Sujet Précédent Sujet Suivant

Multiples spywares attaques

Fermé
memenflo Messages postés 2 Date d'inscription lundi 7 avril 2008 Statut Membre Dernière intervention 7 avril 2008 - 7 avril 2008 à 09:21
 memenflo - 7 avril 2008 à 10:22
Bonjour,

Je suis sur xp pro et internet explorer 6.

Depuis plusieurs jours j'ai des fenetres qui s'affichent pour me signaler un problème de sécurité sur mon ordi.
L'ordi tourne au ralenti également.
Spybot a détecté trojandownloader.xs, 2020search,180solutions et d'autres choses encore.

Je n'arrive bien sur pas à les supprimer c'est pour cela que je demande de l'aide sur ce forum.

Pourriez vous s'il vous plait m'aider à résoudre ces problèmes?

Florent.

4 réponses

Réponse 1 / 4
YoungLord Messages postés 62 Date d'inscription vendredi 14 septembre 2007 Statut Membre Dernière intervention 11 décembre 2015 10
7 avril 2008 à 09:31
Salut!

Telecharge HijackThis
https://www.01net.com/telecharger/windows/Securite/anti-spyware/fiches/29061.html

Ensuite lance le et va sur do a scan and save logfile
un fichier texte s'ouvre copie le tout et colle le sur un post.
0
Réponse 2 / 4
memenflo Messages postés 2 Date d'inscription lundi 7 avril 2008 Statut Membre Dernière intervention 7 avril 2008
7 avril 2008 à 09:37
Bonjour Younglord,
merci de t'intéresser à mon problème c'est super.
voici le rapport


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:30:12, on 07/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wmsdkns.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\neuf telecom\neuf Box\Wizard\QuickAccess.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\FlashGet\flashget.exe
C:\WINDOWS\system32\wuauclt.exe
C:\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\wmsdkns.exe,
O2 - BHO: (no name) - {00000250-0320-4dd4-be4f-7566d2314352} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {13197ace-6851-45c3-a7ff-c281324d5489} - (no file)
O2 - BHO: (no name) - {15651c7c-e812-44a2-a9ac-b467a2233e7d} - (no file)
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: (no name) - {4e1075f4-eec4-4a86-add7-cd5f52858c31} - (no file)
O2 - BHO: (no name) - {4e7bd74f-2b8d-469e-92c6-ce7eb590a94d} - (no file)
O2 - BHO: (no name) - {5929cd6e-2062-44a4-b2c5-2c7e78fbab38} - (no file)
O2 - BHO: (no name) - {5dafd089-24b1-4c5e-bd42-8ca72550717b} - (no file)
O2 - BHO: (no name) - {5fa6752a-c4a0-4222-88c2-928ae5ab4966} - (no file)
O2 - BHO: (no name) - {622cc208-b014-4fe0-801b-874a5e5e403a} - (no file)
O2 - BHO: (no name) - {8674aea0-9d3d-11d9-99dc-00600f9a01f1} - (no file)
O2 - BHO: (no name) - {965a592f-8efa-4250-8630-7960230792f1} - (no file)
O2 - BHO: (no name) - {9c5b2f29-1f46-4639-a6b4-828942301d3e} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: (no name) - {cf021f40-3e14-23a5-cba2-717765728274} - (no file)
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O2 - BHO: (no name) - {fc3a74e5-f281-4f10-ae1e-733078684f3c} - (no file)
O2 - BHO: (no name) - {ffff0001-0002-101a-a3c9-08002b2f49fb} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [Configuration de la neuf Box] C:\Program Files\neuf telecom\neuf Box\Wizard\QuickAccess.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Bat - Auto Update.lnk = C:\Program Files\Bat\Bat.exe
O8 - Extra context menu item: &Tout télécharger avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
0
Réponse 3 / 4
YoungLord Messages postés 62 Date d'inscription vendredi 14 septembre 2007 Statut Membre Dernière intervention 11 décembre 2015 10
7 avril 2008 à 10:02
Relance Hijack cette fois-ci tu fais Do a Scan only
Coche les 2 lignes suivantes et fait Fix It

O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - Startup: Bat - Auto Update.lnk = C:\Program Files\Bat\Bat.exe

Ensuite Telecharge et utilise Ccleaner
https://www.clubic.com/telecharger-fiche14492-ccleaner.html
N'installe pas l'option Yahoo Toolbar!
Une fois installé fait Analyse puis lancer le nettoyage
ensuite va dans l'onglet Registre puis clique sur chercher les erreurs une fois l'analyse établi clique sur Reparer les erreurs selectionnés.

Enregistre le rapport et envoi le sur un post envoi aussi un nouveau rapport Hijackthis (voir mon premier post)
0
Réponse 4 / 4
memenflo
7 avril 2008 à 10:22
ok younglord, voici le rapport de ccleaner et de hijackthis


Windows Registry Editor Version 5.00


[HKEY_CLASSES_ROOT\.vqf]
@=""

[HKEY_CLASSES_ROOT\.wave]
@=""

[HKEY_CLASSES_ROOT\OISbmpfile]
@=""

[HKEY_CLASSES_ROOT\OISemffile]
@=""

[HKEY_CLASSES_ROOT\OISgiffile]
@=""

[HKEY_CLASSES_ROOT\OISjpegfile]
@=""

[HKEY_CLASSES_ROOT\OISpngfile]
@=""

[HKEY_CLASSES_ROOT\OIStiffile]
@=""

[HKEY_CLASSES_ROOT\OISwmffile]
@=""

[HKEY_CLASSES_ROOT\SysmonLogManager.Snapin]

[HKEY_CLASSES_ROOT\WMPCD]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BUP]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BUP\OpenWithList]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.docx]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.docx\OpenWithList]
"a"="iexplore.exe"
"MRUList"="a"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.THM]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.THM\OpenWithList]

[HKEY_CLASSES_ROOT\acrobat\DefaultIcon]
@="C:\\Program Files\\Adobe\\Reader 8.0\\Acrobat\\AcroRd32.exe"

[HKEY_CLASSES_ROOT\ADCS]
@="Conteneur de classe Annuaire"

[HKEY_CLASSES_ROOT\ADCS\CLSID]
@="{89E30300-764D-11d0-B282-00A0C90F56FC}"

[HKEY_CLASSES_ROOT\Connection Manager Profile\DefaultIcon]
@="C:\\WINDOWS\\system32\\CMMGR32.EXE,1"

[HKEY_CLASSES_ROOT\Connection Manager Profile\shell\open]

[HKEY_CLASSES_ROOT\Connection Manager Profile\shell\open\command]
@="C:\\WINDOWS\\system32\\CMMGR32.EXE \"%1\""

[HKEY_CLASSES_ROOT\Connection Manager Profile\shell\Settings...]

[HKEY_CLASSES_ROOT\Connection Manager Profile\shell\Settings...\command]
@="C:\\WINDOWS\\system32\\CMMGR32.EXE /settings \"%1\""

[HKEY_CLASSES_ROOT\dcsfile\DefaultIcon]
@="C:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,11"

[HKEY_CLASSES_ROOT\ecsfile\DefaultIcon]
@="C:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,10"

[HKEY_CLASSES_ROOT\fcsfile\DefaultIcon]
@="C:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,12"

[HKEY_CLASSES_ROOT\MailFileAtt]
@=""

[HKEY_CLASSES_ROOT\MailFileAtt\CLSID]
@="{00020D05-0000-0000-C000-000000000046}"

[HKEY_CLASSES_ROOT\mapifvbx.object]
@="MAPIForm object"

[HKEY_CLASSES_ROOT\mapifvbx.object\Clsid]
@="{41116C00-8B90-101B-96CD-00AA003B14FC}"

[HKEY_CLASSES_ROOT\mapifvbx.object.1]
@="MAPIForm object (V 1.0)"

[HKEY_CLASSES_ROOT\mapifvbx.object.1\Clsid]
@="{41116C00-8B90-101B-96CD-00AA003B14FC}"

[HKEY_CLASSES_ROOT\ncsfile\DefaultIcon]
@="C:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,14"

[HKEY_CLASSES_ROOT\tcsfile\DefaultIcon]
@="C:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,13"

[HKEY_CLASSES_ROOT\urn:content-classes:catalog\DefaultIcon]
@="C:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,15"

[HKEY_CLASSES_ROOT\urn:content-classes:catalog-settings\DefaultIcon]
@="C:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,-12471"

[HKEY_CLASSES_ROOT\urn:content-classes:contentclassdef\DefaultIcon]
@="C:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,-13101"

[HKEY_CLASSES_ROOT\urn:content-classes:exchange55startaddress\DefaultIcon]
@="C:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,-12451"

[HKEY_CLASSES_ROOT\urn:content-classes:exchangestartaddress\DefaultIcon]
@="C:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,-12451"

[HKEY_CLASSES_ROOT\urn:content-classes:filestartaddress\DefaultIcon]
@="C:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,-12453"

[HKEY_CLASSES_ROOT\urn:content-classes:management\DefaultIcon]
@="C:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,20"

[HKEY_CLASSES_ROOT\urn:content-classes:notesstartaddress\DefaultIcon]
@="C:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,-12456"

[HKEY_CLASSES_ROOT\urn:content-classes:remoteworkspacestartaddress\DefaultIcon]
@="C:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,-12454"

[HKEY_CLASSES_ROOT\urn:content-classes:webstartaddress\DefaultIcon]
@="C:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,-12450"

[HKEY_CLASSES_ROOT\urn:content-classes:wizard/addcontentclass\DefaultIcon]
@="C:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,-13100"

[HKEY_CLASSES_ROOT\urn:content-classes:wizard/addsearchcontentlocation\DefaultIcon]
@="C:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,-12461"

[HKEY_CLASSES_ROOT\urn:content-classes:workspace-settings\DefaultIcon]
@="C:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,-12472"

[HKEY_CLASSES_ROOT\urn:content-classes:workspaceconfiguration\DefaultIcon]
@="C:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,-12476"

[HKEY_CLASSES_ROOT\urn:content-classes:workspacestartaddress\DefaultIcon]
@="C:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,-12454"

[HKEY_CLASSES_ROOT\wcsfile\DefaultIcon]
@="C:\\Program Files\\Fichiers communs\\Microsoft Shared\\Web Folders\\pkmres.dll,9"

[HKEY_CLASSES_ROOT\CLSID\{06DD38D3-D187-11CF-A80D-00C04FD74AD8}]
@="ActiveXPlugin Object"

[HKEY_CLASSES_ROOT\CLSID\{06DD38D3-D187-11CF-A80D-00C04FD74AD8}\Control]

[HKEY_CLASSES_ROOT\CLSID\{06DD38D3-D187-11CF-A80D-00C04FD74AD8}\Implemented Categories]

[HKEY_CLASSES_ROOT\CLSID\{06DD38D3-D187-11CF-A80D-00C04FD74AD8}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}]

[HKEY_CLASSES_ROOT\CLSID\{06DD38D3-D187-11CF-A80D-00C04FD74AD8}\Implemented Categories\{7DD95802-9882-11CF-9FA9-00AA006C42C4}]

[HKEY_CLASSES_ROOT\CLSID\{06DD38D3-D187-11CF-A80D-00C04FD74AD8}\InprocServer32]
@="C:\\WINDOWS\\system32\\plugin.ocx"
"ThreadingModel"="Apartment"

[HKEY_CLASSES_ROOT\CLSID\{06DD38D3-D187-11CF-A80D-00C04FD74AD8}\MiscStatus]
@="0"

[HKEY_CLASSES_ROOT\CLSID\{06DD38D3-D187-11CF-A80D-00C04FD74AD8}\MiscStatus\1]
@="131473"

[HKEY_CLASSES_ROOT\CLSID\{06DD38D3-D187-11CF-A80D-00C04FD74AD8}\ProgID]
@="Microsoft.ActiveXPlugin.1"

[HKEY_CLASSES_ROOT\CLSID\{06DD38D3-D187-11CF-A80D-00C04FD74AD8}\ToolboxBitmap32]
@="C:\\WINDOWS\\system32\\plugin.ocx, 1"

[HKEY_CLASSES_ROOT\CLSID\{06DD38D3-D187-11CF-A80D-00C04FD74AD8}\TypeLib]
@="{06DD38D0-D187-11CF-A80D-00C04FD74AD8}"

[HKEY_CLASSES_ROOT\CLSID\{06DD38D3-D187-11CF-A80D-00C04FD74AD8}\Version]
@="1.0"

[HKEY_CLASSES_ROOT\CLSID\{06DD38D3-D187-11CF-A80D-00C04FD74AD8}\VersionIndependentProgID]
@="Microsoft.ActiveXPlugin"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Paths\cmmgr32.exe]
@="C:\\WINDOWS\\system32\\cmmgr32.exe"
"Path"="C:\\WINDOWS\\system32"
"CmstpExtensionDll"="C:\\WINDOWS\\system32\\cmcfg32.dll"
"CMInternalVersion"="1.2"
"CmNative"=dword:00000001
"ProfilesUpgraded"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Paths\HydraVision]
"Path"="C:\\Program Files\\ATI Technologies\\ATI HydraVision"
@="C:\\Program Files\\ATI Technologies\\ATI HydraVision\\HydraVision"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Paths\setup.exe]
"RunAsOnNonAdminInstall"=dword:00000001
"BlockOnTSNonInstallMode"=dword:00000001
"Path"="C:\\Program Files\\ATI Technologies\\ATI Control Panel"
@="C:\\Program Files\\ATI Technologies\\ATI Control Panel\\setup.exe"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Paths\YourApp.exe]
"Path"="C:\\Program Files\\neuf telecom\\neuf Box"
@="C:\\Program Files\\neuf telecom\\neuf Box\\YourApp.exe"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Help]
"scanpst.hlp"="C:\\Program Files\\Fichiers communs\\SYSTEM\\MSMAPI\\1036\\"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\KB942615-IE7]
"SlowInfoCache"=hex:28,02,00,00,00,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,\
00,00,00,00,00,ff,ff,ff,ff,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00
"Changed"=dword:00000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\KB944533-IE7]
"SlowInfoCache"=hex:28,02,00,00,00,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,\
00,00,00,00,00,ff,ff,ff,ff,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00
"Changed"=dword:00000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\WgaNotify]
"SlowInfoCache"=hex:28,02,00,00,00,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,\
00,00,00,00,00,ff,ff,ff,ff,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00
"Changed"=dword:00000000

[HKEY_LOCAL_MACHINE\Software\lameme]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\\DOCUME~1\\ADMINI~1\\LOCALS~1\\Temp\\Step 2 (create serial).exe"="Win32 Cabinet Self-Extractor "

[HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\\DOCUME~1\\ADMINI~1\\LOCALS~1\\Temp\\gun8.14.exe"="gun8.14"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\\DOCUME~1\\ADMINI~1\\LOCALS~1\\Temp\\Step 3 (change serial).exe"="Step 3 (change serial)"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\\DOCUME~1\\ADMINI~1\\LOCALS~1\\Temp\\RarSFX0\\officekey.exe"="officekey"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\\RECYCLER\\rundll32.exe"="rundll32"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\\WINDOWS\\system32\\svehost.exe"="svehost"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\\DOCUME~1\\ADMINI~1\\LOCALS~1\\Temp\\Step 4 (verify).exe"="Step 4 (verify)"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\\DOCUME~1\\ADMINI~1\\LOCALS~1\\Temp\\IXP000.TMP\\STEP2(~1.EXE"="MSKey Microsoft 基础类应用程序"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\\DOCUME~1\\ADMINI~1\\LOCALS~1\\Temp\\RarSFX1\\findkey.exe"="findkey"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\\DOCUME~1\\ADMINI~1\\LOCALS~1\\Temp\\RarSFX1\\xpkey.exe"="xpkey"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\\DOCUME~1\\ADMINI~1\\LOCALS~1\\Temp\\RarSFX1\\officekey.exe"="officekey"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\\DOCUME~1\\ADMINI~1\\LOCALS~1\\Temp\\is-5A417.tmp\\is-I6ELQ.tmp"="Setup/Uninstall"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\\DOCUME~1\\ADMINI~1\\LOCALS~1\\Temp\\ARC12\\Step 4 (verify).exe"="Win32 Cabinet Self-Extractor "

[HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\\DOCUME~1\\ADMINI~1\\LOCALS~1\\Temp\\SETUP_39336\\Engine.exe"="Setup/UnInstall Engine"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\\DOCUME~1\\ADMINI~1\\LOCALS~1\\Temp\\syswcc32.exe"="syswcc32"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\\DOCUME~1\\ADMINI~1\\LOCALS~1\\Temp\\ARC13\\Step 2 (create serial).exe"="Win32 Cabinet Self-Extractor "

[HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\\DOCUME~1\\ADMINI~1\\LOCALS~1\\Temp\\IXP002.TMP\\STEP2(~1.EXE"="MSKey Microsoft 基础类应用程序"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\\Program Files\\Bat\\Bat.exe"="Bat"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\\DOCUME~1\\ADMINI~1\\LOCALS~1\\Temp\\is-MP4O7.tmp\\sdsetup.tmp"="Setup/Uninstall"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\\Program Files\\Spyware Doctor\\Update.exe"="PC Tools Smart Update"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\\Program Files\\Spyware Doctor\\pctsGui.exe"="PC Tools GUI Application"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\\Program Files\\Spyware Doctor\\Patch.exe"="Patch"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\\Program Files\\Spyware Doctor\\pctsTray.exe"="PC Tools Tray Application"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\\Program Files\\Spyware Doctor\\unins000.exe"="Setup/Uninstall"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\\DOCUME~1\\ADMINI~1\\LOCALS~1\\Temp\\_iu14D2N.tmp"="Setup/Uninstall"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\\DOCUME~1\\ADMINI~1\\LOCALS~1\\Temp\\IXP000.TMP\\main.exe"="main"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\\DOCUME~1\\ADMINI~1\\LOCALS~1\\Temp\\is-EODO7.tmp\\sdsetup.tmp"="Setup/Uninstall"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\\Program Files\\Spyware Doctor\\sdloader.exe"="sdloader"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\\WINDOWS\\ie7\\spuninst\\spuninst.exe"="Désinstallation du Service Pack Windows"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\\DOCUME~1\\ADMINI~1\\LOCALS~1\\Temp\\is-OHNLC.tmp\\spybotsd152.tmp"="Setup/Uninstall"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\\Pass2.cmd"="Pass2"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\\Documents and Settings\\Administrateur\\Local Settings\\Temporary Internet Files\\Content.IE5\\0VQDSVC7\\SDFix[1].exe"="SDFix[1]"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\\Documents and Settings\\Administrateur\\Bureau\\sdfix\\RunThis.bat"="RunThis"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\\DOCUME~1\\ADMINI~1\\Bureau\\sdfix\\RunThis.bat"="RunThis"





puis celui de hijackthis




Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:17:47, on 07/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wmsdkns.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\neuf telecom\neuf Box\Wizard\QuickAccess.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\FlashGet\flashget.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\wmsdkns.exe,
O2 - BHO: (no name) - {00000250-0320-4dd4-be4f-7566d2314352} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {13197ace-6851-45c3-a7ff-c281324d5489} - (no file)
O2 - BHO: (no name) - {15651c7c-e812-44a2-a9ac-b467a2233e7d} - (no file)
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: (no name) - {4e1075f4-eec4-4a86-add7-cd5f52858c31} - (no file)
O2 - BHO: (no name) - {4e7bd74f-2b8d-469e-92c6-ce7eb590a94d} - (no file)
O2 - BHO: (no name) - {5929cd6e-2062-44a4-b2c5-2c7e78fbab38} - (no file)
O2 - BHO: (no name) - {5dafd089-24b1-4c5e-bd42-8ca72550717b} - (no file)
O2 - BHO: (no name) - {5fa6752a-c4a0-4222-88c2-928ae5ab4966} - (no file)
O2 - BHO: (no name) - {622cc208-b014-4fe0-801b-874a5e5e403a} - (no file)
O2 - BHO: (no name) - {8674aea0-9d3d-11d9-99dc-00600f9a01f1} - (no file)
O2 - BHO: (no name) - {965a592f-8efa-4250-8630-7960230792f1} - (no file)
O2 - BHO: (no name) - {9c5b2f29-1f46-4639-a6b4-828942301d3e} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: (no name) - {cf021f40-3e14-23a5-cba2-717765728274} - (no file)
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O2 - BHO: (no name) - {fc3a74e5-f281-4f10-ae1e-733078684f3c} - (no file)
O2 - BHO: (no name) - {ffff0001-0002-101a-a3c9-08002b2f49fb} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [Configuration de la neuf Box] C:\Program Files\neuf telecom\neuf Box\Wizard\QuickAccess.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: &Tout télécharger avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
0

Discussions similaires

Aide svp modification mot de passe impossible attaque par dictionnaire
marvi1 -
marvi1 -

4 réponses
Consignes communautaires TikTok
Locky_Fangirl -
bazfile -

3 réponses
Microsoft TCP/IP : carte vment
morsi06 -
kelux -

2 réponses
depuis trois (03) jour mon compte tiktok est suspendu
k6_cebri13_officiel -
bazfile -

1 réponse
en raison ds multiples violation des consignes communautaire
Gey -
bazfile -

1 réponse