Infesté par win 32
Résolu
lolita27
Messages postés
15
Statut
Membre
-
mda63 Messages postés 332 Statut Membre -
mda63 Messages postés 332 Statut Membre -
Bonjour,
j'ai reçu comme bcp ce mess ' c pas toi sur cette foto" depui c l'enfer
avast le detec mai le supprime pas G data le detect mai le supprime pas
ad aware la mm pas vu et spyboot ne le degage pas ' message impossible car il est en memoire "
aider moi svp !!!!
Win32small.IRM et IMU
Win 32agent.JYA
j'ai reçu comme bcp ce mess ' c pas toi sur cette foto" depui c l'enfer
avast le detec mai le supprime pas G data le detect mai le supprime pas
ad aware la mm pas vu et spyboot ne le degage pas ' message impossible car il est en memoire "
aider moi svp !!!!
Win32small.IRM et IMU
Win 32agent.JYA
A voir également:
- Infesté par win 32
- 32 bits - Guide
- Power iso 32 bit - Télécharger - Gravure
- Win rar - Télécharger - Compression & Décompression
- Télécharger windows 7 32 bits usb - Télécharger - Systèmes d'exploitation
- Clé de produit windows 7 professionnel 32 bits gratuit - Guide
41 réponses
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
ba dison ke demain je taf a 8h30 je vai dormir un peu un grand merci je te tien o couran demai voir dimanche biz et merci encore
Salut
On va faire un peu de ménage ...
Télécharge OTMoveIt (de Old_Timer) sur ton Bureau.
Ensuite
Avec HijackThis :
Do a system scan only
Coche ces lignes :
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\winlogon.exe
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
Toutes les suivantes concernent MSN (liens, jeux ...)
A toi de voir si tu t'en sers encore !
Si non tu peux les cocher aussi.
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by118w.bay118.mail.live.com/mail/resources/MsnPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game01.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
Ensuite, arrête toutes les autres applications en cours et :
Fix checked
Après ça :
Double-clique sur OTMoveIt.exe pour le lancer.
Assure toi que la case "Unregister Dll's and Ocx's" soit bien cochée !!!
Copie la ligne ci dessous, et colle la dans le cadre de gauche de OTMoveIt nommé Paste List of Files/Folders to be moved.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp
Clique sur MoveIt! pour lancer la suppression.
Si OTMoveIt propose de redémarrer ton PC, accepte.
Lorsque un résultat apparaît dans le cadre Results, clique sur Exit.
Dans ta future réponse, envoie le rapport de OTMoveIt situé sur C:\_OTMoveIt\MovedFiles.
(Le nom du rapport est la date de sa création.)
Ensuite télécharge la dernière version de Java et installe la
Puis désinstalle les autres versions.
Panneau de config --> Ajout suppression de programmes
Poste un nouveau log Hijack aussi.
Si tu peux le faire avant dimanche soir ce serait bien.
sinon je ne pourrai le regarder que mardi soir.
Merci
A+
On va faire un peu de ménage ...
Télécharge OTMoveIt (de Old_Timer) sur ton Bureau.
Ensuite
Avec HijackThis :
Do a system scan only
Coche ces lignes :
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\winlogon.exe
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
Toutes les suivantes concernent MSN (liens, jeux ...)
A toi de voir si tu t'en sers encore !
Si non tu peux les cocher aussi.
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by118w.bay118.mail.live.com/mail/resources/MsnPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game01.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
Ensuite, arrête toutes les autres applications en cours et :
Fix checked
Après ça :
Double-clique sur OTMoveIt.exe pour le lancer.
Assure toi que la case "Unregister Dll's and Ocx's" soit bien cochée !!!
Copie la ligne ci dessous, et colle la dans le cadre de gauche de OTMoveIt nommé Paste List of Files/Folders to be moved.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp
Clique sur MoveIt! pour lancer la suppression.
Si OTMoveIt propose de redémarrer ton PC, accepte.
Lorsque un résultat apparaît dans le cadre Results, clique sur Exit.
Dans ta future réponse, envoie le rapport de OTMoveIt situé sur C:\_OTMoveIt\MovedFiles.
(Le nom du rapport est la date de sa création.)
Ensuite télécharge la dernière version de Java et installe la
Puis désinstalle les autres versions.
Panneau de config --> Ajout suppression de programmes
Poste un nouveau log Hijack aussi.
Si tu peux le faire avant dimanche soir ce serait bien.
sinon je ne pourrai le regarder que mardi soir.
Merci
A+
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\{B39F901D-A93B-4CE7-8DB9-A2BFE54BD83E} moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\{8E68123D-65D3-429F-BD49-124A8ACC92FD} moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\{5B49932E-3F77-4945-8937-96F9777CAE3F} moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\{4B9BB601-13E9-4042-A3BC-E7955BF4A98F} moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\_vxsktmp moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\_ISTMP1.DIR\_ISTMP0.DIR moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\_ISTMP1.DIR moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\_is5E2 moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\_avast4_ moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\WPDNSE moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\Word8.0 moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\WERff0d.dir00 moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\WER4081.dir00 moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\WER1748.dir00 moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\WER150e.dir00 moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\WER0f1c.dir00 moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\VBE moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\HX4AR7QL moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\A84K10VP moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\6ZOTA7IP moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\2SH88O74 moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5 moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\Temporary Internet Files moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\smiley moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\Répertoire temporaire 1 pour webUpgrade_Windows_R3.0.1.2.zip moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\Répertoire temporaire 1 pour latin_track2.zip moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\Répertoire temporaire 1 pour latin_track1.zip moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\Répertoire temporaire 1 pour bollywood_track5.zip moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\Répertoire temporaire 1 pour bollywood_track4.zip moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\plugtmp-2 moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\plugtmp moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\pft3~tmp\Disk1 moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\pft3~tmp moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\outlook logging moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\MessengerCache moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\ma_sh1 moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\KAV7.0.1.325 moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\IXP051.TMP moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\isp3C6.tmp moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\isp3C3.tmp moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\isp26C.tmp moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\isp264.tmp moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\ins2.tmp moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\ins1.tmp moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\Icons moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\ICD1.tmp moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\Historique\History.IE5 moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\Historique moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\Div284.tmp moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\DefaultEmoticons moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\Default moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\Cookies moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\Cddb\2793472 moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\Cddb moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\Adobe\Acrobat\7.0\SendMail moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\Adobe\Acrobat\7.0 moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\Adobe\Acrobat\6.0 moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\Adobe\Acrobat moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\Adobe moved successfully.
Folder move failed. C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp scheduled to be moved on reboot.
OTMoveIt2 v1.0.20 log created on 03032008_102613
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\{8E68123D-65D3-429F-BD49-124A8ACC92FD} moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\{5B49932E-3F77-4945-8937-96F9777CAE3F} moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\{4B9BB601-13E9-4042-A3BC-E7955BF4A98F} moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\_vxsktmp moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\_ISTMP1.DIR\_ISTMP0.DIR moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\_ISTMP1.DIR moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\_is5E2 moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\_avast4_ moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\WPDNSE moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\Word8.0 moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\WERff0d.dir00 moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\WER4081.dir00 moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\WER1748.dir00 moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\WER150e.dir00 moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\WER0f1c.dir00 moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\VBE moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\HX4AR7QL moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\A84K10VP moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\6ZOTA7IP moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\2SH88O74 moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5 moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\Temporary Internet Files moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\smiley moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\Répertoire temporaire 1 pour webUpgrade_Windows_R3.0.1.2.zip moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\Répertoire temporaire 1 pour latin_track2.zip moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\Répertoire temporaire 1 pour latin_track1.zip moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\Répertoire temporaire 1 pour bollywood_track5.zip moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\Répertoire temporaire 1 pour bollywood_track4.zip moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\plugtmp-2 moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\plugtmp moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\pft3~tmp\Disk1 moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\pft3~tmp moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\outlook logging moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\MessengerCache moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\ma_sh1 moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\KAV7.0.1.325 moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\IXP051.TMP moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\isp3C6.tmp moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\isp3C3.tmp moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\isp26C.tmp moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\isp264.tmp moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\ins2.tmp moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\ins1.tmp moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\Icons moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\ICD1.tmp moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\Historique\History.IE5 moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\Historique moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\Div284.tmp moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\DefaultEmoticons moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\Default moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\Cookies moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\Cddb\2793472 moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\Cddb moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\Adobe\Acrobat\7.0\SendMail moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\Adobe\Acrobat\7.0 moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\Adobe\Acrobat\6.0 moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\Adobe\Acrobat moved successfully.
C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp\Adobe moved successfully.
Folder move failed. C:\DOCUME~1\JNIFER~1\LOCALS~1\Temp scheduled to be moved on reboot.
OTMoveIt2 v1.0.20 log created on 03032008_102613
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:47:00, on 03/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\HP\TVPlay\Kernel\CLML_NTService\CLMLServer.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\HP\TVPlay\Kernel\TV\TVPCapSvc.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\HP\TVPlay\Kernel\TV\TVPSched.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\HP\TVPlay\TVPService.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Logitech\Video\CameraAssistant.exe
C:\WINDOWS\system32\ElkCtrl.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\V0230Mon.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\Neuf\Kit\WiFi\9wifi.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\PROGRA~1\hpq\Shared\HPQTOA~1.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://actus.sfr.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://actus.sfr.fr
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://fr.yahoo.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [TVPService] "C:\Program Files\HP\TVPlay\TVPService.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [V0230Mon.exe] C:\WINDOWS\V0230Mon.exe
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [Autoconfigurateur WiFi Neuf] "C:\Program Files\Neuf\Kit\WiFi\9wifi.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll
O9 - Extra button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=https://www8.hp.com/fr/fr/home.html
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.av.fr.aol.com/molbin/shared/mcinsctl/fr/4,0,0,84/mcinsctl.cab
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: CyberLink Media Library Service(HP TVPlay) - Cyberlink - C:\Program Files\HP\TVPlay\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: CyberLink Background Capture Service (CBCS HP TVPlay) (TVPCapSvc) - Unknown owner - C:\Program Files\HP\TVPlay\Kernel\TV\TVPCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS HP TVPlay) (TVPSched) - Unknown owner - C:\Program Files\HP\TVPlay\Kernel\TV\TVPSched.exe
Scan saved at 10:47:00, on 03/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\HP\TVPlay\Kernel\CLML_NTService\CLMLServer.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\HP\TVPlay\Kernel\TV\TVPCapSvc.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\HP\TVPlay\Kernel\TV\TVPSched.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\HP\TVPlay\TVPService.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Logitech\Video\CameraAssistant.exe
C:\WINDOWS\system32\ElkCtrl.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\V0230Mon.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\Neuf\Kit\WiFi\9wifi.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\PROGRA~1\hpq\Shared\HPQTOA~1.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://actus.sfr.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://actus.sfr.fr
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://fr.yahoo.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [TVPService] "C:\Program Files\HP\TVPlay\TVPService.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [V0230Mon.exe] C:\WINDOWS\V0230Mon.exe
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [Autoconfigurateur WiFi Neuf] "C:\Program Files\Neuf\Kit\WiFi\9wifi.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll
O9 - Extra button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=https://www8.hp.com/fr/fr/home.html
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.av.fr.aol.com/molbin/shared/mcinsctl/fr/4,0,0,84/mcinsctl.cab
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: CyberLink Media Library Service(HP TVPlay) - Cyberlink - C:\Program Files\HP\TVPlay\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: CyberLink Background Capture Service (CBCS HP TVPlay) (TVPCapSvc) - Unknown owner - C:\Program Files\HP\TVPlay\Kernel\TV\TVPCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS HP TVPlay) (TVPSched) - Unknown owner - C:\Program Files\HP\TVPlay\Kernel\TV\TVPSched.exe
Salut
Pour le rapport c'est OK ... pour moi !
Mis à part que tu pourrai installer un parefeu autre que celui de windows !
Si tu veux en changer :
Pare feu Kerio (choisis l'adresse ...)
http://www.malekal.com/kerio_firewall.php#mozTocId721480
https://www.vulgarisation-informatique.com/kerio.php
https://kerio.probb.fr/f2-sunbelt-kerio-personal-firewall
Installe-le et ensuite désactive celui de windows.
As tu encore des problèmes ?
Sinon, change l'état de ton poste en résolu
A+
Pour le rapport c'est OK ... pour moi !
Mis à part que tu pourrai installer un parefeu autre que celui de windows !
Si tu veux en changer :
Pare feu Kerio (choisis l'adresse ...)
http://www.malekal.com/kerio_firewall.php#mozTocId721480
https://www.vulgarisation-informatique.com/kerio.php
https://kerio.probb.fr/f2-sunbelt-kerio-personal-firewall
Installe-le et ensuite désactive celui de windows.
As tu encore des problèmes ?
Sinon, change l'état de ton poste en résolu
A+
Re
As tu été voir ici ?
En fait moi je n'ai pas Kerio mais je pense que le principe est le même !
Lorsqu'une application veut accéder à un site (sortir) c'est à toi de décider :
Si tu l'autorises tout le temps
Si tu l'autorises mais avec demande de confirmation
Si tu l'interdis
Après quelques jours d'utilisation tu ne devrais plu avoir beaucoup de fenêtres te demandant cela !
A+
PS : SI le tuto ne te parait pas assez clair, tu peux en chercher un autre.
As tu été voir ici ?
En fait moi je n'ai pas Kerio mais je pense que le principe est le même !
Lorsqu'une application veut accéder à un site (sortir) c'est à toi de décider :
Si tu l'autorises tout le temps
Si tu l'autorises mais avec demande de confirmation
Si tu l'interdis
Après quelques jours d'utilisation tu ne devrais plu avoir beaucoup de fenêtres te demandant cela !
A+
PS : SI le tuto ne te parait pas assez clair, tu peux en chercher un autre.
