Coolsearch.biz!!!
pgabin
Messages postés
1
Statut
Membre
-
Flipus -
Flipus -
Je suis squatté par coolsearch.biz.J'ai passé adaware, spybot,stinger,...rien à faire.Pouvez vous m'aider,ci-après résultat de hijackthis:
Logfile of HijackThis v1.98.2
Scan saved at 12:55:17, on 03/11/2004
Platform: Windows 2000 SP3 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\SYSTEM32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
C:\WINNT\SYSTEM32\DWRCS.EXE
C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\PROGRA~1\WANADOO\CnxMon.exe
C:\PROGRA~1\MESSAG~1\StartMessager.exe
C:\PROGRA~1\WANADOO\TaskbarIcon.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe
C:\WINNT\System32\RunDll32.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINNT\System32\ctfmon.exe
C:\Documents and Settings\fdt\Application Data\haec.exe
C:\Program Files\ASUS\ASUS Hotkey\Hotkey.exe
C:\Program Files\SAGEM\SAGEM F@st800\dslmon.exe
C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe
C:\WINNT\explorer.exe
C:\WINNT\system32\appvg.exe
C:\Program Files\Windows AdTools\WinAdTools.exe
C:\Program Files\Windows AdTools\WinRatchet.exe
C:\PROGRA~1\INTERN~1\iexplore.exe
C:\WINNT\System32\tapopshn.exe
C:\Program Files\PowerArchiver\POWERARC.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\DOCUME~1\fdt\LOCALS~1\Temp\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINNT\onvgj.dll/sp.html#29126
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINNT\onvgj.dll/sp.html#29126
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINNT\onvgj.dll/sp.html#29126
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINNT\onvgj.dll/sp.html#29126
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINNT\onvgj.dll/sp.html#29126
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINNT\onvgj.dll/sp.html#29126
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINNT\onvgj.dll/sp.html#29126
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {C52036BE-43FE-6266-F955-8D24B03FDF75} - C:\WINNT\atlzz.dll (file missing)
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\ycomp5_5_5_0.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [NeroCheck] C:\WINNT\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\WANADOO\CnxMon.exe
O4 - HKLM\..\Run: [MessagerStarter Wanadoo] C:\PROGRA~1\MESSAG~1\StartMessager.exe Messager Wanadoo
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\WANADOO\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\WANADOO\TaskbarIcon.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe
O4 - HKLM\..\Run: [Micro Application Popup Blocker] RunDll32.exe C:\PROGRA~1\MICROA~1\EFFACE~1\ANTI-P~1.DLL,Run
O4 - HKLM\..\Run: [Microsoft Netview Component v5.1] msnv32.exe
O4 - HKLM\..\Run: [Ssdqwa] bgdw.exe
O4 - HKLM\..\Run: [Windows MeTaLRoCk service] metalrock.exe
O4 - HKLM\..\Run: [NVidia Drivers] C:\WINNT\SYSTEM32\cxswxa.exe
O4 - HKLM\..\Run: [DOWNLOAD MANAGER] C:\Program Files\SonicSelector\OD2DLEngine.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QF7ETDsX] C:\documents and settings\fdt\local settings\temp\QF7ETDsX.exe
O4 - HKLM\..\Run: [uNn] C:\documents and settings\fdt\local settings\temp\uNn.exe
O4 - HKLM\..\Run: [Windows AdTools] C:\Program Files\Windows AdTools\WinAdTools.exe
O4 - HKLM\..\Run: [javaqq32.exe] C:\WINNT\javaqq32.exe
O4 - HKLM\..\Run: [sqqgqdrhw] C:\WINNT\System32\tapopshn.exe
O4 - HKLM\..\Run: [IST Service] C:\Program Files\ISTsvc\istsvc.exe
O4 - HKLM\..\RunServices: [Microsoft Netview Component v5.1] msnv32.exe
O4 - HKLM\..\RunServices: [Ssdqwa] bgdw.exe
O4 - HKLM\..\RunServices: [Windows MeTaLRoCk service] metalrock.exe
O4 - HKLM\..\RunOnce: [ICDRegOCX0] rundll32.exe advpack.dll,RegisterOCX C:\WINNT\Downloaded Program Files\WinAdToolsX.dll
O4 - HKLM\..\RunOnce: [djtopr1150.exe] "C:\DOCUME~1\fdt\LOCALS~1\Temp\djtopr1150.exe"
O4 - HKLM\..\RunOnce: [SpyBotSnD] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Aswt] C:\Documents and Settings\fdt\Application Data\haec.exe
O4 - HKCU\..\Run: [co78RTH2S] dxtpcsvc.exe
O4 - Global Startup: Hotkey.lnk = C:\Program Files\ASUS\ASUS Hotkey\Hotkey.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st800\dslmon.exe
O8 - Extra context menu item: Chercher avec Copernic Agent - C:\Program Files\Copernic Agent\Web\SearchExt.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINNT\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINNT\System32\msjava.dll
O9 - Extra button: SideFind - {10E42047-DEB9-4535-A118-B3F6EC39B807} - C:\Program Files\SideFind\sidefind.dll
O9 - Extra button: Micro Application Anti-Popup - {2E071ADC-ADF8-4b4b-8ACB-EDC49E6D45A2} - C:\PROGRA~1\MICROA~1\EFFACE~1\ANTI-P~1.DLL
O9 - Extra 'Tools' menuitem: Anti-Popup - {2E071ADC-ADF8-4b4b-8ACB-EDC49E6D45A2} - C:\PROGRA~1\MICROA~1\EFFACE~1\ANTI-P~1.DLL
O16 - DPF: {2C835946-055C-4D34-2957-725669F8501C} - http://82.179.166.72/1/rdgFR208.exe
O16 - DPF: {3505B2ED-4D32-1917-C520-684D4A7C976D} - http://82.179.166.72/1/rdgFR208.exe
O16 - DPF: {386A771C-E96A-421F-8BA7-32F1B706892F} (Installer Class) - http://www.xxxtoolbar.com/ist/softwares/v4.0/0006_regular.cab
O16 - DPF: {533E1953-8173-0D15-6FBD-30E309480B7C} - http://82.179.166.72/1/rdgFR208.exe
O16 - DPF: {9EB320CE-BE1D-4304-A081-4B4665414BEF} (MediaTicketsInstaller Control) - http://www.mt-download.com/MediaTicketsInstaller.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = www.fraisnor.fr
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = www.fraisnor.fr
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = www.fraisnor.fr
O18 - Protocol: icoo - {4A8DADD4-5A25-4D41-8599-CB7458766220} - C:\WINNT\msopt.dll (file missing)
merci d'avance
Logfile of HijackThis v1.98.2
Scan saved at 12:55:17, on 03/11/2004
Platform: Windows 2000 SP3 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\SYSTEM32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
C:\WINNT\SYSTEM32\DWRCS.EXE
C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\PROGRA~1\WANADOO\CnxMon.exe
C:\PROGRA~1\MESSAG~1\StartMessager.exe
C:\PROGRA~1\WANADOO\TaskbarIcon.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe
C:\WINNT\System32\RunDll32.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINNT\System32\ctfmon.exe
C:\Documents and Settings\fdt\Application Data\haec.exe
C:\Program Files\ASUS\ASUS Hotkey\Hotkey.exe
C:\Program Files\SAGEM\SAGEM F@st800\dslmon.exe
C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe
C:\WINNT\explorer.exe
C:\WINNT\system32\appvg.exe
C:\Program Files\Windows AdTools\WinAdTools.exe
C:\Program Files\Windows AdTools\WinRatchet.exe
C:\PROGRA~1\INTERN~1\iexplore.exe
C:\WINNT\System32\tapopshn.exe
C:\Program Files\PowerArchiver\POWERARC.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\DOCUME~1\fdt\LOCALS~1\Temp\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINNT\onvgj.dll/sp.html#29126
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINNT\onvgj.dll/sp.html#29126
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINNT\onvgj.dll/sp.html#29126
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINNT\onvgj.dll/sp.html#29126
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINNT\onvgj.dll/sp.html#29126
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINNT\onvgj.dll/sp.html#29126
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINNT\onvgj.dll/sp.html#29126
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {C52036BE-43FE-6266-F955-8D24B03FDF75} - C:\WINNT\atlzz.dll (file missing)
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\ycomp5_5_5_0.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [NeroCheck] C:\WINNT\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\WANADOO\CnxMon.exe
O4 - HKLM\..\Run: [MessagerStarter Wanadoo] C:\PROGRA~1\MESSAG~1\StartMessager.exe Messager Wanadoo
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\WANADOO\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\WANADOO\TaskbarIcon.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe
O4 - HKLM\..\Run: [Micro Application Popup Blocker] RunDll32.exe C:\PROGRA~1\MICROA~1\EFFACE~1\ANTI-P~1.DLL,Run
O4 - HKLM\..\Run: [Microsoft Netview Component v5.1] msnv32.exe
O4 - HKLM\..\Run: [Ssdqwa] bgdw.exe
O4 - HKLM\..\Run: [Windows MeTaLRoCk service] metalrock.exe
O4 - HKLM\..\Run: [NVidia Drivers] C:\WINNT\SYSTEM32\cxswxa.exe
O4 - HKLM\..\Run: [DOWNLOAD MANAGER] C:\Program Files\SonicSelector\OD2DLEngine.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QF7ETDsX] C:\documents and settings\fdt\local settings\temp\QF7ETDsX.exe
O4 - HKLM\..\Run: [uNn] C:\documents and settings\fdt\local settings\temp\uNn.exe
O4 - HKLM\..\Run: [Windows AdTools] C:\Program Files\Windows AdTools\WinAdTools.exe
O4 - HKLM\..\Run: [javaqq32.exe] C:\WINNT\javaqq32.exe
O4 - HKLM\..\Run: [sqqgqdrhw] C:\WINNT\System32\tapopshn.exe
O4 - HKLM\..\Run: [IST Service] C:\Program Files\ISTsvc\istsvc.exe
O4 - HKLM\..\RunServices: [Microsoft Netview Component v5.1] msnv32.exe
O4 - HKLM\..\RunServices: [Ssdqwa] bgdw.exe
O4 - HKLM\..\RunServices: [Windows MeTaLRoCk service] metalrock.exe
O4 - HKLM\..\RunOnce: [ICDRegOCX0] rundll32.exe advpack.dll,RegisterOCX C:\WINNT\Downloaded Program Files\WinAdToolsX.dll
O4 - HKLM\..\RunOnce: [djtopr1150.exe] "C:\DOCUME~1\fdt\LOCALS~1\Temp\djtopr1150.exe"
O4 - HKLM\..\RunOnce: [SpyBotSnD] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Aswt] C:\Documents and Settings\fdt\Application Data\haec.exe
O4 - HKCU\..\Run: [co78RTH2S] dxtpcsvc.exe
O4 - Global Startup: Hotkey.lnk = C:\Program Files\ASUS\ASUS Hotkey\Hotkey.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st800\dslmon.exe
O8 - Extra context menu item: Chercher avec Copernic Agent - C:\Program Files\Copernic Agent\Web\SearchExt.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINNT\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINNT\System32\msjava.dll
O9 - Extra button: SideFind - {10E42047-DEB9-4535-A118-B3F6EC39B807} - C:\Program Files\SideFind\sidefind.dll
O9 - Extra button: Micro Application Anti-Popup - {2E071ADC-ADF8-4b4b-8ACB-EDC49E6D45A2} - C:\PROGRA~1\MICROA~1\EFFACE~1\ANTI-P~1.DLL
O9 - Extra 'Tools' menuitem: Anti-Popup - {2E071ADC-ADF8-4b4b-8ACB-EDC49E6D45A2} - C:\PROGRA~1\MICROA~1\EFFACE~1\ANTI-P~1.DLL
O16 - DPF: {2C835946-055C-4D34-2957-725669F8501C} - http://82.179.166.72/1/rdgFR208.exe
O16 - DPF: {3505B2ED-4D32-1917-C520-684D4A7C976D} - http://82.179.166.72/1/rdgFR208.exe
O16 - DPF: {386A771C-E96A-421F-8BA7-32F1B706892F} (Installer Class) - http://www.xxxtoolbar.com/ist/softwares/v4.0/0006_regular.cab
O16 - DPF: {533E1953-8173-0D15-6FBD-30E309480B7C} - http://82.179.166.72/1/rdgFR208.exe
O16 - DPF: {9EB320CE-BE1D-4304-A081-4B4665414BEF} (MediaTicketsInstaller Control) - http://www.mt-download.com/MediaTicketsInstaller.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = www.fraisnor.fr
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = www.fraisnor.fr
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = www.fraisnor.fr
O18 - Protocol: icoo - {4A8DADD4-5A25-4D41-8599-CB7458766220} - C:\WINNT\msopt.dll (file missing)
merci d'avance
5 réponses
Salut
En mode sans echec,rescannes et coches puis fixes ces lignes et dis si ca va mieux......
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINNT\onvgj.dll/sp.html#29126
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINNT\onvgj.dll/sp.html#29126
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINNT\onvgj.dll/sp.html#29126
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINNT\onvgj.dll/sp.html#29126
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINNT\onvgj.dll/sp.html#29126
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINNT\onvgj.dll/sp.html#29126
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINNT\onvgj.dll/sp.html#29126
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
O2 - BHO: (no name) - {C52036BE-43FE-6266-F955-8D24B03FDF75} - C:\WINNT\atlzz.dll (file missing)
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\ycomp5_5_5_0.dll
O8 - Extra context menu item: Chercher avec Copernic Agent - C:\Program Files\Copernic Agent\Web\SearchExt.htm
O16 - DPF: {2C835946-055C-4D34-2957-725669F8501C} - http://82.179.166.72/1/rdgFR208.exe
O16 - DPF: {3505B2ED-4D32-1917-C520-684D4A7C976D} - http://82.179.166.72/1/rdgFR208.exe
O16 - DPF: {386A771C-E96A-421F-8BA7-32F1B706892F} (Installer Class) - http://www.xxxtoolbar.com/ist/softwares/v4.0/0006_regular.cab
O16 - DPF: {533E1953-8173-0D15-6FBD-30E309480B7C} - http://82.179.166.72/1/rdgFR208.exe
O16 - DPF: {9EB320CE-BE1D-4304-A081-4B4665414BEF} (MediaTicketsInstaller Control) - http://www.mt-download.com/MediaTicketsInstaller.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = www.fraisnor.fr
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = www.fraisnor.fr
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = www.fraisnor.fr
O18 - Protocol: icoo - {4A8DADD4-5A25-4D41-8599-CB7458766220} - C:\WINNT\msopt.dll (file missing)
En mode sans echec,rescannes et coches puis fixes ces lignes et dis si ca va mieux......
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINNT\onvgj.dll/sp.html#29126
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINNT\onvgj.dll/sp.html#29126
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINNT\onvgj.dll/sp.html#29126
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINNT\onvgj.dll/sp.html#29126
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINNT\onvgj.dll/sp.html#29126
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINNT\onvgj.dll/sp.html#29126
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINNT\onvgj.dll/sp.html#29126
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
O2 - BHO: (no name) - {C52036BE-43FE-6266-F955-8D24B03FDF75} - C:\WINNT\atlzz.dll (file missing)
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\ycomp5_5_5_0.dll
O8 - Extra context menu item: Chercher avec Copernic Agent - C:\Program Files\Copernic Agent\Web\SearchExt.htm
O16 - DPF: {2C835946-055C-4D34-2957-725669F8501C} - http://82.179.166.72/1/rdgFR208.exe
O16 - DPF: {3505B2ED-4D32-1917-C520-684D4A7C976D} - http://82.179.166.72/1/rdgFR208.exe
O16 - DPF: {386A771C-E96A-421F-8BA7-32F1B706892F} (Installer Class) - http://www.xxxtoolbar.com/ist/softwares/v4.0/0006_regular.cab
O16 - DPF: {533E1953-8173-0D15-6FBD-30E309480B7C} - http://82.179.166.72/1/rdgFR208.exe
O16 - DPF: {9EB320CE-BE1D-4304-A081-4B4665414BEF} (MediaTicketsInstaller Control) - http://www.mt-download.com/MediaTicketsInstaller.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = www.fraisnor.fr
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = www.fraisnor.fr
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = www.fraisnor.fr
O18 - Protocol: icoo - {4A8DADD4-5A25-4D41-8599-CB7458766220} - C:\WINNT\msopt.dll (file missing)
Wael, j'ai fait comme tu as dit et ça a marché impec. Je te remercie de la rapidité et de l'efficacité de ta réponse.
Bonne continuation.
A+ et encore merci
gabin
Bonne continuation.
A+ et encore merci
gabin
il y avais pas besoin de faire tout ça pour iradiquer la petite bestiole.
Il est possible d en venir a bout en suppr juste ce qu'il faut suppr dans le bon endroit. ( resultat garanti )
L'operation pren a peine 1 minute si vous ete en armonie avec votre OS.
PS: avec ma methode, meme avec windows 3.11 on arrive encore à la suppr.
copyright reserved
Il est possible d en venir a bout en suppr juste ce qu'il faut suppr dans le bon endroit. ( resultat garanti )
L'operation pren a peine 1 minute si vous ete en armonie avec votre OS.
PS: avec ma methode, meme avec windows 3.11 on arrive encore à la suppr.
copyright reserved
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
"..........ben fais nous en profiter........"
Pourquoi ? toi aussi tu as le probleme avec coolserach... ?
Si c est le cas et que tu n a pas encore resolu le probleme, je t aiderais volontier à le supprimer. Tu vera, c est une operation tres facile, il falait seulement y penser... c est ça qui ete le plus dur au debut :)
Encore une fois obligé de taper une signature...
" Rend moi chaste Oh Seigneur, mais pas tout de suite...pas tout de suite !!! "
Pourquoi ? toi aussi tu as le probleme avec coolserach... ?
Si c est le cas et que tu n a pas encore resolu le probleme, je t aiderais volontier à le supprimer. Tu vera, c est une operation tres facile, il falait seulement y penser... c est ça qui ete le plus dur au debut :)
Encore une fois obligé de taper une signature...
" Rend moi chaste Oh Seigneur, mais pas tout de suite...pas tout de suite !!! "
voila bye