Après nettoyage avec AVG, regedit / explorer / cmd ne fonctionne pas

Hey there:

Après avoir trouvé et la suppression de près de 1200 en utilisant des menaces AVG sur mon portable que je viens de sorti après ne pas l'utiliser pendant quelques semaines, regedit et explorateur ne sont même pas dans mon système, et lorsque je tente de démarrer CMD, il ouvre à une fraction de seconde puis il se ferme. I am running Windows XP.

J'ai scanné en utilisant Hijack Ceci, et le fichier de log est ci-dessous, pourriez-vous me dire ce que je dois supprimer ou pas? Merci!

Logfile de Trend Micro HijackThis v2.0. 2
Scan sauvé à 10:14:36 PM, le 6.26.2009
Plate-forme: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 SP2 (7.00.6000.16827)
Boot mode: Normal

Running processes:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ winlogon.exe
C: \ WINDOWS \ system32 \ services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ Program Files \ Windows Defender \ MsMpEng.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ WINDOWS \ System32 \ WLTRYSVC. EXE
C: \ WINDOWS \ System32 \ bcmwltry.exe
C: \ WINDOWS \ system32 \ spoolsv.exe
C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgwdsvc.exe
C: \ Program Files \ Google \ Update \ GoogleUpdate.exe
C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgemc.exe
C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgrsx.exe
C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgnsx.exe
C: \ Program Files \ AVG \ AVG8 \ avgcsrvx.exe
C: \ Program Files \ Trend Micro \ HijackThis \ HijackThis.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ WINDOWS \ system32 \ taskmgr. exe
C: \ Program Files \ Mozilla Firefox \ firefox. exe

R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Search Bar = http://us.rd.yahoo.com/customize/ie/def ... earch.html
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://us.rd.yahoo.com/customize/ie/def ... .yahoo.com
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.yahoo.com/
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://www.yahoo.com/
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://us.rd.yahoo.com/customize/ie/def ... .yahoo.com
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Bar = http://us.rd.yahoo.com/customize/ie/def ... earch.html
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://us.rd.yahoo.com/customize/ie/def ... .yahoo.com
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.yahoo.com/
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ SearchURL, (Default) = http://us.rd.yahoo.com/customize/ie/def ... .yahoo.com
R3 - URLSearchHook: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - C: \ Program Files \ Yahoo! \ Companion \ Installs \ CPN \ yt.dll
F2 - REG: system.ini: Userinit = C: \ WINDOWS \ system32 \ userinit.exe, C: \ WINDOWS \ system32 \ BNT. exe,
O2 - BHO: & Yahoo! Toolbar Helper - (02478D38-C3F9-4efb-9B51-7695ECA05670) - C: \ Program Files \ Yahoo! \ Companion \ Installs \ CPN \ yt.dll
O2 - BHO: (no name) - (a281f94b-062c-4415-B640-72bc087a6dfa) - (no file)
O2 - BHO: (no name) - (B2BA40A2-74F0-42BD-F434-12345A2C8953) - (no file)
O3 - Toolbar: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - C: \ Program Files \ Yahoo! \ Companion \ Installs \ CPN \ yt.dll
O4 - HKLM \ .. \ Run: [Windows Defender] "C: \ Program Files \ Windows Defender \ MSASCui.exe"-hide
O4 - HKLM \ .. \ Run: [AVG8_TRAY] C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgtray.exe
O4 - HKLM \ .. \ Run: [services] C: \ WINDOWS \ services.exe
O4 - HKLM \ .. \ Run: [UserFaultCheck]% systemroot% \ system32 \ dumprep 0-u
O4 - HKCU \ .. \ Run: [Aim6] "C: \ Program Files \ AIM6 \ aim6.exe" / d locale = fr-FR ee://aol/imApp
O4 - HKCU \ .. \ Run: [DellSupport] "C: \ Program Files \ DellSupport \ DSAgnt.exe" / startup
O4 - HKCU \ .. \ Run: [SpybotSD TeaTimer] C: \ Program Files \ Spybot - Search & Destroy \ TeaTimer.exe
O4 - HKCU \ .. \ Run: [Diagnostic Manager] C: \ DOCUME ~ 1 \ Tony \ LOCALS ~ 1 \ Temp \ 2526343900.exe
O4 - HKUS \ S-1-5-21-2314250154-3321495445-745414658-1006 \ .. \ Run: [Aim6] "C: \ Program Files \ AIM6 \ aim6.exe" / d locale = fr-FR ee://aol/imApp (Utilisateur?)
O4 - HKUS \ S-1-5-21-2314250154-3321495445-745414658-1006 \ .. \ Run: [DellSupport] "C: \ Program Files \ DellSupport \ DSAgnt.exe" / startup (User? )
O4 - HKUS \ S-1-5-21-2314250154-3321495445-745414658-1006 \ .. \ Run: [SpybotSD TeaTimer] C: \ Program Files \ Spybot - Search & Destroy \ TeaTimer.exe (User?)
O4 - HKUS \ S-1-5-21-2314250154-3321495445-745414658-1006 \ .. \ Run: [Diagnostic Manager] C: \ DOCUME ~ 1 \ Tony \ LOCALS ~ 1 \ Temp \ 2526343900.exe (User? )
O4 - HKUS \ S-1-5-18 \ .. \ Run: [DWQueuedReporting] "C: \ PROGRA ~ 1 \ Common ~ 1 \ MICROS ~ 1 \ DW \ dwtrig20.exe"-t (User?)
O4 - HKUS \. DEFAULT \ .. \ Run: [DWQueuedReporting] "C: \ PROGRA ~ 1 \ Common ~ 1 \ MICROS ~ 1 \ DW \ dwtrig20.exe"-t (User utilisateur par défaut)
O4 - Global Startup: Digital Line Detect.lnk =?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C: \ Program Files \ HP \ Digital Imaging \ bin \ hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C: \ Program Files \ Microsoft Office \ Office10 \ OSA. EXE
O7 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ System, DisableRegedit = 1
O9 - Extra button: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.5.0_06 \ bin \ ssv.dll
O9 - Extra "Outils" menuitem: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.5.0_06 \ bin \ ssv. dll
O9 - Extra button: (no name) - (B205A35E-1FC4-4CE3-818B-899DBBB3388C) - C: \ Program Files \ Fichiers communs \ Microsoft Shared \ Encarta Search Bar \ ENCSBAR.DLL
O9 - Extra button: Real.com - (CD67F990-D8E9-11d2-98FE-00C0F0318AFE) - C: \ WINDOWS \ system32 \ Shdocvw.dll
O9 - Extra button: (no name) - (DFB852A3-47F8-48C4-A200-58CAB36FD2A2) - C: \ PROGRA ~ 1 \ Spybot ~ 1 \ SDHelper. dll
O9 - Extra "Outils" menuitem: Spybot - Search & Destroy Configuration - (DFB852A3-47F8-48C4-A200-58CAB36FD2A2) - C: \ PROGRA ~ 1 \ Spybot ~ 1 \ SDHelper.dll
O9 - Extra button: Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe (file missing)
O9 - Extra "Outils" menuitem: Windows Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs. exe (file missing)
O16 - DPF: (30528230-99f7-4bb4-88d8-fa1d4f56a2ab) (YInstStarter Class) - C: \ Program Files \ Yahoo! \ Common \ yinsthelper.dll
O18 - Protocol: linkscanner - (F274614C-63F8-47D5-A4D1-FBDDE494F8D1) - C: \ Program Files \ AVG \ AVG8 \ avgpp.dll
O20 - AppInit_DLLs: c: \ progra ~ 1 \ ThunMail \ testabd.dll c: \ windows \ system32 \ dusatalo.dll C: \ WINDOWS \ system32 \ jizejaho.dll c: \ windows \ system32 \ yufobata.dll
O20 - Winlogon Notify: avgrsstarter - C: \ WINDOWS \ SYSTEM32 \ avgrsstx. dll
O21 - SSODL: SSODL - (EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4) - (no file)
O22 - SharedTaskScheduler: jso8joigm409gopgmrlgd - (B2BA40A2-74F0-42BD-F434-12345A2C8953) - (no file)
O22 - SharedTaskScheduler: hasf8h3rfijfn98gf9iar - (A6C7B2A1-00F3-42BD-F434-00AABA2C8953) - (no file)
O22 - SharedTaskScheduler: STS - (EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4) - (no file)
O23 - Service: Application Layer Gateway Service (ALG) - Unknown owner - C: \ WINDOWS \ System32 \ alg. exe (file missing)
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, sro - C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, sro - C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgwdsvc.exe
O23 - Service: Service d'indexation (CiSvc) - Unknown owner - C: \ WINDOWS \ system32 \ Cisvc.exe (file missing)
O23 - Service: COM + System Application (COMSysApp) - Unknown owner - C: \ WINDOWS \ system32 \ dllhost. exe (file missing)
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - Unknown owner - C: \ WINDOWS \ System32 \ dmadmin.exe (file missing)
O23 - Service: DSBrokerService - Unknown owner - C: \ Program Files \ DellSupport \ brkrsvc.exe
O23 - Service: Fax - Unknown owner - C: \ WINDOWS \ system32 \ fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate1c9c5bd3f32ec44) (gupdate1c9c5bd3f32ec44) - Google Inc - C: \ Program files \ Google \ Update \ GoogleUpdate. exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Unknown owner - C: \ Program Files \ Fichiers communs \ InstallShield \ Driver \ 11 \ Intel 32 \ IDriverT.exe (file missing)
O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Unknown owner - C: \ WINDOWS \ system32 \ imapi.exe (file missing)
O23 - Service: iPodService - Unknown owner - C: \ Program Files \ iPod \ bin \ iPodService. exe (file missing)
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C: \ WINDOWS \ system32 \ mnmsrvc.exe (file missing)
O23 - Service: NICCONFIGSVC - Unknown owner - C: \ Program Files \ Dell \ QuickSet \ NICCONFIGSVC.exe
O23 - Service: Remote Desktop Help Session Manager (RDSessMgr) - Unknown owner - C: \ WINDOWS \ system32 \ sessmgr.exe (file missing)
O23 - Service: QoS RSVP (RSVP) - Unknown owner - C: \ WINDOWS \ system32 \ rsvp. exe (file missing)
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C: \ WINDOWS \ System32 \ scardsvr.exe (file missing)
O23 - Service: Service sopidkc (sopidkc) - Unknown owner - C: \ WINDOWS \ system32 \ sopidkc.exe (file missing)
O23 - Service: MS Software Shadow Copy Provider (SwPrv) - Unknown owner - C: \ WINDOWS \ system32 \ DLLHost.exe tombait (file missing)
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C: \ WINDOWS \ system32 \ smlogsvc. exe (file missing)
O23 - Service: Uninterruptible Power Supply (UPS) - Unknown owner - C: \ WINDOWS \ System32 \ ups.exe (file missing)
O23 - Service: Ventrilo - Unknown owner - C: \ Program Files \ VentSrv \ ventrilo_svc.exe (file missing)
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C: \ WINDOWS \ System32 \ WLTRYSVC.EXE
O23 - Service: WMI Performance Adapter (WmiApSrv) - Unknown owner - C: \ WINDOWS \ system32 \ wbem \ wmiapsrv. exe (file missing)
O23 - Service: Windows Media Player Network Sharing Service (WMPNetworkSvc) - Unknown owner - C: \ Program Files \ Windows Media Player \ wmpnetwk.exe (file missing)

--
Fin de file - 9398 bytes

Il est chargé Assurez-vous avec beaucoup de déchets.

F2 - REG: system.ini: Userinit = C: \ WINDOWS \ system32 \ userinit.exe, C: \ WINDOWS \ system32 \ ntos.exe,

O2 - BHO: (no name) - (a281f94b-062c-4415-B640-72bc087a6dfa) - (no file)

O2 - BHO: (no name) - (B2BA40A2-74F0-42BD-F434-12345A2C8953) - (no file)

O4 - HKCU \ .. \ Run: [Diagnostic Manager] C: \ DOCUME ~ 1 \ Tony \ LOCALS ~ 1 \ Temp \ 2526343900.exe

O4 - HKUS \ S-1-5-21-2314250154-3321495445-745414658-1006 \ .. \ Run: [Diagnostic Manager] C: \ DOCUME ~ 1 \ Tony \ LOCALS ~ 1 \ Temp \ 2526343900.exe (utilisateur?)

O20 - AppInit_DLLs: c: \ progra ~ 1 \ ThunMail \ testabd.dll c: \ windows \ system32 \ dusatalo.dll C: \ WINDOWS \ system32 \ jizejaho.dll c: \ windows \ system32 \ yufobata. dll

O21 - SSODL: SSODL - (EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4) - (no file)

O22 - SharedTaskScheduler: jso8joigm409gopgmrlgd - (B2BA40A2-74F0-42BD-F434-12345A2C8953) - (no file)

O22 - SharedTaskScheduler: hasf8h3rfijfn98gf9iar - (A6C7B2A1-00F3-42BD-F434-00AABA2C8953) - (no file)

O22 - SharedTaskScheduler: STS - (EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4) - (no file)

O23 - Service: Service sopidkc (sopidkc) - Unknown owner - C: \ WINDOWS \ system32 \ sopidkc. exe (file missing)

O23 - Service: Service sopidkc (sopidkc) - Unknown owner - C: \ WINDOWS \ system32 \ sopidkc.exe (file missing)

Merci Don, après la suppression de ces entrées, démarrage en mode sans échec et le fonctionnement spybot / Adaware / avg une dernière fois, tout semble être fixé. Merci!

Glad to hear it.