Salut
Depuis quelques temps je me tape une saloperie de virus, spyware ou un truc dans le genre.
Ca me met un message debile au lieu de mon fond d'ecran normal.
Voila a quoi ca ressemble :
J'ai passé plusieurs antivirus, anti-adaware, spyware et cie mais rien n'a reussit a me le degager.
Je desespere, qq'un a t'il une idée ?
Mon log hijack au cas où...
Logfile of HijackThis v1.99.1
Scan saved at 22:41:14, on 03/03/2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\System32\Ati2evxx.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\Explorer.EXE
E:\WINDOWS\system32\spoolsv.exe
E:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
E:\WINDOWS\Mixer.exe
E:\WINDOWS\SOUNDMAN.EXE
E:\Program Files\D-Tools\daemon.exe
E:\Program Files\Microsoft AntiSpyware\gcasServ.exe
E:\Program Files\MSN Messenger\MsnMsgr.Exe
E:\Documents and Settings\Anne\Application Data\ahor.exe
E:\WINDOWS\System32\??oolsv.exe
E:\Program Files\VIA\RAID\raid_tool.exe
E:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
E:\Program Files\Avant Browser\avant.exe
E:\Documents and Settings\Anne\Bureau\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://searchmiracle.com/sp.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = D:\Divers\DEMARRAGE INTERNET 4.htm
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = E:\WINDOWS\about.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = E:\WINDOWS\about.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *new-search.net*;*x-google.net*
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://E%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CNetscape_France.src" ); (E:\Documents and Settings\Anne\Application Data\Mozilla\Profiles\default\u5g1gchm.slt\prefs.js)
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - E:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll (file missing)
O4 - HKLM\..\Run: [ATIPTA] E:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [NeroCheck] E:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [zzGBK] F:\Setup.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [DAEMON Tools-1033] "E:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [loader32] E:\Documents and Settings\Anne\Application Data\SysDown\sys00520.exe
O4 - HKLM\..\Run: [process.exe] E:\WINDOWS\process.exe
O4 - HKLM\..\Run: [securer] E:\WINDOWS\System32\securer\syshost.exe
O4 - HKLM\..\Run: [6xz.exe] E:\documents and settings\anne\local settings\temp\6xz.exe
O4 - HKLM\..\Run: [Ixu1Ny7R.exe] E:\documents and settings\anne\local settings\temp\Ixu1Ny7R.exe
O4 - HKLM\..\Run: [gcasServ] "E:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [KAVPersonal50] "E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe" /minimize
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [MsnMsgr] "E:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSAgent] E:\WINDOWS\hhnt.exe
O4 - HKCU\..\Run: [cw5FRgcqT] ncxqtz32.exe
O4 - HKCU\..\Run: [Oosr] E:\Documents and Settings\Anne\Application Data\ahor.exe
O4 - HKCU\..\Run: [Ldbnql] E:\WINDOWS\System32\??oolsv.exe
O4 - Global Startup: Microsoft Office.lnk = E:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: VIA RAID TOOL.lnk = E:\Program Files\VIA\RAID\raid_tool.exe
O8 - Extra context menu item: Bloquer ce serveur... - E:\Program Files\Avant Browser\AddAllToADBlackList.htm
O8 - Extra context menu item: Bloquer cette publicité... - E:\Program Files\Avant Browser\AddToADBlackList.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://E:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir tous les liens de la page... - E:\Program Files\Avant Browser\OpenAllLinks.htm
O8 - Extra context menu item: Rechercher sur le Web... - E:\Program Files\Avant Browser\Search.htm
O8 - Extra context menu item: Surligner - E:\Program Files\Avant Browser\Highlight.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\MSMSGS.EXE
O10 - Broken Internet access because of LSP provider 'e:\program files\bulletproofsoft.com\bps spyware & adware remover\apptoport.dll' missing
O15 - Trusted Zone: *.slotchbar.com
O15 - Trusted Zone: *.slotchbar.com (HKLM)
O15 - Trusted IP range: 67.19.178.84
O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/ga [...] pote_x.cab
O16 - DPF: {00000000-0000-0000-0000-000020030000} - http://www.advnt01.com/dialer/france_pa.exe
O16 - DPF: {42F2C9BA-614F-47C0-B3E3-ECFD34EED658} (Installer Class) - http://www.ysbweb.com/ist/software [...] egular.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537 [...] scan53.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Environnement d'exécution Java 1.4.0_01) -
O16 - DPF: {CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA} (Environnement d'exécution Java 1.4.0_01) -
O17 - HKLM\System\CCS\Services\Tcpip\..\{E9FE68B4-3270-4007-B6E7-4F3F11F5D771}: NameServer = 209.47.15.118,64.157.143.38,192.168.0.1
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - E:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - E:\WINDOWS\system32\ati2sgag.exe
O23 - Service: kavsvc - Kaspersky Lab - E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe
Merci d'avance pour votre aide.