Votre question

infecté par vundo.gen

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
25 Avril 2008 19:10:50

bonjours, je ne peux pas laisser antivir en route car celui ci me detecte un virus: vundo.gen. Apparement, il n'est pas en mesure de le supprimer. En fouillant sur le net, j'ai scanné mon ordinateur avec vundofix, mais celui ci n'a rien trouvé. De plus, lorsque j'allume internet explorer, une barre de tache est nouvellement apparue; il y a remove popup, scan spyware et security test. Lorsque je clique sur le dernier, une page de spyware isolator 2008 s'ouvre. Pouvez-vous m'aider?

Autres pages sur : infecte vundo gen

25 Avril 2008 19:15:14

Bonjour,

http://www.infos-du-net.com/forum/278791-11-intempestiv...

Comment m'expliques-tu le fait que tu te fasses réinfecter ? As-tu lu les indications de XmichouX ? Il t'a donné des liens intéressants, les as-tu lus ? Clique sur le lien dans ma signature pour en savoir plus.

Si tu fais n'importe quoi avec ton PC on ne va pas passer notre temps à te désinfecter.

Surtout que vu ton infection, tu as dû lancer un cracks ou un truc du genre...

:o 
25 Avril 2008 19:22:27

désolé mais je dispose de plusieurs ordinteurs. La première infection touchait celui de mes parents, j'ai bien suivi les indication de XmichouX et mes parents n'on plus aucun problème. Aujourd'hui il s'agit de mon ordinateur, ce n'est pas le même. Voila.
Contenus similaires
25 Avril 2008 19:23:53

Re,

Oki simple on va le vérifier :p 

Télécharge puis installe Hijackthis (Trend Micro)
Poste ensuite un rapport dans ta prochaine réponse.
AIDE : Comment utiliser Hijackthis v2.0.2

Mes excuses le cas échéant :) 
25 Avril 2008 19:26:48

voila le rapport, pour les crack, c'est tout à fait possible, mon frère télécharge beaucoup me semble-t-il, est-ce lié?
Logfile of HijackThis v1.99.1
Scan saved at 19:24:50, on 25/04/2008
Platform: Unknown Windows (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16643)

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\System32\rundll32.exe
C:\Windows\explorer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\fredo\AppData\Local\Temp\Rar$EX00.703\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: DVA Gate - {AEAFB69D-EDE2-47C8-BDBA-D8938DE059D3} - C:\Windows\qnmargolewk.dll (file missing)
O2 - BHO: (no name) - {E69DA3F4-19AF-4D5A-9462-3517106DEC09} - C:\Windows\system32\geBspnLd.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: dpevflbg - {CE66268D-0208-4D9E-8BC7-12D91072A34D} - C:\Windows\dpevflbg.dll
O4 - HKLM\..\Run: [edvfffoffc] c:\users\paul\appdata\local\microsoft\edvfffoffc.exe edvfffoffc
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [MSServer] rundll32.exe C:\Windows\system32\tuvVMgFw.dll,#1
O4 - HKLM\..\Run: [b84aab15] rundll32.exe "C:\Windows\system32\xugrnyue.dll",b
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools\daemon.exe" -autorun
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: Contrôleur de calendrier Ulead.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - (no file)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
O11 - Options group: [INTERNATIONAL] International*
O13 - Gopher Prefix:
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall....
O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0....
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game08.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O21 - SSODL: wdpoefan - {5501E3E1-465D-4E84-962A-9C5C259C2390} - C:\Windows\wdpoefan.dll
O21 - SSODL: vadokmxt - {AE5E2CA8-4B41-4A25-8EFF-82AEB28B96C8} - C:\Windows\vadokmxt.dll (file missing)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\Windows\system32\drivers\CDAC11BA.EXE
O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: Remote Administrator Service (r_server) - Unknown owner - C:\windows\svchost.exe" /service (file missing)
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)

25 Avril 2008 19:31:11

Re,

Tu as utilisé une mauvaise version d'hijackthis. Désinstalle-la.

Télécharge et installe la celle que je t'ai donnée dans mon lien ( à lire ! ).

Une fois cela fait, poste-moi un nouveau rapport fait avec la version que je t'ai donnée.

;) 

N.B : Dis à ton frère de lire le dossier en lien dans ma signature car le PC est vraiment vérolé... :/ 
25 Avril 2008 19:37:21

voila. Après je désinstalle tous les petits logiciels que mon frère utilise. il fera ses choses la sur son ordinateur a lui. Fini sa session.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:34:29, on 25/04/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16643)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\System32\rundll32.exe
C:\Windows\explorer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: DVA Gate - {AEAFB69D-EDE2-47C8-BDBA-D8938DE059D3} - C:\Windows\qnmargolewk.dll (file missing)
O2 - BHO: (no name) - {E69DA3F4-19AF-4D5A-9462-3517106DEC09} - C:\Windows\system32\geBspnLd.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: dpevflbg - {CE66268D-0208-4D9E-8BC7-12D91072A34D} - C:\Windows\dpevflbg.dll
O4 - HKLM\..\Run: [edvfffoffc] c:\users\paul\appdata\local\microsoft\edvfffoffc.exe edvfffoffc
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [MSServer] rundll32.exe C:\Windows\system32\tuvVMgFw.dll,#1
O4 - HKLM\..\Run: [b84aab15] rundll32.exe "C:\Windows\system32\xugrnyue.dll",b
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools\daemon.exe" -autorun
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-2740256353-4076371411-4223361501-1001\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'paul')
O4 - HKUS\S-1-5-21-2740256353-4076371411-4223361501-1001\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe (User 'paul')
O4 - HKUS\S-1-5-21-2740256353-4076371411-4223361501-1001\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe (User 'paul')
O4 - Global Startup: Contrôleur de calendrier Ulead.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - (no file)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O13 - Gopher Prefix:
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall....
O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0....
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game08.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O21 - SSODL: wdpoefan - {5501E3E1-465D-4E84-962A-9C5C259C2390} - C:\Windows\wdpoefan.dll
O21 - SSODL: vadokmxt - {AE5E2CA8-4B41-4A25-8EFF-82AEB28B96C8} - C:\Windows\vadokmxt.dll (file missing)
O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\Windows\system32\drivers\CDAC11BA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: Remote Administrator Service (r_server) - Unknown owner - C:\windows\svchost.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe

--
End of file - 10892 bytes

merci de ton aide tout de même
25 Avril 2008 19:40:50

Re,

De rien :)  Oui ton frère a l'air de faire un peu n'importe quoi. Soit il n'est pas averti des dangers du net, soit il passe outre... mais bonjour le résultat ( pour toi :D  ).

Quand j'en aurais fini avec toi, ton PC sera tout propre :super:

C'est parti pour le nettoyage, en plusieurs étapes évidemment ;) 

Télécharge MalwareByte's Anti-Malware sur ton Bureau.
Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.

Une fois l'installation et la mise à jour effectuées, redémarre en mode sans échec.
AIDE : Redémarrer en mode sans échec

  • Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
  • Afin de lancer la recherche, clic sur"Rechercher".
  • Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
    -- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
    -- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
    [#ff0000]REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]

    AIDE : Tuto en images sur MBAM

    ;) 
    25 Avril 2008 19:50:26

    je ne peux accéder au mode sans échec car je dispose d'un clavier sans fil. Je pourrais avoir un clavier filaire à partir de demain.
    25 Avril 2008 20:00:08

    Re,

    Et bien il est préférable d'attendre demain et le clavier avec fil pour accéder au mode sans échec.

    A demain alors :hello: 
    26 Avril 2008 12:49:16

    bonjour Merillym. Je dispose maintenant d'un clavier filaire. J'ai essayé de démarrer Malwarebytes' Anti-Malware mais celui ci ne ce lance pas. Même en mode normal. J'ai une page d'erreur qui s'ouvre:
    erreur d'éxécution 339, le composant COMCTL32.OCX ou une de ces dépendance n'est pas correctement enrengistré.
    merci
    26 Avril 2008 14:17:09

    existe-t-il un autre logiciel que cela parce la mon ordi me tape sur les nerf ( et mon frère aussi)
    26 Avril 2008 14:21:58

    Re,

    Hum... As-tu ton CD de windows ?

    Ok, on va utiliser d'autres outils ;) 

    1) Désactive l'UAC ( Menu Démarrer \ Panneau de Configuration \ Comptes d'utilisateurs et protection des utilisateurs \ Comptes d'utilisateurs \ Activer ou désactiver le contrôle des comptes d'utilisateurs \ décoche la case Utiliser le contrôle ... et valide par OK , il te sera demandé de redémarrer, fais le )

    Affiche les fichiers/dossiers cachés : http://www.micro-astuce.com/Forum/topic1607.html

    2) Désactive toute protection résidente ( antivirus... ) !
    Déconnecte-toi d'internet, ferme tous les programmes en cours et laisse combofix travailler : ne fais donc pas autre chose en même temps !


    Télécharge Combofix de sUBs
    Sauvegarde le sur ton bureau et pas ailleurs !
    Redémarre en mode sans échecs : aide ici >>>
    http://forum.telecharger.01net.com/telecharger/virus_et...
    /!\ Ne jamais redémarrer en mode sans échec via msconfig ! /!\

    Double-clic sur combofix, Il va te poser une question, réponds par la touche 1 et entrée pour valider, laisse toi guider.
    Attends que combofix ait terminé, un rapport sera créé. Poste le rapport. Il se trouve ici : C:\Combofix.txt

    3) Copie/colle un nouveau rapport HiJackThis avec.

    Bon courage :hello: 
    26 Avril 2008 14:56:07

    voici le rapport combofix:
    ComboFix 08-04-24.1 - fredo 2008-04-26 14:34:24.1 - NTFSx86 MINIMAL
    Microsoft® Windows Vista™ Édition Intégrale 6.0.6000.0.1252.1.1033.18.669 [GMT 2:00]
    Running from: C:\Users\fredo\Desktop\ComboFix.exe
    .

    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\ProgramData\Microsoft\Windows\Start Menu\Online Security Guide.url
    C:\ProgramData\Microsoft\Windows\Start Menu\Security Troubleshooting.url
    C:\Users\paul\AppData\Local\ezuudak.dat
    C:\Users\paul\AppData\Local\ezuudak_nav.dat
    C:\Users\paul\AppData\Local\ezuudak_navps.dat
    C:\Users\paul\AppData\Local\laecxc.dat
    C:\Users\paul\AppData\Local\laecxc_nav.dat
    C:\Users\paul\AppData\Local\laecxc_navps.dat
    C:\Windows\Downloaded Program Files\setup.inf
    C:\Windows\rs.txt
    C:\Windows\svchost.exe
    C:\Windows\system32\bsgkjcpf.dll
    C:\Windows\system32\byXQHywX.dll
    C:\Windows\System32\dLnpsBeg.ini
    C:\Windows\System32\dLnpsBeg.ini2
    C:\Windows\System32\fpcjkgsb.ini
    C:\Windows\system32\geBspnLd.dll
    C:\Windows\system32\khFXrPFw.dll
    C:\Windows\system32\mcrh.tmp
    C:\Windows\system32\nnnoMFxy.dll
    C:\Windows\system32\nvs2.inf
    C:\Windows\System32\OXbacdMp.ini
    C:\Windows\System32\OXbacdMp.ini2
    C:\Windows\system32\pMdcabXO.dll
    C:\Windows\system32\tuvUNhfG.dll
    C:\Windows\system32\vtUlkIbX.dll
    C:\Windows\System32\wFPrXFhk.ini
    C:\Windows\System32\wFPrXFhk.ini2

    .
    ((((((((((((((((((((((((( Files Created from 2008-03-26 to 2008-04-26 )))))))))))))))))))))))))))))))
    .

    2008-04-26 14:11 . 2008-04-26 14:11 1,017 --a------ C:\Windows\ST5UNST.000
    2008-04-26 13:54 . 2008-04-26 13:54 <REP> d-------- C:\Users\All Users\Malwarebytes
    2008-04-26 13:54 . 2008-04-26 13:54 <REP> d-------- C:\ProgramData\Malwarebytes
    2008-04-26 13:53 . 2008-04-26 14:13 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
    2008-04-25 19:46 . 2008-04-25 19:46 <REP> d-------- C:\Users\fredo\AppData\Roaming\Download Manager
    2008-04-25 19:34 . 2008-04-25 19:34 <REP> d-------- C:\Program Files\Trend Micro
    2008-04-25 18:46 . 2008-04-25 18:46 <REP> d-------- C:\VundoFix Backups
    2008-04-25 18:36 . 2008-04-26 09:14 1,505,903 ---hs---- C:\Windows\System32\euynrgux.ini
    2008-04-25 18:16 . 2008-04-25 18:31 1,505,841 ---hs---- C:\Windows\System32\qgfqwrvi.ini
    2008-04-24 20:11 . 2008-04-24 20:16 <REP> d-------- C:\Program Files\Norton Security Scan
    2008-04-24 18:25 . 2008-04-24 18:25 <REP> d-------- C:\Windows\System32\Kaspersky Lab
    2008-04-24 18:15 . 2008-04-25 17:29 1,505,112 ---hs---- C:\Windows\System32\bauxkorq.ini
    2008-04-23 14:43 . 2008-04-23 14:19 258,048 --a------ C:\Windows\wdpoefan.dll
    2008-04-23 14:43 . 2008-04-23 14:19 188,416 --a------ C:\Windows\dpevflbg.dll
    2008-04-23 14:43 . 2008-04-23 14:19 102,400 --a------ C:\Windows\olgdqarf.exe
    2008-04-22 21:02 . 2008-04-22 21:02 <REP> d-------- C:\Program Files\CASIO
    2008-04-22 21:02 . 2008-04-23 12:42 483 --a------ C:\Windows\FXIWIN.INI
    2008-04-19 11:13 . 2008-04-19 11:13 <REP> d-------- C:\Program Files\DAEMON Tools
    2008-04-18 22:07 . 2008-04-26 13:59 <REP> d-------- C:\Users\All Users\Avira
    2008-04-18 22:07 . 2008-04-26 13:59 <REP> d-------- C:\ProgramData\Avira
    2008-04-13 17:23 . 2008-04-13 17:23 <REP> d-------- C:\Users\autre\AppData\Roaming\PlayFirst
    2008-04-10 18:01 . 2008-04-10 18:01 <REP> dr------- C:\Users\autre\Searches
    2008-04-10 18:01 . 2008-04-10 18:01 <REP> d-------- C:\Users\autre\AppData\Roaming\Nero
    2008-04-10 18:00 . 2008-04-10 18:01 <REP> dr------- C:\Users\autre\Videos
    2008-04-10 18:00 . 2008-04-13 16:17 <REP> dr------- C:\Users\autre\Saved Games
    2008-04-10 18:00 . 2008-04-10 18:01 <REP> dr------- C:\Users\autre\Pictures
    2008-04-10 18:00 . 2008-04-10 18:01 <REP> dr------- C:\Users\autre\Music
    2008-04-10 18:00 . 2008-04-10 18:01 <REP> dr------- C:\Users\autre\Links
    2008-04-10 18:00 . 2008-04-13 17:22 <REP> dr------- C:\Users\autre\Downloads
    2008-04-10 18:00 . 2008-04-10 18:04 <REP> dr------- C:\Users\autre\Documents
    2008-04-10 18:00 . 2008-04-10 18:00 <REP> dr------- C:\Users\autre\Contacts
    2008-04-10 18:00 . 2006-11-02 14:35 <REP> d-------- C:\Users\autre\AppData\Roaming\Media Center Programs
    2008-04-10 18:00 . 2008-04-10 18:01 <REP> d--h----- C:\Users\autre\AppData
    2008-04-10 18:00 . 2008-04-10 18:01 <REP> d-------- C:\Users\autre
    2008-04-10 18:00 . 2008-04-10 18:05 524,288 --ahs---- C:\Users\autre\NTUSER.DAT{0f69446d-6a70-11db-8eb3-985e31beb686}.TMContainer00000000000000000002.regtrans-ms
    2008-04-10 18:00 . 2008-04-10 18:05 524,288 --ahs---- C:\Users\autre\NTUSER.DAT{0f69446d-6a70-11db-8eb3-985e31beb686}.TMContainer00000000000000000001.regtrans-ms
    2008-04-10 18:00 . 2008-04-26 14:34 262,144 --ah----- C:\Users\autre\ntuser.dat.LOG1
    2008-04-10 18:00 . 2008-04-10 18:05 65,536 --ahs---- C:\Users\autre\NTUSER.DAT{0f69446d-6a70-11db-8eb3-985e31beb686}.TM.blf
    2008-04-10 18:00 . 2008-04-10 18:00 0 --ah----- C:\Users\autre\ntuser.dat.LOG2
    2008-04-09 10:09 . 2008-02-15 01:19 944,184 --a------ C:\Windows\System32\winload.exe
    2008-04-09 10:09 . 2008-02-19 07:10 620,088 --a------ C:\Windows\System32\ci.dll
    2008-04-09 10:09 . 2008-02-29 08:39 371,712 --a------ C:\Windows\System32\srcore.dll
    2008-04-09 10:09 . 2008-02-29 08:38 313,856 --a------ C:\Windows\System32\rstrui.exe
    2008-04-09 10:09 . 2008-02-29 08:39 40,960 --a------ C:\Windows\System32\srclient.dll
    2008-04-09 10:09 . 2008-02-29 08:51 19,000 --a------ C:\Windows\System32\kd1394.dll
    2008-04-09 10:09 . 2008-02-29 08:38 16,384 --a------ C:\Windows\System32\srdelayed.exe
    2008-04-09 10:09 . 2008-02-29 08:34 7,168 --a------ C:\Windows\System32\f3ahvoas.dll
    2008-04-09 10:09 . 2008-02-29 08:35 6,656 --a------ C:\Windows\System32\kbd106n.dll
    2008-04-09 10:06 . 2008-02-21 02:53 1,383,424 --a------ C:\Windows\System32\mshtml.tlb
    2008-04-09 09:59 . 2008-02-21 06:43 296,448 --a------ C:\Windows\System32\gdi32.dll
    2008-04-09 09:58 . 2007-12-16 13:42 83,968 --a------ C:\Windows\System32\dnsrslvr.dll
    2008-04-09 09:58 . 2007-12-16 13:41 24,576 --a------ C:\Windows\System32\dnscacheugc.exe
    2008-04-02 14:55 . 2008-04-02 14:55 <REP> d-------- C:\Users\fredo\AppData\Roaming\DAEMON Tools
    2008-03-27 20:25 . 2008-03-03 15:05 1,086,952 --a------ C:\Windows\System32\zpeng24.dll
    2008-03-27 20:25 . 2008-03-03 15:06 279,440 --a------ C:\Windows\System32\drivers\vsdatant.sys

    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-04-26 12:44 352,614 ---ha-w C:\Windows\system32\drivers\vsconfig.xml
    2008-04-26 07:11 --------- d-----w C:\Program Files\Common Files\Symantec Shared
    2008-04-23 12:59 --------- d-----w C:\Program Files\eMule
    2008-04-23 11:24 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-04-14 08:09 --------- d-----w C:\ProgramData\GamesBar
    2008-04-13 16:13 --------- d---a-w C:\ProgramData\TEMP
    2008-04-13 15:23 --------- d-----w C:\ProgramData\PlayFirst
    2008-04-11 08:26 --------- d-----w C:\Program Files\Windows Mail
    2008-04-11 08:24 --------- d-----w C:\ProgramData\Microsoft Help
    2008-04-05 12:18 --------- d-----w C:\Program Files\IVCsoft
    2008-04-02 13:01 1,711,616 ----a-w C:\Windows\Internet Logs\xDBB90F.tmp
    2008-04-02 12:55 717,296 ----a-w C:\Windows\system32\drivers\sptd.sys
    2008-03-24 15:36 --------- d-----w C:\Users\fredo\AppData\Roaming\DivX
    2008-03-24 15:08 --------- d-----w C:\Program Files\DivX
    2008-03-07 17:18 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
    2008-03-07 17:14 --------- d-----w C:\Program Files\Windows Live Toolbar
    2008-03-06 17:37 --------- d-----w C:\Program Files\Windows Live
    2008-03-05 13:46 --------- d-----w C:\Users\paul\AppData\Roaming\Home Sweet Home
    2008-03-05 10:57 --------- d-----w C:\ProgramData\WLInstaller
    2008-03-05 10:51 --------- d-----w C:\Program Files\Microsoft SQL Server Compact Edition
    2008-03-05 10:45 --------- dcsh--w C:\Program Files\Common Files\WindowsLiveInstaller
    2008-02-23 20:31 681,472 ----a-w C:\Windows\Internet Logs\xDBBE9C.tmp
    2008-02-21 04:43 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
    2008-02-13 13:29 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
    2008-02-13 13:29 449,536 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
    2008-02-13 13:29 2,560 ----a-w C:\Windows\AppPatch\AcRes.dll
    2008-02-13 13:29 2,144,256 ----a-w C:\Windows\AppPatch\AcGenral.dll
    2008-02-13 13:29 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
    2008-02-11 09:16 1,628,160 ----a-w C:\Windows\Internet Logs\xDBC294.tmp
    2008-02-02 17:15 2,773,569 ----a-w C:\Windows\Internet Logs\tvDebug.zip
    2008-02-01 10:17 587,264 ----a-w C:\Windows\WLXPGSS.SCR
    2007-08-30 06:37 174 --sha-w C:\Program Files\desktop.ini
    2007-03-24 06:49 2,779,390 ----a-w C:\Users\paul\footmuzik.ZIP
    2007-03-06 17:18 16,757,793 ----a-w C:\Users\paul\nasa-world-wind_nasa_world_wind_1.4.0_anglais_14069.exe
    2007-03-06 17:01 14,994,144 ----a-w C:\Users\paul\GoogleEarthWin_EARW.exe
    2006-08-19 05:20 7,329,304 ----a-w C:\Users\Public\LegoStarWarsII.exe
    2007-09-15 15:54 56 --sh--r C:\Windows\System32\622D8D144D.sys
    2007-09-15 15:54 1,890 --sha-w C:\Windows\System32\KGyGaAvL.sys
    2007-09-02 16:15 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012007090220070903\index.dat
    .

    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{AEAFB69D-EDE2-47C8-BDBA-D8938DE059D3}]
    C:\Windows\qnmargolewk.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    "{CE66268D-0208-4D9E-8BC7-12D91072A34D}"= "C:\Windows\dpevflbg.dll" [2008-04-23 14:19 188416]

    [HKEY_CLASSES_ROOT\clsid\{ce66268d-0208-4d9e-8bc7-12d91072a34d}]
    [HKEY_CLASSES_ROOT\dpevflbg.1]
    [HKEY_CLASSES_ROOT\TypeLib\{D9C28083-E28D-4AB3-B109-82758B1B484C}]
    [HKEY_CLASSES_ROOT\dpevflbg]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 12:55 5674352]
    "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [ ]
    "AlcoholAutomount"="C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" [2007-07-02 12:22 219008]
    "DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2006-11-12 12:48 157592]
    "Veoh"="C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" [2008-01-30 14:11 3497984]
    "DAEMON Tools Lite"="C:\Program Files\DAEMON Tools\daemon.exe" [2006-11-12 12:48 157592]
    "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 14:33 201728]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "edvfffoffc"="c:\users\paul\appdata\local\microsoft\edvfffoffc.exe" [ ]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 20:51 39792]
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [ ]
    "NeroFilterCheck"="C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 16:57 153136]
    "NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-20 10:51 1836328]
    "NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-09-12 06:28 86016]
    "NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-09-12 06:28 8497696]
    "NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-09-12 06:28 81920]
    "WinampAgent"="C:\Program Files\Winamp\winampa.exe" [ ]
    "ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2008-03-03 15:05 959976]
    "DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2006-11-12 12:48 157592]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "EnableLUA"= 0 (0x0)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    "wdpoefan"= {5501E3E1-465D-4E84-962A-9C5C259C2390} - C:\Windows\wdpoefan.dll [2008-04-23 14:19 258048]
    "vadokmxt"= {AE5E2CA8-4B41-4A25-8EFF-82AEB28B96C8} - C:\Windows\vadokmxt.dll [ ]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "vidc.DIV3"= DivXc32.dll
    "vidc.DIV4"= DivXc32f.dll
    "msacm.divxa32"= DivXa32.acm
    "VIDC.HFYU"= huffyuv.dll

    [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk]
    backupExtension=.CommonStartup

    [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Lancement rapide d'Adobe Reader.lnk]
    backupExtension=.CommonStartup

    [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Outil de mise à jour Google.lnk]
    backupExtension=.CommonStartup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
    --a------ 2002-04-11 08:36 1458448 C:\Program Files\Messenger\msmsgs.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
    --a------ 2007-01-19 12:55 5674352 C:\Program Files\MSN Messenger\msnmsgr.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
    --a------ 2007-09-12 06:28 8497696 C:\Windows\system32\NvCpl.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
    --a------ 2007-09-12 06:28 81920 C:\Windows\system32\NvMcTray.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvSvc]
    --a------ 2007-09-12 06:28 86016 C:\Windows\system32\nvsvc.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    C:\Program Files\QuickTime\qttask.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
    --a------ 2007-07-12 04:00 132496 C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
    --a------ 2007-04-02 17:00 1006264 C:\Program Files\Windows Defender\MSASCui.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
    --a------ 2006-11-02 14:33 201728 C:\Program Files\Windows Media Player\WMPNSCFG.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
    "{6683FCCC-C7A2-4878-90C2-A94F1C86474C}"= C:\Program Files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)
    "TCP Query User{66E0982E-3840-42B0-AA67-D8B7634AD74C}C:\\program files\\emule\\emule.exe"= UDP:C:\program files\emule\emule.exe:eMule
    "UDP Query User{39FF1F52-0907-4790-B813-912C6DBC9847}C:\\program files\\emule\\emule.exe"= TCP:C:\program files\emule\emule.exe:eMule
    "{9DEECA4B-EF66-4FAD-A875-639817827193}"= TCP:6004|C:\Program Files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
    "TCP Query User{2AA7AFF7-DBCB-4782-A695-70B04ADD9536}C:\\windows\\explorer.exe"= UDP:C:\windows\explorer.exe:Windows Explorer
    "UDP Query User{1FF3BAB2-7DF7-43FC-A13D-2CD28EB80313}C:\\windows\\explorer.exe"= TCP:C:\windows\explorer.exe:Windows Explorer
    "TCP Query User{293C7553-456D-4A9C-92AD-64C0EDBCD56D}C:\\program files\\abc\\abc.exe"= UDP:C:\program files\abc\abc.exe:abc
    "UDP Query User{11AAA112-8C63-473F-A4AD-00B7665266EB}C:\\program files\\abc\\abc.exe"= TCP:C:\program files\abc\abc.exe:abc
    "TCP Query User{ABF4E115-EB48-4A61-BED0-E79601934D52}C:\\program files\\ubisoft\\splinter cell pandora tomorrow\\pandora.exe"= UDP:C:\program files\ubisoft\splinter cell pandora tomorrow\pandora.exe:p andora
    "UDP Query User{90EEFECF-F774-44AC-8049-0610C2ECA226}C:\\program files\\ubisoft\\splinter cell pandora tomorrow\\pandora.exe"= TCP:C:\program files\ubisoft\splinter cell pandora tomorrow\pandora.exe:p andora
    "TCP Query User{A9591C14-B484-43DD-A58C-38226C9595B8}C:\\program files\\ubisoft\\splinter cell pandora tomorrow\\online\\system\\shadowstrike_static_retail.exe"= UDP:C:\program files\ubisoft\splinter cell pandora tomorrow\online\system\shadowstrike_static_retail.exe:shadowstrike_static_retail
    "UDP Query User{A59C97B7-B840-4AE0-A421-24EB0F1A0E17}C:\\program files\\ubisoft\\splinter cell pandora tomorrow\\online\\system\\shadowstrike_static_retail.exe"= TCP:C:\program files\ubisoft\splinter cell pandora tomorrow\online\system\shadowstrike_static_retail.exe:shadowstrike_static_retail
    "TCP Query User{7234CDB4-9BC7-44B9-8E0B-AA1D62118A27}C:\\program files\\emule\\emule.exe"= UDP:C:\program files\emule\emule.exe:eMule
    "UDP Query User{70A97077-228D-44EF-AE7E-1D12CC421228}C:\\program files\\emule\\emule.exe"= TCP:C:\program files\emule\emule.exe:eMule
    "TCP Query User{4C57F91C-2B85-4A85-B1A5-6FAF54D54C5E}C:\\program files\\abc\\abc.exe"= UDP:C:\program files\abc\abc.exe:abc
    "UDP Query User{036E9CCC-1BC4-4337-BEC7-077AFDCC93DD}C:\\program files\\abc\\abc.exe"= TCP:C:\program files\abc\abc.exe:abc
    "TCP Query User{B7D2E62A-6205-43B3-AD75-E4282B6DD891}C:\\program files\\32nd america's cup - demo\\vskac32_demo.exe"= UDP:C:\program files\32nd america's cup - demo\vskac32_demo.exe:VskAC32_Demo
    "UDP Query User{360C9DC3-F777-47B6-B954-C32E719B130F}C:\\program files\\32nd america's cup - demo\\vskac32_demo.exe"= TCP:C:\program files\32nd america's cup - demo\vskac32_demo.exe:VskAC32_Demo
    "TCP Query User{0B24FB9B-AF6E-46AF-947A-9B5AD87A0BE2}C:\\program files\\electronic arts\\need for speed carbon\\nfsc.exe"= UDP:C:\program files\electronic arts\need for speed carbon\nfsc.exe:NFSC
    "UDP Query User{21788F0A-3001-407B-83B0-A2E91884F631}C:\\program files\\electronic arts\\need for speed carbon\\nfsc.exe"= TCP:C:\program files\electronic arts\need for speed carbon\nfsc.exe:NFSC
    "{57555DCD-0F71-45CA-88C8-0B8D901AA700}"= C:\Program Files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)
    "{DD578FC0-FB1F-4FD6-9199-2221FA1A5160}"= UDP:C:\Program Files\Messenger\msmsgs.exe:Windows Messenger
    "{982DCBF1-7F2A-4C8D-9DB6-22E83EC68C6B}"= TCP:C:\Program Files\Messenger\msmsgs.exe:Windows Messenger
    "TCP Query User{AF6ABDDD-A264-4B48-AC08-C3DE667E7418}C:\\program files\\ubisoft\\tom clancy's splinter cell double agent\\scda-offline\\system\\splintercell4.exe"= UDP:C:\program files\ubisoft\tom clancy's splinter cell double agent\scda-offline\system\splintercell4.exe:SplinterCell4
    "UDP Query User{D2B3D2FA-450A-4A72-A82D-34AF38AD4BE7}C:\\program files\\ubisoft\\tom clancy's splinter cell double agent\\scda-offline\\system\\splintercell4.exe"= TCP:C:\program files\ubisoft\tom clancy's splinter cell double agent\scda-offline\system\splintercell4.exe:SplinterCell4
    "{1D9F73F5-780B-44DA-A983-4F1615219181}"= C:\Program Files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)
    "TCP Query User{7ADE55AE-3F49-44E2-9854-6F826EFCB332}C:\\typsoft ftp server\\ftpserv.exe"= UDP:C:\typsoft ftp server\ftpserv.exe:TYPSoft FTP Server
    "UDP Query User{E6DEB5F3-4086-4729-84FF-42837391236C}C:\\typsoft ftp server\\ftpserv.exe"= TCP:C:\typsoft ftp server\ftpserv.exe:TYPSoft FTP Server
    "TCP Query User{6D2C47EF-1CA6-45CB-982D-5953D0F2C076}C:\\program files\\adsltv\\adsltv.exe"= UDP:C:\program files\adsltv\adsltv.exe:adsltv
    "UDP Query User{DF1AC20D-BB89-4B0D-BDB1-5086F67CCA95}C:\\program files\\adsltv\\adsltv.exe"= TCP:C:\program files\adsltv\adsltv.exe:adsltv
    "TCP Query User{A60687CC-7747-4CA3-B620-6EA540644A75}C:\\program files\\veoh networks\\veoh\\veohclient.exe"= UDP:C:\program files\veoh networks\veoh\veohclient.exe:Veoh Client
    "UDP Query User{A7E313D6-FC7F-4E69-ADAA-DC97F0C282AB}C:\\program files\\veoh networks\\veoh\\veohclient.exe"= TCP:C:\program files\veoh networks\veoh\veohclient.exe:Veoh Client
    "{FB230512-BDAA-4110-9AFE-4D10579E7B58}"= UDP:19339:BitComet 19339 TCP
    "{DC1A6B7F-E5E1-4403-9D27-182A0772FD72}"= TCP:19339:BitComet 19339 UDP
    "{806CD8B0-6621-4E7E-BEBA-F4C722F93AEF}"= UDP:C:\Program Files\Winamp Remote\bin\Orb.exe:o rb
    "{BD5CD9B4-C2C0-4B77-816F-A553A2D736AE}"= TCP:C:\Program Files\Winamp Remote\bin\Orb.exe:o rb
    "{895DCCEF-1742-45B6-B277-BE8A40C3E1E8}"= UDP:C:\Program Files\Winamp Remote\bin\OrbTray.exe:o rbTray
    "{7A701332-403D-4F2B-9522-EE31ECA487ED}"= TCP:C:\Program Files\Winamp Remote\bin\OrbTray.exe:o rbTray
    "{20C17179-A0AF-495E-AB17-399C13560122}"= UDP:C:\Program Files\Winamp Remote\bin\OrbIR.exe:o rbIR
    "{B923A64F-8CA7-4AD2-9100-43EC99B409C4}"= TCP:C:\Program Files\Winamp Remote\bin\OrbIR.exe:o rbIR
    "{DB6810CD-825C-4F38-A9D4-6598F38FC774}"= UDP:C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:o rb Stream Client
    "{1FC6A47B-10D6-4216-AF7E-2506EF8F53DE}"= TCP:C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:o rb Stream Client
    "{7BB345AA-B8FD-4CDA-85F1-754E42C09F69}"= UDP:19339:BitComet 19339 TCP
    "{797E7129-0371-4B48-8B9D-3B93FA7597E3}"= TCP:19339:BitComet 19339 UDP

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
    "DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
    "C:\\WINDOWS\\svchost.exe"= C:\WINDOWS\svchost.exe:*:Enabled:svchost

    R3 P0630VID;Creative WebCam Live!;C:\Windows\system32\DRIVERS\P0630Vid.sys [2004-07-30 03:55]
    S2 r_server;Remote Administrator Service;"C:\windows\svchost.exe" /service []
    S3 Boonty Games;Boonty Games;"C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe" [2007-04-06 16:53]
    S3 s125bus;Sony Ericsson Device 125 driver (WDM);C:\Windows\system32\DRIVERS\s125bus.sys [2007-04-24 09:33]
    S3 s125mdfl;Sony Ericsson Device 125 USB WMC Modem Filter;C:\Windows\system32\DRIVERS\s125mdfl.sys [2007-04-24 09:33]
    S3 s125mdm;Sony Ericsson Device 125 USB WMC Modem Driver;C:\Windows\system32\DRIVERS\s125mdm.sys [2007-04-24 09:33]
    S3 s125mgmt;Sony Ericsson Device 125 USB WMC Device Management Drivers (WDM);C:\Windows\system32\DRIVERS\s125mgmt.sys [2007-04-24 10:33]
    S3 s125obex;Sony Ericsson Device 125 USB WMC OBEX Interface;C:\Windows\system32\DRIVERS\s125obex.sys [2007-04-24 10:33]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    bthsvcs REG_MULTI_SZ BthServ

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{98ebed00-3f75-11dc-a63a-000b6ab65d61}]
    \shell\AutoRun\command - F:\autorun\autorun.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ad989396-ca37-11db-a858-806e6f6e6963}]
    \shell\AutoRun\command - explorer .

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f51b0150-d5ff-11db-9840-000b6ab65d61}]
    \shell\AutoRun\command - G:\LaunchRC.exe

    .
    Contents of the 'Scheduled Tasks' folder
    "2008-04-25 16:00:00 C:\Windows\Tasks\Norton Security Scan.job"
    - C:\Program Files\Norton Security Scan\Nss.exe
    "2008-04-26 12:50:00 C:\Windows\Tasks\User_Feed_Synchronization-{41A72865-AFB4-4BBA-B0DF-741C21B7FD6B}.job"
    - C:\Windows\system32\msfeedssync.exe
    "2008-04-25 15:35:26 C:\Windows\Tasks\User_Feed_Synchronization-{73C20C1F-FC60-431F-B678-4E68B0DF191B}.job"
    - C:\Windows\system32\msfeedssync.exe
    .
    **************************************************************************

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-04-26 14:45:43
    Windows 6.0.6000 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 4

    **************************************************************************
    .
    ------------------------ Other Running Processes ------------------------
    .
    C:\Windows\System32\audiodg.exe
    C:\Windows\System32\ZoneLabs\vsmon.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\Windows\System32\drivers\CDAC11BA.EXE
    C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
    C:\Windows\System32\conime.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\System32\wbem\unsecapp.exe
    C:\Windows\System32\rundll32.exe
    C:\Windows\System32\wbem\WMIADAP.exe
    .
    **************************************************************************
    .
    Completion time: 2008-04-26 14:51:32 - machine was rebooted
    ComboFix-quarantined-files.txt 2008-04-26 12:51:06

    Le texte du message associé au numéro 0x2379 est introuvable dans le fichier de messages pour Application.
    Post-Run: 74,995,531,776 octets libres

    320 --- E O F --- 2008-04-26 07:31:00
    le rapport hijackthis:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 14:54:34, on 26/04/2008
    Platform: Windows Vista (WinNT 6.00.1904)
    MSIE: Internet Explorer v7.00 (7.00.6000.16643)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\conime.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Windows\System32\rundll32.exe
    C:\Windows\Explorer.exe
    C:\Windows\system32\notepad.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: DVA Gate - {AEAFB69D-EDE2-47C8-BDBA-D8938DE059D3} - C:\Windows\qnmargolewk.dll (file missing)
    O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
    O3 - Toolbar: dpevflbg - {CE66268D-0208-4D9E-8BC7-12D91072A34D} - C:\Windows\dpevflbg.dll
    O4 - HKLM\..\Run: [edvfffoffc] c:\users\paul\appdata\local\microsoft\edvfffoffc.exe edvfffoffc
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
    O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
    O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
    O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
    O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools\daemon.exe" -autorun
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
    O4 - Global Startup: Contrôleur de calendrier Ulead.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe
    O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
    O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
    O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - (no file)
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - (no file)
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O13 - Gopher Prefix:
    O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall....
    O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} - http://support.f-secure.com/ols/fscax.cab
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
    O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} - http://messenger.zone.msn.com/binary/SolitaireShowdown....
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
    O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0....
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} - http://messenger.zone.msn.com/binary/MessengerStatsClie...
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
    O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game08.zylom.com/activex/zylomgamesplayer.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O21 - SSODL: wdpoefan - {5501E3E1-465D-4E84-962A-9C5C259C2390} - C:\Windows\wdpoefan.dll
    O21 - SSODL: vadokmxt - {AE5E2CA8-4B41-4A25-8EFF-82AEB28B96C8} - C:\Windows\vadokmxt.dll (file missing)
    O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
    O23 - Service: C-DillaCdaC11BA - Macrovision - C:\Windows\system32\drivers\CDAC11BA.EXE
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
    O23 - Service: Remote Administrator Service (r_server) - Unknown owner - C:\windows\svchost.exe (file missing)
    O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe

    --
    End of file - 9523 bytes

    je sais pas comment vous faite pour déchiffrer sa mais pour moi c'est du charabia. Sinon oui je dispose du cd de windows, faut juste que je recherche sa dans mon foulli

    26 Avril 2008 15:11:59

    Re,

    Si tu as Vista, fais ceci avant :
    Désactive l'UAC ( Menu Démarrer \ Panneau de Configuration \ Comptes d'utilisateurs et protection des utilisateurs \ Comptes d'utilisateurs \ Activer ou désactiver le contrôle des comptes d'utilisateurs \ décoche la case Utiliser le contrôle ... et valide par OK , il te sera demandé de redémarrer, fais le )

    Si tu as spybot, ouvre Spybot , clique sur l'onglet Mode et choisis Mode Avancé
    Ne tiens pas compte de l'avertissement
    En bas à gauche , clique sur Outils
    Toujours dans la colonne de gauche , clique sur Résident ( pas dans la fenêtre centrale )
    Et décoche l'option Resident "TeaTimer"

    Télécharge Navilog (de Il-Mafioso)

    Enregistre-le sur ton Bureau.
    Installe-le en double cliquant sur navilog.exe.
    Une fois l'installation terminée, l'utilitaire s'exécutera automatiquement.
    (Si ce n'est pas le cas, double clique sur le raccourci présent sur le Bureau)

    Une fois l'installation terminée, fais un clic droit sur le raccourci navilog1 puis choisis "Exécuter en tant qu'administrateur". ( Pour Vista)

    Laisse-toi guider par l'utilitaire. Choisis l'option 1 puis valide.
    ! N'utilise pas l'option 2,3 et 4 sans notre accord !
    Patiente jusqu'à l'apparition de ce message :
    "*** Analyse Termine le ..... ***"
    Appuie sur une touche comme demandé. Le Bloc-notes va s'ouvrir. Poste le rapport ici.

    Le rapport se trouve ici :C:\fixnavi.txt

    ;) 
    26 Avril 2008 15:36:44

    et voila le rapport :
    Search Navipromo version 3.5.5 commencé le 26/04/2008 à 15:20:25,37

    !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
    !!! Postez ce rapport sur le forum pour le faire analyser !!!
    !!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!

    Outil exécuté depuis C:\Program Files\navilog1
    Session actuelle : "fredo"

    Mise à jour le 25.04.2008 à 22h00 par IL-MAFIOSO

    Microsoft Windows Vista 6.0.6000
    Internet Explorer : 7.0.6000.16643
    Système de fichiers : NTFS

    Executé en mode normal

    *** Recherche Programmes installés ***


    *** Recherche dossiers dans "C:\Windows" ***


    *** Recherche dossiers dans "C:\Program Files" ***


    *** Recherche dossiers dans "C:\ProgramData" ***


    *** Recherche dossiers dans "c:\progra~2\micros~1\windows\startm~1\programs" ***


    *** Recherche dossiers dans "c:\users\fredo\appdata\roaming\micros~1\windows\startm~1\programs" ***


    *** Recherche dossiers dans "C:\Users\autre\appdata\roaming\micros~1\windows\startm~1\programs" ***


    *** Recherche dossiers dans "C:\Users\Guest\appdata\roaming\micros~1\windows\startm~1\programs" ***


    *** Recherche dossiers dans "C:\Users\paul\appdata\roaming\micros~1\windows\startm~1\programs" ***


    *** Recherche dossiers dans "C:\Users\fredo\AppData\Local\virtualstore\Program Files" ***


    *** Recherche dossiers dans "C:\Users\Guest\AppData\Local\virtualstore\Program Files" ***


    *** Recherche dossiers dans "C:\Users\paul\AppData\Local\virtualstore\Program Files" ***


    *** Recherche dossiers dans "C:\Users\fredo\AppData\Roaming" ***


    *** Recherche dossiers dans "C:\Users\autre\appdata\roaming" ***


    *** Recherche dossiers dans "C:\Users\Guest\appdata\roaming" ***


    *** Recherche dossiers dans "C:\Users\paul\appdata\roaming" ***

    *** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
    pour + d'infos : http://www.gmer.net

    Aucun Fichier trouvé


    *** Recherche avec GenericNaviSearch ***
    !!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
    !!! A vérifier impérativement avant toute suppression manuelle !!!

    * Recherche dans "C:\Windows\system32" *

    * Recherche dans "C:\Users\fredo\AppData\Local\Microsoft" *

    * Recherche dans "C:\Users\fredo\AppData\Local" *

    * Recherche dans "C:\Users\autre\AppData\Local" *

    * Recherche dans "C:\Users\Guest\AppData\Local" *

    * Recherche dans "C:\Users\paul\AppData\Local" *



    *** Recherche fichiers ***



    *** Recherche clés spécifiques dans le Registre ***


    *** Module de Recherche complémentaire ***
    (Recherche fichiers spécifiques)

    1)Recherche nouveaux fichiers Instant Access :


    2)Recherche Heuristique :

    * Dans "C:\Windows\system32" :


    * Dans "C:\Users\fredo\AppData\Local\Microsoft" :


    * Dans "C:\Users\fredo\AppData\Local" :


    * Dans "C:\Users\autre\AppData\Local" :


    * Dans "C:\Users\Guest\AppData\Local" :


    * Dans "C:\Users\paul\AppData\Local" :


    3)Recherche Certificats :

    Certificat Egroup absent !
    Certificat Electronic-Group absent !
    Certificat OOO-Favorit absent !
    Certificat Sunny-Day-Design-Ltd absent !

    4)Recherche fichiers connus :



    *** Analyse terminée le 26/04/2008 à 15:36:07,79 ***
    26 Avril 2008 18:25:01

    :hello: 

    Désactive toute protection résidente ( antivirus…) !

    Copie le texte se situant dans le cadre ci-dessous, sans le mot citation :

    Citation :
    Driver::
    Boonty Games
    r_server

    File::
    C:\Windows\System32\euynrgux.ini
    C:\Windows\System32\qgfqwrvi.ini
    C:\Windows\System32\bauxkorq.ini
    C:\Windows\wdpoefan.dll
    C:\Windows\dpevflbg.dll
    C:\Windows\olgdqarf.exe
    C:\Windows\Internet Logs\xDBB90F.tmp
    C:\Windows\Internet Logs\xDBBE9C.tmp
    C:\Windows\Internet Logs\xDBC294.tmp
    C:\Windows\System32\622D8D144D.sys
    c:\users\paul\appdata\local\microsoft\edvfffoffc.exe

    Folder::
    C:\ProgramData\GamesBar
    C:\Program Files\Common Files\BOONTY Shared\

    Registry::
    [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{AEAFB69D-EDE2-47C8-BDBA-D8938DE059D3}]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "edvfffoffc"=-
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    "{CE66268D-0208-4D9E-8BC7-12D91072A34D}"=-
    [-HKEY_CLASSES_ROOT\clsid\{ce66268d-0208-4d9e-8bc7-12d91072a34d}]
    [-HKEY_CLASSES_ROOT\dpevflbg.1]
    [-HKEY_CLASSES_ROOT\TypeLib\{D9C28083-E28D-4AB3-B109-82758B1B484C}]
    [-HKEY_CLASSES_ROOT\dpevflbg]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    "wdpoefan"=-
    "vadokmxt"=-



    Ouvre le Bloc-Notes puis colle le texte copié.
    (Démarrer\Tous les programmes\Accessoires\Bloc notes.)
    Sauvegarde ce fichier sous le nom de CFScript.txt.

    Glisse maintenant le fichier ComboFix-Do.txt dans Combofix.exe comme ci-dessous :



    Cela va relancer Combofix, tape sur 1 puis valide. Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un nouveau rapport Hijackthis.
    S'il n'y a pas de redémarrage, poste quand même les rapports.

    ;) 
    26 Avril 2008 19:13:15

    avant de continuer, j'aimerais savoir si un formatage de l'ordinateur via mon CD windows pourrait résoudre mon problème.
    je n'ais pas de rapport combafix car l'ordinateur a redemarrer anormalement. Voici le hijackthis


    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 19:03, on 2008-04-26
    Platform: Windows Vista (WinNT 6.00.1904)
    MSIE: Internet Explorer v7.00 (7.00.6000.16643)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\DAEMON Tools\daemon.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\System32\rundll32.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\Program Files\BitComet\BitComet.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
    O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
    O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
    O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools\daemon.exe" -autorun
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
    O4 - Global Startup: Contrôleur de calendrier Ulead.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe
    O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
    O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
    O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - (no file)
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - (no file)
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O13 - Gopher Prefix:
    O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall....
    O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} - http://support.f-secure.com/ols/fscax.cab
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
    O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} - http://messenger.zone.msn.com/binary/SolitaireShowdown....
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
    O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0....
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} - http://messenger.zone.msn.com/binary/MessengerStatsClie...
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
    O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game08.zylom.com/activex/zylomgamesplayer.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: C-DillaCdaC11BA - Macrovision - C:\Windows\system32\drivers\CDAC11BA.EXE
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
    O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe

    --
    End of file - 8675 bytes
    26 Avril 2008 19:36:03

    Re,

    Le formatage est la solution radicale. Seulement, maintenant que j'ai passé du temps avec toi, si tu formates, tout ce que j'ai fait avec toi = pertes de temps.

    D'autant plus qu'on a fait le plus dur. A toi de voir, mais le formatage est plus que superflu.

    J'attends une réponse de ta part avant de continuer car si tu comptes formater, inutile que je perde mon temps :) 

    Sinon le rapport de combofix devrait se trouver ici : C:\Combofix.txt
    26 Avril 2008 19:39:23

    inutile de formater si cela est bientot terminé. J'oubli le formatage (et sa m'arrange).
    Je n'ai pas le rapport combofix a l'emplacement indiqué.
    Faut-il que je le relance?
    26 Avril 2008 19:54:27

    Re,

    Télécharge Deckard's System Scanner (DSS) (ou DSS) sur ton Bureau.
    NB : Tu dois être connecté avec des droits d'Administrateur.
  • ferme toutes les applications et fenêtres
  • double-clique sur dss.exe pour le lancer et suis les instructions ci-dessous
    Attention, il est conseillé de stopper temporairement les logiciels résidents de protection (pare-feu, antivirus, etc.)
  • s'il s'agit d'une première utilisation ou d'une nouvelle version de DSS :
  • tu devras cliquer 2 fois sur le OK des boîtes de dialogue
    Attention, si tu tardes trop, la réponse Abandon sera automatiquement validée
  • quand le traitement est terminé (clique sur OK), deux fichiers texte s'affichent :
    main.txt <- ouvert en premier plan et en plein écran
    extra.txt <- ouvert en second plan et en fenêtré (regarde la barre des taches)
    S'il s'agit d'une utilisation supplémentaire de DSS :
  • tu n'auras pas de boîte de dialogue (pas de OK)
  • quand le traitement est terminé, un fichier texte s'affiche :
    main.txt <- ouvert en premier plan et en plein écran

  • copie (Ctrl+A puis Ctrl+C) et colle (Ctrl+V) le contenu de main.txt dans ton prochain post
  • copie de même le contenu de extra.txt dans ton prochain post, si tu as ce fichier (première utilisation)
  • n'oublie pas de réactiver les protections si elles ont été stoppées.



    Ce que fait DSS :
  • crée un point de restauration dans Windows XP et Vista
  • nettoie les fichiers temporaires, DPF-Downloaded Program Files et le Cache Internet, vide la Corbeille de tous les lecteurs
  • vérifie quelques zones importantes de ton système et établit un rapport pour examen par ton conseiller en sécurité. DSS lance automatiquement HijackThis pour toi; il va aussi créer un raccourci HijackThis sur ton Bureau si tu n'as pas déjà HijackThis d'installé.

    ;) 
    26 Avril 2008 20:08:39

    le rapport main:
    Deckard's System Scanner v20071014.68
    Run by fredo on 2008-04-26 19:59:08
    Computer is in Normal Mode.
    --------------------------------------------------------------------------------

    -- Last 3 Restore Point(s) --
    3: 2008-04-26 16:39:19 UTC - RP590 - ComboFix created restore point
    2: 2008-04-26 15:19:50 UTC - RP589 - Installed VeohTV BETA
    1: 2008-04-26 15:04:34 UTC - RP587 - Last known good configuration


    Backed up registry hives.
    Performed disk cleanup.

    Total Physical Memory: 1021 MiB (1024 MiB recommended).


    -- HijackThis (run as fredo.exe) -----------------------------------------------

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 20:01, on 2008-04-26
    Platform: Windows Vista (WinNT 6.00.1904)
    MSIE: Internet Explorer v7.00 (7.00.6000.16643)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\System32\rundll32.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Program Files\BitComet\BitComet.exe
    C:\Users\fredo\Desktop\dss.exe
    C:\Windows\system32\conime.exe
    C:\PROGRA~1\TRENDM~1\HIJACK~1\fredo.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
    O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
    O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
    O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools\daemon.exe" -autorun
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
    O4 - Global Startup: Contrôleur de calendrier Ulead.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe
    O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
    O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
    O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - (no file)
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - (no file)
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O13 - Gopher Prefix:
    O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall....
    O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} - http://support.f-secure.com/ols/fscax.cab
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
    O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} - http://messenger.zone.msn.com/binary/SolitaireShowdown....
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
    O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0....
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} - http://messenger.zone.msn.com/binary/MessengerStatsClie...
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
    O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game08.zylom.com/activex/zylomgamesplayer.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: C-DillaCdaC11BA - Macrovision - C:\Windows\system32\drivers\CDAC11BA.EXE
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
    O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe

    --
    End of file - 8460 bytes

    -- File Associations -----------------------------------------------------------

    .cpl - cplfile - shell\cplopen\command - rundll32.exe shell32.dll,Control_RunDLL "%1",%*


    -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

    R2 CdaC15BA - \??\c:\windows\system32\drivers\cdac15ba.sys

    S3 pcouffin (VSO Software pcouffin) - c:\windows\system32\drivers\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>


    -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

    R2 C-DillaCdaC11BA - c:\windows\system32\drivers\cdac11ba.exe <Not Verified; Macrovision; SafeCast Windows NT>
    R2 Nero BackItUp Scheduler 3 - c:\program files\nero\nero8\nero backitup\nbservice.exe
    R2 StarWindServiceAE (StarWind AE Service) - c:\program files\alcohol soft\alcohol 120\starwind\starwindserviceae.exe <Not Verified; Rocket Division Software; StarWind Alcohol Edition>


    -- Device Manager: Disabled ----------------------------------------------------

    No disabled devices found.


    -- Scheduled Tasks -------------------------------------------------------------

    2008-04-26 20:01:00 416 --ah----- C:\Windows\Tasks\User_Feed_Synchronization-{73C20C1F-FC60-431F-B678-4E68B0DF191B}.job
    2008-04-26 20:00:51 416 --ah----- C:\Windows\Tasks\User_Feed_Synchronization-{41A72865-AFB4-4BBA-B0DF-741C21B7FD6B}.job
    2008-04-25 18:00:00 408 --a------ C:\Windows\Tasks\Norton Security Scan.job


    -- Files created between 2008-03-26 and 2008-04-26 -----------------------------

    2008-04-26 17:32:52 0 d-------- C:\Windows\nvtmpinst
    2008-04-26 16:52:30 0 d-------- C:\Program Files\LucasArts
    2008-04-26 15:19:40 0 d-------- C:\Program Files\Navilog1
    2008-04-26 14:51:37 53248 --a------ C:\Windows\PSEXESVC.EXE <Not Verified; Sysinternals; Sysinternals PsExec>
    2008-04-26 14:33:44 68096 --a------ C:\Windows\zip.exe
    2008-04-26 14:33:44 49152 --a------ C:\Windows\VFind.exe
    2008-04-26 14:33:44 212480 --a------ C:\Windows\swxcacls.exe <Not Verified; SteelWerX; SteelWerX Extended Configurator ACLists>
    2008-04-26 14:33:44 136704 --a------ C:\Windows\swsc.exe <Not Verified; SteelWerX; SteelWerX Service Controller>
    2008-04-26 14:33:44 161792 --a------ C:\Windows\swreg.exe <Not Verified; SteelWerX; SteelWerX Registry Editor>
    2008-04-26 14:33:44 98816 --a------ C:\Windows\sed.exe
    2008-04-26 14:33:44 80412 --a------ C:\Windows\grep.exe
    2008-04-26 14:33:44 73728 --a------ C:\Windows\fdsv.exe <Not Verified; Smallfrogs Studio; >
    2008-04-25 19:34:16 0 d-------- C:\Program Files\Trend Micro
    2008-04-24 20:11:02 0 d-------- C:\Program Files\Norton Security Scan
    2008-04-24 18:25:19 0 d-------- C:\Windows\system32\Kaspersky Lab
    2008-04-22 21:02:02 0 d-------- C:\Program Files\CASIO
    2008-04-19 11:13:20 0 d-------- C:\Program Files\DAEMON Tools
    2008-04-18 22:07:08 0 d-------- C:\Users\All Users\Avira
    2008-04-10 18:01:11 0 dr------- C:\Users\autre\Searches
    2008-04-10 18:00:57 0 dr------- C:\Users\autre\Contacts
    2008-04-10 18:00:37 0 d--hs---- C:\Users\autre\Templates
    2008-04-10 18:00:37 0 d--hs---- C:\Users\autre\Start Menu
    2008-04-10 18:00:37 0 d--hs---- C:\Users\autre\SendTo
    2008-04-10 18:00:37 0 d--hs---- C:\Users\autre\Recent
    2008-04-10 18:00:37 0 d--hs---- C:\Users\autre\PrintHood
    2008-04-10 18:00:37 0 d--hs---- C:\Users\autre\NetHood
    2008-04-10 18:00:37 0 d--hs---- C:\Users\autre\My Documents
    2008-04-10 18:00:37 0 d--hs---- C:\Users\autre\Local Settings
    2008-04-10 18:00:37 0 d--hs---- C:\Users\autre\Cookies
    2008-04-10 18:00:37 0 d--hs---- C:\Users\autre\Application Data
    2008-04-10 18:00:32 0 dr------- C:\Users\autre\Videos
    2008-04-10 18:00:32 0 dr------- C:\Users\autre\Saved Games
    2008-04-10 18:00:32 0 dr------- C:\Users\autre\Pictures
    2008-04-10 18:00:32 1048576 --ahs---- C:\Users\autre\NTUSER.DAT
    2008-04-10 18:00:32 0 dr------- C:\Users\autre\Music
    2008-04-10 18:00:32 0 dr------- C:\Users\autre\Links
    2008-04-10 18:00:32 0 dr------- C:\Users\autre\Favorites
    2008-04-10 18:00:32 0 dr------- C:\Users\autre\Downloads
    2008-04-10 18:00:32 0 dr------- C:\Users\autre\Documents
    2008-04-10 18:00:32 0 dr------- C:\Users\autre\Desktop
    2008-04-10 18:00:32 0 d--h----- C:\Users\autre\AppData


    -- Find3M Report ---------------------------------------------------------------

    2008-04-26 18:55:17 700860 --a------ C:\Windows\system32\perfh00C.dat
    2008-04-26 18:55:17 122212 --a------ C:\Windows\system32\perfc00C.dat
    2008-04-26 18:46:54 12 --a------ C:\Windows\bthservsdp.dat
    2008-04-26 18:41:11 0 d-------- C:\Program Files\Common Files
    2008-04-26 17:26:03 0 d--h----- C:\Program Files\InstallShield Installation Information
    2008-04-26 17:18:39 43520 --a------ C:\Windows\system32\CmdLineExt03.dll
    2008-04-26 09:11:14 0 d-------- C:\Program Files\Common Files\Symantec Shared
    2008-04-25 19:46:25 0 d-------- C:\Users\fredo\AppData\Roaming\Download Manager
    2008-04-23 14:59:08 0 d-------- C:\Program Files\eMule
    2008-04-11 10:26:25 0 d-------- C:\Program Files\Windows Mail
    2008-04-10 18:01:06 0 d-------- C:\Program Files\Messenger
    2008-04-05 14:18:31 0 d-------- C:\Program Files\IVCsoft
    2008-04-02 14:55:02 0 d-------- C:\Users\fredo\AppData\Roaming\DAEMON Tools
    2008-03-24 17:36:55 0 d-------- C:\Users\fredo\AppData\Roaming\DivX
    2008-03-24 17:08:08 0 d-------- C:\Program Files\DivX
    2008-03-07 19:18:55 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
    2008-03-07 19:14:09 0 d-------- C:\Program Files\Windows Live Toolbar
    2008-03-06 19:37:22 0 d-------- C:\Program Files\Windows Live
    2008-03-05 12:51:11 0 d-------- C:\Program Files\Microsoft SQL Server Compact Edition
    2008-03-05 12:45:04 0 d--hs--c- C:\Program Files\Common Files\WindowsLiveInstaller
    2008-02-21 04:05:44 3596288 --a------ C:\Windows\system32\qt-dx331.dll
    2008-02-21 04:04:16 196608 --a------ C:\Windows\system32\dtu100.dll <Not Verified; DivX, Inc.; DivX, Inc. dtu100>
    2008-02-21 04:04:16 81920 --a------ C:\Windows\system32\dpl100.dll <Not Verified; DivX, Inc.; DivX, Inc. dpl100>
    2008-02-21 04:04:04 802816 --a------ C:\Windows\system32\divx_xx11.dll <Not Verified; DivX, Inc.; DivX?>
    2008-02-21 04:04:04 823296 --a------ C:\Windows\system32\divx_xx0c.dll <Not Verified; DivX, Inc.; DivX®>
    2008-02-21 04:04:04 823296 --a------ C:\Windows\system32\divx_xx07.dll <Not Verified; DivX, Inc.; DivX®>
    2008-02-21 04:04:04 682496 --a------ C:\Windows\system32\DivX.dll <Not Verified; DivX, Inc.; DivX®>
    2008-02-21 04:03:24 12288 --a------ C:\Windows\system32\DivXWMPExtType.dll
    2008-02-01 12:17:40 587264 --a------ C:\Windows\WLXPGSS.SCR <Not Verified; Microsoft Corporation; Galerie de photos Windows Live>


    -- Registry Dump ---------------------------------------------------------------

    *Note* empty entries & legit default entries are not shown


    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 20:51]
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" []
    "NeroFilterCheck"="C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 16:57]
    "NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-20 10:51]
    "NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-04-12 17:07]
    "NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-04-12 17:07]
    "NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-04-12 17:07]
    "WinampAgent"="C:\Program Files\Winamp\winampa.exe" []
    "ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2008-03-03 15:05]
    "DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2006-11-12 12:48]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 12:55]
    "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" []
    "AlcoholAutomount"="C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" [2007-07-02 12:22]
    "DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2006-11-12 12:48]
    "DAEMON Tools Lite"="C:\Program Files\DAEMON Tools\daemon.exe" [2006-11-12 12:48]
    "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 14:33]
    "Veoh"="C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" [2008-04-01 18:35]

    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
    Contr“leur de calendrier Ulead.lnk - C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe [2008-02-13 14:37:02]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"=2 (0x2)
    "EnableLUA"=0 (0x0)
    "DisableRegistryTools"=0 (0x0)
    "HideLegacyLogonScripts"=0 (0x0)
    "HideLogoffScripts"=0 (0x0)
    "RunLogonScriptSync"=1 (0x1)
    "RunStartupScriptSync"=1 (0x1)
    "HideStartupScripts"=0 (0x0)

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
    "HideLegacyLogonScripts"=0 (0x0)
    "HideLogoffScripts"=0 (0x0)
    "RunLogonScriptSync"=1 (0x1)
    "RunStartupScriptSync"=1 (0x1)
    "HideStartupScripts"=0 (0x0)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    "{E3D5CAF1-2707-40FB-8713-6B4F72E973F8}"= C:\Windows\system32\ssqQkLed.dll [ ]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
    @="Service"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
    @="Service"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
    @="Service"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
    @="Service"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]
    @="Service"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSEXESVC]
    @="Service"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]
    @="Service"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
    @="Service"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
    @="Service"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
    @="Service"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
    @="Service"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]
    @="Service"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
    @="Driver"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
    @="Driver"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
    @="Volume shadow copy"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
    @="IEEE 1394 Bus host controllers"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
    @="SBP2 IEEE 1394 Devices"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
    @="SecurityDevices"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk]
    backupExtension=.CommonStartup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Lancement rapide d'Adobe Reader.lnk]
    backupExtension=.CommonStartup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Outil de mise à jour Google.lnk]
    backupExtension=.CommonStartup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
    "C:\Program Files\Messenger\msmsgs.exe" /background

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
    "C:\Program Files\MSN Messenger\msnmsgr.exe" /background

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
    RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
    RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvSvc]
    RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    "C:\Program Files\QuickTime\qttask.exe" -atboottime

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
    "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
    %ProgramFiles%\Windows Defender\MSASCui.exe -hide

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
    C:\Program Files\Windows Media Player\WMPNSCFG.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    bthsvcs BthServ


    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{98ebed00-3f75-11dc-a63a-000b6ab65d61}]
    AutoRun\command- F:\autorun\autorun.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ad989396-ca37-11db-a858-806e6f6e6963}]
    AutoRun\command- explorer .

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f51b0150-d5ff-11db-9840-000b6ab65d61}]
    AutoRun\command- G:\LaunchRC.exe


    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
    C:\Windows\system32\unregmp2.exe /ShowWMP

    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    %SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI



    -- End of Deckard's System Scanner: finished at 2008-04-26 20:05:17 ------------

    le second rapport:
    Deckard's System Scanner v20071014.68
    Extra logfile - please post this as an attachment with your post.
    --------------------------------------------------------------------------------

    -- System Information ----------------------------------------------------------

    Microsoft® Windows Vista™ Édition Intégrale (build 6000)
    Architecture: X86; Language: English

    CPU 0: Intel(R) Celeron(R) CPU 2.66GHz
    Percentage of Memory in Use: 46%
    Physical Memory (total/avail): 1020.78 MiB / 548.61 MiB
    Pagefile Memory (total/avail): 2284.82 MiB / 1566.19 MiB
    Virtual Memory (total/avail): 2047.88 MiB / 1906.54 MiB

    C: is Fixed (NTFS) - 114.48 GiB total, 71.38 GiB free.
    D: is CDROM (No Media)
    E: is CDROM (No Media)
    F: is CDROM (No Media)
    G: is CDROM (CDFS)

    \\.\PHYSICALDRIVE0 - Maxtor 6 Maxtor 6Y120M0 SCSI Disk Device - 114.49 GiB - 1 partition
    \PARTITION0 (bootable) - Système de fichiers installable - 114.48 GiB - C:



    -- Security Center -------------------------------------------------------------

    AUOptions is scheduled to auto-install.
    Windows Internal Firewall is disabled.

    FW: ZoneAlarm Firewall v7.1.254.000 (Check Point, LTD.) Disabled
    AV: Avira AntiVir PersonalEdition v8.0.1.15 (Avira GmbH)
    AS: Avira AntiVir PersonalEdition v 7.0.0.2
    (Avira GmbH) Outdated
    AS: Windows Defender v1.1.1505.0 (Microsoft Corporation)

    [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

    [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
    "C:\\WINDOWS\\svchost.exe"="C:\\WINDOWS\\svchost.exe:*:Enabled:svchost"


    -- Environment Variables -------------------------------------------------------

    ALLUSERSPROFILE=C:\ProgramData
    APPDATA=C:\Users\fredo\AppData\Roaming
    CommonProgramFiles=C:\Program Files\Common Files
    COMPUTERNAME=FRED-PC
    ComSpec=C:\Windows\system32\cmd.exe
    FP_NO_HOST_CHECK=NO
    HOMEDRIVE=C:
    HOMEPATH=\Users\fredo
    LOCALAPPDATA=C:\Users\fredo\AppData\Local
    LOGONSERVER=\\FRED-PC
    NUMBER_OF_PROCESSORS=1
    OS=Windows_NT
    Path=C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem
    PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
    PROCESSOR_ARCHITECTURE=x86
    PROCESSOR_IDENTIFIER=x86 Family 15 Model 3 Stepping 4, GenuineIntel
    PROCESSOR_LEVEL=15
    PROCESSOR_REVISION=0304
    ProgramData=C:\ProgramData
    ProgramFiles=C:\Program Files
    PROMPT=$P$G
    PUBLIC=C:\Users\Public
    SESSIONNAME=Console
    SystemDrive=C:
    SystemRoot=C:\Windows
    TEMP=C:\Users\fredo\AppData\Local\Temp
    TMP=C:\Users\fredo\AppData\Local\Temp
    tvdumpflags=8
    USERDOMAIN=fred-PC
    USERNAME=fredo
    USERPROFILE=C:\Users\fredo
    windir=C:\Windows


    -- User Profiles ---------------------------------------------------------------

    paul (admin)
    fredo (admin)
    autre (admin)
    Guest (guest)


    -- Add/Remove Programs ---------------------------------------------------------

    --> C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
    --> C:\Program Files\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL
    --> C:\Windows\UNNeroBackItUp.exe /UNINSTALL
    --> C:\Windows\UNNeroMediaHome.exe /UNINSTALL
    --> C:\Windows\UNNeroShowTime.exe /UNINSTALL
    --> C:\Windows\UNNeroVision.exe /UNINSTALL
    --> C:\Windows\UNRecode.exe /UNINSTALL
    AC3Filter (remove only) --> C:\Program Files\AC3Filter\uninstall.exe
    Ad-Aware 2007 --> MsiExec.exe /X{0E6AB9FC-76C2-431B-9C06-6C1CFFFEA8EB}
    Adobe Acrobat 4.0 --> C:\WINDOWS\ISUN040C.EXE -f"C:\Program Files\Common Files\Adobe\Acrobat 4.0\NT\Uninst.isu" -c"C:\Program Files\Common Files\Adobe\Acrobat 4.0\NT\Uninst.dll"
    Adobe Flash Player ActiveX --> C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Reader 8.1.1 - Français --> MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81000000003}
    Adobe Shockwave Player --> C:\Windows\System32\Macromed\SHOCKW~1\UNWISE.EXE C:\Windows\System32\Macromed\SHOCKW~1\Install.log
    Assistant de connexion Windows Live --> MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
    BitComet 0.91 --> C:\Program Files\BitComet\uninst.exe
    Casio Graph Trainer --> C:\Windows\IsUn040c.exe -f"C:\Program Files\Noblet\Casio Graph Trainer\Uninst.isu"
    Creative WebCam Live! Driver (1.01.01.0730) --> C:\Windows\CtDrvIns.exe -uninstall -script Pd0630.uns -unsext NT -plugin P0630Pin.dll -pluginres P0630Pin.crl
    Disc2Phone --> MsiExec.exe /I{FFAB5ABB-8AAB-42E2-847F-1743E51E01E9}
    DivX Codec --> C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
    DivX Content Uploader --> C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
    DivX Converter --> C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
    DivX Player --> C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
    DivX Web Player --> C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
    DivxToDVD 0.5.2 --> "C:\Program Files\vso\DivxToDVD\unins000.exe"
    EAX4 Unified Redist --> MsiExec.exe /X{89661B04-C646-4412-B6D3-5E19F02F1F37}
    eMule --> "C:\Program Files\eMule\Uninstall.exe"
    Favorit --> c:\users\paul\appdata\local\laecxc.bat
    Fx-Interface 1.9.6 --> "C:\Program Files\CASIO\Fx-Interface\unins000.exe"
    Galerie de photos Windows Live --> MsiExec.exe /X{A70FA218-6598-4AC9-813D-63597C5DD068}
    GameShadow --> MsiExec.exe /I{F7C1C17E-70E3-475F-BD52-EA554391F15D}
    HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
    Java(TM) 6 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
    Java(TM) SE Runtime Environment 6 Update 1 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
    Kaspersky Online Scanner --> C:\Windows\system32\KASPER~1\KASPER~1\kavuninstall.exe
    Microsoft .NET Framework 1.1 --> msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 1.1 --> MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 1.1 Hotfix (KB929729) --> "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\M929729\M929729Uninstall.msp"
    Microsoft Office Access MUI (French) 2007 --> MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
    Microsoft Office Excel MUI (French) 2007 --> MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
    Microsoft Office InfoPath MUI (French) 2007 --> MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}
    Microsoft Office Outlook MUI (French) 2007 --> MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
    Microsoft Office PowerPoint MUI (French) 2007 --> MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
    Microsoft Office Professional Plus 2007 --> "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
    Microsoft Office Professional Plus 2007 --> MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
    Microsoft Office Proof (Arabic) 2007 --> MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
    Microsoft Office Proof (Dutch) 2007 --> MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
    Microsoft Office Proof (English) 2007 --> MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
    Microsoft Office Proof (French) 2007 --> MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
    Microsoft Office Proof (German) 2007 --> MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
    Microsoft Office Proof (Spanish) 2007 --> MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
    Microsoft Office Proofing (French) 2007 --> MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
    Microsoft Office Publisher MUI (French) 2007 --> MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
    Microsoft Office Shared MUI (French) 2007 --> MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
    Microsoft Office Word MUI (French) 2007 --> MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
    Microsoft SQL Server 2005 Compact Edition [ENU] --> MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
    MSXML 4.0 SP2 (KB927978) --> MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
    MSXML 4.0 SP2 (KB936181) --> MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
    MSXML 4.0 SP2 (KB941833) --> MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
    Navilog1 3.5.5 --> "C:\Program Files\Navilog1\unins000.exe"
    Nero 8 Demo --> MsiExec.exe /X{5E6EC4DD-7B1F-4E10-82B9-EA1B90791036}
    neroxml --> MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
    Norton Security Scan --> MsiExec.exe /I{1A8A214F-6BAC-4E01-A27D-25C19A484908}
    NVIDIA Drivers --> C:\Windows\system32\NVUNINST.EXE UninstallGUI
    OtsTurntables Free 1.00.012 --> "C:\Windows\OTS_UI.EXE" "C:\OtsLabs\OTSTT.osi"
    PhotoFiltre Studio --> "C:\Program Files\PhotoFiltre Studio\Uninst.exe"
    Quick Zip 4.60.017b --> "C:\Program Files\QuickZip4\unins000.exe"
    QuickTime --> C:\Windows\unvise32qt.exe C:\Windows\system32\QuickTime\Uninstall.log
    Regressi --> MsiExec.exe /I{E2E164AB-1367-488F-8F1F-BA312DB2FF18}
    SafeCast Shared Components --> C:\Program Files\Common Files\Macrovision Shared\SafeCast\Install\CDAC13BA.EXE /uninstall
    SAMSUNG CDMA Modem Driver Set --> C:\Windows\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe
    SAMSUNG Mobile USB Modem 1.0 Software --> C:\Windows\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe
    SAMSUNG Mobile USB Modem Software --> C:\Windows\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe
    Security Update for Excel 2007 (KB946974) --> msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {85E83E2E-AF9B-439B-B4F9-EB9B7EF6A00E}
    Security Update for Office 2007 (KB934062) --> msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {305D509B-F194-4638-9F0F-D9E4C05F9D33}
    Security Update for Office 2007 (KB947801) --> msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {02B5A17B-01BE-4BA6-95F1-1CBB46EBC76E}
    Security Update for Outlook 2007 (KB946983) --> msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {66B9496E-C0C3-4065-9868-85CCA92126C3}
    Security Update for Publisher 2007 (KB936646) --> msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {A32E4BAF-6477-45FA-B8AB-E743FA8D63FF}
    Security Update for the 2007 Microsoft Office System (KB936960) --> msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {5E5BD655-7AA9-47F9-BB6D-A1D8CE29AC86}
    Security Update for Visio 2007 (KB947590) --> msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {6BAD036C-261F-4BEF-96CF-C20678D07A41}
    Star Wars Republic Commando --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DFAE9340-E8BB-4433-9A08-C8334DAFE1B9}\Setup.exe" -l0x9
    System Requirements Lab --> C:\Program Files\SystemRequirementsLab\Uninstall.exe
    TuxGuitar --> C:/Program Files/tuxguitar-0.9.1/uninstall.exe
    Ulead Photo Express 4.0 SE --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BBC0D330-C37B-4472-BFB9-AA217CF0C95F}\setup.exe" -l0x40c
    Uninstall Digital Video Camera Drivers --> "C:\Program Files\JL2005D\unins000.exe"
    Update for Office 2007 (KB932080) --> msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {EDC9CA29-6BC1-471C-828C-7A36109005D7}
    Update for Office 2007 (KB934391) --> msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {B3091818-7C56-4C45-BE7D-CA23027A5EA5}
    Update for Office 2007 (KB934393) --> msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {92FBAD46-E7F6-49FA-89B5-C39FC5BFAD15}
    Update for Outlook 2007 Junk Email Filter (kb949037) --> msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {B4F188C6-6DBF-42A5-A8A3-3086D1A384F2}
    Update for Word 2007 (KB934173) --> msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {C6A89125-5473-45E3-B413-ED8186437475}
    VCRedistSetup --> MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
    VeohTV BETA --> C:\Program Files\InstallShield Installation Information\{0405E51E-9582-4207-8F38-AC44201D3808}\setup.exe -runfromtemp -l0x0409
    VideoLAN VLC media player 0.8.6c --> C:\Program Files\VideoLAN\VLC\uninstall.exe
    Vodafone WCDMA Composite Device Drive Software --> C:\Windows\system32\Samsung_USB_Drivers\4\SSVDUninstall.exe
    Winamp --> "C:\Program Files\Winamp\UninstWA.exe"
    Windows Live installer --> MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
    Windows Live Mail --> MsiExec.exe /I{C514C594-23AA-4F13-A070-DB8BDB27594F}
    Windows Live Messenger --> MsiExec.exe /I{F6326B60-1B1D-4ABF-BFCD-7B7404F44411}
    Windows Live OneCare safety scanner --> MsiExec.exe /X{FE0646A7-19D0-41B4-A2BB-2C35D644270D}
    Windows Live Writer --> MsiExec.exe /X{3DFF4274-EBB0-4356-9692-972965018954}
    WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
    ZoneAlarm --> C:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe


    -- Application Event Log -------------------------------------------------------

    Event Record #/Type39914 / Success
    Event Submitted/Written: 04/26/2008 07:08:19 PM
    Event ID/Source: 12001 / usnjsvc
    Event Description:
    The Messenger Sharing USN Journal Reader service started successfully.

    Event Record #/Type39911 / Success
    Event Submitted/Written: 04/26/2008 06:59:10 PM
    Event ID/Source: 902 / Software Licensing Service
    Event Description:
    Le service de gestion des licences du logiciel a démarré.

    Event Record #/Type39905 / Success
    Event Submitted/Written: 04/26/2008 06:58:11 PM
    Event ID/Source: 5617 / WinMgmt
    Event Description:


    Event Record #/Type39904 / Success
    Event Submitted/Written: 04/26/2008 06:58:07 PM
    Event ID/Source: 5615 / WinMgmt
    Event Description:


    Event Record #/Type39889 / Success
    Event Submitted/Written: 04/26/2008 06:49:02 PM
    Event ID/Source: 5617 / WinMgmt
    Event Description:




    -- Security Event Log ----------------------------------------------------------

    No Errors/Warnings found.


    -- System Event Log ------------------------------------------------------------

    Event Record #/Type107271 / Warning
    Event Submitted/Written: 04/26/2008 07:45:33 PM
    Event ID/Source: 4226 / Tcpip
    Event Description:
    TCP/IP a atteint la limite de sécurité imposée sur le nombre de tentatives de connexion TCP simultanées.

    Event Record #/Type107270 / Warning
    Event Submitted/Written: 04/26/2008 07:29:23 PM
    Event ID/Source: 4226 / Tcpip
    Event Description:
    TCP/IP a atteint la limite de sécurité imposée sur le nombre de tentatives de connexion TCP simultanées.

    Event Record #/Type107268 / Warning
    Event Submitted/Written: 04/26/2008 07:19:53 PM
    Event ID/Source: 4226 / Tcpip
    Event Description:
    TCP/IP a atteint la limite de sécurité imposée sur le nombre de tentatives de connexion TCP simultanées.

    Event Record #/Type107254 / Warning
    Event Submitted/Written: 04/26/2008 06:59:21 PM
    Event ID/Source: 4226 / Tcpip
    Event Description:
    TCP/IP a atteint la limite de sécurité imposée sur le nombre de tentatives de connexion TCP simultanées.

    Event Record #/Type107175 / Error
    Event Submitted/Written: 04/26/2008 06:57:20 PM
    Event ID/Source: 6008 / EventLog
    Event Description:
    L'arrêt système précédant à 18:55:17 le 26/04/2008 n'était pas prévu.



    -- End of Deckard's System Scanner: finished at 2008-04-26 20:05:17 ------------

    26 Avril 2008 21:08:19

    :hello: 

    1) Désactive toute protection résidente ( antivirus…) !

    Copie le texte se situant dans le cadre ci-dessous, sans le mot citation :

    Citation :
    File::
    C:\Windows\PSEXESVC.EXE
    C:\Windows\system32\ssqQkLed.dll

    Registry::
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    "{E3D5CAF1-2707-40FB-8713-6B4F72E973F8}"=-
    [-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSEXESVC]



    Ouvre le Bloc-Notes puis colle le texte copié.
    (Démarrer\Tous les programmes\Accessoires\Bloc notes.)
    Sauvegarde ce fichier sous le nom de CFScript.txt.

    Glisse maintenant le fichier ComboFix-Do.txt dans Combofix.exe comme ci-dessous :



    Cela va relancer Combofix, tape sur 1 puis valide. Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un nouveau rapport Hijackthis.
    S'il n'y a pas de redémarrage, poste quand même les rapports.

    2) Rends toi sur ce lien : Virus Total
  • Clique sur Parcourir
  • Rends toi jusque sur ce fichier si tu le trouves :

    C:\Windows\swxcacls.exe

  • Clique sur Envoyer le fichier et laisse travailler tant que "Situation actuelle : en cours d'analyse" est affiché.
  • Il est possible que le fichier soit mis en file d'attente en raison d'un grand nombre de demandes d'analyses. En ce cas, il te faudra patienter sans actualiser la page.
  • Lorsque l'analyse est terminée ("Situation actuelle: terminé"), clique sur Formaté
  • Une nouvelle fenêtre de ton navigateur va apparaître
  • Clique alors sur cette image :
  • Fais un clic droit sur la page, et choisis Sélectionner tout, puis copier
  • Enfin colle le résultat dans ta prochaine réponse.
    Note : Peu importe le résultat, il est important de me communiquer le résultat de toute l'analyse.
    Il est possible que tes outils de sécurité réagissent à l'envoi du fichier, en ce cas il te faudra ignorer les alertes.

    ;) 
    26 Avril 2008 22:01:21

    rapport combofix:
    ComboFix 08-04-24.1 - fredo 2008-04-26 21:28:55.3 - NTFSx86
    Microsoft® Windows Vista™ Édition Intégrale 6.0.6000.0.1252.1.1033.18.479 [GMT 2:00]
    Running from: C:\Users\fredo\Desktop\ComboFix.exe
    Command switches used :: C:\Users\fredo\Desktop\CFScript.txt
    * Created a new restore point

    FILE ::
    C:\Windows\PSEXESVC.EXE
    C:\Windows\system32\ssqQkLed.dll
    .

    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\Windows\PSEXESVC.EXE
    .
    ---- Previous Run -------
    .
    C:\Program Files\Common Files\BOONTY Shared\
    C:\Program Files\Common Files\BOONTY Shared\\Service\Boonty.exe
    C:\ProgramData\GamesBar
    C:\Windows\dpevflbg.dll
    C:\Windows\Internet Logs\xDBB90F.tmp
    C:\Windows\Internet Logs\xDBBE9C.tmp
    C:\Windows\Internet Logs\xDBC294.tmp
    C:\Windows\olgdqarf.exe
    C:\Windows\System32\622D8D144D.sys
    C:\Windows\System32\AyJRAJjl.ini
    C:\Windows\System32\AyJRAJjl.ini2
    C:\Windows\System32\bauxkorq.ini
    C:\Windows\System32\euynrgux.ini
    C:\Windows\System32\lbnvkjnw.ini
    C:\Windows\system32\ljJARJyA.dll
    C:\Windows\system32\lrwmmbvk.dll
    C:\Windows\system32\mnxmymqy.dll
    C:\Windows\System32\qgfqwrvi.ini
    C:\Windows\system32\ssqQkLed.dll
    C:\Windows\system32\wnjkvnbl.dll
    C:\Windows\wdpoefan.dll

    .
    ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    -------\Legacy_BOONTY_GAMES
    -------\Service_Boonty Games
    -------\Service_r_server


    ((((((((((((((((((((((((( Files Created from 2008-03-26 to 2008-04-26 )))))))))))))))))))))))))))))))
    .

    2008-04-26 19:59 . 2008-04-26 19:59 <REP> d-------- C:\Deckard
    2008-04-26 17:32 . 2008-04-26 17:33 <REP> d-------- C:\Windows\nvtmpinst
    2008-04-26 16:52 . 2008-04-26 16:52 <REP> d-------- C:\Program Files\LucasArts
    2008-04-26 15:19 . 2008-04-26 15:36 <REP> d-------- C:\Program Files\Navilog1
    2008-04-26 15:18 . 2008-04-26 15:18 <REP> d-------- C:\Program Files\Spybot - Search & Destroy
    2008-04-26 14:11 . 2008-04-26 14:11 1,017 --a------ C:\Windows\ST5UNST.000
    2008-04-25 19:46 . 2008-04-25 19:46 <REP> d-------- C:\Users\fredo\AppData\Roaming\Download Manager
    2008-04-25 19:34 . 2008-04-25 19:34 <REP> d-------- C:\Program Files\Trend Micro
    2008-04-24 20:11 . 2008-04-24 20:16 <REP> d-------- C:\Program Files\Norton Security Scan
    2008-04-24 18:25 . 2008-04-24 18:25 <REP> d-------- C:\Windows\System32\Kaspersky Lab
    2008-04-22 21:02 . 2008-04-22 21:02 <REP> d-------- C:\Program Files\CASIO
    2008-04-22 21:02 . 2008-04-23 12:42 483 --a------ C:\Windows\FXIWIN.INI
    2008-04-19 11:13 . 2008-04-19 11:13 <REP> d-------- C:\Program Files\DAEMON Tools
    2008-04-18 22:07 . 2008-04-26 13:59 <REP> d-------- C:\Users\All Users\Avira
    2008-04-18 22:07 . 2008-04-26 13:59 <REP> d-------- C:\ProgramData\Avira
    2008-04-13 17:23 . 2008-04-13 17:23 <REP> d-------- C:\Users\autre\AppData\Roaming\PlayFirst
    2008-04-10 18:01 . 2008-04-10 18:01 <REP> dr------- C:\Users\autre\Searches
    2008-04-10 18:01 . 2008-04-10 18:01 <REP> d-------- C:\Users\autre\AppData\Roaming\Nero
    2008-04-10 18:00 . 2008-04-10 18:01 <REP> dr------- C:\Users\autre\Videos
    2008-04-10 18:00 . 2008-04-13 16:17 <REP> dr------- C:\Users\autre\Saved Games
    2008-04-10 18:00 . 2008-04-10 18:01 <REP> dr------- C:\Users\autre\Pictures
    2008-04-10 18:00 . 2008-04-10 18:01 <REP> dr------- C:\Users\autre\Music
    2008-04-10 18:00 . 2008-04-10 18:01 <REP> dr------- C:\Users\autre\Links
    2008-04-10 18:00 . 2008-04-13 17:22 <REP> dr------- C:\Users\autre\Downloads
    2008-04-10 18:00 . 2008-04-10 18:04 <REP> dr------- C:\Users\autre\Documents
    2008-04-10 18:00 . 2008-04-10 18:00 <REP> dr------- C:\Users\autre\Contacts
    2008-04-10 18:00 . 2006-11-02 14:35 <REP> d-------- C:\Users\autre\AppData\Roaming\Media Center Programs
    2008-04-10 18:00 . 2008-04-10 18:01 <REP> d--h----- C:\Users\autre\AppData
    2008-04-10 18:00 . 2008-04-10 18:01 <REP> d-------- C:\Users\autre
    2008-04-10 18:00 . 2008-04-10 18:05 524,288 --ahs---- C:\Users\autre\NTUSER.DAT{0f69446d-6a70-11db-8eb3-985e31beb686}.TMContainer00000000000000000002.regtrans-ms
    2008-04-10 18:00 . 2008-04-10 18:05 524,288 --ahs---- C:\Users\autre\NTUSER.DAT{0f69446d-6a70-11db-8eb3-985e31beb686}.TMContainer00000000000000000001.regtrans-ms
    2008-04-10 18:00 . 2008-04-26 17:04 262,144 --ah----- C:\Users\autre\ntuser.dat.LOG1
    2008-04-10 18:00 . 2008-04-10 18:05 65,536 --ahs---- C:\Users\autre\NTUSER.DAT{0f69446d-6a70-11db-8eb3-985e31beb686}.TM.blf
    2008-04-10 18:00 . 2008-04-10 18:00 0 --ah----- C:\Users\autre\ntuser.dat.LOG2
    2008-04-09 10:09 . 2008-02-15 01:19 944,184 --a------ C:\Windows\System32\winload.exe
    2008-04-09 10:09 . 2008-02-19 07:10 620,088 --a------ C:\Windows\System32\ci.dll
    2008-04-09 10:09 . 2008-02-29 08:39 371,712 --a------ C:\Windows\System32\srcore.dll
    2008-04-09 10:09 . 2008-02-29 08:38 313,856 --a------ C:\Windows\System32\rstrui.exe
    2008-04-09 10:09 . 2008-02-29 08:39 40,960 --a------ C:\Windows\System32\srclient.dll
    2008-04-09 10:09 . 2008-02-29 08:51 19,000 --a------ C:\Windows\System32\kd1394.dll
    2008-04-09 10:09 . 2008-02-29 08:38 16,384 --a------ C:\Windows\System32\srdelayed.exe
    2008-04-09 10:09 . 2008-02-29 08:34 7,168 --a------ C:\Windows\System32\f3ahvoas.dll
    2008-04-09 10:09 . 2008-02-29 08:35 6,656 --a------ C:\Windows\System32\kbd106n.dll
    2008-04-09 10:06 . 2008-02-21 02:53 1,383,424 --a------ C:\Windows\System32\mshtml.tlb
    2008-04-09 09:59 . 2008-02-21 06:43 296,448 --a------ C:\Windows\System32\gdi32.dll
    2008-04-09 09:58 . 2007-12-16 13:42 83,968 --a------ C:\Windows\System32\dnsrslvr.dll
    2008-04-09 09:58 . 2007-12-16 13:41 24,576 --a------ C:\Windows\System32\dnscacheugc.exe
    2008-04-02 14:55 . 2008-04-02 14:55 <REP> d-------- C:\Users\fredo\AppData\Roaming\DAEMON Tools
    2008-03-27 20:25 . 2008-03-03 15:05 1,086,952 --a------ C:\Windows\System32\zpeng24.dll
    2008-03-27 20:25 . 2008-03-03 15:06 279,440 --a------ C:\Windows\System32\drivers\vsdatant.sys

    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-04-26 16:57 352,614 ---ha-w C:\Windows\system32\drivers\vsconfig.xml
    2008-04-26 15:26 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-04-26 15:18 43,520 ----a-w C:\Windows\System32\CmdLineExt03.dll
    2008-04-26 13:18 --------- d-----w C:\ProgramData\Spybot - Search & Destroy
    2008-04-26 07:11 --------- d-----w C:\Program Files\Common Files\Symantec Shared
    2008-04-23 12:59 --------- d-----w C:\Program Files\eMule
    2008-04-13 16:13 --------- d---a-w C:\ProgramData\TEMP
    2008-04-13 15:23 --------- d-----w C:\ProgramData\PlayFirst
    2008-04-11 08:26 --------- d-----w C:\Program Files\Windows Mail
    2008-04-11 08:24 --------- d-----w C:\ProgramData\Microsoft Help
    2008-04-05 12:18 --------- d-----w C:\Program Files\IVCsoft
    2008-04-02 12:55 717,296 ----a-w C:\Windows\system32\drivers\sptd.sys
    2008-03-24 15:36 --------- d-----w C:\Users\fredo\AppData\Roaming\DivX
    2008-03-24 15:08 --------- d-----w C:\Program Files\DivX
    2008-03-07 17:18 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
    2008-03-07 17:14 --------- d-----w C:\Program Files\Windows Live Toolbar
    2008-03-06 17:37 --------- d-----w C:\Program Files\Windows Live
    2008-03-05 13:46 --------- d-----w C:\Users\paul\AppData\Roaming\Home Sweet Home
    2008-03-05 10:57 --------- d-----w C:\ProgramData\WLInstaller
    2008-03-05 10:51 --------- d-----w C:\Program Files\Microsoft SQL Server Compact Edition
    2008-03-05 10:45 --------- dcsh--w C:\Program Files\Common Files\WindowsLiveInstaller
    2008-03-03 13:05 54,672 ----a-w C:\Windows\System32\vsutil_loc040c.dll
    2008-02-29 04:16 2,027,008 ----a-w C:\Windows\System32\win32k.sys
    2008-02-21 04:43 826,368 ----a-w C:\Windows\System32\wininet.dll
    2008-02-21 04:43 56,320 ----a-w C:\Windows\System32\iesetup.dll
    2008-02-21 04:43 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
    2008-02-21 04:43 26,624 ----a-w C:\Windows\System32\ieUnatt.exe
    2008-02-21 02:05 524,288 ----a-w C:\Windows\System32\DivXsm.exe
    2008-02-21 02:05 3,596,288 ----a-w C:\Windows\System32\qt-dx331.dll
    2008-02-21 02:05 200,704 ----a-w C:\Windows\System32\ssldivx.dll
    2008-02-21 02:05 1,044,480 ----a-w C:\Windows\System32\libdivx.dll
    2008-02-21 02:04 823,296 ----a-w C:\Windows\System32\divx_xx0c.dll
    2008-02-21 02:04 823,296 ----a-w C:\Windows\System32\divx_xx07.dll
    2008-02-21 02:04 81,920 ----a-w C:\Windows\System32\dpl100.dll
    2008-02-21 02:04 802,816 ----a-w C:\Windows\System32\divx_xx11.dll
    2008-02-21 02:04 682,496 ----a-w C:\Windows\System32\DivX.dll
    2008-02-21 02:04 593,920 ----a-w C:\Windows\System32\dpuGUI11.dll
    2008-02-21 02:04 57,344 ----a-w C:\Windows\System32\dpv11.dll
    2008-02-21 02:04 53,248 ----a-w C:\Windows\System32\dpuGUI10.dll
    2008-02-21 02:04 344,064 ----a-w C:\Windows\System32\dpus11.dll
    2008-02-21 02:04 294,912 ----a-w C:\Windows\System32\dpu11.dll
    2008-02-21 02:04 294,912 ----a-w C:\Windows\System32\dpu10.dll
    2008-02-21 02:04 196,608 ----a-w C:\Windows\System32\dtu100.dll
    2008-02-21 02:03 156,992 ----a-w C:\Windows\System32\DivXCodecVersionChecker.exe
    2008-02-21 02:03 12,288 ----a-w C:\Windows\System32\DivXWMPExtType.dll
    2008-02-13 13:37 194,560 ----a-w C:\Windows\System32\WebClnt.dll
    2008-02-13 13:31 3,504,696 ----a-w C:\Windows\System32\ntkrnlpa.exe
    2008-02-13 13:31 3,470,392 ----a-w C:\Windows\System32\ntoskrnl.exe
    2008-02-13 13:29 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
    2008-02-13 13:29 449,536 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
    2008-02-13 13:29 4,247,552 ----a-w C:\Windows\System32\GameUXLegacyGDFs.dll
    2008-02-13 13:29 24,064 ----a-w C:\Windows\System32\netcfg.exe
    2008-02-13 13:29 22,016 ----a-w C:\Windows\System32\netiougc.exe
    2008-02-13 13:29 2,560 ----a-w C:\Windows\AppPatch\AcRes.dll
    2008-02-13 13:29 2,144,256 ----a-w C:\Windows\AppPatch\AcGenral.dll
    2008-02-13 13:29 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
    2008-02-13 13:29 167,424 ----a-w C:\Windows\System32\tcpipcfg.dll
    2008-02-13 13:29 1,686,528 ----a-w C:\Windows\System32\gameux.dll
    2008-02-13 13:18 1,244,672 ----a-w C:\Windows\System32\mcmde.dll
    2008-02-06 14:49 12,632 ----a-w C:\Windows\System32\lsdelete.exe
    2008-02-02 17:15 2,773,569 ----a-w C:\Windows\Internet Logs\tvDebug.zip
    2008-02-01 10:17 587,264 ----a-w C:\Windows\WLXPGSS.SCR
    2007-08-30 06:37 174 --sha-w C:\Program Files\desktop.ini
    2007-03-24 06:49 2,779,390 ----a-w C:\Users\paul\footmuzik.ZIP
    2007-03-06 17:18 16,757,793 ----a-w C:\Users\paul\nasa-world-wind_nasa_world_wind_1.4.0_anglais_14069.exe
    2007-03-06 17:01 14,994,144 ----a-w C:\Users\paul\GoogleEarthWin_EARW.exe
    2006-08-19 05:20 7,329,304 ----a-w C:\Users\Public\LegoStarWarsII.exe
    2007-09-15 15:54 1,890 --sha-w C:\Windows\System32\KGyGaAvL.sys
    2007-09-02 16:15 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012007090220070903\index.dat
    .

    ((((((((((((((((((((((((((((( snapshot_2008-04-26_18.54.57.76 )))))))))))))))))))))))))))))))))))))))))
    .
    - 2008-04-26 16:48:29 67,584 --s-a-w C:\Windows\bootstat.dat
    + 2008-04-26 16:57:18 67,584 --s-a-w C:\Windows\bootstat.dat
    - 2008-04-26 16:48:32 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
    + 2008-04-26 16:57:20 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
    - 2008-04-26 16:48:32 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
    + 2008-04-26 16:57:20 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
    - 2008-04-26 16:50:33 262,144 ----a-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\UsrClass.dat
    + 2008-04-26 19:12:55 262,144 ----a-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\UsrClass.dat
    - 2008-04-26 16:51:11 1,310,720 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT
    + 2008-04-26 17:00:26 1,310,720 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT
    - 2008-04-26 16:50:31 262,144 ----a-w C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\UsrClass.dat
    + 2008-04-26 19:28:36 262,144 ----a-w C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\UsrClass.dat
    - 2008-04-26 16:51:49 1,310,720 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT
    + 2008-04-26 17:00:21 1,310,720 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT
    - 2008-04-26 16:48:42 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    + 2008-04-26 16:57:32 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    - 2008-04-26 16:48:42 49,152 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    + 2008-04-26 16:57:32 49,152 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    - 2008-04-26 16:48:42 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    + 2008-04-26 16:57:32 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    - 2008-04-26 16:05:10 108,260 ----a-w C:\Windows\System32\perfc009.dat
    + 2008-04-26 18:59:54 108,260 ----a-w C:\Windows\System32\perfc009.dat
    - 2008-04-26 16:05:10 122,212 ----a-w C:\Windows\System32\perfc00C.dat
    + 2008-04-26 18:59:54 122,212 ----a-w C:\Windows\System32\perfc00C.dat
    - 2008-04-26 16:05:10 621,176 ----a-w C:\Windows\System32\perfh009.dat
    + 2008-04-26 18:59:54 621,176 ----a-w C:\Windows\System32\perfh009.dat
    - 2008-04-26 16:05:10 700,860 ----a-w C:\Windows\System32\perfh00C.dat
    + 2008-04-26 18:59:54 700,860 ----a-w C:\Windows\System32\perfh00C.dat
    - 2008-04-26 15:38:11 7,114 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2740256353-4076371411-4223361501-1005_UserData.bin
    + 2008-04-26 17:00:13 7,178 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2740256353-4076371411-4223361501-1005_UserData.bin
    - 2008-04-26 15:38:10 88,890 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
    + 2008-04-26 17:00:13 89,022 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
    .
    -- Snapshot reset to current date --
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 12:55 5674352]
    "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [ ]
    "AlcoholAutomount"="C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" [2007-07-02 12:22 219008]
    "DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2006-11-12 12:48 157592]
    "DAEMON Tools Lite"="C:\Program Files\DAEMON Tools\daemon.exe" [2006-11-12 12:48 157592]
    "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 14:33 201728]
    "Veoh"="C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" [2008-04-01 18:35 3587120]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 20:51 39792]
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [ ]
    "NeroFilterCheck"="C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 16:57 153136]
    "NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-20 10:51 1836328]
    "NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-04-12 17:07 86016]
    "NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-04-12 17:07 8429568]
    "NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-04-12 17:07 81920]
    "WinampAgent"="C:\Program Files\Winamp\winampa.exe" [ ]
    "ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2008-03-03 15:05 959976]
    "DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2006-11-12 12:48 157592]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "EnableLUA"= 0 (0x0)

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "vidc.DIV3"= DivXc32.dll
    "vidc.DIV4"= DivXc32f.dll
    "msacm.divxa32"= DivXa32.acm
    "VIDC.HFYU"= huffyuv.dll

    [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk]
    backupExtension=.CommonStartup

    [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Lancement rapide d'Adobe Reader.lnk]
    backupExtension=.CommonStartup

    [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Outil de mise à jour Google.lnk]
    backupExtension=.CommonStartup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
    --a------ 2002-04-11 08:36 1458448 C:\Program Files\Messenger\msmsgs.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
    --a------ 2007-01-19 12:55 5674352 C:\Program Files\MSN Messenger\msnmsgr.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
    --a------ 2007-04-12 17:07 8429568 C:\Windows\system32\NvCpl.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
    --a------ 2007-04-12 17:07 81920 C:\Windows\system32\NvMcTray.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvSvc]
    --a------ 2007-04-12 17:07 86016 C:\Windows\system32\nvsvc.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    C:\Program Files\QuickTime\qttask.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
    --a------ 2007-07-12 04:00 132496 C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
    --a------ 2007-04-02 17:00 1006264 C:\Program Files\Windows Defender\MSASCui.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
    --a------ 2006-11-02 14:33 201728 C:\Program Files\Windows Media Player\WMPNSCFG.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
    "{6683FCCC-C7A2-4878-90C2-A94F1C86474C}"= C:\Program Files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)
    "TCP Query User{66E0982E-3840-42B0-AA67-D8B7634AD74C}C:\\program files\\emule\\emule.exe"= UDP:C:\program files\emule\emule.exe:eMule
    "UDP Query User{39FF1F52-0907-4790-B813-912C6DBC9847}C:\\program files\\emule\\emule.exe"= TCP:C:\program files\emule\emule.exe:eMule
    "{9DEECA4B-EF66-4FAD-A875-639817827193}"= TCP:6004|C:\Program Files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
    "TCP Query User{2AA7AFF7-DBCB-4782-A695-70B04ADD9536}C:\\windows\\explorer.exe"= UDP:C:\windows\explorer.exe:Windows Explorer
    "UDP Query User{1FF3BAB2-7DF7-43FC-A13D-2CD28EB80313}C:\\windows\\explorer.exe"= TCP:C:\windows\explorer.exe:Windows Explorer
    "TCP Query User{293C7553-456D-4A9C-92AD-64C0EDBCD56D}C:\\program files\\abc\\abc.exe"= UDP:C:\program files\abc\abc.exe:abc
    "UDP Query User{11AAA112-8C63-473F-A4AD-00B7665266EB}C:\\program files\\abc\\abc.exe"= TCP:C:\program files\abc\abc.exe:abc
    "TCP Query User{ABF4E115-EB48-4A61-BED0-E79601934D52}C:\\program files\\ubisoft\\splinter cell pandora tomorrow\\pandora.exe"= UDP:C:\program files\ubisoft\splinter cell pandora tomorrow\pandora.exe:p andora
    "UDP Query User{90EEFECF-F774-44AC-8049-0610C2ECA226}C:\\program files\\ubisoft\\splinter cell pandora tomorrow\\pandora.exe"= TCP:C:\program files\ubisoft\splinter cell pandora tomorrow\pandora.exe:p andora
    "TCP Query User{A9591C14-B484-43DD-A58C-38226C9595B8}C:\\program files\\ubisoft\\splinter cell pandora tomorrow\\online\\system\\shadowstrike_static_retail.exe"= UDP:C:\program files\ubisoft\splinter cell pandora tomorrow\online\system\shadowstrike_static_retail.exe:shadowstrike_static_retail
    "UDP Query User{A59C97B7-B840-4AE0-A421-24EB0F1A0E17}C:\\program files\\ubisoft\\splinter cell pandora tomorrow\\online\\system\\shadowstrike_static_retail.exe"= TCP:C:\program files\ubisoft\splinter cell pandora tomorrow\online\system\shadowstrike_static_retail.exe:shadowstrike_static_retail
    "TCP Query User{7234CDB4-9BC7-44B9-8E0B-AA1D62118A27}C:\\program files\\emule\\emule.exe"= UDP:C:\program files\emule\emule.exe:eMule
    "UDP Query User{70A97077-228D-44EF-AE7E-1D12CC421228}C:\\program files\\emule\\emule.exe"= TCP:C:\program files\emule\emule.exe:eMule
    "TCP Query User{4C57F91C-2B85-4A85-B1A5-6FAF54D54C5E}C:\\program files\\abc\\abc.exe"= UDP:C:\program files\abc\abc.exe:abc
    "UDP Query User{036E9CCC-1BC4-4337-BEC7-077AFDCC93DD}C:\\program files\\abc\\abc.exe"= TCP:C:\program files\abc\abc.exe:abc
    "TCP Query User{B7D2E62A-6205-43B3-AD75-E4282B6DD891}C:\\program files\\32nd america's cup - demo\\vskac32_demo.exe"= UDP:C:\program files\32nd america's cup - demo\vskac32_demo.exe:VskAC32_Demo
    "UDP Query User{360C9DC3-F777-47B6-B954-C32E719B130F}C:\\program files\\32nd america's cup - demo\\vskac32_demo.exe"= TCP:C:\program files\32nd america's cup - demo\vskac32_demo.exe:VskAC32_Demo
    "TCP Query User{0B24FB9B-AF6E-46AF-947A-9B5AD87A0BE2}C:\\program files\\electronic arts\\need for speed carbon\\nfsc.exe"= UDP:C:\program files\electronic arts\need for speed carbon\nfsc.exe:NFSC
    "UDP Query User{21788F0A-3001-407B-83B0-A2E91884F631}C:\\program files\\electronic arts\\need for speed carbon\\nfsc.exe"= TCP:C:\program files\electronic arts\need for speed carbon\nfsc.exe:NFSC
    "{57555DCD-0F71-45CA-88C8-0B8D901AA700}"= C:\Program Files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)
    "{DD578FC0-FB1F-4FD6-9199-2221FA1A5160}"= UDP:C:\Program Files\Messenger\msmsgs.exe:Windows Messenger
    "{982DCBF1-7F2A-4C8D-9DB6-22E83EC68C6B}"= TCP:C:\Program Files\Messenger\msmsgs.exe:Windows Messenger
    "TCP Query User{AF6ABDDD-A264-4B48-AC08-C3DE667E7418}C:\\program files\\ubisoft\\tom clancy's splinter cell double agent\\scda-offline\\system\\splintercell4.exe"= UDP:C:\program files\ubisoft\tom clancy's splinter cell double agent\scda-offline\system\splintercell4.exe:SplinterCell4
    "UDP Query User{D2B3D2FA-450A-4A72-A82D-34AF38AD4BE7}C:\\program files\\ubisoft\\tom clancy's splinter cell double agent\\scda-offline\\system\\splintercell4.exe"= TCP:C:\program files\ubisoft\tom clancy's splinter cell double agent\scda-offline\system\splintercell4.exe:SplinterCell4
    "{1D9F73F5-780B-44DA-A983-4F1615219181}"= C:\Program Files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)
    "TCP Query User{7ADE55AE-3F49-44E2-9854-6F826EFCB332}C:\\typsoft ftp server\\ftpserv.exe"= UDP:C:\typsoft ftp server\ftpserv.exe:TYPSoft FTP Server
    "UDP Query User{E6DEB5F3-4086-4729-84FF-42837391236C}C:\\typsoft ftp server\\ftpserv.exe"= TCP:C:\typsoft ftp server\ftpserv.exe:TYPSoft FTP Server
    "TCP Query User{6D2C47EF-1CA6-45CB-982D-5953D0F2C076}C:\\program files\\adsltv\\adsltv.exe"= UDP:C:\program files\adsltv\adsltv.exe:adsltv
    "UDP Query User{DF1AC20D-BB89-4B0D-BDB1-5086F67CCA95}C:\\program files\\adsltv\\adsltv.exe"= TCP:C:\program files\adsltv\adsltv.exe:adsltv
    "TCP Query User{A60687CC-7747-4CA3-B620-6EA540644A75}C:\\program files\\veoh networks\\veoh\\veohclient.exe"= UDP:C:\program files\veoh networks\veoh\veohclient.exe:Veoh Client
    "UDP Query User{A7E313D6-FC7F-4E69-ADAA-DC97F0C282AB}C:\\program files\\veoh networks\\veoh\\veohclient.exe"= TCP:C:\program files\veoh networks\veoh\veohclient.exe:Veoh Client
    "{FB230512-BDAA-4110-9AFE-4D10579E7B58}"= UDP:19339:BitComet 19339 TCP
    "{DC1A6B7F-E5E1-4403-9D27-182A0772FD72}"= TCP:19339:BitComet 19339 UDP
    "{806CD8B0-6621-4E7E-BEBA-F4C722F93AEF}"= UDP:C:\Program Files\Winamp Remote\bin\Orb.exe:o rb
    "{BD5CD9B4-C2C0-4B77-816F-A553A2D736AE}"= TCP:C:\Program Files\Winamp Remote\bin\Orb.exe:o rb
    "{895DCCEF-1742-45B6-B277-BE8A40C3E1E8}"= UDP:C:\Program Files\Winamp Remote\bin\OrbTray.exe:o rbTray
    "{7A701332-403D-4F2B-9522-EE31ECA487ED}"= TCP:C:\Program Files\Winamp Remote\bin\OrbTray.exe:o rbTray
    "{20C17179-A0AF-495E-AB17-399C13560122}"= UDP:C:\Program Files\Winamp Remote\bin\OrbIR.exe:o rbIR
    "{B923A64F-8CA7-4AD2-9100-43EC99B409C4}"= TCP:C:\Program Files\Winamp Remote\bin\OrbIR.exe:o rbIR
    "{DB6810CD-825C-4F38-A9D4-6598F38FC774}"= UDP:C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:o rb Stream Client
    "{1FC6A47B-10D6-4216-AF7E-2506EF8F53DE}"= TCP:C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:o rb Stream Client
    "{7BB345AA-B8FD-4CDA-85F1-754E42C09F69}"= UDP:19339:BitComet 19339 TCP
    "{797E7129-0371-4B48-8B9D-3B93FA7597E3}"= TCP:19339:BitComet 19339 UDP

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
    "DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
    "C:\\WINDOWS\\svchost.exe"= C:\WINDOWS\svchost.exe:*:Enabled:svchost

    R3 P0630VID;Creative WebCam Live!;C:\Windows\system32\DRIVERS\P0630Vid.sys [2004-07-30 03:55]
    S3 s125bus;Sony Ericsson Device 125 driver (WDM);C:\Windows\system32\DRIVERS\s125bus.sys [2007-04-24 09:33]
    S3 s125mdfl;Sony Ericsson Device 125 USB WMC Modem Filter;C:\Windows\system32\DRIVERS\s125mdfl.sys [2007-04-24 09:33]
    S3 s125mdm;Sony Ericsson Device 125 USB WMC Modem Driver;C:\Windows\system32\DRIVERS\s125mdm.sys [2007-04-24 09:33]
    S3 s125mgmt;Sony Ericsson Device 125 USB WMC Device Management Drivers (WDM);C:\Windows\system32\DRIVERS\s125mgmt.sys [2007-04-24 10:33]
    S3 s125obex;Sony Ericsson Device 125 USB WMC OBEX Interface;C:\Windows\system32\DRIVERS\s125obex.sys [2007-04-24 10:33]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    bthsvcs REG_MULTI_SZ BthServ

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{98ebed00-3f75-11dc-a63a-000b6ab65d61}]
    \shell\AutoRun\command - F:\autorun\autorun.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ad989396-ca37-11db-a858-806e6f6e6963}]
    \shell\AutoRun\command - explorer .

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f51b0150-d5ff-11db-9840-000b6ab65d61}]
    \shell\AutoRun\command - G:\LaunchRC.exe

    .
    Contents of the 'Scheduled Tasks' folder
    "2008-04-25 16:00:00 C:\Windows\Tasks\Norton Security Scan.job"
    - C:\Program Files\Norton Security Scan\Nss.exe
    "2008-04-26 19:30:00 C:\Windows\Tasks\User_Feed_Synchronization-{41A72865-AFB4-4BBA-B0DF-741C21B7FD6B}.job"
    - C:\Windows\system32\msfeedssync.exe
    "2008-04-26 19:31:00 C:\Windows\Tasks\User_Feed_Synchronization-{73C20C1F-FC60-431F-B678-4E68B0DF191B}.job"
    - C:\Windows\system32\msfeedssync.exe
    .
    **************************************************************************

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-04-26 21:32:57
    Windows 6.0.6000 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 4

    **************************************************************************
    .
    Completion time: 2008-04-26 21:35:04
    ComboFix-quarantined-files.txt 2008-04-26 19:34:57
    ComboFix2.txt 2008-04-26 12:51:34

    Pre-Run: 76,494,774,272 octets libres
    Post-Run: 76,470,009,856 octets libres

    353 --- E O F --- 2008-04-26 07:31:00
    hijackthis:
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 22:00:51, on 26/04/2008
    Platform: Windows Vista (WinNT 6.00.1904)
    MSIE: Internet Explorer v7.00 (7.00.6000.16643)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\Program Files\DAEMON Tools\daemon.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Windows\ehome\ehtray.exe
    C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Windows\System32\rundll32.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Adobe\Reader 8.0\Reader\Reader_SL.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\Program Files\DAEMON Tools\daemon.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
    C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
    O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
    O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
    O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools\daemon.exe" -autorun
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-21-2740256353-4076371411-4223361501-1001\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'paul')
    O4 - HKUS\S-1-5-21-2740256353-4076371411-4223361501-1001\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe (User 'paul')
    O4 - HKUS\S-1-5-21-2740256353-4076371411-4223361501-1001\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe (User 'paul')
    O4 - Global Startup: Contrôleur de calendrier Ulead.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe
    O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
    O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
    O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - (no file)
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - (no file)
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O13 - Gopher Prefix:
    O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall....
    O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} - http://support.f-secure.com/ols/fscax.cab
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
    O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} - http://messenger.zone.msn.com/binary/SolitaireShowdown....
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
    O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0....
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} - http://messenger.zone.msn.com/binary/MessengerStatsClie...
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
    O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game08.zylom.com/activex/zylomgamesplayer.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: C-DillaCdaC11BA - Macrovision - C:\Windows\system32\drivers\CDAC11BA.EXE
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
    O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe

    --
    End of file - 9741 bytes

    je commence la deuxième étape



    26 Avril 2008 22:06:39

    voici enfin le dernier rapport
    Fichier swxcacls.exe reçu le 2008.04.17 23:40:58 (CET)Antivirus Version Dernière mise à jour Résultat
    AhnLab-V3 - - -
    AntiVir - - -
    Authentium - - -
    Avast - - -
    AVG - - -
    BitDefender - - -
    CAT-QuickHeal - - -
    ClamAV - - -
    DrWeb - - -
    eSafe - - -
    eTrust-Vet - - -
    Ewido - - -
    F-Prot - - -
    F-Secure - - -
    FileAdvisor - - -
    Fortinet - - -
    Ikarus - - Trojan-Downloader.Win32.Agent.aww
    Kaspersky - - -
    McAfee - - -
    Microsoft - - -
    NOD32v2 - - -
    Norman - - -
    Panda - - -
    Prevx1 - - -
    Rising - - -
    Sophos - - -
    Sunbelt - - -
    Symantec - - -
    TheHacker - - -
    VBA32 - - -
    VirusBuster - - -
    Webwasher-Gateway - - Virus.Win32.FileInfector.gen!90 (suspicious)

    Information additionnelle
    MD5: b1a9cf0b6f80611d31987c247ec630b4
    SHA1: 7299b3c370254e1e4bade26dc5fec818989d836a
    SHA256: 933756962d8a3530c50072e03af9e0eb0bede3c7af58feda3518240e851071ef
    SHA512: 152e24b5490c3e15ec7cf6db0e6573cd75846be6b1472165d055255a9b74a22d929bf8bef1c3f8e31333577d806d600239dde2dfbb463cc62987bac62706b9e1

    Antivirus Version Dernière mise à jour Résultat
    AhnLab-V3 - - -
    AntiVir - - -
    Authentium - - -
    Avast - - -
    AVG - - -
    BitDefender - - -
    CAT-QuickHeal - - -
    ClamAV - - -
    DrWeb - - -
    eSafe - - -
    eTrust-Vet - - -
    Ewido - - -
    F-Prot - - -
    F-Secure - - -
    FileAdvisor - - -
    Fortinet - - -
    Ikarus - - Trojan-Downloader.Win32.Agent.aww
    Kaspersky - - -
    McAfee - - -
    Microsoft - - -
    NOD32v2 - - -
    Norman - - -
    Panda - - -
    Prevx1 - - -
    Rising - - -
    Sophos - - -
    Sunbelt - - -
    Symantec - - -
    TheHacker - - -
    VBA32 - - -
    VirusBuster - - -
    Webwasher-Gateway - - Virus.Win32.FileInfector.gen!90 (suspicious)

    Information additionnelle
    MD5: b1a9cf0b6f80611d31987c247ec630b4
    SHA1: 7299b3c370254e1e4bade26dc5fec818989d836a
    SHA256: 933756962d8a3530c50072e03af9e0eb0bede3c7af58feda3518240e851071ef
    SHA512: 152e24b5490c3e15ec7cf6db0e6573cd75846be6b1472165d055255a9b74a22d929bf8bef1c3f8e31333577d806d600239dde2dfbb463cc62987bac62706b9e1

    26 Avril 2008 23:03:30

    Re,

    Bon on un problème : l'infection est revenue ! Pourquoi ? Très simple : un utilisateur du PC a relancé un crack ou un fichier infecté par le trojan vundo.

    Donc tant qu'il y aura quelqu'un pour relancer ce fichier, l'infection va se recréer, indéfiniment.

    Tu as laissé ton pc à quelqu'un depuis qu'on a commencé ? Si ton frère l'a eu entre les mains, ça doit tout expliquer je présume.

    On va donc procéder comme suit :

    1) Tu supprimes tous les cracks du PC ( en gros c'est tout ce qui est téléchargé via le P2P et aussi tout ce qui comporte les mots "crack", "keygen" etc. )

    2) Fais un scan en linge avec BitDefender, avec internet explorer ! Sauvegarde tes musiques et photos, il arrive que BitDefender les supprime ;) 

    http://www.bitdefender.fr/
    et copie colle le résultat ici
    * En bas, à gauche de la fenêtre, clique sur BitDefender SCAN ONLINE
    * Dans la nouvelle fenêtre, clique sur I agree
    * La fenêtre change encore, clique sur Click here to scan
    * Les signatures se chargent, etc.

    Tutorial en image : http://forum.pcastuces.com/sujet.asp?f=25&s=31584

    Poste-moi le rapport en entier ;) 

    3) Tu expliques à ton frère le problème... au pire tu mets un mot de passe sur le PC... Enfin, ça ça ne me regarde pas.

    ;) 
    26 Avril 2008 23:14:53

    voila j'ai commencé l'analyse. Dès que cela est terminé, je vire tous ce qui est à mon frère et je supprime sa session, il ira faire ses conneries ailleurs. Désolé pour les mots doux mais la il me fait suer ce frangin. Merci beaucoup de ton aide
    26 Avril 2008 23:20:24

    Re,

    Ne soit peut-être pas trop dur avec ton frangin, mais en tous cas il faut qu'il lise en entier le dossier en lien dans ma signature. Peut-être qu'il n'est pas au courant des dangers du net et qu'il fera plus attention.

    En tous cas, je suis certain qu'il y a eu réinfection, les rapports ne laissent aucun doute.

    Le scan est assez long, donc je te dis à demain pour très certainement en finir :super:

    Bonne nuit :hello: 
    27 Avril 2008 10:44:14

    ouf voila enfin le raport:
    BitDefender Online Scanner



    Rapport d'analyse généré à: Sun, Apr 27, 2008 - 10:35:48





    Voie d'analyse: C:\;D:\;E:\;F:\;G:\;







    Statistiques

    Temps
    00:43:50

    Fichiers
    102544

    Directoires
    17841

    Secteurs de boot
    2

    Archives
    1331

    Paquets programmes
    12189




    Résultats

    Virus identifiés
    1

    Fichiers infectés
    1

    Fichiers suspects
    0

    Avertissements
    0

    Désinfectés
    0

    Fichiers effacés
    1




    Info sur les moteurs

    Définition virus
    1183936

    Version des moteurs
    AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)

    Analyse des plugins
    16

    Archive des plugins
    42

    Unpack des plugins
    7

    E-mail plugins
    6

    Système plugins
    5




    Paramètres d'analyse

    Première action
    Désinfecté

    Seconde Action
    Supprimé

    Heuristique
    Oui

    Acceptez les avertissements
    Oui

    Extensions analysées
    exe;com;dll;ocx;scr;bin;dat;386;vxd;sys;wdm;cla;class;ovl;ole;hlp;doc;dot;xls;ppt;wbk;wiz;pot;ppa;xla;xlt;vbs;vbe;mdb;rtf;htm;hta;html;xml;xtp;php;asp;js;shs;chm;lnk;pif;prc;url;smm;pfd;msi;ini;csc;cmd;bas;

    Excludez les extensions


    Analyse d'emails
    Oui

    Analyse des Archives
    Oui

    Analyser paquets programmes
    Oui

    Analyse des fichiers
    Oui

    Analyse de boot
    Oui




    Fichier analysé
    Statut

    C:\$Recycle.Bin\S-1-5-21-2740256353-4076371411-4223361501-1000\$RVBKO4B.exe
    Infecté par: Trojan.Generic.169681

    C:\$Recycle.Bin\S-1-5-21-2740256353-4076371411-4223361501-1000\$RVBKO4B.exe
    Supprimé

    C:\NVIDIA\WinVista\97.46\nvcplptg.chm=>/#BSSC
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplptg.chm=>/#BSSCMF
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplptg.chm=>/coua.css
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplptg.chm=>/image7.gif
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplptg.chm=>/image8.gif
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplptg.chm=>/page_header.gif
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplptg.chm=>/NOTE.GIF
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplptg.chm=>/image4.gif
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplrus.chm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplrus.chm=>/#SYSTEM
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplrus.chm=>/Get_information_about_your_program_and_computer.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplrus.chm=>/Accessing_online_help.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplrus.chm=>/NVIDIA_Control_Panel.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplrus.chm=>/Print_a_help_topic.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplrus.chm=>/About_the_Menu_Bar.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplrus.chm=>/About_the_Toolbar.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplrus.chm=>/Getting_Help.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplrus.chm=>/System_Requirements.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplrus.chm=>/Getting_Started.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplrus.chm=>/About_this_help.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplrus.chm=>/Glossary.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplrus.chm=>/Understanding_the_NVIDIA_Control_Panel_Interface.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplrus.chm=>/Define_Custom_Views.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplrus.chm=>/Using_the_NVIDIA_Control_Panel_Interface.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplrus.chm=>/Using_the_View_Menu.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplrus.chm=>/Using_the_Profiles_Menu.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplrus.chm=>/System_Requirement_for_NVIDIA_SLI_Technology_(Advanced_Users).htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplrus.chm=>/To_get_technical_support.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplrus.chm=>/eHelp.xml
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplrus.chm=>/RoboHHRE.lng
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplrus.chm=>/nvcplRUS.brs
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplrus.chm=>/#BSSC
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplrus.chm=>/#BSSCMF
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplrus.chm=>/coua.css
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplrus.chm=>/NOTE.GIF
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplrus.chm=>/page_header.gif
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplrus.chm=>/image4.gif
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplrus.chm=>/image5.gif
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplrus.chm=>/image6.gif
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplsky.chm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplsky.chm=>/#SYSTEM
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplsky.chm=>/Get_information_about_your_program_and_computer.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplsky.chm=>/Accessing_online_help.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplsky.chm=>/NVIDIA_Control_Panel.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplsky.chm=>/Print_a_help_topic.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplsky.chm=>/About_the_Menu_Bar.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplsky.chm=>/About_the_Toolbar.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplsky.chm=>/Getting_Help.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplsky.chm=>/System_Requirements.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplsky.chm=>/Getting_Started.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplsky.chm=>/About_this_help.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplsky.chm=>/Glossary.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplsky.chm=>/Understanding_the_NVIDIA_Control_Panel_Interface.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplsky.chm=>/Define_Custom_Views.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplsky.chm=>/Using_the_NVIDIA_Control_Panel_Interface.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplsky.chm=>/Using_the_View_Menu.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplsky.chm=>/Using_the_Profiles_Menu.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplsky.chm=>/System_Requirement_for_NVIDIA_SLI_Technology_(Advanced_Users).htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplsky.chm=>/To_get_technical_support.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplsky.chm=>/eHelp.xml
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplsky.chm=>/RoboHHRE.lng
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplsky.chm=>/nvcplSKY.brs
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplsky.chm=>/#BSSC
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplsky.chm=>/#BSSCMF
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplsky.chm=>/coua.css
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplsky.chm=>/image4.gif
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplsky.chm=>/image5.gif
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplsky.chm=>/image6.gif
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplsky.chm=>/image7.gif
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplsky.chm=>/image8.gif
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplslv.chm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplslv.chm=>/#SYSTEM
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplslv.chm=>/Get_information_about_your_program_and_computer.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplslv.chm=>/Accessing_online_help.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplslv.chm=>/NVIDIA_Control_Panel.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplslv.chm=>/Print_a_help_topic.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplslv.chm=>/About_the_Menu_Bar.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplslv.chm=>/About_the_Toolbar.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplslv.chm=>/Getting_Help.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplslv.chm=>/System_Requirements.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplslv.chm=>/Getting_Started.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplslv.chm=>/About_this_help.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplslv.chm=>/Glossary.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplslv.chm=>/Understanding_the_NVIDIA_Control_Panel_Interface.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplslv.chm=>/Define_Custom_Views.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplslv.chm=>/Using_the_NVIDIA_Control_Panel_Interface.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplslv.chm=>/Using_the_View_Menu.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplslv.chm=>/Using_the_Profiles_Menu.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplslv.chm=>/System_Requirement_for_NVIDIA_SLI_Technology_(Advanced_Users).htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplslv.chm=>/To_get_technical_support.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplslv.chm=>/eHelp.xml
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplslv.chm=>/RoboHHRE.lng
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplslv.chm=>/nvcplSLV.brs
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplslv.chm=>/#BSSC
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplslv.chm=>/#BSSCMF
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplslv.chm=>/coua.css
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplslv.chm=>/NOTE.GIF
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplslv.chm=>/image4.gif
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplslv.chm=>/image5.gif
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplslv.chm=>/image6.gif
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplslv.chm=>/page_header.gif
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplsve.chm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplsve.chm=>/#SYSTEM
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplsve.chm=>/Get_information_about_your_program_and_computer.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplsve.chm=>/Accessing_online_help.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplsve.chm=>/NVIDIA_Control_Panel.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplsve.chm=>/Print_a_help_topic.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplsve.chm=>/About_the_Menu_Bar.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplsve.chm=>/About_the_Toolbar.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplsve.chm=>/Getting_Help.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplsve.chm=>/System_Requirements.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplsve.chm=>/Getting_Started.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplsve.chm=>/About_this_help.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplsve.chm=>/Glossary.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplsve.chm=>/Understanding_the_NVIDIA_Control_Panel_Interface.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplsve.chm=>/Define_Custom_Views.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplsve.chm=>/Using_the_NVIDIA_Control_Panel_Interface.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplsve.chm=>/Using_the_View_Menu.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplsve.chm=>/Using_the_Profiles_Menu.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplsve.chm=>/System_Requirement_for_NVIDIA_SLI_Technology_(Advanced_Users).htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplsve.chm=>/To_get_technical_support.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplsve.chm=>/eHelp.xml
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplsve.chm=>/RoboHHRE.lng
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplsve.chm=>/nvcplSVE.brs
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplsve.chm=>/#BSSC
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplsve.chm=>/#BSSCMF
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplsve.chm=>/coua.css
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplsve.chm=>/page_header.gif
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplsve.chm=>/image4.gif
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplsve.chm=>/NOTE.GIF
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplsve.chm=>/image5.gif
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcplsve.chm=>/image6.gif
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcpltha.chm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcpltha.chm=>/#SYSTEM
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcpltha.chm=>/Get_information_about_your_program_and_computer.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcpltha.chm=>/Accessing_online_help.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcpltha.chm=>/NVIDIA_Control_Panel.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcpltha.chm=>/Print_a_help_topic.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcpltha.chm=>/About_the_Menu_Bar.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcpltha.chm=>/About_the_Toolbar.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcpltha.chm=>/Getting_Help.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcpltha.chm=>/System_Requirements.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcpltha.chm=>/Getting_Started.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcpltha.chm=>/About_this_help.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcpltha.chm=>/Glossary.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcpltha.chm=>/Understanding_the_NVIDIA_Control_Panel_Interface.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcpltha.chm=>/Define_Custom_Views.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcpltha.chm=>/Using_the_NVIDIA_Control_Panel_Interface.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcpltha.chm=>/Using_the_View_Menu.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcpltha.chm=>/Using_the_Profiles_Menu.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcpltha.chm=>/System_Requirement_for_NVIDIA_SLI_Technology_(Advanced_Users).htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcpltha.chm=>/To_get_technical_support.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcpltha.chm=>/eHelp.xml
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcpltha.chm=>/RoboHHRE.lng
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcpltha.chm=>/nvcplTHA.brs
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcpltha.chm=>/#BSSC
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcpltha.chm=>/#BSSCMF
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcpltha.chm=>/coua.css
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcpltha.chm=>/image4.gif
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcpltha.chm=>/image5.gif
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcpltha.chm=>/image6.gif
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcpltha.chm=>/image7.gif
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcpltha.chm=>/image8.gif
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcpltrk.chm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcpltrk.chm=>/#SYSTEM
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcpltrk.chm=>/Get_information_about_your_program_and_computer.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcpltrk.chm=>/Accessing_online_help.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcpltrk.chm=>/NVIDIA_Control_Panel.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcpltrk.chm=>/Print_a_help_topic.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcpltrk.chm=>/About_the_Menu_Bar.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcpltrk.chm=>/About_the_Toolbar.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcpltrk.chm=>/Getting_Help.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcpltrk.chm=>/System_Requirements.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcpltrk.chm=>/Getting_Started.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcpltrk.chm=>/About_this_help.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcpltrk.chm=>/Glossary.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcpltrk.chm=>/Understanding_the_NVIDIA_Control_Panel_Interface.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcpltrk.chm=>/Define_Custom_Views.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcpltrk.chm=>/Using_the_NVIDIA_Control_Panel_Interface.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcpltrk.chm=>/Using_the_View_Menu.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcpltrk.chm=>/Using_the_Profiles_Menu.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcpltrk.chm=>/System_Requirement_for_NVIDIA_SLI_Technology_(Advanced_Users).htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcpltrk.chm=>/To_get_technical_support.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcpltrk.chm=>/eHelp.xml
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcpltrk.chm=>/RoboHHRE.lng
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcpltrk.chm=>/nvcplTRK.brs
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcpltrk.chm=>/#BSSC
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcpltrk.chm=>/#BSSCMF
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcpltrk.chm=>/coua.css
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcpltrk.chm=>/page_header.gif
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcpltrk.chm=>/NOTE.GIF
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcpltrk.chm=>/image4.gif
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcpltrk.chm=>/image5.gif
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvcpltrk.chm=>/image6.gif
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/#SYSTEM
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/Adjust_Color_Image_Settings_How_do_I.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/Adjust_Color_Image_Settings_How_do_I.htm=>(JAVASCRIPT 1)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/Adjust_Color_Image_Settings_How_do_I.htm=>(JAVASCRIPT 2)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/Adjust_Color_Image_Settings_How_do_I.htm=>(JAVASCRIPT 3)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/Adjust_Color_Image_Settings_How_do_I.htm=>(JAVASCRIPT 4)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/Change_Resolution_Attributes_How_do_I.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/Change_Resolution_Attributes_How_do_I.htm=>(JAVASCRIPT 1)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/Change_Resolution_Attributes_How_do_I.htm=>(JAVASCRIPT 2)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/Change_Resolution_Attributes_How_do_I.htm=>(JAVASCRIPT 3)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/Change_Resolution_Attributes_How_do_I.htm=>(JAVASCRIPT 4)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/CS_Change_Resolution.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/CS_Change_Resolution.htm=>(JAVASCRIPT 1)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/CS_Change_Resolution.htm=>(JAVASCRIPT 2)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/CS_Change_Resolution.htm=>(JAVASCRIPT 3)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/CS_Change_Resolution.htm=>(JAVASCRIPT 4)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_reduce_the_amount_of_flicker_on_your_screen.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_reduce_the_amount_of_flicker_on_your_screen.htm=>(JAVASCRIPT 1)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_reduce_the_amount_of_flicker_on_your_screen.htm=>(JAVASCRIPT 2)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_reduce_the_amount_of_flicker_on_your_screen.htm=>(JAVASCRIPT 3)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_reduce_the_amount_of_flicker_on_your_screen.htm=>(JAVASCRIPT 4)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_show_more_or_fewer_colors_on_your_desktop.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_show_more_or_fewer_colors_on_your_desktop.htm=>(JAVASCRIPT 1)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_show_more_or_fewer_colors_on_your_desktop.htm=>(JAVASCRIPT 2)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_show_more_or_fewer_colors_on_your_desktop.htm=>(JAVASCRIPT 3)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_show_more_or_fewer_colors_on_your_desktop.htm=>(JAVASCRIPT 4)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/Color_Settings.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/Color_Settings.htm=>(JAVASCRIPT 1)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/Color_Settings.htm=>(JAVASCRIPT 2)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/Color_Settings.htm=>(JAVASCRIPT 3)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/Color_Settings.htm=>(JAVASCRIPT 4)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_show_display_modes_not_supported_by_your_display.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_show_display_modes_not_supported_by_your_display.htm=>(JAVASCRIPT 1)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_show_display_modes_not_supported_by_your_display.htm=>(JAVASCRIPT 2)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_show_display_modes_not_supported_by_your_display.htm=>(JAVASCRIPT 3)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_show_display_modes_not_supported_by_your_display.htm=>(JAVASCRIPT 4)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_adjust_the_contrast_on_your_desktop.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_adjust_the_contrast_on_your_desktop.htm=>(JAVASCRIPT 1)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_adjust_the_contrast_on_your_desktop.htm=>(JAVASCRIPT 2)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_adjust_the_contrast_on_your_desktop.htm=>(JAVASCRIPT 3)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_adjust_the_contrast_on_your_desktop.htm=>(JAVASCRIPT 4)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_make_your_desktop_brighter.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_make_your_desktop_brighter.htm=>(JAVASCRIPT 1)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_make_your_desktop_brighter.htm=>(JAVASCRIPT 2)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_make_your_desktop_brighter.htm=>(JAVASCRIPT 3)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_make_your_desktop_brighter.htm=>(JAVASCRIPT 4)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_adjust_your_screen_resolution.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_adjust_your_screen_resolution.htm=>(JAVASCRIPT 1)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_adjust_your_screen_resolution.htm=>(JAVASCRIPT 2)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_adjust_your_screen_resolution.htm=>(JAVASCRIPT 3)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_adjust_your_screen_resolution.htm=>(JAVASCRIPT 4)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_adjust_the_color_settings_using_a_color_correction_graph.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_adjust_the_color_settings_using_a_color_correction_graph.htm=>(JAVASCRIPT 1)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_adjust_the_color_settings_using_a_color_correction_graph.htm=>(JAVASCRIPT 2)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_adjust_the_color_settings_using_a_color_correction_graph.htm=>(JAVASCRIPT 3)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_adjust_the_color_settings_using_a_color_correction_graph.htm=>(JAVASCRIPT 4)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_compensate_for_poor_lighting_conditions.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_compensate_for_poor_lighting_conditions.htm=>(JAVASCRIPT 1)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_compensate_for_poor_lighting_conditions.htm=>(JAVASCRIPT 2)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_compensate_for_poor_lighting_conditions.htm=>(JAVASCRIPT 3)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_compensate_for_poor_lighting_conditions.htm=>(JAVASCRIPT 4)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_use_Digital_Vibrance_to_make_your_desktop_colors_richer.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_use_Digital_Vibrance_to_make_your_desktop_colors_richer.htm=>(JAVASCRIPT 1)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_use_Digital_Vibrance_to_make_your_desktop_colors_richer.htm=>(JAVASCRIPT 2)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_use_Digital_Vibrance_to_make_your_desktop_colors_richer.htm=>(JAVASCRIPT 3)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_use_Digital_Vibrance_to_make_your_desktop_colors_richer.htm=>(JAVASCRIPT 4)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_stretch_the_desktop_across_both_displays.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_stretch_the_desktop_across_both_displays.htm=>(JAVASCRIPT 1)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_stretch_the_desktop_across_both_displays.htm=>(JAVASCRIPT 2)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_stretch_the_desktop_across_both_displays.htm=>(JAVASCRIPT 3)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_stretch_the_desktop_across_both_displays.htm=>(JAVASCRIPT 4)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/nView_Display_Mode_How_do_I.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/nView_Display_Mode_How_do_I.htm=>(JAVASCRIPT 1)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/nView_Display_Mode_How_do_I.htm=>(JAVASCRIPT 2)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/nView_Display_Mode_How_do_I.htm=>(JAVASCRIPT 3)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/nView_Display_Mode_How_do_I.htm=>(JAVASCRIPT 4)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_show_the_same_information_on_both_displays.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_show_the_same_information_on_both_displays.htm=>(JAVASCRIPT 1)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_show_the_same_information_on_both_displays.htm=>(JAVASCRIPT 2)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_show_the_same_information_on_both_displays.htm=>(JAVASCRIPT 3)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_show_the_same_information_on_both_displays.htm=>(JAVASCRIPT 4)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_use_more_than_one_display.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_use_more_than_one_display.htm=>(JAVASCRIPT 1)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_use_more_than_one_display.htm=>(JAVASCRIPT 2)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_use_more_than_one_display.htm=>(JAVASCRIPT 3)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_use_more_than_one_display.htm=>(JAVASCRIPT 4)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_rename_one_or_more_displays.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_rename_one_or_more_displays.htm=>(JAVASCRIPT 1)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_rename_one_or_more_displays.htm=>(JAVASCRIPT 2)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_rename_one_or_more_displays.htm=>(JAVASCRIPT 3)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_rename_one_or_more_displays.htm=>(JAVASCRIPT 4)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_change_the_display_order.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_change_the_display_order.htm=>(JAVASCRIPT 1)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_change_the_display_order.htm=>(JAVASCRIPT 2)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_change_the_display_order.htm=>(JAVASCRIPT 3)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_change_the_display_order.htm=>(JAVASCRIPT 4)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_change_the_display_on_which_your_Windows_taskbar_appears.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_change_the_display_on_which_your_Windows_taskbar_appears.htm=>(JAVASCRIPT 1)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_change_the_display_on_which_your_Windows_taskbar_appears.htm=>(JAVASCRIPT 2)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_change_the_display_on_which_your_Windows_taskbar_appears.htm=>(JAVASCRIPT 3)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_change_the_display_on_which_your_Windows_taskbar_appears.htm=>(JAVASCRIPT 4)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_always_play_video_on_a_selected_display.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_always_play_video_on_a_selected_display.htm=>(JAVASCRIPT 1)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_always_play_video_on_a_selected_display.htm=>(JAVASCRIPT 2)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_always_play_video_on_a_selected_display.htm=>(JAVASCRIPT 3)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_always_play_video_on_a_selected_display.htm=>(JAVASCRIPT 4)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_use_multiple_displays_to_increase_your_desktop_size.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_use_multiple_displays_to_increase_your_desktop_size.htm=>(JAVASCRIPT 1)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_use_multiple_displays_to_increase_your_desktop_size.htm=>(JAVASCRIPT 2)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_use_multiple_displays_to_increase_your_desktop_size.htm=>(JAVASCRIPT 3)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_use_multiple_displays_to_increase_your_desktop_size.htm=>(JAVASCRIPT 4)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_adjust_the_brightness_of_mid_tones_on_your_desktop.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_adjust_the_brightness_of_mid_tones_on_your_desktop.htm=>(JAVASCRIPT 1)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_adjust_the_brightness_of_mid_tones_on_your_desktop.htm=>(JAVASCRIPT 2)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_adjust_the_brightness_of_mid_tones_on_your_desktop.htm=>(JAVASCRIPT 3)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_adjust_the_brightness_of_mid_tones_on_your_desktop.htm=>(JAVASCRIPT 4)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_improve_the_sharpness_of_images_on_your_desktop.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_improve_the_sharpness_of_images_on_your_desktop.htm=>(JAVASCRIPT 1)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_improve_the_sharpness_of_images_on_your_desktop.htm=>(JAVASCRIPT 2)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_improve_the_sharpness_of_images_on_your_desktop.htm=>(JAVASCRIPT 3)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_improve_the_sharpness_of_images_on_your_desktop.htm=>(JAVASCRIPT 4)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/Screen_Position.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/Screen_Position.htm=>(JAVASCRIPT 1)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/Screen_Position.htm=>(JAVASCRIPT 2)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/Screen_Position.htm=>(JAVASCRIPT 3)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/Screen_Position.htm=>(JAVASCRIPT 4)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_resize_the_HDTV_desktop.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_resize_the_HDTV_desktop.htm=>(JAVASCRIPT 1)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_resize_the_HDTV_desktop.htm=>(JAVASCRIPT 2)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_resize_the_HDTV_desktop.htm=>(JAVASCRIPT 3)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_resize_the_HDTV_desktop.htm=>(JAVASCRIPT 4)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_adjust_the_HDTV_screen_position.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_adjust_the_HDTV_screen_position.htm=>(JAVASCRIPT 1)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_adjust_the_HDTV_screen_position.htm=>(JAVASCRIPT 2)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_adjust_the_HDTV_screen_position.htm=>(JAVASCRIPT 3)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_adjust_the_HDTV_screen_position.htm=>(JAVASCRIPT 4)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/Adjust_Screen_Position_How_do_I.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/Adjust_Screen_Position_How_do_I.htm=>(JAVASCRIPT 1)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/Adjust_Screen_Position_How_do_I.htm=>(JAVASCRIPT 2)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/Adjust_Screen_Position_How_do_I.htm=>(JAVASCRIPT 3)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/Adjust_Screen_Position_How_do_I.htm=>(JAVASCRIPT 4)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_center_or_move_your_screen_position.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_center_or_move_your_screen_position.htm=>(JAVASCRIPT 1)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_center_or_move_your_screen_position.htm=>(JAVASCRIPT 2)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_center_or_move_your_screen_position.htm=>(JAVASCRIPT 3)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdsp.chm=>/To_center_or_move_your_screen_position.htm=>(JAVASCRIPT 4)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/#SYSTEM
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/Adjust_Color_Image_Settings_How_do_I.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/Adjust_Color_Image_Settings_How_do_I.htm=>(JAVASCRIPT 1)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/Adjust_Color_Image_Settings_How_do_I.htm=>(JAVASCRIPT 2)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/Adjust_Color_Image_Settings_How_do_I.htm=>(JAVASCRIPT 3)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/Adjust_Color_Image_Settings_How_do_I.htm=>(JAVASCRIPT 4)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_make_your_desktop_brighter.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_make_your_desktop_brighter.htm=>(JAVASCRIPT 1)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_make_your_desktop_brighter.htm=>(JAVASCRIPT 2)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_make_your_desktop_brighter.htm=>(JAVASCRIPT 3)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_make_your_desktop_brighter.htm=>(JAVASCRIPT 4)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/Change_Resolution_Attributes_How_do_I.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/Change_Resolution_Attributes_How_do_I.htm=>(JAVASCRIPT 1)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/Change_Resolution_Attributes_How_do_I.htm=>(JAVASCRIPT 2)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/Change_Resolution_Attributes_How_do_I.htm=>(JAVASCRIPT 3)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/Change_Resolution_Attributes_How_do_I.htm=>(JAVASCRIPT 4)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/CS_Change_Resolution.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/CS_Change_Resolution.htm=>(JAVASCRIPT 1)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/CS_Change_Resolution.htm=>(JAVASCRIPT 2)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/CS_Change_Resolution.htm=>(JAVASCRIPT 3)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/CS_Change_Resolution.htm=>(JAVASCRIPT 4)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_reduce_the_amount_of_flicker_on_your_screen.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_reduce_the_amount_of_flicker_on_your_screen.htm=>(JAVASCRIPT 1)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_reduce_the_amount_of_flicker_on_your_screen.htm=>(JAVASCRIPT 2)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_reduce_the_amount_of_flicker_on_your_screen.htm=>(JAVASCRIPT 3)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_reduce_the_amount_of_flicker_on_your_screen.htm=>(JAVASCRIPT 4)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_show_more_or_fewer_colors_on_your_desktop.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_show_more_or_fewer_colors_on_your_desktop.htm=>(JAVASCRIPT 1)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_show_more_or_fewer_colors_on_your_desktop.htm=>(JAVASCRIPT 2)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_show_more_or_fewer_colors_on_your_desktop.htm=>(JAVASCRIPT 3)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_show_more_or_fewer_colors_on_your_desktop.htm=>(JAVASCRIPT 4)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/Color_Settings.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/Color_Settings.htm=>(JAVASCRIPT 1)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/Color_Settings.htm=>(JAVASCRIPT 2)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/Color_Settings.htm=>(JAVASCRIPT 3)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/Color_Settings.htm=>(JAVASCRIPT 4)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_show_display_modes_not_supported_by_your_display.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_show_display_modes_not_supported_by_your_display.htm=>(JAVASCRIPT 1)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_show_display_modes_not_supported_by_your_display.htm=>(JAVASCRIPT 2)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_show_display_modes_not_supported_by_your_display.htm=>(JAVASCRIPT 3)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_show_display_modes_not_supported_by_your_display.htm=>(JAVASCRIPT 4)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_adjust_the_contrast_on_your_desktop.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_adjust_the_contrast_on_your_desktop.htm=>(JAVASCRIPT 1)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_adjust_the_contrast_on_your_desktop.htm=>(JAVASCRIPT 2)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_adjust_the_contrast_on_your_desktop.htm=>(JAVASCRIPT 3)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_adjust_the_contrast_on_your_desktop.htm=>(JAVASCRIPT 4)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_adjust_your_screen_resolution.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_adjust_your_screen_resolution.htm=>(JAVASCRIPT 1)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_adjust_your_screen_resolution.htm=>(JAVASCRIPT 2)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_adjust_your_screen_resolution.htm=>(JAVASCRIPT 3)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_adjust_your_screen_resolution.htm=>(JAVASCRIPT 4)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_adjust_the_brightness_of_mid_tones_on_your_desktop.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_adjust_the_brightness_of_mid_tones_on_your_desktop.htm=>(JAVASCRIPT 1)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_adjust_the_brightness_of_mid_tones_on_your_desktop.htm=>(JAVASCRIPT 2)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_adjust_the_brightness_of_mid_tones_on_your_desktop.htm=>(JAVASCRIPT 3)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_adjust_the_brightness_of_mid_tones_on_your_desktop.htm=>(JAVASCRIPT 4)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_adjust_the_color_settings_using_a_color_correction_graph.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_adjust_the_color_settings_using_a_color_correction_graph.htm=>(JAVASCRIPT 1)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_adjust_the_color_settings_using_a_color_correction_graph.htm=>(JAVASCRIPT 2)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_adjust_the_color_settings_using_a_color_correction_graph.htm=>(JAVASCRIPT 3)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_adjust_the_color_settings_using_a_color_correction_graph.htm=>(JAVASCRIPT 4)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_compensate_for_poor_lighting_conditions.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_compensate_for_poor_lighting_conditions.htm=>(JAVASCRIPT 1)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_compensate_for_poor_lighting_conditions.htm=>(JAVASCRIPT 2)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_compensate_for_poor_lighting_conditions.htm=>(JAVASCRIPT 3)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_compensate_for_poor_lighting_conditions.htm=>(JAVASCRIPT 4)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_use_Digital_Vibrance_to_make_your_desktop_colors_richer.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_use_Digital_Vibrance_to_make_your_desktop_colors_richer.htm=>(JAVASCRIPT 1)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_use_Digital_Vibrance_to_make_your_desktop_colors_richer.htm=>(JAVASCRIPT 2)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_use_Digital_Vibrance_to_make_your_desktop_colors_richer.htm=>(JAVASCRIPT 3)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_use_Digital_Vibrance_to_make_your_desktop_colors_richer.htm=>(JAVASCRIPT 4)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/nView_Display_Mode_How_do_I.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/nView_Display_Mode_How_do_I.htm=>(JAVASCRIPT 1)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/nView_Display_Mode_How_do_I.htm=>(JAVASCRIPT 2)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/nView_Display_Mode_How_do_I.htm=>(JAVASCRIPT 3)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/nView_Display_Mode_How_do_I.htm=>(JAVASCRIPT 4)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_always_play_video_on_a_selected_display.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_always_play_video_on_a_selected_display.htm=>(JAVASCRIPT 1)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_always_play_video_on_a_selected_display.htm=>(JAVASCRIPT 2)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_always_play_video_on_a_selected_display.htm=>(JAVASCRIPT 3)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_always_play_video_on_a_selected_display.htm=>(JAVASCRIPT 4)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_use_multiple_displays_to_increase_your_desktop_size.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_use_multiple_displays_to_increase_your_desktop_size.htm=>(JAVASCRIPT 1)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_use_multiple_displays_to_increase_your_desktop_size.htm=>(JAVASCRIPT 2)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_use_multiple_displays_to_increase_your_desktop_size.htm=>(JAVASCRIPT 3)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_use_multiple_displays_to_increase_your_desktop_size.htm=>(JAVASCRIPT 4)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_stretch_the_desktop_across_both_displays.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_stretch_the_desktop_across_both_displays.htm=>(JAVASCRIPT 1)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_stretch_the_desktop_across_both_displays.htm=>(JAVASCRIPT 2)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_stretch_the_desktop_across_both_displays.htm=>(JAVASCRIPT 3)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_stretch_the_desktop_across_both_displays.htm=>(JAVASCRIPT 4)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_show_the_same_information_on_both_displays.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_show_the_same_information_on_both_displays.htm=>(JAVASCRIPT 1)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_show_the_same_information_on_both_displays.htm=>(JAVASCRIPT 2)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_show_the_same_information_on_both_displays.htm=>(JAVASCRIPT 3)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_show_the_same_information_on_both_displays.htm=>(JAVASCRIPT 4)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_use_more_than_one_display.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_use_more_than_one_display.htm=>(JAVASCRIPT 1)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_use_more_than_one_display.htm=>(JAVASCRIPT 2)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_use_more_than_one_display.htm=>(JAVASCRIPT 3)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_use_more_than_one_display.htm=>(JAVASCRIPT 4)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_rename_one_or_more_displays.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_rename_one_or_more_displays.htm=>(JAVASCRIPT 1)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_rename_one_or_more_displays.htm=>(JAVASCRIPT 2)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_rename_one_or_more_displays.htm=>(JAVASCRIPT 3)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_rename_one_or_more_displays.htm=>(JAVASCRIPT 4)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_change_the_display_order.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_change_the_display_order.htm=>(JAVASCRIPT 1)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_change_the_display_order.htm=>(JAVASCRIPT 2)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_change_the_display_order.htm=>(JAVASCRIPT 3)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_change_the_display_order.htm=>(JAVASCRIPT 4)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_change_the_display_on_which_your_Windows_taskbar_appears.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_change_the_display_on_which_your_Windows_taskbar_appears.htm=>(JAVASCRIPT 1)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_change_the_display_on_which_your_Windows_taskbar_appears.htm=>(JAVASCRIPT 2)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_change_the_display_on_which_your_Windows_taskbar_appears.htm=>(JAVASCRIPT 3)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_change_the_display_on_which_your_Windows_taskbar_appears.htm=>(JAVASCRIPT 4)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_improve_the_sharpness_of_images_on_your_desktop.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_improve_the_sharpness_of_images_on_your_desktop.htm=>(JAVASCRIPT 1)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_improve_the_sharpness_of_images_on_your_desktop.htm=>(JAVASCRIPT 2)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_improve_the_sharpness_of_images_on_your_desktop.htm=>(JAVASCRIPT 3)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_improve_the_sharpness_of_images_on_your_desktop.htm=>(JAVASCRIPT 4)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/Screen_Position.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/Screen_Position.htm=>(JAVASCRIPT 1)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/Screen_Position.htm=>(JAVASCRIPT 2)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/Screen_Position.htm=>(JAVASCRIPT 3)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/Screen_Position.htm=>(JAVASCRIPT 4)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_resize_the_HDTV_desktop.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_resize_the_HDTV_desktop.htm=>(JAVASCRIPT 1)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_resize_the_HDTV_desktop.htm=>(JAVASCRIPT 2)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_resize_the_HDTV_desktop.htm=>(JAVASCRIPT 3)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_resize_the_HDTV_desktop.htm=>(JAVASCRIPT 4)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_adjust_the_HDTV_screen_position.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_adjust_the_HDTV_screen_position.htm=>(JAVASCRIPT 1)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_adjust_the_HDTV_screen_position.htm=>(JAVASCRIPT 2)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_adjust_the_HDTV_screen_position.htm=>(JAVASCRIPT 3)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_adjust_the_HDTV_screen_position.htm=>(JAVASCRIPT 4)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/Adjust_Screen_Position_How_do_I.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/Adjust_Screen_Position_How_do_I.htm=>(JAVASCRIPT 1)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/Adjust_Screen_Position_How_do_I.htm=>(JAVASCRIPT 2)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/Adjust_Screen_Position_How_do_I.htm=>(JAVASCRIPT 3)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/Adjust_Screen_Position_How_do_I.htm=>(JAVASCRIPT 4)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_center_or_move_your_screen_position.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_center_or_move_your_screen_position.htm=>(JAVASCRIPT 1)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_center_or_move_your_screen_position.htm=>(JAVASCRIPT 2)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_center_or_move_your_screen_position.htm=>(JAVASCRIPT 3)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspARA.chm=>/To_center_or_move_your_screen_position.htm=>(JAVASCRIPT 4)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/#SYSTEM
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/Adjust_Color_Image_Settings_How_do_I.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/Adjust_Color_Image_Settings_How_do_I.htm=>(JAVASCRIPT 1)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/Adjust_Color_Image_Settings_How_do_I.htm=>(JAVASCRIPT 2)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/Adjust_Color_Image_Settings_How_do_I.htm=>(JAVASCRIPT 3)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/Adjust_Color_Image_Settings_How_do_I.htm=>(JAVASCRIPT 4)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_make_your_desktop_brighter.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_make_your_desktop_brighter.htm=>(JAVASCRIPT 1)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_make_your_desktop_brighter.htm=>(JAVASCRIPT 2)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_make_your_desktop_brighter.htm=>(JAVASCRIPT 3)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_make_your_desktop_brighter.htm=>(JAVASCRIPT 4)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/Change_Resolution_Attributes_How_do_I.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/Change_Resolution_Attributes_How_do_I.htm=>(JAVASCRIPT 1)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/Change_Resolution_Attributes_How_do_I.htm=>(JAVASCRIPT 2)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/Change_Resolution_Attributes_How_do_I.htm=>(JAVASCRIPT 3)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/Change_Resolution_Attributes_How_do_I.htm=>(JAVASCRIPT 4)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/CS_Change_Resolution.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/CS_Change_Resolution.htm=>(JAVASCRIPT 1)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/CS_Change_Resolution.htm=>(JAVASCRIPT 2)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/CS_Change_Resolution.htm=>(JAVASCRIPT 3)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/CS_Change_Resolution.htm=>(JAVASCRIPT 4)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_reduce_the_amount_of_flicker_on_your_screen.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_reduce_the_amount_of_flicker_on_your_screen.htm=>(JAVASCRIPT 1)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_reduce_the_amount_of_flicker_on_your_screen.htm=>(JAVASCRIPT 2)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_reduce_the_amount_of_flicker_on_your_screen.htm=>(JAVASCRIPT 3)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_reduce_the_amount_of_flicker_on_your_screen.htm=>(JAVASCRIPT 4)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_show_more_or_fewer_colors_on_your_desktop.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_show_more_or_fewer_colors_on_your_desktop.htm=>(JAVASCRIPT 1)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_show_more_or_fewer_colors_on_your_desktop.htm=>(JAVASCRIPT 2)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_show_more_or_fewer_colors_on_your_desktop.htm=>(JAVASCRIPT 3)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_show_more_or_fewer_colors_on_your_desktop.htm=>(JAVASCRIPT 4)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/Color_Settings.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/Color_Settings.htm=>(JAVASCRIPT 1)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/Color_Settings.htm=>(JAVASCRIPT 2)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/Color_Settings.htm=>(JAVASCRIPT 3)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/Color_Settings.htm=>(JAVASCRIPT 4)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_show_display_modes_not_supported_by_your_display.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_show_display_modes_not_supported_by_your_display.htm=>(JAVASCRIPT 1)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_show_display_modes_not_supported_by_your_display.htm=>(JAVASCRIPT 2)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_show_display_modes_not_supported_by_your_display.htm=>(JAVASCRIPT 3)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_show_display_modes_not_supported_by_your_display.htm=>(JAVASCRIPT 4)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_adjust_the_contrast_on_your_desktop.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_adjust_the_contrast_on_your_desktop.htm=>(JAVASCRIPT 1)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_adjust_the_contrast_on_your_desktop.htm=>(JAVASCRIPT 2)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_adjust_the_contrast_on_your_desktop.htm=>(JAVASCRIPT 3)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_adjust_the_contrast_on_your_desktop.htm=>(JAVASCRIPT 4)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_adjust_your_screen_resolution.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_adjust_your_screen_resolution.htm=>(JAVASCRIPT 1)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_adjust_your_screen_resolution.htm=>(JAVASCRIPT 2)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_adjust_your_screen_resolution.htm=>(JAVASCRIPT 3)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_adjust_your_screen_resolution.htm=>(JAVASCRIPT 4)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_adjust_the_brightness_of_mid_tones_on_your_desktop.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_adjust_the_brightness_of_mid_tones_on_your_desktop.htm=>(JAVASCRIPT 1)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_adjust_the_brightness_of_mid_tones_on_your_desktop.htm=>(JAVASCRIPT 2)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_adjust_the_brightness_of_mid_tones_on_your_desktop.htm=>(JAVASCRIPT 3)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_adjust_the_brightness_of_mid_tones_on_your_desktop.htm=>(JAVASCRIPT 4)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_adjust_the_color_settings_using_a_color_correction_graph.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_adjust_the_color_settings_using_a_color_correction_graph.htm=>(JAVASCRIPT 1)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_adjust_the_color_settings_using_a_color_correction_graph.htm=>(JAVASCRIPT 2)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_adjust_the_color_settings_using_a_color_correction_graph.htm=>(JAVASCRIPT 3)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_adjust_the_color_settings_using_a_color_correction_graph.htm=>(JAVASCRIPT 4)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_compensate_for_poor_lighting_conditions.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_compensate_for_poor_lighting_conditions.htm=>(JAVASCRIPT 1)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_compensate_for_poor_lighting_conditions.htm=>(JAVASCRIPT 2)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_compensate_for_poor_lighting_conditions.htm=>(JAVASCRIPT 3)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_compensate_for_poor_lighting_conditions.htm=>(JAVASCRIPT 4)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_use_Digital_Vibrance_to_make_your_desktop_colors_richer.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_use_Digital_Vibrance_to_make_your_desktop_colors_richer.htm=>(JAVASCRIPT 1)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_use_Digital_Vibrance_to_make_your_desktop_colors_richer.htm=>(JAVASCRIPT 2)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_use_Digital_Vibrance_to_make_your_desktop_colors_richer.htm=>(JAVASCRIPT 3)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_use_Digital_Vibrance_to_make_your_desktop_colors_richer.htm=>(JAVASCRIPT 4)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/nView_Display_Mode_How_do_I.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/nView_Display_Mode_How_do_I.htm=>(JAVASCRIPT 1)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/nView_Display_Mode_How_do_I.htm=>(JAVASCRIPT 2)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/nView_Display_Mode_How_do_I.htm=>(JAVASCRIPT 3)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/nView_Display_Mode_How_do_I.htm=>(JAVASCRIPT 4)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_always_play_video_on_a_selected_display.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_always_play_video_on_a_selected_display.htm=>(JAVASCRIPT 1)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_always_play_video_on_a_selected_display.htm=>(JAVASCRIPT 2)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_always_play_video_on_a_selected_display.htm=>(JAVASCRIPT 3)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_always_play_video_on_a_selected_display.htm=>(JAVASCRIPT 4)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_use_multiple_displays_to_increase_your_desktop_size.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_use_multiple_displays_to_increase_your_desktop_size.htm=>(JAVASCRIPT 1)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_use_multiple_displays_to_increase_your_desktop_size.htm=>(JAVASCRIPT 2)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_use_multiple_displays_to_increase_your_desktop_size.htm=>(JAVASCRIPT 3)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_use_multiple_displays_to_increase_your_desktop_size.htm=>(JAVASCRIPT 4)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_stretch_the_desktop_across_both_displays.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_stretch_the_desktop_across_both_displays.htm=>(JAVASCRIPT 1)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_stretch_the_desktop_across_both_displays.htm=>(JAVASCRIPT 2)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_stretch_the_desktop_across_both_displays.htm=>(JAVASCRIPT 3)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_stretch_the_desktop_across_both_displays.htm=>(JAVASCRIPT 4)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_show_the_same_information_on_both_displays.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_show_the_same_information_on_both_displays.htm=>(JAVASCRIPT 1)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_show_the_same_information_on_both_displays.htm=>(JAVASCRIPT 2)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_show_the_same_information_on_both_displays.htm=>(JAVASCRIPT 3)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_show_the_same_information_on_both_displays.htm=>(JAVASCRIPT 4)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_use_more_than_one_display.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_use_more_than_one_display.htm=>(JAVASCRIPT 1)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_use_more_than_one_display.htm=>(JAVASCRIPT 2)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_use_more_than_one_display.htm=>(JAVASCRIPT 3)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_use_more_than_one_display.htm=>(JAVASCRIPT 4)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_rename_one_or_more_displays.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_rename_one_or_more_displays.htm=>(JAVASCRIPT 1)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_rename_one_or_more_displays.htm=>(JAVASCRIPT 2)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_rename_one_or_more_displays.htm=>(JAVASCRIPT 3)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_rename_one_or_more_displays.htm=>(JAVASCRIPT 4)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_change_the_display_order.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_change_the_display_order.htm=>(JAVASCRIPT 1)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_change_the_display_order.htm=>(JAVASCRIPT 2)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_change_the_display_order.htm=>(JAVASCRIPT 3)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_change_the_display_order.htm=>(JAVASCRIPT 4)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_change_the_display_on_which_your_Windows_taskbar_appears.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_change_the_display_on_which_your_Windows_taskbar_appears.htm=>(JAVASCRIPT 1)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_change_the_display_on_which_your_Windows_taskbar_appears.htm=>(JAVASCRIPT 2)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_change_the_display_on_which_your_Windows_taskbar_appears.htm=>(JAVASCRIPT 3)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_change_the_display_on_which_your_Windows_taskbar_appears.htm=>(JAVASCRIPT 4)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_improve_the_sharpness_of_images_on_your_desktop.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_improve_the_sharpness_of_images_on_your_desktop.htm=>(JAVASCRIPT 1)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_improve_the_sharpness_of_images_on_your_desktop.htm=>(JAVASCRIPT 2)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_improve_the_sharpness_of_images_on_your_desktop.htm=>(JAVASCRIPT 3)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_improve_the_sharpness_of_images_on_your_desktop.htm=>(JAVASCRIPT 4)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/Screen_Position.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/Screen_Position.htm=>(JAVASCRIPT 1)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/Screen_Position.htm=>(JAVASCRIPT 2)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/Screen_Position.htm=>(JAVASCRIPT 3)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/Screen_Position.htm=>(JAVASCRIPT 4)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_resize_the_HDTV_desktop.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_resize_the_HDTV_desktop.htm=>(JAVASCRIPT 1)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_resize_the_HDTV_desktop.htm=>(JAVASCRIPT 2)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_resize_the_HDTV_desktop.htm=>(JAVASCRIPT 3)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_resize_the_HDTV_desktop.htm=>(JAVASCRIPT 4)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_adjust_the_HDTV_screen_position.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_adjust_the_HDTV_screen_position.htm=>(JAVASCRIPT 1)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_adjust_the_HDTV_screen_position.htm=>(JAVASCRIPT 2)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_adjust_the_HDTV_screen_position.htm=>(JAVASCRIPT 3)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_adjust_the_HDTV_screen_position.htm=>(JAVASCRIPT 4)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/Adjust_Screen_Position_How_do_I.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/Adjust_Screen_Position_How_do_I.htm=>(JAVASCRIPT 1)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/Adjust_Screen_Position_How_do_I.htm=>(JAVASCRIPT 2)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/Adjust_Screen_Position_How_do_I.htm=>(JAVASCRIPT 3)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/Adjust_Screen_Position_How_do_I.htm=>(JAVASCRIPT 4)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_center_or_move_your_screen_position.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_center_or_move_your_screen_position.htm=>(JAVASCRIPT 1)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_center_or_move_your_screen_position.htm=>(JAVASCRIPT 2)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_center_or_move_your_screen_position.htm=>(JAVASCRIPT 3)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHS.chm=>/To_center_or_move_your_screen_position.htm=>(JAVASCRIPT 4)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHT.chm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHT.chm=>/#SYSTEM
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHT.chm=>/Adjust_Color_Image_Settings_How_do_I.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHT.chm=>/Adjust_Color_Image_Settings_How_do_I.htm=>(JAVASCRIPT 1)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHT.chm=>/Adjust_Color_Image_Settings_How_do_I.htm=>(JAVASCRIPT 2)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHT.chm=>/Adjust_Color_Image_Settings_How_do_I.htm=>(JAVASCRIPT 3)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHT.chm=>/Adjust_Color_Image_Settings_How_do_I.htm=>(JAVASCRIPT 4)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHT.chm=>/To_make_your_desktop_brighter.htm
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHT.chm=>/To_make_your_desktop_brighter.htm=>(JAVASCRIPT 1)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvdspCHT.chm=>/To_make_your_desktop_brighter.htm=>(JAVASCRIPT 2)
    Nettoyé

    C:\NVIDIA\WinVista\97.46\nvds
    27 Avril 2008 12:00:31

    juste pour dire, j'ai n'ai plus de pubs qui s'affichent, plus la barre dans intrnet explorer, et en réactivant antivir, plus de message non plus.
    Plutot un bonne nouvelle, ça fait plaisir!!
    27 Avril 2008 12:04:51

    :hello:  Bonjour,

    Refais un scan avec combofix et poste-moi le rapport généré que je m'assure que c'est effectivement bien propre :super:
    27 Avril 2008 12:19:37

    voici le rapport que tu m'as demandé:
    ComboFix 08-04-24.1 - fredo 2008-04-27 12:08:47.4 - NTFSx86
    Running from: C:\Users\fredo\Desktop\ComboFix.exe
    .

    ((((((((((((((((((((((((( Files Created from 2008-03-27 to 2008-04-27 )))))))))))))))))))))))))))))))
    .

    2008-04-27 12:06 . 2008-04-27 12:07 <REP> d-------- C:\327882R2FWJFW
    2008-04-27 11:11 . 2008-04-27 11:11 <REP> d-------- C:\Program Files\Avira
    2008-04-26 19:59 . 2008-04-26 19:59 <REP> d-------- C:\Deckard
    2008-04-26 17:32 . 2008-04-26 17:33 <REP> d-------- C:\Windows\nvtmpinst
    2008-04-26 15:19 . 2008-04-26 15:36 <REP> d-------- C:\Program Files\Navilog1
    2008-04-26 15:18 . 2008-04-26 15:18 <REP> d-------- C:\Program Files\Spybot - Search & Destroy
    2008-04-26 14:11 . 2008-04-26 14:11 1,017 --a------ C:\Windows\ST5UNST.000
    2008-04-25 19:46 . 2008-04-25 19:46 <REP> d-------- C:\Users\fredo\AppData\Roaming\Download Manager
    2008-04-25 19:34 . 2008-04-25 19:34 <REP> d-------- C:\Program Files\Trend Micro
    2008-04-24 20:11 . 2008-04-24 20:16 <REP> d-------- C:\Program Files\Norton Security Scan
    2008-04-24 18:25 . 2008-04-24 18:25 <REP> d-------- C:\Windows\System32\Kaspersky Lab
    2008-04-22 21:02 . 2008-04-22 21:02 <REP> d-------- C:\Program Files\CASIO
    2008-04-22 21:02 . 2008-04-23 12:42 483 --a------ C:\Windows\FXIWIN.INI
    2008-04-19 11:13 . 2008-04-19 11:13 <REP> d-------- C:\Program Files\DAEMON Tools
    2008-04-18 22:07 . 2008-04-27 11:11 <REP> d-------- C:\Users\All Users\Avira
    2008-04-18 22:07 . 2008-04-27 11:11 <REP> d-------- C:\ProgramData\Avira
    2008-04-13 17:23 . 2008-04-13 17:23 <REP> d-------- C:\Users\autre\AppData\Roaming\PlayFirst
    2008-04-10 18:01 . 2008-04-10 18:01 <REP> dr------- C:\Users\autre\Searches
    2008-04-10 18:01 . 2008-04-10 18:01 <REP> d-------- C:\Users\autre\AppData\Roaming\Nero
    2008-04-10 18:00 . 2008-04-10 18:01 <REP> dr------- C:\Users\autre\Videos
    2008-04-10 18:00 . 2008-04-13 16:17 <REP> dr------- C:\Users\autre\Saved Games
    2008-04-10 18:00 . 2008-04-10 18:01 <REP> dr------- C:\Users\autre\Pictures
    2008-04-10 18:00 . 2008-04-10 18:01 <REP> dr------- C:\Users\autre\Music
    2008-04-10 18:00 . 2008-04-10 18:01 <REP> dr------- C:\Users\autre\Links
    2008-04-10 18:00 . 2008-04-13 17:22 <REP> dr------- C:\Users\autre\Downloads
    2008-04-10 18:00 . 2008-04-10 18:04 <REP> dr------- C:\Users\autre\Documents
    2008-04-10 18:00 . 2008-04-10 18:00 <REP> dr------- C:\Users\autre\Contacts
    2008-04-10 18:00 . 2006-11-02 14:35 <REP> d-------- C:\Users\autre\AppData\Roaming\Media Center Programs
    2008-04-10 18:00 . 2008-04-10 18:01 <REP> d--h----- C:\Users\autre\AppData
    2008-04-10 18:00 . 2008-04-10 18:01 <REP> d-------- C:\Users\autre
    2008-04-10 18:00 . 2008-04-10 18:05 524,288 --ahs---- C:\Users\autre\NTUSER.DAT{0f69446d-6a70-11db-8eb3-985e31beb686}.TMContainer00000000000000000002.regtrans-ms
    2008-04-10 18:00 . 2008-04-10 18:05 524,288 --ahs---- C:\Users\autre\NTUSER.DAT{0f69446d-6a70-11db-8eb3-985e31beb686}.TMContainer00000000000000000001.regtrans-ms
    2008-04-10 18:00 . 2008-04-26 17:04 262,144 --ah----- C:\Users\autre\ntuser.dat.LOG1
    2008-04-10 18:00 . 2008-04-10 18:05 65,536 --ahs---- C:\Users\autre\NTUSER.DAT{0f69446d-6a70-11db-8eb3-985e31beb686}.TM.blf
    2008-04-10 18:00 . 2008-04-10 18:00 0 --ah----- C:\Users\autre\ntuser.dat.LOG2
    2008-04-09 10:09 . 2008-02-15 01:19 944,184 --a------ C:\Windows\System32\winload.exe
    2008-04-09 10:09 . 2008-02-19 07:10 620,088 --a------ C:\Windows\System32\ci.dll
    2008-04-09 10:09 . 2008-02-29 08:39 371,712 --a------ C:\Windows\System32\srcore.dll
    2008-04-09 10:09 . 2008-02-29 08:38 313,856 --a------ C:\Windows\System32\rstrui.exe
    2008-04-09 10:09 . 2008-02-29 08:39 40,960 --a------ C:\Windows\System32\srclient.dll
    2008-04-09 10:09 . 2008-02-29 08:51 19,000 --a------ C:\Windows\System32\kd1394.dll
    2008-04-09 10:09 . 2008-02-29 08:38 16,384 --a------ C:\Windows\System32\srdelayed.exe
    2008-04-09 10:09 . 2008-02-29 08:34 7,168 --a------ C:\Windows\System32\f3ahvoas.dll
    2008-04-09 10:09 . 2008-02-29 08:35 6,656 --a------ C:\Windows\System32\kbd106n.dll
    2008-04-09 10:06 . 2008-02-21 02:53 1,383,424 --a------ C:\Windows\System32\mshtml.tlb
    2008-04-09 09:59 . 2008-02-21 06:43 296,448 --a------ C:\Windows\System32\gdi32.dll
    2008-04-09 09:58 . 2007-12-16 13:42 83,968 --a------ C:\Windows\System32\dnsrslvr.dll
    2008-04-09 09:58 . 2007-12-16 13:41 24,576 --a------ C:\Windows\System32\dnscacheugc.exe
    2008-04-02 14:55 . 2008-04-02 14:55 <REP> d-------- C:\Users\fredo\AppData\Roaming\DAEMON Tools
    2008-03-27 20:25 . 2008-03-03 15:05 1,086,952 --a------ C:\Windows\System32\zpeng24.dll
    2008-03-27 20:25 . 2008-03-03 15:06 279,440 --a------ C:\Windows\System32\drivers\vsdatant.sys

    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-04-27 06:59 352,614 ---ha-w C:\Windows\system32\drivers\vsconfig.xml
    2008-04-26 15:26 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-04-26 15:18 43,520 ----a-w C:\Windows\System32\CmdLineExt03.dll
    2008-04-26 13:18 --------- d-----w C:\ProgramData\Spybot - Search & Destroy
    2008-04-26 07:11 --------- d-----w C:\Program Files\Common Files\Symantec Shared
    2008-04-23 12:59 --------- d-----w C:\Program Files\eMule
    2008-04-13 16:13 --------- d---a-w C:\ProgramData\TEMP
    2008-04-13 15:23 --------- d-----w C:\ProgramData\PlayFirst
    2008-04-11 08:26 --------- d-----w C:\Program Files\Windows Mail
    2008-04-11 08:24 --------- d-----w C:\ProgramData\Microsoft Help
    2008-04-05 12:18 --------- d-----w C:\Program Files\IVCsoft
    2008-04-02 12:55 717,296 ----a-w C:\Windows\system32\drivers\sptd.sys
    2008-03-24 15:36 --------- d-----w C:\Users\fredo\AppData\Roaming\DivX
    2008-03-24 15:08 --------- d-----w C:\Program Files\DivX
    2008-03-07 17:18 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
    2008-03-07 17:14 --------- d-----w C:\Program Files\Windows Live Toolbar
    2008-03-06 17:37 --------- d-----w C:\Program Files\Windows Live
    2008-03-05 13:46 --------- d-----w C:\Users\paul\AppData\Roaming\Home Sweet Home
    2008-03-05 10:57 --------- d-----w C:\ProgramData\WLInstaller
    2008-03-05 10:51 --------- d-----w C:\Program Files\Microsoft SQL Server Compact Edition
    2008-03-05 10:45 --------- dcsh--w C:\Program Files\Common Files\WindowsLiveInstaller
    2008-03-03 13:05 54,672 ----a-w C:\Windows\System32\vsutil_loc040c.dll
    2008-02-29 04:16 2,027,008 ----a-w C:\Windows\System32\win32k.sys
    2008-02-21 04:43 826,368 ----a-w C:\Windows\System32\wininet.dll
    2008-02-21 04:43 56,320 ----a-w C:\Windows\System32\iesetup.dll
    2008-02-21 04:43 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
    2008-02-21 04:43 26,624 ----a-w C:\Windows\System32\ieUnatt.exe
    2008-02-21 02:05 524,288 ----a-w C:\Windows\System32\DivXsm.exe
    2008-02-21 02:05 3,596,288 ----a-w C:\Windows\System32\qt-dx331.dll
    2008-02-21 02:05 200,704 ----a-w C:\Windows\System32\ssldivx.dll
    2008-02-21 02:05 1,044,480 ----a-w C:\Windows\System32\libdivx.dll
    2008-02-21 02:04 823,296 ----a-w C:\Windows\System32\divx_xx0c.dll
    2008-02-21 02:04 823,296 ----a-w C:\Windows\System32\divx_xx07.dll
    2008-02-21 02:04 81,920 ----a-w C:\Windows\System32\dpl100.dll
    2008-02-21 02:04 802,816 ----a-w C:\Windows\System32\divx_xx11.dll
    2008-02-21 02:04 682,496 ----a-w C:\Windows\System32\DivX.dll
    2008-02-21 02:04 593,920 ----a-w C:\Windows\System32\dpuGUI11.dll
    2008-02-21 02:04 57,344 ----a-w C:\Windows\System32\dpv11.dll
    2008-02-21 02:04 53,248 ----a-w C:\Windows\System32\dpuGUI10.dll
    2008-02-21 02:04 344,064 ----a-w C:\Windows\System32\dpus11.dll
    2008-02-21 02:04 294,912 ----a-w C:\Windows\System32\dpu11.dll
    2008-02-21 02:04 294,912 ----a-w C:\Windows\System32\dpu10.dll
    2008-02-21 02:04 196,608 ----a-w C:\Windows\System32\dtu100.dll
    2008-02-21 02:03 156,992 ----a-w C:\Windows\System32\DivXCodecVersionChecker.exe
    2008-02-21 02:03 12,288 ----a-w C:\Windows\System32\DivXWMPExtType.dll
    2008-02-13 13:37 194,560 ----a-w C:\Windows\System32\WebClnt.dll
    2008-02-13 13:31 3,504,696 ----a-w C:\Windows\System32\ntkrnlpa.exe
    2008-02-13 13:31 3,470,392 ----a-w C:\Windows\System32\ntoskrnl.exe
    2008-02-13 13:29 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
    2008-02-13 13:29 449,536 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
    2008-02-13 13:29 4,247,552 ----a-w C:\Windows\System32\GameUXLegacyGDFs.dll
    2008-02-13 13:29 24,064 ----a-w C:\Windows\System32\netcfg.exe
    2008-02-13 13:29 22,016 ----a-w C:\Windows\System32\netiougc.exe
    2008-02-13 13:29 2,560 ----a-w C:\Windows\AppPatch\AcRes.dll
    2008-02-13 13:29 2,144,256 ----a-w C:\Windows\AppPatch\AcGenral.dll
    2008-02-13 13:29 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
    2008-02-13 13:29 167,424 ----a-w C:\Windows\System32\tcpipcfg.dll
    2008-02-13 13:29 1,686,528 ----a-w C:\Windows\System32\gameux.dll
    2008-02-13 13:18 1,244,672 ----a-w C:\Windows\System32\mcmde.dll
    2008-02-06 14:49 12,632 ----a-w C:\Windows\System32\lsdelete.exe
    2008-02-02 17:15 2,773,569 ----a-w C:\Windows\Internet Logs\tvDebug.zip
    2008-02-01 10:17 587,264 ----a-w C:\Windows\WLXPGSS.SCR
    2007-08-30 06:37 174 --sha-w C:\Program Files\desktop.ini
    2007-03-24 06:49 2,779,390 ----a-w C:\Users\paul\footmuzik.ZIP
    2007-03-06 17:18 16,757,793 ----a-w C:\Users\paul\nasa-world-wind_nasa_world_wind_1.4.0_anglais_14069.exe
    2007-03-06 17:01 14,994,144 ----a-w C:\Users\paul\GoogleEarthWin_EARW.exe
    2006-08-19 05:20 7,329,304 ----a-w C:\Users\Public\LegoStarWarsII.exe
    2008-01-26 09:56 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    2008-01-26 09:56 32,768 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    2008-01-26 09:56 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    2007-09-15 15:54 1,890 --sha-w C:\Windows\System32\KGyGaAvL.sys
    2007-09-02 16:15 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012007090220070903\index.dat
    .

    ((((((((((((((((((((((((((((( snapshot_2008-04-26_21.34.30.73 )))))))))))))))))))))))))))))))))))))))))
    .
    - 2007-08-30 16:40:37 181,248 ----a-w C:\Windows\BDOSCAN8\bdcore.dll
    + 2008-04-26 21:12:53 181,760 ----a-w C:\Windows\BDOSCAN8\bdcore.dll
    - 2007-08-30 16:40:37 142,848 ----a-w C:\Windows\BDOSCAN8\libfn.dll
    + 2008-04-26 21:12:54 142,848 ----a-w C:\Windows\BDOSCAN8\libfn.dll
    + 2006-05-24 23:22:06 53,248 ----a-w C:\Windows\bdoscandel.exe
    - 2008-04-26 16:57:18 67,584 --s-a-w C:\Windows\bootstat.dat
    + 2008-04-27 06:59:43 67,584 --s-a-w C:\Windows\bootstat.dat
    + 2006-05-24 23:21:00 118,784 ----a-w C:\Windows\Downloaded Program Files\bdupd.dll
    + 2006-05-24 23:21:14 53,248 ----a-w C:\Windows\Downloaded Program Files\ipsupd.dll
    - 2008-04-26 16:57:20 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
    + 2008-04-27 06:59:46 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
    - 2008-04-26 16:57:20 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
    + 2008-04-27 06:59:46 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
    - 2008-04-26 19:12:55 262,144 ----a-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\UsrClass.dat
    + 2008-04-27 10:01:46 262,144 ----a-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\UsrClass.dat
    - 2008-04-26 17:00:26 1,310,720 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT
    + 2008-04-27 07:37:59 1,310,720 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT
    - 2008-04-26 19:28:36 262,144 ----a-w C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\UsrClass.dat
    + 2008-04-27 10:12:26 262,144 ----a-w C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\UsrClass.dat
    - 2008-04-26 17:00:21 1,310,720 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT
    + 2008-04-27 07:02:33 1,310,720 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT
    - 2008-04-26 16:57:32 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    + 2008-04-27 09:12:33 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    - 2008-04-26 16:57:32 49,152 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    + 2008-04-27 09:12:33 49,152 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    - 2008-04-26 16:57:32 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    + 2008-04-27 09:12:33 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    + 2008-04-27 09:15:19 79,424 ----a-w C:\Windows\System32\drivers\avipbb.sys
    - 2008-04-26 18:59:54 108,260 ----a-w C:\Windows\System32\perfc009.dat
    + 2008-04-27 08:33:04 108,260 ----a-w C:\Windows\System32\perfc009.dat
    - 2008-04-26 18:59:54 122,212 ----a-w C:\Windows\System32\perfc00C.dat
    + 2008-04-27 08:33:04 122,212 ----a-w C:\Windows\System32\perfc00C.dat
    - 2008-04-26 18:59:54 621,176 ----a-w C:\Windows\System32\perfh009.dat
    + 2008-04-27 08:33:04 621,176 ----a-w C:\Windows\System32\perfh009.dat
    - 2008-04-26 18:59:54 700,860 ----a-w C:\Windows\System32\perfh00C.dat
    + 2008-04-27 08:33:04 700,860 ----a-w C:\Windows\System32\perfh00C.dat
    - 2008-04-20 07:27:19 10,920 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2740256353-4076371411-4223361501-1001_UserData.bin
    + 2008-04-26 19:56:04 10,920 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2740256353-4076371411-4223361501-1001_UserData.bin
    - 2008-04-26 17:00:13 89,022 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
    + 2008-04-26 19:56:03 89,154 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
    .
    -- Snapshot reset to current date --
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 12:55 5674352]
    "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [ ]
    "AlcoholAutomount"="C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" [2007-07-02 12:22 219008]
    "DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2006-11-12 12:48 157592]
    "DAEMON Tools Lite"="C:\Program Files\DAEMON Tools\daemon.exe" [2006-11-12 12:48 157592]
    "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 14:33 201728]
    "Veoh"="C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" [2008-04-01 18:35 3587120]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 20:51 39792]
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [ ]
    "NeroFilterCheck"="C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 16:57 153136]
    "NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-20 10:51 1836328]
    "NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-04-12 17:07 86016]
    "NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-04-12 17:07 8429568]
    "NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-04-12 17:07 81920]
    "WinampAgent"="C:\Program Files\Winamp\winampa.exe" [ ]
    "ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2008-03-03 15:05 959976]
    "DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2006-11-12 12:48 157592]
    "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-04-27 11:15 262401]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "EnableLUA"= 0 (0x0)

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "vidc.DIV3"= DivXc32.dll
    "vidc.DIV4"= DivXc32f.dll
    "msacm.divxa32"= DivXa32.acm
    "VIDC.HFYU"= huffyuv.dll

    [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk]
    backupExtension=.CommonStartup

    [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Lancement rapide d'Adobe Reader.lnk]
    backupExtension=.CommonStartup

    [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Outil de mise à jour Google.lnk]
    backupExtension=.CommonStartup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
    --a------ 2002-04-11 08:36 1458448 C:\Program Files\Messenger\msmsgs.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
    --a------ 2007-01-19 12:55 5674352 C:\Program Files\MSN Messenger\msnmsgr.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
    --a------ 2007-04-12 17:07 8429568 C:\Windows\system32\NvCpl.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
    --a------ 2007-04-12 17:07 81920 C:\Windows\system32\NvMcTray.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvSvc]
    --a------ 2007-04-12 17:07 86016 C:\Windows\system32\nvsvc.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    C:\Program Files\QuickTime\qttask.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
    --a------ 2007-07-12 04:00 132496 C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
    --a------ 2007-04-02 17:00 1006264 C:\Program Files\Windows Defender\MSASCui.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
    --a------ 2006-11-02 14:33 201728 C:\Program Files\Windows Media Player\WMPNSCFG.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
    "{6683FCCC-C7A2-4878-90C2-A94F1C86474C}"= C:\Program Files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)
    "TCP Query User{66E0982E-3840-42B0-AA67-D8B7634AD74C}C:\\program files\\emule\\emule.exe"= UDP:C:\program files\emule\emule.exe:eMule
    "UDP Query User{39FF1F52-0907-4790-B813-912C6DBC9847}C:\\program files\\emule\\emule.exe"= TCP:C:\program files\emule\emule.exe:eMule
    "{9DEECA4B-EF66-4FAD-A875-639817827193}"= TCP:6004|C:\Program Files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
    "TCP Query User{2AA7AFF7-DBCB-4782-A695-70B04ADD9536}C:\\windows\\explorer.exe"= UDP:C:\windows\explorer.exe:Windows Explorer
    "UDP Query User{1FF3BAB2-7DF7-43FC-A13D-2CD28EB80313}C:\\windows\\explorer.exe"= TCP:C:\windows\explorer.exe:Windows Explorer
    "TCP Query User{293C7553-456D-4A9C-92AD-64C0EDBCD56D}C:\\program files\\abc\\abc.exe"= UDP:C:\program files\abc\abc.exe:abc
    "UDP Query User{11AAA112-8C63-473F-A4AD-00B7665266EB}C:\\program files\\abc\\abc.exe"= TCP:C:\program files\abc\abc.exe:abc
    "TCP Query User{ABF4E115-EB48-4A61-BED0-E79601934D52}C:\\program files\\ubisoft\\splinter cell pandora tomorrow\\pandora.exe"= UDP:C:\program files\ubisoft\splinter cell pandora tomorrow\pandora.exe:p andora
    "UDP Query User{90EEFECF-F774-44AC-8049-0610C2ECA226}C:\\program files\\ubisoft\\splinter cell pandora tomorrow\\pandora.exe"= TCP:C:\program files\ubisoft\splinter cell pandora tomorrow\pandora.exe:p andora
    "TCP Query User{A9591C14-B484-43DD-A58C-38226C9595B8}C:\\program files\\ubisoft\\splinter cell pandora tomorrow\\online\\system\\shadowstrike_static_retail.exe"= UDP:C:\program files\ubisoft\splinter cell pandora tomorrow\online\system\shadowstrike_static_retail.exe:shadowstrike_static_retail
    "UDP Query User{A59C97B7-B840-4AE0-A421-24EB0F1A0E17}C:\\program files\\ubisoft\\splinter cell pandora tomorrow\\online\\system\\shadowstrike_static_retail.exe"= TCP:C:\program files\ubisoft\splinter cell pandora tomorrow\online\system\shadowstrike_static_retail.exe:shadowstrike_static_retail
    "TCP Query User{7234CDB4-9BC7-44B9-8E0B-AA1D62118A27}C:\\program files\\emule\\emule.exe"= UDP:C:\program files\emule\emule.exe:eMule
    "UDP Query User{70A97077-228D-44EF-AE7E-1D12CC421228}C:\\program files\\emule\\emule.exe"= TCP:C:\program files\emule\emule.exe:eMule
    "TCP Query User{4C57F91C-2B85-4A85-B1A5-6FAF54D54C5E}C:\\program files\\abc\\abc.exe"= UDP:C:\program files\abc\abc.exe:abc
    "UDP Query User{036E9CCC-1BC4-4337-BEC7-077AFDCC93DD}C:\\program files\\abc\\abc.exe"= TCP:C:\program files\abc\abc.exe:abc
    "TCP Query User{B7D2E62A-6205-43B3-AD75-E4282B6DD891}C:\\program files\\32nd america's cup - demo\\vskac32_demo.exe"= UDP:C:\program files\32nd america's cup - demo\vskac32_demo.exe:VskAC32_Demo
    "UDP Query User{360C9DC3-F777-47B6-B954-C32E719B130F}C:\\program files\\32nd america's cup - demo\\vskac32_demo.exe"= TCP:C:\program files\32nd america's cup - demo\vskac32_demo.exe:VskAC32_Demo
    "TCP Query User{0B24FB9B-AF6E-46AF-947A-9B5AD87A0BE2}C:\\program files\\electronic arts\\need for speed carbon\\nfsc.exe"= UDP:C:\program files\electronic arts\need for speed carbon\nfsc.exe:NFSC
    "UDP Query User{21788F0A-3001-407B-83B0-A2E91884F631}C:\\program files\\electronic arts\\need for speed carbon\\nfsc.exe"= TCP:C:\program files\electronic arts\need for speed carbon\nfsc.exe:NFSC
    "{57555DCD-0F71-45CA-88C8-0B8D901AA700}"= C:\Program Files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)
    "{DD578FC0-FB1F-4FD6-9199-2221FA1A5160}"= UDP:C:\Program Files\Messenger\msmsgs.exe:Windows Messenger
    "{982DCBF1-7F2A-4C8D-9DB6-22E83EC68C6B}"= TCP:C:\Program Files\Messenger\msmsgs.exe:Windows Messenger
    "TCP Query User{AF6ABDDD-A264-4B48-AC08-C3DE667E7418}C:\\program files\\ubisoft\\tom clancy's splinter cell double agent\\scda-offline\\system\\splintercell4.exe"= UDP:C:\program files\ubisoft\tom clancy's splinter cell double agent\scda-offline\system\splintercell4.exe:SplinterCell4
    "UDP Query User{D2B3D2FA-450A-4A72-A82D-34AF38AD4BE7}C:\\program files\\ubisoft\\tom clancy's splinter cell double agent\\scda-offline\\system\\splintercell4.exe"= TCP:C:\program files\ubisoft\tom clancy's splinter cell double agent\scda-offline\system\splintercell4.exe:SplinterCell4
    "{1D9F73F5-780B-44DA-A983-4F1615219181}"= C:\Program Files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)
    "TCP Query User{7ADE55AE-3F49-44E2-9854-6F826EFCB332}C:\\typsoft ftp server\\ftpserv.exe"= UDP:C:\typsoft ftp server\ftpserv.exe:TYPSoft FTP Server
    "UDP Query User{E6DEB5F3-4086-4729-84FF-42837391236C}C:\\typsoft ftp server\\ftpserv.exe"= TCP:C:\typsoft ftp server\ftpserv.exe:TYPSoft FTP Server
    "TCP Query User{6D2C47EF-1CA6-45CB-982D-5953D0F2C076}C:\\program files\\adsltv\\adsltv.exe"= UDP:C:\program files\adsltv\adsltv.exe:adsltv
    "UDP Query User{DF1AC20D-BB89-4B0D-BDB1-5086F67CCA95}C:\\program files\\adsltv\\adsltv.exe"= TCP:C:\program files\adsltv\adsltv.exe:adsltv
    "TCP Query User{A60687CC-7747-4CA3-B620-6EA540644A75}C:\\program files\\veoh networks\\veoh\\veohclient.exe"= UDP:C:\program files\veoh networks\veoh\veohclient.exe:Veoh Client
    "UDP Query User{A7E313D6-FC7F-4E69-ADAA-DC97F0C282AB}C:\\program files\\veoh networks\\veoh\\veohclient.exe"= TCP:C:\program files\veoh networks\veoh\veohclient.exe:Veoh Client
    "{FB230512-BDAA-4110-9AFE-4D10579E7B58}"= UDP:19339:BitComet 19339 TCP
    "{DC1A6B7F-E5E1-4403-9D27-182A0772FD72}"= TCP:19339:BitComet 19339 UDP
    "{806CD8B0-6621-4E7E-BEBA-F4C722F93AEF}"= UDP:C:\Program Files\Winamp Remote\bin\Orb.exe:o rb
    "{BD5CD9B4-C2C0-4B77-816F-A553A2D736AE}"= TCP:C:\Program Files\Winamp Remote\bin\Orb.exe:o rb
    "{895DCCEF-1742-45B6-B277-BE8A40C3E1E8}"= UDP:C:\Program Files\Winamp Remote\bin\OrbTray.exe:o rbTray
    "{7A701332-403D-4F2B-9522-EE31ECA487ED}"= TCP:C:\Program Files\Winamp Remote\bin\OrbTray.exe:o rbTray
    "{20C17179-A0AF-495E-AB17-399C13560122}"= UDP:C:\Program Files\Winamp Remote\bin\OrbIR.exe:o rbIR
    "{B923A64F-8CA7-4AD2-9100-43EC99B409C4}"= TCP:C:\Program Files\Winamp Remote\bin\OrbIR.exe:o rbIR
    "{DB6810CD-825C-4F38-A9D4-6598F38FC774}"= UDP:C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:o rb Stream Client
    "{1FC6A47B-10D6-4216-AF7E-2506EF8F53DE}"= TCP:C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:o rb Stream Client
    "{7BB345AA-B8FD-4CDA-85F1-754E42C09F69}"= UDP:19339:BitComet 19339 TCP
    "{797E7129-0371-4B48-8B9D-3B93FA7597E3}"= TCP:19339:BitComet 19339 UDP

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
    "DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
    "C:\\WINDOWS\\svchost.exe"= C:\WINDOWS\svchost.exe:*:Enabled:svchost

    R3 P0630VID;Creative WebCam Live!;C:\Windows\system32\DRIVERS\P0630Vid.sys [2004-07-30 03:55]
    S3 s125bus;Sony Ericsson Device 125 driver (WDM);C:\Windows\system32\DRIVERS\s125bus.sys [2007-04-24 09:33]
    S3 s125mdfl;Sony Ericsson Device 125 USB WMC Modem Filter;C:\Windows\system32\DRIVERS\s125mdfl.sys [2007-04-24 09:33]
    S3 s125mdm;Sony Ericsson Device 125 USB WMC Modem Driver;C:\Windows\system32\DRIVERS\s125mdm.sys [2007-04-24 09:33]
    S3 s125mgmt;Sony Ericsson Device 125 USB WMC Device Management Drivers (WDM);C:\Windows\system32\DRIVERS\s125mgmt.sys [2007-04-24 10:33]
    S3 s125obex;Sony Ericsson Device 125 USB WMC OBEX Interface;C:\Windows\system32\DRIVERS\s125obex.sys [2007-04-24 10:33]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    bthsvcs REG_MULTI_SZ BthServ

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{98ebed00-3f75-11dc-a63a-000b6ab65d61}]
    \shell\AutoRun\command - F:\autorun\autorun.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ad989396-ca37-11db-a858-806e6f6e6963}]
    \shell\AutoRun\command - explorer .

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f51b0150-d5ff-11db-9840-000b6ab65d61}]
    \shell\AutoRun\command - G:\LaunchRC.exe

    *Newly Created Service* - AVGIO
    *Newly Created Service* - AVGNTFLT
    *Newly Created Service* - AVIPBB
    .
    Contents of the 'Scheduled Tasks' folder
    "2008-04-25 16:00:00 C:\Windows\Tasks\Norton Security Scan.job"
    - C:\Program Files\Norton Security Scan\Nss.exe
    "2008-04-27 10:15:00 C:\Windows\Tasks\User_Feed_Synchronization-{41A72865-AFB4-4BBA-B0DF-741C21B7FD6B}.job"
    - C:\Windows\system32\msfeedssync.exe
    "2008-04-27 10:15:00 C:\Windows\Tasks\User_Feed_Synchronization-{73C20C1F-FC60-431F-B678-4E68B0DF191B}.job"
    - C:\Windows\system32\msfeedssync.exe
    .
    **************************************************************************

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-04-27 12:14:04
    Windows 6.0.6000 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 4

    **************************************************************************
    .
    Completion time: 2008-04-27 12:16:12
    ComboFix-quarantined-files.txt 2008-04-27 10:15:53
    ComboFix2.txt 2008-04-26 19:35:05
    ComboFix3.txt 2008-04-26 12:51:34

    Pre-Run: 77,762,678,784 octets libres
    Post-Run: 78,333,575,168 octets libres

    337 --- E O F --- 2008-04-27 07:17:15
    27 Avril 2008 12:28:39

    Re,

    Tu n'as pas d'antivirus ?

    :) 
    27 Avril 2008 12:30:10

    je viens de le réinstaller, il s'agir d'antivir, on me la conseillé
    27 Avril 2008 12:31:34

    Oki,

    Fais en scan en mode sans échec avec antivir après l'avoir mis à jour et poste-moi le rapport.

    ;) 
    27 Avril 2008 18:08:42

    bon désolé du retard tout d'abord. Ensuite, le scan d'antivir n'a rin donné: il n'a rien détecter, tous est calme. Peut-on dire que c'est fini?
    27 Avril 2008 21:14:36

    Re,

    Poste un nouveau rapport hijackthis et je te dirai si tout est bon.

    ;) 
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS