Tom's Guide > Forum > Sécurité - Virus > Virus Generic.Qhost

Virus Generic.Qhost

Forum Sécurité - Virus : Virus Generic.Qhost

TomsGuide.com : 800 000 inscrits répondent à toutes vos questions high-tech et informatique. Pour obtenir de l'aide, inscrivez-vous gratuitement !
Créer un nouveau sujet Répondre
Mot :    Pseudo :           
 
Piwhy   22-06-2008 à 18:35:35

Bonjour,

Au démarrage de mon ordinateur mon antivirus m'alerte sur un virus (Generic.qhost à priori). J'ai beau essayer de supprimer les fichiers ou de les mettre en quarantaine, à chaque reboot j'ai la même alerte...

J'ai pris connaissance des différents posts sur ce forum concernant ce problème et j'ai donc essayer d'y remédier à l'aide de CCLeaner et d'Ewido, en mode sans echec, mais rien n'y fait.

Je sollicte donc un peu de votre temps, pouvez-vous m'aider ?

je vous donne le rapport de Hijackthis :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:14:40, on 22/06/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\BullGuard Software\BullGuard\BullGuard.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\NETGEAR\WPN311\wlancfg5.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\msnbootcf.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\PiWhy\Desktop\Virus\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.medion.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {6005A2C4-19B8-4002-9A68-64A1CE169E14} - C:\Windows\system32\TapiMjgPlugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: (no name) - {F86B11F3-0CE1-475F-9541-5329BF7B3597} - C:\Windows\system32\urqRJDsr.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [BullGuard] "C:\Program Files\BullGuard Software\BullGuard\bullguard.exe" -boot
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\GoogleEULA\EULALauncher.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [MSN Booter] msnbootcf.exe
O4 - HKLM\..\Run: [MSServer] rundll32.exe C:\Windows\system32\urqRJDsr.dll,#1
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [BullGuard] "C:\Program Files\BullGuard Software\BullGuard\BullGuard.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: NETGEAR WPN311 Smart Wizard.lnk = C:\Program Files\NETGEAR\WPN311\wlancfg5.exe
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: BullGuard LiveUpdate (BGLiveSvc) - BullGuard Software - C:\Program Files\BullGuard Software\BullGuard\BullGuardUpdate.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

--
End of file - 7547 bytes

Répondre
Liens sponsorisés
Inscrivez-vous ou connectez-vous pour masquer ceci.
Egwene   22-06-2008 à 18:43:29
- 0 +

:hello: Bonjour,

Désactive l'UAC ( Menu Démarrer \ Panneau de Configuration \ Comptes d'utilisateurs et protection des utilisateurs \ Comptes d'utilisateurs \ Activer ou désactiver le contrôle des comptes d'utilisateurs \ décoche la case Utiliser le contrôle ... et valide par OK , il te sera demandé de redémarrer, fais le )

Télécharge Combofix à partir d'**ICI** ou bien **ICI** et enregistre-le sur ton bureau.

**Note 1 : Dans le cas où tu aurais déjà une version de combofix, il faudra que tu en télécharges une autre, la toute dernière. De plus il est très important de le sauvegarder directement sur ton bureau.**

  • Merci de ne jamais renommer Combofix, sauf si cela t'es expressément demandé.
  • Ferme toutes les fenêtres en cours, sans exception.
  • Désactive toutes les protections résidentes de tous tes logiciels antivirus, antispyware etc. afin que ces derniers n'interfèrent pas avec le bonfonctionnement de Combofix.

Très important : Désactive temporairement toutes tes protections résidentes de tous tes logiciels de sécurité avant de lancer un scan avec Combofix. Ils risqueraient d'altérer le bon déroulement du scan de Combofix, ce qui pourrait avoir des conséquences imprévues et désastreuses.

  • Clique sur ce lien pour voir une liste de programmes qui devraient systématiquement être désactivés avant l'utilisation de combofix. A noter que la liste n'est pas exhaustive. Si ton logiciel de sécurité n'est pas dans cette liste et que tu ne sais pas comment le désactiver, ou que tu ne comprends pas l'anglais :p , merci de me poser la question.
  • ATTENTION : Combofix va automatiquement te déconnecter d'internet dès que le scan débute.
  • Merci ne pas essayer de reconnecter ta machine à internet tant que combofix n'a pas fini son travail.
  • Si jamais tu n'arrives plus à te connecter à internet après l'utilisation de combofix, redémarre ton PC pour restaurer la connexion à internet.
  • Double clique sur combofix.exe et suis les instructions qui s'affichent.
  • Quand le scan sera fini, un rapport devrait normalement s'afficher à l'écran.
  • Merci de poster le rapport suivant, "C:\ComboFix.txt" , dans votre prochaine réponse, accompagné d'un nouveau rapport HiJackThis.


**Note 2 : Ne pas cliquer dans la fenêtre de combofix pendant qu'il travaille. Tu risquerais de planter le PC et de causer d'importants dommages.**

;)

------------------------------ Prière de signaler si vous vous faites déjà aider sur un autre forum ou dans un autre topic.

Sécurité / Prévention
Répondre à Egwene
Piwhy   22-06-2008 à 20:22:40
- 0 +

Merci pour cette réponse plus que rapide.

Quelques précisions sur le virus:
le fichier infecté semble être "hosts", le nom du virus "Generic.Qhost.31A25FE3", emplacement d'origine:" C:\Windows\system32\drivers\etc"

voici les logs ( un peu longs... dsl)

J'attends la prochaine étape :)

ComboFix 08-06-20.4 - PiWhy 2008-06-22 19:47:05.1 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.1.1036.18.1228 [GMT 2:00]
Endroit: C:\Users\PiWhy\Desktop\ComboFix.exe
* Création d'un nouveau point de restauration
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Windows\System32\rCfiPpVw.ini
C:\Windows\System32\rCfiPpVw.ini2

.
((((((((((((((((((((((((((((( Fichiers créés 2008-05-22 to 2008-06-22 ))))))))))))))))))))))))))))))))))))
.

2008-06-22 16:18 . 2008-06-22 16:18 <REP> d-------- C:\Users\PiWhy\AppData\Roaming\Grisoft
2008-06-22 16:17 . 2008-06-22 16:17 <REP> d-------- C:\Users\All Users\Grisoft
2008-06-22 16:17 . 2008-06-22 16:17 <REP> d-------- C:\ProgramData\Grisoft
2008-06-22 16:17 . 2007-05-30 14:10 10,872 --a------ C:\Windows\System32\drivers\AvgAsCln.sys
2008-06-22 16:16 . 2008-06-22 16:16 <REP> d-------- C:\Program Files\CCleaner
2008-06-22 15:51 . 2008-06-22 15:51 <REP> d-------- C:\VundoFix Backups
2008-06-22 15:33 . 2008-06-22 15:33 <REP> d-------- C:\PerfLogs
2008-06-21 15:46 . 2008-06-21 15:50 <REP> d-------- C:\Program Files\DAEMON Tools Lite
2008-06-21 15:37 . 2008-06-21 15:37 <REP> d-------- C:\Users\PiWhy\AppData\Roaming\DAEMON Tools
2008-06-21 15:36 . 2008-06-21 15:37 3,702,216 --a------ C:\temp\daemon4123-lite.exe
2008-06-21 15:22 . 2008-06-21 15:22 <REP> d-------- C:\Users\PiWhy\AppData\Roaming\DaemonTools
2008-06-21 15:22 . 2008-06-16 15:19 41,984 -r-hs---- C:\Windows\System32\msnbootcf.exe
2008-06-20 22:41 . 2008-01-19 09:35 9,847,296 --a------ C:\Windows\System32\NlsData000a.dll
2008-06-20 22:40 . 2008-01-19 09:34 6,103,040 --a------ C:\Windows\System32\chtbrkr.dll
2008-06-20 22:39 . 2008-01-19 08:06 8,147,456 --a------ C:\Windows\System32\wmploc.DLL
2008-06-20 22:38 . 2008-01-19 09:36 704,512 --a------ C:\Windows\System32\SmiEngine.dll
2008-06-20 22:38 . 2008-01-19 09:36 357,888 --a------ C:\Windows\System32\wbemcomn.dll
2008-06-20 22:38 . 2008-01-19 09:36 218,624 --a------ C:\Windows\System32\wdscore.dll
2008-06-20 22:38 . 2008-01-19 09:36 139,264 --a------ C:\Windows\System32\SmiInstaller.dll
2008-06-20 22:38 . 2008-01-19 09:33 130,560 --a------ C:\Windows\System32\PkgMgr.exe
2008-06-20 22:37 . 2008-01-19 09:34 305,152 --a------ C:\Windows\System32\msdelta.dll
2008-06-20 22:37 . 2008-01-19 09:34 258,560 --a------ C:\Windows\System32\dpx.dll
2008-06-20 22:37 . 2008-01-19 09:34 246,784 --a------ C:\Windows\System32\drvstore.dll
2008-06-20 22:37 . 2008-01-19 09:35 35,328 --a------ C:\Windows\System32\mspatcha.dll
2008-06-20 13:35 . 2008-06-21 16:49 <REP> d-------- C:\Users\PiWhy\AppData\Roaming\Mes fichiers de LSDA, L'Avènement du Roi-sorcier™
2008-06-19 17:53 . 2008-06-22 19:32 43,520 --a------ C:\Windows\System32\CmdLineExt03.dll
2008-06-18 21:57 . 2008-06-18 23:25 <REP> d-------- C:\Users\PiWhy\AppData\Roaming\La Bataille pour la Terre du Milieu ™ II
2008-06-18 02:14 . 2008-06-18 02:14 <REP> d-------- C:\Program Files\Common Files\BioWare
2008-06-15 00:45 . 2008-04-23 06:42 428,544 --a------ C:\Windows\System32\EncDec.dll
2008-06-15 00:45 . 2008-04-23 06:42 293,376 --a------ C:\Windows\System32\psisdecd.dll
2008-06-15 00:45 . 2008-04-23 06:41 218,624 --a------ C:\Windows\System32\psisrndr.ax
2008-06-15 00:45 . 2008-01-19 09:33 80,896 --a------ C:\Windows\System32\MSNP.ax
2008-06-15 00:45 . 2008-01-19 09:33 69,632 --a------ C:\Windows\System32\Mpeg2Data.ax
2008-06-15 00:45 . 2008-04-23 06:41 57,856 --a------ C:\Windows\System32\MSDvbNP.ax
2008-06-11 02:17 . 2008-04-25 04:12 1,383,424 --a------ C:\Windows\System32\mshtml.tlb
2008-06-11 02:17 . 2008-04-26 10:08 1,314,816 --a------ C:\Windows\System32\quartz.dll
2008-06-11 02:17 . 2008-04-25 06:35 826,880 --a------ C:\Windows\System32\wininet.dll
2008-06-11 02:17 . 2008-05-10 03:33 113,664 --a------ C:\Windows\System32\drivers\rmcast.sys
2008-05-31 13:31 . 2008-05-31 15:39 <REP> d-------- C:\Users\PiWhy\Part
2008-05-28 15:19 . 2008-03-08 04:08 4,240,384 --a------ C:\Windows\System32\GameUXLegacyGDFs.dll
2008-05-28 15:19 . 2008-03-08 06:21 1,695,744 --a------ C:\Windows\System32\gameux.dll
2008-05-28 12:33 . 2008-06-17 14:26 <REP> d-------- C:\Users\PiWhy\Stage
2008-05-26 13:43 . 2008-05-26 13:43 <REP> d-------- C:\Windows\System32\AGEIA
2008-05-26 13:43 . 2008-05-26 13:43 <REP> d-------- C:\Program Files\AGEIA Technologies
2008-05-26 13:42 . 2008-05-26 13:42 <REP> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-05-26 01:53 . 2003-03-18 23:14 499,712 --a------ C:\Windows\System32\MSVCP71.DLL

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-22 13:47 174 --sha-w C:\Program Files\desktop.ini
2008-06-22 13:36 --------- d-----w C:\Program Files\Windows Sidebar
2008-06-22 13:36 --------- d-----w C:\Program Files\Windows Photo Gallery
2008-06-22 13:36 --------- d-----w C:\Program Files\Windows Mail
2008-06-22 13:36 --------- d-----w C:\Program Files\Windows Journal
2008-06-22 13:36 --------- d-----w C:\Program Files\Windows Defender
2008-06-22 13:36 --------- d-----w C:\Program Files\Windows Collaboration
2008-06-22 13:36 --------- d-----w C:\Program Files\Windows Calendar
2008-06-22 13:16 82,432 ----a-w C:\Windows\System32\axaltocm.dll
2008-06-22 13:16 101,888 ----a-w C:\Windows\System32\ifxcardm.dll
2008-06-21 14:49 --------- d-----w C:\Users\PiWhy\AppData\Roaming\Mes fichiers de LSDA, L'Avènement du Roi-sorcier™
2008-06-21 13:38 717,296 ----a-w C:\Windows\system32\drivers\sptd.sys
2008-06-21 13:25 --------- d-----w C:\Users\PiWhy\AppData\Roaming\Azureus
2008-06-19 11:01 --------- d-----w C:\Program Files\Azureus
2008-06-18 00:14 --------- d-----w C:\ProgramData\Media Center Programs
2008-06-04 08:59 --------- d-----w C:\Program Files\Player Metaboli
2008-06-02 21:31 107,888 ----a-w C:\Windows\System32\CmdLineExt.dll
2008-05-28 23:05 --------- d-----w C:\ProgramData\Microsoft Help
2008-05-21 19:49 472,576 ----a-w C:\Windows\Nvidia Omega Drivers v1.169.25 Uninstall.exe
2008-05-21 19:49 --------- d-----w C:\Program Files\Nvidia Omega Drivers
2008-05-21 16:48 --------- d-----w C:\Users\PiWhy\AppData\Roaming\Samsung
2008-05-21 16:33 5,632 ----a-w C:\Windows\system32\drivers\StarOpen.sys
2008-05-19 19:02 --------- d-----w C:\Users\PiWhy\AppData\Roaming\Sierra
2008-05-18 16:37 --------- d-----w C:\ProgramData\NVIDIA
2008-05-18 14:46 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-05-16 20:34 --------- d-----w C:\ProgramData\Test Drive Unlimited
2008-05-04 17:06 --------- d-----w C:\ProgramData\Player Metaboli
2008-05-02 13:52 3,584 ----a-w C:\Windows\shotput.bin
2008-04-30 15:27 442,368 ----a-w C:\Windows\System32\nvuninst.exe
2008-04-30 11:55 70,944 ----a-w C:\Windows\System32\PhysXLoader.dll
2008-04-28 11:54 --------- d-----w C:\Program Files\Common Files\Steam
2008-04-28 09:11 53,248 ----a-w C:\Windows\System32\AgCPanelTraditionalChinese.dll
2008-04-28 09:11 53,248 ----a-w C:\Windows\System32\AgCPanelSwedish.dll
2008-04-28 09:11 53,248 ----a-w C:\Windows\System32\AgCPanelSpanish.dll
2008-04-28 09:11 53,248 ----a-w C:\Windows\System32\AgCPanelSimplifiedChinese.dll
2008-04-28 09:11 53,248 ----a-w C:\Windows\System32\AgCPanelPortugese.dll
2008-04-28 09:11 53,248 ----a-w C:\Windows\System32\AgCPanelKorean.dll
2008-04-28 09:11 53,248 ----a-w C:\Windows\System32\AgCPanelJapanese.dll
2008-04-28 09:11 53,248 ----a-w C:\Windows\System32\AgCPanelGerman.dll
2008-04-28 09:11 53,248 ----a-w C:\Windows\System32\AgCPanelFrench.dll
2008-03-27 09:15 14,848 ----a-w C:\Windows\System32\TapiMjgPlugin.dll
2007-11-22 15:04 22,328 ----a-w C:\Users\PiWhy\AppData\Roaming\PnkBstrK.sys
2006-01-25 09:30 456,768 ----a-w C:\Windows\inf\WPN311\WPN311.sys
2005-01-27 08:59 35,232 ----a-w C:\Windows\inf\WPN311\ME_INST.EXE
2005-01-27 08:59 26,112 ----a-w C:\Windows\inf\WPN311\install.exe
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6005A2C4-19B8-4002-9A68-64A1CE169E14}]
2008-03-27 11:15 14848 --a------ C:\Windows\system32\TapiMjgPlugin.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F86B11F3-0CE1-475F-9541-5329BF7B3597}]
C:\Windows\system32\urqRJDsr.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BullGuard"="C:\Program Files\BullGuard Software\BullGuard\BullGuard.exe" [2007-08-09 08:24 308552]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 19:03 152872]
"DAEMON Tools Pro Agent"="C:\Program Files\DAEMON Tools Pro\DTProAgent.exe" [ ]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 09:33 202240]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2008-03-08 17:47 171448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BullGuard"="C:\Program Files\BullGuard Software\BullGuard\bullguard.exe" [2007-08-09 08:24 308552]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-04-04 18:33 220160]
"toolbar_eula_launcher"="C:\Program Files\GoogleEULA\EULALauncher.exe" [ ]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 05:25 144784]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 15:57 153136]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-02-01 00:13 385024]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-02-04 15:18 267048]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2008-05-03 05:46 13535776]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2008-05-03 05:46 92704]
"MSN Booter"="msnbootcf.exe" [2008-06-16 15:19 41984 C:\Windows\System32\msnbootcf.exe]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 11:25 6731312]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
NETGEAR WPN311 Smart Wizard.lnk - C:\Program Files\NETGEAR\WPN311\wlancfg5.exe [2006-02-22 13:49:28 1486848]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{F86B11F3-0CE1-475F-9541-5329BF7B3597}"= C:\Windows\system32\urqRJDsr.dll [ ]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"TCP Query User{E4DADA37-7D29-41F6-B523-D4102B5978CE}C:\\jeux\\w40k dawn of war\\w40k.exe"= UDP:C:\jeux\w40k dawn of war\w40k.exe:W40K
"UDP Query User{C1CACFEF-5A87-4B51-989A-98729121EFF1}C:\\jeux\\w40k dawn of war\\w40k.exe"= TCP:C:\jeux\w40k dawn of war\w40k.exe:W40K
"TCP Query User{F9E41F30-9C05-4F64-9BD6-8441F586D577}C:\\jeux\\w40k dark crusade\\dawn of war - dark crusade\\darkcrusade.exe"= UDP:C:\jeux\w40k dark crusade\dawn of war - dark crusade\darkcrusade.exe:DarkCrusade
"UDP Query User{3AD06547-6BA7-4D07-90AC-35994BC00943}C:\\jeux\\w40k dark crusade\\dawn of war - dark crusade\\darkcrusade.exe"= TCP:C:\jeux\w40k dark crusade\dawn of war - dark crusade\darkcrusade.exe:DarkCrusade
"TCP Query User{FBEDEA14-D51B-45E8-A475-DFB9694E52E9}C:\\jeux\\w40k dawn of war\\w40kwa.exe"= UDP:C:\jeux\w40k dawn of war\w40kwa.exe:W40kWA
"UDP Query User{AFF8F51F-4C62-4BD0-B8CD-3F360ED70FE6}C:\\jeux\\w40k dawn of war\\w40kwa.exe"= TCP:C:\jeux\w40k dawn of war\w40kwa.exe:W40kWA
"TCP Query User{5F2E7246-3AF7-4D4A-AFFF-0D63BF464D1B}C:\\program files\\azureus\\azureus.exe"= UDP:C:\program files\azureus\azureus.exe:Azureus
"UDP Query User{D7E41873-A6E7-4025-9AF1-D4A23BFEC6F5}C:\\program files\\azureus\\azureus.exe"= TCP:C:\program files\azureus\azureus.exe:Azureus
"TCP Query User{57D3AE49-FCC9-48A8-923F-105BF7BB4983}C:\\program files\\dap\\dap.exe"= UDP:C:\program files\dap\dap.exe:Download Accelerator Plus (DAP)
"UDP Query User{D5184EC0-52E6-4569-B5D4-7C5951189D18}C:\\program files\\dap\\dap.exe"= TCP:C:\program files\dap\dap.exe:Download Accelerator Plus (DAP)
"TCP Query User{76ED4023-5442-4E6F-ABEB-1A34CABD054A}C:\\program files\\azureus\\azureus.exe"= UDP:C:\program files\azureus\azureus.exe:Azureus
"UDP Query User{11D7A423-B250-41AC-A14F-E775B8F4AEBE}C:\\program files\\azureus\\azureus.exe"= TCP:C:\program files\azureus\azureus.exe:Azureus
"{9949866F-8C41-44BC-9FCE-A68F45A61859}"= TCP:6004|C:\Program Files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{7B0D9F3C-519B-4C75-A7DA-670285A3C3B4}"= C:\Jeux\C&C3\RetailExe\1.0\cnc3game.dat:Command & Conquer 3 Les guerres du Tiberium™
"TCP Query User{83C0FF87-64A2-492D-8C56-CB1726241F0E}C:\\temp\\wow-burningcrusade-frfr-installer-downloader.exe"= UDP:C:\temp\wow-burningcrusade-frfr-installer-downloader.exe:Blizzard Downloader
"UDP Query User{6EB332B3-2AE2-4CF9-AAB1-8BCEC2A9FC25}C:\\temp\\wow-burningcrusade-frfr-installer-downloader.exe"= TCP:C:\temp\wow-burningcrusade-frfr-installer-downloader.exe:Blizzard Downloader
"{D8E29B49-169C-4CDE-B4D6-D7F25CDBCAF3}"= UDP:3724:Blizzard downloader
"{55CD470C-193D-4502-8B04-DF3B05A13130}"= UDP:6112:Blizzard Downloader
"TCP Query User{0AFBCC03-614E-4B7C-8355-FF953F734846}C:\\jeux\\world of warcraft\\wow-2.0.3-frfr-downloader.exe"= UDP:C:\jeux\world of warcraft\wow-2.0.3-frfr-downloader.exe:Blizzard Downloader
"UDP Query User{5DF81D4B-0C40-47C0-A450-BD6F0E2A32A5}C:\\jeux\\world of warcraft\\wow-2.0.3-frfr-downloader.exe"= TCP:C:\jeux\world of warcraft\wow-2.0.3-frfr-downloader.exe:Blizzard Downloader
"TCP Query User{A8D91EDC-EA04-4FCA-B1C5-CD39A176EC3F}C:\\jeux\\genesis rising\\bin\\genesisrising.exe"= UDP:C:\jeux\genesis rising\bin\genesisrising.exe:GenesisRising
"UDP Query User{00382831-7E0C-40CF-8FE3-06E109A52F2B}C:\\jeux\\genesis rising\\bin\\genesisrising.exe"= TCP:C:\jeux\genesis rising\bin\genesisrising.exe:GenesisRising
"TCP Query User{63D4CFF0-56E3-4FBA-93FC-196C810964E2}C:\\jeux\\pacific storm\\bin\\allies.exe"= UDP:C:\jeux\pacific storm\bin\allies.exe:allies
"UDP Query User{71DAD618-29D1-4D7A-84D2-C31D255C77BC}C:\\jeux\\pacific storm\\bin\\allies.exe"= TCP:C:\jeux\pacific storm\bin\allies.exe:allies
"TCP Query User{B75CAF9B-BD18-4795-B1AE-1AABFABEEC80}C:\\jeux\\steam\\steamapps\\za-ha-dum\\counter-strike source\\hl2.exe"= UDP:C:\jeux\steam\steamapps\za-ha-dum\counter-strike source\hl2.exe:hl2
"UDP Query User{EA22CF5C-9A36-496D-999D-AC568C6D8427}C:\\jeux\\steam\\steamapps\\za-ha-dum\\counter-strike source\\hl2.exe"= TCP:C:\jeux\steam\steamapps\za-ha-dum\counter-strike source\hl2.exe:hl2
"TCP Query User{617CB08D-ECE2-4C29-AE0D-442B43069016}C:\\jeux\\steam\\steamapps\\za-ha-dum\\half-life 2 deathmatch\\hl2.exe"= UDP:C:\jeux\steam\steamapps\za-ha-dum\half-life 2 deathmatch\hl2.exe:hl2
"UDP Query User{15924B34-BD3F-4643-9135-C380A2A370B8}C:\\jeux\\steam\\steamapps\\za-ha-dum\\half-life 2 deathmatch\\hl2.exe"= TCP:C:\jeux\steam\steamapps\za-ha-dum\half-life 2 deathmatch\hl2.exe:hl2
"TCP Query User{1EB45B87-5DCF-4B0E-8E95-34020EB384CF}C:\\jeux\\starcraft\\starcraft.exe"= UDP:C:\jeux\starcraft\starcraft.exe:StarCraft
"UDP Query User{C6161834-4FCD-47E7-A333-A2084DC41077}C:\\jeux\\starcraft\\starcraft.exe"= TCP:C:\jeux\starcraft\starcraft.exe:StarCraft
"TCP Query User{0FC6254D-C3E8-4C6C-81C4-C9C9EA4947F1}C:\\jeux\\steam\\steamapps\\za-ha-dum\\source sdk base\\hl2.exe"= UDP:C:\jeux\steam\steamapps\za-ha-dum\source sdk base\hl2.exe:hl2
"UDP Query User{4EB42EE8-EB34-4773-80C9-E91583391BBE}C:\\jeux\\steam\\steamapps\\za-ha-dum\\source sdk base\\hl2.exe"= TCP:C:\jeux\steam\steamapps\za-ha-dum\source sdk base\hl2.exe:hl2
"TCP Query User{14FD02DA-9EDF-402C-AAC2-9038C29AD082}C:\\jeux\\cod2\\cod2mp_s.exe"= UDP:C:\jeux\cod2\cod2mp_s.exe:CoD2MP_s
"UDP Query User{C74D7375-CBE5-42C6-A17E-D5A293BD9B80}C:\\jeux\\cod2\\cod2mp_s.exe"= TCP:C:\jeux\cod2\cod2mp_s.exe:CoD2MP_s
"TCP Query User{F8713691-F173-4CC4-B6E9-4696E044DE71}C:\\jeux\\lost planet\\lostplanetdx10.exe"= UDP:C:\jeux\lost planet\lostplanetdx10.exe:LostPlanetDx10
"UDP Query User{3F1873A1-F2F4-47AF-BBC8-D8739C8C49E8}C:\\jeux\\lost planet\\lostplanetdx10.exe"= TCP:C:\jeux\lost planet\lostplanetdx10.exe:LostPlanetDx10
"TCP Query User{B166C7C1-13AF-48FF-8825-3989742D440D}C:\\jeux\\titan quest immortal throne\\tqit.exe"= UDP:C:\jeux\titan quest immortal throne\tqit.exe:Tqit
"UDP Query User{F2EBA835-2B60-46E1-A7EC-A0BB8C6610A4}C:\\jeux\\titan quest immortal throne\\tqit.exe"= TCP:C:\jeux\titan quest immortal throne\tqit.exe:Tqit
"TCP Query User{ABC34F29-8C63-4789-8B79-16C07F27E719}C:\\program files\\itunes\\itunes.exe"= UDP:C:\program files\itunes\itunes.exe:iTunes
"UDP Query User{21EDF6A0-0403-4032-8206-6822301EA0EB}C:\\program files\\itunes\\itunes.exe"= TCP:C:\program files\itunes\itunes.exe:iTunes
"TCP Query User{ED104CF3-FA05-4B79-B3A5-76ECA71052D8}C:\\jeux\\bid for power\\quake3.exe"= UDP:C:\jeux\bid for power\quake3.exe:quake3
"UDP Query User{74EFF036-15D8-4075-85D6-E02F6ECFD7A0}C:\\jeux\\bid for power\\quake3.exe"= TCP:C:\jeux\bid for power\quake3.exe:quake3
"TCP Query User{D8262979-8A2D-4105-AF65-CBFA5BC0CD20}C:\\ebfp\\quake3.exe"= UDP:C:\ebfp\quake3.exe:quake3
"UDP Query User{5E6547A8-B121-4DD4-8910-72332ECE761D}C:\\ebfp\\quake3.exe"= TCP:C:\ebfp\quake3.exe:quake3
"TCP Query User{53161A64-B9AA-4D75-B947-C6712C0FA0DD}C:\\jeux\\warcraft iii\\war3.exe"= UDP:C:\jeux\warcraft iii\war3.exe:Warcraft III
"UDP Query User{1A61DE52-54CF-428A-B39B-4C14A71F890B}C:\\jeux\\warcraft iii\\war3.exe"= TCP:C:\jeux\warcraft iii\war3.exe:Warcraft III
"{58CABCDE-3391-4441-930A-A64500A4BFE6}"= UDP:C:\Program Files\LucasArts\Star Wars Empire at War\GameData\sweaw.exe:Star Wars: Empire at War
"{34FBB203-CA19-42B2-B8EE-F2F440418E80}"= TCP:C:\Program Files\LucasArts\Star Wars Empire at War\GameData\sweaw.exe:Star Wars: Empire at War
"TCP Query User{C5A87D24-AAFB-4F01-B01F-E72CD7807D2E}C:\\program files\\ebfp2\\quake3.exe"= UDP:C:\program files\ebfp2\quake3.exe:quake3
"UDP Query User{BD5125C1-AC2A-4F70-B8FE-791D430C2BA2}C:\\program files\\ebfp2\\quake3.exe"= TCP:C:\program files\ebfp2\quake3.exe:quake3
"TCP Query User{071D8468-8A32-4AB4-8A93-C814D715D6CB}C:\\jeux\\ebfp2\\quake3.exe"= UDP:C:\jeux\ebfp2\quake3.exe:quake3
"UDP Query User{73A2FDC5-9FCD-4667-BC93-02ECB26C58D8}C:\\jeux\\ebfp2\\quake3.exe"= TCP:C:\jeux\ebfp2\quake3.exe:quake3
"TCP Query User{44A166B4-174D-41D4-B7B3-8F16DBCCAA93}D:\\ebfp2\\quake3.exe"= UDP:D:\ebfp2\quake3.exe:quake3
"UDP Query User{34739EC2-1946-44E5-AEFE-6066EB9CD926}D:\\ebfp2\\quake3.exe"= TCP:D:\ebfp2\quake3.exe:quake3
"{EA62577E-62EF-49CE-9B0C-52889107EA01}"= UDP:C:\Program Files\LucasArts\Star Wars Empire at War Forces of Corruption\swfoc.exe:Star Wars(R): Empire at War(TM): Forces of Corruption(TM)
"{2ADDEDE2-918E-4D36-A06C-250EEE17A549}"= TCP:C:\Program Files\LucasArts\Star Wars Empire at War Forces of Corruption\swfoc.exe:Star Wars(R): Empire at War(TM): Forces of Corruption(TM)
"TCP Query User{349660D4-A7C4-4D15-A032-7C2E5C8C4676}C:\\jeux\\steam\\steam.exe"= UDP:C:\jeux\steam\steam.exe:Steam
"UDP Query User{8A33A21E-C32B-4459-A7FC-64A6397EF873}C:\\jeux\\steam\\steam.exe"= TCP:C:\jeux\steam\steam.exe:Steam
"TCP Query User{A2FD0000-7AC1-4743-8D6B-35FC73C1D382}C:\\jeux\\steam\\steamapps\\za-ha-dum\\half-life\\hl.exe"= UDP:C:\jeux\steam\steamapps\za-ha-dum\half-life\hl.exe:Half-Life Launcher
"UDP Query User{494B8FF3-B1CF-42CE-87DC-0D0AAE8D2BB9}C:\\jeux\\steam\\steamapps\\za-ha-dum\\half-life\\hl.exe"= TCP:C:\jeux\steam\steamapps\za-ha-dum\half-life\hl.exe:Half-Life Launcher
"TCP Query User{603E8F5A-D281-4CDD-A7BF-63A4255BD20B}C:\\jeux\\alerte\\red alert - a path beyond\\renalert.exe"= UDP:C:\jeux\alerte\red alert - a path beyond\renalert.exe:Renegade
"UDP Query User{ACA25B3E-428B-451B-B63F-B0B484520356}C:\\jeux\\alerte\\red alert - a path beyond\\renalert.exe"= TCP:C:\jeux\alerte\red alert - a path beyond\renalert.exe:Renegade
"{63E0CECF-6602-478A-A71C-BBBD0660D93D}"= UDP:C:\Jeux\Hellgate\Launcher.exe:Hellgate : London
"{DD3FD0ED-DA6A-4303-B64F-B77A75098147}"= TCP:C:\Jeux\Hellgate\Launcher.exe:Hellgate : London
"{9C5DD5A4-DB9C-4E75-AD6D-06CD6C857C49}"= UDP:C:\Jeux\Cod4\iw3mp.exe:Call of Duty(R) 4 - Modern Warfare(TM)
"{2B2F93BB-8016-44FB-BE50-91B1950B56D5}"= TCP:C:\Jeux\Cod4\iw3mp.exe:Call of Duty(R) 4 - Modern Warfare(TM)
"TCP Query User{9F725AEC-F45A-492B-AB14-CEC4AF72E643}C:\\jeux\\freelancer\\exe\\flserver.exe"= UDP:C:\jeux\freelancer\exe\flserver.exe:Freelancer
"UDP Query User{8624F9AD-D8C2-4147-8A4D-A1E825FCDC5C}C:\\jeux\\freelancer\\exe\\flserver.exe"= TCP:C:\jeux\freelancer\exe\flserver.exe:Freelancer
"TCP Query User{0C776082-6228-4E6F-8C1E-3C255BA8EA0C}C:\\windows\\system32\\dpnsvr.exe"= UDP:C:\windows\system32\dpnsvr.exe:Serveur Microsoft DirectPlay 8
"UDP Query User{AE0FCA48-118C-4225-90DD-C1B1FFFBD29E}C:\\windows\\system32\\dpnsvr.exe"= TCP:C:\windows\system32\dpnsvr.exe:Serveur Microsoft DirectPlay 8
"{64A37A2F-60D3-4735-852E-79F2ACE79A91}"= UDP:C:\Jeux\Supreme Commander\GPGNet\GPG.Multiplayer.Client.exe:GPGNet - Supreme Commander
"{76672A7F-692D-4E6A-B4DA-1A2AEC655EB2}"= TCP:C:\Jeux\Supreme Commander\GPGNet\GPG.Multiplayer.Client.exe:GPGNet - Supreme Commander
"{9F6855D0-B108-4D9F-84FA-44BCD51D10B5}"= UDP:C:\Jeux\Supreme Commander Forced Alliance\Supreme Commander - Forged Alliance\bin\ForgedAlliance.exe:Supreme Commander - Forged Alliance
"{EF474F7A-8FA7-43F5-B4DA-5ECB9B77E901}"= TCP:C:\Jeux\Supreme Commander Forced Alliance\Supreme Commander - Forged Alliance\bin\ForgedAlliance.exe:Supreme Commander - Forged Alliance
"{A5080C67-96A1-457B-90A8-FADE9562B813}"= UDP:C:\Jeux\Crysis\Bin32\Crysis.exe:Crysis_32
"{5BCFA230-878C-4DCA-9563-B315369B6219}"= TCP:C:\Jeux\Crysis\Bin32\Crysis.exe:Crysis_32
"{C1466C68-A144-4172-AF4E-842A5E975E5A}"= UDP:C:\Jeux\Crysis\Bin32\CrysisDedicatedServer.exe:CrysisDedicatedServer_32
"{B21FD72B-E492-493A-A610-7E73EECA98FF}"= TCP:C:\Jeux\Crysis\Bin32\CrysisDedicatedServer.exe:CrysisDedicatedServer_32
"{C398B6AA-1D27-4793-8B47-B57C701EB3BB}"= UDP:C:\Windows\System32\PnkBstrA.exe:PnkBstrA
"{55F870AE-23E4-4BBE-98AC-AA7B97B2B854}"= TCP:C:\Windows\System32\PnkBstrA.exe:PnkBstrA
"{F779B62A-C37B-4006-B30C-8BFF1A9BD6F1}"= UDP:C:\Windows\System32\PnkBstrB.exe:PnkBstrB
"{DCC134ED-18C4-47D3-AA18-E78A66920DFE}"= TCP:C:\Windows\System32\PnkBstrB.exe:PnkBstrB
"TCP Query User{943D7364-91AA-4F93-9BDB-97214B9BB9E6}C:\\jeux\\homeworld2\\bin\\release\\homeworld2.exe"= UDP:C:\jeux\homeworld2\bin\release\homeworld2.exe:Homeworld2
"UDP Query User{C5AC1853-DA2A-4720-9298-610D4A0D8F53}C:\\jeux\\homeworld2\\bin\\release\\homeworld2.exe"= TCP:C:\jeux\homeworld2\bin\release\homeworld2.exe:Homeworld2
"TCP Query User{4DF7BB75-0570-42AF-8361-0BD89C3DD54B}C:\\jeux\\freelancer\\exe\\freelancer.exe"= UDP:C:\jeux\freelancer\exe\freelancer.exe:Freelancer
"UDP Query User{A7C7A394-3203-4796-9060-3A48B7BA2630}C:\\jeux\\freelancer\\exe\\freelancer.exe"= TCP:C:\jeux\freelancer\exe\freelancer.exe:Freelancer
"TCP Query User{8FA83A68-0100-48C5-82CF-EA7F72F06075}C:\\program files\\lucasarts\\star wars jedi knight jedi academy\\gamedata\\jamp.exe"= UDP:C:\program files\lucasarts\star wars jedi knight jedi academy\gamedata\jamp.exe:Jedi Academy MultiPlayer
"UDP Query User{4252407A-4AEB-4BA0-9725-39D76C4B680C}C:\\program files\\lucasarts\\star wars jedi knight jedi academy\\gamedata\\jamp.exe"= TCP:C:\program files\lucasarts\star wars jedi knight jedi academy\gamedata\jamp.exe:Jedi Academy MultiPlayer
"TCP Query User{E444222C-CE43-41FA-9FFA-DCB5126FE0F5}C:\\jeux\\nexus\\nexus_dx9.exe"= UDP:C:\jeux\nexus\nexus_dx9.exe:Nexus
"UDP Query User{1844C3D9-313F-40B8-95CB-97175CEB7E17}C:\\jeux\\nexus\\nexus_dx9.exe"= TCP:C:\jeux\nexus\nexus_dx9.exe:Nexus
"{CE745B9D-F132-424F-893B-975458A1C458}"= UDP:C:\Program Files\iTunes\iTunes.exe:iTunes
"{F3C845E8-3D61-4962-ADD8-78580F621A68}"= TCP:C:\Program Files\iTunes\iTunes.exe:iTunes
"{AB5F1450-E85C-4FC2-A7BC-0248149F841E}"= UDP:C:\Jeux\Juiced2\Juiced2_HIN.exe:Juiced2_HIN
"{75C5F911-9426-4769-B516-39E554055718}"= TCP:C:\Jeux\Juiced2\Juiced2_HIN.exe:Juiced2_HIN
"{D53ACAEE-7799-4B1D-B96C-33818DB6787C}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"TCP Query User{8BD1E859-BE9C-414C-9231-F1EE83C1115A}C:\\jeux\\w40k soulstorm\\soulstorm.exe"= UDP:C:\jeux\w40k soulstorm\soulstorm.exe:Soulstorm
"UDP Query User{97286C58-E55F-4F13-87ED-D1295DDBC03D}C:\\jeux\\w40k soulstorm\\soulstorm.exe"= TCP:C:\jeux\w40k soulstorm\soulstorm.exe:Soulstorm
"{B7E69A0B-EC12-4E60-ABBB-CF8171AF3714}"= UDP:C:\Jeux\Neverwinter Nights 2\nwn2main.exe:Neverwinter Nights 2 Main
"{49946CAE-4A1B-454D-A8E9-CF21FA387738}"= TCP:C:\Jeux\Neverwinter Nights 2\nwn2main.exe:Neverwinter Nights 2 Main
"{674C4927-29AB-4BEB-8F08-619B178B34EF}"= UDP:C:\Jeux\Neverwinter Nights 2\nwn2main_amdxp.exe:Neverwinter Nights 2 AMD
"{C5433F34-FE12-490B-A040-74364840DC16}"= TCP:C:\Jeux\Neverwinter Nights 2\nwn2main_amdxp.exe:Neverwinter Nights 2 AMD
"{FD722530-9A0F-43A5-9C4B-F2CC7492FFB2}"= UDP:C:\Jeux\Neverwinter Nights 2\nwupdate.exe:Neverwinter Nights 2 Updater
"{1995BE07-BCA9-4C66-8323-97F8FF8E9BFE}"= TCP:C:\Jeux\Neverwinter Nights 2\nwupdate.exe:Neverwinter Nights 2 Updater
"{FE9038D7-C9C2-49A5-9176-10E8C09B792B}"= UDP:C:\Jeux\Neverwinter Nights 2\nwn2server.exe:Neverwinter Nights 2 Server
"{1F84D1ED-794C-4B66-B804-8CE38296B471}"= TCP:C:\Jeux\Neverwinter Nights 2\nwn2server.exe:Neverwinter Nights 2 Server
"{D143C600-A35D-445C-945C-DB50EEB06468}"= UDP:C:\Jeux\Assassin's Creed\AssassinsCreed_Dx9.exe:Assassin's Creed Dx9
"{C354078B-0BEA-4570-B7FA-A29ECD325901}"= TCP:C:\Jeux\Assassin's Creed\AssassinsCreed_Dx9.exe:Assassin's Creed Dx9
"{2B0581C5-87AF-42F7-8AB9-A2206C5F30EC}"= UDP:C:\Jeux\Assassin's Creed\AssassinsCreed_Dx10.exe:Assassin's Creed Dx10
"{79DE251B-21AC-4E0B-B240-6E0465753D54}"= TCP:C:\Jeux\Assassin's Creed\AssassinsCreed_Dx10.exe:Assassin's Creed Dx10
"{E66ACEAA-91FE-4294-86F4-2C4BD78E9ACB}"= UDP:C:\Jeux\Assassin's Creed\AssassinsCreed_Launcher.exe:Assassin's Creed Update
"{1AFDD4D3-7D93-466A-BB31-366E87D2084E}"= TCP:C:\Jeux\Assassin's Creed\AssassinsCreed_Launcher.exe:Assassin's Creed Update
"TCP Query User{E6F520EE-F5CA-45EB-93A5-A09466F010D9}X:\\program files\\test drive unlimited\\testdriveunlimited.exe"= UDP:X:\program files\test drive unlimited\testdriveunlimited.exe:testdriveunlimited.exe
"UDP Query User{7C39A666-7532-42B8-8FEC-704AE9BAB815}X:\\program files\\test drive unlimited\\testdriveunlimited.exe"= TCP:X:\program files\test drive unlimited\testdriveunlimited.exe:testdriveunlimited.exe
"TCP Query User{ED5ABC60-EA24-4E70-AB82-B523D7CA7D6B}X:\\program files\\battlestations midway\\battlestationsmidway.exe"= UDP:X:\program files\battlestations midway\battlestationsmidway.exe:battlestationsmidway.exe
"UDP Query User{5247B826-FAE5-4246-83C5-61A8461FCE29}X:\\program files\\battlestations midway\\battlestationsmidway.exe"= TCP:X:\program files\battlestations midway\battlestationsmidway.exe:battlestationsmidway.exe
"TCP Query User{9684420A-7200-4706-839C-A429C2D538FD}X:\\program files\\act of war - direct action\\actofwar.exe"= UDP:X:\program files\act of war - direct action\actofwar.exe:actofwar.exe
"UDP Query User{552A9601-9557-426C-A700-3D37C9583C47}X:\\program files\\act of war - direct action\\actofwar.exe"= TCP:X:\program files\act of war - direct action\actofwar.exe:actofwar.exe
"TCP Query User{E2E4AC88-CF61-4375-8727-9F6097E1B602}X:\\program files\\act of war - direct action\\actofwar.exe"= UDP:X:\program files\act of war - direct action\actofwar.exe:actofwar.exe
"UDP Query User{E91D84DD-84F8-4D31-8B6F-6357B2111DDF}X:\\program files\\act of war - direct action\\actofwar.exe"= TCP:X:\program files\act of war - direct action\actofwar.exe:actofwar.exe
"TCP Query User{F8F64DB3-8BEE-49C8-A9CD-2B8041EC96B3}C:\\jeux\\iron man\\ironman.exe"= UDP:C:\jeux\iron man\ironman.exe:A2M Game Engine
"UDP Query User{B02D576E-8B23-487D-976B-EDC595B6EC60}C:\\jeux\\iron man\\ironman.exe"= TCP:C:\jeux\iron man\ironman.exe:A2M Game Engine
"TCP Query User{1A0C7B8A-40FA-4C4A-8606-BB6A5AF6CC5B}X:\\program files\\thq\\company of heroes\\reliccoh.exe"= UDP:X:\program files\thq\company of heroes\reliccoh.exe:reliccoh.exe
"UDP Query User{0E3CC56E-1D44-43A8-81B4-CA1501AC7EFC}X:\\program files\\thq\\company of heroes\\reliccoh.exe"= TCP:X:\program files\thq\company of heroes\reliccoh.exe:reliccoh.exe
"TCP Query User{B70E1F80-4B99-4590-A453-16C11D721AEE}X:\\program files\\thq\\company of heroes\\reliccoh.exe"= UDP:X:\program files\thq\company of heroes\reliccoh.exe:RelicCOH
"UDP Query User{4F02E94E-2DBF-4E07-A004-E99E411C1E08}X:\\program files\\thq\\company of heroes\\reliccoh.exe"= TCP:X:\program files\thq\company of heroes\reliccoh.exe:RelicCOH
"{4090EF21-7D30-4473-82D7-D1CA271BC5C2}"= UDP:C:\Jeux\Loki\Loki.exe:Loki
"{EEAF9DCB-B60E-4BE4-9953-28176347829B}"= TCP:C:\Jeux\Loki\Loki.exe:Loki
"{EE45264A-32EB-45F8-9F32-A2B02FCCC8BB}"= UDP:C:\Jeux\Loki\Autorun\AutoRun.exe:Loki - AutoRun
"{88F817AD-ED0A-4667-97F0-E4E791CA7208}"= TCP:C:\Jeux\Loki\Autorun\AutoRun.exe:Loki - AutoRun
"TCP Query User{A82ABEAA-B88D-4F5A-9C30-FFC4FC9308D9}X:\\program files\\codemasters\\dirt\\dirt.exe"= UDP:X:\program files\codemasters\dirt\dirt.exe:dirt.exe
"UDP Query User{F5771B84-8C5C-4DD8-A066-035BD87676AE}X:\\program files\\codemasters\\dirt\\dirt.exe"= TCP:X:\program files\codemasters\dirt\dirt.exe:dirt.exe
"{5A7E82B2-4AB2-44FC-99D2-E26CE013BA38}"= UDP:C:\Program Files\Player Metaboli\GPlayer.exe:Player Metaboli
"{DD26051F-133E-4170-92D6-D7B89757EA48}"= TCP:C:\Program Files\Player Metaboli\GPlayer.exe:Player Metaboli
"{6B904E5D-A751-4371-B51D-23EF4C9B5BDF}"= UDP:C:\Program Files\Player Metaboli\Uninstall.exe:Désinstaller le Player
"{5447E65F-F706-4C57-913A-5B03964805AF}"= TCP:C:\Program Files\Player Metaboli\Uninstall.exe:Désinstaller le Player
"TCP Query User{39907C38-04FE-43F5-8C76-5EE95894D9B0}X:\\program files\\silverfall\\silverfall.exe"= UDP:X:\program files\silverfall\silverfall.exe:silverfall.exe
"UDP Query User{0FA7B373-88B4-455D-9201-2322B9B1129D}X:\\program files\\silverfall\\silverfall.exe"= TCP:X:\program files\silverfall\silverfall.exe:silverfall.exe
"TCP Query User{CCE3F684-DD14-414E-9472-6EB3E64991DB}X:\\program files\\codemasters\\turning point - fall of liberty\\binaries\\ltcg-tpgame.exe"= UDP:X:\program files\codemasters\turning point - fall of liberty\binaries\ltcg-tpgame.exe:ltcg-tpgame.exe
"UDP Query User{2687CBEC-EBA8-4627-AD32-A9C5F28FE6AF}X:\\program files\\codemasters\\turning point - fall of liberty\\binaries\\ltcg-tpgame.exe"= TCP:X:\program files\codemasters\turning point - fall of liberty\binaries\ltcg-tpgame.exe:ltcg-tpgame.exe
"{B7F5F6B9-F468-4D1E-8AD9-16E6A49AFCAE}"= UDP:C:\Jeux\Mass Effect\Binaries\MassEffect.exe:Mass Effect Game
"{2FA9F2D2-6F20-4F23-A9C4-652D0DB9D190}"= TCP:C:\Jeux\Mass Effect\Binaries\MassEffect.exe:Mass Effect Game
"{1FB4F222-8C19-4848-A88B-0BDB8BFC1273}"= UDP:C:\Jeux\Mass Effect\MassEffectLauncher.exe:Mass Effect Launcher
"{14492692-37B4-44B8-B180-A1D5543DCCCD}"= TCP:C:\Jeux\Mass Effect\MassEffectLauncher.exe:Mass Effect Launcher
"{C477F5A5-F570-4DEA-8838-B35C21AA5C07}"= UDP:C:\Jeux\BFME2\game.dat:La Bataille pour la Terre du Milieu ™ II
"{C05F320D-04B8-4586-9BA4-328B94FCA6C1}"= TCP:C:\Jeux\BFME2\game.dat:La Bataille pour la Terre du Milieu ™ II
"{1A3E3812-388A-47B9-952A-CC258677DF28}"= UDP:C:\Jeux\TWK\game.dat:LSDA, L'Avènement du Roi-sorcier™
"{CAA6C3F7-AA59-4567-9F1B-C45CFD3E95F2}"= TCP:C:\Jeux\TWK\game.dat:LSDA, L'Avènement du Roi-sorcier™
"{4A386DBD-1C4E-4A09-9701-E5ECC4B07FF4}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)

R1 oreans32;oreans32;C:\Windows\system32\drivers\oreans32.sys [2007-05-10 18:33]
R2 BdFileSpy;BullGuard File Monitor Driver;C:\Windows\system32\drivers\BdFileSpy.sys [2007-02-02 17:32]
R2 BsFileScan;BullGuard File Scan Service;C:\Windows\System32\svchost.exe [2008-01-19 09:33]
R2 X4HSX32Ex;X4HSX32Ex;C:\Program Files\Player Metaboli\X4HSX32Ex.Sys [2007-11-14 11:30]
R3 Reconn;BullGuard Email Monitor;C:\Program Files\BullGuard Software\BullGuard\reconn.sys [2007-01-27 12:06]
S3 R300;R300;C:\Windows\system32\DRIVERS\atikmdag.sys [2006-11-02 09:36]
S3 Steam Client Service;Steam Client Service;C:\Program Files\Common Files\Steam\SteamService.exe [2008-03-31 17:16]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
BullGuard REG_MULTI_SZ BgMainSvc BsFileScan BsMailProxy

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\J]
\shell\Auto\command - AdobeR.exe e
\shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL J:\

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\K]
\shell\AutoRun\command - K:\LaunchU3.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5d744c7b-f273-11db-83f1-806e6f6e6963}]
\shell\AutoRun\command - I:\autoplay.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{db3f0e71-f336-11db-bb19-00146ccc53f5}]
\shell\AutoRun\command - K:\LaunchU3.exe

*Newly Created Service* - CATCHME
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-06-21 23:14:10 C:\Windows\Tasks\User_Feed_Synchronization-{42EE8150-6974-4E25-8FEC-2107DB197EDA}.job"
- C:\Windows\system32\msfeedssync.exe
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-22 19:50:26
Windows 6.0.6001 Service Pack 1 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.
Temps d'accomplissement: 2008-06-22 19:51:30
ComboFix-quarantined-files.txt 2008-06-22 17:51:28

Pre-Run: 48,563,879,936 octets libres
Post-Run: 48,551,886,848 octets libres

332 --- E O F --- 2008-06-22 13:20:32


Et celui de HijackThis :


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:22:03, on 22/06/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\BullGuard Software\BullGuard\BullGuard.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\NETGEAR\WPN311\wlancfg5.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\msnbootcf.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\notepad.exe
C:\Windows\Explorer.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Users\PiWhy\Desktop\Virus\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {6005A2C4-19B8-4002-9A68-64A1CE169E14} - C:\Windows\system32\TapiMjgPlugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O2 - BHO: (no name) - {F86B11F3-0CE1-475F-9541-5329BF7B3597} - C:\Windows\system32\urqRJDsr.dll (file missing)
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O4 - HKLM\..\Run: [BullGuard] "C:\Program Files\BullGuard Software\BullGuard\bullguard.exe" -boot
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\GoogleEULA\EULALauncher.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [MSN Booter] msnbootcf.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [BullGuard] "C:\Program Files\BullGuard Software\BullGuard\BullGuard.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: NETGEAR WPN311 Smart Wizard.lnk = C:\Program Files\NETGEAR\WPN311\wlancfg5.exe
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: BullGuard LiveUpdate (BGLiveSvc) - BullGuard Software - C:\Program Files\BullGuard Software\BullGuard\BullGuardUpdate.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

--
End of file - 6999 bytes


Message édité par Piwhy le 22-06-2008 à 20:32:56
Répondre à Piwhy
Egwene   22-06-2008 à 21:49:07
- 0 +

Re,

Télécharge MalwareByte's Anti-Malware sur ton Bureau.
Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.

Une fois l'installation et la mise à jour effectuées, redémarre en mode sans échec.
AIDE : Redémarrer en mode sans échec

  • Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
  • Afin de lancer la recherche, clic sur"Rechercher".
  • Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :

-- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
-- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.

AIDE : Tuto en images sur MBAM

;)


Message édité par Egwene le 22-06-2008 à 21:49:17
------------------------------ Prière de signaler si vous vous faites déjà aider sur un autre forum ou dans un autre topic.

Sécurité / Prévention
Répondre à Egwene
Piwhy   23-06-2008 à 00:50:20
- 0 +

Re,

merci encore de ton aide.

J'ai suivis tes conseils, mais le virus est toujours là, voilà le rapport ;

alwarebytes' Anti-Malware 1.18
Version de la base de données: 880

00:47:14 23/06/2008
mbam-log-6-23-2008 (00-47-14).txt

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 261695
Temps écoulé: 57 minute(s), 27 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 4
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 1

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\CLSID\{f86b11f3-0ce1-475f-9541-5329bf7b3597} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f86b11f3-0ce1-475f-9541-5329bf7b3597} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{6005a2c4-19b8-4002-9a68-64a1ce169e14} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6005a2c4-19b8-4002-9a68-64a1ce169e14} (Trojan.BHO) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{f86b11f3-0ce1-475f-9541-5329bf7b3597} (Trojan.Vundo) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\Windows\System32\TapiMjgPlugin.dll (Trojan.BHO) -> Quarantined and deleted successfully.

Répondre à Piwhy
Egwene   23-06-2008 à 18:30:56
- 0 +

Re,

Tu es infecté(e) par "Vundo". Supprime tous les cracks de ton PC s'ils sont présents car sinon ils relanceront l'infection.

De plus, je te conseille vivement d'arrêter le p2p et le crackage de logiciel. Désinstalle tes logiciels de p2p : 50% des programmes que tu télécharges ainsi sont piégés.

***

Refais un scan avec combofix.

;)

------------------------------ Prière de signaler si vous vous faites déjà aider sur un autre forum ou dans un autre topic.

Sécurité / Prévention
Répondre à Egwene
Piwhy   23-06-2008 à 18:43:30
- 0 +

re une nouvelle fois.

J'ai changer d'antivirus (pris antivir), fait un petit nettoyage de tous mes cracks ,quelques scans, et tout à l'air d'aller mieux !

Merci pour tout tes conseils et ton temps.

Répondre à Piwhy
Egwene   23-06-2008 à 20:37:20
- 0 +

Re,

Peux-tu refaire un scan avec combofix comme demandé ?

;)

------------------------------ Prière de signaler si vous vous faites déjà aider sur un autre forum ou dans un autre topic.

Sécurité / Prévention
Répondre à Egwene
Piwhy   24-06-2008 à 02:54:46
- 0 +

Il est vrai que je n'ai plus symptômes mais la maladie est peu-être toujours là...

Voici le rapport de Combofix et celui de antivir en bonus :

Antivir:

Avira AntiVir Personal
Report file date: mardi 24 juin 2008 01:32

Scanning for 1353152 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows Vista
Windows version: (Service Pack 1) [6.0.6001]
Boot mode: Normally booted
Username: SYSTEM
Computer name: PIWI

Version information:
BUILD.DAT : 8.1.00.295 16479 Bytes 09/04/2008 16:24:00
AVSCAN.EXE : 8.1.2.12 311553 Bytes 18/03/2008 09:02:56
AVSCAN.DLL : 8.1.1.0 53505 Bytes 07/02/2008 08:43:37
LUKE.DLL : 8.1.2.9 151809 Bytes 28/02/2008 08:41:23
LUKERES.DLL : 8.1.2.1 12033 Bytes 21/02/2008 08:28:40
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34
ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 13:08:58
ANTIVIR2.VDF : 7.0.4.195 2546176 Bytes 14/06/2008 10:36:51
ANTIVIR3.VDF : 7.0.4.239 292864 Bytes 23/06/2008 10:36:52
Engineversion : 8.1.0.59
AEVDF.DLL : 8.1.0.5 102772 Bytes 25/02/2008 09:58:21
AESCRIPT.DLL : 8.1.0.44 278907 Bytes 23/06/2008 10:37:01
AESCN.DLL : 8.1.0.22 119157 Bytes 23/06/2008 10:37:00
AERDL.DLL : 8.1.0.20 418165 Bytes 23/06/2008 10:37:00
AEPACK.DLL : 8.1.1.6 364918 Bytes 23/06/2008 10:36:59
AEOFFICE.DLL : 8.1.0.20 192891 Bytes 23/06/2008 10:36:58
AEHEUR.DLL : 8.1.0.32 1274231 Bytes 23/06/2008 10:36:57
AEHELP.DLL : 8.1.0.15 115063 Bytes 23/06/2008 10:36:55
AEGEN.DLL : 8.1.0.29 307573 Bytes 23/06/2008 10:36:54
AEEMU.DLL : 8.1.0.6 430451 Bytes 23/06/2008 10:36:53
AECORE.DLL : 8.1.0.31 168310 Bytes 23/06/2008 10:36:52
AVWINLL.DLL : 1.0.0.7 14593 Bytes 23/01/2008 17:07:53
AVPREF.DLL : 8.0.0.1 25857 Bytes 18/02/2008 10:37:50
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:26:47
AVREG.DLL : 8.0.0.0 30977 Bytes 23/01/2008 17:07:49
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23
AVEVTLOG.DLL : 8.0.0.11 114945 Bytes 28/02/2008 08:31:31
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
SMTPLIB.DLL : 1.2.0.19 28929 Bytes 23/01/2008 17:08:39
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10
RCIMAGE.DLL : 8.0.0.35 2371841 Bytes 10/03/2008 14:37:25
RCTEXT.DLL : 8.0.32.0 86273 Bytes 06/03/2008 12:02:11

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, D:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: mardi 24 juin 2008 01:32

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'iPodService.exe' - '1' Module(s) have been scanned
Scan process 'WmiPrvSE.exe' - '1' Module(s) have been scanned
Scan process 'unsecapp.exe' - '1' Module(s) have been scanned
Scan process 'wmpnetwk.exe' - '1' Module(s) have been scanned
Scan process 'NMIndexingService.exe' - '1' Module(s) have been scanned
Scan process 'wlancfg5.exe' - '1' Module(s) have been scanned
Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned
Scan process 'wmpnscfg.exe' - '1' Module(s) have been scanned
Scan process 'avgas.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'iTunesHelper.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'taskeng.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'dwm.exe' - '1' Module(s) have been scanned
Scan process 'taskeng.exe' - '1' Module(s) have been scanned
Scan process 'WUDFHost.exe' - '1' Module(s) have been scanned
Scan process 'SearchIndexer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'StarWindServiceAE.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'PnkBstrA.exe' - '1' Module(s) have been scanned
Scan process 'mdm.exe' - '1' Module(s) have been scanned
Scan process 'LSSrvc.exe' - '1' Module(s) have been scanned
Scan process 'guard.exe' - '0' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'SLsvc.exe' - '1' Module(s) have been scanned
Scan process 'audiodg.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'nvvsvc.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'lsm.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'wininit.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
53 processes with 53 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
[WARNING] Le périphérique n'est pas prêt.
[INFO] Please restart the search with Administrator rights
Master boot sector HD2
[INFO] No virus was found!
[WARNING] Le périphérique n'est pas prêt.
[INFO] Please restart the search with Administrator rights
Master boot sector HD3
[INFO] No virus was found!
[WARNING] Le périphérique n'est pas prêt.
[INFO] Please restart the search with Administrator rights

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!

Starting to scan the registry.
The registry was scanned ( '9' files ).


Starting the file scan:

Begin scan in 'C:\' <BOOT>
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Windows\System32\drivers\sptd.sys
[WARNING] The file could not be opened!
Begin scan in 'D:\' <RECOVER>


End of the scan: mardi 24 juin 2008 02:41
Used time: 1:09:14 min

The scan has been done completely.

26765 Scanning directories
730036 Files were scanned
0 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
730036 Files not concerned
4801 Archives were scanned
5 Warnings
0 Notes


Combofix:

ComboFix 08-06-20.4 - PiWhy 2008-06-24 2:46:20.2 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.1.1036.18.1253 [GMT 2:00]
Endroit: C:\Users\PiWhy\Desktop\ComboFix.exe
.

((((((((((((((((((((((((((((( Fichiers créés 2008-05-24 to 2008-06-24 ))))))))))))))))))))))))))))))))))))
.

2008-06-23 12:32 . 2008-06-23 12:32 <REP> d-------- C:\Users\All Users\Avira
2008-06-23 12:32 . 2008-06-23 12:32 <REP> d-------- C:\ProgramData\Avira
2008-06-23 12:32 . 2008-06-23 12:32 <REP> d-------- C:\Program Files\Avira
2008-06-22 23:43 . 2008-06-22 23:43 <REP> d-------- C:\Users\PiWhy\AppData\Roaming\Malwarebytes
2008-06-22 23:43 . 2008-06-22 23:43 <REP> d-------- C:\Users\All Users\Malwarebytes
2008-06-22 23:43 . 2008-06-22 23:43 <REP> d-------- C:\ProgramData\Malwarebytes
2008-06-22 23:43 . 2008-06-22 23:43 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-06-22 23:43 . 2008-06-19 17:55 34,296 --a------ C:\Windows\System32\drivers\mbamcatchme.sys
2008-06-22 23:43 . 2008-06-19 17:55 17,144 --a------ C:\Windows\System32\drivers\mbam.sys
2008-06-22 16:18 . 2008-06-22 16:18 <REP> d-------- C:\Users\PiWhy\AppData\Roaming\Grisoft
2008-06-22 16:17 . 2008-06-22 16:17 <REP> d-------- C:\Users\All Users\Grisoft
2008-06-22 16:17 . 2008-06-22 16:17 <REP> d-------- C:\ProgramData\Grisoft
2008-06-22 16:17 . 2007-05-30 14:10 10,872 --a------ C:\Windows\System32\drivers\AvgAsCln.sys
2008-06-22 16:16 . 2008-06-22 16:16 <REP> d-------- C:\Program Files\CCleaner
2008-06-22 15:51 . 2008-06-22 15:51 <REP> d-------- C:\VundoFix Backups
2008-06-22 15:33 . 2008-06-22 15:33 <REP> d-------- C:\PerfLogs
2008-06-21 15:46 . 2008-06-21 15:50 <REP> d-------- C:\Program Files\DAEMON Tools Lite
2008-06-21 15:37 . 2008-06-21 15:37 <REP> d-------- C:\Users\PiWhy\AppData\Roaming\DAEMON Tools
2008-06-21 15:36 . 2008-06-21 15:37 3,702,216 --a------ C:\temp\daemon4123-lite.exe
2008-06-21 15:22 . 2008-06-21 15:22 <REP> d-------- C:\Users\PiWhy\AppData\Roaming\DaemonTools
2008-06-20 22:41 . 2008-01-19 09:35 9,847,296 --a------ C:\Windows\System32\NlsData000a.dll
2008-06-20 22:40 . 2008-01-19 09:34 6,103,040 --a------ C:\Windows\System32\chtbrkr.dll
2008-06-20 22:39 . 2008-01-19 08:06 8,147,456 --a------ C:\Windows\System32\wmploc.DLL
2008-06-20 22:38 . 2008-01-19 09:36 704,512 --a------ C:\Windows\System32\SmiEngine.dll
2008-06-20 22:38 . 2008-01-19 09:36 357,888 --a------ C:\Windows\System32\wbemcomn.dll
2008-06-20 22:38 . 2008-01-19 09:36 218,624 --a------ C:\Windows\System32\wdscore.dll
2008-06-20 22:38 . 2008-01-19 09:36 139,264 --a------ C:\Windows\System32\SmiInstaller.dll
2008-06-20 22:38 . 2008-01-19 09:33 130,560 --a------ C:\Windows\System32\PkgMgr.exe
2008-06-20 22:37 . 2008-01-19 09:34 305,152 --a------ C:\Windows\System32\msdelta.dll
2008-06-20 22:37 . 2008-01-19 09:34 258,560 --a------ C:\Windows\System32\dpx.dll
2008-06-20 22:37 . 2008-01-19 09:34 246,784 --a------ C:\Windows\System32\drvstore.dll
2008-06-20 22:37 . 2008-01-19 09:35 35,328 --a------ C:\Windows\System32\mspatcha.dll
2008-06-20 13:35 . 2008-06-21 16:49 <REP> d-------- C:\Users\PiWhy\AppData\Roaming\Mes fichiers de LSDA, L'Avènement du Roi-sorcier™
2008-06-19 17:53 . 2008-06-23 23:14 43,520 --a------ C:\Windows\System32\CmdLineExt03.dll
2008-06-18 21:57 . 2008-06-18 23:25 <REP> d-------- C:\Users\PiWhy\AppData\Roaming\La Bataille pour la Terre du Milieu ™ II
2008-06-18 02:14 . 2008-06-18 02:14 <REP> d-------- C:\Program Files\Common Files\BioWare
2008-06-15 00:45 . 2008-04-23 06:42 428,544 --a------ C:\Windows\System32\EncDec.dll
2008-06-15 00:45 . 2008-04-23 06:42 293,376 --a------ C:\Windows\System32\psisdecd.dll
2008-06-15 00:45 . 2008-04-23 06:41 218,624 --a------ C:\Windows\System32\psisrndr.ax
2008-06-15 00:45 . 2008-01-19 09:33 80,896 --a------ C:\Windows\System32\MSNP.ax
2008-06-15 00:45 . 2008-01-19 09:33 69,632 --a------ C:\Windows\System32\Mpeg2Data.ax
2008-06-15 00:45 . 2008-04-23 06:41 57,856 --a------ C:\Windows\System32\MSDvbNP.ax
2008-06-11 02:17 . 2008-04-25 04:12 1,383,424 --a------ C:\Windows\System32\mshtml.tlb
2008-06-11 02:17 . 2008-04-26 10:08 1,314,816 --a------ C:\Windows\System32\quartz.dll
2008-06-11 02:17 . 2008-04-25 06:35 826,880 --a------ C:\Windows\System32\wininet.dll
2008-06-11 02:17 . 2008-05-10 03:33 113,664 --a------ C:\Windows\System32\drivers\rmcast.sys
2008-05-31 13:31 . 2008-05-31 15:39 <REP> d-------- C:\Users\PiWhy\Part
2008-05-28 15:19 . 2008-03-08 04:08 4,240,384 --a------ C:\Windows\System32\GameUXLegacyGDFs.dll
2008-05-28 15:19 . 2008-03-08 06:21 1,695,744 --a------ C:\Windows\System32\gameux.dll
2008-05-28 12:33 . 2008-06-17 14:26 <REP> d-------- C:\Users\PiWhy\Stage
2008-05-26 13:43 . 2008-05-26 13:43 <REP> d-------- C:\Windows\System32\AGEIA
2008-05-26 13:43 . 2008-05-26 13:43 <REP> d-------- C:\Program Files\AGEIA Technologies
2008-05-26 13:42 . 2008-05-26 13:42 <REP> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-05-26 01:53 . 2003-03-18 23:14 499,712 --a------ C:\Windows\System32\MSVCP71.DLL

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-22 13:47 174 --sha-w C:\Program Files\desktop.ini
2008-06-22 13:36 --------- d-----w C:\Program Files\Windows Sidebar
2008-06-22 13:36 --------- d-----w C:\Program Files\Windows Photo Gallery
2008-06-22 13:36 --------- d-----w C:\Program Files\Windows Mail
2008-06-22 13:36 --------- d-----w C:\Program Files\Windows Journal
2008-06-22 13:36 --------- d-----w C:\Program Files\Windows Defender
2008-06-22 13:36 --------- d-----w C:\Program Files\Windows Collaboration
2008-06-22 13:36 --------- d-----w C:\Program Files\Windows Calendar
2008-06-22 13:16 82,432 ----a-w C:\Windows\System32\axaltocm.dll
2008-06-22 13:16 101,888 ----a-w C:\Windows\System32\ifxcardm.dll
2008-06-21 14:49 --------- d-----w C:\Users\PiWhy\AppData\Roaming\Mes fichiers de LSDA, L'Avènement du Roi-sorcier™
2008-06-21 13:38 717,296 ----a-w C:\Windows\system32\drivers\sptd.sys
2008-06-21 13:25 --------- d-----w C:\Users\PiWhy\AppData\Roaming\Azureus
2008-06-19 11:01 --------- d-----w C:\Program Files\Azureus
2008-06-18 00:14 --------- d-----w C:\ProgramData\Media Center Programs
2008-06-04 08:59 --------- d-----w C:\Program Files\Player Metaboli
2008-06-02 21:31 107,888 ----a-w C:\Windows\System32\CmdLineExt.dll
2008-05-28 23:05 --------- d-----w C:\ProgramData\Microsoft Help
2008-05-21 19:49 472,576 ----a-w C:\Windows\Nvidia Omega Drivers v1.169.25 Uninstall.exe
2008-05-21 19:49 --------- d-----w C:\Program Files\Nvidia Omega Drivers
2008-05-21 16:48 --------- d-----w C:\Users\PiWhy\AppData\Roaming\Samsung
2008-05-21 16:33 5,632 ----a-w C:\Windows\system32\drivers\StarOpen.sys
2008-05-19 19:02 --------- d-----w C:\Users\PiWhy\AppData\Roaming\Sierra
2008-05-18 16:37 --------- d-----w C:\ProgramData\NVIDIA
2008-05-18 14:46 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-05-16 20:34 --------- d-----w C:\ProgramData\Test Drive Unlimited
2008-05-04 17:06 --------- d-----w C:\ProgramData\Player Metaboli
2008-05-02 13:52 3,584 ----a-w C:\Windows\shotput.bin
2008-04-30 15:27 442,368 ----a-w C:\Windows\System32\nvuninst.exe
2008-04-30 11:55 70,944 ----a-w C:\Windows\System32\PhysXLoader.dll
2008-04-28 11:54 --------- d-----w C:\Program Files\Common Files\Steam
2008-04-28 09:11 53,248 ----a-w C:\Windows\System32\AgCPanelTraditionalChinese.dll
2008-04-28 09:11 53,248 ----a-w C:\Windows\System32\AgCPanelSwedish.dll
2008-04-28 09:11 53,248 ----a-w C:\Windows\System32\AgCPanelSpanish.dll
2008-04-28 09:11 53,248 ----a-w C:\Windows\System32\AgCPanelSimplifiedChinese.dll
2008-04-28 09:11 53,248 ----a-w C:\Windows\System32\AgCPanelPortugese.dll
2008-04-28 09:11 53,248 ----a-w C:\Windows\System32\AgCPanelKorean.dll
2008-04-28 09:11 53,248 ----a-w C:\Windows\System32\AgCPanelJapanese.dll
2008-04-28 09:11 53,248 ----a-w C:\Windows\System32\AgCPanelGerman.dll
2008-04-28 09:11 53,248 ----a-w C:\Windows\System32\AgCPanelFrench.dll
2007-11-22 15:04 22,328 ----a-w C:\Users\PiWhy\AppData\Roaming\PnkBstrK.sys
2006-01-25 09:30 456,768 ----a-w C:\Windows\inf\WPN311\WPN311.sys
2005-01-27 08:59 35,232 ----a-w C:\Windows\inf\WPN311\ME_INST.EXE
2005-01-27 08:59 26,112 ----a-w C:\Windows\inf\WPN311\install.exe
.

((((((((((((((((((((((((((((( snapshot@2008-06-22_19.51.12.65 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-06-22 16:02:36 67,584 --s-a-w C:\Windows\bootstat.dat
+ 2008-06-23 23:26:30 67,584 --s-a-w C:\Windows\bootstat.dat
- 2008-06-22 16:02:41 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2008-06-23 23:26:31 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2008-06-22 16:04:22 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT
+ 2008-06-23 23:27:57 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT
+ 2008-06-23 23:27:57 262,144 ---ha-w C:\Windows\ServiceProfiles\LocalService\ntuser.dat.LOG1
- 2008-06-22 16:04:28 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT
+ 2008-06-23 23:27:52 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT
+ 2008-06-23 23:27:52 262,144 ---ha-w C:\Windows\ServiceProfiles\NetworkService\ntuser.dat.LOG1
- 2008-06-22 17:33:51 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2008-06-23 23:26:31 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2008-06-22 17:33:51 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2008-06-23 23:26:31 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2008-06-22 17:33:51 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2008-06-23 23:26:31 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2008-03-04 11:28:53 79,424 ----a-w C:\Windows\System32\drivers\avipbb.sys
+ 2007-03-01 08:34:22 28,352 ----a-w C:\Windows\System32\drivers\ssmdrv.sys
- 2008-06-22 16:08:12 101,896 ----a-w C:\Windows\System32\perfc009.dat
+ 2008-06-23 23:31:13 101,896 ----a-w C:\Windows\System32\perfc009.dat
- 2008-06-22 16:08:12 124,228 ----a-w C:\Windows\System32\perfc00C.dat
+ 2008-06-23 23:31:13 124,228 ----a-w C:\Windows\System32\perfc00C.dat
- 2008-06-22 16:08:12 589,884 ----a-w C:\Windows\System32\perfh009.dat
+ 2008-06-23 23:31:13 589,884 ----a-w C:\Windows\System32\perfh009.dat
- 2008-06-22 16:08:12 672,096 ----a-w C:\Windows\System32\perfh00C.dat
+ 2008-06-23 23:31:13 672,096 ----a-w C:\Windows\System32\perfh00C.dat
- 2008-06-22 16:04:38 6,968 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2660414465-1700263551-2123966501-1000_UserData.bin
+ 2008-06-23 16:18:25 7,746 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2660414465-1700263551-2123966501-1000_UserData.bin
- 2008-06-22 16:04:38 92,318 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2008-06-23 16:18:25 94,260 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
- 2008-06-21 13:29:56 2,904 ----a-w C:\Windows\System32\WDI\ERCQueuedResolutions.dat
+ 2008-06-23 16:15:27 4,430 ----a-w C:\Windows\System32\WDI\ERCQueuedResolutions.dat
- 2008-06-21 13:17:32 35,484 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2008-06-23 23:28:15 37,136 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 19:03 152872]
"DAEMON Tools Pro Agent"="C:\Program Files\DAEMON Tools Pro\DTProAgent.exe" [ ]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 09:33 202240]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2008-03-08 17:47 171448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-04-04 18:33 220160]
"toolbar_eula_launcher"="C:\Program Files\GoogleEULA\EULALauncher.exe" [ ]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 05:25 144784]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 15:57 153136]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-02-01 00:13 385024]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-02-04 15:18 267048]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2008-05-03 05:46 13535776]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2008-05-03 05:46 92704]
"MSN Booter"="msnbootcf.exe" []
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-02-12 10:06 262401]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 11:25 6731312]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
NETGEAR WPN311 Smart Wizard.lnk - C:\Program Files\NETGEAR\WPN311\wlancfg5.exe [2006-02-22 13:49:28 1486848]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"TCP Query User{E4DADA37-7D29-41F6-B523-D4102B5978CE}C:\\jeux\\w40k dawn of war\\w40k.exe"= UDP:C:\jeux\w40k dawn of war\w40k.exe:W40K
"UDP Query User{C1CACFEF-5A87-4B51-989A-98729121EFF1}C:\\jeux\\w40k dawn of war\\w40k.exe"= TCP:C:\jeux\w40k dawn of war\w40k.exe:W40K
"TCP Query User{F9E41F30-9C05-4F64-9BD6-8441F586D577}C:\\jeux\\w40k dark crusade\\dawn of war - dark crusade\\darkcrusade.exe"= UDP:C:\jeux\w40k dark crusade\dawn of war - dark crusade\darkcrusade.exe:DarkCrusade
"UDP Query User{3AD06547-6BA7-4D07-90AC-35994BC00943}C:\\jeux\\w40k dark crusade\\dawn of war - dark crusade\\darkcrusade.exe"= TCP:C:\jeux\w40k dark crusade\dawn of war - dark crusade\darkcrusade.exe:DarkCrusade
"TCP Query User{FBEDEA14-D51B-45E8-A475-DFB9694E52E9}C:\\jeux\\w40k dawn of war\\w40kwa.exe"= UDP:C:\jeux\w40k dawn of war\w40kwa.exe:W40kWA
"UDP Query User{AFF8F51F-4C62-4BD0-B8CD-3F360ED70FE6}C:\\jeux\\w40k dawn of war\\w40kwa.exe"= TCP:C:\jeux\w40k dawn of war\w40kwa.exe:W40kWA
"TCP Query User{5F2E7246-3AF7-4D4A-AFFF-0D63BF464D1B}C:\\program files\\azureus\\azureus.exe"= UDP:C:\program files\azureus\azureus.exe:Azureus
"UDP Query User{D7E41873-A6E7-4025-9AF1-D4A23BFEC6F5}C:\\program files\\azureus\\azureus.exe"= TCP:C:\program files\azureus\azureus.exe:Azureus
"TCP Query User{57D3AE49-FCC9-48A8-923F-105BF7BB4983}C:\\program files\\dap\\dap.exe"= UDP:C:\program files\dap\dap.exe:Download Accelerator Plus (DAP)
"UDP Query User{D5184EC0-52E6-4569-B5D4-7C5951189D18}C:\\program files\\dap\\dap.exe"= TCP:C:\program files\dap\dap.exe:Download Accelerator Plus (DAP)
"TCP Query User{76ED4023-5442-4E6F-ABEB-1A34CABD054A}C:\\program files\\azureus\\azureus.exe"= UDP:C:\program files\azureus\azureus.exe:Azureus
"UDP Query User{11D7A423-B250-41AC-A14F-E775B8F4AEBE}C:\\program files\\azureus\\azureus.exe"= TCP:C:\program files\azureus\azureus.exe:Azureus
"{9949866F-8C41-44BC-9FCE-A68F45A61859}"= TCP:6004|C:\Program Files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{7B0D9F3C-519B-4C75-A7DA-670285A3C3B4}"= C:\Jeux\C&C3\RetailExe\1.0\cnc3game.dat:Command & Conquer 3 Les guerres du Tiberium™
"TCP Query User{83C0FF87-64A2-492D-8C56-CB1726241F0E}C:\\temp\\wow-burningcrusade-frfr-installer-downloader.exe"= UDP:C:\temp\wow-burningcrusade-frfr-installer-downloader.exe:Blizzard Downloader
"UDP Query User{6EB332B3-2AE2-4CF9-AAB1-8BCEC2A9FC25}C:\\temp\\wow-burningcrusade-frfr-installer-downloader.exe"= TCP:C:\temp\wow-burningcrusade-frfr-installer-downloader.exe:Blizzard Downloader
"{D8E29B49-169C-4CDE-B4D6-D7F25CDBCAF3}"= UDP:3724:Blizzard downloader
"{55CD470C-193D-4502-8B04-DF3B05A13130}"= UDP:6112:Blizzard Downloader
"TCP Query User{0AFBCC03-614E-4B7C-8355-FF953F734846}C:\\jeux\\world of warcraft\\wow-2.0.3-frfr-downloader.exe"= UDP:C:\jeux\world of warcraft\wow-2.0.3-frfr-downloader.exe:Blizzard Downloader
"UDP Query User{5DF81D4B-0C40-47C0-A450-BD6F0E2A32A5}C:\\jeux\\world of warcraft\\wow-2.0.3-frfr-downloader.exe"= TCP:C:\jeux\world of warcraft\wow-2.0.3-frfr-downloader.exe:Blizzard Downloader
"TCP Query User{A8D91EDC-EA04-4FCA-B1C5-CD39A176EC3F}C:\\jeux\\genesis rising\\bin\\genesisrising.exe"= UDP:C:\jeux\genesis rising\bin\genesisrising.exe:GenesisRising
"UDP Query User{00382831-7E0C-40CF-8FE3-06E109A52F2B}C:\\jeux\\genesis rising\\bin\\genesisrising.exe"= TCP:C:\jeux\genesis rising\bin\genesisrising.exe:GenesisRising
"TCP Query User{63D4CFF0-56E3-4FBA-93FC-196C810964E2}C:\\jeux\\pacific storm\\bin\\allies.exe"= UDP:C:\jeux\pacific storm\bin\allies.exe:allies
"UDP Query User{71DAD618-29D1-4D7A-84D2-C31D255C77BC}C:\\jeux\\pacific storm\\bin\\allies.exe"= TCP:C:\jeux\pacific storm\bin\allies.exe:allies
"TCP Query User{B75CAF9B-BD18-4795-B1AE-1AABFABEEC80}C:\\jeux\\steam\\steamapps\\za-ha-dum\\counter-strike source\\hl2.exe"= UDP:C:\jeux\steam\steamapps\za-ha-dum\counter-strike source\hl2.exe:hl2
"UDP Query User{EA22CF5C-9A36-496D-999D-AC568C6D8427}C:\\jeux\\steam\\steamapps\\za-ha-dum\\counter-strike source\\hl2.exe"= TCP:C:\jeux\steam\steamapps\za-ha-dum\counter-strike source\hl2.exe:hl2
"TCP Query User{617CB08D-ECE2-4C29-AE0D-442B43069016}C:\\jeux\\steam\\steamapps\\za-ha-dum\\half-life 2 deathmatch\\hl2.exe"= UDP:C:\jeux\steam\steamapps\za-ha-dum\half-life 2 deathmatch\hl2.exe:hl2
"UDP Query User{15924B34-BD3F-4643-9135-C380A2A370B8}C:\\jeux\\steam\\steamapps\\za-ha-dum\\half-life 2 deathmatch\\hl2.exe"= TCP:C:\jeux\steam\steamapps\za-ha-dum\half-life 2 deathmatch\hl2.exe:hl2
"TCP Query User{1EB45B87-5DCF-4B0E-8E95-34020EB384CF}C:\\jeux\\starcraft\\starcraft.exe"= UDP:C:\jeux\starcraft\starcraft.exe:StarCraft
"UDP Query User{C6161834-4FCD-47E7-A333-A2084DC41077}C:\\jeux\\starcraft\\starcraft.exe"= TCP:C:\jeux\starcraft\starcraft.exe:StarCraft
"TCP Query User{0FC6254D-C3E8-4C6C-81C4-C9C9EA4947F1}C:\\jeux\\steam\\steamapps\\za-ha-dum\\source sdk base\\hl2.exe"= UDP:C:\jeux\steam\steamapps\za-ha-dum\source sdk base\hl2.exe:hl2
"UDP Query User{4EB42EE8-EB34-4773-80C9-E91583391BBE}C:\\jeux\\steam\\steamapps\\za-ha-dum\\source sdk base\\hl2.exe"= TCP:C:\jeux\steam\steamapps\za-ha-dum\source sdk base\hl2.exe:hl2
"TCP Query User{14FD02DA-9EDF-402C-AAC2-9038C29AD082}C:\\jeux\\cod2\\cod2mp_s.exe"= UDP:C:\jeux\cod2\cod2mp_s.exe:CoD2MP_s
"UDP Query User{C74D7375-CBE5-42C6-A17E-D5A293BD9B80}C:\\jeux\\cod2\\cod2mp_s.exe"= TCP:C:\jeux\cod2\cod2mp_s.exe:CoD2MP_s
"TCP Query User{F8713691-F173-4CC4-B6E9-4696E044DE71}C:\\jeux\\lost planet\\lostplanetdx10.exe"= UDP:C:\jeux\lost planet\lostplanetdx10.exe:LostPlanetDx10
"UDP Query User{3F1873A1-F2F4-47AF-BBC8-D8739C8C49E8}C:\\jeux\\lost planet\\lostplanetdx10.exe"= TCP:C:\jeux\lost planet\lostplanetdx10.exe:LostPlanetDx10
"TCP Query User{B166C7C1-13AF-48FF-8825-3989742D440D}C:\\jeux\\titan quest immortal throne\\tqit.exe"= UDP:C:\jeux\titan quest immortal throne\tqit.exe:Tqit
"UDP Query User{F2EBA835-2B60-46E1-A7EC-A0BB8C6610A4}C:\\jeux\\titan quest immortal throne\\tqit.exe"= TCP:C:\jeux\titan quest immortal throne\tqit.exe:Tqit
"TCP Query User{ABC34F29-8C63-4789-8B79-16C07F27E719}C:\\program files\\itunes\\itunes.exe"= UDP:C:\program files\itunes\itunes.exe:iTunes
"UDP Query User{21EDF6A0-0403-4032-8206-6822301EA0EB}C:\\program files\\itunes\\itunes.exe"= TCP:C:\program files\itunes\itunes.exe:iTunes
"TCP Query User{ED104CF3-FA05-4B79-B3A5-76ECA71052D8}C:\\jeux\\bid for power\\quake3.exe"= UDP:C:\jeux\bid for power\quake3.exe:quake3
"UDP Query User{74EFF036-15D8-4075-85D6-E02F6ECFD7A0}C:\\jeux\\bid for power\\quake3.exe"= TCP:C:\jeux\bid for power\quake3.exe:quake3
"TCP Query User{D8262979-8A2D-4105-AF65-CBFA5BC0CD20}C:\\ebfp\\quake3.exe"= UDP:C:\ebfp\quake3.exe:quake3
"UDP Query User{5E6547A8-B121-4DD4-8910-72332ECE761D}C:\\ebfp\\quake3.exe"= TCP:C:\ebfp\quake3.exe:quake3
"TCP Query User{53161A64-B9AA-4D75-B947-C6712C0FA0DD}C:\\jeux\\warcraft iii\\war3.exe"= UDP:C:\jeux\warcraft iii\war3.exe:Warcraft III
"UDP Query User{1A61DE52-54CF-428A-B39B-4C14A71F890B}C:\\jeux\\warcraft iii\\war3.exe"= TCP:C:\jeux\warcraft iii\war3.exe:Warcraft III
"{58CABCDE-3391-4441-930A-A64500A4BFE6}"= UDP:C:\Program Files\LucasArts\Star Wars Empire at War\GameData\sweaw.exe:Star Wars: Empire at War
"{34FBB203-CA19-42B2-B8EE-F2F440418E80}"= TCP:C:\Program Files\LucasArts\Star Wars Empire at War\GameData\sweaw.exe:Star Wars: Empire at War
"TCP Query User{C5A87D24-AAFB-4F01-B01F-E72CD7807D2E}C:\\program files\\ebfp2\\quake3.exe"= UDP:C:\program files\ebfp2\quake3.exe:quake3
"UDP Query User{BD5125C1-AC2A-4F70-B8FE-791D430C2BA2}C:\\program files\\ebfp2\\quake3.exe"= TCP:C:\program files\ebfp2\quake3.exe:quake3
"TCP Query User{071D8468-8A32-4AB4-8A93-C814D715D6CB}C:\\jeux\\ebfp2\\quake3.exe"= UDP:C:\jeux\ebfp2\quake3.exe:quake3
"UDP Query User{73A2FDC5-9FCD-4667-BC93-02ECB26C58D8}C:\\jeux\\ebfp2\\quake3.exe"= TCP:C:\jeux\ebfp2\quake3.exe:quake3
"TCP Query User{44A166B4-174D-41D4-B7B3-8F16DBCCAA93}D:\\ebfp2\\quake3.exe"= UDP:D:\ebfp2\quake3.exe:quake3
"UDP Query User{34739EC2-1946-44E5-AEFE-6066EB9CD926}D:\\ebfp2\\quake3.exe"= TCP:D:\ebfp2\quake3.exe:quake3
"{EA62577E-62EF-49CE-9B0C-52889107EA01}"= UDP:C:\Program Files\LucasArts\Star Wars Empire at War Forces of Corruption\swfoc.exe:Star Wars(R): Empire at War(TM): Forces of Corruption(TM)
"{2ADDEDE2-918E-4D36-A06C-250EEE17A549}"= TCP:C:\Program Files\LucasArts\Star Wars Empire at War Forces of Corruption\swfoc.exe:Star Wars(R): Empire at War(TM): Forces of Corruption(TM)
"TCP Query User{349660D4-A7C4-4D15-A032-7C2E5C8C4676}C:\\jeux\\steam\\steam.exe"= UDP:C:\jeux\steam\steam.exe:Steam
"UDP Query User{8A33A21E-C32B-4459-A7FC-64A6397EF873}C:\\jeux\\steam\\steam.exe"= TCP:C:\jeux\steam\steam.exe:Steam
"TCP Query User{A2FD0000-7AC1-4743-8D6B-35FC73C1D382}C:\\jeux\\steam\\steamapps\\za-ha-dum\\half-life\\hl.exe"= UDP:C:\jeux\steam\steamapps\za-ha-dum\half-life\hl.exe:Half-Life Launcher
"UDP Query User{494B8FF3-B1CF-42CE-87DC-0D0AAE8D2BB9}C:\\jeux\\steam\\steamapps\\za-ha-dum\\half-life\\hl.exe"= TCP:C:\jeux\steam\steamapps\za-ha-dum\half-life\hl.exe:Half-Life Launcher
"TCP Query User{603E8F5A-D281-4CDD-A7BF-63A4255BD20B}C:\\jeux\\alerte\\red alert - a path beyond\\renalert.exe"= UDP:C:\jeux\alerte\red alert - a path beyond\renalert.exe:Renegade
"UDP Query User{ACA25B3E-428B-451B-B63F-B0B484520356}C:\\jeux\\alerte\\red alert - a path beyond\\renalert.exe"= TCP:C:\jeux\alerte\red alert - a path beyond\renalert.exe:Renegade
"{63E0CECF-6602-478A-A71C-BBBD0660D93D}"= UDP:C:\Jeux\Hellgate\Launcher.exe:Hellgate : London
"{DD3FD0ED-DA6A-4303-B64F-B77A75098147}"= TCP:C:\Jeux\Hellgate\Launcher.exe:Hellgate : London
"{9C5DD5A4-DB9C-4E75-AD6D-06CD6C857C49}"= UDP:C:\Jeux\Cod4\iw3mp.exe:Call of Duty(R) 4 - Modern Warfare(TM)
"{2B2F93BB-8016-44FB-BE50-91B1950B56D5}"= TCP:C:\Jeux\Cod4\iw3mp.exe:Call of Duty(R) 4 - Modern Warfare(TM)
"TCP Query User{9F725AEC-F45A-492B-AB14-CEC4AF72E643}C:\\jeux\\freelancer\\exe\\flserver.exe"= UDP:C:\jeux\freelancer\exe\flserver.exe:Freelancer
"UDP Query User{8624F9AD-D8C2-4147-8A4D-A1E825FCDC5C}C:\\jeux\\freelancer\\exe\\flserver.exe"= TCP:C:\jeux\freelancer\exe\flserver.exe:Freelancer
"TCP Query User{0C776082-6228-4E6F-8C1E-3C255BA8EA0C}C:\\windows\\system32\\dpnsvr.exe"= UDP:C:\windows\system32\dpnsvr.exe:Serveur Microsoft DirectPlay 8
"UDP Query User{AE0FCA48-118C-4225-90DD-C1B1FFFBD29E}C:\\windows\\system32\\dpnsvr.exe"= TCP:C:\windows\system32\dpnsvr.exe:Serveur Microsoft DirectPlay 8
"{64A37A2F-60D3-4735-852E-79F2ACE79A91}"= UDP:C:\Jeux\Supreme Commander\GPGNet\GPG.Multiplayer.Client.exe:GPGNet - Supreme Commander
"{76672A7F-692D-4E6A-B4DA-1A2AEC655EB2}"= TCP:C:\Jeux\Supreme Commander\GPGNet\GPG.Multiplayer.Client.exe:GPGNet - Supreme Commander
"{9F6855D0-B108-4D9F-84FA-44BCD51D10B5}"= UDP:C:\Jeux\Supreme Commander Forced Alliance\Supreme Commander - Forged Alliance\bin\ForgedAlliance.exe:Supreme Commander - Forged Alliance
"{EF474F7A-8FA7-43F5-B4DA-5ECB9B77E901}"= TCP:C:\Jeux\Supreme Commander Forced Alliance\Supreme Commander - Forged Alliance\bin\ForgedAlliance.exe:Supreme Commander - Forged Alliance
"{A5080C67-96A1-457B-90A8-FADE9562B813}"= UDP:C:\Jeux\Crysis\Bin32\Crysis.exe:Crysis_32
"{5BCFA230-878C-4DCA-9563-B315369B6219}"= TCP:C:\Jeux\Crysis\Bin32\Crysis.exe:Crysis_32
"{C1466C68-A144-4172-AF4E-842A5E975E5A}"= UDP:C:\Jeux\Crysis\Bin32\CrysisDedicatedServer.exe:CrysisDedicatedServer_32
"{B21FD72B-E492-493A-A610-7E73EECA98FF}"= TCP:C:\Jeux\Crysis\Bin32\CrysisDedicatedServer.exe:CrysisDedicatedServer_32
"{C398B6AA-1D27-4793-8B47-B57C701EB3BB}"= UDP:C:\Windows\System32\PnkBstrA.exe:PnkBstrA
"{55F870AE-23E4-4BBE-98AC-AA7B97B2B854}"= TCP:C:\Windows\System32\PnkBstrA.exe:PnkBstrA
"{F779B62A-C37B-4006-B30C-8BFF1A9BD6F1}"= UDP:C:\Windows\System32\PnkBstrB.exe:PnkBstrB
"{DCC134ED-18C4-47D3-AA18-E78A66920DFE}"= TCP:C:\Windows\System32\PnkBstrB.exe:PnkBstrB
"TCP Query User{943D7364-91AA-4F93-9BDB-97214B9BB9E6}C:\\jeux\\homeworld2\\bin\\release\\homeworld2.exe"= UDP:C:\jeux\homeworld2\bin\release\homeworld2.exe:Homeworld2
"UDP Query User{C5AC1853-DA2A-4720-9298-610D4A0D8F53}C:\\jeux\\homeworld2\\bin\\release\\homeworld2.exe"= TCP:C:\jeux\homeworld2\bin\release\homeworld2.exe:Homeworld2
"TCP Query User{4DF7BB75-0570-42AF-8361-0BD89C3DD54B}C:\\jeux\\freelancer\\exe\\freelancer.exe"= UDP:C:\jeux\freelancer\exe\freelancer.exe:Freelancer
"UDP Query User{A7C7A394-3203-4796-9060-3A48B7BA2630}C:\\jeux\\freelancer\\exe\\freelancer.exe"= TCP:C:\jeux\freelancer\exe\freelancer.exe:Freelancer
"TCP Query User{8FA83A68-0100-48C5-82CF-EA7F72F06075}C:\\program files\\lucasarts\\star wars jedi knight jedi academy\\gamedata\\jamp.exe"= UDP:C:\program files\lucasarts\star wars jedi knight jedi academy\gamedata\jamp.exe:Jedi Academy MultiPlayer
"UDP Query User{4252407A-4AEB-4BA0-9725-39D76C4B680C}C:\\program files\\lucasarts\\star wars jedi knight jedi academy\\gamedata\\jamp.exe"= TCP:C:\program files\lucasarts\star wars jedi knight jedi academy\gamedata\jamp.exe:Jedi Academy MultiPlayer
"TCP Query User{E444222C-CE43-41FA-9FFA-DCB5126FE0F5}C:\\jeux\\nexus\\nexus_dx9.exe"= UDP:C:\jeux\nexus\nexus_dx9.exe:Nexus
"UDP Query User{1844C3D9-313F-40B8-95CB-97175CEB7E17}C:\\jeux\\nexus\\nexus_dx9.exe"= TCP:C:\jeux\nexus\nexus_dx9.exe:Nexus
"{CE745B9D-F132-424F-893B-975458A1C458}"= UDP:C:\Program Files\iTunes\iTunes.exe:iTunes
"{F3C845E8-3D61-4962-ADD8-78580F621A68}"= TCP:C:\Program Files\iTunes\iTunes.exe:iTunes
"{AB5F1450-E85C-4FC2-A7BC-0248149F841E}"= UDP:C:\Jeux\Juiced2\Juiced2_HIN.exe:Juiced2_HIN
"{75C5F911-9426-4769-B516-39E554055718}"= TCP:C:\Jeux\Juiced2\Juiced2_HIN.exe:Juiced2_HIN
"{D53ACAEE-7799-4B1D-B96C-33818DB6787C}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"TCP Query User{8BD1E859-BE9C-414C-9231-F1EE83C1115A}C:\\jeux\\w40k soulstorm\\soulstorm.exe"= UDP:C:\jeux\w40k soulstorm\soulstorm.exe:Soulstorm
"UDP Query User{97286C58-E55F-4F13-87ED-D1295DDBC03D}C:\\jeux\\w40k soulstorm\\soulstorm.exe"= TCP:C:\jeux\w40k soulstorm\soulstorm.exe:Soulstorm
"{B7E69A0B-EC12-4E60-ABBB-CF8171AF3714}"= UDP:C:\Jeux\Neverwinter Nights 2\nwn2main.exe:Neverwinter Nights 2 Main
"{49946CAE-4A1B-454D-A8E9-CF21FA387738}"= TCP:C:\Jeux\Neverwinter Nights 2\nwn2main.exe:Neverwinter Nights 2 Main
"{674C4927-29AB-4BEB-8F08-619B178B34EF}"= UDP:C:\Jeux\Neverwinter Nights 2\nwn2main_amdxp.exe:Neverwinter Nights 2 AMD
"{C5433F34-FE12-490B-A040-74364840DC16}"= TCP:C:\Jeux\Neverwinter Nights 2\nwn2main_amdxp.exe:Neverwinter Nights 2 AMD
"{FD722530-9A0F-43A5-9C4B-F2CC7492FFB2}"= UDP:C:\Jeux\Neverwinter Nights 2\nwupdate.exe:Neverwinter Nights 2 Updater
"{1995BE07-BCA9-4C66-8323-97F8FF8E9BFE}"= TCP:C:\Jeux\Neverwinter Nights 2\nwupdate.exe:Neverwinter Nights 2 Updater
"{FE9038D7-C9C2-49A5-9176-10E8C09B792B}"= UDP:C:\Jeux\Neverwinter Nights 2\nwn2server.exe:Neverwinter Nights 2 Server
"{1F84D1ED-794C-4B66-B804-8CE38296B471}"= TCP:C:\Jeux\Neverwinter Nights 2\nwn2server.exe:Neverwinter Nights 2 Server
"{D143C600-A35D-445C-945C-DB50EEB06468}"= UDP:C:\Jeux\Assassin's Creed\AssassinsCreed_Dx9.exe:Assassin's Creed Dx9
"{C354078B-0BEA-4570-B7FA-A29ECD325901}"= TCP:C:\Jeux\Assassin's Creed\AssassinsCreed_Dx9.exe:Assassin's Creed Dx9
"{2B0581C5-87AF-42F7-8AB9-A2206C5F30EC}"= UDP:C:\Jeux\Assassin's Creed\AssassinsCreed_Dx10.exe:Assassin's Creed Dx10
"{79DE251B-21AC-4E0B-B240-6E0465753D54}"= TCP:C:\Jeux\Assassin's Creed\AssassinsCreed_Dx10.exe:Assassin's Creed Dx10
"{E66ACEAA-91FE-4294-86F4-2C4BD78E9ACB}"= UDP:C:\Jeux\Assassin's Creed\AssassinsCreed_Launcher.exe:Assassin's Creed Update
"{1AFDD4D3-7D93-466A-BB31-366E87D2084E}"= TCP:C:\Jeux\Assassin's Creed\AssassinsCreed_Launcher.exe:Assassin's Creed Update
"TCP Query User{E6F520EE-F5CA-45EB-93A5-A09466F010D9}X:\\program files\\test drive unlimited\\testdriveunlimited.exe"= UDP:X:\program files\test drive unlimited\testdriveunlimited.exe:testdriveunlimited.exe
"UDP Query User{7C39A666-7532-42B8-8FEC-704AE9BAB815}X:\\program files\\test drive unlimited\\testdriveunlimited.exe"= TCP:X:\program files\test drive unlimited\testdriveunlimited.exe:testdriveunlimited.exe
"TCP Query User{ED5ABC60-EA24-4E70-AB82-B523D7CA7D6B}X:\\program files\\battlestations midway\\battlestationsmidway.exe"= UDP:X:\program files\battlestations midway\battlestationsmidway.exe:battlestationsmidway.exe
"UDP Query User{5247B826-FAE5-4246-83C5-61A8461FCE29}X:\\program files\\battlestations midway\\battlestationsmidway.exe"= TCP:X:\program files\battlestations midway\battlestationsmidway.exe:battlestationsmidway.exe
"TCP Query User{9684420A-7200-4706-839C-A429C2D538FD}X:\\program files\\act of war - direct action\\actofwar.exe"= UDP:X:\program files\act of war - direct action\actofwar.exe:actofwar.exe
"UDP Query User{552A9601-9557-426C-A700-3D37C9583C47}X:\\program files\\act of war - direct action\\actofwar.exe"= TCP:X:\program files\act of war - direct action\actofwar.exe:actofwar.exe
"TCP Query User{E2E4AC88-CF61-4375-8727-9F6097E1B602}X:\\program files\\act of war - direct action\\actofwar.exe"= UDP:X:\program files\act of war - direct action\actofwar.exe:actofwar.exe
"UDP Query User{E91D84DD-84F8-4D31-8B6F-6357B2111DDF}X:\\program files\\act of war - direct action\\actofwar.exe"= TCP:X:\program files\act of war - direct action\actofwar.exe:actofwar.exe
"TCP Query User{F8F64DB3-8BEE-49C8-A9CD-2B8041EC96B3}C:\\jeux\\iron man\\ironman.exe"= UDP:C:\jeux\iron man\ironman.exe:A2M Game Engine
"UDP Query User{B02D576E-8B23-487D-976B-EDC595B6EC60}C:\\jeux\\iron man\\ironman.exe"= TCP:C:\jeux\iron man\ironman.exe:A2M Game Engine
"TCP Query User{1A0C7B8A-40FA-4C4A-8606-BB6A5AF6CC5B}X:\\program files\\thq\\company of heroes\\reliccoh.exe"= UDP:X:\program files\thq\company of heroes\reliccoh.exe:reliccoh.exe
"UDP Query User{0E3CC56E-1D44-43A8-81B4-CA1501AC7EFC}X:\\program files\\thq\\company of heroes\\reliccoh.exe"= TCP:X:\program files\thq\company of heroes\reliccoh.exe:reliccoh.exe
"TCP Query User{B70E1F80-4B99-4590-A453-16C11D721AEE}X:\\program files\\thq\\company of heroes\\reliccoh.exe"= UDP:X:\program files\thq\company of heroes\reliccoh.exe:RelicCOH
"UDP Query User{4F02E94E-2DBF-4E07-A004-E99E411C1E08}X:\\program files\\thq\\company of heroes\\reliccoh.exe"= TCP:X:\program files\thq\company of heroes\reliccoh.exe:RelicCOH
"{4090EF21-7D30-4473-82D7-D1CA271BC5C2}"= UDP:C:\Jeux\Loki\Loki.exe:Loki
"{EEAF9DCB-B60E-4BE4-9953-28176347829B}"= TCP:C:\Jeux\Loki\Loki.exe:Loki
"{EE45264A-32EB-45F8-9F32-A2B02FCCC8BB}"= UDP:C:\Jeux\Loki\Autorun\AutoRun.exe:Loki - AutoRun
"{88F817AD-ED0A-4667-97F0-E4E791CA7208}"= TCP:C:\Jeux\Loki\Autorun\AutoRun.exe:Loki - AutoRun
"TCP Query User{A82ABEAA-B88D-4F5A-9C30-FFC4FC9308D9}X:\\program files\\codemasters\\dirt\\dirt.exe"= UDP:X:\program files\codemasters\dirt\dirt.exe:dirt.exe
"UDP Query User{F5771B84-8C5C-4DD8-A066-035BD87676AE}X:\\program files\\codemasters\\dirt\\dirt.exe"= TCP:X:\program files\codemasters\dirt\dirt.exe:dirt.exe
"{5A7E82B2-4AB2-44FC-99D2-E26CE013BA38}"= UDP:C:\Program Files\Player Metaboli\GPlayer.exe:Player Metaboli
"{DD26051F-133E-4170-92D6-D7B89757EA48}"= TCP:C:\Program Files\Player Metaboli\GPlayer.exe:Player Metaboli
"{6B904E5D-A751-4371-B51D-23EF4C9B5BDF}"= UDP:C:\Program Files\Player Metaboli\Uninstall.exe:Désinstaller le Player
"{5447E65F-F706-4C57-913A-5B03964805AF}"= TCP:C:\Program Files\Player Metaboli\Uninstall.exe:Désinstaller le Player
"TCP Query User{39907C38-04FE-43F5-8C76-5EE95894D9B0}X:\\program files\\silverfall\\silverfall.exe"= UDP:X:\program files\silverfall\silverfall.exe:silverfall.exe
"UDP Query User{0FA7B373-88B4-455D-9201-2322B9B1129D}X:\\program files\\silverfall\\silverfall.exe"= TCP:X:\program files\silverfall\silverfall.exe:silverfall.exe
"TCP Query User{CCE3F684-DD14-414E-9472-6EB3E64991DB}X:\\program files\\codemasters\\turning point - fall of liberty\\binaries\\ltcg-tpgame.exe"= UDP:X:\program files\codemasters\turning point - fall of liberty\binaries\ltcg-tpgame.exe:ltcg-tpgame.exe
"UDP Query User{2687CBEC-EBA8-4627-AD32-A9C5F28FE6AF}X:\\program files\\codemasters\\turning point - fall of liberty\\binaries\\ltcg-tpgame.exe"= TCP:X:\program files\codemasters\turning point - fall of liberty\binaries\ltcg-tpgame.exe:ltcg-tpgame.exe
"{B7F5F6B9-F468-4D1E-8AD9-16E6A49AFCAE}"= UDP:C:\Jeux\Mass Effect\Binaries\MassEffect.exe:Mass Effect Game
"{2FA9F2D2-6F20-4F23-A9C4-652D0DB9D190}"= TCP:C:\Jeux\Mass Effect\Binaries\MassEffect.exe:Mass Effect Game
"{1FB4F222-8C19-4848-A88B-0BDB8BFC1273}"= UDP:C:\Jeux\Mass Effect\MassEffectLauncher.exe:Mass Effect Launcher
"{14492692-37B4-44B8-B180-A1D5543DCCCD}"= TCP:C:\Jeux\Mass Effect\MassEffectLauncher.exe:Mass Effect Launcher
"{C477F5A5-F570-4DEA-8838-B35C21AA5C07}"= UDP:C:\Jeux\BFME2\game.dat:La Bataille pour la Terre du Milieu ™ II
"{C05F320D-04B8-4586-9BA4-328B94FCA6C1}"= TCP:C:\Jeux\BFME2\game.dat:La Bataille pour la Terre du Milieu ™ II
"{1A3E3812-388A-47B9-952A-CC258677DF28}"= UDP:C:\Jeux\TWK\game.dat:LSDA, L'Avènement du Roi-sorcier™
"{CAA6C3F7-AA59-4567-9F1B-C45CFD3E95F2}"= TCP:C:\Jeux\TWK\game.dat:LSDA, L'Avènement du Roi-sorcier™
"{4A386DBD-1C4E-4A09-9701-E5ECC4B07FF4}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"TCP Query User{69A797DE-09D2-4C64-8353-434DBF505018}C:\\program files\\sierra\\homeworld2\\bin\\release\\homeworld2.exe"= UDP:C:\program files\sierra\homeworld2\bin\release\homeworld2.exe:Homeworld2
"UDP Query User{27DF12AA-1A15-4B87-B7A5-5A0B12A2FF9F}C:\\program files\\sierra\\homeworld2\\bin\\release\\homeworld2.exe"= TCP:C:\program files\sierra\homeworld2\bin\release\homeworld2.exe:Homeworld2

R1 oreans32;oreans32;C:\Windows\system32\drivers\oreans32.sys [2007-05-10 18:33]
R2 X4HSX32Ex;X4HSX32Ex;C:\Program Files\Player Metaboli\X4HSX32Ex.Sys [2007-11-14 11:30]
S3 R300;R300;C:\Windows\system32\DRIVERS\atikmdag.sys [2006-11-02 09:36]
S3 Steam Client Service;Steam Client Service;C:\Program Files\Common Files\Steam\SteamService.exe [2008-03-31 17:16]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\J]
\shell\Auto\command - AdobeR.exe e
\shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL J:\

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\K]
\shell\AutoRun\command - K:\LaunchU3.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5d744c7b-f273-11db-83f1-806e6f6e6963}]
\shell\AutoRun\command - I:\autoplay.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{db3f0e71-f336-11db-bb19-00146ccc53f5}]
\shell\AutoRun\command - K:\LaunchU3.exe

.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-06-22 23:46:04 C:\Windows\Tasks\User_Feed_Synchronization-{42EE8150-6974-4E25-8FEC-2107DB197EDA}.job"
- C:\Windows\system32\msfeedssync.exe
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-24 02:50:03
Windows 6.0.6001 Service Pack 1 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.
Temps d'accomplissement: 2008-06-24 2:51:08
ComboFix-quarantined-files.txt 2008-06-24 00:51:05

Pre-Run: 40,573,292,544 octets libres
Post-Run: 40,566,956,032 octets libres

361 --- E O F --- 2008-06-22 13:20:32

y-a-t-il encore des virus ?


Répondre à Piwhy
Egwene   24-06-2008 à 13:03:36
- 0 +

Re,

Je te conseille de désinstaller et de supprimer tes programmes de p2p : 50% des programmes que tu télécharges via le p2p sont piégés.

Ta console JAVA n'est pas à jour. Désinstalle ta console Java via Ajout/Suppression de programmes. Puis installe la dernière version :
http://www.java.com/fr/download/manual.jsp

  • Fais un scan en ligne Kaspersky avec Internet Explorer :
  • Clique sur http://pictures.kaspersky.fr/bouton-scann1.jpg
  • Clique maintenant sur J'accepte.
  • Valide l'installation d'un ou de plusieurs ActiveX si c'est nécessaire.
  • Patiente pendant l'installation des Mises à jour.
  • Choisis par la suite l'analyse du Poste de travail
  • Sauvegarde puis colle le rapport généré en fin d'analyse.


AIDE : Tuto sur le scan en ligne

NOTE : Si tu reçois le message "La licence de Kaspersky On-line Scanner est périmée", va dans Ajout/Suppression de programmes puis désinstalle On-Line Scanner, reconnecte toi sur le site de Kaspersky pour retenter le scan en ligne.

;)

------------------------------ Prière de signaler si vous vous faites déjà aider sur un autre forum ou dans un autre topic.

Sécurité / Prévention
Répondre à Egwene
Piwhy   25-06-2008 à 13:08:19
- 0 +

Re bonjour,

Mise à jour effectuée et voilà le rapport Kaspersky qui semble bon :


Wednesday, June 25, 2008 12:07:21 PM
Système d'exploitation : Home Edition, Service Pack 1 (Build 6001)
Kaspersky On-line Scanner version : 5.0.83.0
Dernière mise à jour de la base antivirus Kaspersky : 25/06/2008
Enregistrements dans la base antivirus Kaspersky : 784911


Paramètres d'analyse
Analyser avec la base antivirus suivante standard
Analyser les archives vrai
Analyser les bases de messagerie vrai

Cible de l'analyse Poste de travail
C:\
D:\
E:\
F:\
G:\
H:\
I:\

Statistiques de l'analyse
Total d'objets analysés 428650
Nombre de virus trouvés 0
Nombre d'objets infectés 0 / 0
Nombre d'objets suspects 0
Durée de l'analyse 03:12:07

Nom de l'objet infecté Nom du virus Dernière action
C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\MSS.log L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\MSStmp.log L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\tmp.edb L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Temp\usgthrsvc\Ntf6699.tmp L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Temp\usgthrsvc\Ntf669A.tmp L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\MSS.log L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\MSStmp.log L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\tmp.edb L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Windows.edb L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Temp\usgthrsvc\Ntf6699.tmp L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Temp\usgthrsvc\Ntf669A.tmp L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows Defender\Support\MPLog-11022006-050241.log L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.349.Crwl L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.349.gthr L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\MSS.log L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\MSStmp.log L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\CiPT0000.000 L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\Used0000.000 L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SecStore\CiST0000.000 L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk1.gthr L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk2.gthr L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\tmp.edb L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Windows.edb L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Temp\usgthrsvc\Ntf6699.tmp L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Temp\usgthrsvc\Ntf669A.tmp L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows Defender\Support\MPLog-11022006-050241.log L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.349.Crwl L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.349.gthr L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\MSS.log L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\MSStmp.log L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010001.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010004.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010006.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000A.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000C.ci L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000C.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000C.wsb L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000D.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000E.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010011.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010016.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010017.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010018.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010019.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010023.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010024.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010028.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\INDEX.000 L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\CiPT0000.000 L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\Used0000.000 L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SecStore\CiST0000.000 L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk1.gthr L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk2.gthr L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Ntfy2964.gthr L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\tmp.edb L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Windows.edb L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Temp\usgthrsvc\Ntf6699.tmp L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Temp\usgthrsvc\Ntf669A.tmp L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows Defender\Support\MPLog-11022006-050241.log L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.349.Crwl L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.349.gthr L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\MSS.log L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\MSStmp.log L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010001.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010004.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010006.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000A.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000C.ci L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000C.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000C.wsb L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000D.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000E.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010011.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010016.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010017.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010018.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010019.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010023.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010024.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010028.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\INDEX.000 L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\CiPT0000.000 L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\Used0000.000 L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SecStore\CiST0000.000 L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk1.gthr L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk2.gthr L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Ntfy2964.gthr L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\tmp.edb L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Windows.edb L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Temp\usgthrsvc\Ntf6699.tmp L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Temp\usgthrsvc\Ntf669A.tmp L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows Defender\Support\MPLog-11022006-050241.log L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.349.Crwl L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.349.gthr L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\MSS.log L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\MSStmp.log L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010001.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010004.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010006.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000A.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000C.ci L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000C.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000C.wsb L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000D.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000E.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010011.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010016.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010017.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010018.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010019.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010023.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010024.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010028.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\INDEX.000 L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\CiPT0000.000 L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\Used0000.000 L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SecStore\CiST0000.000 L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk1.gthr L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk2.gthr L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Ntfy2964.gthr L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\tmp.edb L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Windows.edb L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Temp\usgthrsvc\Ntf6699.tmp L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Temp\usgthrsvc\Ntf669A.tmp L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows Defender\Support\MPLog-11022006-050241.log L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.349.Crwl L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.349.gthr L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\MSS.log L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\MSStmp.log L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010001.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010004.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010006.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000A.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000C.ci L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000C.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000C.wsb L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000D.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000E.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010011.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010016.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010017.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010018.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010019.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010023.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010024.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010028.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\INDEX.000 L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\CiPT0000.000 L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\Used0000.000 L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SecStore\CiST0000.000 L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk1.gthr L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk2.gthr L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Ntfy2964.gthr L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\tmp.edb L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Windows.edb L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Temp\usgthrsvc\Ntf6699.tmp L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Temp\usgthrsvc\Ntf669A.tmp L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows Defender\Support\MPLog-11022006-050241.log L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.349.Crwl L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.349.gthr L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\MSS.log L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\MSStmp.log L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010001.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010004.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010006.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000A.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000C.ci L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000C.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000C.wsb L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000D.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000E.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010011.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010016.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010017.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010018.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010019.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010023.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010024.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010028.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\INDEX.000 L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\CiPT0000.000 L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\Used0000.000 L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SecStore\CiST0000.000 L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk1.gthr L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk2.gthr L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Ntfy2964.gthr L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\tmp.edb L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Windows.edb L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Search\Data\Temp\usgthrsvc\Ntf6699.tmp L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Search\Data\Temp\usgthrsvc\Ntf669A.tmp L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Windows Defender\Support\MPLog-11022006-050241.log L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.349.Crwl L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.349.gthr L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\MSS.log L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\MSStmp.log L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010001.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010004.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010006.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000A.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000C.ci L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000C.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000C.wsb L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000D.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000E.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010011.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010016.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010017.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010018.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010019.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010023.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010024.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010028.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\INDEX.000 L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\CiPT0000.000 L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\Used0000.000 L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SecStore\CiST0000.000 L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk1.gthr L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk2.gthr L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Ntfy2964.gthr L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\tmp.edb L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Windows.edb L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Microsoft\Search\Data\Temp\usgthrsvc\Ntf6699.tmp L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Microsoft\Search\Data\Temp\usgthrsvc\Ntf669A.tmp L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Application Data\Microsoft\Windows Defender\Support\MPLog-11022006-050241.log L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.349.Crwl L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.349.gthr L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\MSS.log L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\MSStmp.log L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010001.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010004.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010006.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000A.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000C.ci L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000C.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000C.wsb L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000D.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000E.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010011.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010016.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010017.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010018.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010019.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010023.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010024.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010028.wid L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\INDEX.000 L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\CiPT0000.000 L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\Used0000.000 L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SecStore\CiST0000.000 L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk1.gthr L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk2.gthr L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Ntfy2964.gthr L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\tmp.edb L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Windows.edb L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Temp\usgthrsvc\Ntf6699.tmp L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Temp\usgthrsvc\Ntf669A.tmp L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Support\MPLog-11022006-050241.log L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.349.Crwl L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.349.gthr L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Microsoft\Search\Data\Applications\Windows\MSS.log L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Microsoft\Sear

Répondre à Piwhy
Egwene   25-06-2008 à 13:50:06
- 0 +

Re,

1) Crée un fichier Bloc Notes avec le texte qui se trouve dans l'espace ci-dessous (copie/colle) :


Citation :

REGEDIT4

[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\J]



-Enregistrer ce fichier dans : Bureau
-Nom du fichier : fix.reg
-Type : tous les fichiers !!!
-cliquer sur Enregistrer
-quitter le Bloc Notes

Utilisation du fichier: fix.reg
- double cliquer sur le fichier (Bureau) / Accepter l'avertissement concernant la fusion / ne pas s'étonner de ne rien voir / valider le message disant que la fusion est terminée.

2) Téléchargez Flash_Disinfector.exe de sUBs et sauvegardez-le sur ton bureau.

  • Double-cliquez sur Flash_Disinfector.exe pour le lancer et suivez toutes les indications qui apparaissent.
  • Cet utilitaire pourra éventuellement vous demander d'insérer vos disques amovibles ( clés usb, disque dur externe, téléphone portable etc. ). Merci de le faire et d'autoriser Flash_Disinfector à les nettoyer, car ils sont susceptibles d'être infectés.
  • Patientez jusqu'à ce que le scan soit fini et quittez ensuite le programme.
  • Redémarrez votre ordinateur une fois la chose faite.


Note : Flash_Disinfector va créer un fichier caché nommé "autorun.inf" sur chacun des disques amovibles branchés sur votre ordinateur au moment du scan. Ne détruisez pas ces fichiers... car ces derniers vous protègeront d'une éventuelle future infection par disques amovibles.

Information : Pour en savoir plus sur les infections par disques amovibles, clique **ICI**

Une fois que cela aura été fait, nous pourrons ensuite procéder à la désinfection de vos disques amovibles, donc laissez-les brancher le temps de la désinfection et éviter de les utiliser.

3) Suis ces étapes pour désinstaller proprement combofix et les tools que nous avons utilisés pendant la désinfection

  • Menu démarrer puis exécuter
  • Tape maintenant Combofix /u dans la fenêtre que apparaît puis valide par OK. Veille à bien laisser un espace entre le X et le /U, car cela est nécessaire ici.

http://i189.photobucket.com/albums/z176/EPL47/CF_Cleanup.png

4) Poste un nouveau rapport HijackThis et dis-moi comment va le PC.

;)

------------------------------ Prière de signaler si vous vous faites déjà aider sur un autre forum ou dans un autre topic.

Sécurité / Prévention
Répondre à Egwene
Créer un nouveau sujet Répondre
Tom's Guide > Forum > Sécurité - Virus > Virus Generic.Qhost
Aller à :

Il y a 2049 utilisateurs connus et inconnus. Pour voir la liste des connectés connus, cliquez ici.

Plan du forum
Forum Bestofmedia ©
2000-2009 Bestofmedia Group
Page générée en 0,412 secondes
Attention

Vous allez répondre sur un sujet resté inactif pendant plus de 6 mois.
Assurez-vous d'apporter des éléments nouveaux à la discussion avant de poursuivre.

Répondre Annuler
Liens