voila apres le mon amie, c’est le pc de mes parents qui merde
voici le log de hijackthis :
Logfile of HijackThis v1.99.1
Scan saved at 21:33:37, on 01/12/2005
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\LEXBCES.EXE
C:\WINNT\system32\spoolsv.exe
C:\WINNT\system32\LEXPPS.EXE
C:\WINNT\System32\svchost.exe
C:\WINNT\System32\GEARSec.exe
C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\System32\SCardSvr.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\Explorer.EXE
C:\WINNT\system32\winlog.exe
C:\WINNT\system32\internat.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\SP TimeSync 2.2\SP TimeSync.exe
C:\WINNT\system32\winlog.exe
C:\WINNT\DS6889\DSC Camera.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\My documents pro illiers\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.fr.msn.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
N3 - Netscape 7: user_pref("browser.startup.homepage", "http://www.mozilla.org/start/"); (C:\Documents and Settings\nec1\Application Data\Mozilla\Profiles\default\9nhht76r.slt\prefs.js)
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5Cmozilla.org%5CMozilla%5Csearchplugins%5CNetscapeSearch.src"); (C:\Documents and Settings\nec1\Application Data\Mozilla\Profiles\default\9nhht76r.slt\prefs.js)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [Norton Ghost 9.0] C:\Program Files\Symantec\Norton Ghost\Agent\GhostTray.exe
O4 - HKLM\..\Run: [auto__hloader__key] C:\WINNT\system32\hloader_exe.exe
O4 - HKLM\..\Run: [auto__antiav__key] C:\WINNT\system32\antiav_exe.exe
O4 - HKLM\..\Run: [key2] C:\WINNT\system32\winlog.exe
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [SP TimeSync] "C:\Program Files\SP TimeSync 2.2\SP TimeSync.exe"
O4 - HKCU\..\Run: [auto__hloader__key] C:\WINNT\system32\hloader_exe.exe
O4 - HKCU\..\Run: [auto__antiav__key] C:\WINNT\system32\antiav_exe.exe
O4 - HKCU\..\Run: [german.exe] C:\WINNT\system32\wintems.exe
O4 - HKCU\..\Run: [key2] C:\WINNT\system32\winlog.exe
O4 - Global Startup: Kaspersky Anti-Virus Monitor.lnk = C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\AvpM.exe
O4 - Global Startup: Oregon Scientific DShot.lnk = C:\WINNT\DS6889\DSC Camera.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{8C5C9CD6-C067-4D3A-B10B-99F73F9EC1BA}: NameServer = 212.27.54.252 213.228.0.168
O18 - Protocol: marge - {4FEC9AA5-E7A9-42BB-B715-B26161FEEE39} - C:\Isamgwp\IsaMgwIE.ocx
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINNT\System32\GEARSec.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINNT\system32\LEXBCES.EXE
O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe
O23 - Service: Internet Logging Client (WksPatch) - Unknown owner - C:\WINNT\system32\drivers\svchost.exe (file missing)
vu le rapport, y a rien de mechant mais toujours est il mon pere n’arrive plus à lancer son programme Isagri (logiciel pro)
je pensais voire un spyware, mais nada je crois