Se connecter / S'enregistrer
Votre question

message d'erreur explorasi.exe

Tags :
  • Windows
  • Sécurité
Dernière réponse : dans Sécurité et virus
2 Février 2008 11:53:02

Salut à tous.
À chaque que je demarre mon PC il y a un message d'erreur disant que Windows n'a pa pu trouver explorasi.exe
Je vien de faire un scan avec HijackThis et voilà le scan :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:49:58, on 02/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Spyware Doctor\SDTrayApp.exe
C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Windows Desktop Search\WindowsSearchIndexer.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Spyware Doctor\svcntaux.exe
C:\Program Files\Spyware Doctor\swdsvc.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
F2 - REG:system.ini: Shell=Explorer.exe "C:\WINDOWS\eksplorasi.exe"
O1 - Hosts: <html>
O1 - Hosts: <head>
O1 - Hosts: <title>Welcome to Yahoo! GeoCities - Your Home on the Web ®</title>
O1 - Hosts: </head>
O1 - Hosts: <body bgcolor=#ffffff>
O1 - Hosts: <!-- following code added by server. PLEASE REMOVE -->
O1 - Hosts: <!-- preceding code added by server. PLEASE REMOVE --><center>
O1 - Hosts: <table border=0 width=600 cellspacing=0 cellpadding=0><tr><td width="1%"><a href="http://geocities.yahoo.com/"><img
O1 - Hosts: src=http://us.i1.yimg.com/us.yimg.com/i/us/geo/ygeo.gif width=305 height=36 border=0 alt="Yahoo! GeoCities"></a></td><td><table border=0 cellspacing=0 cellpadding=0 width="100%"><tr><td align=right valign=bottom nowrap><font face=arial size=-1><a href="http://www.yahoo.com">Yahoo!</a>
O1 - Hosts: - <a href="http://help.yahoo.com/help/us/geo/">Help</a>
O1 - Hosts: </font>
O1 - Hosts: </td></tr></table><hr size=1></td></tr></table>
O1 - Hosts: <br>
O1 - Hosts: <table width=600 cellpadding=4 cellspacing=0 border=0>
O1 - Hosts: <tr bgcolor=003399><td><font face=arial size=+1 color=ffffff><b>Sorry, the site you requested is inactive.</b></font></td>
O1 - Hosts: </tr>
O1 - Hosts: </table>
O1 - Hosts: <br>
O1 - Hosts: <table width="600" border="0" cellspacing="0" cellpadding="0"><tr><td align=center valign=top>
O1 - Hosts: <table width="100%" cellpadding=1 cellspacing=0 border=0 bgcolor=dcdcdc><tr><td valign=top>
O1 - Hosts: <table width="100%" cellpadding=4 cellspacing=0 border=0 bgcolor=ffffee><tr><td valign=top>
O1 - Hosts: <font face=arial size=-1>
O1 - Hosts: This GeoCities site has been deactivated due to inactivity.
O1 - Hosts: <p>
O1 - Hosts: <strong>Are you the site owner?</strong> <br>
O1 - Hosts: <a href="http://geocities.yahoo.com/v/activate.html">Click here</a> to reactivate your site.
O1 - Hosts: <p>
O1 - Hosts: <strong>Are you a visitor?</strong> Try a search below.
O1 - Hosts: </font>
O1 - Hosts: <br><br>
O1 - Hosts: </td></tr></table></td></tr></table>
O1 - Hosts: </td></tr></table>
O1 - Hosts: <br>
O1 - Hosts: <table width="600" cellpadding=4 cellspacing=0 border=0 bgcolor=eeeeee><tr><td valign=top>
O1 - Hosts: <font face=arial size=-1><b>Search Yahoo! GeoCities</b></font></td></tr></table>
O1 - Hosts: <br><form action="http://geocities.yahoo.com/search" method=get>
O1 - Hosts: <input size=32 name=p value=""> <input type=submit value="Search"><p>
O1 - Hosts: <p>
O1 - Hosts: <strong><font face=arial size=-1>Advanced GeoCities search options </font></strong>
O1 - Hosts: <p>
O1 - Hosts: <table border=0 cellpadding=2 cellspacing=0>
O1 - Hosts: <tr><td valign=top>
O1 - Hosts: <table border=0 cellpadding=1 cellspacing=0>
O1 - Hosts: <tr><td colspan=2><font face=arial size=-1><b>Option 1</b></font></td></tr>
O1 - Hosts: <tr><td witdth=1% valign=top> <input type=radio name=o value=i checked></td><td><font face=arial size=-1>Intelligent default</font></td></tr>
O1 - Hosts: <tr><td witdth=1% valign=top> <input type=radio name=o value=p></td><td><font face=arial size=-1>An exact phrase match</font></td></tr>
O1 - Hosts: <tr><td witdth=1% valign=top> <input type=radio name=o value=a></td><td><font face=arial size=-1>Matches on all words (AND)</font></td></tr>
O1 - Hosts: <tr><td witdth=1% valign=top> <input type=radio name=o value=o></td><td><font face=arial size=-1>Matches on any word (OR)</font></td></tr></table>
O1 - Hosts: </td><td> </td><td valign=top>
O1 - Hosts: <table border=0 cellpadding=1 cellspacing=0>
O1 - Hosts: <tr><td colspan=2><font face=arial size=-1><b>Option 2</b></font></td></tr>
O1 - Hosts: <tr><td witdth=1% valign=top> <input type=radio name=h value=c ></td><td><font face=arial size=-1>Yahoo! GeoCities Categories</font></td></tr>
O1 - Hosts: <tr><td witdth=1% valign=top> <input type=radio name=h value=s checked></td><td><font face=arial size=-1>Yahoo! GeoCities Web Sites</font></td></tr></table>
O1 - Hosts: </td></tr></table>
O1 - Hosts: </form>
O1 - Hosts: <p>
O1 - Hosts: <br>
O1 - Hosts: <table cellpadding=0 cellspacing=0 border=0 width=675><tr><td bgcolor=a0b8c8>
O1 - Hosts: <table cellpadding=1 cellspacing=1 border=0 width="100%">
O1 - Hosts: <tr valign=top bgcolor=ffffff><td align=center>
O1 - Hosts: <font face=arial size=-2><A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://address.yahoo.com/">Address Book</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://alerts.yahoo.com/">Alerts</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://auctions.yahoo.com/">Auctions</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://billpay.yahoo.com/">Bill Pay</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://bookmarks.yahoo.com/">Bookmarks</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://briefcase.yahoo.com/">Briefcase</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://broadcast.yahoo.com/">Broadcast</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://calendar.yahoo.com/">Calendar</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://chat.yahoo.com/">Chat</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://classifieds.yahoo.co...">Classifieds</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://clubs.yahoo.com/">Clubs</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://companion.yahoo.com/">Companion</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://experts.yahoo.com/">Experts</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://games.yahoo.com/">Games</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://greetings.yahoo.com/">Greetings</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://geocities.yahoo.com/">Home Pages</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://invites.yahoo.com/">Invites</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://mail.yahoo.com/">Mail</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://maps.yahoo.com/">Maps</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://members.yahoo.com/">Member Directory</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://messenger.yahoo.com/">Messenger</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://my.yahoo.com/">My Yahoo!</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://news.yahoo.com/">News</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://paydirect.yahoo.com/">PayDirect</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://people.yahoo.com/">People Search</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://personals.yahoo.com/">Personals</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://photos.yahoo.com/">Photos</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://shopping.yahoo.com/">Shopping</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://sports.yahoo.com/">Sports</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://finance.yahoo.com/">Stock Quotes</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://tv.yahoo.com/">TV</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://travel.yahoo.com/">Travel</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://weather.yahoo.com/">Weather</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://www.yahooligans.com/">Yahooligans</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://yp.yahoo.com/">Yellow Pages</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://docs.yahoo.com/docs/...">more...</A>
O1 - Hosts: </font></td></tr></table></td></tr></table>
O1 - Hosts: <p><center><hr noshade size=1 width="675"><table border=0 cellpadding=0 cellspacing=0><tr><td align=center valign=bottom width="100%"><font size="-2" face=arial>Copyright © 2004 <a href="http://www.yahoo.com" target="_top">Yahoo! Inc.</a> All rights reserved.<br><b>NOTICE: We collect personal information on this site. To learn more about how we use your information, see our <a href="http://privacy.yahoo.com/privacy/us/" target="_top">Yahoo Privacy Policy</a></b></font></td></tr></table></center>
O1 - Hosts: </body>
O1 - Hosts: </html>
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Program Files\Windows Desktop Search\dsWebAllow.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
O4 - HKLM\..\Run: [HP Software Update] "c:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SDTray] C:\Program Files\Spyware Doctor\SDTrayApp.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [Bron-Spizaetus] "C:\WINDOWS\ShellNew\sempalong.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Tok-Cirrhatus] "C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\smss.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProduct...
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.c...
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichiers/hardwaredet...
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jinstall-6u3-win...
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst....
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Unknown owner - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Fichiers communs\SolidWorks Shared\Service\SolidWorksLicensing.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe

--
End of file - 18290 bytes

Autres pages sur : message erreur explorasi exe

2 Février 2008 11:55:07

Faut-il que je supprime cette ligne (en cliquant sur Fix checked) ? :
F2 - REG:system.ini: Shell=Explorer.exe "C:\WINDOWS\eksplorasi.exe"
a b 8 Sécurité
2 Février 2008 12:34:29

Re,

Télécharge R-Hosts.exe (de S!ri)
Lance R-Hosts puis clique sur "Restaurer".
Valide la modification en appuyant sur OK.

&

[#ff0000]Désactive tes protections résidentes (antivirus, Spybot...) ![/#f]

  • Télécharge Combofix ([#ff0000]sUBs[/#f]) sur ton Bureau.
  • Double clique sur combofix.exe afin de le lancer.
  • Tape sur la touche 1 (Yes) pour démarrer le scan.
  • Lorsque le scan sera complété, un rapport apparaîtra. Poste ce rapport dans ta prochaine réponse.
    Contenus similaires
    3 Février 2008 16:45:45

    Merci pour ta réponse. Voila le résultat du scan :

    ComboFix 08-02.03.1 - Compaq_Propriétaire 2008-02-03 16:27:57.1 - NTFSx86
    Endroit: C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\SOBSPRXH\ComboFix[1].exe
    * Création d'un nouveau point de restauration
    .
    The following files were disabled during the run:
    C:\Program Files\Spyware Doctor\klg.dat


    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\WINDOWS\Fonts\acrsecB.fon
    C:\WINDOWS\Fonts\acrsecI.fon

    .
    ((((((((((((((((((((((((((((( Fichiers créés 2008-01-03 to 2008-02-03 ))))))))))))))))))))))))))))))))))))
    .

    2008-02-03 15:48 . 2008-02-03 15:48 54,156 --ah----- C:\WINDOWS\QTFont.qfn
    2008-02-03 15:48 . 2008-02-03 15:48 1,409 --a------ C:\WINDOWS\QTFont.for
    2008-02-03 13:38 . 2004-12-07 10:11 258,352 --a------ C:\WINDOWS\system32\unicows.dll
    2008-02-03 13:33 . 2008-02-03 13:33 <REP> d-------- C:\Program Files\Fichiers communs\PCCamera
    2008-02-02 09:53 . 2008-02-02 09:53 <REP> d-------- C:\Documents and Settings\Compaq_Propriétaire\Application Data\sldIM
    2008-02-02 09:35 . 2008-02-02 09:35 <REP> d-------- C:\Documents and Settings\Compaq_Propriétaire\Application Data\DassaultSystemes
    2008-02-02 09:35 . 2008-02-02 09:35 <REP> d-------- C:\Documents and Settings\All Users\Application Data\DassaultSystemes
    2008-02-02 09:33 . 2008-02-02 09:34 <REP> d-------- C:\Program Files\SolidWorks
    2008-02-02 09:33 . 2008-02-02 09:33 <REP> d-------- C:\Program Files\Fichiers communs\SolidWorks Shared
    2008-02-02 09:32 . 2008-02-02 09:32 <REP> d-------- C:\Documents and Settings\Compaq_Propriétaire\Application Data\DWGeditor
    2008-02-02 09:31 . 2008-02-02 09:37 <REP> d-------- C:\Program Files\DWGeditor
    2008-02-02 09:30 . 2008-02-02 09:30 <REP> d-------- C:\Program Files\SolidWorks Installation Manager
    2008-02-02 09:30 . 2008-02-02 09:30 0 --a------ C:\WINDOWS\eDrawingOfficeAutomator.INI
    2008-02-02 09:14 . 2008-02-02 09:29 <REP> d-------- C:\Program Files\Fichiers communs\eDrawings2007
    2008-02-02 09:01 . 2008-02-02 09:03 <REP> d-------- C:\Program Files\Windows Desktop Search
    2008-02-02 09:00 . 2008-02-02 09:00 42 --a------ C:\WINDOWS\trailer.xws
    2008-02-01 18:44 . 2008-02-03 13:28 <REP> d-------- C:\Program Files\PC Camera
    2008-01-31 12:30 . 2001-08-17 22:02 9,600 --a------ C:\WINDOWS\system32\drivers\hidusb.sys
    2008-01-31 12:30 . 2001-08-17 22:02 9,600 --a--c--- C:\WINDOWS\system32\dllcache\hidusb.sys
    2008-01-28 17:44 . 2008-02-02 09:02 1,355 --a------ C:\WINDOWS\imsins.BAK
    2008-01-25 18:16 . 2005-03-15 17:04 161,792 --------- C:\WINDOWS\system32\drivers\ov530vid.sys
    2008-01-25 18:16 . 2004-08-05 17:34 61,440 --------- C:\WINDOWS\ov530dib.dll
    2008-01-25 18:16 . 2005-09-30 09:42 40,960 --------- C:\WINDOWS\system32\ov530ext.dll
    2008-01-25 18:16 . 2004-11-09 00:37 25,177 --------- C:\WINDOWS\system32\drivers\ov530cmd.sys
    2008-01-25 18:16 . 2005-09-30 09:56 18,972 --------- C:\WINDOWS\system32\ov530ext.ax
    2008-01-25 18:16 . 2004-07-20 01:50 16,440 --------- C:\WINDOWS\system32\ov530usd.dll
    2008-01-25 17:43 . 2004-08-03 23:07 59,264 --a------ C:\WINDOWS\system32\drivers\USBAUDIO.sys
    2008-01-25 17:43 . 2004-08-03 23:07 59,264 --a--c--- C:\WINDOWS\system32\dllcache\usbaudio.sys
    2008-01-25 16:24 . 2008-01-25 18:16 <REP> d-------- C:\WINDOWS\OvtCam
    2008-01-24 12:40 . 2008-01-24 12:40 1,158 --a------ C:\WINDOWS\mozver.dat
    2008-01-24 12:38 . 2008-01-24 12:38 0 --a------ C:\WINDOWS\nsreg.dat
    2008-01-15 21:55 . 2008-01-15 21:55 <REP> d-------- C:\Documents and Settings\Compaq_Propriétaire\Application Data\gtk-2.0
    2008-01-15 20:18 . 2008-01-15 20:18 <REP> d-------- C:\Documents and Settings\Compaq_Propriétaire\Application Data\Inkscape
    2008-01-15 20:14 . 2008-01-15 21:57 <REP> d-------- C:\Program Files\Inkscape
    2008-01-14 17:48 . 2008-01-14 17:48 244 --ah----- C:\sqmnoopt02.sqm
    2008-01-14 17:48 . 2008-01-14 17:48 232 --ah----- C:\sqmdata02.sqm
    2008-01-12 09:06 . 2008-01-12 09:06 552 --a------ C:\WINDOWS\system32\d3d8caps.dat
    2008-01-10 18:06 . 2007-11-30 08:45 644,400 --a------ C:\WINDOWS\system32\MSCOMCT2.OCX
    2008-01-10 17:50 . 2008-01-10 18:06 <REP> d-------- C:\Program Files\Google
    2008-01-09 22:39 . 2004-05-14 16:53 462,848 --a------ C:\WINDOWS\system32\ltkrn13n.dll
    2008-01-09 22:39 . 2004-05-14 16:53 450,560 --a------ C:\WINDOWS\system32\ltimg13n.dll
    2008-01-09 22:39 . 2004-05-14 16:53 401,408 --a------ C:\WINDOWS\system32\lfcmp13n.dll
    2008-01-09 22:39 . 2004-05-14 16:53 299,008 --a------ C:\WINDOWS\system32\ltdis13n.dll
    2008-01-09 22:39 . 2004-01-12 02:09 206,336 --a------ C:\WINDOWS\system32\ltefx13n.dll
    2008-01-09 22:39 . 2004-05-14 16:53 163,840 --a------ C:\WINDOWS\system32\ltfil13n.dll
    2008-01-09 22:39 . 2003-11-04 15:11 159,744 --a------ C:\WINDOWS\system32\lfpng13n.dll
    2008-01-09 22:39 . 2003-11-04 15:10 69,632 --a------ C:\WINDOWS\system32\lfgif13n.dll
    2008-01-09 22:39 . 2004-05-14 16:53 57,344 --a------ C:\WINDOWS\system32\lfbmp13n.dll
    2008-01-09 17:40 . 2008-01-09 17:40 <REP> d-------- C:\Program Files\Kazaa
    2008-01-08 21:55 . 2008-01-08 21:55 <REP> d-------- C:\Program Files\DMV
    2008-01-06 19:35 . 2008-01-09 17:40 <REP> d-------- C:\Documents and Settings\Compaq_Propriétaire\Application Data\bat show junk
    2008-01-05 08:29 . 2008-01-05 08:29 <REP> d-------- C:\Program Files\D-Tools
    2008-01-05 08:29 . 2004-08-22 16:31 155,136 --a------ C:\WINDOWS\system32\drivers\d347bus.sys
    2008-01-05 08:29 . 2004-08-22 16:31 5,248 --a------ C:\WINDOWS\system32\drivers\d347prt.sys
    2008-01-04 13:25 . 2007-07-12 02:49 186,256 --a------ C:\WINDOWS\system32\LUD6C.tmp
    2008-01-04 12:55 . 2008-01-04 12:55 <REP> dr------- C:\Documents and Settings\LocalService\Mes documents
    2008-01-04 10:57 . 2008-01-04 10:57 <REP> dr------- C:\Documents and Settings\LocalService\Favoris
    2008-01-04 08:58 . 2008-02-03 16:25 <REP> d-------- C:\Program Files\Spyware Doctor
    2008-01-04 08:58 . 2008-01-04 08:58 <REP> d-------- C:\Documents and Settings\Compaq_Propriétaire\Application Data\PC Tools
    2008-01-04 08:58 . 2005-09-23 07:29 626,688 --a------ C:\WINDOWS\system32\msvcr80.dll
    2008-01-04 08:58 . 2008-01-04 09:00 83,536 --a------ C:\WINDOWS\system32\drivers\iksyssec.sys
    2008-01-04 08:58 . 2008-01-04 09:00 59,984 --a------ C:\WINDOWS\system32\drivers\iksysflt.sys
    2008-01-04 08:58 . 2008-01-04 08:59 52,304 --a------ C:\WINDOWS\system32\drivers\ikfilesec.sys
    2008-01-04 08:58 . 2008-01-04 08:59 39,248 --a------ C:\WINDOWS\system32\drivers\ikfileflt.sys
    2008-01-04 08:58 . 2008-01-04 09:00 26,064 --a------ C:\WINDOWS\system32\drivers\kcom.sys
    2008-01-03 14:48 . 2008-01-03 14:49 <REP> d-------- C:\WINDOWS\system32\ActiveScan
    2008-01-03 14:48 . 2008-01-03 14:48 30,590 --a------ C:\WINDOWS\system32\pavas.ico
    2008-01-03 14:48 . 2008-01-03 14:48 2,550 --a------ C:\WINDOWS\system32\Uninstall.ico
    2008-01-03 14:48 . 2008-01-03 14:48 1,406 --a------ C:\WINDOWS\system32\Help.ico
    2008-01-03 11:47 . 2008-01-03 14:35 <REP> d-------- C:\WINDOWS\BDOSCAN8

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-02-03 13:04 --------- d-----w C:\Documents and Settings\Compaq_Propriétaire\Application Data\LimeWire
    2008-02-03 12:28 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-02-03 12:28 --------- d-----w C:\Program Files\PC Camer@
    2008-02-02 20:55 --------- d-----w C:\Program Files\eMule
    2008-02-02 10:31 --------- d-----w C:\Program Files\Help and Support Additions
    2008-02-01 18:12 --------- d-----w C:\Documents and Settings\Compaq_Propriétaire\Application Data\OpenOffice.org2
    2008-02-01 17:42 --------- d-----w C:\Documents and Settings\Compaq_Propriétaire\Application Data\ma-config.com
    2008-01-30 12:53 --------- d-----w C:\Program Files\WarRock
    2008-01-28 10:46 --------- d-----w C:\Program Files\ma-config.com
    2008-01-28 10:20 22,328 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys
    2008-01-28 10:20 107,832 ----a-w C:\WINDOWS\system32\PnkBstrB.exe
    2008-01-25 17:05 --------- d-----w C:\Documents and Settings\Compaq_Propriétaire\Application Data\ArcSoft
    2008-01-25 16:58 --------- d-----w C:\Program Files\Fichiers communs\ArcSoft
    2008-01-25 15:34 --------- d-----w C:\Program Files\Fichiers communs\Logitech
    2008-01-20 16:53 --------- d-----w C:\Program Files\HP
    2008-01-17 11:31 --------- d-----w C:\Program Files\DivX
    2008-01-12 14:13 --------- d-----w C:\Program Files\LimeWire
    2008-01-09 16:40 --------- d-----w C:\Program Files\Messenger Plus! Live
    2008-01-07 18:02 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
    2008-01-06 18:25 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
    2008-01-06 15:08 --------- d-----w C:\Program Files\EA GAMES
    2008-01-05 17:37 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared
    2008-01-05 17:37 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
    2008-01-05 17:35 --------- d-----w C:\Program Files\Symantec
    2008-01-05 10:04 --------- d-----w C:\Documents and Settings\Compaq_Propriétaire\Application Data\Symantec
    2008-01-03 09:19 --------- d-----w C:\Program Files\Fichiers communs\Wise Installation Wizard
    2008-01-02 18:34 --------- d-----w C:\Program Files\Logitech
    2008-01-01 20:10 304,160 ----a-w C:\StiImg.dat
    2007-12-31 18:42 --------- d-----w C:\Documents and Settings\Compaq_Propriétaire\Application Data\AdobeUM
    2007-12-31 16:52 66,872 ----a-w C:\WINDOWS\system32\PnkBstrA.exe
    2007-12-31 12:24 --------- d-----w C:\Program Files\MSXML 4.0
    2007-12-31 11:06 --------- d-----w C:\Program Files\Java
    2007-12-31 09:21 --------- d-----w C:\Documents and Settings\All Users\Application Data\HP
    2007-12-31 09:20 --------- d-----w C:\Program Files\Fichiers communs\HP
    2007-12-31 09:18 --------- d-----w C:\Program Files\Hewlett-Packard
    2007-12-31 08:35 1,908 --sha-r C:\WINDOWS\system32\drivers\103C_HP_CPC_PS244AA-ABF SR1338FR FR510_YC_0Pres_QCZB509_E51FRheREF6_47_ISalmon_SASUSTek Computer INC._V1.04_B3.04_T041029_WXH2_L40C_M512_J160_7AMD_8Athlon 64_92.01_#071114_N10390900_Z11C1048C_G10DE0326.MRK
    2007-12-30 09:50 --------- d-----w C:\Program Files\AskTBar
    2007-12-30 09:17 --------- d-----w C:\Documents and Settings\Compaq_Propriétaire\Application Data\Nero
    2007-12-30 09:15 --------- d-----w C:\Program Files\Fichiers communs\Nero
    2007-12-30 09:12 --------- d-----w C:\Program Files\Nero
    2007-12-30 09:12 --------- d-----w C:\Documents and Settings\All Users\Application Data\Nero
    2007-12-29 21:25 --------- d-----w C:\Documents and Settings\Compaq_Propriétaire\Application Data\Sonic
    2007-12-29 21:24 --------- d-----w C:\Documents and Settings\Compaq_Propriétaire\Application Data\Leadertech
    2007-12-29 21:00 --------- d-----w C:\Program Files\IVT Corporation
    2007-12-29 08:59 --------- d-----w C:\Documents and Settings\All Users\Application Data\Test Drive Unlimited
    2007-12-28 12:52 --------- d-----w C:\Program Files\GameShadow
    2007-12-27 21:46 --------- d-----w C:\Program Files\Windows Live
    2007-12-27 21:43 --------- dcsh--w C:\Program Files\Fichiers communs\WindowsLiveInstaller
    2007-12-26 08:01 --------- d-----w C:\Documents and Settings\Compaq_Propriétaire\Application Data\vlc
    2007-12-26 07:35 --------- d-----w C:\Program Files\VideoLAN
    2007-12-25 18:31 --------- d-----w C:\Program Files\Fichiers communs\Adobe
    2007-12-22 15:16 --------- d-----w C:\Documents and Settings\Compaq_Propriétaire\Application Data\temp
    2007-12-20 20:31 --------- d-----w C:\Program Files\PowerStrip
    2007-12-20 13:46 --------- d-----w C:\Program Files\EA Sports
    2007-12-18 17:06 --------- d-----w C:\Program Files\RivaTuner v2.05
    2007-12-15 06:47 --------- d--h--r C:\Documents and Settings\Compaq_Propriétaire\Application Data\SecuROM
    2007-12-15 06:31 --------- d-----w C:\Program Files\Electronic Arts
    2007-12-12 13:40 --------- d-----w C:\Program Files\Alwil Software
    2007-12-09 15:11 --------- d-----w C:\Program Files\Directx
    2007-12-09 15:03 --------- d-----w C:\Documents and Settings\Compaq_Propriétaire\Application Data\InstallShield
    2007-12-07 21:44 --------- d-----w C:\Documents and Settings\All Users\Application Data\nView_Profiles
    2007-12-07 19:04 --------- d-----w C:\Program Files\Microsoft CAPICOM 2.1.0.2
    2007-12-07 14:51 --------- d-----w C:\Program Files\Microsoft Works
    2007-12-07 14:50 --------- d-----w C:\Program Files\MSBuild
    2007-12-07 14:49 --------- d-----w C:\Program Files\Microsoft.NET
    2007-12-06 20:34 --------- d-----w C:\Program Files\PhotoFiltre Studio
    2007-12-06 20:22 --------- d-----w C:\Program Files\OpenOffice.org 2.3
    2007-12-06 20:06 --------- d-----w C:\Program Files\Lavasoft
    2007-12-06 20:06 --------- d-----w C:\Documents and Settings\All Users\Application Data\Lavasoft
    2007-12-06 20:03 --------- d-----w C:\Program Files\CCleaner
    2007-12-06 19:59 --------- d-----w C:\Program Files\Trend Micro
    2007-11-29 22:30 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
    2007-11-29 22:30 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
    2007-11-07 09:28 728,576 ----a-w C:\WINDOWS\system32\lsasrv.dll
    .

    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 11:00 15360]
    "Tok-Cirrhatus"="C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\smss.exe" [ ]
    "msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 11:34 5724184]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
    "hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 16:04 52736]
    "IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2004-08-20 22:55 155648]
    "ISUSPM Startup"="C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-06-16 13:03 221184]
    "ISUSScheduler"="C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2004-06-16 13:03 81920]
    "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2004-06-08 20:31 286720]
    "Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2004-04-14 20:43 233472]
    "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2004-09-29 20:23 4603904]
    "nwiz"="nwiz.exe" [2004-09-29 20:23 921600 C:\WINDOWS\system32\nwiz.exe]
    "VTTimer"="VTTimer.exe" []
    "SiSPower"="SiSPower.dll" [2004-09-24 09:49 49152 C:\WINDOWS\system32\SiSPower.dll]
    "AGRSMMSG"="AGRSMMSG.exe" [2004-06-29 17:06 88363 C:\WINDOWS\AGRSMMSG.exe]
    "PS2"="C:\WINDOWS\system32\ps2.exe" [2003-09-12 20:13 98304]
    "AlcxMonitor"="ALCXMNTR.EXE" [2004-09-07 20:47 57344 C:\WINDOWS\ALCXMNTR.EXE]
    "LSBWatcher"="c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe" [2004-10-14 21:54 253952]
    "Reminder"="C:\Windows\Creator\Remind_XP.exe" [2003-12-18 00:31 118784]
    "HP Software Update"="c:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2004-09-13 15:49 49152]
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2005-01-02 00:31 98304]
    "SDTray"="C:\Program Files\Spyware Doctor\SDTrayApp.exe" [2008-01-04 09:00 810576]
    "Symantec PIF AlertEng"="C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2007-03-12 10:22 517768]
    "Bron-Spizaetus"="C:\WINDOWS\ShellNew\sempalong.exe" [ ]

    C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
    D‚marrage rapide du logiciel HP Image Zone.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe [2004-11-04 19:50:52 53248]
    HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2004-11-04 19:28:24 258048]
    Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 04:44:06 29696]
    Windows Desktop Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe [2006-03-26 22:44:08 257752]

    [hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
    "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2006-03-13 13:11 233472]

    R2 Planificateur LiveUpdate automatique;Planificateur LiveUpdate automatique;"C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe" [2007-09-26 10:56]
    R3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 23:08]
    S3 ovt530;Webcam Deluxe;C:\WINDOWS\system32\Drivers\ov530vid.sys [2005-03-15 17:04]
    S3 PAC207;SoC PC-Camer@;C:\WINDOWS\system32\DRIVERS\pfc027.sys [2005-02-24 12:29]
    S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 22:58]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1e4841d0-b779-11dc-b9a2-806d6172696f}]
    \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480

    *Newly Created Service* - STI_SIMULATOR
    .
    Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
    "2008-02-03 15:00:00 C:\WINDOWS\Tasks\A0C07F6B91C3F57B.job"
    - c:\docume~1\compaq~1\applic~1\batsho~1\kind download test.exe
    "2002-12-31 23:33:31 C:\WINDOWS\Tasks\Connexion facile à Internet.job"
    - C:\Program Files\Easy Internet signup\HPSdpApp.exe
    "2008-02-01 19:00:00 C:\WINDOWS\Tasks\Norton AntiVirus - Analyser mon ordinateur - Compaq_Propriétaire.job"
    - C:\PROGRA~1\NORTON~1\NORTON~1\Navw32.exeh/task:
    .
    **************************************************************************

    catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-02-03 16:32:57
    Windows 5.1.2600 Service Pack 2 NTFS

    Balayage processus cachés ...

    Balayage caché autostart entries ...

    Balayage des fichiers cachés ...

    Scan terminé avec succès
    Les fichiers cachés: 0

    **************************************************************************
    .
    Temps d'accomplissement: 2008-02-03 16:34:50
    ComboFix-quarantined-files.txt 2008-02-03 15:34:41
    .
    2008-02-01 17:37:51 --- E O F ---
    a b 8 Sécurité
    3 Février 2008 19:16:04

    Re,

    [#ff0000]Désactive tes protections résidentes (antivirus...) ![/#f]
    Copie (Ctrl+C) le texte se situant dans le cadre ci-dessous :

    File::
    C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\smss.exe

    Registry::
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Tok-Cirrhatus"=-


    Ouvre le Bloc-Notes puis colle (Ctrl+V) le texte précedemment copié.
    Sauvegarde ce fichier sous le nom de CFScript.txt.

    Glisse maintenant le fichier CFScript.txt dans Combofix.exe comme ci-dessous :


    Cela va relancer Combofix, tape sur 1 puis valide. Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un rapport Hijackthis.
    [#ff0000]NOTE : S'il n'y a pas de rédémarrage, poste quand même les rapports demandés.[/#f]
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS