Pb virus win32:adan.025...
darino
Messages postés
5
Statut
Membre
-
Arno59 Messages postés 4753 Statut Contributeur -
Arno59 Messages postés 4753 Statut Contributeur -
Bonsoir,
j'ai installé avast et il me dit que je suis infecté par différents virus : win32:adan.025, win32:Spyware.gen, win32:Dialer-567, win32:Trojan-gen et win32:Trojano-1237.
J'essaye de renommer ou de supprimer les fichiers concernés, mais c'est imposssible.
Si quelqu'un peut m'aider.
Merci
j'ai installé avast et il me dit que je suis infecté par différents virus : win32:adan.025, win32:Spyware.gen, win32:Dialer-567, win32:Trojan-gen et win32:Trojano-1237.
J'essaye de renommer ou de supprimer les fichiers concernés, mais c'est imposssible.
Si quelqu'un peut m'aider.
Merci
A voir également:
- Pb virus win32:adan.025...
- Virus mcafee - Accueil - Piratage
- Virus facebook demande d'amis - Accueil - Facebook
- Virus informatique - Guide
- Panda anti virus gratuit - Télécharger - Antivirus & Antimalwares
- Undisclosed-recipients virus - Guide
9 réponses
slt,
Pour vérifier, scanne ton PC avec cet antivirus en ligne (sous IE et accepte l’activX) :
http://www.bitdefender.fr/bd/site/search.php#
Clique sur « scan on line » suis les instructions.
Et colle le rapport
a+
Pour vérifier, scanne ton PC avec cet antivirus en ligne (sous IE et accepte l’activX) :
http://www.bitdefender.fr/bd/site/search.php#
Clique sur « scan on line » suis les instructions.
Et colle le rapport
a+
J'ai lancé le scan mais il y en a pour plus de 2h.
Alors je le laisse tourner et je collerai le rapport dès qu'il aura fini.
Merci
A+
Alors je le laisse tourner et je collerai le rapport dès qu'il aura fini.
Merci
A+
Voilà le rapport après le scan :
BitDefender Online Scanner
Scan report generated at: Sun, Oct 01, 2006 - 23:02:21
Scan path: A:\;C:\;D:\;E:\;F:\;G:\;
Statistics
Time
02:22:50
Files
547756
Folders
5017
Boot Sectors
4
Archives
4612
Packed Files
55808
Results
Identified Viruses
15
Infected Files
26
Suspect Files
0
Warnings
0
Disinfected
0
Deleted Files
21
Engines Info
Virus Definitions
473321
Engine build
AVCORE v1.0 (build 2310) (i386) (Apr 17 2006 16:24:38)
Scan plugins
13
Archive plugins
38
Unpack plugins
5
E-mail plugins
6
System plugins
1
Scan Settings
First Action
Disinfect
Second Action
Delete
Heuristics
Yes
Enable Warnings
Yes
Scanned Extensions
*;
Exclude Extensions
Scan Emails
Yes
Scan Archives
Yes
Scan Packed
Yes
Scan Files
Yes
Scan Boot
Yes
Scanned File
Status
C:\WINDOWS\SYSTEM\wdakihti.exe
Infected with: Trojan.Downloader.Dluca.AV
C:\WINDOWS\SYSTEM\wdakihti.exe
Disinfection failed
C:\WINDOWS\SYSTEM\wdakihti.exe
Deleted
C:\WINDOWS\SYSTEM\gjqlqghz.exe
Infected with: Trojan.Downloader.Dluca.AV
C:\WINDOWS\SYSTEM\gjqlqghz.exe
Disinfection failed
C:\WINDOWS\SYSTEM\gjqlqghz.exe
Deleted
C:\WINDOWS\SYSTEM\qhflillr.exe
Infected with: Trojan.Downloader.Dluca.AV
C:\WINDOWS\SYSTEM\qhflillr.exe
Disinfection failed
C:\WINDOWS\SYSTEM\qhflillr.exe
Deleted
C:\WINDOWS\SYSTEM\mplay64.exe
Infected with: Trojan.Downloader.Agent.WP
C:\WINDOWS\SYSTEM\mplay64.exe
Disinfection failed
C:\WINDOWS\SYSTEM\mplay64.exe
Deleted
C:\WINDOWS\SYSTEM\xadmckow.exe
Infected with: Trojan.Downloader.Dluca.AV
C:\WINDOWS\SYSTEM\xadmckow.exe
Disinfection failed
C:\WINDOWS\SYSTEM\xadmckow.exe
Deleted
C:\WINDOWS\SYSTEM\akebux.exe
Infected with: Trojan.Agent.AY
C:\WINDOWS\SYSTEM\akebux.exe
Disinfection failed
C:\WINDOWS\SYSTEM\akebux.exe
Delete failed
C:\WINDOWS\SYSTEM\chxufual.exe
Infected with: Trojan.Downloader.Dluca.AS
C:\WINDOWS\SYSTEM\chxufual.exe
Disinfection failed
C:\WINDOWS\SYSTEM\chxufual.exe
Deleted
C:\WINDOWS\SYSTEM\ojquvhnl.exe
Infected with: Trojan.Downloader.Dluca.AS
C:\WINDOWS\SYSTEM\ojquvhnl.exe
Disinfection failed
C:\WINDOWS\SYSTEM\ojquvhnl.exe
Deleted
C:\WINDOWS\SYSTEM\oveeiekd.exe
Infected with: Trojan.Downloader.Dluca.AV
C:\WINDOWS\SYSTEM\oveeiekd.exe
Disinfection failed
C:\WINDOWS\SYSTEM\oveeiekd.exe
Deleted
C:\WINDOWS\SYSTEM\cuzcwbcs.exe
Infected with: Trojan.Downloader.Dluca.AV
C:\WINDOWS\SYSTEM\cuzcwbcs.exe
Disinfection failed
C:\WINDOWS\SYSTEM\cuzcwbcs.exe
Deleted
C:\WINDOWS\SYSTEM\mwdvjhyb.exe
Infected with: Trojan.Downloader.Dluca.AV
C:\WINDOWS\SYSTEM\mwdvjhyb.exe
Disinfection failed
C:\WINDOWS\SYSTEM\mwdvjhyb.exe
Deleted
C:\WINDOWS\SYSTEM\bbyfxkoz.exe
Infected with: Trojan.Downloader.Dluca.AV
C:\WINDOWS\SYSTEM\bbyfxkoz.exe
Disinfection failed
C:\WINDOWS\SYSTEM\bbyfxkoz.exe
Deleted
C:\WINDOWS\SYSTEM\ijoiygtp.exe
Infected with: Trojan.Downloader.Dluca.AV
C:\WINDOWS\SYSTEM\ijoiygtp.exe
Disinfection failed
C:\WINDOWS\SYSTEM\ijoiygtp.exe
Deleted
C:\WINDOWS\Application Data\Microsoft\Internet Explorer\V0.35.dat
Infected with: Trojan.Downloader.Agent.ACT
C:\WINDOWS\Application Data\Microsoft\Internet Explorer\V0.35.dat
Disinfection failed
C:\WINDOWS\Application Data\Microsoft\Internet Explorer\V0.35.dat
Deleted
C:\WINDOWS\Application Data\Microsoft\Internet Explorer\V0.28.dat
Infected with: Trojan.Dialer.FY
C:\WINDOWS\Application Data\Microsoft\Internet Explorer\V0.28.dat
Disinfection failed
C:\WINDOWS\Application Data\Microsoft\Internet Explorer\V0.28.dat
Deleted
C:\WINDOWS\Application Data\Microsoft\Internet Explorer\V0.39.dat
Infected with: Trojan.Downloader.Small.BDL
C:\WINDOWS\Application Data\Microsoft\Internet Explorer\V0.39.dat
Disinfection failed
C:\WINDOWS\Application Data\Microsoft\Internet Explorer\V0.39.dat
Delete failed
C:\WINDOWS\Downloaded Program Files\UERSV_0001_LPNetInstaller.exe
Infected with: Trojan.Fakealert.A
C:\WINDOWS\Downloaded Program Files\UERSV_0001_LPNetInstaller.exe
Disinfection failed
C:\WINDOWS\Downloaded Program Files\UERSV_0001_LPNetInstaller.exe
Deleted
C:\Mes documents\Mes docs\BLAGUES\SVIV\sexsuite.exe
Infected with: Joke.Briga.A
C:\Mes documents\Mes docs\BLAGUES\SVIV\sexsuite.exe
Disinfection failed
C:\Mes documents\Mes docs\BLAGUES\SVIV\sexsuite.exe
Deleted
C:\Program Files\Fichiers communs\WinTools\WTOOLSA.EXE
Infected with: Trojan.Wintools.F
C:\Program Files\Fichiers communs\WinTools\WTOOLSA.EXE
Disinfection failed
C:\Program Files\Fichiers communs\WinTools\WTOOLSA.EXE
Delete failed
C:\Program Files\Fichiers communs\WinTools\WTOOLSB.DLL
Infected with: Trojan.Wintools.A
C:\Program Files\Fichiers communs\WinTools\WTOOLSB.DLL
Disinfection failed
C:\Program Files\Fichiers communs\WinTools\WTOOLSB.DLL
Delete failed
C:\Program Files\Fichiers communs\WinTools\WSup.exe
Infected with: Trojan.Wintools.F
C:\Program Files\Fichiers communs\WinTools\WSup.exe
Disinfection failed
C:\Program Files\Fichiers communs\WinTools\WSup.exe
Delete failed
C:\Program Files\NewDotNet\uninstall3_88.exe
Detected with: Application.Adware.NewDotNet.C
C:\Program Files\NewDotNet\uninstall3_88.exe
Disinfection failed
C:\Program Files\NewDotNet\uninstall3_88.exe
Deleted
C:\Program Files\Montorgueil\LIVESHOW7\LIVESHOW7.EXE
Infected with: Trojan.Dialer.EG
C:\Program Files\Montorgueil\LIVESHOW7\LIVESHOW7.EXE
Disinfection failed
C:\Program Files\Montorgueil\LIVESHOW7\LIVESHOW7.EXE
Deleted
C:\Program Files\Montorgueil\PARISVOYEUR_HETERO\PARISVOYEUR_HETERO.EXE
Infected with: Trojan.Dialer.EG
C:\Program Files\Montorgueil\PARISVOYEUR_HETERO\PARISVOYEUR_HETERO.EXE
Disinfection failed
C:\Program Files\Montorgueil\PARISVOYEUR_HETERO\PARISVOYEUR_HETERO.EXE
Deleted
C:\Program Files\ErrorGuard\setupactive.exe
Detected with: Application.ErrorGuard.A
C:\Program Files\ErrorGuard\setupactive.exe
Disinfection failed
C:\Program Files\ErrorGuard\setupactive.exe
Deleted
E:\Mes documents\Mes docs\BLAGUES\SVIV\sexsuite.exe
Infected with: Joke.Briga.A
E:\Mes documents\Mes docs\BLAGUES\SVIV\sexsuite.exe
Disinfection failed
E:\Mes documents\Mes docs\BLAGUES\SVIV\sexsuite.exe
Deleted
BitDefender Online Scanner
Scan report generated at: Sun, Oct 01, 2006 - 23:02:21
Scan path: A:\;C:\;D:\;E:\;F:\;G:\;
Statistics
Time
02:22:50
Files
547756
Folders
5017
Boot Sectors
4
Archives
4612
Packed Files
55808
Results
Identified Viruses
15
Infected Files
26
Suspect Files
0
Warnings
0
Disinfected
0
Deleted Files
21
Engines Info
Virus Definitions
473321
Engine build
AVCORE v1.0 (build 2310) (i386) (Apr 17 2006 16:24:38)
Scan plugins
13
Archive plugins
38
Unpack plugins
5
E-mail plugins
6
System plugins
1
Scan Settings
First Action
Disinfect
Second Action
Delete
Heuristics
Yes
Enable Warnings
Yes
Scanned Extensions
*;
Exclude Extensions
Scan Emails
Yes
Scan Archives
Yes
Scan Packed
Yes
Scan Files
Yes
Scan Boot
Yes
Scanned File
Status
C:\WINDOWS\SYSTEM\wdakihti.exe
Infected with: Trojan.Downloader.Dluca.AV
C:\WINDOWS\SYSTEM\wdakihti.exe
Disinfection failed
C:\WINDOWS\SYSTEM\wdakihti.exe
Deleted
C:\WINDOWS\SYSTEM\gjqlqghz.exe
Infected with: Trojan.Downloader.Dluca.AV
C:\WINDOWS\SYSTEM\gjqlqghz.exe
Disinfection failed
C:\WINDOWS\SYSTEM\gjqlqghz.exe
Deleted
C:\WINDOWS\SYSTEM\qhflillr.exe
Infected with: Trojan.Downloader.Dluca.AV
C:\WINDOWS\SYSTEM\qhflillr.exe
Disinfection failed
C:\WINDOWS\SYSTEM\qhflillr.exe
Deleted
C:\WINDOWS\SYSTEM\mplay64.exe
Infected with: Trojan.Downloader.Agent.WP
C:\WINDOWS\SYSTEM\mplay64.exe
Disinfection failed
C:\WINDOWS\SYSTEM\mplay64.exe
Deleted
C:\WINDOWS\SYSTEM\xadmckow.exe
Infected with: Trojan.Downloader.Dluca.AV
C:\WINDOWS\SYSTEM\xadmckow.exe
Disinfection failed
C:\WINDOWS\SYSTEM\xadmckow.exe
Deleted
C:\WINDOWS\SYSTEM\akebux.exe
Infected with: Trojan.Agent.AY
C:\WINDOWS\SYSTEM\akebux.exe
Disinfection failed
C:\WINDOWS\SYSTEM\akebux.exe
Delete failed
C:\WINDOWS\SYSTEM\chxufual.exe
Infected with: Trojan.Downloader.Dluca.AS
C:\WINDOWS\SYSTEM\chxufual.exe
Disinfection failed
C:\WINDOWS\SYSTEM\chxufual.exe
Deleted
C:\WINDOWS\SYSTEM\ojquvhnl.exe
Infected with: Trojan.Downloader.Dluca.AS
C:\WINDOWS\SYSTEM\ojquvhnl.exe
Disinfection failed
C:\WINDOWS\SYSTEM\ojquvhnl.exe
Deleted
C:\WINDOWS\SYSTEM\oveeiekd.exe
Infected with: Trojan.Downloader.Dluca.AV
C:\WINDOWS\SYSTEM\oveeiekd.exe
Disinfection failed
C:\WINDOWS\SYSTEM\oveeiekd.exe
Deleted
C:\WINDOWS\SYSTEM\cuzcwbcs.exe
Infected with: Trojan.Downloader.Dluca.AV
C:\WINDOWS\SYSTEM\cuzcwbcs.exe
Disinfection failed
C:\WINDOWS\SYSTEM\cuzcwbcs.exe
Deleted
C:\WINDOWS\SYSTEM\mwdvjhyb.exe
Infected with: Trojan.Downloader.Dluca.AV
C:\WINDOWS\SYSTEM\mwdvjhyb.exe
Disinfection failed
C:\WINDOWS\SYSTEM\mwdvjhyb.exe
Deleted
C:\WINDOWS\SYSTEM\bbyfxkoz.exe
Infected with: Trojan.Downloader.Dluca.AV
C:\WINDOWS\SYSTEM\bbyfxkoz.exe
Disinfection failed
C:\WINDOWS\SYSTEM\bbyfxkoz.exe
Deleted
C:\WINDOWS\SYSTEM\ijoiygtp.exe
Infected with: Trojan.Downloader.Dluca.AV
C:\WINDOWS\SYSTEM\ijoiygtp.exe
Disinfection failed
C:\WINDOWS\SYSTEM\ijoiygtp.exe
Deleted
C:\WINDOWS\Application Data\Microsoft\Internet Explorer\V0.35.dat
Infected with: Trojan.Downloader.Agent.ACT
C:\WINDOWS\Application Data\Microsoft\Internet Explorer\V0.35.dat
Disinfection failed
C:\WINDOWS\Application Data\Microsoft\Internet Explorer\V0.35.dat
Deleted
C:\WINDOWS\Application Data\Microsoft\Internet Explorer\V0.28.dat
Infected with: Trojan.Dialer.FY
C:\WINDOWS\Application Data\Microsoft\Internet Explorer\V0.28.dat
Disinfection failed
C:\WINDOWS\Application Data\Microsoft\Internet Explorer\V0.28.dat
Deleted
C:\WINDOWS\Application Data\Microsoft\Internet Explorer\V0.39.dat
Infected with: Trojan.Downloader.Small.BDL
C:\WINDOWS\Application Data\Microsoft\Internet Explorer\V0.39.dat
Disinfection failed
C:\WINDOWS\Application Data\Microsoft\Internet Explorer\V0.39.dat
Delete failed
C:\WINDOWS\Downloaded Program Files\UERSV_0001_LPNetInstaller.exe
Infected with: Trojan.Fakealert.A
C:\WINDOWS\Downloaded Program Files\UERSV_0001_LPNetInstaller.exe
Disinfection failed
C:\WINDOWS\Downloaded Program Files\UERSV_0001_LPNetInstaller.exe
Deleted
C:\Mes documents\Mes docs\BLAGUES\SVIV\sexsuite.exe
Infected with: Joke.Briga.A
C:\Mes documents\Mes docs\BLAGUES\SVIV\sexsuite.exe
Disinfection failed
C:\Mes documents\Mes docs\BLAGUES\SVIV\sexsuite.exe
Deleted
C:\Program Files\Fichiers communs\WinTools\WTOOLSA.EXE
Infected with: Trojan.Wintools.F
C:\Program Files\Fichiers communs\WinTools\WTOOLSA.EXE
Disinfection failed
C:\Program Files\Fichiers communs\WinTools\WTOOLSA.EXE
Delete failed
C:\Program Files\Fichiers communs\WinTools\WTOOLSB.DLL
Infected with: Trojan.Wintools.A
C:\Program Files\Fichiers communs\WinTools\WTOOLSB.DLL
Disinfection failed
C:\Program Files\Fichiers communs\WinTools\WTOOLSB.DLL
Delete failed
C:\Program Files\Fichiers communs\WinTools\WSup.exe
Infected with: Trojan.Wintools.F
C:\Program Files\Fichiers communs\WinTools\WSup.exe
Disinfection failed
C:\Program Files\Fichiers communs\WinTools\WSup.exe
Delete failed
C:\Program Files\NewDotNet\uninstall3_88.exe
Detected with: Application.Adware.NewDotNet.C
C:\Program Files\NewDotNet\uninstall3_88.exe
Disinfection failed
C:\Program Files\NewDotNet\uninstall3_88.exe
Deleted
C:\Program Files\Montorgueil\LIVESHOW7\LIVESHOW7.EXE
Infected with: Trojan.Dialer.EG
C:\Program Files\Montorgueil\LIVESHOW7\LIVESHOW7.EXE
Disinfection failed
C:\Program Files\Montorgueil\LIVESHOW7\LIVESHOW7.EXE
Deleted
C:\Program Files\Montorgueil\PARISVOYEUR_HETERO\PARISVOYEUR_HETERO.EXE
Infected with: Trojan.Dialer.EG
C:\Program Files\Montorgueil\PARISVOYEUR_HETERO\PARISVOYEUR_HETERO.EXE
Disinfection failed
C:\Program Files\Montorgueil\PARISVOYEUR_HETERO\PARISVOYEUR_HETERO.EXE
Deleted
C:\Program Files\ErrorGuard\setupactive.exe
Detected with: Application.ErrorGuard.A
C:\Program Files\ErrorGuard\setupactive.exe
Disinfection failed
C:\Program Files\ErrorGuard\setupactive.exe
Deleted
E:\Mes documents\Mes docs\BLAGUES\SVIV\sexsuite.exe
Infected with: Joke.Briga.A
E:\Mes documents\Mes docs\BLAGUES\SVIV\sexsuite.exe
Disinfection failed
E:\Mes documents\Mes docs\BLAGUES\SVIV\sexsuite.exe
Deleted
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Salut,
Voilà le fichier log que j'obtient avec Hijack.
A+
Logfile of HijackThis v1.99.1
Scan saved at 18:37:48, on 03/10/06
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 (6.00.2800.1106)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\PROGRAM FILES\FICHIERS COMMUNS\SYMANTEC SHARED\CCEVTMGR.EXE
C:\PROGRAM FILES\FICHIERS COMMUNS\SYMANTEC SHARED\SYMTRAY.EXE
C:\WINDOWS\SYSTEM\MDM.EXE
C:\WINDOWS\SYSTEM\ATI2EVXX.EXE
C:\PROGRAM FILES\FICHIERS COMMUNS\WINTOOLS\WTOOLSA.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
C:\WINDOWS\SYSTEM\KB918547\KB918547.EXE
C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHSERV.EXE
C:\PROGRAM FILES\FICHIERS COMMUNS\WINTOOLS\WSUP.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\ATIPTAXX.EXE
C:\PROGRAM FILES\FICHIERS COMMUNS\SYMANTEC SHARED\CCAPP.EXE
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\PROGRAM FILES\SCANSOFT\OMNIPAGESE2.0\OPWARESE2.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\PROGRAM FILES\WEBHANCER\PROGRAMS\WHAGENT.EXE
C:\WINDOWS\SYSTEM\AKEBUX.EXE
C:\WINDOWS\RUNDLL32.EXE
C:\WINDOWS\SYSTEM\GDIMX.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHWEBSV.EXE
C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHMAISV.EXE
C:\PROGRAM FILES\WINZIP\WZQKPICK.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\INTERVIDEO\COMMON\BIN\WINCINEMAMGR.EXE
C:\PROGRAM FILES\DV SERIES\CONSOLE\WATCH.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\PROGRAM FILES\ULEAD SYSTEMS\ULEAD PHOTO EXPRESS 4.0 MON EDITION SPéCIALE\CALCHECK.EXE
C:\WINDOWS\CALC.EXE
C:\PROGRAM FILES\MEDIAKEY\VERSATO.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\PROGRAM FILES\MEDIAKEY\OSD.EXE
C:\PROGRAM FILES\COMMON FILES\SYSTEM\1003.EXE
C:\WINDOWS\SYSTEM\TDPMX.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\MES DOCUMENTS\MES EXECUTABLES\HIJACKTHIS.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.websearch.com/search/ie.aspx?tbid=50193
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.searchgateway.net/search/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.websearch.com/search/ie.aspx?tbid=50193
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.websearch.com/search/ie.aspx?tbid=50193
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.searchgateway.net/search/%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {87766247-311C-43B4-8499-3D5FEC94A183} - C:\PROGRA~1\FICHIE~1\WINTOOLS\WTOOLSB.DLL
F1 - win.ini: run=hpfsched
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\PROGRAM FILES\YAHOO!\COMPANION\INSTALLS\CPN\YT.DLL
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O2 - BHO: (no name) - {87766247-311C-43B4-8499-3D5FEC94A183} - C:\PROGRA~1\FICHIE~1\WINTOOLS\WTOOLSB.DLL
O2 - BHO: WhIeHelperObj Class - {c900b400-cdfe-11d3-976a-00e02913a9e0} - C:\PROGRAM FILES\WEBHANCER\PROGRAMS\WHIEHLPR.DLL
O2 - BHO: URLLink - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - C:\Program Files\NewDotNet\newdotnet7_22.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: CeresObj Class - {00000049-8F91-4D9C-9573-F016E7626484} - C:\WINDOWS\CERES.DLL
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRAM FILES\YAHOO!\COMPANION\INSTALLS\CPN\YT.DLL
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [AtiPTA] Atiptaxx.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Fichiers communs\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [Watch] C:\PROGRA~1\MINITEL\Watch.exe
O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\Run: [CriticalUpdate] C:\WINDOWS\SYSTEM\wucrtupd.exe -startup
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [webHancer Agent] "C:\Program Files\webHancer\Programs\whAgent.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMON.EXE /Consumer
O4 - HKLM\..\Run: [tdpmx] c:\windows\system\tdpmx.exe /nocomm
O4 - HKLM\..\Run: [akebux] c:\windows\system\akebux.exe
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL,ClientStartup -s
O4 - HKLM\..\Run: [gdimx] c:\windows\system\gdimx.exe /nocomm
O4 - HKLM\..\Run: [mplay64] c:\program files\common files\system\1003.exe /noerrorinfo
O4 - HKLM\..\Run: [avast! Web Scanner] C:\PROGRA~1\ALWILS~1\AVAST4\ASHWEBSV.EXE
O4 - HKLM\..\Run: [ashMaiSv] C:\PROGRA~1\ALWILS~1\AVAST4\ashmaisv.exe
O4 - HKLM\..\Run: [WinTools] C:\PROGRA~1\FICHIE~1\WINTOOLS\WTOOLSA.EXE
O4 - HKLM\..\RunServices: [ccEvtMgr] "C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe"
O4 - HKLM\..\RunServices: [ScriptBlocking] "C:\Program Files\Fichiers communs\Symantec Shared\Script Blocking\SBServ.exe" -reg
O4 - HKLM\..\RunServices: [SymTray - Norton SystemWorks] C:\Program Files\Fichiers communs\Symantec Shared\SymTray.exe "Norton SystemWorks"
O4 - HKLM\..\RunServices: [Machine Debug Manager] C:\WINDOWS\SYSTEM\MDM.EXE
O4 - HKLM\..\RunServices: [ATIPOLAB] ati2evxx.exe
O4 - HKLM\..\RunServices: [WinTools] C:\PROGRA~1\FICHIE~1\WINTOOLS\WTOOLSA.EXE
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [KB891711] C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
O4 - HKLM\..\RunServices: [KB918547] C:\WINDOWS\SYSTEM\KB918547\KB918547.EXE
O4 - HKLM\..\RunServices: [avast!] C:\Program Files\Alwil Software\Avast4\ashServ.exe
O4 - HKLM\..\RunServicesOnce: [WinTools] C:\PROGRA~1\FICHIE~1\WINTOOLS\WTOOLSA.EXE /boot
O4 - HKCU\..\Run: [CANALSATELLITE_WALLPAPER] C:\PROGRAM FILES\CANALSATELLITE\CALENDRIER 2005\CSAT2005.EXE
O4 - HKCU\..\Run: [anti_troj] C:\WINDOWS\SYSTEM\anti_troj.exe
O4 - HKCU\..\RunServices: [CANALSATELLITE_WALLPAPER] C:\PROGRAM FILES\CANALSATELLITE\CALENDRIER 2005\CSAT2005.EXE
O4 - HKCU\..\RunServices: [anti_troj] C:\WINDOWS\SYSTEM\anti_troj.exe
O4 - Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Startup: Watch.lnk = C:\Program Files\DV Series\Console\Watch.exe
O4 - Startup: Controleur de calendrier pour Mon Edition personnalisee de Ulead Photo Express 4.0.lnk = ?
O4 - Startup: MediaKey.lnk = C:\Program Files\MediaKey\Versato.exe
O8 - Extra context menu item: Recherche &Google - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmsearch.html
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmwordtrans.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmcache.html
O8 - Extra context menu item: Pages similaires - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmsimilar.html
O8 - Extra context menu item: Pages liées - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmbacklinks.html
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by WebHancer
O10 - Hijacked Internet access by WebHancer
O10 - Hijacked Internet access by WebHancer
O10 - Hijacked Internet access by WebHancer
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by WebHancer
O12 - Plugin for .pdf: C:\PROGRA~1\INTERN~1\PLUGINS\nppdf32.dll
O12 - Plugin for .UVR: C:\Program Files\Internet Explorer\Plugins\NPUPano.dll
O16 - DPF: {CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA} (Environnement d'exécution Java 1.4.1_02) -
O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540006} (CInstall Class) - http://www.errorguard.com/installation/Install.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game19.zylomgames.com/activex/zylomgamesplayer.cab
O16 - DPF: {084DAC27-6FA3-4F55-9005-033F2F102F5C} - http://data.jeuxclassiques.com/npwwg.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - a840.g.akamai.net
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O18 - Filter: text/html - {05ED8660-ADA2-11D9-97A3-0007CB0000FF} - C:\WINDOWS\APPLICATION DATA\MICROSOFT\INTERNET EXPLORER\V0.39.DAT
Voilà le fichier log que j'obtient avec Hijack.
A+
Logfile of HijackThis v1.99.1
Scan saved at 18:37:48, on 03/10/06
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 (6.00.2800.1106)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\PROGRAM FILES\FICHIERS COMMUNS\SYMANTEC SHARED\CCEVTMGR.EXE
C:\PROGRAM FILES\FICHIERS COMMUNS\SYMANTEC SHARED\SYMTRAY.EXE
C:\WINDOWS\SYSTEM\MDM.EXE
C:\WINDOWS\SYSTEM\ATI2EVXX.EXE
C:\PROGRAM FILES\FICHIERS COMMUNS\WINTOOLS\WTOOLSA.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
C:\WINDOWS\SYSTEM\KB918547\KB918547.EXE
C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHSERV.EXE
C:\PROGRAM FILES\FICHIERS COMMUNS\WINTOOLS\WSUP.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\ATIPTAXX.EXE
C:\PROGRAM FILES\FICHIERS COMMUNS\SYMANTEC SHARED\CCAPP.EXE
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\PROGRAM FILES\SCANSOFT\OMNIPAGESE2.0\OPWARESE2.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\PROGRAM FILES\WEBHANCER\PROGRAMS\WHAGENT.EXE
C:\WINDOWS\SYSTEM\AKEBUX.EXE
C:\WINDOWS\RUNDLL32.EXE
C:\WINDOWS\SYSTEM\GDIMX.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHWEBSV.EXE
C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHMAISV.EXE
C:\PROGRAM FILES\WINZIP\WZQKPICK.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\INTERVIDEO\COMMON\BIN\WINCINEMAMGR.EXE
C:\PROGRAM FILES\DV SERIES\CONSOLE\WATCH.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\PROGRAM FILES\ULEAD SYSTEMS\ULEAD PHOTO EXPRESS 4.0 MON EDITION SPéCIALE\CALCHECK.EXE
C:\WINDOWS\CALC.EXE
C:\PROGRAM FILES\MEDIAKEY\VERSATO.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\PROGRAM FILES\MEDIAKEY\OSD.EXE
C:\PROGRAM FILES\COMMON FILES\SYSTEM\1003.EXE
C:\WINDOWS\SYSTEM\TDPMX.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\MES DOCUMENTS\MES EXECUTABLES\HIJACKTHIS.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.websearch.com/search/ie.aspx?tbid=50193
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.searchgateway.net/search/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.websearch.com/search/ie.aspx?tbid=50193
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.websearch.com/search/ie.aspx?tbid=50193
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.searchgateway.net/search/%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {87766247-311C-43B4-8499-3D5FEC94A183} - C:\PROGRA~1\FICHIE~1\WINTOOLS\WTOOLSB.DLL
F1 - win.ini: run=hpfsched
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\PROGRAM FILES\YAHOO!\COMPANION\INSTALLS\CPN\YT.DLL
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O2 - BHO: (no name) - {87766247-311C-43B4-8499-3D5FEC94A183} - C:\PROGRA~1\FICHIE~1\WINTOOLS\WTOOLSB.DLL
O2 - BHO: WhIeHelperObj Class - {c900b400-cdfe-11d3-976a-00e02913a9e0} - C:\PROGRAM FILES\WEBHANCER\PROGRAMS\WHIEHLPR.DLL
O2 - BHO: URLLink - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - C:\Program Files\NewDotNet\newdotnet7_22.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: CeresObj Class - {00000049-8F91-4D9C-9573-F016E7626484} - C:\WINDOWS\CERES.DLL
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRAM FILES\YAHOO!\COMPANION\INSTALLS\CPN\YT.DLL
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [AtiPTA] Atiptaxx.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Fichiers communs\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [Watch] C:\PROGRA~1\MINITEL\Watch.exe
O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\Run: [CriticalUpdate] C:\WINDOWS\SYSTEM\wucrtupd.exe -startup
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [webHancer Agent] "C:\Program Files\webHancer\Programs\whAgent.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMON.EXE /Consumer
O4 - HKLM\..\Run: [tdpmx] c:\windows\system\tdpmx.exe /nocomm
O4 - HKLM\..\Run: [akebux] c:\windows\system\akebux.exe
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL,ClientStartup -s
O4 - HKLM\..\Run: [gdimx] c:\windows\system\gdimx.exe /nocomm
O4 - HKLM\..\Run: [mplay64] c:\program files\common files\system\1003.exe /noerrorinfo
O4 - HKLM\..\Run: [avast! Web Scanner] C:\PROGRA~1\ALWILS~1\AVAST4\ASHWEBSV.EXE
O4 - HKLM\..\Run: [ashMaiSv] C:\PROGRA~1\ALWILS~1\AVAST4\ashmaisv.exe
O4 - HKLM\..\Run: [WinTools] C:\PROGRA~1\FICHIE~1\WINTOOLS\WTOOLSA.EXE
O4 - HKLM\..\RunServices: [ccEvtMgr] "C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe"
O4 - HKLM\..\RunServices: [ScriptBlocking] "C:\Program Files\Fichiers communs\Symantec Shared\Script Blocking\SBServ.exe" -reg
O4 - HKLM\..\RunServices: [SymTray - Norton SystemWorks] C:\Program Files\Fichiers communs\Symantec Shared\SymTray.exe "Norton SystemWorks"
O4 - HKLM\..\RunServices: [Machine Debug Manager] C:\WINDOWS\SYSTEM\MDM.EXE
O4 - HKLM\..\RunServices: [ATIPOLAB] ati2evxx.exe
O4 - HKLM\..\RunServices: [WinTools] C:\PROGRA~1\FICHIE~1\WINTOOLS\WTOOLSA.EXE
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [KB891711] C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
O4 - HKLM\..\RunServices: [KB918547] C:\WINDOWS\SYSTEM\KB918547\KB918547.EXE
O4 - HKLM\..\RunServices: [avast!] C:\Program Files\Alwil Software\Avast4\ashServ.exe
O4 - HKLM\..\RunServicesOnce: [WinTools] C:\PROGRA~1\FICHIE~1\WINTOOLS\WTOOLSA.EXE /boot
O4 - HKCU\..\Run: [CANALSATELLITE_WALLPAPER] C:\PROGRAM FILES\CANALSATELLITE\CALENDRIER 2005\CSAT2005.EXE
O4 - HKCU\..\Run: [anti_troj] C:\WINDOWS\SYSTEM\anti_troj.exe
O4 - HKCU\..\RunServices: [CANALSATELLITE_WALLPAPER] C:\PROGRAM FILES\CANALSATELLITE\CALENDRIER 2005\CSAT2005.EXE
O4 - HKCU\..\RunServices: [anti_troj] C:\WINDOWS\SYSTEM\anti_troj.exe
O4 - Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Startup: Watch.lnk = C:\Program Files\DV Series\Console\Watch.exe
O4 - Startup: Controleur de calendrier pour Mon Edition personnalisee de Ulead Photo Express 4.0.lnk = ?
O4 - Startup: MediaKey.lnk = C:\Program Files\MediaKey\Versato.exe
O8 - Extra context menu item: Recherche &Google - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmsearch.html
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmwordtrans.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmcache.html
O8 - Extra context menu item: Pages similaires - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmsimilar.html
O8 - Extra context menu item: Pages liées - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmbacklinks.html
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by WebHancer
O10 - Hijacked Internet access by WebHancer
O10 - Hijacked Internet access by WebHancer
O10 - Hijacked Internet access by WebHancer
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by WebHancer
O12 - Plugin for .pdf: C:\PROGRA~1\INTERN~1\PLUGINS\nppdf32.dll
O12 - Plugin for .UVR: C:\Program Files\Internet Explorer\Plugins\NPUPano.dll
O16 - DPF: {CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA} (Environnement d'exécution Java 1.4.1_02) -
O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540006} (CInstall Class) - http://www.errorguard.com/installation/Install.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game19.zylomgames.com/activex/zylomgamesplayer.cab
O16 - DPF: {084DAC27-6FA3-4F55-9005-033F2F102F5C} - http://data.jeuxclassiques.com/npwwg.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - a840.g.akamai.net
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O18 - Filter: text/html - {05ED8660-ADA2-11D9-97A3-0007CB0000FF} - C:\WINDOWS\APPLICATION DATA\MICROSOFT\INTERNET EXPLORER\V0.39.DAT
Ton log Hijack n'est pas complet...
A suprimer :
C:\PROGRAM FILES\FICHIERS COMMUNS\WINTOOLS <---le dossier
A désinstaller :
C:\Program Files\NewDotNet\ <---le dossier
via panneau de config -> ajout / sup de prog .
Ensuite remet un log Hijack .
A+
A suprimer :
C:\PROGRAM FILES\FICHIERS COMMUNS\WINTOOLS <---le dossier
A désinstaller :
C:\Program Files\NewDotNet\ <---le dossier
via panneau de config -> ajout / sup de prog .
Ensuite remet un log Hijack .
A+
Salut,
Voil le nouveau log.
Par contre, depuis que j'ai supprimer NewDotnet, j'ai un message d'erreur au démarrage :
RUNDLL
Erreur chargement de C:\PROGA1~\NEWDOT1~\NEWDOT1~.DLL
A+
Logfile of HijackThis v1.99.1
Scan saved at 16:48:50, on 04/10/06
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 (6.00.2800.1106)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\PROGRAM FILES\FICHIERS COMMUNS\SYMANTEC SHARED\CCEVTMGR.EXE
C:\PROGRAM FILES\FICHIERS COMMUNS\SYMANTEC SHARED\SYMTRAY.EXE
C:\WINDOWS\SYSTEM\MDM.EXE
C:\WINDOWS\SYSTEM\ATI2EVXX.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
C:\WINDOWS\SYSTEM\KB918547\KB918547.EXE
C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHSERV.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\WINDOWS\SYSTEM\ATIPTAXX.EXE
C:\PROGRAM FILES\FICHIERS COMMUNS\SYMANTEC SHARED\CCAPP.EXE
C:\PROGRAM FILES\SCANSOFT\OMNIPAGESE2.0\OPWARESE2.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\PROGRAM FILES\WEBHANCER\PROGRAMS\WHAGENT.EXE
C:\WINDOWS\SYSTEM\TDPMX.EXE
C:\WINDOWS\SYSTEM\AKEBUX.EXE
C:\WINDOWS\SYSTEM\GDIMX.EXE
C:\PROGRAM FILES\COMMON FILES\SYSTEM\1004.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHMAISV.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\PROGRAM FILES\WINZIP\WZQKPICK.EXE
C:\PROGRAM FILES\INTERVIDEO\COMMON\BIN\WINCINEMAMGR.EXE
C:\WINDOWS\PACKAGER.EXE
C:\PROGRAM FILES\DV SERIES\CONSOLE\WATCH.EXE
C:\PROGRAM FILES\ULEAD SYSTEMS\ULEAD PHOTO EXPRESS 4.0 MON EDITION SPéCIALE\CALCHECK.EXE
C:\PROGRAM FILES\MEDIAKEY\VERSATO.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\MEDIAKEY\OSD.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\MES DOCUMENTS\MES EXECUTABLES\HIJACKTHIS.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.websearch.com/search/ie.aspx?tbid=50193
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.searchgateway.net/search/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.websearch.com/search/ie.aspx?tbid=50193
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.websearch.com/search/ie.aspx?tbid=50193
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.searchgateway.net/search/%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {87766247-311C-43B4-8499-3D5FEC94A183} - C:\PROGRA~1\FICHIE~1\WINTOOLS\WTOOLSB.DLL
F1 - win.ini: run=hpfsched
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\PROGRAM FILES\YAHOO!\COMPANION\INSTALLS\CPN\YT.DLL
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O2 - BHO: (no name) - {87766247-311C-43B4-8499-3D5FEC94A183} - C:\PROGRA~1\FICHIE~1\WINTOOLS\WTOOLSB.DLL
O2 - BHO: WhIeHelperObj Class - {c900b400-cdfe-11d3-976a-00e02913a9e0} - C:\PROGRAM FILES\WEBHANCER\PROGRAMS\WHIEHLPR.DLL
O2 - BHO: URLLink - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - C:\Program Files\NewDotNet\newdotnet7_22.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: CeresObj Class - {00000049-8F91-4D9C-9573-F016E7626484} - C:\WINDOWS\CERES.DLL
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRAM FILES\YAHOO!\COMPANION\INSTALLS\CPN\YT.DLL
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [AtiPTA] Atiptaxx.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Fichiers communs\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [Watch] C:\PROGRA~1\MINITEL\Watch.exe
O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\Run: [CriticalUpdate] C:\WINDOWS\SYSTEM\wucrtupd.exe -startup
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [webHancer Agent] "C:\Program Files\webHancer\Programs\whAgent.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMON.EXE /Consumer
O4 - HKLM\..\Run: [tdpmx] c:\windows\system\tdpmx.exe /nocomm
O4 - HKLM\..\Run: [akebux] c:\windows\system\akebux.exe
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL,ClientStartup -s
O4 - HKLM\..\Run: [gdimx] c:\windows\system\gdimx.exe /nocomm
O4 - HKLM\..\Run: [mplay64] c:\program files\common files\system\1004.exe /noerrorinfo
O4 - HKLM\..\Run: [avast! Web Scanner] C:\PROGRA~1\ALWILS~1\AVAST4\ASHWEBSV.EXE
O4 - HKLM\..\Run: [ashMaiSv] C:\PROGRA~1\ALWILS~1\AVAST4\ashmaisv.exe
O4 - HKLM\..\Run: [WinTools] C:\PROGRA~1\FICHIE~1\WINTOOLS\WTOOLSA.EXE
O4 - HKLM\..\RunServices: [ccEvtMgr] "C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe"
O4 - HKLM\..\RunServices: [ScriptBlocking] "C:\Program Files\Fichiers communs\Symantec Shared\Script Blocking\SBServ.exe" -reg
O4 - HKLM\..\RunServices: [SymTray - Norton SystemWorks] C:\Program Files\Fichiers communs\Symantec Shared\SymTray.exe "Norton SystemWorks"
O4 - HKLM\..\RunServices: [Machine Debug Manager] C:\WINDOWS\SYSTEM\MDM.EXE
O4 - HKLM\..\RunServices: [ATIPOLAB] ati2evxx.exe
O4 - HKLM\..\RunServices: [WinTools] C:\PROGRA~1\FICHIE~1\WINTOOLS\WTOOLSA.EXE
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [KB891711] C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
O4 - HKLM\..\RunServices: [KB918547] C:\WINDOWS\SYSTEM\KB918547\KB918547.EXE
O4 - HKLM\..\RunServices: [avast!] C:\Program Files\Alwil Software\Avast4\ashServ.exe
O4 - HKCU\..\Run: [CANALSATELLITE_WALLPAPER] C:\PROGRAM FILES\CANALSATELLITE\CALENDRIER 2005\CSAT2005.EXE
O4 - HKCU\..\Run: [anti_troj] C:\WINDOWS\SYSTEM\anti_troj.exe
O4 - Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Startup: Watch.lnk = C:\Program Files\DV Series\Console\Watch.exe
O4 - Startup: Controleur de calendrier pour Mon Edition personnalisee de Ulead Photo Express 4.0.lnk = ?
O4 - Startup: MediaKey.lnk = C:\Program Files\MediaKey\Versato.exe
O8 - Extra context menu item: Recherche &Google - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmsearch.html
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmwordtrans.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmcache.html
O8 - Extra context menu item: Pages similaires - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmsimilar.html
O8 - Extra context menu item: Pages liées - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmbacklinks.html
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O10 - Broken Internet access because of LSP provider 'c:\program files\newdotnet\newdotnet7_22.dll' missing
O12 - Plugin for .pdf: C:\PROGRA~1\INTERN~1\PLUGINS\nppdf32.dll
O12 - Plugin for .UVR: C:\Program Files\Internet Explorer\Plugins\NPUPano.dll
O16 - DPF: {CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA} (Environnement d'exécution Java 1.4.1_02) -
O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540006} (CInstall Class) - http://www.errorguard.com/installation/Install.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game19.zylomgames.com/activex/zylomgamesplayer.cab
O16 - DPF: {084DAC27-6FA3-4F55-9005-033F2F102F5C} - http://data.jeuxclassiques.com/npwwg.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - a840.g.akamai.net
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O18 - Filter: text/html - {05ED8660-ADA2-11D9-97A3-0007CB0000FF} - C:\WINDOWS\APPLICATION DATA\MICROSOFT\INTERNET EXPLORER\V0.39.DAT
Voil le nouveau log.
Par contre, depuis que j'ai supprimer NewDotnet, j'ai un message d'erreur au démarrage :
RUNDLL
Erreur chargement de C:\PROGA1~\NEWDOT1~\NEWDOT1~.DLL
A+
Logfile of HijackThis v1.99.1
Scan saved at 16:48:50, on 04/10/06
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 (6.00.2800.1106)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\PROGRAM FILES\FICHIERS COMMUNS\SYMANTEC SHARED\CCEVTMGR.EXE
C:\PROGRAM FILES\FICHIERS COMMUNS\SYMANTEC SHARED\SYMTRAY.EXE
C:\WINDOWS\SYSTEM\MDM.EXE
C:\WINDOWS\SYSTEM\ATI2EVXX.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
C:\WINDOWS\SYSTEM\KB918547\KB918547.EXE
C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHSERV.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\WINDOWS\SYSTEM\ATIPTAXX.EXE
C:\PROGRAM FILES\FICHIERS COMMUNS\SYMANTEC SHARED\CCAPP.EXE
C:\PROGRAM FILES\SCANSOFT\OMNIPAGESE2.0\OPWARESE2.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\PROGRAM FILES\WEBHANCER\PROGRAMS\WHAGENT.EXE
C:\WINDOWS\SYSTEM\TDPMX.EXE
C:\WINDOWS\SYSTEM\AKEBUX.EXE
C:\WINDOWS\SYSTEM\GDIMX.EXE
C:\PROGRAM FILES\COMMON FILES\SYSTEM\1004.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHMAISV.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\PROGRAM FILES\WINZIP\WZQKPICK.EXE
C:\PROGRAM FILES\INTERVIDEO\COMMON\BIN\WINCINEMAMGR.EXE
C:\WINDOWS\PACKAGER.EXE
C:\PROGRAM FILES\DV SERIES\CONSOLE\WATCH.EXE
C:\PROGRAM FILES\ULEAD SYSTEMS\ULEAD PHOTO EXPRESS 4.0 MON EDITION SPéCIALE\CALCHECK.EXE
C:\PROGRAM FILES\MEDIAKEY\VERSATO.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\MEDIAKEY\OSD.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\MES DOCUMENTS\MES EXECUTABLES\HIJACKTHIS.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.websearch.com/search/ie.aspx?tbid=50193
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.searchgateway.net/search/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.websearch.com/search/ie.aspx?tbid=50193
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.websearch.com/search/ie.aspx?tbid=50193
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.searchgateway.net/search/%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {87766247-311C-43B4-8499-3D5FEC94A183} - C:\PROGRA~1\FICHIE~1\WINTOOLS\WTOOLSB.DLL
F1 - win.ini: run=hpfsched
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\PROGRAM FILES\YAHOO!\COMPANION\INSTALLS\CPN\YT.DLL
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O2 - BHO: (no name) - {87766247-311C-43B4-8499-3D5FEC94A183} - C:\PROGRA~1\FICHIE~1\WINTOOLS\WTOOLSB.DLL
O2 - BHO: WhIeHelperObj Class - {c900b400-cdfe-11d3-976a-00e02913a9e0} - C:\PROGRAM FILES\WEBHANCER\PROGRAMS\WHIEHLPR.DLL
O2 - BHO: URLLink - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - C:\Program Files\NewDotNet\newdotnet7_22.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: CeresObj Class - {00000049-8F91-4D9C-9573-F016E7626484} - C:\WINDOWS\CERES.DLL
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRAM FILES\YAHOO!\COMPANION\INSTALLS\CPN\YT.DLL
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [AtiPTA] Atiptaxx.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Fichiers communs\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [Watch] C:\PROGRA~1\MINITEL\Watch.exe
O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\Run: [CriticalUpdate] C:\WINDOWS\SYSTEM\wucrtupd.exe -startup
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [webHancer Agent] "C:\Program Files\webHancer\Programs\whAgent.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMON.EXE /Consumer
O4 - HKLM\..\Run: [tdpmx] c:\windows\system\tdpmx.exe /nocomm
O4 - HKLM\..\Run: [akebux] c:\windows\system\akebux.exe
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL,ClientStartup -s
O4 - HKLM\..\Run: [gdimx] c:\windows\system\gdimx.exe /nocomm
O4 - HKLM\..\Run: [mplay64] c:\program files\common files\system\1004.exe /noerrorinfo
O4 - HKLM\..\Run: [avast! Web Scanner] C:\PROGRA~1\ALWILS~1\AVAST4\ASHWEBSV.EXE
O4 - HKLM\..\Run: [ashMaiSv] C:\PROGRA~1\ALWILS~1\AVAST4\ashmaisv.exe
O4 - HKLM\..\Run: [WinTools] C:\PROGRA~1\FICHIE~1\WINTOOLS\WTOOLSA.EXE
O4 - HKLM\..\RunServices: [ccEvtMgr] "C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe"
O4 - HKLM\..\RunServices: [ScriptBlocking] "C:\Program Files\Fichiers communs\Symantec Shared\Script Blocking\SBServ.exe" -reg
O4 - HKLM\..\RunServices: [SymTray - Norton SystemWorks] C:\Program Files\Fichiers communs\Symantec Shared\SymTray.exe "Norton SystemWorks"
O4 - HKLM\..\RunServices: [Machine Debug Manager] C:\WINDOWS\SYSTEM\MDM.EXE
O4 - HKLM\..\RunServices: [ATIPOLAB] ati2evxx.exe
O4 - HKLM\..\RunServices: [WinTools] C:\PROGRA~1\FICHIE~1\WINTOOLS\WTOOLSA.EXE
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [KB891711] C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
O4 - HKLM\..\RunServices: [KB918547] C:\WINDOWS\SYSTEM\KB918547\KB918547.EXE
O4 - HKLM\..\RunServices: [avast!] C:\Program Files\Alwil Software\Avast4\ashServ.exe
O4 - HKCU\..\Run: [CANALSATELLITE_WALLPAPER] C:\PROGRAM FILES\CANALSATELLITE\CALENDRIER 2005\CSAT2005.EXE
O4 - HKCU\..\Run: [anti_troj] C:\WINDOWS\SYSTEM\anti_troj.exe
O4 - Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Startup: Watch.lnk = C:\Program Files\DV Series\Console\Watch.exe
O4 - Startup: Controleur de calendrier pour Mon Edition personnalisee de Ulead Photo Express 4.0.lnk = ?
O4 - Startup: MediaKey.lnk = C:\Program Files\MediaKey\Versato.exe
O8 - Extra context menu item: Recherche &Google - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmsearch.html
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmwordtrans.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmcache.html
O8 - Extra context menu item: Pages similaires - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmsimilar.html
O8 - Extra context menu item: Pages liées - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmbacklinks.html
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O10 - Broken Internet access because of LSP provider 'c:\program files\newdotnet\newdotnet7_22.dll' missing
O12 - Plugin for .pdf: C:\PROGRA~1\INTERN~1\PLUGINS\nppdf32.dll
O12 - Plugin for .UVR: C:\Program Files\Internet Explorer\Plugins\NPUPano.dll
O16 - DPF: {CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA} (Environnement d'exécution Java 1.4.1_02) -
O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540006} (CInstall Class) - http://www.errorguard.com/installation/Install.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game19.zylomgames.com/activex/zylomgamesplayer.cab
O16 - DPF: {084DAC27-6FA3-4F55-9005-033F2F102F5C} - http://data.jeuxclassiques.com/npwwg.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - a840.g.akamai.net
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O18 - Filter: text/html - {05ED8660-ADA2-11D9-97A3-0007CB0000FF} - C:\WINDOWS\APPLICATION DATA\MICROSOFT\INTERNET EXPLORER\V0.39.DAT
