[Fermé - doublon] A l'aide

[rennaise]

Bonjour à tous,

J'ai besoin de votre aide URGEMMENT, voici mon problème Avast m'affiche depuis hier de façon intempestive :

"Il y a trop de mails identiques envoyés dans un faible intervalle de temps" avec des mails différents

c'est très embêtant, et je ne sais pas comment m'en débarrasser , à l'aide!

Merci d'avance

[rennaise]

j'ai un scan avec « hijackthis-2.0.2.75917(2).exe », voici le rapport:

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 17:13:04, on 11/01/2010

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Apoint2K\Apoint.exe

C:\WINDOWS\AGRSMMSG.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\Program Files\HP\hpcoretech\hpcmpmgr.exe

C:\WINDOWS\system32\hphmon05.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\QuickTime\qttask.exe

C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe

C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

C:\WINDOWS\system32\rundll32.exe

C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe

C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe

C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\Program Files\Fichiers communs\Teleca Shared\CapabilityManager.exe

C:\Program Files\Hercules\Deluxe Optical Glass\Camservice.exe

C:\Program Files\Apoint2K\Apntex.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\MSN Messenger\MsnMsgr.Exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\Documents and Settings\raissa praho\Mes documents\divers\uTorrent.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\Microsoft Office\Office\1036\OLFSNT40.EXE

C:\WINDOWS\system32\nvsvc32.exe

C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe

c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe

C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe

C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\Program Files\Skype\Plugin Manager\skypePM.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

C:\WINDOWS\system32\wbem\wmiapsrv.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Documents and Settings\raissa praho\Mes documents\Téléchargements\hijackthis-2.0.2.75917(2).exe

C:\DOCUME~1\RAISSA~1\LOCALS~1\Temp\hijackthis-2.0.2.75917.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.ask.com?o=15161&l=dis

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll

O2 - BHO: iGraalBHO - {CF3C5900-BEC0-470E-AEE8-CE277C60667C} - C:\Program Files\iGraal\BHO.dll

O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe

O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [updateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r

O4 - HKLM\..\Run: [HP Component Manager] "c:\Program Files\HP\hpcoretech\hpcmpmgr.exe"

O4 - HKLM\..\Run: [DXDllRegExe] C:\WINDOWS\system32\dxdllreg.exe

O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe

O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\system32\hphmon05.exe

O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start

O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe

O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"

O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent

O4 - HKLM\..\Run: [sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions

O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"

O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup

O4 - HKLM\..\Run: [RavAV] C:\WINDOWS\AdobeR.exe

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [CamserviceDeluxe2] C:\Program Files\Hercules\Deluxe Optical Glass\Camservice.exe /startup

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [backupNotify] C:\Program Files\HP\Digital Imaging\bin\backupnotify.exe

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized

O4 - HKCU\..\Run: [uTorrent] "C:\Documents and Settings\raissa praho\Mes documents\divers\uTorrent.exe"

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE

O4 - Global Startup: Symantec Fax Starter Edition Port.lnk = C:\Program Files\Microsoft Office\Office\1036\OLFSNT40.EXE

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html

O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O12 - Plugin for .cdx: C:\Program Files\Internet Explorer\PLUGINS\Npcdp32.dll

O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=Q304&bd=pavilion&pf=laptop

O16 - DPF: {02AA9E0F-B4EB-4BE9-A769-FD09543FEEC2} (UniInstaller Class) - http://www.abidjan.net/chats/voice/voice-installer.cab

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: Service Google Update (gupdate1ca4e969e2e4998) (gupdate1ca4e969e2e4998) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: MATLAB Server (matlabserver) - Unknown owner - C:\Program Files\MATLAB71\webserver\bin\win32\matlabserver.exe

O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe

 

--

End of file - 11265 bytes

[rennaise]

Salut à tous,

 

Merci Apollo pour ton aide. Je t'ai envoyé un message mais j'ai vu que tu ne voulais pas recevoir de MP, alors je mets le rapport ici

J'ai fait ce que tu m'as conseillé (suppression de ask,...)

Que faire maintenant?

 

############################## | UsbFix V6.073 |

 

User : r p (Administrateurs) # P-R

Update on 09/01/2010 by El Desaparecido , C_XX & Chimay8

Start at: 09:31:01 | 13/01/2010

Website : http://pagesperso-orange.fr/NosTools/index.html

Contact : FindyKill.Contact@gmail.com

 

AMD Athlon XP Processor 2800+

Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 2

Internet Explorer 6.0.2900.2180

Windows Firewall Status : Enabled

AV : avast! antivirus 4.8.1335 [VPS 100112-0] 4.8.1335 [ Enabled | Updated ]

 

C:\ -> Disque fixe local # 37,25 Go (2,72 Go free) # NTFS

D:\ -> Disque CD-ROM # 59,12 Mo (0 Mo free) [WSE-DOG-V2.8.0.0] # CDFS

 

############################## | Processus actifs |

 

C:\WINDOWS\System32\smss.exe 600

C:\WINDOWS\system32\csrss.exe 676

C:\WINDOWS\system32\winlogon.exe 700

C:\WINDOWS\system32\services.exe 744

C:\WINDOWS\system32\lsass.exe 756

C:\WINDOWS\system32\svchost.exe 904

C:\WINDOWS\system32\svchost.exe 960

C:\WINDOWS\System32\svchost.exe 1052

C:\WINDOWS\system32\svchost.exe 1120

C:\WINDOWS\system32\svchost.exe 1300

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe 1564

C:\Program Files\Alwil Software\Avast4\ashServ.exe 1616

C:\WINDOWS\system32\spoolsv.exe 1920

C:\WINDOWS\system32\svchost.exe 256

C:\WINDOWS\system32\svchost.exe 304

C:\Program Files\Java\jre6\bin\jqs.exe 424

C:\WINDOWS\system32\nvsvc32.exe 868

C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe 1352

C:\WINDOWS\system32\svchost.exe 1436

C:\WINDOWS\Explorer.EXE 1472

C:\WINDOWS\system32\wdfmgr.exe 1508

C:\Program Files\Apoint2K\Apoint.exe 468

C:\WINDOWS\AGRSMMSG.exe 1164

C:\Program Files\Java\jre6\bin\jusched.exe 1368

C:\Program Files\HP\hpcoretech\hpcmpmgr.exe 2108

C:\WINDOWS\system32\hphmon05.exe 2124

C:\Program Files\iTunes\iTunesHelper.exe 2144

C:\Program Files\QuickTime\qttask.exe 2156

C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe 2164

C:\Program Files\HP\HP Software Update\HPWuSchd2.exe 2180

C:\WINDOWS\system32\rundll32.exe 2196

C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe 2212

C:\Program Files\Apoint2K\Apntex.exe 2236

C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe 2232

C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe 2276

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe 2320

C:\Program Files\Hercules\Deluxe Optical Glass\Camservice.exe 2352

C:\WINDOWS\system32\ctfmon.exe 2380

C:\Program Files\Messenger\msmsgs.exe 2452

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe 2604

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe 2640

C:\Program Files\Fichiers communs\Teleca Shared\CapabilityManager.exe 2652

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe 2716

C:\Program Files\Skype\Phone\Skype.exe 3096

C:\Documents and Settings\r p\Mes documents\divers\uTorrent.exe 3384

C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe 3624

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe 3644

C:\Program Files\Microsoft Office\Office\1036\OLFSNT40.EXE 3872

C:\Program Files\iPod\bin\iPodService.exe 3896

C:\Program Files\PC Connectivity Solution\ServiceLayer.exe 4060

C:\WINDOWS\System32\alg.exe 456

C:\WINDOWS\system32\wbem\wmiapsrv.exe 1536

C:\WINDOWS\system32\wuauclt.exe 852

C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe 1928

C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe 1688

C:\Program Files\Skype\Plugin Manager\skypePM.exe 1840

C:\Program Files\Google\Chrome\Application\chrome.exe 1828

C:\Program Files\Google\Chrome\Application\chrome.exe 1372

C:\Program Files\Google\Chrome\Application\chrome.exe 3684

C:\WINDOWS\system32\wbem\wmiprvse.exe 3560

 

################## | Elements infectieux |

 

C:\Documents and Settings\r p\RavMonLog

C:\WINDOWS\Temp\sig8D.tmp

C:\DOCUME~1\R~1\LOCALS~1\Temp\uttAE.tmp.exe

D:\autorun.inf

 

################## | Registre |

 

[HKLM\Software\Microsoft\Windows\CurrentVersion\Run] "RavAV"

 

################## | Mountpoints2 |

 

HKCU\..\..\Explorer\MountPoints2\{163cbda8-5898-11dc-bfe1-000fb043edcb}

Shell\Auto\command =

Shell\AutoRun\command =

 

HKCU\..\..\Explorer\MountPoints2\{6dc8c5fd-62f5-11dc-bfe7-000fb043edcb}

Shell\AutoRun\command =E:\LaunchU3.exe -a

 

HKCU\..\..\Explorer\MountPoints2\{6dc8c5ff-62f5-11dc-bfe7-000fb043edcb}

Shell\Auto\command =

Shell\AutoRun\command =

 

HKCU\..\..\Explorer\MountPoints2\{92a939d6-c638-11db-bf72-000fb043edcb}

Shell\Auto\command =

Shell\AutoRun\command =

 

HKCU\..\..\Explorer\MountPoints2\{92a939d7-c638-11db-bf72-000fb043edcb}

Shell\Auto\command =AdobeR.exe e

Shell\AutoRun\command =C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e

 

################## | Cracks > Keygens > Serials |

 

 

################## | ! Fin du rapport # UsbFix V6.073 ! |

[Apollo]

Bonsoir,

 

Reste dans ton sujet initial je te prie sinon celui-ci s'éparpille sur tout le forum.

Il suffira de cliquer sur répondre (entre flash et nouveau).

 

Je t'ai donné la suite à faire ici: http://forum.zebulon.fr/index.php?s=&s...t&p=1455103

 

à la fin du rapport que j'ai recopié.

 

@++

[Mark]

Je ferme donc ce sujet-ci.

 

Bonne continuation (dans l'autre sujet).