Problème avec alerte avast
Franck
-
Utilisateur anonyme -
Utilisateur anonyme -
Bonjour,
J'ai un gros souci avec une alerte avast qui fait des pop up intempestif régulier toutes les secondes :
Voilà le message
"Suspicious message
There are too many identical e-mails in appointed time
Sender: Albert foot <tsmerk@web.de>
Recipient: <urtebb@web.de>
Subject: smell nicholls Mon, 18 Sep 2006 15:28:43 -0700There are too many identical e-mails in appointed time
Sender: Albert foot <double_trouble46069@yahoo.com>
Recipient: <urtebb@web.de>; <randfam2001@yahoo.com>
Subject: smell nicholls Mon, 18 Sep 2006 15:28:43 -0700There are too many identical e-mails in appointed time
Sender: Albert foot <do109@aol.com>
Recipient: <urtebb@web.de>; <randfam2001@yahoo.com>; <mbgthold@aol.com>
Subject: smell nicholls Mon, 18 Sep 2006 15:28:43 -0700There are too many identical e-mails in appointed time
Sender: Albert foot <ricardw@cox.net>
Recipient: <urtebb@web.de>; <randfam2001@yahoo.com>; <mbgthold@aol.com>; <tallmanjd@cox.net>
Subject: smell nicholls Mon, 18 Sep 2006 15:28:43 -0700There are too many identical e-mails in appointed time
Sender: Albert foot <double_trouble46069@yahoo.com>
Recipient: <urtebb@web.de>; <randfam2001@yahoo.com>; <mbgthold@aol.com>; <tallmanjd@cox.net>; <kim0505@yahoo.com>
Subject: smell nicholls Mon, 18 Sep 2006 15:28:43 -0700There are too many identical e-mails in appointed time
Sender: Albert foot <double_trouble46069@yahoo.com>
Recipient: <urtebb@web.de>; <randfam2001@yahoo.com>; <mbgthold@aol.com>; <tallmanjd@cox.net>; <kim0505@yahoo.com>; <adela_sandoval@yahoo.com>
Subject: smell nicholls Mon, 18 Sep 2006 15:28:43 -0700There are too many identical e-mails in appointed time
Sender: Albert foot <double_trouble46069@yahoo.com>
Recipient: <urtebb@web.de>; <randfam2001@yahoo.com>; <mbgthold@aol.com>; <tallmanjd@cox.net>; <kim0505@yahoo.com>; <adela_sandoval@yahoo.com>; <ugpatriot@yahoo.com>
Subject: smell nicholls Mon, 18 Sep 2006 15:28:43 -0700There are too many identical e-mails in appointed time
Sender: Albert foot <double_trouble46069@yahoo.com>
Recipient: <urtebb@web.de>; <randfam2001@yahoo.com>; <mbgthold@aol.com>; <tallmanjd@cox.net>; <kim0505@yahoo.com>; <adela_sandoval@yahoo.com>; <ugpatriot@yahoo.com>; <972@yahoo.com>
Subject: smell nicholls Mon, 18 Sep 2006 15:28:43 -0700There are too many identical e-mails in appointed time
Sender: Albert foot <double_trouble46069@yahoo.com>
Recipient: <urtebb@web.de>; <randfam2001@yahoo.com>; <mbgthold@aol.com>; <tallmanjd@cox.net>; <kim0505@yahoo.com>; <adela_sandoval@yahoo.com>; <ugpatriot@yahoo.com>; <972@yahoo.com>; <vjzmail@yahoo.com>
Subject: smell nicholls Mon, 18 Sep 2006 15:28:43 -0700There are too many identical e-mails in appointed time
Sender: Albert foot <double_trouble46069@yahoo.com>
Recipient: <urtebb@web.de>; <randfam2001@yahoo.com>; <mbgthold@aol.com>; <tallmanjd@cox.net>; <kim0505@yahoo.com>; <adela_sandoval@yahoo.com>; <ugpatriot@yahoo.com>; <972@yahoo.com>; <vjzmail@yahoo.com>; <austinovia2000@yahoo.com>
Subject: smell nicholls Mon, 18 Sep 2006 15:28:43 -0700There are too many identical e-mails in appointed time
Sender: Albert foot <double_trouble46069@yahoo.com>
Recipient: <urtebb@web.de>; <randfam2001@yahoo.com>; <mbgthold@aol.com>; <tallmanjd@cox.net>; <kim0505@yahoo.com>; <adela_sandoval@yahoo.com>; <ugpatriot@yahoo.com>; <972@yahoo.com>; <vjzmail@yahoo.com>; <austinovia2000@yahoo.com>; <redboarder75@yahoo.com>
Subject: smell nicholls Mon, 18 Sep 2006 15:28:43 -0700There are too many identical e-mails in appointed time
Sender: Albert foot <andreweden@ernestmaude.com>
Recipient: <urtebb@web.de>; <randfam2001@yahoo.com>; <mbgthold@aol.com>; <tallmanjd@cox.net>; <kim0505@yahoo.com>; <adela_sandoval@yahoo.com>; <ugpatriot@yahoo.com>; <972@yahoo.com>; <vjzmail@yahoo.com>; <austinovia2000@yahoo.com>; <redboarder75@yahoo.com>; <sue.christensen@ernestmaude.com>
Subject: smell nicholls Mon, 18 Sep 2006 15:28:43 -0700There are too many identical e-mails in appointed time
Sender: Albert foot <kboegn1@tiger.towson.edu>
Recipient: <urtebb@web.de>; <randfam2001@yahoo.com>; <mbgthold@aol.com>; <tallmanjd@cox.net>; <kim0505@yahoo.com>; <adela_sandoval@yahoo.com>; <ugpatriot@yahoo.com>; <972@yahoo.com>; <vjzmail@yahoo.com>; <austinovia2000@yahoo.com>; <redboarder75@yahoo.com>; <sue.christensen@ernestmaude.com>; <lpalmi1@tiger.towson.edu>
Subject: smell nicholls Mon, 18 Sep 2006 15:28:43 -0700There are too many identical e-mails in appointed time
Sender: Albert foot <rkmtgva@web.de>
Recipient: <urtebb@web.de>; <randfam2001@yahoo.com>; <mbgthold@aol.com>; <tallmanjd@cox.net>; <kim0505@yahoo.com>; <adela_sandoval@yahoo.com>; <ugpatriot@yahoo.com>; <972@yahoo.com>; <vjzmail@yahoo.com>; <austinovia2000@yahoo.com>; <redboarder75@yahoo.com>; <sue.christensen@ernestmaude.com>; <lpalmi1@tiger.towson.edu>; <general.leedd@web.de>
Subject: smell nicholls Mon, 18 Sep 2006 15:28:43 -0700There are too many identical e-mails in appointed time
Sender: Albert foot <feeflee@ern.com>
Recipient: <urtebb@web.de>; <randfam2001@yahoo.com>; <mbgthold@aol.com>; <tallmanjd@cox.net>; <kim0505@yahoo.com>; <adela_sandoval@yahoo.com>; <ugpatriot@yahoo.com>; <972@yahoo.com>; <vjzmail@yahoo.com>; <austinovia2000@yahoo.com>; <redboarder75@yahoo.com>; <sue.christensen@ernestmaude.com>; <lpalmi1@tiger.towson.edu>; <general.leedd@web.de>; <sue.christensen@ern.com>
Subject: smell nicholls Mon, 18 Sep 2006 15:28:43 -0700There are too many identical e-mails in appointed time
Sender: Albert foot <tsmerk@web.de>
Recipient: <urtebb@web.de>; <randfam2001@yahoo.com>; <mbgthold@aol.com>; <tallmanjd@cox.net>; <kim0505@yahoo.com>; <adela_sandoval@yahoo.com>; <ugpatriot@yahoo.com>; <972@yahoo.com>; <vjzmail@yahoo.com>; <austinovia2000@yahoo.com>; <redboarder75@yahoo.com>; <sue.christensen@ernestmaude.com>; <lpalmi1@tiger.towson.edu>; <general.leedd@web.de>; <sue.christensen@ern.com>; <niedzwiecki@web.de>
Subject: smell nicholls Mon, 18 Sep 2006 15:28:43 -0700There are too many identical e-mails in appointed time
Sender: Albert foot <double_trouble46069@yahoo.com>
Recipient: <urtebb@web.de>; <randfam2001@yahoo.com>; <mbgthold@aol.com>; <tallmanjd@cox.net>; <kim0505@yahoo.com>; <adela_sandoval@yahoo.com>; <ugpatriot@yahoo.com>; <972@yahoo.com>; <vjzmail@yahoo.com>; <austinovia2000@yahoo.com>; <redboarder75@yahoo.com>; <sue.christensen@ernestmaude.com>; <lpalmi1@tiger.towson.edu>; <general.leedd@web.de>; <sue.christensen@ern.com>; <niedzwiecki@web.de>; <rohanssar@yahoo.com>
Subject: smell nicholls Mon, 18 Sep 2006 15:28:43 -0700There are too many identical e-mails in appointed time
Sender: Albert foot <sue.christensen@ern.com>
Recipient: <urtebb@web.de>; <randfam2001@yahoo.com>; <mbgthold@aol.com>; <tallmanjd@cox.net>; <kim0505@yahoo.com>; <adela_sandoval@yahoo.com>; <ugpatriot@yahoo.com>; <972@yahoo.com>; <vjzmail@yahoo.com>; <austinovia2000@yahoo.com>; <redboarder75@yahoo.com>; <sue.christensen@ernestmaude.com>; <lpalmi1@tiger.towson.edu>; <general.leedd@web.de>; <sue.christensen@ern.com>; <niedzwiecki@web.de>; <rohanssar@yahoo.com>; <feeflee@ern.com>
Subject: smell nicholls Mon, 18 Sep 2006 15:28:43 -0700There are too many identical e-mails in appointed time
Sender: Albert foot <tsmerk@web.de>
Recipient: <urtebb@web.de>; <randfam2001@yahoo.com>; <mbgthold@aol.com>; <tallmanjd@cox.net>; <kim0505@yahoo.com>; <adela_sandoval@yahoo.com>; <ugpatriot@yahoo.com>; <972@yahoo.com>; <vjzmail@yahoo.com>; <austinovia2000@yahoo.com>; <redboarder75@yahoo.com>; <sue.christensen@ernestmaude.com>; <lpalmi1@tiger.towson.edu>; <general.leedd@web.de>; <sue.christensen@ern.com>; <niedzwiecki@web.de>; <rohanssar@yahoo.com>; <feeflee@ern.com>; <j.kraus@web.de>
Subject: smell nicholls Mon, 18 Sep 2006 15:28:43 -0700"
j'ai fait un log hijackthis que voilà :
Logfile of HijackThis v1.99.1
Scan saved at 22:23:11, on 18/09/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Spyware Doctor\sdhelp.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\WANADOO\TaskbarIcon.exe
C:\PROGRA~1\WANADOO\CnxMon.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\SerExt.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\MESSAG~1\StartMessager.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Acer\Notebook Manager\almxptray.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe
C:\WINDOWS\system32\spoolsvv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Hewlett-Packard\Toolbox\jre\bin\javaw.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\Gigaset DECT\capi\Tools\CALLTRAY.exe
C:\Program Files\Mindjet\MindManager 5\sys\PDF\ENU\W2K\PDFSaver.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\svchost.exe
C:\Téléchargements\HijackThis.exe
C:\WINDOWS\system32\HPBPRO.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\WANADOO\SEARCH~1.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {77701e16-9bfe-4b63-a5b4-7bd156758a37} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (file missing)
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\WANADOO\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\WANADOO\TaskbarIcon.exe
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\WANADOO\CnxMon.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SerExt] SerExt.exe /unplug
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MessagerStarter Wanadoo] C:\PROGRA~1\MESSAG~1\StartMessager.exe Messager Wanadoo
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [AcerNotebookManager] C:\Program Files\Acer\Notebook Manager\almxptray.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [StatusClient 2.6] C:\Program Files\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe /auto
O4 - HKLM\..\Run: [TomcatStartup 2.5] C:\Program Files\Hewlett-Packard\Toolbox\hpbpsttp.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Explorer 2238] C:\DOCUME~1\FRANCK~1\LOCALS~1\Temp\8538\explorer.exe
O4 - HKLM\..\Run: [Vaderetro Outlook] "C:\PROGRA~1\GOTOSO~1\VADERE~1\VrMoRegister.exe -s"
O4 - HKLM\..\Run: [Vade Retro Outlook Express] "C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe"
O4 - HKLM\..\Run: [spoolsvv] C:\WINDOWS\system32\spoolsvv.exe
O4 - HKCU\..\Run: [FDriver] c:\DriverLoad\windrv.exe
O4 - HKCU\..\Run: [CDriver] c:\DriverLoad\windrv.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O4 - Global Startup: DSLMON.lnk.disabled
O4 - Global Startup: CAPI Call Tray.lnk = C:\Program Files\Gigaset DECT\capi\Tools\CALLTRAY.exe
O4 - Global Startup: MindManager PDF Writer.lnk = C:\Program Files\Mindjet\MindManager 5\sys\PDF\ENU\W2K\PDFSaver.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O12 - Plugin for .mpeg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll
O12 - Plugin for .mpg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll
O16 - DPF: {2EB1E425-74DC-4DC0-A9E1-03A4C852E1F2} (CPlayFirstTriJinxControl Object) - http://zone.msn.com/bingame/trix/default/TriJinx.1.0.0.67.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://zone.msn.com/bingame/luxr/default/mjolauncher.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O16 - DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} (CPlayFirstDinerDashControl Object) - http://zone.msn.com/bingame/dash/default/DinerDash.1.0.0.87.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{4C5D6BFF-C653-4389-B069-D2FBD74A31BD}: NameServer = 80.10.246.1,80.10.246.132
O20 - Winlogon Notify: artm_newreg - C:\Documents and Settings\All Users\Documents\Settings\artm_new.dll
O21 - SSODL: DCOM Server 2238 - {2C1CD3D7-86AC-4068-93BC-A02304BB2238} - C:\DOCUME~1\FRANCK~1\LOCALS~1\Temp\8538\explorer.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: MS Software Shadow Download Provider (dnlsvc) - Unknown owner - C:\DOCUME~1\FRANCK~1\LOCALS~1\Temp\dnlsvc.exe (file missing)
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools - C:\Program Files\Spyware Doctor\sdhelp.exe
O23 - Service: xControlCOM - Siemens - C:\Program Files\Gigaset DECT\talk&surf_6_0\xcontrolcom.exe
Pouvez-vous m'aider ? Merci beaucoup.
Franck
J'ai un gros souci avec une alerte avast qui fait des pop up intempestif régulier toutes les secondes :
Voilà le message
"Suspicious message
There are too many identical e-mails in appointed time
Sender: Albert foot <tsmerk@web.de>
Recipient: <urtebb@web.de>
Subject: smell nicholls Mon, 18 Sep 2006 15:28:43 -0700There are too many identical e-mails in appointed time
Sender: Albert foot <double_trouble46069@yahoo.com>
Recipient: <urtebb@web.de>; <randfam2001@yahoo.com>
Subject: smell nicholls Mon, 18 Sep 2006 15:28:43 -0700There are too many identical e-mails in appointed time
Sender: Albert foot <do109@aol.com>
Recipient: <urtebb@web.de>; <randfam2001@yahoo.com>; <mbgthold@aol.com>
Subject: smell nicholls Mon, 18 Sep 2006 15:28:43 -0700There are too many identical e-mails in appointed time
Sender: Albert foot <ricardw@cox.net>
Recipient: <urtebb@web.de>; <randfam2001@yahoo.com>; <mbgthold@aol.com>; <tallmanjd@cox.net>
Subject: smell nicholls Mon, 18 Sep 2006 15:28:43 -0700There are too many identical e-mails in appointed time
Sender: Albert foot <double_trouble46069@yahoo.com>
Recipient: <urtebb@web.de>; <randfam2001@yahoo.com>; <mbgthold@aol.com>; <tallmanjd@cox.net>; <kim0505@yahoo.com>
Subject: smell nicholls Mon, 18 Sep 2006 15:28:43 -0700There are too many identical e-mails in appointed time
Sender: Albert foot <double_trouble46069@yahoo.com>
Recipient: <urtebb@web.de>; <randfam2001@yahoo.com>; <mbgthold@aol.com>; <tallmanjd@cox.net>; <kim0505@yahoo.com>; <adela_sandoval@yahoo.com>
Subject: smell nicholls Mon, 18 Sep 2006 15:28:43 -0700There are too many identical e-mails in appointed time
Sender: Albert foot <double_trouble46069@yahoo.com>
Recipient: <urtebb@web.de>; <randfam2001@yahoo.com>; <mbgthold@aol.com>; <tallmanjd@cox.net>; <kim0505@yahoo.com>; <adela_sandoval@yahoo.com>; <ugpatriot@yahoo.com>
Subject: smell nicholls Mon, 18 Sep 2006 15:28:43 -0700There are too many identical e-mails in appointed time
Sender: Albert foot <double_trouble46069@yahoo.com>
Recipient: <urtebb@web.de>; <randfam2001@yahoo.com>; <mbgthold@aol.com>; <tallmanjd@cox.net>; <kim0505@yahoo.com>; <adela_sandoval@yahoo.com>; <ugpatriot@yahoo.com>; <972@yahoo.com>
Subject: smell nicholls Mon, 18 Sep 2006 15:28:43 -0700There are too many identical e-mails in appointed time
Sender: Albert foot <double_trouble46069@yahoo.com>
Recipient: <urtebb@web.de>; <randfam2001@yahoo.com>; <mbgthold@aol.com>; <tallmanjd@cox.net>; <kim0505@yahoo.com>; <adela_sandoval@yahoo.com>; <ugpatriot@yahoo.com>; <972@yahoo.com>; <vjzmail@yahoo.com>
Subject: smell nicholls Mon, 18 Sep 2006 15:28:43 -0700There are too many identical e-mails in appointed time
Sender: Albert foot <double_trouble46069@yahoo.com>
Recipient: <urtebb@web.de>; <randfam2001@yahoo.com>; <mbgthold@aol.com>; <tallmanjd@cox.net>; <kim0505@yahoo.com>; <adela_sandoval@yahoo.com>; <ugpatriot@yahoo.com>; <972@yahoo.com>; <vjzmail@yahoo.com>; <austinovia2000@yahoo.com>
Subject: smell nicholls Mon, 18 Sep 2006 15:28:43 -0700There are too many identical e-mails in appointed time
Sender: Albert foot <double_trouble46069@yahoo.com>
Recipient: <urtebb@web.de>; <randfam2001@yahoo.com>; <mbgthold@aol.com>; <tallmanjd@cox.net>; <kim0505@yahoo.com>; <adela_sandoval@yahoo.com>; <ugpatriot@yahoo.com>; <972@yahoo.com>; <vjzmail@yahoo.com>; <austinovia2000@yahoo.com>; <redboarder75@yahoo.com>
Subject: smell nicholls Mon, 18 Sep 2006 15:28:43 -0700There are too many identical e-mails in appointed time
Sender: Albert foot <andreweden@ernestmaude.com>
Recipient: <urtebb@web.de>; <randfam2001@yahoo.com>; <mbgthold@aol.com>; <tallmanjd@cox.net>; <kim0505@yahoo.com>; <adela_sandoval@yahoo.com>; <ugpatriot@yahoo.com>; <972@yahoo.com>; <vjzmail@yahoo.com>; <austinovia2000@yahoo.com>; <redboarder75@yahoo.com>; <sue.christensen@ernestmaude.com>
Subject: smell nicholls Mon, 18 Sep 2006 15:28:43 -0700There are too many identical e-mails in appointed time
Sender: Albert foot <kboegn1@tiger.towson.edu>
Recipient: <urtebb@web.de>; <randfam2001@yahoo.com>; <mbgthold@aol.com>; <tallmanjd@cox.net>; <kim0505@yahoo.com>; <adela_sandoval@yahoo.com>; <ugpatriot@yahoo.com>; <972@yahoo.com>; <vjzmail@yahoo.com>; <austinovia2000@yahoo.com>; <redboarder75@yahoo.com>; <sue.christensen@ernestmaude.com>; <lpalmi1@tiger.towson.edu>
Subject: smell nicholls Mon, 18 Sep 2006 15:28:43 -0700There are too many identical e-mails in appointed time
Sender: Albert foot <rkmtgva@web.de>
Recipient: <urtebb@web.de>; <randfam2001@yahoo.com>; <mbgthold@aol.com>; <tallmanjd@cox.net>; <kim0505@yahoo.com>; <adela_sandoval@yahoo.com>; <ugpatriot@yahoo.com>; <972@yahoo.com>; <vjzmail@yahoo.com>; <austinovia2000@yahoo.com>; <redboarder75@yahoo.com>; <sue.christensen@ernestmaude.com>; <lpalmi1@tiger.towson.edu>; <general.leedd@web.de>
Subject: smell nicholls Mon, 18 Sep 2006 15:28:43 -0700There are too many identical e-mails in appointed time
Sender: Albert foot <feeflee@ern.com>
Recipient: <urtebb@web.de>; <randfam2001@yahoo.com>; <mbgthold@aol.com>; <tallmanjd@cox.net>; <kim0505@yahoo.com>; <adela_sandoval@yahoo.com>; <ugpatriot@yahoo.com>; <972@yahoo.com>; <vjzmail@yahoo.com>; <austinovia2000@yahoo.com>; <redboarder75@yahoo.com>; <sue.christensen@ernestmaude.com>; <lpalmi1@tiger.towson.edu>; <general.leedd@web.de>; <sue.christensen@ern.com>
Subject: smell nicholls Mon, 18 Sep 2006 15:28:43 -0700There are too many identical e-mails in appointed time
Sender: Albert foot <tsmerk@web.de>
Recipient: <urtebb@web.de>; <randfam2001@yahoo.com>; <mbgthold@aol.com>; <tallmanjd@cox.net>; <kim0505@yahoo.com>; <adela_sandoval@yahoo.com>; <ugpatriot@yahoo.com>; <972@yahoo.com>; <vjzmail@yahoo.com>; <austinovia2000@yahoo.com>; <redboarder75@yahoo.com>; <sue.christensen@ernestmaude.com>; <lpalmi1@tiger.towson.edu>; <general.leedd@web.de>; <sue.christensen@ern.com>; <niedzwiecki@web.de>
Subject: smell nicholls Mon, 18 Sep 2006 15:28:43 -0700There are too many identical e-mails in appointed time
Sender: Albert foot <double_trouble46069@yahoo.com>
Recipient: <urtebb@web.de>; <randfam2001@yahoo.com>; <mbgthold@aol.com>; <tallmanjd@cox.net>; <kim0505@yahoo.com>; <adela_sandoval@yahoo.com>; <ugpatriot@yahoo.com>; <972@yahoo.com>; <vjzmail@yahoo.com>; <austinovia2000@yahoo.com>; <redboarder75@yahoo.com>; <sue.christensen@ernestmaude.com>; <lpalmi1@tiger.towson.edu>; <general.leedd@web.de>; <sue.christensen@ern.com>; <niedzwiecki@web.de>; <rohanssar@yahoo.com>
Subject: smell nicholls Mon, 18 Sep 2006 15:28:43 -0700There are too many identical e-mails in appointed time
Sender: Albert foot <sue.christensen@ern.com>
Recipient: <urtebb@web.de>; <randfam2001@yahoo.com>; <mbgthold@aol.com>; <tallmanjd@cox.net>; <kim0505@yahoo.com>; <adela_sandoval@yahoo.com>; <ugpatriot@yahoo.com>; <972@yahoo.com>; <vjzmail@yahoo.com>; <austinovia2000@yahoo.com>; <redboarder75@yahoo.com>; <sue.christensen@ernestmaude.com>; <lpalmi1@tiger.towson.edu>; <general.leedd@web.de>; <sue.christensen@ern.com>; <niedzwiecki@web.de>; <rohanssar@yahoo.com>; <feeflee@ern.com>
Subject: smell nicholls Mon, 18 Sep 2006 15:28:43 -0700There are too many identical e-mails in appointed time
Sender: Albert foot <tsmerk@web.de>
Recipient: <urtebb@web.de>; <randfam2001@yahoo.com>; <mbgthold@aol.com>; <tallmanjd@cox.net>; <kim0505@yahoo.com>; <adela_sandoval@yahoo.com>; <ugpatriot@yahoo.com>; <972@yahoo.com>; <vjzmail@yahoo.com>; <austinovia2000@yahoo.com>; <redboarder75@yahoo.com>; <sue.christensen@ernestmaude.com>; <lpalmi1@tiger.towson.edu>; <general.leedd@web.de>; <sue.christensen@ern.com>; <niedzwiecki@web.de>; <rohanssar@yahoo.com>; <feeflee@ern.com>; <j.kraus@web.de>
Subject: smell nicholls Mon, 18 Sep 2006 15:28:43 -0700"
j'ai fait un log hijackthis que voilà :
Logfile of HijackThis v1.99.1
Scan saved at 22:23:11, on 18/09/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Spyware Doctor\sdhelp.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\WANADOO\TaskbarIcon.exe
C:\PROGRA~1\WANADOO\CnxMon.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\SerExt.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\MESSAG~1\StartMessager.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Acer\Notebook Manager\almxptray.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe
C:\WINDOWS\system32\spoolsvv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Hewlett-Packard\Toolbox\jre\bin\javaw.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\Gigaset DECT\capi\Tools\CALLTRAY.exe
C:\Program Files\Mindjet\MindManager 5\sys\PDF\ENU\W2K\PDFSaver.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\svchost.exe
C:\Téléchargements\HijackThis.exe
C:\WINDOWS\system32\HPBPRO.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\WANADOO\SEARCH~1.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {77701e16-9bfe-4b63-a5b4-7bd156758a37} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (file missing)
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\WANADOO\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\WANADOO\TaskbarIcon.exe
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\WANADOO\CnxMon.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SerExt] SerExt.exe /unplug
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MessagerStarter Wanadoo] C:\PROGRA~1\MESSAG~1\StartMessager.exe Messager Wanadoo
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [AcerNotebookManager] C:\Program Files\Acer\Notebook Manager\almxptray.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [StatusClient 2.6] C:\Program Files\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe /auto
O4 - HKLM\..\Run: [TomcatStartup 2.5] C:\Program Files\Hewlett-Packard\Toolbox\hpbpsttp.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Explorer 2238] C:\DOCUME~1\FRANCK~1\LOCALS~1\Temp\8538\explorer.exe
O4 - HKLM\..\Run: [Vaderetro Outlook] "C:\PROGRA~1\GOTOSO~1\VADERE~1\VrMoRegister.exe -s"
O4 - HKLM\..\Run: [Vade Retro Outlook Express] "C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe"
O4 - HKLM\..\Run: [spoolsvv] C:\WINDOWS\system32\spoolsvv.exe
O4 - HKCU\..\Run: [FDriver] c:\DriverLoad\windrv.exe
O4 - HKCU\..\Run: [CDriver] c:\DriverLoad\windrv.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O4 - Global Startup: DSLMON.lnk.disabled
O4 - Global Startup: CAPI Call Tray.lnk = C:\Program Files\Gigaset DECT\capi\Tools\CALLTRAY.exe
O4 - Global Startup: MindManager PDF Writer.lnk = C:\Program Files\Mindjet\MindManager 5\sys\PDF\ENU\W2K\PDFSaver.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O12 - Plugin for .mpeg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll
O12 - Plugin for .mpg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll
O16 - DPF: {2EB1E425-74DC-4DC0-A9E1-03A4C852E1F2} (CPlayFirstTriJinxControl Object) - http://zone.msn.com/bingame/trix/default/TriJinx.1.0.0.67.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://zone.msn.com/bingame/luxr/default/mjolauncher.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O16 - DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} (CPlayFirstDinerDashControl Object) - http://zone.msn.com/bingame/dash/default/DinerDash.1.0.0.87.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{4C5D6BFF-C653-4389-B069-D2FBD74A31BD}: NameServer = 80.10.246.1,80.10.246.132
O20 - Winlogon Notify: artm_newreg - C:\Documents and Settings\All Users\Documents\Settings\artm_new.dll
O21 - SSODL: DCOM Server 2238 - {2C1CD3D7-86AC-4068-93BC-A02304BB2238} - C:\DOCUME~1\FRANCK~1\LOCALS~1\Temp\8538\explorer.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: MS Software Shadow Download Provider (dnlsvc) - Unknown owner - C:\DOCUME~1\FRANCK~1\LOCALS~1\Temp\dnlsvc.exe (file missing)
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools - C:\Program Files\Spyware Doctor\sdhelp.exe
O23 - Service: xControlCOM - Siemens - C:\Program Files\Gigaset DECT\talk&surf_6_0\xcontrolcom.exe
Pouvez-vous m'aider ? Merci beaucoup.
Franck
A voir également:
- Problème avec alerte avast
- Désinstaller avast - Télécharger - Antivirus & Antimalwares
- Fausse alerte mcafee - Accueil - Piratage
- Fausse alerte connexion facebook - Guide
- Avast gratuit - Télécharger - Antivirus & Antimalwares
- Desinstaller avast secure browser ✓ - Forum Virus
4 réponses
Salut,
Relance HijackThis, choisis "do a scan only" coche la case devant les lignes ci-dessous et clic en bas sur "fix checked"
O2 - BHO: (no name) - {77701e16-9bfe-4b63-a5b4-7bd156758a37} - (no file)
O4 - HKLM\..\Run: [Explorer 2238] C:\DOCUME~1\FRANCK~1\LOCALS~1\Temp\8538\explorer.exe
O4 - HKCU\..\Run: [FDriver] c:\DriverLoad\windrv.exe
O4 - HKCU\..\Run: [CDriver] c:\DriverLoad\windrv.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
O16 - DPF: {2EB1E425-74DC-4DC0-A9E1-03A4C852E1F2} (CPlayFirstTriJinxControl Object) - http://zone.msn.com/bingame/trix/default/TriJinx.1.0.0.67.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://zone.msn.com/bingame/luxr/default/mjolauncher.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O16 - DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} (CPlayFirstDinerDashControl Object) - http://zone.msn.com/bingame/dash/default/DinerDash.1.0.0.87.cab
O20 - Winlogon Notify: artm_newreg - C:\Documents and Settings\All Users\Documents\Settings\artm_new.dll
O21 - SSODL: DCOM Server 2238 - {2C1CD3D7-86AC-4068-93BC-A02304BB2238} - C:\DOCUME~1\FRANCK~1\LOCALS~1\Temp\8538\explorer.exe (file missing)
Clic sur demarrer, executer, tape: services.msc ,cherche dans la liste cette ligne et régle la sur "désactivé"
MS Software Shadow Download Provider
Désactive le pare-feu de Windows(SP2) car il ne sert à rien et installe celui-ci pour plus de sécurité
Kerio: (pare-feu, qui reste gratuit après la periode d'essai!)
Kerio Personal Firewall
-tutorial: pour configurer et comprendre l'utilisation de Kerio
https://kerio.probb.fr/
Clic sur demarrer, rechercher, cherche et supprime ces fichiers si présent:
windrv.exe
artm_new.dll
**Si un fichier persiste lors de la suppression fais ceci:
-Redemarres ton pc, dès l'allumage de celui-ci tapote la touche F8 (ou F5 si F8 ne fonctionne pas), à l'écran qui va apparaitre choisis "mode sans echec" attends un peu.. puis vas supprimer les fichiers/dossiers qui persistaient, vides ta corbeille et redemarres normalement
Telecharge, installe puis mets à jour ce logiciel(Ewido), une fois que c'est fait, fais un scan complet de ton système, supprime (delete) tout ce qu'il te trouve puis colle le rapport ici avec un nouveau rapport hijackthis
Ewido: (reste gratuit après la période d'essai)
Télécharger Ewido Security Suite
A++
Relance HijackThis, choisis "do a scan only" coche la case devant les lignes ci-dessous et clic en bas sur "fix checked"
O2 - BHO: (no name) - {77701e16-9bfe-4b63-a5b4-7bd156758a37} - (no file)
O4 - HKLM\..\Run: [Explorer 2238] C:\DOCUME~1\FRANCK~1\LOCALS~1\Temp\8538\explorer.exe
O4 - HKCU\..\Run: [FDriver] c:\DriverLoad\windrv.exe
O4 - HKCU\..\Run: [CDriver] c:\DriverLoad\windrv.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
O16 - DPF: {2EB1E425-74DC-4DC0-A9E1-03A4C852E1F2} (CPlayFirstTriJinxControl Object) - http://zone.msn.com/bingame/trix/default/TriJinx.1.0.0.67.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://zone.msn.com/bingame/luxr/default/mjolauncher.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O16 - DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} (CPlayFirstDinerDashControl Object) - http://zone.msn.com/bingame/dash/default/DinerDash.1.0.0.87.cab
O20 - Winlogon Notify: artm_newreg - C:\Documents and Settings\All Users\Documents\Settings\artm_new.dll
O21 - SSODL: DCOM Server 2238 - {2C1CD3D7-86AC-4068-93BC-A02304BB2238} - C:\DOCUME~1\FRANCK~1\LOCALS~1\Temp\8538\explorer.exe (file missing)
Clic sur demarrer, executer, tape: services.msc ,cherche dans la liste cette ligne et régle la sur "désactivé"
MS Software Shadow Download Provider
Désactive le pare-feu de Windows(SP2) car il ne sert à rien et installe celui-ci pour plus de sécurité
Kerio: (pare-feu, qui reste gratuit après la periode d'essai!)
Kerio Personal Firewall
-tutorial: pour configurer et comprendre l'utilisation de Kerio
https://kerio.probb.fr/
Clic sur demarrer, rechercher, cherche et supprime ces fichiers si présent:
windrv.exe
artm_new.dll
**Si un fichier persiste lors de la suppression fais ceci:
-Redemarres ton pc, dès l'allumage de celui-ci tapote la touche F8 (ou F5 si F8 ne fonctionne pas), à l'écran qui va apparaitre choisis "mode sans echec" attends un peu.. puis vas supprimer les fichiers/dossiers qui persistaient, vides ta corbeille et redemarres normalement
Telecharge, installe puis mets à jour ce logiciel(Ewido), une fois que c'est fait, fais un scan complet de ton système, supprime (delete) tout ce qu'il te trouve puis colle le rapport ici avec un nouveau rapport hijackthis
Ewido: (reste gratuit après la période d'essai)
Télécharger Ewido Security Suite
A++
Au secour,
J'ai réalisé les différentes manipulation, mais rien n'y fait. j'ai refait un log de hijackthis que voici. Aussi ewido ne peut pas mettre en quarantaine le virus Trojan
Avast détecte un virus nommé win32:agent-MO dans le fichier comdlj.dll je sais pas si ça peut aider. En tout cas ce qui est sûr ce que j'arrive pas à recevoir ou envoyer des mails. Merci beaucoup pour ton aide.
Franck
Log highjakthis :
Logfile of HijackThis v1.99.1
Scan saved at 21:21:51, on 20/09/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Spyware Doctor\sdhelp.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\WANADOO\TaskbarIcon.exe
C:\PROGRA~1\WANADOO\CnxMon.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\SerExt.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\MESSAG~1\StartMessager.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Acer\Notebook Manager\almxptray.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe
C:\WINDOWS\system32\spoolsvv.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\Hewlett-Packard\Toolbox\jre\bin\javaw.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\Gigaset DECT\capi\Tools\CALLTRAY.exe
C:\Program Files\Mindjet\MindManager 5\sys\PDF\ENU\W2K\PDFSaver.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Téléchargements\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\WANADOO\SEARCH~1.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (file missing)
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\WANADOO\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\WANADOO\TaskbarIcon.exe
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\WANADOO\CnxMon.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SerExt] SerExt.exe /unplug
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MessagerStarter Wanadoo] C:\PROGRA~1\MESSAG~1\StartMessager.exe Messager Wanadoo
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [AcerNotebookManager] C:\Program Files\Acer\Notebook Manager\almxptray.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [StatusClient 2.6] C:\Program Files\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe /auto
O4 - HKLM\..\Run: [TomcatStartup 2.5] C:\Program Files\Hewlett-Packard\Toolbox\hpbpsttp.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Explorer 2238] C:\DOCUME~1\FRANCK~1\LOCALS~1\Temp\8538\explorer.exe
O4 - HKLM\..\Run: [Vaderetro Outlook] "C:\PROGRA~1\GOTOSO~1\VADERE~1\VrMoRegister.exe -s"
O4 - HKLM\..\Run: [Vade Retro Outlook Express] "C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe"
O4 - HKLM\..\Run: [spoolsvv] C:\WINDOWS\system32\spoolsvv.exe
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O4 - Global Startup: DSLMON.lnk.disabled
O4 - Global Startup: CAPI Call Tray.lnk = C:\Program Files\Gigaset DECT\capi\Tools\CALLTRAY.exe
O4 - Global Startup: MindManager PDF Writer.lnk = C:\Program Files\Mindjet\MindManager 5\sys\PDF\ENU\W2K\PDFSaver.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O12 - Plugin for .mpeg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll
O12 - Plugin for .mpg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O17 - HKLM\System\CCS\Services\Tcpip\..\{4C5D6BFF-C653-4389-B069-D2FBD74A31BD}: NameServer = 80.10.246.1,80.10.246.132
O20 - Winlogon Notify: artm_newreg - C:\Documents and Settings\All Users\Documents\Settings\artm_new.dll (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools - C:\Program Files\Spyware Doctor\sdhelp.exe
O23 - Service: xControlCOM - Siemens - C:\Program Files\Gigaset DECT\talk&surf_6_0\xcontrolcom.exe
J'ai réalisé les différentes manipulation, mais rien n'y fait. j'ai refait un log de hijackthis que voici. Aussi ewido ne peut pas mettre en quarantaine le virus Trojan
Avast détecte un virus nommé win32:agent-MO dans le fichier comdlj.dll je sais pas si ça peut aider. En tout cas ce qui est sûr ce que j'arrive pas à recevoir ou envoyer des mails. Merci beaucoup pour ton aide.
Franck
Log highjakthis :
Logfile of HijackThis v1.99.1
Scan saved at 21:21:51, on 20/09/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Spyware Doctor\sdhelp.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\WANADOO\TaskbarIcon.exe
C:\PROGRA~1\WANADOO\CnxMon.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\SerExt.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\MESSAG~1\StartMessager.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Acer\Notebook Manager\almxptray.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe
C:\WINDOWS\system32\spoolsvv.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\Hewlett-Packard\Toolbox\jre\bin\javaw.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\Gigaset DECT\capi\Tools\CALLTRAY.exe
C:\Program Files\Mindjet\MindManager 5\sys\PDF\ENU\W2K\PDFSaver.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Téléchargements\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\WANADOO\SEARCH~1.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (file missing)
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\WANADOO\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\WANADOO\TaskbarIcon.exe
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\WANADOO\CnxMon.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SerExt] SerExt.exe /unplug
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MessagerStarter Wanadoo] C:\PROGRA~1\MESSAG~1\StartMessager.exe Messager Wanadoo
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [AcerNotebookManager] C:\Program Files\Acer\Notebook Manager\almxptray.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [StatusClient 2.6] C:\Program Files\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe /auto
O4 - HKLM\..\Run: [TomcatStartup 2.5] C:\Program Files\Hewlett-Packard\Toolbox\hpbpsttp.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Explorer 2238] C:\DOCUME~1\FRANCK~1\LOCALS~1\Temp\8538\explorer.exe
O4 - HKLM\..\Run: [Vaderetro Outlook] "C:\PROGRA~1\GOTOSO~1\VADERE~1\VrMoRegister.exe -s"
O4 - HKLM\..\Run: [Vade Retro Outlook Express] "C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe"
O4 - HKLM\..\Run: [spoolsvv] C:\WINDOWS\system32\spoolsvv.exe
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O4 - Global Startup: DSLMON.lnk.disabled
O4 - Global Startup: CAPI Call Tray.lnk = C:\Program Files\Gigaset DECT\capi\Tools\CALLTRAY.exe
O4 - Global Startup: MindManager PDF Writer.lnk = C:\Program Files\Mindjet\MindManager 5\sys\PDF\ENU\W2K\PDFSaver.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O12 - Plugin for .mpeg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll
O12 - Plugin for .mpg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O17 - HKLM\System\CCS\Services\Tcpip\..\{4C5D6BFF-C653-4389-B069-D2FBD74A31BD}: NameServer = 80.10.246.1,80.10.246.132
O20 - Winlogon Notify: artm_newreg - C:\Documents and Settings\All Users\Documents\Settings\artm_new.dll (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools - C:\Program Files\Spyware Doctor\sdhelp.exe
O23 - Service: xControlCOM - Siemens - C:\Program Files\Gigaset DECT\talk&surf_6_0\xcontrolcom.exe
