Pb page de démarrage + pop-up
lilcaro
-
bernie61 -
bernie61 -
bonjour,
j'ai chopé un vilain truc sur mon ordi et je n'arrive pas à l'enlever (spybot/ adaware/ panda /ravantivirus....)
ma page de démarrage affiche home search et le lien c'est about blank
Running Processes:
-----------------
#1: [smss.exe]
File Path: C:\WINNT\System32\smss.exe
ProcessID: 144
Priority: Normal
File Size: 44 KB
Version: 5.0.2195.6601
File Version: 5.00.2195.6601
Product Version: 5.00.2195.6601
Copyright: Copyright (C) Microsoft Corp. 1981-1999
Company Name: Microsoft Corporation
File Description: Windows NT Session Manager
Internal Name: smss.exe
Original Filename: smss.exe
Product Name: Microsoft(R) Windows (R) 2000 Operating System
Created on: 08/05/2001 01:00:00
Last accessed: 11/12/2004 16:14:05
Last modified: 19/06/2003 20:05:04
#2: [winlogon.exe]
File Path: C:\WINNT\system32\winlogon.exe
ProcessID: 192
Priority: High
File Size: 181 KB
Version: 5.0.2195.6714
File Version: 5.00.2195.6714
Product Version: 5.00.2195.6714
Copyright: Copyright (C) Microsoft Corp. 1981-1999
Company Name: Microsoft Corporation
File Description: Application d'ouverture de session Windows NT
Internal Name: winlogon
Original Filename: WINLOGON.EXE
Product Name: Système d'exploitation Microsoft(R) Windows (R) 2000
Created on: 07/03/2004 13:58:28
Last accessed: 11/12/2004 16:14:20
Last modified: 19/06/2003 20:05:04
#3: [services.exe]
File Path: C:\WINNT\system32\services.exe
ProcessID: 220
Priority: Normal
File Size: 87 KB
Version: 5.0.2195.6700
File Version: 5.00.2195.6700
Product Version: 5.00.2195.6700
Copyright: Copyright (C) Microsoft Corp. 1981-1999
Company Name: Microsoft Corporation
File Description: Applications Services et Contrôleur
Internal Name: services.exe
Original Filename: services.exe
Product Name: Système d'exploitation Microsoft(R) Windows (R) 2000
Created on: 08/05/2001 01:00:00
Last accessed: 11/12/2004 16:14:03
Last modified: 19/06/2003 20:05:04
#4: [lsass.exe]
File Path: C:\WINNT\system32\lsass.exe
ProcessID: 232
Priority: Normal
File Size: 38 KB
Version: 5.0.2195.6695
File Version: 5.00.2195.6695
Product Version: 5.00.2195.6695
Copyright: Copyright (C) Microsoft Corp. 1981-1999
Company Name: Microsoft Corporation
File Description: Exécutable LSA et DLL serveur (version d'exportation)
Internal Name: lsasrv.dll and lsass.exe
Original Filename: lsasrv.dll and lsass.exe
Product Name: Système d'exploitation Microsoft(R) Windows (R) 2000
Created on: 08/05/2001 01:00:00
Last accessed: 11/12/2004 16:12:35
Last modified: 19/06/2003 20:05:04
#5: [svchost.exe]
File Path: C:\WINNT\system32\svchost.exe
ProcessID: 408
Priority: Normal
File Size: 7 KB
Version: 5.0.2134.1
File Version: 5.00.2134.1
Product Version: 5.00.2134.1
Copyright: Copyright (C) Microsoft Corp. 1981-1999
Company Name: Microsoft Corporation
File Description: Generic Host Process for Win32 Services
Internal Name: svchost.exe
Original Filename: svchost.exe
Product Name: Microsoft(R) Windows (R) 2000 Operating System
Created on: 08/05/2001 01:00:00
Last accessed: 11/12/2004 16:14:08
Last modified: 08/05/2001 01:00:00
#6: [LEXBCES.EXE]
File Path: C:\WINNT\system32\LEXBCES.EXE
ProcessID: 436
Priority: Normal
File Size: 293 KB
Version: 7.1.0.0
File Version: 7.1
Product Version: 7.1
Copyright: (C) 1993 - 2001 Lexmark International, Inc.
Company Name: Lexmark International, Inc.
File Description: LexBce Service
Internal Name: LexBce Service
Original Filename: LexBceS.exe
Product Name: MarkVision for Windows (32 bit)
Created on: 18/05/2004 13:25:09
Last accessed: 11/12/2004 16:12:34
Last modified: 08/03/2002 02:33:10
#7: [spoolsv.exe]
File Path: C:\WINNT\system32\spoolsv.exe
ProcessID: 464
Priority: Normal
File Size: 44 KB
Version: 5.0.2195.6659
File Version: 5.00.2195.6659
Product Version: 5.00.2195.6659
Copyright: Copyright (C) Microsoft Corp. 1981-1999
Company Name: Microsoft Corporation
File Description: Spooler SubSystem App
Internal Name: spoolss.exe
Original Filename: spoolss.exe
Product Name: Microsoft(R) Windows (R) 2000 Operating System
Created on: 02/03/2004 16:35:45
Last accessed: 11/12/2004 16:14:06
Last modified: 19/06/2003 20:05:04
#8: [LEXPPS.EXE]
File Path: C:\WINNT\system32\LEXPPS.EXE
ProcessID: 492
Priority: Normal
File Size: 166 KB
Version: 7.1.0.0
File Version: 7.1
Product Version: 7.1
Copyright: (C) 1993 - 2001 Lexmark International, Inc.
Company Name: Lexmark International, Inc.
File Description: LEXPPS.EXE
Internal Name: LEXPPS
Original Filename: LEXPPS.EXE
Product Name: MarkVision for Windows (32 bit)
Created on: 18/05/2004 13:25:09
Last accessed: 11/12/2004 16:12:34
Last modified: 08/03/2002 02:30:24
#9: [SAgent2.exe]
File Path: C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
ProcessID: 556
Priority: Normal
File Size: 88 KB
Version: 2.0.0.0
File Version: 2, 1, 0, 0
Product Version: 1, 0, 0, 0
Copyright: Copyright (C) SEIKO EPSON CORP. 2000-2001
Company Name: SEIKO EPSON CORPORATION
File Description: EPSON Printer Status Agent
Internal Name: SAgent2
Original Filename: SAgent2.exe
Product Name: EPSON Bidirectional Printer
Created on: 03/03/2004 21:59:09
Last accessed: 11/12/2004 15:01:46
Last modified: 09/08/2001 02:01:00
#10: [svchost.exe]
File Path: C:\WINNT\System32\svchost.exe
ProcessID: 568
Priority: Normal
File Size: 7 KB
Version: 5.0.2134.1
File Version: 5.00.2134.1
Product Version: 5.00.2134.1
Copyright: Copyright (C) Microsoft Corp. 1981-1999
Company Name: Microsoft Corporation
File Description: Generic Host Process for Win32 Services
Internal Name: svchost.exe
Original Filename: svchost.exe
Product Name: Microsoft(R) Windows (R) 2000 Operating System
Created on: 08/05/2001 01:00:00
Last accessed: 11/12/2004 16:26:09
Last modified: 08/05/2001 01:00:00
#11: [regsvc.exe]
File Path: C:\WINNT\system32\regsvc.exe
ProcessID: 628
Priority: Normal
File Size: 66 KB
Version: 5.0.2195.6701
File Version: 5.00.2195.6701
Product Version: 5.00.2195.6701
Copyright: Copyright (C) Microsoft Corp. 1981-1999
Company Name: Microsoft Corporation
File Description: Remote Registry Service
Internal Name: regsvc
Original Filename: REGSVC.EXE
Product Name: Microsoft(R) Windows (R) 2000 Operating System
Created on: 07/03/2004 13:53:19
Last accessed: 11/12/2004 16:13:59
Last modified: 19/06/2003 20:05:04
#12: [MSTask.exe]
File Path: C:\WINNT\system32\MSTask.exe
ProcessID: 660
Priority: Normal
File Size: 118 KB
Version: 4.71.2195.6704
File Version: 4.71.2195.6704
Product Version: 4.71.2195.6704
Copyright: Copyright (C) Microsoft Corp. 1997
Company Name: Microsoft Corporation
File Description: Moteur du Planificateur de tâches
Internal Name: TaskScheduler
Original Filename: mstask.exe
Product Name: Planificateur de tâches Microsoft® Windows®
Created on: 07/03/2004 13:49:51
Last accessed: 11/12/2004 16:12:59
Last modified: 19/06/2003 20:05:04
#13: [WinMgmt.exe]
File Path: C:\WINNT\System32\WBEM\WinMgmt.exe
ProcessID: 696
Priority: Normal
File Size: 192 KB
Version: 1.50.1085.100
File Version: 1.50.1085.0100
Product Version: 1.50.1085.0100
Copyright: Copyright (C) Microsoft Corp. 1995-1999
Company Name: Microsoft Corporation
File Description: Infrastructure de gestion Windows
Internal Name: WINMGMT
Original Filename:
Product Name: Infrastructure de gestion Windows
Created on: 07/03/2004 13:58:29
Last accessed: 11/12/2004 15:52:43
Last modified: 19/06/2003 20:05:04
#14: [svchost.exe]
File Path: C:\WINNT\system32\svchost.exe
ProcessID: 708
Priority: Normal
File Size: 7 KB
Version: 5.0.2134.1
File Version: 5.00.2134.1
Product Version: 5.00.2134.1
Copyright: Copyright (C) Microsoft Corp. 1981-1999
Company Name: Microsoft Corporation
File Description: Generic Host Process for Win32 Services
Internal Name: svchost.exe
Original Filename: svchost.exe
Product Name: Microsoft(R) Windows (R) 2000 Operating System
Created on: 08/05/2001 01:00:00
Last accessed: 11/12/2004 16:26:09
Last modified: 08/05/2001 01:00:00
#15: [CnxMon.exe]
File Path: C:\PROGRA~1\Wanadoo\CnxMon.exe
ProcessID: 1068
Priority: Normal
File Size: 24 KB
Version: 1.0.0.1
File Version: 1, 0, 0, 1
Product Version: 1, 0, 0, 1
Copyright: Copyright (C) 2001
Company Name:
File Description: Application MFC CnxMon
Internal Name: CnxMon
Original Filename: CnxMon.EXE
Product Name: Application CnxMon
Created on: 14/02/2004 17:22:12
Last accessed: 11/12/2004 16:11:30
Last modified: 20/12/2002 15:22:00
#16: [taskbaricon.exe]
File Path: C:\PROGRA~1\Wanadoo\taskbaricon.exe
ProcessID: 1116
Priority: Normal
File Size: 52 KB
Version: 5.6.0.3
File Version: 5.6 (3)
Product Version: 5.6 (3)
Copyright: Copyright (C) France Télécom R&D 1999 - 2003
Company Name: France Télécom R&D
File Description: Gestion de l'icône de la barre des tâches
Internal Name: TaskBarIcon
Original Filename: TaskBarIcon.exe
Product Name: Kit de Connexion et de Services
Created on: 25/05/2004 15:55:37
Last accessed: 11/12/2004 16:11:30
Last modified: 11/02/2004 14:29:24
#17: [RunDll32.exe]
File Path: C:\WINNT\system32\RunDll32.exe
ProcessID: 1124
Priority: Normal
File Size: 9 KB
Version: 5.0.2134.1
File Version: 5.00.2134.1
Product Version: 5.00.2134.1
Copyright: Copyright (C) Microsoft Corp. 1981-1999
Company Name: Microsoft Corporation
File Description: Exécuter une DLL en tant qu'application
Internal Name: rundll
Original Filename: RUNDLL.EXE
Product Name: Système d'exploitation Microsoft(R) Windows (R) 2000
Created on: 08/05/2001 01:00:00
Last accessed: 11/12/2004 16:14:02
Last modified: 08/05/2001 01:00:00
#18: [realsched.exe]
File Path: C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
ProcessID: 1148
Priority: Normal
File Size: 148 KB
Version: 0.1.0.1622
File Version: 0.1.0.1622
Product Version: 0.1.0.1622
Copyright: Copyright © RealNetworks, Inc. 1995-2002
Company Name: RealNetworks, Inc.
File Description: RealNetworks Scheduler
Internal Name: schedapp
Original Filename: realsched.exe
Product Name: RealOne Player (32-bit)
Created on: 15/03/2004 19:19:07
Last accessed: 11/12/2004 15:02:28
Last modified: 15/03/2004 19:19:07
#19: [jusched.exe]
File Path: C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
ProcessID: 1108
Priority: Normal
File Size: 32 KB
Created on: 03/06/2068 21:05:12
Last accessed: 11/12/2004 15:04:36
Last modified: 03/06/2004 21:05:08
#20: [dslmon.exe]
File Path: C:\Program Files\SAGEM\SAGEM F@st800\dslmon.exe
ProcessID: 1176
Priority: Normal
File Size: 916 KB
Version: 1.0.0.1
File Version: 1, 0, 0, 1
Product Version: 1, 0, 0, 1
Copyright: Copyright (C) 2000
Company Name:
File Description: ADIMON MFC Application
Internal Name: DSLMON
Original Filename: ADIMON.EXE
Product Name: DSLMON Application
Created on: 14/02/2004 17:23:13
Last accessed: 11/12/2004 15:09:17
Last modified: 26/09/2002 14:53:02
#21: [EspaceWanadoo.exe]
File Path: C:\PROGRA~1\Wanadoo\EspaceWanadoo.exe
ProcessID: 296
Priority: Normal
File Size: 612 KB
Version: 5.6.0.213
File Version: 5.6 (213)
Product Version: 5.6 (213)
Copyright: Copyright (C) France Télécom R&D 1999-2003
Company Name: France Télécom R&D
File Description: Espace Client
Internal Name: EspaceClient
Original Filename: EspaceClient.exe
Product Name: Kit de Connexion et de Services
Created on: 25/05/2004 15:55:37
Last accessed: 11/12/2004 15:09:34
Last modified: 11/02/2004 14:29:26
#22: [ComComp.exe]
File Path: C:\PROGRA~1\Wanadoo\ComComp.exe
ProcessID: 204
Priority: Normal
File Size: 196 KB
Version: 5.5.0.391
File Version: 5.5 (391)
Product Version: 5.5 (391)
Copyright: Copyright (C) France Télécom R&D 1999- 2002
Company Name: France Télécom R&D
File Description: Module de communication
Internal Name: ComComp
Original Filename: ComComp.exe
Product Name: Kit de Connexion et de Services
Created on: 25/05/2004 15:55:37
Last accessed: 11/12/2004 15:09:34
Last modified: 11/02/2004 14:29:24
#23: [Watch.exe]
File Path: C:\PROGRA~1\Wanadoo\Watch.exe
ProcessID: 1000
Priority: Normal
File Size: 20 KB
Version: 5.5.0.81
File Version: 5.5 (81)
Product Version: 5.5 (81)
Copyright: Copyright (C) France Télécom R&D 1999-2002
Company Name: France Télécom R&D
File Description: Surveillance des modifications
Internal Name: Watch
Original Filename: Watch.exe
Product Name: Kit de Connexion et de Services
Created on: 25/05/2004 15:55:37
Last accessed: 11/12/2004 16:11:30
Last modified: 11/02/2004 14:29:26
#24: [explorer.exe]
File Path: C:\WINNT\explorer.exe
ProcessID: 1288
Priority: Normal
File Size: 238 KB
Version: 5.0.3700.6690
File Version: 5.00.3700.6690
Product Version: 5.00.3700.6690
Copyright: Copyright (C) Microsoft Corp. 1981-1999
Company Name: Microsoft Corporation
File Description: Explorateur Windows
Internal Name: explorer
Original Filename: EXPLORER.EXE
Product Name: Système d'exploitation Microsoft(R) Windows (R) 2000
Created on: 07/03/2004 13:36:26
Last accessed: 11/12/2004 16:11:32
Last modified: 19/06/2003 20:05:04
#25: [appev.exe]
File Path: C:\WINNT\system32\appev.exe
ProcessID: 1292
Priority: Normal
File Size: 29 KB
Created on: 27/11/2004 21:33:59
Last accessed: 11/12/2004 16:23:22
Last modified: 27/11/2004 21:33:59
#26: [IEXPLORE.EXE]
File Path: C:\Program Files\Internet Explorer\IEXPLORE.EXE
ProcessID: 876
Priority: Normal
File Size: 89 KB
Version: 6.0.2800.1106
File Version: 6.00.2800.1106
Product Version: 6.00.2800.1106
Copyright: © Microsoft Corporation. Tous droits réservés.
Company Name: Microsoft Corporation
File Description: Internet Explorer
Internal Name: iexplore
Original Filename: IEXPLORE.EXE
Product Name: Système d'exploitation Microsoft® Windows®
Created on: 30/08/2002 18:24:06
Last accessed: 11/12/2004 16:21:01
Last modified: 30/08/2002 18:24:06
#27: [IEXPLORE.EXE]
File Path: C:\Program Files\Internet Explorer\IEXPLORE.EXE
ProcessID: 1088
Priority: Normal
File Size: 89 KB
Version: 6.0.2800.1106
File Version: 6.00.2800.1106
Product Version: 6.00.2800.1106
Copyright: © Microsoft Corporation. Tous droits réservés.
Company Name: Microsoft Corporation
File Description: Internet Explorer
Internal Name: iexplore
Original Filename: IEXPLORE.EXE
Product Name: Système d'exploitation Microsoft® Windows®
Created on: 30/08/2002 18:24:06
Last accessed: 11/12/2004 16:26:09
Last modified: 30/08/2002 18:24:06
#28: [HiJack.exe]
File Path: C:\Program Files\BulletProofSoft.com\SpywareRemover\HS\HiJack.exe
ProcessID: 1528
Priority: Normal
File Size: 392 KB
Version: 2.0.0.0
File Version: 2, 0, 0, 0
Product Version: 2, 0, 0, 0
Copyright: Copyright (C) 2003
Company Name:
File Description: HiJack MFC Application
Internal Name: System Hijack Scanner
Original Filename: HiJack.EXE
Product Name: System Hijack Scanner
Created on: 26/04/2004 20:34:14
Last accessed: 11/12/2004 16:19:44
Last modified: 26/04/2004 20:34:14
System Hijack Scanner Entries:
---------------
R0 - HKCU\Software\Microsoft\Internet Explorer\Main, Start Page=about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main, Start Page=about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main, Local Page=C:\WINNT\System32\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main, Local Page=C:\WINNT\system32\blank.htm
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search, SearchAssistant=res://C:\WINNT\system32\ibhxs.dll/sp.html#28129
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar, LinksFolderName=Liens
R1 - HKLM\Software\Microsoft\Internet Explorer\Main, Default_page_url=about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main, Default_search_url=res://C:\WINNT\system32\ibhxs.dll/sp.html#28129
R1 - HKCU\Software\Microsoft\Internet Explorer\Main, search bar=res://C:\WINNT\system32\ibhxs.dll/sp.html#28129
R1 - HKLM\Software\Microsoft\Internet Explorer\Main, search bar=res://C:\WINNT\system32\ibhxs.dll/sp.html#28129
R1 - HKCU\Software\Microsoft\Internet Explorer\Main, window title=Wanadoo
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search, SearchAssistant=res://C:\WINNT\system32\ibhxs.dll/sp.html#28129
R3 - URLSearchHook: (no name) - {D3F3E8ED-6317-19DB-95D1-25AC50F23DBF} - C:\WINNT\d3kk32.dll
O2 - BHO: (no name) - {D3F3E8ED-6317-19DB-95D1-25AC50F23DBF} - C:\WINNT\d3kk32.dll
O3 - ToolBar: (no name) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O4 - HKLM\..\Run: [PMXInit] C:\WINNT\system32\pmxinit.exe
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\taskbaricon.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd (file missing)
O4 - HKLM\..\Run: [NeroCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot (file missing)
O4 - HKLM\..\Run: [mswspl] (file missing)
O4 - HKLM\..\Run: [SAITEKAUTOCONFIGURE] C:\Program Files\Saitek\Saitek Gaming Extensions\saicnfig.exe /autorun
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime (file missing)
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon (file missing)
O4 - HKLM\..\Run: [mfciw32.exe] C:\WINNT\system32\mfciw32.exe (file missing)
O4 - HKLM\..\Run: [msrh.exe] C:\WINNT\system32\msrh.exe
O4 - HKLM\..\Run: [appev.exe] C:\WINNT\system32\appev.exe
O4 - HKLM\..\RunServices: [Windows Proffesional Security] WinSecure32.exe (file missing)
O4 - Global Start Up: C:\Documents and Settings\All Users.WINNT\Menu Démarrer\Programmes\Démarrage\DSLMON.lnk
O4 - Global Start Up: C:\Documents and Settings\All Users.WINNT\Menu Démarrer\Programmes\Démarrage\EPSON Status Monitor 3 Environment Check 2.lnk
O4 - Global User Start Up: C:\Documents and Settings\All Users.WINNT\Menu Démarrer\Programmes\Démarrage\DSLMON.lnk
O4 - Global User Start Up: C:\Documents and Settings\All Users.WINNT\Menu Démarrer\Programmes\Démarrage\EPSON Status Monitor 3 Environment Check 2.lnk
O5 - HKCU\control panel\don't load: ncpa.cpl = No
O5 - HKCU\control panel\don't load: odbccp32.cpl = No
O8 - Extra Context Menu Items: Enregistrer &[ - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra Context Menu Items: Personnaliser &Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra Context Menu Items: Remplir &$ - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O11 - Options Group: [JAVA_SUN] Java (Sun)
O15 - Trusted Zone:*://*.frame.crazywinnings.com
O15 - Trusted Zone:*://*.awmdabest.com
O15 - Trusted Zone:*://*.frame.crazywinnings.com
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {5D9E4B6D-CD17-4D85-99D4-6A52B394EC3B} (WSDownloader Control) - http://www.webshots.com/samplers/WSDownloader.ocx
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38332.1752199074
O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} (CRAVOnline Object) - http://www.ravantivirus.com/scan/ravonline.cab
O16 - DPF: {CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA} (Java Plug-in 1.4.2_05) - http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O17 - HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\TCPIP\Parameters\Interfaces\{CDD72806-F0E9-451A-945E-5BD258C3A8F6}, NameServer=80.10.246.130 80.10.246.3
O18 - Protocol: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINNT\System32\mshtml.dll
O18 - Protocol: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINNT\system32\urlmon.dll
O18 - Protocol: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINNT\system32\urlmon.dll
O18 - Protocol: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINNT\System32\itss.dll
O18 - Protocol: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINNT\System32\mshtml.dll
O18 - Protocol: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINNT\system32\urlmon.dll
O18 - Protocol: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINNT\System32\mshtml.dll
O18 - Protocol: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINNT\System32\inetcomm.dll
O18 - Protocol: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINNT\system32\urlmon.dll
O18 - Protocol: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINNT\System32\itss.dll
O18 - Protocol: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINNT\System32\mshtml.dll
O18 - Protocol: sysimage - {76E67A63-06E9-11D2-A840-006008059382} - C:\WINNT\System32\mshtml.dll
O18 - Protocol: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINNT\System32\mshtml.dll
O18 - Protocol: vnd.ms.radio - {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - C:\WINNT\System32\msdxm.ocx
A L'AIDE !!!!!!!!!!!!!!!!!!!!!!!!!!!!!
merci mille fois d'avance
j'ai chopé un vilain truc sur mon ordi et je n'arrive pas à l'enlever (spybot/ adaware/ panda /ravantivirus....)
ma page de démarrage affiche home search et le lien c'est about blank
Running Processes:
-----------------
#1: [smss.exe]
File Path: C:\WINNT\System32\smss.exe
ProcessID: 144
Priority: Normal
File Size: 44 KB
Version: 5.0.2195.6601
File Version: 5.00.2195.6601
Product Version: 5.00.2195.6601
Copyright: Copyright (C) Microsoft Corp. 1981-1999
Company Name: Microsoft Corporation
File Description: Windows NT Session Manager
Internal Name: smss.exe
Original Filename: smss.exe
Product Name: Microsoft(R) Windows (R) 2000 Operating System
Created on: 08/05/2001 01:00:00
Last accessed: 11/12/2004 16:14:05
Last modified: 19/06/2003 20:05:04
#2: [winlogon.exe]
File Path: C:\WINNT\system32\winlogon.exe
ProcessID: 192
Priority: High
File Size: 181 KB
Version: 5.0.2195.6714
File Version: 5.00.2195.6714
Product Version: 5.00.2195.6714
Copyright: Copyright (C) Microsoft Corp. 1981-1999
Company Name: Microsoft Corporation
File Description: Application d'ouverture de session Windows NT
Internal Name: winlogon
Original Filename: WINLOGON.EXE
Product Name: Système d'exploitation Microsoft(R) Windows (R) 2000
Created on: 07/03/2004 13:58:28
Last accessed: 11/12/2004 16:14:20
Last modified: 19/06/2003 20:05:04
#3: [services.exe]
File Path: C:\WINNT\system32\services.exe
ProcessID: 220
Priority: Normal
File Size: 87 KB
Version: 5.0.2195.6700
File Version: 5.00.2195.6700
Product Version: 5.00.2195.6700
Copyright: Copyright (C) Microsoft Corp. 1981-1999
Company Name: Microsoft Corporation
File Description: Applications Services et Contrôleur
Internal Name: services.exe
Original Filename: services.exe
Product Name: Système d'exploitation Microsoft(R) Windows (R) 2000
Created on: 08/05/2001 01:00:00
Last accessed: 11/12/2004 16:14:03
Last modified: 19/06/2003 20:05:04
#4: [lsass.exe]
File Path: C:\WINNT\system32\lsass.exe
ProcessID: 232
Priority: Normal
File Size: 38 KB
Version: 5.0.2195.6695
File Version: 5.00.2195.6695
Product Version: 5.00.2195.6695
Copyright: Copyright (C) Microsoft Corp. 1981-1999
Company Name: Microsoft Corporation
File Description: Exécutable LSA et DLL serveur (version d'exportation)
Internal Name: lsasrv.dll and lsass.exe
Original Filename: lsasrv.dll and lsass.exe
Product Name: Système d'exploitation Microsoft(R) Windows (R) 2000
Created on: 08/05/2001 01:00:00
Last accessed: 11/12/2004 16:12:35
Last modified: 19/06/2003 20:05:04
#5: [svchost.exe]
File Path: C:\WINNT\system32\svchost.exe
ProcessID: 408
Priority: Normal
File Size: 7 KB
Version: 5.0.2134.1
File Version: 5.00.2134.1
Product Version: 5.00.2134.1
Copyright: Copyright (C) Microsoft Corp. 1981-1999
Company Name: Microsoft Corporation
File Description: Generic Host Process for Win32 Services
Internal Name: svchost.exe
Original Filename: svchost.exe
Product Name: Microsoft(R) Windows (R) 2000 Operating System
Created on: 08/05/2001 01:00:00
Last accessed: 11/12/2004 16:14:08
Last modified: 08/05/2001 01:00:00
#6: [LEXBCES.EXE]
File Path: C:\WINNT\system32\LEXBCES.EXE
ProcessID: 436
Priority: Normal
File Size: 293 KB
Version: 7.1.0.0
File Version: 7.1
Product Version: 7.1
Copyright: (C) 1993 - 2001 Lexmark International, Inc.
Company Name: Lexmark International, Inc.
File Description: LexBce Service
Internal Name: LexBce Service
Original Filename: LexBceS.exe
Product Name: MarkVision for Windows (32 bit)
Created on: 18/05/2004 13:25:09
Last accessed: 11/12/2004 16:12:34
Last modified: 08/03/2002 02:33:10
#7: [spoolsv.exe]
File Path: C:\WINNT\system32\spoolsv.exe
ProcessID: 464
Priority: Normal
File Size: 44 KB
Version: 5.0.2195.6659
File Version: 5.00.2195.6659
Product Version: 5.00.2195.6659
Copyright: Copyright (C) Microsoft Corp. 1981-1999
Company Name: Microsoft Corporation
File Description: Spooler SubSystem App
Internal Name: spoolss.exe
Original Filename: spoolss.exe
Product Name: Microsoft(R) Windows (R) 2000 Operating System
Created on: 02/03/2004 16:35:45
Last accessed: 11/12/2004 16:14:06
Last modified: 19/06/2003 20:05:04
#8: [LEXPPS.EXE]
File Path: C:\WINNT\system32\LEXPPS.EXE
ProcessID: 492
Priority: Normal
File Size: 166 KB
Version: 7.1.0.0
File Version: 7.1
Product Version: 7.1
Copyright: (C) 1993 - 2001 Lexmark International, Inc.
Company Name: Lexmark International, Inc.
File Description: LEXPPS.EXE
Internal Name: LEXPPS
Original Filename: LEXPPS.EXE
Product Name: MarkVision for Windows (32 bit)
Created on: 18/05/2004 13:25:09
Last accessed: 11/12/2004 16:12:34
Last modified: 08/03/2002 02:30:24
#9: [SAgent2.exe]
File Path: C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
ProcessID: 556
Priority: Normal
File Size: 88 KB
Version: 2.0.0.0
File Version: 2, 1, 0, 0
Product Version: 1, 0, 0, 0
Copyright: Copyright (C) SEIKO EPSON CORP. 2000-2001
Company Name: SEIKO EPSON CORPORATION
File Description: EPSON Printer Status Agent
Internal Name: SAgent2
Original Filename: SAgent2.exe
Product Name: EPSON Bidirectional Printer
Created on: 03/03/2004 21:59:09
Last accessed: 11/12/2004 15:01:46
Last modified: 09/08/2001 02:01:00
#10: [svchost.exe]
File Path: C:\WINNT\System32\svchost.exe
ProcessID: 568
Priority: Normal
File Size: 7 KB
Version: 5.0.2134.1
File Version: 5.00.2134.1
Product Version: 5.00.2134.1
Copyright: Copyright (C) Microsoft Corp. 1981-1999
Company Name: Microsoft Corporation
File Description: Generic Host Process for Win32 Services
Internal Name: svchost.exe
Original Filename: svchost.exe
Product Name: Microsoft(R) Windows (R) 2000 Operating System
Created on: 08/05/2001 01:00:00
Last accessed: 11/12/2004 16:26:09
Last modified: 08/05/2001 01:00:00
#11: [regsvc.exe]
File Path: C:\WINNT\system32\regsvc.exe
ProcessID: 628
Priority: Normal
File Size: 66 KB
Version: 5.0.2195.6701
File Version: 5.00.2195.6701
Product Version: 5.00.2195.6701
Copyright: Copyright (C) Microsoft Corp. 1981-1999
Company Name: Microsoft Corporation
File Description: Remote Registry Service
Internal Name: regsvc
Original Filename: REGSVC.EXE
Product Name: Microsoft(R) Windows (R) 2000 Operating System
Created on: 07/03/2004 13:53:19
Last accessed: 11/12/2004 16:13:59
Last modified: 19/06/2003 20:05:04
#12: [MSTask.exe]
File Path: C:\WINNT\system32\MSTask.exe
ProcessID: 660
Priority: Normal
File Size: 118 KB
Version: 4.71.2195.6704
File Version: 4.71.2195.6704
Product Version: 4.71.2195.6704
Copyright: Copyright (C) Microsoft Corp. 1997
Company Name: Microsoft Corporation
File Description: Moteur du Planificateur de tâches
Internal Name: TaskScheduler
Original Filename: mstask.exe
Product Name: Planificateur de tâches Microsoft® Windows®
Created on: 07/03/2004 13:49:51
Last accessed: 11/12/2004 16:12:59
Last modified: 19/06/2003 20:05:04
#13: [WinMgmt.exe]
File Path: C:\WINNT\System32\WBEM\WinMgmt.exe
ProcessID: 696
Priority: Normal
File Size: 192 KB
Version: 1.50.1085.100
File Version: 1.50.1085.0100
Product Version: 1.50.1085.0100
Copyright: Copyright (C) Microsoft Corp. 1995-1999
Company Name: Microsoft Corporation
File Description: Infrastructure de gestion Windows
Internal Name: WINMGMT
Original Filename:
Product Name: Infrastructure de gestion Windows
Created on: 07/03/2004 13:58:29
Last accessed: 11/12/2004 15:52:43
Last modified: 19/06/2003 20:05:04
#14: [svchost.exe]
File Path: C:\WINNT\system32\svchost.exe
ProcessID: 708
Priority: Normal
File Size: 7 KB
Version: 5.0.2134.1
File Version: 5.00.2134.1
Product Version: 5.00.2134.1
Copyright: Copyright (C) Microsoft Corp. 1981-1999
Company Name: Microsoft Corporation
File Description: Generic Host Process for Win32 Services
Internal Name: svchost.exe
Original Filename: svchost.exe
Product Name: Microsoft(R) Windows (R) 2000 Operating System
Created on: 08/05/2001 01:00:00
Last accessed: 11/12/2004 16:26:09
Last modified: 08/05/2001 01:00:00
#15: [CnxMon.exe]
File Path: C:\PROGRA~1\Wanadoo\CnxMon.exe
ProcessID: 1068
Priority: Normal
File Size: 24 KB
Version: 1.0.0.1
File Version: 1, 0, 0, 1
Product Version: 1, 0, 0, 1
Copyright: Copyright (C) 2001
Company Name:
File Description: Application MFC CnxMon
Internal Name: CnxMon
Original Filename: CnxMon.EXE
Product Name: Application CnxMon
Created on: 14/02/2004 17:22:12
Last accessed: 11/12/2004 16:11:30
Last modified: 20/12/2002 15:22:00
#16: [taskbaricon.exe]
File Path: C:\PROGRA~1\Wanadoo\taskbaricon.exe
ProcessID: 1116
Priority: Normal
File Size: 52 KB
Version: 5.6.0.3
File Version: 5.6 (3)
Product Version: 5.6 (3)
Copyright: Copyright (C) France Télécom R&D 1999 - 2003
Company Name: France Télécom R&D
File Description: Gestion de l'icône de la barre des tâches
Internal Name: TaskBarIcon
Original Filename: TaskBarIcon.exe
Product Name: Kit de Connexion et de Services
Created on: 25/05/2004 15:55:37
Last accessed: 11/12/2004 16:11:30
Last modified: 11/02/2004 14:29:24
#17: [RunDll32.exe]
File Path: C:\WINNT\system32\RunDll32.exe
ProcessID: 1124
Priority: Normal
File Size: 9 KB
Version: 5.0.2134.1
File Version: 5.00.2134.1
Product Version: 5.00.2134.1
Copyright: Copyright (C) Microsoft Corp. 1981-1999
Company Name: Microsoft Corporation
File Description: Exécuter une DLL en tant qu'application
Internal Name: rundll
Original Filename: RUNDLL.EXE
Product Name: Système d'exploitation Microsoft(R) Windows (R) 2000
Created on: 08/05/2001 01:00:00
Last accessed: 11/12/2004 16:14:02
Last modified: 08/05/2001 01:00:00
#18: [realsched.exe]
File Path: C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
ProcessID: 1148
Priority: Normal
File Size: 148 KB
Version: 0.1.0.1622
File Version: 0.1.0.1622
Product Version: 0.1.0.1622
Copyright: Copyright © RealNetworks, Inc. 1995-2002
Company Name: RealNetworks, Inc.
File Description: RealNetworks Scheduler
Internal Name: schedapp
Original Filename: realsched.exe
Product Name: RealOne Player (32-bit)
Created on: 15/03/2004 19:19:07
Last accessed: 11/12/2004 15:02:28
Last modified: 15/03/2004 19:19:07
#19: [jusched.exe]
File Path: C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
ProcessID: 1108
Priority: Normal
File Size: 32 KB
Created on: 03/06/2068 21:05:12
Last accessed: 11/12/2004 15:04:36
Last modified: 03/06/2004 21:05:08
#20: [dslmon.exe]
File Path: C:\Program Files\SAGEM\SAGEM F@st800\dslmon.exe
ProcessID: 1176
Priority: Normal
File Size: 916 KB
Version: 1.0.0.1
File Version: 1, 0, 0, 1
Product Version: 1, 0, 0, 1
Copyright: Copyright (C) 2000
Company Name:
File Description: ADIMON MFC Application
Internal Name: DSLMON
Original Filename: ADIMON.EXE
Product Name: DSLMON Application
Created on: 14/02/2004 17:23:13
Last accessed: 11/12/2004 15:09:17
Last modified: 26/09/2002 14:53:02
#21: [EspaceWanadoo.exe]
File Path: C:\PROGRA~1\Wanadoo\EspaceWanadoo.exe
ProcessID: 296
Priority: Normal
File Size: 612 KB
Version: 5.6.0.213
File Version: 5.6 (213)
Product Version: 5.6 (213)
Copyright: Copyright (C) France Télécom R&D 1999-2003
Company Name: France Télécom R&D
File Description: Espace Client
Internal Name: EspaceClient
Original Filename: EspaceClient.exe
Product Name: Kit de Connexion et de Services
Created on: 25/05/2004 15:55:37
Last accessed: 11/12/2004 15:09:34
Last modified: 11/02/2004 14:29:26
#22: [ComComp.exe]
File Path: C:\PROGRA~1\Wanadoo\ComComp.exe
ProcessID: 204
Priority: Normal
File Size: 196 KB
Version: 5.5.0.391
File Version: 5.5 (391)
Product Version: 5.5 (391)
Copyright: Copyright (C) France Télécom R&D 1999- 2002
Company Name: France Télécom R&D
File Description: Module de communication
Internal Name: ComComp
Original Filename: ComComp.exe
Product Name: Kit de Connexion et de Services
Created on: 25/05/2004 15:55:37
Last accessed: 11/12/2004 15:09:34
Last modified: 11/02/2004 14:29:24
#23: [Watch.exe]
File Path: C:\PROGRA~1\Wanadoo\Watch.exe
ProcessID: 1000
Priority: Normal
File Size: 20 KB
Version: 5.5.0.81
File Version: 5.5 (81)
Product Version: 5.5 (81)
Copyright: Copyright (C) France Télécom R&D 1999-2002
Company Name: France Télécom R&D
File Description: Surveillance des modifications
Internal Name: Watch
Original Filename: Watch.exe
Product Name: Kit de Connexion et de Services
Created on: 25/05/2004 15:55:37
Last accessed: 11/12/2004 16:11:30
Last modified: 11/02/2004 14:29:26
#24: [explorer.exe]
File Path: C:\WINNT\explorer.exe
ProcessID: 1288
Priority: Normal
File Size: 238 KB
Version: 5.0.3700.6690
File Version: 5.00.3700.6690
Product Version: 5.00.3700.6690
Copyright: Copyright (C) Microsoft Corp. 1981-1999
Company Name: Microsoft Corporation
File Description: Explorateur Windows
Internal Name: explorer
Original Filename: EXPLORER.EXE
Product Name: Système d'exploitation Microsoft(R) Windows (R) 2000
Created on: 07/03/2004 13:36:26
Last accessed: 11/12/2004 16:11:32
Last modified: 19/06/2003 20:05:04
#25: [appev.exe]
File Path: C:\WINNT\system32\appev.exe
ProcessID: 1292
Priority: Normal
File Size: 29 KB
Created on: 27/11/2004 21:33:59
Last accessed: 11/12/2004 16:23:22
Last modified: 27/11/2004 21:33:59
#26: [IEXPLORE.EXE]
File Path: C:\Program Files\Internet Explorer\IEXPLORE.EXE
ProcessID: 876
Priority: Normal
File Size: 89 KB
Version: 6.0.2800.1106
File Version: 6.00.2800.1106
Product Version: 6.00.2800.1106
Copyright: © Microsoft Corporation. Tous droits réservés.
Company Name: Microsoft Corporation
File Description: Internet Explorer
Internal Name: iexplore
Original Filename: IEXPLORE.EXE
Product Name: Système d'exploitation Microsoft® Windows®
Created on: 30/08/2002 18:24:06
Last accessed: 11/12/2004 16:21:01
Last modified: 30/08/2002 18:24:06
#27: [IEXPLORE.EXE]
File Path: C:\Program Files\Internet Explorer\IEXPLORE.EXE
ProcessID: 1088
Priority: Normal
File Size: 89 KB
Version: 6.0.2800.1106
File Version: 6.00.2800.1106
Product Version: 6.00.2800.1106
Copyright: © Microsoft Corporation. Tous droits réservés.
Company Name: Microsoft Corporation
File Description: Internet Explorer
Internal Name: iexplore
Original Filename: IEXPLORE.EXE
Product Name: Système d'exploitation Microsoft® Windows®
Created on: 30/08/2002 18:24:06
Last accessed: 11/12/2004 16:26:09
Last modified: 30/08/2002 18:24:06
#28: [HiJack.exe]
File Path: C:\Program Files\BulletProofSoft.com\SpywareRemover\HS\HiJack.exe
ProcessID: 1528
Priority: Normal
File Size: 392 KB
Version: 2.0.0.0
File Version: 2, 0, 0, 0
Product Version: 2, 0, 0, 0
Copyright: Copyright (C) 2003
Company Name:
File Description: HiJack MFC Application
Internal Name: System Hijack Scanner
Original Filename: HiJack.EXE
Product Name: System Hijack Scanner
Created on: 26/04/2004 20:34:14
Last accessed: 11/12/2004 16:19:44
Last modified: 26/04/2004 20:34:14
System Hijack Scanner Entries:
---------------
R0 - HKCU\Software\Microsoft\Internet Explorer\Main, Start Page=about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main, Start Page=about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main, Local Page=C:\WINNT\System32\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main, Local Page=C:\WINNT\system32\blank.htm
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search, SearchAssistant=res://C:\WINNT\system32\ibhxs.dll/sp.html#28129
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar, LinksFolderName=Liens
R1 - HKLM\Software\Microsoft\Internet Explorer\Main, Default_page_url=about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main, Default_search_url=res://C:\WINNT\system32\ibhxs.dll/sp.html#28129
R1 - HKCU\Software\Microsoft\Internet Explorer\Main, search bar=res://C:\WINNT\system32\ibhxs.dll/sp.html#28129
R1 - HKLM\Software\Microsoft\Internet Explorer\Main, search bar=res://C:\WINNT\system32\ibhxs.dll/sp.html#28129
R1 - HKCU\Software\Microsoft\Internet Explorer\Main, window title=Wanadoo
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search, SearchAssistant=res://C:\WINNT\system32\ibhxs.dll/sp.html#28129
R3 - URLSearchHook: (no name) - {D3F3E8ED-6317-19DB-95D1-25AC50F23DBF} - C:\WINNT\d3kk32.dll
O2 - BHO: (no name) - {D3F3E8ED-6317-19DB-95D1-25AC50F23DBF} - C:\WINNT\d3kk32.dll
O3 - ToolBar: (no name) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O4 - HKLM\..\Run: [PMXInit] C:\WINNT\system32\pmxinit.exe
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\taskbaricon.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd (file missing)
O4 - HKLM\..\Run: [NeroCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot (file missing)
O4 - HKLM\..\Run: [mswspl] (file missing)
O4 - HKLM\..\Run: [SAITEKAUTOCONFIGURE] C:\Program Files\Saitek\Saitek Gaming Extensions\saicnfig.exe /autorun
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime (file missing)
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon (file missing)
O4 - HKLM\..\Run: [mfciw32.exe] C:\WINNT\system32\mfciw32.exe (file missing)
O4 - HKLM\..\Run: [msrh.exe] C:\WINNT\system32\msrh.exe
O4 - HKLM\..\Run: [appev.exe] C:\WINNT\system32\appev.exe
O4 - HKLM\..\RunServices: [Windows Proffesional Security] WinSecure32.exe (file missing)
O4 - Global Start Up: C:\Documents and Settings\All Users.WINNT\Menu Démarrer\Programmes\Démarrage\DSLMON.lnk
O4 - Global Start Up: C:\Documents and Settings\All Users.WINNT\Menu Démarrer\Programmes\Démarrage\EPSON Status Monitor 3 Environment Check 2.lnk
O4 - Global User Start Up: C:\Documents and Settings\All Users.WINNT\Menu Démarrer\Programmes\Démarrage\DSLMON.lnk
O4 - Global User Start Up: C:\Documents and Settings\All Users.WINNT\Menu Démarrer\Programmes\Démarrage\EPSON Status Monitor 3 Environment Check 2.lnk
O5 - HKCU\control panel\don't load: ncpa.cpl = No
O5 - HKCU\control panel\don't load: odbccp32.cpl = No
O8 - Extra Context Menu Items: Enregistrer &[ - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra Context Menu Items: Personnaliser &Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra Context Menu Items: Remplir &$ - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O11 - Options Group: [JAVA_SUN] Java (Sun)
O15 - Trusted Zone:*://*.frame.crazywinnings.com
O15 - Trusted Zone:*://*.awmdabest.com
O15 - Trusted Zone:*://*.frame.crazywinnings.com
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {5D9E4B6D-CD17-4D85-99D4-6A52B394EC3B} (WSDownloader Control) - http://www.webshots.com/samplers/WSDownloader.ocx
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38332.1752199074
O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} (CRAVOnline Object) - http://www.ravantivirus.com/scan/ravonline.cab
O16 - DPF: {CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA} (Java Plug-in 1.4.2_05) - http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O17 - HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\TCPIP\Parameters\Interfaces\{CDD72806-F0E9-451A-945E-5BD258C3A8F6}, NameServer=80.10.246.130 80.10.246.3
O18 - Protocol: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINNT\System32\mshtml.dll
O18 - Protocol: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINNT\system32\urlmon.dll
O18 - Protocol: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINNT\system32\urlmon.dll
O18 - Protocol: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINNT\System32\itss.dll
O18 - Protocol: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINNT\System32\mshtml.dll
O18 - Protocol: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINNT\system32\urlmon.dll
O18 - Protocol: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINNT\System32\mshtml.dll
O18 - Protocol: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINNT\System32\inetcomm.dll
O18 - Protocol: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINNT\system32\urlmon.dll
O18 - Protocol: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINNT\System32\itss.dll
O18 - Protocol: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINNT\System32\mshtml.dll
O18 - Protocol: sysimage - {76E67A63-06E9-11D2-A840-006008059382} - C:\WINNT\System32\mshtml.dll
O18 - Protocol: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINNT\System32\mshtml.dll
O18 - Protocol: vnd.ms.radio - {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - C:\WINNT\System32\msdxm.ocx
A L'AIDE !!!!!!!!!!!!!!!!!!!!!!!!!!!!!
merci mille fois d'avance
A voir également:
- Pb page de démarrage + pop-up
- Forcer demarrage pc - Guide
- Ordinateur lent au démarrage - Guide
- Pop up mcafee - Accueil - Piratage
- Reinitialiser pc au demarrage - Guide
- Impossible de supprimer une page word - Guide
3 réponses
salut
difficile à enlever celui là "frame.crazywinnings"
lis la procédure proposée là
http://www.commentcamarche.net/forum/affich-1154260-Pb-avec-trusted-zone-frame-crazywinnings-com
a+
difficile à enlever celui là "frame.crazywinnings"
lis la procédure proposée là
http://www.commentcamarche.net/forum/affich-1154260-Pb-avec-trusted-zone-frame-crazywinnings-com
a+
merci !!
j'ai tout enlevé tous les fichiers et dossiers suspects en mode sans échec et ça a l'air de marcher
j'ai tout enlevé tous les fichiers et dossiers suspects en mode sans échec et ça a l'air de marcher
re
ok bon surf
et si tu changeais de navigateur? Firefox par ex
http://www.mozilla-europe.org/fr/
a+
ok bon surf
et si tu changeais de navigateur? Firefox par ex
http://www.mozilla-europe.org/fr/
a+
