Bonjour,
 
j'ai lu de nombreuses pages sur ce forum et d'autres, je n'arrive pas à enlever le malware about:blank
j'aimerais de l'aide j'ai déjà essayer plusieurs procédés
notemment: spybot, adware, smitfraudfix, aboutblaster, etc... en redémarrant chaque fois sans échec pas moyen de le retirer....
 
je poste le log de hijackthis...
 
merci de me venir en aide
 
ornot      

Logfile of HijackThis v1.99.1
Scan saved at 13:51:49, on 4/01/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
 
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\addtr32.exe
C:\Program Files\AntiViral Toolkit Pro\avpcc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Search Engine Commando\ScheduleService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\WFXSVC.EXE
C:\Program Files\Symantec\DelFax\WFXMOD32.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\imapi.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sunbelt Software\CounterSpy\Consumer\sunserver.exe
C:\Program Files\Sunbelt Software\CounterSpy\Consumer\sunThreatEngine.exe
C:\Program Files\Sunbelt Software\CounterSpy\Consumer\SunProtectionServer.exe
C:\Program Files\Microsoft Office\Office10\EXCEL.EXE
C:\Downloads\magic-2.94b10\Magic.exe
C:\PROGRA~1\MICROS~2\Office10\OUTLOOK.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Microsoft Office\Office10\WINWORD.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft Office\Office10\MSACCESS.EXE
C:\WINDOWS\system32\apphr32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Downloads\smitfraudfix\HijackThis.exe
 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\system32\nhqyr.dll/sp.html#17702%resultposition.net
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\nhqyr.dll/sp.html#17702%resultposition.net
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\system32\nhqyr.dll/sp.html#17702%resultposition.net
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\system32\nhqyr.dll/sp.html#17702%resultposition.net
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\nhqyr.dll/sp.html#17702%resultposition.net
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\system32\nhqyr.dll/sp.html#17702%resultposition.net
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\system32\nhqyr.dll/sp.html#17702%resultposition.net
R3 - Default URLSearchHook is missing
N3 - Netscape 7: user_pref("browser.search.defaultengine", "http://www.google.com/" ); (C:\Documents and Settings\Xavier\Application Data\Mozilla\Profiles\default\onwq9z7j.slt\prefs.js)
O2 - BHO: Class - {0B01F3E9-B4C0-2C24-AA3E-F733655C3C34} - C:\WINDOWS\atldi32.dll
O2 - BHO: Class - {1A22CFF9-DC71-331C-BEE1-B585DCF46C42} - C:\WINDOWS\system32\netnb.dll
O4 - HKLM\..\Run: [apphr32.exe] C:\WINDOWS\system32\apphr32.exe
O4 - HKLM\..\Run: [SunServer] C:\Program Files\Sunbelt Software\CounterSpy\Consumer\sunserver.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O23 - Service: Remote Procedure Call (RPC) Helper ( 11Fßä#·ºÄÖ`I) - Unknown owner - C:\WINDOWS\system32\addtr32.exe
O23 - Service: AVPCC - Kaspersky Labs. - C:\Program Files\AntiViral Toolkit Pro\avpcc.exe
O23 - Service: KAV Monitor Service (KAVMonitorService) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\avpm.exe" /service (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Search Engine Commando Schedule Service (SECScheduleService) - Tates Creek Software, LLC - C:\Program Files\Search Engine Commando\ScheduleService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: DelrinaFax PRO (wfxsvc) - Symantec Corporation - C:\WINDOWS\system32\WFXSVC.EXE
 

Il en tient un couche dis donc !
Tout ça me parait suspect :
 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\system32\nhqyr.dll/sp.html#17702%resultposition.net
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\nhqyr.dll/sp.html#17702%resultposition.net
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\system32\nhqyr.dll/sp.html#17702%resultposition.net
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\system32\nhqyr.dll/sp.html#17702%resultposition.net
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\nhqyr.dll/sp.html#17702%resultposition.net
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\system32\nhqyr.dll/sp.html#17702%resultposition.net
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\system32\nhqyr.dll/sp.html#17702%resultposition.net
O4 - HKLM\..\Run: [apphr32.exe] C:\WINDOWS\system32\apphr32.exe
O23 - Service: Remote Procedure Call (RPC) Helper ( 11Fßä#·ºÄÖ`I) - Unknown owner - C:\WINDOWS\system32\addtr32.exe
O23 - Service: Search Engine Commando Schedule Service (SECScheduleService) - Tates Creek Software, LLC - C:\Program Files\Search Engine Commando\ScheduleService.exe

Pourriez-vous me dire comment je fais pour les retirer  
j'ai essayé sans échec 'fix' sous hijacker et de redémarrer sans succès..
ornot