Bonsoir
j’ai teste mon rapport hitjack sur le site
j’ai effacé les lignes préconisées et la totale
mon pc ne redemarre plus … que faire ?
merci
Comment ça il ne redemarre plus ?
Edité le 04/03/2008 à 20:25
tu as un backup dans hitjacjthis…
view the list of backup
essai
a+
OUi exact Mister Vyger… toujours au top?
je fais quoi ensuite (le restore?)
merci Vyger
Salutations Alabri…
oui, tu as une chance avec une restauration des effacements de HJ
Selectionne le dernier backup et clic sur restore
redemarre
re-scan HJ et post ton scan clubic va te donner un coup de main… 
a+
Edité le 04/03/2008 à 20:34
OK, je viens de trouver .
j’exécute ta manip et reviens
merci Mister Vyger
OK, je m’absente ce soir…dans qques mn
n’hésite pas à poster ton log
les clubiciens ici ce soir te donneront la soluce
a+
Voici avant formatage… car j’ai planté le PC
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = fr.msn.com… Start Page
This is where you go when you first open IE. Should be something like google.com or iamnotageek.com if theres a site you don’t know here clean this line!
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = fr.msn.com… Start Page
This is where you go when you first open IE. Should be something like google.com or iamnotageek.com if theres a site you don’t know here clean this line!
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = fr.msn.com… Start Page
This is where you go when you first open IE. Should be something like google.com or iamnotageek.com if theres a site you don’t know here clean this line!
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com… Start Page
This is where you go when you first open IE. Should be something like google.com or iamnotageek.com if theres a site you don’t know here clean this line!
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com… Start Page
This is where you go when you first open IE. Should be something like google.com or iamnotageek.com if theres a site you don’t know here clean this line!
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = fr.msn.com… Start Page
This is where you go when you first open IE. Should be something like google.com or iamnotageek.com if theres a site you don’t know here clean this line!
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer optimisé pour MSNInternet Start Page
This is where you go when you first open IE. Should be something like google.com or iamnotageek.com if theres a site you don’t know here clean this line!
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = LiensInternet Start Page
This is where you go when you first open IE. Should be something like google.com or iamnotageek.com if theres a site you don’t know here clean this line!
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dllDefault Search Page
When using the search toolbar this is your default search. Should be either yahoo, msn or google cause all others suck
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dllUnnamed BHO
Ycomp**_.dll yt.dll - Yahoo Companion companion.yahoo.com…
O2 - BHO: Aide pour le lien d’Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dllAcroIEhelper.ocx AcroIEhelper.dll - Adobe Acrobat reader www.adobe.com…
AcroIEhelper.ocx AcroIEhelper.dll - Adobe Acrobat reader www.adobe.com…
O2 - BHO: Download Manager Browser Helper Object - {19C8E43B-07B3-49CB-BFFC-6777B593E6F8} - C:\PROGRA~1\FICHIE~1\fluxDVD\DOWNLO~1\XEBDLH~1.DLLXEBDLHelper.dll XEBDLH~1.DLL - Part of CinemaNow www.cinemanow.com…
XEBDLHelper.dll XEBDLH~1.DLL - Part of CinemaNow www.cinemanow.com… DVD Burner software
O2 - BHO: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLLUnnamed BHO
vmntoolbar.dll VMNTOO~1.DLL - VMN.net Toolbar toolbar.vmn.net…
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dllUnnamed BHO
ssv.dll - Related to Sun_Java_software java.com…
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)File Missing
When a file is missing, you should always have HijackThis fix the item.
O2 - BHO: Programme d’aide de l’Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dllUnnamed BHO
WindowsLiveLogin.dll - Microsoft Windows_Live ideas.live.com…
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dllgoogletoolbar.dll googletoolbar*.dll googlenav.dll googletoolbar_en_.**-big.dll googletoolbar_en_.
googletoolbar.dll googletoolbar*.dll googlenav.dll googletoolbar_en_.**-big.dll googletoolbar_en_.*.**-deleon.dll - Google Toolbar toolbar.google.com…
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dllUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dllUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dllUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dllUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O3 - Toolbar: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLLUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O4 - HKLM…\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"Unknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O4 - HKLM…\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe"HP software update
HP software updates. If a shortcut doesn’t exist create your own and run it manually
O4 - HKLM…\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"HP Component Manager
“Checks the internet for updated drivers/utilities for your HP product - update manually. Disabling will remove the error ““Windows can’t shutdown the computer because hpcmpmgr.exe can’t be ended”””
O4 - HKCU…\Run: [msnmsgr] “C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe” /backgroundmsnmsgr
"MSN Messenger utility. If you don’t use MSN Messenger
O4 - HKCU…\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exeCtfmon.exe
“CoolWebSearch Ctfmon32 parasite variant”
O4 - HKUS\S-1-5-19…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘SERVICE LOCAL’)Ctfmon.exe
“CoolWebSearch Ctfmon32 parasite variant”
O4 - HKUS\S-1-5-20…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘SERVICE RÉSEAU’)Ctfmon.exe
“CoolWebSearch Ctfmon32 parasite variant”
O4 - HKUS\S-1-5-18…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘SYSTEM’)Ctfmon.exe
“CoolWebSearch Ctfmon32 parasite variant”
O4 - HKUS.DEFAULT…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘Default user’)Ctfmon.exe
“CoolWebSearch Ctfmon32 parasite variant”
O4 - Startup: Y’z Toolbar.lnk = C:\WINDOWS\BricoPacks\Crystal Clear\YzToolbar\YzToolBar.exe
O4 - Startup: Y’z Shadow.lnk = C:\WINDOWS\BricoPacks\Crystal Clear\YzShadow\YzShadow.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Crystal Clear\UberIcon\UberIcon Manager.exe
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Crystal Clear\RocketDock\RocketDock.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE… Right Click Menu
Most of the time this is garbage leave it only if you actually use this function. Otherwise for the sake of cleanliness get rid of this sucker. A wise man once said Cleanliness is next to godliness
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dllSun Java Console
Related to Sun Java
O9 - Extra ‘Tools’ menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dllSun Java Console
Related to Sun Java
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exeUninstall BitDefender Online Scanner v8
BitDefender Free Online Virus Scan See_Here
O9 - Extra ‘Tools’ menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exeUninstall BitDefender Online Scanner v8
BitDefender Free Online Virus Scan See_Here
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLLResearch
Microsoft Office related
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe@xpsp3res.dll-20001
Related to Network_Diagnostics for Windows XP is available to help identify and fix network connection problems. Note: File is located under %windir%Network Diagnostic.
O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe@xpsp3res.dll-20001
Related to Network_Diagnostics for Windows XP is available to help identify and fix network connection problems. Note: File is located under %windir%Network Diagnostic.
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeWindows Messenger
Related to Microsoft’s Windows Messenger.
O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeWindows Messenger
Related to Microsoft’s Windows Messenger.
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dllWinsock Hijacker
Every time I’ve seen this its been a bad thing
O15 - Trusted Zone: *.canalplay.com (HKLM)Trusted Zone
Do you really trust this site? If you don’t really trust this site make sure you have HJT fix this line
O15 - Trusted Zone: *.canalplusactive.com (HKLM)Trusted Zone
Do you really trust this site? If you don’t really trust this site make sure you have HJT fix this line
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dllUnnamed BHO
yinst0401.cab - Yahoo Messenger Installer
O16 - DPF: {54BE6B6F-3056-470B-97E1-BB92E051B6C4} - h30155.www3.hp.com… Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - messenger.zone.msn.com… Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - www.coupdepoucepc.com…
Bitdefender
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - messenger.zone.msn.com… Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O23 - Service: Acer Media Server - Acer Inc. - C:\Program Files\Acer\Acer eConsole\MediaServerService.exeUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exeAti HotKey Poller
ATI Video Card Control Panel
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exeUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender S.R.L. - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exeBitDefender Desktop Update Service
Update service for BitDefender_Antivirus
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exePml Driver HPZ12
Related to HP printers.
O23 - Service: Private Folder Service (prfldsvc) - Unknown owner - C:\Program Files\Microsoft Private Folder 1.0\PrfldSvc.exeUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exeBitDefender Virus Shield
Related to bitdefender (Virusshield)
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exeUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O23 - Service: BitDefender Communicator (XCOMM) - Softwin - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exeBitDefender Communicator
Related to bitdefender Antivirus
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = fr.msn.com… Start Page
This is where you go when you first open IE. Should be something like google.com or iamnotageek.com if theres a site you don’t know here clean this line!
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = fr.msn.com… Start Page
This is where you go when you first open IE. Should be something like google.com or iamnotageek.com if theres a site you don’t know here clean this line!
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = fr.msn.com… Start Page
This is where you go when you first open IE. Should be something like google.com or iamnotageek.com if theres a site you don’t know here clean this line!
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com… Start Page
This is where you go when you first open IE. Should be something like google.com or iamnotageek.com if theres a site you don’t know here clean this line!
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com… Start Page
This is where you go when you first open IE. Should be something like google.com or iamnotageek.com if theres a site you don’t know here clean this line!
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = fr.msn.com… Start Page
This is where you go when you first open IE. Should be something like google.com or iamnotageek.com if theres a site you don’t know here clean this line!
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer optimisé pour MSNInternet Start Page
This is where you go when you first open IE. Should be something like google.com or iamnotageek.com if theres a site you don’t know here clean this line!
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = LiensInternet Start Page
This is where you go when you first open IE. Should be something like google.com or iamnotageek.com if theres a site you don’t know here clean this line!
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dllDefault Search Page
When using the search toolbar this is your default search. Should be either yahoo, msn or google cause all others suck
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dllUnnamed BHO
Ycomp**_.dll yt.dll - Yahoo Companion companion.yahoo.com…
O2 - BHO: Aide pour le lien d’Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dllAcroIEhelper.ocx AcroIEhelper.dll - Adobe Acrobat reader www.adobe.com…
AcroIEhelper.ocx AcroIEhelper.dll - Adobe Acrobat reader www.adobe.com…
O2 - BHO: Download Manager Browser Helper Object - {19C8E43B-07B3-49CB-BFFC-6777B593E6F8} - C:\PROGRA~1\FICHIE~1\fluxDVD\DOWNLO~1\XEBDLH~1.DLLXEBDLHelper.dll XEBDLH~1.DLL - Part of CinemaNow www.cinemanow.com…
XEBDLHelper.dll XEBDLH~1.DLL - Part of CinemaNow www.cinemanow.com… DVD Burner software
O2 - BHO: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLLUnnamed BHO
vmntoolbar.dll VMNTOO~1.DLL - VMN.net Toolbar toolbar.vmn.net…
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dllUnnamed BHO
ssv.dll - Related to Sun_Java_software java.com…
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)File Missing
When a file is missing, you should always have HijackThis fix the item.
O2 - BHO: Programme d’aide de l’Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dllUnnamed BHO
WindowsLiveLogin.dll - Microsoft Windows_Live ideas.live.com…
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dllgoogletoolbar.dll googletoolbar*.dll googlenav.dll googletoolbar_en_.**-big.dll googletoolbar_en_.
googletoolbar.dll googletoolbar*.dll googlenav.dll googletoolbar_en_.**-big.dll googletoolbar_en_.*.**-deleon.dll - Google Toolbar toolbar.google.com…
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dllUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dllUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dllUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dllUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O3 - Toolbar: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLLUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O4 - HKLM…\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"Unknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O4 - HKLM…\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe"HP software update
HP software updates. If a shortcut doesn’t exist create your own and run it manually
O4 - HKLM…\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"HP Component Manager
“Checks the internet for updated drivers/utilities for your HP product - update manually. Disabling will remove the error ““Windows can’t shutdown the computer because hpcmpmgr.exe can’t be ended”””
O4 - HKCU…\Run: [msnmsgr] “C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe” /backgroundmsnmsgr
"MSN Messenger utility. If you don’t use MSN Messenger
O4 - HKCU…\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exeCtfmon.exe
“CoolWebSearch Ctfmon32 parasite variant”
O4 - HKUS\S-1-5-19…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘SERVICE LOCAL’)Ctfmon.exe
“CoolWebSearch Ctfmon32 parasite variant”
O4 - HKUS\S-1-5-20…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘SERVICE RÉSEAU’)Ctfmon.exe
“CoolWebSearch Ctfmon32 parasite variant”
O4 - HKUS\S-1-5-18…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘SYSTEM’)Ctfmon.exe
“CoolWebSearch Ctfmon32 parasite variant”
O4 - HKUS.DEFAULT…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘Default user’)Ctfmon.exe
“CoolWebSearch Ctfmon32 parasite variant”
O4 - Startup: Y’z Toolbar.lnk = C:\WINDOWS\BricoPacks\Crystal Clear\YzToolbar\YzToolBar.exe
O4 - Startup: Y’z Shadow.lnk = C:\WINDOWS\BricoPacks\Crystal Clear\YzShadow\YzShadow.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Crystal Clear\UberIcon\UberIcon Manager.exe
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Crystal Clear\RocketDock\RocketDock.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE… Right Click Menu
Most of the time this is garbage leave it only if you actually use this function. Otherwise for the sake of cleanliness get rid of this sucker. A wise man once said Cleanliness is next to godliness
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dllSun Java Console
Related to Sun Java
O9 - Extra ‘Tools’ menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dllSun Java Console
Related to Sun Java
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exeUninstall BitDefender Online Scanner v8
BitDefender Free Online Virus Scan See_Here
O9 - Extra ‘Tools’ menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exeUninstall BitDefender Online Scanner v8
BitDefender Free Online Virus Scan See_Here
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLLResearch
Microsoft Office related
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe@xpsp3res.dll-20001
Related to Network_Diagnostics for Windows XP is available to help identify and fix network connection problems. Note: File is located under %windir%Network Diagnostic.
O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe@xpsp3res.dll-20001
Related to Network_Diagnostics for Windows XP is available to help identify and fix network connection problems. Note: File is located under %windir%Network Diagnostic.
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeWindows Messenger
Related to Microsoft’s Windows Messenger.
O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeWindows Messenger
Related to Microsoft’s Windows Messenger.
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dllWinsock Hijacker
Every time I’ve seen this its been a bad thing
O15 - Trusted Zone: *.canalplay.com (HKLM)Trusted Zone
Do you really trust this site? If you don’t really trust this site make sure you have HJT fix this line
O15 - Trusted Zone: *.canalplusactive.com (HKLM)Trusted Zone
Do you really trust this site? If you don’t really trust this site make sure you have HJT fix this line
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dllUnnamed BHO
yinst0401.cab - Yahoo Messenger Installer
O16 - DPF: {54BE6B6F-3056-470B-97E1-BB92E051B6C4} - h30155.www3.hp.com… Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - messenger.zone.msn.com… Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - www.coupdepoucepc.com…
Bitdefender
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - messenger.zone.msn.com… Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O23 - Service: Acer Media Server - Acer Inc. - C:\Program Files\Acer\Acer eConsole\MediaServerService.exeUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exeAti HotKey Poller
ATI Video Card Control Panel
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exeUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender S.R.L. - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exeBitDefender Desktop Update Service
Update service for BitDefender_Antivirus
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exePml Driver HPZ12
Related to HP printers.
O23 - Service: Private Folder Service (prfldsvc) - Unknown owner - C:\Program Files\Microsoft Private Folder 1.0\PrfldSvc.exeUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exeBitDefender Virus Shield
Related to bitdefender (Virusshield)
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exeUnknown Item
Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
O23 - Service: BitDefender Communicator (XCOMM) - Softwin - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exeBitDefender Communicator
Related to bitdefender Antivirus
Edité le 05/03/2008 à 19:10
Si je comprends bien tu as tout reformaté ?
Ce rapport est obsolète…lol
dans tous les cas, tu as bien fait car ce rapport n’était pas propre.
a+
oui tu as raison, mais bon la profaine fois je ferais attention
a+
N’hesites pas si tu as un doute dans l’avenir à venir sur ce Forum Clubic…:super:
et post tes log avant de faire les manips.
a+