bob_le_marrant99 | Bon ben je vais vraiement péter une durite avec le pc de mon pote ...
Alors j'ai fais tout comme vous m'avez dis ... Grâce au log HijackThis ...
Alors bien bien enlevé ces ligne :
Code :
- R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:search
- R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:search
- R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:search
- R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:search
- R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:search
- R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:search
- R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:search
- R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = about:search
- O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
|
Mais une fois redémarré ... ben devinez quoi ... ben j'ai denouveau ces lignes et donc cette putain de page "about:search" !!!
Par contre si je me log en mode sans échec là je n'ai pas ces lignes Mais quest-ce que je fais faux ???
HELP ME
Merci d'avance pour votre aide
PS Le log au cas ou
Code :
- Logfile of HijackThis v1.99.0
- Scan saved at 17:50:11, on 17.01.2005
- Platform: Windows XP SP1 (WinNT 5.01.2600)
- MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
- Running processes:
- C:\WINDOWS\System32\smss.exe
- C:\WINDOWS\system32\winlogon.exe
- C:\WINDOWS\system32\services.exe
- C:\WINDOWS\system32\lsass.exe
- C:\WINDOWS\system32\svchost.exe
- C:\WINDOWS\System32\svchost.exe
- C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
- C:\WINDOWS\Explorer.EXE
- C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
- C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
- C:\WINDOWS\system32\spoolsv.exe
- C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
- C:\PROGRA~1\Symantec\NORTON~1\GHOSTS~2.EXE
- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
- C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\navapsvc.exe
- C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\AdvTools\NPROTECT.EXE
- C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\SAVScan.exe
- C:\WINDOWS\System32\svchost.exe
- C:\Program Files\ASUS\Probe\AsusProb.exe
- C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
- C:\Program Files\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe
- C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
- C:\Program Files\Hewlett-Packard\PhotoSmart\Photo Imaging\Hpi_Monitor.exe
- C:\Program Files\Hewlett-Packard\PhotoSmart\HP Share-to-Web\hpgs2wnd.exe
- C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
- C:\PROGRA~1\PESTPA~1\PPControl.exe
- C:\PROGRA~1\HEWLET~1\PHOTOS~1\HPSHAR~1\hpgs2wnf.exe
- C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
- C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
- C:\WINDOWS\System32\ctfmon.exe
- C:\Program Files\Messenger\msmsgs.exe
- C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
- C:\Program Files\Logitech\SetPoint\KEM.exe
- C:\Program Files\Logitech\SetPoint\KHALMNPR.EXE
- C:\HijackThis.exe
- C:\WINDOWS\System32\wuauclt.exe
- R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:search
- R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:search
- R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:search
- R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:search
- R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:search
- R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:search
- R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:search
- R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = about:search
- R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
- O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
- O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
- O2 - BHO: - {B05D4B1A-E308-438E-B5D1-7D137BB6D35B} - C:\WINDOWS\System32\l.dll
- O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
- O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
- O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\NavShExt.dll
- O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
- O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
- O4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Probe\AsusProb.exe
- O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
- O4 - HKLM\..\Run: [GhostStartTrayApp] C:\Program Files\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe
- O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
- O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security Professional\UrlLstCk.exe
- O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\NORTON~1\AdvTools\ADVCHK.EXE
- O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe
- O4 - HKLM\..\Run: [CXMon] "C:\Program Files\Hewlett-Packard\PhotoSmart\Photo Imaging\Hpi_Monitor.exe"
- O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\PhotoSmart\HP Share-to-Web\hpgs2wnd.exe
- O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
- O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
- O4 - HKLM\..\Run: [SyncUpd] regedit.exe -s C:\WINDOWS\sysreg.reg
- O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
- O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
- O4 - HKLM\..\Run: [PestPatrol Control Center] C:\PROGRA~1\PESTPA~1\PPControl.exe
- O4 - HKLM\..\Run: [PPMemCheck] C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
- O4 - HKLM\..\Run: [CookiePatrol] C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
- O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
- O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
- O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
- O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
- O4 - HKCU\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
- O4 - Global Startup: Assistant d'Acrobat.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
- O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe
- O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
- O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
- O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
- O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
- O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
- O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
- O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
- O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
- O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
- O14 - IERESET.INF: START_PAGE_URL=http://www.bluewin.ch
- O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft. [...] 4840478093
- O23 - Service: Symantec Event Manager - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
- O23 - Service: Symantec Network Proxy - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
- O23 - Service: Symantec Password Validation - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
- O23 - Service: Symantec Settings Manager - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
- O23 - Service: Service d'administration du Gestionnaire de disque logique - Unknown - C:\WINDOWS\System32\dmadmin.exe
- O23 - Service: Journal des événements - Unknown - C:\WINDOWS\system32\services.exe
- O23 - Service: GhostStartService - Symantec Corporation - C:\PROGRA~1\Symantec\NORTON~1\GHOSTS~2.EXE
- O23 - Service: Service COM de gravage de CD IMAPI - Unknown - C:\WINDOWS\System32\imapi.exe
- O23 - Service: Partage de Bureau à distance NetMeeting - Unknown - C:\WINDOWS\System32\mnmsrvc.exe
- O23 - Service: Service Norton AntiVirus Auto-Protect - Symantec Corporation - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\navapsvc.exe
- O23 - Service: DDE réseau - Unknown - C:\WINDOWS\system32\netdde.exe
- O23 - Service: DSDM DDE réseau - Unknown - C:\WINDOWS\system32\netdde.exe
- O23 - Service: Norton Unerase Protection - Symantec Corporation - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\AdvTools\NPROTECT.EXE
- O23 - Service: Plug-and-Play - Unknown - C:\WINDOWS\system32\services.exe
- O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance - Unknown - C:\WINDOWS\system32\sessmgr.exe
- O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\SAVScan.exe
- O23 - Service: ScriptBlocking Service - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
- O23 - Service: Prise en charge des cartes à puces - Unknown - C:\WINDOWS\System32\SCardSvr.exe
- O23 - Service: Carte à puce - Unknown - C:\WINDOWS\System32\SCardSvr.exe
- O23 - Service: Symantec Network Drivers Service - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
- O23 - Service: SymWMI Service - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
- O23 - Service: Journaux et alertes de performance - Unknown - C:\WINDOWS\system32\smlogsvc.exe
- O23 - Service: Cliché instantané de volume - Unknown - C:\WINDOWS\System32\vssvc.exe
- O23 - Service: Carte de performance WMI - Unknown - C:\WINDOWS\System32\wbem\wmiapsrv.exe
|
|