smithfraud et drivecleaner ! [résolu]

Bonjour,

Télécharge Hijackthis (de Merjin).
Dézippe-le dans un dossier ou sur ton Bureau.

Lance l'application.
Choisis l'option "Do a system scan and save a logfile"
Le Bloc-Notes s'ouvre :
-> Edition / Sélectionner Tout
-> Edition / Copier
Colle le rapport ici.

AIDE : Tuto en vidéo sur Hijackthis

Logfile of HijackThis v1.99.1
Scan saved at 21:10:02, on 04/04/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\freeBrowser\freeBrowser\freeBrowser.exe
C:\Program Files\Shareaza\Shareaza.exe
C:\Program Files\ePrompter\ePrompter.exe
C:\Program Files\Hotmail Popper\hotpop.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\freeBrowser\vlc\vlc.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\LOVATO\Mes documents\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://french.eazel.com/index.php?rvs=hompag
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [freeBrowser] C:\Program Files\freeBrowser\freeBrowser\freeBrowser.exe
O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray
O4 - Startup: ePrompter.lnk = C:\Program Files\ePrompter\ePrompter.exe
O4 - Startup: Hotmail Popper.lnk = C:\Program Files\Hotmail Popper\hotpop.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

Re,

Télécharge VundoFix.exe (par Atribune) sur ton Bureau.

Double-clique VundoFix.exe afin de le lancer

Clique sur le bouton Scan for Vundo

Lorsque le scan est complété, clique sur le bouton Remove Vundo

Une invite te demandera si tu veux supprimer les fichiers, clique YES

Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers

Tu verras une invite qui t'annonce que ton PC va redémarrer; clique OK

Copie/colle le contenu du rapport situé dans C:\vundofix.txt ainsi qu'un nouveau rapport HijackThis dans ta prochaine réponse

Note: Il est possible que VundoFix soit confronté à un fichier qu'il ne peut supprimer. Si tel est le cas, l'outil se lancera au prochain redémarrage; il faut simplement suivre les instructions ci-haut, à partir de "clique sur le bouton Scan for Vundo".

Re,


VundoFix V6.3.19

Checking Java version...

Sun Java not detected
Scan started at 21:16:17 04/04/2007

Listing files found while scanning....

C:\WINDOWS\system32\ikscxotp.dll
C:\WINDOWS\system32\nnnmnll.dll
C:\WINDOWS\system32\ptoxcski.ini
C:\WINDOWS\system32\stutv.bak1
C:\WINDOWS\system32\stutv.bak2
C:\WINDOWS\system32\stutv.ini
C:\WINDOWS\system32\vtmijfck.dll
C:\WINDOWS\system32\vtuts.dll
C:\WINDOWS\system32\yturqush.dll

Beginning removal...

Attempting to delete C:\WINDOWS\system32\ikscxotp.dll
C:\WINDOWS\system32\ikscxotp.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\nnnmnll.dll
C:\WINDOWS\system32\nnnmnll.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\ptoxcski.ini
C:\WINDOWS\system32\ptoxcski.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\stutv.bak1
C:\WINDOWS\system32\stutv.bak1 Has been deleted!

Attempting to delete C:\WINDOWS\system32\stutv.bak2
C:\WINDOWS\system32\stutv.bak2 Has been deleted!

Attempting to delete C:\WINDOWS\system32\stutv.ini
C:\WINDOWS\system32\stutv.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\vtmijfck.dll
C:\WINDOWS\system32\vtmijfck.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\vtuts.dll
C:\WINDOWS\system32\vtuts.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\yturqush.dll
C:\WINDOWS\system32\yturqush.dll Has been deleted!

Performing Repairs to the registry.
Done!

VundoFix V6.3.19

Checking Java version...

Sun Java not detected
Scan started at 21:21:40 04/04/2007

Listing files found while scanning....

C:\WINDOWS\system32\nnnmnll.dll

Beginning removal...

Attempting to delete C:\WINDOWS\system32\nnnmnll.dll
C:\WINDOWS\system32\nnnmnll.dll Has been deleted!

Performing Repairs to the registry.
Done!




Nouveau rapport hijackthis:

Logfile of HijackThis v1.99.1
Scan saved at 21:27:16, on 04/04/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\freeBrowser\freeBrowser\freeBrowser.exe
C:\Program Files\Shareaza\Shareaza.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\ePrompter\ePrompter.exe
C:\Program Files\Hotmail Popper\hotpop.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\freeBrowser\vlc\vlc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\LOVATO\Mes documents\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://french.eazel.com/index.php?rvs=hompag
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {9F49D02E-7BFB-4CF1-8CF2-6882E2FF4DD7} - (no file)
O2 - BHO: (no name) - {C1E56300-2485-4641-B9BA-8867B17D3679} - C:\WINDOWS\system32\vtuts.dll (file missing)
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [SoundService] rundll32.exe "C:\WINDOWS\system32\ikscxotp.dll",setvm
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [freeBrowser] C:\Program Files\freeBrowser\freeBrowser\freeBrowser.exe
O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray
O4 - Startup: ePrompter.lnk = C:\Program Files\ePrompter\ePrompter.exe
O4 - Startup: Hotmail Popper.lnk = C:\Program Files\Hotmail Popper\hotpop.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: yayyyww - yayyyww.dll (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

Re,

Télécharge Clean.zip (de Malekal),
Décompresse-le sur ton bureau (Clique-Droit/Extraire tout), tu dois obtenir un dossier Clean.
Ouvre le dossier clean, double-clique sur clean.cmd.
Choisis l'option 1 puis patiente. Poste ensuite le contenu du rapport.

Re,

Rapport clean par Malekal_morte - http://www.malekal.com
Option 1, executee le 04/04/2007 a 21:33:16,50

*** Recherche de fichiers sur C:

*** Recherche des fichiers dans C:\WINDOWS\

*** Recherche des fichiers dans C:\WINDOWS\system32
C:\WINDOWS\system32\mcrh.tmp FOUND
C:\WINDOWS\system32\SpoonUninstall.exe FOUND

"C:\Program Files\DivX\Google\Firefox\ffinstaller.exe" FOUND
*** Fin du rapport !

Re,

Redémarre en mode sans échec

Ouvre le dossier clean, double-clique sur clean.cmd.
Choisis l'option 2 puis patiente.

Redémarre normalement

- Poste le rapport clean : C:\rapport_clean.txt

Fais un scan en ligne Kaspersky avec Internet Explorer :

Clique sur

Clique maintenant sur J'accepte.

Valide l'installation d'un ou de plusieurs ActiveX si c'est nécessaire.

Patiente pendant l'installation des Mises à jour.

Choisis par la suite l'analyse du Poste de travail

Sauvegarde puis colle le rapport généré en fin d'analyse.

AIDE : Tuto sur le scan en ligne

NOTE : Si tu reçois le message "La licence de Kaspersky On-line Scanner est périmée", va dans Ajout/Suppression de programmes puis désinstalle On-Line Scanner, reconnecte toi sur le site de Kaspersky pour retenter le scan en ligne.

Re, ne désespère pas , cela va arriver ...
Déjà trois virus et 6 dossiers infectés !!!

Re,

Script execute en mode sans echec
Rapport clean par Malekal_morte - http://www.malekal.com
Option 2, executee le 04/04/2007 a 21:37:58,23

Microsoft Windows XP [version 5.1.2600]

*** Suppression de fichiers sur C:

*** Suppression des fichiers dans C:\WINDOWS\

*** Suppression des fichiers dans C:\WINDOWS\system32
tentative de suppression de C:\WINDOWS\system32\mcrh.tmp
tentative de suppression de C:\WINDOWS\system32\SpoonUninstall.exe

tentative de suppression de "C:\Program Files\DivX\Google\Firefox\ffinstaller.exe"

*** Suppression des clefs du registre effectuee..
*** Fin du rapport !


------------------------------------------------------------------------------
Kaspersky:


Wednesday, April 04, 2007 10:15:07 PM
Système d'exploitation : Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version : 5.0.83.0
Dernière mise à jour de la base antivirus Kaspersky : 4/04/2007
Enregistrements dans la base antivirus Kaspersky : 275070


Paramètres d'analyse
Analyser avec la base antivirus suivante standard
Analyser les archives vrai
Analyser les bases de messagerie vrai

Cible de l'analyse Poste de travail
C:\
D:\
E:\
F:\

Statistiques de l'analyse
Total d'objets analysés 46252
Nombre de virus trouvés 3
Nombre d'objets infectés 8 / 0
Nombre d'objets suspects 0
Durée de l'analyse 00:24:14

Nom de l'objet infecté Nom du virus Dernière action
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré

C:\Documents and Settings\LocalService\Cookies\index.dat L'objet est verrouillé ignoré

C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré

C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré

C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré

C:\Documents and Settings\LocalService\NTUSER.DAT L'objet est verrouillé ignoré

C:\Documents and Settings\LocalService\ntuser.dat.LOG L'objet est verrouillé ignoré

C:\Documents and Settings\LOVATO\Application Data\Shareaza\Data\TigerTree.dat L'objet est verrouillé ignoré

C:\Documents and Settings\LOVATO\Cookies\index.dat L'objet est verrouillé ignoré

C:\Documents and Settings\LOVATO\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré

C:\Documents and Settings\LOVATO\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré

C:\Documents and Settings\LOVATO\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré

C:\Documents and Settings\LOVATO\Local Settings\Historique\History.IE5\MSHist012007040420070405\index.dat L'objet est verrouillé ignoré

C:\Documents and Settings\LOVATO\Local Settings\Temp\~DF36.tmp L'objet est verrouillé ignoré

C:\Documents and Settings\LOVATO\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat L'objet est verrouillé ignoré

C:\Documents and Settings\LOVATO\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré

C:\Documents and Settings\LOVATO\NTUSER.DAT L'objet est verrouillé ignoré

C:\Documents and Settings\LOVATO\ntuser.dat.LOG L'objet est verrouillé ignoré

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré

C:\Documents and Settings\NetworkService\NTUSER.DAT L'objet est verrouillé ignoré

C:\Documents and Settings\NetworkService\ntuser.dat.LOG L'objet est verrouillé ignoré

C:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat L'objet est verrouillé ignoré

C:\Program Files\Alwil Software\Avast4\DATA\Avast4.db L'objet est verrouillé ignoré

C:\Program Files\Alwil Software\Avast4\DATA\integ\avast.int L'objet est verrouillé ignoré

C:\Program Files\Alwil Software\Avast4\DATA\log\AshWebSv.ws L'objet est verrouillé ignoré

C:\Program Files\Alwil Software\Avast4\DATA\log\aswMaiSv.log L'objet est verrouillé ignoré

C:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log L'objet est verrouillé ignoré

C:\Program Files\Alwil Software\Avast4\DATA\report\Protection résidente.txt L'objet est verrouillé ignoré

C:\Program Files\freeBrowser\freeBrowser\FreeBrowser.log L'objet est verrouillé ignoré

C:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré

C:\System Volume Information\_restore{D08ABD70-BD34-4259-94B6-4DBF759EC72B}\RP120\A0012739.dll Infecté : Trojan.Win32.BHO.g ignoré

C:\System Volume Information\_restore{D08ABD70-BD34-4259-94B6-4DBF759EC72B}\RP120\A0012742.dll Infecté : Trojan-Spy.Win32.VBStat.h ignoré

C:\System Volume Information\_restore{D08ABD70-BD34-4259-94B6-4DBF759EC72B}\RP120\A0012743.dll Infecté : Trojan.Win32.BHO.g ignoré

C:\System Volume Information\_restore{D08ABD70-BD34-4259-94B6-4DBF759EC72B}\RP128\A0014264.dll Infecté : Packed.Win32.Klone.j ignoré

C:\System Volume Information\_restore{D08ABD70-BD34-4259-94B6-4DBF759EC72B}\RP128\A0015357.dll Infecté : Trojan-Spy.Win32.VBStat.h ignoré

C:\System Volume Information\_restore{D08ABD70-BD34-4259-94B6-4DBF759EC72B}\RP128\A0015359.dll Infecté : Trojan-Spy.Win32.VBStat.h ignoré

C:\System Volume Information\_restore{D08ABD70-BD34-4259-94B6-4DBF759EC72B}\RP128\change.log L'objet est verrouillé ignoré

C:\VundoFix Backups\vtmijfck.dll.bad Infecté : Trojan-Spy.Win32.VBStat.h ignoré

C:\VundoFix Backups\yturqush.dll.bad Infecté : Trojan-Spy.Win32.VBStat.h ignoré

C:\WINDOWS\Debug\PASSWD.LOG L'objet est verrouillé ignoré

C:\WINDOWS\SchedLgU.Txt L'objet est verrouillé ignoré

C:\WINDOWS\SoftwareDistribution\EventCache\{DF36EAA5-D17A-4B3F-8CB9-EC6852A26BF6}.bin L'objet est verrouillé ignoré

C:\WINDOWS\SoftwareDistribution\ReportingEvents.log L'objet est verrouillé ignoré

C:\WINDOWS\Sti_Trace.log L'objet est verrouillé ignoré

C:\WINDOWS\system32\CatRoot2\edb.log L'objet est verrouillé ignoré

C:\WINDOWS\system32\CatRoot2\tmp.edb L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\Antivirus.Evt L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\AppEvent.Evt L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\default L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\default.LOG L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\Internet.evt L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\SAM L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\SAM.LOG L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\SecEvent.Evt L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\SECURITY L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\SECURITY.LOG L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\software L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\software.LOG L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\SysEvent.Evt L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\system L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\system.LOG L'objet est verrouillé ignoré

C:\WINDOWS\system32\drivers\atapi.sys L'objet est verrouillé ignoré

C:\WINDOWS\system32\h323log.txt L'objet est verrouillé ignoré

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR L'objet est verrouillé ignoré

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP L'objet est verrouillé ignoré

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER L'objet est verrouillé ignoré

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP L'objet est verrouillé ignoré

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP L'objet est verrouillé ignoré

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA L'objet est verrouillé ignoré

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP L'objet est verrouillé ignoré

C:\WINDOWS\Temp\Perflib_Perfdata_21c.dat L'objet est verrouillé ignoré

C:\WINDOWS\Temp\_avast4_\Webshlock.txt L'objet est verrouillé ignoré

C:\WINDOWS\wiadebug.log L'objet est verrouillé ignoré

C:\WINDOWS\wiaservc.log L'objet est verrouillé ignoré

C:\WINDOWS\WindowsUpdate.log L'objet est verrouillé ignoré

D:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré

D:\System Volume Information\_restore{D08ABD70-BD34-4259-94B6-4DBF759EC72B}\RP128\change.log L'objet est verrouillé ignoré

D:\temporaires\btih_JFR673T2NKQ675BBJ4B66EWEJKQLYACY.partial L'objet est verrouillé ignoré

D:\temporaires\btih_NNSHHKLHUXE57RRVP7K6DK3DFW3YZW7Y.partial L'objet est verrouillé ignoré

D:\temporaires\ed2k_13a2dc80f8ff2cb41b904e06adf265b6.partial L'objet est verrouillé ignoré

D:\temporaires\ed2k_6a9acd41f9f3f722dc82278a1750333a.partial L'objet est verrouillé ignoré

D:\temporaires\sha1_2I7ZWHTRUIHKTE257FOGA2XSWQV7TZRB.partial L'objet est verrouillé ignoré

D:\temporaires\sha1_6P42AQF4NUYVKS3TIK7INDZEWVHBSEN7.partial L'objet est verrouillé ignoré

D:\temporaires\sha1_6RYBFL5NW2DNRU64NKJVXV4UENDYAMGS.partial L'objet est verrouillé ignoré

D:\temporaires\sha1_DO3U7ZMXQB25ZADPTWGE3AODM6BAHHS4.partial L'objet est verrouillé ignoré

D:\temporaires\sha1_GSQKN5VUQ5ZQPEX2LLDNN7BN67675C6D.partial L'objet est verrouillé ignoré

D:\temporaires\sha1_HNJAMMPPUKEOCTSGR5DLNBXILLVBSHCD.partial L'objet est verrouillé ignoré

D:\temporaires\sha1_OI63B6OXAYXZYQDEIRXBFLAQ73I2P3KE.partial L'objet est verrouillé ignoré

D:\temporaires\sha1_R6QT2ZLNDV7YREDSVW4ZEGCYBIJOFCQK.partial L'objet est verrouillé ignoré

D:\temporaires\sha1_R7FXNZJNQCUVV5PSXDRL3NLC6ZK6DVMD.partial L'objet est verrouillé ignoré

D:\temporaires\sha1_UYU3VJRPF4DZQMA6K4LETG6ORUV3XMYW.partial L'objet est verrouillé ignoré

D:\temporaires\sha1_Y5GITV5R7LR4KYYYGVCMT3XCXASAB3VM.partial L'objet est verrouillé ignoré

Analyse terminée.

Désactive puis réactive la restauration du système.
Reposte un rapport Hijackthis.

on fait comment pour desactiver la restauration? Avec Kasprsky je peux fermer, il n y a plus rien à faire?

tu peux fermer


http://service1.symantec.com/SUPPORT/INTER/tsgeninfoint...

Merci , voici le rapport

Logfile of HijackThis v1.99.1
Scan saved at 22:28:46, on 04/04/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\freeBrowser\freeBrowser\freeBrowser.exe
C:\Program Files\Shareaza\Shareaza.exe
C:\Program Files\ePrompter\ePrompter.exe
C:\Program Files\Hotmail Popper\hotpop.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\freeBrowser\vlc\vlc.exe
C:\Documents and Settings\LOVATO\Mes documents\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://french.eazel.com/index.php?rvs=hompag
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {9F49D02E-7BFB-4CF1-8CF2-6882E2FF4DD7} - (no file)
O2 - BHO: (no name) - {C1E56300-2485-4641-B9BA-8867B17D3679} - C:\WINDOWS\system32\vtuts.dll (file missing)
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [SoundService] rundll32.exe "C:\WINDOWS\system32\ikscxotp.dll",setvm
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [freeBrowser] C:\Program Files\freeBrowser\freeBrowser\freeBrowser.exe
O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray
O4 - Startup: ePrompter.lnk = C:\Program Files\ePrompter\ePrompter.exe
O4 - Startup: Hotmail Popper.lnk = C:\Program Files\Hotmail Popper\hotpop.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: yayyyww - yayyyww.dll (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

Mes excuses je n avais pas fait ce que tu me demandais , voici le rapport apres desactivation puis reactivation :

Logfile of HijackThis v1.99.1
Scan saved at 22:31:08, on 04/04/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\freeBrowser\freeBrowser\freeBrowser.exe
C:\Program Files\Shareaza\Shareaza.exe
C:\Program Files\ePrompter\ePrompter.exe
C:\Program Files\Hotmail Popper\hotpop.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\freeBrowser\vlc\vlc.exe
C:\Documents and Settings\LOVATO\Mes documents\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://french.eazel.com/index.php?rvs=hompag
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {9F49D02E-7BFB-4CF1-8CF2-6882E2FF4DD7} - (no file)
O2 - BHO: (no name) - {C1E56300-2485-4641-B9BA-8867B17D3679} - C:\WINDOWS\system32\vtuts.dll (file missing)
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [SoundService] rundll32.exe "C:\WINDOWS\system32\ikscxotp.dll",setvm
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [freeBrowser] C:\Program Files\freeBrowser\freeBrowser\freeBrowser.exe
O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray
O4 - Startup: ePrompter.lnk = C:\Program Files\ePrompter\ePrompter.exe
O4 - Startup: Hotmail Popper.lnk = C:\Program Files\Hotmail Popper\hotpop.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: yayyyww - yayyyww.dll (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

Re,

- Lance Hijackthis ->Do a system scan only
->Coche les lignes ci-dessous :

O2 - BHO: (no name) - {9F49D02E-7BFB-4CF1-8CF2-6882E2FF4DD7} - (no file)
O2 - BHO: (no name) - {C1E56300-2485-4641-B9BA-8867B17D3679} - C:\WINDOWS\system32\vtuts.dll (file missing)
O4 - HKLM\..\Run: [SoundService] rundll32.exe "C:\WINDOWS\system32\ikscxotp.dll",setvm

Clique sur Fix checked (en bas à gauche)

Télécharge OTMoveIt (d'OldTimer). Sauvegarde-le sur ton Bureau.
Sélectionne TOUS l'emplacement en gras ci-dessous :

C:\WINDOWS\system32\ikscxotp.dll

---> Clique-droit puis Copier

Double-clique sur OTMoveIt.exe afin de le lancer.
Fais un Clique-droit sur le cadre de gauche puis choisis Coller.
Clique maintenant sur [#ff0000]MoveIt![/#f]

! Si un fichier ou dossier ne peut être supprimé immédiatement, le logiciel te demandera de redémarrer. Accepte en cliquant sur YES !

Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport est la date de sa création.

Ca ne fonctionne pas , quand je colle le lien en gras ca pe met
Cannot create file C:\_OTMoveit\Movedfiles\04042007_223719.log

Tu peux reposter un rapport Hijackthis ?

Logfile of HijackThis v1.99.1
Scan saved at 22:42:20, on 04/04/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\freeBrowser\freeBrowser\freeBrowser.exe
C:\Program Files\Shareaza\Shareaza.exe
C:\Program Files\ePrompter\ePrompter.exe
C:\Program Files\Hotmail Popper\hotpop.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\freeBrowser\vlc\vlc.exe
C:\Documents and Settings\LOVATO\Mes documents\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://french.eazel.com/index.php?rvs=hompag
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [freeBrowser] C:\Program Files\freeBrowser\freeBrowser\freeBrowser.exe
O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray
O4 - Startup: ePrompter.lnk = C:\Program Files\ePrompter\ePrompter.exe
O4 - Startup: Hotmail Popper.lnk = C:\Program Files\Hotmail Popper\hotpop.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: yayyyww - yayyyww.dll (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

Tu as toujours des problèmes ?

Apparement oui l ordi est toujours tres tres tres long pour ouvrir ma page internet par ex , je refais sypbot pour voir si il trouve toujours smitfraud ....

Smitfraud C Toolbar est toujours la

Quel est son emplacement ?

--- Search result list ---
Smitfraud-C.Toolbar888: Réglages (Clé du registre, nothing done)
HKEY_USERS\S-1-5-21-436374069-776561741-682003330-1004\Software\Microsoft\aldd

MediaPlex: Cookie traceur (Internet Explorer: LOVATO) (Cookie, nothing done)


BlueStreak: Cookie traceur (Internet Explorer: LOVATO) (Cookie, nothing done)



--- Spybot - Search & Destroy version: 1.4 (build: 20050523) ---

2005-05-31 blindman.exe (1.0.0.1)
2005-05-31 SpybotSD.exe (1.4.0.3)
2005-05-31 TeaTimer.exe (1.4.0.2)
2007-01-27 unins000.exe (51.41.0.0)
2005-05-31 Update.exe (1.4.0.0)
2007-01-15 advcheck.dll (1.2.1.0)
2005-05-31 aports.dll (2.1.0.0)
2005-05-31 borlndmm.dll (7.0.4.453)
2005-05-31 delphimm.dll (7.0.4.453)
2005-05-31 SDHelper.dll (1.4.0.0)
2007-01-02 Tools.dll (2.0.1.0)
2005-05-31 UnzDll.dll (1.73.1.1)
2005-05-31 ZipDll.dll (1.73.2.0)
2007-04-04 Includes\Cookies.sbi (*)
2006-12-08 Includes\Dialer.sbi (*)
2007-04-04 Includes\DialerC.sbi (*)
2007-04-04 Includes\Hijackers.sbi (*)
2007-04-04 Includes\HijackersC.sbi (*)
2006-10-27 Includes\Keyloggers.sbi (*)
2007-04-04 Includes\KeyloggersC.sbi (*)
2007-03-21 Includes\Malware.sbi (*)
2007-04-04 Includes\MalwareC.sbi (*)
2007-03-21 Includes\PUPS.sbi (*)
2007-04-04 Includes\PUPSC.sbi (*)
2007-04-04 Includes\Revision.sbi (*)
2006-12-08 Includes\Security.sbi (*)
2007-04-04 Includes\SecurityC.sbi (*)
2007-03-21 Includes\Spybots.sbi (*)
2007-04-04 Includes\SpybotsC.sbi (*)
2005-02-17 Includes\Tracks.uti
2007-04-04 Includes\Trojans.sbi (*)
2007-04-04 Includes\TrojansC.sbi (*)



--- System information ---
Windows XP (Build: 2600) Service Pack 2
/ Microsoft .NET Framework 2.0: This Security Update is for Microsoft .NET Framework 2.0. \n
If you later install a more recent service pack, this Security Update will be uninstalled automatically. \n
For more information, visit http://support.microsoft.com/kb/917283
/ Microsoft .NET Framework 2.0: This Security Update is for Microsoft .NET Framework 2.0. \n
If you later install a more recent service pack, this Security Update will be uninstalled automatically. \n
For more information, visit http://support.microsoft.com/kb/922770
/ MSXML4SP2: FIX: ASP stops responding when calling Response.Redirect to another server using msxml4 sp2
/ Windows / SP1: Microsoft Internationalized Domain Names Mitigation APIs
/ Windows / SP1: Microsoft National Language Support Downlevel APIs
/ Windows Media Format 11 SDK: Hotfix for Windows Media Format 11 SDK (KB929399)
/ Windows Media Player 6.4: Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398)
/ Windows Media Player 9: Mise à jour de sécurité pour Lecteur Windows Media 9 (KB917734)
/ Windows XP: Mise à jour de sécurité pour Windows XP (KB923689)
/ Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090)
/ Windows XP / SP0: Mise à jour de sécurité pour Windows Internet Explorer 7 (KB929969)
/ Windows XP / SP10: Microsoft Compression Client Pack 1.0 for Windows XP
/ Windows XP / SP3: Correctif Windows XP - KB873339
/ Windows XP / SP3: Correctif Windows XP - KB885835
/ Windows XP / SP3: Correctif Windows XP - KB885836
/ Windows XP / SP3: Correctif Windows XP - KB885884
/ Windows XP / SP3: Correctif Windows XP - KB886185
/ Windows XP / SP3: Correctif Windows XP - KB887472
/ Windows XP / SP3: High Definition Audio Driver Package - KB888111
/ Windows XP / SP3: Correctif Windows XP - KB888302
/ Windows XP / SP3: Correctif Windows XP - KB890859
/ Windows XP / SP3: Correctif Windows XP - KB891781
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB893756)
/ Windows XP / SP3: Windows Installer 3.1 (KB893803)
/ Windows XP / SP3: Mise à jour pour Windows XP (KB894391)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896358)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896423)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896424)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB896428)
/ Windows XP / SP3: Mise à jour pour Windows XP (KB898461)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB899587)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB899591)
/ Windows XP / SP3: Mise à jour pour Windows XP (KB900485)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB900725)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB901017)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB901214)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB902400)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB904706)
/ Windows XP / SP3: Mise à jour pour Windows XP (KB904942)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB905414)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB905749)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB908519)
/ Windows XP / SP3: Mise à jour pour Windows XP (KB908531)
/ Windows XP / SP3: Mise à jour pour Windows XP (KB910437)
/ Windows XP / SP3: Mise à jour pour Windows XP (KB911280)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB911562)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB911927)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB912919)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB913580)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB914388)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB914389)
/ Windows XP / SP3: Correctif pour Windows XP (KB914440)
/ Windows XP / SP3: Hotfix for Windows XP (KB915865)
/ Windows XP / SP3: Mise à jour pour Windows XP (KB916595)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB917344)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB917422)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB917953)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB918118)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB918439)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB919007)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB920213)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB920670)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB920683)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB920685)
/ Windows XP / SP3: Mise à jour pour Windows XP (KB920872)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB921398)
/ Windows XP / SP3: Mise à jour pour Windows XP (KB922582)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB922616)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB922819)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB923191)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB923414)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB923694)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB923980)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB924191)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB924270)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB924496)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB924667)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB925454)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB925902)
/ Windows XP / SP3: Hotfix for Windows XP (KB926239)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB926255)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB926436)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB927779)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB927802)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB928255)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB928843)
/ Windows XP / SP3: Mise à jour pour Windows XP (KB929338)
/ Windows XP / SP3: Mise à jour de sécurité pour Windows XP (KB929969)
/ Windows XP / SP3: Mise à jour pour Windows XP (KB931836)


--- Startup entries list ---
Located: HK_LM:Run, !AVG Anti-Spyware
command: "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
file: C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
size: 6266880
MD5: 01d90ae5dccbce0c7b52874fec35a608

Located: HK_LM:Run, !AVG Anti-Spyware
command: "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
file: C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
size: 6266880
MD5: 01d90ae5dccbce0c7b52874fec35a608

Located: HK_LM:Run, avast!
command: C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
file: C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
size: 108160
MD5: 26a15d8d5c81a3b053e82b01a5d8208e

Located: HK_LM:Run, NvCplDaemon
command: RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
file: C:\WINDOWS\system32\RUNDLL32.EXE
size: 33792
MD5: f5402cd47b7389ddc21f92119a906eee

Located: HK_LM:Run, nwiz
command: nwiz.exe /install
file: C:\WINDOWS\system32\nwiz.exe
size: 1622016
MD5: 0294e2a5e89bf786f24a9cc2fd753191

Located: HK_CU:Run, ccleaner
command: "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
file: C:\Program Files\CCleaner\ccleaner.exe
size: 585728
MD5: 7c662f82574c906c76cf6b09f3007882

Located: HK_CU:Run, CTFMON.EXE
command: C:\WINDOWS\system32\ctfmon.exe
file: C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 5584247b568c2e53934873f4b655fe6a

Located: HK_CU:Run, freeBrowser
command: C:\Program Files\freeBrowser\freeBrowser\freeBrowser.exe
file: C:\Program Files\freeBrowser\freeBrowser\freeBrowser.exe
size: 413696
MD5: eeb35d7e05de0d3bf14725a597aefb91

Located: HK_CU:Run, MsnMsgr
command: "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
file: C:\Program Files\MSN Messenger\MsnMsgr.Exe
size: 5354792
MD5: 6b3c274963543b07951ca0e23a9f1fa3

Located: HK_CU:Run, Shareaza
command: "C:\Program Files\Shareaza\Shareaza.exe" -tray
file: C:\Program Files\Shareaza\Shareaza.exe
size: 4468736
MD5: 77857fd80dbc1c0aabc23fbdade3ffb2

Located: Démarrage (tous utilisateurs), Adobe Reader Speed Launch.lnk
command: C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
file: C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
size: 29696
MD5: 43362b96870ce8649f4f2ec893da93f0

Located: Démarrage (tous utilisateurs), Microsoft Office.lnk
command: C:\Program Files\Microsoft Office\Office10\OSA.EXE
file: C:\Program Files\Microsoft Office\Office10\OSA.EXE
size: 83360
MD5: 5bc65464354a9fd3beaa28e18839734a

Located: Démarrage (utilisateur), ePrompter.lnk
command: C:\Program Files\ePrompter\ePrompter.exe
file: C:\Program Files\ePrompter\ePrompter.exe
size: 782336
MD5: 8b08bfc83e1bf5f02f025b3c2259899d

Located: Démarrage (utilisateur), Hotmail Popper.lnk
command: C:\Program Files\Hotmail Popper\hotpop.exe
file: C:\Program Files\Hotmail Popper\hotpop.exe
size: 1777664
MD5: 5a3ebe41199f1d058a87a5e4f15609d7

Located: System.ini, crypt32chain
command: crypt32.dll
file: crypt32.dll

Located: System.ini, cryptnet
command: cryptnet.dll
file: cryptnet.dll

Located: System.ini, cscdll
command: cscdll.dll
file: cscdll.dll

Located: System.ini, ScCertProp
command: wlnotify.dll
file: wlnotify.dll

Located: System.ini, Schedule
command: wlnotify.dll
file: wlnotify.dll

Located: System.ini, sclgntfy
command: sclgntfy.dll
file: sclgntfy.dll

Located: System.ini, SensLogn
command: WlNotify.dll
file: WlNotify.dll

Located: System.ini, termsrv
command: wlnotify.dll
file: wlnotify.dll

Located: System.ini, WgaLogon
command: WgaLogon.dll
file: WgaLogon.dll

Located: System.ini, wlballoon
command: wlnotify.dll
file: wlnotify.dll

Located: System.ini, yayyyww
command: yayyyww.dll
file: yayyyww.dll



--- Browser helper object list ---
{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} (EpsonToolBandKicker Class)
BHO name:
CLSID name: EpsonToolBandKicker Class
Path: C:\Program Files\EPSON\EPSON Web-To-Page\
Long name: EPSON Web-To-Page.dll
Short name: EPSONW~1.DLL
Date (created): 27/01/2007 22:12:30
Date (last access): 04/04/2007 21:25:56
Date (last write): 10/02/2004 15:08:58
Filesize: 339968
Attributes: archive
MD5: 230F34EB9C919978C23E6939120DB35C
CRC32: D4C5D89F
Version: 1.0.0.0



--- ActiveX list ---


--- Process list ---
PID: 0 ( 0) [System]
PID: 608 ( 4) \SystemRoot\System32\smss.exe
PID: 656 ( 608) \??\C:\WINDOWS\system32\csrss.exe
PID: 680 ( 608) \??\C:\WINDOWS\system32\winlogon.exe
PID: 724 ( 680) C:\WINDOWS\system32\services.exe
size: 108544
MD5: 732E0B1ABAACE15D80EC19056B0A2AF9
PID: 736 ( 680) C:\WINDOWS\system32\lsass.exe
size: 13312
MD5: 9F3744A5C6F49291A7A685040A013399
PID: 884 ( 724) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 1BD6C2F707A275CB7C16FD99FE0F31CA
PID: 944 ( 724) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 1BD6C2F707A275CB7C16FD99FE0F31CA
PID: 1040 ( 724) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 1BD6C2F707A275CB7C16FD99FE0F31CA
PID: 1132 ( 724) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 1BD6C2F707A275CB7C16FD99FE0F31CA
PID: 1236 ( 724) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 1BD6C2F707A275CB7C16FD99FE0F31CA
PID: 1428 ( 724) C:\WINDOWS\system32\spoolsv.exe
size: 57856
MD5: DA81EC57ACD4CDC3D4C51CF3D409AF9F
PID: 1720 (1692) C:\WINDOWS\Explorer.EXE
size: 1036288
MD5: 4C33E5B9A6197B6ED215F6CFBA0A2DAA
PID: 1864 (1720) C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
size: 108160
MD5: 26A15D8D5C81A3B053E82B01A5D8208E
PID: 1872 (1720) C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
size: 6266880
MD5: 01D90AE5DCCBCE0C7B52874FEC35A608
PID: 1888 (1720) C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 5584247B568C2E53934873F4B655FE6A
PID: 1952 (1720) C:\Program Files\MSN Messenger\MsnMsgr.Exe
size: 5354792
MD5: 6B3C274963543B07951CA0E23A9F1FA3
PID: 1992 (1720) C:\Program Files\freeBrowser\freeBrowser\freeBrowser.exe
size: 413696
MD5: EEB35D7E05DE0D3BF14725A597AEFB91
PID: 2028 (1720) C:\Program Files\Shareaza\Shareaza.exe
size: 4468736
MD5: 77857FD80DBC1C0AABC23FBDADE3FFB2
PID: 160 (1720) C:\Program Files\ePrompter\ePrompter.exe
size: 782336
MD5: 8B08BFC83E1BF5F02F025B3C2259899D
PID: 308 (1720) C:\Program Files\Hotmail Popper\hotpop.exe
size: 1777664
MD5: 5A3EBE41199F1D058A87A5E4F15609D7
PID: 532 ( 724) C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
size: 59008
MD5: DC995DA2D258C0590C3AE07EC68BFEE6
PID: 540 ( 724) C:\Program Files\Alwil Software\Avast4\ashServ.exe
size: 132736
MD5: 8E33DA0415023EA7A9378AFA04D9BF4D
PID: 564 ( 724) C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
size: 204800
MD5: E8FBDCC8D618D1BB84B828F247A6244B
PID: 844 ( 724) C:\WINDOWS\system32\nvsvc32.exe
size: 159810
MD5: 0FEBE37DB6650FAA5965C00545009D1D
PID: 1064 ( 724) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 1BD6C2F707A275CB7C16FD99FE0F31CA
PID: 2512 ( 724) C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
size: 255616
MD5: AA6691D73782FA5D94E0CED6D27C3DE8
PID: 2576 ( 724) C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
size: 370304
MD5: D6B2638DDBFB34AC78B153CDD0792C37
PID: 3268 ( 724) C:\WINDOWS\System32\alg.exe
size: 44544
MD5: 2FE681D10C5FC343DBBC0610B8DD4D24
PID: 3924 (1992) C:\Program Files\freeBrowser\vlc\vlc.exe
size: 93184
MD5: 1B5AA7506823A8DC13B4785D9848FA26
PID: 1700 (1720) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
size: 4393096
MD5: 09CA174A605B480318731E691DC98539
PID: 3532 (1720) C:\Program Files\Internet Explorer\IEXPLORE.EXE
size: 623616
MD5: 93A6A4F5293AE19E3B37021AABCF0902
PID: 4 ( 0) System


--- Browser start & search pages list ---
Spybot - Search & Destroy browser pages report, 04/04/2007 23:00:02

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
C:\windows\system32\blank.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iese...
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
http://french.eazel.com/index.php?rvs=hompag
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iese...
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\@
http://home.microsoft.com/access/autosearch.asp?p=%s
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
C:\windows\system32\blank.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iese...
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&...
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iese...
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm


--- Winsock Layered Service Provider list ---


--- Uninstall list ---
Ad-Aware SE Personal 1.06 (Ad-Aware SE Personal)
uninstall cmd: C:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG
publisher: Lavasoft
help link: http://www.lavasoft.com

(AddressBook)

avast! Antivirus 4.7 (avast!)
version (major): 4
version (minor): 7
install location: C:\PROGRA~1\ALWILS~1\Avast4
install source: C:\DOCUME~1\LOVATO\MESDOC~1
uninstall cmd: rundll32 C:\PROGRA~1\ALWILS~1\Avast4\Setup\setiface.dll,RunSetup
publisher: Alwil Software
help link: http://www.avast.com

AVG Anti-Spyware 7.5 (AVGAntiSpyware75)
install location: C:\Program Files\Grisoft\AVG Anti-Spyware 7.5
uninstall cmd: C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe
publisher: Grisoft Ltd.
help link: http://www.grisoft.com

(Branding)

CCleaner (remove only) (CCleaner)
uninstall cmd: "C:\Program Files\CCleaner\uninst.exe"

(Connection Manager)

dBpowerAMP Music Converter (dBpowerAMP Music Converter)
uninstall cmd: "C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpowerAMP Music Converter.dat

(DirectAnimation)

(DirectDrawEx)

DivX Content Uploader 1.1.0 (DivX Content Uploader)
install location: C:\Program Files\DivX
uninstall cmd: C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
publisher: DivX, Inc.

DVD Shrink 3.2 (DVD Shrink_is1)
install location: C:\Program Files\DVD Shrink\
uninstall cmd: "C:\Program Files\DVD Shrink\unins000.exe"
publisher: DVD Shrink
help link: http://www.dvdshrink.org

DVDFab Decrypter 3.0.5.5 (DVDFab Decrypter_is1)
install date: 20070127
install location: C:\Program Files\DVDFab Decrypter 3\
uninstall cmd: "C:\Program Files\DVDFab Decrypter 3\unins000.exe"
publisher: Fengtao Software Inc.
help link: http://www.dvdfab.com/

(DXM_Runtime)

ePrompter (ePrompter)
uninstall cmd: C:\Program Files\ePrompter\Uninstall.exe

EPSON Logiciel imprimante (EPSON Printer and Utilities)
uninstall cmd: C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R

EPSON Scan (EPSON Scanner)
uninstall cmd: C:\Program Files\epson\escndv\setup\setup.exe /r

ESCX6600 Guide de réf. (ESCX6600 Guide de réf.)
install location: C:\Program Files\EPSON\TPMANUAL\ESCX6600\REF_G
uninstall cmd: C:\Program Files\EPSON\TPMANUAL\ESCX6600\REF_G\DOCUNINS.EXE

ESCX6600 Guide des logiciels (ESCX6600 Guide des logiciels)
install location: C:\Program Files\EPSON\TPMANUAL\ESCX6600\PQU_G
uninstall cmd: C:\Program Files\EPSON\TPMANUAL\ESCX6600\PQU_G\DOCUNINS.EXE

ffdshow [rev 944] [2007-02-20] 1.0 (ffdshow_is1)
install location: C:\Program Files\Satsuki Decoder Pack\filtres\
uninstall cmd: "C:\Program Files\Satsuki Decoder Pack\filtres\unins000.exe"

(Fontcore)

FpTest 2.0 2.0 (FpTest)
uninstall cmd: C:\Program Files\FpTest\uninst.exe
publisher: Freeplayer.org

freeBrowser 0.9.0 0.9.0 (freeBrowser)
uninstall cmd: C:\Program Files\freeBrowser\uninst.exe
publisher: freeBrowser team

GSpot Codec Information Appliance (GSpot)
uninstall cmd: C:\Program Files\GSpot\Uninstall.exe

(HappyIcon)

HijackThis 1.99.1 1.99.1 (HijackThis)
uninstall cmd: C:\Documents and Settings\LOVATO\Mes documents\HijackThis.exe /uninstall
publisher: Soeperman Enterprises Ltd.

PinnacleHollywood FX 5 (Hollywood FX 5)
uninstall cmd: C:\WINDOWS\unvise32.exe C:\Program Files\Pinnacle\Hollywood FX 5\uninstal.log

Hotmail Popper (Hotmail Popper)
uninstall cmd: C:\WINDOWS\bkuninst.exe C:\Program Files\Hotmail Popper\

(ICW)

Microsoft Internationalized Domain Names Mitigation APIs (IDNMitigationAPIs)
install date: 20070127
uninstall cmd: "C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
publisher: Microsoft Corporation

(IE40)

(IE4Data)

(IE5BAKEX)

Windows Internet Explorer 7 20061107.210142 (ie7)
install date: 20070127
uninstall cmd: "C:\WINDOWS\ie7\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://www.microsoft.com/ie

(IEData)

Kaspersky On-line Scanner 5.0.83.0 (Kaspersky On-line Scanner)
estimated size: 6040
install location: C:\WINDOWS\system32\KASPER~1\KASPER~1
uninstall cmd: C:\WINDOWS\system32\KASPER~1\KASPER~1\kavuninstall.exe
publisher: Kaspersky Lab
contact: Customer Support Department
help link: http://www.kaspersky.com/support.asp

Kaspersky Online Scanner 5.0.83.0 (Kaspersky Online Scanner)
estimated size: 6040
install location: C:\WINDOWS\system32\KASPER~1\KASPER~1
uninstall cmd: C:\WINDOWS\system32\KASPER~1\KASPER~1\kavuninstall.exe
publisher: Kaspersky Lab
contact: Customer Support Department
help link: http://www.kaspersky.com/support.asp

Correctif Windows XP - KB873339 20041117.092459 (KB873339)
uninstall cmd: C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=873339

(KB884016)

(KB884267)

(KB885353)

Correctif Windows XP - KB885835 20041027.181713 (KB885835)
uninstall cmd: C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=885835

Correctif Windows XP - KB885836 20041028.173203 (KB885836)
uninstall cmd: C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=885836

Correctif Windows XP - KB885884 20040924.025457 (KB885884)
uninstall cmd: C:\WINDOWS\$NtUninstallKB885884$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=885884

Correctif Windows XP - KB886185 20041021.090540 (KB886185)
uninstall cmd: C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=886185

(KB886612)

(KB887078)

Correctif Windows XP - KB887472 20041014.162858 (KB887472)
uninstall cmd: C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=887472

(KB887626)

High Definition Audio Driver Package - KB888111 20040219.000000 (KB888111WXPSP2)
uninstall cmd: C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=KB888111

Correctif Windows XP - KB888302 20041207.111426 (KB888302)
uninstall cmd: C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=888302

(KB888656)

(KB889858)

Correctif Windows XP - KB890859 1 (KB890859)
install date: 20070127
uninstall cmd: "C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=890859

(KB891122)

Correctif Windows XP - KB891781 20050110.165439 (KB891781)
uninstall cmd: C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=891781

(KB892313)

(KB893240)

(KB893241)

Mise à jour de sécurité pour Windows XP (KB893756) 1 (KB893756)
install date: 20070127
uninstall cmd: "C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=893756

(KB893803)

Windows Installer 3.1 (KB893803) 3.1 (KB893803v2)
uninstall cmd: "C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://go.microsoft.com/fwlink/?LinkId=42467

Mise à jour pour Windows XP (KB894391) 1 (KB894391)
install date: 20070127
uninstall cmd: "C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=894391

(KB895181)

(KB895316)

(KB895572)

Mise à jour de sécurité pour Windows XP (KB896358) 1 (KB896358)
install date: 20070127
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896358

Mise à jour de sécurité pour Windows XP (KB896423) 1 (KB896423)
install date: 20070127
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896423

Mise à jour de sécurité pour Windows XP (KB896424) 1 (KB896424)
install date: 20070127
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896424$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896424

Mise à jour de sécurité pour Windows XP (KB896428) 1 (KB896428)
install date: 20070127
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896428

(KB897586)

Mise à jour pour Windows XP (KB898461) 1 (KB898461)
install date: 20070127
uninstall cmd: "C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=898461

(KB898549)

Mise à jour de sécurité pour Windows XP (KB899587) 1 (KB899587)
install date: 20070127
uninstall cmd: "C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=899587

Mise à jour de sécurité pour Windows XP (KB899591) 1 (KB899591)
install date: 20070127
uninstall cmd: "C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=899591

(KB900399)

Mise à jour pour Windows XP (KB900485) 2 (KB900485)
install date: 20070127
uninstall cmd: "C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=900485

Mise à jour de sécurité pour Windows XP (KB900725) 1 (KB900725)
install date: 20070127
uninstall cmd: "C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=900725

Mise à jour de sécurité pour Windows XP (KB901017) 1 (KB901017)
install date: 20070127
uninstall cmd: "C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=901017

Mise à jour de sécurité pour Windows XP (KB901214) 1 (KB901214)
install date: 20070127
uninstall cmd: "C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=901214

(KB902344)

Mise à jour de sécurité pour Windows XP (KB902400) 1 (KB902400)
install date: 20070127
uninstall cmd: "C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=902400

Mise à jour de sécurité pour Windows XP (KB904706) 2 (KB904706)
install date: 20070127
uninstall cmd: "C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=904706

Mise à jour pour Windows XP (KB904942) 2 (KB904942)
install date: 20070127
uninstall cmd: "C:\WINDOWS\$NtUninstallKB904942$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=904942

Mise à jour de sécurité pour Windows XP (KB905414) 1 (KB905414)
install date: 20070127
uninstall cmd: "C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=905414

Mise à jour de sécurité pour Windows XP (KB905749) 1 (KB905749)
install date: 20070127
uninstall cmd: "C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=905749

(KB907658)

Mise à jour de sécurité pour Windows XP (KB908519) 1 (KB908519)
install date: 20070127
uninstall cmd: "C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=908519

Mise à jour pour Windows XP (KB908531) 2 (KB908531)
install date: 20070127
uninstall cmd: "C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=908531

Mise à jour pour Windows XP (KB910437) 1 (KB910437)
install date: 20070127
uninstall cmd: "C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=910437

Mise à jour pour Windows XP (KB911280) 2 (KB911280)
install date: 20070127
uninstall cmd: "C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=911280

Mise à jour de sécurité pour Windows XP (KB911562) 1 (KB911562)
install date: 20070127
uninstall cmd: "C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=911562

Mise à jour de sécurité pour Lecteur Windows Media (KB911564) (KB911564)
install date: 20070127
uninstall cmd: "C:\WINDOWS\$NtUninstallKB911564$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com/?kbid=911564

(KB911565)

(KB911854)

Mise à jour de sécurité pour Windows XP (KB911927) 1 (KB911927)
install date: 20070127
uninstall cmd: "C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=911927

Mise à jour de sécurité pour Windows XP (KB912919) 1 (KB912919)
install date: 20070127
uninstall cmd: "C:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=912919

Mise à jour de sécurité pour Windows XP (KB913580) 1 (KB913580)
install date: 20070127
uninstall cmd: "C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=913580

Mise à jour de sécurité pour Windows XP (KB914388) 1 (KB914388)
install date: 20070127
uninstall cmd: "C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=914388

Mise à jour de sécurité pour Windows XP (KB914389) 1 (KB914389)
install date: 20070127
uninstall cmd: "C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=914389

Correctif pour Windows XP (KB914440) 12 (KB914440)
install date: 20070127
uninstall cmd: "C:\WINDOWS\$NtUninstallKB914440$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=914440

Hotfix for Windows XP (KB915865) 10 (KB915865)
install date: 20070127
uninstall cmd: "C:\WINDOWS\$NtUninstallKB915865$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=915865

Mise à jour pour Windows XP (KB916595) 1 (KB916595)
install date: 20070127
uninstall cmd: "C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=916595

Security Update pour Microsoft .NET Framework 2.0 (KB917283) 1 (KB917283.T1_1ToU93_1)
uninstall cmd: C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {967B098A-042D-4367-BAC9-8BC11684174F} /package {7131646D-CD3C-40F4-97B9-CD9E4E6262EF}
publisher: Microsoft Corporation
help link: http://support.microsoft.com/kb/917283

Mise à jour de sécurité pour Windows XP (KB917344) 1 (KB917344)
install date: 20070127
uninstall cmd: "C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=917344

Mise à jour de sécurité pour Windows XP (KB917422) 1 (KB917422)
install date: 20070127
uninstall cmd: "C:\WINDOWS\$NtUninstallKB917422$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=917422

Mise à jour de sécurité pour Lecteur Windows Media 9 (KB917734) (KB917734_WMP9)
install date: 20070127
uninstall cmd: "C:\WINDOWS\$NtUninstallKB917734_WMP9$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com/?kbid=917734

Mise à jour de sécurité pour Windows XP (KB917953) 1 (KB917953)
install date: 20070127
uninstall cmd: "C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=917953

Mise à jour de sécurité pour Windows XP (KB918118) 1 (KB918118)
install date: 20070217
uninstall cmd: "C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=918118

Mise à jour de sécurité pour Windows XP (KB918439) 1 (KB918439)
install date: 20070127
uninstall cmd: "C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=918439

Mise à jour de sécurité pour Windows XP (KB919007) 1 (KB919007)
install date: 20070127
uninstall cmd: "C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=919007

Mise à jour de sécurité pour Windows XP (KB920213) 1 (KB920213)
install date: 20070127
uninstall cmd: "C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=920213

Mise à jour de sécurité pour Windows XP (KB920670) 1 (KB920670)
install date: 20070127
uninstall cmd: "C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=920670

Mise à jour de sécurité pour Windows XP (KB920683) 1 (KB920683)
install date: 20070127
uninstall cmd: "C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=920683

Mise à jour de sécurité pour Windows XP (KB920685) 1 (KB920685)
install date: 20070127
uninstall cmd: "C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=920685

Mise à jour pour Windows XP (KB920872) 1 (KB920872)
install date: 20070127
uninstall cmd: "C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=920872

Mise à jour de sécurité pour Windows XP (KB921398) 1 (KB921398)
install date: 20070127
uninstall cmd: "C:\WINDOWS\$NtUninstallKB921398$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=921398

Mise à jour pour Windows XP (KB922582) 1 (KB922582)
install date: 20070127
uninstall cmd: "C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=922582

Mise à jour de sécurité pour Windows XP (KB922616) 1 (KB922616)
install date: 20070127
uninstall cmd: "C:\WINDOWS\$NtUninstallKB922616$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=922616

Security Update for Microsoft .NET Framework 2.0 (KB922770) 1 (KB922770.T1_1ToU168_1)
uninstall cmd: C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {0E92DD42-76F5-4EF2-B381-F9C1D72BE23D} /package {7131646D-CD3C-40F4-97B9-CD9E4E6262EF}
publisher: Microsoft Corporation
help link: http://support.microsoft.com/kb/922770

Mise à jour de sécurité pour Windows XP (KB922819) 1 (KB922819)
install date: 20070127
uninstall cmd: "C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=922819

Mise à jour de sécurité pour Windows XP (KB923191) 1 (KB923191)
install date: 20070127
uninstall cmd: "C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=923191

Mise à jour de sécurité pour Windows XP (KB923414) 1 (KB923414)
install date: 20070127
uninstall cmd: "C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=923414

Mise à jour de sécurité pour Windows XP (KB923689) (KB923689)
install date: 20070127
uninstall cmd: "C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=923689

Mise à jour de sécurité pour Windows XP (KB923694) 1 (KB923694)
install date: 20070127
uninstall cmd: "C:\WINDOWS\$NtUninstallKB923694$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=923694

Mise à jour de sécurité pour Windows XP (KB923789) (KB923789)
uninstall cmd: C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=923789

Mise à jour de sécurité pour Windows XP (KB923980) 1 (KB923980)
install date: 20070127
uninstall cmd: "C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=923980

Mise à jour de sécurité pour Windows XP (KB924191) 1 (KB924191)
install date: 20070127
uninstall cmd: "C:\WINDOWS\$NtUninstallKB924191$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=924191

Mise à jour de sécurité pour Windows XP (KB924270) 1 (KB924270)
install date: 20070127
uninstall cmd: "C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=924270

Mise à jour de sécurité pour Windows XP (KB924496) 1 (KB924496)
install date: 20070127
uninstall cmd: "C:\WINDOWS\$NtUninstallKB924496$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=924496

Mise à jour de sécurité pour Windows XP (KB924667) 1 (KB924667)
install date: 20070217
uninstall cmd: "C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=924667

Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398) (KB925398_WMP64)
install date: 20070127
uninstall cmd: "C:\WINDOWS\$NtUninstallKB925398_WMP64$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com/?kbid=925398

Mise à jour de sécurité pour Windows XP (KB925454) 1 (KB925454)
install date: 20070127
uninstall cmd: "C:\WINDOWS\$NtUninstallKB925454$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=925454

Mise à jour de sécurité pour Windows XP (KB925902) 1 (KB925902)
install date: 20070403
uninstall cmd: "C:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=925902

Hotfix for Windows XP (KB926239) 2 (KB926239)
install date: 20070216
uninstall cmd: "C:\WINDOWS\$NtUninstallKB926239$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=926239

Mise à jour de sécurité pour Windows XP (KB926255) 1 (KB926255)
install date: 20070127
uninstall cmd: "C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=926255

Mise à jour de sécurité pour Windows XP (KB926436) 1 (KB926436)
install date: 20070217
uninstall cmd: "C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=926436

Mise à jour de sécurité pour Windows XP (KB927779) 1 (KB927779)
install date: 20070217
uninstall cmd: "C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=927779

Mise à jour de sécurité pour Windows XP (KB927802) 1 (KB927802)
install date: 20070217
uninstall cmd: "C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=927802

Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090) 20070117.120000 (KB928090-IE7)
install date: 20070217
uninstall cmd: "C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=928090

Mise à jour de sécurité pour Windows XP (KB928255) 1 (KB928255)
install date: 20070217
uninstall cmd: "C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=928255

Mise à jour de sécurité pour Windows XP (KB928843) 1 (KB928843)
install date: 20070217
uninstall cmd: "C:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=928843

Mise à jour pour Windows XP (KB929338) 1 (KB929338)
install date: 20070315
uninstall cmd: "C:\WINDOWS\$NtUninstallKB929338$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=929338

Hotfix for Windows Media Format 11 SDK (KB929399) (KB929399)
install date: 20070315
uninstall cmd: "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com/?kbid=929399

Mise à jour de sécurité pour Windows Internet Explorer 7 (KB929969) 20061222.120000 (KB929969)
install date: 20070129
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=929969

Mise à jour pour Windows XP (KB931836) 1 (KB931836)
install date: 20070217
uninstall cmd: "C:\WINDOWS\$NtUninstallKB931836$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=931836

K-Lite Codec Pack 2.70 Basic 2.70 (KLiteCodecPack_is1)
install location: C:\Program Files\K-Lite Codec Pack\
uninstall cmd: "C:\Program Files\K-Lite Codec Pack\unins000.exe"

Language pack for Ad-Aware SE (Language pack for Ad-Aware SE)
uninstall cmd: C:\PROGRA~1\Lavasoft\AD-AWA~1\Plugins\Langs\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\Plugins\Langs\INSTALL.LOG
publisher: Lavasoft
help link: http://www.lavasoft.de

Matroska Pack (remove only) (Matroska Pack)
install location: C:\Program Files\Matroska Pack
uninstall cmd: C:\Program Files\Matroska Pack\Uninstall.exe

Microsoft .NET Framework 2.0 (Microsoft .NET Framework 2.0)
install location: C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\
uninstall cmd: C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
publisher: Microsoft Corporation
help link: http://go.microsoft.com/fwlink/?LinkId=45396

(MobileOptionPack)

(MPlayer2)

Microsoft Compression Client Pack 1.0 for Windows XP 1 (MSCompPackV1)
install date: 20070216
uninstall cmd: "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://go.microsoft.com/fwlink/?LinkId=74087

(MSI30-Beta1)

(MSI30-Beta2)

(MSI30-KB884016)

(MSI30-RC1)

(MSI30-RC2)

(MSI30a-KB884016)

(MSI31-Beta)

(MSI31-RC1)

Nero 6 (Nero - Burning Rom!UninstallKey)
uninstall cmd: C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL

(NetMeeting)

Microsoft National Language Support Downlevel APIs (NLSDownlevelMapping)
install date: 20070127
uninstall cmd: "C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
publisher: Microsoft Corporation

NVIDIA Drivers (NVIDIA Drivers)
uninstall cmd: C:\WINDOWS\system32\nvudisp.exe UninstallGUI

(OutlookExpress)

(PCHealth)
uninstall cmd: rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf

Satsuki Decoder Pack (Satsuki Decoder Pack)
uninstall cmd: C:\Program Files\Satsuki Decoder Pack\Uninstall.exe

(SchedulingAgent)

Shareaza version 2.2.3.0 2.2.3.0 (Shareaza_is1)
install location: C:\Program Files\Shareaza\
uninstall cmd: "C:\Program Files\Shareaza\Uninstall\unins000.exe"
publisher: Shareaza Development Team
comments: Shareaza Ultimate File Sharing
help link: http://www.shareaza.com/?id=support

Adobe Flash Player 9 ActiveX 9 (ShockwaveFlash)
uninstall cmd: C:\WINDOWS\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
publisher: Adobe Systems
help link: http://www.adobe.com/go/flashplayer_support/

SLD Codec Pack (SLD Codec Pack)
uninstall cmd: C:\Program Files\SLD Codec Pack\uninstall.exe

Spybot - Search & Destroy 1.4 1.4 (Spybot - Search & Destroy_is1)
install location: C:\Program Files\Spybot - Search & Destroy\
uninstall cmd: "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
publisher: Safer Networking Limited

VirtualDub 1.6.9 Fr 1.6.9 (VirtualDub 1.6.9 Fr)
uninstall cmd: C:\Program Files\VirtualDub\UnInstall_VirtualDub.exe

Windows Genuine Advantage Notifications (KB905474) 1.7.0018.5 (WgaNotify)
install date: 20070404
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=905474

Windows Media Format 11 runtime (Windows Media Format Runtime)
uninstall cmd: "C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
help link: http://go.microsoft.com/fwlink/?LinkId=62768

Lecteur Windows Media 11 (Windows Media Player)
uninstall cmd: "C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall

Archiveur WinRAR (WinRAR archiver)
uninstall cmd: C:\Program Files\WinRAR\uninstall.exe

(WMCSetup)

Windows Media Format 11 runtime (WMFDist11)
install date: 20070216
uninstall cmd: "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http:

Windows Media Player 11 (wmp11)
install date: 20070216
uninstall cmd: "C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http:

Sélecteur d'installation de Microsoft Works 2004 (Works2004Setup)
uninstall cmd: C:\Program Files\Microsoft Works Suite 2004\Setup\Launcher.exe /ARP E:\
help link: http://www.microsoft.com/france/support/default.asp

Microsoft User-Mode Driver Framework Feature Pack 1.0 (Wudf01000)
install date: 20070216
uninstall cmd: "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
comments: Build Number 5716

PDFCreator 0.9.3 ({0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D})
install date: 20070205
uninstall cmd: C:\Program Files\PDFCreator\unins000.exe
publisher: Frank Heindörfer, Philip Chinery
comments: PDFCreator - Opensource
help link: http://www.sf.net/projects/pdfcreator
readme: http://www.pdfforge.org

EPSON CardMonitor ({109D28C7-FB38-483A-9C91-001CB59E2699})
uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{109D28C7-FB38-483A-9C91-001CB59E2699}\SETUP.EXE" -l0x40c uninst

AutoUpdate 1.1 ({18D10072035C4515918F7E37EAFAACFC})
install location: C:\Program Files\DivX

EPSON PRINT Image Framer Tool2.1 ({23B59ED4-C360-11D7-875B-0090CC005647})
uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{23B59ED4-C360-11D7-875B-0090CC005647}\SETUP.EXE" -l0x40c anything

({23EFDB58-0874-4883-9810-EDA510B19FAE})
uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{23EFDB58-0874-4883-9810-EDA510B19FAE}\setup.exe" -l0x9

({2BB79C8D-9DCC-4861-8A23-AE1B0B45E2B6})
uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2BB79C8D-9DCC-4861-8A23-AE1B0B45E2B6}\setup.exe" -l0x9

Avery DesignPro ({2CC982C0-7EAE-11D4-ACC3-0050568AD318})
uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2CC982C0-7EAE-11D4-ACC3-0050568AD318}\setup.exe" -uninst

WebFldrs XP 9.50.7523 ({350C940c-3D7C-4EE8-BAA9-00BCB3D54227})
version: 154279267
version (major): 9
version (minor): 50
estimated size: 2608
install date: 20070125
install source: C:\WINDOWS\system32\
publisher: Microsoft Corporation
help link: http://www.microsoft.com/windows

MSXML 4.0 SP2 (KB927978) 4.20.9841.0 ({37477865-A3F1-4772-AD43-AAFC6BCFF99F})
version: 68429425
version (major): 4
version (minor): 20
estimated size: 2625
install date: 20070127
install source: d:\5305e84e62d1c1bf7ea9b443\
uninstall cmd: MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
publisher: Microsoft Corporation
help link: http://support.microsoft.com/kb/927978

({62369F2F77534556AEF4C58152E3BDE5})

EPSON PhotoQuicker3.5 ({65F5B7AF-3363-11D7-BB6B-00018021113F})
uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{65F5B7AF-3363-11D7-BB6B-00018021113F}\SETUP.EXE" -l0x40c uninst

EPSON Copy Utility 3 3.0.0.0 ({67EDD823-135A-4D59-87BD-950616D6E857})
version: 50331648
install location: C:\Program Files\EPSON\Utility Suite\Copy Utility
uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{67EDD823-135A-4D59-87BD-950616D6E857}\Setup.exe" -l0x40c -UnInstall

ASUSDVD ({6811CAA0-BF12-11D4-9EA1-0050BAE317E1})
uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall

EPSON Smart Panel ({6C11D561-620B-47DA-A693-4C597F3CDF40})
uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6C11D561-620B-47DA-A693-4C597F3CDF40}\Setup.exe" -l0x40c Uninstall

Microsoft .NET Framework 2.0 2.0.50727 ({7131646D-CD3C-40F4-97B9-CD9E4E6262EF})
version: 33605159
version (major): 2
estimated size: 218792
install date: 20070129
install source: C:\DOCUME~1\LOVATO\LOCALS~1\Temp\IXP000.TMP\
publisher: Microsoft Corporation

6.2.1 ({7585478E9D9B42108671C12F8714CEFE})
install location: C:\Program Files\DivX
uninstall cmd: C:\Program Files\DivX\ConverterUninstall.exe /CONVERTER
publisher: DivX, Inc.

({775FFF70-4A8C-4500-908D-3C34DBEB11D5})
uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{775FFF70-4A8C-4500-908D-3C34DBEB11D5}\setup.exe" -l0x9

DivX Codec 6.5.1 ({7B63B2922B174135AFC0E1377DD81EC2})
install location: C:\Program Files\DivX
uninstall cmd: C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
publisher: DivX, Inc.

EPSON Web-To-Page ({7F14F68C-17FA-4F88-B3FD-7F449C1EBF32})
install location: C:\Program Files\EPSON\EPSON Web-To-Page
uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}\SETUP.EXE" -l0x40c -anything

({83021AC3-086F-4B77-ACCD-1BD7C9AB211E})
uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{83021AC3-086F-4B77-ACCD-1BD7C9AB211E}\setup.exe" -l0x9

Microsoft AutoRoute v11.0 11.00.18.1900 ({8704D51E-25B7-4F23-81E7-AA4F54790220})
version: 184549394
version (major): 11
estimated size: 956735
install date: 20070317
install location: C:\Program Files\Microsoft AutoRoute\
install source: E:\AutoRte\MSMap\
uninstall cmd: MsiExec.exe /I{8704D51E-25B7-4F23-81E7-AA4F54790220}
publisher: Microsoft Corporation

AMD Dual-Core Optimizer 1.0.0.0083 ({886C92E6-4AF1-4290-BB86-4B5064A1BB7D})
version: 16777216
version (major): 1
estimated size: 109
install date: 20070214
install source: C:\Program Files\Fichiers communs\Wise Installation Wizard\
uninstall cmd: MsiExec.exe /X{886C92E6-4AF1-4290-BB86-4B5064A1BB7D}
publisher: AMD

DivX Player 6.4.3 ({8ADFC4160D694100B5B8A22DE9DCABD9})
install location: C:\Program Files\DivX
uninstall cmd: C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
publisher: DivXNetworks, Inc.

Microsoft Office XP Professional avec FrontPage 10.0.2627.5 ({9028040C-6000-11D3-8CFE-0050048383C9})
version: 167774787
version (major): 10
estimated size: 153956
install date: 20070127
install location: INSTALLLOCATION
install source: E:\
uninstall cmd: MsiExec.exe /I{9028040C-6000-11D3-8CFE-0050048383C9}
publisher: Microsoft Corporation
help link: http://www.microsoft.com/support
readme: C:\Program Files\Microsoft Office\Office10\1036\OFREAD10.HTM

Studio 9 9.0 ({9E491AB7-4589-48CA-9CBB-874CB2788391})
version: 150994944
version (major): 9
install location: C:\Program Files\Pinnacle\Studio 9
uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9E491AB7-4589-48CA-9CBB-874CB2788391}\Setup.exe" -l0x40c UNINSTALL
publisher: Pinnacle Systems

Apple Software Update 1.0.2.1 ({A50C25D7-62E9-4511-AD70-8E2DA5E79B7D})
version: 16777218
version (major): 1
estimated size: 2460
install date: 20070305
install location: C:\Program Files\Apple Software Update\
install source: C:\Program Files\Apple Software Update\Packages\
uninstall cmd: MsiExec.exe /I{A50C25D7-62E9-4511-AD70-8E2DA5E79B7D}
publisher: Apple Computer, Inc.
contact: Assistance AppleCare
help link: http://www.apple.com/fr/support/
help telephone: 0825 888 024

Adobe Reader 7.0.9 7.0.9 ({AC76BA86-7AD7-1033-7B44-A70900000002})
version: 117440521
version (major): 7
estimated size: 66731
install date: 20070208
install source: C:\Program Files\Adobe\Acrobat 7.0\Setup Files\RdrBig709\ENU_\
uninstall cmd: MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70900000002}
publisher: Adobe Systems Incorporated
comments:
contact:
help link: http://www.adobe.com/support/main.html
help telephone:
readme: C:\Program Files\Adobe\Acrobat 7.0\Reader\Readme.htm

DivX Converter 6.2.1 ({B13A7C41581B411290FBC0395694E2A9})
install location: C:\Program Files\DivX
uninstall cmd: C:\Program Files\DivX\ConverterUninstall.exe /CONVERTER
publisher: DivX, Inc.

({B14F9B26-D695-4C4A-8B11-0FE6CDCC797B})
uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B14F9B26-D695-4C4A-8B11-0FE6CDCC797B}\setup.exe" -l0x9

DivX Web Player 1.3.0 ({B7050CBDB2504B34BC2A9CA0A692CC29})
install location: C:\Program Files\DivX
uninstall cmd: C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
publisher: DivX,Inc.

EPSON PhotoStarter3.1 ({C48817E7-AA05-4151-A99D-1E1E550CE801})
uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C48817E7-AA05-4151-A99D-1E1E550CE801}\SETUP.EXE" -l0x40c uninst

({E213C271-AEFA-481D-A9B4-914D88925B8D})
uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E213C271-AEFA-481D-A9B4-914D88925B8D}\setup.exe" -l0x9

Windows Live Messenger 8.0.0812.00 ({E22885AB-B503-46E2-8437-73BBC6BC5487})
version: 134218540
version (major): 8
estimated size: 28317
install date: 20070127
install source: C:\DOCUME~1\LOVATO\LOCALS~1\Temp\IXP000.TMP\
uninstall cmd: MsiExec.exe /I{E22885AB-B503-46E2-8437-73BBC6BC5487}
publisher: Microsoft Corporation

Microsoft Works 07.03.0522 ({E6BAE954-487E-488B-BC4E-2E69E54E8117})
version: 117637642
version (major): 7
version (minor): 3
estimated size: 244269
install date: 20070317
install source: E:\msworks\
uninstall cmd: MsiExec.exe /I{E6BAE954-487E-488B-BC4E-2E69E54E8117}
publisher: Microsoft Corporation
comments: Microsoft Works 7.0 installation.
help link: http://support.microsoft.com
help telephone:

1.9.2.1705 ({E9F81423-211E-46B6-9AE0-38568BC5CF6F})
version: 17367042
version (major): 1
version (minor): 9
estimated size: 3885
install date: 20070127
install source: E:\Alcohol 120% v1.9.2.1705 Multilanguage + serial (OK)\
uninstall cmd: MsiExec.exe /X{E9F81423-211E-46B6-9AE0-38568BC5CF6F}
help link: alcohol_dev@alcohol-soft.com

QuickTime 7.1.3.100 ({F07B861C-72B9-40A4-8B1A-AAED4C06A7E8})
version: 117506051
version (major): 7
version (minor): 1
estimated size: 71803
install date: 20070127
install location: C:\Program Files\QuickTime\
install source: C:\DOCUME~1\LOVATO\LOCALS~1\Temp\IXP917.TMP\
uninstall cmd: MsiExec.exe /I{F07B861C-72B9-40A4-8B1A-AAED4C06A7E8}
publisher: Apple Computer, Inc.
contact: Assistance AppleCare
help link: http://www.apple.com/fr/support/
help telephone: (33) 0825 888 024

SoundMAX 5.10.01.4530 ({F0A37341-D692-11D4-A984-009027EC0A9C})
version: 50331648
install date: 20070125
install location: C:\Program Files\Analog Devices\SoundMAX
install source: D:\Drivers\Audio\32bit\2K_XP\
uninstall cmd: RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\setup.exe" -l0x40c -removeonly
publisher: Analog Devices



--- System Services ---
Service (registry key): .NET CLR Data
Start: 0
Type: 0
Error Control: 0

Service (registry key): .NET CLR Networking
Start: 0
Type: 0
Error Control: 0

Service (registry key): .NET Data Provider for Oracle
Start: 0
Type: 0
Error Control: 0

Service (registry key): .NET Data Provider for SqlServer
Start: 0
Type: 0
Error Control: 0

Service (registry key): .NETFramework
Start: 0
Type: 0
Error Control: 0

Service (registry key): a347bus
Image path: system32\DRIVERS\a347bus.sys
Image size: 160640
Image MD5: 1F61CACACB521215F39061789147968C
Start: 0
Type: 1
Error Control: 1

Service (registry key): a347scsi
Image path: System32\Drivers\a347scsi.sys
Image size: 5248
Image MD5: 113E4B318BBAA7483CA4E582A4D63F49
Start: 0
Type: 1
Error Control: 0

Service (registry key): Aavmker4
Display name: avast! Asynchronous Virus Monitor
Start: 1
Type: 1
Error Control: 1

Service (registry key): Abiosdsk
Start: 4
Type: 1
Error Control: 0

Service (registry key): abp480n5
Start: 4
Type: 1
Error Control: 1

Service (registry key): ACPI
Display name: Pilote ACPI Microsoft
Image path: system32\DRIVERS\ACPI.sys
Image size: 188672
Image MD5: 0BD94FBFC14EA3606CD6CA4C0255BAA3
Start: 0
Type: 1
Error Control: 1

Service (registry key): ACPIEC
Start: 4
Type: 1
Error Control: 1

Service (registry key): ADIHdAudAddService
Display name: ADI UAA Function Driver for High Definition Audio Service
Image path: system32\drivers\ADIHdAud.sys
Image size: 229888
Image MD5: 8CE0A2C740E6E2683B4DEF4E485EA331
St

C'est cela que tu voulais?

Re,

Télécharge combofix.exe (par sUBs) sur ton Bureau

Double clique combofix.exe.

Tape sur la touche Y (Yes) pour démarrer le scan.

Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.

NOTE : Le rapport se trouve également ici : C:\Combofix.txt

"LOVATO" - 07-04-04 23:04:38 Service Pack 2
ComboFix 07-04-04.5 - Running from: "C:\Documents and Settings\LOVATO\Bureau"


(((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


C:\WINDOWS\system32\nvs2.inf
C:\WINDOWS\system32\qmpknjmhsv_navps.dat
C:\WINDOWS\system32\qmpknjmhsv.exe
C:\WINDOWS\system32\qmpknjmhsv.dat


((((((((((((((((((((((((((((((( Files Created from 2007-03-04 to 2007-04-04 ))))))))))))))))))))))))))))))))))


2007-04-04 21:45 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab
2007-04-04 21:16 <REP> d-------- C:\VundoFix Backups
2007-04-04 19:43 3,968 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-04-04 18:53 79,360 --a------ C:\WINDOWS\system32\swxcacls.exe
2007-04-04 18:53 53,248 --a------ C:\WINDOWS\system32\Process.exe
2007-04-04 18:53 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2007-04-04 18:53 40,960 --a------ C:\WINDOWS\system32\swsc.exe
2007-04-04 18:53 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2007-04-04 18:53 135,168 --a------ C:\WINDOWS\system32\swreg.exe
2007-04-04 18:41 94,424 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2007-04-04 18:41 90,112 --a------ C:\WINDOWS\system32\AVASTSS.scr
2007-04-04 18:41 85,952 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2007-04-04 18:41 689,280 --a------ C:\WINDOWS\system32\aswBoot.exe
2007-04-04 18:41 43,176 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2007-04-04 18:41 31,560 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2007-04-04 18:41 23,352 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2007-04-04 18:01 812 --a------ C:\WINDOWS\system32\tmp.reg
2007-04-04 18:00 <REP> d-------- C:\WINDOWS\pss
2007-03-25 18:40 2,308 --a------ C:\WINDOWS\mozver.dat
2007-03-25 18:40 0 --a------ C:\WINDOWS\nsreg.dat
2007-03-23 20:03 241,066 --a------ C:\WINDOWS\system32\qmpknjmhsv_nav.dat
2007-03-17 01:34 <REP> d-------- C:\Program Files\Microsoft AutoRoute
2007-03-17 01:27 <REP> d-------- C:\Program Files\Microsoft Works
2007-03-17 01:26 <REP> d-------- C:\Program Files\Microsoft Works Suite 2004
2007-03-09 18:48 <REP> d-------- C:\DOCUME~1\LOVATO\APPLIC~1\ItsLabel


(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


2007-04-04 23:05 -------- d-------- C:\Program Files\eprompter
2007-03-25 18:39 -------- d-------- C:\Program Files\divx
2007-03-25 13:57 71248 --a------ C:\WINDOWS\system32\perfc00c.dat
2007-03-25 13:57 458230 --a------ C:\WINDOWS\system32\perfh00c.dat
2007-03-23 18:29 -------- d-------- C:\DOCUME~1\LOVATO\APPLIC~1\divx
2007-03-08 17:37 578560 --a------ C:\WINDOWS\system32\user32.dll
2007-03-08 17:37 40960 --a------ C:\WINDOWS\system32\mf3216.dll
2007-03-08 17:37 281600 --a------ C:\WINDOWS\system32\gdi32.dll
2007-03-08 17:33 1843712 --a------ C:\WINDOWS\system32\win32k.sys
2007-03-05 23:42 -------- d-------- C:\Program Files\apple software update
2007-02-25 19:13 -------- d-------- C:\DOCUME~1\LOVATO\APPLIC~1\vlc
2007-02-23 06:29 524288 --a------ C:\WINDOWS\system32\divxsm.exe
2007-02-23 06:29 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2007-02-23 06:29 200704 --a------ C:\WINDOWS\system32\ssldivx.dll
2007-02-23 06:29 1044480 --a------ C:\WINDOWS\system32\libdivx.dll
2007-02-23 06:25 823296 --a------ C:\WINDOWS\system32\divx_xx0c.dll
2007-02-23 06:25 823296 --a------ C:\WINDOWS\system32\divx_xx07.dll
2007-02-23 06:25 802816 --a------ C:\WINDOWS\system32\divx_xx11.dll
2007-02-23 06:25 73728 --a------ C:\WINDOWS\system32\dpl100.dll
2007-02-23 06:25 639066 --a------ C:\WINDOWS\system32\divx.dll
2007-02-23 06:25 593920 --a------ C:\WINDOWS\system32\dpugui11.dll
2007-02-23 06:25 57344 --a------ C:\WINDOWS\system32\dpv11.dll
2007-02-23 06:25 53248 --a------ C:\WINDOWS\system32\dpugui10.dll
2007-02-23 06:25 344064 --a------ C:\WINDOWS\system32\dpus11.dll
2007-02-23 06:25 294912 --a------ C:\WINDOWS\system32\dpu11.dll
2007-02-23 06:25 294912 --a------ C:\WINDOWS\system32\dpu10.dll
2007-02-23 06:25 196608 --a------ C:\WINDOWS\system32\dtu100.dll
2007-02-20 20:48 10752 --a------ C:\WINDOWS\system32\ff_vfw.dll
2007-02-18 19:45 -------- d-------- C:\Program Files\freebrowser
2007-02-18 00:26 -------- d-------- C:\Program Files\happyicon
2007-02-17 00:26 -------- d-------- C:\Program Files\windows media connect 2
2007-02-16 03:40 124472 --a------ C:\WINDOWS\system32\divxcodecupdatechecker.exe
2007-02-14 17:11 -------- d-------- C:\Program Files\Fichiers communs\wise installation wizard
2007-02-06 22:12 86094 --a------ C:\WINDOWS\bpmnt.dll
2007-02-06 22:12 1101904 --a------ C:\WINDOWS\vsapi32.dll
2007-02-06 21:58 71749 --a------ C:\WINDOWS\hcextoutput.dll
2007-02-06 21:58 229957 --a------ C:\WINDOWS\tsc.exe
2007-02-06 21:57 69689 --a------ C:\WINDOWS\unzip.dll
2007-02-06 21:57 507904 --a------ C:\WINDOWS\tmupdate.dll
2007-02-06 21:57 286720 --a------ C:\WINDOWS\patch.exe
2007-02-05 23:21 -------- d-------- C:\Program Files\pdfcreator
2007-02-02 21:42 51716 --a------ C:\WINDOWS\system32\pdf995mon.dll
2007-02-02 21:42 122880 --a------ C:\WINDOWS\system32\pdfmona.dll
2007-02-02 18:33 34008 --a------ C:\DOCUME~1\LOVATO\APPLIC~1\gdipfontcachev1.dat
2007-01-27 21:07 36104 --a------ C:\WINDOWS\system32\spoonuninstall-dbpoweramp music converter.dat
2007-01-26 03:19 129784 --------- C:\WINDOWS\system32\pxafs.dll
2007-01-26 03:19 118520 --------- C:\WINDOWS\system32\pxinsi64.exe
2007-01-26 03:19 116472 --------- C:\WINDOWS\system32\pxcpyi64.exe
2007-01-25 16:58 62 --ahs---- C:\DOCUME~1\LOVATO\APPLIC~1\desktop.ini
2007-01-25 16:28 0 -rahs---- C:\MSDOS.SYS
2007-01-25 16:28 0 -rahs---- C:\IO.SYS
2007-01-25 16:28 0 --a------ C:\CONFIG.SYS
2007-01-25 16:28 0 --a------ C:\AUTOEXEC.BAT
2007-01-25 16:26 21892 --a------ C:\WINDOWS\system32\emptyregdb.dat


(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries & legit default entries are not shown

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe"
"ccleaner"="\"C:\\Program Files\\CCleaner\\ccleaner.exe\" /AUTO"
"MsnMsgr"="\"C:\\Program Files\\MSN Messenger\\MsnMsgr.Exe\" /background"
"freeBrowser"="C:\\Program Files\\freeBrowser\\freeBrowser\\freeBrowser.exe"
"Shareaza"="\"C:\\Program Files\\Shareaza\\Shareaza.exe\" -tray"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"
"nwiz"="nwiz.exe /install"
"avast!"="C:\\PROGRA~1\\ALWILS~1\\Avast4\\ashDisp.exe"
"!AVG Anti-Spyware"="\"C:\\Program Files\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized"


[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=dword:00000000

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\yayyyww

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa
Authentication Packages REG_MULTI_SZ msv1_0\0\0
Security Packages REG_MULTI_SZ kerberos\0msv1_0\0schannel\0wdigest\0\0
Notification Packages REG_MULTI_SZ scecli\0\0

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0
Usnsvc REG_MULTI_SZ usnsvc\0\0
WudfServiceGroup REG_MULTI_SZ WUDFSvc\0\0



Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{C9AFA3CA-49CE-4E6A-B140-5E407BB20E60}.job


********************************************************************

catchme 0.2 W2K/XP/Vista - userland rootkit detector by Gmer, 17 October 2006
http://www.gmer.net

scanning hidden processes ...

scanning hidden services ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0

********************************************************************

Completion time: 07-04-04 23:07:35
C:\ComboFix-quarantined-files.txt ... 07-04-04 23:07

C'est bon , cest bien cela qu il fallait faire ?

Bon plus de nouvelles , on termine demain alors ....
Merci en tous cas pour ce soir et bonne nuit

Re,

Fais un scan en ligne Kaspersky avec Internet Explorer :

Clique sur

Clique maintenant sur J'accepte.

Valide l'installation d'un ou de plusieurs ActiveX si c'est nécessaire.

Patiente pendant l'installation des Mises à jour.

Choisis par la suite l'analyse du Poste de travail

Sauvegarde puis colle le rapport généré en fin d'analyse.

AIDE : Tuto sur le scan en ligne

NOTE : Si tu reçois le message "La licence de Kaspersky On-line Scanner est périmée", va dans Ajout/Suppression de programmes puis désinstalle On-Line Scanner, reconnecte toi sur le site de Kaspersky pour retenter le scan en ligne.

re,
J ai refait spybot , j ai toujours smithfraud toolbar888.
Voici le nouveau rapport kaspersky

Thursday, April 05, 2007 8:33:53 PM
Système d'exploitation : Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version : 5.0.83.0
Dernière mise à jour de la base antivirus Kaspersky : 5/04/2007
Enregistrements dans la base antivirus Kaspersky : 275425


Paramètres d'analyse
Analyser avec la base antivirus suivante standard
Analyser les archives vrai
Analyser les bases de messagerie vrai

Cible de l'analyse Poste de travail
C:\
D:\
E:\
F:\

Statistiques de l'analyse
Total d'objets analysés 34216
Nombre de virus trouvés 1
Nombre d'objets infectés 2 / 0
Nombre d'objets suspects 0
Durée de l'analyse 00:18:18

Nom de l'objet infecté Nom du virus Dernière action
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré

C:\Documents and Settings\LocalService\Cookies\index.dat L'objet est verrouillé ignoré

C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré

C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré

C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré

C:\Documents and Settings\LocalService\NTUSER.DAT L'objet est verrouillé ignoré

C:\Documents and Settings\LocalService\ntuser.dat.LOG L'objet est verrouillé ignoré

C:\Documents and Settings\LOVATO\Application Data\Shareaza\Data\TigerTree.dat L'objet est verrouillé ignoré

C:\Documents and Settings\LOVATO\Cookies\index.dat L'objet est verrouillé ignoré

C:\Documents and Settings\LOVATO\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat L'objet est verrouillé ignoré

C:\Documents and Settings\LOVATO\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré

C:\Documents and Settings\LOVATO\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré

C:\Documents and Settings\LOVATO\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré

C:\Documents and Settings\LOVATO\Local Settings\Historique\History.IE5\MSHist012007040520070406\index.dat L'objet est verrouillé ignoré

C:\Documents and Settings\LOVATO\Local Settings\Temp\~DFDE36.tmp L'objet est verrouillé ignoré

C:\Documents and Settings\LOVATO\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat L'objet est verrouillé ignoré

C:\Documents and Settings\LOVATO\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré

C:\Documents and Settings\LOVATO\NTUSER.DAT L'objet est verrouillé ignoré

C:\Documents and Settings\LOVATO\ntuser.dat.LOG L'objet est verrouillé ignoré

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré

C:\Documents and Settings\NetworkService\NTUSER.DAT L'objet est verrouillé ignoré

C:\Documents and Settings\NetworkService\ntuser.dat.LOG L'objet est verrouillé ignoré

C:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat L'objet est verrouillé ignoré

C:\Program Files\Alwil Software\Avast4\DATA\Avast4.db L'objet est verrouillé ignoré

C:\Program Files\Alwil Software\Avast4\DATA\integ\avast.int L'objet est verrouillé ignoré

C:\Program Files\Alwil Software\Avast4\DATA\log\AshWebSv.ws L'objet est verrouillé ignoré

C:\Program Files\Alwil Software\Avast4\DATA\log\aswMaiSv.log L'objet est verrouillé ignoré

C:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log L'objet est verrouillé ignoré

C:\Program Files\Alwil Software\Avast4\DATA\report\Protection résidente.txt L'objet est verrouillé ignoré

C:\Program Files\freeBrowser\freeBrowser\FreeBrowser.log L'objet est verrouillé ignoré

C:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré

C:\System Volume Information\_restore{D08ABD70-BD34-4259-94B6-4DBF759EC72B}\RP129\change.log L'objet est verrouillé ignoré

C:\VundoFix Backups\vtmijfck.dll.bad Infecté : Trojan-Spy.Win32.VBStat.h ignoré

C:\VundoFix Backups\yturqush.dll.bad Infecté : Trojan-Spy.Win32.VBStat.h ignoré

C:\WINDOWS\Debug\PASSWD.LOG L'objet est verrouillé ignoré

C:\WINDOWS\SchedLgU.Txt L'objet est verrouillé ignoré

C:\WINDOWS\SoftwareDistribution\EventCache\{DF36EAA5-D17A-4B3F-8CB9-EC6852A26BF6}.bin L'objet est verrouillé ignoré

C:\WINDOWS\SoftwareDistribution\ReportingEvents.log L'objet est verrouillé ignoré

C:\WINDOWS\Sti_Trace.log L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\Antivirus.Evt L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\AppEvent.Evt L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\default L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\default.LOG L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\Internet.evt L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\SAM L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\SAM.LOG L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\SecEvent.Evt L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\SECURITY L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\SECURITY.LOG L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\software L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\software.LOG L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\SysEvent.Evt L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\system L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\system.LOG L'objet est verrouillé ignoré

C:\WINDOWS\system32\drivers\atapi.sys L'objet est verrouillé ignoré

C:\WINDOWS\system32\h323log.txt L'objet est verrouillé ignoré

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR L'objet est verrouillé ignoré

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP L'objet est verrouillé ignoré

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER L'objet est verrouillé ignoré

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP L'objet est verrouillé ignoré

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP L'objet est verrouillé ignoré

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA L'objet est verrouillé ignoré

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP L'objet est verrouillé ignoré

C:\WINDOWS\Temp\Perflib_Perfdata_1d4.dat L'objet est verrouillé ignoré

C:\WINDOWS\Temp\_avast4_\Webshlock.txt L'objet est verrouillé ignoré

C:\WINDOWS\wiadebug.log L'objet est verrouillé ignoré

C:\WINDOWS\wiaservc.log L'objet est verrouillé ignoré

C:\WINDOWS\WindowsUpdate.log L'objet est verrouillé ignoré

D:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré

D:\System Volume Information\_restore{D08ABD70-BD34-4259-94B6-4DBF759EC72B}\RP129\change.log L'objet est verrouillé ignoré

D:\temporaires\btih_JFR673T2NKQ675BBJ4B66EWEJKQLYACY.partial L'objet est verrouillé ignoré

D:\temporaires\btih_NNSHHKLHUXE57RRVP7K6DK3DFW3YZW7Y.partial L'objet est verrouillé ignoré

D:\temporaires\ed2k_13a2dc80f8ff2cb41b904e06adf265b6.partial L'objet est verrouillé ignoré

D:\temporaires\ed2k_6a9acd41f9f3f722dc82278a1750333a.partial L'objet est verrouillé ignoré

D:\temporaires\sha1_2I7ZWHTRUIHKTE257FOGA2XSWQV7TZRB.partial L'objet est verrouillé ignoré

D:\temporaires\sha1_6P42AQF4NUYVKS3TIK7INDZEWVHBSEN7.partial L'objet est verrouillé ignoré

D:\temporaires\sha1_6RYBFL5NW2DNRU64NKJVXV4UENDYAMGS.partial L'objet est verrouillé ignoré

D:\temporaires\sha1_DO3U7ZMXQB25ZADPTWGE3AODM6BAHHS4.partial L'objet est verrouillé ignoré

D:\temporaires\sha1_GSQKN5VUQ5ZQPEX2LLDNN7BN67675C6D.partial L'objet est verrouillé ignoré

D:\temporaires\sha1_HNJAMMPPUKEOCTSGR5DLNBXILLVBSHCD.partial L'objet est verrouillé ignoré

D:\temporaires\sha1_OI63B6OXAYXZYQDEIRXBFLAQ73I2P3KE.partial L'objet est verrouillé ignoré

D:\temporaires\sha1_R6QT2ZLNDV7YREDSVW4ZEGCYBIJOFCQK.partial L'objet est verrouillé ignoré

D:\temporaires\sha1_R7FXNZJNQCUVV5PSXDRL3NLC6ZK6DVMD.partial L'objet est verrouillé ignoré

D:\temporaires\sha1_RCMLROILYGJ4XAT3HYOY4G4MJL36M2S3.partial L'objet est verrouillé ignoré

D:\temporaires\sha1_UYU3VJRPF4DZQMA6K4LETG6ORUV3XMYW.partial L'objet est verrouillé ignoré

D:\temporaires\sha1_Y5GITV5R7LR4KYYYGVCMT3XCXASAB3VM.partial L'objet est verrouillé ignoré

Analyse terminée.

Re,

Supprime ce dossier :
C:\VundoFix Backups

Reposte un rapport Hijackthis.

voilà:

Logfile of HijackThis v1.99.1
Scan saved at 20:49:19, on 05/04/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\freeBrowser\freeBrowser\freeBrowser.exe
C:\Program Files\Shareaza\Shareaza.exe
C:\Program Files\ePrompter\ePrompter.exe
C:\Program Files\Hotmail Popper\hotpop.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\freeBrowser\vlc\vlc.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\LOVATO\Mes documents\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://french.eazel.com/index.php?rvs=hompag
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [freeBrowser] C:\Program Files\freeBrowser\freeBrowser\freeBrowser.exe
O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray
O4 - Startup: ePrompter.lnk = C:\Program Files\ePrompter\ePrompter.exe
O4 - Startup: Hotmail Popper.lnk = C:\Program Files\Hotmail Popper\hotpop.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: yayyyww - yayyyww.dll (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

Tu as toujours des pubs ?

des pubs plus du tout ,mais ordi lent tres lent ....

Re,

http://www.malekal.com/optimisation_systeme.php

ok je te remercie pour ton aide, je vais tout lire ...et appliquer .on considere le problème pour lequel j ai demande ton aide est résolu .Spybot nikel! MERCI
j'edite ...

le meme probleme mercide votre aide Logfile of HijackThis v1.99.1
Scan saved at 20:21:07, on 20/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Orange\Systray\SystrayApp.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\CameraAssistant.exe
C:\WINDOWS\system32\ElkCtrl.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ASUS\AI Gear2\GearHelp.exe
C:\Program Files\ASUS\Ai Nap\AiNap.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Program Files\Orange\AntivirusFirewall\Common\FSM32.EXE
C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fsgk32st.exe
C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\FSGK32.EXE
C:\Program Files\Orange\AntivirusFirewall\Common\FSMA32.EXE
C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIADE.EXE
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\Program Files\Orange\AntivirusFirewall\Common\FSMB32.EXE
C:\Program Files\Fichiers communs\TerraTec\Remote\TTTvRc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Orange\AntivirusFirewall\Common\FCH32.EXE
C:\WINDOWS\system32\svchost.exe
C:\documents and settings\bruno\local settings\application data\wseio.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Orange\AntivirusFirewall\Common\FAMEH32.EXE
C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fsqh.exe
C:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\Orange\AntivirusFirewall\FSAUA\program\fsaua.exe
C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fssm32.exe
C:\Program Files\Orange\AntivirusFirewall\FWES\Program\fsdfwd.exe
C:\Program Files\Orange\AntivirusFirewall\FSGUI\fsguidll.exe
C:\Program Files\Orange\AntivirusFirewall\FSAUA\program\fsus.exe
C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fsav32.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Hauppauge\WinTV Nexus\DVB-TV.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Bruno\Bureau\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\SearchURLHook\SearchPageURL.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &TerraTec Home Cinema - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\PROGRA~1\TerraTec\TERRAT~1\THCDES~1.DLL
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [EPSON Stylus DX4800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIADE.EXE /P26 "EPSON Stylus DX4800 Series" /O6 "USB001" /M "Stylus DX4800"
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\Orange\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\Orange\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Ai Gear Help] "C:\Program Files\ASUS\AI Gear2\GearHelp.exe"
O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files\ASUS\Ai Nap\AiNap.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Orange\AntivirusFirewall\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Orange\AntivirusFirewall\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [EPSON Stylus DX4800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIADE.EXE /P26 "EPSON Stylus DX4800 Series" /M "Stylus DX4800" /EF "HKCU"
O4 - HKCU\..\Run: [TerraTec Remote Control] "C:\Program Files\Fichiers communs\TerraTec\Remote\TTTvRc.exe"
O4 - HKCU\..\Run: [wseio] "c:\documents and settings\bruno\local settings\application data\wseio.exe" wseio
O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\orange\antivirusfirewall\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\orange\antivirusfirewall\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\orange\antivirusfirewall\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\orange\antivirusfirewall\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\orange\antivirusfirewall\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\orange\antivirusfirewall\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\orange\antivirusfirewall\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\orange\antivirusfirewall\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\orange\antivirusfirewall\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\orange\antivirusfirewall\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\orange\antivirusfirewall\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\orange\antivirusfirewall\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\orange\antivirusfirewall\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\orange\antivirusfirewall\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\orange\antivirusfirewall\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\orange\antivirusfirewall\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\orange\antivirusfirewall\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\orange\antivirusfirewall\fsps\program\fslsp.dll
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/Install...
O18 - Protocol: bw+0 - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {CC4E888B-B3A3-4C9C-818D-A1C42E56ACB4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O20 - Winlogon Notify: LBTWlgn - c:\program files\fichiers communs\logitech\bluetooth\LBTWlgn.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\Orange\AntivirusFirewall\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Orange\AntivirusFirewall\FWES\Program\fsdfwd.exe
O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\Orange\AntivirusFirewall\Common\FSMA32.EXE
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTServ.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe