Votre question

Gros probléme!!!!!! SOS..........

Tags :
  • Windows
  • Sécurité
Dernière réponse : dans Sécurité et virus
20 Mai 2008 19:00:40

Bonsoir,
je viens faire appel a vous car je rencontre un gros probléme depuis ce matin.
Tout d'abord il m'est impossible de lancer Hijackthis car message me disant n:"n'est pas une application win 32 valide"
Ensuite lorsque je veux lancer GMER j'ai le message: C:/WINDOWS/gmer.dll le fichier spécifié est introuvable.
J'ai pu analyser mon pc avec ACG, il a pu nettoyer des virus.

Ce qui se passe c'est que j'avais norton 2006 et j'ai été obliger de le désinstaller car il y avait un conflit avec word (a savoir le fichier.dot n'est pas valide). Une fois que j'ai voulu le remettre les problémes ont commencé, impossible de le réinstaller...

Pouvez vous m'aider? merci par avance

Autres pages sur : gros probleme sos

20 Mai 2008 19:08:44

salut

fais ça :

* Téléchargez ELIBAGLA (by SATINFO) en bas de cette page : http://www.zonavirus.com/datos/descargas/95/elibagla.as...
* Cliquez sur le bouton Descargar Elibagla pour télécharger le fichier, placez le sur votre bureau.
* Double-cliquez dessus pour l'ouvrir
* Assurez-vous que dans le menu déroulant Unidad, vous avez bien C:\ (ou la partition contenant le système d'exploitation)
* Vérifiez aussi que l'option en bas de la fenêtre Eliminar Ficheros Automaticamente est bien cochée
* Cliquez sur le bouton Explorar pour lancer l'analyse, à la fin du scan, un rapport est généré, nommé infosat.txt, il est en outre sauvegardé sous la racine : C:\infosat.txt
et vous me poster le rapport
20 Mai 2008 19:16:06

poste pour suivre
Contenus similaires
20 Mai 2008 19:18:16

Bonsoir merci pour votre rapidité de réponse. Voici le rapport:

Tue May 20 19:14:58 2008
EliBagle v11.39 (c)2008 S.G.H. / Satinfo S.L. (Modificado el 20 de Mayo del 2008)
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle.dldr Acceso Denegado.
C:\DOCUMENTS AND SETTINGS\BRISARD ALEXIS\APPLICATION DATA\M\FLEC006.EXE --> Bagle Acceso Denegado.
C:\DOCUMENTS AND SETTINGS\BRISARD ALEXIS\APPLICATION DATA\M\LIST.OCT --> Eliminado Bagle

Tue May 20 19:15:50 2008
EliBagle v11.39 (c)2008 S.G.H. / Satinfo S.L. (Modificado el 20 de Mayo del 2008)
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle.dldr Acceso Denegado.
C:\DOCUMENTS AND SETTINGS\BRISARD ALEXIS\APPLICATION DATA\M\FLEC006.EXE --> Bagle Acceso Denegado.
Restaurada Clave: "SafeBoot\Minimal y Network"
Reinicie para Completar la Limpieza.

Tue May 20 19:16:38 2008
EliBagle v11.39 (c)2008 S.G.H. / Satinfo S.L. (Modificado el 20 de Mayo del 2008)
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle.dldr Acceso Denegado.
C:\DOCUMENTS AND SETTINGS\BRISARD ALEXIS\APPLICATION DATA\M\FLEC006.EXE --> Bagle Acceso Denegado.
Restaurada Clave: "SafeBoot\Minimal y Network"
Reinicie para Completar la Limpieza.

Tue May 20 19:16:49 2008
EliBagle v11.39 (c)2008 S.G.H. / Satinfo S.L. (Modificado el 20 de Mayo del 2008)
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\
20 Mai 2008 19:56:42

De plus je ne peut plus accéder au mode sans échec: un écran bleu apparait....

AU SECOURS!!!!!!!!!!!!!!!!!!!!
20 Mai 2008 21:09:56

re

Télécharge ComboFix de sUBs :
ComboFix.exe
et sauvegarde le sur ton bureau et pas ailleurs!

mais attention, vu que c'est bagle, il faut feinter pour que tu puisses lancer l'outil donc:
renomme Combofix en Combo-Fix avant de lancer le téléchargement comme suit:
http://forum.pcastuces.com/sujet.asp?f=25&s=37315

Double-clic sur ComboFix, Il va te poser une question, réponds en appuyant sur la touche1 puis attends que combofix ait terminé, il est possible que ton PC reboot, c’est normal, un rapport sera créé.Poste le rapport:C:\Combofix.txt
clique dessus pour l'ouvrir, puis édition "sélectionner tout", édition "copier"

viens sur le forum et édition "coller"
21 Mai 2008 09:15:26

Bonjour, voici le rapport mais je pense que cela a deja fait du bien :
ComboFix 08-05-20.4 - BRISARD ALEXIS 2008-05-21 8:50:12.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.455 [GMT 2:00]
Endroit: C:\Documents and Settings\BRISARD ALEXIS\Bureau\Combo-Fix.exe
* Création d'un nouveau point de restauration

AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\BRISARD ALEXIS\Application Data\m
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\#1_Spyware_Killer_2.1_KeyGen.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\@PROMT_German-Russian_Office_Translator_7.0.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\Access Of Speed 1.1.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\Acne_Free_and_Glowing_Skin_1.0.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\ActMask ALL2PDF PDF Creator 4.12.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\AD_-_Converter_2.15.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\Advanced SmartCheck 3.3.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\AIML_Bot_1.1.1.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\Air_Messenger_Proxy_Server_1.20.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\All_Stats_Baseball_Coach_10.0.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\Ashampoo_Burning_Studio_7.10_[Patch].zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\Auslogics_Visual_Styler_Visual_Styler_3.0.10.131.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\Avast__4_Professional_Edition_V4.6.691_____________________.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\Babylon English-English 7.0.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\BatteryMate_XP_1.0_Serial.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\Better_BlackJack_1.0.4.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\BJ_Printer_Driver_Canon_Pixma_iP4000_1.8.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\Bluevertise_1.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\BTM_Pro_(Net+)_2.28b.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\Calc Pilot 1.50.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\Carry it Easy +Plus U3 Edition 2.1.7.3.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\Chord Practise Buddy 1.0.0.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\Chronoger_2.1.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\Click2PDF_1.5_Cracked.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\Cliprex Video Properties 1.0.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\CMD2EXE 1.02.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\Code_128_Barcode_Premium_Package_1.1.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\Delete_Cookies_2.0_(KeyGen).zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\Discreetmail 3.0 [Serial].zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\DISKdata_3.5.0.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\dRun_0.1.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\DrvCareVista 5.3.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\DVD_Subtitle_Player_1.0.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\DynDnsAgent 2.0.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\Employee_Project_Clock_5.01_[Key].zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\Employment_History_for_ACT!_8.0_(Cracked).zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\Entrepeneur_1.5.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\Far_Cry_MP_Helms_Cry_Whitefix_map.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\FingerPoint_1.4_[Crack].zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\Fore Words Pro 1.2.0 [Crack].zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\Forest_1.0.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\Free Notes 3.02.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\FreeStrike_1.3.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\FzCalc 1.2.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\GBookmarks via Right Click 1.0.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\Gearbox 1.0.0125.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\GemTracker_Pro_2.1.21.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\Generic Game Engine 1.1.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\GMSI.NET_Unit_Conversion_Edit_Box_1.1.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\Goldview_2.1_Build_188_[Patch].zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\GradeQuick 9.0.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\Haleakala Volcano Screensaver 1.0.0.1.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\Horizon_CRM_1.00.199.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\Horror_Hole_Movie_1.0.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\InstallAware_Setup_Squeezer_for_MSI_1.0.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\Internet_Access_Monitor_for_WinRoute_3.2.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\iOpus_File_and_Web_Page_Downloader_3.1.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\Jetpack (Visual Basic 6.0) 6.0 Patch.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\Joystick 2 Mouse 3.0.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\JS_PhotoPrep_1.06.1201_[Key+Serial].zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\Keep Out Halloween Edition 3D Screen Saver 1.5.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\KeyEcho_2.3.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\LabyCube 1.5.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\LigneDirecte_Basic_2.3.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\LingvoSoft Dictionary 2007 English - Hebrew 4.0.22.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\LingvoSoft_Dictionary_2007_English_-_Swedish_4.0.22_(Cracked).zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\LogRover 2.3.3.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\Manual of Etiquette 1.0.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\Max-Bid-Timer_2.01.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\MB6-205_Practice_Exam_Testing_Engine_Software_1.0_[Crack].zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\MDE_InfoHandler_9.2.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\MedCalc_9.3.6.0.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\MediaHeal Suite 1.0.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\Memory-3_Basic_1.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\MIDI0TO1 1.4.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\MMD Logger 2.0.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\MSU Smart Brightness & Contrast 1.01.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\MvCalc 1.05.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\myDynIPPro_4.3.1_[KeyGen].zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\News_Updater_1.10.6_Serial.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\NOD32.win9598ME.crack.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\Okoker Quick Burner 3.1.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\Omnidrive_0.7_(Key+Serial).zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\PacMania_3_3.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\Papertape_Calculator_1.10.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\PDF-Pro 2.7.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\PixFire_1.0.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\Plot Digitizer 2.4.1.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\Polygon_Cruncher_7.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\Power_MP3_WAV_Converter_1.12.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\Print HTML ActiveX DLL for Windows 1.0.0.11.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\QSearchFolders 1.4.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\QuickTime Killer 1.0.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\RadXtreme_Personal_1.3.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\Realty_Mailer_1.0.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\Rebex SFTP for .NET 1.5.2700.0 With Crack.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\Recovery_for_Word_3.1.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\Rubies_1.9.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\SALVADOR_2.7.3_With_Crack.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\ScoobyNet toolbar for Firefox 1.0.1.30.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\SG Daisies Screensaver 1.0.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\Sky_ScreenSaver_3.1b.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\Smart_GIF_Creator_3.1_(Serial).zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\SmoothSurfin 2.0.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\Snap_Backup_4.4.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\SnapTimePro_2.1.1.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\Snowflake 3D 3.0.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\SoftCollection_Transparent_Analog_Clock_1.21.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\SP_RE 2.0.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\Stopwatch_0.8.1.8.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\Studio_Necessities_2.5.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\Super_Audio_Converter_5.4.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\TranscendGrid 1.1.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\TrustedSource Toolbar for Notes 1.5.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\Universal Mechanism 2.0.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\Unreal_Tournament_2003_-_Monkew_skin.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\USBAUTORUN_1.0_Crack.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\VBubbles_1.0_[Key+Serial].zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\Warcraft_III_-_Castaway_map.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\White_Dune 0.29 Beta 637.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\WinPure ListCleaner Pro 3.0.8.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\X-Tile Screensaver 1.0.zip
C:\Documents and Settings\BRISARD ALEXIS\Application Data\m\shared\X360 Video Capture ActiveX OCX 2.0.zip
C:\WINDOWS\system32\cfx32.ocx
C:\WINDOWS\system32\drivers\downld
C:\WINDOWS\system32\drivers\downld\105578.exe
C:\WINDOWS\system32\drivers\downld\109718.exe
C:\WINDOWS\system32\drivers\downld\122156.exe
C:\WINDOWS\system32\drivers\downld\127968.exe
C:\WINDOWS\system32\drivers\downld\133625.exe
C:\WINDOWS\system32\drivers\downld\137125.exe
C:\WINDOWS\system32\drivers\downld\147453.exe
C:\WINDOWS\system32\drivers\downld\150359.exe
C:\WINDOWS\system32\drivers\downld\158734.exe
C:\WINDOWS\system32\drivers\downld\163500.exe
C:\WINDOWS\system32\drivers\downld\16467609.exe
C:\WINDOWS\system32\drivers\downld\16471312.exe
C:\WINDOWS\system32\drivers\downld\16485656.exe
C:\WINDOWS\system32\drivers\downld\16497593.exe
C:\WINDOWS\system32\drivers\downld\167125.exe
C:\WINDOWS\system32\drivers\downld\16741500.exe
C:\WINDOWS\system32\drivers\downld\16759312.exe
C:\WINDOWS\system32\drivers\downld\16763843.exe
C:\WINDOWS\system32\drivers\downld\171359.exe
C:\WINDOWS\system32\drivers\downld\175296.exe
C:\WINDOWS\system32\drivers\downld\1774203.exe
C:\WINDOWS\system32\drivers\downld\1779625.exe
C:\WINDOWS\system32\drivers\downld\1790265.exe
C:\WINDOWS\system32\drivers\downld\179515.exe
C:\WINDOWS\system32\drivers\downld\1797453.exe
C:\WINDOWS\system32\drivers\downld\1806187.exe
C:\WINDOWS\system32\drivers\downld\1809593.exe
C:\WINDOWS\system32\drivers\downld\189890.exe
C:\WINDOWS\system32\drivers\downld\200203.exe
C:\WINDOWS\system32\drivers\downld\203078.exe
C:\WINDOWS\system32\drivers\downld\2034250.exe
C:\WINDOWS\system32\drivers\downld\2044187.exe
C:\WINDOWS\system32\drivers\downld\2049968.exe
C:\WINDOWS\system32\drivers\downld\209890.exe
C:\WINDOWS\system32\drivers\downld\215500.exe
C:\WINDOWS\system32\drivers\downld\215734.exe
C:\WINDOWS\system32\drivers\downld\225515.exe
C:\WINDOWS\system32\drivers\downld\233171.exe
C:\WINDOWS\system32\drivers\downld\234343.exe
C:\WINDOWS\system32\drivers\downld\237125.exe
C:\WINDOWS\system32\drivers\downld\239953.exe
C:\WINDOWS\system32\drivers\downld\290921.exe
C:\WINDOWS\system32\drivers\downld\300500.exe
C:\WINDOWS\system32\drivers\downld\305500.exe
C:\WINDOWS\system32\drivers\downld\378921.exe
C:\WINDOWS\system32\drivers\downld\389187.exe
C:\WINDOWS\system32\drivers\downld\396203.exe
C:\WINDOWS\system32\drivers\downld\398406.exe
C:\WINDOWS\system32\drivers\downld\407156.exe
C:\WINDOWS\system32\drivers\downld\412406.exe
C:\WINDOWS\system32\drivers\hldrrr.exe
C:\WINDOWS\system32\drivers\mdelk.exe
C:\WINDOWS\system32\drivers\srosa.sys

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_6TO4
-------\Legacy_NWSAPAGENT
-------\Legacy_SROSA
-------\Service_6to4
-------\Service_NwSapAgent


((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-04-21 to 2008-05-21 ))))))))))))))))))))))))))))))))))))
.

2008-05-20 19:14 . 2008-05-20 19:14 <REP> d-------- C:\Muestras
2008-05-20 14:01 . 2008-05-20 18:15 <REP> d--h----- C:\$AVG8.VAULT$
2008-05-20 13:59 . 2008-05-20 14:04 <REP> d-------- C:\WINDOWS\system32\drivers\Avg
2008-05-20 13:59 . 2008-05-20 13:59 <REP> d-------- C:\Program Files\AVG
2008-05-20 13:59 . 2008-05-20 14:00 <REP> d-------- C:\Documents and Settings\All Users\Application Data\avg8
2008-05-20 13:59 . 2008-05-20 13:59 96,520 --a------ C:\WINDOWS\system32\drivers\avgldx86.sys
2008-05-20 13:59 . 2008-05-20 13:59 10,520 --a------ C:\WINDOWS\system32\avgrsstx.dll
2008-05-20 13:19 . 2001-08-23 16:59 289,920 --a------ C:\WINDOWS\system32\dllcache\atimpab.sys
2008-05-20 13:18 . 2004-08-04 00:54 870,784 --a------ C:\WINDOWS\system32\dllcache\ati3d1ag.dll
2008-05-20 13:17 . 2004-08-05 13:00 2,134,528 --a------ C:\WINDOWS\system32\dllcache\smtpsnap.dll
2008-05-20 13:16 . 2004-05-13 00:39 876,653 --a------ C:\WINDOWS\system32\dllcache\fp4awel.dll
2008-05-20 11:33 . 2008-05-20 11:33 <REP> d-------- C:\Program Files\Microsoft.NET
2008-05-20 11:04 . 2008-05-20 11:04 <REP> d-------- C:\WINDOWS\SHELLNEW
2008-05-20 11:01 . 2008-05-20 11:33 <REP> dr-h----- C:\MSOCache

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-20 17:37 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-05-20 16:18 --------- d-----w C:\Documents and Settings\BRISARD ALEXIS\Application Data\OpenOffice.org2
2008-05-20 14:54 --------- d-----w C:\Program Files\eMule
2008-05-20 11:39 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared
2008-05-20 11:38 --------- d-----w C:\Program Files\Symantec
2008-05-20 11:38 --------- d-----w C:\Program Files\Norton AntiVirus
2008-05-20 11:38 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
2008-05-20 07:31 --------- d-----w C:\Program Files\Fichiers communs\Ahead
2008-05-19 09:05 --------- d-----w C:\Documents and Settings\BRISARD ALEXIS\Application Data\U3
2008-05-17 12:21 --------- d-----w C:\Program Files\WinamaxPoker
2008-05-13 14:48 --------- d-----w C:\Program Files\Everest Poker
2008-04-18 06:22 --------- d-----w C:\Program Files\Java
2008-03-25 04:51 621,344 ----a-w C:\WINDOWS\system32\mswstr10.dll
2008-03-25 04:51 621,344 ----a-w C:\WINDOWS\system32\dllcache\mswstr10.dll
2008-03-25 04:51 194,144 ----a-w C:\WINDOWS\system32\msjint40.dll
2008-03-25 04:51 194,144 ----a-w C:\WINDOWS\system32\dllcache\msjint40.dll
2008-03-20 08:09 1,845,376 ----a-w C:\WINDOWS\system32\win32k.sys
2008-03-20 08:09 1,845,376 ------w C:\WINDOWS\system32\dllcache\win32k.sys
2006-05-03 09:06 163,328 --sh--r C:\WINDOWS\system32\flvDX.dll
2007-02-21 10:47 31,232 --sh--r C:\WINDOWS\system32\msfDX.dll
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 13:00 15360]
"FreeRAM XP"="C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe" [2006-01-02 03:48 1591808]
"DrvMon.exe"="C:\WINDOWS\system32\DrvMon.exe" [2004-11-29 11:55 53248]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe" [2005-10-28 16:25 94208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-04-14 22:05 344064]
"P3000x_S2P"="C:\PROGRAM FILES\DELL\DELL LASER MFP 1600N\PSU\ScanToPc.exe" [2004-10-27 21:44 57344]
"dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [2004-12-06 02:05 127035]
"DellNSCST"="C:\Program Files\DELL\Dell Laser MFP 1600n\NetworkScan\DNSCST.exe" [2004-11-12 15:00 278528]
"Symantec NetDriver Monitor"="C:\PROGRA~1\SYMNET~1\SNDMon.exe" [2008-02-12 11:49 100056]
"QOELOADER"="C:\Program Files\Qurb\QSP-2.0.170.0\QOELoader.exe" [2005-10-28 09:16 6656]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2006-02-18 18:36 180269]
"POEngine"="" []
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50 155648]
"ccApp"="C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" [2008-05-21 08:52 84640]
"osCheck"="C:\Program Files\Norton AntiVirus\osCheck.exe" [2008-05-21 08:52 26248]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2008-05-20 13:59 1177368]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 13:00 15360]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoViewOnDrive"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\MCPClient]
C:\PROGRA~1\FICHIE~1\Stardock\mcpstub.dll 2005-01-31 16:13 49152 C:\PROGRA~1\FICHIE~1\Stardock\MCPStub.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.I420"= i420vfw.dll
"vidc.yv12"= yv12vfw.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sglfb.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\tga.sys]
@="Driver"

[HKLM\~\startupfolder\C:^Documents and Settings^BRISARD ALEXIS^Menu Démarrer^Programmes^Démarrage^OpenOffice.org 2.0.lnk]
path=C:\Documents and Settings\BRISARD ALEXIS\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 2.0.lnk
backup=C:\WINDOWS\pss\OpenOffice.org 2.0.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanalPlayer]
C:\Program Files\Lecteur CANALPLAY\CanalPlayer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndexSearch]
--------- 2004-04-19 03:16 40960 C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair]
--------- 2005-01-18 18:47 458752 C:\Program Files\Logitech\Video\ISStart.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray]
--------- 2005-01-18 18:37 217088 C:\Program Files\Logitech\Video\LogiTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Norton Ghost 9.0]
--a------ 2004-08-02 18:36 1122304 C:\Program Files\Symantec\Norton Ghost\Agent\GhostTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PaperPort PTD]
--------- 2004-04-19 02:45 57393 C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Data-Concept\\Cyberlux Serveur Palladium\\CyberluxServer.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"C:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\Program Files\\Dell\\Dell Laser MFP 1600n\\NetworkScan\\DNSCST.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1628:TCP"= 1628:TCP:messenger

R0 PQV2i;PQV2i;C:\WINDOWS\system32\drivers\PQV2i.sys [2004-08-02 18:04]
R1 AvgLdx86;AVG AVI Loader Driver x86;C:\WINDOWS\system32\Drivers\avgldx86.sys [2008-05-20 13:59]
R1 PQIMount;PQIMount;C:\WINDOWS\system32\drivers\PQIMount.sys [2004-08-02 18:23]
R2 avg8wd;AVG8 WatchDog;C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-05-20 13:59]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{018222f4-6c02-11dc-bed6-00123f736809}]
\Shell\AutoRun\command - ntdelect.com
\Shell\explore\Command - G:\ntdeIect.com
\Shell\open\Command - G:\ntdeIect.com

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0740b2b8-ac7c-11dc-bf29-00123f736809}]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL antihost.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0ffc4df8-98f5-11dc-bf11-00123f736809}]
\Shell\Auto\command - fun.xls.exe
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL fun.xls.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{10d71b03-b9db-11dc-bf38-00123f736809}]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL antihost.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{120f3f23-cb1e-11dc-bf4c-00123f736809}]
\Shell\AutoRun\command - tio8x6.cmd
\Shell\explore\Command - tio8x6.cmd
\Shell\open\Command - tio8x6.cmd

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{12d69c48-c71e-11db-be18-00123f736809}]
\Shell\AutoRun\command - G:\LaunchU3.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{24428bc0-7312-11dc-bedf-00123f736809}]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL systems.com
\Shell\read\command - explorer.exe
\Shell\start\command - systems.com

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2673ffd9-ad4a-11dc-bf2a-00123f736809}]
\Shell\Auto\command - KM.exe
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL KM.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{28ed70f6-132f-11dc-be7b-00123f736809}]
\Shell\AutoRun\command - G:\LaunchU3.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{28ed70f8-132f-11dc-be7b-00123f736809}]
\Shell\AutoRun\command - ms.config\setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2a97f50a-5cf5-11db-bd93-00123f736809}]
\Shell\AutoRun\command - G:\jfvkcsy.bat
\Shell\explore\Command - G:\jfvkcsy.bat
\Shell\open\Command - G:\jfvkcsy.bat

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2bc30f22-2571-11dd-bfc1-00123f736809}]
\Shell\AutoRun\command - G:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2bc30f24-2571-11dd-bfc1-00123f736809}]
\Shell\AutoRun\command - r6r.exe
\Shell\explore\Command - r6r.exe
\Shell\open\Command - r6r.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2e8ba5bf-6044-11dc-bec9-00123f736809}]
\Shell\AutoRun\command - H:\RunDll32.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2ed7f8ce-0090-11dc-be64-00123f736809}]
\Shell\AutoRun\command - G:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2edc6430-baa1-11dc-bf39-00123f736809}]
\shell\verb1\command - desktop.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{30d1bc38-6d72-11db-bda7-00123f736809}]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Boot.exe e
\Shell\Open\command - G:\Boot.exe e

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3438b7c3-afa1-11dc-bf2d-00123f736809}]
\Shell\Auto\command - wscript "Sex City.jpg.wsf"
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript "Sex City.jpg.wsf"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{34af1307-6d93-11dc-bed8-00123f736809}]
\Shell\AutoRun\command - G:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3770ecab-d146-11db-be27-00123f736809}]
\Shell\AutoRun\command - G:\LaunchU3.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3770ecad-d146-11db-be27-00123f736809}]
\Shell\AutoRun\command - G:\LaunchU3.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{37ebb739-c63c-11db-be17-00123f736809}]
\Shell\AutoRun\command - G:\LaunchU3.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3a1daef4-7701-11dc-bee4-00123f736809}]
\Shell\Auto\command - Cn911.exe
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Cn911.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3a1daef6-7701-11dc-bee4-00123f736809}]
\Shell\AutoRun\command - G:\LaunchU3.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3a1daef7-7701-11dc-bee4-00123f736809}]
\Shell\Auto\command - H:\UFO.exe
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL UFO.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3ff1e7d9-ae1d-11dc-bf2b-00123f736809}]
\Shell\Auto\command - cmd /C launch.bat
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL cmd /C launch.bat

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{40604666-110d-11dd-bfa9-00123f736809}]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
\Shell\Open(&0)\command - Recycled\ctfmon.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{441d6aff-2664-11dd-bfcc-00123f736809}]
\Shell\AutoRun\command - G:\nideiect.com
\Shell\explore\Command - G:\nideiect.com
\Shell\open\Command - G:\nideiect.com

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{441d7d5a-2664-11dd-bfcc-00123f736809}]
\Shell\AutoRun\command - G:\nideiect.com
\Shell\explore\Command - G:\nideiect.com
\Shell\open\Command - G:\nideiect.com

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{441d7d5d-2664-11dd-bfcc-00123f736809}]
\Shell\AutoRun\command - G:\nideiect.com
\Shell\explore\Command - G:\nideiect.com
\Shell\open\Command - G:\nideiect.com

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{441d7d5e-2664-11dd-bfcc-00123f736809}]
\Shell\AutoRun\command - G:\nideiect.com
\Shell\explore\Command - G:\nideiect.com
\Shell\open\Command - G:\nideiect.com

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{441d7d61-2664-11dd-bfcc-00123f736809}]
\Shell\AutoRun\command - G:\RavMon.exe
\Shell\explore\Command - G:\RavMon.exe -e
\Shell\open\Command - G:\RavMon.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{45241470-be8e-11db-be0e-00123f736809}]
\Shell\Auto\command - Cn911.exe
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Cn911.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{45a6d814-c341-11dc-bf42-00123f736809}]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Boot.exe e
\Shell\Open\command - Boot.exe e

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4896b14e-c27a-11dc-bf41-00123f736809}]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Boot.exe e
\Shell\Open\command - Boot.exe e

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{49d2bc60-15be-11dd-bfae-00123f736809}]
\Shell\AutoRun\command - G:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{49d2bc63-15be-11dd-bfae-00123f736809}]
\Shell\AutoRun\command - G:\ClickMe.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4a486016-0d12-11dd-bfa4-00123f736809}]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL antihost.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4a48601a-0d12-11dd-bfa4-00123f736809}]
\Shell\Auto\command - G:\fun.xls.exe
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL fun.xls.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4eec4c20-dc12-11da-bd01-00123f736809}]
\Shell\AutoRun\command - G:\LaunchU3.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{511463f6-14e8-11dc-be7d-00123f736809}]
\Shell\AutoRun\command - G:\LaunchU3.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{511463f8-14e8-11dc-be7d-00123f736809}]
\Shell\AutoRun\command - G:\LaunchU3.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{58e7c634-f402-11dc-bf83-00123f736809}]
\Shell\AutoRun\command - G:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{58e7c636-f402-11dc-bf83-00123f736809}]
\Shell\AutoRun\command - setupSNK.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5c5773c1-7579-11dc-bee2-00123f736809}]
\Shell\AutoRun\command - ie.exe
\Shell\explore\Command - ie.exe
\Shell\open\Command - ie.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5c91c36e-8e74-11db-bdd2-00123f736809}]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL antihost.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{607cacb1-72f0-11db-bdae-00123f736809}]
\Shell\AutoRun\command - G:\ReadMe.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6563e33c-77d1-11dc-bee5-00123f736809}]
\shell\verb1\command - desktop.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{671aef0d-dd11-11db-be35-00123f736809}]
\Shell\AutoRun\command - G:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6bd051df-7c92-11dc-beee-00123f736809}]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL antihost.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6d850434-61f1-11dc-becb-00123f736809}]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
\Shell\Open(&0)\command - Recycled\ctfmon.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6e537440-f297-11dc-bf81-00123f736809}]
\Shell\AutoRun\command - G:\EmDesk.exe
\Shell\EmDesk\command - G:\EmDesk.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6f201643-e908-11dc-bf73-00123f736809}]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL antihost.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{723a4122-0abd-11dd-bfa1-00123f736809}]
\Shell\AutoRun\command - G:\LaunchU3.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{76158fda-e3a9-11dc-bf6d-00123f736809}]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Boot.exe e
\Shell\Open\command - G:\Boot.exe e

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{76158fdc-e3a9-11dc-bf6d-00123f736809}]
\shell\verb1\command - desktop.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7cb26a1f-d490-11dc-bf58-00123f736809}]
\Shell\AutoRun\command - G:\LaunchU3.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{80ae2635-c4d3-11dc-bf44-00123f736809}]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL antihost.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{82962959-3a36-11da-b8d1-00123f736809}]
\Shell\AutoRun\command - G:\jfvkcsy.bat
\Shell\explore\Command - G:\jfvkcsy.bat
\Shell\open\Command - G:\jfvkcsy.bat

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8b7d4a51-878c-11dc-befb-00123f736809}]
\Shell\AutoRun\command - G:\ReadMe.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8b966839-a324-11dc-bf1d-00123f736809}]
\Shell\Auto\command - KM.exe
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL KM.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{906a97e6-b69e-11da-bcd3-00123f736809}]
\Shell\AutoRun\command - G:\LaunchU3.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{95d2f35b-f1b2-11dc-bf80-00123f736809}]
\Shell\AutoRun\command - G:\AutoTransfer.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9d2a649a-cd8d-11dc-bf4f-00123f736809}]
\Shell\AutoRun\command - G:\AutoTransfer.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a0b7305a-c89c-11db-be1b-00123f736809}]
\Shell\AutoRun\command - G:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a0b7305d-c89c-11db-be1b-00123f736809}]
\Shell\AutoRun\command - G:\LaunchU3.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a647c5e4-2b2e-11da-b8b9-00123f736809}]
\Shell\AutoRun\command - G:\nideiect.com
\Shell\explore\Command - G:\nideiect.com
\Shell\open\Command - G:\nideiect.com

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{aa189b3a-0f75-11dd-bfa7-00123f736809}]
\Shell\AutoRun\command - G:\Autorun.exe /run
\Shell\Shell00\Command - G:\Autorun.exe /run
\Shell\Shell01\Command - G:\Autorun.exe /action
\Shell\Shell02\Command - G:\Autorun.exe /uninstall

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{aa189b3d-0f75-11dd-bfa7-00123f736809}]
\Shell\AutoRun\command - G:\t.com
\Shell\explore\Command - G:\t.com
\Shell\open\Command - G:\t.com

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ad2d41f2-ec1b-11dc-bf79-00123f736809}]
\Shell\AutoRun\command - h2.com
\Shell\explore\Command - h2.com
\Shell\open\Command - h2.com

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b037eeac-aee7-11dc-bf2c-00123f736809}]
\Shell\AutoRun\command - H:\CruzerProfile.exe /autorun

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b0b545a6-fc67-11db-be5f-00123f736809}]
\Shell\AutoRun\command - G:\LaunchU3.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b0b545a9-fc67-11db-be5f-00123f736809}]
\Shell\AutoRun\command - G:\ReadMe.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b0fd698c-fec7-11db-be62-00123f736809}]
\Shell\AutoRun\command - G:\LaunchU3.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b3f8c6c5-a215-11db-bde7-00123f736809}]
\Shell\AutoRun\command - G:\setupSNK.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b728bfd3-1834-11dd-bfb1-00123f736809}]
\Shell\AutoRun\command - tmf3w3g0.com
\Shell\explore\Command - tmf3w3g0.com
\Shell\open\Command - tmf3w3g0.com

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bc9687b6-07a1-11dd-bf9e-00123f736809}]
\Shell\AutoRun\command - G:\InstallTomTomHOME.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c4fd3bee-8435-11db-bdc4-00123f736809}]
\Shell\AutoRun\command - G:\LaunchU3.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c71bc28a-4b8a-11da-b8eb-00123f736809}]
\Shell\AutoRun\command - G:\loader.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c9e02326-1b55-11dd-bfb4-00123f736809}]
\Shell\Auto\command - wscript "esta ig.vbs"
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript "esta ig.vbs"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cc0f6d43-9290-11dc-bf09-00123f736809}]
\Shell\1\Command - autorun.pif
\Shell\2\Command - autorun.pif
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL autorun.pif

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ccb67f0a-2253-11dd-bfbd-00123f736809}]
\Shell\AutoRun\command - G:\jfvkcsy.bat
\Shell\explore\Command - G:\jfvkcsy.bat
\Shell\open\Command - G:\jfvkcsy.bat

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cd27deb8-ffb7-11dc-bf91-00123f736809}]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
\Shell\Open(&0)\command - Recycled\ctfmon.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cef15629-da0d-11dc-bf62-00123f736809}]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL antihost.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d4de5c49-5ddb-11db-bd94-00123f736809}]
\Shell\AutoRun\command - RAVMON.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d59a5334-80e7-11da-b935-00123f736809}]
\shell\verb1\command - desktop.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{daf78827-65e5-11dc-becf-00123f736809}]
\Shell\AutoRun\command - H:\LaunchU3.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{dc319568-52be-11db-bd85-00123f736809}]
\Shell\Auto\command - G:\serivces.exe
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL serivces.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{dd7b4144-d797-11db-be2e-00123f736809}]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e1524214-9f0c-11db-bde3-00123f736809}]
\Shell\AutoRun\command - G:\setupSNK.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e1c0e857-c5a6-11dc-bf45-00123f736809}]
\Shell\Auto\command - G:\UFO.exe
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL UFO.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e1c0e85b-c5a6-11dc-bf45-00123f736809}]
\Shell\Auto\command - UFO.exe
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL UFO.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e43adc01-e420-11da-bd0b-00123f736809}]
\Shell\AutoRun\command - RavMon.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e44c0512-c98d-11dc-bf4a-00123f736809}]
\Shell\Auto\command - UFO.exe
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL UFO.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e5a98e92-943e-11dc-bf0b-00123f736809}]
\Shell\AutoRun\command - G:\LaunchU3.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e6cd0e92-d56b-11dc-bf59-00123f736809}]
\Shell\AutoRun\command - H:\setupSNK.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e900fcf2-06ec-11dd-bf9d-00123f736809}]
\Shell\AutoRun\command - wscript.exe .\.vbs
\Shell\open\command - wscript.exe .\.vbs

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ee390446-e9f2-11dc-bf76-00123f736809}]
\Shell\Auto\command - G:\bittorrent.exe e
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL bittorrent.exe e

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ee495a87-a891-11dc-bf25-00123f736809}]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Boot.exe e
\Shell\Open\command - Boot.exe e

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ee495a88-a891-11dc-bf25-00123f736809}]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Lisez_moiTdT.htm

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ee495a89-a891-11dc-bf25-00123f736809}]
\shell\verb1\command - desktop.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f444a82e-f72e-11dc-bf87-00123f736809}]
\Shell\AutoRun\command - H:\setupSNK.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f444a830-f72e-11dc-bf87-00123f736809}]
\shell\verb1\command - desktop.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f444a831-f72e-11dc-bf87-00123f736809}]
\Shell\Auto\command - G:\RavMon.exe e
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RavMon.exe e

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f681e6fc-9d88-11dc-bf16-00123f736809}]
\Shell\AutoRun\command - G:\RavMon.exe
\Shell\explore\Command - G:\RavMon.exe -e
\Shell\open\Command - G:\RavMon.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f6dffb66-ea8b-11dc-bf77-00123f736809}]
\Shell\AutoRun\command - 8ti.exe
\Shell\explore\Command - 8ti.exe
\Shell\open\Command - 8ti.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f6dffb69-ea8b-11dc-bf77-00123f736809}]
\Shell\AutoRun\command - G:\setupSNK.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f838255a-ef4f-11dc-bf7d-00123f736809}]
\Shell\AutoRun\command - G:\b.com
\Shell\explore\Command - G:\b.com
\Shell\open\Command - G:\b.com

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fad418a8-db45-11da-bd00-00123f736809}]
\Shell\AutoRun\command - G:\g83816.com
\Shell\explore\Command - G:\g83816.com
\Shell\open\Command - G:\g83816.com

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fe5e7081-d89a-11dc-bf5d-00123f736809}]
\Shell\Auto\command - G:\Windows.scr
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Windows.scr

.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2005-09-21 18:00:11 C:\WINDOWS\Tasks\Rappel d'abonnement 1 auprès de l'ISP.job"
21 Mai 2008 09:38:03

Je peux lancer GMER (aucun rootkit)n mais je ne peux toujours pas lancer hijackthis.
21 Mai 2008 12:16:02

j'ai tjrs aussi le probleme "n'est pas une application win32 valide" our lancer bon nombre de programme notamment avast
21 Mai 2008 17:53:51

bonjour

1

Télécharge Flash Disinfector
Connectes tes supports amovibles sur ton PC. (lecteur mp3, DD externe, clé USB...)
Connecte tous les périphériques externes ( DD , USB , ..... )
Double clique sur Flash Disinfector et laisse toi guider


2

Voilà ce que je te propose, tu vas remplacer Avast! par Antivir, qui lui est un vrai antivirus, tu vas faire un scan avec et poster le rapport. :) 


Désinstalle correctement Avast!


Pour le remplacer par Antivir.

-->Tuto<--


Pourquoi changer ? : Avast! vs Antivir
mais aussi:
14 antivirus au banc d'essai
Citation :
Antivir : le plus efficace des gratuits
Tom's guide dans le monde
  • Allemagne
  • Italie
  • Irlande
  • Royaume Uni
  • Etats Unis
Suivre Tom's Guide
Inscrivez-vous à la Newsletter
  • ajouter à twitter
  • ajouter à facebook
  • ajouter un flux RSS