moscou

Membres

Afficher le profil Afficher son activité

Compteur de contenus
13
Inscription
le 6 octobre 2006
Dernière visite
le 26 février 2008

Autres informations

Mes langues
français anglais

moscou's Achievements

Junior Member (3/12)

Réputation sur la communauté

mise en route de outlook et internet explorer impossible, raccourcis q

moscou a répondu à un(e) sujet de moscou dans Analyses et éradication malwares

Bonjour, Comme demander sur le tuto j'ai lancer go.cmd et quand je valide le choix 1 pour le scan je n'ai pas la même info que sur le tuto, à l'écren je peux lire : Lancement de chercher... et ça dur J'ai lancer, (au hazrd) help.cmd et là j'ai un resultat.txt : Le voici : FPort v2.0 - TCP/IP Process to Port Mapper Copyright 2000 by Foundstone, Inc. http://www.foundstone.com Pid Process Port Proto Path 1660 -> 1025 TCP 1248 -> 135 TCP 1544 -> 2869 TCP 0 System -> 1346 TCP 0 System -> 1347 TCP 0 System -> 1348 TCP 4 System -> 139 TCP 4 System -> 445 TCP 2632 firefox -> 1051 TCP C:\Program Files\Mozilla Firefox\firefox.exe 2632 firefox -> 1052 TCP C:\Program Files\Mozilla Firefox\firefox.exe 2632 firefox -> 1056 TCP C:\Program Files\Mozilla Firefox\firefox.exe 2632 firefox -> 1057 TCP C:\Program Files\Mozilla Firefox\firefox.exe 1544 -> 1027 UDP 1660 -> 1029 UDP 1248 -> 445 UDP 0 System -> 123 UDP 0 System -> 137 UDP 0 System -> 138 UDP 0 System -> 1900 UDP 4 System -> 500 UDP 0 System -> 53 UDP 0 System -> 67 UDP 0 System -> 68 UDP 2632 firefox -> 1028 UDP C:\Program Files\Mozilla Firefox\firefox.exe 2632 firefox -> 1048 UDP C:\Program Files\Mozilla Firefox\firefox.exe 2632 firefox -> 123 UDP C:\Program Files\Mozilla Firefox\firefox.exe 2632 firefox -> 4500 UDP C:\Program Files\Mozilla Firefox\firefox.exe PsList 1.26 - Process Information Lister Copyright © 1999-2004 Mark Russinovich Sysinternals - www.sysinternals.com Process information for SPOON: Name Pid Pri Thd Hnd VM WS Priv Idle 0 0 2 0 0 16 0 System 4 8 136 389 1904 240 0 smss 856 11 3 21 3828 372 164 csrss 932 13 14 598 28512 4696 1888 winlogon 956 13 20 452 51156 1872 6264 services 1004 9 14 286 21444 3264 1676 MDM 380 8 4 94 34752 3068 984 nvsvc32 456 8 3 97 23528 3156 1868 svchost 660 8 5 138 36076 4040 2368 TrueImageTryStartService 704 8 3 188 30780 4716 2076 svchost 1184 8 17 217 64576 5052 3132 wisptis 1700 13 3 105 28472 3828 2264 svchost 1248 8 11 342 38668 4304 1868 svchost 1344 8 75 1598 120508 24680 15440 svchost 1404 8 6 86 30520 3272 1280 svchost 1544 8 17 267 48548 7204 3584 alg 1660 8 5 106 33280 3480 1148 spoolsv 1748 8 12 166 54248 5604 3916 schedul2 1940 8 4 57 26900 2348 724 sched 1960 8 7 68 33596 2348 1744 avguard 1972 8 27 98 104944 8492 61760 CDAC11BA 1984 8 4 30 13532 1120 304 svchost 2452 8 8 95 36900 3372 1560 lsass 1016 9 19 354 41700 1040 3724 WgaTray 3436 8 6 335 60556 300 5904 hpqimzone 1884 8 6 244 131512 4732 31704 explorer 3488 8 21 646 126952 38348 26116 acrotray 620 8 1 26 25784 2280 620 dslmon 1208 8 1 309 31152 3272 984 SPUVolumeWatcher 1492 8 2 50 31060 1068 840 cmd 1624 8 1 19 13844 1552 1488 chcp.com 3580 8 1 18 12864 1188 300 firefox 2632 8 15 308 160264 74396 63012 SOUNDMAN 3672 8 2 65 33692 2612 1812 daemon 3680 8 2 62 31908 3124 1184 VersionCueTray 3724 8 1 34 26968 2284 572 versato 3736 8 6 85 36660 3176 2056 rundll32 3768 8 1 37 31100 2848 1960 MMTrayLSI 3784 8 1 29 24972 2196 568 MMTray2k 3800 8 1 33 27484 2736 684 MMTray 3808 8 1 29 24972 2172 568 realsched 3820 8 4 109 35600 204 912 qttask 3828 8 2 47 25920 2200 600 cmd 3836 8 1 19 13912 1540 1484 pslist 2076 13 2 85 17864 1796 784 avgnt 3844 8 4 54 35480 760 2432 hpwuSchd2 3864 8 1 25 24808 1992 536 winampa 3872 8 1 25 25164 2120 592 TrueImageMonitor 3888 8 12 281 45936 4444 3860 TimounterMonitor 3896 8 5 194 42036 5796 6720 schedhlp 3904 8 1 38 25228 2304 592 jusched 3936 8 1 26 27764 2340 664 ctfmon 3960 8 1 91 30456 3484 860 tbon 3988 8 6 210 55096 7048 2020 GoogleToolbarNotifier 4004 8 4 172 45656 352 2864 LacieBackup 4048 8 8 289 135600 34124 30864 ListDLLs v2.25 - DLL lister for Win9x/NT Copyright © 1997-2004 Mark Russinovich Sysinternals - www.sysinternals.com ------------------------------------------------------------------------------ explorer.exe pid: 3488 Command line: C:\WINDOWS\Explorer.EXE Base Size Version Path 0x58b50000 0x9a000 5.82.2900.2982 C:\WINDOWS\system32\comctl32.dll 0x76f80000 0x7f000 2001.12.4414.0308 C:\WINDOWS\system32\CLBCATQ.DLL 0x77000000 0xd4000 2001.12.4414.0258 C:\WINDOWS\system32\COMRes.dll 0x76ac0000 0x11000 3.05.2284.0000 C:\WINDOWS\system32\ATL.DLL 0x7d200000 0x2be000 3.01.4000.4039 C:\WINDOWS\system32\msi.dll 0x164a0000 0x23000 5.02.5721.5145 C:\WINDOWS\system32\WPDShServiceObj.dll 0x109c0000 0x2c000 5.02.5721.5145 C:\WINDOWS\system32\PortableDeviceTypes.dll 0x10930000 0x49000 5.02.5721.5145 C:\WINDOWS\system32\PortableDeviceApi.dll 0x74bf0000 0x2c000 4.02.5406.0000 C:\WINDOWS\system32\OLEACC.dll 0x76010000 0x65000 6.02.3104.0000 C:\WINDOWS\system32\MSVCP60.dll 0x16200000 0x6000 4.01.0000.0000 C:\PROGRA~1\WINZIP\WZSHLSTB.DLL 0x01e10000 0x2b000 C:\Program Files\WinRAR\rarext.dll 0x10000000 0x76000 11.00.0000.8041 C:\Program Files\Acronis\TrueImageHome\tishell.dll 0x01de0000 0x1f000 4.00.0000.0469 C:\Program Files\Acronis\TrueImageHome\timounter.dll 0x02dd0000 0x11000 7.00.0000.0010 C:\Program Files\AntiVir PersonalEdition Classic\shlext.dll 0x7c250000 0x102000 7.10.3077.0000 C:\Program Files\AntiVir PersonalEdition Classic\MFC71U.DLL 0x02df0000 0x56000 7.10.3052.0004 C:\Program Files\AntiVir PersonalEdition Classic\MSVCR71.dll 0x5d360000 0xf000 7.10.3077.0000 C:\WINDOWS\system32\MFC71FRA.DLL 0x01720000 0xb000 6.00.0000.0878 D:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll 0x03010000 0x16f000 4.05.0167.0000 C:\Program Files\Online_TV\tbOnl0.dll 0x325c0000 0x12000 11.00.5510.0000 C:\Program Files\Microsoft Office\OFFICE11\msohev.dll 0x64000000 0x2e000 2004.11.0023.0001 C:\PROGRA~1\Yahoo!\Common\ymmapi20041123.dll 0x02780000 0x65000 1.00.0000.0878 D:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat Elements\ContextMenu.dll 0x73d20000 0xfe000 6.02.4131.0000 C:\WINDOWS\system32\MFC42.DLL 0x61d70000 0xe000 6.00.8665.0000 C:\WINDOWS\system32\MFC42LOC.DLL 0x01d30000 0x20000 1.00.0000.0878 D:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat Elements\ContextMenu.fra 0x748f0000 0x113000 8.90.1101.0000 C:\WINDOWS\System32\msxml3.dll 0x74630000 0x27000 3.10.0349.0000 C:\WINDOWS\System32\msls31.dll 0x60980000 0x7000 3.01.4000.1823 C:\WINDOWS\system32\MSISIP.DLL 0x74e10000 0x10000 5.06.0000.8820 C:\WINDOWS\System32\wshext.dll 0x59000000 0xe000 5.06.0000.6626 C:\WINDOWS\System32\wshFR.DLL 0x36d30000 0x19000 11.00.5510.0000 C:\PROGRA~1\MICROS~2\OFFICE11\MCPS.DLL ListDLLs v2.25 - DLL lister for Win9x/NT Copyright © 1997-2004 Mark Russinovich Sysinternals - www.sysinternals.com ------------------------------------------------------------------------------ winlogon.exe pid: 956 Command line: winlogon.exe Base Size Version Path 0x01000000 0x81000 \??\C:\WINDOWS\system32\winlogon.exe 0x58b50000 0x9a000 5.82.2900.2982 C:\WINDOWS\system32\COMCTL32.dll 0x74730000 0x3d000 3.525.1117.0000 C:\WINDOWS\system32\ODBC32.dll 0x20000000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll 0x011e0000 0x3b000 1.07.0018.0007 C:\WINDOWS\system32\WgaLogon.dll 0x76f80000 0x7f000 2001.12.4414.0308 C:\WINDOWS\system32\CLBCATQ.DLL 0x77000000 0xd4000 2001.12.4414.0258 C:\WINDOWS\system32\COMRes.dll ListDLLs v2.25 - DLL lister for Win9x/NT Copyright © 1997-2004 Mark Russinovich Sysinternals - www.sysinternals.com No matching processes were found. ListDLLs v2.25 - DLL lister for Win9x/NT Copyright © 1997-2004 Mark Russinovich Sysinternals - www.sysinternals.com ------------------------------------------------------------------------------ services.exe pid: 1004 Command line: C:\WINDOWS\system32\services.exe Base Size Version Path 0x76010000 0x65000 6.02.3104.0000 C:\WINDOWS\system32\MSVCP60.dll Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 743B-83F9 Répertoire de C:\Program Files 19/02/2008 18:33 <REP> . 19/02/2008 18:33 <REP> .. 13/02/2005 13:00 <REP> ACE Mega CoDecS Pack 02/01/2008 22:38 <REP> Acronis 06/02/2008 22:18 <REP> Adobe 16/03/2004 10:36 <REP> Adobe Type Manager 28/02/2004 18:57 <REP> Agfa 28/02/2004 18:57 <REP> AGFAnet 05/09/2004 20:54 <REP> Ahead 16/03/2007 10:17 <REP> Ahead DVD Ripper 05/09/2004 18:57 <REP> Alcohol Soft 09/03/2007 18:49 <REP> All Sound Recorder XP 210 22/02/2008 20:23 <REP> AntiVir PersonalEdition Classic 11/07/2004 17:30 <REP> backburner 2 23/05/2007 11:24 <REP> BitTorrent 23/05/2007 19:14 <REP> BitTorrent Fastest Tool 04/08/2005 15:51 <REP> BJC - The Printer Angel 05/05/2005 20:19 <REP> Boilsoft AVI Converter 05/07/2007 19:24 <REP> Bradbury 13/02/2006 17:57 <REP> Canon 21/03/2005 15:30 <REP> Club-Internet 04/05/2005 21:59 <REP> Common Files 28/02/2004 17:16 <REP> ComPlus Applications 05/09/2004 19:29 <REP> Cucusoft 16/10/2004 09:39 <REP> Digidesign 15/12/2007 20:11 <REP> DivX 05/05/2005 20:12 <REP> DivX_311alpha 17/10/2004 18:30 <REP> emagic 22/02/2008 20:20 <REP> eMule 19/02/2008 18:40 <REP> Fichiers communs 14/04/2004 11:08 <REP> foobar2000 01/12/2007 19:20 <REP> Free 17/02/2005 18:34 <REP> Free.fr 12/01/2008 20:58 <REP> Freeplayer 10/07/2005 12:36 <REP> FTP Commander 10/07/2005 12:36 <REP> Ftp-It 16/03/2007 10:34 <REP> Google 06/05/2005 18:21 <REP> GustoSoft 06/11/2005 22:09 <REP> HammerHead 22/11/2006 19:14 <REP> Hewlett-Packard 11/07/2004 18:51 <REP> HighMAT CD Writing Wizard 07/10/2006 12:57 <REP> hijackthis 22/11/2006 19:14 <REP> HP 28/02/2004 17:35 <REP> Intel 13/02/2008 22:41 <REP> Internet Explorer 04/05/2005 22:07 <REP> IrfanView 15/02/2008 19:30 <REP> Java 15/02/2008 17:43 <REP> jv16 PowerTools 10/06/2006 11:17 <REP> Kazaa Lite K++ 04/09/2007 18:51 <REP> LaCie 22/07/2007 20:32 <REP> Macromedia 16/03/2007 09:33 <REP> MagicDVDRipper 24/05/2007 14:06 <REP> Matroska Playback Pack 16/02/2005 18:21 <REP> Messenger 28/02/2004 17:19 <REP> microsoft frontpage 15/02/2008 19:19 <REP> Microsoft Office 28/02/2004 17:52 <REP> Microsoft Visual Studio 15/02/2008 19:18 <REP> Microsoft.NET 13/10/2004 10:38 <REP> Movie Maker 23/02/2008 16:16 <REP> Mozilla Firefox 28/02/2004 17:16 <REP> MSN Gaming Zone 23/11/2006 18:30 <REP> MSXML 4.0 12/01/2007 23:44 <REP> Multi_Media 05/05/2005 20:53 <REP> MUSK Codec Pack v3 16/10/2004 09:39 <REP> Native Instruments 01/06/2006 08:44 <REP> Need2Find 13/10/2004 10:36 <REP> NetMeeting 16/03/2007 10:19 <REP> NO1 DVD Audio Ripper 08/10/2006 19:07 <REP> Norton AntiVirus 20/03/2005 11:18 <REP> OE-Mail Recovery 21/09/2007 19:48 <REP> Online_TV 13/06/2007 22:25 <REP> Outlook Express 04/03/2004 23:32 <REP> PicturePlayer 13/05/2005 16:36 <REP> PopCap Games 20/03/2005 11:19 <REP> Qualcomm 15/05/2005 12:06 <REP> QuickTime 16/03/2007 09:52 <REP> RadLight LLC 07/03/2004 16:37 <REP> Real 15/02/2008 17:55 <REP> RegCleaner 15/02/2008 18:14 <REP> Registry Mechanic 29/02/2004 11:37 <REP> SAGEM 16/03/2007 09:38 <REP> SDVDRIP190 09/05/2005 17:23 <REP> Serials 2000 28/02/2004 17:16 <REP> Services en ligne 01/06/2006 08:47 <REP> Skype 04/09/2004 13:57 <REP> SlySoft 14/01/2008 12:07 <REP> Sony 21/10/2006 23:08 <REP> SpeedFan 06/10/2006 07:41 <REP> Spybot - Search & Destroy 16/10/2004 09:39 <REP> Steinberg 16/03/2007 10:12 <REP> Super DVD Ripper 19/02/2008 18:40 <REP> SUPERAntiSpyware 08/10/2006 19:09 <REP> Symantec 11/07/2004 17:17 <REP> Syncrosoft 08/10/2006 19:11 <REP> TBONBin 06/10/2006 08:54 <REP> Trend Micro 28/08/2004 10:01 <REP> TypeTool 01/12/2007 19:32 <REP> Winamp 11/07/2004 18:54 <REP> Windows Journal Viewer 18/01/2007 21:49 <REP> Windows Media Connect 2 18/01/2007 21:49 <REP> Windows Media Player 15/02/2008 09:42 <REP> Windows NT 26/09/2006 22:10 <REP> WinRAR 06/09/2004 20:51 <REP> WinZip 28/02/2004 17:19 <REP> xerox 04/05/2005 20:27 <REP> XviD 18/02/2005 19:17 <REP> Yahoo! 09/09/2007 13:18 <REP> Zylom Games 0 fichier(s) 0 octets 108 Rép(s) 85 933 420 544 octets libres C:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Inst2\Cnmvsa.exe C:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Inst2\helpkicker.exe C:\Documents and Settings\All Users\Application Data\U3\U3Launcher\LaunchU3.exe C:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\chocolatier\fr-FR\chocolatier.exe C:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\zylom\ZylomExtension\HardwareTest.exe C:\Documents and Settings\Benoît\Application Data\Adobe\Acrobat\7.0\Updater\AdbeRdr709_fr_FR.exe C:\Documents and Settings\Benoît\Application Data\Microsoft\Installer\{5967A03E-3B74-4DF1-B591-2D89CA26BDC9}\ARPPRODUCTICON.exe C:\Documents and Settings\Benoît\Application Data\Microsoft\Installer\{5967A03E-3B74-4DF1-B591-2D89CA26BDC9}\NewShortcut1_6DD9963C271A4A1482B04DC148C52E58_2.exe C:\Documents and Settings\Benoît\Application Data\Microsoft\Installer\{5967A03E-3B74-4DF1-B591-2D89CA26BDC9}\NewShortcut2_6DD9963C271A4A1482B04DC148C52E58_2.exe C:\Documents and Settings\Benoît\Application Data\Microsoft\Installer\{885A63EA-382B-4DD4-A755-14809B8557D6}\ARPPRODUCTICON.exe C:\Documents and Settings\Benoît\Application Data\Microsoft\Installer\{91057632-CA70-413C-B628-2D3CDBBB906B}\ARPPRODUCTICON.exe C:\Documents and Settings\Benoît\Application Data\U3\temp\cleanup.exe C:\Documents and Settings\Benoît\Bureau\drivfbxusb.exe C:\Documents and Settings\Benoît\Bureau\ie6setup.exe C:\Documents and Settings\Benoît\Bureau\IE7Setup_G_FR.exe C:\Documents and Settings\Benoît\Bureau\jv16pt_setup.exe C:\Documents and Settings\Benoît\Bureau\RegCleaner.exe C:\Documents and Settings\Benoît\Bureau\rminstall.exe C:\Documents and Settings\Benoît\Bureau\SUPERAntiSpywarePro.exe C:\Documents and Settings\Benoît\Bureau\WGAPluginInstall.exe C:\Documents and Settings\Benoît\Bureau\archive\wab.exe C:\Documents and Settings\Benoît\Bureau\archive\wabmig.exe C:\Documents and Settings\Benoît\Bureau\DiagHelp\catchme.exe C:\Documents and Settings\Benoît\Bureau\DiagHelp\diff.exe C:\Documents and Settings\Benoît\Bureau\DiagHelp\dumphive.exe C:\Documents and Settings\Benoît\Bureau\DiagHelp\FilesInfoCmd.exe C:\Documents and Settings\Benoît\Bureau\DiagHelp\find2.exe C:\Documents and Settings\Benoît\Bureau\DiagHelp\Fport.exe C:\Documents and Settings\Benoît\Bureau\DiagHelp\grep.exe C:\Documents and Settings\Benoît\Bureau\DiagHelp\gzip.exe C:\Documents and Settings\Benoît\Bureau\DiagHelp\KProcCheck.exe C:\Documents and Settings\Benoît\Bureau\DiagHelp\LFiles.exe C:\Documents and Settings\Benoît\Bureau\DiagHelp\LISTDLLS.exe C:\Documents and Settings\Benoît\Bureau\DiagHelp\md5sums.exe C:\Documents and Settings\Benoît\Bureau\DiagHelp\pslist.exe C:\Documents and Settings\Benoît\Bureau\DiagHelp\sigcheck.exe C:\Documents and Settings\Benoît\Bureau\DiagHelp\streams.exe C:\Documents and Settings\Benoît\Bureau\DiagHelp\swreg.exe C:\Documents and Settings\Benoît\Bureau\DiagHelp\tar.exe C:\Documents and Settings\Benoît\Bureau\logiciel\Firefox Setup 2.0.0.6.exe C:\Documents and Settings\Benoît\Bureau\logiciel\DiagHelp\catchme.exe C:\Documents and Settings\Benoît\Bureau\logiciel\DiagHelp\diff.exe C:\Documents and Settings\Benoît\Bureau\logiciel\DiagHelp\dumphive.exe C:\Documents and Settings\Benoît\Bureau\logiciel\DiagHelp\FilesInfoCmd.exe C:\Documents and Settings\Benoît\Bureau\logiciel\DiagHelp\find2.exe C:\Documents and Settings\Benoît\Bureau\logiciel\DiagHelp\Fport.exe C:\Documents and Settings\Benoît\Bureau\logiciel\DiagHelp\grep.exe C:\Documents and Settings\Benoît\Bureau\logiciel\DiagHelp\gzip.exe C:\Documents and Settings\Benoît\Bureau\logiciel\DiagHelp\KProcCheck.exe C:\Documents and Settings\Benoît\Bureau\logiciel\DiagHelp\LFiles.exe C:\Documents and Settings\Benoît\Bureau\logiciel\DiagHelp\LISTDLLS.exe C:\Documents and Settings\Benoît\Bureau\logiciel\DiagHelp\md5sums.exe C:\Documents and Settings\Benoît\Bureau\logiciel\DiagHelp\pslist.exe C:\Documents and Settings\Benoît\Bureau\logiciel\DiagHelp\sigcheck.exe C:\Documents and Settings\Benoît\Bureau\logiciel\DiagHelp\streams.exe C:\Documents and Settings\Benoît\Bureau\logiciel\DiagHelp\swreg.exe C:\Documents and Settings\Benoît\Bureau\logiciel\DiagHelp\tar.exe C:\Documents and Settings\Benoît\Bureau\logiciel\logiciellecture\avi_to_vcd_converter.exe C:\Documents and Settings\Benoît\Bureau\logiciel\super_pi\SUPER_PI\SUPER_PI.EXE C:\Documents and Settings\Benoît\Local Settings\Temp\mun299.exe C:\Documents and Settings\Benoît\Mes documents\suiteadobe\Adobe Indesign CS 3.0 Fr\Setup.exe C:\Documents and Settings\Benoît\Mes documents\suiteadobe\Adobe Indesign CS 3.0 Fr\zidxp.exe Je vais maintenant utilisez SDfix Si vous avez une idée de ce qui ne vas pas, cela fais une semaine que je n'ai plus accés à outlook, je peux utiliser mon ordi, mais sans acces à outlook je perd plein d'info contenue dans mes mail. Savez vous si je peux récupérer mes mail sur un autre logicile ? Merci
- le 23 février 2008
- 4 réponses
mise en route de outlook et internet explorer impossible, raccourcis q

moscou a répondu à un(e) sujet de moscou dans Analyses et éradication malwares

J'ai bien fait tout ça mais superantispyware ne marche pas, ni ad aware qui ne marche plus non plus? voivi tout de même un rapport hijackthis apres un scan antivir. Merci de me dire si vous avez un solution ppour l'insatl de super spyware pour que ça marche. M. Logfile of HijackThis v1.99.1 Scan saved at 18:30:36, on 19/02/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\System32\drivers\CDAC11BA.EXE C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\WgaTray.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\SOUNDMAN.EXE D:\Program Files\D-Tools\daemon.exe D:\Program Files\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe C:\WINDOWS\System32\USB_Kbd\Versato.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\system32\MMTrayLSI.exe C:\WINDOWS\system32\MMTray2k.exe C:\WINDOWS\system32\MMTray.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\TBONBin\tbon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\LaCie\Backup Software\LaCieBackup.exe D:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe C:\Program Files\SAGEM\SAGEM F@st800\dslmon.exe C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\tmp\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.paddytheque.net/article-5231407.html R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.club-internet.fr/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Online TV Toolbar - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - C:\Program Files\Online_TV\tbOnl0.dll O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\ycomp5_6_2_0.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Online TV Toolbar - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - C:\Program Files\Online_TV\tbOnl0.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar5.dll O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - D:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\ycomp5_6_2_0.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar5.dll O3 - Toolbar: Online TV Toolbar - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - C:\Program Files\Online_TV\tbOnl0.dll O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [DAEMON Tools-1033] "D:\Program Files\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [AdobeVersionCue] D:\Program Files\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe O4 - HKLM\..\Run: [Versato] C:\WINDOWS\System32\USB_Kbd\Versato.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [Win32] C:\Win32\dll\Win32k.exe -starthide C:\Win32\dll\Win32.exe -local O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [MMTrayLSI] MMTrayLSI.exe O4 - HKLM\..\Run: [MMTray2K] MMTray2k.exe O4 - HKLM\..\Run: [MMTray] MMTray.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet O4 - HKCU\..\Run: [tbon] C:\Program Files\TBONBin\tbon.exe /r O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [LaCie Backup] C:\Program Files\LaCie\Backup Software\\LaCieBackup.exe /background O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe O4 - Global Startup: Assistant d'Acrobat.lnk = D:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe O4 - Global Startup: DSLMON.lnk = ? O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe O8 - Extra context menu item: &Search - http://ko.bar.need2find.com/KO/menusearch.html?p=KO O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {2D2BEE6E-3C9A-4D58-B9EC-458EDB28D0F6} - http://www.drivecleaner.com/.freeware/inst...leanerstart.cab O16 - DPF: {49232000-16E4-426C-A231-62846947304B} - http://ipgweb.cce.hp.com/rdqemea/downloads/sysinfo.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - https://static.impots.gouv.fr/tdir/static/a...gnerADP-1.0.cab O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} - http://paris.tourismeville.wanadoo.fr/acti...sCamControl.cab O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game09.zylom.com/activex/zylomgamesplayer.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{013962C2-7616-4ADE-85EB-0D6316CE127E}: NameServer = 212.27.53.252,212.27.54.252 O17 - HKLM\System\CS1\Services\Tcpip\..\{013962C2-7616-4ADE-85EB-0D6316CE127E}: NameServer = 212.27.53.252,212.27.54.252 O17 - HKLM\System\CS2\Services\Tcpip\..\{013962C2-7616-4ADE-85EB-0D6316CE127E}: NameServer = 212.27.53.252,212.27.54.252 O17 - HKLM\System\CS3\Services\Tcpip\..\{013962C2-7616-4ADE-85EB-0D6316CE127E}: NameServer = 212.27.53.252,212.27.54.252 O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AdobeVersionCue - Adobe Sytems - D:\Program Files\Adobe\Adobe Version Cue\service\VersionCue.exe O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Batsie - Unknown owner - (no file) O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe
- le 19 février 2008
- 4 réponses
mise en route de outlook et internet explorer impossible, raccourcis q

moscou a posté un sujet dans Analyses et éradication malwares

Bonjour, Voici le rapport hijachthis Problème du PC: Les icones de raccourcis sur le bureau ouvre le fénétres qui se bloque immédiatement avec cette info d'erreur qui apparait : Explorer.EXE a rencontré un problème et doit fermer. Nous vous prions de nous excuser pour le désagrément encouru. Quand je lance Outlook, le logicile s'ouvre et se bloque en en dissant : Microsoft Office Outlook a rencontré un problème et doit être fermé. Nous vous prions de nous excuser pour le désagrément encouru. signature de l'erreur : AppName: outlook.exe AppVer: 11.0.5510.0 AppStamp:3f1380f0 ModName: kernel32.dll ModVer: 5.1.2600.3119 ModStamp:46239be7 fDebug: 0 Offset: 00009783 Quand je lance internet explorer le même chose arrive: AppName: iexplore.exe AppVer: 6.0.2900.2180 ModName: mshtml.dll ModVer: 6.0.2900.3268 Offset: 00092445 J'ai donc tenté de faire une restauration du système et là j'ai le message suivant : rstrui.exe a rencontré un problème et doit fermer. Nous vous prions de nous excuser pour le désagrément encouru. AppName: rstrui.exe AppVer: 5.1.2600.2180 ModName: mshtml.dll ModVer: 6.0.2900.3268 Offset: 00091d05 rapport : Logfile of HijackThis v1.99.1 Scan saved at 19:09:29, on 17/02/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\System32\drivers\CDAC11BA.EXE C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\WgaTray.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\SOUNDMAN.EXE D:\Program Files\D-Tools\daemon.exe D:\Program Files\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe C:\WINDOWS\System32\USB_Kbd\Versato.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\system32\MMTrayLSI.exe C:\WINDOWS\system32\MMTray2k.exe C:\WINDOWS\system32\MMTray.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Winamp\winampa.exe C:\WINDOWS\system32\Sysupd\sysupd.exe C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\TBONBin\tbon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\LaCie\Backup Software\LaCieBackup.exe D:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe C:\Program Files\SAGEM\SAGEM F@st800\dslmon.exe C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe C:\WINDOWS\system32\Sysupd\projects\www.ufluids.net\evolver_4.10_windows_intelx86.exe C:\tmp\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.paddytheque.net/article-5231407.html R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.club-internet.fr/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Online TV Toolbar - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - C:\Program Files\Online_TV\tbOnl0.dll O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\ycomp5_6_2_0.dll O2 - BHO: Online TV Toolbar - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - C:\Program Files\Online_TV\tbOnl0.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar5.dll O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - D:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\ycomp5_6_2_0.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar5.dll O3 - Toolbar: Online TV Toolbar - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - C:\Program Files\Online_TV\tbOnl0.dll O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [DAEMON Tools-1033] "D:\Program Files\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [AdobeVersionCue] D:\Program Files\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe O4 - HKLM\..\Run: [Versato] C:\WINDOWS\System32\USB_Kbd\Versato.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [Win32] C:\Win32\dll\Win32k.exe -starthide C:\Win32\dll\Win32.exe -local O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [MMTrayLSI] MMTrayLSI.exe O4 - HKLM\..\Run: [MMTray2K] MMTray2k.exe O4 - HKLM\..\Run: [MMTray] MMTray.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon O4 - HKLM\..\Run: [system Updater] C:\WINDOWS\system32\Sysupd\sysupd.exe -detach O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet O4 - HKCU\..\Run: [tbon] C:\Program Files\TBONBin\tbon.exe /r O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [LaCie Backup] C:\Program Files\LaCie\Backup Software\\LaCieBackup.exe /background O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe O4 - Global Startup: Assistant d'Acrobat.lnk = D:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe O4 - Global Startup: DSLMON.lnk = ? O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe O8 - Extra context menu item: &Search - http://ko.bar.need2find.com/KO/menusearch.html?p=KO O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {2D2BEE6E-3C9A-4D58-B9EC-458EDB28D0F6} - http://www.drivecleaner.com/.freeware/inst...leanerstart.cab O16 - DPF: {49232000-16E4-426C-A231-62846947304B} - http://ipgweb.cce.hp.com/rdqemea/downloads/sysinfo.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - https://static.impots.gouv.fr/tdir/static/a...gnerADP-1.0.cab O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} - http://paris.tourismeville.wanadoo.fr/acti...sCamControl.cab O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game09.zylom.com/activex/zylomgamesplayer.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{013962C2-7616-4ADE-85EB-0D6316CE127E}: NameServer = 212.27.53.252,212.27.54.252 O17 - HKLM\System\CS1\Services\Tcpip\..\{013962C2-7616-4ADE-85EB-0D6316CE127E}: NameServer = 212.27.53.252,212.27.54.252 O17 - HKLM\System\CS2\Services\Tcpip\..\{013962C2-7616-4ADE-85EB-0D6316CE127E}: NameServer = 212.27.53.252,212.27.54.252 O17 - HKLM\System\CS3\Services\Tcpip\..\{013962C2-7616-4ADE-85EB-0D6316CE127E}: NameServer = 212.27.53.252,212.27.54.252 O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AdobeVersionCue - Adobe Sytems - D:\Program Files\Adobe\Adobe Version Cue\service\VersionCue.exe O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe
- le 17 février 2008
- 4 réponses
erreur au démarrage des raccourcis, de outlook et pas de restauration

moscou a répondu à un(e) sujet de moscou dans Software

Bonjour, Voici le rapport hijachthis Problème du PC: Les icones de raccourcis sur le bureau ouvre le fénétres qui se bloque immédiatement avec cette info d'erreur qui apparait : Explorer.EXE a rencontré un problème et doit fermer. Nous vous prions de nous excuser pour le désagrément encouru. Quand je lance Outlook, le logicile s'ouvre et se bloque en en dissant : Microsoft Office Outlook a rencontré un problème et doit être fermé. Nous vous prions de nous excuser pour le désagrément encouru. signature de l'erreur : AppName: outlook.exe AppVer: 11.0.5510.0 AppStamp:3f1380f0 ModName: kernel32.dll ModVer: 5.1.2600.3119 ModStamp:46239be7 fDebug: 0 Offset: 00009783 Quand je lance internet explorer le même chose arrive: AppName: iexplore.exe AppVer: 6.0.2900.2180 ModName: mshtml.dll ModVer: 6.0.2900.3268 Offset: 00092445 J'ai donc tenté de faire une restauration du système et là j'ai le message suivant : rstrui.exe a rencontré un problème et doit fermer. Nous vous prions de nous excuser pour le désagrément encouru. AppName: rstrui.exe AppVer: 5.1.2600.2180 ModName: mshtml.dll ModVer: 6.0.2900.3268 Offset: 00091d05 rapport : Logfile of HijackThis v1.99.1 Scan saved at 19:09:29, on 17/02/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\System32\drivers\CDAC11BA.EXE C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\WgaTray.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\SOUNDMAN.EXE D:\Program Files\D-Tools\daemon.exe D:\Program Files\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe C:\WINDOWS\System32\USB_Kbd\Versato.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\system32\MMTrayLSI.exe C:\WINDOWS\system32\MMTray2k.exe C:\WINDOWS\system32\MMTray.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Winamp\winampa.exe C:\WINDOWS\system32\Sysupd\sysupd.exe C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\TBONBin\tbon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\LaCie\Backup Software\LaCieBackup.exe D:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe C:\Program Files\SAGEM\SAGEM F@st800\dslmon.exe C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe C:\WINDOWS\system32\Sysupd\projects\www.ufluids.net\evolver_4.10_windows_intelx86.exe C:\tmp\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.paddytheque.net/article-5231407.html R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.club-internet.fr/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Online TV Toolbar - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - C:\Program Files\Online_TV\tbOnl0.dll O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\ycomp5_6_2_0.dll O2 - BHO: Online TV Toolbar - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - C:\Program Files\Online_TV\tbOnl0.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar5.dll O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - D:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\ycomp5_6_2_0.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar5.dll O3 - Toolbar: Online TV Toolbar - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - C:\Program Files\Online_TV\tbOnl0.dll O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [DAEMON Tools-1033] "D:\Program Files\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [AdobeVersionCue] D:\Program Files\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe O4 - HKLM\..\Run: [Versato] C:\WINDOWS\System32\USB_Kbd\Versato.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [Win32] C:\Win32\dll\Win32k.exe -starthide C:\Win32\dll\Win32.exe -local O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [MMTrayLSI] MMTrayLSI.exe O4 - HKLM\..\Run: [MMTray2K] MMTray2k.exe O4 - HKLM\..\Run: [MMTray] MMTray.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon O4 - HKLM\..\Run: [system Updater] C:\WINDOWS\system32\Sysupd\sysupd.exe -detach O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet O4 - HKCU\..\Run: [tbon] C:\Program Files\TBONBin\tbon.exe /r O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [LaCie Backup] C:\Program Files\LaCie\Backup Software\\LaCieBackup.exe /background O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe O4 - Global Startup: Assistant d'Acrobat.lnk = D:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe O4 - Global Startup: DSLMON.lnk = ? O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe O8 - Extra context menu item: &Search - http://ko.bar.need2find.com/KO/menusearch.html?p=KO O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {2D2BEE6E-3C9A-4D58-B9EC-458EDB28D0F6} - http://www.drivecleaner.com/.freeware/inst...leanerstart.cab O16 - DPF: {49232000-16E4-426C-A231-62846947304B} - http://ipgweb.cce.hp.com/rdqemea/downloads/sysinfo.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - https://static.impots.gouv.fr/tdir/static/a...gnerADP-1.0.cab O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} - http://paris.tourismeville.wanadoo.fr/acti...sCamControl.cab O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game09.zylom.com/activex/zylomgamesplayer.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{013962C2-7616-4ADE-85EB-0D6316CE127E}: NameServer = 212.27.53.252,212.27.54.252 O17 - HKLM\System\CS1\Services\Tcpip\..\{013962C2-7616-4ADE-85EB-0D6316CE127E}: NameServer = 212.27.53.252,212.27.54.252 O17 - HKLM\System\CS2\Services\Tcpip\..\{013962C2-7616-4ADE-85EB-0D6316CE127E}: NameServer = 212.27.53.252,212.27.54.252 O17 - HKLM\System\CS3\Services\Tcpip\..\{013962C2-7616-4ADE-85EB-0D6316CE127E}: NameServer = 212.27.53.252,212.27.54.252 O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AdobeVersionCue - Adobe Sytems - D:\Program Files\Adobe\Adobe Version Cue\service\VersionCue.exe O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe
- le 17 février 2008
- 6 réponses
erreur au démarrage des raccourcis, de outlook et pas de restauration

moscou a répondu à un(e) sujet de moscou dans Software

J'ai suivit ces instructions : Merci, j'ai suivi vos instruction et j'ai reçu des message m'informant de la bonne route de ces commandes. Cependant ça n'a rien changé pour l'instant, j'ai les même erreur que précédemment décrites. Si vous aez d'autres idée, Bonne après-midi, M. icon_Doute.gif CITATION(pear @ samedi 16 février 2008 à 14h16) * Bonjour essayez ceci: Démarrer->Exécuter regsvr32 -u shmedia.dll valider Redémarrez ensuite Démarrer->Exécuter saisissez ces commandes , successivement : regsvr32 /u shmedia.dll->ok regsvr32 /i browseui.dll->ok regsvr32 /i shell32.dll->ok
- le 17 février 2008
- 6 réponses
plus aucun racourci fonctionne

moscou a répondu à un(e) sujet de fenugrec dans Software

Bonjour Fenugrec J'ai un problème qui ressemble au tien, pourrais tu m'indiquer le progrmamme qui a regler le soucis? Merci
- le 17 février 2008
- 9 réponses
erreur au démarrage des raccourcis, de outlook et pas de restauration

moscou a répondu à un(e) sujet de moscou dans Software

Merci, j'ai suivi vos instruction et j'ai reçu des message m'informant de la bonne route de ces commandes. Cependant ça n'a rien changé pour l'instant, j'ai les même erreur que précédemment décrites. Si vous aez d'autres idée, Bonne après-midi, M.
- le 16 février 2008
- 6 réponses
erreur au démarrage des raccourcis, de outlook et pas de restauration

moscou a posté un sujet dans Software

Bonjour, Symptômes: Les icones de raccourcis sur le bureau ouvre le fénétres qui se bloque immédiatement avec cette info d'erreur qui apparait : Explorer.EXE a rencontré un problème et doit fermer. Nous vous prions de nous excuser pour le désagrément encouru. Quand je lance Outlook, le logicile s'ouvre et se bloque en en dissant : Microsoft Office Outlook a rencontré un problème et doit être fermé. Nous vous prions de nous excuser pour le désagrément encouru. signature de l'erreur : AppName: outlook.exe AppVer: 11.0.5510.0 AppStamp:3f1380f0 ModName: kernel32.dll ModVer: 5.1.2600.3119 ModStamp:46239be7 fDebug: 0 Offset: 00009783 Quand je lance internet explorer le même chose arrive: AppName: iexplore.exe AppVer: 6.0.2900.2180 ModName: mshtml.dll ModVer: 6.0.2900.3268 Offset: 00092445 J'ai donc tenté de faire une restauration du système et là j'ai le message suivant : rstrui.exe a rencontré un problème et doit fermer. Nous vous prions de nous excuser pour le désagrément encouru. AppName: rstrui.exe AppVer: 5.1.2600.2180 ModName: mshtml.dll ModVer: 6.0.2900.3268 Offset: 00091d05 J'ai fais un scan avec antivir et spybot, et j'ai trouvé des cookies et autre (désolé pour mon inexactitude) et j'ai aussi cherché à corrigé les registre avec Registry Mechanic de PC tools. Bref, rien y fais, j'ai toujours le même problème. j'ai lu des situation similaire mais sans que tous ces symptômes soi simultanés. Merci de considérer mon problème,
- le 16 février 2008
- 6 réponses
beng

moscou a répondu à un(e) sujet de moscou dans Analyses et éradication malwares

hey, Voici le resultat du scan en ligne. Service load: 0% 100% File: hadcm3transum_5.15_windows_intelx86.exe Status: OK MD5 40197d1cbed5193c8eefac993cf89ab8 Packers detected: - Scanner results AntiVir Found nothing ArcaVir Found nothing Avast Found nothing AVG Antivirus Found nothing BitDefender Found nothing ClamAV Found nothing Dr.Web Found nothing F-Prot Antivirus Found nothing Fortinet Found nothing Kaspersky Anti-Virus Found nothing NOD32 Found nothing Norman Virus Control Found nothing UNA Found nothing VirusBuster Found nothing VBA32 Found nothing Merci A+
- le 8 octobre 2006
- 5 réponses
beng

moscou a répondu à un(e) sujet de moscou dans Analyses et éradication malwares

Bonjour, bruce lee, Non, je ne connais pas, C:\WINDOWS\system32\Sysupd\projects\www.climateprediction.net\hadcm3transum_5.15_windows_intelx86.exe a quoi est ce que cela correspond? Voici le rapport anitivir AntiVir PersonalEdition Classic Report file date: vendredi 6 octobre 2006 22:53 Scanning for 522603 virus strains and unwanted programs. Licensed to: Avira AntiVir PersonalEdition Classic Serial number: 0000149996-WURGE-0001 Platform: Windows XP Windows version: (Service Pack 2) [5.1.2600] Username: Benoît Computer name: SPOON Version information: AVSCAN.EXE : 7.0.0.47 200744 21/08/2006 10:06:56 AVSCAN.DLL : 7.0.0.45 41000 07/09/2006 10:56:33 LUKE.DLL : 7.0.0.47 118824 07/09/2006 10:32:33 LUKERES.DLL : 7.0.0.47 9256 07/09/2006 10:56:33 ANTIVIR0.VDF : 6.35.0.1 7371264 31/05/2006 10:35:27 ANTIVIR1.VDF : 6.36.0.89 1745920 02/10/2006 20:01:38 ANTIVIR2.VDF : 6.36.0.90 2048 02/10/2006 20:01:38 ANTIVIR3.VDF : 6.36.0.96 62976 06/10/2006 20:01:38 AVEWIN32.DLL : 7.2.0.25 1860096 06/10/2006 20:01:38 AVPREF.DLL : 7.0.0.2 23592 24/07/2006 12:36:04 AVREP.DLL : 6.36.0.79 843816 06/10/2006 20:01:38 AVRPBASE.DLL : 7.0.0.0 2162728 30/03/2006 08:43:31 AVPACK32.DLL : 7.2.0.0 368680 21/07/2006 06:00:28 AVREG.DLL : 6.31.0.90 27688 28/07/2005 10:06:36 NETNT.DLL : 6.32.0.0 6696 27/09/2005 07:56:49 NETNW.DLL : 7.0.0.0 9768 24/07/2006 12:35:55 RCIMAGE.DLL : 7.0.0.74 1642536 01/08/2006 11:22:57 RCTEXT.DLL : 7.0.1.4 77864 06/10/2006 20:01:37 Configuration settings for the scan: Jobname.......................: Local Hard Disks Configuration file............: C:\Program Files\AntiVir PersonalEdition Classic\alldiscs.avp Boot sectors..................: C,D,F,G,H Scan memory...................: 1 Process scan..................: 1 Scan all files................: 1 Scan archives.................: 1 Recursion depth...............: 20 Smart extensions..............: 1 Skipped archive types.........: 1000,1001,1002,1003,1004,1005, Macro heuristic...............: 1 File heuristic................: 2 Primary action................: 1 Secondary action..............: 0 Start of the scan: vendredi 6 octobre 2006 22:53 The scan of running processes will be started 4 Processes were scanned Start scanning boot sectors: Boot sector 'C:\' [NOTE] No virus was found! Boot sector 'D:\' [NOTE] No virus was found! Boot sector 'F:\' [NOTE] No virus was found! Boot sector 'G:\' [NOTE] No virus was found! Boot sector 'H:\' [NOTE] No virus was found! Starting to scan the registry. The registry was scanned ( 40 files ). Starting the file scan: C:\pagefile.sys [WARNING] The file could not be opened! C:\Documents and Settings\Benoît\NTUSER.DAT [WARNING] The file could not be opened! C:\Documents and Settings\Benoît\ntuser.dat.LOG [WARNING] The file could not be opened! C:\Documents and Settings\Benoît\TBONWnd.EXE [DETECTION] Is the Trojan horse TR/Click.Agent.GV.3 [iNFO] The file was deleted! C:\Documents and Settings\Benoît\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat [WARNING] The file could not be opened! C:\Documents and Settings\Benoît\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG [WARNING] The file could not be opened! C:\Documents and Settings\Benoît\Local Settings\Temporary Internet Files\Content.IE5\4RN3UGD1\404[1].htm [DETECTION] Contains signature of the exploits EXP/MS05-013 [iNFO] The file was deleted! C:\Documents and Settings\Benoît\Local Settings\Temporary Internet Files\Content.IE5\4RN3UGD1\404[3].htm [DETECTION] Contains signature of the exploits EXP/MS05-013 [iNFO] The file was deleted! C:\Documents and Settings\Benoît\Local Settings\Temporary Internet Files\Content.IE5\BJ5JVD4W\404[1].htm [DETECTION] Contains signature of the exploits EXP/MS05-013 [iNFO] The file was deleted! C:\Documents and Settings\Benoît\Local Settings\Temporary Internet Files\Content.IE5\BLLNMEU5\404[1].htm [DETECTION] Contains signature of the exploits EXP/MS05-013 [iNFO] The file was deleted! C:\Documents and Settings\Benoît\Local Settings\Temporary Internet Files\Content.IE5\BLLNMEU5\404[2].htm [DETECTION] Contains signature of the exploits EXP/MS05-013 [iNFO] The file was deleted! C:\Documents and Settings\Benoît\Local Settings\Temporary Internet Files\Content.IE5\BLLNMEU5\404[3].htm [DETECTION] Contains signature of the exploits EXP/MS05-013 [iNFO] The file was deleted! C:\Documents and Settings\Benoît\Local Settings\Temporary Internet Files\Content.IE5\BLLNMEU5\404[4].htm [DETECTION] Contains signature of the exploits EXP/MS05-013 [iNFO] The file was moved to '455ac455.qua'! C:\Documents and Settings\Benoît\Local Settings\Temporary Internet Files\Content.IE5\ER63IX6Z\404[1].htm [DETECTION] Contains signature of the exploits EXP/MS05-013 [iNFO] The file was moved to '455ac458.qua'! C:\Documents and Settings\Benoît\Local Settings\Temporary Internet Files\Content.IE5\ER63IX6Z\404[2].htm [DETECTION] Contains signature of the exploits EXP/MS05-013 [iNFO] The file was deleted! C:\Documents and Settings\Benoît\Local Settings\Temporary Internet Files\Content.IE5\EY7NLGNV\404[2].htm [DETECTION] Contains signature of the exploits EXP/MS05-013 [iNFO] The file was deleted! C:\Documents and Settings\Benoît\Local Settings\Temporary Internet Files\Content.IE5\JRD33HSK\404[1].htm [DETECTION] Contains signature of the exploits EXP/MS05-013 [iNFO] The file was deleted! C:\Documents and Settings\Benoît\Local Settings\Temporary Internet Files\Content.IE5\JRD33HSK\404[2].htm [DETECTION] Contains signature of the exploits EXP/MS05-013 [iNFO] The file was deleted! C:\Documents and Settings\Benoît\Local Settings\Temporary Internet Files\Content.IE5\L51AB3T2\404[2].htm [DETECTION] Contains signature of the exploits EXP/MS05-013 [iNFO] The file was deleted! C:\Documents and Settings\Benoît\Local Settings\Temporary Internet Files\Content.IE5\LGK39X81\404[3].htm [DETECTION] Contains signature of the exploits EXP/MS05-013 [iNFO] The file was deleted! C:\Documents and Settings\Benoît\Local Settings\Temporary Internet Files\Content.IE5\M1R8LGNE\404[1].htm [DETECTION] Contains signature of the exploits EXP/MS05-013 [iNFO] The file was deleted! C:\Documents and Settings\Benoît\Local Settings\Temporary Internet Files\Content.IE5\MPJKX03I\404[1].htm [DETECTION] Contains signature of the exploits EXP/MS05-013 [iNFO] The file was deleted! C:\Documents and Settings\Benoît\Local Settings\Temporary Internet Files\Content.IE5\Q9ATUDEF\404[1].htm [DETECTION] Contains signature of the exploits EXP/MS05-013 [iNFO] The file was moved to '455ac47f.qua'! C:\Documents and Settings\Benoît\Local Settings\Temporary Internet Files\Content.IE5\Q9ATUDEF\404[2].htm [DETECTION] Contains signature of the exploits EXP/MS05-013 [iNFO] The file was moved to '455ac487.qua'! C:\Documents and Settings\Benoît\Local Settings\Temporary Internet Files\Content.IE5\Q9ATUDEF\404[3].htm [DETECTION] Contains signature of the exploits EXP/MS05-013 [iNFO] The file was moved to '455ac488.qua'! C:\Documents and Settings\Benoît\Local Settings\Temporary Internet Files\Content.IE5\S1W1Y7SP\404[1].htm [DETECTION] Contains signature of the exploits EXP/MS05-013 [iNFO] The file was moved to '455ac48b.qua'! C:\Documents and Settings\Benoît\Local Settings\Temporary Internet Files\Content.IE5\SZMDQBET\404[1].htm [DETECTION] Contains signature of the exploits EXP/MS05-013 [iNFO] The file was moved to '455ac48e.qua'! C:\Documents and Settings\Benoît\Local Settings\Temporary Internet Files\Content.IE5\TP4EZR1T\404[1].htm [DETECTION] Contains signature of the exploits EXP/MS05-013 [iNFO] The file was deleted! C:\Documents and Settings\Benoît\Local Settings\Temporary Internet Files\Content.IE5\W18BC7GV\404[1].htm [DETECTION] Contains signature of the exploits EXP/MS05-013 [iNFO] The file was deleted! C:\Documents and Settings\Benoît\Local Settings\Temporary Internet Files\Content.IE5\YHIJ2LMN\404[1].htm [DETECTION] Contains signature of the exploits EXP/MS05-013 [iNFO] The file was deleted! C:\Documents and Settings\NetworkService\NTUSER.DAT [WARNING] The file could not be opened! C:\Documents and Settings\NetworkService\ntuser.dat.LOG [WARNING] The file could not be opened! C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat [WARNING] The file could not be opened! C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG [WARNING] The file could not be opened! C:\EasyDivX\softs\ck.exe [DETECTION] Contains signature of the SPR/Tool.ProcKill.1 program [iNFO] The file was deleted! C:\Program Files\eMule\Incoming\Nero 6 Express Suite 2 OEM cracked version downloader.zip [0] Archive type: ZIP --> Nero 6 Express Suite 2 OEM cracked version downloader.exe [DETECTION] Contains a signature of the (dangerous) backdoor program BDS/MoSucker.BO Backdoor server programs [iNFO] The file was deleted! C:\Program Files\eMule\Incoming\Nero 6 Express Suite 2 OEM hacked activatior.rar [0] Archive type: RAR --> Nero 6 Express Suite 2 OEM hacked activatior.exe [DETECTION] Contains a signature of the (dangerous) backdoor program BDS/MoSucker.BO Backdoor server programs [iNFO] The file was deleted! C:\Program Files\eMule\Incoming\Nero 6 Express Suite 2 OEM key activator patch.rar [0] Archive type: RAR --> Nero 6 Express Suite 2 OEM key activator patch.exe [DETECTION] Contains a signature of the (dangerous) backdoor program BDS/MoSucker.BO Backdoor server programs [iNFO] The file was deleted! C:\Program Files\Norton AntiVirus\Quarantine\0DCC43C1 [DETECTION] Contains signature of the worm WORM/NetSky.P [iNFO] The file was moved to '4569cc17.qua'! C:\Program Files\Norton AntiVirus\Quarantine\264E6128 [DETECTION] Contains signature of the worm WORM/NetSky.P [iNFO] The file was deleted! C:\Program Files\Norton AntiVirus\Quarantine\32270BEA [DETECTION] Contains signature of the worm WORM/NetSky.AP [iNFO] The file was deleted! C:\Program Files\Norton AntiVirus\Quarantine\35E85AF2 [DETECTION] Contains signature of the worm WORM/NetSky.AP [iNFO] The file was deleted! C:\Program Files\Norton AntiVirus\Quarantine\42E230B3 [DETECTION] Contains signature of the worm WORM/NetSky.AP [iNFO] The file was deleted! C:\Program Files\Norton AntiVirus\Quarantine\578F10D8 [DETECTION] Contains signature of the worm WORM/NetSky.AP [iNFO] The file was deleted! C:\Program Files\Norton AntiVirus\Quarantine\5D955AF2 [DETECTION] Contains signature of the worm WORM/NetSky.AP [iNFO] The file was deleted! C:\Program Files\Norton AntiVirus\Quarantine\64A12DD4 [DETECTION] Contains signature of the worm WORM/NetSky.P [iNFO] The file was deleted! C:\Program Files\Norton AntiVirus\Quarantine\73E81353 [DETECTION] Contains signature of the worm WORM/NetSky.P [iNFO] The file was deleted! C:\Program Files\Norton AntiVirus\Quarantine\74B06E30 [DETECTION] Contains signature of the worm WORM/NetSky.P [iNFO] The file was deleted! C:\Program Files\Norton AntiVirus\Quarantine\763E4143 [DETECTION] Contains signature of the worm WORM/NetSky.P [iNFO] The file was deleted! C:\WINDOWS\system32\config\default [WARNING] The file could not be opened! C:\WINDOWS\system32\config\default.LOG [WARNING] The file could not be opened! C:\WINDOWS\system32\config\SAM [WARNING] The file could not be opened! C:\WINDOWS\system32\config\SAM.LOG [WARNING] The file could not be opened! C:\WINDOWS\system32\config\SECURITY [WARNING] The file could not be opened! C:\WINDOWS\system32\config\SECURITY.LOG [WARNING] The file could not be opened! C:\WINDOWS\system32\config\software [WARNING] The file could not be opened! C:\WINDOWS\system32\config\software.LOG [WARNING] The file could not be opened! C:\WINDOWS\system32\config\system [WARNING] The file could not be opened! C:\WINDOWS\system32\config\system.LOG [WARNING] The file could not be opened! C:\WINDOWS\system32\drivers\atapi.sys [WARNING] The file could not be opened! C:\WINDOWS\Win32\dll\Win32k.exe [DETECTION] Contains signature of the SPR/Hideit.A program [iNFO] The file was moved to '4594d2f7.qua'! D:\Nouveau dossier (2)\Nero 6 DVD-Video Plugin\[ CD and DVD Appz ] Nero MPEG2 Video Codec Plugin.exe [DETECTION] Contains suspicious code HEUR/Crypted [iNFO] The file was moved to '4569d3be.qua'! D:\Program Files\[ CD and DVD Appz ] Nero MPEG2 Video Codec Plugin.exe [DETECTION] Contains suspicious code HEUR/Crypted [iNFO] The file was moved to '4569d3d8.qua'! D:\Temp\Office 2003 Activation Crack(1).zip [0] Archive type: ZIP --> Office 2003 Crack All Versions.exe [DETECTION] Contains signature of the worm WORM/Mapson [iNFO] The file was moved to '458cd7ac.qua'! D:\Temp\[ CD and DVD Appz ] Nero MPEG2 Video Codec Plugin.exe [DETECTION] Contains suspicious code HEUR/Crypted [iNFO] The file was deleted! F:\media\courtmetr\All Codecs and Decompressors - DivX 5, DivX PRO, XviD, MPEG 4, Nimo Codec Pack, mpeg4, I263, mp42, mjpg, MP43, IV51, IV50, IV32, IV45, VCR1, VCR2, DIV.ace [0] Archive type: ACE --> All Codecs and Decompressors - DivX 5, DivX PRO, XviD, MPEG 4, Nimo Codec Pack, mpeg4, I263, mp42, mjpg, MP43, IV51, IV50, IV32, IV45, VCR1, VCR2, DIV [WARNING] Error creating the file [WARNING] Error creating the file H:\temp\Nero 6 DVD-Video Plugin\[ CD and DVD Appz ] Nero MPEG2 Video Codec Plugin.exe [DETECTION] Contains suspicious code HEUR/Crypted [iNFO] The file was deleted! H:\attentecla\Nouveau dossier (2)\Microsoft Office Pro 2003 Keygen Activation Crack.rar [0] Archive type: RAR --> Office 2003 Activation Crack(1).zip [1] Archive type: ZIP --> Office 2003 Crack All Versions.exe [DETECTION] Contains signature of the worm WORM/Mapson [iNFO] The file was deleted! End of the scan: samedi 7 octobre 2006 10:11 Used time: 11:17:25 min The scan has been done completely. 7166 Scanning directories 440746 Files were scanned 47 viruses and/or unwanted programs were found 35 files were deleted 0 files were repaired 12 files were moved to quarantine 0 files were renamed 3798 Archives were scanned 23 Warnings 9 Notes Merci d'avance B
- le 8 octobre 2006
- 5 réponses
beng

moscou a posté un sujet dans Analyses et éradication malwares

Bonjour, bonsoir, Voici le dernier log hijackthis aprés avoir scanner les disques avec anitivir et sous mode demarrage sans echec. mon PC était infecté par sysupd et ILN.exe, et bien sur baucoup d'autre... Pouvez vous me donner un coup de main, SVP. Merci d'avance Logfile of HijackThis v1.99.1 Scan saved at 13:57:35, on 07/10/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\System32\drivers\CDAC11BA.EXE C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\system32\WgaTray.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\SOUNDMAN.EXE D:\Program Files\D-Tools\daemon.exe D:\Program Files\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe C:\WINDOWS\System32\USB_Kbd\Versato.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\system32\MMTrayLSI.exe C:\WINDOWS\system32\MMTray2k.exe C:\WINDOWS\system32\MMTray.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe C:\Program Files\Winamp\winampa.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Sysupd\sysupd.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\Sysupd\projects\www.climateprediction.net\hadcm3trans_5.15_windows_intelx86.exe C:\Program Files\TBONBin\tbon.exe C:\WINDOWS\system32\Sysupd\projects\www.ufluids.net\evolver_4.10_windows_intelx86.exe C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe D:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe C:\Program Files\SAGEM\SAGEM F@st800\dslmon.exe C:\Program Files\Trend Micro\Tmas\Tmas.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\Sysupd\projects\www.climateprediction.net\hadcm3transum_5.15_windows_intelx86.exe C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe C:\Program Files\hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.club-internet.fr/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.rsac.org/ratingsv01.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\ycomp5_6_2_0.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - D:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\ycomp5_6_2_0.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [DAEMON Tools-1033] "D:\Program Files\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [AdobeVersionCue] D:\Program Files\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe O4 - HKLM\..\Run: [Versato] C:\WINDOWS\System32\USB_Kbd\Versato.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [Win32] C:\Win32\dll\Win32k.exe -starthide C:\Win32\dll\Win32.exe -local O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [MMTrayLSI] MMTrayLSI.exe O4 - HKLM\..\Run: [MMTray2K] MMTray2k.exe O4 - HKLM\..\Run: [MMTray] MMTray.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon O4 - HKLM\..\Run: [semanticInsight] C:\Program Files\RXToolBar\Semantic Insight\SemanticInsight.exe O4 - HKLM\..\Run: [system ##32] C:\WINDOWS\system32\luw32\iln.exe O4 - HKLM\..\Run: [system Updater] C:\WINDOWS\system32\Sysupd\sysupd.exe -detach O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet O4 - HKCU\..\Run: [tbon] C:\Program Files\TBONBin\tbon.exe /r O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: Club-Internet.lnk = C:\Program Files\Club-Internet\Lanceur\lanceur.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Assistant d'Acrobat.lnk = D:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe O4 - Global Startup: DSLMON.lnk = ? O4 - Global Startup: Trend Micro Anti-Spyware.lnk = C:\Program Files\Trend Micro\Tmas\Tmas.exe O8 - Extra context menu item: &Search - http://ko.bar.need2find.com/KO/menusearch.html?p=KO O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {2D2BEE6E-3C9A-4D58-B9EC-458EDB28D0F6} - http://www.drivecleaner.com/.freeware/inst...leanerstart.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} - http://paris.tourismeville.wanadoo.fr/acti...sCamControl.cab O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AdobeVersionCue - Adobe Sytems - D:\Program Files\Adobe\Adobe Version Cue\service\VersionCue.exe O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
- le 7 octobre 2006
- 5 réponses
sysupd et iln.exe

moscou a répondu à un(e) sujet de moscou dans Analyses et éradication malwares

Merci, je prend note et je vais essayer tout ça, A+ B
- le 6 octobre 2006
- 2 réponses
sysupd et iln.exe

moscou a posté un sujet dans Analyses et éradication malwares

Bonjour, bonsoir, Aprés avoir effectueé différend anti virus et anti spy (secuser.com, spybot, cwsshreder et ad-aware) j'ai toujours un gestionnaire des taches qui est "acces refuse par l'administrateur et un iln.exe qui veut envoyer un message d'erreur système au moment ou je lance internet explorer pour la première fois. Le gestionnaire des tache remarche si je scan et netoye avec Ad-aware, et inernet explorer marche aprés la fermeture du message ILN.exe. Aussi dans le gestionnaire des taches je trouve sysupd.exe en processus. Voici le dernier log de hijackthis, si vous pouvez me dire ce que je dois nettoyer, merci a tous, Logfile of HijackThis v1.99.1 Scan saved at 22:13:53, on 05/10/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\drivers\CDAC11BA.EXE C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\WgaTray.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\SOUNDMAN.EXE D:\Program Files\D-Tools\daemon.exe D:\Program Files\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe C:\WINDOWS\System32\USB_Kbd\Versato.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\system32\MMTrayLSI.exe C:\WINDOWS\system32\MMTray2k.exe C:\WINDOWS\system32\MMTray.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe C:\Program Files\Winamp\winampa.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Yahoo!\Messenger\ypager.exe C:\Program Files\TBONBin\tbon.exe C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe D:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe C:\Program Files\SAGEM\SAGEM F@st800\dslmon.exe C:\Program Files\WinZip\WZQKPICK.EXE C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\tmp\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.club-internet.fr/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.rsac.org/ratingsv01.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file) O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\ycomp5_6_2_0.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: URLLink - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - C:\Program Files\NewDotNet\newdotnet7_22.dll O2 - BHO: Need2Find Bar BHO - {4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} - C:\Program Files\Need2Find\bar\1.bin\ND2FNBAR.DLL O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - D:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\ycomp5_6_2_0.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [DAEMON Tools-1033] "D:\Program Files\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [AdobeVersionCue] D:\Program Files\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe O4 - HKLM\..\Run: [Versato] C:\WINDOWS\System32\USB_Kbd\Versato.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [Win32] C:\Win32\dll\Win32k.exe -starthide C:\Win32\dll\Win32.exe -local O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [MMTrayLSI] MMTrayLSI.exe O4 - HKLM\..\Run: [MMTray2K] MMTray2k.exe O4 - HKLM\..\Run: [MMTray] MMTray.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Norton Antivirus AV] C:\WINDOWS\FVProtect.exe O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL,ClientStartup -s O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon O4 - HKLM\..\Run: [navapp] C:\Program Files\NavExcel\NavHelper\v2.0.4d\navapp.exe O4 - HKLM\..\Run: [AltnetPointsManager] c:\program files\altnet\points manager\points manager.exe -s O4 - HKLM\..\Run: [semanticInsight] C:\Program Files\RXToolBar\Semantic Insight\SemanticInsight.exe O4 - HKLM\..\Run: [system ##32] C:\WINDOWS\system32\luw32\iln.exe O4 - HKLM\..\Run: [system Updater] C:\WINDOWS\system32\Sysupd\sysupd.exe -detach O4 - HKLM\..\RunOnce: [system ##32] C:\WINDOWS\system32\luw32\iln.exe /RunOnce O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet O4 - HKCU\..\Run: [tbon] C:\Program Files\TBONBin\tbon.exe /r O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: Club-Internet.lnk = C:\Program Files\Club-Internet\Lanceur\lanceur.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Assistant d'Acrobat.lnk = D:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe O4 - Global Startup: DSLMON.lnk = ? O4 - Global Startup: GStartup.lnk = C:\Program Files\Fichiers communs\GMT\GMT.exe O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O8 - Extra context menu item: &Search - http://ko.bar.need2find.com/KO/menusearch.html?p=KO O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O8 - Extra context menu item: Ebates. - file://C:\Program Files\EbatesMoeMoneyMaker4\ebatessmmm\ebatestmmm\ebmmC0.htm O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: Ebates - {F2B441CC-E026-47fb-BDC3-A07750FA3D2C} - file://C:\Program Files\EbatesMoeMoneyMaker4\ebatessmmm\ebatestmmm\ebmmC0.htm (HKCU) O10 - Hijacked Internet access by New.Net O10 - Hijacked Internet access by New.Net O10 - Hijacked Internet access by New.Net O10 - Hijacked Internet access by New.Net O10 - Hijacked Internet access by New.Net O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} - O16 - DPF: {2D2BEE6E-3C9A-4D58-B9EC-458EDB28D0F6} - http://www.drivecleaner.com/.freeware/inst...leanerstart.cab O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://paris.tourismeville.wanadoo.fr/acti...sCamControl.cab O18 - Filter: text/html - (no CLSID) - (no file) O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AdobeVersionCue - Adobe Sytems - D:\Program Files\Adobe\Adobe Version Cue\service\VersionCue.exe O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe merci encore B
- le 6 octobre 2006
- 2 réponses

Connexion

moscou

Compteur de contenus

Inscription

Dernière visite

Autres informations

moscou's Achievements

Junior Member (3/12)

Réputation sur la communauté

mise en route de outlook et internet explorer impossible, raccourcis q

mise en route de outlook et internet explorer impossible, raccourcis q

mise en route de outlook et internet explorer impossible, raccourcis q

erreur au démarrage des raccourcis, de outlook et pas de restauration

erreur au démarrage des raccourcis, de outlook et pas de restauration

plus aucun racourci fonctionne

erreur au démarrage des raccourcis, de outlook et pas de restauration

erreur au démarrage des raccourcis, de outlook et pas de restauration

beng

beng

beng

sysupd et iln.exe

sysupd et iln.exe

Zebulon

Outils en ligne

Naviguer