76lilly76
-
Compteur de contenus
117 -
Inscription
-
Dernière visite
-
Jours gagnés
1
Type de contenu
Profils
Forums
Blogs
Tout ce qui a été posté par 76lilly76
-
Bien le bonjour à tous, Voilà les symptômes : -Impossible d'ouvrir les fichiers pdf via internet : Windows détecte de faux positifs... -Impossible de lancer Eset Online Scanner : Faux positif -Impossible de lancer un scan Avira -Et impossible d'ouvrir le centre de sécurité Windows... Au secours !!! D'avance merci et bonne journée ! A.
-
[Résolu] Impossible de démarrer le centre de sécurité
76lilly76 a répondu à un(e) sujet de 76lilly76 dans Analyses et éradication malwares
Ok ! Un grand grand merci pour cet aide précieuse ! Je vous souhaite une excellente journée... -
[Résolu] Impossible de démarrer le centre de sécurité
76lilly76 a répondu à un(e) sujet de 76lilly76 dans Analyses et éradication malwares
Bonsoir ! Impossible d'installer Anti-PUPS... Voilà le message que j'obtiens : "Impossible de se connecter au site Malekal... Veuillez tenter l'installation ultérieurement"... -
[Résolu] Impossible de démarrer le centre de sécurité
76lilly76 a répondu à un(e) sujet de 76lilly76 dans Analyses et éradication malwares
Et bien, j'ai réussi à relancer le centre de sécurité Windows ! -
[Résolu] Impossible de démarrer le centre de sécurité
76lilly76 a répondu à un(e) sujet de 76lilly76 dans Analyses et éradication malwares
Log Opened: 2013-08-09 @ 22:38:32 22:38:32 - ----------------- 22:38:32 - | Begin Logging | 22:38:32 - ----------------- 22:38:32 - Fix started on a WIN_7 X64 computer 22:38:32 - Prep in progress. Please Wait. 22:38:33 - Prep complete 22:38:33 - Repairing Services Now. Please wait... INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore. INFORMATION: Input file for restore operation opened: '.\Win7\BFE.sddl' INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\Persistent\SubLayer> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\Persistent\Provider> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\Persistent\Filter> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\Persistent> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\BootTime\Filter> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\BootTime> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE> SetACL finished successfully. INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore. INFORMATION: Input file for restore operation opened: '.\Win7\BITS.sddl' INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS\Security> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS\Performance> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS\Parameters> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS> SetACL finished successfully. INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore. INFORMATION: Input file for restore operation opened: '.\Win7\iphlpsvc.sddl' INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Teredo> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\Teredo\{FA88062C-9A61-4C1E-AC45-7143F8F01AAD}> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\Teredo> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\Isatap\{8AD2FB26-F91E-44F1-9B24-3C0AE56C9CE0}> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\Isatap> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\IPHTTPS> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Interfaces> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\config> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc> SetACL finished successfully. INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore. INFORMATION: Input file for restore operation opened: '.\Win7\MpsSvc.sddl' INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Security> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\Teredo> ERROR: Writing SD to <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\Teredo> failed with: Le fichier spécifié est introuvable. INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\RPC-EPMap> ERROR: Writing SD to <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\RPC-EPMap> failed with: Le fichier spécifié est introuvable. INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\IPTLSOut> ERROR: Writing SD to <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\IPTLSOut> failed with: Le fichier spécifié est introuvable. INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\IPTLSIn> ERROR: Writing SD to <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\IPTLSIn> failed with: Le fichier spécifié est introuvable. INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\DHCP> ERROR: Writing SD to <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\DHCP> failed with: Le fichier spécifié est introuvable. INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc> SetACL finished successfully. INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore. INFORMATION: Input file for restore operation opened: '.\Win7\SharedAccess.sddl' INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\Logging> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Static\System> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Static> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Configurable\System> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Configurable> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\Logging> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\GloballyOpenPorts> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\AuthorizedApplications> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\Logging> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Epoch2> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Epoch> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\StandardProfile\Logging> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\StandardProfile> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\PublicProfile\Logging> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\PublicProfile> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\FirewallRules> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\DomainProfile\Logging> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\DomainProfile> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess> SetACL finished successfully. INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore. INFORMATION: Input file for restore operation opened: '.\Win7\WinDefend.sddl' INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend\TriggerInfo\0> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend\TriggerInfo> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend\Security> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend\Parameters> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend> SetACL finished successfully. INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore. INFORMATION: Input file for restore operation opened: '.\Win7\wscsvc.sddl' INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wscsvc\Security> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wscsvc\Parameters> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wscsvc> SetACL finished successfully. INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore. INFORMATION: Input file for restore operation opened: '.\Win7\wuauserv.sddl' INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wuauserv\Security> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wuauserv\Parameters> INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wuauserv> SetACL finished successfully. 22:38:35 - Services Repair Complete. 22:38:40 - Reboot Initiated -
[Résolu] Impossible de démarrer le centre de sécurité
76lilly76 a répondu à un(e) sujet de 76lilly76 dans Analyses et éradication malwares
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 08-08-2013 02 Ran by Aurélie at 2013-08-09 20:04:27 Run:1 Running from C:\Users\Aurélie\Desktop Boot Mode: Normal ============================================== HKLM\Software\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InprocServer32\\Default => Value was restored successfully. "C:\Windows\Program Files\Windows Defender" => Not Found "C:\Windows\Program Files\Microsoft Security Client" => Not Found ==== End of Fixlog ==== -
[Résolu] Impossible de démarrer le centre de sécurité
76lilly76 a répondu à un(e) sujet de 76lilly76 dans Analyses et éradication malwares
C'est le lien cijoint en toute première ligne. Il me paraissait un peu gros pour être posté ici... -
[Résolu] Impossible de démarrer le centre de sécurité
76lilly76 a répondu à un(e) sujet de 76lilly76 dans Analyses et éradication malwares
© CJoint.com, 2012 Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-08-2013 02 Ran by Aurélie at 2013-08-09 19:04:16 Running from C:\Users\Aurélie\Desktop Boot Mode: Normal ========================================================== ==================== Installed Programs ======================= adcom 802.11 Wireless LAN Adapter (Version: 5.60.48.61) Adobe After Effects CS3 (x32 Version: Adobe After Effects CS3 Presets (x32 Version: Adobe AIR (x32 Version: 3.8.0.870) Adobe Anchor Service CS3 (x32 Version: 1.0) Adobe Asset Services CS3 (x32 Version: 3) Adobe Bridge CS3 (x32 Version: 2) Adobe Bridge Start Meeting (x32 Version: 1.0) Adobe BridgeTalk Plugin CS3 (x32 Version: 1.0) Adobe Camera Raw 4.0 (x32 Version: 4.0) Adobe CMaps (x32 Version: 1.0) Adobe Color - Photoshop Specific (x32 Version: 1.0) Adobe Color Common Settings (x32 Version: 1.0.1) Adobe Color EU Recommended Settings (x32 Version: 1.0) Adobe Color JA Extra Settings (x32 Version: 1.0) Adobe Color NA Extra Settings (x32 Version: 1.0) Adobe Default Language CS3 (x32 Version: 1.0) Adobe Device Central CS3 (x32 Version: 1.0) Adobe Dreamweaver CS3 (x32 Version: 9) Adobe ExtendScript Toolkit 2 (x32 Version: 2.0.2) Adobe Extension Manager CS3 (x32 Version: 1. Adobe Fireworks CS3 (x32 Version: 9.0) Adobe Flash CS3 (x32 Version: 9.0) Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.94) Adobe Flash Player 11 Plugin (x32 Version: 11.7.700.224) Adobe Flash Video Encoder (x32 Version: 2.0) Adobe Fonts All (x32 Version: 1.0) Adobe Help Viewer CS3 (x32 Version: 1) Adobe Illustrator CS3 (x32 Version: 13.0) Adobe InDesign CS3 (x32 Version: 5.0) Adobe InDesign CS3 Icon Handler (x32 Version: 5.0) Adobe Linguistics CS3 (x32 Version: 3.0.0) Adobe MotionPicture Color Files (x32 Version: 1.0) Adobe PDF Library Files (x32 Version: 8.0) Adobe Photoshop CS3 (x32 Version: 10) Adobe Premiere Pro CS3 (x32 Version: 3) Adobe Premiere Pro CS3 Functional Content (x32 Version: Adobe Premiere Pro CS3 Third Party Content (x32 Version: 3) Adobe Reader X (10.1.7) MUI (x32 Version: 10.1.7) Adobe Setup (x32 Version: 1.0) Adobe Shockwave Player 11.6 (x32 Version: 11.6.5.635) Adobe SING CS3 (x32 Version: 0.1) Adobe Soundbooth CS3 (x32 Version: 1) Adobe Soundbooth CS3 Codecs (x32 Version: 3) Adobe Stock Photos CS3 (x32 Version: 1.5) Adobe Type Support (x32 Version: 1.0) Adobe Update Manager CS3 (x32 Version: 5.1.0) Adobe Version Cue CS3 Client (x32 Version: 3) Adobe Video Profiles (x32 Version: 1.0) Adobe WAS CS3 (x32 Version: 1.0) Adobe WinSoft Linguistics Plugin (x32 Version: 1.0) Adobe XMP DVA Panels CS3 (x32 Version: 1.0) Adobe XMP Panels CS3 (x32 Version: 1.0) AHV content for Acrobat and Flash (x32 Version: 1) Ajouter ou supprimer Adobe Creative Suite 3 Master Collection (x32 Version: 1.0) AMD APP SDK Runtime (Version: 2.4.650.9) AMD Fuel (Version: 2011.0705.1115.18310) AMD Steady Video Plug-In (Version: 1.00.0000) AMD System Monitor (x32 Version: 1.0.5) AMD VISION Engine Control Center (x32 Version: 2011.0705.1115.18310) Apple Application Support (x32 Version: 2.3.4) Apple Mobile Device Support (Version: 6.1.0.13) Apple Software Update (x32 Version: 2.1.3.127) Assistance Livebox (x32 Version: 1.3.1.0) ATI Catalyst Install Manager (Version: 3.0.829.0) Audacity 2.0.2 (x32 Version: 2.0.2) Avira Free Antivirus (x32 Version: 13.0.0.3884) Blasterball 3 (x32 Version: 2.2.0.95) Bonjour (Version: 3.0.0.10) Broadcom 2070 Bluetooth 3.0 (Version: 6.3.0.6300) Catalyst Control Center - Branding (x32 Version: 1.00.0000) Catalyst Control Center Graphics Previews Common (x32 Version: 2011.0705.1115.18310) Catalyst Control Center InstallProxy (x32 Version: 2011.0705.1115.18310) Catalyst Control Center Localization All (x32 Version: 2011.0705.1115.18310) CCC Help Chinese Standard (x32 Version: 2011.0705.1114.18310) CCC Help Chinese Traditional (x32 Version: 2011.0705.1114.18310) CCC Help Czech (x32 Version: 2011.0705.1114.18310) CCC Help Danish (x32 Version: 2011.0705.1114.18310) CCC Help Dutch (x32 Version: 2011.0705.1114.18310) CCC Help English (x32 Version: 2011.0705.1114.18310) CCC Help Finnish (x32 Version: 2011.0705.1114.18310) CCC Help French (x32 Version: 2011.0705.1114.18310) CCC Help German (x32 Version: 2011.0705.1114.18310) CCC Help Greek (x32 Version: 2011.0705.1114.18310) CCC Help Hungarian (x32 Version: 2011.0705.1114.18310) CCC Help Italian (x32 Version: 2011.0705.1114.18310) CCC Help Japanese (x32 Version: 2011.0705.1114.18310) CCC Help Korean (x32 Version: 2011.0705.1114.18310) CCC Help Norwegian (x32 Version: 2011.0705.1114.18310) CCC Help Polish (x32 Version: 2011.0705.1114.18310) CCC Help Portuguese (x32 Version: 2011.0705.1114.18310) CCC Help Russian (x32 Version: 2011.0705.1114.18310) CCC Help Spanish (x32 Version: 2011.0705.1114.18310) CCC Help Swedish (x32 Version: 2011.0705.1114.18310) CCC Help Thai (x32 Version: 2011.0705.1114.18310) CCC Help Turkish (x32 Version: 2011.0705.1114.18310) ccc-utility64 (Version: 2011.0705.1115.18310) CCleaner (Version: 4.04) Contrôle ActiveX Windows Live Mesh pour connexions à distance (x32 Version: 15.4.5722.2) CyberLink YouCam (x32 Version: 3.5.3.5120) D3DX10 (x32 Version: 15.4.2368.0902) Default (x32 Version: 12.06) Désinstaller l'imprimante EPSON SX420W Series EMF Plug-In (Version: 1.0.2) eMule (x32) Energy Star Digital Logo (x32 Version: 1.0.1) EPSON Scan (x32) ESU for Microsoft Windows 7 (x32 Version: 1.0.0) Evernote v. 4.2.2 (x32 Version: 4.2.2.3979) Farm Frenzy (x32 Version: 2.2.0.95) FATE (x32 Version: 2.2.0.95) Fishdom (x32 Version: 2.2.0.95) FrameFox Extensions 1.0.5.0 (x32 Version: 1.0.5.0) Free Mp3 Wma Converter V 2.2 (x32 Version: 2.2.0.0) Galerie de photos Windows Live (x32 Version: 15.4.3502.0922) Google SketchUp 8 (x32 Version: 3.0.14354) Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000) HP 3D DriveGuard (Version: 4.1.9.1) HP Auto (Version: 1.0.12935.3667) HP Client Services (Version: 1.1.12938.3539) HP Connection Manager (x32 Version: 4.1.22.1) HP Customer Experience Enhancements (x32 Version: 6.0.1.7) HP Documentation (x32 Version: 1.2.0.0) HP DVB-T TV Tuner 8.0.64.43 (x32 Version: 8.0.64.43) HP Games (x32 Version: 1.0.2.4) HP On Screen Display (x32 Version: 1.1.2) HP Power Manager (x32 Version: 1.2.1) HP Product Detection (x32 Version: 11.15.0009) HP Quick Launch (x32 Version: 2.3.6) HP Setup (x32 Version: 8.6.4530.3651) HP Setup Manager (x32 Version: 1.1.13253.3682) HP Software Framework (x32 Version: 4.1.13.1) HP Support Assistant (x32 Version: 7.0.39.15) IDT Audio (x32 Version: 1.0.6329.0) iTunes (Version: 11.0.4.4) Java 7 Update 5 (64-bit) (Version: 7.0.50) Java 7 Update 5 (x32 Version: 7.0.50) JavaFX 2.1.1 (x32 Version: 2.1.1) Jewel Quest Solitaire (x32 Version: 2.2.0.95) Junk Mail filter update (x32 Version: 15.4.3502.0922) La boite a couleurs version 1.6.15 (x32) LAME v3.99.3 (for Windows) (x32) LibreOffice 3.6 (x32 Version: 3.6.5.2) Magic Desktop (x32 Version: 3.0) Mah Jong Medley (x32 Version: 2.2.0.95) Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300) Mesh Runtime (x32 Version: 15.4.5722.2) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319) Microsoft .NET Framework 4 Extended (Version: 4.0.30319) Microsoft Application Error Reporting (Version: 12.0.6015.5000) Microsoft Silverlight (Version: 5.1.20513.0) Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001) Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192) Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (x32 Version: 9.0.21022.218) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219) Mozilla Firefox 18.0.2 (x86 fr) (x32 Version: 18.0.2) Mozilla Maintenance Service (x32 Version: 18.0.2) MSVCRT (x32 Version: 15.4.2862.0708) MSVCRT_amd64 (x32 Version: 15.4.2862.0708) msvcrt_installer (x32 Version: 1.0.0) MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0) MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0) Namco All-Stars PAC-MAN (x32 Version: 2.2.0.95) NavDesk 7.50 (x32 Version: 7.50.0106.118) Orange update (x32 Version: 2.0.8.0) Pazera Free MP4 to AVI Converter 1.7 (x32 Version: 1.7) PDF Settings (x32 Version: 1.0) PDFCreator (x32 Version: 1.2.3) Penguins! (x32 Version: 2.2.0.95) Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95) ProtectDisc Driver, Version 11 (x32 Version: 11.0.0.14) QuickTime (x32 Version: 7.74.80.86) Realtek Ethernet Controller Driver (x32 Version: 7.41.216.2011) Realtek PCIE Card Reader (x32 Version: 6.1.7600.80) Recovery Manager (x32 Version: 2.0.0) Secunia PSI (3.0.0.2004) (x32 Version: 3.0.0.2004) Skype™ 6.3 (x32 Version: 6.3.107) Slingo Deluxe (x32 Version: 2.2.0.95) Spotify (HKCU Version: 0.9.0.133.gd18ed589) swMSM (x32 Version: 12.0.0.1) Synaptics TouchPad Driver (Version: 15.3.29.0) Synthesia (remove only) (x32) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1) Update Installer for WildTangent Games App (x32) Virtual Villagers - The Secret City (x32 Version: 2.2.0.95) WildTangent Games App (HP Games) (x32 Version: 4.0.10.16) Windows Live (x32 Version: 15.4.3502.0922) Windows Live (x32 Version: 15.4.3555.0308) Windows Live Communications Platform (x32 Version: 15.4.3502.0922) Windows Live Essentials (x32 Version: 15.4.3502.0922) Windows Live ID Sign-in Assistant (Version: 7.250.4232.0) Windows Live Installer (x32 Version: 15.4.3502.0922) Windows Live Language Selector (Version: 15.4.3555.0308) Windows Live Mail (x32 Version: 15.4.3502.0922) Windows Live Mesh (x32 Version: 15.4.3502.0922) Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2) Windows Live Messenger (x32 Version: 15.4.3502.0922) Windows Live Messenger (x32 Version: 15.4.3538.0513) Windows Live MIME IFilter (Version: 15.4.3502.0922) Windows Live Movie Maker (x32 Version: 15.4.3502.0922) Windows Live Photo Common (x32 Version: 15.4.3502.0922) Windows Live Photo Gallery (x32 Version: 15.4.3502.0922) Windows Live PIMT Platform (x32 Version: 15.4.3508.1109) Windows Live Remote Client (Version: 15.4.5722.2) Windows Live Remote Client Resources (Version: 15.4.5722.2) Windows Live Remote Service (Version: 15.4.5722.2) Windows Live Remote Service Resources (Version: 15.4.5722.2) Windows Live SOXE (x32 Version: 15.4.3502.0922) Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922) Windows Live UX Platform (x32 Version: 15.4.3502.0922) Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109) Windows Live Writer (x32 Version: 15.4.3502.0922) Windows Live Writer Resources (x32 Version: 15.4.3502.0922) Windows Movie Maker 2.6 (x32 Version: 2.6.4037.0) WinPcap 4.1.2 (x32 Version: 4.1.0.2001) WinRAR 4.10 (32-bit) (x32 Version: 4.10.0) ZHPDiag 2013 (x32 Version: 2013) Zuma Deluxe (x32 Version: 2.2.0.95) ==================== Restore Points ========================= 17-07-2013 14:35:30 Point de contrôle planifié 25-07-2013 09:19:08 Point de contrôle planifié 03-08-2013 07:11:15 Point de contrôle planifié 08-08-2013 14:13:07 Windows Update 09-08-2013 16:13:20 P ==================== Hosts content: ========================== 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {0D887F0A-4AC1-44B8-887A-224F0219C143} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-03-20] (CyberLink) Task: {1721465C-309A-449F-904C-7671472E6831} - System32\Tasks\{F6D8BA0E-4C7E-4ED3-A937-B88A3773028B} => C:\Program Files (x86)\Movie Maker 2.6\MOVIEMK.exe [2007-03-30] (Microsoft Corporation) Task: {1F13E6E3-9DB7-4063-ABA9-7D513FE3CB9B} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task Task: {2CCB0A02-E405-497F-8B07-E5968C4B2D2B} - System32\Tasks\ServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2011-01-31] () Task: {4E11D43C-1757-4D71-B866-E4DA07BC78BF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-04-01] (Hewlett-Packard Company) Task: {5F608F0D-7482-4538-BE1E-E55BC67358B5} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {617D296B-4014-41F9-8A1D-563F063D93D2} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe [2010-11-21] (Microsoft Corporation) Task: {6682C961-738F-4E9E-94F1-3AF5B6598869} - System32\Tasks\BrowserDefendert => C:\Windows\system32\sc.exe [2009-07-14] (Microsoft Corporation) Task: {68985C07-5230-407C-B85E-D64704DFF812} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2010-11-21] (Microsoft Corporation) Task: {8660FA58-3728-4BD8-8832-4A3A5AA9EAA9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company) Task: {870E69D7-DBBB-4FF4-ADF1-FE9D250D4004} - System32\Tasks\{9B2B9758-B1D0-4AC6-9873-20C228F28F27} => C:\Program Files (x86)\Movie Maker 2.6\MOVIEMK.exe [2007-03-30] (Microsoft Corporation) Task: {89E4D111-93BD-4FBE-9FE0-9B6D7E5C1593} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company) Task: {B1E6F19B-4B2E-4554-8E3B-EE35D6F1DFBE} - System32\Tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor => C:\Windows\system32\sdclt.exe [2010-11-21] (Microsoft Corporation) Task: {BDF42FF2-F74B-4C1A-AB11-91CF8591ACC2} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => C:\Windows\system32\rundll32.exe [2009-07-14] (Microsoft Corporation) Task: {BED2D745-F383-4890-AB25-F5E8916FEEA9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-07-22] (Piriform Ltd) Task: {CD7589E9-DBD6-4772-A66C-4495C1913472} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-26] (Adobe Systems Incorporated) Task: {D5A9DAA6-AA70-4EEB-953F-84AEAE6D1919} - System32\Tasks\AssistanceLivebox => C:\Program Files (x86)\Orange\Assistance Livebox\AssistanceLivebox.exe [2013-01-23] (Orange) Task: {E0E37041-9E73-453B-96EF-8C9F514CE2E8} - System32\Tasks\User_Feed_Synchronization-{B62688F3-8EC2-40E0-B0D7-D4647BED7932} => C:\Windows\system32\msfeedssync.exe [2011-08-21] (Microsoft Corporation) Task: {F3898E3E-ED5A-4FD0-8E01-2E77F30B50CE} - System32\Tasks\HPCeeScheduleForAurélie => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13] (Hewlett-Packard) Task: {FF3DDF98-929B-4F27-9E54-E79974DD5739} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-23] (Microsoft Corporation) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\HPCeeScheduleForAurélie.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (08/09/2013 06:23:03 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/09/2013 06:21:45 PM) (Source: ATIeRecord) (User: ) Description: ATI EEU failed to post message to CCC Error: (08/09/2013 06:21:45 PM) (Source: ATIeRecord) (User: ) Description: ATI EEU failed to post message to CCC Error: (08/09/2013 06:21:45 PM) (Source: ATIeRecord) (User: ) Description: ATI EEU failed to post message to CCC Error: (08/09/2013 06:21:45 PM) (Source: ATIeRecord) (User: ) Description: ATI EEU failed to post message to CCC System errors: ============= Error: (08/09/2013 06:23:01 PM) (Source: Service Control Manager) (User: ) Description: Le service Explorateur d’ordinateurs s’est arrêté avec l’erreur : %%1060 Error: (08/09/2013 06:22:58 PM) (Source: Service Control Manager) (User: ) Description: Le service Agent de stratégie IPsec dépend du service suivant : BFE. Ce dernier n’est peut-être pas installé. Error: (08/09/2013 06:22:58 PM) (Source: Service Control Manager) (User: ) Description: Le service Modules de génération de clés IKE et AuthIP dépend du service suivant : BFE. Ce dernier n’est peut-être pas installé. Error: (08/09/2013 06:21:48 PM) (Source: DCOM) (User: ) Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} Microsoft Office Sessions: ========================= Error: (08/09/2013 06:23:03 PM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/09/2013 06:21:45 PM) (Source: ATIeRecord)(User: ) Description: Error: (08/09/2013 06:21:45 PM) (Source: ATIeRecord)(User: ) Description: Error: (08/09/2013 06:21:45 PM) (Source: ATIeRecord)(User: ) Description: Error: (08/09/2013 06:21:45 PM) (Source: ATIeRecord)(User: ) Description: CodeIntegrity Errors: =================================== Date: 2012-07-04 21:16:56.612 Description: Windows ne peut pas vérifier l’intégrité d’image du fichier \Device\HarddiskVolume2\Users\AURLIE~1\AppData\Local\Temp\mbr.sys, car le fichier à hacher est introuvable sur le système. Une modification matérielle ou logicielle récente a peut-être installé un fichier incorrectement signé ou endommagé ou il s’agit éventuellement d’un logiciel malveillant d’une source inconnue. Date: 2012-07-04 21:16:56.592 Description: Windows ne peut pas vérifier l’intégrité d’image du fichier \Device\HarddiskVolume2\Users\AURLIE~1\AppData\Local\Temp\mbr.sys, car le fichier à hacher est introuvable sur le système. Une modification matérielle ou logicielle récente a peut-être installé un fichier incorrectement signé ou endommagé ou il s’agit éventuellement d’un logiciel malveillant d’une source inconnue. Date: 2012-02-03 21:10:33.688 Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier \Device\HarddiskVolume2\Program Files\Common Files\ATI Technologies\Multimedia\AMDMFTDecoder_64.dll car le jeu de hachages d’images par page n’a pas été trouvé sur le système. ==================== Memory info =========================== Percentage of memory in use: 29% Total physical RAM: 5610.9 MB Available physical RAM: 3977.39 MB Total Pagefile: 11219.99 MB Available Pagefile: 9217.46 MB Total Virtual: 8192 MB Available Virtual: 8191.81 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:683.31 GB) (Free:581.4 GB) NTFS (Disk=0 Partition=2) ==>[system with boot components (obtained from reading drive)] Drive d: (RECOVERY) (Fixed) (Total:15.03 GB) (Free:1.64 GB) NTFS (Disk=0 Partition=3) ==>[system with boot components (obtained from reading drive)] Drive g: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32 (Disk=0 Partition=4) ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or (Size: 699 GB) (Disk ID: 5FCF8E7A) Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=683 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=15 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=103 MB) - (Type=0C) ==================== End Of Log ============================ -
[Résolu] Impossible de démarrer le centre de sécurité
76lilly76 a répondu à un(e) sujet de 76lilly76 dans Analyses et éradication malwares
FSS Farbar Service Scanner Version: 04-08-2013 Ran by Aurélie (administrator) on 09-08-2013 at 18:09:01 Running from "C:\Users\Aurélie\Desktop" Microsoft Windows 7 Édition Familiale Premium Service Pack 1 (X64) Boot Mode: Normal **************************************************************** Internet Services: ============ Connection Status: ============== Localhost is accessible. LAN connected. Google IP is accessible. Google.com is accessible. Yahoo.com is accessible. Windows Firewall: ============= mpsdrv Service is not running. Checking service configuration: The start type of mpsdrv service is OK. The ImagePath of mpsdrv service is OK. MpsSvc Service is not running. Checking service configuration: Checking Start type: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist. Checking ImagePath: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist. Checking ServiceDll: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist. bfe Service is not running. Checking service configuration: Checking Start type: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist. Checking ImagePath: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist. Checking ServiceDll: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist. Firewall Disabled Policy: ================== System Restore: ============ System Restore Disabled Policy: ======================== Action Center: ============ wscsvc Service is not running. Checking service configuration: Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist. Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist. Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist. Action Center Notification Icon =====> Unable to open HKLM\...\ShellServiceObjects\{F56F6FDD-AA9D-4618-A949-C1B91AF43B1A} key. The key does not exist. Windows Update: ============ Windows Autoupdate Disabled Policy: ============================ Windows Defender: ============== WinDefend Service is not running. Checking service configuration: Checking Start type: ATTENTION!=====> Unable to retrieve start type of WinDefend. The value does not exist. Checking ImagePath: ATTENTION!=====> Unable to retrieve ImagePath of WinDefend. The value does not exist. Unable to retrieve ServiceDll of WinDefend. The value does not exist. Other Services: ============== Checking Start type of SharedAccess: ATTENTION!=====> Unable to retrieve start type of SharedAccess. The value does not exist. Checking ImagePath of SharedAccess: ATTENTION!=====> Unable to retrieve ImagePath of SharedAccess. The value does not exist. Checking ServiceDll of SharedAccess: ATTENTION!=====> Unable to retrieve ServiceDll of SharedAccess. The value does not exist. Checking Start type of iphlpsvc: ATTENTION!=====> Unable to open iphlpsvc registry key. The service key does not exist. Checking ImagePath of iphlpsvc: ATTENTION!=====> Unable to open iphlpsvc registry key. The service key does not exist. Checking ServiceDll of iphlpsvc: ATTENTION!=====> Unable to open iphlpsvc registry key. The service key does not exist. File Check: ======== C:\Windows\System32\nsisvc.dll => MD5 is legit C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit C:\Windows\System32\drivers\afd.sys => MD5 is legit C:\Windows\System32\drivers\tdx.sys => MD5 is legit C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit C:\Windows\System32\dnsrslvr.dll => MD5 is legit C:\Windows\System32\mpssvc.dll => MD5 is legit C:\Windows\System32\bfe.dll => MD5 is legit C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit C:\Windows\System32\SDRSVC.dll => MD5 is legit C:\Windows\System32\vssvc.exe => MD5 is legit C:\Windows\System32\wscsvc.dll => MD5 is legit C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit C:\Windows\System32\wuaueng.dll => MD5 is legit C:\Windows\System32\qmgr.dll => MD5 is legit C:\Windows\System32\es.dll => MD5 is legit C:\Windows\System32\cryptsvc.dll => MD5 is legit C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit C:\Windows\System32\ipnathlp.dll => MD5 is legit C:\Windows\System32\iphlpsvc.dll => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit **** End of log **** ZHP Rapport de ZHPFix 2013.7.20.5 par Nicolas Coolman, Update du 20/07/2013 Fichier d'export Registre : Run by Aurélie at 09/08/2013 18:13:43 High Elevated Privileges : OK Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601) Corbeille vidée ========== Logiciel(s) ========== SUPPRIME Duuqu Update Helper ========== Clé(s) du Registre ========== SUPPRIME [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}] SUPPRIME Key*: HKLM\Software\Boxore SUPPRIME Key: HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\AppCertDlls ABSENT Key: HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls SUPPRIME Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\464AA55239C100F32AF2D438EDDC0F47 SUPPRIME Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5652BA3D5FB98AE31B337BF0AF939856 SUPPRIME Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EB95E1AFCBABE3DB9ECCC669B99494 SUPPRIME Key: HKCU\Software\Duuqu SUPPRIME Key: HKLM\Software\Wow6432Node\Duuqu ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} SUPPRIME Key: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A047FE02-C91C-41CB-898C-4ED21B86025A} ABSENT Key: HKCU\Software\Duuqu ABSENT Key: HKLM\Software\Wow6432Node\Duuqu ========== Valeur(s) du Registre ========== SUPPRIME Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} ABSENT Valeur Standard Profile: FirewallRaz : ABSENT Valeur Domain Profile: FirewallRaz : Aucune valeur présente dans la clé d'exception du registre (FirewallRaz) ========== Dossier(s) ========== Aucun dossiers CLSID Local utilisateur vide ========== Fichier(s) ========== SUPPRIME File: c:\users\aurélie\desktop\windows update troubleshooting info.lnk SUPPRIME File: C:\Windows\Installer\97769e.msi SUPPRIME File*: c:\windows\installer\97769e.msi SUPPRIME File: C:\Windows\Installer\9776a5.msi SUPPRIME File*: c:\windows\installer\9776a5.msi ABSENT Folder/File: c:\windows\installer\97769e.msi ABSENT Folder/File: c:\windows\installer\9776a5.msi SUPPRIME Temporaires Windows ========== Tache planifiée ========== SUPPRIME Task: EPUpdater SUPPRIME Task: {C1E11E24-F030-4F51-93AC-4BF5B68A08D5} ========== Restauration Système ========== Point de restauration du système créé avec succès ========== Récapitulatif ========== 13 : Clé(s) du Registre 4 : Valeur(s) du Registre 1 : Dossier(s) 8 : Fichier(s) 1 : Logiciel(s) 2 : Tache planifiée 1 : Restauration Système End of clean in 00mn 40s ========== Chemin de fichier rapport ========== C:\ZHP\ZHPFix[R1].txt - 09/08/2013 18:13:44 [2772] -
[Résolu] Impossible de démarrer le centre de sécurité
76lilly76 a répondu à un(e) sujet de 76lilly76 dans Analyses et éradication malwares
Voilà voilà : ADW recherche : © CJoint.com, 2012 ADW suppression : © CJoint.com, 2012 Junkware : © CJoint.com, 2012 Malwarebytes : © CJoint.com, 2012 ZHP : © CJoint.com, 2012 -
[Résolu] Impossible de démarrer le centre de sécurité
76lilly76 a répondu à un(e) sujet de 76lilly76 dans Analyses et éradication malwares
Boonjour et merci ! Voici le rapport demandé : © CJoint.com, 2012 -
[Résolu] Impossible de démarrer le centre de sécurité
76lilly76 a posté un sujet dans Analyses et éradication malwares
Bonjour à tous et à toutes... Tout est dans le titre : Je n'zrrive pas à lancer le centre de sécurité...Et je ne le trouve même pas dans la liste des services... Quelqu'un peut-il éclairer ma lanterne ? D'avance merci... A. -
[Résolu] Runtime error 216 at 400057AE
76lilly76 a répondu à un(e) sujet de 76lilly76 dans Analyses et éradication malwares
Pear un grand merci pour ton aide et bon week-end ! -
[Résolu] Runtime error 216 at 400057AE
76lilly76 a répondu à un(e) sujet de 76lilly76 dans Analyses et éradication malwares
Aucun rapport ne s'est ouvert ! -
[Résolu] Runtime error 216 at 400057AE
76lilly76 a répondu à un(e) sujet de 76lilly76 dans Analyses et éradication malwares
Bonjour à vous et un grand merci à Pear. Comment est ce que je désinstalle ZHP ? Est ce que je peux garder et utiliser de temps en temps TFC ? J'ai déjà ATF cleaner, sont-ils semblables ? Merci again a bonne journée ! -
[Résolu] Runtime error 216 at 400057AE
76lilly76 a répondu à un(e) sujet de 76lilly76 dans Analyses et éradication malwares
Non...Et ça rame moins... -
[Résolu] Runtime error 216 at 400057AE
76lilly76 a répondu à un(e) sujet de 76lilly76 dans Analyses et éradication malwares
C'est fait ! -
[Résolu] Runtime error 216 at 400057AE
76lilly76 a répondu à un(e) sujet de 76lilly76 dans Analyses et éradication malwares
Rebonjour, Après un autre scan d'Avira voici ce qui a été trouvé : C:\Users\Aurélie\AppData\Local\Temp\jar_cache3762634712912898483.tmp [0] Type d'archive: ZIP --> b.class [RESULTAT] Contient le modèle de détection de l'exploit EXP/CVE-2013-0422 [AVERTISSEMENT] Impossible de réparer les fichiers dans les archives --> s.class [RESULTAT] Contient le modèle de détection de l'exploit EXP/JAVA.Niabil.Gen [AVERTISSEMENT] Impossible de réparer les fichiers dans les archives C:\Users\Aurélie\AppData\Local\Temp\jar_cache6896084170243385669.tmp [0] Type d'archive: ZIP --> b.class [RESULTAT] Contient le modèle de détection de l'exploit EXP/CVE-2013-0422 [AVERTISSEMENT] Impossible de réparer les fichiers dans les archives --> s.class [RESULTAT] Contient le modèle de détection de l'exploit EXP/JAVA.Niabil.Gen [AVERTISSEMENT] Impossible de réparer les fichiers dans les archives Recherche débutant dans 'D:\' <RECOVERY> Recherche débutant dans 'G:\' <HP_TOOLS> Début de la désinfection : C:\Users\Aurélie\AppData\Local\Temp\jar_cache6896084170243385669.tmp [RESULTAT] Contient le modèle de détection de l'exploit EXP/JAVA.Niabil.Gen [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '592a4386.qua' ! C:\Users\Aurélie\AppData\Local\Temp\jar_cache3762634712912898483.tmp [RESULTAT] Contient le modèle de détection de l'exploit EXP/JAVA.Niabil.Gen [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '41bd6c21.qua' ! -
[Résolu] Runtime error 216 at 400057AE
76lilly76 a répondu à un(e) sujet de 76lilly76 dans Analyses et éradication malwares
Bonsoir, Ca va un peu mieux j'ai l'impression...Le message d'erreur ne s'affiche plus au démarrage du moins. Avira a effectué un scan ce matin et voilà ce qu'il a trouvé : La recherche sur les renvois aux fichiers exécutables (registre) commence : C:\Users\Aurélie\AppData\Roaming\e8373f23-d072-470b-b810-265b97430472ad\efdbbbad.exe [RESULTAT] Contient le cheval de Troie TR/Redyms.A.40 -
[Résolu] Runtime error 216 at 400057AE
76lilly76 a répondu à un(e) sujet de 76lilly76 dans Analyses et éradication malwares
Bonsoir, J'ai suivi toutes les manip', j'ai bien eu un message de confirmation de suppression mais pas de rapport nulle part...Sous C:\ je n'ai que le rapport de ZhpDiag... -
[Résolu] Runtime error 216 at 400057AE
76lilly76 a répondu à un(e) sujet de 76lilly76 dans Analyses et éradication malwares
Rebonsoir, Voilà le rapport : pjjoint.malekal.com - Submit a file -
[Résolu] Runtime error 216 at 400057AE
76lilly76 a répondu à un(e) sujet de 76lilly76 dans Analyses et éradication malwares
Bonsoir et merci beaucoup...Je fais tout çàa et te tiens au courant. Pour l'analyse MBAM, je l'ai faite hier et rien n'a été détecté. Avant de partir travailler ce matin, j'ai lancé un scan en ligne avec Eset et voilà le rapport : C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M\ApnIC[1].0 une variante de Win32/Bundled.Toolbar.Ask Application C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5\ApnIC[1].0 une variante de Win32/Bundled.Toolbar.Ask Application C:\Program Files (x86)\Avira\AntiVir Desktop\apnic.dll une variante de Win32/Bundled.Toolbar.Ask Application nettoyé par suppression (après le prochain redémarrage) - mis en quarantaine C:\Program Files (x86)\Avira\AntiVir Desktop\apntoolbarinstaller.exe une variante de Win32/Bundled.Toolbar.Ask Application nettoyé par suppression (après le prochain redémarrage) - mis en quarantaine C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M\ApnIC[1].0 une variante de Win32/Bundled.Toolbar.Ask Application nettoyé par suppression - mis en quarantaine C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5\ApnIC[1].0 une variante de Win32/Bundled.Toolbar.Ask Application nettoyé par suppression - mis en quarantaine Mémoire vive une variante probable de Win32/Redyms.AA cheval de troie -
[Résolu] Runtime error 216 at 400057AE
76lilly76 a posté un sujet dans Analyses et éradication malwares
Bonjour, Voilà le message d'erreur qui s'affiche au démarrage de windows. Quelqu'un peut-il me renseigner ? D'avance merci et bone journée. A. -
[Résolu] Virus et Avira Rescue
76lilly76 a répondu à un(e) sujet de 76lilly76 dans Analyses et éradication malwares
Encore un grand merci et bonne continuation ! -
[Résolu] Virus et Avira Rescue
76lilly76 a répondu à un(e) sujet de 76lilly76 dans Analyses et éradication malwares
Un grand pardon pour tant de retard... Voilà le rapport demandé : # DelFix v8.8 - Rapport créé le 14/07/2012 à 08:06:48 # Mis à jour le 12/02/12 par Xplode # Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits) # Nom d'utilisateur : Aurélie - LILLY-S-ORDI (Administrateur) # Exécuté depuis : C:\Users\Aurélie\Desktop\delfix.exe # Option [suppression] ~~~~~~ Dossiers(s) ~~~~~~ Supprimé : C:\ZHP Supprimé : C:\Users\Aurélie\DoctorWeb Supprimé : C:\Program Files (x86)\ZHPDiag ~~~~~~ Fichier(s) ~~~~~~ Supprimé : C:\JavaRa.log Supprimé : C:\PhysicalDisk0_MBR.bin Supprimé : C:\Users\Aurélie\Desktop\adwcleaner.exe Supprimé : C:\Users\Aurélie\Desktop\ZHPDiag2.exe ~~~~~~ Registre ~~~~~~ Clé Supprimée : HKCU\Software\IDAVLab Clé Supprimée : HKLM\SOFTWARE\IDAVLab Clé Supprimée : HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_DWPROT ~~~~~~ Autres ~~~~~~ Désinstallé : ESET Online Scanner -> Prefetch Vidé ************************* DelFix[s1].txt - [927 octets] - [14/07/2012 08:06:48] ########## EOF - C:\DelFix[s1].txt - [1050 octets] ########## Ainsi que les vulnérabilités détéctées par Kaspersky : Etat : Vulnérabilité (évênements : 6) 13/07/2012 19:49:12 Vulnérabilité vulnérabilité Viruslist.com - Adobe Flash Player Multiple Vulnerabilities C:\Program Files (x86)\Adobe\Adobe Flash CS3\Players\FlashPlayer.exe Faibles 13/07/2012 19:49:12 Vulnérabilité vulnérabilité Viruslist.com - Adobe Flash Player Multiple Vulnerabilities C:\Program Files (x86)\Adobe\Adobe Flash CS3\Players\Debug\FlashPlayer.exe Faibles 13/07/2012 19:49:12 Vulnérabilité vulnérabilité Viruslist.com - Adobe Flash Player Multiple Vulnerabilities C:\Program Files (x86)\Adobe\Adobe Flash CS3\Players\Release\FlashPlayer.exe Faibles 13/07/2012 20:09:23 Vulnérabilité vulnérabilité Viruslist.com - VLC Media Player OGG Demuxer Buffer Overflow Vulnerability C:\Program Files (x86)\VideoLAN\VLC\vlc-cache-gen.exe Faibles 13/07/2012 20:09:23 Vulnérabilité vulnérabilité Viruslist.com - VLC Media Player OGG Demuxer Buffer Overflow Vulnerability C:\Program Files (x86)\VideoLAN\VLC\vlc.exe Faibles 13/07/2012 21:06:51 Vulnérabilité vulnérabilité Viruslist.com - VLC Media Player OGG Demuxer Buffer Overflow Vulnerability c:\Program Files (x86)\VideoLAN\VLC\vlc.exe Faibles Bonne journée !
