Votre question

Virus Generic.Qhost

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
22 Juin 2008 18:35:35

Bonjour,

Au démarrage de mon ordinateur mon antivirus m'alerte sur un virus (Generic.qhost à priori). J'ai beau essayer de supprimer les fichiers ou de les mettre en quarantaine, à chaque reboot j'ai la même alerte...

J'ai pris connaissance des différents posts sur ce forum concernant ce problème et j'ai donc essayer d'y remédier à l'aide de CCLeaner et d'Ewido, en mode sans echec, mais rien n'y fait.

Je sollicte donc un peu de votre temps, pouvez-vous m'aider ?

je vous donne le rapport de Hijackthis :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:14:40, on 22/06/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\BullGuard Software\BullGuard\BullGuard.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\NETGEAR\WPN311\wlancfg5.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\msnbootcf.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\PiWhy\Desktop\Virus\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.medion.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {6005A2C4-19B8-4002-9A68-64A1CE169E14} - C:\Windows\system32\TapiMjgPlugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: (no name) - {F86B11F3-0CE1-475F-9541-5329BF7B3597} - C:\Windows\system32\urqRJDsr.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [BullGuard] "C:\Program Files\BullGuard Software\BullGuard\bullguard.exe" -boot
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\GoogleEULA\EULALauncher.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [MSN Booter] msnbootcf.exe
O4 - HKLM\..\Run: [MSServer] rundll32.exe C:\Windows\system32\urqRJDsr.dll,#1
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [BullGuard] "C:\Program Files\BullGuard Software\BullGuard\BullGuard.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: NETGEAR WPN311 Smart Wizard.lnk = C:\Program Files\NETGEAR\WPN311\wlancfg5.exe
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: BullGuard LiveUpdate (BGLiveSvc) - BullGuard Software - C:\Program Files\BullGuard Software\BullGuard\BullGuardUpdate.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

--
End of file - 7547 bytes

Autres pages sur : virus generic qhost

22 Juin 2008 18:43:29

:hello:  Bonjour,

Désactive l'UAC ( Menu Démarrer \ Panneau de Configuration \ Comptes d'utilisateurs et protection des utilisateurs \ Comptes d'utilisateurs \ Activer ou désactiver le contrôle des comptes d'utilisateurs \ décoche la case Utiliser le contrôle ... et valide par OK , il te sera demandé de redémarrer, fais le )

Télécharge Combofix à partir d'**ICI** ou bien **ICI** et enregistre-le sur ton bureau.

**Note 1 : Dans le cas où tu aurais déjà une version de combofix, il faudra que tu en télécharges une autre, la toute dernière. De plus il est très important de le sauvegarder directement sur ton bureau.**

  • Merci de ne jamais renommer Combofix, sauf si cela t'es expressément demandé.
  • Ferme toutes les fenêtres en cours, sans exception.
  • Désactive toutes les protections résidentes de tous tes logiciels antivirus, antispyware etc. afin que ces derniers n'interfèrent pas avec le bonfonctionnement de Combofix.
    Très important : Désactive temporairement toutes tes protections résidentes de tous tes logiciels de sécurité avant de lancer un scan avec Combofix. Ils risqueraient d'altérer le bon déroulement du scan de Combofix, ce qui pourrait avoir des conséquences imprévues et désastreuses.
  • Clique sur ce lien pour voir une liste de programmes qui devraient systématiquement être désactivés avant l'utilisation de combofix. A noter que la liste n'est pas exhaustive. Si ton logiciel de sécurité n'est pas dans cette liste et que tu ne sais pas comment le désactiver, ou que tu ne comprends pas l'anglais :p  , merci de me poser la question.
  • ATTENTION : Combofix va automatiquement te déconnecter d'internet dès que le scan débute.
  • Merci ne pas essayer de reconnecter ta machine à internet tant que combofix n'a pas fini son travail.
  • Si jamais tu n'arrives plus à te connecter à internet après l'utilisation de combofix, redémarre ton PC pour restaurer la connexion à internet.
  • Double clique sur combofix.exe et suis les instructions qui s'affichent.
  • Quand le scan sera fini, un rapport devrait normalement s'afficher à l'écran.
  • Merci de poster le rapport suivant, "C:\ComboFix.txt" , dans votre prochaine réponse, accompagné d'un nouveau rapport HiJackThis.

    **Note 2 : Ne pas cliquer dans la fenêtre de combofix pendant qu'il travaille. Tu risquerais de planter le PC et de causer d'importants dommages.**

    ;) 
    22 Juin 2008 20:22:40

    Merci pour cette réponse plus que rapide.

    Quelques précisions sur le virus:
    le fichier infecté semble être "hosts", le nom du virus "Generic.Qhost.31A25FE3", emplacement d'origine:" C:\Windows\system32\drivers\etc"

    voici les logs ( un peu longs... dsl)

    J'attends la prochaine étape :) 

    ComboFix 08-06-20.4 - PiWhy 2008-06-22 19:47:05.1 - NTFSx86
    Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.1.1036.18.1228 [GMT 2:00]
    Endroit: C:\Users\PiWhy\Desktop\ComboFix.exe
    * Création d'un nouveau point de restauration
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\Windows\System32\rCfiPpVw.ini
    C:\Windows\System32\rCfiPpVw.ini2

    .
    ((((((((((((((((((((((((((((( Fichiers créés 2008-05-22 to 2008-06-22 ))))))))))))))))))))))))))))))))))))
    .

    2008-06-22 16:18 . 2008-06-22 16:18 <REP> d-------- C:\Users\PiWhy\AppData\Roaming\Grisoft
    2008-06-22 16:17 . 2008-06-22 16:17 <REP> d-------- C:\Users\All Users\Grisoft
    2008-06-22 16:17 . 2008-06-22 16:17 <REP> d-------- C:\ProgramData\Grisoft
    2008-06-22 16:17 . 2007-05-30 14:10 10,872 --a------ C:\Windows\System32\drivers\AvgAsCln.sys
    2008-06-22 16:16 . 2008-06-22 16:16 <REP> d-------- C:\Program Files\CCleaner
    2008-06-22 15:51 . 2008-06-22 15:51 <REP> d-------- C:\VundoFix Backups
    2008-06-22 15:33 . 2008-06-22 15:33 <REP> d-------- C:\PerfLogs
    2008-06-21 15:46 . 2008-06-21 15:50 <REP> d-------- C:\Program Files\DAEMON Tools Lite
    2008-06-21 15:37 . 2008-06-21 15:37 <REP> d-------- C:\Users\PiWhy\AppData\Roaming\DAEMON Tools
    2008-06-21 15:36 . 2008-06-21 15:37 3,702,216 --a------ C:\temp\daemon4123-lite.exe
    2008-06-21 15:22 . 2008-06-21 15:22 <REP> d-------- C:\Users\PiWhy\AppData\Roaming\DaemonTools
    2008-06-21 15:22 . 2008-06-16 15:19 41,984 -r-hs---- C:\Windows\System32\msnbootcf.exe
    2008-06-20 22:41 . 2008-01-19 09:35 9,847,296 --a------ C:\Windows\System32\NlsData000a.dll
    2008-06-20 22:40 . 2008-01-19 09:34 6,103,040 --a------ C:\Windows\System32\chtbrkr.dll
    2008-06-20 22:39 . 2008-01-19 08:06 8,147,456 --a------ C:\Windows\System32\wmploc.DLL
    2008-06-20 22:38 . 2008-01-19 09:36 704,512 --a------ C:\Windows\System32\SmiEngine.dll
    2008-06-20 22:38 . 2008-01-19 09:36 357,888 --a------ C:\Windows\System32\wbemcomn.dll
    2008-06-20 22:38 . 2008-01-19 09:36 218,624 --a------ C:\Windows\System32\wdscore.dll
    2008-06-20 22:38 . 2008-01-19 09:36 139,264 --a------ C:\Windows\System32\SmiInstaller.dll
    2008-06-20 22:38 . 2008-01-19 09:33 130,560 --a------ C:\Windows\System32\PkgMgr.exe
    2008-06-20 22:37 . 2008-01-19 09:34 305,152 --a------ C:\Windows\System32\msdelta.dll
    2008-06-20 22:37 . 2008-01-19 09:34 258,560 --a------ C:\Windows\System32\dpx.dll
    2008-06-20 22:37 . 2008-01-19 09:34 246,784 --a------ C:\Windows\System32\drvstore.dll
    2008-06-20 22:37 . 2008-01-19 09:35 35,328 --a------ C:\Windows\System32\mspatcha.dll
    2008-06-20 13:35 . 2008-06-21 16:49 <REP> d-------- C:\Users\PiWhy\AppData\Roaming\Mes fichiers de LSDA, L'Avènement du Roi-sorcier™
    2008-06-19 17:53 . 2008-06-22 19:32 43,520 --a------ C:\Windows\System32\CmdLineExt03.dll
    2008-06-18 21:57 . 2008-06-18 23:25 <REP> d-------- C:\Users\PiWhy\AppData\Roaming\La Bataille pour la Terre du Milieu ™ II
    2008-06-18 02:14 . 2008-06-18 02:14 <REP> d-------- C:\Program Files\Common Files\BioWare
    2008-06-15 00:45 . 2008-04-23 06:42 428,544 --a------ C:\Windows\System32\EncDec.dll
    2008-06-15 00:45 . 2008-04-23 06:42 293,376 --a------ C:\Windows\System32\psisdecd.dll
    2008-06-15 00:45 . 2008-04-23 06:41 218,624 --a------ C:\Windows\System32\psisrndr.ax
    2008-06-15 00:45 . 2008-01-19 09:33 80,896 --a------ C:\Windows\System32\MSNP.ax
    2008-06-15 00:45 . 2008-01-19 09:33 69,632 --a------ C:\Windows\System32\Mpeg2Data.ax
    2008-06-15 00:45 . 2008-04-23 06:41 57,856 --a------ C:\Windows\System32\MSDvbNP.ax
    2008-06-11 02:17 . 2008-04-25 04:12 1,383,424 --a------ C:\Windows\System32\mshtml.tlb
    2008-06-11 02:17 . 2008-04-26 10:08 1,314,816 --a------ C:\Windows\System32\quartz.dll
    2008-06-11 02:17 . 2008-04-25 06:35 826,880 --a------ C:\Windows\System32\wininet.dll
    2008-06-11 02:17 . 2008-05-10 03:33 113,664 --a------ C:\Windows\System32\drivers\rmcast.sys
    2008-05-31 13:31 . 2008-05-31 15:39 <REP> d-------- C:\Users\PiWhy\Part
    2008-05-28 15:19 . 2008-03-08 04:08 4,240,384 --a------ C:\Windows\System32\GameUXLegacyGDFs.dll
    2008-05-28 15:19 . 2008-03-08 06:21 1,695,744 --a------ C:\Windows\System32\gameux.dll
    2008-05-28 12:33 . 2008-06-17 14:26 <REP> d-------- C:\Users\PiWhy\Stage
    2008-05-26 13:43 . 2008-05-26 13:43 <REP> d-------- C:\Windows\System32\AGEIA
    2008-05-26 13:43 . 2008-05-26 13:43 <REP> d-------- C:\Program Files\AGEIA Technologies
    2008-05-26 13:42 . 2008-05-26 13:42 <REP> d-------- C:\Program Files\Common Files\Wise Installation Wizard
    2008-05-26 01:53 . 2003-03-18 23:14 499,712 --a------ C:\Windows\System32\MSVCP71.DLL

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-06-22 13:47 174 --sha-w C:\Program Files\desktop.ini
    2008-06-22 13:36 --------- d-----w C:\Program Files\Windows Sidebar
    2008-06-22 13:36 --------- d-----w C:\Program Files\Windows Photo Gallery
    2008-06-22 13:36 --------- d-----w C:\Program Files\Windows Mail
    2008-06-22 13:36 --------- d-----w C:\Program Files\Windows Journal
    2008-06-22 13:36 --------- d-----w C:\Program Files\Windows Defender
    2008-06-22 13:36 --------- d-----w C:\Program Files\Windows Collaboration
    2008-06-22 13:36 --------- d-----w C:\Program Files\Windows Calendar
    2008-06-22 13:16 82,432 ----a-w C:\Windows\System32\axaltocm.dll
    2008-06-22 13:16 101,888 ----a-w C:\Windows\System32\ifxcardm.dll
    2008-06-21 14:49 --------- d-----w C:\Users\PiWhy\AppData\Roaming\Mes fichiers de LSDA, L'Avènement du Roi-sorcier™
    2008-06-21 13:38 717,296 ----a-w C:\Windows\system32\drivers\sptd.sys
    2008-06-21 13:25 --------- d-----w C:\Users\PiWhy\AppData\Roaming\Azureus
    2008-06-19 11:01 --------- d-----w C:\Program Files\Azureus
    2008-06-18 00:14 --------- d-----w C:\ProgramData\Media Center Programs
    2008-06-04 08:59 --------- d-----w C:\Program Files\Player Metaboli
    2008-06-02 21:31 107,888 ----a-w C:\Windows\System32\CmdLineExt.dll
    2008-05-28 23:05 --------- d-----w C:\ProgramData\Microsoft Help
    2008-05-21 19:49 472,576 ----a-w C:\Windows\Nvidia Omega Drivers v1.169.25 Uninstall.exe
    2008-05-21 19:49 --------- d-----w C:\Program Files\Nvidia Omega Drivers
    2008-05-21 16:48 --------- d-----w C:\Users\PiWhy\AppData\Roaming\Samsung
    2008-05-21 16:33 5,632 ----a-w C:\Windows\system32\drivers\StarOpen.sys
    2008-05-19 19:02 --------- d-----w C:\Users\PiWhy\AppData\Roaming\Sierra
    2008-05-18 16:37 --------- d-----w C:\ProgramData\NVIDIA
    2008-05-18 14:46 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-05-16 20:34 --------- d-----w C:\ProgramData\Test Drive Unlimited
    2008-05-04 17:06 --------- d-----w C:\ProgramData\Player Metaboli
    2008-05-02 13:52 3,584 ----a-w C:\Windows\shotput.bin
    2008-04-30 15:27 442,368 ----a-w C:\Windows\System32\nvuninst.exe
    2008-04-30 11:55 70,944 ----a-w C:\Windows\System32\PhysXLoader.dll
    2008-04-28 11:54 --------- d-----w C:\Program Files\Common Files\Steam
    2008-04-28 09:11 53,248 ----a-w C:\Windows\System32\AgCPanelTraditionalChinese.dll
    2008-04-28 09:11 53,248 ----a-w C:\Windows\System32\AgCPanelSwedish.dll
    2008-04-28 09:11 53,248 ----a-w C:\Windows\System32\AgCPanelSpanish.dll
    2008-04-28 09:11 53,248 ----a-w C:\Windows\System32\AgCPanelSimplifiedChinese.dll
    2008-04-28 09:11 53,248 ----a-w C:\Windows\System32\AgCPanelPortugese.dll
    2008-04-28 09:11 53,248 ----a-w C:\Windows\System32\AgCPanelKorean.dll
    2008-04-28 09:11 53,248 ----a-w C:\Windows\System32\AgCPanelJapanese.dll
    2008-04-28 09:11 53,248 ----a-w C:\Windows\System32\AgCPanelGerman.dll
    2008-04-28 09:11 53,248 ----a-w C:\Windows\System32\AgCPanelFrench.dll
    2008-03-27 09:15 14,848 ----a-w C:\Windows\System32\TapiMjgPlugin.dll
    2007-11-22 15:04 22,328 ----a-w C:\Users\PiWhy\AppData\Roaming\PnkBstrK.sys
    2006-01-25 09:30 456,768 ----a-w C:\Windows\inf\WPN311\WPN311.sys
    2005-01-27 08:59 35,232 ----a-w C:\Windows\inf\WPN311\ME_INST.EXE
    2005-01-27 08:59 26,112 ----a-w C:\Windows\inf\WPN311\install.exe
    .

    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6005A2C4-19B8-4002-9A68-64A1CE169E14}]
    2008-03-27 11:15 14848 --a------ C:\Windows\system32\TapiMjgPlugin.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F86B11F3-0CE1-475F-9541-5329BF7B3597}]
    C:\Windows\system32\urqRJDsr.dll

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "BullGuard"="C:\Program Files\BullGuard Software\BullGuard\BullGuard.exe" [2007-08-09 08:24 308552]
    "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 19:03 152872]
    "DAEMON Tools Pro Agent"="C:\Program Files\DAEMON Tools Pro\DTProAgent.exe" [ ]
    "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 09:33 202240]
    "swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2008-03-08 17:47 171448]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "BullGuard"="C:\Program Files\BullGuard Software\BullGuard\bullguard.exe" [2007-08-09 08:24 308552]
    "Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-04-04 18:33 220160]
    "toolbar_eula_launcher"="C:\Program Files\GoogleEULA\EULALauncher.exe" [ ]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 05:25 144784]
    "NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 15:57 153136]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
    "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-02-01 00:13 385024]
    "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-02-04 15:18 267048]
    "NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2008-05-03 05:46 13535776]
    "NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2008-05-03 05:46 92704]
    "MSN Booter"="msnbootcf.exe" [2008-06-16 15:19 41984 C:\Windows\System32\msnbootcf.exe]
    "!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 11:25 6731312]

    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
    NETGEAR WPN311 Smart Wizard.lnk - C:\Program Files\NETGEAR\WPN311\wlancfg5.exe [2006-02-22 13:49:28 1486848]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "EnableLUA"= 0 (0x0)
    "EnableUIADesktopToggle"= 0 (0x0)

    [hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
    "{F86B11F3-0CE1-475F-9541-5329BF7B3597}"= C:\Windows\system32\urqRJDsr.dll [ ]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
    "AppInit_DLLs"=C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
    "TCP Query User{E4DADA37-7D29-41F6-B523-D4102B5978CE}C:\\jeux\\w40k dawn of war\\w40k.exe"= UDP:C:\jeux\w40k dawn of war\w40k.exe:W40K
    "UDP Query User{C1CACFEF-5A87-4B51-989A-98729121EFF1}C:\\jeux\\w40k dawn of war\\w40k.exe"= TCP:C:\jeux\w40k dawn of war\w40k.exe:W40K
    "TCP Query User{F9E41F30-9C05-4F64-9BD6-8441F586D577}C:\\jeux\\w40k dark crusade\\dawn of war - dark crusade\\darkcrusade.exe"= UDP:C:\jeux\w40k dark crusade\dawn of war - dark crusade\darkcrusade.exe:D arkCrusade
    "UDP Query User{3AD06547-6BA7-4D07-90AC-35994BC00943}C:\\jeux\\w40k dark crusade\\dawn of war - dark crusade\\darkcrusade.exe"= TCP:C:\jeux\w40k dark crusade\dawn of war - dark crusade\darkcrusade.exe:D arkCrusade
    "TCP Query User{FBEDEA14-D51B-45E8-A475-DFB9694E52E9}C:\\jeux\\w40k dawn of war\\w40kwa.exe"= UDP:C:\jeux\w40k dawn of war\w40kwa.exe:W40kWA
    "UDP Query User{AFF8F51F-4C62-4BD0-B8CD-3F360ED70FE6}C:\\jeux\\w40k dawn of war\\w40kwa.exe"= TCP:C:\jeux\w40k dawn of war\w40kwa.exe:W40kWA
    "TCP Query User{5F2E7246-3AF7-4D4A-AFFF-0D63BF464D1B}C:\\program files\\azureus\\azureus.exe"= UDP:C:\program files\azureus\azureus.exe:Azureus
    "UDP Query User{D7E41873-A6E7-4025-9AF1-D4A23BFEC6F5}C:\\program files\\azureus\\azureus.exe"= TCP:C:\program files\azureus\azureus.exe:Azureus
    "TCP Query User{57D3AE49-FCC9-48A8-923F-105BF7BB4983}C:\\program files\\dap\\dap.exe"= UDP:C:\program files\dap\dap.exe:D ownload Accelerator Plus (DAP)
    "UDP Query User{D5184EC0-52E6-4569-B5D4-7C5951189D18}C:\\program files\\dap\\dap.exe"= TCP:C:\program files\dap\dap.exe:D ownload Accelerator Plus (DAP)
    "TCP Query User{76ED4023-5442-4E6F-ABEB-1A34CABD054A}C:\\program files\\azureus\\azureus.exe"= UDP:C:\program files\azureus\azureus.exe:Azureus
    "UDP Query User{11D7A423-B250-41AC-A14F-E775B8F4AEBE}C:\\program files\\azureus\\azureus.exe"= TCP:C:\program files\azureus\azureus.exe:Azureus
    "{9949866F-8C41-44BC-9FCE-A68F45A61859}"= TCP:6004|C:\Program Files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
    "{7B0D9F3C-519B-4C75-A7DA-670285A3C3B4}"= C:\Jeux\C&C3\RetailExe\1.0\cnc3game.dat:Command & Conquer 3 Les guerres du Tiberium™
    "TCP Query User{83C0FF87-64A2-492D-8C56-CB1726241F0E}C:\\temp\\wow-burningcrusade-frfr-installer-downloader.exe"= UDP:C:\temp\wow-burningcrusade-frfr-installer-downloader.exe:Blizzard Downloader
    "UDP Query User{6EB332B3-2AE2-4CF9-AAB1-8BCEC2A9FC25}C:\\temp\\wow-burningcrusade-frfr-installer-downloader.exe"= TCP:C:\temp\wow-burningcrusade-frfr-installer-downloader.exe:Blizzard Downloader
    "{D8E29B49-169C-4CDE-B4D6-D7F25CDBCAF3}"= UDP:3724:Blizzard downloader
    "{55CD470C-193D-4502-8B04-DF3B05A13130}"= UDP:6112:Blizzard Downloader
    "TCP Query User{0AFBCC03-614E-4B7C-8355-FF953F734846}C:\\jeux\\world of warcraft\\wow-2.0.3-frfr-downloader.exe"= UDP:C:\jeux\world of warcraft\wow-2.0.3-frfr-downloader.exe:Blizzard Downloader
    "UDP Query User{5DF81D4B-0C40-47C0-A450-BD6F0E2A32A5}C:\\jeux\\world of warcraft\\wow-2.0.3-frfr-downloader.exe"= TCP:C:\jeux\world of warcraft\wow-2.0.3-frfr-downloader.exe:Blizzard Downloader
    "TCP Query User{A8D91EDC-EA04-4FCA-B1C5-CD39A176EC3F}C:\\jeux\\genesis rising\\bin\\genesisrising.exe"= UDP:C:\jeux\genesis rising\bin\genesisrising.exe:GenesisRising
    "UDP Query User{00382831-7E0C-40CF-8FE3-06E109A52F2B}C:\\jeux\\genesis rising\\bin\\genesisrising.exe"= TCP:C:\jeux\genesis rising\bin\genesisrising.exe:GenesisRising
    "TCP Query User{63D4CFF0-56E3-4FBA-93FC-196C810964E2}C:\\jeux\\pacific storm\\bin\\allies.exe"= UDP:C:\jeux\pacific storm\bin\allies.exe:allies
    "UDP Query User{71DAD618-29D1-4D7A-84D2-C31D255C77BC}C:\\jeux\\pacific storm\\bin\\allies.exe"= TCP:C:\jeux\pacific storm\bin\allies.exe:allies
    "TCP Query User{B75CAF9B-BD18-4795-B1AE-1AABFABEEC80}C:\\jeux\\steam\\steamapps\\za-ha-dum\\counter-strike source\\hl2.exe"= UDP:C:\jeux\steam\steamapps\za-ha-dum\counter-strike source\hl2.exe:hl2
    "UDP Query User{EA22CF5C-9A36-496D-999D-AC568C6D8427}C:\\jeux\\steam\\steamapps\\za-ha-dum\\counter-strike source\\hl2.exe"= TCP:C:\jeux\steam\steamapps\za-ha-dum\counter-strike source\hl2.exe:hl2
    "TCP Query User{617CB08D-ECE2-4C29-AE0D-442B43069016}C:\\jeux\\steam\\steamapps\\za-ha-dum\\half-life 2 deathmatch\\hl2.exe"= UDP:C:\jeux\steam\steamapps\za-ha-dum\half-life 2 deathmatch\hl2.exe:hl2
    "UDP Query User{15924B34-BD3F-4643-9135-C380A2A370B8}C:\\jeux\\steam\\steamapps\\za-ha-dum\\half-life 2 deathmatch\\hl2.exe"= TCP:C:\jeux\steam\steamapps\za-ha-dum\half-life 2 deathmatch\hl2.exe:hl2
    "TCP Query User{1EB45B87-5DCF-4B0E-8E95-34020EB384CF}C:\\jeux\\starcraft\\starcraft.exe"= UDP:C:\jeux\starcraft\starcraft.exe:StarCraft
    "UDP Query User{C6161834-4FCD-47E7-A333-A2084DC41077}C:\\jeux\\starcraft\\starcraft.exe"= TCP:C:\jeux\starcraft\starcraft.exe:StarCraft
    "TCP Query User{0FC6254D-C3E8-4C6C-81C4-C9C9EA4947F1}C:\\jeux\\steam\\steamapps\\za-ha-dum\\source sdk base\\hl2.exe"= UDP:C:\jeux\steam\steamapps\za-ha-dum\source sdk base\hl2.exe:hl2
    "UDP Query User{4EB42EE8-EB34-4773-80C9-E91583391BBE}C:\\jeux\\steam\\steamapps\\za-ha-dum\\source sdk base\\hl2.exe"= TCP:C:\jeux\steam\steamapps\za-ha-dum\source sdk base\hl2.exe:hl2
    "TCP Query User{14FD02DA-9EDF-402C-AAC2-9038C29AD082}C:\\jeux\\cod2\\cod2mp_s.exe"= UDP:C:\jeux\cod2\cod2mp_s.exe:CoD2MP_s
    "UDP Query User{C74D7375-CBE5-42C6-A17E-D5A293BD9B80}C:\\jeux\\cod2\\cod2mp_s.exe"= TCP:C:\jeux\cod2\cod2mp_s.exe:CoD2MP_s
    "TCP Query User{F8713691-F173-4CC4-B6E9-4696E044DE71}C:\\jeux\\lost planet\\lostplanetdx10.exe"= UDP:C:\jeux\lost planet\lostplanetdx10.exe:LostPlanetDx10
    "UDP Query User{3F1873A1-F2F4-47AF-BBC8-D8739C8C49E8}C:\\jeux\\lost planet\\lostplanetdx10.exe"= TCP:C:\jeux\lost planet\lostplanetdx10.exe:LostPlanetDx10
    "TCP Query User{B166C7C1-13AF-48FF-8825-3989742D440D}C:\\jeux\\titan quest immortal throne\\tqit.exe"= UDP:C:\jeux\titan quest immortal throne\tqit.exe:Tqit
    "UDP Query User{F2EBA835-2B60-46E1-A7EC-A0BB8C6610A4}C:\\jeux\\titan quest immortal throne\\tqit.exe"= TCP:C:\jeux\titan quest immortal throne\tqit.exe:Tqit
    "TCP Query User{ABC34F29-8C63-4789-8B79-16C07F27E719}C:\\program files\\itunes\\itunes.exe"= UDP:C:\program files\itunes\itunes.exe:iTunes
    "UDP Query User{21EDF6A0-0403-4032-8206-6822301EA0EB}C:\\program files\\itunes\\itunes.exe"= TCP:C:\program files\itunes\itunes.exe:iTunes
    "TCP Query User{ED104CF3-FA05-4B79-B3A5-76ECA71052D8}C:\\jeux\\bid for power\\quake3.exe"= UDP:C:\jeux\bid for power\quake3.exe:quake3
    "UDP Query User{74EFF036-15D8-4075-85D6-E02F6ECFD7A0}C:\\jeux\\bid for power\\quake3.exe"= TCP:C:\jeux\bid for power\quake3.exe:quake3
    "TCP Query User{D8262979-8A2D-4105-AF65-CBFA5BC0CD20}C:\\ebfp\\quake3.exe"= UDP:C:\ebfp\quake3.exe:quake3
    "UDP Query User{5E6547A8-B121-4DD4-8910-72332ECE761D}C:\\ebfp\\quake3.exe"= TCP:C:\ebfp\quake3.exe:quake3
    "TCP Query User{53161A64-B9AA-4D75-B947-C6712C0FA0DD}C:\\jeux\\warcraft iii\\war3.exe"= UDP:C:\jeux\warcraft iii\war3.exe:Warcraft III
    "UDP Query User{1A61DE52-54CF-428A-B39B-4C14A71F890B}C:\\jeux\\warcraft iii\\war3.exe"= TCP:C:\jeux\warcraft iii\war3.exe:Warcraft III
    "{58CABCDE-3391-4441-930A-A64500A4BFE6}"= UDP:C:\Program Files\LucasArts\Star Wars Empire at War\GameData\sweaw.exe:Star Wars: Empire at War
    "{34FBB203-CA19-42B2-B8EE-F2F440418E80}"= TCP:C:\Program Files\LucasArts\Star Wars Empire at War\GameData\sweaw.exe:Star Wars: Empire at War
    "TCP Query User{C5A87D24-AAFB-4F01-B01F-E72CD7807D2E}C:\\program files\\ebfp2\\quake3.exe"= UDP:C:\program files\ebfp2\quake3.exe:quake3
    "UDP Query User{BD5125C1-AC2A-4F70-B8FE-791D430C2BA2}C:\\program files\\ebfp2\\quake3.exe"= TCP:C:\program files\ebfp2\quake3.exe:quake3
    "TCP Query User{071D8468-8A32-4AB4-8A93-C814D715D6CB}C:\\jeux\\ebfp2\\quake3.exe"= UDP:C:\jeux\ebfp2\quake3.exe:quake3
    "UDP Query User{73A2FDC5-9FCD-4667-BC93-02ECB26C58D8}C:\\jeux\\ebfp2\\quake3.exe"= TCP:C:\jeux\ebfp2\quake3.exe:quake3
    "TCP Query User{44A166B4-174D-41D4-B7B3-8F16DBCCAA93}D:\\ebfp2\\quake3.exe"= UDP:D :\ebfp2\quake3.exe:quake3
    "UDP Query User{34739EC2-1946-44E5-AEFE-6066EB9CD926}D:\\ebfp2\\quake3.exe"= TCP:D :\ebfp2\quake3.exe:quake3
    "{EA62577E-62EF-49CE-9B0C-52889107EA01}"= UDP:C:\Program Files\LucasArts\Star Wars Empire at War Forces of Corruption\swfoc.exe:Star Wars(R): Empire at War(TM): Forces of Corruption(TM)
    "{2ADDEDE2-918E-4D36-A06C-250EEE17A549}"= TCP:C:\Program Files\LucasArts\Star Wars Empire at War Forces of Corruption\swfoc.exe:Star Wars(R): Empire at War(TM): Forces of Corruption(TM)
    "TCP Query User{349660D4-A7C4-4D15-A032-7C2E5C8C4676}C:\\jeux\\steam\\steam.exe"= UDP:C:\jeux\steam\steam.exe:Steam
    "UDP Query User{8A33A21E-C32B-4459-A7FC-64A6397EF873}C:\\jeux\\steam\\steam.exe"= TCP:C:\jeux\steam\steam.exe:Steam
    "TCP Query User{A2FD0000-7AC1-4743-8D6B-35FC73C1D382}C:\\jeux\\steam\\steamapps\\za-ha-dum\\half-life\\hl.exe"= UDP:C:\jeux\steam\steamapps\za-ha-dum\half-life\hl.exe:Half-Life Launcher
    "UDP Query User{494B8FF3-B1CF-42CE-87DC-0D0AAE8D2BB9}C:\\jeux\\steam\\steamapps\\za-ha-dum\\half-life\\hl.exe"= TCP:C:\jeux\steam\steamapps\za-ha-dum\half-life\hl.exe:Half-Life Launcher
    "TCP Query User{603E8F5A-D281-4CDD-A7BF-63A4255BD20B}C:\\jeux\\alerte\\red alert - a path beyond\\renalert.exe"= UDP:C:\jeux\alerte\red alert - a path beyond\renalert.exe:Renegade
    "UDP Query User{ACA25B3E-428B-451B-B63F-B0B484520356}C:\\jeux\\alerte\\red alert - a path beyond\\renalert.exe"= TCP:C:\jeux\alerte\red alert - a path beyond\renalert.exe:Renegade
    "{63E0CECF-6602-478A-A71C-BBBD0660D93D}"= UDP:C:\Jeux\Hellgate\Launcher.exe:Hellgate : London
    "{DD3FD0ED-DA6A-4303-B64F-B77A75098147}"= TCP:C:\Jeux\Hellgate\Launcher.exe:Hellgate : London
    "{9C5DD5A4-DB9C-4E75-AD6D-06CD6C857C49}"= UDP:C:\Jeux\Cod4\iw3mp.exe:Call of Duty(R) 4 - Modern Warfare(TM)
    "{2B2F93BB-8016-44FB-BE50-91B1950B56D5}"= TCP:C:\Jeux\Cod4\iw3mp.exe:Call of Duty(R) 4 - Modern Warfare(TM)
    "TCP Query User{9F725AEC-F45A-492B-AB14-CEC4AF72E643}C:\\jeux\\freelancer\\exe\\flserver.exe"= UDP:C:\jeux\freelancer\exe\flserver.exe:Freelancer
    "UDP Query User{8624F9AD-D8C2-4147-8A4D-A1E825FCDC5C}C:\\jeux\\freelancer\\exe\\flserver.exe"= TCP:C:\jeux\freelancer\exe\flserver.exe:Freelancer
    "TCP Query User{0C776082-6228-4E6F-8C1E-3C255BA8EA0C}C:\\windows\\system32\\dpnsvr.exe"= UDP:C:\windows\system32\dpnsvr.exe:Serveur Microsoft DirectPlay 8
    "UDP Query User{AE0FCA48-118C-4225-90DD-C1B1FFFBD29E}C:\\windows\\system32\\dpnsvr.exe"= TCP:C:\windows\system32\dpnsvr.exe:Serveur Microsoft DirectPlay 8
    "{64A37A2F-60D3-4735-852E-79F2ACE79A91}"= UDP:C:\Jeux\Supreme Commander\GPGNet\GPG.Multiplayer.Client.exe:GPGNet - Supreme Commander
    "{76672A7F-692D-4E6A-B4DA-1A2AEC655EB2}"= TCP:C:\Jeux\Supreme Commander\GPGNet\GPG.Multiplayer.Client.exe:GPGNet - Supreme Commander
    "{9F6855D0-B108-4D9F-84FA-44BCD51D10B5}"= UDP:C:\Jeux\Supreme Commander Forced Alliance\Supreme Commander - Forged Alliance\bin\ForgedAlliance.exe:Supreme Commander - Forged Alliance
    "{EF474F7A-8FA7-43F5-B4DA-5ECB9B77E901}"= TCP:C:\Jeux\Supreme Commander Forced Alliance\Supreme Commander - Forged Alliance\bin\ForgedAlliance.exe:Supreme Commander - Forged Alliance
    "{A5080C67-96A1-457B-90A8-FADE9562B813}"= UDP:C:\Jeux\Crysis\Bin32\Crysis.exe:Crysis_32
    "{5BCFA230-878C-4DCA-9563-B315369B6219}"= TCP:C:\Jeux\Crysis\Bin32\Crysis.exe:Crysis_32
    "{C1466C68-A144-4172-AF4E-842A5E975E5A}"= UDP:C:\Jeux\Crysis\Bin32\CrysisDedicatedServer.exe:CrysisDedicatedServer_32
    "{B21FD72B-E492-493A-A610-7E73EECA98FF}"= TCP:C:\Jeux\Crysis\Bin32\CrysisDedicatedServer.exe:CrysisDedicatedServer_32
    "{C398B6AA-1D27-4793-8B47-B57C701EB3BB}"= UDP:C:\Windows\System32\PnkBstrA.exe:p nkBstrA
    "{55F870AE-23E4-4BBE-98AC-AA7B97B2B854}"= TCP:C:\Windows\System32\PnkBstrA.exe:p nkBstrA
    "{F779B62A-C37B-4006-B30C-8BFF1A9BD6F1}"= UDP:C:\Windows\System32\PnkBstrB.exe:p nkBstrB
    "{DCC134ED-18C4-47D3-AA18-E78A66920DFE}"= TCP:C:\Windows\System32\PnkBstrB.exe:p nkBstrB
    "TCP Query User{943D7364-91AA-4F93-9BDB-97214B9BB9E6}C:\\jeux\\homeworld2\\bin\\release\\homeworld2.exe"= UDP:C:\jeux\homeworld2\bin\release\homeworld2.exe:Homeworld2
    "UDP Query User{C5AC1853-DA2A-4720-9298-610D4A0D8F53}C:\\jeux\\homeworld2\\bin\\release\\homeworld2.exe"= TCP:C:\jeux\homeworld2\bin\release\homeworld2.exe:Homeworld2
    "TCP Query User{4DF7BB75-0570-42AF-8361-0BD89C3DD54B}C:\\jeux\\freelancer\\exe\\freelancer.exe"= UDP:C:\jeux\freelancer\exe\freelancer.exe:Freelancer
    "UDP Query User{A7C7A394-3203-4796-9060-3A48B7BA2630}C:\\jeux\\freelancer\\exe\\freelancer.exe"= TCP:C:\jeux\freelancer\exe\freelancer.exe:Freelancer
    "TCP Query User{8FA83A68-0100-48C5-82CF-EA7F72F06075}C:\\program files\\lucasarts\\star wars jedi knight jedi academy\\gamedata\\jamp.exe"= UDP:C:\program files\lucasarts\star wars jedi knight jedi academy\gamedata\jamp.exe:Jedi Academy MultiPlayer
    "UDP Query User{4252407A-4AEB-4BA0-9725-39D76C4B680C}C:\\program files\\lucasarts\\star wars jedi knight jedi academy\\gamedata\\jamp.exe"= TCP:C:\program files\lucasarts\star wars jedi knight jedi academy\gamedata\jamp.exe:Jedi Academy MultiPlayer
    "TCP Query User{E444222C-CE43-41FA-9FFA-DCB5126FE0F5}C:\\jeux\\nexus\\nexus_dx9.exe"= UDP:C:\jeux\nexus\nexus_dx9.exe:Nexus
    "UDP Query User{1844C3D9-313F-40B8-95CB-97175CEB7E17}C:\\jeux\\nexus\\nexus_dx9.exe"= TCP:C:\jeux\nexus\nexus_dx9.exe:Nexus
    "{CE745B9D-F132-424F-893B-975458A1C458}"= UDP:C:\Program Files\iTunes\iTunes.exe:iTunes
    "{F3C845E8-3D61-4962-ADD8-78580F621A68}"= TCP:C:\Program Files\iTunes\iTunes.exe:iTunes
    "{AB5F1450-E85C-4FC2-A7BC-0248149F841E}"= UDP:C:\Jeux\Juiced2\Juiced2_HIN.exe:Juiced2_HIN
    "{75C5F911-9426-4769-B516-39E554055718}"= TCP:C:\Jeux\Juiced2\Juiced2_HIN.exe:Juiced2_HIN
    "{D53ACAEE-7799-4B1D-B96C-33818DB6787C}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
    "TCP Query User{8BD1E859-BE9C-414C-9231-F1EE83C1115A}C:\\jeux\\w40k soulstorm\\soulstorm.exe"= UDP:C:\jeux\w40k soulstorm\soulstorm.exe:Soulstorm
    "UDP Query User{97286C58-E55F-4F13-87ED-D1295DDBC03D}C:\\jeux\\w40k soulstorm\\soulstorm.exe"= TCP:C:\jeux\w40k soulstorm\soulstorm.exe:Soulstorm
    "{B7E69A0B-EC12-4E60-ABBB-CF8171AF3714}"= UDP:C:\Jeux\Neverwinter Nights 2\nwn2main.exe:Neverwinter Nights 2 Main
    "{49946CAE-4A1B-454D-A8E9-CF21FA387738}"= TCP:C:\Jeux\Neverwinter Nights 2\nwn2main.exe:Neverwinter Nights 2 Main
    "{674C4927-29AB-4BEB-8F08-619B178B34EF}"= UDP:C:\Jeux\Neverwinter Nights 2\nwn2main_amdxp.exe:Neverwinter Nights 2 AMD
    "{C5433F34-FE12-490B-A040-74364840DC16}"= TCP:C:\Jeux\Neverwinter Nights 2\nwn2main_amdxp.exe:Neverwinter Nights 2 AMD
    "{FD722530-9A0F-43A5-9C4B-F2CC7492FFB2}"= UDP:C:\Jeux\Neverwinter Nights 2\nwupdate.exe:Neverwinter Nights 2 Updater
    "{1995BE07-BCA9-4C66-8323-97F8FF8E9BFE}"= TCP:C:\Jeux\Neverwinter Nights 2\nwupdate.exe:Neverwinter Nights 2 Updater
    "{FE9038D7-C9C2-49A5-9176-10E8C09B792B}"= UDP:C:\Jeux\Neverwinter Nights 2\nwn2server.exe:Neverwinter Nights 2 Server
    "{1F84D1ED-794C-4B66-B804-8CE38296B471}"= TCP:C:\Jeux\Neverwinter Nights 2\nwn2server.exe:Neverwinter Nights 2 Server
    "{D143C600-A35D-445C-945C-DB50EEB06468}"= UDP:C:\Jeux\Assassin's Creed\AssassinsCreed_Dx9.exe:Assassin's Creed Dx9
    "{C354078B-0BEA-4570-B7FA-A29ECD325901}"= TCP:C:\Jeux\Assassin's Creed\AssassinsCreed_Dx9.exe:Assassin's Creed Dx9
    "{2B0581C5-87AF-42F7-8AB9-A2206C5F30EC}"= UDP:C:\Jeux\Assassin's Creed\AssassinsCreed_Dx10.exe:Assassin's Creed Dx10
    "{79DE251B-21AC-4E0B-B240-6E0465753D54}"= TCP:C:\Jeux\Assassin's Creed\AssassinsCreed_Dx10.exe:Assassin's Creed Dx10
    "{E66ACEAA-91FE-4294-86F4-2C4BD78E9ACB}"= UDP:C:\Jeux\Assassin's Creed\AssassinsCreed_Launcher.exe:Assassin's Creed Update
    "{1AFDD4D3-7D93-466A-BB31-366E87D2084E}"= TCP:C:\Jeux\Assassin's Creed\AssassinsCreed_Launcher.exe:Assassin's Creed Update
    "TCP Query User{E6F520EE-F5CA-45EB-93A5-A09466F010D9}X:\\program files\\test drive unlimited\\testdriveunlimited.exe"= UDP:X:\program files\test drive unlimited\testdriveunlimited.exe:testdriveunlimited.exe
    "UDP Query User{7C39A666-7532-42B8-8FEC-704AE9BAB815}X:\\program files\\test drive unlimited\\testdriveunlimited.exe"= TCP:X:\program files\test drive unlimited\testdriveunlimited.exe:testdriveunlimited.exe
    "TCP Query User{ED5ABC60-EA24-4E70-AB82-B523D7CA7D6B}X:\\program files\\battlestations midway\\battlestationsmidway.exe"= UDP:X:\program files\battlestations midway\battlestationsmidway.exe:battlestationsmidway.exe
    "UDP Query User{5247B826-FAE5-4246-83C5-61A8461FCE29}X:\\program files\\battlestations midway\\battlestationsmidway.exe"= TCP:X:\program files\battlestations midway\battlestationsmidway.exe:battlestationsmidway.exe
    "TCP Query User{9684420A-7200-4706-839C-A429C2D538FD}X:\\program files\\act of war - direct action\\actofwar.exe"= UDP:X:\program files\act of war - direct action\actofwar.exe:actofwar.exe
    "UDP Query User{552A9601-9557-426C-A700-3D37C9583C47}X:\\program files\\act of war - direct action\\actofwar.exe"= TCP:X:\program files\act of war - direct action\actofwar.exe:actofwar.exe
    "TCP Query User{E2E4AC88-CF61-4375-8727-9F6097E1B602}X:\\program files\\act of war - direct action\\actofwar.exe"= UDP:X:\program files\act of war - direct action\actofwar.exe:actofwar.exe
    "UDP Query User{E91D84DD-84F8-4D31-8B6F-6357B2111DDF}X:\\program files\\act of war - direct action\\actofwar.exe"= TCP:X:\program files\act of war - direct action\actofwar.exe:actofwar.exe
    "TCP Query User{F8F64DB3-8BEE-49C8-A9CD-2B8041EC96B3}C:\\jeux\\iron man\\ironman.exe"= UDP:C:\jeux\iron man\ironman.exe:A2M Game Engine
    "UDP Query User{B02D576E-8B23-487D-976B-EDC595B6EC60}C:\\jeux\\iron man\\ironman.exe"= TCP:C:\jeux\iron man\ironman.exe:A2M Game Engine
    "TCP Query User{1A0C7B8A-40FA-4C4A-8606-BB6A5AF6CC5B}X:\\program files\\thq\\company of heroes\\reliccoh.exe"= UDP:X:\program files\thq\company of heroes\reliccoh.exe:reliccoh.exe
    "UDP Query User{0E3CC56E-1D44-43A8-81B4-CA1501AC7EFC}X:\\program files\\thq\\company of heroes\\reliccoh.exe"= TCP:X:\program files\thq\company of heroes\reliccoh.exe:reliccoh.exe
    "TCP Query User{B70E1F80-4B99-4590-A453-16C11D721AEE}X:\\program files\\thq\\company of heroes\\reliccoh.exe"= UDP:X:\program files\thq\company of heroes\reliccoh.exe:RelicCOH
    "UDP Query User{4F02E94E-2DBF-4E07-A004-E99E411C1E08}X:\\program files\\thq\\company of heroes\\reliccoh.exe"= TCP:X:\program files\thq\company of heroes\reliccoh.exe:RelicCOH
    "{4090EF21-7D30-4473-82D7-D1CA271BC5C2}"= UDP:C:\Jeux\Loki\Loki.exe:Loki
    "{EEAF9DCB-B60E-4BE4-9953-28176347829B}"= TCP:C:\Jeux\Loki\Loki.exe:Loki
    "{EE45264A-32EB-45F8-9F32-A2B02FCCC8BB}"= UDP:C:\Jeux\Loki\Autorun\AutoRun.exe:Loki - AutoRun
    "{88F817AD-ED0A-4667-97F0-E4E791CA7208}"= TCP:C:\Jeux\Loki\Autorun\AutoRun.exe:Loki - AutoRun
    "TCP Query User{A82ABEAA-B88D-4F5A-9C30-FFC4FC9308D9}X:\\program files\\codemasters\\dirt\\dirt.exe"= UDP:X:\program files\codemasters\dirt\dirt.exe:D irt.exe
    "UDP Query User{F5771B84-8C5C-4DD8-A066-035BD87676AE}X:\\program files\\codemasters\\dirt\\dirt.exe"= TCP:X:\program files\codemasters\dirt\dirt.exe:D irt.exe
    "{5A7E82B2-4AB2-44FC-99D2-E26CE013BA38}"= UDP:C:\Program Files\Player Metaboli\GPlayer.exe:p layer Metaboli
    "{DD26051F-133E-4170-92D6-D7B89757EA48}"= TCP:C:\Program Files\Player Metaboli\GPlayer.exe:p layer Metaboli
    "{6B904E5D-A751-4371-B51D-23EF4C9B5BDF}"= UDP:C:\Program Files\Player Metaboli\Uninstall.exe:D ésinstaller le Player
    "{5447E65F-F706-4C57-913A-5B03964805AF}"= TCP:C:\Program Files\Player Metaboli\Uninstall.exe:D ésinstaller le Player
    "TCP Query User{39907C38-04FE-43F5-8C76-5EE95894D9B0}X:\\program files\\silverfall\\silverfall.exe"= UDP:X:\program files\silverfall\silverfall.exe:silverfall.exe
    "UDP Query User{0FA7B373-88B4-455D-9201-2322B9B1129D}X:\\program files\\silverfall\\silverfall.exe"= TCP:X:\program files\silverfall\silverfall.exe:silverfall.exe
    "TCP Query User{CCE3F684-DD14-414E-9472-6EB3E64991DB}X:\\program files\\codemasters\\turning point - fall of liberty\\binaries\\ltcg-tpgame.exe"= UDP:X:\program files\codemasters\turning point - fall of liberty\binaries\ltcg-tpgame.exe:ltcg-tpgame.exe
    "UDP Query User{2687CBEC-EBA8-4627-AD32-A9C5F28FE6AF}X:\\program files\\codemasters\\turning point - fall of liberty\\binaries\\ltcg-tpgame.exe"= TCP:X:\program files\codemasters\turning point - fall of liberty\binaries\ltcg-tpgame.exe:ltcg-tpgame.exe
    "{B7F5F6B9-F468-4D1E-8AD9-16E6A49AFCAE}"= UDP:C:\Jeux\Mass Effect\Binaries\MassEffect.exe:Mass Effect Game
    "{2FA9F2D2-6F20-4F23-A9C4-652D0DB9D190}"= TCP:C:\Jeux\Mass Effect\Binaries\MassEffect.exe:Mass Effect Game
    "{1FB4F222-8C19-4848-A88B-0BDB8BFC1273}"= UDP:C:\Jeux\Mass Effect\MassEffectLauncher.exe:Mass Effect Launcher
    "{14492692-37B4-44B8-B180-A1D5543DCCCD}"= TCP:C:\Jeux\Mass Effect\MassEffectLauncher.exe:Mass Effect Launcher
    "{C477F5A5-F570-4DEA-8838-B35C21AA5C07}"= UDP:C:\Jeux\BFME2\game.dat:La Bataille pour la Terre du Milieu ™ II
    "{C05F320D-04B8-4586-9BA4-328B94FCA6C1}"= TCP:C:\Jeux\BFME2\game.dat:La Bataille pour la Terre du Milieu ™ II
    "{1A3E3812-388A-47B9-952A-CC258677DF28}"= UDP:C:\Jeux\TWK\game.dat:LSDA, L'Avènement du Roi-sorcier™
    "{CAA6C3F7-AA59-4567-9F1B-C45CFD3E95F2}"= TCP:C:\Jeux\TWK\game.dat:LSDA, L'Avènement du Roi-sorcier™
    "{4A386DBD-1C4E-4A09-9701-E5ECC4B07FF4}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)

    R1 oreans32;oreans32;C:\Windows\system32\drivers\oreans32.sys [2007-05-10 18:33]
    R2 BdFileSpy;BullGuard File Monitor Driver;C:\Windows\system32\drivers\BdFileSpy.sys [2007-02-02 17:32]
    R2 BsFileScan;BullGuard File Scan Service;C:\Windows\System32\svchost.exe [2008-01-19 09:33]
    R2 X4HSX32Ex;X4HSX32Ex;C:\Program Files\Player Metaboli\X4HSX32Ex.Sys [2007-11-14 11:30]
    R3 Reconn;BullGuard Email Monitor;C:\Program Files\BullGuard Software\BullGuard\reconn.sys [2007-01-27 12:06]
    S3 R300;R300;C:\Windows\system32\DRIVERS\atikmdag.sys [2006-11-02 09:36]
    S3 Steam Client Service;Steam Client Service;C:\Program Files\Common Files\Steam\SteamService.exe [2008-03-31 17:16]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    BullGuard REG_MULTI_SZ BgMainSvc BsFileScan BsMailProxy

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\J]
    \shell\Auto\command - AdobeR.exe e
    \shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL J:\

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\K]
    \shell\AutoRun\command - K:\LaunchU3.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5d744c7b-f273-11db-83f1-806e6f6e6963}]
    \shell\AutoRun\command - I:\autoplay.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{db3f0e71-f336-11db-bb19-00146ccc53f5}]
    \shell\AutoRun\command - K:\LaunchU3.exe

    *Newly Created Service* - CATCHME
    .
    Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
    "2008-06-21 23:14:10 C:\Windows\Tasks\User_Feed_Synchronization-{42EE8150-6974-4E25-8FEC-2107DB197EDA}.job"
    - C:\Windows\system32\msfeedssync.exe
    .
    **************************************************************************

    catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-06-22 19:50:26
    Windows 6.0.6001 Service Pack 1 NTFS

    Balayage processus cachés ...

    Balayage caché autostart entries ...

    Balayage des fichiers cachés ...

    Scan terminé avec succès
    Les fichiers cachés: 0

    **************************************************************************
    .
    Temps d'accomplissement: 2008-06-22 19:51:30
    ComboFix-quarantined-files.txt 2008-06-22 17:51:28

    Pre-Run: 48,563,879,936 octets libres
    Post-Run: 48,551,886,848 octets libres

    332 --- E O F --- 2008-06-22 13:20:32


    Et celui de HijackThis :


    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 20:22:03, on 22/06/2008
    Platform: Windows Vista SP1 (WinNT 6.00.1905)
    MSIE: Internet Explorer v7.00 (7.00.6001.18000)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\BullGuard Software\BullGuard\BullGuard.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
    C:\Program Files\NETGEAR\WPN311\wlancfg5.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Windows\system32\msnbootcf.exe
    C:\Windows\system32\conime.exe
    C:\Windows\system32\notepad.exe
    C:\Windows\Explorer.exe
    C:\Windows\system32\NOTEPAD.EXE
    C:\Users\PiWhy\Desktop\Virus\HiJackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {6005A2C4-19B8-4002-9A68-64A1CE169E14} - C:\Windows\system32\TapiMjgPlugin.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
    O2 - BHO: (no name) - {F86B11F3-0CE1-475F-9541-5329BF7B3597} - C:\Windows\system32\urqRJDsr.dll (file missing)
    O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
    O4 - HKLM\..\Run: [BullGuard] "C:\Program Files\BullGuard Software\BullGuard\bullguard.exe" -boot
    O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
    O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\GoogleEULA\EULALauncher.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [MSN Booter] msnbootcf.exe
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKCU\..\Run: [BullGuard] "C:\Program Files\BullGuard Software\BullGuard\BullGuard.exe"
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe"
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O4 - Global Startup: NETGEAR WPN311 Smart Wizard.lnk = C:\Program Files\NETGEAR\WPN311\wlancfg5.exe
    O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
    O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
    O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O13 - Gopher Prefix:
    O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
    O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: BullGuard LiveUpdate (BGLiveSvc) - BullGuard Software - C:\Program Files\BullGuard Software\BullGuard\BullGuardUpdate.exe
    O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
    O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

    --
    End of file - 6999 bytes
    Contenus similaires
    22 Juin 2008 21:49:07

    Re,

    Télécharge MalwareByte's Anti-Malware sur ton Bureau.
    Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.

    Une fois l'installation et la mise à jour effectuées, redémarre en mode sans échec.
    AIDE : Redémarrer en mode sans échec

  • Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
  • Afin de lancer la recherche, clic sur"Rechercher".
  • Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
    -- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
    -- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
    [#ff0000]REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]

    AIDE : Tuto en images sur MBAM

    ;) 
    23 Juin 2008 00:50:20

    Re,

    merci encore de ton aide.

    J'ai suivis tes conseils, mais le virus est toujours là, voilà le rapport ;

    alwarebytes' Anti-Malware 1.18
    Version de la base de données: 880

    00:47:14 23/06/2008
    mbam-log-6-23-2008 (00-47-14).txt

    Type de recherche: Examen complet (C:\|D:\|)
    Eléments examinés: 261695
    Temps écoulé: 57 minute(s), 27 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 4
    Valeur(s) du Registre infectée(s): 1
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 1

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    HKEY_CLASSES_ROOT\CLSID\{f86b11f3-0ce1-475f-9541-5329bf7b3597} (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f86b11f3-0ce1-475f-9541-5329bf7b3597} (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{6005a2c4-19b8-4002-9a68-64a1ce169e14} (Trojan.BHO) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6005a2c4-19b8-4002-9a68-64a1ce169e14} (Trojan.BHO) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{f86b11f3-0ce1-475f-9541-5329bf7b3597} (Trojan.Vundo) -> Quarantined and deleted successfully.

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    C:\Windows\System32\TapiMjgPlugin.dll (Trojan.BHO) -> Quarantined and deleted successfully.
    23 Juin 2008 18:30:56

    Re,

    Tu es infecté(e) par "Vundo". Supprime tous les cracks de ton PC s'ils sont présents car sinon ils relanceront l'infection.

    De plus, je te conseille vivement d'arrêter le p2p et le crackage de logiciel. Désinstalle tes logiciels de p2p : 50% des programmes que tu télécharges ainsi sont piégés.

    ***

    Refais un scan avec combofix.

    ;) 
    23 Juin 2008 18:43:30

    re une nouvelle fois.

    J'ai changer d'antivirus (pris antivir), fait un petit nettoyage de tous mes cracks ,quelques scans, et tout à l'air d'aller mieux !

    Merci pour tout tes conseils et ton temps.
    23 Juin 2008 20:37:20

    Re,

    Peux-tu refaire un scan avec combofix comme demandé ?

    ;) 
    24 Juin 2008 02:54:46

    Il est vrai que je n'ai plus symptômes mais la maladie est peu-être toujours là...

    Voici le rapport de Combofix et celui de antivir en bonus :

    Antivir:

    Avira AntiVir Personal
    Report file date: mardi 24 juin 2008 01:32

    Scanning for 1353152 virus strains and unwanted programs.

    Licensed to: Avira AntiVir PersonalEdition Classic
    Serial number: 0000149996-ADJIE-0001
    Platform: Windows Vista
    Windows version: (Service Pack 1) [6.0.6001]
    Boot mode: Normally booted
    Username: SYSTEM
    Computer name: PIWI

    Version information:
    BUILD.DAT : 8.1.00.295 16479 Bytes 09/04/2008 16:24:00
    AVSCAN.EXE : 8.1.2.12 311553 Bytes 18/03/2008 09:02:56
    AVSCAN.DLL : 8.1.1.0 53505 Bytes 07/02/2008 08:43:37
    LUKE.DLL : 8.1.2.9 151809 Bytes 28/02/2008 08:41:23
    LUKERES.DLL : 8.1.2.1 12033 Bytes 21/02/2008 08:28:40
    ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34
    ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 13:08:58
    ANTIVIR2.VDF : 7.0.4.195 2546176 Bytes 14/06/2008 10:36:51
    ANTIVIR3.VDF : 7.0.4.239 292864 Bytes 23/06/2008 10:36:52
    Engineversion : 8.1.0.59
    AEVDF.DLL : 8.1.0.5 102772 Bytes 25/02/2008 09:58:21
    AESCRIPT.DLL : 8.1.0.44 278907 Bytes 23/06/2008 10:37:01
    AESCN.DLL : 8.1.0.22 119157 Bytes 23/06/2008 10:37:00
    AERDL.DLL : 8.1.0.20 418165 Bytes 23/06/2008 10:37:00
    AEPACK.DLL : 8.1.1.6 364918 Bytes 23/06/2008 10:36:59
    AEOFFICE.DLL : 8.1.0.20 192891 Bytes 23/06/2008 10:36:58
    AEHEUR.DLL : 8.1.0.32 1274231 Bytes 23/06/2008 10:36:57
    AEHELP.DLL : 8.1.0.15 115063 Bytes 23/06/2008 10:36:55
    AEGEN.DLL : 8.1.0.29 307573 Bytes 23/06/2008 10:36:54
    AEEMU.DLL : 8.1.0.6 430451 Bytes 23/06/2008 10:36:53
    AECORE.DLL : 8.1.0.31 168310 Bytes 23/06/2008 10:36:52
    AVWINLL.DLL : 1.0.0.7 14593 Bytes 23/01/2008 17:07:53
    AVPREF.DLL : 8.0.0.1 25857 Bytes 18/02/2008 10:37:50
    AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:26:47
    AVREG.DLL : 8.0.0.0 30977 Bytes 23/01/2008 17:07:49
    AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23
    AVEVTLOG.DLL : 8.0.0.11 114945 Bytes 28/02/2008 08:31:31
    SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
    SMTPLIB.DLL : 1.2.0.19 28929 Bytes 23/01/2008 17:08:39
    NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10
    RCIMAGE.DLL : 8.0.0.35 2371841 Bytes 10/03/2008 14:37:25
    RCTEXT.DLL : 8.0.32.0 86273 Bytes 06/03/2008 12:02:11

    Configuration settings for the scan:
    Jobname..........................: Complete system scan
    Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
    Logging..........................: low
    Primary action...................: interactive
    Secondary action.................: ignore
    Scan master boot sector..........: on
    Scan boot sector.................: on
    Boot sectors.....................: C:, D:,
    Scan memory......................: on
    Process scan.....................: on
    Scan registry....................: on
    Search for rootkits..............: off
    Scan all files...................: Intelligent file selection
    Scan archives....................: on
    Recursion depth..................: 20
    Smart extensions.................: on
    Macro heuristic..................: on
    File heuristic...................: medium

    Start of the scan: mardi 24 juin 2008 01:32

    The scan of running processes will be started
    Scan process 'avscan.exe' - '1' Module(s) have been scanned
    Scan process 'avcenter.exe' - '1' Module(s) have been scanned
    Scan process 'iPodService.exe' - '1' Module(s) have been scanned
    Scan process 'WmiPrvSE.exe' - '1' Module(s) have been scanned
    Scan process 'unsecapp.exe' - '1' Module(s) have been scanned
    Scan process 'wmpnetwk.exe' - '1' Module(s) have been scanned
    Scan process 'NMIndexingService.exe' - '1' Module(s) have been scanned
    Scan process 'wlancfg5.exe' - '1' Module(s) have been scanned
    Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned
    Scan process 'wmpnscfg.exe' - '1' Module(s) have been scanned
    Scan process 'avgas.exe' - '1' Module(s) have been scanned
    Scan process 'avgnt.exe' - '1' Module(s) have been scanned
    Scan process 'rundll32.exe' - '1' Module(s) have been scanned
    Scan process 'iTunesHelper.exe' - '1' Module(s) have been scanned
    Scan process 'jusched.exe' - '1' Module(s) have been scanned
    Scan process 'taskeng.exe' - '1' Module(s) have been scanned
    Scan process 'explorer.exe' - '1' Module(s) have been scanned
    Scan process 'dwm.exe' - '1' Module(s) have been scanned
    Scan process 'taskeng.exe' - '1' Module(s) have been scanned
    Scan process 'WUDFHost.exe' - '1' Module(s) have been scanned
    Scan process 'SearchIndexer.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'StarWindServiceAE.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'PnkBstrA.exe' - '1' Module(s) have been scanned
    Scan process 'mdm.exe' - '1' Module(s) have been scanned
    Scan process 'LSSrvc.exe' - '1' Module(s) have been scanned
    Scan process 'guard.exe' - '0' Module(s) have been scanned
    Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned
    Scan process 'avguard.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'sched.exe' - '1' Module(s) have been scanned
    Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'rundll32.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'SLsvc.exe' - '1' Module(s) have been scanned
    Scan process 'audiodg.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'nvvsvc.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'winlogon.exe' - '1' Module(s) have been scanned
    Scan process 'lsm.exe' - '1' Module(s) have been scanned
    Scan process 'lsass.exe' - '1' Module(s) have been scanned
    Scan process 'services.exe' - '1' Module(s) have been scanned
    Scan process 'csrss.exe' - '1' Module(s) have been scanned
    Scan process 'wininit.exe' - '1' Module(s) have been scanned
    Scan process 'csrss.exe' - '1' Module(s) have been scanned
    Scan process 'smss.exe' - '1' Module(s) have been scanned
    53 processes with 53 modules were scanned

    Starting master boot sector scan:
    Master boot sector HD0
    [INFO] No virus was found!
    Master boot sector HD1
    [INFO] No virus was found!
    [WARNING] Le périphérique n'est pas prêt.
    [INFO] Please restart the search with Administrator rights
    Master boot sector HD2
    [INFO] No virus was found!
    [WARNING] Le périphérique n'est pas prêt.
    [INFO] Please restart the search with Administrator rights
    Master boot sector HD3
    [INFO] No virus was found!
    [WARNING] Le périphérique n'est pas prêt.
    [INFO] Please restart the search with Administrator rights

    Start scanning boot sectors:
    Boot sector 'C:\'
    [INFO] No virus was found!
    Boot sector 'D:\'
    [INFO] No virus was found!

    Starting to scan the registry.
    The registry was scanned ( '9' files ).


    Starting the file scan:

    Begin scan in 'C:\' <BOOT>
    C:\pagefile.sys
    [WARNING] The file could not be opened!
    C:\Windows\System32\drivers\sptd.sys
    [WARNING] The file could not be opened!
    Begin scan in 'D:\' <RECOVER>


    End of the scan: mardi 24 juin 2008 02:41
    Used time: 1:09:14 min

    The scan has been done completely.

    26765 Scanning directories
    730036 Files were scanned
    0 viruses and/or unwanted programs were found
    0 Files were classified as suspicious:
    0 files were deleted
    0 files were repaired
    0 files were moved to quarantine
    0 files were renamed
    2 Files cannot be scanned
    730036 Files not concerned
    4801 Archives were scanned
    5 Warnings
    0 Notes


    Combofix:

    ComboFix 08-06-20.4 - PiWhy 2008-06-24 2:46:20.2 - NTFSx86
    Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.1.1036.18.1253 [GMT 2:00]
    Endroit: C:\Users\PiWhy\Desktop\ComboFix.exe
    .

    ((((((((((((((((((((((((((((( Fichiers créés 2008-05-24 to 2008-06-24 ))))))))))))))))))))))))))))))))))))
    .

    2008-06-23 12:32 . 2008-06-23 12:32 <REP> d-------- C:\Users\All Users\Avira
    2008-06-23 12:32 . 2008-06-23 12:32 <REP> d-------- C:\ProgramData\Avira
    2008-06-23 12:32 . 2008-06-23 12:32 <REP> d-------- C:\Program Files\Avira
    2008-06-22 23:43 . 2008-06-22 23:43 <REP> d-------- C:\Users\PiWhy\AppData\Roaming\Malwarebytes
    2008-06-22 23:43 . 2008-06-22 23:43 <REP> d-------- C:\Users\All Users\Malwarebytes
    2008-06-22 23:43 . 2008-06-22 23:43 <REP> d-------- C:\ProgramData\Malwarebytes
    2008-06-22 23:43 . 2008-06-22 23:43 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
    2008-06-22 23:43 . 2008-06-19 17:55 34,296 --a------ C:\Windows\System32\drivers\mbamcatchme.sys
    2008-06-22 23:43 . 2008-06-19 17:55 17,144 --a------ C:\Windows\System32\drivers\mbam.sys
    2008-06-22 16:18 . 2008-06-22 16:18 <REP> d-------- C:\Users\PiWhy\AppData\Roaming\Grisoft
    2008-06-22 16:17 . 2008-06-22 16:17 <REP> d-------- C:\Users\All Users\Grisoft
    2008-06-22 16:17 . 2008-06-22 16:17 <REP> d-------- C:\ProgramData\Grisoft
    2008-06-22 16:17 . 2007-05-30 14:10 10,872 --a------ C:\Windows\System32\drivers\AvgAsCln.sys
    2008-06-22 16:16 . 2008-06-22 16:16 <REP> d-------- C:\Program Files\CCleaner
    2008-06-22 15:51 . 2008-06-22 15:51 <REP> d-------- C:\VundoFix Backups
    2008-06-22 15:33 . 2008-06-22 15:33 <REP> d-------- C:\PerfLogs
    2008-06-21 15:46 . 2008-06-21 15:50 <REP> d-------- C:\Program Files\DAEMON Tools Lite
    2008-06-21 15:37 . 2008-06-21 15:37 <REP> d-------- C:\Users\PiWhy\AppData\Roaming\DAEMON Tools
    2008-06-21 15:36 . 2008-06-21 15:37 3,702,216 --a------ C:\temp\daemon4123-lite.exe
    2008-06-21 15:22 . 2008-06-21 15:22 <REP> d-------- C:\Users\PiWhy\AppData\Roaming\DaemonTools
    2008-06-20 22:41 . 2008-01-19 09:35 9,847,296 --a------ C:\Windows\System32\NlsData000a.dll
    2008-06-20 22:40 . 2008-01-19 09:34 6,103,040 --a------ C:\Windows\System32\chtbrkr.dll
    2008-06-20 22:39 . 2008-01-19 08:06 8,147,456 --a------ C:\Windows\System32\wmploc.DLL
    2008-06-20 22:38 . 2008-01-19 09:36 704,512 --a------ C:\Windows\System32\SmiEngine.dll
    2008-06-20 22:38 . 2008-01-19 09:36 357,888 --a------ C:\Windows\System32\wbemcomn.dll
    2008-06-20 22:38 . 2008-01-19 09:36 218,624 --a------ C:\Windows\System32\wdscore.dll
    2008-06-20 22:38 . 2008-01-19 09:36 139,264 --a------ C:\Windows\System32\SmiInstaller.dll
    2008-06-20 22:38 . 2008-01-19 09:33 130,560 --a------ C:\Windows\System32\PkgMgr.exe
    2008-06-20 22:37 . 2008-01-19 09:34 305,152 --a------ C:\Windows\System32\msdelta.dll
    2008-06-20 22:37 . 2008-01-19 09:34 258,560 --a------ C:\Windows\System32\dpx.dll
    2008-06-20 22:37 . 2008-01-19 09:34 246,784 --a------ C:\Windows\System32\drvstore.dll
    2008-06-20 22:37 . 2008-01-19 09:35 35,328 --a------ C:\Windows\System32\mspatcha.dll
    2008-06-20 13:35 . 2008-06-21 16:49 <REP> d-------- C:\Users\PiWhy\AppData\Roaming\Mes fichiers de LSDA, L'Avènement du Roi-sorcier™
    2008-06-19 17:53 . 2008-06-23 23:14 43,520 --a------ C:\Windows\System32\CmdLineExt03.dll
    2008-06-18 21:57 . 2008-06-18 23:25 <REP> d-------- C:\Users\PiWhy\AppData\Roaming\La Bataille pour la Terre du Milieu ™ II
    2008-06-18 02:14 . 2008-06-18 02:14 <REP> d-------- C:\Program Files\Common Files\BioWare
    2008-06-15 00:45 . 2008-04-23 06:42 428,544 --a------ C:\Windows\System32\EncDec.dll
    2008-06-15 00:45 . 2008-04-23 06:42 293,376 --a------ C:\Windows\System32\psisdecd.dll
    2008-06-15 00:45 . 2008-04-23 06:41 218,624 --a------ C:\Windows\System32\psisrndr.ax
    2008-06-15 00:45 . 2008-01-19 09:33 80,896 --a------ C:\Windows\System32\MSNP.ax
    2008-06-15 00:45 . 2008-01-19 09:33 69,632 --a------ C:\Windows\System32\Mpeg2Data.ax
    2008-06-15 00:45 . 2008-04-23 06:41 57,856 --a------ C:\Windows\System32\MSDvbNP.ax
    2008-06-11 02:17 . 2008-04-25 04:12 1,383,424 --a------ C:\Windows\System32\mshtml.tlb
    2008-06-11 02:17 . 2008-04-26 10:08 1,314,816 --a------ C:\Windows\System32\quartz.dll
    2008-06-11 02:17 . 2008-04-25 06:35 826,880 --a------ C:\Windows\System32\wininet.dll
    2008-06-11 02:17 . 2008-05-10 03:33 113,664 --a------ C:\Windows\System32\drivers\rmcast.sys
    2008-05-31 13:31 . 2008-05-31 15:39 <REP> d-------- C:\Users\PiWhy\Part
    2008-05-28 15:19 . 2008-03-08 04:08 4,240,384 --a------ C:\Windows\System32\GameUXLegacyGDFs.dll
    2008-05-28 15:19 . 2008-03-08 06:21 1,695,744 --a------ C:\Windows\System32\gameux.dll
    2008-05-28 12:33 . 2008-06-17 14:26 <REP> d-------- C:\Users\PiWhy\Stage
    2008-05-26 13:43 . 2008-05-26 13:43 <REP> d-------- C:\Windows\System32\AGEIA
    2008-05-26 13:43 . 2008-05-26 13:43 <REP> d-------- C:\Program Files\AGEIA Technologies
    2008-05-26 13:42 . 2008-05-26 13:42 <REP> d-------- C:\Program Files\Common Files\Wise Installation Wizard
    2008-05-26 01:53 . 2003-03-18 23:14 499,712 --a------ C:\Windows\System32\MSVCP71.DLL

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-06-22 13:47 174 --sha-w C:\Program Files\desktop.ini
    2008-06-22 13:36 --------- d-----w C:\Program Files\Windows Sidebar
    2008-06-22 13:36 --------- d-----w C:\Program Files\Windows Photo Gallery
    2008-06-22 13:36 --------- d-----w C:\Program Files\Windows Mail
    2008-06-22 13:36 --------- d-----w C:\Program Files\Windows Journal
    2008-06-22 13:36 --------- d-----w C:\Program Files\Windows Defender
    2008-06-22 13:36 --------- d-----w C:\Program Files\Windows Collaboration
    2008-06-22 13:36 --------- d-----w C:\Program Files\Windows Calendar
    2008-06-22 13:16 82,432 ----a-w C:\Windows\System32\axaltocm.dll
    2008-06-22 13:16 101,888 ----a-w C:\Windows\System32\ifxcardm.dll
    2008-06-21 14:49 --------- d-----w C:\Users\PiWhy\AppData\Roaming\Mes fichiers de LSDA, L'Avènement du Roi-sorcier™
    2008-06-21 13:38 717,296 ----a-w C:\Windows\system32\drivers\sptd.sys
    2008-06-21 13:25 --------- d-----w C:\Users\PiWhy\AppData\Roaming\Azureus
    2008-06-19 11:01 --------- d-----w C:\Program Files\Azureus
    2008-06-18 00:14 --------- d-----w C:\ProgramData\Media Center Programs
    2008-06-04 08:59 --------- d-----w C:\Program Files\Player Metaboli
    2008-06-02 21:31 107,888 ----a-w C:\Windows\System32\CmdLineExt.dll
    2008-05-28 23:05 --------- d-----w C:\ProgramData\Microsoft Help
    2008-05-21 19:49 472,576 ----a-w C:\Windows\Nvidia Omega Drivers v1.169.25 Uninstall.exe
    2008-05-21 19:49 --------- d-----w C:\Program Files\Nvidia Omega Drivers
    2008-05-21 16:48 --------- d-----w C:\Users\PiWhy\AppData\Roaming\Samsung
    2008-05-21 16:33 5,632 ----a-w C:\Windows\system32\drivers\StarOpen.sys
    2008-05-19 19:02 --------- d-----w C:\Users\PiWhy\AppData\Roaming\Sierra
    2008-05-18 16:37 --------- d-----w C:\ProgramData\NVIDIA
    2008-05-18 14:46 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-05-16 20:34 --------- d-----w C:\ProgramData\Test Drive Unlimited
    2008-05-04 17:06 --------- d-----w C:\ProgramData\Player Metaboli
    2008-05-02 13:52 3,584 ----a-w C:\Windows\shotput.bin
    2008-04-30 15:27 442,368 ----a-w C:\Windows\System32\nvuninst.exe
    2008-04-30 11:55 70,944 ----a-w C:\Windows\System32\PhysXLoader.dll
    2008-04-28 11:54 --------- d-----w C:\Program Files\Common Files\Steam
    2008-04-28 09:11 53,248 ----a-w C:\Windows\System32\AgCPanelTraditionalChinese.dll
    2008-04-28 09:11 53,248 ----a-w C:\Windows\System32\AgCPanelSwedish.dll
    2008-04-28 09:11 53,248 ----a-w C:\Windows\System32\AgCPanelSpanish.dll
    2008-04-28 09:11 53,248 ----a-w C:\Windows\System32\AgCPanelSimplifiedChinese.dll
    2008-04-28 09:11 53,248 ----a-w C:\Windows\System32\AgCPanelPortugese.dll
    2008-04-28 09:11 53,248 ----a-w C:\Windows\System32\AgCPanelKorean.dll
    2008-04-28 09:11 53,248 ----a-w C:\Windows\System32\AgCPanelJapanese.dll
    2008-04-28 09:11 53,248 ----a-w C:\Windows\System32\AgCPanelGerman.dll
    2008-04-28 09:11 53,248 ----a-w C:\Windows\System32\AgCPanelFrench.dll
    2007-11-22 15:04 22,328 ----a-w C:\Users\PiWhy\AppData\Roaming\PnkBstrK.sys
    2006-01-25 09:30 456,768 ----a-w C:\Windows\inf\WPN311\WPN311.sys
    2005-01-27 08:59 35,232 ----a-w C:\Windows\inf\WPN311\ME_INST.EXE
    2005-01-27 08:59 26,112 ----a-w C:\Windows\inf\WPN311\install.exe
    .

    ((((((((((((((((((((((((((((( snapshot@2008-06-22_19.51.12.65 )))))))))))))))))))))))))))))))))))))))))
    .
    - 2008-06-22 16:02:36 67,584 --s-a-w C:\Windows\bootstat.dat
    + 2008-06-23 23:26:30 67,584 --s-a-w C:\Windows\bootstat.dat
    - 2008-06-22 16:02:41 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
    + 2008-06-23 23:26:31 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
    - 2008-06-22 16:04:22 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT
    + 2008-06-23 23:27:57 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT
    + 2008-06-23 23:27:57 262,144 ---ha-w C:\Windows\ServiceProfiles\LocalService\ntuser.dat.LOG1
    - 2008-06-22 16:04:28 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT
    + 2008-06-23 23:27:52 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT
    + 2008-06-23 23:27:52 262,144 ---ha-w C:\Windows\ServiceProfiles\NetworkService\ntuser.dat.LOG1
    - 2008-06-22 17:33:51 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    + 2008-06-23 23:26:31 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    - 2008-06-22 17:33:51 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    + 2008-06-23 23:26:31 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    - 2008-06-22 17:33:51 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    + 2008-06-23 23:26:31 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    + 2008-03-04 11:28:53 79,424 ----a-w C:\Windows\System32\drivers\avipbb.sys
    + 2007-03-01 08:34:22 28,352 ----a-w C:\Windows\System32\drivers\ssmdrv.sys
    - 2008-06-22 16:08:12 101,896 ----a-w C:\Windows\System32\perfc009.dat
    + 2008-06-23 23:31:13 101,896 ----a-w C:\Windows\System32\perfc009.dat
    - 2008-06-22 16:08:12 124,228 ----a-w C:\Windows\System32\perfc00C.dat
    + 2008-06-23 23:31:13 124,228 ----a-w C:\Windows\System32\perfc00C.dat
    - 2008-06-22 16:08:12 589,884 ----a-w C:\Windows\System32\perfh009.dat
    + 2008-06-23 23:31:13 589,884 ----a-w C:\Windows\System32\perfh009.dat
    - 2008-06-22 16:08:12 672,096 ----a-w C:\Windows\System32\perfh00C.dat
    + 2008-06-23 23:31:13 672,096 ----a-w C:\Windows\System32\perfh00C.dat
    - 2008-06-22 16:04:38 6,968 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2660414465-1700263551-2123966501-1000_UserData.bin
    + 2008-06-23 16:18:25 7,746 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2660414465-1700263551-2123966501-1000_UserData.bin
    - 2008-06-22 16:04:38 92,318 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
    + 2008-06-23 16:18:25 94,260 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
    - 2008-06-21 13:29:56 2,904 ----a-w C:\Windows\System32\WDI\ERCQueuedResolutions.dat
    + 2008-06-23 16:15:27 4,430 ----a-w C:\Windows\System32\WDI\ERCQueuedResolutions.dat
    - 2008-06-21 13:17:32 35,484 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
    + 2008-06-23 23:28:15 37,136 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
    .
    -- Snapshot reset to current date --
    .
    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 19:03 152872]
    "DAEMON Tools Pro Agent"="C:\Program Files\DAEMON Tools Pro\DTProAgent.exe" [ ]
    "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 09:33 202240]
    "swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2008-03-08 17:47 171448]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-04-04 18:33 220160]
    "toolbar_eula_launcher"="C:\Program Files\GoogleEULA\EULALauncher.exe" [ ]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 05:25 144784]
    "NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 15:57 153136]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
    "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-02-01 00:13 385024]
    "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-02-04 15:18 267048]
    "NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2008-05-03 05:46 13535776]
    "NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2008-05-03 05:46 92704]
    "MSN Booter"="msnbootcf.exe" []
    "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-02-12 10:06 262401]
    "!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 11:25 6731312]

    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
    NETGEAR WPN311 Smart Wizard.lnk - C:\Program Files\NETGEAR\WPN311\wlancfg5.exe [2006-02-22 13:49:28 1486848]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "EnableLUA"= 0 (0x0)
    "EnableUIADesktopToggle"= 0 (0x0)

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
    "AppInit_DLLs"=C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
    "TCP Query User{E4DADA37-7D29-41F6-B523-D4102B5978CE}C:\\jeux\\w40k dawn of war\\w40k.exe"= UDP:C:\jeux\w40k dawn of war\w40k.exe:W40K
    "UDP Query User{C1CACFEF-5A87-4B51-989A-98729121EFF1}C:\\jeux\\w40k dawn of war\\w40k.exe"= TCP:C:\jeux\w40k dawn of war\w40k.exe:W40K
    "TCP Query User{F9E41F30-9C05-4F64-9BD6-8441F586D577}C:\\jeux\\w40k dark crusade\\dawn of war - dark crusade\\darkcrusade.exe"= UDP:C:\jeux\w40k dark crusade\dawn of war - dark crusade\darkcrusade.exe:D arkCrusade
    "UDP Query User{3AD06547-6BA7-4D07-90AC-35994BC00943}C:\\jeux\\w40k dark crusade\\dawn of war - dark crusade\\darkcrusade.exe"= TCP:C:\jeux\w40k dark crusade\dawn of war - dark crusade\darkcrusade.exe:D arkCrusade
    "TCP Query User{FBEDEA14-D51B-45E8-A475-DFB9694E52E9}C:\\jeux\\w40k dawn of war\\w40kwa.exe"= UDP:C:\jeux\w40k dawn of war\w40kwa.exe:W40kWA
    "UDP Query User{AFF8F51F-4C62-4BD0-B8CD-3F360ED70FE6}C:\\jeux\\w40k dawn of war\\w40kwa.exe"= TCP:C:\jeux\w40k dawn of war\w40kwa.exe:W40kWA
    "TCP Query User{5F2E7246-3AF7-4D4A-AFFF-0D63BF464D1B}C:\\program files\\azureus\\azureus.exe"= UDP:C:\program files\azureus\azureus.exe:Azureus
    "UDP Query User{D7E41873-A6E7-4025-9AF1-D4A23BFEC6F5}C:\\program files\\azureus\\azureus.exe"= TCP:C:\program files\azureus\azureus.exe:Azureus
    "TCP Query User{57D3AE49-FCC9-48A8-923F-105BF7BB4983}C:\\program files\\dap\\dap.exe"= UDP:C:\program files\dap\dap.exe:D ownload Accelerator Plus (DAP)
    "UDP Query User{D5184EC0-52E6-4569-B5D4-7C5951189D18}C:\\program files\\dap\\dap.exe"= TCP:C:\program files\dap\dap.exe:D ownload Accelerator Plus (DAP)
    "TCP Query User{76ED4023-5442-4E6F-ABEB-1A34CABD054A}C:\\program files\\azureus\\azureus.exe"= UDP:C:\program files\azureus\azureus.exe:Azureus
    "UDP Query User{11D7A423-B250-41AC-A14F-E775B8F4AEBE}C:\\program files\\azureus\\azureus.exe"= TCP:C:\program files\azureus\azureus.exe:Azureus
    "{9949866F-8C41-44BC-9FCE-A68F45A61859}"= TCP:6004|C:\Program Files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
    "{7B0D9F3C-519B-4C75-A7DA-670285A3C3B4}"= C:\Jeux\C&C3\RetailExe\1.0\cnc3game.dat:Command & Conquer 3 Les guerres du Tiberium™
    "TCP Query User{83C0FF87-64A2-492D-8C56-CB1726241F0E}C:\\temp\\wow-burningcrusade-frfr-installer-downloader.exe"= UDP:C:\temp\wow-burningcrusade-frfr-installer-downloader.exe:Blizzard Downloader
    "UDP Query User{6EB332B3-2AE2-4CF9-AAB1-8BCEC2A9FC25}C:\\temp\\wow-burningcrusade-frfr-installer-downloader.exe"= TCP:C:\temp\wow-burningcrusade-frfr-installer-downloader.exe:Blizzard Downloader
    "{D8E29B49-169C-4CDE-B4D6-D7F25CDBCAF3}"= UDP:3724:Blizzard downloader
    "{55CD470C-193D-4502-8B04-DF3B05A13130}"= UDP:6112:Blizzard Downloader
    "TCP Query User{0AFBCC03-614E-4B7C-8355-FF953F734846}C:\\jeux\\world of warcraft\\wow-2.0.3-frfr-downloader.exe"= UDP:C:\jeux\world of warcraft\wow-2.0.3-frfr-downloader.exe:Blizzard Downloader
    "UDP Query User{5DF81D4B-0C40-47C0-A450-BD6F0E2A32A5}C:\\jeux\\world of warcraft\\wow-2.0.3-frfr-downloader.exe"= TCP:C:\jeux\world of warcraft\wow-2.0.3-frfr-downloader.exe:Blizzard Downloader
    "TCP Query User{A8D91EDC-EA04-4FCA-B1C5-CD39A176EC3F}C:\\jeux\\genesis rising\\bin\\genesisrising.exe"= UDP:C:\jeux\genesis rising\bin\genesisrising.exe:GenesisRising
    "UDP Query User{00382831-7E0C-40CF-8FE3-06E109A52F2B}C:\\jeux\\genesis rising\\bin\\genesisrising.exe"= TCP:C:\jeux\genesis rising\bin\genesisrising.exe:GenesisRising
    "TCP Query User{63D4CFF0-56E3-4FBA-93FC-196C810964E2}C:\\jeux\\pacific storm\\bin\\allies.exe"= UDP:C:\jeux\pacific storm\bin\allies.exe:allies
    "UDP Query User{71DAD618-29D1-4D7A-84D2-C31D255C77BC}C:\\jeux\\pacific storm\\bin\\allies.exe"= TCP:C:\jeux\pacific storm\bin\allies.exe:allies
    "TCP Query User{B75CAF9B-BD18-4795-B1AE-1AABFABEEC80}C:\\jeux\\steam\\steamapps\\za-ha-dum\\counter-strike source\\hl2.exe"= UDP:C:\jeux\steam\steamapps\za-ha-dum\counter-strike source\hl2.exe:hl2
    "UDP Query User{EA22CF5C-9A36-496D-999D-AC568C6D8427}C:\\jeux\\steam\\steamapps\\za-ha-dum\\counter-strike source\\hl2.exe"= TCP:C:\jeux\steam\steamapps\za-ha-dum\counter-strike source\hl2.exe:hl2
    "TCP Query User{617CB08D-ECE2-4C29-AE0D-442B43069016}C:\\jeux\\steam\\steamapps\\za-ha-dum\\half-life 2 deathmatch\\hl2.exe"= UDP:C:\jeux\steam\steamapps\za-ha-dum\half-life 2 deathmatch\hl2.exe:hl2
    "UDP Query User{15924B34-BD3F-4643-9135-C380A2A370B8}C:\\jeux\\steam\\steamapps\\za-ha-dum\\half-life 2 deathmatch\\hl2.exe"= TCP:C:\jeux\steam\steamapps\za-ha-dum\half-life 2 deathmatch\hl2.exe:hl2
    "TCP Query User{1EB45B87-5DCF-4B0E-8E95-34020EB384CF}C:\\jeux\\starcraft\\starcraft.exe"= UDP:C:\jeux\starcraft\starcraft.exe:StarCraft
    "UDP Query User{C6161834-4FCD-47E7-A333-A2084DC41077}C:\\jeux\\starcraft\\starcraft.exe"= TCP:C:\jeux\starcraft\starcraft.exe:StarCraft
    "TCP Query User{0FC6254D-C3E8-4C6C-81C4-C9C9EA4947F1}C:\\jeux\\steam\\steamapps\\za-ha-dum\\source sdk base\\hl2.exe"= UDP:C:\jeux\steam\steamapps\za-ha-dum\source sdk base\hl2.exe:hl2
    "UDP Query User{4EB42EE8-EB34-4773-80C9-E91583391BBE}C:\\jeux\\steam\\steamapps\\za-ha-dum\\source sdk base\\hl2.exe"= TCP:C:\jeux\steam\steamapps\za-ha-dum\source sdk base\hl2.exe:hl2
    "TCP Query User{14FD02DA-9EDF-402C-AAC2-9038C29AD082}C:\\jeux\\cod2\\cod2mp_s.exe"= UDP:C:\jeux\cod2\cod2mp_s.exe:CoD2MP_s
    "UDP Query User{C74D7375-CBE5-42C6-A17E-D5A293BD9B80}C:\\jeux\\cod2\\cod2mp_s.exe"= TCP:C:\jeux\cod2\cod2mp_s.exe:CoD2MP_s
    "TCP Query User{F8713691-F173-4CC4-B6E9-4696E044DE71}C:\\jeux\\lost planet\\lostplanetdx10.exe"= UDP:C:\jeux\lost planet\lostplanetdx10.exe:LostPlanetDx10
    "UDP Query User{3F1873A1-F2F4-47AF-BBC8-D8739C8C49E8}C:\\jeux\\lost planet\\lostplanetdx10.exe"= TCP:C:\jeux\lost planet\lostplanetdx10.exe:LostPlanetDx10
    "TCP Query User{B166C7C1-13AF-48FF-8825-3989742D440D}C:\\jeux\\titan quest immortal throne\\tqit.exe"= UDP:C:\jeux\titan quest immortal throne\tqit.exe:Tqit
    "UDP Query User{F2EBA835-2B60-46E1-A7EC-A0BB8C6610A4}C:\\jeux\\titan quest immortal throne\\tqit.exe"= TCP:C:\jeux\titan quest immortal throne\tqit.exe:Tqit
    "TCP Query User{ABC34F29-8C63-4789-8B79-16C07F27E719}C:\\program files\\itunes\\itunes.exe"= UDP:C:\program files\itunes\itunes.exe:iTunes
    "UDP Query User{21EDF6A0-0403-4032-8206-6822301EA0EB}C:\\program files\\itunes\\itunes.exe"= TCP:C:\program files\itunes\itunes.exe:iTunes
    "TCP Query User{ED104CF3-FA05-4B79-B3A5-76ECA71052D8}C:\\jeux\\bid for power\\quake3.exe"= UDP:C:\jeux\bid for power\quake3.exe:quake3
    "UDP Query User{74EFF036-15D8-4075-85D6-E02F6ECFD7A0}C:\\jeux\\bid for power\\quake3.exe"= TCP:C:\jeux\bid for power\quake3.exe:quake3
    "TCP Query User{D8262979-8A2D-4105-AF65-CBFA5BC0CD20}C:\\ebfp\\quake3.exe"= UDP:C:\ebfp\quake3.exe:quake3
    "UDP Query User{5E6547A8-B121-4DD4-8910-72332ECE761D}C:\\ebfp\\quake3.exe"= TCP:C:\ebfp\quake3.exe:quake3
    "TCP Query User{53161A64-B9AA-4D75-B947-C6712C0FA0DD}C:\\jeux\\warcraft iii\\war3.exe"= UDP:C:\jeux\warcraft iii\war3.exe:Warcraft III
    "UDP Query User{1A61DE52-54CF-428A-B39B-4C14A71F890B}C:\\jeux\\warcraft iii\\war3.exe"= TCP:C:\jeux\warcraft iii\war3.exe:Warcraft III
    "{58CABCDE-3391-4441-930A-A64500A4BFE6}"= UDP:C:\Program Files\LucasArts\Star Wars Empire at War\GameData\sweaw.exe:Star Wars: Empire at War
    "{34FBB203-CA19-42B2-B8EE-F2F440418E80}"= TCP:C:\Program Files\LucasArts\Star Wars Empire at War\GameData\sweaw.exe:Star Wars: Empire at War
    "TCP Query User{C5A87D24-AAFB-4F01-B01F-E72CD7807D2E}C:\\program files\\ebfp2\\quake3.exe"= UDP:C:\program files\ebfp2\quake3.exe:quake3
    "UDP Query User{BD5125C1-AC2A-4F70-B8FE-791D430C2BA2}C:\\program files\\ebfp2\\quake3.exe"= TCP:C:\program files\ebfp2\quake3.exe:quake3
    "TCP Query User{071D8468-8A32-4AB4-8A93-C814D715D6CB}C:\\jeux\\ebfp2\\quake3.exe"= UDP:C:\jeux\ebfp2\quake3.exe:quake3
    "UDP Query User{73A2FDC5-9FCD-4667-BC93-02ECB26C58D8}C:\\jeux\\ebfp2\\quake3.exe"= TCP:C:\jeux\ebfp2\quake3.exe:quake3
    "TCP Query User{44A166B4-174D-41D4-B7B3-8F16DBCCAA93}D:\\ebfp2\\quake3.exe"= UDP:D :\ebfp2\quake3.exe:quake3
    "UDP Query User{34739EC2-1946-44E5-AEFE-6066EB9CD926}D:\\ebfp2\\quake3.exe"= TCP:D :\ebfp2\quake3.exe:quake3
    "{EA62577E-62EF-49CE-9B0C-52889107EA01}"= UDP:C:\Program Files\LucasArts\Star Wars Empire at War Forces of Corruption\swfoc.exe:Star Wars(R): Empire at War(TM): Forces of Corruption(TM)
    "{2ADDEDE2-918E-4D36-A06C-250EEE17A549}"= TCP:C:\Program Files\LucasArts\Star Wars Empire at War Forces of Corruption\swfoc.exe:Star Wars(R): Empire at War(TM): Forces of Corruption(TM)
    "TCP Query User{349660D4-A7C4-4D15-A032-7C2E5C8C4676}C:\\jeux\\steam\\steam.exe"= UDP:C:\jeux\steam\steam.exe:Steam
    "UDP Query User{8A33A21E-C32B-4459-A7FC-64A6397EF873}C:\\jeux\\steam\\steam.exe"= TCP:C:\jeux\steam\steam.exe:Steam
    "TCP Query User{A2FD0000-7AC1-4743-8D6B-35FC73C1D382}C:\\jeux\\steam\\steamapps\\za-ha-dum\\half-life\\hl.exe"= UDP:C:\jeux\steam\steamapps\za-ha-dum\half-life\hl.exe:Half-Life Launcher
    "UDP Query User{494B8FF3-B1CF-42CE-87DC-0D0AAE8D2BB9}C:\\jeux\\steam\\steamapps\\za-ha-dum\\half-life\\hl.exe"= TCP:C:\jeux\steam\steamapps\za-ha-dum\half-life\hl.exe:Half-Life Launcher
    "TCP Query User{603E8F5A-D281-4CDD-A7BF-63A4255BD20B}C:\\jeux\\alerte\\red alert - a path beyond\\renalert.exe"= UDP:C:\jeux\alerte\red alert - a path beyond\renalert.exe:Renegade
    "UDP Query User{ACA25B3E-428B-451B-B63F-B0B484520356}C:\\jeux\\alerte\\red alert - a path beyond\\renalert.exe"= TCP:C:\jeux\alerte\red alert - a path beyond\renalert.exe:Renegade
    "{63E0CECF-6602-478A-A71C-BBBD0660D93D}"= UDP:C:\Jeux\Hellgate\Launcher.exe:Hellgate : London
    "{DD3FD0ED-DA6A-4303-B64F-B77A75098147}"= TCP:C:\Jeux\Hellgate\Launcher.exe:Hellgate : London
    "{9C5DD5A4-DB9C-4E75-AD6D-06CD6C857C49}"= UDP:C:\Jeux\Cod4\iw3mp.exe:Call of Duty(R) 4 - Modern Warfare(TM)
    "{2B2F93BB-8016-44FB-BE50-91B1950B56D5}"= TCP:C:\Jeux\Cod4\iw3mp.exe:Call of Duty(R) 4 - Modern Warfare(TM)
    "TCP Query User{9F725AEC-F45A-492B-AB14-CEC4AF72E643}C:\\jeux\\freelancer\\exe\\flserver.exe"= UDP:C:\jeux\freelancer\exe\flserver.exe:Freelancer
    "UDP Query User{8624F9AD-D8C2-4147-8A4D-A1E825FCDC5C}C:\\jeux\\freelancer\\exe\\flserver.exe"= TCP:C:\jeux\freelancer\exe\flserver.exe:Freelancer
    "TCP Query User{0C776082-6228-4E6F-8C1E-3C255BA8EA0C}C:\\windows\\system32\\dpnsvr.exe"= UDP:C:\windows\system32\dpnsvr.exe:Serveur Microsoft DirectPlay 8
    "UDP Query User{AE0FCA48-118C-4225-90DD-C1B1FFFBD29E}C:\\windows\\system32\\dpnsvr.exe"= TCP:C:\windows\system32\dpnsvr.exe:Serveur Microsoft DirectPlay 8
    "{64A37A2F-60D3-4735-852E-79F2ACE79A91}"= UDP:C:\Jeux\Supreme Commander\GPGNet\GPG.Multiplayer.Client.exe:GPGNet - Supreme Commander
    "{76672A7F-692D-4E6A-B4DA-1A2AEC655EB2}"= TCP:C:\Jeux\Supreme Commander\GPGNet\GPG.Multiplayer.Client.exe:GPGNet - Supreme Commander
    "{9F6855D0-B108-4D9F-84FA-44BCD51D10B5}"= UDP:C:\Jeux\Supreme Commander Forced Alliance\Supreme Commander - Forged Alliance\bin\ForgedAlliance.exe:Supreme Commander - Forged Alliance
    "{EF474F7A-8FA7-43F5-B4DA-5ECB9B77E901}"= TCP:C:\Jeux\Supreme Commander Forced Alliance\Supreme Commander - Forged Alliance\bin\ForgedAlliance.exe:Supreme Commander - Forged Alliance
    "{A5080C67-96A1-457B-90A8-FADE9562B813}"= UDP:C:\Jeux\Crysis\Bin32\Crysis.exe:Crysis_32
    "{5BCFA230-878C-4DCA-9563-B315369B6219}"= TCP:C:\Jeux\Crysis\Bin32\Crysis.exe:Crysis_32
    "{C1466C68-A144-4172-AF4E-842A5E975E5A}"= UDP:C:\Jeux\Crysis\Bin32\CrysisDedicatedServer.exe:CrysisDedicatedServer_32
    "{B21FD72B-E492-493A-A610-7E73EECA98FF}"= TCP:C:\Jeux\Crysis\Bin32\CrysisDedicatedServer.exe:CrysisDedicatedServer_32
    "{C398B6AA-1D27-4793-8B47-B57C701EB3BB}"= UDP:C:\Windows\System32\PnkBstrA.exe:p nkBstrA
    "{55F870AE-23E4-4BBE-98AC-AA7B97B2B854}"= TCP:C:\Windows\System32\PnkBstrA.exe:p nkBstrA
    "{F779B62A-C37B-4006-B30C-8BFF1A9BD6F1}"= UDP:C:\Windows\System32\PnkBstrB.exe:p nkBstrB
    "{DCC134ED-18C4-47D3-AA18-E78A66920DFE}"= TCP:C:\Windows\System32\PnkBstrB.exe:p nkBstrB
    "TCP Query User{943D7364-91AA-4F93-9BDB-97214B9BB9E6}C:\\jeux\\homeworld2\\bin\\release\\homeworld2.exe"= UDP:C:\jeux\homeworld2\bin\release\homeworld2.exe:Homeworld2
    "UDP Query User{C5AC1853-DA2A-4720-9298-610D4A0D8F53}C:\\jeux\\homeworld2\\bin\\release\\homeworld2.exe"= TCP:C:\jeux\homeworld2\bin\release\homeworld2.exe:Homeworld2
    "TCP Query User{4DF7BB75-0570-42AF-8361-0BD89C3DD54B}C:\\jeux\\freelancer\\exe\\freelancer.exe"= UDP:C:\jeux\freelancer\exe\freelancer.exe:Freelancer
    "UDP Query User{A7C7A394-3203-4796-9060-3A48B7BA2630}C:\\jeux\\freelancer\\exe\\freelancer.exe"= TCP:C:\jeux\freelancer\exe\freelancer.exe:Freelancer
    "TCP Query User{8FA83A68-0100-48C5-82CF-EA7F72F06075}C:\\program files\\lucasarts\\star wars jedi knight jedi academy\\gamedata\\jamp.exe"= UDP:C:\program files\lucasarts\star wars jedi knight jedi academy\gamedata\jamp.exe:Jedi Academy MultiPlayer
    "UDP Query User{4252407A-4AEB-4BA0-9725-39D76C4B680C}C:\\program files\\lucasarts\\star wars jedi knight jedi academy\\gamedata\\jamp.exe"= TCP:C:\program files\lucasarts\star wars jedi knight jedi academy\gamedata\jamp.exe:Jedi Academy MultiPlayer
    "TCP Query User{E444222C-CE43-41FA-9FFA-DCB5126FE0F5}C:\\jeux\\nexus\\nexus_dx9.exe"= UDP:C:\jeux\nexus\nexus_dx9.exe:Nexus
    "UDP Query User{1844C3D9-313F-40B8-95CB-97175CEB7E17}C:\\jeux\\nexus\\nexus_dx9.exe"= TCP:C:\jeux\nexus\nexus_dx9.exe:Nexus
    "{CE745B9D-F132-424F-893B-975458A1C458}"= UDP:C:\Program Files\iTunes\iTunes.exe:iTunes
    "{F3C845E8-3D61-4962-ADD8-78580F621A68}"= TCP:C:\Program Files\iTunes\iTunes.exe:iTunes
    "{AB5F1450-E85C-4FC2-A7BC-0248149F841E}"= UDP:C:\Jeux\Juiced2\Juiced2_HIN.exe:Juiced2_HIN
    "{75C5F911-9426-4769-B516-39E554055718}"= TCP:C:\Jeux\Juiced2\Juiced2_HIN.exe:Juiced2_HIN
    "{D53ACAEE-7799-4B1D-B96C-33818DB6787C}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
    "TCP Query User{8BD1E859-BE9C-414C-9231-F1EE83C1115A}C:\\jeux\\w40k soulstorm\\soulstorm.exe"= UDP:C:\jeux\w40k soulstorm\soulstorm.exe:Soulstorm
    "UDP Query User{97286C58-E55F-4F13-87ED-D1295DDBC03D}C:\\jeux\\w40k soulstorm\\soulstorm.exe"= TCP:C:\jeux\w40k soulstorm\soulstorm.exe:Soulstorm
    "{B7E69A0B-EC12-4E60-ABBB-CF8171AF3714}"= UDP:C:\Jeux\Neverwinter Nights 2\nwn2main.exe:Neverwinter Nights 2 Main
    "{49946CAE-4A1B-454D-A8E9-CF21FA387738}"= TCP:C:\Jeux\Neverwinter Nights 2\nwn2main.exe:Neverwinter Nights 2 Main
    "{674C4927-29AB-4BEB-8F08-619B178B34EF}"= UDP:C:\Jeux\Neverwinter Nights 2\nwn2main_amdxp.exe:Neverwinter Nights 2 AMD
    "{C5433F34-FE12-490B-A040-74364840DC16}"= TCP:C:\Jeux\Neverwinter Nights 2\nwn2main_amdxp.exe:Neverwinter Nights 2 AMD
    "{FD722530-9A0F-43A5-9C4B-F2CC7492FFB2}"= UDP:C:\Jeux\Neverwinter Nights 2\nwupdate.exe:Neverwinter Nights 2 Updater
    "{1995BE07-BCA9-4C66-8323-97F8FF8E9BFE}"= TCP:C:\Jeux\Neverwinter Nights 2\nwupdate.exe:Neverwinter Nights 2 Updater
    "{FE9038D7-C9C2-49A5-9176-10E8C09B792B}"= UDP:C:\Jeux\Neverwinter Nights 2\nwn2server.exe:Neverwinter Nights 2 Server
    "{1F84D1ED-794C-4B66-B804-8CE38296B471}"= TCP:C:\Jeux\Neverwinter Nights 2\nwn2server.exe:Neverwinter Nights 2 Server
    "{D143C600-A35D-445C-945C-DB50EEB06468}"= UDP:C:\Jeux\Assassin's Creed\AssassinsCreed_Dx9.exe:Assassin's Creed Dx9
    "{C354078B-0BEA-4570-B7FA-A29ECD325901}"= TCP:C:\Jeux\Assassin's Creed\AssassinsCreed_Dx9.exe:Assassin's Creed Dx9
    "{2B0581C5-87AF-42F7-8AB9-A2206C5F30EC}"= UDP:C:\Jeux\Assassin's Creed\AssassinsCreed_Dx10.exe:Assassin's Creed Dx10
    "{79DE251B-21AC-4E0B-B240-6E0465753D54}"= TCP:C:\Jeux\Assassin's Creed\AssassinsCreed_Dx10.exe:Assassin's Creed Dx10
    "{E66ACEAA-91FE-4294-86F4-2C4BD78E9ACB}"= UDP:C:\Jeux\Assassin's Creed\AssassinsCreed_Launcher.exe:Assassin's Creed Update
    "{1AFDD4D3-7D93-466A-BB31-366E87D2084E}"= TCP:C:\Jeux\Assassin's Creed\AssassinsCreed_Launcher.exe:Assassin's Creed Update
    "TCP Query User{E6F520EE-F5CA-45EB-93A5-A09466F010D9}X:\\program files\\test drive unlimited\\testdriveunlimited.exe"= UDP:X:\program files\test drive unlimited\testdriveunlimited.exe:testdriveunlimited.exe
    "UDP Query User{7C39A666-7532-42B8-8FEC-704AE9BAB815}X:\\program files\\test drive unlimited\\testdriveunlimited.exe"= TCP:X:\program files\test drive unlimited\testdriveunlimited.exe:testdriveunlimited.exe
    "TCP Query User{ED5ABC60-EA24-4E70-AB82-B523D7CA7D6B}X:\\program files\\battlestations midway\\battlestationsmidway.exe"= UDP:X:\program files\battlestations midway\battlestationsmidway.exe:battlestationsmidway.exe
    "UDP Query User{5247B826-FAE5-4246-83C5-61A8461FCE29}X:\\program files\\battlestations midway\\battlestationsmidway.exe"= TCP:X:\program files\battlestations midway\battlestationsmidway.exe:battlestationsmidway.exe
    "TCP Query User{9684420A-7200-4706-839C-A429C2D538FD}X:\\program files\\act of war - direct action\\actofwar.exe"= UDP:X:\program files\act of war - direct action\actofwar.exe:actofwar.exe
    "UDP Query User{552A9601-9557-426C-A700-3D37C9583C47}X:\\program files\\act of war - direct action\\actofwar.exe"= TCP:X:\program files\act of war - direct action\actofwar.exe:actofwar.exe
    "TCP Query User{E2E4AC88-CF61-4375-8727-9F6097E1B602}X:\\program files\\act of war - direct action\\actofwar.exe"= UDP:X:\program files\act of war - direct action\actofwar.exe:actofwar.exe
    "UDP Query User{E91D84DD-84F8-4D31-8B6F-6357B2111DDF}X:\\program files\\act of war - direct action\\actofwar.exe"= TCP:X:\program files\act of war - direct action\actofwar.exe:actofwar.exe
    "TCP Query User{F8F64DB3-8BEE-49C8-A9CD-2B8041EC96B3}C:\\jeux\\iron man\\ironman.exe"= UDP:C:\jeux\iron man\ironman.exe:A2M Game Engine
    "UDP Query User{B02D576E-8B23-487D-976B-EDC595B6EC60}C:\\jeux\\iron man\\ironman.exe"= TCP:C:\jeux\iron man\ironman.exe:A2M Game Engine
    "TCP Query User{1A0C7B8A-40FA-4C4A-8606-BB6A5AF6CC5B}X:\\program files\\thq\\company of heroes\\reliccoh.exe"= UDP:X:\program files\thq\company of heroes\reliccoh.exe:reliccoh.exe
    "UDP Query User{0E3CC56E-1D44-43A8-81B4-CA1501AC7EFC}X:\\program files\\thq\\company of heroes\\reliccoh.exe"= TCP:X:\program files\thq\company of heroes\reliccoh.exe:reliccoh.exe
    "TCP Query User{B70E1F80-4B99-4590-A453-16C11D721AEE}X:\\program files\\thq\\company of heroes\\reliccoh.exe"= UDP:X:\program files\thq\company of heroes\reliccoh.exe:RelicCOH
    "UDP Query User{4F02E94E-2DBF-4E07-A004-E99E411C1E08}X:\\program files\\thq\\company of heroes\\reliccoh.exe"= TCP:X:\program files\thq\company of heroes\reliccoh.exe:RelicCOH
    "{4090EF21-7D30-4473-82D7-D1CA271BC5C2}"= UDP:C:\Jeux\Loki\Loki.exe:Loki
    "{EEAF9DCB-B60E-4BE4-9953-28176347829B}"= TCP:C:\Jeux\Loki\Loki.exe:Loki
    "{EE45264A-32EB-45F8-9F32-A2B02FCCC8BB}"= UDP:C:\Jeux\Loki\Autorun\AutoRun.exe:Loki - AutoRun
    "{88F817AD-ED0A-4667-97F0-E4E791CA7208}"= TCP:C:\Jeux\Loki\Autorun\AutoRun.exe:Loki - AutoRun
    "TCP Query User{A82ABEAA-B88D-4F5A-9C30-FFC4FC9308D9}X:\\program files\\codemasters\\dirt\\dirt.exe"= UDP:X:\program files\codemasters\dirt\dirt.exe:D irt.exe
    "UDP Query User{F5771B84-8C5C-4DD8-A066-035BD87676AE}X:\\program files\\codemasters\\dirt\\dirt.exe"= TCP:X:\program files\codemasters\dirt\dirt.exe:D irt.exe
    "{5A7E82B2-4AB2-44FC-99D2-E26CE013BA38}"= UDP:C:\Program Files\Player Metaboli\GPlayer.exe:p layer Metaboli
    "{DD26051F-133E-4170-92D6-D7B89757EA48}"= TCP:C:\Program Files\Player Metaboli\GPlayer.exe:p layer Metaboli
    "{6B904E5D-A751-4371-B51D-23EF4C9B5BDF}"= UDP:C:\Program Files\Player Metaboli\Uninstall.exe:D ésinstaller le Player
    "{5447E65F-F706-4C57-913A-5B03964805AF}"= TCP:C:\Program Files\Player Metaboli\Uninstall.exe:D ésinstaller le Player
    "TCP Query User{39907C38-04FE-43F5-8C76-5EE95894D9B0}X:\\program files\\silverfall\\silverfall.exe"= UDP:X:\program files\silverfall\silverfall.exe:silverfall.exe
    "UDP Query User{0FA7B373-88B4-455D-9201-2322B9B1129D}X:\\program files\\silverfall\\silverfall.exe"= TCP:X:\program files\silverfall\silverfall.exe:silverfall.exe
    "TCP Query User{CCE3F684-DD14-414E-9472-6EB3E64991DB}X:\\program files\\codemasters\\turning point - fall of liberty\\binaries\\ltcg-tpgame.exe"= UDP:X:\program files\codemasters\turning point - fall of liberty\binaries\ltcg-tpgame.exe:ltcg-tpgame.exe
    "UDP Query User{2687CBEC-EBA8-4627-AD32-A9C5F28FE6AF}X:\\program files\\codemasters\\turning point - fall of liberty\\binaries\\ltcg-tpgame.exe"= TCP:X:\program files\codemasters\turning point - fall of liberty\binaries\ltcg-tpgame.exe:ltcg-tpgame.exe
    "{B7F5F6B9-F468-4D1E-8AD9-16E6A49AFCAE}"= UDP:C:\Jeux\Mass Effect\Binaries\MassEffect.exe:Mass Effect Game
    "{2FA9F2D2-6F20-4F23-A9C4-652D0DB9D190}"= TCP:C:\Jeux\Mass Effect\Binaries\MassEffect.exe:Mass Effect Game
    "{1FB4F222-8C19-4848-A88B-0BDB8BFC1273}"= UDP:C:\Jeux\Mass Effect\MassEffectLauncher.exe:Mass Effect Launcher
    "{14492692-37B4-44B8-B180-A1D5543DCCCD}"= TCP:C:\Jeux\Mass Effect\MassEffectLauncher.exe:Mass Effect Launcher
    "{C477F5A5-F570-4DEA-8838-B35C21AA5C07}"= UDP:C:\Jeux\BFME2\game.dat:La Bataille pour la Terre du Milieu ™ II
    "{C05F320D-04B8-4586-9BA4-328B94FCA6C1}"= TCP:C:\Jeux\BFME2\game.dat:La Bataille pour la Terre du Milieu ™ II
    "{1A3E3812-388A-47B9-952A-CC258677DF28}"= UDP:C:\Jeux\TWK\game.dat:LSDA, L'Avènement du Roi-sorcier™
    "{CAA6C3F7-AA59-4567-9F1B-C45CFD3E95F2}"= TCP:C:\Jeux\TWK\game.dat:LSDA, L'Avènement du Roi-sorcier™
    "{4A386DBD-1C4E-4A09-9701-E5ECC4B07FF4}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
    "TCP Query User{69A797DE-09D2-4C64-8353-434DBF505018}C:\\program files\\sierra\\homeworld2\\bin\\release\\homeworld2.exe"= UDP:C:\program files\sierra\homeworld2\bin\release\homeworld2.exe:Homeworld2
    "UDP Query User{27DF12AA-1A15-4B87-B7A5-5A0B12A2FF9F}C:\\program files\\sierra\\homeworld2\\bin\\release\\homeworld2.exe"= TCP:C:\program files\sierra\homeworld2\bin\release\homeworld2.exe:Homeworld2

    R1 oreans32;oreans32;C:\Windows\system32\drivers\oreans32.sys [2007-05-10 18:33]
    R2 X4HSX32Ex;X4HSX32Ex;C:\Program Files\Player Metaboli\X4HSX32Ex.Sys [2007-11-14 11:30]
    S3 R300;R300;C:\Windows\system32\DRIVERS\atikmdag.sys [2006-11-02 09:36]
    S3 Steam Client Service;Steam Client Service;C:\Program Files\Common Files\Steam\SteamService.exe [2008-03-31 17:16]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\J]
    \shell\Auto\command - AdobeR.exe e
    \shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL J:\

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\K]
    \shell\AutoRun\command - K:\LaunchU3.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5d744c7b-f273-11db-83f1-806e6f6e6963}]
    \shell\AutoRun\command - I:\autoplay.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{db3f0e71-f336-11db-bb19-00146ccc53f5}]
    \shell\AutoRun\command - K:\LaunchU3.exe

    .
    Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
    "2008-06-22 23:46:04 C:\Windows\Tasks\User_Feed_Synchronization-{42EE8150-6974-4E25-8FEC-2107DB197EDA}.job"
    - C:\Windows\system32\msfeedssync.exe
    .
    **************************************************************************

    catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-06-24 02:50:03
    Windows 6.0.6001 Service Pack 1 NTFS

    Balayage processus cachés ...

    Balayage caché autostart entries ...

    Balayage des fichiers cachés ...

    Scan terminé avec succès
    Les fichiers cachés: 0

    **************************************************************************
    .
    Temps d'accomplissement: 2008-06-24 2:51:08
    ComboFix-quarantined-files.txt 2008-06-24 00:51:05

    Pre-Run: 40,573,292,544 octets libres
    Post-Run: 40,566,956,032 octets libres

    361 --- E O F --- 2008-06-22 13:20:32

    y-a-t-il encore des virus ?


    24 Juin 2008 13:03:36

    Re,

    Je te conseille de désinstaller et de supprimer tes programmes de p2p : 50% des programmes que tu télécharges via le p2p sont piégés.

    Ta console JAVA n'est pas à jour. Désinstalle ta console Java via Ajout/Suppression de programmes. Puis installe la dernière version :
    http://www.java.com/fr/download/manual.jsp

  • Fais un scan en ligne Kaspersky avec Internet Explorer :
  • Clique sur
  • Clique maintenant sur J'accepte.
  • Valide l'installation d'un ou de plusieurs ActiveX si c'est nécessaire.
  • Patiente pendant l'installation des Mises à jour.
  • Choisis par la suite l'analyse du Poste de travail
  • Sauvegarde puis colle le rapport généré en fin d'analyse.

    AIDE : Tuto sur le scan en ligne

    NOTE : Si tu reçois le message "La licence de Kaspersky On-line Scanner est périmée", va dans Ajout/Suppression de programmes puis désinstalle On-Line Scanner, reconnecte toi sur le site de Kaspersky pour retenter le scan en ligne.

    ;) 
    25 Juin 2008 13:08:19

    Re bonjour,

    Mise à jour effectuée et voilà le rapport Kaspersky qui semble bon :


    Wednesday, June 25, 2008 12:07:21 PM
    Système d'exploitation : Home Edition, Service Pack 1 (Build 6001)
    Kaspersky On-line Scanner version : 5.0.83.0
    Dernière mise à jour de la base antivirus Kaspersky : 25/06/2008
    Enregistrements dans la base antivirus Kaspersky : 784911


    Paramètres d'analyse
    Analyser avec la base antivirus suivante standard
    Analyser les archives vrai
    Analyser les bases de messagerie vrai

    Cible de l'analyse Poste de travail
    C:\
    D:\
    E:\
    F:\
    G:\
    H:\
    I:\

    Statistiques de l'analyse
    Total d'objets analysés 428650
    Nombre de virus trouvés 0
    Nombre d'objets infectés 0 / 0
    Nombre d'objets suspects 0
    Durée de l'analyse 03:12:07

    Nom de l'objet infecté Nom du virus Dernière action
    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\MSS.log L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\MSStmp.log L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\tmp.edb L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Temp\usgthrsvc\Ntf6699.tmp L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Temp\usgthrsvc\Ntf669A.tmp L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\MSS.log L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\MSStmp.log L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\tmp.edb L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Windows.edb L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Temp\usgthrsvc\Ntf6699.tmp L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Temp\usgthrsvc\Ntf669A.tmp L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows Defender\Support\MPLog-11022006-050241.log L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.349.Crwl L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.349.gthr L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\MSS.log L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\MSStmp.log L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\CiPT0000.000 L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\Used0000.000 L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SecStore\CiST0000.000 L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk1.gthr L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk2.gthr L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\tmp.edb L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Windows.edb L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Temp\usgthrsvc\Ntf6699.tmp L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Temp\usgthrsvc\Ntf669A.tmp L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows Defender\Support\MPLog-11022006-050241.log L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.349.Crwl L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.349.gthr L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\MSS.log L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\MSStmp.log L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010001.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010004.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010006.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000A.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000C.ci L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000C.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000C.wsb L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000D.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000E.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010011.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010016.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010017.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010018.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010019.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010023.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010024.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010028.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\INDEX.000 L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\CiPT0000.000 L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\Used0000.000 L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SecStore\CiST0000.000 L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk1.gthr L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk2.gthr L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Ntfy2964.gthr L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\tmp.edb L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Windows.edb L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Temp\usgthrsvc\Ntf6699.tmp L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Temp\usgthrsvc\Ntf669A.tmp L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows Defender\Support\MPLog-11022006-050241.log L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.349.Crwl L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.349.gthr L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\MSS.log L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\MSStmp.log L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010001.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010004.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010006.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000A.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000C.ci L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000C.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000C.wsb L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000D.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000E.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010011.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010016.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010017.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010018.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010019.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010023.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010024.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010028.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\INDEX.000 L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\CiPT0000.000 L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\Used0000.000 L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SecStore\CiST0000.000 L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk1.gthr L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk2.gthr L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Ntfy2964.gthr L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\tmp.edb L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Windows.edb L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Temp\usgthrsvc\Ntf6699.tmp L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Temp\usgthrsvc\Ntf669A.tmp L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows Defender\Support\MPLog-11022006-050241.log L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.349.Crwl L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.349.gthr L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\MSS.log L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\MSStmp.log L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010001.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010004.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010006.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000A.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000C.ci L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000C.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000C.wsb L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000D.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000E.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010011.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010016.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010017.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010018.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010019.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010023.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010024.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010028.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\INDEX.000 L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\CiPT0000.000 L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\Used0000.000 L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SecStore\CiST0000.000 L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk1.gthr L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk2.gthr L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Ntfy2964.gthr L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\tmp.edb L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Windows.edb L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Temp\usgthrsvc\Ntf6699.tmp L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Temp\usgthrsvc\Ntf669A.tmp L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows Defender\Support\MPLog-11022006-050241.log L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.349.Crwl L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.349.gthr L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\MSS.log L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\MSStmp.log L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010001.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010004.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010006.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000A.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000C.ci L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000C.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000C.wsb L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000D.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000E.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010011.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010016.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010017.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010018.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010019.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010023.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010024.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010028.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\INDEX.000 L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\CiPT0000.000 L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\Used0000.000 L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SecStore\CiST0000.000 L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk1.gthr L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk2.gthr L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Ntfy2964.gthr L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\tmp.edb L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Windows.edb L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Temp\usgthrsvc\Ntf6699.tmp L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Temp\usgthrsvc\Ntf669A.tmp L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows Defender\Support\MPLog-11022006-050241.log L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.349.Crwl L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.349.gthr L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\MSS.log L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\MSStmp.log L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010001.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010004.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010006.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000A.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000C.ci L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000C.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000C.wsb L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000D.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000E.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010011.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010016.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010017.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010018.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010019.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010023.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010024.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010028.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\INDEX.000 L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\CiPT0000.000 L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\Used0000.000 L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SecStore\CiST0000.000 L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk1.gthr L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk2.gthr L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Ntfy2964.gthr L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\tmp.edb L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Windows.edb L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Search\Data\Temp\usgthrsvc\Ntf6699.tmp L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Search\Data\Temp\usgthrsvc\Ntf669A.tmp L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Windows Defender\Support\MPLog-11022006-050241.log L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.349.Crwl L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.349.gthr L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\MSS.log L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\MSStmp.log L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010001.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010004.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010006.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000A.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000C.ci L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000C.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000C.wsb L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000D.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000E.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010011.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010016.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010017.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010018.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010019.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010023.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010024.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010028.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\INDEX.000 L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\CiPT0000.000 L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\Used0000.000 L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SecStore\CiST0000.000 L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk1.gthr L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk2.gthr L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Ntfy2964.gthr L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\tmp.edb L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Windows.edb L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Microsoft\Search\Data\Temp\usgthrsvc\Ntf6699.tmp L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Microsoft\Search\Data\Temp\usgthrsvc\Ntf669A.tmp L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Application Data\Microsoft\Windows Defender\Support\MPLog-11022006-050241.log L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.349.Crwl L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.349.gthr L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\MSS.log L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\MSStmp.log L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010001.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010004.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010006.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000A.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000C.ci L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000C.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000C.wsb L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000D.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000E.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010011.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010016.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010017.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010018.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010019.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010023.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010024.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010028.wid L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\INDEX.000 L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\CiPT0000.000 L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\Used0000.000 L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SecStore\CiST0000.000 L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk1.gthr L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk2.gthr L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Ntfy2964.gthr L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\tmp.edb L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Windows.edb L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Temp\usgthrsvc\Ntf6699.tmp L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Temp\usgthrsvc\Ntf669A.tmp L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Support\MPLog-11022006-050241.log L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.349.Crwl L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.349.gthr L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Microsoft\Search\Data\Applications\Windows\MSS.log L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Microsoft\Sear
    25 Juin 2008 13:50:06

    Re,

    1) Crée un fichier Bloc Notes avec le texte qui se trouve dans l'espace ci-dessous (copie/colle) :


    Citation :
    REGEDIT4

    [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\J]


    -Enregistrer ce fichier dans : Bureau
    -Nom du fichier : fix.reg
    -Type : tous les fichiers !!!
    -cliquer sur Enregistrer
    -quitter le Bloc Notes

    Utilisation du fichier: fix.reg
    - double cliquer sur le fichier (Bureau) / Accepter l'avertissement concernant la fusion / ne pas s'étonner de ne rien voir / valider le message disant que la fusion est terminée.

    2) Téléchargez Flash_Disinfector.exe de sUBs et sauvegardez-le sur ton bureau.

  • Double-cliquez sur Flash_Disinfector.exe pour le lancer et suivez toutes les indications qui apparaissent.
  • Cet utilitaire pourra éventuellement vous demander d'insérer vos disques amovibles ( clés usb, disque dur externe, téléphone portable etc. ). Merci de le faire et d'autoriser Flash_Disinfector à les nettoyer, car ils sont susceptibles d'être infectés.
  • Patientez jusqu'à ce que le scan soit fini et quittez ensuite le programme.
  • Redémarrez votre ordinateur une fois la chose faite.

    Note : Flash_Disinfector va créer un fichier caché nommé "autorun.inf" sur chacun des disques amovibles branchés sur votre ordinateur au moment du scan. Ne détruisez pas ces fichiers... car ces derniers vous protègeront d'une éventuelle future infection par disques amovibles.

    Information : Pour en savoir plus sur les infections par disques amovibles, clique **ICI**

    Une fois que cela aura été fait, nous pourrons ensuite procéder à la désinfection de vos disques amovibles, donc laissez-les brancher le temps de la désinfection et éviter de les utiliser.

    3) Suis ces étapes pour désinstaller proprement combofix et les tools que nous avons utilisés pendant la désinfection

  • Menu démarrer puis exécuter
  • Tape maintenant Combofix /u dans la fenêtre que apparaît puis valide par OK. Veille à bien laisser un espace entre le X et le /U, car cela est nécessaire ici.


    4) Poste un nouveau rapport HijackThis et dis-moi comment va le PC.

    ;) 
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS