New dialup connection
panzerbenzouille
-
panzerbenzouille Messages postés 14 Statut Membre -
panzerbenzouille Messages postés 14 Statut Membre -
salut a tous j ai un gros probleme .je me suis chope new dialup connection et ne sais pas le suprimmer +a ma page de demarrage j ai tjrs "realsearcher" qui s ouvre a la place de google et j ai beau changer l adresse"http://countere.com/?b=geo" elle revien tjrs et pour finir sur le bureau y a tjrs une incription qui s affiche" already running!!! etme demande de faire ok help s il vous plait
A voir également:
- New dialup connection
- Gmail connection - Guide
- Connection chromecast - Guide
- Facebook connection - Guide
- Code de connection internet gratuit pdf ✓ - Forum Sony
- Meetic connection automatique - Forum Réseaux sociaux
14 réponses
salut
regarde ceci
http://www.commentcamarche.net/faq/492-detournement-de-page-d-acceuil
la chasse et le balltrap ma vrai passion
voir site perso dans profil
regarde ceci
http://www.commentcamarche.net/faq/492-detournement-de-page-d-acceuil
la chasse et le balltrap ma vrai passion
voir site perso dans profil
sallut balltrap 34 voici ce que hijack this me donne Logfile of HijackThis v1.98.2
Scan saved at 11:23:50, on 28/08/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\Dit.exe
C:\Program Files\Home Cinema\PowerCinema\PCMService.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
C:\WINDOWS\System32\hphmon05.exe
C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
C:\Program Files\Support.com\bin\tgcmd.exe
C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\MSN Apps\Updater\01.02.0002.1001\fr-be\msnappau.exe
D:\BENOIT\divers programme\info pc\Freeram.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\winmm64.exe
C:\WINDOWS\orntms.exe
C:\WINDOWS\system32\s-sys-msPE.exe
C:\WINDOWS\system32\nthhorSP64.exe
C:\Program Files\Netropa\Onscreen Display\OSD.exe
C:\WINDOWS\ms32sy.exe
C:\WINDOWS\system32\32643232SP.exe
C:\WINDOWS\s-mshhsy.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\BENOIT.FIXE.000\Mes documents\Mes fichiers reçus\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://countere.com/?a=2&b=geo
R1 - HKLM\Software\Microsoft\Internet Explorer,SearchURL = http://countere.com/?a=2&b=geo
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://countere.com/?a=2&b=geo
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://countere.com/?a=2&b=geo
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://countere.com/?b=geo
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.aldi.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://countere.com/?a=2&b=geo
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://countere.com/?a=2&b=geo
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://countere.com/?a=2&b=geo
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://countere.com/?a=2&b=geo
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,SearchURL = http://countere.com/?a=2&b=geo
R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,SearchURL = http://countere.com/?a=2&b=geo
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.google.be/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.02.0002.1001\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.2001.0001\fr-be\msntb.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Systran40premi.IEPlugIn - {CFB25594-4D5F-11D6-AB7B-00B0D094B576} - C:\Program Files\Systran\4_0\Premium\IEPlugIn.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.2001.0001\fr-be\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Home Cinema\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [HPHUPD05] C:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [tgcmd] "C:\Program Files\Support.com\bin\tgcmd.exe" /server /startmonitor
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [MULTIMEDIA KEYBOARD] C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe
O4 - HKLM\..\Run: [pdfFactory Pro Dispatcher v2] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Fichiers communs\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [msnappau] "C:\Program Files\MSN Apps\Updater\01.02.0002.1001\fr-be\msnappau.exe"
O4 - HKCU\..\Run: [FreeRAM] D:\BENOIT\divers programme\info pc\Freeram.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SpywareGuardPlus] C:\WINDOWS\system32\winmm64.exe
O4 - HKCU\..\Run: [orntms] C:\WINDOWS\orntms.exe
O4 - HKCU\..\Run: [s-sys-msPE] C:\WINDOWS\system32\s-sys-msPE.exe
O4 - HKCU\..\Run: [nthhorSP64] C:\WINDOWS\system32\nthhorSP64.exe
O4 - HKCU\..\Run: [ms32sy] C:\WINDOWS\ms32sy.exe
O4 - HKCU\..\Run: [32643232SP] C:\WINDOWS\system32\32643232SP.exe
O4 - HKCU\..\Run: [s-mshhsy] C:\WINDOWS\s-mshhsy.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Télécharger en utilisant Download &Express - C:\Program Files\Download Express\Add_Url.htm
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE (file missing)
O14 - IERESET.INF: START_PAGE_URL=http://www.aldi.com
O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) - http://fr.encyclopedia.yahoo.com/rsc/tdserver.cab
O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://files.ea.com/downloads/rtpatch/v2/EARTPX.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B7792998-E7F9-4644-BBE6-4AEE32C14546}: NameServer = 195.238.2.21 195.238.2.22
Scan saved at 11:23:50, on 28/08/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\Dit.exe
C:\Program Files\Home Cinema\PowerCinema\PCMService.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
C:\WINDOWS\System32\hphmon05.exe
C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
C:\Program Files\Support.com\bin\tgcmd.exe
C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\MSN Apps\Updater\01.02.0002.1001\fr-be\msnappau.exe
D:\BENOIT\divers programme\info pc\Freeram.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\winmm64.exe
C:\WINDOWS\orntms.exe
C:\WINDOWS\system32\s-sys-msPE.exe
C:\WINDOWS\system32\nthhorSP64.exe
C:\Program Files\Netropa\Onscreen Display\OSD.exe
C:\WINDOWS\ms32sy.exe
C:\WINDOWS\system32\32643232SP.exe
C:\WINDOWS\s-mshhsy.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\BENOIT.FIXE.000\Mes documents\Mes fichiers reçus\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://countere.com/?a=2&b=geo
R1 - HKLM\Software\Microsoft\Internet Explorer,SearchURL = http://countere.com/?a=2&b=geo
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://countere.com/?a=2&b=geo
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://countere.com/?a=2&b=geo
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://countere.com/?b=geo
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.aldi.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://countere.com/?a=2&b=geo
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://countere.com/?a=2&b=geo
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://countere.com/?a=2&b=geo
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://countere.com/?a=2&b=geo
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,SearchURL = http://countere.com/?a=2&b=geo
R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,SearchURL = http://countere.com/?a=2&b=geo
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.google.be/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.02.0002.1001\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.2001.0001\fr-be\msntb.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Systran40premi.IEPlugIn - {CFB25594-4D5F-11D6-AB7B-00B0D094B576} - C:\Program Files\Systran\4_0\Premium\IEPlugIn.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.2001.0001\fr-be\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Home Cinema\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [HPHUPD05] C:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [tgcmd] "C:\Program Files\Support.com\bin\tgcmd.exe" /server /startmonitor
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [MULTIMEDIA KEYBOARD] C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe
O4 - HKLM\..\Run: [pdfFactory Pro Dispatcher v2] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Fichiers communs\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [msnappau] "C:\Program Files\MSN Apps\Updater\01.02.0002.1001\fr-be\msnappau.exe"
O4 - HKCU\..\Run: [FreeRAM] D:\BENOIT\divers programme\info pc\Freeram.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SpywareGuardPlus] C:\WINDOWS\system32\winmm64.exe
O4 - HKCU\..\Run: [orntms] C:\WINDOWS\orntms.exe
O4 - HKCU\..\Run: [s-sys-msPE] C:\WINDOWS\system32\s-sys-msPE.exe
O4 - HKCU\..\Run: [nthhorSP64] C:\WINDOWS\system32\nthhorSP64.exe
O4 - HKCU\..\Run: [ms32sy] C:\WINDOWS\ms32sy.exe
O4 - HKCU\..\Run: [32643232SP] C:\WINDOWS\system32\32643232SP.exe
O4 - HKCU\..\Run: [s-mshhsy] C:\WINDOWS\s-mshhsy.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Télécharger en utilisant Download &Express - C:\Program Files\Download Express\Add_Url.htm
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE (file missing)
O14 - IERESET.INF: START_PAGE_URL=http://www.aldi.com
O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) - http://fr.encyclopedia.yahoo.com/rsc/tdserver.cab
O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://files.ea.com/downloads/rtpatch/v2/EARTPX.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B7792998-E7F9-4644-BBE6-4AEE32C14546}: NameServer = 195.238.2.21 195.238.2.22
salut
relance hijack coche et fix ces lignes
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://countere.com/?a=2&b=geo
R1 - HKLM\Software\Microsoft\Internet Explorer,SearchURL = http://countere.com/?a=2&b=geo
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://countere.com/?a=2&b=geo
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://countere.com/?a=2&b=geo
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://countere.com/?b=geo
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.aldi.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://countere.com/?a=2&b=geo
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://countere.com/?a=2&b=geo
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://countere.com/?a=2&b=geo
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://countere.com/?a=2&b=geo
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,SearchURL = http://countere.com/?a=2&b=geo
R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,SearchURL = http://countere.com/?a=2&b=geo
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE (file missing)
O14 - IERESET.INF: START_PAGE_URL=http://www.aldi.com
connait tu ces programmes il me parraisse plus que louche
O4 - HKCU\..\Run: [s-sys-msPE] C:\WINDOWS\system32\s-sys-msPE.exe O4 - HKCU\..\Run: [nthhorSP64] C:\WINDOWS\system32\nthhorSP64.exe
O4 - HKCU\..\Run: [ms32sy] C:\WINDOWS\ms32sy.exe
O4 - HKCU\..\Run: [32643232SP] C:\WINDOWS\system32\32643232SP.exe
O4 - HKCU\..\Run: [s-mshhsy] C:\WINDOWS\s-mshhsy.exe
une foi fixer tu redemarre tu change ta page dans option internet et tu redemarre a nouveau pour voir si cela tient
la chasse et le balltrap ma vrai passion
voir site perso dans profil
relance hijack coche et fix ces lignes
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://countere.com/?a=2&b=geo
R1 - HKLM\Software\Microsoft\Internet Explorer,SearchURL = http://countere.com/?a=2&b=geo
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://countere.com/?a=2&b=geo
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://countere.com/?a=2&b=geo
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://countere.com/?b=geo
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.aldi.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://countere.com/?a=2&b=geo
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://countere.com/?a=2&b=geo
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://countere.com/?a=2&b=geo
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://countere.com/?a=2&b=geo
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,SearchURL = http://countere.com/?a=2&b=geo
R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,SearchURL = http://countere.com/?a=2&b=geo
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE (file missing)
O14 - IERESET.INF: START_PAGE_URL=http://www.aldi.com
connait tu ces programmes il me parraisse plus que louche
O4 - HKCU\..\Run: [s-sys-msPE] C:\WINDOWS\system32\s-sys-msPE.exe O4 - HKCU\..\Run: [nthhorSP64] C:\WINDOWS\system32\nthhorSP64.exe
O4 - HKCU\..\Run: [ms32sy] C:\WINDOWS\ms32sy.exe
O4 - HKCU\..\Run: [32643232SP] C:\WINDOWS\system32\32643232SP.exe
O4 - HKCU\..\Run: [s-mshhsy] C:\WINDOWS\s-mshhsy.exe
une foi fixer tu redemarre tu change ta page dans option internet et tu redemarre a nouveau pour voir si cela tient
la chasse et le balltrap ma vrai passion
voir site perso dans profil
c ok por la page de demarrage et connexion avec serveur dialup 1 grand merci mais g tjrs des saloperies qui s impose dans mes favoris que faire? svp c est des documents ou il y a des adresses style
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
c ok por la page de demarrage et connexion avec serveur dialup 1 grand merci mais g tjrs des saloperies qui s impose dans mes favoris que faire? svp c est des documents ou il y a des adresses style"online gambling news" "onlines pharmacy news" "free adult pics and movies" etc et les adresses sont toutes les memes "erosearch.com"
re
vas dans option internet et suppr fichier temp cokkies et historique
ensuite faitceci et met le rapport
http://pageperso.aol.fr/Balltrap34/aa.exe
-Pose-le sur le bureau.
-Double-clique.
-Décompresse-le sur le bureau.
-Double-clique "Start.bat" et choisis l'option 1 pour le rapport.
-Une fois la recherche terminée, un fichier txt doit apparaître sous
le nom "Output.txt" et sera sauvegardé dans le dossier.
-Copie/colle le contenu de "Output.txt" dans ta réponse.
la chasse et le balltrap ma vrai passion
voir site perso dans profil
vas dans option internet et suppr fichier temp cokkies et historique
ensuite faitceci et met le rapport
http://pageperso.aol.fr/Balltrap34/aa.exe
-Pose-le sur le bureau.
-Double-clique.
-Décompresse-le sur le bureau.
-Double-clique "Start.bat" et choisis l'option 1 pour le rapport.
-Une fois la recherche terminée, un fichier txt doit apparaître sous
le nom "Output.txt" et sera sauvegardé dans le dossier.
-Copie/colle le contenu de "Output.txt" dans ta réponse.
la chasse et le balltrap ma vrai passion
voir site perso dans profil
--==***@@@ FIND-ALL' VERSION MODIFIED -6/05 @@@***==--
--==***@@@ ORIGINAL BY FREEATLAST @@@***==--
sam. 28/08/2004
15:39
System Info:
Microsoft Windows XP [version 5.1.2600]
C: "BOOT" (A4A5:A673) - FS:NTFS clusters:4k
Total: 100 027 596 800 [93G] - Free: 56 248 811 520 [52G]
*IE version and Service packs:
6.0.2800.1106 C:\Program Files\Internet Explorer\Iexplore.exe
*Notepad version :
5.1.2600.0 C:\WINDOWS\system32\notepad.exe
5.1.2600.0 C:\WINDOWS\notepad.exe
*Media Player version :
9.0.0.2980 C:\Program Files\Windows Media Player\wmplayer.exe
! REG.EXE VERSION 2.0
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings
MinorVersion REG_SZ ;SP1;Q832894;Q330994;Q837009;Q831167;Q867801;Q823353;
Locked or 'Suspect' file(s) found...
These may be other files that Dllfix doesnt target.
Scanning for main Hijacker:
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""
"DeviceNotSelectedTimeout"="15"
"GDIProcessHandleQuota"=dword:00002710
"Spooler"="yes"
"swapdisk"=""
"TransmissionRetryTimeout"="90"
"USERProcessHandleQuota"=dword:00002710
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
@=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{549B5CA7-4A86-11D7-A4DF-000874180BB3}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9394EDE7-C8B5-483E-8773-474BF36AF6E4}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDF3E430-B101-42AD-A544-FADC6B084872}]
@="NAV Helper"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDD3B846-8D59-4ffb-8758-209B6AD74ACC}]
REGEDIT4
[HKEY_CLASSES_ROOT\PROTOCOLS\Filter]
[HKEY_CLASSES_ROOT\PROTOCOLS\Filter\application/octet-stream]
"CLSID"="{1E66F26B-79EE-11D2-8710-00C04F79ED0D}"
[HKEY_CLASSES_ROOT\PROTOCOLS\Filter\application/x-complus]
"CLSID"="{1E66F26B-79EE-11D2-8710-00C04F79ED0D}"
[HKEY_CLASSES_ROOT\PROTOCOLS\Filter\application/x-msdownload]
"CLSID"="{1E66F26B-79EE-11D2-8710-00C04F79ED0D}"
[HKEY_CLASSES_ROOT\PROTOCOLS\Filter\Class Install Handler]
@="AP Class Install Handler filter"
"CLSID"="{32B533BB-EDAE-11d0-BD5A-00AA00B92AF1}"
[HKEY_CLASSES_ROOT\PROTOCOLS\Filter\deflate]
@="AP Deflate Encoding/Decoding Filter "
"CLSID"="{8f6b0360-b80d-11d0-a9b3-006097942311}"
[HKEY_CLASSES_ROOT\PROTOCOLS\Filter\gzip]
@="AP GZIP Encoding/Decoding Filter "
"CLSID"="{8f6b0360-b80d-11d0-a9b3-006097942311}"
[HKEY_CLASSES_ROOT\PROTOCOLS\Filter\lzdhtml]
@="AP lzdhtml encoding/decoding Filter"
"CLSID"="{8f6b0360-b80d-11d0-a9b3-006097942311}"
[HKEY_CLASSES_ROOT\PROTOCOLS\Filter\text/webviewhtml]
@="WebView MIME Filter"
"CLSID"="{733AC4CB-F1A4-11d0-B951-00A0C90312E1}"
! REG.EXE VERSION 2.0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
AppInit_Dlls REG_SZ
*Security settings for 'Windows' key:
RegDACL 5.1 - Permissions Manager for Registry keys for Windows NT 4 and above
Copyright (c) 1999-2001 Frank Heyne Software (http://www.heysoft.de)
This program is Freeware, use it on your own risk!
Access Control List for Registry key hklm\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows:
(ID-NI) ALLOW Read BUILTIN\Utilisateurs
(ID-IO) ALLOW Read BUILTIN\Utilisateurs
(ID-NI) ALLOW Full access BUILTIN\Administrateurs
(ID-IO) ALLOW Full access BUILTIN\Administrateurs
(ID-NI) ALLOW Full access AUTORITE NT\SYSTEM
(ID-IO) ALLOW Full access AUTORITE NT\SYSTEM
(ID-IO) ALLOW Full access CREATEUR PROPRIETAIRE
Effective permissions for Registry key hklm\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows:
Read BUILTIN\Utilisateurs
Full access BUILTIN\Administrateurs
Full access AUTORITE NT\SYSTEM
voila te lenvoie merci
--==***@@@ ORIGINAL BY FREEATLAST @@@***==--
sam. 28/08/2004
15:39
System Info:
Microsoft Windows XP [version 5.1.2600]
C: "BOOT" (A4A5:A673) - FS:NTFS clusters:4k
Total: 100 027 596 800 [93G] - Free: 56 248 811 520 [52G]
*IE version and Service packs:
6.0.2800.1106 C:\Program Files\Internet Explorer\Iexplore.exe
*Notepad version :
5.1.2600.0 C:\WINDOWS\system32\notepad.exe
5.1.2600.0 C:\WINDOWS\notepad.exe
*Media Player version :
9.0.0.2980 C:\Program Files\Windows Media Player\wmplayer.exe
! REG.EXE VERSION 2.0
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings
MinorVersion REG_SZ ;SP1;Q832894;Q330994;Q837009;Q831167;Q867801;Q823353;
Locked or 'Suspect' file(s) found...
These may be other files that Dllfix doesnt target.
Scanning for main Hijacker:
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""
"DeviceNotSelectedTimeout"="15"
"GDIProcessHandleQuota"=dword:00002710
"Spooler"="yes"
"swapdisk"=""
"TransmissionRetryTimeout"="90"
"USERProcessHandleQuota"=dword:00002710
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
@=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{549B5CA7-4A86-11D7-A4DF-000874180BB3}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9394EDE7-C8B5-483E-8773-474BF36AF6E4}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDF3E430-B101-42AD-A544-FADC6B084872}]
@="NAV Helper"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDD3B846-8D59-4ffb-8758-209B6AD74ACC}]
REGEDIT4
[HKEY_CLASSES_ROOT\PROTOCOLS\Filter]
[HKEY_CLASSES_ROOT\PROTOCOLS\Filter\application/octet-stream]
"CLSID"="{1E66F26B-79EE-11D2-8710-00C04F79ED0D}"
[HKEY_CLASSES_ROOT\PROTOCOLS\Filter\application/x-complus]
"CLSID"="{1E66F26B-79EE-11D2-8710-00C04F79ED0D}"
[HKEY_CLASSES_ROOT\PROTOCOLS\Filter\application/x-msdownload]
"CLSID"="{1E66F26B-79EE-11D2-8710-00C04F79ED0D}"
[HKEY_CLASSES_ROOT\PROTOCOLS\Filter\Class Install Handler]
@="AP Class Install Handler filter"
"CLSID"="{32B533BB-EDAE-11d0-BD5A-00AA00B92AF1}"
[HKEY_CLASSES_ROOT\PROTOCOLS\Filter\deflate]
@="AP Deflate Encoding/Decoding Filter "
"CLSID"="{8f6b0360-b80d-11d0-a9b3-006097942311}"
[HKEY_CLASSES_ROOT\PROTOCOLS\Filter\gzip]
@="AP GZIP Encoding/Decoding Filter "
"CLSID"="{8f6b0360-b80d-11d0-a9b3-006097942311}"
[HKEY_CLASSES_ROOT\PROTOCOLS\Filter\lzdhtml]
@="AP lzdhtml encoding/decoding Filter"
"CLSID"="{8f6b0360-b80d-11d0-a9b3-006097942311}"
[HKEY_CLASSES_ROOT\PROTOCOLS\Filter\text/webviewhtml]
@="WebView MIME Filter"
"CLSID"="{733AC4CB-F1A4-11d0-B951-00A0C90312E1}"
! REG.EXE VERSION 2.0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
AppInit_Dlls REG_SZ
*Security settings for 'Windows' key:
RegDACL 5.1 - Permissions Manager for Registry keys for Windows NT 4 and above
Copyright (c) 1999-2001 Frank Heyne Software (http://www.heysoft.de)
This program is Freeware, use it on your own risk!
Access Control List for Registry key hklm\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows:
(ID-NI) ALLOW Read BUILTIN\Utilisateurs
(ID-IO) ALLOW Read BUILTIN\Utilisateurs
(ID-NI) ALLOW Full access BUILTIN\Administrateurs
(ID-IO) ALLOW Full access BUILTIN\Administrateurs
(ID-NI) ALLOW Full access AUTORITE NT\SYSTEM
(ID-IO) ALLOW Full access AUTORITE NT\SYSTEM
(ID-IO) ALLOW Full access CREATEUR PROPRIETAIRE
Effective permissions for Registry key hklm\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows:
Read BUILTIN\Utilisateurs
Full access BUILTIN\Administrateurs
Full access AUTORITE NT\SYSTEM
voila te lenvoie merci
bon pas de dll cacher
connait tu ces programmaes
O4 - HKCU\..\Run: [s-sys-msPE] C:\WINDOWS\system32\s-sys-msPE.exe O4 - HKCU\..\Run: [nthhorSP64] C:\WINDOWS\system32\nthhorSP64.exe
O4 - HKCU\..\Run: [ms32sy] C:\WINDOWS\ms32sy.exe
O4 - HKCU\..\Run: [32643232SP] C:\WINDOWS\system32\32643232SP.exe
O4 - HKCU\..\Run: [s-mshhsy] C:\WINDOWS\s-mshhsy.exe
la chasse et le balltrap ma vrai passion
voir site perso dans profil
connait tu ces programmaes
O4 - HKCU\..\Run: [s-sys-msPE] C:\WINDOWS\system32\s-sys-msPE.exe O4 - HKCU\..\Run: [nthhorSP64] C:\WINDOWS\system32\nthhorSP64.exe
O4 - HKCU\..\Run: [ms32sy] C:\WINDOWS\ms32sy.exe
O4 - HKCU\..\Run: [32643232SP] C:\WINDOWS\system32\32643232SP.exe
O4 - HKCU\..\Run: [s-mshhsy] C:\WINDOWS\s-mshhsy.exe
la chasse et le balltrap ma vrai passion
voir site perso dans profil
