infecté par vundo.gen

Tom's Guide > Forum > Sécurité - Virus > infecté par vundo.gen

infecté par vundo.gen - Sécurité - Virus

TomsGuide.com : 800 000 inscrits répondent à toutes vos questions high-tech et informatique. Pour obtenir de l'aide, inscrivez-vous gratuitement !

Répondre

Bas de page Chercher dans ce sujet

bonjours, je ne peux pas laisser antivir en route car celui ci me detecte un virus: vundo.gen. Apparement, il n'est pas en mesure de le supprimer. En fouillant sur le net, j'ai scanné mon ordinateur avec vundofix, mais celui ci n'a rien trouvé. De plus, lorsque j'allume internet explorer, une barre de tache est nouvellement apparue; il y a remove popup, scan spyware et security test. Lorsque je clique sur le dernier, une page de spyware isolator 2008 s'ouvre. Pouvez-vous m'aider?

Répondre

Inscrivez-vous ou connectez-vous pour masquer ceci.

Bonjour,

http://www.infos-du-net.com/forum/ [...] ntissement

Comment m'expliques-tu le fait que tu te fasses réinfecter ? As-tu lu les indications de XmichouX ? Il t'a donné des liens intéressants, les as-tu lus ? Clique sur le lien dans ma signature pour en savoir plus.

Si tu fais n'importe quoi avec ton PC on ne va pas passer notre temps à te désinfecter.

Surtout que vu ton infection, tu as dû lancer un cracks ou un truc du genre...

------------------------------ Prière de signaler si vous vous faites déjà aider sur un autre forum ou dans un autre topic.

Sécurité / Prévention
Répondre à Egwene

désolé mais je dispose de plusieurs ordinteurs. La première infection touchait celui de mes parents, j'ai bien suivi les indication de XmichouX et mes parents n'on plus aucun problème. Aujourd'hui il s'agit de mon ordinateur, ce n'est pas le même. Voila.

Répondre à calim76560

Re,

Oki simple on va le vérifier

Télécharge puis installe Hijackthis (Trend Micro)
Poste ensuite un rapport dans ta prochaine réponse.
AIDE : Comment utiliser Hijackthis v2.0.2

Mes excuses le cas échéant

------------------------------ Prière de signaler si vous vous faites déjà aider sur un autre forum ou dans un autre topic.

Sécurité / Prévention
Répondre à Egwene

voila le rapport, pour les crack, c'est tout à fait possible, mon frère télécharge beaucoup me semble-t-il, est-ce lié?
Logfile of HijackThis v1.99.1
Scan saved at 19:24:50, on 25/04/2008
Platform: Unknown Windows (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16643)

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\System32\rundll32.exe
C:\Windows\explorer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\fredo\AppData\Local\Temp\Rar$EX00.703\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: DVA Gate - {AEAFB69D-EDE2-47C8-BDBA-D8938DE059D3} - C:\Windows\qnmargolewk.dll (file missing)
O2 - BHO: (no name) - {E69DA3F4-19AF-4D5A-9462-3517106DEC09} - C:\Windows\system32\geBspnLd.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: dpevflbg - {CE66268D-0208-4D9E-8BC7-12D91072A34D} - C:\Windows\dpevflbg.dll
O4 - HKLM\..\Run: [edvfffoffc] c:\users\paul\appdata\local\microsoft\edvfffoffc.exe edvfffoffc
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [MSServer] rundll32.exe C:\Windows\system32\tuvVMgFw.dll,#1
O4 - HKLM\..\Run: [b84aab15] rundll32.exe "C:\Windows\system32\xugrnyue.dll",b
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools\daemon.exe" -autorun
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: Contrôleur de calendrier Ulead.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - (no file)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
O11 - Options group: [INTERNATIONAL] International*
O13 - Gopher Prefix:
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/5 [...] plugin.cab
O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} - http://messenger.zone.msn.com/bina [...] b56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} - http://messenger.zone.msn.com/FR-F [...] E_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/Driv [...] eqlab2.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} - http://a840.g.akamai.net/7/840/537 [...] scan53.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - http://messenger.zone.msn.com/bina [...] b56649.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game08.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ [...] wflash.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O21 - SSODL: wdpoefan - {5501E3E1-465D-4E84-962A-9C5C259C2390} - C:\Windows\wdpoefan.dll
O21 - SSODL: vadokmxt - {AE5E2CA8-4B41-4A25-8EFF-82AEB28B96C8} - C:\Windows\vadokmxt.dll (file missing)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\Windows\system32\drivers\CDAC11BA.EXE
O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: Remote Administrator Service (r_server) - Unknown owner - C:\windows\svchost.exe" /service (file missing)
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)

Répondre à calim76560

Re,

Tu as utilisé une mauvaise version d'hijackthis. Désinstalle-la.

Télécharge et installe la celle que je t'ai donnée dans mon lien ( à lire ! ).

Une fois cela fait, poste-moi un nouveau rapport fait avec la version que je t'ai donnée.

N.B : Dis à ton frère de lire le dossier en lien dans ma signature car le PC est vraiment vérolé...

------------------------------ Prière de signaler si vous vous faites déjà aider sur un autre forum ou dans un autre topic.

Sécurité / Prévention
Répondre à Egwene

voila. Après je désinstalle tous les petits logiciels que mon frère utilise. il fera ses choses la sur son ordinateur a lui. Fini sa session.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:34:29, on 25/04/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16643)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\System32\rundll32.exe
C:\Windows\explorer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: DVA Gate - {AEAFB69D-EDE2-47C8-BDBA-D8938DE059D3} - C:\Windows\qnmargolewk.dll (file missing)
O2 - BHO: (no name) - {E69DA3F4-19AF-4D5A-9462-3517106DEC09} - C:\Windows\system32\geBspnLd.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: dpevflbg - {CE66268D-0208-4D9E-8BC7-12D91072A34D} - C:\Windows\dpevflbg.dll
O4 - HKLM\..\Run: [edvfffoffc] c:\users\paul\appdata\local\microsoft\edvfffoffc.exe edvfffoffc
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [MSServer] rundll32.exe C:\Windows\system32\tuvVMgFw.dll,#1
O4 - HKLM\..\Run: [b84aab15] rundll32.exe "C:\Windows\system32\xugrnyue.dll",b
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools\daemon.exe" -autorun
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-2740256353-4076371411-4223361501-1001\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'paul')
O4 - HKUS\S-1-5-21-2740256353-4076371411-4223361501-1001\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe (User 'paul')
O4 - HKUS\S-1-5-21-2740256353-4076371411-4223361501-1001\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe (User 'paul')
O4 - Global Startup: Contrôleur de calendrier Ulead.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - (no file)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O13 - Gopher Prefix:
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/5 [...] plugin.cab
O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} - http://messenger.zone.msn.com/bina [...] b56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} - http://messenger.zone.msn.com/FR-F [...] E_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/Driv [...] eqlab2.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} - http://a840.g.akamai.net/7/840/537 [...] scan53.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - http://messenger.zone.msn.com/bina [...] b56649.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game08.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ [...] wflash.cab
O21 - SSODL: wdpoefan - {5501E3E1-465D-4E84-962A-9C5C259C2390} - C:\Windows\wdpoefan.dll
O21 - SSODL: vadokmxt - {AE5E2CA8-4B41-4A25-8EFF-82AEB28B96C8} - C:\Windows\vadokmxt.dll (file missing)
O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\Windows\system32\drivers\CDAC11BA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: Remote Administrator Service (r_server) - Unknown owner - C:\windows\svchost.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe

--
End of file - 10892 bytes

merci de ton aide tout de même

Répondre à calim76560

Re,

De rien Oui ton frère a l'air de faire un peu n'importe quoi. Soit il n'est pas averti des dangers du net, soit il passe outre... mais bonjour le résultat ( pour toi ).

Quand j'en aurais fini avec toi, ton PC sera tout propre :super:

C'est parti pour le nettoyage, en plusieurs étapes évidemment

Télécharge MalwareByte's Anti-Malware sur ton Bureau.
Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.

Une fois l'installation et la mise à jour effectuées, redémarre en mode sans échec.
AIDE : Redémarrer en mode sans échec

Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
Afin de lancer la recherche, clic sur"Rechercher".
Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :

-- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
-- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.

AIDE : Tuto en images sur MBAM

------------------------------ Prière de signaler si vous vous faites déjà aider sur un autre forum ou dans un autre topic.

Sécurité / Prévention
Répondre à Egwene

je ne peux accéder au mode sans échec car je dispose d'un clavier sans fil. Je pourrais avoir un clavier filaire à partir de demain.

Répondre à calim76560

Re,

Et bien il est préférable d'attendre demain et le clavier avec fil pour accéder au mode sans échec.

A demain alors :hello:

------------------------------ Prière de signaler si vous vous faites déjà aider sur un autre forum ou dans un autre topic.

Sécurité / Prévention
Répondre à Egwene

bonjour Merillym. Je dispose maintenant d'un clavier filaire. J'ai essayé de démarrer Malwarebytes' Anti-Malware mais celui ci ne ce lance pas. Même en mode normal. J'ai une page d'erreur qui s'ouvre:
erreur d'éxécution 339, le composant COMCTL32.OCX ou une de ces dépendance n'est pas correctement enrengistré.
merci

Répondre à calim76560

existe-t-il un autre logiciel que cela parce la mon ordi me tape sur les nerf ( et mon frère aussi)

Répondre à calim76560

Re,

Hum... As-tu ton CD de windows ?

Ok, on va utiliser d'autres outils

1) Désactive l'UAC ( Menu Démarrer \ Panneau de Configuration \ Comptes d'utilisateurs et protection des utilisateurs \ Comptes d'utilisateurs \ Activer ou désactiver le contrôle des comptes d'utilisateurs \ décoche la case Utiliser le contrôle ... et valide par OK , il te sera demandé de redémarrer, fais le )

Affiche les fichiers/dossiers cachés : http://www.micro-astuce.com/Forum/topic1607.html

2) Désactive toute protection résidente ( antivirus... ) !
Déconnecte-toi d'internet, ferme tous les programmes en cours et laisse combofix travailler : ne fais donc pas autre chose en même temps !

Télécharge Combofix de sUBs
Sauvegarde le sur ton bureau et pas ailleurs !
Redémarre en mode sans échecs : aide ici >>>
http://forum.telecharger.01net.com [...] ges-1.html
/!\ Ne jamais redémarrer en mode sans échec via msconfig ! /!\

Double-clic sur combofix, Il va te poser une question, réponds par la touche 1 et entrée pour valider, laisse toi guider.
Attends que combofix ait terminé, un rapport sera créé. Poste le rapport. Il se trouve ici : C:\Combofix.txt

3) Copie/colle un nouveau rapport HiJackThis avec.

Bon courage :hello:

Message édité par Egwene le 26-04-2008 à 14:23:36

------------------------------ Prière de signaler si vous vous faites déjà aider sur un autre forum ou dans un autre topic.

Sécurité / Prévention
Répondre à Egwene

voici le rapport combofix:
ComboFix 08-04-24.1 - fredo 2008-04-26 14:34:24.1 - NTFSx86 MINIMAL
Microsoft® Windows Vista™ Édition Intégrale 6.0.6000.0.1252.1.1033.18.669 [GMT 2:00]
Running from: C:\Users\fredo\Desktop\ComboFix.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\ProgramData\Microsoft\Windows\Start Menu\Online Security Guide.url
C:\ProgramData\Microsoft\Windows\Start Menu\Security Troubleshooting.url
C:\Users\paul\AppData\Local\ezuudak.dat
C:\Users\paul\AppData\Local\ezuudak_nav.dat
C:\Users\paul\AppData\Local\ezuudak_navps.dat
C:\Users\paul\AppData\Local\laecxc.dat
C:\Users\paul\AppData\Local\laecxc_nav.dat
C:\Users\paul\AppData\Local\laecxc_navps.dat
C:\Windows\Downloaded Program Files\setup.inf
C:\Windows\rs.txt
C:\Windows\svchost.exe
C:\Windows\system32\bsgkjcpf.dll
C:\Windows\system32\byXQHywX.dll
C:\Windows\System32\dLnpsBeg.ini
C:\Windows\System32\dLnpsBeg.ini2
C:\Windows\System32\fpcjkgsb.ini
C:\Windows\system32\geBspnLd.dll
C:\Windows\system32\khFXrPFw.dll
C:\Windows\system32\mcrh.tmp
C:\Windows\system32\nnnoMFxy.dll
C:\Windows\system32\nvs2.inf
C:\Windows\System32\OXbacdMp.ini
C:\Windows\System32\OXbacdMp.ini2
C:\Windows\system32\pMdcabXO.dll
C:\Windows\system32\tuvUNhfG.dll
C:\Windows\system32\vtUlkIbX.dll
C:\Windows\System32\wFPrXFhk.ini
C:\Windows\System32\wFPrXFhk.ini2

.
((((((((((((((((((((((((( Files Created from 2008-03-26 to 2008-04-26 )))))))))))))))))))))))))))))))
.

2008-04-26 14:11 . 2008-04-26 14:11 1,017 --a------ C:\Windows\ST5UNST.000
2008-04-26 13:54 . 2008-04-26 13:54 <REP> d-------- C:\Users\All Users\Malwarebytes
2008-04-26 13:54 . 2008-04-26 13:54 <REP> d-------- C:\ProgramData\Malwarebytes
2008-04-26 13:53 . 2008-04-26 14:13 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-04-25 19:46 . 2008-04-25 19:46 <REP> d-------- C:\Users\fredo\AppData\Roaming\Download Manager
2008-04-25 19:34 . 2008-04-25 19:34 <REP> d-------- C:\Program Files\Trend Micro
2008-04-25 18:46 . 2008-04-25 18:46 <REP> d-------- C:\VundoFix Backups
2008-04-25 18:36 . 2008-04-26 09:14 1,505,903 ---hs---- C:\Windows\System32\euynrgux.ini
2008-04-25 18:16 . 2008-04-25 18:31 1,505,841 ---hs---- C:\Windows\System32\qgfqwrvi.ini
2008-04-24 20:11 . 2008-04-24 20:16 <REP> d-------- C:\Program Files\Norton Security Scan
2008-04-24 18:25 . 2008-04-24 18:25 <REP> d-------- C:\Windows\System32\Kaspersky Lab
2008-04-24 18:15 . 2008-04-25 17:29 1,505,112 ---hs---- C:\Windows\System32\bauxkorq.ini
2008-04-23 14:43 . 2008-04-23 14:19 258,048 --a------ C:\Windows\wdpoefan.dll
2008-04-23 14:43 . 2008-04-23 14:19 188,416 --a------ C:\Windows\dpevflbg.dll
2008-04-23 14:43 . 2008-04-23 14:19 102,400 --a------ C:\Windows\olgdqarf.exe
2008-04-22 21:02 . 2008-04-22 21:02 <REP> d-------- C:\Program Files\CASIO
2008-04-22 21:02 . 2008-04-23 12:42 483 --a------ C:\Windows\FXIWIN.INI
2008-04-19 11:13 . 2008-04-19 11:13 <REP> d-------- C:\Program Files\DAEMON Tools
2008-04-18 22:07 . 2008-04-26 13:59 <REP> d-------- C:\Users\All Users\Avira
2008-04-18 22:07 . 2008-04-26 13:59 <REP> d-------- C:\ProgramData\Avira
2008-04-13 17:23 . 2008-04-13 17:23 <REP> d-------- C:\Users\autre\AppData\Roaming\PlayFirst
2008-04-10 18:01 . 2008-04-10 18:01 <REP> dr------- C:\Users\autre\Searches
2008-04-10 18:01 . 2008-04-10 18:01 <REP> d-------- C:\Users\autre\AppData\Roaming\Nero
2008-04-10 18:00 . 2008-04-10 18:01 <REP> dr------- C:\Users\autre\Videos
2008-04-10 18:00 . 2008-04-13 16:17 <REP> dr------- C:\Users\autre\Saved Games
2008-04-10 18:00 . 2008-04-10 18:01 <REP> dr------- C:\Users\autre\Pictures
2008-04-10 18:00 . 2008-04-10 18:01 <REP> dr------- C:\Users\autre\Music
2008-04-10 18:00 . 2008-04-10 18:01 <REP> dr------- C:\Users\autre\Links
2008-04-10 18:00 . 2008-04-13 17:22 <REP> dr------- C:\Users\autre\Downloads
2008-04-10 18:00 . 2008-04-10 18:04 <REP> dr------- C:\Users\autre\Documents
2008-04-10 18:00 . 2008-04-10 18:00 <REP> dr------- C:\Users\autre\Contacts
2008-04-10 18:00 . 2006-11-02 14:35 <REP> d-------- C:\Users\autre\AppData\Roaming\Media Center Programs
2008-04-10 18:00 . 2008-04-10 18:01 <REP> d--h----- C:\Users\autre\AppData
2008-04-10 18:00 . 2008-04-10 18:01 <REP> d-------- C:\Users\autre
2008-04-10 18:00 . 2008-04-10 18:05 524,288 --ahs---- C:\Users\autre\NTUSER.DAT{0f69446d-6a70-11db-8eb3-985e31beb686}.TMContainer00000000000000000002.regtrans-ms
2008-04-10 18:00 . 2008-04-10 18:05 524,288 --ahs---- C:\Users\autre\NTUSER.DAT{0f69446d-6a70-11db-8eb3-985e31beb686}.TMContainer00000000000000000001.regtrans-ms
2008-04-10 18:00 . 2008-04-26 14:34 262,144 --ah----- C:\Users\autre\ntuser.dat.LOG1
2008-04-10 18:00 . 2008-04-10 18:05 65,536 --ahs---- C:\Users\autre\NTUSER.DAT{0f69446d-6a70-11db-8eb3-985e31beb686}.TM.blf
2008-04-10 18:00 . 2008-04-10 18:00 0 --ah----- C:\Users\autre\ntuser.dat.LOG2
2008-04-09 10:09 . 2008-02-15 01:19 944,184 --a------ C:\Windows\System32\winload.exe
2008-04-09 10:09 . 2008-02-19 07:10 620,088 --a------ C:\Windows\System32\ci.dll
2008-04-09 10:09 . 2008-02-29 08:39 371,712 --a------ C:\Windows\System32\srcore.dll
2008-04-09 10:09 . 2008-02-29 08:38 313,856 --a------ C:\Windows\System32\rstrui.exe
2008-04-09 10:09 . 2008-02-29 08:39 40,960 --a------ C:\Windows\System32\srclient.dll
2008-04-09 10:09 . 2008-02-29 08:51 19,000 --a------ C:\Windows\System32\kd1394.dll
2008-04-09 10:09 . 2008-02-29 08:38 16,384 --a------ C:\Windows\System32\srdelayed.exe
2008-04-09 10:09 . 2008-02-29 08:34 7,168 --a------ C:\Windows\System32\f3ahvoas.dll
2008-04-09 10:09 . 2008-02-29 08:35 6,656 --a------ C:\Windows\System32\kbd106n.dll
2008-04-09 10:06 . 2008-02-21 02:53 1,383,424 --a------ C:\Windows\System32\mshtml.tlb
2008-04-09 09:59 . 2008-02-21 06:43 296,448 --a------ C:\Windows\System32\gdi32.dll
2008-04-09 09:58 . 2007-12-16 13:42 83,968 --a------ C:\Windows\System32\dnsrslvr.dll
2008-04-09 09:58 . 2007-12-16 13:41 24,576 --a------ C:\Windows\System32\dnscacheugc.exe
2008-04-02 14:55 . 2008-04-02 14:55 <REP> d-------- C:\Users\fredo\AppData\Roaming\DAEMON Tools
2008-03-27 20:25 . 2008-03-03 15:05 1,086,952 --a------ C:\Windows\System32\zpeng24.dll
2008-03-27 20:25 . 2008-03-03 15:06 279,440 --a------ C:\Windows\System32\drivers\vsdatant.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-26 12:44 352,614 ---ha-w C:\Windows\system32\drivers\vsconfig.xml
2008-04-26 07:11 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-04-23 12:59 --------- d-----w C:\Program Files\eMule
2008-04-23 11:24 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-04-14 08:09 --------- d-----w C:\ProgramData\GamesBar
2008-04-13 16:13 --------- d---a-w C:\ProgramData\TEMP
2008-04-13 15:23 --------- d-----w C:\ProgramData\PlayFirst
2008-04-11 08:26 --------- d-----w C:\Program Files\Windows Mail
2008-04-11 08:24 --------- d-----w C:\ProgramData\Microsoft Help
2008-04-05 12:18 --------- d-----w C:\Program Files\IVCsoft
2008-04-02 13:01 1,711,616 ----a-w C:\Windows\Internet Logs\xDBB90F.tmp
2008-04-02 12:55 717,296 ----a-w C:\Windows\system32\drivers\sptd.sys
2008-03-24 15:36 --------- d-----w C:\Users\fredo\AppData\Roaming\DivX
2008-03-24 15:08 --------- d-----w C:\Program Files\DivX
2008-03-07 17:18 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-03-07 17:14 --------- d-----w C:\Program Files\Windows Live Toolbar
2008-03-06 17:37 --------- d-----w C:\Program Files\Windows Live
2008-03-05 13:46 --------- d-----w C:\Users\paul\AppData\Roaming\Home Sweet Home
2008-03-05 10:57 --------- d-----w C:\ProgramData\WLInstaller
2008-03-05 10:51 --------- d-----w C:\Program Files\Microsoft SQL Server Compact Edition
2008-03-05 10:45 --------- dcsh--w C:\Program Files\Common Files\WindowsLiveInstaller
2008-02-23 20:31 681,472 ----a-w C:\Windows\Internet Logs\xDBBE9C.tmp
2008-02-21 04:43 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
2008-02-13 13:29 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
2008-02-13 13:29 449,536 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-02-13 13:29 2,560 ----a-w C:\Windows\AppPatch\AcRes.dll
2008-02-13 13:29 2,144,256 ----a-w C:\Windows\AppPatch\AcGenral.dll
2008-02-13 13:29 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-02-11 09:16 1,628,160 ----a-w C:\Windows\Internet Logs\xDBC294.tmp
2008-02-02 17:15 2,773,569 ----a-w C:\Windows\Internet Logs\tvDebug.zip
2008-02-01 10:17 587,264 ----a-w C:\Windows\WLXPGSS.SCR
2007-08-30 06:37 174 --sha-w C:\Program Files\desktop.ini
2007-03-24 06:49 2,779,390 ----a-w C:\Users\paul\footmuzik.ZIP
2007-03-06 17:18 16,757,793 ----a-w C:\Users\paul\nasa-world-wind_nasa_world_wind_1.4.0_anglais_14069.exe
2007-03-06 17:01 14,994,144 ----a-w C:\Users\paul\GoogleEarthWin_EARW.exe
2006-08-19 05:20 7,329,304 ----a-w C:\Users\Public\LegoStarWarsII.exe
2007-09-15 15:54 56 --sh--r C:\Windows\System32\622D8D144D.sys
2007-09-15 15:54 1,890 --sha-w C:\Windows\System32\KGyGaAvL.sys
2007-09-02 16:15 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012007090220070903\index.dat
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{AEAFB69D-EDE2-47C8-BDBA-D8938DE059D3}]
C:\Windows\qnmargolewk.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{CE66268D-0208-4D9E-8BC7-12D91072A34D}"= "C:\Windows\dpevflbg.dll" [2008-04-23 14:19 188416]

[HKEY_CLASSES_ROOT\clsid\{ce66268d-0208-4d9e-8bc7-12d91072a34d}]
[HKEY_CLASSES_ROOT\dpevflbg.1]
[HKEY_CLASSES_ROOT\TypeLib\{D9C28083-E28D-4AB3-B109-82758B1B484C}]
[HKEY_CLASSES_ROOT\dpevflbg]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 12:55 5674352]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [ ]
"AlcoholAutomount"="C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" [2007-07-02 12:22 219008]
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2006-11-12 12:48 157592]
"Veoh"="C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" [2008-01-30 14:11 3497984]
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools\daemon.exe" [2006-11-12 12:48 157592]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 14:33 201728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"edvfffoffc"="c:\users\paul\appdata\local\microsoft\edvfffoffc.exe" [ ]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 20:51 39792]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [ ]
"NeroFilterCheck"="C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 16:57 153136]
"NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-20 10:51 1836328]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-09-12 06:28 86016]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-09-12 06:28 8497696]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-09-12 06:28 81920]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [ ]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2008-03-03 15:05 959976]
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2006-11-12 12:48 157592]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"wdpoefan"= {5501E3E1-465D-4E84-962A-9C5C259C2390} - C:\Windows\wdpoefan.dll [2008-04-23 14:19 258048]
"vadokmxt"= {AE5E2CA8-4B41-4A25-8EFF-82AEB28B96C8} - C:\Windows\vadokmxt.dll [ ]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.DIV3"= DivXc32.dll
"vidc.DIV4"= DivXc32f.dll
"msacm.divxa32"= DivXa32.acm
"VIDC.HFYU"= huffyuv.dll

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk]
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Lancement rapide d'Adobe Reader.lnk]
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Outil de mise à jour Google.lnk]
backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--a------ 2002-04-11 08:36 1458448 C:\Program Files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
--a------ 2007-01-19 12:55 5674352 C:\Program Files\MSN Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
--a------ 2007-09-12 06:28 8497696 C:\Windows\system32\NvCpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
--a------ 2007-09-12 06:28 81920 C:\Windows\system32\NvMcTray.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvSvc]
--a------ 2007-09-12 06:28 86016 C:\Windows\system32\nvsvc.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2007-07-12 04:00 132496 C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
--a------ 2007-04-02 17:00 1006264 C:\Program Files\Windows Defender\MSASCui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
--a------ 2006-11-02 14:33 201728 C:\Program Files\Windows Media Player\WMPNSCFG.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{6683FCCC-C7A2-4878-90C2-A94F1C86474C}"= C:\Program Files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)
"TCP Query User{66E0982E-3840-42B0-AA67-D8B7634AD74C}C:\\program files\\emule\\emule.exe"= UDP:C:\program files\emule\emule.exe:eMule
"UDP Query User{39FF1F52-0907-4790-B813-912C6DBC9847}C:\\program files\\emule\\emule.exe"= TCP:C:\program files\emule\emule.exe:eMule
"{9DEECA4B-EF66-4FAD-A875-639817827193}"= TCP:6004|C:\Program Files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"TCP Query User{2AA7AFF7-DBCB-4782-A695-70B04ADD9536}C:\\windows\\explorer.exe"= UDP:C:\windows\explorer.exe:Windows Explorer
"UDP Query User{1FF3BAB2-7DF7-43FC-A13D-2CD28EB80313}C:\\windows\\explorer.exe"= TCP:C:\windows\explorer.exe:Windows Explorer
"TCP Query User{293C7553-456D-4A9C-92AD-64C0EDBCD56D}C:\\program files\\abc\\abc.exe"= UDP:C:\program files\abc\abc.exe:abc
"UDP Query User{11AAA112-8C63-473F-A4AD-00B7665266EB}C:\\program files\\abc\\abc.exe"= TCP:C:\program files\abc\abc.exe:abc
"TCP Query User{ABF4E115-EB48-4A61-BED0-E79601934D52}C:\\program files\\ubisoft\\splinter cell pandora tomorrow\\pandora.exe"= UDP:C:\program files\ubisoft\splinter cell pandora tomorrow\pandora.exeandora
"UDP Query User{90EEFECF-F774-44AC-8049-0610C2ECA226}C:\\program files\\ubisoft\\splinter cell pandora tomorrow\\pandora.exe"= TCP:C:\program files\ubisoft\splinter cell pandora tomorrow\pandora.exeandora
"TCP Query User{A9591C14-B484-43DD-A58C-38226C9595B8}C:\\program files\\ubisoft\\splinter cell pandora tomorrow\\online\\system\\shadowstrike_static_retail.exe"= UDP:C:\program files\ubisoft\splinter cell pandora tomorrow\online\system\shadowstrike_static_retail.exe:shadowstrike_static_retail
"UDP Query User{A59C97B7-B840-4AE0-A421-24EB0F1A0E17}C:\\program files\\ubisoft\\splinter cell pandora tomorrow\\online\\system\\shadowstrike_static_retail.exe"= TCP:C:\program files\ubisoft\splinter cell pandora tomorrow\online\system\shadowstrike_static_retail.exe:shadowstrike_static_retail
"TCP Query User{7234CDB4-9BC7-44B9-8E0B-AA1D62118A27}C:\\program files\\emule\\emule.exe"= UDP:C:\program files\emule\emule.exe:eMule
"UDP Query User{70A97077-228D-44EF-AE7E-1D12CC421228}C:\\program files\\emule\\emule.exe"= TCP:C:\program files\emule\emule.exe:eMule
"TCP Query User{4C57F91C-2B85-4A85-B1A5-6FAF54D54C5E}C:\\program files\\abc\\abc.exe"= UDP:C:\program files\abc\abc.exe:abc
"UDP Query User{036E9CCC-1BC4-4337-BEC7-077AFDCC93DD}C:\\program files\\abc\\abc.exe"= TCP:C:\program files\abc\abc.exe:abc
"TCP Query User{B7D2E62A-6205-43B3-AD75-E4282B6DD891}C:\\program files\\32nd america's cup - demo\\vskac32_demo.exe"= UDP:C:\program files\32nd america's cup - demo\vskac32_demo.exe:VskAC32_Demo
"UDP Query User{360C9DC3-F777-47B6-B954-C32E719B130F}C:\\program files\\32nd america's cup - demo\\vskac32_demo.exe"= TCP:C:\program files\32nd america's cup - demo\vskac32_demo.exe:VskAC32_Demo
"TCP Query User{0B24FB9B-AF6E-46AF-947A-9B5AD87A0BE2}C:\\program files\\electronic arts\\need for speed carbon\\nfsc.exe"= UDP:C:\program files\electronic arts\need for speed carbon\nfsc.exe:NFSC
"UDP Query User{21788F0A-3001-407B-83B0-A2E91884F631}C:\\program files\\electronic arts\\need for speed carbon\\nfsc.exe"= TCP:C:\program files\electronic arts\need for speed carbon\nfsc.exe:NFSC
"{57555DCD-0F71-45CA-88C8-0B8D901AA700}"= C:\Program Files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)
"{DD578FC0-FB1F-4FD6-9199-2221FA1A5160}"= UDP:C:\Program Files\Messenger\msmsgs.exe:Windows Messenger
"{982DCBF1-7F2A-4C8D-9DB6-22E83EC68C6B}"= TCP:C:\Program Files\Messenger\msmsgs.exe:Windows Messenger
"TCP Query User{AF6ABDDD-A264-4B48-AC08-C3DE667E7418}C:\\program files\\ubisoft\\tom clancy's splinter cell double agent\\scda-offline\\system\\splintercell4.exe"= UDP:C:\program files\ubisoft\tom clancy's splinter cell double agent\scda-offline\system\splintercell4.exe:SplinterCell4
"UDP Query User{D2B3D2FA-450A-4A72-A82D-34AF38AD4BE7}C:\\program files\\ubisoft\\tom clancy's splinter cell double agent\\scda-offline\\system\\splintercell4.exe"= TCP:C:\program files\ubisoft\tom clancy's splinter cell double agent\scda-offline\system\splintercell4.exe:SplinterCell4
"{1D9F73F5-780B-44DA-A983-4F1615219181}"= C:\Program Files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)
"TCP Query User{7ADE55AE-3F49-44E2-9854-6F826EFCB332}C:\\typsoft ftp server\\ftpserv.exe"= UDP:C:\typsoft ftp server\ftpserv.exe:TYPSoft FTP Server
"UDP Query User{E6DEB5F3-4086-4729-84FF-42837391236C}C:\\typsoft ftp server\\ftpserv.exe"= TCP:C:\typsoft ftp server\ftpserv.exe:TYPSoft FTP Server
"TCP Query User{6D2C47EF-1CA6-45CB-982D-5953D0F2C076}C:\\program files\\adsltv\\adsltv.exe"= UDP:C:\program files\adsltv\adsltv.exe:adsltv
"UDP Query User{DF1AC20D-BB89-4B0D-BDB1-5086F67CCA95}C:\\program files\\adsltv\\adsltv.exe"= TCP:C:\program files\adsltv\adsltv.exe:adsltv
"TCP Query User{A60687CC-7747-4CA3-B620-6EA540644A75}C:\\program files\\veoh networks\\veoh\\veohclient.exe"= UDP:C:\program files\veoh networks\veoh\veohclient.exe:Veoh Client
"UDP Query User{A7E313D6-FC7F-4E69-ADAA-DC97F0C282AB}C:\\program files\\veoh networks\\veoh\\veohclient.exe"= TCP:C:\program files\veoh networks\veoh\veohclient.exe:Veoh Client
"{FB230512-BDAA-4110-9AFE-4D10579E7B58}"= UDP:19339:BitComet 19339 TCP
"{DC1A6B7F-E5E1-4403-9D27-182A0772FD72}"= TCP:19339:BitComet 19339 UDP
"{806CD8B0-6621-4E7E-BEBA-F4C722F93AEF}"= UDP:C:\Program Files\Winamp Remote\bin\Orb.exerb
"{BD5CD9B4-C2C0-4B77-816F-A553A2D736AE}"= TCP:C:\Program Files\Winamp Remote\bin\Orb.exerb
"{895DCCEF-1742-45B6-B277-BE8A40C3E1E8}"= UDP:C:\Program Files\Winamp Remote\bin\OrbTray.exerbTray
"{7A701332-403D-4F2B-9522-EE31ECA487ED}"= TCP:C:\Program Files\Winamp Remote\bin\OrbTray.exerbTray
"{20C17179-A0AF-495E-AB17-399C13560122}"= UDP:C:\Program Files\Winamp Remote\bin\OrbIR.exerbIR
"{B923A64F-8CA7-4AD2-9100-43EC99B409C4}"= TCP:C:\Program Files\Winamp Remote\bin\OrbIR.exerbIR
"{DB6810CD-825C-4F38-A9D4-6598F38FC774}"= UDP:C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exerb Stream Client
"{1FC6A47B-10D6-4216-AF7E-2506EF8F53DE}"= TCP:C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exerb Stream Client
"{7BB345AA-B8FD-4CDA-85F1-754E42C09F69}"= UDP:19339:BitComet 19339 TCP
"{797E7129-0371-4B48-8B9D-3B93FA7597E3}"= TCP:19339:BitComet 19339 UDP

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"C:\\WINDOWS\\svchost.exe"= C:\WINDOWS\svchost.exe:*:Enabled:svchost

R3 P0630VID;Creative WebCam Live!;C:\Windows\system32\DRIVERS\P0630Vid.sys [2004-07-30 03:55]
S2 r_server;Remote Administrator Service;"C:\windows\svchost.exe" /service []
S3 Boonty Games;Boonty Games;"C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe" [2007-04-06 16:53]
S3 s125bus;Sony Ericsson Device 125 driver (WDM);C:\Windows\system32\DRIVERS\s125bus.sys [2007-04-24 09:33]
S3 s125mdfl;Sony Ericsson Device 125 USB WMC Modem Filter;C:\Windows\system32\DRIVERS\s125mdfl.sys [2007-04-24 09:33]
S3 s125mdm;Sony Ericsson Device 125 USB WMC Modem Driver;C:\Windows\system32\DRIVERS\s125mdm.sys [2007-04-24 09:33]
S3 s125mgmt;Sony Ericsson Device 125 USB WMC Device Management Drivers (WDM);C:\Windows\system32\DRIVERS\s125mgmt.sys [2007-04-24 10:33]
S3 s125obex;Sony Ericsson Device 125 USB WMC OBEX Interface;C:\Windows\system32\DRIVERS\s125obex.sys [2007-04-24 10:33]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{98ebed00-3f75-11dc-a63a-000b6ab65d61}]
\shell\AutoRun\command - F:\autorun\autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ad989396-ca37-11db-a858-806e6f6e6963}]
\shell\AutoRun\command - explorer .

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f51b0150-d5ff-11db-9840-000b6ab65d61}]
\shell\AutoRun\command - G:\LaunchRC.exe

.
Contents of the 'Scheduled Tasks' folder
"2008-04-25 16:00:00 C:\Windows\Tasks\Norton Security Scan.job"
- C:\Program Files\Norton Security Scan\Nss.exe
"2008-04-26 12:50:00 C:\Windows\Tasks\User_Feed_Synchronization-{41A72865-AFB4-4BBA-B0DF-741C21B7FD6B}.job"
- C:\Windows\system32\msfeedssync.exe
"2008-04-25 15:35:26 C:\Windows\Tasks\User_Feed_Synchronization-{73C20C1F-FC60-431F-B678-4E68B0DF191B}.job"
- C:\Windows\system32\msfeedssync.exe
.
**************************************************************************

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-26 14:45:43
Windows 6.0.6000 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 4

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Windows\System32\audiodg.exe
C:\Windows\System32\ZoneLabs\vsmon.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Windows\System32\drivers\CDAC11BA.EXE
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\Windows\System32\conime.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\wbem\unsecapp.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\wbem\WMIADAP.exe
.
**************************************************************************
.
Completion time: 2008-04-26 14:51:32 - machine was rebooted
ComboFix-quarantined-files.txt 2008-04-26 12:51:06

Le texte du message associé au numéro 0x2379 est introuvable dans le fichier de messages pour Application.
Post-Run: 74,995,531,776 octets libres

320 --- E O F --- 2008-04-26 07:31:00
le rapport hijackthis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:54:34, on 26/04/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16643)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\conime.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\System32\rundll32.exe
C:\Windows\Explorer.exe
C:\Windows\system32\notepad.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: DVA Gate - {AEAFB69D-EDE2-47C8-BDBA-D8938DE059D3} - C:\Windows\qnmargolewk.dll (file missing)
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: dpevflbg - {CE66268D-0208-4D9E-8BC7-12D91072A34D} - C:\Windows\dpevflbg.dll
O4 - HKLM\..\Run: [edvfffoffc] c:\users\paul\appdata\local\microsoft\edvfffoffc.exe edvfffoffc
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools\daemon.exe" -autorun
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Contrôleur de calendrier Ulead.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - (no file)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O13 - Gopher Prefix:
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/5 [...] plugin.cab
O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} - http://messenger.zone.msn.com/bina [...] b56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} - http://messenger.zone.msn.com/FR-F [...] E_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/Driv [...] eqlab2.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} - http://a840.g.akamai.net/7/840/537 [...] scan53.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - http://messenger.zone.msn.com/bina [...] b56649.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game08.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ [...] wflash.cab
O21 - SSODL: wdpoefan - {5501E3E1-465D-4E84-962A-9C5C259C2390} - C:\Windows\wdpoefan.dll
O21 - SSODL: vadokmxt - {AE5E2CA8-4B41-4A25-8EFF-82AEB28B96C8} - C:\Windows\vadokmxt.dll (file missing)
O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\Windows\system32\drivers\CDAC11BA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: Remote Administrator Service (r_server) - Unknown owner - C:\windows\svchost.exe (file missing)
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe

--
End of file - 9523 bytes

je sais pas comment vous faite pour déchiffrer sa mais pour moi c'est du charabia. Sinon oui je dispose du cd de windows, faut juste que je recherche sa dans mon foulli

Répondre à calim76560

Re,

Si tu as Vista, fais ceci avant :
Désactive l'UAC ( Menu Démarrer \ Panneau de Configuration \ Comptes d'utilisateurs et protection des utilisateurs \ Comptes d'utilisateurs \ Activer ou désactiver le contrôle des comptes d'utilisateurs \ décoche la case Utiliser le contrôle ... et valide par OK , il te sera demandé de redémarrer, fais le )

Si tu as spybot, ouvre Spybot , clique sur l'onglet Mode et choisis Mode Avancé
Ne tiens pas compte de l'avertissement
En bas à gauche , clique sur Outils
Toujours dans la colonne de gauche , clique sur Résident ( pas dans la fenêtre centrale )
Et décoche l'option Resident "TeaTimer"

Télécharge Navilog (de Il-Mafioso)

Enregistre-le sur ton Bureau.
Installe-le en double cliquant sur navilog.exe.
Une fois l'installation terminée, l'utilitaire s'exécutera automatiquement.
(Si ce n'est pas le cas, double clique sur le raccourci présent sur le Bureau)

Une fois l'installation terminée, fais un clic droit sur le raccourci navilog1 puis choisis "Exécuter en tant qu'administrateur". ( Pour Vista)

Laisse-toi guider par l'utilitaire. Choisis l'option 1 puis valide.
! N'utilise pas l'option 2,3 et 4 sans notre accord !
Patiente jusqu'à l'apparition de ce message :
"*** Analyse Termine le ..... ***"
Appuie sur une touche comme demandé. Le Bloc-notes va s'ouvrir. Poste le rapport ici.

Le rapport se trouve ici :C:\fixnavi.txt

------------------------------ Prière de signaler si vous vous faites déjà aider sur un autre forum ou dans un autre topic.

Sécurité / Prévention
Répondre à Egwene

et voila le rapport :
Search Navipromo version 3.5.5 commencé le 26/04/2008 à 15:20:25,37

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!

Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "fredo"

Mise à jour le 25.04.2008 à 22h00 par IL-MAFIOSO

Microsoft Windows Vista 6.0.6000
Internet Explorer : 7.0.6000.16643
Système de fichiers : NTFS

Executé en mode normal

*** Recherche Programmes installés ***

*** Recherche dossiers dans "C:\Windows" ***

*** Recherche dossiers dans "C:\Program Files" ***

*** Recherche dossiers dans "C:\ProgramData" ***

*** Recherche dossiers dans "c:\progra~2\micros~1\windows\startm~1\programs" ***

*** Recherche dossiers dans "c:\users\fredo\appdata\roaming\micros~1\windows\startm~1\programs" ***

*** Recherche dossiers dans "C:\Users\autre\appdata\roaming\micros~1\windows\startm~1\programs" ***

*** Recherche dossiers dans "C:\Users\Guest\appdata\roaming\micros~1\windows\startm~1\programs" ***

*** Recherche dossiers dans "C:\Users\paul\appdata\roaming\micros~1\windows\startm~1\programs" ***

*** Recherche dossiers dans "C:\Users\fredo\AppData\Local\virtualstore\Program Files" ***

*** Recherche dossiers dans "C:\Users\Guest\AppData\Local\virtualstore\Program Files" ***

*** Recherche dossiers dans "C:\Users\paul\AppData\Local\virtualstore\Program Files" ***

*** Recherche dossiers dans "C:\Users\fredo\AppData\Roaming" ***

*** Recherche dossiers dans "C:\Users\autre\appdata\roaming" ***

*** Recherche dossiers dans "C:\Users\Guest\appdata\roaming" ***

*** Recherche dossiers dans "C:\Users\paul\appdata\roaming" ***

*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net

Aucun Fichier trouvé

*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!

* Recherche dans "C:\Windows\system32" *

* Recherche dans "C:\Users\fredo\AppData\Local\Microsoft" *

* Recherche dans "C:\Users\fredo\AppData\Local" *

* Recherche dans "C:\Users\autre\AppData\Local" *

* Recherche dans "C:\Users\Guest\AppData\Local" *

* Recherche dans "C:\Users\paul\AppData\Local" *

*** Recherche fichiers ***

*** Recherche clés spécifiques dans le Registre ***

*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche nouveaux fichiers Instant Access :

2)Recherche Heuristique :

* Dans "C:\Windows\system32" :

* Dans "C:\Users\fredo\AppData\Local\Microsoft" :

* Dans "C:\Users\fredo\AppData\Local" :

* Dans "C:\Users\autre\AppData\Local" :

* Dans "C:\Users\Guest\AppData\Local" :

* Dans "C:\Users\paul\AppData\Local" :

3)Recherche Certificats :

Certificat Egroup absent !
Certificat Electronic-Group absent !
Certificat OOO-Favorit absent !
Certificat Sunny-Day-Design-Ltd absent !

4)Recherche fichiers connus :

*** Analyse terminée le 26/04/2008 à 15:36:07,79 ***

Répondre à calim76560

:hello:

Désactive toute protection résidente ( antivirus…) !

Copie le texte se situant dans le cadre ci-dessous, sans le mot citation :

Citation :

Driver::
Boonty Games
r_server

File::
C:\Windows\System32\euynrgux.ini
C:\Windows\System32\qgfqwrvi.ini
C:\Windows\System32\bauxkorq.ini
C:\Windows\wdpoefan.dll
C:\Windows\dpevflbg.dll
C:\Windows\olgdqarf.exe
C:\Windows\Internet Logs\xDBB90F.tmp
C:\Windows\Internet Logs\xDBBE9C.tmp
C:\Windows\Internet Logs\xDBC294.tmp
C:\Windows\System32\622D8D144D.sys
c:\users\paul\appdata\local\microsoft\edvfffoffc.exe

Folder::
C:\ProgramData\GamesBar
C:\Program Files\Common Files\BOONTY Shared\

Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{AEAFB69D-EDE2-47C8-BDBA-D8938DE059D3}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"edvfffoffc"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{CE66268D-0208-4D9E-8BC7-12D91072A34D}"=-
[-HKEY_CLASSES_ROOT\clsid\{ce66268d-0208-4d9e-8bc7-12d91072a34d}]
[-HKEY_CLASSES_ROOT\dpevflbg.1]
[-HKEY_CLASSES_ROOT\TypeLib\{D9C28083-E28D-4AB3-B109-82758B1B484C}]
[-HKEY_CLASSES_ROOT\dpevflbg]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"wdpoefan"=-
"vadokmxt"=-

Ouvre le Bloc-Notes puis colle le texte copié.
(Démarrer\Tous les programmes\Accessoires\Bloc notes.)
Sauvegarde ce fichier sous le nom de CFScript.txt.

Glisse maintenant le fichier ComboFix-Do.txt dans Combofix.exe comme ci-dessous :

Cela va relancer Combofix, tape sur 1 puis valide. Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un nouveau rapport Hijackthis.
S'il n'y a pas de redémarrage, poste quand même les rapports.

Message édité par Egwene le 26-04-2008 à 18:27:04

------------------------------ Prière de signaler si vous vous faites déjà aider sur un autre forum ou dans un autre topic.

Sécurité / Prévention
Répondre à Egwene

avant de continuer, j'aimerais savoir si un formatage de l'ordinateur via mon CD windows pourrait résoudre mon problème.
je n'ais pas de rapport combafix car l'ordinateur a redemarrer anormalement. Voici le hijackthis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:03, on 2008-04-26
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16643)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\rundll32.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\rundll32.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\BitComet\BitComet.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools\daemon.exe" -autorun
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Contrôleur de calendrier Ulead.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - (no file)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O13 - Gopher Prefix:
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/5 [...] plugin.cab
O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} - http://messenger.zone.msn.com/bina [...] b56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} - http://messenger.zone.msn.com/FR-F [...] E_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/Driv [...] eqlab2.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} - http://a840.g.akamai.net/7/840/537 [...] scan53.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - http://messenger.zone.msn.com/bina [...] b56649.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game08.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ [...] wflash.cab
O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\Windows\system32\drivers\CDAC11BA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe

--
End of file - 8675 bytes

Répondre à calim76560

Re,

Le formatage est la solution radicale. Seulement, maintenant que j'ai passé du temps avec toi, si tu formates, tout ce que j'ai fait avec toi = pertes de temps.

D'autant plus qu'on a fait le plus dur. A toi de voir, mais le formatage est plus que superflu.

J'attends une réponse de ta part avant de continuer car si tu comptes formater, inutile que je perde mon temps

Sinon le rapport de combofix devrait se trouver ici : C:\Combofix.txt

------------------------------ Prière de signaler si vous vous faites déjà aider sur un autre forum ou dans un autre topic.

Sécurité / Prévention
Répondre à Egwene

inutile de formater si cela est bientot terminé. J'oubli le formatage (et sa m'arrange).
Je n'ai pas le rapport combofix a l'emplacement indiqué.
Faut-il que je le relance?

Répondre à calim76560

Re,

Télécharge Deckard's System Scanner (DSS) (ou DSS) sur ton Bureau.
NB : Tu dois être connecté avec des droits d'Administrateur.

ferme toutes les applications et fenêtres
double-clique sur dss.exe pour le lancer et suis les instructions ci-dessous

Attention, il est conseillé de stopper temporairement les logiciels résidents de protection (pare-feu, antivirus, etc.)

s'il s'agit d'une première utilisation ou d'une nouvelle version de DSS :
tu devras cliquer 2 fois sur le OK des boîtes de dialogue

Attention, si tu tardes trop, la réponse Abandon sera automatiquement validée

quand le traitement est terminé (clique sur OK), deux fichiers texte s'affichent :

main.txt <- ouvert en premier plan et en plein écran
extra.txt <- ouvert en second plan et en fenêtré (regarde la barre des taches)
S'il s'agit d'une utilisation supplémentaire de DSS :

tu n'auras pas de boîte de dialogue (pas de OK)
quand le traitement est terminé, un fichier texte s'affiche :

main.txt <- ouvert en premier plan et en plein écran

copie (Ctrl+A puis Ctrl+C) et colle (Ctrl+V) le contenu de main.txt dans ton prochain post
copie de même le contenu de extra.txt dans ton prochain post, si tu as ce fichier (première utilisation)
n'oublie pas de réactiver les protections si elles ont été stoppées.

Ce que fait DSS :

crée un point de restauration dans Windows XP et Vista
nettoie les fichiers temporaires, DPF-Downloaded Program Files et le Cache Internet, vide la Corbeille de tous les lecteurs
vérifie quelques zones importantes de ton système et établit un rapport pour examen par ton conseiller en sécurité. DSS lance automatiquement HijackThis pour toi; il va aussi créer un raccourci HijackThis sur ton Bureau si tu n'as pas déjà HijackThis d'installé.

------------------------------ Prière de signaler si vous vous faites déjà aider sur un autre forum ou dans un autre topic.

Sécurité / Prévention
Répondre à Egwene

le rapport main:
Deckard's System Scanner v20071014.68
Run by fredo on 2008-04-26 19:59:08
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- Last 3 Restore Point(s) --
3: 2008-04-26 16:39:19 UTC - RP590 - ComboFix created restore point
2: 2008-04-26 15:19:50 UTC - RP589 - Installed VeohTV BETA
1: 2008-04-26 15:04:34 UTC - RP587 - Last known good configuration

Backed up registry hives.
Performed disk cleanup.

[color=red]Total Physical Memory: 1021 MiB (1024 MiB recommended).[/color]

-- HijackThis (run as fredo.exe) -----------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:01, on 2008-04-26
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16643)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\rundll32.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\BitComet\BitComet.exe
C:\Users\fredo\Desktop\dss.exe
C:\Windows\system32\conime.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\fredo.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools\daemon.exe" -autorun
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Contrôleur de calendrier Ulead.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - (no file)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O13 - Gopher Prefix:
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/5 [...] plugin.cab
O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} - http://messenger.zone.msn.com/bina [...] b56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} - http://messenger.zone.msn.com/FR-F [...] E_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/Driv [...] eqlab2.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} - http://a840.g.akamai.net/7/840/537 [...] scan53.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - http://messenger.zone.msn.com/bina [...] b56649.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game08.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ [...] wflash.cab
O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\Windows\system32\drivers\CDAC11BA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe

--
End of file - 8460 bytes

-- File Associations -----------------------------------------------------------

[COLOR=red].cpl - cplfile - shell\cplopen\command - rundll32.exe shell32.dll,Control_RunDLL "%1",%*[/COLOR]

-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R2 CdaC15BA - \??\c:\windows\system32\drivers\cdac15ba.sys

S3 pcouffin (VSO Software pcouffin) - c:\windows\system32\drivers\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>

-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 C-DillaCdaC11BA - c:\windows\system32\drivers\cdac11ba.exe <Not Verified; Macrovision; SafeCast Windows NT>
R2 Nero BackItUp Scheduler 3 - c:\program files\nero\nero8\nero backitup\nbservice.exe
R2 StarWindServiceAE (StarWind AE Service) - c:\program files\alcohol soft\alcohol 120\starwind\starwindserviceae.exe <Not Verified; Rocket Division Software; StarWind Alcohol Edition>

-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.

-- Scheduled Tasks -------------------------------------------------------------

2008-04-26 20:01:00 416 --ah----- C:\Windows\Tasks\User_Feed_Synchronization-{73C20C1F-FC60-431F-B678-4E68B0DF191B}.job
2008-04-26 20:00:51 416 --ah----- C:\Windows\Tasks\User_Feed_Synchronization-{41A72865-AFB4-4BBA-B0DF-741C21B7FD6B}.job
2008-04-25 18:00:00 408 --a------ C:\Windows\Tasks\Norton Security Scan.job

-- Files created between 2008-03-26 and 2008-04-26 -----------------------------

2008-04-26 17:32:52 0 d-------- C:\Windows\nvtmpinst
2008-04-26 16:52:30 0 d-------- C:\Program Files\LucasArts
2008-04-26 15:19:40 0 d-------- C:\Program Files\Navilog1
2008-04-26 14:51:37 53248 --a------ C:\Windows\PSEXESVC.EXE <Not Verified; Sysinternals; Sysinternals PsExec>
2008-04-26 14:33:44 68096 --a------ C:\Windows\zip.exe
2008-04-26 14:33:44 49152 --a------ C:\Windows\VFind.exe
2008-04-26 14:33:44 212480 --a------ C:\Windows\swxcacls.exe <Not Verified; SteelWerX; SteelWerX Extended Configurator ACLists>
2008-04-26 14:33:44 136704 --a------ C:\Windows\swsc.exe <Not Verified; SteelWerX; SteelWerX Service Controller>
2008-04-26 14:33:44 161792 --a------ C:\Windows\swreg.exe <Not Verified; SteelWerX; SteelWerX Registry Editor>
2008-04-26 14:33:44 98816 --a------ C:\Windows\sed.exe
2008-04-26 14:33:44 80412 --a------ C:\Windows\grep.exe
2008-04-26 14:33:44 73728 --a------ C:\Windows\fdsv.exe <Not Verified; Smallfrogs Studio; >
2008-04-25 19:34:16 0 d-------- C:\Program Files\Trend Micro
2008-04-24 20:11:02 0 d-------- C:\Program Files\Norton Security Scan
2008-04-24 18:25:19 0 d-------- C:\Windows\system32\Kaspersky Lab
2008-04-22 21:02:02 0 d-------- C:\Program Files\CASIO
2008-04-19 11:13:20 0 d-------- C:\Program Files\DAEMON Tools
2008-04-18 22:07:08 0 d-------- C:\Users\All Users\Avira
2008-04-10 18:01:11 0 dr------- C:\Users\autre\Searches
2008-04-10 18:00:57 0 dr------- C:\Users\autre\Contacts
2008-04-10 18:00:37 0 d--hs---- C:\Users\autre\Templates
2008-04-10 18:00:37 0 d--hs---- C:\Users\autre\Start Menu
2008-04-10 18:00:37 0 d--hs---- C:\Users\autre\SendTo
2008-04-10 18:00:37 0 d--hs---- C:\Users\autre\Recent
2008-04-10 18:00:37 0 d--hs---- C:\Users\autre\PrintHood
2008-04-10 18:00:37 0 d--hs---- C:\Users\autre\NetHood
2008-04-10 18:00:37 0 d--hs---- C:\Users\autre\My Documents
2008-04-10 18:00:37 0 d--hs---- C:\Users\autre\Local Settings
2008-04-10 18:00:37 0 d--hs---- C:\Users\autre\Cookies
2008-04-10 18:00:37 0 d--hs---- C:\Users\autre\Application Data
2008-04-10 18:00:32 0 dr------- C:\Users\autre\Videos
2008-04-10 18:00:32 0 dr------- C:\Users\autre\Saved Games
2008-04-10 18:00:32 0 dr------- C:\Users\autre\Pictures
2008-04-10 18:00:32 1048576 --ahs---- C:\Users\autre\NTUSER.DAT
2008-04-10 18:00:32 0 dr------- C:\Users\autre\Music
2008-04-10 18:00:32 0 dr------- C:\Users\autre\Links
2008-04-10 18:00:32 0 dr------- C:\Users\autre\Favorites
2008-04-10 18:00:32 0 dr------- C:\Users\autre\Downloads
2008-04-10 18:00:32 0 dr------- C:\Users\autre\Documents
2008-04-10 18:00:32 0 dr------- C:\Users\autre\Desktop
2008-04-10 18:00:32 0 d--h----- C:\Users\autre\AppData

-- Find3M Report ---------------------------------------------------------------

2008-04-26 18:55:17 700860 --a------ C:\Windows\system32\perfh00C.dat
2008-04-26 18:55:17 122212 --a------ C:\Windows\system32\perfc00C.dat
2008-04-26 18:46:54 12 --a------ C:\Windows\bthservsdp.dat
2008-04-26 18:41:11 0 d-------- C:\Program Files\Common Files
2008-04-26 17:26:03 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-04-26 17:18:39 43520 --a------ C:\Windows\system32\CmdLineExt03.dll
2008-04-26 09:11:14 0 d-------- C:\Program Files\Common Files\Symantec Shared
2008-04-25 19:46:25 0 d-------- C:\Users\fredo\AppData\Roaming\Download Manager
2008-04-23 14:59:08 0 d-------- C:\Program Files\eMule
2008-04-11 10:26:25 0 d-------- C:\Program Files\Windows Mail
2008-04-10 18:01:06 0 d-------- C:\Program Files\Messenger
2008-04-05 14:18:31 0 d-------- C:\Program Files\IVCsoft
2008-04-02 14:55:02 0 d-------- C:\Users\fredo\AppData\Roaming\DAEMON Tools
2008-03-24 17:36:55 0 d-------- C:\Users\fredo\AppData\Roaming\DivX
2008-03-24 17:08:08 0 d-------- C:\Program Files\DivX
2008-03-07 19:18:55 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-03-07 19:14:09 0 d-------- C:\Program Files\Windows Live Toolbar
2008-03-06 19:37:22 0 d-------- C:\Program Files\Windows Live
2008-03-05 12:51:11 0 d-------- C:\Program Files\Microsoft SQL Server Compact Edition
2008-03-05 12:45:04 0 d--hs--c- C:\Program Files\Common Files\WindowsLiveInstaller
2008-02-21 04:05:44 3596288 --a------ C:\Windows\system32\qt-dx331.dll
2008-02-21 04:04:16 196608 --a------ C:\Windows\system32\dtu100.dll <Not Verified; DivX, Inc.; DivX, Inc. dtu100>
2008-02-21 04:04:16 81920 --a------ C:\Windows\system32\dpl100.dll <Not Verified; DivX, Inc.; DivX, Inc. dpl100>
2008-02-21 04:04:04 802816 --a------ C:\Windows\system32\divx_xx11.dll <Not Verified; DivX, Inc.; DivX?>
2008-02-21 04:04:04 823296 --a------ C:\Windows\system32\divx_xx0c.dll <Not Verified; DivX, Inc.; DivX®>
2008-02-21 04:04:04 823296 --a------ C:\Windows\system32\divx_xx07.dll <Not Verified; DivX, Inc.; DivX®>
2008-02-21 04:04:04 682496 --a------ C:\Windows\system32\DivX.dll <Not Verified; DivX, Inc.; DivX®>
2008-02-21 04:03:24 12288 --a------ C:\Windows\system32\DivXWMPExtType.dll
2008-02-01 12:17:40 587264 --a------ C:\Windows\WLXPGSS.SCR <Not Verified; Microsoft Corporation; Galerie de photos Windows Live>

-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 20:51]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" []
"NeroFilterCheck"="C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 16:57]
"NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-20 10:51]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-04-12 17:07]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-04-12 17:07]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-04-12 17:07]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" []
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2008-03-03 15:05]
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2006-11-12 12:48]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 12:55]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" []
"AlcoholAutomount"="C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" [2007-07-02 12:22]
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2006-11-12 12:48]
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools\daemon.exe" [2006-11-12 12:48]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 14:33]
"Veoh"="C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" [2008-04-01 18:35]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Contr“leur de calendrier Ulead.lnk - C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe [2008-02-13 14:37:02]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"=2 (0x2)
"EnableLUA"=0 (0x0)
"DisableRegistryTools"=0 (0x0)
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=1 (0x1)
"HideStartupScripts"=0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=1 (0x1)
"HideStartupScripts"=0 (0x0)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{E3D5CAF1-2707-40FB-8713-6B4F72E973F8}"= C:\Windows\system32\ssqQkLed.dll [ ]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSEXESVC]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
@="IEEE 1394 Bus host controllers"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
@="SBP2 IEEE 1394 Devices"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
@="SecurityDevices"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk]
backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Lancement rapide d'Adobe Reader.lnk]
backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Outil de mise à jour Google.lnk]
backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
"C:\Program Files\Messenger\msmsgs.exe" /background

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
"C:\Program Files\MSN Messenger\msnmsgr.exe" /background

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvSvc]
RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\QuickTime\qttask.exe" -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
"C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
%ProgramFiles%\Windows Defender\MSASCui.exe -hide

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
C:\Program Files\Windows Media Player\WMPNSCFG.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs BthServ

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{98ebed00-3f75-11dc-a63a-000b6ab65d61}]
AutoRun\command- F:\autorun\autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ad989396-ca37-11db-a858-806e6f6e6963}]
AutoRun\command- explorer .

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f51b0150-d5ff-11db-9840-000b6ab65d61}]
AutoRun\command- G:\LaunchRC.exe

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
C:\Windows\system32\unregmp2.exe /ShowWMP

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
%SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI

-- End of Deckard's System Scanner: finished at 2008-04-26 20:05:17 ------------

le second rapport:
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft® Windows Vista™ Édition Intégrale (build 6000)
Architecture: X86; Language: English

CPU 0: Intel(R) Celeron(R) CPU 2.66GHz
Percentage of Memory in Use: 46%
Physical Memory (total/avail): 1020.78 MiB / 548.61 MiB
Pagefile Memory (total/avail): 2284.82 MiB / 1566.19 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1906.54 MiB

C: is Fixed (NTFS) - 114.48 GiB total, 71.38 GiB free.
D: is CDROM (No Media)
E: is CDROM (No Media)
F: is CDROM (No Media)
G: is CDROM (CDFS)

\\.\PHYSICALDRIVE0 - Maxtor 6 Maxtor 6Y120M0 SCSI Disk Device - 114.49 GiB - 1 partition
\PARTITION0 (bootable) - Système de fichiers installable - 114.48 GiB - C:

-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is disabled.

FW: ZoneAlarm Firewall v7.1.254.000 (Check Point, LTD.) [COLOR=RED]Disabled[/COLOR]
AV: Avira AntiVir PersonalEdition v8.0.1.15 (Avira GmbH)
AS: Avira AntiVir PersonalEdition v 7.0.0.2
(Avira GmbH) [COLOR=RED]Outdated[/COLOR]
AS: Windows Defender v1.1.1505.0 (Microsoft Corporation)

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\\WINDOWS\\svchost.exe"="C:\\WINDOWS\\svchost.exe:*:Enabled:svchost"

-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\ProgramData
APPDATA=C:\Users\fredo\AppData\Roaming
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=FRED-PC
ComSpec=C:\Windows\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Users\fredo
LOCALAPPDATA=C:\Users\fredo\AppData\Local
LOGONSERVER=\\FRED-PC
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 3 Stepping 4, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0304
ProgramData=C:\ProgramData
ProgramFiles=C:\Program Files
PROMPT=$P$G
PUBLIC=C:\Users\Public
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\Windows
TEMP=C:\Users\fredo\AppData\Local\Temp
TMP=C:\Users\fredo\AppData\Local\Temp
tvdumpflags=8
USERDOMAIN=fred-PC
USERNAME=fredo
USERPROFILE=C:\Users\fredo
windir=C:\Windows

-- User Profiles ---------------------------------------------------------------

paul [I](admin)[/I]
fredo [I](admin)[/I]
autre [I](admin)[/I]
Guest [I](guest)[/I]

-- Add/Remove Programs ---------------------------------------------------------

--> C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
--> C:\Program Files\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL
--> C:\Windows\UNNeroBackItUp.exe /UNINSTALL
--> C:\Windows\UNNeroMediaHome.exe /UNINSTALL
--> C:\Windows\UNNeroShowTime.exe /UNINSTALL
--> C:\Windows\UNNeroVision.exe /UNINSTALL
--> C:\Windows\UNRecode.exe /UNINSTALL
AC3Filter (remove only) --> C:\Program Files\AC3Filter\uninstall.exe
Ad-Aware 2007 --> MsiExec.exe /X{0E6AB9FC-76C2-431B-9C06-6C1CFFFEA8EB}
Adobe Acrobat 4.0 --> C:\WINDOWS\ISUN040C.EXE -f"C:\Program Files\Common Files\Adobe\Acrobat 4.0\NT\Uninst.isu" -c"C:\Program Files\Common Files\Adobe\Acrobat 4.0\NT\Uninst.dll"
Adobe Flash Player ActiveX --> C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 8.1.1 - Français --> MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81000000003}
Adobe Shockwave Player --> C:\Windows\System32\Macromed\SHOCKW~1\UNWISE.EXE C:\Windows\System32\Macromed\SHOCKW~1\Install.log
Assistant de connexion Windows Live --> MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
BitComet 0.91 --> C:\Program Files\BitComet\uninst.exe
Casio Graph Trainer --> C:\Windows\IsUn040c.exe -f"C:\Program Files\Noblet\Casio Graph Trainer\Uninst.isu"
Creative WebCam Live! Driver (1.01.01.0730) --> C:\Windows\CtDrvIns.exe -uninstall -script Pd0630.uns -unsext NT -plugin P0630Pin.dll -pluginres P0630Pin.crl
Disc2Phone --> MsiExec.exe /I{FFAB5ABB-8AAB-42E2-847F-1743E51E01E9}
DivX Codec --> C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Content Uploader --> C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
DivX Converter --> C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player --> C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player --> C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
DivxToDVD 0.5.2 --> "C:\Program Files\vso\DivxToDVD\unins000.exe"
EAX4 Unified Redist --> MsiExec.exe /X{89661B04-C646-4412-B6D3-5E19F02F1F37}
eMule --> "C:\Program Files\eMule\Uninstall.exe"
Favorit --> c:\users\paul\appdata\local\laecxc.bat
Fx-Interface 1.9.6 --> "C:\Program Files\CASIO\Fx-Interface\unins000.exe"
Galerie de photos Windows Live --> MsiExec.exe /X{A70FA218-6598-4AC9-813D-63597C5DD068}
GameShadow --> MsiExec.exe /I{F7C1C17E-70E3-475F-BD52-EA554391F15D}
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Java(TM) 6 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java(TM) SE Runtime Environment 6 Update 1 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
Kaspersky Online Scanner --> C:\Windows\system32\KASPER~1\KASPER~1\kavuninstall.exe
Microsoft .NET Framework 1.1 --> msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1 --> MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1 Hotfix (KB929729) --> "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\M929729\M929729Uninstall.msp"
Microsoft Office Access MUI (French) 2007 --> MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
Microsoft Office Excel MUI (French) 2007 --> MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (French) 2007 --> MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}
Microsoft Office Outlook MUI (French) 2007 --> MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007 --> MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office Professional Plus 2007 --> "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Professional Plus 2007 --> MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007 --> MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007 --> MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007 --> MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007 --> MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007 --> MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007 --> MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007 --> MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Publisher MUI (French) 2007 --> MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007 --> MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007 --> MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft SQL Server 2005 Compact Edition [ENU] --> MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
MSXML 4.0 SP2 (KB927978) --> MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181) --> MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833) --> MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
Navilog1 3.5.5 --> "C:\Program Files\Navilog1\unins000.exe"
Nero 8 Demo --> MsiExec.exe /X{5E6EC4DD-7B1F-4E10-82B9-EA1B90791036}
neroxml --> MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Norton Security Scan --> MsiExec.exe /I{1A8A214F-6BAC-4E01-A27D-25C19A484908}
NVIDIA Drivers --> C:\Windows\system32\NVUNINST.EXE UninstallGUI
OtsTurntables Free 1.00.012 --> "C:\Windows\OTS_UI.EXE" "C:\OtsLabs\OTSTT.osi"
PhotoFiltre Studio --> "C:\Program Files\PhotoFiltre Studio\Uninst.exe"
Quick Zip 4.60.017b --> "C:\Program Files\QuickZip4\unins000.exe"
QuickTime --> C:\Windows\unvise32qt.exe C:\Windows\system32\QuickTime\Uninstall.log
Regressi --> MsiExec.exe /I{E2E164AB-1367-488F-8F1F-BA312DB2FF18}
SafeCast Shared Components --> C:\Program Files\Common Files\Macrovision Shared\SafeCast\Install\CDAC13BA.EXE /uninstall
SAMSUNG CDMA Modem Driver Set --> C:\Windows\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe
SAMSUNG Mobile USB Modem 1.0 Software --> C:\Windows\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe
SAMSUNG Mobile USB Modem Software --> C:\Windows\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe
Security Update for Excel 2007 (KB946974) --> msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {85E83E2E-AF9B-439B-B4F9-EB9B7EF6A00E}
Security Update for Office 2007 (KB934062) --> msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {305D509B-F194-4638-9F0F-D9E4C05F9D33}
Security Update for Office 2007 (KB947801) --> msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {02B5A17B-01BE-4BA6-95F1-1CBB46EBC76E}
Security Update for Outlook 2007 (KB946983) --> msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {66B9496E-C0C3-4065-9868-85CCA92126C3}
Security Update for Publisher 2007 (KB936646) --> msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {A32E4BAF-6477-45FA-B8AB-E743FA8D63FF}
Security Update for the 2007 Microsoft Office System (KB936960) --> msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {5E5BD655-7AA9-47F9-BB6D-A1D8CE29AC86}
Security Update for Visio 2007 (KB947590) --> msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {6BAD036C-261F-4BEF-96CF-C20678D07A41}
Star Wars Republic Commando --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DFAE9340-E8BB-4433-9A08-C8334DAFE1B9}\Setup.exe" -l0x9
System Requirements Lab --> C:\Program Files\SystemRequirementsLab\Uninstall.exe
TuxGuitar --> CProgram Files/tuxguitar-0.9.1/uninstall.exe
Ulead Photo Express 4.0 SE --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BBC0D330-C37B-4472-BFB9-AA217CF0C95F}\setup.exe" -l0x40c
Uninstall Digital Video Camera Drivers --> "C:\Program Files\JL2005D\unins000.exe"
Update for Office 2007 (KB932080) --> msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {EDC9CA29-6BC1-471C-828C-7A36109005D7}
Update for Office 2007 (KB934391) --> msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {B3091818-7C56-4C45-BE7D-CA23027A5EA5}
Update for Office 2007 (KB934393) --> msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {92FBAD46-E7F6-49FA-89B5-C39FC5BFAD15}
Update for Outlook 2007 Junk Email Filter (kb949037) --> msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {B4F188C6-6DBF-42A5-A8A3-3086D1A384F2}
Update for Word 2007 (KB934173) --> msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {C6A89125-5473-45E3-B413-ED8186437475}
VCRedistSetup --> MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
VeohTV BETA --> C:\Program Files\InstallShield Installation Information\{0405E51E-9582-4207-8F38-AC44201D3808}\setup.exe -runfromtemp -l0x0409
VideoLAN VLC media player 0.8.6c --> C:\Program Files\VideoLAN\VLC\uninstall.exe
Vodafone WCDMA Composite Device Drive Software --> C:\Windows\system32\Samsung_USB_Drivers\4\SSVDUninstall.exe
Winamp --> "C:\Program Files\Winamp\UninstWA.exe"
Windows Live installer --> MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
Windows Live Mail --> MsiExec.exe /I{C514C594-23AA-4F13-A070-DB8BDB27594F}
Windows Live Messenger --> MsiExec.exe /I{F6326B60-1B1D-4ABF-BFCD-7B7404F44411}
Windows Live OneCare safety scanner --> MsiExec.exe /X{FE0646A7-19D0-41B4-A2BB-2C35D644270D}
Windows Live Writer --> MsiExec.exe /X{3DFF4274-EBB0-4356-9692-972965018954}
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
ZoneAlarm --> C:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe

-- Application Event Log -------------------------------------------------------

Event Record #/Type39914 / Success
Event Submitted/Written: 04/26/2008 07:08:19 PM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.

Event Record #/Type39911 / Success
Event Submitted/Written: 04/26/2008 06:59:10 PM
Event ID/Source: 902 / Software Licensing Service
Event Description:
Le service de gestion des licences du logiciel a démarré.

Event Record #/Type39905 / Success
Event Submitted/Written: 04/26/2008 06:58:11 PM
Event ID/Source: 5617 / WinMgmt
Event Description:

Event Record #/Type39904 / Success
Event Submitted/Written: 04/26/2008 06:58:07 PM
Event ID/Source: 5615 / WinMgmt
Event Description:

Event Record #/Type39889 / Success
Event Submitted/Written: 04/26/2008 06:49:02 PM
Event ID/Source: 5617 / WinMgmt
Event Description:

-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.

-- System Event Log ------------------------------------------------------------

Event Record #/Type107271 / Warning
Event Submitted/Written: 04/26/2008 07:45:33 PM
Event ID/Source: 4226 / Tcpip
Event Description:
TCP/IP a atteint la limite de sécurité imposée sur le nombre de tentatives de connexion TCP simultanées.

Event Record #/Type107270 / Warning
Event Submitted/Written: 04/26/2008 07:29:23 PM
Event ID/Source: 4226 / Tcpip
Event Description:
TCP/IP a atteint la limite de sécurité imposée sur le nombre de tentatives de connexion TCP simultanées.

Event Record #/Type107268 / Warning
Event Submitted/Written: 04/26/2008 07:19:53 PM
Event ID/Source: 4226 / Tcpip
Event Description:
TCP/IP a atteint la limite de sécurité imposée sur le nombre de tentatives de connexion TCP simultanées.

Event Record #/Type107254 / Warning
Event Submitted/Written: 04/26/2008 06:59:21 PM
Event ID/Source: 4226 / Tcpip
Event Description:
TCP/IP a atteint la limite de sécurité imposée sur le nombre de tentatives de connexion TCP simultanées.

Event Record #/Type107175 / Error
Event Submitted/Written: 04/26/2008 06:57:20 PM
Event ID/Source: 6008 / EventLog
Event Description:
L'arrêt système précédant à 18:55:17 le 26/04/2008 n'était pas prévu.

-- End of Deckard's System Scanner: finished at 2008-04-26 20:05:17 ------------

Répondre à calim76560

:hello:

1) Désactive toute protection résidente ( antivirus…) !

Copie le texte se situant dans le cadre ci-dessous, sans le mot citation :

Citation :

File::
C:\Windows\PSEXESVC.EXE
C:\Windows\system32\ssqQkLed.dll

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{E3D5CAF1-2707-40FB-8713-6B4F72E973F8}"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSEXESVC]

Clique sur Parcourir
Rends toi jusque sur ce fichier si tu le trouves :

C:\Windows\swxcacls.exe

Clique sur Envoyer le fichier et laisse travailler tant que "Situation actuelle : en cours d'analyse" est affiché.
Il est possible que le fichier soit mis en file d'attente en raison d'un grand nombre de demandes d'analyses. En ce cas, il te faudra patienter sans actualiser la page.
Lorsque l'analyse est terminée ("Situation actuelle: terminé" ), clique sur Formaté
Une nouvelle fenêtre de ton navigateur va apparaître
Clique alors sur cette image :
Fais un clic droit sur la page, et choisis Sélectionner tout, puis copier
Enfin colle le résultat dans ta prochaine réponse.

Note : Peu importe le résultat, il est important de me communiquer le résultat de toute l'analyse.
Il est possible que tes outils de sécurité réagissent à l'envoi du fichier, en ce cas il te faudra ignorer les alertes.

Message édité par Egwene le 26-04-2008 à 21:09:08

------------------------------ Prière de signaler si vous vous faites déjà aider sur un autre forum ou dans un autre topic.

Sécurité / Prévention
Répondre à Egwene

rapport combofix:
ComboFix 08-04-24.1 - fredo 2008-04-26 21:28:55.3 - NTFSx86
Microsoft® Windows Vista™ Édition Intégrale 6.0.6000.0.1252.1.1033.18.479 [GMT 2:00]
Running from: C:\Users\fredo\Desktop\ComboFix.exe
Command switches used :: C:\Users\fredo\Desktop\CFScript.txt
* Created a new restore point

FILE ::
C:\Windows\PSEXESVC.EXE
C:\Windows\system32\ssqQkLed.dll
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Windows\PSEXESVC.EXE
.
---- Previous Run -------
.
C:\Program Files\Common Files\BOONTY Shared\
C:\Program Files\Common Files\BOONTY Shared\\Service\Boonty.exe
C:\ProgramData\GamesBar
C:\Windows\dpevflbg.dll
C:\Windows\Internet Logs\xDBB90F.tmp
C:\Windows\Internet Logs\xDBBE9C.tmp
C:\Windows\Internet Logs\xDBC294.tmp
C:\Windows\olgdqarf.exe
C:\Windows\System32\622D8D144D.sys
C:\Windows\System32\AyJRAJjl.ini
C:\Windows\System32\AyJRAJjl.ini2
C:\Windows\System32\bauxkorq.ini
C:\Windows\System32\euynrgux.ini
C:\Windows\System32\lbnvkjnw.ini
C:\Windows\system32\ljJARJyA.dll
C:\Windows\system32\lrwmmbvk.dll
C:\Windows\system32\mnxmymqy.dll
C:\Windows\System32\qgfqwrvi.ini
C:\Windows\system32\ssqQkLed.dll
C:\Windows\system32\wnjkvnbl.dll
C:\Windows\wdpoefan.dll

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_BOONTY_GAMES
-------\Service_Boonty Games
-------\Service_r_server

((((((((((((((((((((((((( Files Created from 2008-03-26 to 2008-04-26 )))))))))))))))))))))))))))))))
.

2008-04-26 19:59 . 2008-04-26 19:59 <REP> d-------- C:\Deckard
2008-04-26 17:32 . 2008-04-26 17:33 <REP> d-------- C:\Windows\nvtmpinst
2008-04-26 16:52 . 2008-04-26 16:52 <REP> d-------- C:\Program Files\LucasArts
2008-04-26 15:19 . 2008-04-26 15:36 <REP> d-------- C:\Program Files\Navilog1
2008-04-26 15:18 . 2008-04-26 15:18 <REP> d-------- C:\Program Files\Spybot - Search & Destroy
2008-04-26 14:11 . 2008-04-26 14:11 1,017 --a------ C:\Windows\ST5UNST.000
2008-04-25 19:46 . 2008-04-25 19:46 <REP> d-------- C:\Users\fredo\AppData\Roaming\Download Manager
2008-04-25 19:34 . 2008-04-25 19:34 <REP> d-------- C:\Program Files\Trend Micro
2008-04-24 20:11 . 2008-04-24 20:16 <REP> d-------- C:\Program Files\Norton Security Scan
2008-04-24 18:25 . 2008-04-24 18:25 <REP> d-------- C:\Windows\System32\Kaspersky Lab
2008-04-22 21:02 . 2008-04-22 21:02 <REP> d-------- C:\Program Files\CASIO
2008-04-22 21:02 . 2008-04-23 12:42 483 --a------ C:\Windows\FXIWIN.INI
2008-04-19 11:13 . 2008-04-19 11:13 <REP> d-------- C:\Program Files\DAEMON Tools
2008-04-18 22:07 . 2008-04-26 13:59 <REP> d-------- C:\Users\All Users\Avira
2008-04-18 22:07 . 2008-04-26 13:59 <REP> d-------- C:\ProgramData\Avira
2008-04-13 17:23 . 2008-04-13 17:23 <REP> d-------- C:\Users\autre\AppData\Roaming\PlayFirst
2008-04-10 18:01 . 2008-04-10 18:01 <REP> dr------- C:\Users\autre\Searches
2008-04-10 18:01 . 2008-04-10 18:01 <REP> d-------- C:\Users\autre\AppData\Roaming\Nero
2008-04-10 18:00 . 2008-04-10 18:01 <REP> dr------- C:\Users\autre\Videos
2008-04-10 18:00 . 2008-04-13 16:17 <REP> dr------- C:\Users\autre\Saved Games
2008-04-10 18:00 . 2008-04-10 18:01 <REP> dr------- C:\Users\autre\Pictures
2008-04-10 18:00 . 2008-04-10 18:01 <REP> dr------- C:\Users\autre\Music
2008-04-10 18:00 . 2008-04-10 18:01 <REP> dr------- C:\Users\autre\Links
2008-04-10 18:00 . 2008-04-13 17:22 <REP> dr------- C:\Users\autre\Downloads
2008-04-10 18:00 . 2008-04-10 18:04 <REP> dr------- C:\Users\autre\Documents
2008-04-10 18:00 . 2008-04-10 18:00 <REP> dr------- C:\Users\autre\Contacts
2008-04-10 18:00 . 2006-11-02 14:35 <REP> d-------- C:\Users\autre\AppData\Roaming\Media Center Programs
2008-04-10 18:00 . 2008-04-10 18:01 <REP> d--h----- C:\Users\autre\AppData
2008-04-10 18:00 . 2008-04-10 18:01 <REP> d-------- C:\Users\autre
2008-04-10 18:00 . 2008-04-10 18:05 524,288 --ahs---- C:\Users\autre\NTUSER.DAT{0f69446d-6a70-11db-8eb3-985e31beb686}.TMContainer00000000000000000002.regtrans-ms
2008-04-10 18:00 . 2008-04-10 18:05 524,288 --ahs---- C:\Users\autre\NTUSER.DAT{0f69446d-6a70-11db-8eb3-985e31beb686}.TMContainer00000000000000000001.regtrans-ms
2008-04-10 18:00 . 2008-04-26 17:04 262,144 --ah----- C:\Users\autre\ntuser.dat.LOG1
2008-04-10 18:00 . 2008-04-10 18:05 65,536 --ahs---- C:\Users\autre\NTUSER.DAT{0f69446d-6a70-11db-8eb3-985e31beb686}.TM.blf
2008-04-10 18:00 . 2008-04-10 18:00 0 --ah----- C:\Users\autre\ntuser.dat.LOG2
2008-04-09 10:09 . 2008-02-15 01:19 944,184 --a------ C:\Windows\System32\winload.exe
2008-04-09 10:09 . 2008-02-19 07:10 620,088 --a------ C:\Windows\System32\ci.dll
2008-04-09 10:09 . 2008-02-29 08:39 371,712 --a------ C:\Windows\System32\srcore.dll
2008-04-09 10:09 . 2008-02-29 08:38 313,856 --a------ C:\Windows\System32\rstrui.exe
2008-04-09 10:09 . 2008-02-29 08:39 40,960 --a------ C:\Windows\System32\srclient.dll
2008-04-09 10:09 . 2008-02-29 08:51 19,000 --a------ C:\Windows\System32\kd1394.dll
2008-04-09 10:09 . 2008-02-29 08:38 16,384 --a------ C:\Windows\System32\srdelayed.exe
2008-04-09 10:09 . 2008-02-29 08:34 7,168 --a------ C:\Windows\System32\f3ahvoas.dll
2008-04-09 10:09 . 2008-02-29 08:35 6,656 --a------ C:\Windows\System32\kbd106n.dll
2008-04-09 10:06 . 2008-02-21 02:53 1,383,424 --a------ C:\Windows\System32\mshtml.tlb
2008-04-09 09:59 . 2008-02-21 06:43 296,448 --a------ C:\Windows\System32\gdi32.dll
2008-04-09 09:58 . 2007-12-16 13:42 83,968 --a------ C:\Windows\System32\dnsrslvr.dll
2008-04-09 09:58 . 2007-12-16 13:41 24,576 --a------ C:\Windows\System32\dnscacheugc.exe
2008-04-02 14:55 . 2008-04-02 14:55 <REP> d-------- C:\Users\fredo\AppData\Roaming\DAEMON Tools
2008-03-27 20:25 . 2008-03-03 15:05 1,086,952 --a------ C:\Windows\System32\zpeng24.dll
2008-03-27 20:25 . 2008-03-03 15:06 279,440 --a------ C:\Windows\System32\drivers\vsdatant.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-26 16:57 352,614 ---ha-w C:\Windows\system32\drivers\vsconfig.xml
2008-04-26 15:26 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-04-26 15:18 43,520 ----a-w C:\Windows\System32\CmdLineExt03.dll
2008-04-26 13:18 --------- d-----w C:\ProgramData\Spybot - Search & Destroy
2008-04-26 07:11 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-04-23 12:59 --------- d-----w C:\Program Files\eMule
2008-04-13 16:13 --------- d---a-w C:\ProgramData\TEMP
2008-04-13 15:23 --------- d-----w C:\ProgramData\PlayFirst
2008-04-11 08:26 --------- d-----w C:\Program Files\Windows Mail
2008-04-11 08:24 --------- d-----w C:\ProgramData\Microsoft Help
2008-04-05 12:18 --------- d-----w C:\Program Files\IVCsoft
2008-04-02 12:55 717,296 ----a-w C:\Windows\system32\drivers\sptd.sys
2008-03-24 15:36 --------- d-----w C:\Users\fredo\AppData\Roaming\DivX
2008-03-24 15:08 --------- d-----w C:\Program Files\DivX
2008-03-07 17:18 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-03-07 17:14 --------- d-----w C:\Program Files\Windows Live Toolbar
2008-03-06 17:37 --------- d-----w C:\Program Files\Windows Live
2008-03-05 13:46 --------- d-----w C:\Users\paul\AppData\Roaming\Home Sweet Home
2008-03-05 10:57 --------- d-----w C:\ProgramData\WLInstaller
2008-03-05 10:51 --------- d-----w C:\Program Files\Microsoft SQL Server Compact Edition
2008-03-05 10:45 --------- dcsh--w C:\Program Files\Common Files\WindowsLiveInstaller
2008-03-03 13:05 54,672 ----a-w C:\Windows\System32\vsutil_loc040c.dll
2008-02-29 04:16 2,027,008 ----a-w C:\Windows\System32\win32k.sys
2008-02-21 04:43 826,368 ----a-w C:\Windows\System32\wininet.dll
2008-02-21 04:43 56,320 ----a-w C:\Windows\System32\iesetup.dll
2008-02-21 04:43 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
2008-02-21 04:43 26,624 ----a-w C:\Windows\System32\ieUnatt.exe
2008-02-21 02:05 524,288 ----a-w C:\Windows\System32\DivXsm.exe
2008-02-21 02:05 3,596,288 ----a-w C:\Windows\System32\qt-dx331.dll
2008-02-21 02:05 200,704 ----a-w C:\Windows\System32\ssldivx.dll
2008-02-21 02:05 1,044,480 ----a-w C:\Windows\System32\libdivx.dll
2008-02-21 02:04 823,296 ----a-w C:\Windows\System32\divx_xx0c.dll
2008-02-21 02:04 823,296 ----a-w C:\Windows\System32\divx_xx07.dll
2008-02-21 02:04 81,920 ----a-w C:\Windows\System32\dpl100.dll
2008-02-21 02:04 802,816 ----a-w C:\Windows\System32\divx_xx11.dll
2008-02-21 02:04 682,496 ----a-w C:\Windows\System32\DivX.dll
2008-02-21 02:04 593,920 ----a-w C:\Windows\System32\dpuGUI11.dll
2008-02-21 02:04 57,344 ----a-w C:\Windows\System32\dpv11.dll
2008-02-21 02:04 53,248 ----a-w C:\Windows\System32\dpuGUI10.dll
2008-02-21 02:04 344,064 ----a-w C:\Windows\System32\dpus11.dll
2008-02-21 02:04 294,912 ----a-w C:\Windows\System32\dpu11.dll
2008-02-21 02:04 294,912 ----a-w C:\Windows\System32\dpu10.dll
2008-02-21 02:04 196,608 ----a-w C:\Windows\System32\dtu100.dll
2008-02-21 02:03 156,992 ----a-w C:\Windows\System32\DivXCodecVersionChecker.exe
2008-02-21 02:03 12,288 ----a-w C:\Windows\System32\DivXWMPExtType.dll
2008-02-13 13:37 194,560 ----a-w C:\Windows\System32\WebClnt.dll
2008-02-13 13:31 3,504,696 ----a-w C:\Windows\System32\ntkrnlpa.exe
2008-02-13 13:31 3,470,392 ----a-w C:\Windows\System32\ntoskrnl.exe
2008-02-13 13:29 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
2008-02-13 13:29 449,536 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-02-13 13:29 4,247,552 ----a-w C:\Windows\System32\GameUXLegacyGDFs.dll
2008-02-13 13:29 24,064 ----a-w C:\Windows\System32\netcfg.exe
2008-02-13 13:29 22,016 ----a-w C:\Windows\System32\netiougc.exe
2008-02-13 13:29 2,560 ----a-w C:\Windows\AppPatch\AcRes.dll
2008-02-13 13:29 2,144,256 ----a-w C:\Windows\AppPatch\AcGenral.dll
2008-02-13 13:29 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-02-13 13:29 167,424 ----a-w C:\Windows\System32\tcpipcfg.dll
2008-02-13 13:29 1,686,528 ----a-w C:\Windows\System32\gameux.dll
2008-02-13 13:18 1,244,672 ----a-w C:\Windows\System32\mcmde.dll
2008-02-06 14:49 12,632 ----a-w C:\Windows\System32\lsdelete.exe
2008-02-02 17:15 2,773,569 ----a-w C:\Windows\Internet Logs\tvDebug.zip
2008-02-01 10:17 587,264 ----a-w C:\Windows\WLXPGSS.SCR
2007-08-30 06:37 174 --sha-w C:\Program Files\desktop.ini
2007-03-24 06:49 2,779,390 ----a-w C:\Users\paul\footmuzik.ZIP
2007-03-06 17:18 16,757,793 ----a-w C:\Users\paul\nasa-world-wind_nasa_world_wind_1.4.0_anglais_14069.exe
2007-03-06 17:01 14,994,144 ----a-w C:\Users\paul\GoogleEarthWin_EARW.exe
2006-08-19 05:20 7,329,304 ----a-w C:\Users\Public\LegoStarWarsII.exe
2007-09-15 15:54 1,890 --sha-w C:\Windows\System32\KGyGaAvL.sys
2007-09-02 16:15 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012007090220070903\index.dat
.

((((((((((((((((((((((((((((( snapshot_2008-04-26_18.54.57.76 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-04-26 16:48:29 67,584 --s-a-w C:\Windows\bootstat.dat
+ 2008-04-26 16:57:18 67,584 --s-a-w C:\Windows\bootstat.dat
- 2008-04-26 16:48:32 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2008-04-26 16:57:20 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2008-04-26 16:48:32 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2008-04-26 16:57:20 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2008-04-26 16:50:33 262,144 ----a-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\UsrClass.dat
+ 2008-04-26 19:12:55 262,144 ----a-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\UsrClass.dat
- 2008-04-26 16:51:11 1,310,720 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT
+ 2008-04-26 17:00:26 1,310,720 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT
- 2008-04-26 16:50:31 262,144 ----a-w C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\UsrClass.dat
+ 2008-04-26 19:28:36 262,144 ----a-w C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\UsrClass.dat
- 2008-04-26 16:51:49 1,310,720 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT
+ 2008-04-26 17:00:21 1,310,720 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT
- 2008-04-26 16:48:42 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2008-04-26 16:57:32 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2008-04-26 16:48:42 49,152 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2008-04-26 16:57:32 49,152 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2008-04-26 16:48:42 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2008-04-26 16:57:32 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2008-04-26 16:05:10 108,260 ----a-w C:\Windows\System32\perfc009.dat
+ 2008-04-26 18:59:54 108,260 ----a-w C:\Windows\System32\perfc009.dat
- 2008-04-26 16:05:10 122,212 ----a-w C:\Windows\System32\perfc00C.dat
+ 2008-04-26 18:59:54 122,212 ----a-w C:\Windows\System32\perfc00C.dat
- 2008-04-26 16:05:10 621,176 ----a-w C:\Windows\System32\perfh009.dat
+ 2008-04-26 18:59:54 621,176 ----a-w C:\Windows\System32\perfh009.dat
- 2008-04-26 16:05:10 700,860 ----a-w C:\Windows\System32\perfh00C.dat
+ 2008-04-26 18:59:54 700,860 ----a-w C:\Windows\System32\perfh00C.dat
- 2008-04-26 15:38:11 7,114 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2740256353-4076371411-4223361501-1005_UserData.bin
+ 2008-04-26 17:00:13 7,178 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2740256353-4076371411-4223361501-1005_UserData.bin
- 2008-04-26 15:38:10 88,890 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2008-04-26 17:00:13 89,022 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 12:55 5674352]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [ ]
"AlcoholAutomount"="C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" [2007-07-02 12:22 219008]
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2006-11-12 12:48 157592]
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools\daemon.exe" [2006-11-12 12:48 157592]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 14:33 201728]
"Veoh"="C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" [2008-04-01 18:35 3587120]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 20:51 39792]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [ ]
"NeroFilterCheck"="C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 16:57 153136]
"NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-20 10:51 1836328]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-04-12 17:07 86016]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-04-12 17:07 8429568]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-04-12 17:07 81920]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [ ]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2008-03-03 15:05 959976]
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2006-11-12 12:48 157592]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.DIV3"= DivXc32.dll
"vidc.DIV4"= DivXc32f.dll
"msacm.divxa32"= DivXa32.acm
"VIDC.HFYU"= huffyuv.dll

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk]
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Lancement rapide d'Adobe Reader.lnk]
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Outil de mise à jour Google.lnk]
backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--a------ 2002-04-11 08:36 1458448 C:\Program Files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
--a------ 2007-01-19 12:55 5674352 C:\Program Files\MSN Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
--a------ 2007-04-12 17:07 8429568 C:\Windows\system32\NvCpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
--a------ 2007-04-12 17:07 81920 C:\Windows\system32\NvMcTray.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvSvc]
--a------ 2007-04-12 17:07 86016 C:\Windows\system32\nvsvc.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2007-07-12 04:00 132496 C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
--a------ 2007-04-02 17:00 1006264 C:\Program Files\Windows Defender\MSASCui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
--a------ 2006-11-02 14:33 201728 C:\Program Files\Windows Media Player\WMPNSCFG.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{6683FCCC-C7A2-4878-90C2-A94F1C86474C}"= C:\Program Files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)
"TCP Query User{66E0982E-3840-42B0-AA67-D8B7634AD74C}C:\\program files\\emule\\emule.exe"= UDP:C:\program files\emule\emule.exe:eMule
"UDP Query User{39FF1F52-0907-4790-B813-912C6DBC9847}C:\\program files\\emule\\emule.exe"= TCP:C:\program files\emule\emule.exe:eMule
"{9DEECA4B-EF66-4FAD-A875-639817827193}"= TCP:6004|C:\Program Files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"TCP Query User{2AA7AFF7-DBCB-4782-A695-70B04ADD9536}C:\\windows\\explorer.exe"= UDP:C:\windows\explorer.exe:Windows Explorer
"UDP Query User{1FF3BAB2-7DF7-43FC-A13D-2CD28EB80313}C:\\windows\\explorer.exe"= TCP:C:\windows\explorer.exe:Windows Explorer
"TCP Query User{293C7553-456D-4A9C-92AD-64C0EDBCD56D}C:\\program files\\abc\\abc.exe"= UDP:C:\program files\abc\abc.exe:abc
"UDP Query User{11AAA112-8C63-473F-A4AD-00B7665266EB}C:\\program files\\abc\\abc.exe"= TCP:C:\program files\abc\abc.exe:abc
"TCP Query User{ABF4E115-EB48-4A61-BED0-E79601934D52}C:\\program files\\ubisoft\\splinter cell pandora tomorrow\\pandora.exe"= UDP:C:\program files\ubisoft\splinter cell pandora tomorrow\pandora.exeandora
"UDP Query User{90EEFECF-F774-44AC-8049-0610C2ECA226}C:\\program files\\ubisoft\\splinter cell pandora tomorrow\\pandora.exe"= TCP:C:\program files\ubisoft\splinter cell pandora tomorrow\pandora.exeandora
"TCP Query User{A9591C14-B484-43DD-A58C-38226C9595B8}C:\\program files\\ubisoft\\splinter cell pandora tomorrow\\online\\system\\shadowstrike_static_retail.exe"= UDP:C:\program files\ubisoft\splinter cell pandora tomorrow\online\system\shadowstrike_static_retail.exe:shadowstrike_static_retail
"UDP Query User{A59C97B7-B840-4AE0-A421-24EB0F1A0E17}C:\\program files\\ubisoft\\splinter cell pandora tomorrow\\online\\system\\shadowstrike_static_retail.exe"= TCP:C:\program files\ubisoft\splinter cell pandora tomorrow\online\system\shadowstrike_static_retail.exe:shadowstrike_static_retail
"TCP Query User{7234CDB4-9BC7-44B9-8E0B-AA1D62118A27}C:\\program files\\emule\\emule.exe"= UDP:C:\program files\emule\emule.exe:eMule
"UDP Query User{70A97077-228D-44EF-AE7E-1D12CC421228}C:\\program files\\emule\\emule.exe"= TCP:C:\program files\emule\emule.exe:eMule
"TCP Query User{4C57F91C-2B85-4A85-B1A5-6FAF54D54C5E}C:\\program files\\abc\\abc.exe"= UDP:C:\program files\abc\abc.exe:abc
"UDP Query User{036E9CCC-1BC4-4337-BEC7-077AFDCC93DD}C:\\program files\\abc\\abc.exe"= TCP:C:\program files\abc\abc.exe:abc
"TCP Query User{B7D2E62A-6205-43B3-AD75-E4282B6DD891}C:\\program files\\32nd america's cup - demo\\vskac32_demo.exe"= UDP:C:\program files\32nd america's cup - demo\vskac32_demo.exe:VskAC32_Demo
"UDP Query User{360C9DC3-F777-47B6-B954-C32E719B130F}C:\\program files\\32nd america's cup - demo\\vskac32_demo.exe"= TCP:C:\program files\32nd america's cup - demo\vskac32_demo.exe:VskAC32_Demo
"TCP Query User{0B24FB9B-AF6E-46AF-947A-9B5AD87A0BE2}C:\\program files\\electronic arts\\need for speed carbon\\nfsc.exe"= UDP:C:\program files\electronic arts\need for speed carbon\nfsc.exe:NFSC
"UDP Query User{21788F0A-3001-407B-83B0-A2E91884F631}C:\\program files\\electronic arts\\need for speed carbon\\nfsc.exe"= TCP:C:\program files\electronic arts\need for speed carbon\nfsc.exe:NFSC
"{57555DCD-0F71-45CA-88C8-0B8D901AA700}"= C:\Program Files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)
"{DD578FC0-FB1F-4FD6-9199-2221FA1A5160}"= UDP:C:\Program Files\Messenger\msmsgs.exe:Windows Messenger
"{982DCBF1-7F2A-4C8D-9DB6-22E83EC68C6B}"= TCP:C:\Program Files\Messenger\msmsgs.exe:Windows Messenger
"TCP Query User{AF6ABDDD-A264-4B48-AC08-C3DE667E7418}C:\\program files\\ubisoft\\tom clancy's splinter cell double agent\\scda-offline\\system\\splintercell4.exe"= UDP:C:\program files\ubisoft\tom clancy's splinter cell double agent\scda-offline\system\splintercell4.exe:SplinterCell4
"UDP Query User{D2B3D2FA-450A-4A72-A82D-34AF38AD4BE7}C:\\program files\\ubisoft\\tom clancy's splinter cell double agent\\scda-offline\\system\\splintercell4.exe"= TCP:C:\program files\ubisoft\tom clancy's splinter cell double agent\scda-offline\system\splintercell4.exe:SplinterCell4
"{1D9F73F5-780B-44DA-A983-4F1615219181}"= C:\Program Files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)
"TCP Query User{7ADE55AE-3F49-44E2-9854-6F826EFCB332}C:\\typsoft ftp server\\ftpserv.exe"= UDP:C:\typsoft ftp server\ftpserv.exe:TYPSoft FTP Server
"UDP Query User{E6DEB5F3-4086-4729-84FF-42837391236C}C:\\typsoft ftp server\\ftpserv.exe"= TCP:C:\typsoft ftp server\ftpserv.exe:TYPSoft FTP Server
"TCP Query User{6D2C47EF-1CA6-45CB-982D-5953D0F2C076}C:\\program files\\adsltv\\adsltv.exe"= UDP:C:\program files\adsltv\adsltv.exe:adsltv
"UDP Query User{DF1AC20D-BB89-4B0D-BDB1-5086F67CCA95}C:\\program files\\adsltv\\adsltv.exe"= TCP:C:\program files\adsltv\adsltv.exe:adsltv
"TCP Query User{A60687CC-7747-4CA3-B620-6EA540644A75}C:\\program files\\veoh networks\\veoh\\veohclient.exe"= UDP:C:\program files\veoh networks\veoh\veohclient.exe:Veoh Client
"UDP Query User{A7E313D6-FC7F-4E69-ADAA-DC97F0C282AB}C:\\program files\\veoh networks\\veoh\\veohclient.exe"= TCP:C:\program files\veoh networks\veoh\veohclient.exe:Veoh Client
"{FB230512-BDAA-4110-9AFE-4D10579E7B58}"= UDP:19339:BitComet 19339 TCP
"{DC1A6B7F-E5E1-4403-9D27-182A0772FD72}"= TCP:19339:BitComet 19339 UDP
"{806CD8B0-6621-4E7E-BEBA-F4C722F93AEF}"= UDP:C:\Program Files\Winamp Remote\bin\Orb.exerb
"{BD5CD9B4-C2C0-4B77-816F-A553A2D736AE}"= TCP:C:\Program Files\Winamp Remote\bin\Orb.exerb
"{895DCCEF-1742-45B6-B277-BE8A40C3E1E8}"= UDP:C:\Program Files\Winamp Remote\bin\OrbTray.exerbTray
"{7A701332-403D-4F2B-9522-EE31ECA487ED}"= TCP:C:\Program Files\Winamp Remote\bin\OrbTray.exerbTray
"{20C17179-A0AF-495E-AB17-399C13560122}"= UDP:C:\Program Files\Winamp Remote\bin\OrbIR.exerbIR
"{B923A64F-8CA7-4AD2-9100-43EC99B409C4}"= TCP:C:\Program Files\Winamp Remote\bin\OrbIR.exerbIR
"{DB6810CD-825C-4F38-A9D4-6598F38FC774}"= UDP:C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exerb Stream Client
"{1FC6A47B-10D6-4216-AF7E-2506EF8F53DE}"= TCP:C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exerb Stream Client
"{7BB345AA-B8FD-4CDA-85F1-754E42C09F69}"= UDP:19339:BitComet 19339 TCP
"{797E7129-0371-4B48-8B9D-3B93FA7597E3}"= TCP:19339:BitComet 19339 UDP

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"C:\\WINDOWS\\svchost.exe"= C:\WINDOWS\svchost.exe:*:Enabled:svchost

R3 P0630VID;Creative WebCam Live!;C:\Windows\system32\DRIVERS\P0630Vid.sys [2004-07-30 03:55]
S3 s125bus;Sony Ericsson Device 125 driver (WDM);C:\Windows\system32\DRIVERS\s125bus.sys [2007-04-24 09:33]
S3 s125mdfl;Sony Ericsson Device 125 USB WMC Modem Filter;C:\Windows\system32\DRIVERS\s125mdfl.sys [2007-04-24 09:33]
S3 s125mdm;Sony Ericsson Device 125 USB WMC Modem Driver;C:\Windows\system32\DRIVERS\s125mdm.sys [2007-04-24 09:33]
S3 s125mgmt;Sony Ericsson Device 125 USB WMC Device Management Drivers (WDM);C:\Windows\system32\DRIVERS\s125mgmt.sys [2007-04-24 10:33]
S3 s125obex;Sony Ericsson Device 125 USB WMC OBEX Interface;C:\Windows\system32\DRIVERS\s125obex.sys [2007-04-24 10:33]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{98ebed00-3f75-11dc-a63a-000b6ab65d61}]
\shell\AutoRun\command - F:\autorun\autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ad989396-ca37-11db-a858-806e6f6e6963}]
\shell\AutoRun\command - explorer .

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f51b0150-d5ff-11db-9840-000b6ab65d61}]
\shell\AutoRun\command - G:\LaunchRC.exe

.
Contents of the 'Scheduled Tasks' folder
"2008-04-25 16:00:00 C:\Windows\Tasks\Norton Security Scan.job"
- C:\Program Files\Norton Security Scan\Nss.exe
"2008-04-26 19:30:00 C:\Windows\Tasks\User_Feed_Synchronization-{41A72865-AFB4-4BBA-B0DF-741C21B7FD6B}.job"
- C:\Windows\system32\msfeedssync.exe
"2008-04-26 19:31:00 C:\Windows\Tasks\User_Feed_Synchronization-{73C20C1F-FC60-431F-B678-4E68B0DF191B}.job"
- C:\Windows\system32\msfeedssync.exe
.
**************************************************************************

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-26 21:32:57
Windows 6.0.6000 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 4

**************************************************************************
.
Completion time: 2008-04-26 21:35:04
ComboFix-quarantined-files.txt 2008-04-26 19:34:57
ComboFix2.txt 2008-04-26 12:51:34

Pre-Run: 76,494,774,272 octets libres
Post-Run: 76,470,009,856 octets libres

353 --- E O F --- 2008-04-26 07:31:00
hijackthis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:00:51, on 26/04/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16643)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\System32\rundll32.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_SL.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools\daemon.exe" -autorun
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-2740256353-4076371411-4223361501-1001\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'paul')
O4 - HKUS\S-1-5-21-2740256353-4076371411-4223361501-1001\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe (User 'paul')
O4 - HKUS\S-1-5-21-2740256353-4076371411-4223361501-1001\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe (User 'paul')
O4 - Global Startup: Contrôleur de calendrier Ulead.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - (no file)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O13 - Gopher Prefix:
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/5 [...] plugin.cab
O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} - http://messenger.zone.msn.com/bina [...] b56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} - http://messenger.zone.msn.com/FR-F [...] E_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/Driv [...] eqlab2.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} - http://a840.g.akamai.net/7/840/537 [...] scan53.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - http://messenger.zone.msn.com/bina [...] b56649.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game08.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ [...] wflash.cab
O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\Windows\system32\drivers\CDAC11BA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe

--
End of file - 9741 bytes

je commence la deuxième étape

Répondre à calim76560

voici enfin le dernier rapport
Fichier swxcacls.exe reçu le 2008.04.17 23:40:58 (CET)Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 - - -
AntiVir - - -
Authentium - - -
Avast - - -
AVG - - -
BitDefender - - -
CAT-QuickHeal - - -
ClamAV - - -
DrWeb - - -
eSafe - - -
eTrust-Vet - - -
Ewido - - -
F-Prot - - -
F-Secure - - -
FileAdvisor - - -
Fortinet - - -
Ikarus - - Trojan-Downloader.Win32.Agent.aww
Kaspersky - - -
McAfee - - -
Microsoft - - -
NOD32v2 - - -
Norman - - -
Panda - - -
Prevx1 - - -
Rising - - -
Sophos - - -
Sunbelt - - -
Symantec - - -
TheHacker - - -
VBA32 - - -
VirusBuster - - -
Webwasher-Gateway - - Virus.Win32.FileInfector.gen!90 (suspicious)

Information additionnelle
MD5: b1a9cf0b6f80611d31987c247ec630b4
SHA1: 7299b3c370254e1e4bade26dc5fec818989d836a
SHA256: 933756962d8a3530c50072e03af9e0eb0bede3c7af58feda3518240e851071ef
SHA512: 152e24b5490c3e15ec7cf6db0e6573cd75846be6b1472165d055255a9b74a22d929bf8bef1c3f8e31333577d806d600239dde2dfbb463cc62987bac62706b9e1

Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 - - -
AntiVir - - -
Authentium - - -
Avast - - -
AVG - - -
BitDefender - - -
CAT-QuickHeal - - -
ClamAV - - -
DrWeb - - -
eSafe - - -
eTrust-Vet - - -
Ewido - - -
F-Prot - - -
F-Secure - - -
FileAdvisor - - -
Fortinet - - -
Ikarus - - Trojan-Downloader.Win32.Agent.aww
Kaspersky - - -
McAfee - - -
Microsoft - - -
NOD32v2 - - -
Norman - - -
Panda - - -
Prevx1 - - -
Rising - - -
Sophos - - -
Sunbelt - - -
Symantec - - -
TheHacker - - -
VBA32 - - -
VirusBuster - - -
Webwasher-Gateway - - Virus.Win32.FileInfector.gen!90 (suspicious)

Information additionnelle
MD5: b1a9cf0b6f80611d31987c247ec630b4
SHA1: 7299b3c370254e1e4bade26dc5fec818989d836a
SHA256: 933756962d8a3530c50072e03af9e0eb0bede3c7af58feda3518240e851071ef
SHA512: 152e24b5490c3e15ec7cf6db0e6573cd75846be6b1472165d055255a9b74a22d929bf8bef1c3f8e31333577d806d600239dde2dfbb463cc62987bac62706b9e1

Répondre à calim76560

Re,

Bon on un problème : l'infection est revenue ! Pourquoi ? Très simple : un utilisateur du PC a relancé un crack ou un fichier infecté par le trojan vundo.

Donc tant qu'il y aura quelqu'un pour relancer ce fichier, l'infection va se recréer, indéfiniment.

Tu as laissé ton pc à quelqu'un depuis qu'on a commencé ? Si ton frère l'a eu entre les mains, ça doit tout expliquer je présume.

On va donc procéder comme suit :

1) Tu supprimes tous les cracks du PC ( en gros c'est tout ce qui est téléchargé via le P2P et aussi tout ce qui comporte les mots "crack", "keygen" etc. )

2) Fais un scan en linge avec BitDefender, avec internet explorer ! Sauvegarde tes musiques et photos, il arrive que BitDefender les supprime

http://www.bitdefender.fr/
et copie colle le résultat ici
* En bas, à gauche de la fenêtre, clique sur BitDefender SCAN ONLINE
* Dans la nouvelle fenêtre, clique sur I agree
* La fenêtre change encore, clique sur Click here to scan
* Les signatures se chargent, etc.

Tutorial en image : http://forum.pcastuces.com/sujet.asp?f=25&s=31584

Poste-moi le rapport en entier

3) Tu expliques à ton frère le problème... au pire tu mets un mot de passe sur le PC... Enfin, ça ça ne me regarde pas.

Message édité par Egwene le 26-04-2008 à 23:05:39

------------------------------ Prière de signaler si vous vous faites déjà aider sur un autre forum ou dans un autre topic.

Sécurité / Prévention
Répondre à Egwene

voila j'ai commencé l'analyse. Dès que cela est terminé, je vire tous ce qui est à mon frère et je supprime sa session, il ira faire ses conneries ailleurs. Désolé pour les mots doux mais la il me fait suer ce frangin. Merci beaucoup de ton aide

Répondre à calim76560

Re,

Ne soit peut-être pas trop dur avec ton frangin, mais en tous cas il faut qu'il lise en entier le dossier en lien dans ma signature. Peut-être qu'il n'est pas au courant des dangers du net et qu'il fera plus attention.

En tous cas, je suis certain qu'il y a eu réinfection, les rapports ne laissent aucun doute.

Le scan est assez long, donc je te dis à demain pour très certainement en finir :super:

Bonne nuit :hello:

------------------------------ Prière de signaler si vous vous faites déjà aider sur un autre forum ou dans un autre topic.

Sécurité / Prévention
Répondre à Egwene

ouf voila enfin le raport:
BitDefender Online Scanner

Rapport d'analyse généré à: Sun, Apr 27, 2008 - 10:35:48

Voie d'analyse: C:\;D:\;E:\;F:\;G:\;

Statistiques

Temps
00:43:50

Fichiers
102544

Directoires
17841

Secteurs de boot
2

Archives
1331

Paquets programmes
12189

Résultats

Virus identifiés
1

Fichiers infectés
1

Fichiers suspects
0

Avertissements
0

Désinfectés
0

Fichiers effacés
1

Info sur les moteurs

Définition virus
1183936

Version des moteurs
AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)

Analyse des plugins
16

Archive des plugins
42

Unpack des plugins
7

E-mail plugins
6

Système plugins
5

Paramètres d'analyse

Première action
Désinfecté

Seconde Action
Supprimé

Heuristique
Oui

Acceptez les avertissements
Oui

Extensions analysées
exe;com;dll;ocx;scr;bin;dat;386;vxd;sys;wdm;cla;class;ovl;ole;hlp;doc;dot;xls;ppt;wbk;wiz;pot;ppa;xla;xlt;vbs;vbe;mdb;rtf;htm;hta;html;xml;xtp;php;asp;js;shs;chm;lnk;pif;prc;url;smm;pfd;msi;ini;csc;cmd;bas;

Excludez les extensions

Analyse d'emails
Oui

Analyse des Archives
Oui

Analyser paquets programmes
Oui

Analyse des fichiers
Oui

Analyse de boot
Oui

Fichier analysé
Statut

C:\$Recycle.Bin\S-1-5-21-2740256353-4076371411-4223361501-1000\$RVBKO4B.exe
Infecté par: Trojan.Generic.169681

C:\$Recycle.Bin\S-1-5-21-2740256353-4076371411-4223361501-1000\$RVBKO4B.exe
Supprimé

C:\NVIDIA\WinVista\97.46\nvcplptg.chm=>/#BSSC
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplptg.chm=>/#BSSCMF
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplptg.chm=>/coua.css
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplptg.chm=>/image7.gif
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplptg.chm=>/image8.gif
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplptg.chm=>/page_header.gif
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplptg.chm=>/NOTE.GIF
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplptg.chm=>/image4.gif
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplrus.chm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplrus.chm=>/#SYSTEM
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplrus.chm=>/Get_information_about_your_program_and_computer.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplrus.chm=>/Accessing_online_help.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplrus.chm=>/NVIDIA_Control_Panel.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplrus.chm=>/Print_a_help_topic.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplrus.chm=>/About_the_Menu_Bar.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplrus.chm=>/About_the_Toolbar.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplrus.chm=>/Getting_Help.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplrus.chm=>/System_Requirements.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplrus.chm=>/Getting_Started.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplrus.chm=>/About_this_help.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplrus.chm=>/Glossary.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplrus.chm=>/Understanding_the_NVIDIA_Control_Panel_Interface.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplrus.chm=>/Define_Custom_Views.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplrus.chm=>/Using_the_NVIDIA_Control_Panel_Interface.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplrus.chm=>/Using_the_View_Menu.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplrus.chm=>/Using_the_Profiles_Menu.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplrus.chm=>/System_Requirement_for_NVIDIA_SLI_Technology_(Advanced_Users).htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplrus.chm=>/To_get_technical_support.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplrus.chm=>/eHelp.xml
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplrus.chm=>/RoboHHRE.lng
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplrus.chm=>/nvcplRUS.brs
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplrus.chm=>/#BSSC
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplrus.chm=>/#BSSCMF
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplrus.chm=>/coua.css
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplrus.chm=>/NOTE.GIF
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplrus.chm=>/page_header.gif
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplrus.chm=>/image4.gif
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplrus.chm=>/image5.gif
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplrus.chm=>/image6.gif
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplsky.chm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplsky.chm=>/#SYSTEM
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplsky.chm=>/Get_information_about_your_program_and_computer.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplsky.chm=>/Accessing_online_help.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplsky.chm=>/NVIDIA_Control_Panel.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplsky.chm=>/Print_a_help_topic.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplsky.chm=>/About_the_Menu_Bar.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplsky.chm=>/About_the_Toolbar.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplsky.chm=>/Getting_Help.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplsky.chm=>/System_Requirements.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplsky.chm=>/Getting_Started.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplsky.chm=>/About_this_help.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplsky.chm=>/Glossary.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplsky.chm=>/Understanding_the_NVIDIA_Control_Panel_Interface.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplsky.chm=>/Define_Custom_Views.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplsky.chm=>/Using_the_NVIDIA_Control_Panel_Interface.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplsky.chm=>/Using_the_View_Menu.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplsky.chm=>/Using_the_Profiles_Menu.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplsky.chm=>/System_Requirement_for_NVIDIA_SLI_Technology_(Advanced_Users).htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplsky.chm=>/To_get_technical_support.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplsky.chm=>/eHelp.xml
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplsky.chm=>/RoboHHRE.lng
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplsky.chm=>/nvcplSKY.brs
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplsky.chm=>/#BSSC
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplsky.chm=>/#BSSCMF
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplsky.chm=>/coua.css
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplsky.chm=>/image4.gif
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplsky.chm=>/image5.gif
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplsky.chm=>/image6.gif
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplsky.chm=>/image7.gif
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplsky.chm=>/image8.gif
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplslv.chm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplslv.chm=>/#SYSTEM
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplslv.chm=>/Get_information_about_your_program_and_computer.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplslv.chm=>/Accessing_online_help.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplslv.chm=>/NVIDIA_Control_Panel.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplslv.chm=>/Print_a_help_topic.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplslv.chm=>/About_the_Menu_Bar.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplslv.chm=>/About_the_Toolbar.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplslv.chm=>/Getting_Help.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplslv.chm=>/System_Requirements.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplslv.chm=>/Getting_Started.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplslv.chm=>/About_this_help.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplslv.chm=>/Glossary.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplslv.chm=>/Understanding_the_NVIDIA_Control_Panel_Interface.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplslv.chm=>/Define_Custom_Views.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplslv.chm=>/Using_the_NVIDIA_Control_Panel_Interface.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplslv.chm=>/Using_the_View_Menu.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplslv.chm=>/Using_the_Profiles_Menu.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplslv.chm=>/System_Requirement_for_NVIDIA_SLI_Technology_(Advanced_Users).htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplslv.chm=>/To_get_technical_support.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplslv.chm=>/eHelp.xml
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplslv.chm=>/RoboHHRE.lng
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplslv.chm=>/nvcplSLV.brs
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplslv.chm=>/#BSSC
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplslv.chm=>/#BSSCMF
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplslv.chm=>/coua.css
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplslv.chm=>/NOTE.GIF
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplslv.chm=>/image4.gif
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplslv.chm=>/image5.gif
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplslv.chm=>/image6.gif
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplslv.chm=>/page_header.gif
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplsve.chm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplsve.chm=>/#SYSTEM
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplsve.chm=>/Get_information_about_your_program_and_computer.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplsve.chm=>/Accessing_online_help.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplsve.chm=>/NVIDIA_Control_Panel.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplsve.chm=>/Print_a_help_topic.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplsve.chm=>/About_the_Menu_Bar.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplsve.chm=>/About_the_Toolbar.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplsve.chm=>/Getting_Help.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplsve.chm=>/System_Requirements.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplsve.chm=>/Getting_Started.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplsve.chm=>/About_this_help.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplsve.chm=>/Glossary.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplsve.chm=>/Understanding_the_NVIDIA_Control_Panel_Interface.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplsve.chm=>/Define_Custom_Views.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplsve.chm=>/Using_the_NVIDIA_Control_Panel_Interface.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplsve.chm=>/Using_the_View_Menu.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplsve.chm=>/Using_the_Profiles_Menu.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplsve.chm=>/System_Requirement_for_NVIDIA_SLI_Technology_(Advanced_Users).htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplsve.chm=>/To_get_technical_support.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplsve.chm=>/eHelp.xml
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplsve.chm=>/RoboHHRE.lng
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplsve.chm=>/nvcplSVE.brs
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplsve.chm=>/#BSSC
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplsve.chm=>/#BSSCMF
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplsve.chm=>/coua.css
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplsve.chm=>/page_header.gif
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplsve.chm=>/image4.gif
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplsve.chm=>/NOTE.GIF
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplsve.chm=>/image5.gif
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcplsve.chm=>/image6.gif
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcpltha.chm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcpltha.chm=>/#SYSTEM
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcpltha.chm=>/Get_information_about_your_program_and_computer.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcpltha.chm=>/Accessing_online_help.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcpltha.chm=>/NVIDIA_Control_Panel.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcpltha.chm=>/Print_a_help_topic.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcpltha.chm=>/About_the_Menu_Bar.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcpltha.chm=>/About_the_Toolbar.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcpltha.chm=>/Getting_Help.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcpltha.chm=>/System_Requirements.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcpltha.chm=>/Getting_Started.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcpltha.chm=>/About_this_help.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcpltha.chm=>/Glossary.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcpltha.chm=>/Understanding_the_NVIDIA_Control_Panel_Interface.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcpltha.chm=>/Define_Custom_Views.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcpltha.chm=>/Using_the_NVIDIA_Control_Panel_Interface.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcpltha.chm=>/Using_the_View_Menu.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcpltha.chm=>/Using_the_Profiles_Menu.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcpltha.chm=>/System_Requirement_for_NVIDIA_SLI_Technology_(Advanced_Users).htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcpltha.chm=>/To_get_technical_support.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcpltha.chm=>/eHelp.xml
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcpltha.chm=>/RoboHHRE.lng
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcpltha.chm=>/nvcplTHA.brs
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcpltha.chm=>/#BSSC
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcpltha.chm=>/#BSSCMF
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcpltha.chm=>/coua.css
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcpltha.chm=>/image4.gif
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcpltha.chm=>/image5.gif
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcpltha.chm=>/image6.gif
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcpltha.chm=>/image7.gif
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcpltha.chm=>/image8.gif
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcpltrk.chm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcpltrk.chm=>/#SYSTEM
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcpltrk.chm=>/Get_information_about_your_program_and_computer.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcpltrk.chm=>/Accessing_online_help.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcpltrk.chm=>/NVIDIA_Control_Panel.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcpltrk.chm=>/Print_a_help_topic.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcpltrk.chm=>/About_the_Menu_Bar.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcpltrk.chm=>/About_the_Toolbar.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcpltrk.chm=>/Getting_Help.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcpltrk.chm=>/System_Requirements.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcpltrk.chm=>/Getting_Started.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcpltrk.chm=>/About_this_help.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcpltrk.chm=>/Glossary.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcpltrk.chm=>/Understanding_the_NVIDIA_Control_Panel_Interface.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcpltrk.chm=>/Define_Custom_Views.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcpltrk.chm=>/Using_the_NVIDIA_Control_Panel_Interface.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcpltrk.chm=>/Using_the_View_Menu.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcpltrk.chm=>/Using_the_Profiles_Menu.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcpltrk.chm=>/System_Requirement_for_NVIDIA_SLI_Technology_(Advanced_Users).htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcpltrk.chm=>/To_get_technical_support.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcpltrk.chm=>/eHelp.xml
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcpltrk.chm=>/RoboHHRE.lng
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcpltrk.chm=>/nvcplTRK.brs
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcpltrk.chm=>/#BSSC
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcpltrk.chm=>/#BSSCMF
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcpltrk.chm=>/coua.css
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcpltrk.chm=>/page_header.gif
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcpltrk.chm=>/NOTE.GIF
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcpltrk.chm=>/image4.gif
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcpltrk.chm=>/image5.gif
Nettoyé

C:\NVIDIA\WinVista\97.46\nvcpltrk.chm=>/image6.gif
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/#SYSTEM
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/Adjust_Color_Image_Settings_How_do_I.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/Adjust_Color_Image_Settings_How_do_I.htm=>(JAVASCRIPT 1)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/Adjust_Color_Image_Settings_How_do_I.htm=>(JAVASCRIPT 2)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/Adjust_Color_Image_Settings_How_do_I.htm=>(JAVASCRIPT 3)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/Adjust_Color_Image_Settings_How_do_I.htm=>(JAVASCRIPT 4)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/Change_Resolution_Attributes_How_do_I.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/Change_Resolution_Attributes_How_do_I.htm=>(JAVASCRIPT 1)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/Change_Resolution_Attributes_How_do_I.htm=>(JAVASCRIPT 2)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/Change_Resolution_Attributes_How_do_I.htm=>(JAVASCRIPT 3)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/Change_Resolution_Attributes_How_do_I.htm=>(JAVASCRIPT 4)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/CS_Change_Resolution.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/CS_Change_Resolution.htm=>(JAVASCRIPT 1)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/CS_Change_Resolution.htm=>(JAVASCRIPT 2)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/CS_Change_Resolution.htm=>(JAVASCRIPT 3)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/CS_Change_Resolution.htm=>(JAVASCRIPT 4)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_reduce_the_amount_of_flicker_on_your_screen.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_reduce_the_amount_of_flicker_on_your_screen.htm=>(JAVASCRIPT 1)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_reduce_the_amount_of_flicker_on_your_screen.htm=>(JAVASCRIPT 2)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_reduce_the_amount_of_flicker_on_your_screen.htm=>(JAVASCRIPT 3)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_reduce_the_amount_of_flicker_on_your_screen.htm=>(JAVASCRIPT 4)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_show_more_or_fewer_colors_on_your_desktop.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_show_more_or_fewer_colors_on_your_desktop.htm=>(JAVASCRIPT 1)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_show_more_or_fewer_colors_on_your_desktop.htm=>(JAVASCRIPT 2)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_show_more_or_fewer_colors_on_your_desktop.htm=>(JAVASCRIPT 3)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_show_more_or_fewer_colors_on_your_desktop.htm=>(JAVASCRIPT 4)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/Color_Settings.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/Color_Settings.htm=>(JAVASCRIPT 1)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/Color_Settings.htm=>(JAVASCRIPT 2)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/Color_Settings.htm=>(JAVASCRIPT 3)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/Color_Settings.htm=>(JAVASCRIPT 4)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_show_display_modes_not_supported_by_your_display.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_show_display_modes_not_supported_by_your_display.htm=>(JAVASCRIPT 1)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_show_display_modes_not_supported_by_your_display.htm=>(JAVASCRIPT 2)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_show_display_modes_not_supported_by_your_display.htm=>(JAVASCRIPT 3)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_show_display_modes_not_supported_by_your_display.htm=>(JAVASCRIPT 4)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_adjust_the_contrast_on_your_desktop.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_adjust_the_contrast_on_your_desktop.htm=>(JAVASCRIPT 1)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_adjust_the_contrast_on_your_desktop.htm=>(JAVASCRIPT 2)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_adjust_the_contrast_on_your_desktop.htm=>(JAVASCRIPT 3)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_adjust_the_contrast_on_your_desktop.htm=>(JAVASCRIPT 4)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_make_your_desktop_brighter.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_make_your_desktop_brighter.htm=>(JAVASCRIPT 1)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_make_your_desktop_brighter.htm=>(JAVASCRIPT 2)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_make_your_desktop_brighter.htm=>(JAVASCRIPT 3)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_make_your_desktop_brighter.htm=>(JAVASCRIPT 4)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_adjust_your_screen_resolution.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_adjust_your_screen_resolution.htm=>(JAVASCRIPT 1)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_adjust_your_screen_resolution.htm=>(JAVASCRIPT 2)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_adjust_your_screen_resolution.htm=>(JAVASCRIPT 3)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_adjust_your_screen_resolution.htm=>(JAVASCRIPT 4)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_adjust_the_color_settings_using_a_color_correction_graph.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_adjust_the_color_settings_using_a_color_correction_graph.htm=>(JAVASCRIPT 1)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_adjust_the_color_settings_using_a_color_correction_graph.htm=>(JAVASCRIPT 2)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_adjust_the_color_settings_using_a_color_correction_graph.htm=>(JAVASCRIPT 3)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_adjust_the_color_settings_using_a_color_correction_graph.htm=>(JAVASCRIPT 4)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_compensate_for_poor_lighting_conditions.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_compensate_for_poor_lighting_conditions.htm=>(JAVASCRIPT 1)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_compensate_for_poor_lighting_conditions.htm=>(JAVASCRIPT 2)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_compensate_for_poor_lighting_conditions.htm=>(JAVASCRIPT 3)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_compensate_for_poor_lighting_conditions.htm=>(JAVASCRIPT 4)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_use_Digital_Vibrance_to_make_your_desktop_colors_richer.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_use_Digital_Vibrance_to_make_your_desktop_colors_richer.htm=>(JAVASCRIPT 1)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_use_Digital_Vibrance_to_make_your_desktop_colors_richer.htm=>(JAVASCRIPT 2)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_use_Digital_Vibrance_to_make_your_desktop_colors_richer.htm=>(JAVASCRIPT 3)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_use_Digital_Vibrance_to_make_your_desktop_colors_richer.htm=>(JAVASCRIPT 4)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_stretch_the_desktop_across_both_displays.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_stretch_the_desktop_across_both_displays.htm=>(JAVASCRIPT 1)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_stretch_the_desktop_across_both_displays.htm=>(JAVASCRIPT 2)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_stretch_the_desktop_across_both_displays.htm=>(JAVASCRIPT 3)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_stretch_the_desktop_across_both_displays.htm=>(JAVASCRIPT 4)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/nView_Display_Mode_How_do_I.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/nView_Display_Mode_How_do_I.htm=>(JAVASCRIPT 1)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/nView_Display_Mode_How_do_I.htm=>(JAVASCRIPT 2)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/nView_Display_Mode_How_do_I.htm=>(JAVASCRIPT 3)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/nView_Display_Mode_How_do_I.htm=>(JAVASCRIPT 4)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_show_the_same_information_on_both_displays.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_show_the_same_information_on_both_displays.htm=>(JAVASCRIPT 1)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_show_the_same_information_on_both_displays.htm=>(JAVASCRIPT 2)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_show_the_same_information_on_both_displays.htm=>(JAVASCRIPT 3)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_show_the_same_information_on_both_displays.htm=>(JAVASCRIPT 4)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_use_more_than_one_display.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_use_more_than_one_display.htm=>(JAVASCRIPT 1)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_use_more_than_one_display.htm=>(JAVASCRIPT 2)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_use_more_than_one_display.htm=>(JAVASCRIPT 3)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_use_more_than_one_display.htm=>(JAVASCRIPT 4)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_rename_one_or_more_displays.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_rename_one_or_more_displays.htm=>(JAVASCRIPT 1)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_rename_one_or_more_displays.htm=>(JAVASCRIPT 2)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_rename_one_or_more_displays.htm=>(JAVASCRIPT 3)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_rename_one_or_more_displays.htm=>(JAVASCRIPT 4)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_change_the_display_order.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_change_the_display_order.htm=>(JAVASCRIPT 1)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_change_the_display_order.htm=>(JAVASCRIPT 2)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_change_the_display_order.htm=>(JAVASCRIPT 3)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_change_the_display_order.htm=>(JAVASCRIPT 4)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_change_the_display_on_which_your_Windows_taskbar_appears.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_change_the_display_on_which_your_Windows_taskbar_appears.htm=>(JAVASCRIPT 1)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_change_the_display_on_which_your_Windows_taskbar_appears.htm=>(JAVASCRIPT 2)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_change_the_display_on_which_your_Windows_taskbar_appears.htm=>(JAVASCRIPT 3)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_change_the_display_on_which_your_Windows_taskbar_appears.htm=>(JAVASCRIPT 4)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_always_play_video_on_a_selected_display.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_always_play_video_on_a_selected_display.htm=>(JAVASCRIPT 1)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_always_play_video_on_a_selected_display.htm=>(JAVASCRIPT 2)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_always_play_video_on_a_selected_display.htm=>(JAVASCRIPT 3)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_always_play_video_on_a_selected_display.htm=>(JAVASCRIPT 4)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_use_multiple_displays_to_increase_your_desktop_size.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_use_multiple_displays_to_increase_your_desktop_size.htm=>(JAVASCRIPT 1)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_use_multiple_displays_to_increase_your_desktop_size.htm=>(JAVASCRIPT 2)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_use_multiple_displays_to_increase_your_desktop_size.htm=>(JAVASCRIPT 3)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_use_multiple_displays_to_increase_your_desktop_size.htm=>(JAVASCRIPT 4)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_adjust_the_brightness_of_mid_tones_on_your_desktop.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_adjust_the_brightness_of_mid_tones_on_your_desktop.htm=>(JAVASCRIPT 1)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_adjust_the_brightness_of_mid_tones_on_your_desktop.htm=>(JAVASCRIPT 2)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_adjust_the_brightness_of_mid_tones_on_your_desktop.htm=>(JAVASCRIPT 3)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_adjust_the_brightness_of_mid_tones_on_your_desktop.htm=>(JAVASCRIPT 4)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_improve_the_sharpness_of_images_on_your_desktop.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_improve_the_sharpness_of_images_on_your_desktop.htm=>(JAVASCRIPT 1)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_improve_the_sharpness_of_images_on_your_desktop.htm=>(JAVASCRIPT 2)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_improve_the_sharpness_of_images_on_your_desktop.htm=>(JAVASCRIPT 3)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_improve_the_sharpness_of_images_on_your_desktop.htm=>(JAVASCRIPT 4)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/Screen_Position.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/Screen_Position.htm=>(JAVASCRIPT 1)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/Screen_Position.htm=>(JAVASCRIPT 2)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/Screen_Position.htm=>(JAVASCRIPT 3)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/Screen_Position.htm=>(JAVASCRIPT 4)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_resize_the_HDTV_desktop.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_resize_the_HDTV_desktop.htm=>(JAVASCRIPT 1)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_resize_the_HDTV_desktop.htm=>(JAVASCRIPT 2)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_resize_the_HDTV_desktop.htm=>(JAVASCRIPT 3)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_resize_the_HDTV_desktop.htm=>(JAVASCRIPT 4)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_adjust_the_HDTV_screen_position.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_adjust_the_HDTV_screen_position.htm=>(JAVASCRIPT 1)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_adjust_the_HDTV_screen_position.htm=>(JAVASCRIPT 2)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_adjust_the_HDTV_screen_position.htm=>(JAVASCRIPT 3)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_adjust_the_HDTV_screen_position.htm=>(JAVASCRIPT 4)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/Adjust_Screen_Position_How_do_I.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/Adjust_Screen_Position_How_do_I.htm=>(JAVASCRIPT 1)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/Adjust_Screen_Position_How_do_I.htm=>(JAVASCRIPT 2)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/Adjust_Screen_Position_How_do_I.htm=>(JAVASCRIPT 3)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/Adjust_Screen_Position_How_do_I.htm=>(JAVASCRIPT 4)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_center_or_move_your_screen_position.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_center_or_move_your_screen_position.htm=>(JAVASCRIPT 1)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_center_or_move_your_screen_position.htm=>(JAVASCRIPT 2)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_center_or_move_your_screen_position.htm=>(JAVASCRIPT 3)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_center_or_move_your_screen_position.htm=>(JAVASCRIPT 4)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/#SYSTEM
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/Adjust_Color_Image_Settings_How_do_I.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/Adjust_Color_Image_Settings_How_do_I.htm=>(JAVASCRIPT 1)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/Adjust_Color_Image_Settings_How_do_I.htm=>(JAVASCRIPT 2)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/Adjust_Color_Image_Settings_How_do_I.htm=>(JAVASCRIPT 3)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/Adjust_Color_Image_Settings_How_do_I.htm=>(JAVASCRIPT 4)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_make_your_desktop_brighter.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_make_your_desktop_brighter.htm=>(JAVASCRIPT 1)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_make_your_desktop_brighter.htm=>(JAVASCRIPT 2)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_make_your_desktop_brighter.htm=>(JAVASCRIPT 3)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_make_your_desktop_brighter.htm=>(JAVASCRIPT 4)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/Change_Resolution_Attributes_How_do_I.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/Change_Resolution_Attributes_How_do_I.htm=>(JAVASCRIPT 1)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/Change_Resolution_Attributes_How_do_I.htm=>(JAVASCRIPT 2)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/Change_Resolution_Attributes_How_do_I.htm=>(JAVASCRIPT 3)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/Change_Resolution_Attributes_How_do_I.htm=>(JAVASCRIPT 4)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/CS_Change_Resolution.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/CS_Change_Resolution.htm=>(JAVASCRIPT 1)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/CS_Change_Resolution.htm=>(JAVASCRIPT 2)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/CS_Change_Resolution.htm=>(JAVASCRIPT 3)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/CS_Change_Resolution.htm=>(JAVASCRIPT 4)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_reduce_the_amount_of_flicker_on_your_screen.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_reduce_the_amount_of_flicker_on_your_screen.htm=>(JAVASCRIPT 1)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_reduce_the_amount_of_flicker_on_your_screen.htm=>(JAVASCRIPT 2)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_reduce_the_amount_of_flicker_on_your_screen.htm=>(JAVASCRIPT 3)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_reduce_the_amount_of_flicker_on_your_screen.htm=>(JAVASCRIPT 4)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_show_more_or_fewer_colors_on_your_desktop.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_show_more_or_fewer_colors_on_your_desktop.htm=>(JAVASCRIPT 1)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_show_more_or_fewer_colors_on_your_desktop.htm=>(JAVASCRIPT 2)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_show_more_or_fewer_colors_on_your_desktop.htm=>(JAVASCRIPT 3)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_show_more_or_fewer_colors_on_your_desktop.htm=>(JAVASCRIPT 4)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/Color_Settings.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/Color_Settings.htm=>(JAVASCRIPT 1)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/Color_Settings.htm=>(JAVASCRIPT 2)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/Color_Settings.htm=>(JAVASCRIPT 3)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/Color_Settings.htm=>(JAVASCRIPT 4)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_show_display_modes_not_supported_by_your_display.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_show_display_modes_not_supported_by_your_display.htm=>(JAVASCRIPT 1)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_show_display_modes_not_supported_by_your_display.htm=>(JAVASCRIPT 2)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_show_display_modes_not_supported_by_your_display.htm=>(JAVASCRIPT 3)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_show_display_modes_not_supported_by_your_display.htm=>(JAVASCRIPT 4)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_adjust_the_contrast_on_your_desktop.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_adjust_the_contrast_on_your_desktop.htm=>(JAVASCRIPT 1)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_adjust_the_contrast_on_your_desktop.htm=>(JAVASCRIPT 2)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_adjust_the_contrast_on_your_desktop.htm=>(JAVASCRIPT 3)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_adjust_the_contrast_on_your_desktop.htm=>(JAVASCRIPT 4)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_adjust_your_screen_resolution.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_adjust_your_screen_resolution.htm=>(JAVASCRIPT 1)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_adjust_your_screen_resolution.htm=>(JAVASCRIPT 2)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_adjust_your_screen_resolution.htm=>(JAVASCRIPT 3)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_adjust_your_screen_resolution.htm=>(JAVASCRIPT 4)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_adjust_the_brightness_of_mid_tones_on_your_desktop.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_adjust_the_brightness_of_mid_tones_on_your_desktop.htm=>(JAVASCRIPT 1)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_adjust_the_brightness_of_mid_tones_on_your_desktop.htm=>(JAVASCRIPT 2)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_adjust_the_brightness_of_mid_tones_on_your_desktop.htm=>(JAVASCRIPT 3)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_adjust_the_brightness_of_mid_tones_on_your_desktop.htm=>(JAVASCRIPT 4)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_adjust_the_color_settings_using_a_color_correction_graph.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_adjust_the_color_settings_using_a_color_correction_graph.htm=>(JAVASCRIPT 1)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_adjust_the_color_settings_using_a_color_correction_graph.htm=>(JAVASCRIPT 2)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_adjust_the_color_settings_using_a_color_correction_graph.htm=>(JAVASCRIPT 3)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_adjust_the_color_settings_using_a_color_correction_graph.htm=>(JAVASCRIPT 4)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_compensate_for_poor_lighting_conditions.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_compensate_for_poor_lighting_conditions.htm=>(JAVASCRIPT 1)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_compensate_for_poor_lighting_conditions.htm=>(JAVASCRIPT 2)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_compensate_for_poor_lighting_conditions.htm=>(JAVASCRIPT 3)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_compensate_for_poor_lighting_conditions.htm=>(JAVASCRIPT 4)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_use_Digital_Vibrance_to_make_your_desktop_colors_richer.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_use_Digital_Vibrance_to_make_your_desktop_colors_richer.htm=>(JAVASCRIPT 1)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_use_Digital_Vibrance_to_make_your_desktop_colors_richer.htm=>(JAVASCRIPT 2)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_use_Digital_Vibrance_to_make_your_desktop_colors_richer.htm=>(JAVASCRIPT 3)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_use_Digital_Vibrance_to_make_your_desktop_colors_richer.htm=>(JAVASCRIPT 4)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/nView_Display_Mode_How_do_I.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/nView_Display_Mode_How_do_I.htm=>(JAVASCRIPT 1)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/nView_Display_Mode_How_do_I.htm=>(JAVASCRIPT 2)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/nView_Display_Mode_How_do_I.htm=>(JAVASCRIPT 3)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/nView_Display_Mode_How_do_I.htm=>(JAVASCRIPT 4)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_always_play_video_on_a_selected_display.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_always_play_video_on_a_selected_display.htm=>(JAVASCRIPT 1)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_always_play_video_on_a_selected_display.htm=>(JAVASCRIPT 2)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_always_play_video_on_a_selected_display.htm=>(JAVASCRIPT 3)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_always_play_video_on_a_selected_display.htm=>(JAVASCRIPT 4)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_use_multiple_displays_to_increase_your_desktop_size.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_use_multiple_displays_to_increase_your_desktop_size.htm=>(JAVASCRIPT 1)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_use_multiple_displays_to_increase_your_desktop_size.htm=>(JAVASCRIPT 2)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_use_multiple_displays_to_increase_your_desktop_size.htm=>(JAVASCRIPT 3)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_use_multiple_displays_to_increase_your_desktop_size.htm=>(JAVASCRIPT 4)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_stretch_the_desktop_across_both_displays.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_stretch_the_desktop_across_both_displays.htm=>(JAVASCRIPT 1)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_stretch_the_desktop_across_both_displays.htm=>(JAVASCRIPT 2)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_stretch_the_desktop_across_both_displays.htm=>(JAVASCRIPT 3)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_stretch_the_desktop_across_both_displays.htm=>(JAVASCRIPT 4)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_show_the_same_information_on_both_displays.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_show_the_same_information_on_both_displays.htm=>(JAVASCRIPT 1)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_show_the_same_information_on_both_displays.htm=>(JAVASCRIPT 2)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_show_the_same_information_on_both_displays.htm=>(JAVASCRIPT 3)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_show_the_same_information_on_both_displays.htm=>(JAVASCRIPT 4)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_use_more_than_one_display.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_use_more_than_one_display.htm=>(JAVASCRIPT 1)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_use_more_than_one_display.htm=>(JAVASCRIPT 2)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_use_more_than_one_display.htm=>(JAVASCRIPT 3)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_use_more_than_one_display.htm=>(JAVASCRIPT 4)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_rename_one_or_more_displays.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_rename_one_or_more_displays.htm=>(JAVASCRIPT 1)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_rename_one_or_more_displays.htm=>(JAVASCRIPT 2)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_rename_one_or_more_displays.htm=>(JAVASCRIPT 3)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_rename_one_or_more_displays.htm=>(JAVASCRIPT 4)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_change_the_display_order.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_change_the_display_order.htm=>(JAVASCRIPT 1)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_change_the_display_order.htm=>(JAVASCRIPT 2)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_change_the_display_order.htm=>(JAVASCRIPT 3)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_change_the_display_order.htm=>(JAVASCRIPT 4)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_change_the_display_on_which_your_Windows_taskbar_appears.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_change_the_display_on_which_your_Windows_taskbar_appears.htm=>(JAVASCRIPT 1)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_change_the_display_on_which_your_Windows_taskbar_appears.htm=>(JAVASCRIPT 2)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_change_the_display_on_which_your_Windows_taskbar_appears.htm=>(JAVASCRIPT 3)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_change_the_display_on_which_your_Windows_taskbar_appears.htm=>(JAVASCRIPT 4)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_improve_the_sharpness_of_images_on_your_desktop.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_improve_the_sharpness_of_images_on_your_desktop.htm=>(JAVASCRIPT 1)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_improve_the_sharpness_of_images_on_your_desktop.htm=>(JAVASCRIPT 2)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_improve_the_sharpness_of_images_on_your_desktop.htm=>(JAVASCRIPT 3)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_improve_the_sharpness_of_images_on_your_desktop.htm=>(JAVASCRIPT 4)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/Screen_Position.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/Screen_Position.htm=>(JAVASCRIPT 1)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/Screen_Position.htm=>(JAVASCRIPT 2)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/Screen_Position.htm=>(JAVASCRIPT 3)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/Screen_Position.htm=>(JAVASCRIPT 4)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_resize_the_HDTV_desktop.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_resize_the_HDTV_desktop.htm=>(JAVASCRIPT 1)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_resize_the_HDTV_desktop.htm=>(JAVASCRIPT 2)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_resize_the_HDTV_desktop.htm=>(JAVASCRIPT 3)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_resize_the_HDTV_desktop.htm=>(JAVASCRIPT 4)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_adjust_the_HDTV_screen_position.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_adjust_the_HDTV_screen_position.htm=>(JAVASCRIPT 1)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_adjust_the_HDTV_screen_position.htm=>(JAVASCRIPT 2)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_adjust_the_HDTV_screen_position.htm=>(JAVASCRIPT 3)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_adjust_the_HDTV_screen_position.htm=>(JAVASCRIPT 4)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/Adjust_Screen_Position_How_do_I.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/Adjust_Screen_Position_How_do_I.htm=>(JAVASCRIPT 1)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/Adjust_Screen_Position_How_do_I.htm=>(JAVASCRIPT 2)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/Adjust_Screen_Position_How_do_I.htm=>(JAVASCRIPT 3)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/Adjust_Screen_Position_How_do_I.htm=>(JAVASCRIPT 4)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_center_or_move_your_screen_position.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_center_or_move_your_screen_position.htm=>(JAVASCRIPT 1)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_center_or_move_your_screen_position.htm=>(JAVASCRIPT 2)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_center_or_move_your_screen_position.htm=>(JAVASCRIPT 3)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_center_or_move_your_screen_position.htm=>(JAVASCRIPT 4)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/#SYSTEM
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/Adjust_Color_Image_Settings_How_do_I.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/Adjust_Color_Image_Settings_How_do_I.htm=>(JAVASCRIPT 1)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/Adjust_Color_Image_Settings_How_do_I.htm=>(JAVASCRIPT 2)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/Adjust_Color_Image_Settings_How_do_I.htm=>(JAVASCRIPT 3)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/Adjust_Color_Image_Settings_How_do_I.htm=>(JAVASCRIPT 4)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_make_your_desktop_brighter.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_make_your_desktop_brighter.htm=>(JAVASCRIPT 1)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_make_your_desktop_brighter.htm=>(JAVASCRIPT 2)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_make_your_desktop_brighter.htm=>(JAVASCRIPT 3)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_make_your_desktop_brighter.htm=>(JAVASCRIPT 4)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/Change_Resolution_Attributes_How_do_I.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/Change_Resolution_Attributes_How_do_I.htm=>(JAVASCRIPT 1)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/Change_Resolution_Attributes_How_do_I.htm=>(JAVASCRIPT 2)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/Change_Resolution_Attributes_How_do_I.htm=>(JAVASCRIPT 3)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/Change_Resolution_Attributes_How_do_I.htm=>(JAVASCRIPT 4)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/CS_Change_Resolution.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/CS_Change_Resolution.htm=>(JAVASCRIPT 1)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/CS_Change_Resolution.htm=>(JAVASCRIPT 2)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/CS_Change_Resolution.htm=>(JAVASCRIPT 3)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/CS_Change_Resolution.htm=>(JAVASCRIPT 4)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_reduce_the_amount_of_flicker_on_your_screen.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_reduce_the_amount_of_flicker_on_your_screen.htm=>(JAVASCRIPT 1)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_reduce_the_amount_of_flicker_on_your_screen.htm=>(JAVASCRIPT 2)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_reduce_the_amount_of_flicker_on_your_screen.htm=>(JAVASCRIPT 3)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_reduce_the_amount_of_flicker_on_your_screen.htm=>(JAVASCRIPT 4)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_show_more_or_fewer_colors_on_your_desktop.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_show_more_or_fewer_colors_on_your_desktop.htm=>(JAVASCRIPT 1)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_show_more_or_fewer_colors_on_your_desktop.htm=>(JAVASCRIPT 2)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_show_more_or_fewer_colors_on_your_desktop.htm=>(JAVASCRIPT 3)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_show_more_or_fewer_colors_on_your_desktop.htm=>(JAVASCRIPT 4)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/Color_Settings.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/Color_Settings.htm=>(JAVASCRIPT 1)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/Color_Settings.htm=>(JAVASCRIPT 2)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/Color_Settings.htm=>(JAVASCRIPT 3)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/Color_Settings.htm=>(JAVASCRIPT 4)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_show_display_modes_not_supported_by_your_display.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_show_display_modes_not_supported_by_your_display.htm=>(JAVASCRIPT 1)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_show_display_modes_not_supported_by_your_display.htm=>(JAVASCRIPT 2)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_show_display_modes_not_supported_by_your_display.htm=>(JAVASCRIPT 3)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_show_display_modes_not_supported_by_your_display.htm=>(JAVASCRIPT 4)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_adjust_the_contrast_on_your_desktop.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_adjust_the_contrast_on_your_desktop.htm=>(JAVASCRIPT 1)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_adjust_the_contrast_on_your_desktop.htm=>(JAVASCRIPT 2)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_adjust_the_contrast_on_your_desktop.htm=>(JAVASCRIPT 3)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_adjust_the_contrast_on_your_desktop.htm=>(JAVASCRIPT 4)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_adjust_your_screen_resolution.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_adjust_your_screen_resolution.htm=>(JAVASCRIPT 1)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_adjust_your_screen_resolution.htm=>(JAVASCRIPT 2)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_adjust_your_screen_resolution.htm=>(JAVASCRIPT 3)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_adjust_your_screen_resolution.htm=>(JAVASCRIPT 4)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_adjust_the_brightness_of_mid_tones_on_your_desktop.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_adjust_the_brightness_of_mid_tones_on_your_desktop.htm=>(JAVASCRIPT 1)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_adjust_the_brightness_of_mid_tones_on_your_desktop.htm=>(JAVASCRIPT 2)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_adjust_the_brightness_of_mid_tones_on_your_desktop.htm=>(JAVASCRIPT 3)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_adjust_the_brightness_of_mid_tones_on_your_desktop.htm=>(JAVASCRIPT 4)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_adjust_the_color_settings_using_a_color_correction_graph.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_adjust_the_color_settings_using_a_color_correction_graph.htm=>(JAVASCRIPT 1)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_adjust_the_color_settings_using_a_color_correction_graph.htm=>(JAVASCRIPT 2)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_adjust_the_color_settings_using_a_color_correction_graph.htm=>(JAVASCRIPT 3)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_adjust_the_color_settings_using_a_color_correction_graph.htm=>(JAVASCRIPT 4)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_compensate_for_poor_lighting_conditions.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_compensate_for_poor_lighting_conditions.htm=>(JAVASCRIPT 1)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_compensate_for_poor_lighting_conditions.htm=>(JAVASCRIPT 2)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_compensate_for_poor_lighting_conditions.htm=>(JAVASCRIPT 3)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_compensate_for_poor_lighting_conditions.htm=>(JAVASCRIPT 4)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_use_Digital_Vibrance_to_make_your_desktop_colors_richer.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_use_Digital_Vibrance_to_make_your_desktop_colors_richer.htm=>(JAVASCRIPT 1)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_use_Digital_Vibrance_to_make_your_desktop_colors_richer.htm=>(JAVASCRIPT 2)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_use_Digital_Vibrance_to_make_your_desktop_colors_richer.htm=>(JAVASCRIPT 3)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_use_Digital_Vibrance_to_make_your_desktop_colors_richer.htm=>(JAVASCRIPT 4)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/nView_Display_Mode_How_do_I.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/nView_Display_Mode_How_do_I.htm=>(JAVASCRIPT 1)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/nView_Display_Mode_How_do_I.htm=>(JAVASCRIPT 2)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/nView_Display_Mode_How_do_I.htm=>(JAVASCRIPT 3)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/nView_Display_Mode_How_do_I.htm=>(JAVASCRIPT 4)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_always_play_video_on_a_selected_display.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_always_play_video_on_a_selected_display.htm=>(JAVASCRIPT 1)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_always_play_video_on_a_selected_display.htm=>(JAVASCRIPT 2)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_always_play_video_on_a_selected_display.htm=>(JAVASCRIPT 3)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_always_play_video_on_a_selected_display.htm=>(JAVASCRIPT 4)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_use_multiple_displays_to_increase_your_desktop_size.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_use_multiple_displays_to_increase_your_desktop_size.htm=>(JAVASCRIPT 1)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_use_multiple_displays_to_increase_your_desktop_size.htm=>(JAVASCRIPT 2)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_use_multiple_displays_to_increase_your_desktop_size.htm=>(JAVASCRIPT 3)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_use_multiple_displays_to_increase_your_desktop_size.htm=>(JAVASCRIPT 4)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_stretch_the_desktop_across_both_displays.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_stretch_the_desktop_across_both_displays.htm=>(JAVASCRIPT 1)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_stretch_the_desktop_across_both_displays.htm=>(JAVASCRIPT 2)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_stretch_the_desktop_across_both_displays.htm=>(JAVASCRIPT 3)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_stretch_the_desktop_across_both_displays.htm=>(JAVASCRIPT 4)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_show_the_same_information_on_both_displays.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_show_the_same_information_on_both_displays.htm=>(JAVASCRIPT 1)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_show_the_same_information_on_both_displays.htm=>(JAVASCRIPT 2)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_show_the_same_information_on_both_displays.htm=>(JAVASCRIPT 3)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_show_the_same_information_on_both_displays.htm=>(JAVASCRIPT 4)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_use_more_than_one_display.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_use_more_than_one_display.htm=>(JAVASCRIPT 1)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_use_more_than_one_display.htm=>(JAVASCRIPT 2)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_use_more_than_one_display.htm=>(JAVASCRIPT 3)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_use_more_than_one_display.htm=>(JAVASCRIPT 4)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_rename_one_or_more_displays.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_rename_one_or_more_displays.htm=>(JAVASCRIPT 1)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_rename_one_or_more_displays.htm=>(JAVASCRIPT 2)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_rename_one_or_more_displays.htm=>(JAVASCRIPT 3)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_rename_one_or_more_displays.htm=>(JAVASCRIPT 4)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_change_the_display_order.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_change_the_display_order.htm=>(JAVASCRIPT 1)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_change_the_display_order.htm=>(JAVASCRIPT 2)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_change_the_display_order.htm=>(JAVASCRIPT 3)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_change_the_display_order.htm=>(JAVASCRIPT 4)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_change_the_display_on_which_your_Windows_taskbar_appears.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_change_the_display_on_which_your_Windows_taskbar_appears.htm=>(JAVASCRIPT 1)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_change_the_display_on_which_your_Windows_taskbar_appears.htm=>(JAVASCRIPT 2)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_change_the_display_on_which_your_Windows_taskbar_appears.htm=>(JAVASCRIPT 3)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_change_the_display_on_which_your_Windows_taskbar_appears.htm=>(JAVASCRIPT 4)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_improve_the_sharpness_of_images_on_your_desktop.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_improve_the_sharpness_of_images_on_your_desktop.htm=>(JAVASCRIPT 1)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_improve_the_sharpness_of_images_on_your_desktop.htm=>(JAVASCRIPT 2)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_improve_the_sharpness_of_images_on_your_desktop.htm=>(JAVASCRIPT 3)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_improve_the_sharpness_of_images_on_your_desktop.htm=>(JAVASCRIPT 4)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/Screen_Position.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/Screen_Position.htm=>(JAVASCRIPT 1)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/Screen_Position.htm=>(JAVASCRIPT 2)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/Screen_Position.htm=>(JAVASCRIPT 3)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/Screen_Position.htm=>(JAVASCRIPT 4)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_resize_the_HDTV_desktop.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_resize_the_HDTV_desktop.htm=>(JAVASCRIPT 1)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_resize_the_HDTV_desktop.htm=>(JAVASCRIPT 2)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_resize_the_HDTV_desktop.htm=>(JAVASCRIPT 3)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_resize_the_HDTV_desktop.htm=>(JAVASCRIPT 4)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_adjust_the_HDTV_screen_position.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_adjust_the_HDTV_screen_position.htm=>(JAVASCRIPT 1)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_adjust_the_HDTV_screen_position.htm=>(JAVASCRIPT 2)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_adjust_the_HDTV_screen_position.htm=>(JAVASCRIPT 3)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_adjust_the_HDTV_screen_position.htm=>(JAVASCRIPT 4)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/Adjust_Screen_Position_How_do_I.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/Adjust_Screen_Position_How_do_I.htm=>(JAVASCRIPT 1)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/Adjust_Screen_Position_How_do_I.htm=>(JAVASCRIPT 2)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/Adjust_Screen_Position_How_do_I.htm=>(JAVASCRIPT 3)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/Adjust_Screen_Position_How_do_I.htm=>(JAVASCRIPT 4)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_center_or_move_your_screen_position.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_center_or_move_your_screen_position.htm=>(JAVASCRIPT 1)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_center_or_move_your_screen_position.htm=>(JAVASCRIPT 2)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_center_or_move_your_screen_position.htm=>(JAVASCRIPT 3)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_center_or_move_your_screen_position.htm=>(JAVASCRIPT 4)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHT.chm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHT.chm=>/#SYSTEM
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHT.chm=>/Adjust_Color_Image_Settings_How_do_I.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHT.chm=>/Adjust_Color_Image_Settings_How_do_I.htm=>(JAVASCRIPT 1)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHT.chm=>/Adjust_Color_Image_Settings_How_do_I.htm=>(JAVASCRIPT 2)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHT.chm=>/Adjust_Color_Image_Settings_How_do_I.htm=>(JAVASCRIPT 3)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHT.chm=>/Adjust_Color_Image_Settings_How_do_I.htm=>(JAVASCRIPT 4)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHT.chm=>/To_make_your_desktop_brighter.htm
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHT.chm=>/To_make_your_desktop_brighter.htm=>(JAVASCRIPT 1)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvdspCHT.chm=>/To_make_your_desktop_brighter.htm=>(JAVASCRIPT 2)
Nettoyé

C:\NVIDIA\WinVista\97.46\nvds

Répondre à calim76560

juste pour dire, j'ai n'ai plus de pubs qui s'affichent, plus la barre dans intrnet explorer, et en réactivant antivir, plus de message non plus.
Plutot un bonne nouvelle, ça fait plaisir!!

Répondre à calim76560

:hello: Bonjour,

Refais un scan avec combofix et poste-moi le rapport généré que je m'assure que c'est effectivement bien propre :super:

------------------------------ Prière de signaler si vous vous faites déjà aider sur un autre forum ou dans un autre topic.

Sécurité / Prévention
Répondre à Egwene

voici le rapport que tu m'as demandé:
ComboFix 08-04-24.1 - fredo 2008-04-27 12:08:47.4 - NTFSx86
Running from: C:\Users\fredo\Desktop\ComboFix.exe
.

((((((((((((((((((((((((( Files Created from 2008-03-27 to 2008-04-27 )))))))))))))))))))))))))))))))
.

2008-04-27 12:06 . 2008-04-27 12:07 <REP> d-------- C:\327882R2FWJFW
2008-04-27 11:11 . 2008-04-27 11:11 <REP> d-------- C:\Program Files\Avira
2008-04-26 19:59 . 2008-04-26 19:59 <REP> d-------- C:\Deckard
2008-04-26 17:32 . 2008-04-26 17:33 <REP> d-------- C:\Windows\nvtmpinst
2008-04-26 15:19 . 2008-04-26 15:36 <REP> d-------- C:\Program Files\Navilog1
2008-04-26 15:18 . 2008-04-26 15:18 <REP> d-------- C:\Program Files\Spybot - Search & Destroy
2008-04-26 14:11 . 2008-04-26 14:11 1,017 --a------ C:\Windows\ST5UNST.000
2008-04-25 19:46 . 2008-04-25 19:46 <REP> d-------- C:\Users\fredo\AppData\Roaming\Download Manager
2008-04-25 19:34 . 2008-04-25 19:34 <REP> d-------- C:\Program Files\Trend Micro
2008-04-24 20:11 . 2008-04-24 20:16 <REP> d-------- C:\Program Files\Norton Security Scan
2008-04-24 18:25 . 2008-04-24 18:25 <REP> d-------- C:\Windows\System32\Kaspersky Lab
2008-04-22 21:02 . 2008-04-22 21:02 <REP> d-------- C:\Program Files\CASIO
2008-04-22 21:02 . 2008-04-23 12:42 483 --a------ C:\Windows\FXIWIN.INI
2008-04-19 11:13 . 2008-04-19 11:13 <REP> d-------- C:\Program Files\DAEMON Tools
2008-04-18 22:07 . 2008-04-27 11:11 <REP> d-------- C:\Users\All Users\Avira
2008-04-18 22:07 . 2008-04-27 11:11 <REP> d-------- C:\ProgramData\Avira
2008-04-13 17:23 . 2008-04-13 17:23 <REP> d-------- C:\Users\autre\AppData\Roaming\PlayFirst
2008-04-10 18:01 . 2008-04-10 18:01 <REP> dr------- C:\Users\autre\Searches
2008-04-10 18:01 . 2008-04-10 18:01 <REP> d-------- C:\Users\autre\AppData\Roaming\Nero
2008-04-10 18:00 . 2008-04-10 18:01 <REP> dr------- C:\Users\autre\Videos
2008-04-10 18:00 . 2008-04-13 16:17 <REP> dr------- C:\Users\autre\Saved Games
2008-04-10 18:00 . 2008-04-10 18:01 <REP> dr------- C:\Users\autre\Pictures
2008-04-10 18:00 . 2008-04-10 18:01 <REP> dr------- C:\Users\autre\Music
2008-04-10 18:00 . 2008-04-10 18:01 <REP> dr------- C:\Users\autre\Links
2008-04-10 18:00 . 2008-04-13 17:22 <REP> dr------- C:\Users\autre\Downloads
2008-04-10 18:00 . 2008-04-10 18:04 <REP> dr------- C:\Users\autre\Documents
2008-04-10 18:00 . 2008-04-10 18:00 <REP> dr------- C:\Users\autre\Contacts
2008-04-10 18:00 . 2006-11-02 14:35 <REP> d-------- C:\Users\autre\AppData\Roaming\Media Center Programs
2008-04-10 18:00 . 2008-04-10 18:01 <REP> d--h----- C:\Users\autre\AppData
2008-04-10 18:00 . 2008-04-10 18:01 <REP> d-------- C:\Users\autre
2008-04-10 18:00 . 2008-04-10 18:05 524,288 --ahs---- C:\Users\autre\NTUSER.DAT{0f69446d-6a70-11db-8eb3-985e31beb686}.TMContainer00000000000000000002.regtrans-ms
2008-04-10 18:00 . 2008-04-10 18:05 524,288 --ahs---- C:\Users\autre\NTUSER.DAT{0f69446d-6a70-11db-8eb3-985e31beb686}.TMContainer00000000000000000001.regtrans-ms
2008-04-10 18:00 . 2008-04-26 17:04 262,144 --ah----- C:\Users\autre\ntuser.dat.LOG1
2008-04-10 18:00 . 2008-04-10 18:05 65,536 --ahs---- C:\Users\autre\NTUSER.DAT{0f69446d-6a70-11db-8eb3-985e31beb686}.TM.blf
2008-04-10 18:00 . 2008-04-10 18:00 0 --ah----- C:\Users\autre\ntuser.dat.LOG2
2008-04-09 10:09 . 2008-02-15 01:19 944,184 --a------ C:\Windows\System32\winload.exe
2008-04-09 10:09 . 2008-02-19 07:10 620,088 --a------ C:\Windows\System32\ci.dll
2008-04-09 10:09 . 2008-02-29 08:39 371,712 --a------ C:\Windows\System32\srcore.dll
2008-04-09 10:09 . 2008-02-29 08:38 313,856 --a------ C:\Windows\System32\rstrui.exe
2008-04-09 10:09 . 2008-02-29 08:39 40,960 --a------ C:\Windows\System32\srclient.dll
2008-04-09 10:09 . 2008-02-29 08:51 19,000 --a------ C:\Windows\System32\kd1394.dll
2008-04-09 10:09 . 2008-02-29 08:38 16,384 --a------ C:\Windows\System32\srdelayed.exe
2008-04-09 10:09 . 2008-02-29 08:34 7,168 --a------ C:\Windows\System32\f3ahvoas.dll
2008-04-09 10:09 . 2008-02-29 08:35 6,656 --a------ C:\Windows\System32\kbd106n.dll
2008-04-09 10:06 . 2008-02-21 02:53 1,383,424 --a------ C:\Windows\System32\mshtml.tlb
2008-04-09 09:59 . 2008-02-21 06:43 296,448 --a------ C:\Windows\System32\gdi32.dll
2008-04-09 09:58 . 2007-12-16 13:42 83,968 --a------ C:\Windows\System32\dnsrslvr.dll
2008-04-09 09:58 . 2007-12-16 13:41 24,576 --a------ C:\Windows\System32\dnscacheugc.exe
2008-04-02 14:55 . 2008-04-02 14:55 <REP> d-------- C:\Users\fredo\AppData\Roaming\DAEMON Tools
2008-03-27 20:25 . 2008-03-03 15:05 1,086,952 --a------ C:\Windows\System32\zpeng24.dll
2008-03-27 20:25 . 2008-03-03 15:06 279,440 --a------ C:\Windows\System32\drivers\vsdatant.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-27 06:59 352,614 ---ha-w C:\Windows\system32\drivers\vsconfig.xml
2008-04-26 15:26 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-04-26 15:18 43,520 ----a-w C:\Windows\System32\CmdLineExt03.dll
2008-04-26 13:18 --------- d-----w C:\ProgramData\Spybot - Search & Destroy
2008-04-26 07:11 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-04-23 12:59 --------- d-----w C:\Program Files\eMule
2008-04-13 16:13 --------- d---a-w C:\ProgramData\TEMP
2008-04-13 15:23 --------- d-----w C:\ProgramData\PlayFirst
2008-04-11 08:26 --------- d-----w C:\Program Files\Windows Mail
2008-04-11 08:24 --------- d-----w C:\ProgramData\Microsoft Help
2008-04-05 12:18 --------- d-----w C:\Program Files\IVCsoft
2008-04-02 12:55 717,296 ----a-w C:\Windows\system32\drivers\sptd.sys
2008-03-24 15:36 --------- d-----w C:\Users\fredo\AppData\Roaming\DivX
2008-03-24 15:08 --------- d-----w C:\Program Files\DivX
2008-03-07 17:18 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-03-07 17:14 --------- d-----w C:\Program Files\Windows Live Toolbar
2008-03-06 17:37 --------- d-----w C:\Program Files\Windows Live
2008-03-05 13:46 --------- d-----w C:\Users\paul\AppData\Roaming\Home Sweet Home
2008-03-05 10:57 --------- d-----w C:\ProgramData\WLInstaller
2008-03-05 10:51 --------- d-----w C:\Program Files\Microsoft SQL Server Compact Edition
2008-03-05 10:45 --------- dcsh--w C:\Program Files\Common Files\WindowsLiveInstaller
2008-03-03 13:05 54,672 ----a-w C:\Windows\System32\vsutil_loc040c.dll
2008-02-29 04:16 2,027,008 ----a-w C:\Windows\System32\win32k.sys
2008-02-21 04:43 826,368 ----a-w C:\Windows\System32\wininet.dll
2008-02-21 04:43 56,320 ----a-w C:\Windows\System32\iesetup.dll
2008-02-21 04:43 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
2008-02-21 04:43 26,624 ----a-w C:\Windows\System32\ieUnatt.exe
2008-02-21 02:05 524,288 ----a-w C:\Windows\System32\DivXsm.exe
2008-02-21 02:05 3,596,288 ----a-w C:\Windows\System32\qt-dx331.dll
2008-02-21 02:05 200,704 ----a-w C:\Windows\System32\ssldivx.dll
2008-02-21 02:05 1,044,480 ----a-w C:\Windows\System32\libdivx.dll
2008-02-21 02:04 823,296 ----a-w C:\Windows\System32\divx_xx0c.dll
2008-02-21 02:04 823,296 ----a-w C:\Windows\System32\divx_xx07.dll
2008-02-21 02:04 81,920 ----a-w C:\Windows\System32\dpl100.dll
2008-02-21 02:04 802,816 ----a-w C:\Windows\System32\divx_xx11.dll
2008-02-21 02:04 682,496 ----a-w C:\Windows\System32\DivX.dll
2008-02-21 02:04 593,920 ----a-w C:\Windows\System32\dpuGUI11.dll
2008-02-21 02:04 57,344 ----a-w C:\Windows\System32\dpv11.dll
2008-02-21 02:04 53,248 ----a-w C:\Windows\System32\dpuGUI10.dll
2008-02-21 02:04 344,064 ----a-w C:\Windows\System32\dpus11.dll
2008-02-21 02:04 294,912 ----a-w C:\Windows\System32\dpu11.dll
2008-02-21 02:04 294,912 ----a-w C:\Windows\System32\dpu10.dll
2008-02-21 02:04 196,608 ----a-w C:\Windows\System32\dtu100.dll
2008-02-21 02:03 156,992 ----a-w C:\Windows\System32\DivXCodecVersionChecker.exe
2008-02-21 02:03 12,288 ----a-w C:\Windows\System32\DivXWMPExtType.dll
2008-02-13 13:37 194,560 ----a-w C:\Windows\System32\WebClnt.dll
2008-02-13 13:31 3,504,696 ----a-w C:\Windows\System32\ntkrnlpa.exe
2008-02-13 13:31 3,470,392 ----a-w C:\Windows\System32\ntoskrnl.exe
2008-02-13 13:29 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
2008-02-13 13:29 449,536 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-02-13 13:29 4,247,552 ----a-w C:\Windows\System32\GameUXLegacyGDFs.dll
2008-02-13 13:29 24,064 ----a-w C:\Windows\System32\netcfg.exe
2008-02-13 13:29 22,016 ----a-w C:\Windows\System32\netiougc.exe
2008-02-13 13:29 2,560 ----a-w C:\Windows\AppPatch\AcRes.dll
2008-02-13 13:29 2,144,256 ----a-w C:\Windows\AppPatch\AcGenral.dll
2008-02-13 13:29 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-02-13 13:29 167,424 ----a-w C:\Windows\System32\tcpipcfg.dll
2008-02-13 13:29 1,686,528 ----a-w C:\Windows\System32\gameux.dll
2008-02-13 13:18 1,244,672 ----a-w C:\Windows\System32\mcmde.dll
2008-02-06 14:49 12,632 ----a-w C:\Windows\System32\lsdelete.exe
2008-02-02 17:15 2,773,569 ----a-w C:\Windows\Internet Logs\tvDebug.zip
2008-02-01 10:17 587,264 ----a-w C:\Windows\WLXPGSS.SCR
2007-08-30 06:37 174 --sha-w C:\Program Files\desktop.ini
2007-03-24 06:49 2,779,390 ----a-w C:\Users\paul\footmuzik.ZIP
2007-03-06 17:18 16,757,793 ----a-w C:\Users\paul\nasa-world-wind_nasa_world_wind_1.4.0_anglais_14069.exe
2007-03-06 17:01 14,994,144 ----a-w C:\Users\paul\GoogleEarthWin_EARW.exe
2006-08-19 05:20 7,329,304 ----a-w C:\Users\Public\LegoStarWarsII.exe
2008-01-26 09:56 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
2008-01-26 09:56 32,768 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
2008-01-26 09:56 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
2007-09-15 15:54 1,890 --sha-w C:\Windows\System32\KGyGaAvL.sys
2007-09-02 16:15 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012007090220070903\index.dat
.

((((((((((((((((((((((((((((( snapshot_2008-04-26_21.34.30.73 )))))))))))))))))))))))))))))))))))))))))
.
- 2007-08-30 16:40:37 181,248 ----a-w C:\Windows\BDOSCAN8\bdcore.dll
+ 2008-04-26 21:12:53 181,760 ----a-w C:\Windows\BDOSCAN8\bdcore.dll
- 2007-08-30 16:40:37 142,848 ----a-w C:\Windows\BDOSCAN8\libfn.dll
+ 2008-04-26 21:12:54 142,848 ----a-w C:\Windows\BDOSCAN8\libfn.dll
+ 2006-05-24 23:22:06 53,248 ----a-w C:\Windows\bdoscandel.exe
- 2008-04-26 16:57:18 67,584 --s-a-w C:\Windows\bootstat.dat
+ 2008-04-27 06:59:43 67,584 --s-a-w C:\Windows\bootstat.dat
+ 2006-05-24 23:21:00 118,784 ----a-w C:\Windows\Downloaded Program Files\bdupd.dll
+ 2006-05-24 23:21:14 53,248 ----a-w C:\Windows\Downloaded Program Files\ipsupd.dll
- 2008-04-26 16:57:20 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2008-04-27 06:59:46 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2008-04-26 16:57:20 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2008-04-27 06:59:46 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2008-04-26 19:12:55 262,144 ----a-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\UsrClass.dat
+ 2008-04-27 10:01:46 262,144 ----a-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\UsrClass.dat
- 2008-04-26 17:00:26 1,310,720 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT
+ 2008-04-27 07:37:59 1,310,720 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT
- 2008-04-26 19:28:36 262,144 ----a-w C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\UsrClass.dat
+ 2008-04-27 10:12:26 262,144 ----a-w C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\UsrClass.dat
- 2008-04-26 17:00:21 1,310,720 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT
+ 2008-04-27 07:02:33 1,310,720 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT
- 2008-04-26 16:57:32 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2008-04-27 09:12:33 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2008-04-26 16:57:32 49,152 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2008-04-27 09:12:33 49,152 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2008-04-26 16:57:32 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2008-04-27 09:12:33 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2008-04-27 09:15:19 79,424 ----a-w C:\Windows\System32\drivers\avipbb.sys
- 2008-04-26 18:59:54 108,260 ----a-w C:\Windows\System32\perfc009.dat
+ 2008-04-27 08:33:04 108,260 ----a-w C:\Windows\System32\perfc009.dat
- 2008-04-26 18:59:54 122,212 ----a-w C:\Windows\System32\perfc00C.dat
+ 2008-04-27 08:33:04 122,212 ----a-w C:\Windows\System32\perfc00C.dat
- 2008-04-26 18:59:54 621,176 ----a-w C:\Windows\System32\perfh009.dat
+ 2008-04-27 08:33:04 621,176 ----a-w C:\Windows\System32\perfh009.dat
- 2008-04-26 18:59:54 700,860 ----a-w C:\Windows\System32\perfh00C.dat
+ 2008-04-27 08:33:04 700,860 ----a-w C:\Windows\System32\perfh00C.dat
- 2008-04-20 07:27:19 10,920 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2740256353-4076371411-4223361501-1001_UserData.bin
+ 2008-04-26 19:56:04 10,920 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2740256353-4076371411-4223361501-1001_UserData.bin
- 2008-04-26 17:00:13 89,022 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2008-04-26 19:56:03 89,154 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 12:55 5674352]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [ ]
"AlcoholAutomount"="C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" [2007-07-02 12:22 219008]
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2006-11-12 12:48 157592]
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools\daemon.exe" [2006-11-12 12:48 157592]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 14:33 201728]
"Veoh"="C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" [2008-04-01 18:35 3587120]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 20:51 39792]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [ ]
"NeroFilterCheck"="C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 16:57 153136]
"NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-20 10:51 1836328]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-04-12 17:07 86016]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-04-12 17:07 8429568]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-04-12 17:07 81920]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [ ]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2008-03-03 15:05 959976]
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2006-11-12 12:48 157592]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-04-27 11:15 262401]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.DIV3"= DivXc32.dll
"vidc.DIV4"= DivXc32f.dll
"msacm.divxa32"= DivXa32.acm
"VIDC.HFYU"= huffyuv.dll

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk]
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Lancement rapide d'Adobe Reader.lnk]
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Outil de mise à jour Google.lnk]
backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--a------ 2002-04-11 08:36 1458448 C:\Program Files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
--a------ 2007-01-19 12:55 5674352 C:\Program Files\MSN Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
--a------ 2007-04-12 17:07 8429568 C:\Windows\system32\NvCpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
--a------ 2007-04-12 17:07 81920 C:\Windows\system32\NvMcTray.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvSvc]
--a------ 2007-04-12 17:07 86016 C:\Windows\system32\nvsvc.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2007-07-12 04:00 132496 C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
--a------ 2007-04-02 17:00 1006264 C:\Program Files\Windows Defender\MSASCui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
--a------ 2006-11-02 14:33 201728 C:\Program Files\Windows Media Player\WMPNSCFG.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{6683FCCC-C7A2-4878-90C2-A94F1C86474C}"= C:\Program Files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)
"TCP Query User{66E0982E-3840-42B0-AA67-D8B7634AD74C}C:\\program files\\emule\\emule.exe"= UDP:C:\program files\emule\emule.exe:eMule
"UDP Query User{39FF1F52-0907-4790-B813-912C6DBC9847}C:\\program files\\emule\\emule.exe"= TCP:C:\program files\emule\emule.exe:eMule
"{9DEECA4B-EF66-4FAD-A875-639817827193}"= TCP:6004|C:\Program Files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"TCP Query User{2AA7AFF7-DBCB-4782-A695-70B04ADD9536}C:\\windows\\explorer.exe"= UDP:C:\windows\explorer.exe:Windows Explorer
"UDP Query User{1FF3BAB2-7DF7-43FC-A13D-2CD28EB80313}C:\\windows\\explorer.exe"= TCP:C:\windows\explorer.exe:Windows Explorer
"TCP Query User{293C7553-456D-4A9C-92AD-64C0EDBCD56D}C:\\program files\\abc\\abc.exe"= UDP:C:\program files\abc\abc.exe:abc
"UDP Query User{11AAA112-8C63-473F-A4AD-00B7665266EB}C:\\program files\\abc\\abc.exe"= TCP:C:\program files\abc\abc.exe:abc
"TCP Query User{ABF4E115-EB48-4A61-BED0-E79601934D52}C:\\program files\\ubisoft\\splinter cell pandora tomorrow\\pandora.exe"= UDP:C:\program files\ubisoft\splinter cell pandora tomorrow\pandora.exeandora
"UDP Query User{90EEFECF-F774-44AC-8049-0610C2ECA226}C:\\program files\\ubisoft\\splinter cell pandora tomorrow\\pandora.exe"= TCP:C:\program files\ubisoft\splinter cell pandora tomorrow\pandora.exeandora
"TCP Query User{A9591C14-B484-43DD-A58C-38226C9595B8}C:\\program files\\ubisoft\\splinter cell pandora tomorrow\\online\\system\\shadowstrike_static_retail.exe"= UDP:C:\program files\ubisoft\splinter cell pandora tomorrow\online\system\shadowstrike_static_retail.exe:shadowstrike_static_retail
"UDP Query User{A59C97B7-B840-4AE0-A421-24EB0F1A0E17}C:\\program files\\ubisoft\\splinter cell pandora tomorrow\\online\\system\\shadowstrike_static_retail.exe"= TCP:C:\program files\ubisoft\splinter cell pandora tomorrow\online\system\shadowstrike_static_retail.exe:shadowstrike_static_retail
"TCP Query User{7234CDB4-9BC7-44B9-8E0B-AA1D62118A27}C:\\program files\\emule\\emule.exe"= UDP:C:\program files\emule\emule.exe:eMule
"UDP Query User{70A97077-228D-44EF-AE7E-1D12CC421228}C:\\program files\\emule\\emule.exe"= TCP:C:\program files\emule\emule.exe:eMule
"TCP Query User{4C57F91C-2B85-4A85-B1A5-6FAF54D54C5E}C:\\program files\\abc\\abc.exe"= UDP:C:\program files\abc\abc.exe:abc
"UDP Query User{036E9CCC-1BC4-4337-BEC7-077AFDCC93DD}C:\\program files\\abc\\abc.exe"= TCP:C:\program files\abc\abc.exe:abc
"TCP Query User{B7D2E62A-6205-43B3-AD75-E4282B6DD891}C:\\program files\\32nd america's cup - demo\\vskac32_demo.exe"= UDP:C:\program files\32nd america's cup - demo\vskac32_demo.exe:VskAC32_Demo
"UDP Query User{360C9DC3-F777-47B6-B954-C32E719B130F}C:\\program files\\32nd america's cup - demo\\vskac32_demo.exe"= TCP:C:\program files\32nd america's cup - demo\vskac32_demo.exe:VskAC32_Demo
"TCP Query User{0B24FB9B-AF6E-46AF-947A-9B5AD87A0BE2}C:\\program files\\electronic arts\\need for speed carbon\\nfsc.exe"= UDP:C:\program files\electronic arts\need for speed carbon\nfsc.exe:NFSC
"UDP Query User{21788F0A-3001-407B-83B0-A2E91884F631}C:\\program files\\electronic arts\\need for speed carbon\\nfsc.exe"= TCP:C:\program files\electronic arts\need for speed carbon\nfsc.exe:NFSC
"{57555DCD-0F71-45CA-88C8-0B8D901AA700}"= C:\Program Files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)
"{DD578FC0-FB1F-4FD6-9199-2221FA1A5160}"= UDP:C:\Program Files\Messenger\msmsgs.exe:Windows Messenger
"{982DCBF1-7F2A-4C8D-9DB6-22E83EC68C6B}"= TCP:C:\Program Files\Messenger\msmsgs.exe:Windows Messenger
"TCP Query User{AF6ABDDD-A264-4B48-AC08-C3DE667E7418}C:\\program files\\ubisoft\\tom clancy's splinter cell double agent\\scda-offline\\system\\splintercell4.exe"= UDP:C:\program files\ubisoft\tom clancy's splinter cell double agent\scda-offline\system\splintercell4.exe:SplinterCell4
"UDP Query User{D2B3D2FA-450A-4A72-A82D-34AF38AD4BE7}C:\\program files\\ubisoft\\tom clancy's splinter cell double agent\\scda-offline\\system\\splintercell4.exe"= TCP:C:\program files\ubisoft\tom clancy's splinter cell double agent\scda-offline\system\splintercell4.exe:SplinterCell4
"{1D9F73F5-780B-44DA-A983-4F1615219181}"= C:\Program Files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)
"TCP Query User{7ADE55AE-3F49-44E2-9854-6F826EFCB332}C:\\typsoft ftp server\\ftpserv.exe"= UDP:C:\typsoft ftp server\ftpserv.exe:TYPSoft FTP Server
"UDP Query User{E6DEB5F3-4086-4729-84FF-42837391236C}C:\\typsoft ftp server\\ftpserv.exe"= TCP:C:\typsoft ftp server\ftpserv.exe:TYPSoft FTP Server
"TCP Query User{6D2C47EF-1CA6-45CB-982D-5953D0F2C076}C:\\program files\\adsltv\\adsltv.exe"= UDP:C:\program files\adsltv\adsltv.exe:adsltv
"UDP Query User{DF1AC20D-BB89-4B0D-BDB1-5086F67CCA95}C:\\program files\\adsltv\\adsltv.exe"= TCP:C:\program files\adsltv\adsltv.exe:adsltv
"TCP Query User{A60687CC-7747-4CA3-B620-6EA540644A75}C:\\program files\\veoh networks\\veoh\\veohclient.exe"= UDP:C:\program files\veoh networks\veoh\veohclient.exe:Veoh Client
"UDP Query User{A7E313D6-FC7F-4E69-ADAA-DC97F0C282AB}C:\\program files\\veoh networks\\veoh\\veohclient.exe"= TCP:C:\program files\veoh networks\veoh\veohclient.exe:Veoh Client
"{FB230512-BDAA-4110-9AFE-4D10579E7B58}"= UDP:19339:BitComet 19339 TCP
"{DC1A6B7F-E5E1-4403-9D27-182A0772FD72}"= TCP:19339:BitComet 19339 UDP
"{806CD8B0-6621-4E7E-BEBA-F4C722F93AEF}"= UDP:C:\Program Files\Winamp Remote\bin\Orb.exerb
"{BD5CD9B4-C2C0-4B77-816F-A553A2D736AE}"= TCP:C:\Program Files\Winamp Remote\bin\Orb.exerb
"{895DCCEF-1742-45B6-B277-BE8A40C3E1E8}"= UDP:C:\Program Files\Winamp Remote\bin\OrbTray.exerbTray
"{7A701332-403D-4F2B-9522-EE31ECA487ED}"= TCP:C:\Program Files\Winamp Remote\bin\OrbTray.exerbTray
"{20C17179-A0AF-495E-AB17-399C13560122}"= UDP:C:\Program Files\Winamp Remote\bin\OrbIR.exerbIR
"{B923A64F-8CA7-4AD2-9100-43EC99B409C4}"= TCP:C:\Program Files\Winamp Remote\bin\OrbIR.exerbIR
"{DB6810CD-825C-4F38-A9D4-6598F38FC774}"= UDP:C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exerb Stream Client
"{1FC6A47B-10D6-4216-AF7E-2506EF8F53DE}"= TCP:C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exerb Stream Client
"{7BB345AA-B8FD-4CDA-85F1-754E42C09F69}"= UDP:19339:BitComet 19339 TCP
"{797E7129-0371-4B48-8B9D-3B93FA7597E3}"= TCP:19339:BitComet 19339 UDP

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"C:\\WINDOWS\\svchost.exe"= C:\WINDOWS\svchost.exe:*:Enabled:svchost

R3 P0630VID;Creative WebCam Live!;C:\Windows\system32\DRIVERS\P0630Vid.sys [2004-07-30 03:55]
S3 s125bus;Sony Ericsson Device 125 driver (WDM);C:\Windows\system32\DRIVERS\s125bus.sys [2007-04-24 09:33]
S3 s125mdfl;Sony Ericsson Device 125 USB WMC Modem Filter;C:\Windows\system32\DRIVERS\s125mdfl.sys [2007-04-24 09:33]
S3 s125mdm;Sony Ericsson Device 125 USB WMC Modem Driver;C:\Windows\system32\DRIVERS\s125mdm.sys [2007-04-24 09:33]
S3 s125mgmt;Sony Ericsson Device 125 USB WMC Device Management Drivers (WDM);C:\Windows\system32\DRIVERS\s125mgmt.sys [2007-04-24 10:33]
S3 s125obex;Sony Ericsson Device 125 USB WMC OBEX Interface;C:\Windows\system32\DRIVERS\s125obex.sys [2007-04-24 10:33]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{98ebed00-3f75-11dc-a63a-000b6ab65d61}]
\shell\AutoRun\command - F:\autorun\autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ad989396-ca37-11db-a858-806e6f6e6963}]
\shell\AutoRun\command - explorer .

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f51b0150-d5ff-11db-9840-000b6ab65d61}]
\shell\AutoRun\command - G:\LaunchRC.exe

*Newly Created Service* - AVGIO
*Newly Created Service* - AVGNTFLT
*Newly Created Service* - AVIPBB
.
Contents of the 'Scheduled Tasks' folder
"2008-04-25 16:00:00 C:\Windows\Tasks\Norton Security Scan.job"
- C:\Program Files\Norton Security Scan\Nss.exe
"2008-04-27 10:15:00 C:\Windows\Tasks\User_Feed_Synchronization-{41A72865-AFB4-4BBA-B0DF-741C21B7FD6B}.job"
- C:\Windows\system32\msfeedssync.exe
"2008-04-27 10:15:00 C:\Windows\Tasks\User_Feed_Synchronization-{73C20C1F-FC60-431F-B678-4E68B0DF191B}.job"
- C:\Windows\system32\msfeedssync.exe
.
**************************************************************************

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-27 12:14:04
Windows 6.0.6000 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 4

**************************************************************************
.
Completion time: 2008-04-27 12:16:12
ComboFix-quarantined-files.txt 2008-04-27 10:15:53
ComboFix2.txt 2008-04-26 19:35:05
ComboFix3.txt 2008-04-26 12:51:34

Pre-Run: 77,762,678,784 octets libres
Post-Run: 78,333,575,168 octets libres

337 --- E O F --- 2008-04-27 07:17:15

Répondre à calim76560

Re,

Tu n'as pas d'antivirus ?

------------------------------ Prière de signaler si vous vous faites déjà aider sur un autre forum ou dans un autre topic.

Sécurité / Prévention
Répondre à Egwene

je viens de le réinstaller, il s'agir d'antivir, on me la conseillé

Répondre à calim76560

Oki,

Fais en scan en mode sans échec avec antivir après l'avoir mis à jour et poste-moi le rapport.

------------------------------ Prière de signaler si vous vous faites déjà aider sur un autre forum ou dans un autre topic.

Sécurité / Prévention
Répondre à Egwene

bon désolé du retard tout d'abord. Ensuite, le scan d'antivir n'a rin donné: il n'a rien détecter, tous est calme. Peut-on dire que c'est fini?

Répondre à calim76560

Re,

Poste un nouveau rapport hijackthis et je te dirai si tout est bon.

------------------------------ Prière de signaler si vous vous faites déjà aider sur un autre forum ou dans un autre topic.

Sécurité / Prévention
Répondre à Egwene

Créer un nouveau sujet Répondre

Tom's Guide > Forum > Sécurité - Virus > infecté par vundo.gen

Aller à :

Aide |
Règles du forum

Il y a 1080 utilisateurs connus et inconnus. Pour voir la liste des connectés connus, cliquez ici.

Page générée en 0,412 secondes

Attention

Vous allez répondre sur un sujet resté inactif pendant plus de 6 mois.
Assurez-vous d'apporter des éléments nouveaux à la discussion avant de poursuivre.

Répondre Annuler

Liens

Donne ton avis en vidéo

Les téléchargements

Les derniers dossiers

Test : Nokia N97, un vrai clavier, du Wi-Fi, un grand écran tactile...

Les bonnes raisons pour ne pas passer à l'iPhone 3G S

Faut-il craquer pour une TV à Led ?

Clés USB : capacité ou vitesse, le comparatif

Téléchargement

Liens commerciaux

Attention