teurps

salut bruce lee .... et bien ecoute pour le moment plus de winantivirus qui apparait .... le bonheur je te remercie enormement .... mais je pense que d'ici peu je te recontacterais car ma collegue a le meme souci ... en pire winantivirus se lance des qu'elle allume son pc. sinon ...MERCI BEAUCOUP a tres bientot

le voici enfin ...... : Wednesday, January 24, 2007 11:54:50 PM Système d'exploitation : Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600) Kaspersky On-line Scanner version : 5.0.83.0 Dernière mise à jour de la base antivirus Kaspersky : 24/01/2007 Enregistrements dans la base antivirus Kaspersky : 247053 Paramètres d'analyse Analyser avec la base antivirus suivante standard Analyser les archives vrai Analyser les bases de messagerie vrai Cible de l'analyse Poste de travail C:\ D:\ E:\ F:\ G:\ H:\ I:\ J:\ K:\ Statistiques de l'analyse Total d'objets analysés 88468 Nombre de virus trouvés 0 Nombre d'objets infectés 0 / 0 Nombre d'objets suspects 0 Durée de l'analyse 00:49:48 Nom de l'objet infecté Nom du virus Dernière action C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\Cookies\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\NTUSER.DAT L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\ntuser.dat.LOG L'objet est verrouillé ignoré C:\Documents and Settings\Million - Rousseau\Cookies\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\Million - Rousseau\Local Settings\Application Data\Microsoft\Messenger\[email protected]\SharingMetadata\Logs\Dfsr.log L'objet est verrouillé ignoré C:\Documents and Settings\Million - Rousseau\Local Settings\Application Data\Microsoft\Messenger\[email protected]\SharingMetadata\pending.dat L'objet est verrouillé ignoré C:\Documents and Settings\Million - Rousseau\Local Settings\Application Data\Microsoft\Messenger\[email protected]\SharingMetadata\Working\database_86EC_14E5_EC14_D173\dfsr.db L'objet est verrouillé ignoré C:\Documents and Settings\Million - Rousseau\Local Settings\Application Data\Microsoft\Messenger\[email protected]\SharingMetadata\Working\database_86EC_14E5_EC14_D173\fsr.log L'objet est verrouillé ignoré C:\Documents and Settings\Million - Rousseau\Local Settings\Application Data\Microsoft\Messenger\[email protected]\SharingMetadata\Working\database_86EC_14E5_EC14_D173\fsrtmp.log L'objet est verrouillé ignoré C:\Documents and Settings\Million - Rousseau\Local Settings\Application Data\Microsoft\Messenger\[email protected]\SharingMetadata\Working\database_86EC_14E5_EC14_D173\tmp.edb L'objet est verrouillé ignoré C:\Documents and Settings\Million - Rousseau\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré C:\Documents and Settings\Million - Rousseau\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré C:\Documents and Settings\Million - Rousseau\Local Settings\Application Data\Microsoft\Windows Live Contacts\[email protected]\real\members.stg L'objet est verrouillé ignoré C:\Documents and Settings\Million - Rousseau\Local Settings\Application Data\Microsoft\Windows Live Contacts\[email protected]\shadow\members.stg L'objet est verrouillé ignoré C:\Documents and Settings\Million - Rousseau\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\Million - Rousseau\Local Settings\Historique\History.IE5\MSHist012007012420070125\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\Million - Rousseau\Local Settings\Temp\~DFA91E.tmp L'objet est verrouillé ignoré C:\Documents and Settings\Million - Rousseau\Local Settings\Temp\~DFA95D.tmp L'objet est verrouillé ignoré C:\Documents and Settings\Million - Rousseau\Local Settings\Temp\~DFBDC4.tmp L'objet est verrouillé ignoré C:\Documents and Settings\Million - Rousseau\Local Settings\Temp\~DFBDD5.tmp L'objet est verrouillé ignoré C:\Documents and Settings\Million - Rousseau\Local Settings\Temp\~DFCAB2.tmp L'objet est verrouillé ignoré C:\Documents and Settings\Million - Rousseau\Local Settings\Temp\~DFCACA.tmp L'objet est verrouillé ignoré C:\Documents and Settings\Million - Rousseau\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat L'objet est verrouillé ignoré C:\Documents and Settings\Million - Rousseau\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\Million - Rousseau\NTUSER.DAT L'objet est verrouillé ignoré C:\Documents and Settings\Million - Rousseau\ntuser.dat.LOG L'objet est verrouillé ignoré C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré C:\Documents and Settings\NetworkService\NTUSER.DAT L'objet est verrouillé ignoré C:\Documents and Settings\NetworkService\ntuser.dat.LOG L'objet est verrouillé ignoré C:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat L'objet est verrouillé ignoré C:\Program Files\Alwil Software\Avast4\DATA\Avast4.db L'objet est verrouillé ignoré C:\Program Files\Alwil Software\Avast4\DATA\integ\avast.int L'objet est verrouillé ignoré C:\Program Files\Alwil Software\Avast4\DATA\log\AshWebSv.ws L'objet est verrouillé ignoré C:\Program Files\Alwil Software\Avast4\DATA\log\aswMaiSv.log L'objet est verrouillé ignoré C:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log L'objet est verrouillé ignoré C:\Program Files\Alwil Software\Avast4\DATA\report\Protection résidente.txt L'objet est verrouillé ignoré C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_AGENT_LOG1.txt L'objet est verrouillé ignoré C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_AUDIO\CLML.db L'objet est verrouillé ignoré C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_AUDIO\CLML.db-journal L'objet est verrouillé ignoré C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_BINARY\CLML.db L'objet est verrouillé ignoré C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_BLOB\CLML.db L'objet est verrouillé ignoré C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_BLOB\CLML.db-journal L'objet est verrouillé ignoré C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_GLOBAL\CLML.db L'objet est verrouillé ignoré C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_GLOBAL\CLML.db-journal L'objet est verrouillé ignoré C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_IMAGE\CLML.db L'objet est verrouillé ignoré C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_IMAGE\CLML.db-journal L'objet est verrouillé ignoré C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_MAIN\CLML.db L'objet est verrouillé ignoré C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_MAIN\CLML.db-journal L'objet est verrouillé ignoré C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_TV\CLML.db L'objet est verrouillé ignoré C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_TV\CLML.db-journal L'objet est verrouillé ignoré C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_VIDEO\CLML.db L'objet est verrouillé ignoré C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_VIDEO\CLML.db-journal L'objet est verrouillé ignoré C:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP453\change.log L'objet est verrouillé ignoré C:\WINDOWS\Debug\PASSWD.LOG L'objet est verrouillé ignoré C:\WINDOWS\SchedLgU.Txt L'objet est verrouillé ignoré C:\WINDOWS\SoftwareDistribution\ReportingEvents.log L'objet est verrouillé ignoré C:\WINDOWS\Sti_Trace.log L'objet est verrouillé ignoré C:\WINDOWS\system32\CatRoot2\edb.log L'objet est verrouillé ignoré C:\WINDOWS\system32\CatRoot2\tmp.edb L'objet est verrouillé ignoré C:\WINDOWS\system32\config\Antivirus.Evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\AppEvent.Evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\DEFAULT L'objet est verrouillé ignoré C:\WINDOWS\system32\config\default.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\Internet.evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SAM L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SAM.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SecEvent.Evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SECURITY L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SECURITY.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SOFTWARE L'objet est verrouillé ignoré C:\WINDOWS\system32\config\software.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SysEvent.Evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SYSTEM L'objet est verrouillé ignoré C:\WINDOWS\system32\config\system.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\h323log.txt L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP L'objet est verrouillé ignoré C:\WINDOWS\Temp\Perflib_Perfdata_57c.dat L'objet est verrouillé ignoré C:\WINDOWS\Temp\_avast4_\Webshlock.txt L'objet est verrouillé ignoré C:\WINDOWS\wiadebug.log L'objet est verrouillé ignoré C:\WINDOWS\wiaservc.log L'objet est verrouillé ignoré C:\WINDOWS\WindowsUpdate.log L'objet est verrouillé ignoré Analyse terminée.

voila 01/24/07 21:36:30 [info]: BlackLight Engine 1.0.55 initialized 01/24/07 21:36:30 [info]: OS: 5.1 build 2600 (Service Pack 2) 01/24/07 21:36:30 [Note]: 7019 4 01/24/07 21:36:30 [Note]: 7005 0 01/24/07 21:36:45 [Note]: 7006 0 01/24/07 21:36:45 [Note]: 7011 2040 01/24/07 21:36:45 [Note]: 7026 0 01/24/07 21:36:45 [Note]: 7026 0 01/24/07 21:36:52 [Note]: FSRAW library version 1.7.1021 01/24/07 21:42:41 [Note]: 2000 1012 01/24/07 21:42:41 [Note]: 2000 1012 01/24/07 21:44:23 [Note]: 7007 0

ok merci le voici Pocket Killbox version Running on Windows XP as Million - Rousseau(Administrator) was started @ mercredi, janvier 24, 2007, 12:47 PM Killbox Closed(Exit) @ 12:52:19 PM __________________________________________________ Pocket Killbox version Running on Windows XP as Million - Rousseau(Administrator) was started @ mercredi, janvier 24, 2007, 2:35 PM Killbox Closed(Exit) @ 2:36:27 PM __________________________________________________ Pocket Killbox version 2.0.0.881 Running on Windows XP as Million - Rousseau(Administrator) was started @ mercredi, janvier 24, 2007, 2:41 PM Killbox Closed(Exit) @ 2:45:43 PM __________________________________________________ Pocket Killbox version 2.0.0.881 Running on Windows XP as Million - Rousseau(Administrator) was started @ mercredi, janvier 24, 2007, 2:50 PM # 1 [Delete on Reboot] Path = C:\windows\system32\cpfnaeht.exe I Rebooted @ 2:52:03 PM Killbox Closed(Exit) @ 2:52:04 PM __________________________________________________

salut Bruce Lee Bon voila j'ai fais la procedure que tu ma donné (pas tres simple pour des debutant en informatique) j'ai rencontré un souci au niveau de la fin de la procedure j'ai ouvert le dossier log comme tu me dis tu me demande de faire un copier collé jusqu'a la pas de souci ..mais je le colle ou ? ICI merci de ton aide voici le rapport d' AVG --------------------------------------------------------- AVG Anti-Spyware - Rapport d'analyse --------------------------------------------------------- + Créé à: 14:21:34 24/01/2007 + Résultat de l'analyse: HKU\S-1-5-21-1873846358-2510818698-2150741658-1008\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D} -> Adware.2020Search : Nettoyé et sauvegardé (mise en quarantaine). HKU\S-1-5-21-1873846358-2510818698-2150741658-1008\Software\INSTAFINK -> Adware.InstaFinder : Nettoyé et sauvegardé (mise en quarantaine). HKU\S-1-5-21-1873846358-2510818698-2150741658-1008\Software\INSTAFINK\Reports -> Adware.InstaFinder : Nettoyé et sauvegardé (mise en quarantaine). HKU\S-1-5-21-1873846358-2510818698-2150741658-1008\Software\INSTAFINK\Reports\38668 -> Adware.InstaFinder : Nettoyé et sauvegardé (mise en quarantaine). HKU\S-1-5-21-1873846358-2510818698-2150741658-1008\Software\INSTAFINK\Reports\38668\Objects -> Adware.InstaFinder : Nettoyé et sauvegardé (mise en quarantaine). HKU\S-1-5-21-1873846358-2510818698-2150741658-1008\Software\INSTAFINK\Reports\38668\Objects\5 -> Adware.InstaFinder : Nettoyé et sauvegardé (mise en quarantaine). HKU\S-1-5-21-1873846358-2510818698-2150741658-1008\Software\INSTAFINK\Reports\38669 -> Adware.InstaFinder : Nettoyé et sauvegardé (mise en quarantaine). HKU\S-1-5-21-1873846358-2510818698-2150741658-1008\Software\INSTAFINK\Reports\38669\Objects -> Adware.InstaFinder : Nettoyé et sauvegardé (mise en quarantaine). HKU\S-1-5-21-1873846358-2510818698-2150741658-1008\Software\INSTAFINK\Reports\38669\Objects\5 -> Adware.InstaFinder : Nettoyé et sauvegardé (mise en quarantaine). HKU\S-1-5-21-1873846358-2510818698-2150741658-1008\Software\INSTAFINK\Reports\38670 -> Adware.InstaFinder : Nettoyé et sauvegardé (mise en quarantaine). HKU\S-1-5-21-1873846358-2510818698-2150741658-1008\Software\INSTAFINK\Stat -> Adware.InstaFinder : Nettoyé et sauvegardé (mise en quarantaine). C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP418\A0119433.exe -> Dropper.NaviP.u : Nettoyé et sauvegardé (mise en quarantaine). C:\Documents and Settings\Million - Rousseau\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Nettoyé. C:\WINDOWS\system32\config\systemprofile\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Nettoyé. C:\Documents and Settings\Million - Rousseau\Cookies\million_-_rousseau@adtech[2].txt -> TrackingCookie.Adtech : Nettoyé. C:\Documents and Settings\Million - Rousseau\Cookies\million_-_rousseau@advertising[2].txt -> TrackingCookie.Advertising : Nettoyé. C:\Documents and Settings\Million - Rousseau\Cookies\million_-_rousseau@adviva[1].txt -> TrackingCookie.Adviva : Nettoyé. C:\Documents and Settings\Million - Rousseau\Cookies\million_-_rousseau@atdmt[1].txt -> TrackingCookie.Atdmt : Nettoyé. C:\Documents and Settings\Million - Rousseau\Cookies\million_-_rousseau@bluestreak[2].txt -> TrackingCookie.Bluestreak : Nettoyé. C:\Documents and Settings\Million - Rousseau\Cookies\million_-_rousseau@doubleclick[2].txt -> TrackingCookie.Doubleclick : Nettoyé. C:\Documents and Settings\Million - Rousseau\Cookies\million_-_rousseau@estat[1].txt -> TrackingCookie.Estat : Nettoyé. C:\Documents and Settings\Million - Rousseau\Cookies\million_-_rousseau@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyé. C:\Documents and Settings\Million - Rousseau\Cookies\[email protected][2].txt -> TrackingCookie.Pointroll : Nettoyé. C:\Documents and Settings\Million - Rousseau\Cookies\[email protected][1].txt -> TrackingCookie.Reliablestats : Nettoyé. C:\Documents and Settings\Million - Rousseau\Cookies\[email protected][1].txt -> TrackingCookie.Smartadserver : Nettoyé. C:\Documents and Settings\Million - Rousseau\Cookies\million_-_rousseau@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Nettoyé. C:\Documents and Settings\Million - Rousseau\Cookies\[email protected][1].txt -> TrackingCookie.Vegasred : Nettoyé. C:\Documents and Settings\Million - Rousseau\Cookies\million_-_rousseau@weborama[1].txt -> TrackingCookie.Weborama : Nettoyé. C:\Documents and Settings\Million - Rousseau\Cookies\[email protected][1].txt -> TrackingCookie.Webtrendslive : Nettoyé. Fin du rapport rapport hijackthis : Logfile of HijackThis v1.99.1 Scan saved at 15:00:53, on 24/01/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0011) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Logitech\Video\LogiTray.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\ALCWZRD.EXE C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\RunDLL32.exe C:\Documents and Settings\Million - Rousseau\Bureau\AVG Anti-Spyware 7.5\avgas.exe C:\WINDOWS\system32\ctfmon.exe C:\Documents and Settings\Million - Rousseau\Bureau\AVG Anti-Spyware 7.5\guard.exe c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe c:\APPS\Powercinema\Kernel\TV\CLSched.exe C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe C:\Program Files\DigitalPeers\CamTrack\dptracker.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\RegFreeze\regfreeze.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Logitech\Video\FxSvr2.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Documents and Settings\Million - Rousseau\Bureau\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Documents and Settings\Million - Rousseau\Bureau\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Startup: CamTrack.lnk = C:\Program Files\DigitalPeers\CamTrack\dptracker.exe O4 - Startup: RegFreeze.lnk = C:\Program Files\RegFreeze\regfreeze.exe O4 - Global Startup: Sagem - Utilitaire réseau pour Clé USB Wi-Fi 802.11g.lnk = ? O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file) O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\jv16 powertools\backups06db\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\jv16 powertools\backups06db\msmsgs.exe O11 - Options group: [iNTERNATIONAL] International* O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204 O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/...nst_current.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://didite73.spaces.live.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1161099853000 O16 - DPF: {745395C8-D0E1-4227-8586-624CA9A10A8D} - http://gastronome-127-190.cnt.nerim.net:8081/activex/AMC.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://193.52.240.246/activex/AxisCamControl.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: offline-8876480 - {D42C2838-059A-4873-9DA0-5A581B1B3F69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Documents and Settings\Million - Rousseau\Bureau\AVG Anti-Spyware 7.5\guard.exe O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe O23 - Service: MysqlInventime - - (no file) O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe voila en esperant que j'ai bien effectué tous ce que tu m'as dis correctement

voila le rapport blacklight : 01/23/07 15:11:45 [info]: BlackLight Engine 1.0.55 initialized 01/23/07 15:11:45 [info]: OS: 5.1 build 2600 (Service Pack 2) 01/23/07 15:11:45 [Note]: 7019 4 01/23/07 15:11:45 [Note]: 7005 0 01/23/07 15:12:02 [Note]: 7006 0 01/23/07 15:12:02 [Note]: 7011 1052 01/23/07 15:12:02 [Note]: 7026 0 01/23/07 15:12:02 [Note]: 7026 0 01/23/07 15:12:02 [Note]: 7024 3 01/23/07 15:12:02 [info]: Hidden process: C:\windows\system32\cpfnaeht.exe 01/23/07 15:12:09 [Note]: FSRAW library version 1.7.1021 01/23/07 15:17:45 [info]: Hidden file: c:\WINDOWS\system32\cpfnaeht.dat 01/23/07 15:17:45 [Note]: 10002 1 01/23/07 15:17:45 [info]: Hidden file: C:\windows\system32\cpfnaeht.exe 01/23/07 15:17:45 [Note]: 10002 1 01/23/07 15:17:45 [info]: Hidden file: c:\WINDOWS\system32\cpfnaeht_nav.dat 01/23/07 15:17:45 [Note]: 10002 1 01/23/07 15:17:46 [info]: Hidden file: c:\WINDOWS\system32\cpfnaeht_navps.dat 01/23/07 15:17:46 [Note]: 10002 1 01/23/07 15:18:55 [Note]: 2000 1012 01/23/07 15:18:55 [Note]: 2000 1012

Bonjour, comme beaucoup de personnes je suis persecutée par le spyware winantivirus. qui pourrais m'aider a le faire disparaitre. merci rapport hijackthis : Logfile of HijackThis v1.99.1 Scan saved at 11:03:05, on 22/01/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0011) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe c:\APPS\Powercinema\Kernel\TV\CLSched.exe C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Logitech\Video\LogiTray.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\ALCWZRD.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\E-Color\Common\IconMgr.exe C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe C:\Program Files\DigitalPeers\CamTrack\dptracker.exe C:\Program Files\Logitech\Video\FxSvr2.exe C:\Program Files\RegFreeze\regfreeze.exe C:\Program Files\E-Color\E-Color Indicator\TICIcon.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\WINDOWS\system32\svchost.exe C:\PROGRA~1\INCRED~1\bin\IMApp.exe C:\Documents and Settings\Million - Rousseau\Bureau\scanner.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: EoBho Class - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - (no file) O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - (no file) O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [sW20] C:\WINDOWS\system32\sw20.exe O4 - HKLM\..\Run: [sW24] C:\WINDOWS\system32\sw24.exe O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1 O4 - Startup: CamTrack.lnk = C:\Program Files\DigitalPeers\CamTrack\dptracker.exe O4 - Startup: RegFreeze.lnk = C:\Program Files\RegFreeze\regfreeze.exe O4 - Global Startup: E-Color.lnk = C:\Program Files\E-Color\Common\IconMgr.exe O4 - Global Startup: Sagem - Utilitaire réseau pour Clé USB Wi-Fi 802.11g.lnk = ? O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm O8 - Extra context menu item: &Search - http://ko.bar.need2find.com/KO/menusearch.html?p=KO O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file) O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\jv16 powertools\backups06db\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\jv16 powertools\backups06db\msmsgs.exe O11 - Options group: [iNTERNATIONAL] International* O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204 O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/...nst_current.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://didite73.spaces.live.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1161099853000 O16 - DPF: {745395C8-D0E1-4227-8586-624CA9A10A8D} - http://gastronome-127-190.cnt.nerim.net:8081/activex/AMC.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://193.52.240.246/activex/AxisCamControl.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab O18 - Protocol: bw+0 - {D42C2838-059A-4873-9DA0-5A581B1B3F69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0s - {D42C2838-059A-4873-9DA0-5A581B1B3F69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {D42C2838-059A-4873-9DA0-5A581B1B3F69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {D42C2838-059A-4873-9DA0-5A581B1B3F69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {D42C2838-059A-4873-9DA0-5A581B1B3F69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {D42C2838-059A-4873-9DA0-5A581B1B3F69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {D42C2838-059A-4873-9DA0-5A581B1B3F69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {D42C2838-059A-4873-9DA0-5A581B1B3F69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {D42C2838-059A-4873-9DA0-5A581B1B3F69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {D42C2838-059A-4873-9DA0-5A581B1B3F69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {D42C2838-059A-4873-9DA0-5A581B1B3F69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {D42C2838-059A-4873-9DA0-5A581B1B3F69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40 - {D42C2838-059A-4873-9DA0-5A581B1B3F69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {D42C2838-059A-4873-9DA0-5A581B1B3F69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {D42C2838-059A-4873-9DA0-5A581B1B3F69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {D42C2838-059A-4873-9DA0-5A581B1B3F69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {D42C2838-059A-4873-9DA0-5A581B1B3F69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {D42C2838-059A-4873-9DA0-5A581B1B3F69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {D42C2838-059A-4873-9DA0-5A581B1B3F69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {D42C2838-059A-4873-9DA0-5A581B1B3F69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {D42C2838-059A-4873-9DA0-5A581B1B3F69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {D42C2838-059A-4873-9DA0-5A581B1B3F69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {D42C2838-059A-4873-9DA0-5A581B1B3F69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {D42C2838-059A-4873-9DA0-5A581B1B3F69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {D42C2838-059A-4873-9DA0-5A581B1B3F69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {D42C2838-059A-4873-9DA0-5A581B1B3F69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {D42C2838-059A-4873-9DA0-5A581B1B3F69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {D42C2838-059A-4873-9DA0-5A581B1B3F69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {D42C2838-059A-4873-9DA0-5A581B1B3F69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {D42C2838-059A-4873-9DA0-5A581B1B3F69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0 - {D42C2838-059A-4873-9DA0-5A581B1B3F69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {D42C2838-059A-4873-9DA0-5A581B1B3F69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {D42C2838-059A-4873-9DA0-5A581B1B3F69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {D42C2838-059A-4873-9DA0-5A581B1B3F69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {D42C2838-059A-4873-9DA0-5A581B1B3F69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {D42C2838-059A-4873-9DA0-5A581B1B3F69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {D42C2838-059A-4873-9DA0-5A581B1B3F69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {D42C2838-059A-4873-9DA0-5A581B1B3F69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {D42C2838-059A-4873-9DA0-5A581B1B3F69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {D42C2838-059A-4873-9DA0-5A581B1B3F69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {D42C2838-059A-4873-9DA0-5A581B1B3F69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {D42C2838-059A-4873-9DA0-5A581B1B3F69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {D42C2838-059A-4873-9DA0-5A581B1B3F69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {D42C2838-059A-4873-9DA0-5A581B1B3F69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {D42C2838-059A-4873-9DA0-5A581B1B3F69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {D42C2838-059A-4873-9DA0-5A581B1B3F69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {D42C2838-059A-4873-9DA0-5A581B1B3F69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {D42C2838-059A-4873-9DA0-5A581B1B3F69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {D42C2838-059A-4873-9DA0-5A581B1B3F69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {D42C2838-059A-4873-9DA0-5A581B1B3F69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {D42C2838-059A-4873-9DA0-5A581B1B3F69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {D42C2838-059A-4873-9DA0-5A581B1B3F69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {D42C2838-059A-4873-9DA0-5A581B1B3F69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {D42C2838-059A-4873-9DA0-5A581B1B3F69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {D42C2838-059A-4873-9DA0-5A581B1B3F69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {D42C2838-059A-4873-9DA0-5A581B1B3F69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {D42C2838-059A-4873-9DA0-5A581B1B3F69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {D42C2838-059A-4873-9DA0-5A581B1B3F69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {D42C2838-059A-4873-9DA0-5A581B1B3F69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {D42C2838-059A-4873-9DA0-5A581B1B3F69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {D42C2838-059A-4873-9DA0-5A581B1B3F69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {D42C2838-059A-4873-9DA0-5A581B1B3F69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {D42C2838-059A-4873-9DA0-5A581B1B3F69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {D42C2838-059A-4873-9DA0-5A581B1B3F69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {D42C2838-059A-4873-9DA0-5A581B1B3F69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {D42C2838-059A-4873-9DA0-5A581B1B3F69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {D42C2838-059A-4873-9DA0-5A581B1B3F69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {D42C2838-059A-4873-9DA0-5A581B1B3F69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {D42C2838-059A-4873-9DA0-5A581B1B3F69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {D42C2838-059A-4873-9DA0-5A581B1B3F69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {D42C2838-059A-4873-9DA0-5A581B1B3F69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {D42C2838-059A-4873-9DA0-5A581B1B3F69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {D42C2838-059A-4873-9DA0-5A581B1B3F69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {D42C2838-059A-4873-9DA0-5A581B1B3F69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {D42C2838-059A-4873-9DA0-5A581B1B3F69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {D42C2838-059A-4873-9DA0-5A581B1B3F69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: offline-8876480 - {D42C2838-059A-4873-9DA0-5A581B1B3F69} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - ATI Technologies Inc. - (no file) O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe O23 - Service: MysqlInventime - - (no file) O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe