Laboratoire Microsoft |  CertifExpress 
 Le Forum de Réfèrence sur les Technologies Microsoft - http://www.forum-microsoft.org

Invite de commande cmd.exe ne s'ouvre plus

Modérateurs : Touhtion, Modérateurs, Modérateurs_Systèmes

Invite de commande cmd.exe ne s'ouvre plus

Message par laurentw » Mer 28 Août 2013, 15:22

Bonjour,

Depuis quelque temps, impossible de lancer l'invite de commande (cmd.exe). Elle s'ouvre et se refaire en une fraction de secondes !

J'ai essayé de copier le fichier original depuis le cd, effectué un chkdisk, contrôlé virus ou malware avec différents logiciel, rien à faire !

Le tout en Administrateur

Ci-dessous le log trouvé avec ProcMon :$

Code : Tout sélectionner
"Time of Day","Process Name","PID","Operation","Path","Result","Detail"
"14:53:02.8394828","cmd.exe","5820","Process Start","","SUCCESS","Parent PID: 2772, Command line: ""C:\WINDOWS\system32\cmd.exe"" , Current directory: C:\Documents and Settings\Administrateur, Environment:

   ALLUSERSPROFILE=C:\Documents and Settings\All Users

   APPDATA=C:\Documents and Settings\Administrateur\application data

   ClusterLog=C:\WINDOWS\Cluster\cluster.log

   CommonProgramFiles=C:\Program Files\Fichiers communs

   COMPUTERNAME=SERVEUR

   ComSpec=C:\WINDOWS\system32\cmd.exe

   FP_NO_HOST_CHECK=NO

   HOMEDRIVE=C:

   HOMEPATH=\Documents and Settings\Administrateur

   LOGONSERVER=\\SERVEUR

   NUMBER_OF_PROCESSORS=4

   OS=Windows_NT

   Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\;C:\Program Files\Microsoft Windows Small Business Server\Networking\;C:\Program Files\MySQL\MySQL Server 5.1\bin;C:\Program Files\IDM Computer Solutions\UltraEdit\

   PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH

   PROCESSOR_ARCHITECTURE=x86

   PROCESSOR_IDENTIFIER=x86 Family 6 Model 15 Stepping 11, GenuineIntel

   PROCESSOR_LEVEL=6

   PROCESSOR_REVISION=0f0b

   ProgramFiles=C:\Program Files

   SBSProgramDir=C:\Program Files\Microsoft Windows Small Business Server

   SESSIONNAME=Console

   SystemDrive=C:

   SystemRoot=C:\WINDOWS

   TEMP=C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp

   TMP=C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp

   USERDNSDOMAIN=AERO-CLUB.LOCAL

   USERDOMAIN=AERO-CLUB

   USERNAME=Administrateur

   USERPROFILE=C:\Documents and Settings\Administrateur

   windir=C:\WINDOWS

   winsbprogramdir=C:\Program Files\Windows for Small Business Server"
"14:53:02.8394859","cmd.exe","5820","Thread Create","","SUCCESS","Thread ID: 4608"
"14:53:02.8395482","cmd.exe","5820","QueryNameInformationFile","C:\WINDOWS\system32\cmd.exe","SUCCESS","Name: \WINDOWS\system32\cmd.exe"
"14:53:02.8398399","cmd.exe","5820","Load Image","C:\WINDOWS\system32\cmd.exe","SUCCESS","Image Base: 0x4ad00000, Image Size: 0x64000"
"14:53:02.8399663","cmd.exe","5820","Load Image","C:\WINDOWS\system32\ntdll.dll","SUCCESS","Image Base: 0x7c920000, Image Size: 0xc9000"
"14:53:02.8400096","cmd.exe","5820","RegOpenKey","HKLM\System\CurrentControlSet\Control\Session Manager","REPARSE",""
"14:53:02.8400311","cmd.exe","5820","RegOpenKey","HKLM\System\CurrentControlSet\Control\Session Manager","SUCCESS",""
"14:53:02.8400557","cmd.exe","5820","RegQueryValue","HKLM\System\CurrentControlSet\Control\Session Manager\CWDIllegalInDLLSearch","NAME NOT FOUND","Length: 1'024"
"14:53:02.8400693","cmd.exe","5820","RegCloseKey","HKLM\System\CurrentControlSet\Control\Session Manager","SUCCESS",""
"14:53:02.8402013","cmd.exe","5820","CreateFile","C:\Documents and Settings\Administrateur","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
"14:53:02.8402350","cmd.exe","5820","FileSystemControl","C:\Documents and Settings\Administrateur","SUCCESS","Control: FSCTL_IS_VOLUME_MOUNTED"
"14:53:02.8403636","cmd.exe","5820","QueryOpen","C:\WINDOWS\system32\cmd.exe.Local","NAME NOT FOUND",""
"14:53:02.8407080","cmd.exe","5820","Load Image","C:\WINDOWS\system32\kernel32.dll","SUCCESS","Image Base: 0x7c800000, Image Size: 0x112000"
"14:53:02.8460763","cmd.exe","5820","Load Image","C:\WINDOWS\system32\msvcrt.dll","SUCCESS","Image Base: 0x77b70000, Image Size: 0x5a000"
"14:53:02.8463100","cmd.exe","5820","Load Image","C:\WINDOWS\system32\advapi32.dll","SUCCESS","Image Base: 0x77ff0000, Image Size: 0xae000"
"14:53:02.8465539","cmd.exe","5820","Load Image","C:\WINDOWS\system32\rpcrt4.dll","SUCCESS","Image Base: 0x77c20000, Image Size: 0xa1000"
"14:53:02.8468082","cmd.exe","5820","Load Image","C:\WINDOWS\system32\secur32.dll","SUCCESS","Image Base: 0x76f00000, Image Size: 0x13000"
"14:53:02.8471264","cmd.exe","5820","Load Image","C:\WINDOWS\system32\user32.dll","SUCCESS","Image Base: 0x77f30000, Image Size: 0x91000"
"14:53:02.8473643","cmd.exe","5820","Load Image","C:\WINDOWS\system32\gdi32.dll","SUCCESS","Image Base: 0x77bd0000, Image Size: 0x49000"
"14:53:02.8476314","cmd.exe","5820","Load Image","C:\WINDOWS\system32\mpr.dll","SUCCESS","Image Base: 0x71aa0000, Image Size: 0x11000"
"14:53:02.8481552","cmd.exe","5820","QueryOpen","C:\WINDOWS\system32\shimeng.dll","SUCCESS","CreationTime: 26.06.2013 20:55:51, LastAccessTime: 28.08.2013 14:51:47, LastWriteTime: 17.02.2007 06:38:08, ChangeTime: 26.06.2013 21:34:59, AllocationSize: 49'152, EndOfFile: 48'640, FileAttributes: A"
"14:53:02.8484429","cmd.exe","5820","CreateFile","C:\WINDOWS\system32\shimeng.dll","SUCCESS","Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
"14:53:02.8489287","cmd.exe","5820","CreateFileMapping","C:\WINDOWS\system32\shimeng.dll","SUCCESS","SyncType: SyncTypeCreateSection, PageProtection: PAGE_EXECUTE"
"14:53:02.8489421","cmd.exe","5820","QueryStandardInformationFile","C:\WINDOWS\system32\shimeng.dll","SUCCESS","AllocationSize: 49'152, EndOfFile: 48'640, NumberOfLinks: 1, DeletePending: False, Directory: False"
"14:53:02.8489530","cmd.exe","5820","CreateFileMapping","C:\WINDOWS\system32\shimeng.dll","SUCCESS","SyncType: SyncTypeOther"
"14:53:02.8491798","cmd.exe","5820","CreateFileMapping","C:\WINDOWS\system32\shimeng.dll","SUCCESS","SyncType: SyncTypeOther"
"14:53:02.8492413","cmd.exe","5820","RegOpenKey","HKLM\System\CurrentControlSet\Control\SafeBoot\Option","REPARSE",""
"14:53:02.8493007","cmd.exe","5820","RegOpenKey","HKLM\System\CurrentControlSet\Control\SafeBoot\Option","NAME NOT FOUND",""
"14:53:02.8493239","cmd.exe","5820","RegOpenKey","HKLM\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers","SUCCESS",""
"14:53:02.8493862","cmd.exe","5820","RegQueryValue","HKLM\SOFTWARE\Policies\Microsoft\windows\safer\codeidentifiers\TransparentEnabled","NAME NOT FOUND","Length: 80"
"14:53:02.8494035","cmd.exe","5820","RegCloseKey","HKLM\SOFTWARE\Policies\Microsoft\windows\safer\codeidentifiers","SUCCESS",""
"14:53:02.8494283","cmd.exe","5820","RegOpenKey","HKCU\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers","NAME NOT FOUND",""
"14:53:02.8496083","cmd.exe","5820","CloseFile","C:\WINDOWS\system32\shimeng.dll","SUCCESS",""
"14:53:02.8498838","cmd.exe","5820","Load Image","C:\WINDOWS\system32\shimeng.dll","SUCCESS","Image Base: 0x719c0000, Image Size: 0x22000"
"14:53:02.8499209","cmd.exe","5820","ReadFile","C:\WINDOWS\system32\shimeng.dll","SUCCESS","Offset: 44'032, Length: 1'536, I/O Flags: Non-cached, Paging I/O, Synchronous Paging I/O"
"14:53:02.8545801","cmd.exe","5820","ReadFile","C:\WINDOWS\system32\shimeng.dll","SUCCESS","Offset: 13'312, Length: 30'208, I/O Flags: Non-cached, Paging I/O, Synchronous Paging I/O"
"14:53:02.8600244","cmd.exe","5820","ReadFile","C:\WINDOWS\system32\shimeng.dll","SUCCESS","Offset: 1'024, Length: 12'288, I/O Flags: Non-cached, Paging I/O, Synchronous Paging I/O"
"14:53:02.8605133","cmd.exe","5820","QueryOpen","C:\WINDOWS\system32\apphelp.dll","SUCCESS","CreationTime: 26.06.2013 20:57:01, LastAccessTime: 28.08.2013 14:52:57, LastWriteTime: 17.02.2007 06:49:48, ChangeTime: 27.06.2013 09:03:11, AllocationSize: 151'552, EndOfFile: 149'504, FileAttributes: A"
"14:53:02.8606215","cmd.exe","5820","CreateFile","C:\WINDOWS\system32\apphelp.dll","SUCCESS","Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
"14:53:02.8608135","cmd.exe","5820","CreateFileMapping","C:\WINDOWS\system32\apphelp.dll","SUCCESS","SyncType: SyncTypeCreateSection, PageProtection: PAGE_EXECUTE"
"14:53:02.8608288","cmd.exe","5820","CreateFileMapping","C:\WINDOWS\system32\apphelp.dll","SUCCESS","SyncType: SyncTypeOther"
"14:53:02.8609117","cmd.exe","5820","CloseFile","C:\WINDOWS\system32\apphelp.dll","SUCCESS",""
"14:53:02.8613659","cmd.exe","5820","Load Image","C:\WINDOWS\system32\apphelp.dll","SUCCESS","Image Base: 0x75e00000, Image Size: 0x27000"
"14:53:02.8615601","cmd.exe","5820","ReadFile","C:\WINDOWS\system32\shimeng.dll","SUCCESS","Offset: 43'520, Length: 512, I/O Flags: Non-cached, Paging I/O, Synchronous Paging I/O"
"14:53:02.8619159","cmd.exe","5820","RegOpenKey","HKLM\System\CurrentControlSet\Control\SafeBoot\Option","REPARSE",""
"14:53:02.8619526","cmd.exe","5820","RegOpenKey","HKLM\System\CurrentControlSet\Control\SafeBoot\Option","NAME NOT FOUND",""
"14:53:02.8619708","cmd.exe","5820","RegOpenKey","HKLM\System\CurrentControlSet\Control\Session Manager\AppCompatibility","REPARSE",""
"14:53:02.8619858","cmd.exe","5820","RegOpenKey","HKLM\System\CurrentControlSet\Control\Session Manager\AppCompatibility","NAME NOT FOUND",""
"14:53:02.8619991","cmd.exe","5820","RegOpenKey","HKLM\Software\Policies\Microsoft\Windows\AppCompat","NAME NOT FOUND",""
"14:53:02.8626265","cmd.exe","5820","CreateFile","C:\WINDOWS\AppPatch\sysmain.sdb","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
"14:53:02.8628368","cmd.exe","5820","QueryStandardInformationFile","C:\WINDOWS\AppPatch\sysmain.sdb","SUCCESS","AllocationSize: 1'368'064, EndOfFile: 1'364'226, NumberOfLinks: 1, DeletePending: False, Directory: False"
"14:53:02.8629594","cmd.exe","5820","CreateFileMapping","C:\WINDOWS\AppPatch\sysmain.sdb","SUCCESS","SyncType: SyncTypeCreateSection, PageProtection: PAGE_READONLY"
"14:53:02.8630295","cmd.exe","5820","QueryStandardInformationFile","C:\WINDOWS\AppPatch\sysmain.sdb","SUCCESS","AllocationSize: 1'368'064, EndOfFile: 1'364'226, NumberOfLinks: 1, DeletePending: False, Directory: False"
"14:53:02.8630406","cmd.exe","5820","CreateFileMapping","C:\WINDOWS\AppPatch\sysmain.sdb","SUCCESS","SyncType: SyncTypeOther"
"14:53:02.8632143","cmd.exe","5820","QueryStandardInformationFile","C:\WINDOWS\AppPatch\sysmain.sdb","SUCCESS","AllocationSize: 1'368'064, EndOfFile: 1'364'226, NumberOfLinks: 1, DeletePending: False, Directory: False"
"14:53:02.8633161","cmd.exe","5820","CreateFile","C:\WINDOWS\AppPatch\systest.sdb","NAME NOT FOUND","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a"
"14:53:02.8633832","cmd.exe","5820","RegOpenKey","HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags","NAME NOT FOUND",""
"14:53:02.8635195","cmd.exe","5820","CloseFile","C:\WINDOWS\AppPatch\sysmain.sdb","SUCCESS",""
"14:53:02.8636295","cmd.exe","5820","RegOpenKey","HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options","SUCCESS",""
"14:53:02.8636560","cmd.exe","5820","RegOpenKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DllNXOptions","SUCCESS",""
"14:53:02.8636725","cmd.exe","5820","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DllNXOptions\msvcrt.dll","NAME NOT FOUND","Length: 1'024"
"14:53:02.8638783","cmd.exe","5820","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DllNXOptions\Secur32.dll","NAME NOT FOUND","Length: 1'024"
"14:53:02.8639072","cmd.exe","5820","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DllNXOptions\RPCRT4.dll","NAME NOT FOUND","Length: 1'024"
"14:53:02.8639231","cmd.exe","5820","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DllNXOptions\ADVAPI32.dll","NAME NOT FOUND","Length: 1'024"
"14:53:02.8639462","cmd.exe","5820","RegOpenKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon","SUCCESS",""
"14:53:02.8639668","cmd.exe","5820","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\LeakTrack","NAME NOT FOUND","Length: 144"
"14:53:02.8639826","cmd.exe","5820","RegCloseKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon","SUCCESS",""
"14:53:02.8639939","cmd.exe","5820","RegOpenKey","HKLM","SUCCESS",""
"14:53:02.8640095","cmd.exe","5820","RegOpenKey","HKLM\Software\Microsoft\Windows NT\CurrentVersion\Diagnostics","NAME NOT FOUND",""
"14:53:02.8640296","cmd.exe","5820","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DllNXOptions\GDI32.dll","NAME NOT FOUND","Length: 1'024"
"14:53:02.8640481","cmd.exe","5820","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DllNXOptions\USER32.dll","NAME NOT FOUND","Length: 1'024"
"14:53:02.8641039","cmd.exe","5820","RegOpenKey","HKLM\System\CurrentControlSet\Control\Session Manager","REPARSE",""
"14:53:02.8641202","cmd.exe","5820","RegOpenKey","HKLM\System\CurrentControlSet\Control\Session Manager","SUCCESS",""
"14:53:02.8641385","cmd.exe","5820","RegQueryValue","HKLM\System\CurrentControlSet\Control\Session Manager\SafeDllSearchMode","NAME NOT FOUND","Length: 16"
"14:53:02.8641501","cmd.exe","5820","RegCloseKey","HKLM\System\CurrentControlSet\Control\Session Manager","SUCCESS",""
"14:53:02.8643200","cmd.exe","5820","QueryOpen","C:\WINDOWS\system32\imm32.dll","SUCCESS","CreationTime: 26.06.2013 20:56:41, LastAccessTime: 28.08.2013 14:52:57, LastWriteTime: 17.02.2007 06:37:42, ChangeTime: 27.06.2013 09:03:45, AllocationSize: 110'592, EndOfFile: 110'592, FileAttributes: A"
"14:53:02.8650679","cmd.exe","5820","CreateFile","C:\WINDOWS\system32\imm32.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
"14:53:02.8657373","cmd.exe","5820","CreateFileMapping","C:\WINDOWS\system32\imm32.dll","SUCCESS","SyncType: SyncTypeCreateSection, PageProtection: PAGE_EXECUTE"
"14:53:02.8657555","cmd.exe","5820","QueryStandardInformationFile","C:\WINDOWS\system32\imm32.dll","SUCCESS","AllocationSize: 110'592, EndOfFile: 110'592, NumberOfLinks: 1, DeletePending: False, Directory: False"
"14:53:02.8657734","cmd.exe","5820","CreateFileMapping","C:\WINDOWS\system32\imm32.dll","SUCCESS","SyncType: SyncTypeOther"
"14:53:02.8659360","cmd.exe","5820","CloseFile","C:\WINDOWS\system32\imm32.dll","SUCCESS",""
"14:53:02.8661240","cmd.exe","5820","QueryOpen","C:\WINDOWS\system32\imm32.dll","SUCCESS","CreationTime: 26.06.2013 20:56:41, LastAccessTime: 28.08.2013 14:53:02, LastWriteTime: 17.02.2007 06:37:42, ChangeTime: 27.06.2013 09:03:45, AllocationSize: 110'592, EndOfFile: 110'592, FileAttributes: A"
"14:53:02.8663590","cmd.exe","5820","CreateFile","C:\WINDOWS\system32\imm32.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
"14:53:02.8666225","cmd.exe","5820","CreateFileMapping","C:\WINDOWS\system32\imm32.dll","SUCCESS","SyncType: SyncTypeCreateSection, PageProtection: PAGE_EXECUTE"
"14:53:02.8666297","cmd.exe","5820","QueryStandardInformationFile","C:\WINDOWS\system32\imm32.dll","SUCCESS","AllocationSize: 110'592, EndOfFile: 110'592, NumberOfLinks: 1, DeletePending: False, Directory: False"
"14:53:02.8666396","cmd.exe","5820","CreateFileMapping","C:\WINDOWS\system32\imm32.dll","SUCCESS","SyncType: SyncTypeOther"
"14:53:02.8667913","cmd.exe","5820","CloseFile","C:\WINDOWS\system32\imm32.dll","SUCCESS",""
"14:53:02.8670080","cmd.exe","5820","QueryOpen","C:\WINDOWS\system32\imm32.dll","SUCCESS","CreationTime: 26.06.2013 20:56:41, LastAccessTime: 28.08.2013 14:53:02, LastWriteTime: 17.02.2007 06:37:42, ChangeTime: 27.06.2013 09:03:45, AllocationSize: 110'592, EndOfFile: 110'592, FileAttributes: A"
"14:53:02.8671649","cmd.exe","5820","CreateFile","C:\WINDOWS\system32\imm32.dll","SUCCESS","Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
"14:53:02.8675714","cmd.exe","5820","CreateFileMapping","C:\WINDOWS\system32\imm32.dll","SUCCESS","SyncType: SyncTypeCreateSection, PageProtection: PAGE_EXECUTE"
"14:53:02.8676041","cmd.exe","5820","CreateFileMapping","C:\WINDOWS\system32\imm32.dll","SUCCESS","SyncType: SyncTypeOther"
"14:53:02.8677734","cmd.exe","5820","CloseFile","C:\WINDOWS\system32\imm32.dll","SUCCESS",""
"14:53:02.8679652","cmd.exe","5820","Load Image","C:\WINDOWS\system32\imm32.dll","SUCCESS","Image Base: 0x76240000, Image Size: 0x1d000"
"14:53:02.8682415","cmd.exe","5820","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DllNXOptions\IMM32.DLL","NAME NOT FOUND","Length: 1'024"
"14:53:02.8684371","cmd.exe","5820","QueryOpen","C:\WINDOWS\system32\imm32.dll","SUCCESS","CreationTime: 26.06.2013 20:56:41, LastAccessTime: 28.08.2013 14:53:02, LastWriteTime: 17.02.2007 06:37:42, ChangeTime: 27.06.2013 09:03:45, AllocationSize: 110'592, EndOfFile: 110'592, FileAttributes: A"
"14:53:02.8684884","cmd.exe","5820","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DllNXOptions\ntdll.dll","NAME NOT FOUND","Length: 1'024"
"14:53:02.8685284","cmd.exe","5820","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DllNXOptions\kernel32.dll","NAME NOT FOUND","Length: 1'024"
"14:53:02.8685570","cmd.exe","5820","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DllNXOptions\MPR.dll","NAME NOT FOUND","Length: 1'024"
"14:53:02.8685722","cmd.exe","5820","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DllNXOptions\apphelp.dll","NAME NOT FOUND","Length: 1'024"
"14:53:02.8685850","cmd.exe","5820","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DllNXOptions\ShimEng.dll","NAME NOT FOUND","Length: 1'024"
"14:53:02.8687775","cmd.exe","5820","QueryOpen","C:\WINDOWS\system32\imm32.dll","SUCCESS","CreationTime: 26.06.2013 20:56:41, LastAccessTime: 28.08.2013 14:53:02, LastWriteTime: 17.02.2007 06:37:42, ChangeTime: 27.06.2013 09:03:45, AllocationSize: 110'592, EndOfFile: 110'592, FileAttributes: A"
"14:53:02.8688002","cmd.exe","5820","RegOpenKey","HKLM\System\CurrentControlSet\Control\Error Message Instrument\","REPARSE",""
"14:53:02.8688162","cmd.exe","5820","RegOpenKey","HKLM\System\CurrentControlSet\Control\Error Message Instrument","NAME NOT FOUND",""
"14:53:02.8688336","cmd.exe","5820","RegOpenKey","HKLM\Software\Microsoft\Windows NT\CurrentVersion\GRE_Initialize","SUCCESS",""
"14:53:02.8688527","cmd.exe","5820","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\GRE_Initialize\DisableMetaFiles","NAME NOT FOUND","Length: 20"
"14:53:02.8688660","cmd.exe","5820","RegCloseKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\GRE_Initialize","SUCCESS",""
"14:53:02.8689513","cmd.exe","5820","RegOpenKey","HKLM\Software\Microsoft\Windows NT\CurrentVersion\Compatibility32","SUCCESS",""
"14:53:02.8689734","cmd.exe","5820","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Compatibility32\cmd","NAME NOT FOUND","Length: 172"
"14:53:02.8689891","cmd.exe","5820","RegCloseKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Compatibility32","SUCCESS",""
"14:53:02.8690023","cmd.exe","5820","RegOpenKey","HKLM\Software\Microsoft\Windows NT\CurrentVersion\IME Compatibility","SUCCESS",""
"14:53:02.8690209","cmd.exe","5820","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IME Compatibility\cmd","NAME NOT FOUND","Length: 172"
"14:53:02.8690334","cmd.exe","5820","RegCloseKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IME Compatibility","SUCCESS",""
"14:53:02.8690876","cmd.exe","5820","RegOpenKey","HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows","SUCCESS",""
"14:53:02.8691104","cmd.exe","5820","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs","SUCCESS","Type: REG_SZ, Length: 2, Data: "
"14:53:02.8691236","cmd.exe","5820","RegCloseKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows","SUCCESS",""
"14:53:02.8691653","cmd.exe","5820","RegOpenKey","HKLM\system\CurrentControlSet\control\NetworkProvider\HwOrder","REPARSE",""
"14:53:02.8691806","cmd.exe","5820","RegOpenKey","HKLM\System\CurrentControlSet\control\NetworkProvider\HwOrder","SUCCESS",""
"14:53:02.8693223","cmd.exe","5820","RegOpenKey","HKCU","SUCCESS",""
"14:53:02.8693405","cmd.exe","5820","RegOpenKey","HKCU\Software\Policies\Microsoft\Control Panel\Desktop","NAME NOT FOUND",""
"14:53:02.8693523","cmd.exe","5820","RegOpenKey","HKCU\Control Panel\Desktop","SUCCESS",""
"14:53:02.8693684","cmd.exe","5820","RegQueryValue","HKCU\Control Panel\Desktop\MultiUILanguageId","NAME NOT FOUND","Length: 256"
"14:53:02.8693856","cmd.exe","5820","RegCloseKey","HKCU\Control Panel\Desktop","SUCCESS",""
"14:53:02.8693936","cmd.exe","5820","RegCloseKey","HKCU","SUCCESS",""
"14:53:02.8694391","cmd.exe","5820","RegOpenKey","HKCU","SUCCESS",""
"14:53:02.8694565","cmd.exe","5820","RegOpenKey","HKCU\Software\Policies\Microsoft\Windows\System","SUCCESS",""
"14:53:02.8694753","cmd.exe","5820","RegQueryValue","HKCU\Software\Policies\Microsoft\Windows\System\DisableCMD","NAME NOT FOUND","Length: 144"
"14:53:02.8694854","cmd.exe","5820","RegCloseKey","HKCU\Software\Policies\Microsoft\Windows\System","SUCCESS",""
"14:53:02.8696043","cmd.exe","5820","RegOpenKey","HKLM\Software\Microsoft\Command Processor","SUCCESS",""
"14:53:02.8696228","cmd.exe","5820","RegQueryValue","HKLM\SOFTWARE\Microsoft\Command Processor\DisableUNCCheck","NAME NOT FOUND","Length: 144"
"14:53:02.8696315","cmd.exe","5820","RegQueryValue","HKLM\SOFTWARE\Microsoft\Command Processor\EnableExtensions","NAME NOT FOUND","Length: 144"
"14:53:02.8696398","cmd.exe","5820","RegQueryValue","HKLM\SOFTWARE\Microsoft\Command Processor\DelayedExpansion","NAME NOT FOUND","Length: 144"
"14:53:02.8696485","cmd.exe","5820","RegQueryValue","HKLM\SOFTWARE\Microsoft\Command Processor\DefaultColor","NAME NOT FOUND","Length: 144"
"14:53:02.8696568","cmd.exe","5820","RegQueryValue","HKLM\SOFTWARE\Microsoft\Command Processor\CompletionChar","NAME NOT FOUND","Length: 144"
"14:53:02.8696648","cmd.exe","5820","RegQueryValue","HKLM\SOFTWARE\Microsoft\Command Processor\PathCompletionChar","NAME NOT FOUND","Length: 144"
"14:53:02.8696737","cmd.exe","5820","RegQueryValue","HKLM\SOFTWARE\Microsoft\Command Processor\AutoRun","SUCCESS","Type: REG_SZ, Length: 4, Data:  "
"14:53:02.8696897","cmd.exe","5820","RegCloseKey","HKLM\SOFTWARE\Microsoft\Command Processor","SUCCESS",""
"14:53:02.8696992","cmd.exe","5820","RegOpenKey","HKCU\Software\Microsoft\Command Processor","SUCCESS",""
"14:53:02.8697162","cmd.exe","5820","RegQueryValue","HKCU\Software\Microsoft\Command Processor\DisableUNCCheck","NAME NOT FOUND","Length: 144"
"14:53:02.8697258","cmd.exe","5820","RegQueryValue","HKCU\Software\Microsoft\Command Processor\EnableExtensions","SUCCESS","Type: REG_DWORD, Length: 4, Data: 1"
"14:53:02.8697357","cmd.exe","5820","RegQueryValue","HKCU\Software\Microsoft\Command Processor\DelayedExpansion","NAME NOT FOUND","Length: 144"
"14:53:02.8697520","cmd.exe","5820","RegQueryValue","HKCU\Software\Microsoft\Command Processor\DefaultColor","SUCCESS","Type: REG_DWORD, Length: 4, Data: 0"
"14:53:02.8697623","cmd.exe","5820","RegQueryValue","HKCU\Software\Microsoft\Command Processor\CompletionChar","SUCCESS","Type: REG_DWORD, Length: 4, Data: 9"
"14:53:02.8697712","cmd.exe","5820","RegQueryValue","HKCU\Software\Microsoft\Command Processor\PathCompletionChar","NAME NOT FOUND","Length: 144"
"14:53:02.8697803","cmd.exe","5820","RegQueryValue","HKCU\Software\Microsoft\Command Processor\AutoRun","NAME NOT FOUND","Length: 144"
"14:53:02.8697890","cmd.exe","5820","RegCloseKey","HKCU\Software\Microsoft\Command Processor","SUCCESS",""
"14:53:02.8698839","cmd.exe","5820","QueryOpen","C:\Documents and Settings\Administrateur","SUCCESS","CreationTime: 26.06.2013 16:35:26, LastAccessTime: 28.08.2013 14:53:00, LastWriteTime: 27.08.2013 22:25:17, ChangeTime: 27.08.2013 22:25:17, AllocationSize: 0, EndOfFile: 0, FileAttributes: D"
"14:53:02.8699131","cmd.exe","5820","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
"14:53:02.8699321","cmd.exe","5820","QueryDirectory","C:\Documents and Settings","SUCCESS","Filter: Documents and Settings, 1: Documents and Settings"
"14:53:02.8699711","cmd.exe","5820","CloseFile","C:\","SUCCESS",""
"14:53:02.8700424","cmd.exe","5820","CreateFile","C:\Documents and Settings","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
"14:53:02.8700788","cmd.exe","5820","QueryDirectory","C:\Documents and Settings\Administrateur","SUCCESS","Filter: Administrateur, 1: Administrateur"
"14:53:02.8701008","cmd.exe","5820","CloseFile","C:\Documents and Settings","SUCCESS",""
"14:53:02.8701798","cmd.exe","5820","QueryOpen","C:\Documents and Settings\Administrateur","SUCCESS","CreationTime: 26.06.2013 16:35:26, LastAccessTime: 28.08.2013 14:53:00, LastWriteTime: 27.08.2013 22:25:17, ChangeTime: 27.08.2013 22:25:17, AllocationSize: 0, EndOfFile: 0, FileAttributes: D"
"14:53:02.8702462","cmd.exe","5820","RegOpenKey","HKLM\System\CurrentControlSet\Control\Nls\Locale","REPARSE",""
"14:53:02.8702613","cmd.exe","5820","RegOpenKey","HKLM\System\CurrentControlSet\Control\Nls\Locale","SUCCESS",""
"14:53:02.8702779","cmd.exe","5820","RegOpenKey","HKLM\System\CurrentControlSet\Control\Nls\Locale\Alternate Sorts","REPARSE",""
"14:53:02.8703094","cmd.exe","5820","RegOpenKey","HKLM\System\CurrentControlSet\Control\Nls\Locale\Alternate Sorts","SUCCESS",""
"14:53:02.8703252","cmd.exe","5820","RegOpenKey","HKLM\System\CurrentControlSet\Control\Nls\Language Groups","REPARSE",""
"14:53:02.8703368","cmd.exe","5820","RegOpenKey","HKLM\System\CurrentControlSet\Control\Nls\Language Groups","SUCCESS",""
"14:53:02.8703566","cmd.exe","5820","RegQueryValue","HKLM\System\CurrentControlSet\Control\Nls\Locale\0000100C","SUCCESS","Type: REG_SZ, Length: 4, Data: 1"
"14:53:02.8703758","cmd.exe","5820","RegQueryValue","HKLM\System\CurrentControlSet\Control\Nls\Language Groups\1","SUCCESS","Type: REG_SZ, Length: 4, Data: 1"
"14:53:02.8804857","cmd.exe","5820","RegOpenKey","HKLM\Software\Microsoft\Windows NT\CurrentVersion\GRE_Initialize","SUCCESS",""
"14:53:02.8805266","cmd.exe","5820","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\GRE_Initialize\DisableMetaFiles","NAME NOT FOUND","Length: 20"
"14:53:02.8805390","cmd.exe","5820","RegCloseKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\GRE_Initialize","SUCCESS",""
"14:53:02.8806354","cmd.exe","5820","Thread Exit","","SUCCESS","Thread ID: 4608, User Time: 0.0000000, Kernel Time: 0.0312500"
"14:53:02.8816444","cmd.exe","5820","Process Exit","","SUCCESS","Exit Status: 0, User Time: 0.0000000 seconds, Kernel Time: 0.0312500 seconds, Private Bytes: 1'490'944, Peak Private Bytes: 1'568'768, Working Set: 1'769'472, Peak Working Set: 1'773'568"
"14:53:02.8816617","cmd.exe","5820","CloseFile","C:\Documents and Settings\Administrateur","SUCCESS",""
"14:53:02.8816928","cmd.exe","5820","RegCloseKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DllNXOptions","SUCCESS",""
"14:53:02.8817117","cmd.exe","5820","RegCloseKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options","SUCCESS",""
"14:53:02.8817219","cmd.exe","5820","RegCloseKey","HKLM","SUCCESS",""
"14:53:02.8817428","cmd.exe","5820","RegCloseKey","HKLM\System\CurrentControlSet\Control\NetworkProvider\HwOrder","SUCCESS",""
"14:53:02.8817538","cmd.exe","5820","RegCloseKey","HKCU","SUCCESS",""
"14:53:02.8817642","cmd.exe","5820","RegCloseKey","HKLM\System\CurrentControlSet\Control\Nls\Locale","SUCCESS",""
"14:53:02.8817749","cmd.exe","5820","RegCloseKey","HKLM\System\CurrentControlSet\Control\Nls\Locale\Alternate Sorts","SUCCESS",""
"14:53:02.8817847","cmd.exe","5820","RegCloseKey","HKLM\System\CurrentControlSet\Control\Nls\Language Groups","SUCCESS",""



Merci pour votre aide, je n'arrive même plus à exécuter les tâches planifiée qui sont cruciales pour moi.
laurentw
N00b
N00b
 
Message(s) : 2
Inscription : Mer 28 Août 2013, 14:58

Re: Invite de commande cmd.exe ne s'ouvre plus

Message par magnancc51 » Jeu 29 Août 2013, 12:20

Bonjour,

A tout hasard, as tu passé un soft du genre CCleaner ?
MCSA 2000/2003 Messagerie - MCSE 2000/2003 - MCITP Enterprise Administrator - MCTS Exchange 2010 - MCSA 2008/2012
Avatar de l’utilisateur
magnancc51
Keyboard Master
Keyboard Master
 
Message(s) : 5801
Inscription : Jeu 14 Oct 2004, 14:00
Localisation : Aix en Provence

Re: Invite de commande cmd.exe ne s'ouvre plus

Message par laurentw » Jeu 29 Août 2013, 14:34

Hello, oui, j'ai passé CCleaner.
J'ai aussi essayé de désinstaller les dernières mises à jour de sécurité ; désinstallé puis réinstallé le SP2.

Rien à faire !

Je pense malheureusement que je vais devoir tout réinstaller. Je profiterai peut-être pour passer à une nouvelle version (2008 ou 2011).
laurentw
N00b
N00b
 
Message(s) : 2
Inscription : Mer 28 Août 2013, 14:58

Re: Invite de commande cmd.exe ne s'ouvre plus

Message par magnancc51 » Jeu 29 Août 2013, 15:25

laurentw a écrit :Hello, oui, j'ai passé CCleaner.
J'ai aussi essayé de désinstaller les dernières mises à jour de sécurité ; désinstallé puis réinstallé le SP2.

Rien à faire !

Je pense malheureusement que je vais devoir tout réinstaller. Je profiterai peut-être pour passer à une nouvelle version (2008 ou 2011).


Oui voilà, tu as trouvé la cause et la solution :roll:
MCSA 2000/2003 Messagerie - MCSE 2000/2003 - MCITP Enterprise Administrator - MCTS Exchange 2010 - MCSA 2008/2012
Avatar de l’utilisateur
magnancc51
Keyboard Master
Keyboard Master
 
Message(s) : 5801
Inscription : Jeu 14 Oct 2004, 14:00
Localisation : Aix en Provence


Retour vers SBS 2003

Qui est en ligne ?

Utilisateur(s) parcourant ce forum : Aucun utilisateur inscrit et 2 invité(s)



Accueil | News | Articles | Tips | Outils | Certification | Easters Eggs
Essentiels | Glossaire | Vidos | Whitepapers | Essentiels | Bote Scripts
Conditions d'utilisation & Copyright | Respect de la vie prive