virus?????

enouie · le 26 décembre 2005

Bonjour et bonnes fêtes à tous

Voila mon problemes : "check this out lol NEW MSN 11 PLUS! http://msn11plus.shizero.com !"

Il apparait de partout, la connexion en réseau ne fonctionne plus, je n'ai plus de barre de tâche etc....

Je vous envoie un rapport lopxp + un hijackthis. Pourriez vous m'aider SVP merci par avance.

Rapport fait à 10:28:47,30 le 26/12/2005

Le volume dans le lecteur C n'a pas de nom.

Le num‚ro de s‚rie du volume est 7837-3FB4

R‚pertoire de C:\Documents and Settings\Administrateur\Application Data

21/04/2005 11:21 <REP> Identities

21/04/2005 11:14 62 desktop.ini

21/04/2005 11:14 <REP> ..

21/04/2005 11:14 <REP> Microsoft

21/04/2005 11:14 <REP> .

1 fichier(s) 62 octets

4 R‚p(s) 116883279872 octets libres

Le volume dans le lecteur C n'a pas de nom.

Le num‚ro de s‚rie du volume est 7837-3FB4

R‚pertoire de C:\Documents and Settings\Administrateur.GUILLAUM-CDJFBI\Application Data

20/11/2005 19:35 62 desktop.ini

20/11/2005 19:35 <REP> ..

20/11/2005 19:35 <REP> Microsoft

20/11/2005 19:35 <REP> .

1 fichier(s) 62 octets

3 R‚p(s) 116883275776 octets libres

Le volume dans le lecteur C n'a pas de nom.

Le num‚ro de s‚rie du volume est 7837-3FB4

R‚pertoire de C:\Documents and Settings\All Users\Application Data

20/12/2005 09:26 <REP> Grisoft

20/12/2005 09:26 <REP> avg7

18/11/2005 11:34 <REP> MSN6

27/10/2005 18:04 <REP> Ulead Systems

24/05/2005 06:20 <REP> Megatech

19/05/2005 18:26 <REP> BOONTY

21/04/2005 09:55 <REP> Spybot - Search & Destroy

19/04/2005 17:32 <REP> Messenger Plus!

19/02/2005 13:27 <REP> Zylom

15/01/2005 17:49 <REP> Skype

07/01/2005 04:24 <REP> Ahead

07/01/2005 04:21 <REP> nView_Profiles

19/12/2004 10:28 <REP> Time bike wipe settings

09/12/2004 20:57 <REP> QuickTime

02/12/2004 12:32 <REP> DVD Shrink

23/11/2004 19:20 <REP> InterVideo

19/11/2004 18:15 <REP> Adobe

18/11/2004 15:35 <REP> Macrovision

18/11/2004 15:19 <REP> Symantec

16/11/2004 17:27 62 desktop.ini

16/11/2004 17:27 <REP> Microsoft

16/11/2004 17:27 <REP> .

16/11/2004 17:27 <REP> ..

1 fichier(s) 62 octets

22 R‚p(s) 116883275776 octets libres

check this out lol NEW MSN 11 PLUS! http://msn11plus.shizero.com !

Rapport fait à 10:28:47,30 le 26/12/2005

Logfile of HijackThis v1.99.1

Scan saved at 11:29:59, on 26/12/2005

Platform: Windows XP SP1 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe

C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\System32\RUNDLL32.EXE

C:\Program Files\Ahead\InCD\InCD.exe

C:\PROGRA~1\Wanadoo\CnxMon.exe

C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe

C:\PROGRA~1\Wanadoo\TaskbarIcon.exe

C:\Program Files\QuickTime\qttask.exe

C:\Program Files\MSN Apps\Updater\01.02.3000.1001\fr\msnappau.exe

C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe

C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe

C:\WINDOWS\System32\LVCOMSX.EXE

C:\Program Files\Messenger Plus! 3\MsgPlus.exe

C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe

C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe

C:\Program Files\Ahead\InCD\InCDsrv.exe

C:\Program Files\Winamp\winampa.exe

C:\Msmsgsis.exe

C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe

C:\Program Files\Norton AntiVirus\navapsvc.exe

C:\WINDOWS\System32\DrvMon.exe

c:\progra~1\intern~1\iexplore.exe

C:\WINDOWS\System32\nvsvc32.exe

C:\Program Files\Norton AntiVirus\SAVScan.exe

C:\WINDOWS\System32\svchost.exe

C:\program files\steam\steam.exe

C:\PROGRA~1\INCRED~1\bin\IMApp.exe

C:\WINDOWS\System32\wuauclt.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\WINDOWS\system32\notepad.exe

C:\WINDOWS\system32\NOTEPAD.EXE

C:\Program Files\WinRAR\WinRAR.exe

C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\Rar$EX00.812\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.tmcniralwvfdppdhuvfkgyjw.com/Zf...Jp6jlHqzdAG.jsp

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dlzikxvudzsfvxe.us/ZfynToormX_6...nIoBSAaodg.html

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.rd.yahoo.com/customize/ie/defaul...://fr.yahoo.com

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ie/defaul...://fr.yahoo.com

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: (no name) - {01D600A2-AE6A-6949-6098-679D404059EE} - C:\DOCUME~1\GUILLA~1\APPLIC~1\UPLOAD~1\DriveJoy.exe (file missing)

O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\ycomp5_3_18_0.dll

O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll

O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dll

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx

O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: Yahoo! Compagnon - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\ycomp5_3_18_0.dll

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [inCD] C:\Program Files\Ahead\InCD\InCD.exe

O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe

O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe

O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [msnappau] "C:\Program Files\MSN Apps\Updater\01.02.3000.1001\fr\msnappau.exe"

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe

O4 - HKLM\..\Run: [security iGuard] C:\Program Files\Security iGuard\Security iGuard.exe

O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\ccApp.exe /i

O4 - HKLM\..\Run: [TkBellExee] C:\WINDOWS\realschd.exe

O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE

O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe

O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"

O4 - HKLM\..\Run: [Nero] C:\WINDOWS\shch.exe /i

O4 - HKLM\..\Run: [MsnExplorer] C:\WINDOWS\msexploren.exe /i

O4 - HKLM\..\Run: [sSC_UserPrompt] C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [NAV CfgWiz] C:\Program Files\Fichiers communs\Symantec Shared\CfgWiz.exe /GUID NAV /CMDLINE "REBOOT"

O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer

O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe

O4 - HKLM\..\Run: [TXP] c:\program files\topthemesxp\txp.exe

O4 - HKLM\..\Run: [Wipe Settings Ball Tick] C:\Documents and Settings\All Users\Application Data\Time bike wipe settings\Bleh intra.exe

O4 - HKLM\..\Run: [Farces & Attrapes] C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\Rar$EX00.797\shut-shit-and-sex.exe \farces

O4 - HKLM\..\Run: [winspool] \winspool.exe

O4 - HKLM\..\Run: [Msmsgsis.exe] c:\Msmsgsis.exe

O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP

O4 - HKLM\..\RunServices: [winspool] \winspool.exe

O4 - HKCU\..\Run: [tickdate] C:\DOCUME~1\GUILLA~1\APPLIC~1\PlayBib\4 STUPID.exe

O4 - HKCU\..\Run: [DrvMon.exe] C:\WINDOWS\System32\DrvMon.exe

O4 - HKCU\..\Run: [a-squared] "C:\Program Files\a2\a2guard.exe"

O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized

O4 - HKCU\..\Run: [steam] "c:\program files\steam\steam.exe" -silent

O4 - HKCU\..\Run: [Registry Cleaner] "C:\Program Files\Registry Cleaner Trial\regclean.exe"

O4 - HKCU\..\Run: [incrediMail] C:\PROGRA~1\INCRED~1\bin\IncMail.exe /c

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

O4 - Global Startup: MSI Media Center Deluxe II.lnk = C:\Program Files\MSI\Media Center Deluxe II\Projector.exe

O4 - Global Startup: WinIRXHelper.lnk = C:\Program Files\MSI\Media Center Deluxe II\WinIRXHelper.exe

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE (file missing)

O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE (file missing)

O9 - Extra button: Microsoft AntiSpyware helper - {0058A23E-6C4F-42EB-AA66-76A3121EC719} - (no file) (HKCU)

O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {0058A23E-6C4F-42EB-AA66-76A3121EC719} - (no file) (HKCU)

O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)

O9 - Extra button: Microsoft AntiSpyware helper - {1BFF29EC-F0E0-42C8-9E8C-A2B60802A00E} - (no file) (HKCU)

O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {1BFF29EC-F0E0-42C8-9E8C-A2B60802A00E} - (no file) (HKCU)

O9 - Extra button: Microsoft AntiSpyware helper - {3FF4E862-74B0-44A0-B7F1-196F3CDA8841} - (no file) (HKCU)

O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {3FF4E862-74B0-44A0-B7F1-196F3CDA8841} - (no file) (HKCU)

O9 - Extra button: Microsoft AntiSpyware helper - {404104FC-8851-4450-B168-0CFAB6387AB8} - (no file) (HKCU)

O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {404104FC-8851-4450-B168-0CFAB6387AB8} - (no file) (HKCU)

O9 - Extra button: Microsoft AntiSpyware helper - {468CEC5F-5F0A-4B6E-A607-37BF480363D2} - (no file) (HKCU)

O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {468CEC5F-5F0A-4B6E-A607-37BF480363D2} - (no file) (HKCU)

O9 - Extra button: Microsoft AntiSpyware helper - {47453C24-B4BC-4F24-8ADF-9726CB5478F1} - (no file) (HKCU)

O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {47453C24-B4BC-4F24-8ADF-9726CB5478F1} - (no file) (HKCU)

O9 - Extra button: Microsoft AntiSpyware helper - {679118CF-53A4-40BB-A3E6-0608358EE907} - (no file) (HKCU)

O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {679118CF-53A4-40BB-A3E6-0608358EE907} - (no file) (HKCU)

O9 - Extra button: Microsoft AntiSpyware helper - {71A5081E-37FE-4BE7-BA15-64F2EF9F549F} - (no file) (HKCU)

O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {71A5081E-37FE-4BE7-BA15-64F2EF9F549F} - (no file) (HKCU)

O9 - Extra button: Microsoft AntiSpyware helper - {7C7F5114-9B67-4BE3-920D-835993001D7F} - (no file) (HKCU)

O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {7C7F5114-9B67-4BE3-920D-835993001D7F} - (no file) (HKCU)

O9 - Extra button: Microsoft AntiSpyware helper - {888536A0-0A3B-48F3-AA68-171706D5EEB9} - (no file) (HKCU)

O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {888536A0-0A3B-48F3-AA68-171706D5EEB9} - (no file) (HKCU)

O9 - Extra button: Microsoft AntiSpyware helper - {99835422-4111-4830-A106-3A7FA1E4EF63} - (no file) (HKCU)

O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {99835422-4111-4830-A106-3A7FA1E4EF63} - (no file) (HKCU)

O9 - Extra button: Microsoft AntiSpyware helper - {9B5311C6-95EC-45A4-A3CB-1ED8C1D4CB71} - (no file) (HKCU)

O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {9B5311C6-95EC-45A4-A3CB-1ED8C1D4CB71} - (no file) (HKCU)

O9 - Extra button: Microsoft AntiSpyware helper - {9BF82EAA-588C-41A7-B718-3969ECF2C203} - (no file) (HKCU)

O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {9BF82EAA-588C-41A7-B718-3969ECF2C203} - (no file) (HKCU)

O9 - Extra button: Microsoft AntiSpyware helper - {AB714465-4C86-49CC-9E92-235D17C85A6D} - (no file) (HKCU)

O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {AB714465-4C86-49CC-9E92-235D17C85A6D} - (no file) (HKCU)

O9 - Extra button: Microsoft AntiSpyware helper - {D02865B2-1E18-431F-B65D-D38B543C1F23} - (no file) (HKCU)

O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {D02865B2-1E18-431F-B65D-D38B543C1F23} - (no file) (HKCU)

O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab

O16 - DPF: {11111111-1111-1111-1111-511111113457} - file://c:\x.cab

O16 - DPF: {11111111-1111-1111-1111-511111113458} - file://c:\x.cab

O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

O16 - DPF: {23232323-2323-2323-2323-232323231122} - file://c:\x.cab

O16 - DPF: {24311111-1111-1121-1111-111191113457} - file://c:\eied_s7.cab

O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F99} (CR64Loader Object) - http://www.miniclip.com/platypus/miniclipGameLoader.dll

O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab

O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/...nst_current.cab

O16 - DPF: {33331111-1111-1111-1111-611111193457} - file://c:\ex.cab

O16 - DPF: {33331111-1111-1111-1111-611111193458} - file://c:\ex.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5co...b?1102774868140

O16 - DPF: {8C875948-9C60-4381-9248-0DF180542D53} - http://installs.hotbar.com/installs/hbtool...ams/hbtools.cab

O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab

O16 - DPF: {CE69F98F-2AF3-4306-BAC6-A79070EDA1B4} (Zylom Loader Object) - http://eu.download.games.yahoo.com/zylom/a...zylomloader.cab

O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by108fd.bay108.hotmail.msn.com/activex/HMAtchmt.ocx

O17 - HKLM\System\CCS\Services\Tcpip\..\{F5A56E72-EA2D-41FD-8D60-3EECC3E1CAC6}: NameServer = 80.10.246.1 80.10.246.132

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~2\msgrapp.dll" (file missing)

O20 - AppInit_DLLs: bogh7phvumbvx6ll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll MsgPlusLoader.dll

O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe

O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe

O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe

O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe

O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe

O23 - Service: InCD Helper (InCDsrv) - AHEAD Software - C:\Program Files\Ahead\InCD\InCDsrv.exe

O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe

O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe

O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe

O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe

le 26 décembre 2005

Salut,

ton systeme est bien infecté, appliques la procedure :

http://forum.zebulon.fr/index.php?showtopic=69176

enouie · le 26 décembre 2005

Merci j'y vais

enouie · le 26 décembre 2005

Logfile of HijackThis v1.99.1

Scan saved at 12:54:23, on 26/12/2005

Platform: Windows XP SP1 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.rd.yahoo.com/customize/ie/defaul...://fr.yahoo.com

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - Default URLSearchHook is missing