Sujet Précédent Sujet Suivant

RUndll entrée manquante:run (vista)

Résolu/Fermé
grosprob Messages postés 10 Date d'inscription vendredi 15 février 2008 Statut Membre Dernière intervention 22 février 2008 - 15 févr. 2008 à 16:10
 piper - 31 août 2008 à 02:23
Bonjour,Tout le monde.J'ai un problème sur mon ordi je ne sais comment le resoudre voici mon prob:
Erreur dans c:\users\WIJEKU~1\APPData\Local\temp\tlqwdcr.dll
Entrée manquante:run
il y a que internet et les programmes qui marchent.lorsque j'ouvre un dossier il y a juste l'arrière plan du bureau rien d'autre.
Aide svp!!

17 réponses

Réponse 1 / 17
grosprob Messages postés 10 Date d'inscription vendredi 15 février 2008 Statut Membre Dernière intervention 22 février 2008 1
17 févr. 2008 à 20:38
Soupcon Faut créer un nouveau compte c'est tout,CA marche hehe!!
1
Réponse 2 / 17
Bertrand du net Messages postés 435 Date d'inscription lundi 17 décembre 2007 Statut Membre Dernière intervention 18 juin 2009 181
15 févr. 2008 à 17:40
Hello
pour ton probleme avec vista essai un petit retour à la derniere bonne config connue, via F8
0
Réponse 3 / 17
grosprob Messages postés 10 Date d'inscription vendredi 15 février 2008 Statut Membre Dernière intervention 22 février 2008 1
15 févr. 2008 à 18:02
je l'ai deja fait,le prob y est encore!
0
Réponse 4 / 17
grosprob Messages postés 10 Date d'inscription vendredi 15 février 2008 Statut Membre Dernière intervention 22 février 2008 1
15 févr. 2008 à 18:38
J'ai fait un scan avec hijack:




Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:36:30, on 15.02.2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16609)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Search Settings\SearchSettings.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\svasu\svasu.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\VoipCheapCom\VoipCheapCom.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Users\wijekumar\AppData\Local\hssnuc.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\DllHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.homepageback.com/?cm=38062<=1&it=2008-01-12%2018%3A54%3A36&dt=2008-02-07%2006%3A20%3A32&q=http://ch.msn.com/?lang=fr-ch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\2.bin\MWSSRCAS.DLL
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: lankasri Toolbar - {98c3d26c-a02b-40ae-a8c5-c2a2d681e5ea} - C:\Program Files\lankasri\tblank.dll
O1 - Hosts: ::1 localhost
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\2.bin\MWSSRCAS.DLL
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: lankasri Toolbar - {98c3d26c-a02b-40ae-a8c5-c2a2d681e5ea} - C:\Program Files\lankasri\tblank.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: (no name) - {BA0BACB5-FC95-451E-94D2-4959AB0949D2} - (no file)
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: TBSB09819 - {DC77F23E-1D48-4238-9776-B705F92073FB} - C:\Program Files\DesktopFun Toolbar\tbu02754\desktopfuntoolbar.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb125\SearchSettings.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: lankasri Toolbar - {98c3d26c-a02b-40ae-a8c5-c2a2d681e5ea} - C:\Program Files\lankasri\tblank.dll
O3 - Toolbar: DesktopFun Toolbar - {BFB5F154-9212-46F3-B547-AC6106030A54} - C:\Program Files\DesktopFun Toolbar\tbu02754\desktopfuntoolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
O4 - HKLM\..\Run: [runner1] C:\Windows\mrofinu1280.exe 61A847B5BBF72813309338466188719AB689201522886B092CBD44BD8689220221DD3257
O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKLM\..\Run: [svasu] C:\Program Files\svasu\svasu.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [VoipCheapCom] "C:\Program Files\VoipCheapCom\VoipCheapCom.exe" -nosplash -minimized
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [hssnuc] c:\users\wijekumar\appdata\local\hssnuc.exe hssnuc
O4 - HKCU\..\Run: [cmds] rundll32.exe C:\Users\WIJEKU~1\AppData\Local\Temp\nnlkk.dll,c
O4 - HKCU\..\Run: [MS Juan] rundll32 "C:\Users\WIJEKU~1\AppData\Local\Temp\nrnysrkm.dll",run
O4 - HKCU\..\Run: [24091c4d] rundll32.exe "C:\Users\WIJEKU~1\AppData\Local\Temp\tdwytymr.dll",b
O4 - HKCU\..\Run: [HijackThis startup scan] C:\Program Files\Trend Micro\HijackThis\HijackThis.exe /startupscan
O4 - HKLM\..\Policies\Explorer\Run: [some] C:\Program Files\Video Add-on\icthis.exe
O4 - HKLM\..\Policies\Explorer\Run: [start] C:\Program Files\Video Add-on\isfmntr.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - (no file)
O9 - Extra button: (no name) - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.updatesgate.com/redirect.php (file missing)
O9 - Extra 'Tools' menuitem: IE Anti-Spyware - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.updatesgate.com/redirect.php (file missing)
O13 - Gopher Prefix:
O15 - Trusted Zone: www.tamilmasalaz.com
O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) - http://www.maalaimalar.com/wfplayer/tdserver.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onecare.live.com/resource/download/scanner/fr-ch/wlscctrl2.cab
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) - http://dl.tvunetworks.com/TVUAx.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-CH/a-UNO1/GAME_UNO1.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ManageEngine EventLog Analyzer 4.0 (eventloganalyzer) - Unknown owner - C:\AdventNet\ME\EventLog\bin\wrapper.exe (file missing)
O23 - Service: gearsec - GEAR Software - C:\Windows\system32\gearsec.exe
O23 - Service: GoogleDesktopManager - Unknown owner - C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 17
soupcon
16 févr. 2008 à 18:53
méme probleme mais avec vtbawupu.dll entrée run manquante
0
Réponse 6 / 17
grosprob Messages postés 10 Date d'inscription vendredi 15 février 2008 Statut Membre Dernière intervention 22 février 2008 1
16 févr. 2008 à 19:25
soupcon t'avais un virus ou un cheval de troie?Et t'as quoi comme anti-virus?
Moi c'est avast quil a surement effacer le dll. J'avai un cheval de troie.
A L'AIDE A L'AIDE AU SECOURS LES PROBS SE MULTIPLIENT.!!!!!
0
Réponse 7 / 17
fofie56
18 févr. 2008 à 12:00
bonjour!

j'ai le même pb avec vista ms moi je suis nul en info. j'ai selectionné le rapport et le voici mais après je c pas cmt faire.


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:22:38, on 16/02/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16609)
Boot mode: Safe mode

Running processes:
C:\Windows\Explorer.EXE
C:\Users\Sébastien\Desktop\test.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.fr.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\SearchURLHook\SearchPageURL.dll
R3 - URLSearchHook: Best Security Tips Toolbar - {da30eff8-ccc6-4162-a20d-67402a26a215} - C:\Program Files\Best_Security_Tips\tbBest.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Best Security Tips Toolbar - {da30eff8-ccc6-4162-a20d-67402a26a215} - C:\Program Files\Best_Security_Tips\tbBest.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Best Security Tips Toolbar - {da30eff8-ccc6-4162-a20d-67402a26a215} - C:\Program Files\Best_Security_Tips\tbBest.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [ALaunch] C:\Acer\ALaunch\AlaunchClient.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [eDSMSNfix] C:\Acer\Empowering Technology\eDSMSNfix.exe
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [SetPanel] C:\Acer\APanel\APanel.cmd
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\Orange\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\Orange\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [Spyware-Secure] C:\Program Files\Spyware-Secure\Spyware-Secure_trial.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [MSServer] rundll32.exe C:\Windows\system32\qomkkkj.dll,#1
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray
O4 - HKCU\..\Run: [coqutwe] c:\users\sébastien\appdata\local\coqutwe.exe coqutwe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [cmds] rundll32.exe C:\Users\SBASTI~1\AppData\Local\Temp\pmkjj.dll,c
O4 - HKCU\..\Run: [MS Juan] rundll32 "C:\Users\SBASTI~1\AppData\Local\Temp\ropvfmou.dll",run
O4 - HKCU\..\Run: [4c001249] rundll32.exe "C:\Users\SBASTI~1\AppData\Local\Temp\rapleocv.dll",b
O4 - HKCU\..\Run: [MSServer] rundll32.exe C:\Users\SBASTI~1\AppData\Local\Temp\mljge.dll,#1
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Startup: LimeWire Turbo Accelerator.lnk = C:\Program Files\LimeWire Turbo Accelerator\LimeWire Turbo Accelerator.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-c18c49f6c1e45671.spaces.live.com/PhotoUpload/VistaMsnPUpldfr-fr.cab
O20 - AppInit_DLLs: eNetHook.dll
O23 - Service: ALaunch Service (ALaunchService) - Unknown owner - C:\Acer\ALaunch\ALaunchSvc.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Validation de mot de passe Symantec IS (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
0
Réponse 8 / 17
aromain10
18 févr. 2008 à 22:41
moi aussi c' est comme vous

aidez nous
0
Réponse 9 / 17
Jex L
21 févr. 2008 à 16:46
Moi ausi j'avais un gros problème. Audémarrage de Windows Vista, message d'erreur entrée manquant: run. Imposible d'ouvrir desdossiers avec explorateur Windows. TelechargeAVG 7.5 antivius. Prevoir 4 heures de scan et pour moi ton problème disparaitra enfin moi ça a marché.
0
Réponse 10 / 17
aromain10
21 févr. 2008 à 18:54
ok j' essaye
0
Réponse 11 / 17
grosprob Messages postés 10 Date d'inscription vendredi 15 février 2008 Statut Membre Dernière intervention 22 février 2008 1
22 févr. 2008 à 22:04
oé JEX a raison faut avoir AVG si vous avez avast et que vous etes nul en info SUPRIMMER LE!
ET Après un scan complete de AVG le probleme sera resolue.
0
Réponse 12 / 17
aromain10
24 févr. 2008 à 15:14
il faut que je désinstalle avast?
0
Réponse 13 / 17
Katsuhono
29 févr. 2008 à 01:26
J'ai un probleme avec trnqgash.dll , cela m'empeche d'ouvire Windows Explorer, j'ai essayer avec Msconfig je ne l'ai pas trouver regedit nan plus, aidez moi please !
0
Réponse 14 / 17
kamui
6 mars 2008 à 19:24
Bonjour,
J ai un souci quand j'allume mon ordinateur il y a ça qui apparait :
C:\Users\AZIZAH~1\AppData\Local\Temp\fpisivsn.dll
Entrée manquante : run

J ai fais un scan avec Hijackthis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:10:45, on 06/03/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16609)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\rundll32.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Program Files\Launch Manager\LaunchAp.exe
C:\Program Files\Launch Manager\HotkeyApp.exe
C:\Program Files\Launch Manager\OSDCtrl.exe
C:\Program Files\Launch Manager\WButton.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
C:\Windows\ehome\ehmsas.exe
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll (file missing)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [BisonInst0402] C:\Windows\BR040286.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [LaunchAp] "C:\Program Files\Launch Manager\LaunchAp.exe"
O4 - HKLM\..\Run: [PowerKey] "C:\Program Files\Launch Manager\PowerKey.exe"
O4 - HKLM\..\Run: [LManager] "C:\Program Files\Launch Manager\HotkeyApp.exe"
O4 - HKLM\..\Run: [LMgrOSD] "C:\Program Files\Launch Manager\OSDCtrl.exe"
O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Microsoft] iexplorer.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\RunServices: [Microsoft] iexplorer.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [MSServer] rundll32.exe C:\Users\AZIZAH~1\AppData\Local\Temp\vtsqr.dll,#1
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [cmds] rundll32.exe C:\Users\AZIZAH~1\AppData\Local\Temp\byxvw.dll,c
O4 - HKCU\..\Run: [MS Juan] rundll32 "C:\Users\AZIZAH~1\AppData\Local\Temp\fpisivsn.dll",run
O4 - HKCU\..\Run: [2aa81b5c] rundll32.exe "C:\Users\AZIZAH~1\AppData\Local\Temp\mhbpdvhd.dll",b
O4 - HKCU\..\Run: [BM299b28c0] Rundll32.exe "C:\Users\AZIZAH~1\AppData\Local\Temp\vrwqiaow.dll",s
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll (file missing)
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Users\aziz ahammout\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing)
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O13 - Gopher Prefix:
O15 - Trusted Zone: *.moove.com
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O20 - AppInit_DLLs: eNetHook.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: WisLMSvc - Wistron Corp. - C:\Program Files\Launch Manager\WisLMSvc.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
0
Réponse 15 / 17
kamui
6 mars 2008 à 19:26
et voici le scan de combofix
aidez moi svp!!!!!!!!!!!!!!

ComboFix 08-03-05.3 - aziz ahammout 2008-03-06 19:18:30.1 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6000.0.1252.1.1036.18.1050 [GMT 1:00]
Endroit: C:\Users\aziz ahammout\Contacts\Desktop\ComboFix.exe
* Création d'un nouveau point de restauration
.

((((((((((((((((((((((((((((( Fichiers créés 2008-02-06 to 2008-03-06 ))))))))))))))))))))))))))))))))))))
.

Pas de nouveau fichier créé dans cet espace de temps

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-06 18:10 --------- d-----w C:\Program Files\Trend Micro
2008-03-06 18:03 --------- d-----w C:\Program Files\Nolmë Informatique
2008-03-06 17:41 43,515 ----a-w C:\Users\aziz ahammout\AppData\Roaming\nvModes.dat
2008-03-06 17:34 --------- d-----w C:\Program Files\InterActual
2008-03-03 16:27 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-03-03 15:39 --------- d-----w C:\Users\aziz ahammout\AppData\Roaming\Azureus
2008-03-03 15:39 --------- d-----w C:\ProgramData\Symantec
2008-03-03 15:38 --------- d-----w C:\Program Files\Symantec
2008-03-03 15:29 --------- d-----w C:\Program Files\Alwil Software
2008-02-26 20:00 --------- d-----w C:\Program Files\MSN Messenger
2008-02-26 19:49 --------- d-----w C:\ProgramData\WLInstaller
2008-02-26 18:20 --------- dcsh--w C:\Program Files\Common Files\WindowsLiveInstaller
2008-02-26 12:09 --------- d-----w C:\Users\aziz ahammout\AppData\Roaming\AVG7
2008-02-25 22:13 --------- d-----w C:\ProgramData\avg7
2008-02-25 20:59 --------- d-----w C:\ProgramData\Grisoft
2008-02-25 09:26 --------- d-----w C:\Program Files\Windows Live
2008-02-25 09:23 --------- d-----w C:\Program Files\Microsoft SQL Server Compact Edition
2008-02-24 13:10 --------- d-----w C:\ProgramData\Skype
2008-02-24 00:17 32 ----a-w C:\Users\All Users\ezsid.dat
2008-02-24 00:17 32 ----a-w C:\ProgramData\ezsid.dat
2008-02-24 00:17 --------- d-----w C:\Users\aziz ahammout\AppData\Roaming\skypePM
2008-02-20 18:08 142 ----a-w C:\Users\aziz ahammout\AppData\Roaming\wklnhst.dat
2008-02-19 16:33 --------- d-----w C:\ProgramData\Microsoft Help
2008-02-19 14:50 --------- d-----w C:\Program Files\ICQToolbar
2008-02-18 23:01 --------- d-----w C:\Users\aziz ahammout\AppData\Roaming\ICQ Toolbar
2008-02-18 22:13 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-18 22:12 --------- d-----w C:\Program Files\ICQ6
2008-02-13 02:12 194,560 ----a-w C:\Windows\System32\WebClnt.dll
2008-02-13 02:12 110,080 ----a-w C:\Windows\system32\drivers\mrxdav.sys
2008-02-13 02:10 613,888 ----a-w C:\Windows\System32\wpd_ci.dll
2008-02-13 02:10 6,656 ----a-w C:\Windows\System32\kbd106n.dll
2008-02-13 02:10 558,080 ----a-w C:\Windows\System32\oleaut32.dll
2008-02-13 02:10 260,096 ----a-w C:\Windows\System32\dpx.dll
2008-02-13 02:10 224,824 ----a-w C:\Windows\System32\clfs.sys
2008-02-13 02:10 221,696 ----a-w C:\Windows\System32\umpnpmgr.dll
2008-02-13 02:10 19,456 ----a-w C:\Windows\System32\cfgmgr32.dll
2008-02-13 02:10 101,888 ----a-w C:\Windows\System32\drvinst.exe
2008-02-13 02:10 1,585,664 ----a-w C:\Windows\System32\setupapi.dll
2008-02-13 02:06 45,112 ----a-w C:\Windows\system32\drivers\pciidex.sys
2008-02-13 02:06 3,504,696 ----a-w C:\Windows\System32\ntkrnlpa.exe
2008-02-13 02:06 3,470,392 ----a-w C:\Windows\System32\ntoskrnl.exe
2008-02-13 02:06 24,064 ----a-w C:\Windows\System32\netcfg.exe
2008-02-13 02:06 216,632 ----a-w C:\Windows\system32\drivers\netio.sys
2008-02-13 02:06 21,560 ----a-w C:\Windows\system32\drivers\atapi.sys
2008-02-13 02:06 17,464 ----a-w C:\Windows\system32\drivers\intelide.sys
2008-02-13 02:06 154,624 ----a-w C:\Windows\system32\drivers\nwifi.sys
2008-02-13 02:06 109,624 ----a-w C:\Windows\system32\drivers\ataport.sys
2008-02-13 02:05 803,328 ----a-w C:\Windows\system32\drivers\tcpip.sys
2008-02-13 02:05 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
2008-02-13 02:05 449,536 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-02-13 02:05 4,247,552 ----a-w C:\Windows\System32\GameUXLegacyGDFs.dll
2008-02-13 02:05 22,016 ----a-w C:\Windows\System32\netiougc.exe
2008-02-13 02:05 2,144,256 ----a-w C:\Windows\AppPatch\AcGenral.dll
2008-02-13 02:05 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-02-13 02:05 167,424 ----a-w C:\Windows\System32\tcpipcfg.dll
2008-02-13 02:05 1,686,528 ----a-w C:\Windows\System32\gameux.dll
2008-02-13 02:02 824,832 ----a-w C:\Windows\System32\wininet.dll
2008-02-13 02:02 56,320 ----a-w C:\Windows\System32\iesetup.dll
2008-02-13 02:02 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
2008-02-13 02:02 26,624 ----a-w C:\Windows\System32\ieUnatt.exe
2008-02-09 15:05 --------- d-----w C:\Users\aziz ahammout\AppData\Roaming\SecondLife
2008-02-07 22:42 --------- d-----w C:\Program Files\DivX
2008-02-07 22:13 --------- d-----w C:\Users\aziz ahammout\AppData\Roaming\Yahoo!
2008-02-07 22:13 --------- d-----w C:\ProgramData\Yahoo! Companion
2008-02-07 22:13 --------- d-----w C:\Program Files\Yahoo!
2008-02-03 21:06 --------- d-----w C:\Program Files\OpenOffice.org 2.3
2008-02-03 21:05 --------- d-----w C:\Users\aziz ahammout\AppData\Roaming\OpenOffice.org2
2008-02-01 17:44 --------- d-----w C:\Users\aziz ahammout\AppData\Roaming\Template
2008-01-19 13:42 --------- d-----w C:\Program Files\Common Files\Adobe Systems Shared
2008-01-19 12:39 --------- d-----w C:\Program Files\Common Files\Adobe
2008-01-19 12:36 --------- d-----w C:\Program Files\fond-ecran-wallpaper
2008-01-18 20:43 --------- d-----w C:\Program Files\InterVideo
2008-01-18 20:43 --------- d-----w C:\Program Files\Common Files\InterVideo
2008-01-18 20:42 --------- d-----w C:\Program Files\Creative
2008-01-17 21:58 --------- d-----w C:\ProgramData\Adobe Systems
2008-01-11 18:20 81,920 ----a-w C:\Windows\System32\W32N50.dll
2008-01-11 18:20 17,134 ----a-w C:\Windows\System32\PCANDIS5.sys
2008-01-10 05:50 1,244,672 ----a-w C:\Windows\System32\mcmde.dll
2008-01-10 02:09 --------- d-----w C:\Program Files\Windows Mail
2008-01-10 02:08 --------- d-----w C:\Program Files\Windows Sidebar
2008-01-10 02:03 211,000 ----a-w C:\Windows\system32\drivers\volsnap.sys
2008-01-10 02:03 1,060,920 ----a-w C:\Windows\system32\drivers\ntfs.sys
2008-01-10 02:02 11,776 ----a-w C:\Windows\System32\sbunattend.exe
2008-01-07 14:17 --------- d-----w C:\ProgramData\NtiDvdCopy
2007-12-12 21:56 9,728 ----a-w C:\Windows\System32\LAPRXY.DLL
2007-12-12 21:56 223,232 ----a-w C:\Windows\System32\WMASF.DLL
2007-12-12 21:56 1,327,104 ----a-w C:\Windows\System32\quartz.dll
2007-10-14 11:05 174 --sha-w C:\Program Files\desktop.ini
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-10 03:02 1232896]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2006-11-02 13:35 125440]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 13:36 201728]
"cmds"="C:\Users\AZIZAH~1\AppData\Local\Temp\byxvw.dll" [2008-03-06 17:59 292352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2007-10-14 11:54 1006264]
"RtHDVCpl"="RtHDVCpl.exe" [2006-11-09 19:57 3784704 C:\Windows\RtHDVCpl.exe]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-10-23 20:00 815104]
"Acer Tour"="" []
"BisonInst0402"="C:\Windows\BR040286.exe" [2007-03-21 22:16 56112]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-02-27 20:26 90191]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-02-27 20:26 7770112]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-02-27 20:26 81920]
"eDataSecurity Loader"="C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2007-02-06 23:04 464168]
"LaunchAp"="C:\Program Files\Launch Manager\LaunchAp.exe" [2005-07-25 12:36 32768]
"PowerKey"="C:\Program Files\Launch Manager\PowerKey.exe" [ ]
"LManager"="C:\Program Files\Launch Manager\HotkeyApp.exe" [2007-01-10 10:34 200704]
"LMgrOSD"="C:\Program Files\Launch Manager\OSDCtrl.exe" [2006-08-29 08:26 241664]
"Wbutton"="C:\Program Files\Launch Manager\Wbutton.exe" [2006-11-09 13:37 86016]
"eRecoveryService"="" []
"WarReg_PopUp"="C:\Acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 20:48 57344]
"Acer Tour Reminder"="C:\Acer\AcerTour\Reminder.exe" [2007-01-17 08:01 151552]
"Symantec PIF AlertEng"="C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2007-03-12 09:22 517768]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11 132496]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2007-12-03 21:04 185896]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]
"Microsoft"="iexplorer.exe" []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 03:44:06 29696]
Empowering Technology Launcher.lnk - C:\Acer\Empowering Technology\eAPLauncher.exe [2007-03-26 21:24:56 528384]
InterVideo WinCinema Manager.lnk - C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe [2008-01-18 21:43:28 212992]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"LogonHoursAction"= 2 (0x2)
"DontDisplayLogonHoursWarnings"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=eNetHook.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000001
"InternetSettingsDisableNotify"=dword:00000001
"AutoUpdateDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{4B1792D5-CE8F-4B56-8BCD-C9A8A09B9225}"= UDP:C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\MCE Deluxe Suite.exe:CyberLink MCE Deluxe Suite
"{77A34628-FB1B-4326-9F10-C1673664B752}"= TCP:C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\MCE Deluxe Suite.exe:CyberLink MCE Deluxe Suite
"{69142319-129A-42BC-9DFD-F8BAA47C5AA3}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{30011F44-8BEC-46E5-A194-71F7BA331C6C}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"TCP Query User{4C2DFD7F-5F0C-4517-9866-AF3638F15F05}C:\program files\azureus\azureus.exe"= UDP:C:\program files\azureus\azureus.exe:Azureus|Desc=Azureus
"UDP Query User{373B5555-8B3E-4F20-9BCF-20582DE82687}C:\program files\azureus\azureus.exe"= TCP:C:\program files\azureus\azureus.exe:Azureus|Desc=Azureus
"TCP Query User{69DE9923-EBD2-4A16-88C7-5A0601A61C59}C:\program files\azureus\azureus.exe"= UDP:C:\program files\azureus\azureus.exe:Azureus|Desc=Azureus
"UDP Query User{41FA6826-DF8C-42C1-81F9-222FAF669227}C:\program files\azureus\azureus.exe"= TCP:C:\program files\azureus\azureus.exe:Azureus|Desc=Azureus
"{6AB8005F-1775-4386-AF26-A5639A82BFA6}"= UDP:C:\Program Files\Sports Interactive\Football Manager 2008\fm.exe:Football Manager 2008
"{20C3C835-E0B5-4F1C-A619-E6BCA73DDA1E}"= TCP:C:\Program Files\Sports Interactive\Football Manager 2008\fm.exe:Football Manager 2008
"TCP Query User{9BBCBA03-8072-4AF2-BEB1-02455AB0E94F}C:\program files\tvants\tvants.exe"= UDP:C:\program files\tvants\tvants.exe:TVAnts|Desc=TVAnts
"UDP Query User{A65644C2-06F7-4D17-8976-44FE92DBBB19}C:\program files\tvants\tvants.exe"= TCP:C:\program files\tvants\tvants.exe:TVAnts|Desc=TVAnts
"TCP Query User{85EC105B-DD92-4462-A686-F17BE096B517}C:\program files\sopcast\sopcast.exe"= UDP:C:\program files\sopcast\sopcast.exe:SopCast Main Application|Desc=SopCast Main Application
"UDP Query User{81596FED-32A5-49CB-87EB-E32DCC1DE0EF}C:\program files\sopcast\sopcast.exe"= TCP:C:\program files\sopcast\sopcast.exe:SopCast Main Application|Desc=SopCast Main Application
"TCP Query User{63A2323A-392D-44F6-BAF8-7A274B12F2BC}C:\program files\sports interactive\football manager 2008\fm1.exe"= UDP:C:\program files\sports interactive\football manager 2008\fm1.exe:Football Manager 2008|Desc=Football Manager 2008
"UDP Query User{08B23BDD-F429-49EB-973F-5CD93F3D4C1A}C:\program files\sports interactive\football manager 2008\fm1.exe"= TCP:C:\program files\sports interactive\football manager 2008\fm1.exe:Football Manager 2008|Desc=Football Manager 2008
"TCP Query User{D5A15565-FBE2-46ED-8789-6DE7B991100C}C:\program files\internet explorer\iexplore.exe"= UDP:C:\program files\internet explorer\iexplore.exe:Internet Explorer|Desc=Internet Explorer
"UDP Query User{864CA17B-27D5-4D8E-A10F-6F1076686226}C:\program files\internet explorer\iexplore.exe"= TCP:C:\program files\internet explorer\iexplore.exe:Internet Explorer|Desc=Internet Explorer
"TCP Query User{4FF0C615-EDAE-45B1-B073-2AA2AB204110}C:\users\aziz ahammout\appdata\roaming\sopcast\adv\sopadver.exe"= UDP:C:\users\aziz ahammout\appdata\roaming\sopcast\adv\sopadver.exe:sopadver.exe|Desc=sopadver.exe
"UDP Query User{51682277-52F2-405D-B3BB-EEEAD1A74ECB}C:\users\aziz ahammout\appdata\roaming\sopcast\adv\sopadver.exe"= TCP:C:\users\aziz ahammout\appdata\roaming\sopcast\adv\sopadver.exe:sopadver.exe|Desc=sopadver.exe
"TCP Query User{59448707-A2BD-4EDE-B034-93194ECE6B3B}C:\program files\entrecam\entrecam.exe"= UDP:C:\program files\entrecam\entrecam.exe:EntreCam|Desc=EntreCam
"UDP Query User{E1BF9AE2-2F5E-46F1-AEAD-B85260729321}C:\program files\entrecam\entrecam.exe"= TCP:C:\program files\entrecam\entrecam.exe:EntreCam|Desc=EntreCam
"TCP Query User{5B23B5C1-46C1-448C-9A51-955D0354C13B}C:\program files\sopcast\sopcast.exe"= UDP:C:\program files\sopcast\sopcast.exe:SopCast Main Application|Desc=SopCast Main Application
"UDP Query User{95A63E4F-0E0D-4C04-950A-11658875C3C9}C:\program files\sopcast\sopcast.exe"= TCP:C:\program files\sopcast\sopcast.exe:SopCast Main Application|Desc=SopCast Main Application
"TCP Query User{73E49E04-E5CF-41E8-B99F-74A3B39B3924}C:\program files\tvants\tvants.exe"= UDP:C:\program files\tvants\tvants.exe:TVAnts|Desc=TVAnts
"UDP Query User{CD2FA1A0-FBD1-43F8-8684-91BE3415D8C0}C:\program files\tvants\tvants.exe"= TCP:C:\program files\tvants\tvants.exe:TVAnts|Desc=TVAnts
"TCP Query User{BD773268-A6CF-4AD9-A0CE-CD02BD5EE85B}C:\users\aziz ahammout\appdata\roaming\sopcast\adv\sopadver.exe"= UDP:C:\users\aziz ahammout\appdata\roaming\sopcast\adv\sopadver.exe:sopadver.exe|Desc=sopadver.exe
"UDP Query User{11D5547B-6E74-4861-8508-1DEDCBEC584D}C:\users\aziz ahammout\appdata\roaming\sopcast\adv\sopadver.exe"= TCP:C:\users\aziz ahammout\appdata\roaming\sopcast\adv\sopadver.exe:sopadver.exe|Desc=sopadver.exe
"TCP Query User{026CD57B-E8A0-401B-9186-82E1441FA89A}C:\program files\echanblard\emule.exe"= UDP:C:\program files\echanblard\emule.exe:eChanblard|Desc=eChanblard
"UDP Query User{3E0EB115-C668-4109-8B9C-142C39AA77DB}C:\program files\echanblard\emule.exe"= TCP:C:\program files\echanblard\emule.exe:eChanblard|Desc=eChanblard
"TCP Query User{D2CC6A86-F491-4304-8AEA-14298959AD48}C:\program files\echanblard\emule.exe"= UDP:C:\program files\echanblard\emule.exe:eChanblard|Desc=eChanblard
"UDP Query User{03450EE6-DA1E-49FE-8D74-B2C83ACCA541}C:\program files\echanblard\emule.exe"= TCP:C:\program files\echanblard\emule.exe:eChanblard|Desc=eChanblard
"TCP Query User{E6B12FEE-F2CA-4853-A2B6-36A1331B60A9}C:\program files\tvuplayer\tvuplayer.exe"= UDP:C:\program files\tvuplayer\tvuplayer.exe:TVU Player Component|Desc=TVU Player Component
"UDP Query User{101C0445-F4FA-4EB2-BFAA-D198CCBFA5C6}C:\program files\tvuplayer\tvuplayer.exe"= TCP:C:\program files\tvuplayer\tvuplayer.exe:TVU Player Component|Desc=TVU Player Component
"TCP Query User{7EB04FDB-7EFB-48EA-ABA5-325AD71EA8F5}C:\program files\sopcast\adv\sopadver.exe"= UDP:C:\program files\sopcast\adv\sopadver.exe:SopCast Adver|Desc=SopCast Adver
"UDP Query User{035A9B11-582C-45C5-96DF-CB27AFFEDBDA}C:\program files\sopcast\adv\sopadver.exe"= TCP:C:\program files\sopcast\adv\sopadver.exe:SopCast Adver|Desc=SopCast Adver
"TCP Query User{447831CE-D390-4E9C-9F1C-823D41DD8D04}C:\program files\internet explorer\iexplore.exe"= UDP:C:\program files\internet explorer\iexplore.exe:Internet Explorer|Desc=Internet Explorer
"UDP Query User{355999D2-839A-4BE5-ADB6-7A34F852F7AD}C:\program files\internet explorer\iexplore.exe"= TCP:C:\program files\internet explorer\iexplore.exe:Internet Explorer|Desc=Internet Explorer
"TCP Query User{EE26C134-86F9-496C-8A00-DCED6CB04373}C:\program files\redlightcenter\redlightcenter\redlightcenter.exe"= UDP:C:\program files\redlightcenter\redlightcenter\redlightcenter.exe:Redlightcenter|Desc=Redlightcenter
"UDP Query User{E05BB234-A064-4EE3-AB88-F46794579B0C}C:\program files\redlightcenter\redlightcenter\redlightcenter.exe"= TCP:C:\program files\redlightcenter\redlightcenter\redlightcenter.exe:Redlightcenter|Desc=Redlightcenter
"TCP Query User{C94210E6-5EA8-4C7A-BF37-34F1B250CDF6}C:\program files\entrecam\entrecam.exe"= UDP:C:\program files\entrecam\entrecam.exe:EntreCam|Desc=EntreCam
"UDP Query User{BCFBF3CC-0BCE-4B92-9B1B-C0154625313F}C:\program files\entrecam\entrecam.exe"= TCP:C:\program files\entrecam\entrecam.exe:EntreCam|Desc=EntreCam
"TCP Query User{442C15B1-9BBC-4E31-8DED-B226E97E7028}C:\program files\sopcast\adv\sopadver.exe"= UDP:C:\program files\sopcast\adv\sopadver.exe:SopCast Adver|Desc=SopCast Adver
"UDP Query User{9204167E-2312-4859-ADD5-F0EAC72C33EB}C:\program files\sopcast\adv\sopadver.exe"= TCP:C:\program files\sopcast\adv\sopadver.exe:SopCast Adver|Desc=SopCast Adver
"TCP Query User{89C96EA9-1F91-450A-89A8-02C9C22F9FA1}C:\program files\videolan\vlc\vlc.exe"= UDP:C:\program files\videolan\vlc\vlc.exe:VLC media player|Desc=VLC media player
"UDP Query User{88489EF1-8FB1-4B43-9DD3-A93F75D5B834}C:\program files\videolan\vlc\vlc.exe"= TCP:C:\program files\videolan\vlc\vlc.exe:VLC media player|Desc=VLC media player
"TCP Query User{3B2EAF13-86E1-4D7B-94FD-BDE97698FDEB}C:\program files\tvuplayer\tvuplayer.exe"= UDP:C:\program files\tvuplayer\tvuplayer.exe:TVU Player Component|Desc=TVU Player Component
"UDP Query User{D012E3FD-4123-472D-81BE-C83EA1C49804}C:\program files\tvuplayer\tvuplayer.exe"= TCP:C:\program files\tvuplayer\tvuplayer.exe:TVU Player Component|Desc=TVU Player Component
"{BC8B9CC0-0EA2-4209-9ECF-D664FD3400CB}"= UDP:C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"{727ADB50-5A47-4DCC-AA65-D1DCA14D6D7A}"= TCP:C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"{76F66C50-9CD4-41EF-8C33-40F5565CEE3E}"= UDP:C:\Program Files\Yahoo!\Messenger\YServer.exe:Yahoo! FT Server
"{5E4712FE-99AC-4843-AD6A-6FFE64094DA7}"= TCP:C:\Program Files\Yahoo!\Messenger\YServer.exe:Yahoo! FT Server
"TCP Query User{0C703C8F-1502-4B85-A6D2-A85E798C40B5}C:\program files\flightgear\bin\win32\fgfs.exe"= UDP:C:\program files\flightgear\bin\win32\fgfs.exe:fgfs|Desc=fgfs
"UDP Query User{2DDE8FB6-1B8B-4EB0-ACEA-0279CE62886D}C:\program files\flightgear\bin\win32\fgfs.exe"= TCP:C:\program files\flightgear\bin\win32\fgfs.exe:fgfs|Desc=fgfs
"TCP Query User{08318509-B6F8-4432-9AD9-13A3E3707E0B}C:\program files\yahoo!\messenger\yahoomessenger.exe"= UDP:C:\program files\yahoo!\messenger\yahoomessenger.exe:Yahoo! Messenger|Desc=Yahoo! Messenger
"UDP Query User{B54E6F60-D281-400D-A52A-D4457B4B6F70}C:\program files\yahoo!\messenger\yahoomessenger.exe"= TCP:C:\program files\yahoo!\messenger\yahoomessenger.exe:Yahoo! Messenger|Desc=Yahoo! Messenger
"{FF369437-3E17-4FB2-8555-4644ED3DEE16}"= UDP:C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:AOL
"{912A3172-7C8A-4B2B-8857-DE4842CBF855}"= TCP:C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:AOL
"{73F75778-F162-4029-9DB2-8BB787319580}"= UDP:C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:AOL
"{F3D46518-A9C4-4B27-BD24-607EE69F1F32}"= TCP:C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:AOL
"{B191FB2E-2E38-4B87-8510-A0B57376BA00}"= UDP:C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:AOL
"{E0FCD32E-EE7C-4FD7-94A3-D134DDB49353}"= TCP:C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:AOL
"{99A90479-E091-4060-BC7C-14134866252A}"= UDP:C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:AOL
"{55FCEDD2-794E-4A99-AB4D-EFF18A7C31F4}"= TCP:C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:AOL
"TCP Query User{84F11523-0033-4883-93F9-E5AD8BB02C69}C:\users\aziz ahammout\documents\worms.4.mayhem-reloaded\crack\worms 4 mayhem.exe"= UDP:C:\users\aziz ahammout\documents\worms.4.mayhem-reloaded\crack\worms 4 mayhem.exe:worms 4 mayhem.exe|Desc=worms 4 mayhem.exe
"UDP Query User{4A6EFE11-AE1E-428F-9F36-CC5260C03E65}C:\users\aziz ahammout\documents\worms.4.mayhem-reloaded\crack\worms 4 mayhem.exe"= TCP:C:\users\aziz ahammout\documents\worms.4.mayhem-reloaded\crack\worms 4 mayhem.exe:worms 4 mayhem.exe|Desc=worms 4 mayhem.exe
"TCP Query User{0E709D11-4A4E-49B6-9E6A-769F679EC278}C:\users\aziz ahammout\documents\worms.4.mayhem-reloaded\crack\worms 4 mayhem.exe"= UDP:C:\users\aziz ahammout\documents\worms.4.mayhem-reloaded\crack\worms 4 mayhem.exe:worms 4 mayhem.exe|Desc=worms 4 mayhem.exe
"UDP Query User{F12CF795-106D-4B65-AD7C-53CB8BEEFD9C}C:\users\aziz ahammout\documents\worms.4.mayhem-reloaded\crack\worms 4 mayhem.exe"= TCP:C:\users\aziz ahammout\documents\worms.4.mayhem-reloaded\crack\worms 4 mayhem.exe:worms 4 mayhem.exe|Desc=worms 4 mayhem.exe
"TCP Query User{6583B647-28CE-4148-BB7E-533A694AD548}C:\program files\real\realplayer\realplay.exe"= UDP:C:\program files\real\realplayer\realplay.exe:RealPlayer|Desc=RealPlayer
"UDP Query User{5DC939A9-97A5-4883-BBE5-1C8B69ECB62D}C:\program files\real\realplayer\realplay.exe"= TCP:C:\program files\real\realplayer\realplay.exe:RealPlayer|Desc=RealPlayer
"TCP Query User{9026E28B-9062-46A3-9579-52D95CEC2743}C:\moove\_adv.exe"= UDP:C:\moove\_adv.exe:Roomancer - moove Online World Client|Desc=Roomancer - moove Online World Client
"UDP Query User{DE30549C-A782-451D-98BE-EE48E0DEB85C}C:\moove\_adv.exe"= TCP:C:\moove\_adv.exe:Roomancer - moove Online World Client|Desc=Roomancer - moove Online World Client
"TCP Query User{980BFA54-453E-45B7-A322-8D958DDEEAFD}C:\program files\secondlife\slvoice.exe"= UDP:C:\program files\secondlife\slvoice.exe:SLVoice|Desc=SLVoice
"UDP Query User{4BEC434A-E1E0-402B-BB07-023ABAE5B2FF}C:\program files\secondlife\slvoice.exe"= TCP:C:\program files\secondlife\slvoice.exe:SLVoice|Desc=SLVoice
"TCP Query User{6718FACC-E408-4398-A91A-116ECCCC3315}C:\program files\skype\phone\skype.exe"= UDP:C:\program files\skype\phone\skype.exe:Skype. Take a deep breath |Desc=Skype. Take a deep breath
"UDP Query User{B43908FA-9709-4522-843C-5417D3461714}C:\program files\skype\phone\skype.exe"= TCP:C:\program files\skype\phone\skype.exe:Skype. Take a deep breath |Desc=Skype. Take a deep breath
"{A2999B10-B3AD-4A79-B1C1-EA584C6C0509}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)|Edge=TRUE|

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"C:\Acer\Empowering Technology\eDataSecurity\eDSfsu.exe"= C:\Acer\Empowering Technology\eDataSecurity\eDSfsu.exe:*:Enabled:eDSfsu
"C:\Acer\Empowering Technology\eDataSecurity\encryption.exe"= C:\Acer\Empowering Technology\eDataSecurity\encryption.exe:*:Enabled:encryption
"C:\Acer\Empowering Technology\eDataSecurity\decryption.exe"= C:\Acer\Empowering Technology\eDataSecurity\decryption.exe:*:Enabled:decryption

R0 PSDFilter;PSDFilter;C:\Windows\system32\DRIVERS\psdfilter.sys [2007-02-06 23:04]
R0 PSDNServ;PSDNSERVER;C:\Windows\system32\drivers\PSDNServ.sys [2007-02-06 23:04]
R0 psdvdisk;psdvdisk;C:\Windows\system32\drivers\psdvdisk.sys [2007-02-06 23:04]
R1 Hotkey;Hotkey;C:\Windows\system32\drivers\Hotkey.sys [2003-04-28 10:27]
R2 aswMonFlt;aswMonFlt;C:\Windows\system32\DRIVERS\aswMonFlt.sys [2007-12-04 15:52]
R2 eDataSecurity Service;eDSService.exe;"C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe" [2007-02-06 23:04]
R2 eNet Service;eNet Service;C:\Acer\Empowering Technology\eNet\eNet Service.exe [2007-03-22 17:21]
R2 eSettingsService;eSettings Service;C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe [2007-04-24 18:17]
R2 MobilityService;MobilityService;C:\Acer\Mobility Center\MobilityService.exe [2006-11-24 11:57]
R2 WMIService;ePower Service;C:\Acer\Empowering Technology\ePower\ePowerSvc.exe [2007-01-02 08:33]
R3 Cam5607;Acer OrbiCam;C:\Windows\system32\Drivers\BisonC07.sys [2007-05-02 19:59]
R3 RTL8169;Pilote Realtek 8169 NT;C:\Windows\system32\DRIVERS\Rtlh86.sys [2006-11-02 08:30]
R3 WisLMSvc;WisLMSvc;"C:\Program Files\Launch Manager\WisLMSvc.exe" [2006-11-17 19:45]
S3 athr;Atheros Extensible Wireless LAN device driver;C:\Windows\system32\DRIVERS\athr.sys [2006-11-02 08:30]
S3 BCM43XV;Pilote de la carte réseau extensible Broadcom 802.11;C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-12-19 20:18]
S3 Boonty Games;Boonty Games;"C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe" [2007-12-27 18:28]
S3 WSVD;WSVD;C:\Windows\system32\drivers\WSVD.sys [2006-09-19 15:47]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4c542c40-e379-11dc-b263-0016d358095d}]
\shell\AutoRun\command - ie.exe
\shell\explore\Command - ie.exe
\shell\open\Command - ie.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4d2d119c-d0e7-11dc-b405-0016d358095d}]
\shell\AutoRun\command - F:\p3r1ud.exe
\shell\explore\Command - F:\p3r1ud.exe
\shell\open\Command - F:\p3r1ud.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4d2d11de-d0e7-11dc-b405-0016d358095d}]
\shell\AutoRun\command - G:\p3r1ud.exe
\shell\explore\Command - G:\p3r1ud.exe
\shell\open\Command - G:\p3r1ud.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{50034aea-c56b-11dc-a558-0016d358095d}]
\shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
\shell\Open(&0)\command - Recycled\ctfmon.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5c76a6dc-aa51-11dc-8272-00197e85a989}]
\shell\Setup\command - setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{65cdd7e2-9e8a-11dc-990c-0016d358095d}]
\shell\AutoRun\command - G:\euromed.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{65cdd7e4-9e8a-11dc-990c-0016d358095d}]
\shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
\shell\Open(&0)\command - Recycled\ctfmon.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{72f0530e-7e63-11dc-8190-0016d358095d}]
\shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
\shell\Open(&0)\command - Recycled\ctfmon.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a13e8bd7-c5bd-11dc-9b9e-0016d358095d}]
\shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
\shell\Open(&0)\command - Recycled\ctfmon.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fd9b8e44-c755-11dc-8e6d-0016d358095d}]
\shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
\shell\Open(&0)\command - Recycled\ctfmon.exe

.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-03-05 21:02:21 C:\Windows\Tasks\User_Feed_Synchronization-{33F5DB35-44B2-4EBB-9AD8-73083E358805}.job"
- C:\Windows\system32\msfeedssync.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-06 19:23:06
Windows 6.0.6000 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.
Temps d'accomplissement: 2008-03-06 19:24:57
.
2008-03-04 18:30:59 --- E O F ---
0
Réponse 16 / 17
vistaman
9 mars 2008 à 17:49
J'ai le même problème que vous : entée manquante: run qwiiqqgv
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:55:24, on 09/03/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16609)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Windows\WindowsMobile\wmdSync.exe
C:\Program Files\Softwin\BitDefender10\bdmcon.exe
C:\Program Files\Softwin\BitDefender10\bdagent.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.fr.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe
O4 - HKLM\..\Run: [BDMCon] C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [RegistrySmart] C:\Program Files\RegistrySmart\RegistrySmart.exe
O4 - HKCU\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [?????????] ??????????????e
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
O4 - HKCU\..\Run: [MSServer] rundll32.exe C:\Users\FAMILI~1\AppData\Local\Temp\gebya.dll,#1
O4 - HKCU\..\Run: [cmds] rundll32.exe C:\Users\FAMILI~1\AppData\Local\Temp\vtutu.dll,c
O4 - HKCU\..\Run: [MS Juan] rundll32 "C:\Users\FAMILI~1\AppData\Local\Temp\qwiiqqgv.dll",run
O4 - HKCU\..\Run: [b81a1cca] rundll32.exe "C:\Users\FAMILI~1\AppData\Local\Temp\joatumut.dll",b
O4 - HKCU\..\Run: [BMbb292f56] Rundll32.exe "C:\Users\FAMILI~1\AppData\Local\Temp\mcxkqujr.dll",s
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O13 - Gopher Prefix:
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.mail.live.com/mail/w1/resources/VistaMSNPUpldfr-fr.cab
O20 - AppInit_DLLs: c:\windows\system32\ssqrssr.dll eNetHook.dll
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Validation de mot de passe Symantec IS (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: lxcg_device - Unknown owner - C:\Windows\system32\lxcgcoms.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
0
Réponse 17 / 17
piper
31 août 2008 à 02:23
Moi j'ai le même problème mais c'est le fichier khfETmlI.dll qui est iscrit et celà m'empêche d'ouvrir Internet Explorer. aidez moi svp ?
0

Discussions similaires

Processus Expérience d'entrée Windows 11
zendeur37 -
certys29 -

28 réponses
Création du sommaire sous Word
Licorne rose -
C-Claire -

11 réponses
Comment faire d'une entrée micro, une entrée line ?
kerolorenzo -
kerolorenzo -

7 réponses
Teste afpa niveau 3
Vulcainessonne -
Raymond PENTIER -

3 réponses
erreur McUICnt.exe
Nanou -
pablito -

7 réponses