Comment se débarasser de Win32.Cuter.A & Gene
Résolu
Kokoy
Messages postés
59
Statut
Membre
-
green day Messages postés 26722 Statut Modérateur, Contributeur sécurité -
green day Messages postés 26722 Statut Modérateur, Contributeur sécurité -
Bonjour quelqu'un peut il me dire comment se débarrasser de Win32.Cuter.A Generic.Malware.Fdld.8CE39CF2 (voir d'autres) voir rapport de bitdefender de ce jour:
BitDefender Online Scanner
Rapport d'analyse généré à: Wed, Aug 22, 2007 - 14:30:22
Voie d'analyse: C:\;D:\;E:\;F:\;G:\;H:\;
Statistiques
Temps
01:49:57
Fichiers
283801
Directoires
4401
Secteurs de boot
7
Archives
8696
Paquets programmes
10793
Résultats
Virus identifiés
17
Fichiers infectés
22
Fichiers suspects
1
Avertissements
0
Désinfectés
0
Fichiers effacés
20
Info sur les moteurs
Définition virus
749496
Version des moteurs
AVCORE v1.0 (build 2411) (i386) (Jul 9 2007 12:10:22)
Analyse des plugins
14
Archive des plugins
37
Unpack des plugins
6
E-mail plugins
6
Système plugins
1
Paramètres d'analyse
Première action
Désinfecté
Seconde Action
Supprimé
Heuristique
Oui
Acceptez les avertissements
Oui
Extensions analysées
*;
Excludez les extensions
Analyse d'emails
Oui
Analyse des Archives
Oui
Analyser paquets programmes
Oui
Analyse des fichiers
Oui
Analyse de boot
Oui
Fichier analysé
Statut
C:\WINDOWS\system32\perfc000.dat
Infecté par: Trojan.Agent.AWX
C:\WINDOWS\system32\perfc000.dat
Echec de la désinfection
C:\WINDOWS\system32\perfc000.dat
Supprimé
C:\WINDOWS\system32\winservcs32.dll
Suspecté de: Generic.Malware.Fdld.8CE39CF2
C:\WINDOWS\system32\winservcs32.dll
Echec de la désinfection
C:\WINDOWS\system32\winservcs32.dll
Echec de la suppression
C:\Program Files\Wanadoo\Watch.exe
Infecté par: Win32.Cuter.A
C:\Program Files\Wanadoo\Watch.exe
Echec de la désinfection
C:\Program Files\Wanadoo\Watch.exe
Echec de la suppression
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
Infecté par: Win32.Cuter.A
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
Echec de la désinfection
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
Echec de la suppression
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP85\A0029700.exe
Infecté par: Trojan.Peed.IFR
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP85\A0029700.exe
Echec de la désinfection
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP85\A0029700.exe
Supprimé
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP85\A0029726.exe
Infecté par: DeepScan:Generic.Malware.SMYddldoe.23E153E0
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP85\A0029726.exe
Supprimé
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP85\A0029727.exe
Infecté par: GenPack:Trojan.Peed.NG
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP85\A0029727.exe
Echec de la désinfection
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP85\A0029727.exe
Supprimé
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP85\A0029728.exe
Infecté par: DeepScan:Generic.Malware.SMYddldoe.23E153E0
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP85\A0029728.exe
Supprimé
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP85\A0029729.exe
Infecté par: Trojan.Proxy.Xorpix.BH
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP85\A0029729.exe
Echec de la désinfection
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP85\A0029729.exe
Supprimé
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP85\A0029730.exe
Infecté par: Trojan.Peed.Gen
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP85\A0029730.exe
Echec de la désinfection
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP85\A0029730.exe
Supprimé
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP85\A0029731.exe
Infecté par: GenPack:Trojan.Peed.IET
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP85\A0029731.exe
Echec de la désinfection
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP85\A0029731.exe
Supprimé
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP85\A0029732.exe
Infecté par: Trojan.Peed.IFL
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP85\A0029732.exe
Echec de la désinfection
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP85\A0029732.exe
Supprimé
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP85\A0029733.exe
Infecté par: Trojan.Peed.Gen
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP85\A0029733.exe
Echec de la désinfection
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP85\A0029733.exe
Supprimé
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP85\A0029734.exe
Infecté par: Trojan.Peed.IFS
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP85\A0029734.exe
Echec de la désinfection
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP85\A0029734.exe
Supprimé
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP85\A0029735.exe
Infecté par: Trojan.Pandex.H
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP85\A0029735.exe
Echec de la désinfection
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP85\A0029735.exe
Supprimé
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP85\A0029745.exe
Infecté par: Trojan.Peed.IGD
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP85\A0029745.exe
Supprimé
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP87\A0029864.exe
Infecté par: Trojan.PWS.LDPinch.TAW
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP87\A0029864.exe
Echec de la désinfection
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP87\A0029864.exe
Supprimé
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP87\A0029865.exe
Infecté par: Trojan.Krotten.B
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP87\A0029865.exe
Echec de la désinfection
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP87\A0029865.exe
Supprimé
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP87\A0029866.exe
Infecté par: Trojan.Obfuscated.HF
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP87\A0029866.exe
Echec de la désinfection
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP87\A0029866.exe
Supprimé
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP87\A0029867.exe
Infecté par: GenPack:Trojan.Patched.Constructor.A
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP87\A0029867.exe
Echec de la désinfection
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP87\A0029867.exe
Supprimé
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP87\A0029868.exe
Infecté par: Win32.Cuter.A
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP87\A0029868.exe
Echec de la désinfection
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP87\A0029868.exe
Supprimé
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP87\A0029869.exe
Infecté par: GenPack:Trojan.Downloader.Tibs.BS
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP87\A0029869.exe
Echec de la désinfection
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP87\A0029869.exe
Supprimé
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP87\A0029870.exe
Infecté par: Trojan.Peed.IFS
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP87\A0029870.exe
Echec de la désinfection
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP87\A0029870.exe
Supprimé
D'avance merci.
BitDefender Online Scanner
Rapport d'analyse généré à: Wed, Aug 22, 2007 - 14:30:22
Voie d'analyse: C:\;D:\;E:\;F:\;G:\;H:\;
Statistiques
Temps
01:49:57
Fichiers
283801
Directoires
4401
Secteurs de boot
7
Archives
8696
Paquets programmes
10793
Résultats
Virus identifiés
17
Fichiers infectés
22
Fichiers suspects
1
Avertissements
0
Désinfectés
0
Fichiers effacés
20
Info sur les moteurs
Définition virus
749496
Version des moteurs
AVCORE v1.0 (build 2411) (i386) (Jul 9 2007 12:10:22)
Analyse des plugins
14
Archive des plugins
37
Unpack des plugins
6
E-mail plugins
6
Système plugins
1
Paramètres d'analyse
Première action
Désinfecté
Seconde Action
Supprimé
Heuristique
Oui
Acceptez les avertissements
Oui
Extensions analysées
*;
Excludez les extensions
Analyse d'emails
Oui
Analyse des Archives
Oui
Analyser paquets programmes
Oui
Analyse des fichiers
Oui
Analyse de boot
Oui
Fichier analysé
Statut
C:\WINDOWS\system32\perfc000.dat
Infecté par: Trojan.Agent.AWX
C:\WINDOWS\system32\perfc000.dat
Echec de la désinfection
C:\WINDOWS\system32\perfc000.dat
Supprimé
C:\WINDOWS\system32\winservcs32.dll
Suspecté de: Generic.Malware.Fdld.8CE39CF2
C:\WINDOWS\system32\winservcs32.dll
Echec de la désinfection
C:\WINDOWS\system32\winservcs32.dll
Echec de la suppression
C:\Program Files\Wanadoo\Watch.exe
Infecté par: Win32.Cuter.A
C:\Program Files\Wanadoo\Watch.exe
Echec de la désinfection
C:\Program Files\Wanadoo\Watch.exe
Echec de la suppression
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
Infecté par: Win32.Cuter.A
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
Echec de la désinfection
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
Echec de la suppression
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP85\A0029700.exe
Infecté par: Trojan.Peed.IFR
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP85\A0029700.exe
Echec de la désinfection
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP85\A0029700.exe
Supprimé
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP85\A0029726.exe
Infecté par: DeepScan:Generic.Malware.SMYddldoe.23E153E0
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP85\A0029726.exe
Supprimé
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP85\A0029727.exe
Infecté par: GenPack:Trojan.Peed.NG
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP85\A0029727.exe
Echec de la désinfection
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP85\A0029727.exe
Supprimé
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP85\A0029728.exe
Infecté par: DeepScan:Generic.Malware.SMYddldoe.23E153E0
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP85\A0029728.exe
Supprimé
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP85\A0029729.exe
Infecté par: Trojan.Proxy.Xorpix.BH
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP85\A0029729.exe
Echec de la désinfection
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP85\A0029729.exe
Supprimé
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP85\A0029730.exe
Infecté par: Trojan.Peed.Gen
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP85\A0029730.exe
Echec de la désinfection
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP85\A0029730.exe
Supprimé
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP85\A0029731.exe
Infecté par: GenPack:Trojan.Peed.IET
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP85\A0029731.exe
Echec de la désinfection
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP85\A0029731.exe
Supprimé
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP85\A0029732.exe
Infecté par: Trojan.Peed.IFL
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP85\A0029732.exe
Echec de la désinfection
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP85\A0029732.exe
Supprimé
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP85\A0029733.exe
Infecté par: Trojan.Peed.Gen
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP85\A0029733.exe
Echec de la désinfection
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP85\A0029733.exe
Supprimé
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP85\A0029734.exe
Infecté par: Trojan.Peed.IFS
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP85\A0029734.exe
Echec de la désinfection
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP85\A0029734.exe
Supprimé
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP85\A0029735.exe
Infecté par: Trojan.Pandex.H
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP85\A0029735.exe
Echec de la désinfection
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP85\A0029735.exe
Supprimé
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP85\A0029745.exe
Infecté par: Trojan.Peed.IGD
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP85\A0029745.exe
Supprimé
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP87\A0029864.exe
Infecté par: Trojan.PWS.LDPinch.TAW
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP87\A0029864.exe
Echec de la désinfection
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP87\A0029864.exe
Supprimé
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP87\A0029865.exe
Infecté par: Trojan.Krotten.B
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP87\A0029865.exe
Echec de la désinfection
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP87\A0029865.exe
Supprimé
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP87\A0029866.exe
Infecté par: Trojan.Obfuscated.HF
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP87\A0029866.exe
Echec de la désinfection
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP87\A0029866.exe
Supprimé
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP87\A0029867.exe
Infecté par: GenPack:Trojan.Patched.Constructor.A
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP87\A0029867.exe
Echec de la désinfection
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP87\A0029867.exe
Supprimé
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP87\A0029868.exe
Infecté par: Win32.Cuter.A
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP87\A0029868.exe
Echec de la désinfection
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP87\A0029868.exe
Supprimé
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP87\A0029869.exe
Infecté par: GenPack:Trojan.Downloader.Tibs.BS
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP87\A0029869.exe
Echec de la désinfection
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP87\A0029869.exe
Supprimé
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP87\A0029870.exe
Infecté par: Trojan.Peed.IFS
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP87\A0029870.exe
Echec de la désinfection
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP87\A0029870.exe
Supprimé
D'avance merci.
A voir également:
- Comment se débarasser de Win32.Cuter.A & Gene
- Puabundler win32 candyopen - Forum Virus
- Télécharger win32 valide pour windows 7 gratuit - Forum Windows
- Puabundler win32 rostpay ✓ - Forum Antivirus
- Win32:malware-gen - Forum Virus
- Puadimanager win32/offercore ✓ - Forum Virus
75 réponses
En faisant un scan avec AVG pour les 2 fichiers il ne détecte rien!!!
C'est pour ça que je t'ai pas mis les rapports!!!
++
C'est pour ça que je t'ai pas mis les rapports!!!
++
Bonnes nouvelles!!!
Après quelques recherches sur la toile et en particulier sur le site malekal's, j'ai changé d'antivirus gratuit en passant d'avast à antivir.
J'ai fais un scan avec antivir mis à jour en mode sans echec, il à tout trouvé, enfin du moins ce que avast ne trouvais pas à savoir Watch.exe et HPWuSchd2.exe, il les à mis en quarantaine et au redemarrage en mode normal j'ai remis le cd de l'assistant HP et tout marche nickel, j'ai fais analyser C:\Program Files\HP\HP Software Update\HPWuSchd2.exe par bitdefender et virustotal, il est clean quand à C:\Program Files\Wanadoo\Watch.exe je ne le trouve plus dans le fichier Wanadoo mais je n'ai aucun probleme pour aller sur internet ou recevoir des mails!!!
Il semblerait que tout marche bien, si tu veux bien t'en assurer je t'en remercie d'avance??
Je te joint le rapport d'antivir quand il à tout chopper en mode sans echec:
AntiVir PersonalEdition Classic
Report file date: mardi 28 août 2007 11:34
Scanning for 1036719 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: Administrateur
Computer name: TITANIUM
Version information:
BUILD.DAT : 247 14437 Bytes 10/05/2007 11:55:00
AVSCAN.EXE : 7.0.4.15 282664 Bytes 20/04/2007 11:37:16
AVSCAN.DLL : 7.0.4.4 33832 Bytes 27/03/2007 11:31:56
LUKE.DLL : 7.0.4.11 143400 Bytes 27/03/2007 11:26:06
LUKERES.DLL : 7.0.4.0 10280 Bytes 19/03/2007 11:19:00
ANTIVIR0.VDF : 6.35.0.1 7371264 Bytes 31/05/2006 13:08:58
ANTIVIR1.VDF : 6.39.0.129 7251968 Bytes 10/07/2007 09:24:58
ANTIVIR2.VDF : 6.39.1.43 1542656 Bytes 25/08/2007 09:24:58
ANTIVIR3.VDF : 6.39.1.52 34304 Bytes 28/08/2007 09:24:58
AVEWIN32.DLL : 7.4.1.63 2724352 Bytes 28/08/2007 09:24:58
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 09:36:28
AVPREF.DLL : 7.0.2.1 24616 Bytes 27/03/2007 11:31:52
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 12:16:24
AVPACK32.DLL : 7.3.0.15 360488 Bytes 28/08/2007 09:24:58
AVREG.DLL : 7.0.1.2 31784 Bytes 15/03/2007 08:05:10
AVEVTLOG.DLL : 7.0.0.18 86056 Bytes 27/03/2007 11:16:06
AVARKT.DLL : 1.0.0.17 278568 Bytes 02/05/2007 10:32:28
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 10:09:44
RCIMAGE.DLL : 7.0.1.15 2228264 Bytes 13/03/2007 09:46:20
RCTEXT.DLL : 7.0.45.0 86056 Bytes 19/03/2007 11:42:44
Configuration settings for the scan:
Jobname..........................: Manual Selection
Configuration file...............: C:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic\PROFILES\folder.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: C:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: on
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: mardi 28 août 2007 11:34
Starting search for hidden objects.
The driver could not be initialized.
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'Explorer.EXE' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'guard.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
12 processes with 12 modules were scanned
Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Starting to scan the registry.
C:\Program Files\Wanadoo\Watch.exe
[DETECTION] Is the Trojan horse TR/Patched.AF.125
[INFO] The file was moved to '4747eca1.qua'!
C:\Program Files\Wanadoo\Watch.exe
[DETECTION] Is the Trojan horse TR/Patched.AF.125
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
[DETECTION] Is the Trojan horse TR/Patched.AF.129
[INFO] The file was moved to '472aec90.qua'!
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
[DETECTION] Is the Trojan horse TR/Patched.AF.129
The registry was scanned ( '22' files ).
Starting the file scan:
Begin scan in 'C:\' <SYS & LOG>
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\WINDOWS\system32\ati2ksag.sys
[DETECTION] Is the Trojan horse TR/Spy.Banker.crq.15
[INFO] The file was moved to '473ced01.qua'!
C:\WINDOWS\system32\msvc32.dll
[DETECTION] Contains suspicious code HEUR/Malware
[INFO] The file was moved to '4749ed00.qua'!
C:\WINDOWS\system32\drivers\atapi.sys
[WARNING] The file could not be opened!
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\OXEZWLUV\m2_17_08_07_na_0[1].exe
[DETECTION] Is the Trojan horse TR/Crypt.FKM.Gen
[INFO] The file was moved to '4732ee69.qua'!
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\DEJGCVNN\n2_17_08_07_na_0[1].exe
[DETECTION] Is the Trojan horse TR/Crypt.FKM.Gen
[INFO] The file was moved to '465809ee.qua'!
C:\Documents and Settings\Administrateur\Bureau\sdfix.exe
[0] Archive type: RAR SFX (self extracting)
--> SDFix\apps\FIXLM.reg
[DETECTION] Contains suspicious code HEUR/Exploit.HTML
[INFO] The file was moved to '4739ef7f.qua'!
C:\Documents and Settings\Administrateur\Bureau\sdfix\SDFix\apps\FIXLM.reg
[DETECTION] Contains suspicious code HEUR/Exploit.HTML
[INFO] The file was moved to '472befa6.qua'!
C:\Documents and Settings\Administrateur\Bureau\sdfix\SDFix\backups\backups.zip
[0] Archive type: ZIP
--> backups/icf.exe
[DETECTION] Is the Trojan horse TR/Obfuscated.GP.46
[INFO] The file was moved to '4736efc0.qua'!
C:\Program Files\Navilog1\navilog1.bat
[DETECTION] Contains suspicious code HEUR/Exploit.HTML
[INFO] The file was moved to '4749f25e.qua'!
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP98\A0033813.exe
[DETECTION] Is the Trojan horse TR/Patched.AF.125
[INFO] The file was moved to '4703f246.qua'!
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP98\A0033814.exe
[DETECTION] Is the Trojan horse TR/Patched.AF.129
[INFO] The file was moved to '4703f247.qua'!
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP98\A0033815.sys
[DETECTION] Is the Trojan horse TR/Spy.Banker.crq.15
[INFO] The file was moved to '466426cc.qua'!
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP98\A0033816.dll
[DETECTION] Contains suspicious code HEUR/Malware
[INFO] The file was moved to '4703f249.qua'!
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP98\A0033817.exe
[0] Archive type: RAR SFX (self extracting)
--> SDFix\apps\FIXLM.reg
[DETECTION] Contains suspicious code HEUR/Exploit.HTML
[INFO] The file was moved to '466426ce.qua'!
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP98\A0033818.reg
[DETECTION] Contains suspicious code HEUR/Exploit.HTML
[INFO] The file was moved to '4703f24b.qua'!
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP98\A0033819.bat
[DETECTION] Contains suspicious code HEUR/Exploit.HTML
[INFO] The file was moved to '466426c8.qua'!
End of the scan: mardi 28 août 2007 12:00
Used time: 25:27 min
The scan has been done completely.
3507 Scanning directories
144909 Files were scanned
17 viruses and/or unwanted programs were found
8 classified as suspicious:
0 files were deleted
0 files were repaired
17 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
144884 Files not concerned
853 Archives were scanned
2 Warnings
2 Notes
0 Hidden objects were found
++
Après quelques recherches sur la toile et en particulier sur le site malekal's, j'ai changé d'antivirus gratuit en passant d'avast à antivir.
J'ai fais un scan avec antivir mis à jour en mode sans echec, il à tout trouvé, enfin du moins ce que avast ne trouvais pas à savoir Watch.exe et HPWuSchd2.exe, il les à mis en quarantaine et au redemarrage en mode normal j'ai remis le cd de l'assistant HP et tout marche nickel, j'ai fais analyser C:\Program Files\HP\HP Software Update\HPWuSchd2.exe par bitdefender et virustotal, il est clean quand à C:\Program Files\Wanadoo\Watch.exe je ne le trouve plus dans le fichier Wanadoo mais je n'ai aucun probleme pour aller sur internet ou recevoir des mails!!!
Il semblerait que tout marche bien, si tu veux bien t'en assurer je t'en remercie d'avance??
Je te joint le rapport d'antivir quand il à tout chopper en mode sans echec:
AntiVir PersonalEdition Classic
Report file date: mardi 28 août 2007 11:34
Scanning for 1036719 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: Administrateur
Computer name: TITANIUM
Version information:
BUILD.DAT : 247 14437 Bytes 10/05/2007 11:55:00
AVSCAN.EXE : 7.0.4.15 282664 Bytes 20/04/2007 11:37:16
AVSCAN.DLL : 7.0.4.4 33832 Bytes 27/03/2007 11:31:56
LUKE.DLL : 7.0.4.11 143400 Bytes 27/03/2007 11:26:06
LUKERES.DLL : 7.0.4.0 10280 Bytes 19/03/2007 11:19:00
ANTIVIR0.VDF : 6.35.0.1 7371264 Bytes 31/05/2006 13:08:58
ANTIVIR1.VDF : 6.39.0.129 7251968 Bytes 10/07/2007 09:24:58
ANTIVIR2.VDF : 6.39.1.43 1542656 Bytes 25/08/2007 09:24:58
ANTIVIR3.VDF : 6.39.1.52 34304 Bytes 28/08/2007 09:24:58
AVEWIN32.DLL : 7.4.1.63 2724352 Bytes 28/08/2007 09:24:58
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 09:36:28
AVPREF.DLL : 7.0.2.1 24616 Bytes 27/03/2007 11:31:52
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 12:16:24
AVPACK32.DLL : 7.3.0.15 360488 Bytes 28/08/2007 09:24:58
AVREG.DLL : 7.0.1.2 31784 Bytes 15/03/2007 08:05:10
AVEVTLOG.DLL : 7.0.0.18 86056 Bytes 27/03/2007 11:16:06
AVARKT.DLL : 1.0.0.17 278568 Bytes 02/05/2007 10:32:28
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 10:09:44
RCIMAGE.DLL : 7.0.1.15 2228264 Bytes 13/03/2007 09:46:20
RCTEXT.DLL : 7.0.45.0 86056 Bytes 19/03/2007 11:42:44
Configuration settings for the scan:
Jobname..........................: Manual Selection
Configuration file...............: C:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic\PROFILES\folder.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: C:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: on
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: mardi 28 août 2007 11:34
Starting search for hidden objects.
The driver could not be initialized.
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'Explorer.EXE' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'guard.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
12 processes with 12 modules were scanned
Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Starting to scan the registry.
C:\Program Files\Wanadoo\Watch.exe
[DETECTION] Is the Trojan horse TR/Patched.AF.125
[INFO] The file was moved to '4747eca1.qua'!
C:\Program Files\Wanadoo\Watch.exe
[DETECTION] Is the Trojan horse TR/Patched.AF.125
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
[DETECTION] Is the Trojan horse TR/Patched.AF.129
[INFO] The file was moved to '472aec90.qua'!
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
[DETECTION] Is the Trojan horse TR/Patched.AF.129
The registry was scanned ( '22' files ).
Starting the file scan:
Begin scan in 'C:\' <SYS & LOG>
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\WINDOWS\system32\ati2ksag.sys
[DETECTION] Is the Trojan horse TR/Spy.Banker.crq.15
[INFO] The file was moved to '473ced01.qua'!
C:\WINDOWS\system32\msvc32.dll
[DETECTION] Contains suspicious code HEUR/Malware
[INFO] The file was moved to '4749ed00.qua'!
C:\WINDOWS\system32\drivers\atapi.sys
[WARNING] The file could not be opened!
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\OXEZWLUV\m2_17_08_07_na_0[1].exe
[DETECTION] Is the Trojan horse TR/Crypt.FKM.Gen
[INFO] The file was moved to '4732ee69.qua'!
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\DEJGCVNN\n2_17_08_07_na_0[1].exe
[DETECTION] Is the Trojan horse TR/Crypt.FKM.Gen
[INFO] The file was moved to '465809ee.qua'!
C:\Documents and Settings\Administrateur\Bureau\sdfix.exe
[0] Archive type: RAR SFX (self extracting)
--> SDFix\apps\FIXLM.reg
[DETECTION] Contains suspicious code HEUR/Exploit.HTML
[INFO] The file was moved to '4739ef7f.qua'!
C:\Documents and Settings\Administrateur\Bureau\sdfix\SDFix\apps\FIXLM.reg
[DETECTION] Contains suspicious code HEUR/Exploit.HTML
[INFO] The file was moved to '472befa6.qua'!
C:\Documents and Settings\Administrateur\Bureau\sdfix\SDFix\backups\backups.zip
[0] Archive type: ZIP
--> backups/icf.exe
[DETECTION] Is the Trojan horse TR/Obfuscated.GP.46
[INFO] The file was moved to '4736efc0.qua'!
C:\Program Files\Navilog1\navilog1.bat
[DETECTION] Contains suspicious code HEUR/Exploit.HTML
[INFO] The file was moved to '4749f25e.qua'!
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP98\A0033813.exe
[DETECTION] Is the Trojan horse TR/Patched.AF.125
[INFO] The file was moved to '4703f246.qua'!
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP98\A0033814.exe
[DETECTION] Is the Trojan horse TR/Patched.AF.129
[INFO] The file was moved to '4703f247.qua'!
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP98\A0033815.sys
[DETECTION] Is the Trojan horse TR/Spy.Banker.crq.15
[INFO] The file was moved to '466426cc.qua'!
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP98\A0033816.dll
[DETECTION] Contains suspicious code HEUR/Malware
[INFO] The file was moved to '4703f249.qua'!
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP98\A0033817.exe
[0] Archive type: RAR SFX (self extracting)
--> SDFix\apps\FIXLM.reg
[DETECTION] Contains suspicious code HEUR/Exploit.HTML
[INFO] The file was moved to '466426ce.qua'!
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP98\A0033818.reg
[DETECTION] Contains suspicious code HEUR/Exploit.HTML
[INFO] The file was moved to '4703f24b.qua'!
C:\System Volume Information\_restore{DF74D1A7-CBF5-4102-ACFD-543171745187}\RP98\A0033819.bat
[DETECTION] Contains suspicious code HEUR/Exploit.HTML
[INFO] The file was moved to '466426c8.qua'!
End of the scan: mardi 28 août 2007 12:00
Used time: 25:27 min
The scan has been done completely.
3507 Scanning directories
144909 Files were scanned
17 viruses and/or unwanted programs were found
8 classified as suspicious:
0 files were deleted
0 files were repaired
17 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
144884 Files not concerned
853 Archives were scanned
2 Warnings
2 Notes
0 Hidden objects were found
++
Je te remercie beaucoup de ton aide et de ta patience!!!
J'ai grandement apprècié et à jamais j'espere ;-)
Bonne continuation.
J'ai grandement apprècié et à jamais j'espere ;-)
Bonne continuation.
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Ok bien . :)
Tu peux jeter tout ce qui est SDfix, combofix, cleanzip,smitfraudfix,Navilog etc ...
Remet un log hijack quand même .
A+
Tu peux jeter tout ce qui est SDfix, combofix, cleanzip,smitfraudfix,Navilog etc ...
Remet un log hijack quand même .
A+
Voici le rapport:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:45, on 28/08/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZONELABS\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\12018SC Multimedia Mouse Driver\MouseDrv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\WANADOO\TaskBarIcon.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
C:\Program Files\TomTom HOME\TomTomHOME.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Microsoft Money\System\mnyexpr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Windows Media Player\wmplayer.exe
C:\PROGRA~1\MICROS~2\OFFICE11\OUTLOOK.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\PROGRA~1\WANADOO\WOOBrowser\WOOBrowser.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\HPZipm12.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [WireLessMouse] C:\Program Files\12018SC Multimedia Mouse Driver\StartAutorun.exe MouseDrv.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\WANADOO\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME\TomTomHOME.exe" -s
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
O4 - HKCU\..\Run: [WOOKIT] C:\Program Files\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Unibet Poker - {C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - C:\Microgaming\Poker\UnibetpokerMPP\MPPoker.exe
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://a532.g.akamai.net/...
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE
O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZONELABS\vsmon.exe
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:45, on 28/08/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZONELABS\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\12018SC Multimedia Mouse Driver\MouseDrv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\WANADOO\TaskBarIcon.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
C:\Program Files\TomTom HOME\TomTomHOME.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Microsoft Money\System\mnyexpr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Windows Media Player\wmplayer.exe
C:\PROGRA~1\MICROS~2\OFFICE11\OUTLOOK.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\PROGRA~1\WANADOO\WOOBrowser\WOOBrowser.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\HPZipm12.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [WireLessMouse] C:\Program Files\12018SC Multimedia Mouse Driver\StartAutorun.exe MouseDrv.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\WANADOO\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME\TomTomHOME.exe" -s
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
O4 - HKCU\..\Run: [WOOKIT] C:\Program Files\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Unibet Poker - {C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - C:\Microgaming\Poker\UnibetpokerMPP\MPPoker.exe
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://a532.g.akamai.net/...
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE
O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZONELABS\vsmon.exe
un peu de nettoyage ...
Relance Hijack,choisi « do a scan only » ou « scanner seulement » coches ces lignes :
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME\TomTomHOME.exe" -s
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://a532.g.akamai.net/
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
Ferme toutes les fenêtres actives autres que HijackThis!, navigateur inclus, puis clique « Fix checked » ou « fixer objet ». Ferme HijackThis!
=============================
Arrête ce service
France Telecom Routing Table Service (FTRTSVC)
pour ça fais cette manip :
Démarrer -> executer tape services.msc double clic sur le service cité - > et dans "type de démarrage" mets le sur « désactivé » et dans statut du service, met le sur « arrêter ».
Dis moi comment se comporte ton PC .
a+
Relance Hijack,choisi « do a scan only » ou « scanner seulement » coches ces lignes :
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME\TomTomHOME.exe" -s
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://a532.g.akamai.net/
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
Ferme toutes les fenêtres actives autres que HijackThis!, navigateur inclus, puis clique « Fix checked » ou « fixer objet ». Ferme HijackThis!
=============================
Arrête ce service
France Telecom Routing Table Service (FTRTSVC)
pour ça fais cette manip :
Démarrer -> executer tape services.msc double clic sur le service cité - > et dans "type de démarrage" mets le sur « désactivé » et dans statut du service, met le sur « arrêter ».
Dis moi comment se comporte ton PC .
a+
Trop tard, j'avais deja lu et je l'ai fixé!!!
Comment faire pour la remettre??
J'ai vu que antivir ne se lance plus au demarrage!!!
Sinon le reste à l'aire de bien fonctionné, mon pc demarre plus rapidement (normal vu que moins de chose se lance au demarrage)
Peux tu me dire ce qu'était le truc de France Telecom que tu m'as fait désactivé et arreter??
++
Comment faire pour la remettre??
J'ai vu que antivir ne se lance plus au demarrage!!!
Sinon le reste à l'aire de bien fonctionné, mon pc demarre plus rapidement (normal vu que moins de chose se lance au demarrage)
Peux tu me dire ce qu'était le truc de France Telecom que tu m'as fait désactivé et arreter??
++
Ce n'est pas grave ...
Réouvre HijackThis, choisis " view the lit of backups" coche la case devant cette ligne :
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
, puis clique sur "restore".
Redémarre ton PC et dis moi si antivir démarre .
Peux tu me dire ce qu'était le truc de France Telecom que tu m'as fait désactivé et arreter??
C'est un des nombreux service de france Telecom qui est inutile et qui pose même des problèmes à certains internautes.
Réouvre HijackThis, choisis " view the lit of backups" coche la case devant cette ligne :
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
, puis clique sur "restore".
Redémarre ton PC et dis moi si antivir démarre .
Peux tu me dire ce qu'était le truc de France Telecom que tu m'as fait désactivé et arreter??
C'est un des nombreux service de france Telecom qui est inutile et qui pose même des problèmes à certains internautes.
