Question analyse hijackthis

duam -  
 duam -
Bonjour,

mon PC ayant certains problèmes de lenteur, j'ai effectué un scan par hijackthis comme souvent conseillé ici (après analyses adaware et spybot).

Dans l'analyse du scan, j'ai beaucoup de lignes de type :
O1 - hosts : 192.6.10.41 + caractères.
"considérablement méchant" => "Effacer les URL's qui vous sont inconnues!"

Puis-je purement et simplement les supprimer (je ne suis pas "pro" de l'informatique et pour moi tout est "inconnu"!!)

Merci.

7 réponses

  1. duam
     
    Avis aux amateurs, voici le log complet :

    Logfile of HijackThis v1.98.2
    Scan saved at 14:25:17, on 13/12/2004
    Platform: Windows 2000 SP4 (WinNT 5.00.2195)
    M<IE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINNT\System32\smss.exe
    C:\WINNT\system32\winlogon.exe
    C:\WINNT\system32\services.exe
    C:\WINNT\system32\lsass.exe
    C:\WINNT\system32\svchost.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    C:\WINNT\system32\spoolsv.exe
    C:\WINNT\System32\svchost.exe
    C:\Program Files\Norton AntiVirus\navapsvc.exe
    C:\WINNT\system32\regsvc.exe
    C:\Program Files\Norton AntiVirus\SAVScan.exe
    C:\WINNT\system32\MSTask.exe
    C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    C:\WINNT\system32\stisvc.exe
    C:\WINNT\System32\WBEM\WinMgmt.exe
    C:\WINNT\system32\MsPMSPSv.exe
    C:\WINNT\system32\svchost.exe
    C:\WINNT\System32\svchost.exe
    C:\WINNT\Explorer.EXE
    C:\WINNT\System32\igfxtray.exe
    C:\WINNT\System32\hkcmd.exe
    C:\Program Files\Analog Devices\SoundMAX\Smtray.exe
    C:\Program Files\Analog Devices\SoundMAX\DrvLsnr.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
    C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe
    C:\WINNT\system32\rundll32.exe
    C:\WINNT\system32\LVComS.exe
    C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\Playlist.exe
    C:\Program Files\Olitec\USB ADSL\CnxDslTb.exe
    C:\Program Files\Logitech\ImageStudio\LowLight.exe
    C:\WINNT\system32\internat.exe
    C:\Program Files\Hewlett-Packard\HP OfficeJet G Series\bin\hpodev07.exe
    C:\Program Files\Network Associates\PGP\PGPtray.exe
    C:\Program Files\Microsoft Office\Office\1036\OLFSNT40.EXE
    C:\PROGRA~1\HEWLET~1\HPOFFI~1\bin\hpoevm07.exe
    C:\WINNT\system32\hpoipm07.exe
    C:\Program Files\Hewlett-Packard\HP OfficeJet G Series\bin\HPOSTS07.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\WINNT\system32\rundll32.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Mes téléchargements\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O1 - Hosts: 192.6.10.66 FRDGRHEXP003
    O1 - Hosts: 192.6.10.5 DAP01FREXP5
    O1 - Hosts: 192.6.10.115 FRDGRHSAP005
    O1 - Hosts: 192.6.32.2 DGAF4
    O1 - Hosts: 128.29.0.6 DGAF5
    O1 - Hosts: 192.6.32.1 OREASA1
    O1 - Hosts: 192.6.12.1 DGC01FREXCH1
    O1 - Hosts: 192.6.33.1 DGC01FREXCH2
    O1 - Hosts: 192.6.10.40 DGRH01FREXCH1
    O1 - Hosts: 192.6.10.41 DGRH01FREXCH2
    O1 - Hosts: 128.40.32.6 FORCIDGT
    O1 - Hosts: 128.40.60.4 DGT6
    O1 - Hosts: 192.7.1.1 DO02FRFED1
    O1 - Hosts: 192.7.2.1 DO02FRFED2
    O1 - Hosts: 192.6.0.91 DEOTOOLS
    O1 - Hosts: 128.138.128.151 DFPP_NT01
    O1 - Hosts: 128.138.128.161 DPGPFUX02
    O1 - Hosts: 128.138.128.172 DPGPFUX03
    O1 - Hosts: 128.138.128.169 DPGPFUX04
    O1 - Hosts: 128.138.128.163 DPP01FR12
    O1 - Hosts: 128.138.128.153 DPP01FRCLI03
    O1 - Hosts: 128.138.128.156 DPP01FRCLI04
    O1 - Hosts: 128.138.128.160 DPP01FRCLI05
    O1 - Hosts: 128.138.128.154 DPP01FRCLI07
    O1 - Hosts: 128.138.128.157 DPP01FRCLI08
    O1 - Hosts: 128.143.10.2 DPP01FRCLI09
    O1 - Hosts: 128.141.0.35 DPP01FRMP1
    O1 - Hosts: 128.141.0.42 DPP01FRMP2
    O1 - Hosts: 128.141.0.43 DPP01FRMP3
    O1 - Hosts: 128.138.128.164 FRDPGPFEXC1
    O1 - Hosts: 128.138.128.165 FRDPGPFTEC01
    O1 - Hosts: 128.138.128.18 FRDPGPFTEC02
    O1 - Hosts: 128.141.0.30 FRDPGPFTEC03
    O1 - Hosts: 128.138.128.171 FRDPGPFFILMED1
    O1 - Hosts: 128.138.128.75 FRDPGPFOGW01
    O1 - Hosts: 128.138.128.170 FRDPGPFMD1
    O1 - Hosts: 128.138.128.8 FRDPGPFIISINT01
    O1 - Hosts: 128.138.128.9 FRDPGPFIISPRD01
    O1 - Hosts: 128.138.128.7 FRDPGPFMISINT01
    O1 - Hosts: 128.138.128.6 FRDPGPFMISPRD01
    O1 - Hosts: 128.138.128.17 FRDPGPFNWS01
    O1 - Hosts: 128.138.128.25 FRDPGPFIMP01
    O1 - Hosts: 128.138.128.26 FRDPGPFNSM01
    O1 - Hosts: 128.138.128.19 FRDPGPFFIL01
    O1 - Hosts: 128.138.128.20 FRDPGPFEAIDEV1
    O1 - Hosts: 128.138.128.23 FRDPGPFEDI01
    O1 - Hosts: 128.138.128.28 FRDPGPFOCSINT1
    O1 - Hosts: 128.138.128.90 FRDPGPFSQLINT01
    O1 - Hosts: 128.138.128.21 FRDPGPFEAIINT1
    O1 - Hosts: 128.141.0.26 SAPAPPRO
    O1 - Hosts: 128.141.0.24 SAPDDPPF
    O1 - Hosts: 128.138.128.113 DPGPFDEV
    O1 - Hosts: 128.141.0.23 OAPCPTA
    O1 - Hosts: 128.138.128.155 DFPPCES155
    O1 - Hosts: 128.138.128.41 FRDPGPFSAPQD1
    O1 - Hosts: 128.138.128.42 FRDPGPFSAPTC1
    O1 - Hosts: 128.138.128.43 FRDPGPFSAPTD1
    O1 - Hosts: 128.138.128.44 FRDPGPFSAPTI1
    O1 - Hosts: 128.138.128.45 FRDPGPFMCST00
    O1 - Hosts: 128.138.128.46 FRDPGPFMCSTN1
    O1 - Hosts: 128.138.128.47 FRDPGPFMCSTN2
    O1 - Hosts: 128.138.128.138 FRDPGPFSAPPC1
    O1 - Hosts: 128.138.128.139 FRDPGPFSAPPC2
    O1 - Hosts: 128.138.128.140 FRDPGPFSAPPD1
    O1 - Hosts: 128.138.128.141 FRDPGPFSAPPI1
    O1 - Hosts: 128.138.128.142 FRDPGPFMCSP00
    O1 - Hosts: 128.138.128.143 FRDPGPFMCSPN1
    O1 - Hosts: 128.138.128.144 FRDPGPFMCSPN2
    O1 - Hosts: 128.138.128.145 FRDPGPFSAPPA1
    O1 - Hosts: 128.138.128.146 FRDPGPFSAPPA2
    O1 - Hosts: 128.138.128.147 FRDPGPFSAPPA3
    O1 - Hosts: 128.138.128.150 FRDPGPFSAPSN01
    O1 - Hosts: 128.138.1.200 STAFF41154
    O1 - Hosts: 128.138.120.12 STAFF40191
    O1 - Hosts: 128.138.128.10 STAFF40XSF
    O1 - Hosts: 128.138.128.100 STAFF40199
    O1 - Hosts: 128.138.128.102 STAFF40200
    O1 - Hosts: 128.138.128.104 STAFF40202
    O1 - Hosts: 128.138.128.106 STAFF40204
    O1 - Hosts: 128.138.128.124 STAFF40190
    O1 - Hosts: 128.138.128.137 STAFF40033
    O1 - Hosts: 128.138.128.30 STAFF40201
    O1 - Hosts: 128.138.128.40 STAFF41181
    O1 - Hosts: 128.138.128.59 STAFF40258
    O1 - Hosts: 128.138.128.99 STAFF40232
    O1 - Hosts: 128.138.51.101 STAFF4363
    O1 - Hosts: 128.138.51.102 STAFF4398
    O1 - Hosts: 128.138.51.103 STAFF40371
    O1 - Hosts: 128.138.51.104 STAFF40375
    O1 - Hosts: 128.138.51.105 STAFF40427
    O1 - Hosts: 128.138.51.106 STAFF40400
    O1 - Hosts: 128.138.51.108 STAFF40207
    O1 - Hosts: 128.138.51.11 STAFF42017
    O1 - Hosts: 128.138.51.112 STAFF42021
    O1 - Hosts: 128.138.51.114 STAFF42002
    O1 - Hosts: 128.138.51.115 STAFF42046
    O1 - Hosts: 128.138.51.118 STAFF42019
    O1 - Hosts: 128.138.51.119 STAFF40096
    O1 - Hosts: 128.138.51.12 STAFF40313
    O1 - Hosts: 128.138.51.120 STAFF40382
    O1 - Hosts: 128.138.51.121 STAFF40461
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINNT\System32\hkcmd.exe
    O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Fichiers communs\Roxio Shared\System\EngUtil.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,NewDotNetStartup -s
    O10 - Hijacked Internet access by New.Net
    O10 - Hijacked Internet access by New.Net
    O10 - Hijacked Internet access by New.Net
    O10 - Hijacked Internet access by New.Net
    O10 - Hijacked Internet access by New.Net
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by2fd.bay2.hotmail.msn.com/resources/MsnPUpld.cab
    O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/21ebc26847f03ef94321/netzip/RdxIE601_fr.cab
    O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/vso/en-us/tools/mcfscan/1,5,0,4323/mcfscan.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{84E82002-AABC-45CE-9615-7F84DB456B67}: NameServer = 213.36.80.1 213.36.80.1
    0
  2. Utilisateur anonyme
     
    Salut
    fixes tout les 01 ainsi que ca
    C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,NewDotNetStartup -s
    O10 - Hijacked Internet access by New.Net
    O10 - Hijacked Internet access by New.Net
    O10 - Hijacked Internet access by New.Net
    O10 - Hijacked Internet access by New.Net
    O10 - Hijacked Internet access by New.Net
    0
  3. duam
     
    Salut et merci, j'ai fixé tous les O1 et les O10 que tu as cités.
    (J'ai oublié de fixer C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,NewDotNetStartup -s, mais il n'apparait pas dans la nouvelle analyse))

    J'ai rebooté et refais une analyse, la voici :

    Logfile of HijackThis v1.98.2
    Scan saved at 15:16:35, on 13/12/2004
    Platform: Windows 2000 SP4 (WinNT 5.00.2195)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINNT\System32\smss.exe
    C:\WINNT\system32\winlogon.exe
    C:\WINNT\system32\services.exe
    C:\WINNT\system32\lsass.exe
    C:\WINNT\system32\svchost.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    C:\WINNT\system32\spoolsv.exe
    C:\WINNT\System32\svchost.exe
    C:\Program Files\Norton AntiVirus\navapsvc.exe
    C:\WINNT\system32\regsvc.exe
    C:\Program Files\Norton AntiVirus\SAVScan.exe
    C:\WINNT\system32\MSTask.exe
    C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    C:\WINNT\system32\stisvc.exe
    C:\WINNT\System32\WBEM\WinMgmt.exe
    C:\WINNT\system32\MsPMSPSv.exe
    C:\WINNT\system32\svchost.exe
    C:\WINNT\Explorer.EXE
    C:\WINNT\System32\hkcmd.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
    C:\WINNT\system32\rundll32.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\PROGRA~1\Logitech\Video\FxSvr2.exe
    C:\Mes téléchargements\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O1 - Hosts: 128.138.51.130 STAFF42063
    O1 - Hosts: 128.138.51.131 STAFF42066
    O1 - Hosts: 128.138.51.136 STAFF42077
    O1 - Hosts: 128.138.51.137 STAFF42079
    O1 - Hosts: 128.138.51.138 STAFF42080
    O1 - Hosts: 128.138.51.143 STAFF40359
    O1 - Hosts: 128.138.51.145 STAFF40450
    O1 - Hosts: 128.138.51.147 STAFF40206
    O1 - Hosts: 128.138.51.15 STAFF40305
    O1 - Hosts: 128.138.51.153 STAFF40463
    O1 - Hosts: 128.138.51.154 STAFF40479
    O1 - Hosts: 128.138.51.156 STAFF40419
    O1 - Hosts: 128.138.51.16 STAFF40276
    O1 - Hosts: 128.138.51.160 STAFF40418
    O1 - Hosts: 128.138.51.161 STAFF40483
    O1 - Hosts: 128.138.51.169 STAFF40343
    O1 - Hosts: 128.138.51.171 STAFF41179
    O1 - Hosts: 128.138.51.189 STAFF40452
    O1 - Hosts: 128.138.51.2 STAFF40289
    O1 - Hosts: 128.138.51.204 STAFF40227
    O1 - Hosts: 128.138.51.225 STAFF40462
    O1 - Hosts: 128.138.51.24 STAFF40264
    O1 - Hosts: 128.138.51.253 STAFF40405
    O1 - Hosts: 128.138.51.26 STAFF40031
    O1 - Hosts: 128.138.51.27 STAFF40345
    O1 - Hosts: 128.138.51.33 GAYJL
    O1 - Hosts: 128.138.51.34 JACOBI
    O1 - Hosts: 128.138.51.39 STAFF40228
    O1 - Hosts: 128.138.51.4 STAFF40085
    O1 - Hosts: 128.138.51.41 STAFF40004
    O1 - Hosts: 128.138.51.42 STAFF40286
    O1 - Hosts: 128.138.51.43 OGWIN
    O1 - Hosts: 128.138.51.48 STAFF4358
    O1 - Hosts: 128.138.51.50 STAFF40352
    O1 - Hosts: 128.138.51.51 STAFF40252
    O1 - Hosts: 128.138.51.53 STAFF40299
    O1 - Hosts: 128.138.51.55 STAFF40256
    O1 - Hosts: 128.138.51.56 STAFF40259
    O1 - Hosts: 128.138.51.61 STAFF40251
    O1 - Hosts: 128.138.51.62 STAFF40268
    O1 - Hosts: 128.138.51.64 STAFF40296
    O1 - Hosts: 128.138.51.66 STAFF40119
    O1 - Hosts: 128.138.51.68 STAFF40354
    O1 - Hosts: 128.138.51.69 STAFF40292
    O1 - Hosts: 128.138.51.76 STAFF040424
    O1 - Hosts: 128.138.51.78 STAFF40426
    O1 - Hosts: 128.138.51.79 STAFF40428
    O1 - Hosts: 128.138.51.89 STAFF40457
    O1 - Hosts: 128.138.51.90 STAFF40490
    O1 - Hosts: 128.138.51.94 STAFF40453
    O1 - Hosts: 192.6.42.10 STAFF40250
    O1 - Hosts: 192.6.42.10 STAFF40250
    O1 - Hosts: 192.6.42.11 STAFF40384PPMP
    O1 - Hosts: 192.6.42.110 STAFF41113
    O1 - Hosts: 192.6.42.112 STAFF41170
    O1 - Hosts: 192.6.42.13 STAFF40349
    O1 - Hosts: 192.6.42.139 STAFF41040
    O1 - Hosts: 192.6.42.14 STAFF40471
    O1 - Hosts: 192.6.42.142 STAFF41053
    O1 - Hosts: 192.6.42.143 STAFF41066
    O1 - Hosts: 192.6.42.144 STAFF41057
    O1 - Hosts: 192.6.42.145 STAFF41079
    O1 - Hosts: 192.6.42.146 STAFF41000
    O1 - Hosts: 192.6.42.148 STAFF41009
    O1 - Hosts: 192.6.42.149 STAFF41029
    O1 - Hosts: 192.6.42.152 STAFF41076
    O1 - Hosts: 192.6.42.154 STAFF41111
    O1 - Hosts: 192.6.42.156 STAFF41006
    O1 - Hosts: 192.6.42.157 STAFF41003
    O1 - Hosts: 192.6.42.159 STAFF41093
    O1 - Hosts: 192.6.42.16 STAFF40261
    O1 - Hosts: 192.6.42.160 STAFF41012
    O1 - Hosts: 192.6.42.161 STAFF41072
    O1 - Hosts: 192.6.42.162 STAFF40036
    O1 - Hosts: 192.6.42.165 STAFF41113
    O1 - Hosts: 192.6.42.168 STAFFG41104
    O1 - Hosts: 192.6.42.170 STAFF41166
    O1 - Hosts: 192.6.42.172 STAFF41109
    O1 - Hosts: 192.6.42.173 STAFF41037
    O1 - Hosts: 192.6.42.174 STAFF41083
    O1 - Hosts: 192.6.42.175 STAFF41138
    O1 - Hosts: 192.6.42.176 STAFF41063
    O1 - Hosts: 192.6.42.18 STAFF40454
    O1 - Hosts: 192.6.42.193 STAFF41102
    O1 - Hosts: 192.6.42.20 STAFF40124
    O1 - Hosts: 192.6.42.200 STAFF40126
    O1 - Hosts: 192.6.42.202 STAFF41106
    O1 - Hosts: 192.6.42.21 STAFF40489
    O1 - Hosts: 192.6.42.221 STAFF40331
    O1 - Hosts: 192.6.42.222 STAFF011091
    O1 - Hosts: 192.6.42.229 STAFF41167
    O1 - Hosts: 192.6.42.230 STAFF41033
    O1 - Hosts: 192.6.42.29 STAFF42044
    O1 - Hosts: 192.6.42.3 STAFF40331
    O1 - Hosts: 192.6.42.36 STAFF42015
    O1 - Hosts: 192.6.42.41 STAFF42032
    O1 - Hosts: 192.6.42.42 STAFF42034
    O1 - Hosts: 192.6.42.44 STAFF42036
    O1 - Hosts: 192.6.42.45 STAFF40335
    O1 - Hosts: 192.6.42.46 42000
    O1 - Hosts: 192.6.42.47 STAFF42023
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINNT\System32\hkcmd.exe
    O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Fichiers communs\Roxio Shared\System\EngUtil.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,NewDotNetStartup -s
    O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
    O10 - Hijacked Internet access by New.Net
    O10 - Hijacked Internet access by New.Net
    O10 - Hijacked Internet access by New.Net
    O10 - Hijacked Internet access by New.Net
    O10 - Hijacked Internet access by New.Net
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by2fd.bay2.hotmail.msn.com/resources/MsnPUpld.cab
    O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/21ebc26847f03ef94321/netzip/RdxIE601_fr.cab
    O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/vso/en-us/tools/mcfscan/1,5,0,4323/mcfscan.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{84E82002-AABC-45CE-9615-7F84DB456B67}: NameServer = 213.36.80.1 213.36.80.1

    Comme tu le vois j'ai pas mal de nouveaux "O1 - hosts..."
    Que dois-je faire maintenant?
    0
  4. Utilisateur anonyme
     
    refais la manip en mode sans echec pour voir(presser F8 des le redemarrage du pc).....
    fixes tout les 01 ainsi que ca
    C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,NewDotNetStartup -s
    O10 - Hijacked Internet access by New.Net
    O10 - Hijacked Internet access by New.Net
    O10 - Hijacked Internet access by New.Net
    O10 - Hijacked Internet access by New.Net
    O10 - Hijacked Internet access by New.Net
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. duam
     
    merci, j'ai fait la manip que tu m'as conseillé, malheureusement j'ai encore pas mal de merde, voici mon nouveau scan :

    Logfile of HijackThis v1.98.2
    Scan saved at 20:52:52, on 13/12/2004
    Platform: Windows 2000 SP4 (WinNT 5.00.2195)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINNT\System32\smss.exe
    C:\WINNT\system32\winlogon.exe
    C:\WINNT\system32\services.exe
    C:\WINNT\system32\lsass.exe
    C:\WINNT\system32\svchost.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    C:\WINNT\system32\spoolsv.exe
    C:\WINNT\System32\svchost.exe
    C:\Program Files\Norton AntiVirus\navapsvc.exe
    C:\WINNT\system32\regsvc.exe
    C:\Program Files\Norton AntiVirus\SAVScan.exe
    C:\WINNT\system32\MSTask.exe
    C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    C:\WINNT\system32\stisvc.exe
    C:\WINNT\System32\WBEM\WinMgmt.exe
    C:\WINNT\system32\MsPMSPSv.exe
    C:\WINNT\system32\svchost.exe
    C:\WINNT\Explorer.EXE
    C:\WINNT\System32\hkcmd.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
    C:\Mes téléchargements\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O1 - Hosts: 128.136.0.29 OAP01FRROI01
    O1 - Hosts: 128.136.0.4 OAP01FRROIFX
    O1 - Hosts: 128.136.0.43 OAP01FR07
    O1 - Hosts: 128.136.0.12 OAP01FR10
    O1 - Hosts: 128.136.0.29 OAP01FRROI01
    O1 - Hosts: 128.136.0.4 OAP01FRROIFX
    O1 - Hosts: 128.136.0.42 OAP02FREDI
    O1 - Hosts: 128.141.0.20 OAPCOM
    O1 - Hosts: 128.141.0.19 OAPDEV2
    O1 - Hosts: 128.136.0.16 OAPLOGA
    O1 - Hosts: 128.136.0.25 OAPLOGG
    O1 - Hosts: 128.136.0.21 OAPLOGP
    O1 - Hosts: 128.136.0.18 LOGDEV OAPDEV
    O1 - Hosts: 192.6.40.3 ZAL01FRBUR1
    O1 - Hosts: 192.6.40.5 ZAL01FREXC
    O1 - Hosts: 192.6.15.2 ZASIE01FREXCCES
    O1 - Hosts: 192.6.15.1 ZASIE01FROFFCES
    O1 - Hosts: 128.145.4.9 FAPROSCT
    O1 - Hosts: 128.146.1.3 SPGEMUX1
    O1 - Hosts: 128.147.1.4 PROCOSCT
    O1 - Hosts: 192.6.120.4 BARBCT
    O1 - Hosts: 192.6.11.155 MERCURE
    O1 - Hosts: 192.6.20.9 EURO
    O1 - Hosts: 192.6.92.201 PPCMATIS
    O1 - Hosts: 128.29.1.136 SRICONSO
    O1 - Hosts: 128.29.1.134 SRICOPIE
    O1 - Hosts: 192.6.22.80 NETTING
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINNT\System32\hkcmd.exe
    O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Fichiers communs\Roxio Shared\System\EngUtil.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
    O10 - Hijacked Internet access by New.Net
    O10 - Hijacked Internet access by New.Net
    O10 - Hijacked Internet access by New.Net
    O10 - Hijacked Internet access by New.Net
    O10 - Hijacked Internet access by New.Net
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by2fd.bay2.hotmail.msn.com/resources/MsnPUpld.cab
    O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/21ebc26847f03ef94321/netzip/RdxIE601_fr.cab
    O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/vso/en-us/tools/mcfscan/1,5,0,4323/mcfscan.cab

    PS : les "O10" ne sont apparemment pas supprimables, j'ai un message d'erreur lorsque je les fixe...
    C'est grave?
    0
  7. bernie61
     
    salut
    essaie ceci
    Commence avec ceci : désinstaller New.net, va là sur leur site et suit la procédure
    http://www.newdotnet.com/removal.html

    dis nous quoi
    a+
    0
    1. duam
       
      Merci Bernie,

      mais à quoi sert New.net exactement?

      La procédure est en Anglais... si je la comprends bien, je dois réinstaller le truc grâce à une copie que j'aurais faite avant la suppression du programme?
      0
  8. duam
     
    up

    qu'est-ce que New.net?

    Dois-je en faire une sauvegarde avant de le supprimer?
    0