Pubs intempestives Gmail Yahoo, viagra etc...

Kotin -  
salwa5 Messages postés 7552 Statut Contributeur -
Salut à tous !

J'ai choppé un truc horrible, ça me lance internet explorer constamment en affichant des pubs style "cheap viagra" avec un faux GMAIL ou un faux YAHOO, ça me ralentit tout, j'arrive pas à trouver la source. j'ai des .exe qui se mettent dans Documents and Settings...Local Settings/Temp (fichiers internet tempo) et que je dois sans arrêt supprimer.

Merci pour vos réponses
Configuration: Windows XP
Firefox 2.0.0.3

6 réponses

  1. salwa5 Messages postés 7552 Statut Contributeur 1 671
     
    bonjour telecharge hijackthis et colle le resultat ici :

    http://www.infos-du-net.com/telecharger/HijackThis.html
    demo :
    http://pageperso.aol.fr/balltrap34/demohijack.htm

    a++++
    0
  2. Kotin
     
    Logfile of Trend Micro HijackThis v2.0.0 (BETA)
    Scan saved at 13:26:08, on 03/04/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\Mixer.exe
    C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\Program Files\Azureus\Azureus.exe
    C:\WINDOWS\system32\taskmgr.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    D:\Mes documents\HiJackThis_v2.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/toolbar/ie8/sidebar.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.fr/?gws_rd=ssl
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/toolbar/ie8/sidebar.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.1.243:80
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
    O4 - HKLM\..\Run: [.nvsvc] C:\WINDOWS\system\smss.exe /w
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-19\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'Default user')
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase8300.cab
    O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
    O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Service de l'iPod (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
    O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
    O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
    O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
    O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe
    0
  3. Kotin
     
    Ne tenez pas compte du précédent log, celui-ci est plus représentatif, on y voit clairement les processus ouverts 17exyp.3.exe et compagnie avec IEXPLORE actif alors que je ne l'ai jamais ouvert.

    Logfile of Trend Micro HijackThis v2.0.0 (BETA)
    Scan saved at 13:41:58, on 03/04/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\Mixer.exe
    C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\Program Files\Azureus\Azureus.exe
    C:\DOCUME~1\Tonio\LOCALS~1\Temp\30exym50_2.6.exe
    C:\DOCUME~1\Tonio\LOCALS~1\Temp\17exyp.3.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    D:\Mes documents\HiJackThis_v2.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/toolbar/ie8/sidebar.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.fr/?gws_rd=ssl
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/toolbar/ie8/sidebar.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.1.243:80
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
    O4 - HKLM\..\Run: [.nvsvc] C:\WINDOWS\system\smss.exe /w
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-19\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'Default user')
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase8300.cab
    O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
    O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Service de l'iPod (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
    O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
    O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
    O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
    O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe
    0
  4. salwa5 Messages postés 7552 Statut Contributeur 1 671
     
    bonjour

    Télécharge SDFix sur ton bureau

    http://downloads.andymanchesta.com/RemovalTools/SDFix.exe

    Double clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau.
    Redémarre ton ordinateur en mode sans échec (redemarrage + tapotte sans arret sur F8 desque l'ordi s'allume)
    Ouvre le dossier SDFix qui vient d'être créé sur le Bureau et double clique sur RunThis.bat pour lancer le script.
    Appuie sur Y pour commencer le processus de nettoyage.
    Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
    Appuie sur une touche pour redémarrer le PC.
    Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
    Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
    Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
    Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.

    Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum, avec un nouveau log Hijackthis !

    a+++
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. Kotin
     
    ========================================
    SDFix: Version 1.76

    Run by Tonio - 03/04/2007 - 16:37:34,86

    Microsoft Windows XP [version 5.1.2600]

    Running From: C:\Documents and Settings\Tonio\Bureau\sdfix\SDFix

    Safe Mode:
    Checking Services:

    Restoring Windows Registry Entries
    Restoring Default Hosts File

    Rebooting...

    Normal Mode:
    Checking Files:

    Below files will be copied to Backups folder then removed:

    C:\DOCUME~1\Tonio\LOCALS~1\Temp\setup.exe - Deleted
    C:\WINDOWS\system\smss.exe - Deleted

    ADS Check:

    C:\WINDOWS\system32
    No streams found.

    Final Check:

    Remaining Services:
    ------------------

    Authorized Application Key Export:

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\\Program Files\\Softros Systems\\Softros Messenger\\Messenger.exe"="C:\\Program Files\\Softros Systems\\Softros Messenger\\Messenger.exe:*:Enabled:Messenger"
    "C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
    "C:\\WINDOWS\\system32\\svchost.exe"="C:\\WINDOWS\\system32\\svchost.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\32exinjs.a2.exe"="C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\32exinjs.a2.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\42exinjs.a2.exe"="C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\42exinjs.a2.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\41exinjs.a2.exe"="C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\41exinjs.a2.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\66exinjs.a2.exe"="C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\66exinjs.a2.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\6exinjs.a2.exe"="C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\6exinjs.a2.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\48exinjs.a2.exe"="C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\48exinjs.a2.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\16exinjs.a2.exe"="C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\16exinjs.a2.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\97exinjs.a2.exe"="C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\97exinjs.a2.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\65exinjs.a2.exe"="C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\65exinjs.a2.exe:*:Enabled:Microsoft Update"
    "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
    "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
    "C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\73exinjs.a2.exe"="C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\73exinjs.a2.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\0exinjs.a2.exe"="C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\0exinjs.a2.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\22exinjs.a2.exe"="C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\22exinjs.a2.exe:*:Enabled:Microsoft Update"
    "C:\\Program Files\\Azureus\\Azureus.exe"="C:\\Program Files\\Azureus\\Azureus.exe:*:Enabled:Azureus"
    "C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\64exed32_2.b.exe"="C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\64exed32_2.b.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\77exinjs.a2.exe"="C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\77exinjs.a2.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\51exinjs.a2.exe"="C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\51exinjs.a2.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\19exinjs.a2.exe"="C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\19exinjs.a2.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\82exinjs.a2.exe"="C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\82exinjs.a2.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\99exinjs.a2.exe"="C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\99exinjs.a2.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\37exinjs.a2.exe"="C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\37exinjs.a2.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\34exinjs.a2.exe"="C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\34exinjs.a2.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\47exinjs.a2.exe"="C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\47exinjs.a2.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\3exinjs.a2.exe"="C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\3exinjs.a2.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\95exinjs.a2.exe"="C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\95exinjs.a2.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\70exinjs.a2.exe"="C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\70exinjs.a2.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\91exinjs.a2.exe"="C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\91exinjs.a2.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\86exinjs.a2.exe"="C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\86exinjs.a2.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\28exinjs.a2.exe"="C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\28exinjs.a2.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\60exinjs.a2.exe"="C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\60exinjs.a2.exe:*:Enabled:Microsoft Update"
    "C:\\Program Files\\K-Lite Codec Pack\\Media Player Classic\\mplayerc.exe"="C:\\Program Files\\K-Lite Codec Pack\\Media Player Classic\\mplayerc.exe:*:Enabled:Media Player Classic"
    "C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\48exed32_2.b.exe"="C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\48exed32_2.b.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\53exinjs.a2.exe"="C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\53exinjs.a2.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\92exinjs.a2.exe"="C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\92exinjs.a2.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\9exinjs.a2.exe"="C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\9exinjs.a2.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\58exinjs.a2.exe"="C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\58exinjs.a2.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\23exinjs.a2.exe"="C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\23exinjs.a2.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\96exinjs.a2.exe"="C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\96exinjs.a2.exe:*:Enabled:Microsoft Update"
    "C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
    "C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\77exinjs.a3.exe"="C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\77exinjs.a3.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\6exinjs.a3.exe"="C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\6exinjs.a3.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\66exinjs.a3.exe"="C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\66exinjs.a3.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\22exinjs.a3.exe"="C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\22exinjs.a3.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\25exinjs.a3.exe"="C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\25exinjs.a3.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\10exinjs.a3.exe"="C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\10exinjs.a3.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\87exinjs.a3.exe"="C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\87exinjs.a3.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\83exinjs.a3.exe"="C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\83exinjs.a3.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\36exinjs.a3.exe"="C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\36exinjs.a3.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\94exinjs.a3.exe"="C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\94exinjs.a3.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\96exinjs.a3.exe"="C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\96exinjs.a3.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\99exinjs.a3.exe"="C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\99exinjs.a3.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\37exinjs.a3.exe"="C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\37exinjs.a3.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\67exinjs.a3.exe"="C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\67exinjs.a3.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\35exinjs.a3.exe"="C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\35exinjs.a3.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\65exinjs.a3.exe"="C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\65exinjs.a3.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\75exinjs.a3.exe"="C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\75exinjs.a3.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\52exinjs.a3.exe"="C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\52exinjs.a3.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\32exinjs.a3.exe"="C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\32exinjs.a3.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\38exinjs.a3.exe"="C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\38exinjs.a3.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\97exinjs.a3.exe"="C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\97exinjs.a3.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\84exinjs.a3.exe"="C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\84exinjs.a3.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\14exinjs.a3.exe"="C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\14exinjs.a3.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\20exinjs.a3.exe"="C:\\DOCUME~1\\Tonio\\LOCALS~1\\Temp\\20exinjs.a3.exe:*:Enabled:Microsoft Update"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
    "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
    "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

    Remaining Files:
    ---------------

    Backups Folder: - C:\DOCUME~1\Tonio\Bureau\sdfix\SDFix\backups\backups.zip

    Checking For Files with Hidden Attributes :

    C:\Program Files\eRightSoft\SUPER\cygwin1.dll
    C:\Program Files\eRightSoft\SUPER\cygz.dll
    C:\Program Files\eRightSoft\SUPER\_Setup.dll
    C:\Program Files\eRightSoft\SUPER\mencoder\14_43260.dll
    C:\Program Files\eRightSoft\SUPER\mencoder\28_83260.dll
    C:\Program Files\eRightSoft\SUPER\mencoder\atrc3260.dll
    C:\Program Files\eRightSoft\SUPER\mencoder\cook3260.dll
    C:\Program Files\eRightSoft\SUPER\mencoder\ddnt3260.dll
    C:\Program Files\eRightSoft\SUPER\mencoder\dnet3260.dll
    C:\Program Files\eRightSoft\SUPER\mencoder\drv13260.dll
    C:\Program Files\eRightSoft\SUPER\mencoder\drv23260.dll
    C:\Program Files\eRightSoft\SUPER\mencoder\drv33260.dll
    C:\Program Files\eRightSoft\SUPER\mencoder\drv43260.dll
    C:\Program Files\eRightSoft\SUPER\mencoder\dspr3260.dll
    C:\Program Files\eRightSoft\SUPER\mencoder\ivvideo.dll
    C:\Program Files\eRightSoft\SUPER\mencoder\qtmlClient.dll
    C:\Program Files\eRightSoft\SUPER\mencoder\raac.dll
    C:\Program Files\eRightSoft\SUPER\mencoder\rnco3260.dll
    C:\Program Files\eRightSoft\SUPER\mencoder\rnlt3260.dll
    C:\Program Files\eRightSoft\SUPER\mencoder\rv103260.dll
    C:\Program Files\eRightSoft\SUPER\mencoder\rv203260.dll
    C:\Program Files\eRightSoft\SUPER\mencoder\rv303260.dll
    C:\Program Files\eRightSoft\SUPER\mencoder\rv403260.dll
    C:\Program Files\eRightSoft\SUPER\mencoder\sipr3260.dll
    C:\Program Files\eRightSoft\SUPER\mencoder\tokr3260.dll
    C:\WINDOWS\system32\flvDX.dll
    C:\Program Files\eRightSoft\SUPER\Setup.exe
    C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp

    Finished
    ===========================================

    Logfile of Trend Micro HijackThis v2.0.0 (BETA)
    Scan saved at 16:48:49, on 03/04/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\Mixer.exe
    C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    D:\Mes documents\HiJackThis_v2.exe
    C:\WINDOWS\system32\NOTEPAD.EXE

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/toolbar/ie8/sidebar.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.fr/?gws_rd=ssl
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/toolbar/ie8/sidebar.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.1.243:80
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-19\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'Default user')
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase8300.cab
    O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
    O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Service de l'iPod (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
    O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
    O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
    O23 - Service: Telnet (TlntSvr) - Unknown owner - C:\WINDOWS\system32\tlntsvr.exe
    O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
    O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe
    0
  7. salwa5 Messages postés 7552 Statut Contributeur 1 671
     
    bonjour telecharge et executes

    AVG anti spyware
    https://www.01net.com/telecharger/

    (n'oublie pas de le mettre a jour avant de lancer le scan)

    Relance AVG AS puis choisis l'onglet "Analyse"
    Puis l'onglet "Paramètres"
    Sous la question "Comment réagir ?", clique sur "Actions recommandées" et choisis "Quarantaine"
    Re-clique sur l'onglet "Analyse" puis réalise une "Analyse complète du système"

    /!\ Si un fichier est infecté en fin d'analyse /!\
    Clique sur "Appliquer toutes les actions "

    Clique sur "Enregistrer le rapport" puis sur "Enregistrer le rapport sous"
    Enregistre ce fichier texte sur ton bureau ensuite colle le raport ici

    supprime les fichiers inutiles (fichiers temporaire , cookies .. ect avec ceci

    Ccleaner
    https://www.malekal.com/tutoriel-ccleaner/

    a+++++++
    0