Bonjour,

ma page de démarrage reste sur blank,^même si je la change et quand j´ouvre internet explorer j´ai une toolbar, impossible de l´enlever, pas de programme installé, pas de processus bizarre. Voila le log de hijackthis:

Logfile of HijackThis v1.99.0
Scan saved at 13:37:25, on 22/01/2005
Platform: Windows XP SP1 ( WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 ( 6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE
C:\Program Files\CpuIdle\cpuidle.exe
C:\PROGRA~1\yahoo\ypager.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Motherboard Monitor 5\MBM5.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Documents and Settings\Rémy\Bureau\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://ms-find.com/sp.htm
R1 - HKCU\Software\Microsoft\Internet Explorer,(Default) = http://clearsurfing.net/srch.php?qq=%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\System32\protect32.dll/sp.html ( obfuscated)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\System32\protect32.dll/sp.html ( obfuscated)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.free.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\System32\protect32.dll/sp.html ( obfuscated)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\System32\protect32.dll/sp.html ( obfuscated)
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\System32\protect32.dll/sp.html ( obfuscated)
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\System32\protect32.dll/sp.html ( obfuscated)
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://ms-find.com/index.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,SearchURL = http://ms-find.com/sp.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: ( no name) - {C22CA7D2-ADBE-4B18-8DBE-29DCA723EB83} - C:\WINDOWS\System32\protect32.dll
O3 - Toolbar: & - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: FreshBar - {06ABAA2D-34AB-4902-A326-409BD9B9A7A5} - C:\WINDOWS\System32\iesp1.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE
O4 - HKLM\..\Run: [CpuIdle] C:\Program Files\CpuIdle\cpuidle.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [Yahoo! Pager] C:\PROGRA~1\yahoo\ypager.exe -quiet
O4 - HKCU\..\Run: [MsnMsgr] " C:\Program Files\MSN Messenger\MsnMsgr.Exe" / background
O4 - Startup: MBM 5.lnk = C:\Program Files\Motherboard Monitor 5\MBM5.exe
O8 - Extra context menu item: E& vers Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000

O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra ´Tools´ menuitem: Show & Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\yahoo\YPAGER.EXE
O9 - Extra ´Tools´ menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\yahoo\YPAGER.EXE
O9 - Extra button: ( no name) - {FB5F1910-F110-11d2-BB9E-00C04F795683} - ( no file)
O9 - Extra ´Tools´ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - ( no file)
O14 - IERESET.INF: START_PAGE_URL=http://home.free.fr/
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} ( RdxIE Class) - http://software-dl.real.com/01f34a07f479ef5e6422/netzip/RdxIE601_fr.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} ( HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} ( ActiveScan Installer Class) - http://www.pandasoftware..com/activescan/as5/asinst.cab
O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} ( CRAVOnline Object) - http://www.ravantivirus.com/scan/ravonline.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} ( MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {C36112BF-2FA3-4694-8603-3B510EA3B465} ( Lycos File Upload Component) - http://f004.mail.caramail.lycos.fr/app/uploader/FileUploader.cab
O17 -
HKLM\System\CCS\Services\Tcpip\..\{272CA08C-1D44-4
FFB-8292-9A83214C7E2B}: NameServer = 69.50.188.180,195.225.176.31
O17 -
HKLM\System\CCS\Services\Tcpip\..\{65262452-672A-4
0F1-B60D-3C5B77983CD2}: NameServer = 69.50.188.180,195.225.176.31
O17 -
HKLM\System\CCS\Services\Tcpip\..\{E52831A4-67B5-4
F8E-B160-0BA9DA5A66F8}: NameServer = 69.50.188.180,195.225.176.31
O17 -
HKLM\System\CS1\Services\Tcpip\..\{272CA08C-1D44-4
FFB-8292-9A83214C7E2B}: NameServer = 69.50.188.180,195.225.176.31
O17 -
HKLM\System\CS2\Services\Tcpip\..\{272CA08C-1D44-4
FFB-8292-9A83214C7E2B}: NameServer = 69.50.188.180,195.225.176.31
O18 - Filter: text/html - {F688BD0D-0536-49CA-BF77-B0163A4436FC} - C:\WINDOWS\System32\protect32.dll
O18 - Filter: text/plain - {F688BD0D-0536-49CA-BF77-B0163A4436FC} - C:\WINDOWS\System32\protect32.dll
O23 - Service: Service d´administration du Gestionnaire de disque logique - Unknown - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements - Unknown - C:\WINDOWS\system32\services.exe
O23 - Service: Service COM de gravage de CD IMAPI - Unknown - C:\WINDOWS\System32\imapi.exe
O23 - Service: Partage de Bureau à distance NetMeeting - Unknown - C:\WINDOWS\System32\mnmsrvc.exe
O23 - Service: DDE réseau - Unknown - C:\WINDOWS\system32\netdde.exe
O23 - Service: DSDM DDE réseau - Unknown - C:\WINDOWS\system32\netdde.exe
O23 - Service: NVIDIA Display Driver Service - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Plug-and-Play - Unknown - C:\WINDOWS\system32\services.exe
O23 - Service: Gestionnaire de session d´aide sur le Bureau à distance - Unknown - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Prise en charge des cartes à puces - Unknown - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Carte à puce - Unknown - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Journaux et alertes de performance - Unknown - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Ulead Burning Helper - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: Cliché instantané de volume - Unknown - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI - Unknown - C:\WINDOWS\System32\wbem\wmiapsrv.exe

http://www.hijackthis.de/fr

Va ici passe un coup d´hijackthis, copie ton log et evalue ton log sur le site d´hijackthis et supprime tous les trucs MECHANT puis passe un coup d´ad-aware, de spybot , de cwshredder, et de spy sweeper.

c´est quoi la tool bar que t´as