bonjour..
Il y a quelques temps, j'ai telecharge getright...pas completement
satisfait, j'ai desinstallé...mais depuis, chaque fois que je veux
telecharger ou faire une mise a jour, la page de telechargement est
immediatement remplacée par la page suivante
http://www.getright.com/opera_err.html
j'ai pourtant laisse Getright se demonter grace a son installshield..Et
Opera?? Je n'ai jamais eu.. Je fonctionne sous IE7 ou Mozilla
Je n'ai toujours pas le courage d'attaquer une reinstallation du
systeme..Va pourtant bien falloir...
Cordialement
MBG
A tout hasard, je copie mon hijack logfile
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:32:45, on 30/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32csrss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSExplorer.EXE
C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
C:Program FilesAlwil SoftwareAvast4ashServ.exe
C:WINDOWSsystem32spoolsv.exe
C:Program FilesBabylonBabylon-ProBabylon.exe
C:Program FilesMicrosoft ActiveSyncwcescomm.exe
C:Program FilesSuperCopier2SuperCopier2.exe
C:Program FilesWindows LiveMessengerMsnMsgr.Exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesWindows Media PlayerWMPNSCFG.exe
C:Program FilesCOMOneLogiciel BluetoothBTTray.exe
C:PROGRA~1MI3AA1~1rapimgr.exe
C:Program FilesGoogleGoogle UpdaterGoogleUpdater.exe
C:Program FilesPyGrenouillepygrenouille.exe
C:Program FilesSpamPalspampal.exe
C:Program Filesstickiesstickies.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesCOMOneLogiciel Bluetoothbinbtwdins.exe
C:WINDOWSSystem32dllhost.exe
C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSSystem32imapi.exe
C:Program FilesBorlandInterBaseBinibguard.exe
C:Program FilesFichiers communsMicrosoft SharedVS7DEBUGMDM.EXE
C:WINDOWSSystem32svchost.exe
C:Program FilesUPHCleanuphclean.exe
C:WINDOWSsystem32MsPMSPSv.exe
C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
C:Program FilesAlwil SoftwareAvast4ashWebSv.exe
C:Program FilesBorlandInterBaseBinibserver.exe
C:WINDOWSSystem32alg.exe
C:Program FilesWindows LiveMessengerusnsvc.exe
C:Program FilesOutlook Expressmsimn.exe
C:Program FilesTrend MicroHijackThisHijackThis.exe
C:WINDOWSSystem32wbemwmiprvse.exe
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page =
http://subscribe.free.fr/login/
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkIdi157
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkIdT896
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page =
http://go.microsoft.com/fwlink/?LinkIdT896
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page =
http://go.microsoft.com/fwlink/?LinkIdi157
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant > R1 - HKCUSoftwareMicrosoftInternet Connection Wizard,ShellNext =
http://www.spybot.info/
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
Liens
R3 - URLSearchHook: Online TV Toolbar -
{40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - C:Program
FilesOnline_TVtbOnl1.dll
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} -
C:Program FilesOrbitdownloaderorbitcth.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader -
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesFichiers
communsAdobeAcrobatActiveXAcroIEHelper.dll
O2 - BHO: Media Holding Enterprises, LLC -
{0D39A900-0F3A-4C29-A254-3E65244FDC34} - C:Program
FilesContextToolContextTool-3.dll
O2 - BHO: Online TV Toolbar - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} -
C:Program FilesOnline_TVtbOnl1.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -
C:Program FilesJavajre1.5.0_06binssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper -
{9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program FilesFichiers
communsMicrosoft SharedWindows LiveWindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO -
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:Program
FilesGoogleGoogleToolbarNotifier2.1.615.5858swg.dll
O2 - BHO: PDFCreator Toolbar Helper -
{C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:Program FilesPDFCreator
Toolbarv3.0.0.0PDFCreator_Toolbar.dll
O3 - Toolbar: PDFCreator Toolbar -
{31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:Program FilesPDFCreator
Toolbarv3.0.0.0PDFCreator_Toolbar.dll
O3 - Toolbar: Online TV Toolbar - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} -
C:Program FilesOnline_TVtbOnl1.dll
O4 - HKLM..Run: [Babylon Client] C:Program
FilesBabylonBabylon-ProBabylon.exe -AutoStart
O4 - HKCU..Run: [SP2 Connection Patcher] "C:Program FilesSP2
Connection PatcherSP2ConnPatcher.exe" -n 0
O4 - HKCU..Run: [H/PC Connection Agent] "C:Program FilesMicrosoft
ActiveSyncwcescomm.exe"
O4 - HKCU..Run: [SuperCopier2.exe] C:Program
FilesSuperCopier2SuperCopier2.exe
O4 - HKCU..Run: [msnmsgr] "C:Program FilesWindows
LiveMessengerMsnMsgr.Exe" /background
O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..Run: [WMPNSCFG] C:Program FilesWindows Media
PlayerWMPNSCFG.exe
O4 - HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE
(User 'SERVICE LOCAL')
O4 - HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE
(User 'SERVICE RÉSEAU')
O4 - HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE
(User 'SYSTEM')
O4 - HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE
(User 'Default user')
O4 - Startup: Orbit.lnk = C:Program FilesOrbitdownloaderorbitdm.exe
O4 - Startup: SpamPal.lnk = C:Program FilesSpamPalspampal.exe
O4 - Startup: Stickies.lnk = C:Program Filesstickiesstickies.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:Program FilesMicrosoft
OfficeOffice10OSA.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = C:Program
FilesGoogleGoogle UpdaterGoogleUpdater.exe
O4 - Global Startup: PyGrenouille.lnk = C:Program
FilesPyGrenouillepygrenouille.exe
O6 - HKCUSoftwarePoliciesMicrosoftInternet ExplorerControl Panel
present
O8 - Extra context menu item: &Download by Orbit - res://C:Program
FilesOrbitdownloaderorbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:Program
FilesOrbitdownloaderorbitmxt.dll/204
O8 - Extra context menu item: &NeoTrace It! -
C:PROGRA~1NEOTRA~1NTXcontext.htm
O8 - Extra context menu item: Do&wnload selected by Orbit -
res://C:Program FilesOrbitdownloaderorbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:Program
FilesOrbitdownloaderorbitmxt.dll/202
O8 - Extra context menu item: E&xporter vers Microsoft Excel -
res://C:PROGRA~1MICROS~3Office12EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer à &Bluetooth - C:Program
FilesCOMOneLogiciel Bluetoothbtsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:Program FilesJavajre1.5.0_06binssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program
FilesJavajre1.5.0_06binssv.dll
O9 - Extra button: (no name) - {20CCCFEC-D26F-4ffe-996B-388B39C8CCCA} -
C:WINDOWSsystem32mscoree.DLL
O9 - Extra 'Tools' menuitem: Tri&xie Options... -
{20CCCFEC-D26F-4ffe-996B-388B39C8CCCA} - C:WINDOWSsystem32mscoree.DLL
O9 - Extra button: Create Mobile Favorite -
{2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:PROGRA~1MI3AA1~1INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} -
C:PROGRA~1MI3AA1~1INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... -
{2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:PROGRA~1MI3AA1~1INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
C:PROGRA~1MICROS~3Office12REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 -
{CCA281CA-C863-46ef-9331-5C8D4460577F} - C:Program FilesCOMOneLogiciel
Bluetoothbtsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 -
{CCA281CA-C863-46ef-9331-5C8D4460577F} - C:Program FilesCOMOneLogiciel
Bluetoothbtsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} -
C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 -
{e2e2dd38-d088-4134-82b7-f2ba38496583} - C:WINDOWSNetwork
Diagnosticxpnetdiag.exe
O15 - Trusted Zone: http://www.secuser.com
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) -
http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {03177121-226B-11D4-B0BE-005004AD3039} (UploaderCtrl Class) -
http://www.clubphoto.com/_img/uploader/atl_uploader.cab
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) -
http://housecall-beta.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan
Control) - http://download.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags
Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} -
http://www.bitdefender.fr/scan8/oscan8.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety
Center Base Module) -
http://cdn.scan.safety.live.com/resource/download/scanner/wlscbase969.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1105088604580
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1194593855613
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) -
http://a840.g.akamai.net/7/840/537/2005111401/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient
Class) -
http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) -
http://212.157.152.82/AxisCamControl.ocx
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer
Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {A8739816-022C-11D6-A85D-00C04F9AEAFB} (WebEyeControl) -
http://kotelcam.virtualjerusalem.com/wg_webeye.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF}
(MsnMessengerSetupDownloadControl Class) -
http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) -
http://www.getrightarcade.com/online/online2/zuma/popcaploader_v5.cab
O17 -
HKLMSystemCCSServicesTcpip..{4D5FFFC7-B015-4E9D-BB9D-8B94C5746191}:
NameServer = 212.27.54.252,212.27.39.135
O17 -
HKLMSystemCCSServicesTcpip..{A5169E24-56DC-4BB2-8AED-490713B8455A}:
NameServer = 212.27.53.252,212.27.54.252
O18 - Protocol: talkto - {828030A1-22C1-4009-854F-8E305202313F} -
C:PROGRA~1WI1F86~1MESSEN~1MSGRAP~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software -
C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
O23 - Service: ATI Smart - Unknown owner -
C:WINDOWSsystem32ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:Program FilesAlwil
SoftwareAvast4ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:Program
FilesAlwil SoftwareAvast4ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:Program
FilesAlwil SoftwareAvast4ashWebSv.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:Program
FilesCOMOneLogiciel Bluetoothbinbtwdins.exe
O23 - Service: EasyModApache - Unknown owner - (no file)
O23 - Service: Google Updater Service (gusvc) - Google - C:Program
FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 - Service: InterBaseGuardian - Inprise Corporation - C:Program
FilesBorlandInterBaseBinibguard.exe
O23 - Service: InterBaseServer - Inprise Corporation - C:Program
FilesBorlandInterBaseBinibserver.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:Program
FilesRaxcoPerfectDiskPDEngine.exe
O23 - Service: PDScheduler (PDSched) - Raxco Software, Inc. - C:Program
FilesRaxcoPerfectDiskPDSched.exe
--
End of file - 12331 bytes
bonjour..
Il y a quelques temps, j'ai telecharge getright...pas completement
satisfait, j'ai desinstallé...mais depuis, chaque fois que je veux
telecharger ou faire une mise a jour, la page de telechargement est
immediatement remplacée par la page suivante
http://www.getright.com/opera_err.html
j'ai pourtant laisse Getright se demonter grace a son installshield..Et
Opera?? Je n'ai jamais eu.. Je fonctionne sous IE7 ou Mozilla
Je n'ai toujours pas le courage d'attaquer une reinstallation du
systeme..Va pourtant bien falloir...
Cordialement
MBG
A tout hasard, je copie mon hijack logfile
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:32:45, on 30/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32csrss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSExplorer.EXE
C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
C:Program FilesAlwil SoftwareAvast4ashServ.exe
C:WINDOWSsystem32spoolsv.exe
C:Program FilesBabylonBabylon-ProBabylon.exe
C:Program FilesMicrosoft ActiveSyncwcescomm.exe
C:Program FilesSuperCopier2SuperCopier2.exe
C:Program FilesWindows LiveMessengerMsnMsgr.Exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesWindows Media PlayerWMPNSCFG.exe
C:Program FilesCOMOneLogiciel BluetoothBTTray.exe
C:PROGRA~1MI3AA1~1rapimgr.exe
C:Program FilesGoogleGoogle UpdaterGoogleUpdater.exe
C:Program FilesPyGrenouillepygrenouille.exe
C:Program FilesSpamPalspampal.exe
C:Program Filesstickiesstickies.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesCOMOneLogiciel Bluetoothbinbtwdins.exe
C:WINDOWSSystem32dllhost.exe
C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSSystem32imapi.exe
C:Program FilesBorlandInterBaseBinibguard.exe
C:Program FilesFichiers communsMicrosoft SharedVS7DEBUGMDM.EXE
C:WINDOWSSystem32svchost.exe
C:Program FilesUPHCleanuphclean.exe
C:WINDOWSsystem32MsPMSPSv.exe
C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
C:Program FilesAlwil SoftwareAvast4ashWebSv.exe
C:Program FilesBorlandInterBaseBinibserver.exe
C:WINDOWSSystem32alg.exe
C:Program FilesWindows LiveMessengerusnsvc.exe
C:Program FilesOutlook Expressmsimn.exe
C:Program FilesTrend MicroHijackThisHijackThis.exe
C:WINDOWSSystem32wbemwmiprvse.exe
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page =
http://subscribe.free.fr/login/
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkIdi157
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkIdT896
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page =
http://go.microsoft.com/fwlink/?LinkIdT896
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page =
http://go.microsoft.com/fwlink/?LinkIdi157
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant > R1 - HKCUSoftwareMicrosoftInternet Connection Wizard,ShellNext =
http://www.spybot.info/
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
Liens
R3 - URLSearchHook: Online TV Toolbar -
{40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - C:Program
FilesOnline_TVtbOnl1.dll
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} -
C:Program FilesOrbitdownloaderorbitcth.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader -
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesFichiers
communsAdobeAcrobatActiveXAcroIEHelper.dll
O2 - BHO: Media Holding Enterprises, LLC -
{0D39A900-0F3A-4C29-A254-3E65244FDC34} - C:Program
FilesContextToolContextTool-3.dll
O2 - BHO: Online TV Toolbar - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} -
C:Program FilesOnline_TVtbOnl1.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -
C:Program FilesJavajre1.5.0_06binssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper -
{9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program FilesFichiers
communsMicrosoft SharedWindows LiveWindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO -
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:Program
FilesGoogleGoogleToolbarNotifier2.1.615.5858swg.dll
O2 - BHO: PDFCreator Toolbar Helper -
{C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:Program FilesPDFCreator
Toolbarv3.0.0.0PDFCreator_Toolbar.dll
O3 - Toolbar: PDFCreator Toolbar -
{31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:Program FilesPDFCreator
Toolbarv3.0.0.0PDFCreator_Toolbar.dll
O3 - Toolbar: Online TV Toolbar - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} -
C:Program FilesOnline_TVtbOnl1.dll
O4 - HKLM..Run: [Babylon Client] C:Program
FilesBabylonBabylon-ProBabylon.exe -AutoStart
O4 - HKCU..Run: [SP2 Connection Patcher] "C:Program FilesSP2
Connection PatcherSP2ConnPatcher.exe" -n 0
O4 - HKCU..Run: [H/PC Connection Agent] "C:Program FilesMicrosoft
ActiveSyncwcescomm.exe"
O4 - HKCU..Run: [SuperCopier2.exe] C:Program
FilesSuperCopier2SuperCopier2.exe
O4 - HKCU..Run: [msnmsgr] "C:Program FilesWindows
LiveMessengerMsnMsgr.Exe" /background
O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..Run: [WMPNSCFG] C:Program FilesWindows Media
PlayerWMPNSCFG.exe
O4 - HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE
(User 'SERVICE LOCAL')
O4 - HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE
(User 'SERVICE RÉSEAU')
O4 - HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE
(User 'SYSTEM')
O4 - HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE
(User 'Default user')
O4 - Startup: Orbit.lnk = C:Program FilesOrbitdownloaderorbitdm.exe
O4 - Startup: SpamPal.lnk = C:Program FilesSpamPalspampal.exe
O4 - Startup: Stickies.lnk = C:Program Filesstickiesstickies.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:Program FilesMicrosoft
OfficeOffice10OSA.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = C:Program
FilesGoogleGoogle UpdaterGoogleUpdater.exe
O4 - Global Startup: PyGrenouille.lnk = C:Program
FilesPyGrenouillepygrenouille.exe
O6 - HKCUSoftwarePoliciesMicrosoftInternet ExplorerControl Panel
present
O8 - Extra context menu item: &Download by Orbit - res://C:Program
FilesOrbitdownloaderorbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:Program
FilesOrbitdownloaderorbitmxt.dll/204
O8 - Extra context menu item: &NeoTrace It! -
C:PROGRA~1NEOTRA~1NTXcontext.htm
O8 - Extra context menu item: Do&wnload selected by Orbit -
res://C:Program FilesOrbitdownloaderorbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:Program
FilesOrbitdownloaderorbitmxt.dll/202
O8 - Extra context menu item: E&xporter vers Microsoft Excel -
res://C:PROGRA~1MICROS~3Office12EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer à &Bluetooth - C:Program
FilesCOMOneLogiciel Bluetoothbtsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:Program FilesJavajre1.5.0_06binssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program
FilesJavajre1.5.0_06binssv.dll
O9 - Extra button: (no name) - {20CCCFEC-D26F-4ffe-996B-388B39C8CCCA} -
C:WINDOWSsystem32mscoree.DLL
O9 - Extra 'Tools' menuitem: Tri&xie Options... -
{20CCCFEC-D26F-4ffe-996B-388B39C8CCCA} - C:WINDOWSsystem32mscoree.DLL
O9 - Extra button: Create Mobile Favorite -
{2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:PROGRA~1MI3AA1~1INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} -
C:PROGRA~1MI3AA1~1INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... -
{2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:PROGRA~1MI3AA1~1INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
C:PROGRA~1MICROS~3Office12REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 -
{CCA281CA-C863-46ef-9331-5C8D4460577F} - C:Program FilesCOMOneLogiciel
Bluetoothbtsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 -
{CCA281CA-C863-46ef-9331-5C8D4460577F} - C:Program FilesCOMOneLogiciel
Bluetoothbtsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} -
C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 -
{e2e2dd38-d088-4134-82b7-f2ba38496583} - C:WINDOWSNetwork
Diagnosticxpnetdiag.exe
O15 - Trusted Zone: http://www.secuser.com
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) -
http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {03177121-226B-11D4-B0BE-005004AD3039} (UploaderCtrl Class) -
http://www.clubphoto.com/_img/uploader/atl_uploader.cab
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) -
http://housecall-beta.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan
Control) - http://download.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags
Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} -
http://www.bitdefender.fr/scan8/oscan8.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety
Center Base Module) -
http://cdn.scan.safety.live.com/resource/download/scanner/wlscbase969.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1105088604580
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1194593855613
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) -
http://a840.g.akamai.net/7/840/537/2005111401/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient
Class) -
http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) -
http://212.157.152.82/AxisCamControl.ocx
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer
Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {A8739816-022C-11D6-A85D-00C04F9AEAFB} (WebEyeControl) -
http://kotelcam.virtualjerusalem.com/wg_webeye.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF}
(MsnMessengerSetupDownloadControl Class) -
http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) -
http://www.getrightarcade.com/online/online2/zuma/popcaploader_v5.cab
O17 -
HKLMSystemCCSServicesTcpip..{4D5FFFC7-B015-4E9D-BB9D-8B94C5746191}:
NameServer = 212.27.54.252,212.27.39.135
O17 -
HKLMSystemCCSServicesTcpip..{A5169E24-56DC-4BB2-8AED-490713B8455A}:
NameServer = 212.27.53.252,212.27.54.252
O18 - Protocol: talkto - {828030A1-22C1-4009-854F-8E305202313F} -
C:PROGRA~1WI1F86~1MESSEN~1MSGRAP~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software -
C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
O23 - Service: ATI Smart - Unknown owner -
C:WINDOWSsystem32ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:Program FilesAlwil
SoftwareAvast4ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:Program
FilesAlwil SoftwareAvast4ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:Program
FilesAlwil SoftwareAvast4ashWebSv.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:Program
FilesCOMOneLogiciel Bluetoothbinbtwdins.exe
O23 - Service: EasyModApache - Unknown owner - (no file)
O23 - Service: Google Updater Service (gusvc) - Google - C:Program
FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 - Service: InterBaseGuardian - Inprise Corporation - C:Program
FilesBorlandInterBaseBinibguard.exe
O23 - Service: InterBaseServer - Inprise Corporation - C:Program
FilesBorlandInterBaseBinibserver.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:Program
FilesRaxcoPerfectDiskPDEngine.exe
O23 - Service: PDScheduler (PDSched) - Raxco Software, Inc. - C:Program
FilesRaxcoPerfectDiskPDSched.exe
--
End of file - 12331 bytes
bonjour..
Il y a quelques temps, j'ai telecharge getright...pas completement
satisfait, j'ai desinstallé...mais depuis, chaque fois que je veux
telecharger ou faire une mise a jour, la page de telechargement est
immediatement remplacée par la page suivante
http://www.getright.com/opera_err.html
j'ai pourtant laisse Getright se demonter grace a son installshield..Et
Opera?? Je n'ai jamais eu.. Je fonctionne sous IE7 ou Mozilla
Je n'ai toujours pas le courage d'attaquer une reinstallation du
systeme..Va pourtant bien falloir...
Cordialement
MBG
A tout hasard, je copie mon hijack logfile
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:32:45, on 30/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32csrss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSExplorer.EXE
C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
C:Program FilesAlwil SoftwareAvast4ashServ.exe
C:WINDOWSsystem32spoolsv.exe
C:Program FilesBabylonBabylon-ProBabylon.exe
C:Program FilesMicrosoft ActiveSyncwcescomm.exe
C:Program FilesSuperCopier2SuperCopier2.exe
C:Program FilesWindows LiveMessengerMsnMsgr.Exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesWindows Media PlayerWMPNSCFG.exe
C:Program FilesCOMOneLogiciel BluetoothBTTray.exe
C:PROGRA~1MI3AA1~1rapimgr.exe
C:Program FilesGoogleGoogle UpdaterGoogleUpdater.exe
C:Program FilesPyGrenouillepygrenouille.exe
C:Program FilesSpamPalspampal.exe
C:Program Filesstickiesstickies.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesCOMOneLogiciel Bluetoothbinbtwdins.exe
C:WINDOWSSystem32dllhost.exe
C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSSystem32imapi.exe
C:Program FilesBorlandInterBaseBinibguard.exe
C:Program FilesFichiers communsMicrosoft SharedVS7DEBUGMDM.EXE
C:WINDOWSSystem32svchost.exe
C:Program FilesUPHCleanuphclean.exe
C:WINDOWSsystem32MsPMSPSv.exe
C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
C:Program FilesAlwil SoftwareAvast4ashWebSv.exe
C:Program FilesBorlandInterBaseBinibserver.exe
C:WINDOWSSystem32alg.exe
C:Program FilesWindows LiveMessengerusnsvc.exe
C:Program FilesOutlook Expressmsimn.exe
C:Program FilesTrend MicroHijackThisHijackThis.exe
C:WINDOWSSystem32wbemwmiprvse.exe
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page =
http://subscribe.free.fr/login/
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkIdi157
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkIdT896
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page =
http://go.microsoft.com/fwlink/?LinkIdT896
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page =
http://go.microsoft.com/fwlink/?LinkIdi157
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant > R1 - HKCUSoftwareMicrosoftInternet Connection Wizard,ShellNext =
http://www.spybot.info/
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
Liens
R3 - URLSearchHook: Online TV Toolbar -
{40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - C:Program
FilesOnline_TVtbOnl1.dll
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} -
C:Program FilesOrbitdownloaderorbitcth.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader -
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesFichiers
communsAdobeAcrobatActiveXAcroIEHelper.dll
O2 - BHO: Media Holding Enterprises, LLC -
{0D39A900-0F3A-4C29-A254-3E65244FDC34} - C:Program
FilesContextToolContextTool-3.dll
O2 - BHO: Online TV Toolbar - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} -
C:Program FilesOnline_TVtbOnl1.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -
C:Program FilesJavajre1.5.0_06binssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper -
{9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program FilesFichiers
communsMicrosoft SharedWindows LiveWindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO -
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:Program
FilesGoogleGoogleToolbarNotifier2.1.615.5858swg.dll
O2 - BHO: PDFCreator Toolbar Helper -
{C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:Program FilesPDFCreator
Toolbarv3.0.0.0PDFCreator_Toolbar.dll
O3 - Toolbar: PDFCreator Toolbar -
{31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:Program FilesPDFCreator
Toolbarv3.0.0.0PDFCreator_Toolbar.dll
O3 - Toolbar: Online TV Toolbar - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} -
C:Program FilesOnline_TVtbOnl1.dll
O4 - HKLM..Run: [Babylon Client] C:Program
FilesBabylonBabylon-ProBabylon.exe -AutoStart
O4 - HKCU..Run: [SP2 Connection Patcher] "C:Program FilesSP2
Connection PatcherSP2ConnPatcher.exe" -n 0
O4 - HKCU..Run: [H/PC Connection Agent] "C:Program FilesMicrosoft
ActiveSyncwcescomm.exe"
O4 - HKCU..Run: [SuperCopier2.exe] C:Program
FilesSuperCopier2SuperCopier2.exe
O4 - HKCU..Run: [msnmsgr] "C:Program FilesWindows
LiveMessengerMsnMsgr.Exe" /background
O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..Run: [WMPNSCFG] C:Program FilesWindows Media
PlayerWMPNSCFG.exe
O4 - HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE
(User 'SERVICE LOCAL')
O4 - HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE
(User 'SERVICE RÉSEAU')
O4 - HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE
(User 'SYSTEM')
O4 - HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE
(User 'Default user')
O4 - Startup: Orbit.lnk = C:Program FilesOrbitdownloaderorbitdm.exe
O4 - Startup: SpamPal.lnk = C:Program FilesSpamPalspampal.exe
O4 - Startup: Stickies.lnk = C:Program Filesstickiesstickies.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:Program FilesMicrosoft
OfficeOffice10OSA.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = C:Program
FilesGoogleGoogle UpdaterGoogleUpdater.exe
O4 - Global Startup: PyGrenouille.lnk = C:Program
FilesPyGrenouillepygrenouille.exe
O6 - HKCUSoftwarePoliciesMicrosoftInternet ExplorerControl Panel
present
O8 - Extra context menu item: &Download by Orbit - res://C:Program
FilesOrbitdownloaderorbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:Program
FilesOrbitdownloaderorbitmxt.dll/204
O8 - Extra context menu item: &NeoTrace It! -
C:PROGRA~1NEOTRA~1NTXcontext.htm
O8 - Extra context menu item: Do&wnload selected by Orbit -
res://C:Program FilesOrbitdownloaderorbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:Program
FilesOrbitdownloaderorbitmxt.dll/202
O8 - Extra context menu item: E&xporter vers Microsoft Excel -
res://C:PROGRA~1MICROS~3Office12EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer à &Bluetooth - C:Program
FilesCOMOneLogiciel Bluetoothbtsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:Program FilesJavajre1.5.0_06binssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program
FilesJavajre1.5.0_06binssv.dll
O9 - Extra button: (no name) - {20CCCFEC-D26F-4ffe-996B-388B39C8CCCA} -
C:WINDOWSsystem32mscoree.DLL
O9 - Extra 'Tools' menuitem: Tri&xie Options... -
{20CCCFEC-D26F-4ffe-996B-388B39C8CCCA} - C:WINDOWSsystem32mscoree.DLL
O9 - Extra button: Create Mobile Favorite -
{2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:PROGRA~1MI3AA1~1INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} -
C:PROGRA~1MI3AA1~1INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... -
{2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:PROGRA~1MI3AA1~1INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
C:PROGRA~1MICROS~3Office12REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 -
{CCA281CA-C863-46ef-9331-5C8D4460577F} - C:Program FilesCOMOneLogiciel
Bluetoothbtsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 -
{CCA281CA-C863-46ef-9331-5C8D4460577F} - C:Program FilesCOMOneLogiciel
Bluetoothbtsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} -
C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 -
{e2e2dd38-d088-4134-82b7-f2ba38496583} - C:WINDOWSNetwork
Diagnosticxpnetdiag.exe
O15 - Trusted Zone: http://www.secuser.com
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) -
http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {03177121-226B-11D4-B0BE-005004AD3039} (UploaderCtrl Class) -
http://www.clubphoto.com/_img/uploader/atl_uploader.cab
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) -
http://housecall-beta.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan
Control) - http://download.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags
Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} -
http://www.bitdefender.fr/scan8/oscan8.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety
Center Base Module) -
http://cdn.scan.safety.live.com/resource/download/scanner/wlscbase969.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1105088604580
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1194593855613
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) -
http://a840.g.akamai.net/7/840/537/2005111401/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient
Class) -
http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) -
http://212.157.152.82/AxisCamControl.ocx
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer
Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {A8739816-022C-11D6-A85D-00C04F9AEAFB} (WebEyeControl) -
http://kotelcam.virtualjerusalem.com/wg_webeye.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF}
(MsnMessengerSetupDownloadControl Class) -
http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) -
http://www.getrightarcade.com/online/online2/zuma/popcaploader_v5.cab
O17 -
HKLMSystemCCSServicesTcpip..{4D5FFFC7-B015-4E9D-BB9D-8B94C5746191}:
NameServer = 212.27.54.252,212.27.39.135
O17 -
HKLMSystemCCSServicesTcpip..{A5169E24-56DC-4BB2-8AED-490713B8455A}:
NameServer = 212.27.53.252,212.27.54.252
O18 - Protocol: talkto - {828030A1-22C1-4009-854F-8E305202313F} -
C:PROGRA~1WI1F86~1MESSEN~1MSGRAP~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software -
C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
O23 - Service: ATI Smart - Unknown owner -
C:WINDOWSsystem32ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:Program FilesAlwil
SoftwareAvast4ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:Program
FilesAlwil SoftwareAvast4ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:Program
FilesAlwil SoftwareAvast4ashWebSv.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:Program
FilesCOMOneLogiciel Bluetoothbinbtwdins.exe
O23 - Service: EasyModApache - Unknown owner - (no file)
O23 - Service: Google Updater Service (gusvc) - Google - C:Program
FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 - Service: InterBaseGuardian - Inprise Corporation - C:Program
FilesBorlandInterBaseBinibguard.exe
O23 - Service: InterBaseServer - Inprise Corporation - C:Program
FilesBorlandInterBaseBinibserver.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:Program
FilesRaxcoPerfectDiskPDEngine.exe
O23 - Service: PDScheduler (PDSched) - Raxco Software, Inc. - C:Program
FilesRaxcoPerfectDiskPDSched.exe
--
End of file - 12331 bytes
bonjour..
Il y a quelques temps, j'ai telecharge getright...pas completement
satisfait, j'ai desinstallé...mais depuis, chaque fois que je veux
telecharger ou faire une mise a jour, la page de telechargement est
immediatement remplacée par la page suivante
http://www.getright.com/opera_err.html
j'ai pourtant laisse Getright se demonter grace a son installshield..Et
Opera?? Je n'ai jamais eu.. Je fonctionne sous IE7 ou Mozilla
Je n'ai toujours pas le courage d'attaquer une reinstallation du
systeme..Va pourtant bien falloir...
Cordialement
MBG
A tout hasard, je copie mon hijack logfile
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:32:45, on 30/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32csrss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSExplorer.EXE
C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
C:Program FilesAlwil SoftwareAvast4ashServ.exe
C:WINDOWSsystem32spoolsv.exe
C:Program FilesBabylonBabylon-ProBabylon.exe
C:Program FilesMicrosoft ActiveSyncwcescomm.exe
C:Program FilesSuperCopier2SuperCopier2.exe
C:Program FilesWindows LiveMessengerMsnMsgr.Exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesWindows Media PlayerWMPNSCFG.exe
C:Program FilesCOMOneLogiciel BluetoothBTTray.exe
C:PROGRA~1MI3AA1~1rapimgr.exe
C:Program FilesGoogleGoogle UpdaterGoogleUpdater.exe
C:Program FilesPyGrenouillepygrenouille.exe
C:Program FilesSpamPalspampal.exe
C:Program Filesstickiesstickies.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesCOMOneLogiciel Bluetoothbinbtwdins.exe
C:WINDOWSSystem32dllhost.exe
C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSSystem32imapi.exe
C:Program FilesBorlandInterBaseBinibguard.exe
C:Program FilesFichiers communsMicrosoft SharedVS7DEBUGMDM.EXE
C:WINDOWSSystem32svchost.exe
C:Program FilesUPHCleanuphclean.exe
C:WINDOWSsystem32MsPMSPSv.exe
C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
C:Program FilesAlwil SoftwareAvast4ashWebSv.exe
C:Program FilesBorlandInterBaseBinibserver.exe
C:WINDOWSSystem32alg.exe
C:Program FilesWindows LiveMessengerusnsvc.exe
C:Program FilesOutlook Expressmsimn.exe
C:Program FilesTrend MicroHijackThisHijackThis.exe
C:WINDOWSSystem32wbemwmiprvse.exe
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page =
http://subscribe.free.fr/login/
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkIdi157
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkIdT896
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page =
http://go.microsoft.com/fwlink/?LinkIdT896
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page =
http://go.microsoft.com/fwlink/?LinkIdi157
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant > R1 - HKCUSoftwareMicrosoftInternet Connection Wizard,ShellNext =
http://www.spybot.info/
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
Liens
R3 - URLSearchHook: Online TV Toolbar -
{40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - C:Program
FilesOnline_TVtbOnl1.dll
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} -
C:Program FilesOrbitdownloaderorbitcth.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader -
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesFichiers
communsAdobeAcrobatActiveXAcroIEHelper.dll
O2 - BHO: Media Holding Enterprises, LLC -
{0D39A900-0F3A-4C29-A254-3E65244FDC34} - C:Program
FilesContextToolContextTool-3.dll
O2 - BHO: Online TV Toolbar - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} -
C:Program FilesOnline_TVtbOnl1.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -
C:Program FilesJavajre1.5.0_06binssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper -
{9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program FilesFichiers
communsMicrosoft SharedWindows LiveWindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO -
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:Program
FilesGoogleGoogleToolbarNotifier2.1.615.5858swg.dll
O2 - BHO: PDFCreator Toolbar Helper -
{C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:Program FilesPDFCreator
Toolbarv3.0.0.0PDFCreator_Toolbar.dll
O3 - Toolbar: PDFCreator Toolbar -
{31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:Program FilesPDFCreator
Toolbarv3.0.0.0PDFCreator_Toolbar.dll
O3 - Toolbar: Online TV Toolbar - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} -
C:Program FilesOnline_TVtbOnl1.dll
O4 - HKLM..Run: [Babylon Client] C:Program
FilesBabylonBabylon-ProBabylon.exe -AutoStart
O4 - HKCU..Run: [SP2 Connection Patcher] "C:Program FilesSP2
Connection PatcherSP2ConnPatcher.exe" -n 0
O4 - HKCU..Run: [H/PC Connection Agent] "C:Program FilesMicrosoft
ActiveSyncwcescomm.exe"
O4 - HKCU..Run: [SuperCopier2.exe] C:Program
FilesSuperCopier2SuperCopier2.exe
O4 - HKCU..Run: [msnmsgr] "C:Program FilesWindows
LiveMessengerMsnMsgr.Exe" /background
O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..Run: [WMPNSCFG] C:Program FilesWindows Media
PlayerWMPNSCFG.exe
O4 - HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE
(User 'SERVICE LOCAL')
O4 - HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE
(User 'SERVICE RÉSEAU')
O4 - HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE
(User 'SYSTEM')
O4 - HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE
(User 'Default user')
O4 - Startup: Orbit.lnk = C:Program FilesOrbitdownloaderorbitdm.exe
O4 - Startup: SpamPal.lnk = C:Program FilesSpamPalspampal.exe
O4 - Startup: Stickies.lnk = C:Program Filesstickiesstickies.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:Program FilesMicrosoft
OfficeOffice10OSA.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = C:Program
FilesGoogleGoogle UpdaterGoogleUpdater.exe
O4 - Global Startup: PyGrenouille.lnk = C:Program
FilesPyGrenouillepygrenouille.exe
O6 - HKCUSoftwarePoliciesMicrosoftInternet ExplorerControl Panel
present
O8 - Extra context menu item: &Download by Orbit - res://C:Program
FilesOrbitdownloaderorbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:Program
FilesOrbitdownloaderorbitmxt.dll/204
O8 - Extra context menu item: &NeoTrace It! -
C:PROGRA~1NEOTRA~1NTXcontext.htm
O8 - Extra context menu item: Do&wnload selected by Orbit -
res://C:Program FilesOrbitdownloaderorbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:Program
FilesOrbitdownloaderorbitmxt.dll/202
O8 - Extra context menu item: E&xporter vers Microsoft Excel -
res://C:PROGRA~1MICROS~3Office12EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer à &Bluetooth - C:Program
FilesCOMOneLogiciel Bluetoothbtsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:Program FilesJavajre1.5.0_06binssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program
FilesJavajre1.5.0_06binssv.dll
O9 - Extra button: (no name) - {20CCCFEC-D26F-4ffe-996B-388B39C8CCCA} -
C:WINDOWSsystem32mscoree.DLL
O9 - Extra 'Tools' menuitem: Tri&xie Options... -
{20CCCFEC-D26F-4ffe-996B-388B39C8CCCA} - C:WINDOWSsystem32mscoree.DLL
O9 - Extra button: Create Mobile Favorite -
{2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:PROGRA~1MI3AA1~1INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} -
C:PROGRA~1MI3AA1~1INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... -
{2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:PROGRA~1MI3AA1~1INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
C:PROGRA~1MICROS~3Office12REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 -
{CCA281CA-C863-46ef-9331-5C8D4460577F} - C:Program FilesCOMOneLogiciel
Bluetoothbtsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 -
{CCA281CA-C863-46ef-9331-5C8D4460577F} - C:Program FilesCOMOneLogiciel
Bluetoothbtsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} -
C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 -
{e2e2dd38-d088-4134-82b7-f2ba38496583} - C:WINDOWSNetwork
Diagnosticxpnetdiag.exe
O15 - Trusted Zone: http://www.secuser.com
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) -
http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {03177121-226B-11D4-B0BE-005004AD3039} (UploaderCtrl Class) -
http://www.clubphoto.com/_img/uploader/atl_uploader.cab
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) -
http://housecall-beta.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan
Control) - http://download.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags
Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} -
http://www.bitdefender.fr/scan8/oscan8.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety
Center Base Module) -
http://cdn.scan.safety.live.com/resource/download/scanner/wlscbase969.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1105088604580
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1194593855613
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) -
http://a840.g.akamai.net/7/840/537/2005111401/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient
Class) -
http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) -
http://212.157.152.82/AxisCamControl.ocx
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer
Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {A8739816-022C-11D6-A85D-00C04F9AEAFB} (WebEyeControl) -
http://kotelcam.virtualjerusalem.com/wg_webeye.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF}
(MsnMessengerSetupDownloadControl Class) -
http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) -
http://www.getrightarcade.com/online/online2/zuma/popcaploader_v5.cab
O17 -
HKLMSystemCCSServicesTcpip..{4D5FFFC7-B015-4E9D-BB9D-8B94C5746191}:
NameServer = 212.27.54.252,212.27.39.135
O17 -
HKLMSystemCCSServicesTcpip..{A5169E24-56DC-4BB2-8AED-490713B8455A}:
NameServer = 212.27.53.252,212.27.54.252
O18 - Protocol: talkto - {828030A1-22C1-4009-854F-8E305202313F} -
C:PROGRA~1WI1F86~1MESSEN~1MSGRAP~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software -
C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
O23 - Service: ATI Smart - Unknown owner -
C:WINDOWSsystem32ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:Program FilesAlwil
SoftwareAvast4ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:Program
FilesAlwil SoftwareAvast4ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:Program
FilesAlwil SoftwareAvast4ashWebSv.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:Program
FilesCOMOneLogiciel Bluetoothbinbtwdins.exe
O23 - Service: EasyModApache - Unknown owner - (no file)
O23 - Service: Google Updater Service (gusvc) - Google - C:Program
FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 - Service: InterBaseGuardian - Inprise Corporation - C:Program
FilesBorlandInterBaseBinibguard.exe
O23 - Service: InterBaseServer - Inprise Corporation - C:Program
FilesBorlandInterBaseBinibserver.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:Program
FilesRaxcoPerfectDiskPDEngine.exe
O23 - Service: PDScheduler (PDSched) - Raxco Software, Inc. - C:Program
FilesRaxcoPerfectDiskPDSched.exe
--
End of file - 12331 bytes
bonjour..
Il y a quelques temps, j'ai telecharge getright...pas completement
satisfait, j'ai desinstallé...mais depuis, chaque fois que je veux
telecharger ou faire une mise a jour, la page de telechargement est
immediatement remplacée par la page suivante
http://www.getright.com/opera_err.html
j'ai pourtant laisse Getright se demonter grace a son installshield..Et
Opera?? Je n'ai jamais eu.. Je fonctionne sous IE7 ou Mozilla
Je n'ai toujours pas le courage d'attaquer une reinstallation du
systeme..Va pourtant bien falloir...
Cordialement
MBG
A tout hasard, je copie mon hijack logfile
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:32:45, on 30/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32csrss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSExplorer.EXE
C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
C:Program FilesAlwil SoftwareAvast4ashServ.exe
C:WINDOWSsystem32spoolsv.exe
C:Program FilesBabylonBabylon-ProBabylon.exe
C:Program FilesMicrosoft ActiveSyncwcescomm.exe
C:Program FilesSuperCopier2SuperCopier2.exe
C:Program FilesWindows LiveMessengerMsnMsgr.Exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesWindows Media PlayerWMPNSCFG.exe
C:Program FilesCOMOneLogiciel BluetoothBTTray.exe
C:PROGRA~1MI3AA1~1rapimgr.exe
C:Program FilesGoogleGoogle UpdaterGoogleUpdater.exe
C:Program FilesPyGrenouillepygrenouille.exe
C:Program FilesSpamPalspampal.exe
C:Program Filesstickiesstickies.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesCOMOneLogiciel Bluetoothbinbtwdins.exe
C:WINDOWSSystem32dllhost.exe
C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSSystem32imapi.exe
C:Program FilesBorlandInterBaseBinibguard.exe
C:Program FilesFichiers communsMicrosoft SharedVS7DEBUGMDM.EXE
C:WINDOWSSystem32svchost.exe
C:Program FilesUPHCleanuphclean.exe
C:WINDOWSsystem32MsPMSPSv.exe
C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
C:Program FilesAlwil SoftwareAvast4ashWebSv.exe
C:Program FilesBorlandInterBaseBinibserver.exe
C:WINDOWSSystem32alg.exe
C:Program FilesWindows LiveMessengerusnsvc.exe
C:Program FilesOutlook Expressmsimn.exe
C:Program FilesTrend MicroHijackThisHijackThis.exe
C:WINDOWSSystem32wbemwmiprvse.exe
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page =
http://subscribe.free.fr/login/
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkIdi157
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkIdT896
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page =
http://go.microsoft.com/fwlink/?LinkIdT896
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page =
http://go.microsoft.com/fwlink/?LinkIdi157
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant > R1 - HKCUSoftwareMicrosoftInternet Connection Wizard,ShellNext =
http://www.spybot.info/
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
Liens
R3 - URLSearchHook: Online TV Toolbar -
{40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - C:Program
FilesOnline_TVtbOnl1.dll
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} -
C:Program FilesOrbitdownloaderorbitcth.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader -
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesFichiers
communsAdobeAcrobatActiveXAcroIEHelper.dll
O2 - BHO: Media Holding Enterprises, LLC -
{0D39A900-0F3A-4C29-A254-3E65244FDC34} - C:Program
FilesContextToolContextTool-3.dll
O2 - BHO: Online TV Toolbar - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} -
C:Program FilesOnline_TVtbOnl1.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -
C:Program FilesJavajre1.5.0_06binssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper -
{9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program FilesFichiers
communsMicrosoft SharedWindows LiveWindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO -
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:Program
FilesGoogleGoogleToolbarNotifier2.1.615.5858swg.dll
O2 - BHO: PDFCreator Toolbar Helper -
{C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:Program FilesPDFCreator
Toolbarv3.0.0.0PDFCreator_Toolbar.dll
O3 - Toolbar: PDFCreator Toolbar -
{31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:Program FilesPDFCreator
Toolbarv3.0.0.0PDFCreator_Toolbar.dll
O3 - Toolbar: Online TV Toolbar - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} -
C:Program FilesOnline_TVtbOnl1.dll
O4 - HKLM..Run: [Babylon Client] C:Program
FilesBabylonBabylon-ProBabylon.exe -AutoStart
O4 - HKCU..Run: [SP2 Connection Patcher] "C:Program FilesSP2
Connection PatcherSP2ConnPatcher.exe" -n 0
O4 - HKCU..Run: [H/PC Connection Agent] "C:Program FilesMicrosoft
ActiveSyncwcescomm.exe"
O4 - HKCU..Run: [SuperCopier2.exe] C:Program
FilesSuperCopier2SuperCopier2.exe
O4 - HKCU..Run: [msnmsgr] "C:Program FilesWindows
LiveMessengerMsnMsgr.Exe" /background
O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..Run: [WMPNSCFG] C:Program FilesWindows Media
PlayerWMPNSCFG.exe
O4 - HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE
(User 'SERVICE LOCAL')
O4 - HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE
(User 'SERVICE RÉSEAU')
O4 - HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE
(User 'SYSTEM')
O4 - HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE
(User 'Default user')
O4 - Startup: Orbit.lnk = C:Program FilesOrbitdownloaderorbitdm.exe
O4 - Startup: SpamPal.lnk = C:Program FilesSpamPalspampal.exe
O4 - Startup: Stickies.lnk = C:Program Filesstickiesstickies.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:Program FilesMicrosoft
OfficeOffice10OSA.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = C:Program
FilesGoogleGoogle UpdaterGoogleUpdater.exe
O4 - Global Startup: PyGrenouille.lnk = C:Program
FilesPyGrenouillepygrenouille.exe
O6 - HKCUSoftwarePoliciesMicrosoftInternet ExplorerControl Panel
present
O8 - Extra context menu item: &Download by Orbit - res://C:Program
FilesOrbitdownloaderorbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:Program
FilesOrbitdownloaderorbitmxt.dll/204
O8 - Extra context menu item: &NeoTrace It! -
C:PROGRA~1NEOTRA~1NTXcontext.htm
O8 - Extra context menu item: Do&wnload selected by Orbit -
res://C:Program FilesOrbitdownloaderorbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:Program
FilesOrbitdownloaderorbitmxt.dll/202
O8 - Extra context menu item: E&xporter vers Microsoft Excel -
res://C:PROGRA~1MICROS~3Office12EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer à &Bluetooth - C:Program
FilesCOMOneLogiciel Bluetoothbtsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:Program FilesJavajre1.5.0_06binssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program
FilesJavajre1.5.0_06binssv.dll
O9 - Extra button: (no name) - {20CCCFEC-D26F-4ffe-996B-388B39C8CCCA} -
C:WINDOWSsystem32mscoree.DLL
O9 - Extra 'Tools' menuitem: Tri&xie Options... -
{20CCCFEC-D26F-4ffe-996B-388B39C8CCCA} - C:WINDOWSsystem32mscoree.DLL
O9 - Extra button: Create Mobile Favorite -
{2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:PROGRA~1MI3AA1~1INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} -
C:PROGRA~1MI3AA1~1INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... -
{2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:PROGRA~1MI3AA1~1INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
C:PROGRA~1MICROS~3Office12REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 -
{CCA281CA-C863-46ef-9331-5C8D4460577F} - C:Program FilesCOMOneLogiciel
Bluetoothbtsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 -
{CCA281CA-C863-46ef-9331-5C8D4460577F} - C:Program FilesCOMOneLogiciel
Bluetoothbtsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} -
C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 -
{e2e2dd38-d088-4134-82b7-f2ba38496583} - C:WINDOWSNetwork
Diagnosticxpnetdiag.exe
O15 - Trusted Zone: http://www.secuser.com
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) -
http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {03177121-226B-11D4-B0BE-005004AD3039} (UploaderCtrl Class) -
http://www.clubphoto.com/_img/uploader/atl_uploader.cab
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) -
http://housecall-beta.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan
Control) - http://download.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags
Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} -
http://www.bitdefender.fr/scan8/oscan8.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety
Center Base Module) -
http://cdn.scan.safety.live.com/resource/download/scanner/wlscbase969.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1105088604580
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1194593855613
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) -
http://a840.g.akamai.net/7/840/537/2005111401/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient
Class) -
http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) -
http://212.157.152.82/AxisCamControl.ocx
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer
Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {A8739816-022C-11D6-A85D-00C04F9AEAFB} (WebEyeControl) -
http://kotelcam.virtualjerusalem.com/wg_webeye.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF}
(MsnMessengerSetupDownloadControl Class) -
http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) -
http://www.getrightarcade.com/online/online2/zuma/popcaploader_v5.cab
O17 -
HKLMSystemCCSServicesTcpip..{4D5FFFC7-B015-4E9D-BB9D-8B94C5746191}:
NameServer = 212.27.54.252,212.27.39.135
O17 -
HKLMSystemCCSServicesTcpip..{A5169E24-56DC-4BB2-8AED-490713B8455A}:
NameServer = 212.27.53.252,212.27.54.252
O18 - Protocol: talkto - {828030A1-22C1-4009-854F-8E305202313F} -
C:PROGRA~1WI1F86~1MESSEN~1MSGRAP~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software -
C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
O23 - Service: ATI Smart - Unknown owner -
C:WINDOWSsystem32ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:Program FilesAlwil
SoftwareAvast4ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:Program
FilesAlwil SoftwareAvast4ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:Program
FilesAlwil SoftwareAvast4ashWebSv.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:Program
FilesCOMOneLogiciel Bluetoothbinbtwdins.exe
O23 - Service: EasyModApache - Unknown owner - (no file)
O23 - Service: Google Updater Service (gusvc) - Google - C:Program
FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 - Service: InterBaseGuardian - Inprise Corporation - C:Program
FilesBorlandInterBaseBinibguard.exe
O23 - Service: InterBaseServer - Inprise Corporation - C:Program
FilesBorlandInterBaseBinibserver.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:Program
FilesRaxcoPerfectDiskPDEngine.exe
O23 - Service: PDScheduler (PDSched) - Raxco Software, Inc. - C:Program
FilesRaxcoPerfectDiskPDSched.exe
--
End of file - 12331 bytes
bonjour..
Il y a quelques temps, j'ai telecharge getright...pas completement
satisfait, j'ai desinstallé...mais depuis, chaque fois que je veux
telecharger ou faire une mise a jour, la page de telechargement est
immediatement remplacée par la page suivante
http://www.getright.com/opera_err.html
j'ai pourtant laisse Getright se demonter grace a son installshield..Et
Opera?? Je n'ai jamais eu.. Je fonctionne sous IE7 ou Mozilla
Je n'ai toujours pas le courage d'attaquer une reinstallation du
systeme..Va pourtant bien falloir...
Cordialement
MBG
A tout hasard, je copie mon hijack logfile
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:32:45, on 30/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32csrss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSExplorer.EXE
C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
C:Program FilesAlwil SoftwareAvast4ashServ.exe
C:WINDOWSsystem32spoolsv.exe
C:Program FilesBabylonBabylon-ProBabylon.exe
C:Program FilesMicrosoft ActiveSyncwcescomm.exe
C:Program FilesSuperCopier2SuperCopier2.exe
C:Program FilesWindows LiveMessengerMsnMsgr.Exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesWindows Media PlayerWMPNSCFG.exe
C:Program FilesCOMOneLogiciel BluetoothBTTray.exe
C:PROGRA~1MI3AA1~1rapimgr.exe
C:Program FilesGoogleGoogle UpdaterGoogleUpdater.exe
C:Program FilesPyGrenouillepygrenouille.exe
C:Program FilesSpamPalspampal.exe
C:Program Filesstickiesstickies.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesCOMOneLogiciel Bluetoothbinbtwdins.exe
C:WINDOWSSystem32dllhost.exe
C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSSystem32imapi.exe
C:Program FilesBorlandInterBaseBinibguard.exe
C:Program FilesFichiers communsMicrosoft SharedVS7DEBUGMDM.EXE
C:WINDOWSSystem32svchost.exe
C:Program FilesUPHCleanuphclean.exe
C:WINDOWSsystem32MsPMSPSv.exe
C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
C:Program FilesAlwil SoftwareAvast4ashWebSv.exe
C:Program FilesBorlandInterBaseBinibserver.exe
C:WINDOWSSystem32alg.exe
C:Program FilesWindows LiveMessengerusnsvc.exe
C:Program FilesOutlook Expressmsimn.exe
C:Program FilesTrend MicroHijackThisHijackThis.exe
C:WINDOWSSystem32wbemwmiprvse.exe
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page =
http://subscribe.free.fr/login/
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkIdi157
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkIdT896
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page =
http://go.microsoft.com/fwlink/?LinkIdT896
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page =
http://go.microsoft.com/fwlink/?LinkIdi157
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant > R1 - HKCUSoftwareMicrosoftInternet Connection Wizard,ShellNext =
http://www.spybot.info/
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
Liens
R3 - URLSearchHook: Online TV Toolbar -
{40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - C:Program
FilesOnline_TVtbOnl1.dll
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} -
C:Program FilesOrbitdownloaderorbitcth.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader -
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesFichiers
communsAdobeAcrobatActiveXAcroIEHelper.dll
O2 - BHO: Media Holding Enterprises, LLC -
{0D39A900-0F3A-4C29-A254-3E65244FDC34} - C:Program
FilesContextToolContextTool-3.dll
O2 - BHO: Online TV Toolbar - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} -
C:Program FilesOnline_TVtbOnl1.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -
C:Program FilesJavajre1.5.0_06binssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper -
{9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program FilesFichiers
communsMicrosoft SharedWindows LiveWindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO -
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:Program
FilesGoogleGoogleToolbarNotifier2.1.615.5858swg.dll
O2 - BHO: PDFCreator Toolbar Helper -
{C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:Program FilesPDFCreator
Toolbarv3.0.0.0PDFCreator_Toolbar.dll
O3 - Toolbar: PDFCreator Toolbar -
{31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:Program FilesPDFCreator
Toolbarv3.0.0.0PDFCreator_Toolbar.dll
O3 - Toolbar: Online TV Toolbar - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} -
C:Program FilesOnline_TVtbOnl1.dll
O4 - HKLM..Run: [Babylon Client] C:Program
FilesBabylonBabylon-ProBabylon.exe -AutoStart
O4 - HKCU..Run: [SP2 Connection Patcher] "C:Program FilesSP2
Connection PatcherSP2ConnPatcher.exe" -n 0
O4 - HKCU..Run: [H/PC Connection Agent] "C:Program FilesMicrosoft
ActiveSyncwcescomm.exe"
O4 - HKCU..Run: [SuperCopier2.exe] C:Program
FilesSuperCopier2SuperCopier2.exe
O4 - HKCU..Run: [msnmsgr] "C:Program FilesWindows
LiveMessengerMsnMsgr.Exe" /background
O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..Run: [WMPNSCFG] C:Program FilesWindows Media
PlayerWMPNSCFG.exe
O4 - HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE
(User 'SERVICE LOCAL')
O4 - HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE
(User 'SERVICE RÉSEAU')
O4 - HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE
(User 'SYSTEM')
O4 - HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE
(User 'Default user')
O4 - Startup: Orbit.lnk = C:Program FilesOrbitdownloaderorbitdm.exe
O4 - Startup: SpamPal.lnk = C:Program FilesSpamPalspampal.exe
O4 - Startup: Stickies.lnk = C:Program Filesstickiesstickies.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:Program FilesMicrosoft
OfficeOffice10OSA.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = C:Program
FilesGoogleGoogle UpdaterGoogleUpdater.exe
O4 - Global Startup: PyGrenouille.lnk = C:Program
FilesPyGrenouillepygrenouille.exe
O6 - HKCUSoftwarePoliciesMicrosoftInternet ExplorerControl Panel
present
O8 - Extra context menu item: &Download by Orbit - res://C:Program
FilesOrbitdownloaderorbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:Program
FilesOrbitdownloaderorbitmxt.dll/204
O8 - Extra context menu item: &NeoTrace It! -
C:PROGRA~1NEOTRA~1NTXcontext.htm
O8 - Extra context menu item: Do&wnload selected by Orbit -
res://C:Program FilesOrbitdownloaderorbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:Program
FilesOrbitdownloaderorbitmxt.dll/202
O8 - Extra context menu item: E&xporter vers Microsoft Excel -
res://C:PROGRA~1MICROS~3Office12EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer à &Bluetooth - C:Program
FilesCOMOneLogiciel Bluetoothbtsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:Program FilesJavajre1.5.0_06binssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program
FilesJavajre1.5.0_06binssv.dll
O9 - Extra button: (no name) - {20CCCFEC-D26F-4ffe-996B-388B39C8CCCA} -
C:WINDOWSsystem32mscoree.DLL
O9 - Extra 'Tools' menuitem: Tri&xie Options... -
{20CCCFEC-D26F-4ffe-996B-388B39C8CCCA} - C:WINDOWSsystem32mscoree.DLL
O9 - Extra button: Create Mobile Favorite -
{2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:PROGRA~1MI3AA1~1INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} -
C:PROGRA~1MI3AA1~1INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... -
{2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:PROGRA~1MI3AA1~1INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
C:PROGRA~1MICROS~3Office12REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 -
{CCA281CA-C863-46ef-9331-5C8D4460577F} - C:Program FilesCOMOneLogiciel
Bluetoothbtsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 -
{CCA281CA-C863-46ef-9331-5C8D4460577F} - C:Program FilesCOMOneLogiciel
Bluetoothbtsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} -
C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 -
{e2e2dd38-d088-4134-82b7-f2ba38496583} - C:WINDOWSNetwork
Diagnosticxpnetdiag.exe
O15 - Trusted Zone: http://www.secuser.com
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) -
http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {03177121-226B-11D4-B0BE-005004AD3039} (UploaderCtrl Class) -
http://www.clubphoto.com/_img/uploader/atl_uploader.cab
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) -
http://housecall-beta.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan
Control) - http://download.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags
Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} -
http://www.bitdefender.fr/scan8/oscan8.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety
Center Base Module) -
http://cdn.scan.safety.live.com/resource/download/scanner/wlscbase969.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1105088604580
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1194593855613
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) -
http://a840.g.akamai.net/7/840/537/2005111401/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient
Class) -
http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) -
http://212.157.152.82/AxisCamControl.ocx
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer
Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {A8739816-022C-11D6-A85D-00C04F9AEAFB} (WebEyeControl) -
http://kotelcam.virtualjerusalem.com/wg_webeye.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF}
(MsnMessengerSetupDownloadControl Class) -
http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) -
http://www.getrightarcade.com/online/online2/zuma/popcaploader_v5.cab
O17 -
HKLMSystemCCSServicesTcpip..{4D5FFFC7-B015-4E9D-BB9D-8B94C5746191}:
NameServer = 212.27.54.252,212.27.39.135
O17 -
HKLMSystemCCSServicesTcpip..{A5169E24-56DC-4BB2-8AED-490713B8455A}:
NameServer = 212.27.53.252,212.27.54.252
O18 - Protocol: talkto - {828030A1-22C1-4009-854F-8E305202313F} -
C:PROGRA~1WI1F86~1MESSEN~1MSGRAP~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software -
C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
O23 - Service: ATI Smart - Unknown owner -
C:WINDOWSsystem32ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:Program FilesAlwil
SoftwareAvast4ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:Program
FilesAlwil SoftwareAvast4ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:Program
FilesAlwil SoftwareAvast4ashWebSv.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:Program
FilesCOMOneLogiciel Bluetoothbinbtwdins.exe
O23 - Service: EasyModApache - Unknown owner - (no file)
O23 - Service: Google Updater Service (gusvc) - Google - C:Program
FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 - Service: InterBaseGuardian - Inprise Corporation - C:Program
FilesBorlandInterBaseBinibguard.exe
O23 - Service: InterBaseServer - Inprise Corporation - C:Program
FilesBorlandInterBaseBinibserver.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:Program
FilesRaxcoPerfectDiskPDEngine.exe
O23 - Service: PDScheduler (PDSched) - Raxco Software, Inc. - C:Program
FilesRaxcoPerfectDiskPDSched.exe
--
End of file - 12331 bytes
Salut,
Si la solution de Papounet n'est pas (plus) applicable, va dans le
Registre en tapant :
Regedit
dans la ligne [Exécuter] du menu [Démarrer]
Tu fais une recherche (Menu Edition) sur getright et sur opera et tu
effaces.
--
Amicalement, Claude.
Claude CHARNEAU MVP-Shell/User.
La fé sens òbras, mòrta es.
"Omygod" a écrit dans le message de groupe de
discussion : 47501257$0$15260$bonjour..
Il y a quelques temps, j'ai telecharge getright...pas completement
satisfait, j'ai desinstallé...mais depuis, chaque fois que je veux
telecharger ou faire une mise a jour, la page de telechargement est
immediatement remplacée par la page suivante
http://www.getright.com/opera_err.html
j'ai pourtant laisse Getright se demonter grace a son installshield..Et
Opera?? Je n'ai jamais eu.. Je fonctionne sous IE7 ou Mozilla
Je n'ai toujours pas le courage d'attaquer une reinstallation du
systeme..Va pourtant bien falloir...
Cordialement
MBG
A tout hasard, je copie mon hijack logfile
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:32:45, on 30/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32csrss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSExplorer.EXE
C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
C:Program FilesAlwil SoftwareAvast4ashServ.exe
C:WINDOWSsystem32spoolsv.exe
C:Program FilesBabylonBabylon-ProBabylon.exe
C:Program FilesMicrosoft ActiveSyncwcescomm.exe
C:Program FilesSuperCopier2SuperCopier2.exe
C:Program FilesWindows LiveMessengerMsnMsgr.Exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesWindows Media PlayerWMPNSCFG.exe
C:Program FilesCOMOneLogiciel BluetoothBTTray.exe
C:PROGRA~1MI3AA1~1rapimgr.exe
C:Program FilesGoogleGoogle UpdaterGoogleUpdater.exe
C:Program FilesPyGrenouillepygrenouille.exe
C:Program FilesSpamPalspampal.exe
C:Program Filesstickiesstickies.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesCOMOneLogiciel Bluetoothbinbtwdins.exe
C:WINDOWSSystem32dllhost.exe
C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSSystem32imapi.exe
C:Program FilesBorlandInterBaseBinibguard.exe
C:Program FilesFichiers communsMicrosoft SharedVS7DEBUGMDM.EXE
C:WINDOWSSystem32svchost.exe
C:Program FilesUPHCleanuphclean.exe
C:WINDOWSsystem32MsPMSPSv.exe
C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
C:Program FilesAlwil SoftwareAvast4ashWebSv.exe
C:Program FilesBorlandInterBaseBinibserver.exe
C:WINDOWSSystem32alg.exe
C:Program FilesWindows LiveMessengerusnsvc.exe
C:Program FilesOutlook Expressmsimn.exe
C:Program FilesTrend MicroHijackThisHijackThis.exe
C:WINDOWSSystem32wbemwmiprvse.exe
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page =
http://subscribe.free.fr/login/
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkIdi157
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkIdT896
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page =
http://go.microsoft.com/fwlink/?LinkIdT896
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page =
http://go.microsoft.com/fwlink/?LinkIdi157
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant >> R1 - HKCUSoftwareMicrosoftInternet Connection Wizard,ShellNext =
http://www.spybot.info/
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
Liens
R3 - URLSearchHook: Online TV Toolbar -
{40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - C:Program
FilesOnline_TVtbOnl1.dll
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} -
C:Program FilesOrbitdownloaderorbitcth.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader -
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesFichiers
communsAdobeAcrobatActiveXAcroIEHelper.dll
O2 - BHO: Media Holding Enterprises, LLC -
{0D39A900-0F3A-4C29-A254-3E65244FDC34} - C:Program
FilesContextToolContextTool-3.dll
O2 - BHO: Online TV Toolbar - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} -
C:Program FilesOnline_TVtbOnl1.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -
C:Program FilesJavajre1.5.0_06binssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper -
{9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program FilesFichiers
communsMicrosoft SharedWindows LiveWindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO -
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:Program
FilesGoogleGoogleToolbarNotifier2.1.615.5858swg.dll
O2 - BHO: PDFCreator Toolbar Helper -
{C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:Program FilesPDFCreator
Toolbarv3.0.0.0PDFCreator_Toolbar.dll
O3 - Toolbar: PDFCreator Toolbar -
{31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:Program FilesPDFCreator
Toolbarv3.0.0.0PDFCreator_Toolbar.dll
O3 - Toolbar: Online TV Toolbar -
{40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - C:Program
FilesOnline_TVtbOnl1.dll
O4 - HKLM..Run: [Babylon Client] C:Program
FilesBabylonBabylon-ProBabylon.exe -AutoStart
O4 - HKCU..Run: [SP2 Connection Patcher] "C:Program FilesSP2
Connection PatcherSP2ConnPatcher.exe" -n 0
O4 - HKCU..Run: [H/PC Connection Agent] "C:Program FilesMicrosoft
ActiveSyncwcescomm.exe"
O4 - HKCU..Run: [SuperCopier2.exe] C:Program
FilesSuperCopier2SuperCopier2.exe
O4 - HKCU..Run: [msnmsgr] "C:Program FilesWindows
LiveMessengerMsnMsgr.Exe" /background
O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..Run: [WMPNSCFG] C:Program FilesWindows Media
PlayerWMPNSCFG.exe
O4 - HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE
(User 'SERVICE LOCAL')
O4 - HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE
(User 'SERVICE RÉSEAU')
O4 - HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE
(User 'SYSTEM')
O4 - HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE
(User 'Default user')
O4 - Startup: Orbit.lnk = C:Program FilesOrbitdownloaderorbitdm.exe
O4 - Startup: SpamPal.lnk = C:Program FilesSpamPalspampal.exe
O4 - Startup: Stickies.lnk = C:Program Filesstickiesstickies.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:Program FilesMicrosoft
OfficeOffice10OSA.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = C:Program
FilesGoogleGoogle UpdaterGoogleUpdater.exe
O4 - Global Startup: PyGrenouille.lnk = C:Program
FilesPyGrenouillepygrenouille.exe
O6 - HKCUSoftwarePoliciesMicrosoftInternet ExplorerControl Panel
present
O8 - Extra context menu item: &Download by Orbit - res://C:Program
FilesOrbitdownloaderorbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:Program
FilesOrbitdownloaderorbitmxt.dll/204
O8 - Extra context menu item: &NeoTrace It! -
C:PROGRA~1NEOTRA~1NTXcontext.htm
O8 - Extra context menu item: Do&wnload selected by Orbit -
res://C:Program FilesOrbitdownloaderorbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:Program
FilesOrbitdownloaderorbitmxt.dll/202
O8 - Extra context menu item: E&xporter vers Microsoft Excel -
res://C:PROGRA~1MICROS~3Office12EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer à &Bluetooth - C:Program
FilesCOMOneLogiciel Bluetoothbtsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:Program FilesJavajre1.5.0_06binssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program
FilesJavajre1.5.0_06binssv.dll
O9 - Extra button: (no name) - {20CCCFEC-D26F-4ffe-996B-388B39C8CCCA} -
C:WINDOWSsystem32mscoree.DLL
O9 - Extra 'Tools' menuitem: Tri&xie Options... -
{20CCCFEC-D26F-4ffe-996B-388B39C8CCCA} - C:WINDOWSsystem32mscoree.DLL
O9 - Extra button: Create Mobile Favorite -
{2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} -
C:PROGRA~1MI3AA1~1INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} -
C:PROGRA~1MI3AA1~1INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... -
{2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} -
C:PROGRA~1MI3AA1~1INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
C:PROGRA~1MICROS~3Office12REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 -
{CCA281CA-C863-46ef-9331-5C8D4460577F} - C:Program FilesCOMOneLogiciel
Bluetoothbtsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 -
{CCA281CA-C863-46ef-9331-5C8D4460577F} - C:Program FilesCOMOneLogiciel
Bluetoothbtsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} -
C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 -
{e2e2dd38-d088-4134-82b7-f2ba38496583} - C:WINDOWSNetwork
Diagnosticxpnetdiag.exe
O15 - Trusted Zone: http://www.secuser.com
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) -
http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {03177121-226B-11D4-B0BE-005004AD3039} (UploaderCtrl Class) -
http://www.clubphoto.com/_img/uploader/atl_uploader.cab
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) -
http://housecall-beta.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan
Control) - http://download.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags
Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} -
http://www.bitdefender.fr/scan8/oscan8.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety
Center Base Module) -
http://cdn.scan.safety.live.com/resource/download/scanner/wlscbase969.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1105088604580
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1194593855613
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) -
http://a840.g.akamai.net/7/840/537/2005111401/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient
Class) -
http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) -
http://212.157.152.82/AxisCamControl.ocx
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer
Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {A8739816-022C-11D6-A85D-00C04F9AEAFB} (WebEyeControl) -
http://kotelcam.virtualjerusalem.com/wg_webeye.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF}
(MsnMessengerSetupDownloadControl Class) -
http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) -
http://www.getrightarcade.com/online/online2/zuma/popcaploader_v5.cab
O17 -
HKLMSystemCCSServicesTcpip..{4D5FFFC7-B015-4E9D-BB9D-8B94C5746191}:
NameServer = 212.27.54.252,212.27.39.135
O17 -
HKLMSystemCCSServicesTcpip..{A5169E24-56DC-4BB2-8AED-490713B8455A}:
NameServer = 212.27.53.252,212.27.54.252
O18 - Protocol: talkto - {828030A1-22C1-4009-854F-8E305202313F} -
C:PROGRA~1WI1F86~1MESSEN~1MSGRAP~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software -
C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
O23 - Service: ATI Smart - Unknown owner -
C:WINDOWSsystem32ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:Program FilesAlwil
SoftwareAvast4ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:Program
FilesAlwil SoftwareAvast4ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:Program
FilesAlwil SoftwareAvast4ashWebSv.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:Program
FilesCOMOneLogiciel Bluetoothbinbtwdins.exe
O23 - Service: EasyModApache - Unknown owner - (no file)
O23 - Service: Google Updater Service (gusvc) - Google - C:Program
FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 - Service: InterBaseGuardian - Inprise Corporation - C:Program
FilesBorlandInterBaseBinibguard.exe
O23 - Service: InterBaseServer - Inprise Corporation - C:Program
FilesBorlandInterBaseBinibserver.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:Program
FilesRaxcoPerfectDiskPDEngine.exe
O23 - Service: PDScheduler (PDSched) - Raxco Software, Inc. - C:Program
FilesRaxcoPerfectDiskPDSched.exe
--
End of file - 12331 bytes
Salut,
Si la solution de Papounet n'est pas (plus) applicable, va dans le
Registre en tapant :
Regedit
dans la ligne [Exécuter] du menu [Démarrer]
Tu fais une recherche (Menu Edition) sur getright et sur opera et tu
effaces.
--
Amicalement, Claude.
Claude CHARNEAU MVP-Shell/User.
La fé sens òbras, mòrta es.
"Omygod" <bibifricotin@frifri.fr> a écrit dans le message de groupe de
discussion : 47501257$0$15260$426a74cc@news.free.fr...
bonjour..
Il y a quelques temps, j'ai telecharge getright...pas completement
satisfait, j'ai desinstallé...mais depuis, chaque fois que je veux
telecharger ou faire une mise a jour, la page de telechargement est
immediatement remplacée par la page suivante
http://www.getright.com/opera_err.html
j'ai pourtant laisse Getright se demonter grace a son installshield..Et
Opera?? Je n'ai jamais eu.. Je fonctionne sous IE7 ou Mozilla
Je n'ai toujours pas le courage d'attaquer une reinstallation du
systeme..Va pourtant bien falloir...
Cordialement
MBG
A tout hasard, je copie mon hijack logfile
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:32:45, on 30/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32csrss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSExplorer.EXE
C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
C:Program FilesAlwil SoftwareAvast4ashServ.exe
C:WINDOWSsystem32spoolsv.exe
C:Program FilesBabylonBabylon-ProBabylon.exe
C:Program FilesMicrosoft ActiveSyncwcescomm.exe
C:Program FilesSuperCopier2SuperCopier2.exe
C:Program FilesWindows LiveMessengerMsnMsgr.Exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesWindows Media PlayerWMPNSCFG.exe
C:Program FilesCOMOneLogiciel BluetoothBTTray.exe
C:PROGRA~1MI3AA1~1rapimgr.exe
C:Program FilesGoogleGoogle UpdaterGoogleUpdater.exe
C:Program FilesPyGrenouillepygrenouille.exe
C:Program FilesSpamPalspampal.exe
C:Program Filesstickiesstickies.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesCOMOneLogiciel Bluetoothbinbtwdins.exe
C:WINDOWSSystem32dllhost.exe
C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSSystem32imapi.exe
C:Program FilesBorlandInterBaseBinibguard.exe
C:Program FilesFichiers communsMicrosoft SharedVS7DEBUGMDM.EXE
C:WINDOWSSystem32svchost.exe
C:Program FilesUPHCleanuphclean.exe
C:WINDOWSsystem32MsPMSPSv.exe
C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
C:Program FilesAlwil SoftwareAvast4ashWebSv.exe
C:Program FilesBorlandInterBaseBinibserver.exe
C:WINDOWSSystem32alg.exe
C:Program FilesWindows LiveMessengerusnsvc.exe
C:Program FilesOutlook Expressmsimn.exe
C:Program FilesTrend MicroHijackThisHijackThis.exe
C:WINDOWSSystem32wbemwmiprvse.exe
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page =
http://subscribe.free.fr/login/
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkIdi157
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkIdT896
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page =
http://go.microsoft.com/fwlink/?LinkIdT896
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page =
http://go.microsoft.com/fwlink/?LinkIdi157
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant >> R1 - HKCUSoftwareMicrosoftInternet Connection Wizard,ShellNext =
http://www.spybot.info/
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
Liens
R3 - URLSearchHook: Online TV Toolbar -
{40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - C:Program
FilesOnline_TVtbOnl1.dll
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} -
C:Program FilesOrbitdownloaderorbitcth.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader -
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesFichiers
communsAdobeAcrobatActiveXAcroIEHelper.dll
O2 - BHO: Media Holding Enterprises, LLC -
{0D39A900-0F3A-4C29-A254-3E65244FDC34} - C:Program
FilesContextToolContextTool-3.dll
O2 - BHO: Online TV Toolbar - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} -
C:Program FilesOnline_TVtbOnl1.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -
C:Program FilesJavajre1.5.0_06binssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper -
{9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program FilesFichiers
communsMicrosoft SharedWindows LiveWindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO -
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:Program
FilesGoogleGoogleToolbarNotifier2.1.615.5858swg.dll
O2 - BHO: PDFCreator Toolbar Helper -
{C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:Program FilesPDFCreator
Toolbarv3.0.0.0PDFCreator_Toolbar.dll
O3 - Toolbar: PDFCreator Toolbar -
{31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:Program FilesPDFCreator
Toolbarv3.0.0.0PDFCreator_Toolbar.dll
O3 - Toolbar: Online TV Toolbar -
{40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - C:Program
FilesOnline_TVtbOnl1.dll
O4 - HKLM..Run: [Babylon Client] C:Program
FilesBabylonBabylon-ProBabylon.exe -AutoStart
O4 - HKCU..Run: [SP2 Connection Patcher] "C:Program FilesSP2
Connection PatcherSP2ConnPatcher.exe" -n 0
O4 - HKCU..Run: [H/PC Connection Agent] "C:Program FilesMicrosoft
ActiveSyncwcescomm.exe"
O4 - HKCU..Run: [SuperCopier2.exe] C:Program
FilesSuperCopier2SuperCopier2.exe
O4 - HKCU..Run: [msnmsgr] "C:Program FilesWindows
LiveMessengerMsnMsgr.Exe" /background
O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..Run: [WMPNSCFG] C:Program FilesWindows Media
PlayerWMPNSCFG.exe
O4 - HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE
(User 'SERVICE LOCAL')
O4 - HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE
(User 'SERVICE RÉSEAU')
O4 - HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE
(User 'SYSTEM')
O4 - HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE
(User 'Default user')
O4 - Startup: Orbit.lnk = C:Program FilesOrbitdownloaderorbitdm.exe
O4 - Startup: SpamPal.lnk = C:Program FilesSpamPalspampal.exe
O4 - Startup: Stickies.lnk = C:Program Filesstickiesstickies.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:Program FilesMicrosoft
OfficeOffice10OSA.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = C:Program
FilesGoogleGoogle UpdaterGoogleUpdater.exe
O4 - Global Startup: PyGrenouille.lnk = C:Program
FilesPyGrenouillepygrenouille.exe
O6 - HKCUSoftwarePoliciesMicrosoftInternet ExplorerControl Panel
present
O8 - Extra context menu item: &Download by Orbit - res://C:Program
FilesOrbitdownloaderorbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:Program
FilesOrbitdownloaderorbitmxt.dll/204
O8 - Extra context menu item: &NeoTrace It! -
C:PROGRA~1NEOTRA~1NTXcontext.htm
O8 - Extra context menu item: Do&wnload selected by Orbit -
res://C:Program FilesOrbitdownloaderorbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:Program
FilesOrbitdownloaderorbitmxt.dll/202
O8 - Extra context menu item: E&xporter vers Microsoft Excel -
res://C:PROGRA~1MICROS~3Office12EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer à &Bluetooth - C:Program
FilesCOMOneLogiciel Bluetoothbtsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:Program FilesJavajre1.5.0_06binssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program
FilesJavajre1.5.0_06binssv.dll
O9 - Extra button: (no name) - {20CCCFEC-D26F-4ffe-996B-388B39C8CCCA} -
C:WINDOWSsystem32mscoree.DLL
O9 - Extra 'Tools' menuitem: Tri&xie Options... -
{20CCCFEC-D26F-4ffe-996B-388B39C8CCCA} - C:WINDOWSsystem32mscoree.DLL
O9 - Extra button: Create Mobile Favorite -
{2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} -
C:PROGRA~1MI3AA1~1INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} -
C:PROGRA~1MI3AA1~1INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... -
{2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} -
C:PROGRA~1MI3AA1~1INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
C:PROGRA~1MICROS~3Office12REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 -
{CCA281CA-C863-46ef-9331-5C8D4460577F} - C:Program FilesCOMOneLogiciel
Bluetoothbtsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 -
{CCA281CA-C863-46ef-9331-5C8D4460577F} - C:Program FilesCOMOneLogiciel
Bluetoothbtsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} -
C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 -
{e2e2dd38-d088-4134-82b7-f2ba38496583} - C:WINDOWSNetwork
Diagnosticxpnetdiag.exe
O15 - Trusted Zone: http://www.secuser.com
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) -
http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {03177121-226B-11D4-B0BE-005004AD3039} (UploaderCtrl Class) -
http://www.clubphoto.com/_img/uploader/atl_uploader.cab
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) -
http://housecall-beta.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan
Control) - http://download.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags
Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} -
http://www.bitdefender.fr/scan8/oscan8.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety
Center Base Module) -
http://cdn.scan.safety.live.com/resource/download/scanner/wlscbase969.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1105088604580
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1194593855613
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) -
http://a840.g.akamai.net/7/840/537/2005111401/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient
Class) -
http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) -
http://212.157.152.82/AxisCamControl.ocx
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer
Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {A8739816-022C-11D6-A85D-00C04F9AEAFB} (WebEyeControl) -
http://kotelcam.virtualjerusalem.com/wg_webeye.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF}
(MsnMessengerSetupDownloadControl Class) -
http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) -
http://www.getrightarcade.com/online/online2/zuma/popcaploader_v5.cab
O17 -
HKLMSystemCCSServicesTcpip..{4D5FFFC7-B015-4E9D-BB9D-8B94C5746191}:
NameServer = 212.27.54.252,212.27.39.135
O17 -
HKLMSystemCCSServicesTcpip..{A5169E24-56DC-4BB2-8AED-490713B8455A}:
NameServer = 212.27.53.252,212.27.54.252
O18 - Protocol: talkto - {828030A1-22C1-4009-854F-8E305202313F} -
C:PROGRA~1WI1F86~1MESSEN~1MSGRAP~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software -
C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
O23 - Service: ATI Smart - Unknown owner -
C:WINDOWSsystem32ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:Program FilesAlwil
SoftwareAvast4ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:Program
FilesAlwil SoftwareAvast4ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:Program
FilesAlwil SoftwareAvast4ashWebSv.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:Program
FilesCOMOneLogiciel Bluetoothbinbtwdins.exe
O23 - Service: EasyModApache - Unknown owner - (no file)
O23 - Service: Google Updater Service (gusvc) - Google - C:Program
FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 - Service: InterBaseGuardian - Inprise Corporation - C:Program
FilesBorlandInterBaseBinibguard.exe
O23 - Service: InterBaseServer - Inprise Corporation - C:Program
FilesBorlandInterBaseBinibserver.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:Program
FilesRaxcoPerfectDiskPDEngine.exe
O23 - Service: PDScheduler (PDSched) - Raxco Software, Inc. - C:Program
FilesRaxcoPerfectDiskPDSched.exe
--
End of file - 12331 bytes
Salut,
Si la solution de Papounet n'est pas (plus) applicable, va dans le
Registre en tapant :
Regedit
dans la ligne [Exécuter] du menu [Démarrer]
Tu fais une recherche (Menu Edition) sur getright et sur opera et tu
effaces.
--
Amicalement, Claude.
Claude CHARNEAU MVP-Shell/User.
La fé sens òbras, mòrta es.
"Omygod" a écrit dans le message de groupe de
discussion : 47501257$0$15260$bonjour..
Il y a quelques temps, j'ai telecharge getright...pas completement
satisfait, j'ai desinstallé...mais depuis, chaque fois que je veux
telecharger ou faire une mise a jour, la page de telechargement est
immediatement remplacée par la page suivante
http://www.getright.com/opera_err.html
j'ai pourtant laisse Getright se demonter grace a son installshield..Et
Opera?? Je n'ai jamais eu.. Je fonctionne sous IE7 ou Mozilla
Je n'ai toujours pas le courage d'attaquer une reinstallation du
systeme..Va pourtant bien falloir...
Cordialement
MBG
A tout hasard, je copie mon hijack logfile
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:32:45, on 30/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32csrss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSExplorer.EXE
C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
C:Program FilesAlwil SoftwareAvast4ashServ.exe
C:WINDOWSsystem32spoolsv.exe
C:Program FilesBabylonBabylon-ProBabylon.exe
C:Program FilesMicrosoft ActiveSyncwcescomm.exe
C:Program FilesSuperCopier2SuperCopier2.exe
C:Program FilesWindows LiveMessengerMsnMsgr.Exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesWindows Media PlayerWMPNSCFG.exe
C:Program FilesCOMOneLogiciel BluetoothBTTray.exe
C:PROGRA~1MI3AA1~1rapimgr.exe
C:Program FilesGoogleGoogle UpdaterGoogleUpdater.exe
C:Program FilesPyGrenouillepygrenouille.exe
C:Program FilesSpamPalspampal.exe
C:Program Filesstickiesstickies.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesCOMOneLogiciel Bluetoothbinbtwdins.exe
C:WINDOWSSystem32dllhost.exe
C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSSystem32imapi.exe
C:Program FilesBorlandInterBaseBinibguard.exe
C:Program FilesFichiers communsMicrosoft SharedVS7DEBUGMDM.EXE
C:WINDOWSSystem32svchost.exe
C:Program FilesUPHCleanuphclean.exe
C:WINDOWSsystem32MsPMSPSv.exe
C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
C:Program FilesAlwil SoftwareAvast4ashWebSv.exe
C:Program FilesBorlandInterBaseBinibserver.exe
C:WINDOWSSystem32alg.exe
C:Program FilesWindows LiveMessengerusnsvc.exe
C:Program FilesOutlook Expressmsimn.exe
C:Program FilesTrend MicroHijackThisHijackThis.exe
C:WINDOWSSystem32wbemwmiprvse.exe
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page =
http://subscribe.free.fr/login/
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkIdi157
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkIdT896
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page =
http://go.microsoft.com/fwlink/?LinkIdT896
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page =
http://go.microsoft.com/fwlink/?LinkIdi157
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant >> R1 - HKCUSoftwareMicrosoftInternet Connection Wizard,ShellNext =
http://www.spybot.info/
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
Liens
R3 - URLSearchHook: Online TV Toolbar -
{40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - C:Program
FilesOnline_TVtbOnl1.dll
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} -
C:Program FilesOrbitdownloaderorbitcth.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader -
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesFichiers
communsAdobeAcrobatActiveXAcroIEHelper.dll
O2 - BHO: Media Holding Enterprises, LLC -
{0D39A900-0F3A-4C29-A254-3E65244FDC34} - C:Program
FilesContextToolContextTool-3.dll
O2 - BHO: Online TV Toolbar - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} -
C:Program FilesOnline_TVtbOnl1.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -
C:Program FilesJavajre1.5.0_06binssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper -
{9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program FilesFichiers
communsMicrosoft SharedWindows LiveWindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO -
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:Program
FilesGoogleGoogleToolbarNotifier2.1.615.5858swg.dll
O2 - BHO: PDFCreator Toolbar Helper -
{C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:Program FilesPDFCreator
Toolbarv3.0.0.0PDFCreator_Toolbar.dll
O3 - Toolbar: PDFCreator Toolbar -
{31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:Program FilesPDFCreator
Toolbarv3.0.0.0PDFCreator_Toolbar.dll
O3 - Toolbar: Online TV Toolbar -
{40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - C:Program
FilesOnline_TVtbOnl1.dll
O4 - HKLM..Run: [Babylon Client] C:Program
FilesBabylonBabylon-ProBabylon.exe -AutoStart
O4 - HKCU..Run: [SP2 Connection Patcher] "C:Program FilesSP2
Connection PatcherSP2ConnPatcher.exe" -n 0
O4 - HKCU..Run: [H/PC Connection Agent] "C:Program FilesMicrosoft
ActiveSyncwcescomm.exe"
O4 - HKCU..Run: [SuperCopier2.exe] C:Program
FilesSuperCopier2SuperCopier2.exe
O4 - HKCU..Run: [msnmsgr] "C:Program FilesWindows
LiveMessengerMsnMsgr.Exe" /background
O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..Run: [WMPNSCFG] C:Program FilesWindows Media
PlayerWMPNSCFG.exe
O4 - HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE
(User 'SERVICE LOCAL')
O4 - HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE
(User 'SERVICE RÉSEAU')
O4 - HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE
(User 'SYSTEM')
O4 - HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE
(User 'Default user')
O4 - Startup: Orbit.lnk = C:Program FilesOrbitdownloaderorbitdm.exe
O4 - Startup: SpamPal.lnk = C:Program FilesSpamPalspampal.exe
O4 - Startup: Stickies.lnk = C:Program Filesstickiesstickies.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:Program FilesMicrosoft
OfficeOffice10OSA.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = C:Program
FilesGoogleGoogle UpdaterGoogleUpdater.exe
O4 - Global Startup: PyGrenouille.lnk = C:Program
FilesPyGrenouillepygrenouille.exe
O6 - HKCUSoftwarePoliciesMicrosoftInternet ExplorerControl Panel
present
O8 - Extra context menu item: &Download by Orbit - res://C:Program
FilesOrbitdownloaderorbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:Program
FilesOrbitdownloaderorbitmxt.dll/204
O8 - Extra context menu item: &NeoTrace It! -
C:PROGRA~1NEOTRA~1NTXcontext.htm
O8 - Extra context menu item: Do&wnload selected by Orbit -
res://C:Program FilesOrbitdownloaderorbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:Program
FilesOrbitdownloaderorbitmxt.dll/202
O8 - Extra context menu item: E&xporter vers Microsoft Excel -
res://C:PROGRA~1MICROS~3Office12EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer à &Bluetooth - C:Program
FilesCOMOneLogiciel Bluetoothbtsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:Program FilesJavajre1.5.0_06binssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program
FilesJavajre1.5.0_06binssv.dll
O9 - Extra button: (no name) - {20CCCFEC-D26F-4ffe-996B-388B39C8CCCA} -
C:WINDOWSsystem32mscoree.DLL
O9 - Extra 'Tools' menuitem: Tri&xie Options... -
{20CCCFEC-D26F-4ffe-996B-388B39C8CCCA} - C:WINDOWSsystem32mscoree.DLL
O9 - Extra button: Create Mobile Favorite -
{2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} -
C:PROGRA~1MI3AA1~1INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} -
C:PROGRA~1MI3AA1~1INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... -
{2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} -
C:PROGRA~1MI3AA1~1INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
C:PROGRA~1MICROS~3Office12REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 -
{CCA281CA-C863-46ef-9331-5C8D4460577F} - C:Program FilesCOMOneLogiciel
Bluetoothbtsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 -
{CCA281CA-C863-46ef-9331-5C8D4460577F} - C:Program FilesCOMOneLogiciel
Bluetoothbtsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} -
C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 -
{e2e2dd38-d088-4134-82b7-f2ba38496583} - C:WINDOWSNetwork
Diagnosticxpnetdiag.exe
O15 - Trusted Zone: http://www.secuser.com
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) -
http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {03177121-226B-11D4-B0BE-005004AD3039} (UploaderCtrl Class) -
http://www.clubphoto.com/_img/uploader/atl_uploader.cab
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) -
http://housecall-beta.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan
Control) - http://download.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags
Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} -
http://www.bitdefender.fr/scan8/oscan8.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety
Center Base Module) -
http://cdn.scan.safety.live.com/resource/download/scanner/wlscbase969.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1105088604580
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1194593855613
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) -
http://a840.g.akamai.net/7/840/537/2005111401/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient
Class) -
http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) -
http://212.157.152.82/AxisCamControl.ocx
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer
Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {A8739816-022C-11D6-A85D-00C04F9AEAFB} (WebEyeControl) -
http://kotelcam.virtualjerusalem.com/wg_webeye.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF}
(MsnMessengerSetupDownloadControl Class) -
http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) -
http://www.getrightarcade.com/online/online2/zuma/popcaploader_v5.cab
O17 -
HKLMSystemCCSServicesTcpip..{4D5FFFC7-B015-4E9D-BB9D-8B94C5746191}:
NameServer = 212.27.54.252,212.27.39.135
O17 -
HKLMSystemCCSServicesTcpip..{A5169E24-56DC-4BB2-8AED-490713B8455A}:
NameServer = 212.27.53.252,212.27.54.252
O18 - Protocol: talkto - {828030A1-22C1-4009-854F-8E305202313F} -
C:PROGRA~1WI1F86~1MESSEN~1MSGRAP~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software -
C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
O23 - Service: ATI Smart - Unknown owner -
C:WINDOWSsystem32ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:Program FilesAlwil
SoftwareAvast4ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:Program
FilesAlwil SoftwareAvast4ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:Program
FilesAlwil SoftwareAvast4ashWebSv.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:Program
FilesCOMOneLogiciel Bluetoothbinbtwdins.exe
O23 - Service: EasyModApache - Unknown owner - (no file)
O23 - Service: Google Updater Service (gusvc) - Google - C:Program
FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 - Service: InterBaseGuardian - Inprise Corporation - C:Program
FilesBorlandInterBaseBinibguard.exe
O23 - Service: InterBaseServer - Inprise Corporation - C:Program
FilesBorlandInterBaseBinibserver.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:Program
FilesRaxcoPerfectDiskPDEngine.exe
O23 - Service: PDScheduler (PDSched) - Raxco Software, Inc. - C:Program
FilesRaxcoPerfectDiskPDSched.exe
--
End of file - 12331 bytes