[Virus?] Envoi permanent de mails sur Interne
vinnie31
-
Alphonse -
Alphonse -
Dès que mon PC est connecté sur Internet, il semble envoyer des mails en permanence (ce qui fait que je n'arrive plus à charger une page).
En tout cas si je ne fais rien, il y a toujours du trafic envoyé sur Internet ...
Voici les trojan récemment mis en quarantaine par Avast :
08/05/2007 16:58:14 Vincent 3780 Sign of "Win32:Small-EOL [Trj]" has been found in "C:\Documents and Settings\Vincent\Local Settings\Temporary Internet Files\Content.IE5\OXANK52B\file_5[1].exe" file.
07/05/2007 20:06:32 Vincent 3868 Sign of "Win32:SdBot-3324 [Trj]" has been found in "C:\Program Files\Microsoft Works\Setup\PFILES\MSWORKS\WKSv7std.sbs" file.
07/05/2007 23:51:44 SYSTEM 1320 Sign of "Win32:QQRob-CK [Trj]" has been found in "C:\WINDOWS\smss.exe\[Upack]" file.
08/05/2007 10:30:51 SYSTEM 1332 Sign of "Win32:QQRob-CK [Trj]" has been found in "C:\WINDOWS\smss.exe\[Upack]" file.
08/05/2007 16:31:29 Vincent 2452 Sign of "Win32:QQRob-CK [Trj]" has been found in "c:\windows\smss.exe\[Upack]" file.
08/05/2007 16:58:37 Vincent 3780 Sign of "Win32:Nurech-AF [Trj]" has been found in "C:\Documents and Settings\Vincent\Local Settings\Temporary Internet Files\Content.IE5\OXANK52B\loader[1].exe" file.
07/05/2007 23:51:25 SYSTEM 1320 Sign of "Win32:Delf-DFW [Trj]" has been found in "C:\WINDOWS\winlogon.exe\[Upack]" file.
08/05/2007 10:27:55 SYSTEM 1320 Sign of "Win32:Delf-DFW [Trj]" has been found in "C:\WINDOWS\winlogon.exe\[Upack]" file.
08/05/2007 10:30:26 SYSTEM 1332 Sign of "Win32:Delf-DFW [Trj]" has been found in "C:\WINDOWS\winlogon.exe\[Upack]" file.
08/05/2007 16:32:13 Vincent 2452 Sign of "Win32:Delf-DFW [Trj]" has been found in "c:\windows\winlogon.exe\[Upack]" file.
08/05/2007 17:49:23 Vincent 3780 Sign of "Win32:Delf-DFW [Trj]" has been found in "C:\System Volume Information\_restore{3FA15340-D945-46EC-AE62-1BE78EE6D5ED}\RP371\A0049916.exe\[Upack]" file.
08/05/2007 16:57:14 Vincent 3780 Sign of "Win32:Delf-DFW [Trj]" has been found in "C:\Documents and Settings\Vincent\Local Settings\Temporary Internet Files\Content.IE5\KX2V05YR\winlogon[1].exe\[Upack]" file.
08/05/2007 16:43:45 Vincent 3780 Sign of "Win32:Delf-DFW [Trj]" has been found in "C:\Documents and Settings\Vincent\Local Settings\Temp\_avast4_\unp262535031.tmp\[Upack]" file.
08/05/2007 22:28:01 Vincent 992 Sign of "Win32:Delf-DFW [Trj]" has been found in "C:\Documents and Settings\Vincent\Local Settings\Temp\_avast4_\unp163853152.tmp\[Upack]" file.
08/05/2007 21:58:10 SYSTEM 1320 Sign of "Win32:Agent-GPJ [Trj]" has been found in "C:\WINDOWS\System32\totour.exe\[UPX]" file.
08/05/2007 23:12:53 SYSTEM 1360 Sign of "Win32:Agent-GPJ [Trj]" has been found in "C:\WINDOWS\System32\totour.exe\[UPX]" file.
11/05/2007 10:21:04 SYSTEM 1364 Sign of "Win32:Agent-GPJ [Trj]" has been found in "C:\WINDOWS\System32\totour.exe\[UPX]" file.
08/05/2007 17:49:27 Vincent 3780 Sign of "Win32:Agent-AUH [Trj]" has been found in "C:\System Volume Information\_restore{3FA15340-D945-46EC-AE62-1BE78EE6D5ED}\RP371\A0049919.exe\[Upack]\[Embedded#A01]" file.
08/05/2007 17:45:39 Vincent 3780 Sign of "Win32:Agent-AUH [Trj]" has been found in "C:\System Volume Information\_restore{3FA15340-D945-46EC-AE62-1BE78EE6D5ED}\RP371\A0049915.exe\[Upack]\[Embedded#A01]" file.
08/05/2007 17:33:48 Vincent 3780 Sign of "Win32:Agent-AUH [Trj]" has been found in "C:\smss.exe\[Upack]\[Embedded#A01]" file.
08/05/2007 16:56:55 Vincent 3780 Sign of "Win32:Agent-AUH [Trj]" has been found in "C:\Documents and Settings\Vincent\Local Settings\Temporary Internet Files\Content.IE5\KX2V05YR\file[1].exe\[Upack]\[Embedded#A01]" file.
Quelqu'un peut-il m'aider à détecter le problème , par exemple à partir de l'analyse de HijackThis :
Logfile of HijackThis v1.99.1
Scan saved at 10:31:56, on 11/05/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Mes Program Files\Avast4\aswUpdSv.exe
C:\Mes Program Files\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\CTsvcCDA.EXE
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\System32\ezSP_Px.exe
C:\WINDOWS\System32\ICO.EXE
C:\Program Files\Sony\HotKey Utility\HKserv.exe
C:\Program Files\sony\vaio update 2\VAIOUpdt.exe
C:\Program Files\sony\vaio power management\SPMgr.exe
C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
C:\Program Files\Apoint\Apntex.exe
C:\WINDOWS\lsass.exe
D:\Programmes\utilitaires\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\Program Files\Sony\HotKey Utility\HKWnd.exe
C:\MESPRO~1\Avast4\ashDisp.exe
D:\Programmes\utilitaires\ZoneAlarm\zlclient.exe
C:\Program Files\MSN Apps\Updater\01.02.3000.1001\fr\msnappau.exe
C:\Program Files\Messenger\msmsgs.exe
D:\Programmes\utilitaires\Creative\MediaSource\Detector\CTDetect.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Mes Program Files\Avast4\ashWebSv.exe
C:\Mes Program Files\Avast4\ashMaiSv.exe
C:\Mes Program Files\Avast4\ashLogV.exe
C:\Program Files\OrangeBs\TaskBarIcon.exe
C:\Program Files\OrangeBs\BusinessEverywhere.exe
C:\Program Files\OrangeBs\ComComp.exe
C:\Program Files\OrangeBs\Watch.exe
C:\WINDOWS\system32\FTCOMM~1\FTCOMM~1.EXE
C:\Mes Program Files\Avast4\setup\avast.setup
D:\Programmes\utilitaires\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.sony-europe.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\Programmes\utilitaires\Spybot\SDHelper.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [HKSERV.EXE] C:\Program Files\Sony\HotKey Utility\HKserv.exe
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\sony\vaio update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Program Files\sony\vaio power management\SPMgr.exe
O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "D:\Programmes\utilitaires\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [OBSWATCH] C:\PROGRA~1\OrangeBs\Watch.exe
O4 - HKLM\..\Run: [avast!] C:\MESPRO~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Zone Labs Client] D:\Programmes\utilitaires\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [msnappau] "C:\Program Files\MSN Apps\Updater\01.02.3000.1001\fr\msnappau.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Creative Detector] D:\Programmes\utilitaires\Creative\MediaSource\Detector\CTDetect.exe /R
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Assistant d'Acrobat.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Mes Program Files\Office\OSA9.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O14 - IERESET.INF: START_PAGE_URL=http://www.club-vaio.sony-europe.com/
O15 - Trusted Zone: *.sony-europe.com
O15 - Trusted Zone: *.sonystyle-europe.com
O15 - Trusted Zone: *.vaio-link.com
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: partnershipreg - C:\Documents and Settings\All Users\Documents\Settings\partnership.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Mes Program Files\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Mes Program Files\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Mes Program Files\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Mes Program Files\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\Pacsptisvr.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\Sptisrv.exe
O23 - Service: VAIO Media Music Server (VAIOMediaPlatform-MusicServer-AppServer) - Unknown owner - C:\Program Files\sony\vaio media music server\SSSvr.exe" /Service=VAIOMediaPlatform-MusicServer-AppServer /DisplayName="VAIO Media Music Server (file missing)
O23 - Service: VAIO Media Music Server (HTTP) (VAIOMediaPlatform-MusicServer-HTTP) - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\vaio media platform\sv_httpd.exe" /Service=VAIOMediaPlatform-MusicServer-HTTP /RegRoot="Software\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\MusicServer\HTTP (file missing)
O23 - Service: VAIO Media Music Server (UPnP) (VAIOMediaPlatform-MusicServer-UPnP) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\vaio media platform\UPnPFramework.exe
O23 - Service: VAIO Media Photo Server (VAIOMediaPlatform-PhotoServer-AppServer) - Sony Corporation - C:\Program Files\sony\photo server\appsrv\PhotoAppSrv.exe
O23 - Service: VAIO Media Photo Server (HTTP) (VAIOMediaPlatform-PhotoServer-HTTP) - Unknown owner - C:\Program Files\Fichiers communs\sony shared\vaio media platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-PhotoServer-HTTP /RegRoot="Software\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\PhotoServer\HTTP (file missing)
O23 - Service: VAIO Media Photo Server (UPnP) (VAIOMediaPlatform-PhotoServer-UPnP) - Sony Corporation - C:\Program Files\Fichiers communs\sony shared\vaio media platform\UPnPFramework.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: winlogin - Unknown owner - C:\WINDOWS\lsass.exe
En tout cas si je ne fais rien, il y a toujours du trafic envoyé sur Internet ...
Voici les trojan récemment mis en quarantaine par Avast :
08/05/2007 16:58:14 Vincent 3780 Sign of "Win32:Small-EOL [Trj]" has been found in "C:\Documents and Settings\Vincent\Local Settings\Temporary Internet Files\Content.IE5\OXANK52B\file_5[1].exe" file.
07/05/2007 20:06:32 Vincent 3868 Sign of "Win32:SdBot-3324 [Trj]" has been found in "C:\Program Files\Microsoft Works\Setup\PFILES\MSWORKS\WKSv7std.sbs" file.
07/05/2007 23:51:44 SYSTEM 1320 Sign of "Win32:QQRob-CK [Trj]" has been found in "C:\WINDOWS\smss.exe\[Upack]" file.
08/05/2007 10:30:51 SYSTEM 1332 Sign of "Win32:QQRob-CK [Trj]" has been found in "C:\WINDOWS\smss.exe\[Upack]" file.
08/05/2007 16:31:29 Vincent 2452 Sign of "Win32:QQRob-CK [Trj]" has been found in "c:\windows\smss.exe\[Upack]" file.
08/05/2007 16:58:37 Vincent 3780 Sign of "Win32:Nurech-AF [Trj]" has been found in "C:\Documents and Settings\Vincent\Local Settings\Temporary Internet Files\Content.IE5\OXANK52B\loader[1].exe" file.
07/05/2007 23:51:25 SYSTEM 1320 Sign of "Win32:Delf-DFW [Trj]" has been found in "C:\WINDOWS\winlogon.exe\[Upack]" file.
08/05/2007 10:27:55 SYSTEM 1320 Sign of "Win32:Delf-DFW [Trj]" has been found in "C:\WINDOWS\winlogon.exe\[Upack]" file.
08/05/2007 10:30:26 SYSTEM 1332 Sign of "Win32:Delf-DFW [Trj]" has been found in "C:\WINDOWS\winlogon.exe\[Upack]" file.
08/05/2007 16:32:13 Vincent 2452 Sign of "Win32:Delf-DFW [Trj]" has been found in "c:\windows\winlogon.exe\[Upack]" file.
08/05/2007 17:49:23 Vincent 3780 Sign of "Win32:Delf-DFW [Trj]" has been found in "C:\System Volume Information\_restore{3FA15340-D945-46EC-AE62-1BE78EE6D5ED}\RP371\A0049916.exe\[Upack]" file.
08/05/2007 16:57:14 Vincent 3780 Sign of "Win32:Delf-DFW [Trj]" has been found in "C:\Documents and Settings\Vincent\Local Settings\Temporary Internet Files\Content.IE5\KX2V05YR\winlogon[1].exe\[Upack]" file.
08/05/2007 16:43:45 Vincent 3780 Sign of "Win32:Delf-DFW [Trj]" has been found in "C:\Documents and Settings\Vincent\Local Settings\Temp\_avast4_\unp262535031.tmp\[Upack]" file.
08/05/2007 22:28:01 Vincent 992 Sign of "Win32:Delf-DFW [Trj]" has been found in "C:\Documents and Settings\Vincent\Local Settings\Temp\_avast4_\unp163853152.tmp\[Upack]" file.
08/05/2007 21:58:10 SYSTEM 1320 Sign of "Win32:Agent-GPJ [Trj]" has been found in "C:\WINDOWS\System32\totour.exe\[UPX]" file.
08/05/2007 23:12:53 SYSTEM 1360 Sign of "Win32:Agent-GPJ [Trj]" has been found in "C:\WINDOWS\System32\totour.exe\[UPX]" file.
11/05/2007 10:21:04 SYSTEM 1364 Sign of "Win32:Agent-GPJ [Trj]" has been found in "C:\WINDOWS\System32\totour.exe\[UPX]" file.
08/05/2007 17:49:27 Vincent 3780 Sign of "Win32:Agent-AUH [Trj]" has been found in "C:\System Volume Information\_restore{3FA15340-D945-46EC-AE62-1BE78EE6D5ED}\RP371\A0049919.exe\[Upack]\[Embedded#A01]" file.
08/05/2007 17:45:39 Vincent 3780 Sign of "Win32:Agent-AUH [Trj]" has been found in "C:\System Volume Information\_restore{3FA15340-D945-46EC-AE62-1BE78EE6D5ED}\RP371\A0049915.exe\[Upack]\[Embedded#A01]" file.
08/05/2007 17:33:48 Vincent 3780 Sign of "Win32:Agent-AUH [Trj]" has been found in "C:\smss.exe\[Upack]\[Embedded#A01]" file.
08/05/2007 16:56:55 Vincent 3780 Sign of "Win32:Agent-AUH [Trj]" has been found in "C:\Documents and Settings\Vincent\Local Settings\Temporary Internet Files\Content.IE5\KX2V05YR\file[1].exe\[Upack]\[Embedded#A01]" file.
Quelqu'un peut-il m'aider à détecter le problème , par exemple à partir de l'analyse de HijackThis :
Logfile of HijackThis v1.99.1
Scan saved at 10:31:56, on 11/05/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Mes Program Files\Avast4\aswUpdSv.exe
C:\Mes Program Files\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\CTsvcCDA.EXE
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\System32\ezSP_Px.exe
C:\WINDOWS\System32\ICO.EXE
C:\Program Files\Sony\HotKey Utility\HKserv.exe
C:\Program Files\sony\vaio update 2\VAIOUpdt.exe
C:\Program Files\sony\vaio power management\SPMgr.exe
C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
C:\Program Files\Apoint\Apntex.exe
C:\WINDOWS\lsass.exe
D:\Programmes\utilitaires\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\Program Files\Sony\HotKey Utility\HKWnd.exe
C:\MESPRO~1\Avast4\ashDisp.exe
D:\Programmes\utilitaires\ZoneAlarm\zlclient.exe
C:\Program Files\MSN Apps\Updater\01.02.3000.1001\fr\msnappau.exe
C:\Program Files\Messenger\msmsgs.exe
D:\Programmes\utilitaires\Creative\MediaSource\Detector\CTDetect.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Mes Program Files\Avast4\ashWebSv.exe
C:\Mes Program Files\Avast4\ashMaiSv.exe
C:\Mes Program Files\Avast4\ashLogV.exe
C:\Program Files\OrangeBs\TaskBarIcon.exe
C:\Program Files\OrangeBs\BusinessEverywhere.exe
C:\Program Files\OrangeBs\ComComp.exe
C:\Program Files\OrangeBs\Watch.exe
C:\WINDOWS\system32\FTCOMM~1\FTCOMM~1.EXE
C:\Mes Program Files\Avast4\setup\avast.setup
D:\Programmes\utilitaires\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.sony-europe.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\Programmes\utilitaires\Spybot\SDHelper.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [HKSERV.EXE] C:\Program Files\Sony\HotKey Utility\HKserv.exe
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\sony\vaio update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Program Files\sony\vaio power management\SPMgr.exe
O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "D:\Programmes\utilitaires\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [OBSWATCH] C:\PROGRA~1\OrangeBs\Watch.exe
O4 - HKLM\..\Run: [avast!] C:\MESPRO~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Zone Labs Client] D:\Programmes\utilitaires\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [msnappau] "C:\Program Files\MSN Apps\Updater\01.02.3000.1001\fr\msnappau.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Creative Detector] D:\Programmes\utilitaires\Creative\MediaSource\Detector\CTDetect.exe /R
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Assistant d'Acrobat.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Mes Program Files\Office\OSA9.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O14 - IERESET.INF: START_PAGE_URL=http://www.club-vaio.sony-europe.com/
O15 - Trusted Zone: *.sony-europe.com
O15 - Trusted Zone: *.sonystyle-europe.com
O15 - Trusted Zone: *.vaio-link.com
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: partnershipreg - C:\Documents and Settings\All Users\Documents\Settings\partnership.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Mes Program Files\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Mes Program Files\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Mes Program Files\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Mes Program Files\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\Pacsptisvr.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\Sptisrv.exe
O23 - Service: VAIO Media Music Server (VAIOMediaPlatform-MusicServer-AppServer) - Unknown owner - C:\Program Files\sony\vaio media music server\SSSvr.exe" /Service=VAIOMediaPlatform-MusicServer-AppServer /DisplayName="VAIO Media Music Server (file missing)
O23 - Service: VAIO Media Music Server (HTTP) (VAIOMediaPlatform-MusicServer-HTTP) - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\vaio media platform\sv_httpd.exe" /Service=VAIOMediaPlatform-MusicServer-HTTP /RegRoot="Software\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\MusicServer\HTTP (file missing)
O23 - Service: VAIO Media Music Server (UPnP) (VAIOMediaPlatform-MusicServer-UPnP) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\vaio media platform\UPnPFramework.exe
O23 - Service: VAIO Media Photo Server (VAIOMediaPlatform-PhotoServer-AppServer) - Sony Corporation - C:\Program Files\sony\photo server\appsrv\PhotoAppSrv.exe
O23 - Service: VAIO Media Photo Server (HTTP) (VAIOMediaPlatform-PhotoServer-HTTP) - Unknown owner - C:\Program Files\Fichiers communs\sony shared\vaio media platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-PhotoServer-HTTP /RegRoot="Software\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\PhotoServer\HTTP (file missing)
O23 - Service: VAIO Media Photo Server (UPnP) (VAIOMediaPlatform-PhotoServer-UPnP) - Sony Corporation - C:\Program Files\Fichiers communs\sony shared\vaio media platform\UPnPFramework.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: winlogin - Unknown owner - C:\WINDOWS\lsass.exe
A voir également:
- [Virus?] Envoi permanent de mails sur Interne
- Virus mcafee - Accueil - Piratage
- Programmer envoi mail gmail - Guide
- Stockage interne autre - Forum Samsung
- Envoi impossible messenger - Forum Facebook Messenger
- Votre envoi est sur son site de distribution. nous le préparons pour le mettre en livraison ✓ - Forum Consommation & Internet
