WindowsUpdate HS !!!!!!
arpanet49
Messages postés
2
Statut
Membre
-
arpanet49 Messages postés 2 Statut Membre -
arpanet49 Messages postés 2 Statut Membre -
Bonjour
J’ai une machine sur laquelle les adresses windowsupdate sont systématiquement redirigées vers cette url morte (erreur404):
http://windowsupdate.microsoft.com/R1150/V31site/default.htm
Comment je peux changer l'URL de redirection pour Windows Update
Voici une partie des logs de WindowsUpdate:
Et les logs de HijackThis:
Merci de votre aide
J’ai une machine sur laquelle les adresses windowsupdate sont systématiquement redirigées vers cette url morte (erreur404):
http://windowsupdate.microsoft.com/R1150/V31site/default.htm
Comment je peux changer l'URL de redirection pour Windows Update
Voici une partie des logs de WindowsUpdate:
2007-07-15 12:00:10:000 1112 b8 AU Forced install timer expired for scheduled install
2007-07-15 12:00:10:000 1112 b8 AU UpdateDownloadProperties: 0 download(s) are still in progress.
2007-07-15 12:00:10:000 1112 b8 AU Setting AU scheduled install time to 2007-07-16 10:00:00
2007-07-15 12:37:07:000 1112 b8 AU #############
2007-07-15 12:37:07:000 1112 b8 AU ## START ## AU: Search for updates
2007-07-15 12:37:07:000 1112 b8 AU #########
2007-07-15 12:37:07:015 1112 b8 AU <<## SUBMITTED ## AU: Search for updates [CallId = {B13DE8F3-DB47-4654-8A73-878CA175EF7C}]
2007-07-15 12:37:07:015 1112 8e0 Agent *************
2007-07-15 12:37:07:015 1112 8e0 Agent ** START ** Agent: Finding updates [CallerId = AutomaticUpdates]
2007-07-15 12:37:07:015 1112 8e0 Agent *********
2007-07-15 12:37:07:015 1112 8e0 Agent * Online = Yes; Ignore download priority = No
2007-07-15 12:37:07:015 1112 8e0 Agent * Criteria = "IsHidden=0 and IsInstalled=0 and DeploymentAction='Installation' and IsAssigned=1 or IsHidden=0 and IsPresent=1 and DeploymentAction='Uninstallation' and IsAssigned=1 or IsHidden=0 and IsInstalled=1 and DeploymentAction='Installation' and IsAssigned=1 and RebootRequired=1 or IsHidden=0 and IsInstalled=0 and DeploymentAction='Uninstallation' and IsAssigned=1 and RebootRequired=1"
2007-07-15 12:37:07:015 1112 8e0 Agent * ServiceID = {9482F4B4-E343-43B6-B170-9A65BC822C77}
2007-07-15 12:37:07:140 1112 8e0 Misc Validating signature for C:\WINDOWS\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\wuredir.cab:
2007-07-15 12:37:07:234 1112 8e0 Misc Microsoft signed: Yes
2007-07-15 12:37:20:703 1112 8e0 Misc Validating signature for C:\WINDOWS\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\wuredir.cab:
2007-07-15 12:37:20:703 1112 8e0 Misc Microsoft signed: Yes
2007-07-15 12:37:20:750 1112 8e0 Misc Validating signature for C:\WINDOWS\SoftwareDistribution\SelfUpdate\Default\wuident.cab:
2007-07-15 12:37:20:765 1112 8e0 Misc Microsoft signed: Yes
2007-07-15 12:37:23:515 1112 8e0 Misc Validating signature for C:\WINDOWS\SoftwareDistribution\SelfUpdate\Default\wuident.cab:
2007-07-15 12:37:23:609 1112 8e0 Misc Microsoft signed: Yes
2007-07-15 12:37:24:062 1112 8e0 Misc Validating signature for C:\WINDOWS\SoftwareDistribution\SelfUpdate\Default\wsus3setup.cab:
2007-07-15 12:37:24:062 1112 8e0 Misc Microsoft signed: Yes
2007-07-15 12:37:24:093 1112 8e0 Setup *********** Setup: Checking whether self-update is required ***********
2007-07-15 12:37:24:093 1112 8e0 Setup * Inf file: C:\WINDOWS\SoftwareDistribution\SelfUpdate\Default\wsus3setup.inf
2007-07-15 12:37:24:171 1112 8e0 Setup Update NOT required for C:\WINDOWS\system32\cdm.dll: target version = 7.0.6000.374, required version = 7.0.6000.374
2007-07-15 12:37:24:203 1112 8e0 Setup Update NOT required for C:\WINDOWS\system32\wuapi.dll: target version = 7.0.6000.374, required version = 7.0.6000.374
2007-07-15 12:37:24:234 1112 8e0 Setup Update NOT required for C:\WINDOWS\system32\wuapi.dll.mui: target version = 7.0.6000.374, required version = 7.0.6000.374
2007-07-15 12:37:24:250 1112 8e0 Setup Update NOT required for C:\WINDOWS\system32\wuauclt.exe: target version = 7.0.6000.374, required version = 7.0.6000.374
2007-07-15 12:37:24:265 1112 8e0 Setup Update NOT required for C:\WINDOWS\system32\wuaucpl.cpl: target version = 7.0.6000.374, required version = 7.0.6000.374
2007-07-15 12:37:24:281 1112 8e0 Setup Update NOT required for C:\WINDOWS\system32\wuaucpl.cpl.mui: target version = 7.0.6000.374, required version = 7.0.6000.374
2007-07-15 12:37:24:296 1112 8e0 Setup Update NOT required for C:\WINDOWS\system32\wuaueng.dll: target version = 7.0.6000.374, required version = 7.0.6000.374
2007-07-15 12:37:24:312 1112 8e0 Setup Update NOT required for C:\WINDOWS\system32\wuaueng.dll.mui: target version = 7.0.6000.374, required version = 7.0.6000.374
2007-07-15 12:37:24:343 1112 8e0 Setup Update NOT required for C:\WINDOWS\system32\wucltui.dll: target version = 7.0.6000.374, required version = 7.0.6000.374
2007-07-15 12:37:24:343 1112 8e0 Setup Update NOT required for C:\WINDOWS\system32\wucltui.dll.mui: target version = 7.0.6000.374, required version = 7.0.6000.374
2007-07-15 12:37:24:343 1112 8e0 Setup Update NOT required for C:\WINDOWS\system32\wups.dll: target version = 7.0.6000.374, required version = 7.0.6000.374
2007-07-15 12:37:24:359 1112 8e0 Setup Update NOT required for C:\WINDOWS\system32\wups2.dll: target version = 7.0.6000.374, required version = 7.0.6000.374
2007-07-15 12:37:24:406 1112 8e0 Setup Update NOT required for C:\WINDOWS\system32\wuweb.dll: target version = 7.0.6000.374, required version = 7.0.6000.374
2007-07-15 12:37:24:406 1112 8e0 Setup * IsUpdateRequired = No
2007-07-15 12:37:26:437 1112 8e0 Misc Validating signature for C:\WINDOWS\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\wuredir.cab:
2007-07-15 12:37:26:453 1112 8e0 Misc Microsoft signed: Yes
2007-07-15 12:37:26:500 1112 8e0 Misc Validating signature for C:\WINDOWS\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\wuredir.cab:
2007-07-15 12:37:26:500 1112 8e0 Misc Microsoft signed: Yes
2007-07-15 12:37:26:515 1112 8e0 PT +++++++++++ PT: Synchronizing server updates +++++++++++
2007-07-15 12:37:26:515 1112 8e0 PT + ServiceId = {9482F4B4-E343-43B6-B170-9A65BC822C77}, Server URL = https://www.update.microsoft.com/v6/ClientWebService/client.asmx
2007-07-15 12:37:37:453 1112 8e0 Misc Validating signature for C:\WINDOWS\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\wuredir.cab:
2007-07-15 12:37:37:453 1112 8e0 Misc Microsoft signed: Yes
2007-07-15 12:37:37:796 1112 8e0 Misc Validating signature for C:\WINDOWS\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\wuredir.cab:
2007-07-15 12:37:37:812 1112 8e0 Misc Microsoft signed: Yes
2007-07-15 12:37:37:812 1112 8e0 PT +++++++++++ PT: Synchronizing extended update info +++++++++++
2007-07-15 12:37:37:812 1112 8e0 PT + ServiceId = {9482F4B4-E343-43B6-B170-9A65BC822C77}, Server URL = https://www.update.microsoft.com/v6/ClientWebService/client.asmx
2007-07-15 12:37:38:859 1112 8e0 Agent * Found 0 updates and 12 categories in search; evaluated appl. rules of 488 out of 788 deployed entities
2007-07-15 12:37:38:906 1112 8e0 Agent *********
2007-07-15 12:37:38:906 1112 8e0 Agent ** END ** Agent: Finding updates [CallerId = AutomaticUpdates]
2007-07-15 12:37:38:906 1112 8e0 Agent *************
2007-07-15 12:37:38:921 1112 b94 AU >>## RESUMED ## AU: Search for updates [CallId = {B13DE8F3-DB47-4654-8A73-878CA175EF7C}]
2007-07-15 12:37:38:921 1112 b94 AU # 0 updates detected
2007-07-15 12:37:38:921 1112 b94 AU #########
2007-07-15 12:37:38:921 1112 b94 AU ## END ## AU: Search for updates [CallId = {B13DE8F3-DB47-4654-8A73-878CA175EF7C}]
2007-07-15 12:37:38:921 1112 b94 AU #############
2007-07-15 12:37:38:921 1112 b94 AU AU setting next detection timeout to 2007-07-16 08:33:24
2007-07-15 12:37:38:921 1112 b94 AU Setting AU scheduled install time to 2007-07-16 10:00:00
2007-07-15 12:37:43:921 1112 8e0 Report REPORT EVENT: {A6042827-7C43-40F1-B9B3-070C1C6DD716} 2007-07-15 12:37:38:906+0200 1 147 101 {00000000-0000-0000-0000-000000000000} 0 0 AutomaticUpdates Success Software Synchronization Windows Update Client successfully detected 0 updates.
Et les logs de HijackThis:
Logfile of HijackThis v1.99.1 Scan saved at 09:08:49, on 15/07/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe c:\APPS\Powercinema\Kernel\TV\CLSched.exe C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.Exe C:\WINDOWS\system32\svchost.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\WINDOWS\SOUNDMAN.EXE C:\Apps\Powercinema\PCMService.exe C:\Program Files\McAfee\Managed VirusScan\Agent\myagttry.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\PROGRA~1\McAfee\MANAGE~1\VScan\McShield.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\HijackThis\HijackThis.exe C:\Program Files\McAfee\Managed VirusScan\Agent\UpdDlg.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.nec-online.fr/ R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://runonce.msn.com/runonce3.aspx R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe" O4 - HKLM\..\Run: [McAfee Managed Services Tray] "C:\Program Files\McAfee\Managed VirusScan\Agent\myagttry.exe" O4 - HKLM\..\Run: [MVS Splash] C:\Program Files\McAfee\Managed VirusScan\Agent\Splash.exe O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [Babylon Client] C:\Program Files\Babylon\Babylon-Pro\Babylon.exe -AutoStart O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - Global Startup: Barre d'état système d'ATI CATALYST.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Hyperappel de l'Encyclopédie Universelle Larousse.lnk = ? O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O15 - Trusted Zone: [http://]*.download.microsoft.com O15 - Trusted Zone: [http://]*.update.microsoft.com O15 - Trusted Zone: http://download.windowsupdate.com O15 - Trusted Zone: [http://]*.windowsupdate.com O15 - Trusted Zone: [http://]*.windowsupdate.microsoft.com O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - https://www.pandasecurity.com/en/homeusers/online-antivirus/?ref=activescan O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://gamenextfr.oberon-media.com/online/online2/luxor_amun_rising/mjolauncher.cab O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.incredigames.com/online2/zuma/popcaploader_v5.cab O18 - Protocol: myrm - {4D034FC3-013F-4B95-B544-44D49ABE3E76} - C:\Program Files\McAfee\Managed VirusScan\Agent\MyRmProt4.0.0.358.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe O23 - Service: McShield - McAfee, Inc. - C:\PROGRA~1\McAfee\MANAGE~1\VScan\McShield.exe O23 - Service: McAfee Total Protection Agent Service (myAgtSvc) - McAfee, Inc. - C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.Exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
Merci de votre aide
A voir également:
- WindowsUpdate HS !!!!!!
- Pile carte mère hs symptômes - Guide
- Processeur hs - Forum Carte-mère/mémoire
- Pc hs - Forum Matériel & Système
- Symptome condensateur hs tv - Forum TV & Vidéo
- Symptôme dalle tv hs ✓ - Forum Matériel & Système
2 réponses
Tu peux déjà virer :
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: [http://]*.download.microsoft.com
O15 - Trusted Zone: [http://]*.update.microsoft.com
O15 - Trusted Zone: http://download.windowsupdate.com
O15 - Trusted Zone: [http://]*.windowsupdate.com
O15 - Trusted Zone: [http://]*.windowsupdate.microsoft.com23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - https://www.pandasecurity.com/en/homeusers/online-antivirus/?ref=activescan
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://gamenextfr.oberon-media.com/online/online2/luxor_amun_rising/mjolauncher.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.incredigames.com/online2/zuma/popcaploader_v5.cab
Je ne sais pas à quoi correspondent les programmes IME et Babylon, est-ce voulu, à toi de le dire ou sont-ce des parasites?
_ç_§:
(.)#(.)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: [http://]*.download.microsoft.com
O15 - Trusted Zone: [http://]*.update.microsoft.com
O15 - Trusted Zone: http://download.windowsupdate.com
O15 - Trusted Zone: [http://]*.windowsupdate.com
O15 - Trusted Zone: [http://]*.windowsupdate.microsoft.com23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - https://www.pandasecurity.com/en/homeusers/online-antivirus/?ref=activescan
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://gamenextfr.oberon-media.com/online/online2/luxor_amun_rising/mjolauncher.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.incredigames.com/online2/zuma/popcaploader_v5.cab
Je ne sais pas à quoi correspondent les programmes IME et Babylon, est-ce voulu, à toi de le dire ou sont-ce des parasites?
_ç_§:
(.)#(.)
De plus j'ai supprimé les programmes inutilisés, mais j'ai toujours le même prb.
Voici les nouveaux logs:
Voici les nouveaux logs:
Logfile of HijackThis v1.99.1 Scan saved at 17:26:31, on 26/07/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe c:\APPS\Powercinema\Kernel\TV\CLSched.exe C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.Exe C:\WINDOWS\system32\svchost.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\WINDOWS\SOUNDMAN.EXE C:\Apps\Powercinema\PCMService.exe C:\Program Files\McAfee\Managed VirusScan\Agent\myagttry.exe C:\Program Files\Picasa2\PicasaMediaDetector.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Larousse\Encyclopédie Universelle Larousse\bin\hyperappel.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\PROGRA~1\INCRED~1\bin\IMApp.exe C:\PROGRA~1\McAfee\MANAGE~1\VScan\McShield.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Documents and Settings\Richard\Bureau\hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredimail.com/french R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://runonce.msn.com/runonce3.aspx R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.4.1:800 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe" O4 - HKLM\..\Run: [McAfee Managed Services Tray] "C:\Program Files\McAfee\Managed VirusScan\Agent\myagttry.exe" O4 - HKLM\..\Run: [MVS Splash] C:\Program Files\McAfee\Managed VirusScan\Agent\Splash.exe O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c O4 - Global Startup: Barre d'état système d'ATI CATALYST.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Hyperappel de l'Encyclopédie Universelle Larousse.lnk = ? O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O15 - Trusted Zone: http://*.download.microsoft.com O15 - Trusted Zone: http://*.update.microsoft.com O15 - Trusted Zone: http://*.windowsupdate.microsoft.com O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O18 - Protocol: myrm - {4D034FC3-013F-4B95-B544-44D49ABE3E76} - C:\Program Files\McAfee\Managed VirusScan\Agent\MyRmProt4.0.0.358.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: McShield - McAfee, Inc. - C:\PROGRA~1\McAfee\MANAGE~1\VScan\McShield.exe O23 - Service: McAfee Total Protection Agent Service (myAgtSvc) - McAfee, Inc. - C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.Exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
