Se connecter / S'enregistrer
Votre question

Impossible d'installer un antivirus

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
30 Septembre 2007 12:14:34

Bonjour,

Je n'arrive plus à installer un antivirus. Je pense que c'est un virus.
D'après ce que j'ai lu sur plusieurs forums hidr.exe serait responsable
Quelqu'un peut-il m'aider ?
Merci beaucoup !!

Sophie

J'ai lancé Blacklight et voilà ce que j'obtiens :
09/30/07 11:54:53 [Info]: BlackLight Engine 1.0.64 initialized
09/30/07 11:54:53 [Info]: OS: 5.1 build 2600 (Service Pack 2)
09/30/07 11:54:53 [Note]: 7019 4
09/30/07 11:54:53 [Note]: 7005 0
09/30/07 11:54:54 [Note]: 7006 0
09/30/07 11:54:54 [Note]: 7011 1588
09/30/07 11:54:54 [Note]: 7026 0
09/30/07 11:54:54 [Note]: 7026 0
09/30/07 11:54:54 [Note]: 7024 3
09/30/07 11:54:54 [Info]: Hidden process: C:\WINDOWS\system32\drivers\hidr.exe
09/30/07 11:54:57 [Note]: FSRAW library version 1.7.1022
09/30/07 11:54:57 [Info]: Hidden file: c:\APPS\skype\toolbars\Shared\SPhoneParser.dll
09/30/07 11:54:57 [Note]: 10002 3
09/30/07 11:54:57 [Note]: 10002 2
09/30/07 11:54:57 [Note]: 10002 2
09/30/07 11:55:49 [Info]: Hidden file: c:\Program Files\Movie Maker\Shared\Empty.txt
09/30/07 11:55:49 [Note]: 10002 3
09/30/07 11:55:49 [Info]: Hidden file: c:\Program Files\Movie Maker\Shared\Filters.xml
09/30/07 11:55:49 [Note]: 10002 3
09/30/07 11:55:49 [Info]: Hidden file: c:\Program Files\Movie Maker\Shared\news.png
09/30/07 11:55:49 [Note]: 10002 3
09/30/07 11:55:49 [Info]: Hidden file: c:\Program Files\Movie Maker\Shared\paint.png
09/30/07 11:55:49 [Note]: 10002 3
09/30/07 11:55:49 [Info]: Hidden file: c:\Program Files\Movie Maker\Shared\Profiles\Blank.txt
09/30/07 11:55:49 [Note]: 10002 3
09/30/07 11:55:49 [Info]: Hidden file: c:\Program Files\Movie Maker\Shared\Sample1.jpg
09/30/07 11:55:49 [Note]: 10002 3
09/30/07 11:55:49 [Info]: Hidden file: c:\Program Files\Movie Maker\Shared\Sample2.jpg
09/30/07 11:55:49 [Note]: 10002 3
09/30/07 11:55:49 [Note]: 10002 2
09/30/07 11:55:49 [Note]: 10002 2
09/30/07 11:58:08 [Info]: Hidden file: c:\WINDOWS\ime\SHARED\imepaden.hlp
09/30/07 11:58:08 [Note]: 10002 3
09/30/07 11:58:08 [Info]: Hidden file: c:\WINDOWS\ime\SHARED\imepadsm.dll
09/30/07 11:58:08 [Note]: 10002 3
09/30/07 11:58:08 [Info]: Hidden file: c:\WINDOWS\ime\SHARED\imepadsv.exe
09/30/07 11:58:08 [Note]: 10002 3
09/30/07 11:58:08 [Info]: Hidden file: c:\WINDOWS\ime\SHARED\imlang.dll
09/30/07 11:58:08 [Note]: 10002 3
09/30/07 11:58:08 [Info]: Hidden file: c:\WINDOWS\ime\SHARED\RES\PADRS404.DLL
09/30/07 11:58:08 [Note]: 10002 3
09/30/07 11:58:08 [Info]: Hidden file: c:\WINDOWS\ime\SHARED\RES\padrs411.dll
09/30/07 11:58:08 [Note]: 10002 3
09/30/07 11:58:08 [Info]: Hidden file: c:\WINDOWS\ime\SHARED\RES\padrs412.dll
09/30/07 11:58:08 [Note]: 10002 3
09/30/07 11:58:08 [Info]: Hidden file: c:\WINDOWS\ime\SHARED\RES\padrs804.dll
09/30/07 11:58:08 [Note]: 10002 3
09/30/07 11:58:08 [Note]: 10002 2
09/30/07 11:58:08 [Note]: 10002 2
09/30/07 11:58:20 [Note]: 10002 3
09/30/07 11:58:20 [Note]: 10002 3
09/30/07 11:58:20 [Note]: 10002 3
09/30/07 11:58:20 [Note]: 10002 3
09/30/07 11:58:20 [Note]: 10002 3
09/30/07 11:58:20 [Note]: 10002 3
09/30/07 11:58:20 [Note]: 10002 3
09/30/07 11:58:20 [Note]: 10002 3
09/30/07 11:58:20 [Note]: 10002 2
09/30/07 11:58:20 [Note]: 10002 2
09/30/07 11:58:37 [Info]: Hidden file: C:\WINDOWS\system32\drivers\hidr.exe
09/30/07 11:58:37 [Note]: 10002 2
09/30/07 11:58:37 [Info]: Hidden file: c:\WINDOWS\system32\drivers\srosa.sys
09/30/07 11:58:37 [Note]: 10002 2
09/30/07 12:02:03 [Note]: 7007 0

Autres pages sur : impossible installer antivirus

30 Septembre 2007 12:16:31

Bonjour,

Télécharge ELIBAGLA au bas de cette page. Il est préférable pour certains antivirus de les désactiver avant d’entâmer cette procédure !
Clique sur le Descargar Elibagla afin de télécharger le fichier, enregistre-le sur ton bureau.
Lance le en double cliquant dessus.
Vérifie que dans le menu déroulant Unidad, il y ait bien C:\
L'option Eliminar Ficheros Automaticamente doit également être cochée.
Clique sur Explorar pour lancer l'analyse.
Poste le rapport généré en fin fin d'analyse.
30 Septembre 2007 12:27:15

Merci pour ton aide !
Voilà ce que donne le rapport :

Sun Sep 30 12:20:23 2007
EliBagle v10.58 (c)2007 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\BAN_LIST.TXT --> Eliminado Bagle
C:\WINDOWS\SYSTEM32\DRIVERS\HIDR.EXE --> Bagle Renombrado a .VIR
Por favor, envienos una muestra del fichero
C:\Muestras\SROSA.SYS.Muestra EliBagle v10.58
a "virus@satinfo.es". Gracias.
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Eliminado Bagle
D:\DOCUMENTS AND SETTINGS\FAMILLE\APPLICATION DATA\M\FLEC006.EXE --> Eliminado Bagle.dldr
D:\DOCUMENTS AND SETTINGS\FAMILLE\APPLICATION DATA\M\LIST.OCT --> Eliminado Bagle
Eliminada Carpeta "%WinDir%\exefld"
Restaurada Clave: "SafeBoot\Minimal y Network"

Sun Sep 30 12:21:05 2007
EliBagle v10.58 (c)2007 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\
C:\APPS\SMP\SMPSYS.EXE --> Eliminado Bagle
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP232\A0038076.EXE --> Eliminado Bagle
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP233\A0038257.EXE --> Eliminado Bagle
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP233\A0038292.EXE --> Eliminado Bagle
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP233\A0038379.EXE --> Eliminado Bagle
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP233\A0038403.EXE --> Eliminado Bagle
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP234\A0038443.EXE --> Eliminado Bagle
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP234\A0038467.EXE --> Eliminado Bagle
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP234\A0038482.EXE --> Eliminado Bagle
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP235\A0038537.EXE --> Eliminado Bagle
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP235\A0038552.EXE --> Eliminado Bagle
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP236\A0038592.EXE --> Eliminado Bagle
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP236\A0038614.EXE --> Eliminado Bagle
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP237\A0038631.EXE --> Eliminado Bagle
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP237\A0038650.EXE --> Eliminado Bagle
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP237\A0038685.EXE --> Eliminado Bagle
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP238\A0038726.EXE --> Eliminado Bagle
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP238\A0038737.EXE --> Eliminado Bagle
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP239\A0038782.EXE --> Eliminado Bagle
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP239\A0038788.EXE --> Eliminado Bagle
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP239\A0038821.EXE --> Eliminado Bagle
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP240\A0038861.EXE --> Eliminado Bagle
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP240\A0038892.EXE --> Eliminado Bagle
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP240\A0038906.EXE --> Eliminado Bagle
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP241\A0038922.EXE --> Eliminado Bagle
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP241\A0038948.EXE --> Eliminado Bagle
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP242\A0039043.EXE --> Eliminado Bagle
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP243\A0039117.EXE --> Eliminado Bagle
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP243\A0039136.EXE --> Eliminado Bagle
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP244\A0039174.EXE --> Eliminado Bagle
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP244\A0039180.EXE --> Eliminado Bagle
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP245\A0039223.EXE --> Eliminado Bagle
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP246\A0039276.EXE --> Eliminado Bagle
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP247\A0039342.EXE --> Eliminado Bagle
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP247\A0039352.EXE --> Eliminado Bagle
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP248\A0039416.EXE --> Eliminado Bagle
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP254\A0039861.EXE --> Eliminado Bagle
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP257\A0039879.EXE --> Eliminado Bagle
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP257\A0039897.EXE --> Eliminado Bagle
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP257\A0039976.EXE --> Eliminado Bagle
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP259\A0039991.EXE --> Eliminado Bagle
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP260\A0040009.EXE --> Eliminado Bagle
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP262\A0040024.EXE --> Eliminado Bagle
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP267\A0040080.EXE --> Eliminado Bagle
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP272\A0041080.EXE --> Eliminado Bagle
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP272\A0041089.EXE --> Eliminado Bagle
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP272\A0041149.EXE --> Eliminado Bagle
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP273\A0041162.EXE --> Eliminado Bagle
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP275\A0041321.EXE --> Eliminado Bagle
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP275\A0041339.EXE --> Eliminado Bagle
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP275\A0041358.EXE --> Eliminado Bagle
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP276\A0041382.EXE --> Eliminado Bagle
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP276\A0041401.EXE --> Eliminado Bagle
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP277\A0041417.EXE --> Eliminado Bagle
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP277\A0041421.EXE --> Eliminado Bagle.dldr
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP277\A0041422.EXE --> Eliminado Bagle.dldr
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP277\A0041424.EXE --> Eliminado Bagle.dldr
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP277\A0041425.EXE --> Eliminado Bagle.dldr
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP277\A0041426.EXE --> Eliminado Bagle.dldr
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP277\A0041428.EXE --> Eliminado Bagle.dldr
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP277\A0041429.EXE --> Eliminado Bagle.dldr
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP277\A0041430.EXE --> Eliminado Bagle.dldr
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP277\A0041431.EXE --> Eliminado Bagle.dldr
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP277\A0041432.EXE --> Eliminado Bagle.dldr
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP277\A0041433.EXE --> Eliminado Bagle
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP277\A0041434.EXE --> Eliminado Bagle.dldr
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP277\A0041435.EXE --> Eliminado Bagle.dldr
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP277\A0041437.EXE --> Eliminado Bagle.dldr
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP277\A0041438.EXE --> Eliminado Bagle.dldr
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP277\A0041440.EXE --> Eliminado Bagle.dldr
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP277\A0041441.EXE --> Eliminado Bagle.dldr
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP277\A0041442.EXE --> Eliminado Bagle.dldr
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP277\A0041443.EXE --> Eliminado Bagle.dldr
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP277\A0041445.EXE --> Eliminado Bagle.dldr
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP277\A0041446.EXE --> Eliminado Bagle.dldr
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP277\A0041451.EXE --> Eliminado Bagle.dldr
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP277\A0041452.EXE --> Eliminado Bagle.dldr
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP277\A0041453.EXE --> Eliminado Bagle.dldr
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP277\A0041454.EXE --> Eliminado Bagle.dldr
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP277\A0041456.EXE --> Eliminado Bagle.dldr
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP277\A0041458.EXE --> Eliminado Bagle.dldr
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP277\A0041459.EXE --> Eliminado Bagle.dldr
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP277\A0041461.EXE --> Eliminado Bagle.dldr
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP277\A0041462.EXE --> Eliminado Bagle.dldr
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP277\A0041464.EXE --> Eliminado Bagle.dldr
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP277\A0041465.EXE --> Eliminado Bagle.dldr
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP277\A0041466.EXE --> Eliminado Bagle
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP277\A0041470.EXE --> Eliminado Bagle.dldr
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP277\A0041473.EXE --> Eliminado Bagle.dldr
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP277\A0041474.EXE --> Eliminado Bagle.dldr
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP277\A0041476.EXE --> Eliminado Bagle.dldr
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP277\A0041477.EXE --> Eliminado Bagle.dldr
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP277\A0041478.EXE --> Eliminado Bagle.dldr
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP277\A0041479.EXE --> Eliminado Bagle
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP277\A0041480.EXE --> Eliminado Bagle.dldr
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP277\A0041482.EXE --> Eliminado Bagle.dldr
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP277\A0041483.EXE --> Eliminado Bagle.dldr
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP277\A0041485.EXE --> Eliminado Bagle.dldr
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP277\A0041491.EXE --> Eliminado Bagle
Contenus similaires
30 Septembre 2007 12:30:18

ça va mieux dis-moi ? :) 
Refais un rapport Blacklight.
Après ça :

Télécharge Hijackthis

Dézippe le dans un dossier sur ton bureau.
Double clique sur celui-ci.
Puis "Do a system scan and save a logfile" et poste le rapport.
30 Septembre 2007 12:37:43

Tu crois que je peux essayer de réinstaller mon antivirus ? Faut-il que je redémarre le PC avant ?
Merci

Voilà le rapport Blacklight :
09/30/07 12:29:10 [Info]: BlackLight Engine 1.0.64 initialized
09/30/07 12:29:10 [Info]: OS: 5.1 build 2600 (Service Pack 2)
09/30/07 12:29:10 [Note]: 7019 4
09/30/07 12:29:10 [Note]: 7005 0
09/30/07 12:29:37 [Note]: 7006 0
09/30/07 12:29:37 [Note]: 7011 1588
09/30/07 12:29:37 [Note]: 7026 0
09/30/07 12:29:37 [Note]: 7026 0
09/30/07 12:29:37 [Note]: 7024 3
09/30/07 12:29:37 [Info]: Hidden process: C:\WINDOWS\system32\drivers\hidr.exe
09/30/07 12:29:39 [Note]: FSRAW library version 1.7.1022
09/30/07 12:29:42 [Info]: Hidden file: c:\APPS\skype\toolbars\Shared\SPhoneParser.dll
09/30/07 12:29:42 [Note]: 10002 3
09/30/07 12:29:42 [Note]: 10002 2
09/30/07 12:29:42 [Note]: 10002 2
09/30/07 12:30:46 [Info]: Hidden file: c:\Program Files\Movie Maker\Shared\Empty.txt
09/30/07 12:30:46 [Note]: 10002 3
09/30/07 12:30:46 [Info]: Hidden file: c:\Program Files\Movie Maker\Shared\Filters.xml
09/30/07 12:30:46 [Note]: 10002 3
09/30/07 12:30:46 [Info]: Hidden file: c:\Program Files\Movie Maker\Shared\news.png
09/30/07 12:30:46 [Note]: 10002 3
09/30/07 12:30:46 [Info]: Hidden file: c:\Program Files\Movie Maker\Shared\paint.png
09/30/07 12:30:46 [Note]: 10002 3
09/30/07 12:30:46 [Info]: Hidden file: c:\Program Files\Movie Maker\Shared\Profiles\Blank.txt
09/30/07 12:30:46 [Note]: 10002 3
09/30/07 12:30:46 [Info]: Hidden file: c:\Program Files\Movie Maker\Shared\Sample1.jpg
09/30/07 12:30:46 [Note]: 10002 3
09/30/07 12:30:46 [Info]: Hidden file: c:\Program Files\Movie Maker\Shared\Sample2.jpg
09/30/07 12:30:46 [Note]: 10002 3
09/30/07 12:30:46 [Note]: 10002 2
09/30/07 12:30:46 [Note]: 10002 2
09/30/07 12:32:37 [Info]: Hidden file: c:\WINDOWS\ime\SHARED\imepaden.hlp
09/30/07 12:32:37 [Note]: 10002 3
09/30/07 12:32:37 [Info]: Hidden file: c:\WINDOWS\ime\SHARED\imepadsm.dll
09/30/07 12:32:37 [Note]: 10002 3
09/30/07 12:32:37 [Info]: Hidden file: c:\WINDOWS\ime\SHARED\imepadsv.exe
09/30/07 12:32:37 [Note]: 10002 3
09/30/07 12:32:37 [Info]: Hidden file: c:\WINDOWS\ime\SHARED\imlang.dll
09/30/07 12:32:37 [Note]: 10002 3
09/30/07 12:32:37 [Info]: Hidden file: c:\WINDOWS\ime\SHARED\RES\PADRS404.DLL
09/30/07 12:32:37 [Note]: 10002 3
09/30/07 12:32:37 [Info]: Hidden file: c:\WINDOWS\ime\SHARED\RES\padrs411.dll
09/30/07 12:32:37 [Note]: 10002 3
09/30/07 12:32:37 [Info]: Hidden file: c:\WINDOWS\ime\SHARED\RES\padrs412.dll
09/30/07 12:32:37 [Note]: 10002 3
09/30/07 12:32:37 [Info]: Hidden file: c:\WINDOWS\ime\SHARED\RES\padrs804.dll
09/30/07 12:32:37 [Note]: 10002 3
09/30/07 12:32:37 [Note]: 10002 2
09/30/07 12:32:37 [Note]: 10002 2
09/30/07 12:32:48 [Note]: 10002 3
09/30/07 12:32:48 [Note]: 10002 3
09/30/07 12:32:48 [Note]: 10002 3
09/30/07 12:32:48 [Note]: 10002 3
09/30/07 12:32:48 [Note]: 10002 3
09/30/07 12:32:48 [Note]: 10002 3
09/30/07 12:32:48 [Note]: 10002 3
09/30/07 12:32:48 [Note]: 10002 3
09/30/07 12:32:48 [Note]: 10002 2
09/30/07 12:32:48 [Note]: 10002 2
09/30/07 12:36:18 [Note]: 2000 1012
09/30/07 12:36:18 [Note]: 7002 0
09/30/07 12:36:18 [Note]: 7003 1



Voilà le rapport Hijackthis :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:32:14, on 30/09/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe
C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe
C:\apps\ABoard\ABoard.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\OFFICE One6.5\OFFICE One PDF Manager\OoPDFSettingsv6.exe
C:\apps\ABoard\AOSD.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\OFFICE One6.5\OFFICE One Notes\oonotesv65.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\OFFICE One6.5\program\soffice.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\MICROS~2\Office10\OUTLOOK.EXE
C:\Program Files\Microsoft Office\Office10\WINWORD.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\NOTEPAD.EXE
D:\Documents and Settings\Famille\Bureau\fsbl.exe
D:\Documents and Settings\Famille\Bureau\HiJackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.lemonde.fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: LightFrame3IECOM - {43D29D14-460E-4F3A-9037-E60F11EF12F0} - C:\WINDOWS\system32\LightFrame3IECOM.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [Vade Retro Outlook Express] "C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe"
O4 - HKLM\..\Run: [DetectorApp] C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32"
O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [OoPDFSettingsv6.exe] C:\Program Files\OFFICE One6.5\OFFICE One PDF Manager\OoPDFSettingsv6.exe
O4 - HKLM\..\RunOnce: [ReEXEc] D:\Documents and Settings\Famille\Bureau\EliBaglA.exe
O4 - HKCU\..\Run: [SmpcSys] C:\APPS\SMP\SmpSys.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OFFICE One 6.5.lnk = C:\Program Files\OFFICE One6.5\program\quickstart.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: OFFICE One Notes v6.5.lnk = C:\Program Files\OFFICE One6.5\OFFICE One Notes\oonotesv65.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab
O16 - DPF: {104B0A37-AB99-4F06-8032-8BBDC3B77DDB} (Telechargement Control) - http://www2.photoweb.fr/telechargement/Photoweb_uploade...
O16 - DPF: {68C1822F-F5C7-4404-A73F-03C10E0E94DA} (telechargement-photoweb) - http://www4.photoweb.fr/telechargement/Photoweb_uploade...
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.fnacphoto.com/ECTelechargement/Origma/ImageU...
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: USBDeviceService - Unknown owner - C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

30 Septembre 2007 12:43:43

Repasse un coup elibagla et poste le rapport.
30 Septembre 2007 12:51:17

Sun Sep 30 12:50:04 2007
EliBagle v10.58 (c)2007 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):

Sun Sep 30 12:50:05 2007
EliBagle v10.58 (c)2007 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\
30 Septembre 2007 12:52:22

Télécharge Combofix (par sUBs) sur ton Bureau. (Tuto)
Double clique combofix.exe.
Tape sur la touche 1 (Yes) pour démarrer le scan.
Lorsque le scan sera complété, un rapport apparaîtra. Poste ce rapport dans ta prochaine réponse.

Le rapport se trouve ici : C:\Combofix.txt
30 Septembre 2007 12:53:52

OK je vais faire tout ça
30 Septembre 2007 12:57:05

ComboFix 07-09-21.2 - "Famille" 2007-09-30 12:55:21.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.33.1036.18.519 [GMT 2:00]
* Created a new restore point
.

((((((((((((((((((((((((((((( Fichiers créés 2007-08-28 to 2007-09-30 ))))))))))))))))))))))))))))))))))))
.

2007-09-30 12:54 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-09-30 12:20 <REP> d-------- C:\Muestras
2007-09-30 11:43 <REP> d-------- C:\!KillBox
2007-09-29 15:52 599,802 --------- C:\WINDOWS\system32\drivers\HIDR.EXE.VIR
2007-09-28 19:40 <REP> d-------- C:\Program Files\Windows Installer Clean Up
2007-09-09 10:56 <REP> d-------- C:\Program Files\3D Live Pool
2007-09-09 09:47 <REP> d-------- C:\Program Files\Luxor
2007-09-09 09:46 <REP> d-------- C:\Program Files\ReflexiveArcade
2007-09-09 09:46 <REP> d-------- C:\Program Files\GameHouse
2007-09-09 09:27 <REP> d-------- C:\Program Files\Absolutist.com
2007-09-08 23:44 <REP> d-------- C:\Program Files\CubIQ
2007-09-08 23:39 4,096 --a------ C:\WINDOWS\d3dx.dat
2007-09-08 23:36 <REP> d-------- C:\Program Files\Alawar
2007-09-08 22:02 <REP> d-------- C:\Program Files\LizardTech
2007-09-08 16:13 <REP> d--h----- D:\DOCUME~1\Famille\APPLIC~1\m
2007-09-08 11:45 <REP> d-------- D:\DOCUME~1\Famille\APPLIC~1\GameHouse
2007-09-08 11:45 <REP> d-------- D:\DOCUME~1\ALLUSE~1\APPLIC~1\n7-89-o9-3r-4t-r9

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-09-30 09:49 --------- d-------- D:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
2007-09-28 21:34 --------- d-------- C:\Program Files\eMule
2007-09-28 21:32 --------- d-------- C:\Program Files\Fichiers communs\Symantec Shared
2007-09-20 12:16 --------- d-------- D:\DOCUME~1\Famille\APPLIC~1\Canon
2007-09-08 22:02 --------- d--h----- C:\Program Files\InstallShield Installation Information
2007-09-08 16:11 81984 --a------ C:\WINDOWS\system32\bdod.bin
2007-08-29 12:48 --------- d-------- C:\Program Files\Picasa2
2007-07-30 19:19 92504 --a------ C:\WINDOWS\system32\dllcache\cdm.dll
2007-07-30 19:19 92504 --a------ C:\WINDOWS\system32\cdm.dll
2007-07-30 19:19 549720 --a------ C:\WINDOWS\system32\wuapi.dll
2007-07-30 19:19 549720 --a------ C:\WINDOWS\system32\dllcache\wuapi.dll
2007-07-30 19:19 53080 --a------ C:\WINDOWS\system32\wuauclt.exe
2007-07-30 19:19 53080 --a------ C:\WINDOWS\system32\dllcache\wuauclt.exe
2007-07-30 19:19 43352 --a------ C:\WINDOWS\system32\wups2.dll
2007-07-30 19:19 325976 --a------ C:\WINDOWS\system32\wucltui.dll
2007-07-30 19:19 325976 --a------ C:\WINDOWS\system32\dllcache\wucltui.dll
2007-07-30 19:19 203096 --a------ C:\WINDOWS\system32\wuweb.dll
2007-07-30 19:19 203096 --a------ C:\WINDOWS\system32\dllcache\wuweb.dll
2007-07-30 19:19 1712984 --a------ C:\WINDOWS\system32\wuaueng.dll
2007-07-30 19:19 1712984 --a------ C:\WINDOWS\system32\dllcache\wuaueng.dll
2007-07-30 19:18 33624 --a------ C:\WINDOWS\system32\wups.dll
2007-07-30 19:18 33624 --a------ C:\WINDOWS\system32\dllcache\wups.dll
2007-07-19 08:58 3583488 --a------ C:\WINDOWS\system32\dllcache\mshtml.dll
2007-07-13 01:30 765952 --a------ C:\WINDOWS\system32\dllcache\vgx.dll
2007-07-12 08:37 36864 --a------ C:\WINDOWS\gotouninstall.exe
2007-06-27 15:24 823808 --a------ C:\WINDOWS\system32\dllcache\wininet.dll
2007-06-27 15:24 671232 --a------ C:\WINDOWS\system32\dllcache\mstime.dll
2007-06-27 15:24 477696 --a------ C:\WINDOWS\system32\dllcache\mshtmled.dll
2007-06-27 15:24 232960 --------- C:\WINDOWS\system32\dllcache\webcheck.dll
2007-06-27 15:24 193024 --a------ C:\WINDOWS\system32\dllcache\msrating.dll
2007-06-27 15:24 1152000 --a------ C:\WINDOWS\system32\dllcache\urlmon.dll
2007-06-27 15:24 105984 --------- C:\WINDOWS\system32\dllcache\url.dll
2007-06-27 15:24 102400 --------- C:\WINDOWS\system32\dllcache\occache.dll
2007-06-27 15:23 6058496 --------- C:\WINDOWS\system32\dllcache\ieframe.dll
2007-06-27 15:23 52224 --------- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2007-06-27 15:23 459264 --------- C:\WINDOWS\system32\dllcache\msfeeds.dll
2007-06-27 15:23 44544 --------- C:\WINDOWS\system32\dllcache\iernonce.dll
2007-06-27 15:23 27648 --a------ C:\WINDOWS\system32\dllcache\jsproxy.dll
2007-06-27 15:23 267776 --------- C:\WINDOWS\system32\dllcache\iertutil.dll
2007-06-27 15:22 384512 --------- C:\WINDOWS\system32\dllcache\iedkcs32.dll
2007-06-27 15:22 383488 --------- C:\WINDOWS\system32\dllcache\ieapfltr.dll
2007-06-27 15:22 230400 --------- C:\WINDOWS\system32\dllcache\ieaksie.dll
2007-06-27 15:22 153088 --------- C:\WINDOWS\system32\dllcache\ieakeng.dll
2007-06-27 15:22 132608 --a------ C:\WINDOWS\system32\dllcache\extmgr.dll
2007-06-27 15:22 124928 --------- C:\WINDOWS\system32\dllcache\advpack.dll
2007-06-27 10:28 625152 --------- C:\WINDOWS\system32\dllcache\iexplore.exe
2007-06-27 10:27 63488 --------- C:\WINDOWS\system32\dllcache\ie4uinit.exe
2007-06-27 10:27 13824 --------- C:\WINDOWS\system32\dllcache\ieudinit.exe
2007-06-27 09:00 161792 --------- C:\WINDOWS\system32\dllcache\ieakui.dll
2007-06-26 08:09 1104896 --a------ C:\WINDOWS\system32\msxml3.dll
2007-06-26 08:09 1104896 --------- C:\WINDOWS\system32\dllcache\msxml3.dll
2007-06-19 15:32 282112 --a------ C:\WINDOWS\system32\gdi32.dll
2007-06-19 15:32 282112 --------- C:\WINDOWS\system32\dllcache\gdi32.dll
2007-06-13 15:22 1037312 --a------ C:\WINDOWS\explorer.exe
2007-06-13 15:22 1037312 --------- C:\WINDOWS\system32\dllcache\explorer.exe
2004-02-11 05:00 80014 --a------ C:\WINDOWS\Fonts\unins000.exe
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.

*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-10 14:00]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-10 14:00]
"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [2005-09-29 14:01]
"RTHDCPL"="RTHDCPL.EXE" [2006-05-18 14:27 C:\WINDOWS\RTHDCPL.exe]
"SkyTel"="SkyTel.EXE" [2006-05-16 18:04 C:\WINDOWS\SkyTel.exe]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-04-28 00:47]
"nwiz"="nwiz.exe" [2006-04-28 00:47 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-04-28 00:47]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe" [2005-06-03 03:52]
"Vade Retro Outlook Express"="C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe" [2004-10-04 13:03]
"DetectorApp"="C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe" [2005-10-20 06:15]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-10 14:00]
"ACTIVBOARD"="c:\apps\ABoard\ABoard.exe" [2003-05-02 11:31]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-10-11 21:04]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06]
"OoPDFSettingsv6.exe"="C:\Program Files\OFFICE One6.5\OFFICE One PDF Manager\OoPDFSettingsv6.exe" [2006-12-10 20:18]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmpcSys"="C:\APPS\SMP\SmpSys.exe" []
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 14:00]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-03-31 13:45]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce]
"ReEXEc"=D:\Documents and Settings\Famille\Bureau\EliBaglA.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=sockspy.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sglfb.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\tga.sys]
@="Driver"

R3 3xHybrid;ASUSTek SAA713x PCI Card;C:\WINDOWS\system32\DRIVERS\3xHybrid.sys
R3 AEXPAM;Philips SmartManage Service;C:\WINDOWS\system32\Drivers\aexpamdrv.sys
R3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
R3 X10Hid;X10 Hid Device;C:\WINDOWS\system32\Drivers\x10hid.sys
R3 XUIF;X10 USB Wireless Transceiver;C:\WINDOWS\system32\Drivers\x10ufx2.sys
S0 viamraid;viamraid;C:\WINDOWS\system32\DRIVERS\viamraid.sys
S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys

*Newly Created Service* - CATCHME
.
**************************************************************************

catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-09-30 12:56:18
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2007-09-30 12:56:38
.
--- E O F ---
30 Septembre 2007 13:04:00

Avant de continuer, dis-moi si tu arrives à installer un antivirus ou pas.
30 Septembre 2007 13:12:28

Non toujours pas.... Quelle galère ce virus!
Merci
30 Septembre 2007 13:33:24

Copie le texte se situant dans le cadre ci-dessous :

File::
C:\WINDOWS\system32\drivers\hidr.exe


Ouvre le Bloc-Notes puis colle le texte copié.
Sauvegarde ce fichier sous le nom de CFScript.txt.

Glisse maintenant le fichier ComboFix-Do.txt dans Combofix.exe comme ci-dessous :


Cela va relancer Combofix, tape sur 1 puis valide. Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un rapport Hijackthis.
S'il n'y a pas de rédémarrage, poste quand même les rapports.
30 Septembre 2007 13:43:50

:hello: 
a ouais la tu as vraiment un probleme !!!!!!
mais si tu veux que je t'aide dit moi ci c'est un ordinateur ou une psp !!!! si c'est un ordi ou une psp je pourrais peut etre t'aider alors reponds moi stp Bizous
30 Septembre 2007 13:55:33

Et voilà :
omboFix 07-09-21.2 - "Famille" 2007-09-30 13:48:47.2 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.33.1036.18.505 [GMT 2:00]
Command switches used :: D:\Documents and Settings\Famille\Bureau\CFScript.txt
* Created a new restore point
.

((((((((((((((((((((((((((((( Fichiers créés 2007-08-28 to 2007-09-30 ))))))))))))))))))))))))))))))))))))
.

2007-09-30 12:54 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-09-30 12:20 <REP> d-------- C:\Muestras
2007-09-30 11:43 <REP> d-------- C:\!KillBox
2007-09-29 15:52 599,802 --------- C:\WINDOWS\system32\drivers\HIDR.EXE.VIR
2007-09-28 19:40 <REP> d-------- C:\Program Files\Windows Installer Clean Up
2007-09-09 10:56 <REP> d-------- C:\Program Files\3D Live Pool
2007-09-09 09:47 <REP> d-------- C:\Program Files\Luxor
2007-09-09 09:46 <REP> d-------- C:\Program Files\ReflexiveArcade
2007-09-09 09:46 <REP> d-------- C:\Program Files\GameHouse
2007-09-09 09:27 <REP> d-------- C:\Program Files\Absolutist.com
2007-09-08 23:44 <REP> d-------- C:\Program Files\CubIQ
2007-09-08 23:39 4,096 --a------ C:\WINDOWS\d3dx.dat
2007-09-08 23:36 <REP> d-------- C:\Program Files\Alawar
2007-09-08 22:02 <REP> d-------- C:\Program Files\LizardTech
2007-09-08 16:13 <REP> d--h----- D:\DOCUME~1\Famille\APPLIC~1\m
2007-09-08 11:45 <REP> d-------- D:\DOCUME~1\Famille\APPLIC~1\GameHouse
2007-09-08 11:45 <REP> d-------- D:\DOCUME~1\ALLUSE~1\APPLIC~1\n7-89-o9-3r-4t-r9

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-09-30 09:49 --------- d-------- D:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
2007-09-28 21:34 --------- d-------- C:\Program Files\eMule
2007-09-28 21:32 --------- d-------- C:\Program Files\Fichiers communs\Symantec Shared
2007-09-20 12:16 --------- d-------- D:\DOCUME~1\Famille\APPLIC~1\Canon
2007-09-08 22:02 --------- d--h----- C:\Program Files\InstallShield Installation Information
2007-09-08 16:11 81984 --a------ C:\WINDOWS\system32\bdod.bin
2007-08-29 12:48 --------- d-------- C:\Program Files\Picasa2
2007-07-30 19:19 92504 --a------ C:\WINDOWS\system32\dllcache\cdm.dll
2007-07-30 19:19 92504 --a------ C:\WINDOWS\system32\cdm.dll
2007-07-30 19:19 549720 --a------ C:\WINDOWS\system32\wuapi.dll
2007-07-30 19:19 549720 --a------ C:\WINDOWS\system32\dllcache\wuapi.dll
2007-07-30 19:19 53080 --a------ C:\WINDOWS\system32\wuauclt.exe
2007-07-30 19:19 53080 --a------ C:\WINDOWS\system32\dllcache\wuauclt.exe
2007-07-30 19:19 43352 --a------ C:\WINDOWS\system32\wups2.dll
2007-07-30 19:19 325976 --a------ C:\WINDOWS\system32\wucltui.dll
2007-07-30 19:19 325976 --a------ C:\WINDOWS\system32\dllcache\wucltui.dll
2007-07-30 19:19 203096 --a------ C:\WINDOWS\system32\wuweb.dll
2007-07-30 19:19 203096 --a------ C:\WINDOWS\system32\dllcache\wuweb.dll
2007-07-30 19:19 1712984 --a------ C:\WINDOWS\system32\wuaueng.dll
2007-07-30 19:19 1712984 --a------ C:\WINDOWS\system32\dllcache\wuaueng.dll
2007-07-30 19:18 33624 --a------ C:\WINDOWS\system32\wups.dll
2007-07-30 19:18 33624 --a------ C:\WINDOWS\system32\dllcache\wups.dll
2007-07-19 08:58 3583488 --a------ C:\WINDOWS\system32\dllcache\mshtml.dll
2007-07-13 01:30 765952 --a------ C:\WINDOWS\system32\dllcache\vgx.dll
2007-07-12 08:37 36864 --a------ C:\WINDOWS\gotouninstall.exe
2007-06-27 15:24 823808 --a------ C:\WINDOWS\system32\dllcache\wininet.dll
2007-06-27 15:24 671232 --a------ C:\WINDOWS\system32\dllcache\mstime.dll
2007-06-27 15:24 477696 --a------ C:\WINDOWS\system32\dllcache\mshtmled.dll
2007-06-27 15:24 232960 --------- C:\WINDOWS\system32\dllcache\webcheck.dll
2007-06-27 15:24 193024 --a------ C:\WINDOWS\system32\dllcache\msrating.dll
2007-06-27 15:24 1152000 --a------ C:\WINDOWS\system32\dllcache\urlmon.dll
2007-06-27 15:24 105984 --------- C:\WINDOWS\system32\dllcache\url.dll
2007-06-27 15:24 102400 --------- C:\WINDOWS\system32\dllcache\occache.dll
2007-06-27 15:23 6058496 --------- C:\WINDOWS\system32\dllcache\ieframe.dll
2007-06-27 15:23 52224 --------- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2007-06-27 15:23 459264 --------- C:\WINDOWS\system32\dllcache\msfeeds.dll
2007-06-27 15:23 44544 --------- C:\WINDOWS\system32\dllcache\iernonce.dll
2007-06-27 15:23 27648 --a------ C:\WINDOWS\system32\dllcache\jsproxy.dll
2007-06-27 15:23 267776 --------- C:\WINDOWS\system32\dllcache\iertutil.dll
2007-06-27 15:22 384512 --------- C:\WINDOWS\system32\dllcache\iedkcs32.dll
2007-06-27 15:22 383488 --------- C:\WINDOWS\system32\dllcache\ieapfltr.dll
2007-06-27 15:22 230400 --------- C:\WINDOWS\system32\dllcache\ieaksie.dll
2007-06-27 15:22 153088 --------- C:\WINDOWS\system32\dllcache\ieakeng.dll
2007-06-27 15:22 132608 --a------ C:\WINDOWS\system32\dllcache\extmgr.dll
2007-06-27 15:22 124928 --------- C:\WINDOWS\system32\dllcache\advpack.dll
2007-06-27 10:28 625152 --------- C:\WINDOWS\system32\dllcache\iexplore.exe
2007-06-27 10:27 63488 --------- C:\WINDOWS\system32\dllcache\ie4uinit.exe
2007-06-27 10:27 13824 --------- C:\WINDOWS\system32\dllcache\ieudinit.exe
2007-06-27 09:00 161792 --------- C:\WINDOWS\system32\dllcache\ieakui.dll
2007-06-26 08:09 1104896 --a------ C:\WINDOWS\system32\msxml3.dll
2007-06-26 08:09 1104896 --------- C:\WINDOWS\system32\dllcache\msxml3.dll
2007-06-19 15:32 282112 --a------ C:\WINDOWS\system32\gdi32.dll
2007-06-19 15:32 282112 --------- C:\WINDOWS\system32\dllcache\gdi32.dll
2007-06-13 15:22 1037312 --a------ C:\WINDOWS\explorer.exe
2007-06-13 15:22 1037312 --------- C:\WINDOWS\system32\dllcache\explorer.exe
2004-02-11 05:00 80014 --a------ C:\WINDOWS\Fonts\unins000.exe
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.

*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-10 14:00]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-10 14:00]
"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [2005-09-29 14:01]
"RTHDCPL"="RTHDCPL.EXE" [2006-05-18 14:27 C:\WINDOWS\RTHDCPL.exe]
"SkyTel"="SkyTel.EXE" [2006-05-16 18:04 C:\WINDOWS\SkyTel.exe]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-04-28 00:47]
"nwiz"="nwiz.exe" [2006-04-28 00:47 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-04-28 00:47]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe" [2005-06-03 03:52]
"Vade Retro Outlook Express"="C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe" [2004-10-04 13:03]
"DetectorApp"="C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe" [2005-10-20 06:15]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-10 14:00]
"ACTIVBOARD"="c:\apps\ABoard\ABoard.exe" [2003-05-02 11:31]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-10-11 21:04]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06]
"OoPDFSettingsv6.exe"="C:\Program Files\OFFICE One6.5\OFFICE One PDF Manager\OoPDFSettingsv6.exe" [2006-12-10 20:18]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmpcSys"="C:\APPS\SMP\SmpSys.exe" []
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 14:00]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-03-31 13:45]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce]
"ReEXEc"=D:\Documents and Settings\Famille\Bureau\EliBaglA.exe

Rapport Hijackthis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:54:18, on 30/09/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe
C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe
C:\apps\ABoard\ABoard.exe
C:\apps\ABoard\AOSD.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\OFFICE One6.5\OFFICE One PDF Manager\OoPDFSettingsv6.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\OFFICE One6.5\OFFICE One Notes\oonotesv65.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\OFFICE One6.5\program\soffice.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\NOTEPAD.EXE
D:\Documents and Settings\Famille\Bureau\HiJackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.lemonde.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: LightFrame3IECOM - {43D29D14-460E-4F3A-9037-E60F11EF12F0} - C:\WINDOWS\system32\LightFrame3IECOM.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [Vade Retro Outlook Express] "C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe"
O4 - HKLM\..\Run: [DetectorApp] C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32"
O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [OoPDFSettingsv6.exe] C:\Program Files\OFFICE One6.5\OFFICE One PDF Manager\OoPDFSettingsv6.exe
O4 - HKCU\..\Run: [SmpcSys] C:\APPS\SMP\SmpSys.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OFFICE One 6.5.lnk = C:\Program Files\OFFICE One6.5\program\quickstart.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: OFFICE One Notes v6.5.lnk = C:\Program Files\OFFICE One6.5\OFFICE One Notes\oonotesv65.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab
O16 - DPF: {104B0A37-AB99-4F06-8032-8BBDC3B77DDB} (Telechargement Control) - http://www2.photoweb.fr/telechargement/Photoweb_uploade...
O16 - DPF: {68C1822F-F5C7-4404-A73F-03C10E0E94DA} (telechargement-photoweb) - http://www4.photoweb.fr/telechargement/Photoweb_uploade...
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.fnacphoto.com/ECTelechargement/Origma/ImageU...
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: USBDeviceService - Unknown owner - C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

--
End of file - 8140 bytes

Encore merci michou pour ton aide !

Pour chachadu, c'est un ordinateur !
30 Septembre 2007 14:08:44

Télécharge Lop S&D
Dézippe-le.
Lance le fichier Scan.bat
Exécute l’option R .
Poste le rapport généré en fin d’analyse.
Le rapport se trouve aussi ici : >>C:\Lopr.txt<<

( Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , tape explorer et valide )

Refais un scan Blacklight, poste le rapport.
30 Septembre 2007 14:14:38

Je viens de lancer l'installation de mon antivirus et ça fonctionne !!!!!
Un gros merci pour l'aide ! C'est super sympa !
30 Septembre 2007 14:16:28

Bien alors ;) 
Mais on a pas fini, il reste des choses, continue.
30 Avril 2009 17:48:37

j'ai le même problème que Sophie , j'ai essayer toutes les solutions mais malheureusement le problème résiste... Please j'ai besoin de votre aide car j'ai un projet à rendre ce jeudi et ce virus m'empêche de travailler :cry: 
Tom's guide dans le monde
  • Allemagne
  • Italie
  • Irlande
  • Royaume Uni
  • Etats Unis
Suivre Tom's Guide
Inscrivez-vous à la Newsletter
  • ajouter à twitter
  • ajouter à facebook
  • ajouter un flux RSS