[aide] probleme avast message suspect !!!!
Forum Sécurité - Virus : [aide] probleme avast message suspect !!!!
salut voila Avast me signale un avertissement : " MESSAGE SUSPECT : il y a trop de mails identiques dans un faible intervalle"
Avast me propose de "continuer" ou "ne pas envoyer".
Un peu novice, je suis très perplexe...Qui peut m'aider?
Merci de votre aide.
j'ai fait un rapport avec HijackThis.
Logfile of HijackThis v1.99.1
Scan saved at 00:25:28, on 09/12/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\spoolsv.exe
d:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
d:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\System32\GEARSec.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\system32\WgaTray.exe
d:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\Explorer.EXE
d:\Program Files\Alwil Software\Avast4\ashWebSv.exe
D:\Program Files\clavier logitech\iTouch\iTouch.exe
D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\CursorXP\CursorXP.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe
C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe
C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe
C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe
C:\Program Files\Mozilla Firefox\firefox.exe
d:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\David\LOCALS~1\Temp\Rar$EX00.563\HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - d:\program files\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O2 - BHO: CoTGT_BHO Class - {C333CF63-767F-4831-94AC-E683D962C63C} - C:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [CTStartup] "C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE" /run
O4 - HKLM\..\Run: [zBrowser Launcher] D:\Program Files\clavier logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [avast!] d:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [.nvsvc] C:\WINDOWS\system\smss.exe /w
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\RunOnce: [VcClnUp.exe] C:\DOCUME~1\David\LOCALS~1\Temp\VcClnUp0.exe -F C:\PROGRA~1\FICHIE~1\SYMANT~1\LiveReg /RemoveAll
O4 - HKCU\..\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
O4 - Startup: Yahoo! Widget Engine.lnk = C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activ [...] asinst.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/bina [...] b47946.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O18 - Protocol: bw+0 - {4384C36B-9B4C-4942-85EC-87805DA7774D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {4384C36B-9B4C-4942-85EC-87805DA7774D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {4384C36B-9B4C-4942-85EC-87805DA7774D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {4384C36B-9B4C-4942-85EC-87805DA7774D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {4384C36B-9B4C-4942-85EC-87805DA7774D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {4384C36B-9B4C-4942-85EC-87805DA7774D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {4384C36B-9B4C-4942-85EC-87805DA7774D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {4384C36B-9B4C-4942-85EC-87805DA7774D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {4384C36B-9B4C-4942-85EC-87805DA7774D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {4384C36B-9B4C-4942-85EC-87805DA7774D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {4384C36B-9B4C-4942-85EC-87805DA7774D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {4384C36B-9B4C-4942-85EC-87805DA7774D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {4384C36B-9B4C-4942-85EC-87805DA7774D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {4384C36B-9B4C-4942-85EC-87805DA7774D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {4384C36B-9B4C-4942-85EC-87805DA7774D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {4384C36B-9B4C-4942-85EC-87805DA7774D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {4384C36B-9B4C-4942-85EC-87805DA7774D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {4384C36B-9B4C-4942-85EC-87805DA7774D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {4384C36B-9B4C-4942-85EC-87805DA7774D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {4384C36B-9B4C-4942-85EC-87805DA7774D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {4384C36B-9B4C-4942-85EC-87805DA7774D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {4384C36B-9B4C-4942-85EC-87805DA7774D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {4384C36B-9B4C-4942-85EC-87805DA7774D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {4384C36B-9B4C-4942-85EC-87805DA7774D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {4384C36B-9B4C-4942-85EC-87805DA7774D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {4384C36B-9B4C-4942-85EC-87805DA7774D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {4384C36B-9B4C-4942-85EC-87805DA7774D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {4384C36B-9B4C-4942-85EC-87805DA7774D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {4384C36B-9B4C-4942-85EC-87805DA7774D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {4384C36B-9B4C-4942-85EC-87805DA7774D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {4384C36B-9B4C-4942-85EC-87805DA7774D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {4384C36B-9B4C-4942-85EC-87805DA7774D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {4384C36B-9B4C-4942-85EC-87805DA7774D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {4384C36B-9B4C-4942-85EC-87805DA7774D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {4384C36B-9B4C-4942-85EC-87805DA7774D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {4384C36B-9B4C-4942-85EC-87805DA7774D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {4384C36B-9B4C-4942-85EC-87805DA7774D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {4384C36B-9B4C-4942-85EC-87805DA7774D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {4384C36B-9B4C-4942-85EC-87805DA7774D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {4384C36B-9B4C-4942-85EC-87805DA7774D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {4384C36B-9B4C-4942-85EC-87805DA7774D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {4384C36B-9B4C-4942-85EC-87805DA7774D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {4384C36B-9B4C-4942-85EC-87805DA7774D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {4384C36B-9B4C-4942-85EC-87805DA7774D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {4384C36B-9B4C-4942-85EC-87805DA7774D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {4384C36B-9B4C-4942-85EC-87805DA7774D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {4384C36B-9B4C-4942-85EC-87805DA7774D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {4384C36B-9B4C-4942-85EC-87805DA7774D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {4384C36B-9B4C-4942-85EC-87805DA7774D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {4384C36B-9B4C-4942-85EC-87805DA7774D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {4384C36B-9B4C-4942-85EC-87805DA7774D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {4384C36B-9B4C-4942-85EC-87805DA7774D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {4384C36B-9B4C-4942-85EC-87805DA7774D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {4384C36B-9B4C-4942-85EC-87805DA7774D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {4384C36B-9B4C-4942-85EC-87805DA7774D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {4384C36B-9B4C-4942-85EC-87805DA7774D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {4384C36B-9B4C-4942-85EC-87805DA7774D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {4384C36B-9B4C-4942-85EC-87805DA7774D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {4384C36B-9B4C-4942-85EC-87805DA7774D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {4384C36B-9B4C-4942-85EC-87805DA7774D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {4384C36B-9B4C-4942-85EC-87805DA7774D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {4384C36B-9B4C-4942-85EC-87805DA7774D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {4384C36B-9B4C-4942-85EC-87805DA7774D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {4384C36B-9B4C-4942-85EC-87805DA7774D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {4384C36B-9B4C-4942-85EC-87805DA7774D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {4384C36B-9B4C-4942-85EC-87805DA7774D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {4384C36B-9B4C-4942-85EC-87805DA7774D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {4384C36B-9B4C-4942-85EC-87805DA7774D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {4384C36B-9B4C-4942-85EC-87805DA7774D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {4384C36B-9B4C-4942-85EC-87805DA7774D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {4384C36B-9B4C-4942-85EC-87805DA7774D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {4384C36B-9B4C-4942-85EC-87805DA7774D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {4384C36B-9B4C-4942-85EC-87805DA7774D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {4384C36B-9B4C-4942-85EC-87805DA7774D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {4384C36B-9B4C-4942-85EC-87805DA7774D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {4384C36B-9B4C-4942-85EC-87805DA7774D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {4384C36B-9B4C-4942-85EC-87805DA7774D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - d:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - d:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - d:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - d:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SiSoftware Database Agent Service (SandraDataSrv) - SiSoftware - d:\Program Files\SiSoftware\SiSoftware Sandra Lite XIb\Win32\RpcDataSrv.exe
O23 - Service: SiSoftware Sandra Agent Service (SandraTheSrv) - SiSoftware - d:\Program Files\SiSoftware\SiSoftware Sandra Lite XIb\RpcSandraSrv.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
dsl pour l'attente !!!
voici le rapport de sdfix
SDFix: Version 1.46
****************
14/12/2006 - 20:27:20,09
Microsoft Windows XP [version 5.1.2600]
Running From: C:\SDFix
Stage One - Safe Mode
Checking For Trojan Services...
Service Name:
File Path:
Starting Registry Repairs...
Restoring Default Hosts File...
Stage One Complete
Rebooting...
Stage Two - Normal Mode
Checking For Malware:
--------------------
C:\WINDOWS\system\smss.exe
Backing Up and Removing any Files Found...
Final Check:
Services:
---------
Authorized Applications Key Export:
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\\Program Files\\age3.exe"="D:\\Program Files\\age3.exe:*:Enabled:Age of Empires 3"
"D:\\jeux\\age3.exe"="D:\\jeux\\age3.exe:*:Enabled:Age of Empires 3"
"F:\\eMule\\emule.exe"="F:\\eMule\\emule.exe:*:Enabled:eMule"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:MSN Messenger 7.5"
"D:\\Program Files\\Microsoft Games\\Age of Empires III\\age3.exe"="D:\\Program Files\\Microsoft Games\\Age of Empires III\\age3.exe:*:Enabled:Age of Empires 3"
"C:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"="C:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe:*:Enabled:Assistance à distance - Windows Messenger et voix"
"C:\\Program Files\\Microsoft ActiveSync\\WCESCOMM.EXE"="C:\\Program Files\\Microsoft ActiveSync\\WCESCOMM.EXE:*:Enabled:Connection Manager"
"C:\\Program Files\\Microsoft ActiveSync\\WCESMGR.EXE"="C:\\Program Files\\Microsoft ActiveSync\\WCESMGR.EXE:*:Enabled:ActiveSync Application"
"C:\\Documents and Settings\\David\\Bureau\\WOW-Ex_French-downloader.exe"="C:\\Documents and Settings\\David\\Bureau\\WOW-Ex_French-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\\Documents and Settings\\David\\Bureau\\WoW-Intro-frFR-downloader.exe"="C:\\Documents and Settings\\David\\Bureau\\WoW-Intro-frFR-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\\Documents and Settings\\David\\Bureau\\WoW-Onyxia-enGB-downloader.exe"="C:\\Documents and Settings\\David\\Bureau\\WoW-Onyxia-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\\Documents and Settings\\David\\Bureau\\Nefarian_FR-downloader.exe"="C:\\Documents and Settings\\David\\Bureau\\Nefarian_FR-downloader.exe:*:Enabled:Blizzard Downloader"
"D:\\Program Files\\KONAMI\\Pro Evolution Soccer 5\\PES5.exe"="D:\\Program Files\\KONAMI\\Pro Evolution Soccer 5\\PES5.exe:*:Enabled
es5.exe"
"C:\\WINDOWS\\system32\\svchost.exe"="C:\\WINDOWS\\system32\\svchost.exe:*:Enabled:Microsoft Update"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"D:\\Program Files\\GameSpy Arcade\\Aphex.exe"="D:\\Program Files\\GameSpy Arcade\\Aphex.exe:*:Enabled:GameSpy Arcade"
"D:\\Program Files\\TrackMania Nations ESWC Special Edition\\TmNationsESWC.exe"="D:\\Program Files\\TrackMania Nations ESWC Special Edition\\TmNationsESWC.exe:*:Enabled:TmNationsESWC"
"C:\\Documents and Settings\\David\\Bureau\\EPL_Trailer_frFR.avi-downloader.exe"="C:\\Documents and Settings\\David\\Bureau\\EPL_Trailer_frFR.avi-downloader.exe:*:Enabled:Blizzard Downloader"
"D:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite XIb\\RpcSandraSrv.exe"="D:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite XIb\\RpcSandraSrv.exe:*:Enabled:SiSoftware Sandra Agent Service"
"D:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite XIb\\Win32\\RpcDataSrv.exe"="D:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite XIb\\Win32\\RpcDataSrv.exe:*:Enabled:SiSoftware Database Agent Service"
"C:\\DOCUME~1\\David\\LOCALS~1\\Temp\\16exmodul32f.d.exe"="C:\\DOCUME~1\\David\\LOCALS~1\\Temp\\16exmodul32f.d.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\David\\LOCALS~1\\Temp\\82exmodul32f.d.exe"="C:\\DOCUME~1\\David\\LOCALS~1\\Temp\\82exmodul32f.d.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\David\\LOCALS~1\\Temp\\76exmodul32f.d.exe"="C:\\DOCUME~1\\David\\LOCALS~1\\Temp\\76exmodul32f.d.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\David\\LOCALS~1\\Temp\\30exmodul32f.d.exe"="C:\\DOCUME~1\\David\\LOCALS~1\\Temp\\30exmodul32f.d.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\David\\LOCALS~1\\Temp\\39exmodul32f.i.exe"="C:\\DOCUME~1\\David\\LOCALS~1\\Temp\\39exmodul32f.i.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\David\\LOCALS~1\\Temp\\58exmodul32f.i.exe"="C:\\DOCUME~1\\David\\LOCALS~1\\Temp\\58exmodul32f.i.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\David\\LOCALS~1\\Temp\\92exmodul32f.i.exe"="C:\\DOCUME~1\\David\\LOCALS~1\\Temp\\92exmodul32f.i.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\David\\LOCALS~1\\Temp\\75exmodul32f.i.exe"="C:\\DOCUME~1\\David\\LOCALS~1\\Temp\\75exmodul32f.i.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\David\\LOCALS~1\\Temp\\65exmodul32f.i.exe"="C:\\DOCUME~1\\David\\LOCALS~1\\Temp\\65exmodul32f.i.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\David\\LOCALS~1\\Temp\\93exmodul32f.i.exe"="C:\\DOCUME~1\\David\\LOCALS~1\\Temp\\93exmodul32f.i.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\David\\LOCALS~1\\Temp\\16exmodul32f.i.exe"="C:\\DOCUME~1\\David\\LOCALS~1\\Temp\\16exmodul32f.i.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\David\\LOCALS~1\\Temp\\32exmodul32f.i.exe"="C:\\DOCUME~1\\David\\LOCALS~1\\Temp\\32exmodul32f.i.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\David\\LOCALS~1\\Temp\\36exmodul32f.i.exe"="C:\\DOCUME~1\\David\\LOCALS~1\\Temp\\36exmodul32f.i.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\David\\LOCALS~1\\Temp\\46exmodul32f.i.exe"="C:\\DOCUME~1\\David\\LOCALS~1\\Temp\\46exmodul32f.i.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\David\\LOCALS~1\\Temp\\19exmodul32f.i.exe"="C:\\DOCUME~1\\David\\LOCALS~1\\Temp\\19exmodul32f.i.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\David\\LOCALS~1\\Temp\\71exmodul32f.i.exe"="C:\\DOCUME~1\\David\\LOCALS~1\\Temp\\71exmodul32f.i.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\David\\LOCALS~1\\Temp\\38exmodul32f.i.exe"="C:\\DOCUME~1\\David\\LOCALS~1\\Temp\\38exmodul32f.i.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\David\\LOCALS~1\\Temp\\51exmodul32f.i.exe"="C:\\DOCUME~1\\David\\LOCALS~1\\Temp\\51exmodul32f.i.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\David\\LOCALS~1\\Temp\\24exmodul32f.i.exe"="C:\\DOCUME~1\\David\\LOCALS~1\\Temp\\24exmodul32f.i.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\David\\LOCALS~1\\Temp\\70exmodul32f.i.exe"="C:\\DOCUME~1\\David\\LOCALS~1\\Temp\\70exmodul32f.i.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\David\\LOCALS~1\\Temp\\60exmodul32f.i.exe"="C:\\DOCUME~1\\David\\LOCALS~1\\Temp\\60exmodul32f.i.exe:*:Enabled:Microsoft Update"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:MSN Messenger 7.5"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
Files:
------
Backups Folder: - C:\SDFix\backups\backups.zip
Checking for files with Hidden Attributes:
C:\WINDOWS\system32\cdplayer.exe.manifest
C:\WINDOWS\system32\logonui.exe.manifest
C:\IO.SYS
C:\MSDOS.SYS
C:\pagefile.sys
FINISHED!
Message édité par razerr le 14-12-2006 à 20:34:25
