mars 2007 20:07:26

    Voici le rapport Combofix:
    "bruno" - 07-03-26 19:56:19 Service Pack 2
    ComboFix 07-03-23 - Running from: "C:\Documents and Settings\bruno\Bureau"
    Command switches used :: /v mljjjij

    (((((((((((((((((((((((((((((((((((((((((((((((((( V Log )))))))))))))))))))))))))))))))))))))))))))))))))))))))


    C:\WINDOWS\system32\mljjjij.dll


    * * * POST RUN FILES/FOLDERS * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *



    (((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


    C:\WINDOWS\system32\jkhfe.dll


    ((((((((((((((((((((((((((((((( Files Created from 2007-02-26 to 2007-03-26 ))))))))))))))))))))))))))))))))))


    2007-03-26 19:36 132,116 --a------ C:\WINDOWS\system32\jpacyfrx.dll
    2007-03-26 19:35 609,727 ---hs---- C:\WINDOWS\system32\wybeg.bak1
    2007-03-26 19:35 280,676 ---hs---- C:\WINDOWS\system32\gebyw.dll
    2007-03-26 19:22 <REP> d-------- C:\VundoFix Backups
    2007-03-26 19:11 132,116 --a------ C:\WINDOWS\system32\lrokowix.dll
    2007-03-26 18:20 280,676 ---hs---- C:\WINDOWS\system32\pmnlk.dll
    2007-03-26 07:06 132,116 --a------ C:\WINDOWS\system32\umjkqsdk.dll
    2007-03-26 07:01 132,116 --a------ C:\WINDOWS\system32\pieqnysy.dll
    2007-03-26 07:01 123,972 --a------ C:\WINDOWS\system32\cohowjfq.dll
    2007-03-25 14:15 460,152 ---hs---- C:\WINDOWS\system32\pqstv.bak1
    2007-03-25 13:53 <REP> d-------- C:\WINDOWS\BDOSCAN8
    2007-03-24 23:13 132,116 --a------ C:\WINDOWS\system32\rvvbibqj.dll
    2007-03-24 23:05 132,116 --a------ C:\WINDOWS\system32\lgljcrqv.dll
    2007-03-24 22:56 132,116 --a------ C:\WINDOWS\system32\egmalrux.dll
    2007-03-24 22:25 123,972 --a------ C:\WINDOWS\system32\lmpktgfv.dll
    2007-03-24 22:06 132,116 --a------ C:\WINDOWS\system32\crehvbvk.dll
    2007-03-24 11:20 <REP> d-------- C:\WINDOWS\report
    2007-03-24 11:19 86,094 --a------ C:\WINDOWS\BPMNT.dll
    2007-03-24 11:19 71,749 --a------ C:\WINDOWS\hcextoutput.dll
    2007-03-24 11:19 229,957 --a------ C:\WINDOWS\tsc.exe
    2007-03-24 11:19 1,101,904 --a------ C:\WINDOWS\vsapi32.dll
    2007-03-24 11:19 <REP> d-------- C:\WINDOWS\AU_Backup
    2007-03-24 11:17 69,689 --a------ C:\WINDOWS\UNZIP.DLL
    2007-03-24 11:17 507,904 --a------ C:\WINDOWS\TMUPDATE.DLL
    2007-03-24 11:17 286,720 --a------ C:\WINDOWS\PATCH.EXE
    2007-03-24 11:17 <REP> d-------- C:\WINDOWS\AU_Temp
    2007-03-24 11:17 <REP> d-------- C:\WINDOWS\AU_Log
    2007-03-24 10:12 132,116 --a------ C:\WINDOWS\system32\otarfcdt.dll
    2007-03-24 04:39 132,116 --a------ C:\WINDOWS\system32\wjsistmo.dll
    2007-03-23 23:06 132,116 --a------ C:\WINDOWS\system32\kbktvlan.dll
    2007-03-23 22:50 22 --a------ C:\Program Files\serial.dat
    2007-03-22 23:42 110,592 --a------ C:\WINDOWS\system32\tsccvid.dll
    2007-03-22 23:36 958,523 --a------ C:\WINDOWS\system32\MFC42LUD.DLL
    2007-03-22 23:36 942,133 --a------ C:\WINDOWS\system32\MFC42UD.DLL
    2007-03-22 23:36 94,285 --a------ C:\WINDOWS\system32\MSVCIRTD.DLL
    2007-03-22 23:36 929,844 --a------ C:\WINDOWS\system32\MFC42D.DLL
    2007-03-22 23:36 49,152 --a------ C:\WINDOWS\system32\INETWH32.dll
    2007-03-22 23:36 401,455 --a------ C:\WINDOWS\system32\MSLURTD.dll
    2007-03-22 23:36 385,100 --a------ C:\WINDOWS\system32\MSVCRTD.DLL
    2007-03-22 23:36 1,056,768 --a------ C:\WINDOWS\system32\ROBOEX32.DLL
    2007-03-22 23:35 <REP> d-------- C:\Missler
    2007-03-18 14:05 <REP> dr-h----- C:\DOCUME~1\bruno\APPLIC~1\SecuROM
    2007-03-17 19:21 271,360 --a------ C:\WINDOWS\system32\drivers\atksgt.sys
    2007-03-17 19:21 18,048 --a------ C:\WINDOWS\system32\drivers\lirsgt.sys
    2007-03-08 00:15 73,216 --a------ C:\WINDOWS\cadkasdeinst01f.exe
    2007-03-08 00:15 <REP> d-------- C:\Program Files\PDF Editeur 2
    2007-03-06 22:44 <REP> d-------- C:\Program Files\RADVideo
    2007-03-05 19:47 <REP> d-------- C:\Program Files\Total Video Converter
    2007-03-04 23:01 43,520 --a------ C:\WINDOWS\system32\CmdLineExt03.dll


    (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


    2007-03-26 19:06 -------- d-------- C:\Program Files\java
    2007-03-25 22:43 22 --a------ C:\Program Files\serial.zip
    2007-03-25 14:11 73570 --a------ C:\WINDOWS\system32\perfc00c.dat
    2007-03-25 14:11 73422 --a------ C:\WINDOWS\system32\perfc040.dat
    2007-03-25 14:11 465206 --a------ C:\WINDOWS\system32\perfh00c.dat
    2007-03-25 14:11 464828 --a------ C:\WINDOWS\system32\perfh040.dat
    2007-03-25 10:29 -------- d-------- C:\Program Files\emule
    2007-03-24 13:18 -------- d-------- C:\DOCUME~1\bruno\APPLIC~1\utorrent
    2007-03-23 19:01 -------- d-------- C:\Program Files\divx
    2007-03-23 00:15 -------- d--h----- C:\Program Files\installshield installation information
    2007-03-22 20:55 -------- d-------- C:\Program Files\microsoft money 2005
    2007-03-18 23:43 -------- d-------- C:\Program Files\ripp-it_am
    2007-03-18 14:05 108144 --a------ C:\WINDOWS\system32\cmdlineext.dll
    2007-03-13 21:43 14992 --a------ C:\DOCUME~1\bruno\APPLIC~1\gdipfontcachev1.dat
    2007-03-11 23:05 10856 --ahs---- C:\WINDOWS\system32\kgygaavl.sys
    2007-03-11 11:12 -------- d-------- C:\Program Files\windows media connect 2
    2007-03-05 18:40 -------- d-------- C:\DOCUME~1\bruno\APPLIC~1\real
    2007-03-04 09:36 6876 --a------ C:\DOCUME~1\bruno\APPLIC~1\qp1c_prefs
    2007-02-28 21:19 -------- d-------- C:\Program Files\msn messenger
    2007-02-24 10:15 -------- d-------- C:\Program Files\myvideosoft
    2007-02-22 13:30 -------- d-------- C:\DOCUME~1\bruno\APPLIC~1\sun
    2007-02-20 21:43 -------- d-------- C:\DOCUME~1\bruno\APPLIC~1\epson
    2007-02-16 22:25 17134 --a------ C:\WINDOWS\system32\pcandis5.sys
    2007-02-16 22:18 81920 --a------ C:\WINDOWS\system32\w32n50.dll
    2007-02-15 20:01 -------- d-------- C:\Program Files\xvid
    2007-02-15 19:45 -------- d-------- C:\Program Files\ripp-it codec pack
    2007-02-15 19:44 -------- d-------- C:\Program Files\avisynth 2.5
    2007-02-14 21:29 -------- d-------- C:\Program Files\gabest
    2007-02-13 20:13 -------- d-------- C:\Program Files\webteh
    2007-02-13 20:04 -------- d-------- C:\Program Files\k-lite codec pack
    2007-02-12 20:23 -------- d-------- C:\Program Files\mkvtoolnix
    2007-02-12 20:13 -------- d-------- C:\DOCUME~1\bruno\APPLIC~1\bsplayer pro
    2007-02-12 19:59 -------- d-------- C:\DOCUME~1\bruno\APPLIC~1\divx
    2007-01-31 23:27 524288 --a------ C:\WINDOWS\system32\divxsm.exe
    2007-01-31 01:15 118784 --a------ C:\WINDOWS\system32\divxcodecupdatechecker.exe
    2007-01-30 07:03 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll
    2007-01-30 07:03 200704 --a------ C:\WINDOWS\system32\ssldivx.dll
    2007-01-30 07:03 1044480 --a------ C:\WINDOWS\system32\libdivx.dll
    2007-01-30 06:56 73728 --a------ C:\WINDOWS\system32\dpl100.dll
    2007-01-30 06:56 593920 --a------ C:\WINDOWS\system32\dpugui11.dll
    2007-01-30 06:56 57344 --a------ C:\WINDOWS\system32\dpv11.dll
    2007-01-30 06:56 344064 --a------ C:\WINDOWS\system32\dpus11.dll
    2007-01-30 06:56 294912 --a------ C:\WINDOWS\system32\dpu11.dll
    2007-01-30 06:56 196608 --a------ C:\WINDOWS\system32\dtu100.dll
    2007-01-29 19:48 2378 --a------ C:\WINDOWS\system32\tmp.reg
    2007-01-28 18:52 -------- d-------- C:\Program Files\pdfcreator
    2007-01-28 18:52 -------- d-------- C:\Program Files\irfanview
    2007-01-28 00:08 -------- d-------- C:\Program Files\google
    2007-01-27 19:04 -------- d-------- C:\Program Files\spamfighter
    2007-01-27 19:04 -------- d-------- C:\Program Files\regseeker
    2007-01-27 19:04 -------- d-------- C:\DOCUME~1\bruno\APPLIC~1\ppstream
    2007-01-26 22:04 -------- d-------- C:\DOCUME~1\bruno\APPLIC~1\sopcast
    2007-01-26 00:24 -------- d-------- C:\Program Files\Fichiers communs\nullsoft
    2007-01-20 22:26 1565480 --a------ C:\WINDOWS\system32\wmv9vcm.dll
    2007-01-19 13:53 51056 --a------ C:\WINDOWS\system32\sirenacm.dll
    2007-01-15 19:32 689280 --a------ C:\WINDOWS\system32\aswboot.exe
    2007-01-15 19:23 90112 --a------ C:\WINDOWS\system32\avastss.scr
    2007-01-09 19:46 10752 --a------ C:\WINDOWS\system32\ff_vfw.dll
    2006-12-23 12:48 62 --ahs---- C:\DOCUME~1\bruno\APPLIC~1\desktop.ini


    (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

    *Note* empty entries & legit default entries are not shown

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
    "LClock"="lclock.exe"
    "ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
    "avast!"="C:\\PROGRA~1\\ALWILS~1\\Avast4\\ashDisp.exe"
    "LVCOMS"="C:\\Program Files\\Fichiers communs\\Logitech\\QCDriver3\\LVCOMS.EXE"
    "DAEMON Tools"="\"C:\\Program Files\\DAEMON Tools\\daemon.exe\" -lang 1033"
    "SoundService"="rundll32.exe \"C:\\WINDOWS\\system32\\cohowjfq.dll\",setvm"
    "SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.5.0_11\\bin\\jusched.exe\""

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\Disabled]
    "CloneCDTray"="\"C:\\Program Files\\SlySoft\\CloneCD\\CloneCDTray.exe\" /s"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
    "Installed"="1"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
    "Installed"="1"
    "NoChange"="1"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
    "Installed"="1"

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
    "swg"="C:\\Program Files\\Google\\GoogleToolbarNotifier\\1.2.908.5008\\GoogleToolbarNotifier.exe"
    "ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
    "EPSON Stylus CX3200"="C:\\WINDOWS\\System32\\spool\\DRIVERS\\W32X86\\3\\E_S10IC2.EXE /P19 \"EPSON Stylus CX3200\" /O6 \"USB001\" /M \"Stylus CX3200\""
    "SPAMfighter Agent"="\"C:\\Program Files\\SPAMfighter\\SFAgent.exe\" update delay 60"
    "LogitechVideoTray"="C:\\Program Files\\Logitech\\Video\\LogiTray.exe"
    "LogitechVideoRepair"="C:\\Program Files\\Logitech\\Video\\ISStart.exe /RegAll"
    "LVCOMSX"="C:\\WINDOWS\\system32\\LVCOMSX.EXE"
    "Vistadrv"="C:\\WINDOWS\\system32\\Vistadrive\\vsdrv.exe"
    "Cobian Backup 7 Interface"="\"C:\\Program Files\\Cobian Backup 7\\cobui.exe\" -SERVICE"
    "CamWizard"="C:\\Program Files\\Fichiers communs\\Logitech\\QCDRV\\BIN\\CamWizrd.exe"
    "ATICCC"="\"C:\\Program Files\\ATI Technologies\\ATI.ACE\\cli.exe\" runtime -Delay"
    "LogitechImageStudioTray"="C:\\Program Files\\Logitech\\ImageStudio\\LogiTray.exe"
    "LogitechGalleryRepair"="C:\\Program Files\\Logitech\\ImageStudio\\ISStart.exe"
    "PROMT Integrator"="\"C:\\Program Files\\PROMT5\\INTEGRAL\\PinStart.exe\" /autorun"
    "SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.5.0_10\\bin\\jusched.exe\""
    "SoundMan"="SOUNDMAN.EXE"
    "Windows Defender"="\"C:\\Program Files\\Windows Defender\\MSASCui.exe\" -hide"


    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
    "{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"="Microsoft AntiMalware ShellExecuteHook"
    "{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"
    "{88CA7B26-F60D-444A-9A5B-00CFF12BD4DC}"=""

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
    "WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"

    [HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
    "LClock"="lclock.exe"
    "DWQueuedReporting"="\"C:\\PROGRA~1\\FICHIE~1\\MICROS~1\\DW\\dwtrig20.exe\" -t"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "DisableCAD"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
    "NoDesktopCleanupWizard"=dword:00000001
    "NoSharedDocuments"=dword:00000001
    "NoRemoteRecursiveEvents"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
    "NoSMHelp"=dword:00000001
    "ForceClassicControlPanel"=dword:00000001
    "NoRecentDocsMenu"=dword:00000001
    "NoRecentDocsHistory"=dword:00000001
    "NoStartBanner"=hex:01,00,00,00
    "NoSMConfigurePrograms"=dword:00000001
    "NoSMMyPictures"=dword:00000001
    "ClearRecentDocsOnExit"=dword:00000001
    "NoResolveTrack"=dword:00000001
    "LinkResolveIgnoreLinkInfo"=dword:00000001
    "NoResolveSearch"=dword:00000001
    "MemCheckBoxInRunDlg"=dword:00000001
    "NoSMBalloonTip"=dword:00000001
    "NoDesktopCleanupWizard"=dword:00000001
    "NoWelcomeScreen"=dword:00000001
    "NoSharedDocuments"=dword:00000001

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\DisallowCpl]
    "1"="Polices"

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]

    [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
    "NoSMHelp"=dword:00000001
    "ForceClassicControlPanel"=dword:00000001
    "NoRecentDocsMenu"=dword:00000001
    "NoRecentDocsHistory"=dword:00000001
    "NoStartBanner"=hex:01,00,00,00
    "NoSMConfigurePrograms"=dword:00000001
    "NoSMMyPictures"=dword:00000001
    "ClearRecentDocsOnExit"=dword:00000001
    "NoResolveTrack"=dword:00000001
    "LinkResolveIgnoreLinkInfo"=dword:00000001
    "NoResolveSearch"=dword:00000001
    "MemCheckBoxInRunDlg"=dword:00000001
    "NoSMBalloonTip"=dword:00000001
    "NoDesktopCleanupWizard"=dword:00000001
    "NoWelcomeScreen"=dword:00000001
    "NoSharedDocuments"=dword:00000001

    [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer\DisallowCpl]
    "1"="Polices"

    [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer\run]

    [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
    "NoSMHelp"=dword:00000001
    "ForceClassicControlPanel"=dword:00000001
    "NoRecentDocsMenu"=dword:00000001
    "NoRecentDocsHistory"=dword:00000001
    "NoStartBanner"=hex:01,00,00,00
    "NoSMConfigurePrograms"=dword:00000001
    "NoSMMyPictures"=dword:00000001
    "ClearRecentDocsOnExit"=dword:00000001
    "NoResolveTrack"=dword:00000001
    "LinkResolveIgnoreLinkInfo"=dword:00000001
    "NoResolveSearch"=dword:00000001
    "MemCheckBoxInRunDlg"=dword:00000001
    "NoSMBalloonTip"=dword:00000001
    "NoDesktopCleanupWizard"=dword:00000001
    "NoWelcomeScreen"=dword:00000001
    "NoSharedDocuments"=dword:00000001

    [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer\DisallowCpl]
    "1"="Polices"

    [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer\run]

    HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\gebyw

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
    "SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

    [HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
    HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
    LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0upnphost\0SSDPSRV\0\0
    NetworkService REG_MULTI_SZ DnsCache\0\0
    DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
    rpcss REG_MULTI_SZ RpcSs\0\0
    imgsvc REG_MULTI_SZ StiSvc\0\0
    termsvcs REG_MULTI_SZ TermService\0\0
    WudfServiceGroup REG_MULTI_SZ WUDFSvc\0\0



    Contents of the 'Scheduled Tasks' folder
    C:\WINDOWS\tasks\At1.job
    C:\WINDOWS\tasks\At10.job
    C:\WINDOWS\tasks\At11.job
    C:\WINDOWS\tasks\At12.job
    C:\WINDOWS\tasks\At2.job
    C:\WINDOWS\tasks\At3.job
    C:\WINDOWS\tasks\At4.job
    C:\WINDOWS\tasks\At5.job
    C:\WINDOWS\tasks\At6.job
    C:\WINDOWS\tasks\At7.job
    C:\WINDOWS\tasks\At8.job
    C:\WINDOWS\tasks\At9.job
    C:\WINDOWS\tasks\Maintenance en 1 clic.job
    C:\WINDOWS\tasks\MP Scheduled Scan.job


    ********************************************************************

    catchme 0.2 W2K/XP/Vista - userland rootkit detector by Gmer, 17 October 2006
    http://www.gmer.net

    scanning hidden processes ...

    scanning hidden services ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden processes: 0
    hidden services: 0
    hidden files: 0

    ********************************************************************

    Completion time: 07-03-26 20:04:38
    a b 8 Sécurité
    26 Mars 2007 20:09:29

    Vundo a résisté...

    1/ Télécharge The Avenger (par Swandog46) sur ton Bureau.
    Dézippe-le ensuite sur ton Bureau.

    2/ Copie tout le texte en rouge[/#f] ci-dessous :

    Citation :
    [#ff1c00]Files to delete:
    C:\WINDOWS\system32\jpacyfrx.dll
    C:\WINDOWS\system32\wybeg.bak1
    C:\WINDOWS\system32\gebyw.dll
    C:\WINDOWS\system32\lrokowix.dll
    C:\WINDOWS\system32\pmnlk.dll
    C:\WINDOWS\system32\umjkqsdk.dll
    C:\WINDOWS\system32\pieqnysy.dll
    C:\WINDOWS\system32\cohowjfq.dll
    C:\WINDOWS\system32\pqstv.bak1
    C:\WINDOWS\system32\rvvbibqj.dll
    C:\WINDOWS\system32\lgljcrqv.dll
    C:\WINDOWS\system32\egmalrux.dll
    C:\WINDOWS\system32\lmpktgfv.dll
    C:\WINDOWS\system32\crehvbvk.dll
    C:\WINDOWS\tasks\At1.job
    C:\WINDOWS\tasks\At10.job
    C:\WINDOWS\tasks\At11.job
    C:\WINDOWS\tasks\At12.job
    C:\WINDOWS\tasks\At2.job
    C:\WINDOWS\tasks\At3.job
    C:\WINDOWS\tasks\At4.job
    C:\WINDOWS\tasks\At5.job
    C:\WINDOWS\tasks\At6.job
    C:\WINDOWS\tasks\At7.job
    C:\WINDOWS\tasks\At8.job
    C:\WINDOWS\tasks\At9.job


    ---> Clique-droit puis Copier

    Note: Le code ci-dessus a été intentionnellement rédigé pour CET utilisateur.
    si vous n'êtes pas CET utilisateur, NE PAS appliquer ces directives : elles pourraient endommager votre système.


    3/ Maintenant, lance The Avenger en cliquant sur l'icône présente sur le Bureau.
    Sous "Script file to execute" choisis "Input Script Manually".
    Puis clique sur l'icône en forme de loupe qui va ouvrir une nouvelle fenêtre "View/edit script"
    Dans cette fenêtre, colle le texte précedemment copié sur le bureau.
    Clique sur "Done"
    Ensuite clique sur l'icône en forme de Feu Vert pour démarrer l'exécution du script.
    Réponds par "Yes" deux fois quand cela te sera demandé.

    4/ The Avenger va automatiquement faire ce qui suit :
    Il va redémarrer le système. ( Dans les cas où le script contient un/des "Drivers to Unload", The Avenger redémarrera votre système 2 fois)
    Pendant le redémarrage, il apparaitra brièvement une fenêtre de commande de Windows noire sur votre bureau, ceci est NORMAL.
    Après le redémarrage, il crée un fichier log qui s'ouvrira, faisant apparaitre les actions exécutées par The Avenger. Ce fichier log se trouve ici : C:\avenger.txt
    The Avenger aura également sauvegardé tous les fichiers, etc., que vous lui avez demandé de supprimer, les aura compactés (zipped) et tranféré l'archive zip ici : C:\avenger\backup.zip.

    5/ Pour finir copie/colle le contenu du ficher c:\avenger.txt dans votre réponse avec un nouveau rapport HijackThis.
    26 Mars 2007 20:16:00

    Avast me detecte un virus dans Avenger et il supprime Avenger.exe
    a b 8 Sécurité
    26 Mars 2007 20:17:18

    Ignore les alertes.
    26 Mars 2007 20:41:05

    Voici le rapport Avenger:

    Logfile of The Avenger version 1, by Swandog46
    Running from registry key:
    \Registry\Machine\System\CurrentControlSet\Services\oclytisi

    *******************

    Script file located at: \??\C:\Documents and Settings\grgkgdty.txt
    Script file opened successfully.

    Script file read successfully

    Backups directory opened successfully at C:\Avenger

    *******************

    Beginning to process script file:

    File C:\WINDOWS\system32\jpacyfrx.dll deleted successfully.
    File C:\WINDOWS\system32\wybeg.bak1 deleted successfully.
    File C:\WINDOWS\system32\gebyw.dll deleted successfully.
    File C:\WINDOWS\system32\lrokowix.dll deleted successfully.
    File C:\WINDOWS\system32\pmnlk.dll deleted successfully.
    File C:\WINDOWS\system32\umjkqsdk.dll deleted successfully.
    File C:\WINDOWS\system32\pieqnysy.dll deleted successfully.
    File C:\WINDOWS\system32\cohowjfq.dll deleted successfully.
    File C:\WINDOWS\system32\pqstv.bak1 deleted successfully.
    File C:\WINDOWS\system32\rvvbibqj.dll deleted successfully.
    File C:\WINDOWS\system32\lgljcrqv.dll deleted successfully.
    File C:\WINDOWS\system32\egmalrux.dll deleted successfully.
    File C:\WINDOWS\system32\lmpktgfv.dll deleted successfully.
    File C:\WINDOWS\system32\crehvbvk.dll deleted successfully.
    File C:\WINDOWS\tasks\At1.job deleted successfully.
    File C:\WINDOWS\tasks\At10.job deleted successfully.
    File C:\WINDOWS\tasks\At11.job deleted successfully.
    File C:\WINDOWS\tasks\At12.job deleted successfully.
    File C:\WINDOWS\tasks\At2.job deleted successfully.
    File C:\WINDOWS\tasks\At3.job deleted successfully.
    File C:\WINDOWS\tasks\At4.job deleted successfully.
    File C:\WINDOWS\tasks\At5.job deleted successfully.
    File C:\WINDOWS\tasks\At6.job deleted successfully.
    File C:\WINDOWS\tasks\At7.job deleted successfully.
    File C:\WINDOWS\tasks\At8.job deleted successfully.
    File C:\WINDOWS\tasks\At9.job deleted successfully.

    Completed script processing.

    *******************

    Finished! Terminate.

    Puis le nouveau Hijackthis:

    Logfile of HijackThis v1.99.1
    Scan saved at 20:39:17, on 26/03/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16414)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
    C:\WINDOWS\system32\oodag.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
    C:\Program Files\DAEMON Tools\daemon.exe
    C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
    C:\WINDOWS\system32\lclock.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
    C:\WINDOWS\system32\notepad.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Documents and Settings\bruno\Bureau\hijackthis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: (no name) - {03088ADC-0453-4094-8A52-84ED6622B578} - C:\WINDOWS\system32\gebyw.dll (file missing)
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {1C5A1CD7-D7D8-496B-8B77-39DBC03AD5E6} - C:\WINDOWS\system32\pmnnm.dll (file missing)
    O2 - BHO: (no name) - {506EFB4C-30EC-4F08-BB7D-9CA22732A9Cf} - C:\WINDOWS\system32\jpacyfrx.dll (file missing)
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: (no name) - {57E218E6-5A80-4f0c-AB25-83598F25D7E9} - C:\WINDOWS\system32\gfrejtct.dll (file missing)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
    O2 - BHO: (no name) - {7ECF1BD9-AA49-496D-872B-3EF8085BA2F8} - C:\WINDOWS\system32\pmkhg.dll (file missing)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
    O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKLM\..\Run: [SoundService] rundll32.exe "C:\WINDOWS\system32\cohowjfq.dll",setvm
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
    O4 - HKCU\..\Run: [LClock] lclock.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
    O9 - Extra button: Traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm
    O9 - Extra 'Tools' menuitem: Traduire - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm
    O9 - Extra button: (no name) - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm
    O9 - Extra 'Tools' menuitem: Personnaliser les options de traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm
    O9 - Extra button: Traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm (HKCU)
    O9 - Extra 'Tools' menuitem: Traduire - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm (HKCU)
    O9 - Extra button: (no name) - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm (HKCU)
    O9 - Extra 'Tools' menuitem: Personnaliser les options de traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm (HKCU)
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
    O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://www.touslesdrivers.com/fichiers/hardwaredetectio...
    O17 - HKLM\System\CCS\Services\Tcpip\..\{46519CD3-BE74-417C-AB63-038B30F6237E}: NameServer = 192.168.1.1
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: gebyw - C:\WINDOWS\system32\gebyw.dll (file missing)
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
    O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: Indexing Service (CiSvc) - Unknown owner - C:\WINDOWS\system32\cisvc.exe (file missing)
    O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
    O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
    O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe

    a b 8 Sécurité
    26 Mars 2007 20:45:46

    Re,

    - Lance Hijackthis ->Do a system scan only
    ->Coche les lignes ci-dessous :

    O2 - BHO: (no name) - {03088ADC-0453-4094-8A52-84ED6622B578} - C:\WINDOWS\system32\gebyw.dll (file missing)
    O2 - BHO: (no name) - {1C5A1CD7-D7D8-496B-8B77-39DBC03AD5E6} - C:\WINDOWS\system32\pmnnm.dll (file missing)
    O2 - BHO: (no name) - {506EFB4C-30EC-4F08-BB7D-9CA22732A9Cf} - C:\WINDOWS\system32\jpacyfrx.dll (file missing)
    O2 - BHO: (no name) - {57E218E6-5A80-4f0c-AB25-83598F25D7E9} - C:\WINDOWS\system32\gfrejtct.dll (file missing)
    O2 - BHO: (no name) - {7ECF1BD9-AA49-496D-872B-3EF8085BA2F8} - C:\WINDOWS\system32\pmkhg.dll (file missing)
    O4 - HKLM\..\Run: [SoundService] rundll32.exe "C:\WINDOWS\system32\cohowjfq.dll",setvm

    Clique sur Fix checked (en bas à gauche)
    26 Mars 2007 20:52:27

    Ok, c'est fait.C'est terminé?
    a b 8 Sécurité
    26 Mars 2007 20:54:38

    Reposte un rapport Hijackthis.
    26 Mars 2007 20:56:32

    Ok,voilà le nouveau rapport:
    Logfile of HijackThis v1.99.1
    Scan saved at 20:55:40, on 26/03/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16414)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
    C:\WINDOWS\system32\oodag.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
    C:\Program Files\DAEMON Tools\daemon.exe
    C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
    C:\WINDOWS\system32\lclock.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Documents and Settings\bruno\Bureau\hijackthis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
    O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
    O4 - HKCU\..\Run: [LClock] lclock.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
    O9 - Extra button: Traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm
    O9 - Extra 'Tools' menuitem: Traduire - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm
    O9 - Extra button: (no name) - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm
    O9 - Extra 'Tools' menuitem: Personnaliser les options de traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm
    O9 - Extra button: Traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm (HKCU)
    O9 - Extra 'Tools' menuitem: Traduire - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm (HKCU)
    O9 - Extra button: (no name) - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm (HKCU)
    O9 - Extra 'Tools' menuitem: Personnaliser les options de traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm (HKCU)
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
    O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://www.touslesdrivers.com/fichiers/hardwaredetectio...
    O17 - HKLM\System\CCS\Services\Tcpip\..\{46519CD3-BE74-417C-AB63-038B30F6237E}: NameServer = 192.168.1.1
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: gebyw - C:\WINDOWS\system32\gebyw.dll (file missing)
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
    O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: Indexing Service (CiSvc) - Unknown owner - C:\WINDOWS\system32\cisvc.exe (file missing)
    O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
    O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
    O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe

    a b 8 Sécurité
    26 Mars 2007 20:59:22

    Re,

    Fixe ces deux lignes :
    O20 - Winlogon Notify: gebyw - C:\WINDOWS\system32\gebyw.dll (file missing)
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\
    26 Mars 2007 21:04:15

    Ok,c'est fait et voici le rapport Hijackthis

    Logfile of HijackThis v1.99.1
    Scan saved at 21:02:57, on 26/03/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16414)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
    C:\WINDOWS\system32\oodag.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
    C:\Program Files\DAEMON Tools\daemon.exe
    C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
    C:\WINDOWS\system32\lclock.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Documents and Settings\bruno\Bureau\hijackthis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
    O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
    O4 - HKCU\..\Run: [LClock] lclock.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
    O9 - Extra button: Traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm
    O9 - Extra 'Tools' menuitem: Traduire - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm
    O9 - Extra button: (no name) - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm
    O9 - Extra 'Tools' menuitem: Personnaliser les options de traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm
    O9 - Extra button: Traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm (HKCU)
    O9 - Extra 'Tools' menuitem: Traduire - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm (HKCU)
    O9 - Extra button: (no name) - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm (HKCU)
    O9 - Extra 'Tools' menuitem: Personnaliser les options de traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm (HKCU)
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
    O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://www.touslesdrivers.com/fichiers/hardwaredetectio...
    O17 - HKLM\System\CCS\Services\Tcpip\..\{46519CD3-BE74-417C-AB63-038B30F6237E}: NameServer = 192.168.1.1
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
    O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: Indexing Service (CiSvc) - Unknown owner - C:\WINDOWS\system32\cisvc.exe (file missing)
    O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
    O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
    O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe

    a b 8 Sécurité
    26 Mars 2007 21:09:43

    D'autres problèmes ?
    26 Mars 2007 21:15:36

    Cà y est,c'est terminé?Eh bien,merci pour tout,vous faites du super boulot.J'avais des fenetres intempestives mais je pense que ce que nous venons de faire à resolu le probleme.Sinon,Spybot me detectait
    un probleme avec smidfraud.
    a b 8 Sécurité
    26 Mars 2007 21:18:18

    Quel est son emplacement ?
    26 Mars 2007 21:30:51

    Voici le rapport de spybot
    26 Mars 2007 21:33:46

    Excuse-moi,j'avais oublié de le coller
    --- Search result list ---
    Smitfraud-C.Toolbar888: Réglages (Clé du registre, nothing done)
    HKEY_USERS\S-1-5-21-527237240-2049760794-842925246-1001\Software\Microsoft\aldd

    Smitfraud-C.Toolbar888: Réglages (Clé du registre, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\Araf15

    Winsoftware: Cookie traceur (Internet Explorer: bruno) (Cookie, nothing done)


    FastClick: Cookie traceur (Internet Explorer: bruno) (Cookie, nothing done)


    MediaPlex: Cookie traceur (Internet Explorer: bruno) (Cookie, nothing done)


    Avenue A, Inc.: Cookie traceur (Internet Explorer: bruno) (Cookie, nothing done)


    BFast: Cookie traceur (Internet Explorer: bruno) (Cookie, nothing done)


    HitBox: Cookie traceur (Internet Explorer: bruno) (Cookie, nothing done)


    Winsoftware: Cookie traceur (Internet Explorer: bruno) (Cookie, nothing done)


    Winsoftware: Cookie traceur (Internet Explorer: bruno) (Cookie, nothing done)


    Smitfraud-C.Toolbar888: Cookie traceur (Internet Explorer: bruno) (Cookie, nothing done)


    AdRevolver: Cookie traceur (Internet Explorer: bruno) (Cookie, nothing done)


    Advertising.com: Cookie traceur (Internet Explorer: bruno) (Cookie, nothing done)


    AdRevolver: Cookie traceur (Internet Explorer: bruno) (Cookie, nothing done)


    HitBox: Cookie traceur (Internet Explorer: bruno) (Cookie, nothing done)


    DoubleClick: Cookie traceur (Internet Explorer: bruno) (Cookie, nothing done)


    HitBox: Cookie traceur (Internet Explorer: bruno) (Cookie, nothing done)


    Zedo: Cookie traceur (Internet Explorer: bruno) (Cookie, nothing done)


    BlueStreak: Cookie traceur (Internet Explorer: bruno) (Cookie, nothing done)



    --- Spybot - Search & Destroy version: 1.4 (build: 20050523) ---

    2005-05-31 blindman.exe (1.0.0.1)
    2005-05-31 SpybotSD.exe (1.4.0.3)
    2005-05-31 TeaTimer.exe (1.4.0.2)
    2006-12-23 unins000.exe (51.41.0.0)
    2005-05-31 Update.exe (1.4.0.0)
    2007-01-15 advcheck.dll (1.2.1.0)
    2005-05-31 aports.dll (2.1.0.0)
    2005-05-31 borlndmm.dll (7.0.4.453)
    2005-05-31 delphimm.dll (7.0.4.453)
    2005-05-31 SDHelper.dll (1.4.0.0)
    2007-01-02 Tools.dll (2.0.1.0)
    2005-05-31 UnzDll.dll (1.73.1.1)
    2005-05-31 ZipDll.dll (1.73.2.0)
    2007-03-21 Includes\Cookies.sbi (*)
    2006-12-08 Includes\Dialer.sbi (*)
    2007-03-21 Includes\DialerC.sbi (*)
    2007-03-21 Includes\Hijackers.sbi (*)
    2007-03-21 Includes\HijackersC.sbi (*)
    2006-10-27 Includes\Keyloggers.sbi (*)
    2007-03-21 Includes\KeyloggersC.sbi (*)
    2007-03-21 Includes\Malware.sbi (*)
    2007-03-21 Includes\MalwareC.sbi (*)
    2007-03-21 Includes\PUPS.sbi (*)
    2007-03-21 Includes\PUPSC.sbi (*)
    2007-03-21 Includes\Revision.sbi (*)
    2006-12-08 Includes\Security.sbi (*)
    2007-03-21 Includes\SecurityC.sbi (*)
    2007-03-21 Includes\Spybots.sbi (*)
    2007-03-21 Includes\SpybotsC.sbi (*)
    2005-02-17 Includes\Tracks.uti
    2007-03-21 Includes\Trojans.sbi (*)
    2007-03-21 Includes\TrojansC.sbi (*)



    --- System information ---
    Windows XP (Build: 2600) Service Pack 2
    / .NETFramework / 1.1: Microsoft .NET Framework 1.1 Hotfix (KB886903)
    / .NETFramework / 1.1: Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
    / Microsoft .NET Framework 2.0: This Security Update is for Microsoft .NET Framework 2.0. \n
    If you later install a more recent service pack, this Security Update will be uninstalled automatically. \n
    For more information, visit http://support.microsoft.com/kb/917283
    / Microsoft .NET Framework 2.0: This Security Update is for Microsoft .NET Framework 2.0. \n
    If you later install a more recent service pack, this Security Update will be uninstalled automatically. \n
    For more information, visit http://support.microsoft.com/kb/922770
    / MSXML4SP2: FIX: ASP stops responding when calling Response.Redirect to another server using msxml4 sp2
    / Windows / SP1: Microsoft Internationalized Domain Names Mitigation APIs
    / Windows / SP1: Microsoft National Language Support Downlevel APIs
    / Windows Media Format 11 SDK: Hotfix for Windows Media Format 11 SDK (KB929399)
    / Windows Media Player 10: Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734)
    / Windows Media Player 6.4: Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398)
    / Windows XP: Mise à jour de sécurité pour Windows XP (KB923689)
    / Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090)
    / Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 7 (KB929969)
    / Windows XP / SP10: Microsoft Compression Client Pack 1.0 for Windows XP
    / Windows XP / SP3: Correctif Windows XP - KB885884
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB890046)
    / Windows XP / SP3: Correctif Windows XP - KB890859
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB893756)
    / Windows XP / SP3: Windows Installer 3.1 (KB893803)
    / Windows XP / SP3: Mise à jour pour Windows XP (KB894391)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896358)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896422)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896423)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896424)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896428)
    / Windows XP / SP3: Mise à jour pour Windows XP (KB898461)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB899587)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB899589)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB899591)
    / Windows XP / SP3: Mise à jour pour Windows XP (KB900485)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB900725)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB901017)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB901214)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB902400)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB904706)
    / Windows XP / SP3: Mise à jour pour Windows XP (KB904942)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB905414)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB905749)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB908519)
    / Windows XP / SP3: Mise à jour pour Windows XP (KB908531)
    / Windows XP / SP3: Mise à jour pour Windows XP (KB910437)
    / Windows XP / SP3: Mise à jour pour Windows XP (KB911280)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB911562)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB911567)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB911927)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB912919)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB913580)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB914388)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB914389)
    / Windows XP / SP3: Correctif pour Windows XP (KB914440)
    / Windows XP / SP3: Hotfix for Windows XP (KB915865)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB916281)
    / Windows XP / SP3: Mise à jour pour Windows XP (KB916595)
    / Windows XP / SP3: Mise à jour pour Windows XP (KB916846)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB917159)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB917344)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB917422)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB917537)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB917953)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB918118)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB918439)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB918899)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB919007)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB920213)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB920214)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB920670)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB920683)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB920685)
    / Windows XP / SP3: Mise à jour pour Windows XP (KB920872)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB921398)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB921883)
    / Windows XP / SP3: Mise à jour pour Windows XP (KB922582)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB922616)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB922760)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB922819)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB923191)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB923414)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB923694)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB923980)
    / Windows XP / SP3: Correctif pour Windows XP (KB923996)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB924191)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB924270)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB924496)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB924667)
    / Windows XP / SP3: Correctif pour Windows XP (KB924867)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB925454)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB925486)
    / Windows XP / SP3: Hotfix for Windows XP (KB926239)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB926255)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB926436)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB927779)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB927802)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB928255)
    / Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB928843)
    / Windows XP / SP3: Mise à jour pour Windows XP (KB929338)
    / Windows XP / SP3: Mise à jour pour Windows XP (KB931836)


    --- Startup entries list ---
    Located: HK_LM:Run, avast!
    command: C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    file: C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    size: 108160
    MD5: 26a15d8d5c81a3b053e82b01a5d8208e

    Located: HK_LM:Run, DAEMON Tools
    command: "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
    file: C:\Program Files\DAEMON Tools\daemon.exe
    size: 157592
    MD5: 71d55fe46cd64afba728d42c8c8ebeca

    Located: HK_LM:Run, LVCOMS
    command: C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
    file: C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
    size: 127022
    MD5: 574b0c1a95d1ea0fba1ca700ce83e7b9

    Located: HK_LM:Run, SunJavaUpdateSched
    command: "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
    file: C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
    size: 75520
    MD5: edf5d27c6d244740418903626df5741a

    Located: HK_CU:Run, ctfmon.exe
    command: C:\WINDOWS\system32\ctfmon.exe
    file: C:\WINDOWS\system32\ctfmon.exe
    size: 15360
    MD5: 64e41e8fee655b03e3f19ded21ba5118

    Located: HK_CU:Run, LClock
    command: lclock.exe
    file: C:\WINDOWS\system32\lclock.exe
    size: 65536
    MD5: 38cc541d105dcba3d3768d6b191d9505

    Located: Démarrage (tous utilisateurs), DSLMON.lnk
    command: C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
    file: C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
    size: 962661
    MD5: 4364b5c4f31241660d30d2c9980f877e

    Located: System.ini, AtiExtEvent
    command: Ati2evxx.dll
    file: Ati2evxx.dll

    Located: System.ini, crypt32chain
    command: crypt32.dll
    file: crypt32.dll

    Located: System.ini, cryptnet
    command: cryptnet.dll
    file: cryptnet.dll

    Located: System.ini, cscdll
    command: cscdll.dll
    file: cscdll.dll

    Located: System.ini, ScCertProp
    command: wlnotify.dll
    file: wlnotify.dll

    Located: System.ini, Schedule
    command: wlnotify.dll
    file: wlnotify.dll

    Located: System.ini, sclgntfy
    command: sclgntfy.dll
    file: sclgntfy.dll

    Located: System.ini, SensLogn
    command: WlNotify.dll
    file: WlNotify.dll

    Located: System.ini, termsrv
    command: wlnotify.dll
    file: wlnotify.dll

    Located: System.ini, wlballoon
    command: wlnotify.dll
    file: wlnotify.dll



    --- Browser helper object list ---
    {9030D464-4C02-4ABF-8ECC-5164760863C6} (Windows Live Sign-in Helper)
    BHO name:
    CLSID name: Windows Live Sign-in Helper
    Path: C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\
    Long name: WindowsLiveLogin.dll
    Short name: WINDOW~1.DLL
    Date (created): 07/07/2006 13:29:52
    Date (last access): 23/12/2006 20:23:50
    Date (last write): 07/07/2006 13:29:52
    Filesize: 324416
    Attributes: archive
    MD5: 52A70C80A446FA3BBCDAF59A9AB26AF4
    CRC32: B1456034
    Version: 4.0.249.1

    {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
    BHO name:
    CLSID name: Google Toolbar Helper
    description: Google toolbar
    classification: Open for discussion
    known filename: googletoolbar.dll<br>googletoolbar*.dll<br>(* = number)<br>googletoolbar_en_*.**-big.dll<br>Googletoolbar_en_*.*.**-deleon.dll
    info link: http://toolbar.google.com/
    info source: TonyKlein
    Path: c:\program files\google\
    Long name: GoogleToolbar2.dll
    Short name: GOOGLE~2.DLL
    Date (created): 27/01/2007 19:12:02
    Date (last access): 27/01/2007 19:12:02
    Date (last write): 20/01/2007 00:56:04
    Filesize: 2436160
    Attributes: readonly archive
    MD5: 6D44E0C3B43D27484FBB355E470C4188
    CRC32: 2DE875CD
    Version: 4.0.1601.4978



    --- ActiveX list ---
    {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} (Java Runtime Environment 1.5.0)
    DPF name: Java Runtime Environment 1.5.0
    CLSID name: Java Plug-in 1.5.0_10
    Installer:
    Codebase: http://java.sun.com/update/1.5.0/jinstall-1_5_0_10-wind...
    Path: C:\Program Files\Java\jre1.5.0_10\bin\
    Long name: NPJPI150_10.dll
    Short name: NPJPI1~1.DLL
    Date (created): 09/11/2006 16:07:34
    Date (last access): 09/11/2006 16:21:52
    Date (last write): 09/11/2006 16:21:54
    Filesize: 75528
    Attributes: archive
    MD5: 635F4B3A0F1C661B5CEDE628BA85E46B
    CRC32: 0C9B7145
    Version: 5.0.100.3

    {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} (Java Runtime Environment 1.5.0)
    DPF name: Java Runtime Environment 1.5.0
    CLSID name: Java Plug-in 1.5.0_11
    Installer:
    Codebase: http://java.sun.com/update/1.5.0/jinstall-1_5_0_11-wind...
    Path: C:\Program Files\Java\jre1.5.0_11\bin\
    Long name: NPJPI150_11.dll
    Short name: NPJPI1~1.DLL
    Date (created): 15/12/2006 03:09:16
    Date (last access): 15/12/2070 03:23:24
    Date (last write): 15/12/2006 03:23:26
    Filesize: 75528
    Attributes: archive
    MD5: 3B3F6984DBF972DAFF1B7E9C44E2FE75
    CRC32: 4BDE2041
    Version: 5.0.110.3



    --- Process list ---
    PID: 0 ( 0) [System]
    PID: 548 ( 4) \SystemRoot\System32\smss.exe
    PID: 620 ( 548) \??\C:\WINDOWS\system32\csrss.exe
    PID: 652 ( 548) \??\C:\WINDOWS\system32\winlogon.exe
    PID: 696 ( 652) C:\WINDOWS\system32\services.exe
    size: 108544
    MD5: 63DCDE1A0D86EEB8924D6738FF616EAD
    PID: 708 ( 652) C:\WINDOWS\system32\lsass.exe
    size: 13312
    MD5: 259AF82A0932EEA4F316F92DB94707B6
    PID: 864 ( 696) C:\WINDOWS\system32\Ati2evxx.exe
    size: 413696
    MD5: A2EAEB497CA29ECAEAF0DF66AD85C57D
    PID: 876 ( 696) C:\WINDOWS\system32\svchost.exe
    size: 14336
    MD5: 2979B03D5382A602623C0535B16AB9C0
    PID: 948 ( 696) C:\WINDOWS\system32\svchost.exe
    size: 14336
    MD5: 2979B03D5382A602623C0535B16AB9C0
    PID: 1008 ( 696) C:\Program Files\Windows Defender\MsMpEng.exe
    size: 13592
    MD5: F45DD1E1365D857DD08BC23563370D0E
    PID: 1052 ( 696) C:\WINDOWS\System32\svchost.exe
    size: 14336
    MD5: 2979B03D5382A602623C0535B16AB9C0
    PID: 1088 ( 696) C:\WINDOWS\system32\svchost.exe
    size: 14336
    MD5: 2979B03D5382A602623C0535B16AB9C0
    PID: 1104 ( 696) C:\WINDOWS\system32\svchost.exe
    size: 14336
    MD5: 2979B03D5382A602623C0535B16AB9C0
    PID: 1276 ( 696) C:\WINDOWS\system32\spoolsv.exe
    size: 57856
    MD5: AD3D9D191AEA7B5445FE1D82FFBB4788
    PID: 1792 ( 652) C:\WINDOWS\system32\Ati2evxx.exe
    size: 413696
    MD5: A2EAEB497CA29ECAEAF0DF66AD85C57D
    PID: 1900 (1824) C:\WINDOWS\Explorer.EXE
    size: 1930240
    MD5: 23E82DECBF0C51E64441E90CC570A239
    PID: 1916 ( 696) C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
    size: 77824
    MD5: CD64CE62BE47DF0E9A459FD9002221FE
    PID: 452 ( 696) C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    size: 59008
    MD5: DC995DA2D258C0590C3AE07EC68BFEE6
    PID: 496 ( 696) C:\Program Files\Alwil Software\Avast4\ashServ.exe
    size: 132736
    MD5: 8E33DA0415023EA7A9378AFA04D9BF4D
    PID: 532 ( 696) C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    size: 204800
    MD5: E8FBDCC8D618D1BB84B828F247A6244B
    PID: 592 ( 696) C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
    size: 94208
    MD5: 12CDB5DC7774298223099D6E41ED5CE7
    PID: 672 ( 696) C:\WINDOWS\system32\oodag.exe
    size: 340992
    MD5: 1020B329E99B3B6566EC5F888C7DBE64
    PID: 1456 ( 696) C:\WINDOWS\system32\locator.exe
    size: 75264
    MD5: DAB8E0B2F07DC4D44F8F72BF3994630B
    PID: 1520 (1900) C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    size: 108160
    MD5: 26A15D8D5C81A3B053E82B01A5D8208E
    PID: 1572 (1900) C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
    size: 127022
    MD5: 574B0C1A95D1EA0FBA1CA700CE83E7B9
    PID: 1604 (1900) C:\Program Files\DAEMON Tools\daemon.exe
    size: 157592
    MD5: 71D55FE46CD64AFBA728D42C8C8EBECA
    PID: 1664 (1900) C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
    size: 75520
    MD5: EDF5D27C6D244740418903626DF5741A
    PID: 1732 (1900) C:\WINDOWS\system32\lclock.exe
    size: 65536
    MD5: 38CC541D105DCBA3D3768D6B191D9505
    PID: 1832 (1900) C:\WINDOWS\system32\ctfmon.exe
    size: 15360
    MD5: 64E41E8FEE655B03E3F19DED21BA5118
    PID: 1860 (1900) C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
    size: 962661
    MD5: 4364B5C4F31241660D30D2C9980F877E
    PID: 2064 ( 696) C:\WINDOWS\system32\svchost.exe
    size: 14336
    MD5: 2979B03D5382A602623C0535B16AB9C0
    PID: 2668 (1900) C:\Program Files\Internet Explorer\iexplore.exe
    size: 623616
    MD5: 93A6A4F5293AE19E3B37021AABCF0902
    PID: 4084 (1900) C:\WINDOWS\system32\NOTEPAD.EXE
    size: 577536
    MD5: 16080BB7945B35E3A898C753812819AC
    PID: 1760 (1900) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
    size: 4393096
    MD5: 09CA174A605B480318731E691DC98539
    PID: 3700 (1760) C:\WINDOWS\regedit.exe
    size: 302592
    MD5: 1B9B1F49367B2DE814FEFC3D0E637F50
    PID: 4 ( 0) System


    --- Browser start & search pages list ---
    Spybot - Search & Destroy browser pages report, 26/03/2007 21:29:42

    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
    http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iese...
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
    http://www.google.fr/
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\SearchAssistant
    http://www.google.com/ie
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\@
    http://www.google.com/search?q=%s
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
    http://go.microsoft.com/fwlink/?LinkId=54896
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Bar
    http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
    about:blank
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
    http://go.microsoft.com/fwlink/?LinkId=69157
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
    http://go.microsoft.com/fwlink/?LinkId=54896
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant
    http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch
    http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm


    --- Winsock Layered Service Provider list ---


    --- Uninstall list ---
    7-Zip 4.42 (7-Zip)
    uninstall cmd: "C:\Program Files\7-Zip\Uninstall.exe"

    a-squared Free 2.1 2.1 (a-squared Free_is1)
    install date: 20061224
    install location: C:\Program Files\a-squared Free\
    uninstall cmd: "C:\Program Files\a-squared Free\unins000.exe"
    publisher: Emsi Software GmbH
    comments: a-squared
    help link: http://forum.emsisoft.com

    Le Maillon Faible (Activision_lmfUninstallKey)
    uninstall cmd: D:\PROGRA~1\ACTIVI~1\LEMAIL~1\UNINST~1\UNINST~1.EXE D:\Program Files\Activision\Le Maillon Faible\uninstall\Le Maillon Faible.log

    Ad-Aware SE Personal 1.06 (Ad-Aware SE Personal)
    uninstall cmd: C:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG
    publisher: Lavasoft
    help link: http://www.lavasoft.com

    AIDA32 v3.93 (AIDA32_is1)
    uninstall cmd: "C:\Program Files\AIDA32 - Personal System Information\unins000.exe"
    publisher: Tamas Miklos
    help link: http://www.aida32.hu

    ATI - Software Uninstall Utility 6.14.10.1014 (All ATI Software)
    install location: C:\Program Files\ATI Technologies\UninstallAll
    uninstall cmd: C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe

    ATI Display Driver 8.252-060503a-038185C-ATI (ATI Display Driver)
    uninstall cmd: rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:D ISPLAY -clean

    avast! Antivirus 4.7 (avast!)
    version (major): 4
    version (minor): 7
    install location: C:\PROGRA~1\ALWILS~1\Avast4
    install source: C:\PROGRA~1\ALWILS~1\Avast4\setup
    uninstall cmd: rundll32 C:\PROGRA~1\ALWILS~1\Avast4\Setup\setiface.dll,RunSetup
    publisher: Alwil Software
    help link: http://www.avast.com

    AVG Anti-Spyware 7.5 (AVGAntiSpyware75)
    install location: C:\Program Files\Grisoft\AVG Anti-Spyware 7.5
    uninstall cmd: C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe
    publisher: Grisoft Ltd.
    help link: http://www.grisoft.com

    AVIcodec (remove only) (AVIcodec)
    uninstall cmd: "C:\Program Files\AVIcodec\uninst.exe"

    AviSynth 2.5 (AviSynth)
    uninstall cmd: "C:\Program Files\AviSynth 2.5\Uninstall.exe"

    Bink and Smacker (Bink and Smacker)
    uninstall cmd: C:\PROGRA~1\RADVideo\UNWISE.EXE C:\PROGRA~1\RADVideo\INSTALL.LOG

    (Branding)

    BSplayer (BSPlayer1)
    uninstall cmd: "C:\Program Files\Webteh\BSplayer\uninstall.exe"

    Cap sur l'île au Trésor (Cap sur l'île au Trésor)
    uninstall cmd: D:\Program Files\Nobilis\Cap sur l'île au Trésor\Uninstall.exe

    CCleaner (remove only) (CCleaner)
    uninstall cmd: "C:\Program Files\CCleaner\uninst.exe"

    CloneCD (CloneCD)
    install location: C:\Program Files\SlySoft\CloneCD
    uninstall cmd: "C:\Program Files\SlySoft\CloneCD\ccd-uninst.exe" /D="C:\Program Files\SlySoft\CloneCD"
    publisher: SlySoft

    (Connection Manager)

    Directory Lister v0.9 (Directory Lister_is1)
    install location: C:\Program Files\Directory Lister\
    uninstall cmd: "C:\Program Files\Directory Lister\unins000.exe"
    publisher: KRKSoft
    help link: http://www.krksoft.com

    DVD Shrink 3.2 (DVD Shrink_is1)
    install location: C:\Program Files\DVD Shrink\
    uninstall cmd: "C:\Program Files\DVD Shrink\unins000.exe"
    publisher: DVD Shrink
    help link: http://www.dvdshrink.org

    eMule (eMule)
    uninstall cmd: "C:\Program Files\eMule\Uninstall.exe"

    EPSON Logiciel imprimante (EPSON Printer and Utilities)
    uninstall cmd: C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /r

    HijackThis 1.99.1 1.99.1 (HijackThis)
    uninstall cmd: C:\Documents and Settings\bruno\Mes documents\bruno.charbonnier\Securisation-internet\hijackthis\HijackThis.exe /uninstall
    publisher: Soeperman Enterprises Ltd.

    Microsoft Internationalized Domain Names Mitigation APIs (IDNMitigationAPIs)
    install date: 20061223
    uninstall cmd: "C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation

    Windows Internet Explorer 7 20061107.210142 (ie7)
    install date: 20061223
    uninstall cmd: "C:\WINDOWS\ie7\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: http://www.microsoft.com/ie

    (InstallShield Uninstall Information)

    PowerQuest PartitionMagic 8.0 8.00.000 (InstallShield_{6BE2A4A4-99FB-48ED-AE1E-4E850389F804})
    version: 134217728
    version (major): 8
    estimated size: 49622
    install date: 20061223
    install location: C:\Program Files\PowerQuest\PartitionMagic 8.0\
    uninstall cmd: C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}
    publisher: PowerQuest
    comments: PowerQuest Inc.
    contact: Service Assistance clientèle
    help link: http://www.powerquest.com/support
    help telephone: +33 (0)1 69 32 49 30
    readme: Readme.txt

    Pro Evolution Soccer 6 1.00.0000 (InstallShield_{EBB794ED-D282-4334-92FB-254481EFF514})
    version: 16777216
    version (major): 1
    estimated size: 1418142
    install date: 20061229
    install location: D:\KONAMI\Pro Evolution Soccer 6\
    install source: I:\
    uninstall cmd: C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{EBB794ED-D282-4334-92FB-254481EFF514} /l1036
    publisher: KONAMI

    IrfanView (remove only) (IrfanView)
    uninstall cmd: C:\Program Files\IrfanView\iv_uninstall.exe

    (KB884267)

    (KB885353)

    (KB886612)

    (KB887078)

    (KB887626)

    (KB888656)

    (KB889858)

    (KB891122)

    (KB892313)

    (KB893240)

    (KB893241)

    (KB895181)

    (KB895316)

    (KB895572)

    (KB897586)

    (KB898549)

    (KB900399)

    (KB902344)

    (KB907658)

    (KB911565)

    (KB911854)

    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090) 20070117.120000 (KB928090-IE7)
    install date: 20070217
    uninstall cmd: "C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com?kbid=928090

    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB929969) 20061222.120000 (KB929969)
    install date: 20070111
    uninstall cmd: "C:\WINDOWS\ie7updates\KB929969\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com?kbid=929969

    K-Lite Mega Codec Pack 1.65 1.65 (KLiteCodecPack_is1)
    install date: 20070213
    install location: C:\Program Files\K-Lite Codec Pack\
    uninstall cmd: "C:\Program Files\K-Lite Codec Pack\unins000.exe"

    Lame ACM MP3 Codec (LameACM)
    uninstall cmd: C:\WINDOWS\system32\rundll32.exe setupapi,InstallHinfSection Remove_LameMP3 132 C:\WINDOWS\INF\LameACM.inf

    Language pack for Ad-Aware SE (Language pack for Ad-Aware SE)
    uninstall cmd: C:\PROGRA~1\Lavasoft\AD-AWA~1\Plugins\Langs\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\Plugins\Langs\INSTALL.LOG
    publisher: Lavasoft
    help link: http://www.lavasoft.de

    Microsoft .NET Framework 1.1 Hotfix (KB886903) (M886903)
    uninstall cmd: "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M886903\M886903Uninstall.msp"

    Microsoft .NET Framework 1.1 (Microsoft .NET Framework 1.1 (1033))
    uninstall cmd: msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    readme: file://C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\1033\RepairRedist.htm

    Microsoft .NET Framework 2.0 (Microsoft .NET Framework 2.0)
    install location: C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\
    uninstall cmd: C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
    publisher: Microsoft Corporation
    help link: http://go.microsoft.com/fwlink/?LinkId=45396

    Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA (Microsoft .NET Framework 2.0 Language Pack - FRA)
    install location: C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\
    uninstall cmd: C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe
    publisher: Microsoft Corporation
    help link: http://go.microsoft.com/fwlink/?LinkId=45396

    Microsoft Money 14 (Money2005b)
    uninstall cmd: C:\Program Files\Microsoft Money 2005\MNYCoreFiles\Setup\uninst.exe /s:120
    publisher: Microsoft
    comments: La base de données d'installation contient la logique et les données requises pour installer Money.
    help link: http://support.microsoft.com
    help telephone: 0 825 827 829

    Microsoft Compression Client Pack 1.0 for Windows XP 1 (MSCompPackV1)
    install date: 20061223
    uninstall cmd: "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: http://go.microsoft.com/fwlink/?LinkId=74087

    Michael Schumacher World Tour Kart 2004 (mswt2004)
    uninstall cmd: "D:\Program Files\mswt kart 2004\uninstall.exe"

    Nero 7 Lite v7.5.9.0 (Nero7Lite_is1)
    install date: 20061225
    install location: C:\Program Files\Nero\
    uninstall cmd: "C:\Program Files\Nero\unins000.exe"
    publisher: Updatepack.nl

    Microsoft National Language Support Downlevel APIs (NLSDownlevelMapping)
    install date: 20061223
    uninstall cmd: "C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation

    PDF Editeur 2 (PDF Editeur 2)
    uninstall cmd: C:\WINDOWS\cadkasdeinst01f.exe "C:\Program Files\PDF Editeur 2\"

    Programme de gestion Camera de Logitech® (QcDrv)
    install location: C:\Program Files\Fichiers communs\Logitech\QCDRV
    install source: C:\Program Files\Logitech\QuickCamWebInstall\Drivers\Bin
    uninstall cmd: "C:\Program Files\Fichiers communs\Logitech\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT

    Ri4m v5.0.1d (Ri4m v5.0.1d)
    uninstall cmd: C:\Program Files\Ripp-it_AM\Ri4m_Uninstal.exe

    Ripp-It Codec Pack v 4.2.5 v 4.2.5 (Ripp-It Codec Pack)
    uninstall cmd: C:\Program Files\Ripp-It Codec Pack\uninst.exe
    publisher: Ripp-It Te@m

    Adobe Flash Player 9 ActiveX 9 (ShockwaveFlash)
    uninstall cmd: C:\WINDOWS\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
    publisher: Adobe Systems
    help link: http://www.adobe.com/go/flashplayer_support/

    Spybot - Search & Destroy 1.4 1.4 (Spybot - Search & Destroy_is1)
    install location: C:\Program Files\Spybot - Search & Destroy\
    uninstall cmd: "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
    publisher: Safer Networking Limited

    Total Video Converter 3.10 (Total Video Converter 3.10_is1)
    install date: 20070305
    install location: C:\Program Files\Total Video Converter\
    uninstall cmd: "C:\Program Files\Total Video Converter\unins000.exe"
    publisher: EffectMatrix Inc.
    help link: http://www.effectmatrix.com

    UltraISO Premium V8.6 (UltraISO_is1)
    install date: 20061227
    install location: C:\Program Files\UltraISO\
    uninstall cmd: "C:\Program Files\UltraISO\unins000.exe"

    µTorrent 1.6 (uTorrent)
    install location: C:\Program Files\uTorrent
    uninstall cmd: "C:\Program Files\uTorrent\uninstall.exe"

    VideoLAN VLC media player 0.8.6 0.8.6 (VLC media player)
    uninstall cmd: C:\Program Files\VideoLAN\VLC\uninstall.exe
    publisher: VideoLAN Team

    Windows Media Format 11 runtime (Windows Media Format Runtime)
    uninstall cmd: "C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
    help link: http://go.microsoft.com/fwlink/?LinkId=62768

    Lecteur Windows Media 11 (Windows Media Player)
    uninstall cmd: "C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall

    (WMCSetup)

    Windows Media Format 11 runtime (WMFDist11)
    install date: 20061223
    uninstall cmd: "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: http:

    Windows Media Player 11 (wmp11)
    install date: 20061223
    uninstall cmd: "C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    help link: http:

    Microsoft User-Mode Driver Framework Feature Pack 1.0 (Wudf01000)
    install date: 20061223
    uninstall cmd: "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
    publisher: Microsoft Corporation
    comments: Build Number 5716

    Xvid 1.1.2 final uninstall 1.1 (Xvid_is1)
    install location: C:\Program Files\Xvid\
    uninstall cmd: "C:\Program Files\Xvid\unins000.exe"
    publisher: Xvid team (Koepi)
    help link: http://forum.doom9.org/forumdisplay.php?f=52

    PDFCreator 0.9.3 ({0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D})
    install date: 20061226
    uninstall cmd: C:\Program Files\PDFCreator\unins000.exe
    publisher: Frank Heindörfer, Philip Chinery
    comments: PDFCreator - Opensource
    help link: http://www.sf.net/projects/pdfcreator
    readme: http://www.pdfforge.org

    Code de la Route 1.0 ({10890BBB-5CBB-468B-88E7-C83D56DE2440})
    version: 16777216
    install location: D:\Program Files\Micro Application\Code de la Route
    uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{10890BBB-5CBB-468B-88E7-C83D56DE2440}\SETUP.EXE" -l0x40c

    ({11E83B33-972B-4512-A447-FF0FD0246EE9})
    uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{11E83B33-972B-4512-A447-FF0FD0246EE9}\setup.exe" -l0x40c

    ({21B6F79B-2286-4BB0-B1E3-BA6B9498D110})
    uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{21B6F79B-2286-4BB0-B1E3-BA6B9498D110}\setup.exe" -l0x40c

    Windows Live Sign-in Assistant 4.000.249.1 ({22B3CC30-77B8-419C-AA4B-F571FDF5D66D})
    version: 67109113
    version (major): 4
    estimated size: 1112
    install date: 20061223
    uninstall cmd: MsiExec.exe /I{22B3CC30-77B8-419C-AA4B-F571FDF5D66D}
    publisher: Microsoft Corporation

    Google Toolbar for Internet Explorer ({2318C2B1-4965-11d4-9B18-009027A5CD4F})
    uninstall cmd: regsvr32 /u /s "c:\program files\google\googletoolbar2.dll"

    ({23EFDB58-0874-4883-9810-EDA510B19FAE})
    uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{23EFDB58-0874-4883-9810-EDA510B19FAE}\setup.exe" -l0x40c

    HardwareDetection 1.0.0.0 ({2ABD5914-4F3F-4A34-A313-A7182901733E})
    install date: 01/13/2007
    install location: C:\Program Files\HardwareDetection
    install source: C:\WINDOWS\temp
    uninstall cmd: "C:\Program Files\HardwareDetection\Uninstall.exe" "C:\Program Files\HardwareDetection\install.log" -u
    publisher: Ma-Config.com

    ({2BB79C8D-9DCC-4861-8A23-AE1B0B45E2B6})
    uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2BB79C8D-9DCC-4861-8A23-AE1B0B45E2B6}\setup.exe" -l0x40c

    ({2BFBC62A-3353-443D-93BE-7AC641D9F342})
    uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2BFBC62A-3353-443D-93BE-7AC641D9F342}\setup.exe" -l0x40c

    J2SE Runtime Environment 5.0 Update 6 1.5.0.60 ({3248F0A8-6813-11D6-A77B-00B0D0150060})
    version: 17104896
    version (major): 1
    version (minor): 5
    estimated size: 122273
    install date: 20070118
    install source: C:\Documents and Settings\bruno\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150060}\
    uninstall cmd: MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
    publisher: Sun Microsystems, Inc.
    contact: http://java.com
    help link: http://java.com
    readme: C:\Program Files\Java\jre1.5.0_06\README.txt

    J2SE Runtime Environment 5.0 Update 10 1.5.0.100 ({3248F0A8-6813-11D6-A77B-00B0D0150100})
    version: 17104896
    version (major): 1
    version (minor): 5
    estimated size: 122989
    install date: 20070119
    install source: http://javadl.sun.com/webapps/download/GetFile/1.5.0_10...
    uninstall cmd: MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150100}
    publisher: Sun Microsystems, Inc.
    contact: http://java.com
    help link: http://java.com
    readme: C:\Program Files\Java\jre1.5.0_10\README.txt

    J2SE Runtime Environment 5.0 Update 11 1.5.0.110 ({3248F0A8-6813-11D6-A77B-00B0D0150110})
    version: 17104896
    version (major): 1
    version (minor): 5
    estimated size: 123326
    install date: 20070326
    install source: http://javadl.sun.com/webapps/download/GetFile/1.5.0_11...
    uninstall cmd: MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150110}
    publisher: Sun Microsystems, Inc.
    contact: http://java.com
    help link: http://java.com
    readme: C:\Program Files\Java\jre1.5.0_11\README.txt

    MSXML 4.0 SP2 (KB927978) 4.20.9841.0 ({37477865-A3F1-4772-AD43-AAFC6BCFF99F})
    version: 68429425
    version (major): 4
    version (minor): 20
    estimated size: 2625
    install date: 20061224
    uninstall cmd: MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com/kb/927978

    Microsoft AppLocale 1.0.0 ({394BE3D9-7F57-4638-A8D1-1D88671913B7})
    version: 16777216
    version (major): 1
    estimated size: 3433
    install date: 20070108
    uninstall cmd: MsiExec.exe /I{394BE3D9-7F57-4638-A8D1-1D88671913B7}
    publisher: MS
    contact: MS

    SPAMfighter 4.9.7 ({41D8E9C6-C561-48CC-9E5C-044A32DEA655})
    version: 67698695
    version (major): 4
    version (minor): 9
    estimated size: 12773
    install date: 20061224
    install location: C:\Program Files\SPAMfighter\
    install source: C:\WINDOWS\Downloaded Installations\{4EAC3B1C-A428-4C28-B43A-1A698FD2E965}\
    publisher: SPAMfighter ApS

    SAGEM F@st 800-840 ({4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F})
    uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F}\setup.exe" -l0x40c

    FIFA 07 ({4DECFC9F-2310-4C02-009A-B6758306EF00})
    uninstall cmd: D:\EA SPORTS\FIFA 07\EAUninstall.exe

    Trivial Pursuit Déjanté 1.00.000 ({4E61888C-3D42-4691-AD25-E9AF648EAB63})
    version: 16777216
    install location: D:\Program Files\Atari\Trivial Pursuit Déjanté
    uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4E61888C-3D42-4691-AD25-E9AF648EAB63}\SETUP.EXE" -l0x40c

    O&O Defrag Professional Edition 8.5.1932 ({53480370-6CA2-47EC-BC05-02B4B9271C31})
    version: 134547340
    version (major): 8
    version (minor): 5
    estimated size: 11178
    install date: 20061225
    install location: C:\Program Files\OO Software\Defrag Professional\
    uninstall cmd: MsiExec.exe /I{53480370-6CA2-47EC-BC05-02B4B9271C31}
    publisher: O&O Software GmbH
    comments: Windows NT/2000/XP/2003 Logiciel de défragmentation
    contact: support@oo-software.de
    help link: http://www.oo-software.com/fr
    help telephone: +49 - (030) 4303 4300
    readme: C:\Program Files\OO Software\Defrag Professional\Readme.txt

    Logitech ImageStudio 7.30.0000 ({5A24DD7E-7B01-41AC-ADA8-F1776177A3BA})
    version: 119406592
    version (major): 7
    version (minor): 30
    estimated size: 96844
    install date: 20061227
    install location: C:\Program Files\Logitech\ImageStudio\
    install source: F:\ImageStudio\fra\
    uninstall cmd: MsiExec.exe /I{5A24DD7E-7B01-41AC-ADA8-F1776177A3BA}
    publisher: Logitech, Inc.
    contact: Service clientèle de Logitech®
    help link: http://www.logitech.com/support
    help telephone: +33-(0) 1-43 62 34 14
    readme: C:\Program Files\Logitech\ImageStudio\Readme.txt

    MSXML 6.0 Parser (KB927977) 6.00.3890.0 ({5A710547-B58E-488B-828D-CA9A25A0533C})
    version: 100667186
    version (major): 6
    estimated size: 1332
    install date: 20070222
    uninstall cmd: MsiExec.exe /I{5A710547-B58E-488B-828D-CA9A25A0533C}
    publisher: Microsoft Corporation
    help link: http://support.microsoft.com/kb/927977

    Patch TopSolid'Cam ({67FFAD75-E62C-4596-9C13-6B9F47E2CD99})
    uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{67FFAD75-E62C-4596-9C13-6B9F47E2CD99}\Setup.exe" anything

    PartitionMagic 8.00.000 ({6BE2A4A4-99FB-48ED-AE1E-4E850389F804})
    version: 134217728
    version (major): 8
    estimated size: 49622
    install date: 20061223
    install location: C:\Program Files\PowerQuest\PartitionMagic 8.0\
    publisher: PowerQuest
    comments: PowerQuest Inc.
    contact: Service Assistance clientèle
    help link: http://www.powerquest.com/support
    help telephone: +33 (0)1 69 32 49 30
    readme: Readme.txt

    EPSON Smart Panel ({6C11D561-620B-47DA-A693-4C597F3CDF40})
    uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6C11D561-620B-47DA-A693-4C597F3CDF40}\setup.exe" -l0x40c Uninstall

    ArcSoft PhotoImpression ({6C5D7191-140A-11D6-B5A0-0050DA208A93})
    uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6C5D7191-140A-11D6-B5A0-0050DA208A93}\setup.exe" -l0x40c -uninst

    Microsoft .NET Framework 2.0 2.0.50727 ({7131646D-CD3C-40F4-97B9-CD9E4E6262EF})
    version: 33605159
    version (major): 2
    estimated size: 697625
    install date: 20061223
    publisher: Microsoft Corporation

    Reverso Pro 5 EFFE 5.2.6 ({733AF353-1952-11D5-87A4-00E0294855E2})
    version: 84017158
    version (major): 5
    version (minor): 2
    estimated size: 42855
    install date: 20070115
    install source: F:\Programmes\Reverso PRO Translator 5 FR\Reverso Pro 5.0\FRENCH\EFFE\
    publisher: Softissimo
    comments: PROMT Translation Software
    contact: Support department
    help link: http://www.softissimo.com/
    help telephone:
    readme: C:\Program Files\PROMT5\Reverso Pro 5 readme.txt

    ({775FFF70-4A8C-4500-908D-3C34DBEB11D5})
    uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{775FFF70-4A8C-4500-908D-3C34DBEB11D5}\setup.exe" -l0x40c

    DivX 5.2.1 ({7B63B2922B174135AFC0E1377DD81EC2})
    install location: C:\Program Files\DivX
    uninstall cmd: C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
    publisher: DivXNetworks, Inc.

    TuneUp Utilities 2006 5.0.2328 ({868D7896-99D4-4513-BC62-2B3AD3E24926})
    version: 83888408
    version (major): 5
    estimated size: 100012
    install date: 20061227
    install source: F:\setup\TuneUp Utilities\
    uninstall cmd: MsiExec.exe /I{868D7896-99D4-4513-BC62-2B3AD3E24926}
    publisher: TuneUp Software
    help link: www.tuneup.de

    TopSolid 2006 By Missler Software ({8C290AEA-26F6-4B53-9686-9AFA162961C9})
    install location: C:\Missler\V67
    uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8C290AEA-26F6-4B53-9686-9AFA162961C9}\Setup.exe" -l0x40c -L0x40c

    Microsoft Office XP Standard 10.0.2627.5 ({9012040C-6000-11D3-8CFE-0050048383C9})
    version: 167774787
    version (major): 10
    estimated size: 153564
    install date: 20061226
    install location: INSTALLLOCATION
    install source: F:\Office XP\Disk 1\
    uninstall cmd: MsiExec.exe /I{9012040C-6000-11D3-8CFE-0050048383C9}
    publisher: Microsoft Corporation
    help link: http://www.microsoft.com/support
    readme: C:\Program Files\Microsoft Office\Office10\1036\OFREAD10.HTM

    Microsoft Office PowerPoint Viewer 2003 11.0.6458.0 ({90AF040C-6000-11D3-8CFE-0150048383C9})
    version: 184555834
    version (major): 11
    estimated size: 4111
    install date: 20061226
    install location: C:\Program Files\Microsoft Office\
    uninstall cmd: MsiExec.exe /X{90AF040C-6000-11D3-8CFE-0150048383C9}
    publisher: Microsoft Corporation
    help link: http://www.microsoft.com/support

    InterVideo WinDVD 5.0-B11.581 ({91810AFC-A4F8-4EBA-A5AA-B198BBC81144})
    version (major): 5
    install location: C:\Program Files\InterVideo\WinDVD
    uninstall cmd: "C:\Program Files\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL
    publisher: InterVideo Inc.
    contact: support@intervideo.com
    help link: http://www.intervideo.com/jsp/Support.jsp

    IZArc 3.6 3.6 ({97C82B44-D408-4F14-9252-47FC1636D23E}_is1)
    install date: 20070112
    install location: C:\Program Files\IZArc\
    uninstall cmd: "C:\Program Files\IZArc\unins000.exe"
    publisher: Ivan Zahariev
    help link: http://www.izarc.org

    Microsoft .NET Framework 1.1 French Language Pack 1.1.4322 ({9A394342-4A68-4EBA-85A6-55B559F4E700})
    version: 16847074
    version (major): 1
    version (minor): 1
    estimated size: 3138
    install date: 20061223
    uninstall cmd: MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
    publisher: Microsoft
    readme: file://C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\1036\RepairRedist.htm

    EPSON TWAIN 5 ({9A3EABC0-CA06-11D4-BF77-00104B130C19})
    uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9A3EABC0-CA06-11D4-BF77-00104B130C19}\setup.exe" -l0x40c UNINSTALL

    Windows Defender 1.1.1593.0 ({A06275F4-324B-4E85-95E6-87B2CD729401})
    version: 16844345
    version (major): 1
    version (minor): 1
    estimated size: 9322
    install date: 20061224
    install source: C:\Documents and Settings\bruno\Mes documents\bruno.charbonnier\
    uninstall cmd: MsiExec.exe /I{A06275F4-324B-4E85-95E6-87B2CD729401}
    publisher: Microsoft Corporation
    help link: http://go.microsoft.com/fwlink/?LinkId=55273

    NHL07 ({A1F7C120-80F4-48B1-00B8-4E278AED8779})
    uninstall cmd: D:\EA SPORTS\NHL07\EAUninstall.exe

    Questions pour un Champion ({AAF1D000-210B-11D9-B771-00C04F4351FF})
    uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AAF1D000-210B-11D9-B771-00C04F4351FF}\Setup.exe" -l0x40c

    Adobe Reader 8 - Français 8.0.0 ({AC76BA86-7AD7-1036-7B44-A80000000002})
    version: 134217728
    version (major): 8
    estimated size: 136274
    install date: 20061225
    install location: C:\Program Files\Adobe\Reader 8.0\Reader\
    uninstall cmd: MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A80000000002}
    publisher: Adobe Systems Incorporated
    comments:
    contact: Support clientèle
    help link: http://www.adobe.fr/support/main.html
    readme: C:\Program Files\Adobe\Reader 8.0\Reader\Readme.htm

    ({B100B05B-E290-41EF-9366-8BC4C76D7769})
    uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B100B05B-E290-41EF-9366-8BC4C76D7769}\setup.exe" -l0x40c

    ({B14F9B26-D695-4C4A-8B11-0FE6CDCC797B})
    uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B14F9B26-D695-4C4A-8B11-0FE6CDCC797B}\setup.exe" -l0x40c

    EPSON Copy Utility ({B69CC1A5-0404-11D6-ABCB-005004C21D30})
    uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B69CC1A5-0404-11D6-ABCB-005004C21D30}\setup.exe" -l0x40c ADDREMOVEDLG

    RUNAWAY - A road adventure ({B6C3139E-053A-4052-9BE1-E0BBEC2F0B88})
    uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B6C3139E-053A-4052-9BE1-E0BBEC2F0B88}\setup.exe"

    EPSON Photo Print ({C24FE0B8-0A25-42E6-8532-A4ABAA1FA400})
    uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C24FE0B8-0A25-42E6-8532-A4ABAA1FA400}\setup.exe" -l0x40c MyUninstall

    Logiciel QuickCam de Logitech 8.47.0000 ({C43048A9-742C-4DAD-90D2-E3B53C9DB825})
    version: 137297920
    install location: C:\Program Files\Logitech\Video
    install source: C:\Program Files\Logitech\QuickCamWebInstall\AppInst\
    uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C43048A9-742C-4DAD-90D2-E3B53C9DB825}\setup.exe" -l0x40c
    publisher: Logitech, Inc.
    contact: Service clientèle de Logitech®
    help link: http://www.logitech.com/support
    help telephone: +33-(0) 1-43 62 34 14
    readme: C:\Program Files\Logitech\Video\Readme.txt

    Microsoft .NET Framework 1.1 1.1.4322 ({CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1})
    version: 16847074
    version (major): 1
    version (minor): 1
    estimated size: 60751
    install date: 20061224
    uninstall cmd: MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    publisher: Microsoft
    readme: file://C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\1033\RepairRedist.htm

    ({D3568156-59C3-42DF-A520-2C25B6706C91})
    uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D3568156-59C3-42DF-A520-2C25B6706C91}\setup.exe" -l0x9

    Autodesk Revit Building 8 8.0 ({D7475246-CCDE-469C-AF03-B681B6FBE91D})
    version: 134217728
    version (major): 8
    estimated size: 203805
    install date: 20070123
    install location: D:\Program Files\Autodesk Revit Building 8\
    uninstall cmd: MsiExec.exe /X{D7475246-CCDE-469C-AF03-B681B6FBE91D}
    publisher: Autodesk, Inc.
    help link: http://support.autodesk.com

    Microsoft Windows Application Compatibility Database ({deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb)
    uninstall cmd: C:\WINDOWS\system32\sdbinst.exe -u "C:\WINDOWS\AppPatch\Custom\{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb"

    ({E213C271-AEFA-481D-A9B4-914D88925B8D})
    uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E213C271-AEFA-481D-A9B4-914D88925B8D}\setup.exe" -l0x40c

    ATI Catalyst Control Center 1.2.2314.20337 ({EA9FAF16-0E5C-42C4-9742-9AF8D5F6D69B})
    version: 16910602
    version (major): 1
    version (minor): 2
    estimated size: 212032
    install date: 20061223
    install source: C:\ATI\SUPPORT\6-11-pre-r300_xp-2k_dd_ccc_wdm_38185\ACE\
    uninstall cmd: MsiExec.exe /I{EA9FAF16-0E5C-42C4-9742-9AF8D5F6D69B}
    comments: Free technical support for ATI products, available 24 hours a day through our customer care webform.
    contact: ATI Customer Support Department
    help link: http://www.ati.com/support/
    help telephone: 1-877-284-1564

    ScanToWeb ({EBAE381B-60A6-4863-AA9F-FCAB755BC9E5})
    uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}\setup.exe" ADDREMOVEDLG

    Pro Evolution Soccer 6 1.00.0000 ({EBB794ED-D282-4334-92FB-254481EFF514})
    version: 16777216
    version (major): 1
    estimated size: 1418142
    install date: 20061229
    install location: D:\KONAMI\Pro Evolution Soccer 6\
    install source: I:\
    publisher: KONAMI

    Microsoft .NET Framework 2.0 Language Pack - FRA 1.1.50727.42 ({F196AC50-7C95-42E1-9947-BDAB18BF3C8C})
    version: 16893479
    version (major): 1
    version (minor): 1
    estimated size: 9179
    install date: 20061223
    publisher: Microsoft Corporation

    Windows Live Messenger 8.1.0178.00 ({F6326B60-1B1D-4ABF-BFCD-7B7404F44411})
    version: 134283442
    version (major): 8
    version (minor): 1
    estimated size: 31871
    install date: 20070228
    uninstall cmd: MsiExec.exe /I{F6326B60-1B1D-4ABF-BFCD-7B7404F44411}
    publisher: Microsoft Corporation

    Plus de 2 200 Recettes et Conseils culinaires 1.5 ({F84F37E3-201B-4EB9-A79D-C90F3846D4A0})
    version: 17104896
    install location: D:\Plus de 2 200 Recettes et Conseils culinaires
    uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F84F37E3-201B-4EB9-A79D-C90F3846D4A0}\SETUP.EXE" -l0x40c

    ({FAD9402A-1A9B-4ABE-A410-393A3622FA5A})
    uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FAD9402A-1A9B-4ABE-A410-393A3622FA5A}\setup.exe" -l0x40c

    Realtek AC'97 Audio 5.30 ({FB08F381-6533-4108-B7DD-039E11FBC27E})
    version: 85852160
    install date: 20061226
    install location: C:\Program Files\Realtek AC97\
    uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" -l0x40c -removeonly
    publisher: Realtek Semiconductor Corp.

    Agatha Christie - Le Crime de l'Orient Express 1.0 ({FBEDD989-D0C3-4DF4-A41C-5FC9DD693E18})
    version: 16777216
    install location: D:\Program Files\The Adventure Company\Le Crime de l'Orient Express
    uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FBEDD989-D0C3-4DF4-A41C-5FC9DD693E18}\setup.exe" -l0x40c -uninst



    --- System Services ---
    Service (registry key): .NET CLR Data
    Start: 0
    Type: 0
    Error Control: 0

    Service (registry key): .NET CLR Networking
    Start: 0
    Type: 0
    Error Control: 0

    Service (registry key): .NET Data Provider for Oracle
    Start: 0
    Type: 0
    Error Control: 0

    Service (registry key): .NET Data Provider for SqlServer
    Start: 0
    Type: 0
    Error Control: 0

    Service (registry key): .NETFramework
    Start: 0
    Type: 0
    Error Control: 0

    Service (registry key): 3xHybrid
    Display name: Pinnacle PCTV Stereo service
    Description: Pinnacle PCTV Stereo capture driver
    Image path: system32\DRIVERS\3xHybrid.sys
    Image size: 556416
    Image MD5: 08139BF090D10762CD4E113D438A4579
    Start: 3
    Type: 1
    Error Control: 0

    Service (registry key): Aavmker4
    Display name: avast! Asynchronous Virus Monitor
    Start: 1
    Type: 1
    Error Control: 1

    Service (registry key): Abiosdsk
    Start: 4
    Type: 1
    Error Control: 0

    Service (registry key): abp480n5
    Start: 4
    Type: 1
    Error Control: 1

    Service (registry key): ACPI
    Display name: Pilote ACPI Microsoft
    Image path: system32\DRIVERS\ACPI.sys
    Image size: 188672
    Image MD5: 0BD94FBFC14EA3606CD6CA4C0255BAA3
    Start: 0
    Type: 1
    Error Control: 1

    Service (registry key): ACPIEC
    Start: 4
    Type: 1
    Error Control: 1

    Service (registry key): ADILOADER
    Display name: General Purpose USB Driver (adildr.sys)
    Image path: System32\Drivers\adildr.sys
    Image size: 50007
    Image MD5: 2B3B8C0A2C979DD77BA6DC9376074854
    Start: 2
    Type: 1
    Error Control: 1

    Service (registry key): adiusbaw
    Display name: USB ADSL WAN Adapter
    Image path: system32\DRIVERS\adiusbaw.sys
    Image size: 127065
    Image MD5: D478C566318803A7063B120F026DC0B7
    Start: 3
    Type: 1
    Error Control: 1

    Service (registry key): adpu160m
    Start: 4
    Type: 1
    Error Control: 1

    Service (registry key): aec
    Display name: Suppresseur d'écho acoustique (Noyau Microsoft)
    Image path: system32\drivers\aec.sys
    Image size: 142464
    Image MD5: 1EE7B434BA961EF845DE136224C30FEC
    Start: 3
    Type: 1
    Error Control: 1

    Service (registry key): AFD
    Display name: AFD
    Description: Environnement de prise en charge de réseau AFD
    Image path: \SystemRoot\System32\drivers\afd.sys
    Start: 1
    Type: 1
    Error Control: 1

    Service (registry key): agp440
    Display name: Filtre de bus AGP Intel
    Image path: system32\DRIVERS\agp440.sys
    Image size: 42368
    Image MD5: 2C428FA0C3E3A01ED93C9B2A27D8D4BB
    Start: 0
    Type: 1
    Error Control: 1

    Service (registry key): Aha154x
    Start: 4
    Type: 1
    Error Control: 1

    Service (registry key): aic78u2
    Start: 4
    Type: 1
    Error Control: 1

    Service (registry key): aic78xx
    Start: 4
    Type: 1
    Error Control: 1

    Service (registry key): ALCXWDM
    Display name: Service for Realtek AC97 Audio (WDM)
    Image path: system32\drivers\ALCXWDM.SYS
    Image size: 4025088
    Image MD5: E1B23E1463ADCCA8637532D6B170CC32
    Start: 3
    Type: 1
    Error Control: 1

    Service (registry key): Alerter
    Display name: Avertissement
    Description: Informe les utilisateurs et les ordinateurs sélectionnés des alertes administratives. Si ce service est arrêté, les programmes qui utilisent les alertes administratives ne les recevront pas. Si ce service est désactivé, les services qui en dépendent ne pourront pas démarrer.
    Object name: NT AUTHORITY\LocalService
    Image path: %SystemRoot%\system32\svchost.exe -k LocalService
    Image size: 14336
    Image MD5: 2979B03D5382A602623C0535B16AB9C0
    Start: 4
    Type: 32
    Error Control: 1
    Depends On services: LanmanWorkstation

    Service (registry key): ALG
    Display name: Service de la passerelle de la couche Application
    Description: Offre la prise en charge des plug-ins de protocoles tiers pour le Partage de connexion Internet et le Pare-feu Windows.
    Object name: NT AUTHORITY\LocalService
    Image path: %SystemRoot%\System32\alg.exe
    Image size: 44544
    Image MD5: B43CC0F07752D456038CD0268E4D84E9
    Start: 4
    Type: 16
    Error Control: 1

    Service (registry key): AliIde
    Start: 4
    Type: 1
    Error Control: 1

    Service (registry key): amsint
    Start: 4
    Type: 1
    Error Control: 1

    Service (registry key): AppMgmt
    Display name: Gestion d'applications
    Description: Fournit des services d'installation de logiciels tels que Attribuer, Publier et Supprimer.
    Object name: LocalSystem
    Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
    Image size: 14336
    Image MD5: 2979B03D5382A602623C0535B16AB9C0
    Start: 3
    Type: 32
    Error Control: 1

    Service (registry key): Arp1394
    Display name: Protocole client ARP 1394
    Description: Protocole client ARP 1394
    Image path: system32\DRIVERS\arp1394.sys
    Image size: 60800
    Image MD5: F0D692B0BFFB46E30EB3CEA168BBC49F
    Start: 3
    Type: 1
    Error Control: 1
    Depends On services: Tcpip

    Service (registry key): asc
    Start: 4
    Type: 1
    Error Control: 1

    Service (registry key): asc3350p
    Start: 4
    Type: 1
    Error Control: 1

    Service (registry key): asc3550
    Start: 4
    Type: 1
    Error Control: 1

    Service (registry key): ASP.NET
    Start: 0
    Type: 0
    Error Control: 0

    Service (registry key): ASP.NET_1.1.4322
    Start: 0
    Type: 0
    Error Control: 0

    Service (registry key): ASP.NET_2.0.50727
    Start: 0
    Type: 0
    Error Control: 0

    Service (registry key): aspnet_state
    Display name: ASP.NET State Service
    Description: Provides support for out-of-process session states for ASP.NET. If this service is stopped, out-of-process requests will not be processed. If this service is disabled, any services that explicitly depend on it will fail to start.
    Object name: NT AUTHORITY\NetworkService
    Image path: %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
    Image size: 29896
    Image MD5: D33C507942299753868204CC7642FA27
    Start: 3
    Type: 16
    Error Control: 1

    Service (registry key): aswMon2
    Display name: avast! Standard Shield Support
    Start: 2
    Type: 2
    Error Control: 1

    Service (registry key): aswRdr
    Display name: aswRdr
    Start: 3
    Type: 1
    Error Control: 1
    Depends On services: tcpip

    Service (registry key): aswTdi
    Display name: avast! Network Shield Support
    Start: 1
    Type: 1
    Error Control: 1
    Depends On services: tcpip

    Service (registry key): aswUpdSv
    Display name: avast! iAVS4 Control Service
    Description: Fournit la mise à jour automatique pour l'antivirus avast!.
    Object name: LocalSystem
    Image path: "C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe"
    Image size: 59008
    Image MD5: DC995DA2D258C0590C3AE07EC68BFEE6
    Start: 2
    Type: 272
    Error Control: 1

    Service (registry key): AsyncMac
    Display name: Pilote de média asynchrone RAS
    Description: Pilote de média asynchrone RAS
    Image path: system32\DRIVERS\asyncmac.sys
    Image size: 14336
    Image MD5: 02000ABF34AF4C218C35D257024807D6
    Start: 3
    Type: 1
    Error Control: 1

    Service (registry key): atapi
    Display name: Contrôleur de disque dur IDE/ESDI standard
    Image path: system32\DRIVERS\atapi.sys
    Image size: 95360
    Image MD5: CDFE4411A69C224BD1D11B2DA92DAC51
    Start: 0
    Type: 1
    Error Control: 1

    Service (registry key): Atdisk
    Start: 4
    Type: 1
    Error Control: 0

    Service (registry key): Ati HotKey Poller
    Object name: LocalSystem
    Image path: %SystemRoot%\system32\Ati2evxx.exe
    Image size: 413696
    Image MD5: A2EAEB497CA29ECAEAF0DF66AD85C57D
    Start: 2
    Type: 272
    Error Control: 1

    Service (registry key): ATI Smart
    Display name: ATI Smart
    Object name: LocalSystem
    Image path: C:\WINDOWS\system32\ati2sgag.exe
    Image size: 520192
    Image MD5: 312A17DFF710A0F4E6D4DD1D52EAD1A8
    Start: 2
    Type: 272
    Error Control: 1

    Service (registry key): ati2mtag
    Image path: system32\DRIVERS\ati2mtag.sys
    Image size: 1540608
    Image MD5: 492BD2A5F65F218D4EDE5764A3BB67E9
    Start: 3
    Type: 1
    Error Control: 0

    Service (registry key): Atierecord
    Start: 0
    Type: 0
    Error Control: 0

    Service (registry key): atksgt
    Display name: atksgt
    Image path: system32\DRIVERS\atksgt.sys
    Image size: 271360
    Image MD5: 6E996CF8459A2594E0E9609D0E34D41F
    Start: 2
    Type: 1
    Error Control: 1

    Service (registry key): Atmarpc
    Display name: Protocole client ATM ARP
    Description: Protocole client ATM ARP
    Image path: system32\DRIVERS\atmarpc.sys
    Image size: 59904
    Image MD5: EC88DA854AB7D7752EC8BE11A741BB7F
    Start: 3
    Type: 1
    Error Control: 1
    Depends On services: Tcpip

    Service (registry key): AudioSrv
    Display name: Audio Windows
    Description: Gère les périphériques audio pour les programmes basés su
    a b 8 Sécurité
    26 Mars 2007 21:34:58

    Où ?
    26 Mars 2007 21:49:44

    Milles excuses!J'ai fait le nettoyage avec Spybot et il n'y a plus rien.Jusqu'à present,je n'avais pas pu supprimer ce Smitfraud-c.toolbar 888.Donc plus de problemes particuliers.Est-ce que je peux supprimer les rapports et les backups qui ont été créés lors de la desinfection?
    Et encore merci pour tout.Bonne fin de soirée.
    a b 8 Sécurité
    26 Mars 2007 21:51:48

    Tu peux supprimer les rapports et programmes.
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS