[virus] alertes incessantes

Bonsoir à tous!!

je m'inquiéte car depuis quelques semaines je poste mon pb mais les solutions apportées sont soit inefficaces, soit depuis peu, on ne me répond pas...

allez, une dernière bouteille à la mer...

merci par avance!

mon pb dure depuis plusieurs semaines:

-des alertes de avast ttes les 5 minutes
-un PC qui rame
-des scan de ewido, spybot search and desrroy, ccleaner innefficaces
-une page de demarrage qui reste la meme
...

BREF

voila les rapports de Fixwareout et de hijackthis

d'abord celui de fixwareout:

Fixwareout ver 1.003
Last edited 07/1/2006
Post this report in the forums please

Reg Entries that were deleted
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ruins\}3AD03FF2F966-462A-27B4-A929-596A772A{
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ruins\}69588E25A38D-05B9-90E4-FE04-47F1E285{
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ruins\}FD2ED7D42BCE-2A09-DAF4-AC23-A11E136B{
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ruins\}342038E69568-ECD8-4184-BB2C-5231F296{
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ruins\}F0C140723CD7-0799-8A24-AFA6-172A1C62{
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ruins\}7C716ED89BC4-CCB9-2884-EC68-A0668D42{
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ruins\}494FA6B83B3E-8F3B-C414-6104-C270D9F4{
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ruins\}3F60FA28C35D-2F4B-BAC4-3A85-83AD20CC{
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ruins\}4E473D41103A-CFDB-1124-C97E-BC8DA9C5{
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ruins\}1DF4975FB884-A11A-84B4-400B-FAB303E3{
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ruins\}2AFACC573CA7-7BDA-15D4-4447-169C1265{
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ruins\}CAB6AE82BB00-E109-C7D4-FABF-73D38EE2{
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ruins\}AF0C7C068F39-C969-80C4-196E-66E141A2{
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ruins\}6031C2E02850-6DFA-7374-944C-687695BE{
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ruins\}0CBCA0900E7D-B7A9-26F4-EECF-58C467AE{
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ruins\}29B7789F0CE7-A3CB-4A34-A1A1-BF20EEC5{
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ruins\}2929BCA37F1B-A15A-8084-81A9-2E3CB356{
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ruins\}4312BF8B1D09-25EB-A9B4-E490-2337DD5E{
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ruins\}EF2DBEA0A1B4-ACE9-1244-5353-753EF7FD{
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ruins\}B613AC161B76-91CA-BDD4-E822-B2EED79A{
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Urls\swen
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Urls\eno
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Urls\repiwoh
...

Microsoft (R) Windows Script Host Version 5.6
Random Runs removed from HKLM
...

PLEASE NOTE, There WILL be LEGIT FILES LISTED. IF YOU ARE UNSURE OF WHAT IT IS LEAVE THEM ALONE.
Example ipsec6.exe is legitimate

»»»»» Search by size and names...
* csr.exe C:\WINDOWS\System32\CSQXV.EXE
* csr.exe C:\WINDOWS\System32\CSVJS.EXE
* csr.exe C:\WINDOWS\System32\CSZSL.EXE

»»»»» Misc files

»»»»» Checking for older varients covered by the Rem3 tool

»»»»»
Search five digit cs, dm and jb files
This WILL/CAN also list Legit Files, Submit them at Virustotal
C:\WINDOWS\SYSTEM32\CSQXV.EXE 51 202 2006-07-04
C:\WINDOWS\SYSTEM32\CSVJS.EXE 51 202 2006-07-08
C:\WINDOWS\SYSTEM32\CSZSL.EXE 51 202 2006-06-28
Other suspects
Directory of C:\WINDOWS\system32
{78746792-BEB9-4258-94D5-CDFBB00527D2}.dll
{900E8634-D1F9-4B22-A4C9-23BD5738E16A}.exe
{4FD38A74-3220-4E59-B967-19CD8EAEE281}.exe
{A97DEE2B-228E-4DDB-AC19-67B161CA316B}.exe
{EA764C85-FCEE-4F62-9A7B-D7E0090ACBC0}.exe
{EB596786-C449-4737-AFD6-05820E2C1306}.exe
{CC02DA38-58A3-4CAB-B4F2-D53C82AF06F3}.exe
{582E1F74-40EF-4E09-9B50-D83A52E88596}.exe
{A8A0DF21-6915-4A8B-B6E6-91319132DFA7}.exe
{C351590A-BFF4-40DE-894A-27B251A99A06}.exe
{F7BDC436-3692-4256-AE41-11BBA79A79FC}.exe
{8EDFDD2E-5DFE-4A64-9AA8-2A194DA68B06}.exe
{750C2628-FAAD-4470-84A2-C9FB25D500CA}.exe
{F0E00CA4-6292-4884-A675-DFBFB8AECCBD}.exe
{EFD026DD-C26E-4430-840A-F60F3FFAA6AB}.exe
{68853444-68FC-4CAA-B1F1-55AA6D63D1E1}.exe
{E0B2BACF-006F-436D-B349-303E35BFB93F}.exe
{A2FCF28C-2E4A-4469-A4DC-8C53A6DEAA79}.exe
{F971CAD9-D6FD-4B42-880A-C3C14E330200}.exe
{288A738E-97D5-4A8A-8DFE-B60E1648365B}.exe
{61F820C3-9261-463F-A814-D0AC29BAE6B5}.exe
{7CD9C9E8-660A-400E-AD01-DC56411E6D47}.exe
{811B93EA-E3EA-41AE-9255-21CFD6061DC0}.exe
{A20A1778-E5E7-4D13-ABD4-A1DF72BD96B4}.exe
{569882A6-09E4-4898-BAAD-14885A92DE3E}.exe
{A3A26584-C3F6-487F-81E8-8E747FBBBDBE}.exe
{A49FB920-CFEC-4966-9204-C4FC23284B5C}.exe
{F6E2DA2E-7645-4C3B-8BE8-C2B4A26471C7}.exe
{6D1A5A31-3707-4EF1-824D-0BA85B42A20E}.exe
{F28EB595-64B8-4368-A4D3-B21C12EA11A1}.exe
{798AACA7-A523-4DA2-B929-4F3167089A00}.exe
{3D9991D2-5E09-48F7-85B2-438A6E0BFE84}.exe
{D0BB9FFF-F3C5-45C5-95BE-24B5FFA8E979}.exe
{30C805F8-FE88-46C7-B5E0-1F27FD530EE8}.exe
{91123481-B742-4130-8AD6-103E19920E5B}.exe
{F25DF7D3-6CE8-45A0-AC53-6027AD4A1172}.exe
{5F95736A-D8D3-4DAB-8C08-4B8411C3668F}.exe
{6B4F44ED-5DA0-4128-A124-D42EFF4565FA}.exe
{4419F51C-53E4-450E-90D4-57CA784ED10F}.exe
{E3B2B819-BCC6-4C66-9CC0-9721517E392B}.exe
{390C917F-426E-4F72-88D8-B3723EDDAB4C}.exe
{C116DFC4-D399-49DF-BCCE-EED79A8D1F6A}.exe
{388E6C5E-BB66-457D-BEAB-F0E1608D7607}.exe
{7D0B9D9E-C2E5-4C2C-B49A-D1738A810470}.exe
{423641DB-B572-4742-8E1E-ABCDE18810FE}.exe
{021D01AD-D46C-4C82-88E9-33CCDC3E9657}.exe
{9EDB978C-4761-4C17-A274-6389B2F4EF1E}.exe
{37578281-5DE2-45E1-8493-64FA7BC098F6}.exe
{2787877F-934D-4EF2-92A5-1A6539D7BD53}.exe
{184A186F-DE3B-4063-B075-C1F9CF5B7765}.exe
{901FD435-C824-47F6-B238-A6C57A8F9D97}.exe
{9731EAA9-2463-44C1-BE34-FF50256048FA}.exe
{8EC759C0-CF56-494C-AE7F-8B0869BFEE93}.exe
{580473D3-A073-4E4E-810F-58986DF78E1D}.exe
{BA7DD377-7056-4C2E-B65D-B3D29A7ACC37}.exe
{8CCE9F33-A833-44A3-ADDD-89076D6BA8BA}.exe
{8E082CB6-D89F-4211-9CB3-707ED7961505}.exe
{E1196F58-66C8-49A0-8CAF-B74061B6E502}.exe
{B8E8A1E2-4251-4434-AA8D-DC3F82A3071D}.exe
{C0036529-3F92-4DB0-9F2D-88915457D87A}.exe
{36079386-F06A-469F-AE20-34EA4589F4A5}.exe
{E00428D1-E520-4EF5-B8B7-5B0456D343A3}.exe
{15A01149-0259-480B-900C-37C8397073D7}.exe
{7BBEA997-1B9F-49DC-B98C-5908ABC784F0}.exe
{9E1DF071-454E-4CF4-B088-9AD1A0EE758F}.exe
{5E104F14-60B5-476E-B4E6-FBDD2F41DAD6}.exe
{CA602073-40CC-4CF2-B36E-51465DCEB7C2}.exe
{71AB1656-1742-4242-BB57-4B785F6F6922}.exe
{BAEC96AD-49F0-405E-A74B-32BEC6CBEBA1}.exe
{6891ED3A-D527-491A-80AD-60B5DD9768AF}.exe
{47DFCD19-3DAC-4226-8897-B0F5675DFA36}.exe
{EDF86E1F-BF05-4909-BB20-14FEBBD0EEF1}.exe
{435DBE8B-DF4C-4B9B-B4C4-18C2DD751C9F}.exe
{18B6443C-C540-48ED-AF3F-3844F68AED2F}.exe
{DE322F70-110B-4B89-A69E-295560FF0883}.exe
{9003A010-F90D-4EEF-BECB-ACBEFF08366B}.exe
{0D46B01E-C818-49E3-A99E-B31270F6ACEB}.exe
{176F1ADD-D789-4562-AE9B-4A8ED13EB52A}.exe
{6DF52AE4-DB92-40BC-95ED-614DB98D9CC9}.exe
{0EAC8793-D85C-4A64-838B-AF13643207B1}.exe
{1F2C134A-2503-4DD5-8887-3B7A86E1A057}.exe
{B0FB0BC5-EF26-47A4-B640-56E6E5738397}.exe
{905B1E2A-26AB-4B6C-8AA6-5C2EE3DFD559}.exe
{0AD75E29-10AA-4854-80E8-272222921209}.exe
{B602C8F2-45FE-4083-9742-81108C7ABC2C}.exe
{2A28234B-C75F-4FDC-9EC5-A9B2D9300685}.exe
{AAA70360-35B9-4F8B-B2E1-140A85E6F68D}.exe
{B98EED72-6DCD-4065-AA3A-97C992836218}.exe
{3AF48E12-773E-43DF-8ECD-9CA760B484C5}.exe
{A3F1498B-0BD9-4980-91CC-7ACE5F2C5AD4}.exe
{53BDAFE6-0042-4A7C-B751-F3718B4CD38F}.exe
{4DCC9B7E-5FCE-490B-897C-BF64049CEDAE}.exe
{D4D53DC0-4526-4E74-A46F-06A10D8E1EFE}.exe
{184697C4-763F-402B-BBBB-55C8A4F9FC3F}.exe
{C7FAFD3C-B6E4-437B-889F-423CF04E0395}.exe
{C7E0B161-E0A2-4CC2-B743-E5FFC232F779}.exe
{75E2777D-4F07-4B87-B52D-34FAC53D85F8}.exe
{83C9FB57-11D9-4007-ABF8-D9BEF33FBA9D}.exe
{0FF2E6D2-DDD4-43E8-9672-2200521F0CB7}.exe
{6CBF234A-C648-4844-A5FB-A450AA114A89}.exe
{0814687B-492B-4820-ACB3-CF8AC03E0D1C}.exe
{943E21B8-F520-48AA-9A7F-6BB0B801BCFD}.exe
{745ADF3F-3759-4468-9E16-F751D5570582}.exe
{99A9FEB7-196A-4F32-BB2A-D0DF40A4E3B7}.exe
{718EE39D-E9BF-4FCB-90B7-09A9C890D632}.exe
{72A278CC-F2BE-4A11-BD72-2DC96841BC62}.exe
{CBD35AB9-9DE9-4B8F-85C5-4A409EA28B29}.exe

et de hijackthis:

Logfile of HijackThis v1.99.1
Scan saved at 15:35:17, on 08/07/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\hphmon06.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\system32\keyhook.exe
C:\WINDOWS\AGRSMMSG.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\PROGRA~1\HELPAN~1\Pavilion\XPHWWBF4\plugin\bin\pchbutton.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\8927S5EN\HijackThis[1].exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {4FB95AF0-FDE4-0B73-C9E1-3FCBC6EE545D} - NukeSpan.dll (file missing)
O1 - Hosts: localhost 127.0.0.1
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [ActionScr] abrek.exe
O4 - HKLM\..\Run: [slamm] init32.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [vpkzx.exe] C:\WINDOWS\system32\vpkzx.exe
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HELPAN~1\Pavilion\XPHWWBF4\plugin\bin\pchbutton.exe
O4 - HKCU\..\Run: [media64] uio.exe
O4 - HKCU\..\Run: [BoundRec] ABCXYZ.exe
O4 - HKCU\..\Run: [bingo9] Brong32.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: Télécharger avec &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .mpeg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{082AE51C-9CBE-4E46-9D0C-B749F2F30CF7}: NameServer = 85.255.116.169,85.255.112.198
O17 - HKLM\System\CCS\Services\Tcpip\..\{0F50BB47-4AC5-426B-82C2-D3F1259E41B8}: NameServer = 85.255.116.169,85.255.112.198
O17 - HKLM\System\CCS\Services\Tcpip\..\{16EC85D2-CF87-4913-AFCD-E578DE0015D8}: NameServer = 85.255.116.169,85.255.112.198
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.116.169 85.255.112.198
O17 - HKLM\System\CS1\Services\Tcpip\..\{082AE51C-9CBE-4E46-9D0C-B749F2F30CF7}: NameServer = 85.255.116.169,85.255.112.198
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.116.169 85.255.112.198
O18 - Protocol: offline-8876480 - {8A896400-62F8-4C59-A703-55D4F95C85D6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

merci baucoup...