Aller au contenu

Styx90

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    4

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par Styx90

  1. Styx90
    Oui effectivement je ne reçois plus ces alertes de Windows system defender. Par contre je n'ai pas trouvé le fichier ab9f7b4, pourtant j'ai réussi à accéder au dossier Programme Data. Je te remercie beaucoup de cette aide par ailleurs, très rapide et nickel.
  2. Styx90
    Le rapport du logiciel Malware : Malwarebytes' Anti-Malware 1.41 Version de la base de données: 3106 Windows 6.0.6001 Service Pack 1 05/11/2009 22:36:52 mbam-log-2009-11-05 (22-36-52).txt Type de recherche: Examen complet (C:\|I:\|) Eléments examinés: 274471 Temps écoulé: 3 hour(s), 56 minute(s), 47 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 1 Elément(s) de données du Registre infecté(s): 1 Dossier(s) infecté(s): 2 Fichier(s) infecté(s): 11 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\windows system defender (Rogue.WindowsEnterpriseDefender) -> Quarantined and deleted successfully. Elément(s) de données du Registre infecté(s): HKEY_CURRENT_USER\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\URL (Hijack.SearchPage) -> Bad: (http://search-gala.com/?&uid=220&q={searchTerms}) Good: (http://www.Google.com/) -> Quarantined and deleted successfully. Dossier(s) infecté(s): C:\ProgramData\WSDDSys (Rogue.WindowsSystemDefender) -> Quarantined and deleted successfully. C:\Users\Styx\AppData\Roaming\Windows System Defender (Rogue.WindowsSystemDefender) -> Quarantined and deleted successfully. Fichier(s) infecté(s): C:\ProgramData\ab9f7b4\WSab9f.exe (Rogue.WindowsEnterpriseDefender) -> Quarantined and deleted successfully. C:\Users\Styx\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WXAQ5Q1N\xp_ef6b8[1].exe (Rogue.WindowsEnterpriseDefender) -> Quarantined and deleted successfully. C:\Users\Styx\AppData\Local\Temp\cswmxrenoa.exe (Virus.Virut) -> Quarantined and deleted successfully. C:\Users\Styx\AppData\Local\Temp\exocrmaswn.exe (Trojan.Fraudpack) -> Quarantined and deleted successfully. C:\ProgramData\WSDDSys\wsd.cfg (Rogue.WindowsSystemDefender) -> Quarantined and deleted successfully. C:\Users\Styx\AppData\Roaming\Windows System Defender\cookies.sqlite (Rogue.WindowsSystemDefender) -> Quarantined and deleted successfully. C:\Users\Styx\AppData\Roaming\Windows System Defender\Instructions.ini (Rogue.WindowsSystemDefender) -> Quarantined and deleted successfully. C:\Users\Styx\Desktop\Windows System Defender.lnk (Rogue.WindowsSystemDefender) -> Quarantined and deleted successfully. C:\Users\Styx\AppData\Roaming\Microsoft\Windows\Start Menu\Windows System Defender.lnk (Rogue.WindowsSystemDefender) -> Quarantined and deleted successfully. C:\Users\Styx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows System Defender.lnk (Rogue.WindowsSystemDefender) -> Quarantined and deleted successfully. C:\Users\Styx\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows System Defender.lnk (Rogue.WindowsSystemDefender) -> Quarantined and deleted successfully. Le rapport log de RSIT : Logfile of random's system information tool 1.06 (written by random/random) Run by Styx at 2009-11-05 22:49:56 Microsoft® Windows Vista™ Édition Familiale Basique Service Pack 1 System drive C: has 22 GB (16%) free of 142 GB Total RAM: 1977 MB (58% free) HijackThis download failed ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}] BitComet Helper - C:\Program Files\BitComet\tools\BitCometBHO_1.3.3.2.dll [2009-03-02 636216] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}] AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2009-08-17 1111320] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-25 41760] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184] "IgfxTray"=C:\Windows\system32\igfxtray.exe [2008-07-16 150040] "HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2008-07-16 170520] "Persistence"=C:\Windows\system32\igfxpers.exe [2008-07-16 145944] "BkupTray"=C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe [2008-04-06 34040] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2007-03-08 40048] "LManager"=C:\PROGRA~1\LAUNCH~1\LManager.exe [2008-07-25 768520] "Apoint"=C:\Program Files\Apoint2K\Apoint.exe [2007-07-21 159744] "eRecoveryService"= [] "RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-06-27 6244896] "WarReg_PopUp"=C:\Program Files\eMachines\WR_PopUp\WarReg_PopUp.exe [2008-05-09 49152] "AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2009-11-03 2028312] "Windows Mobile-based device management"=C:\Windows\WindowsMobile\wmdc.exe [2007-01-24 563080] "UDC Integration"= [] "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-07-25 149280] "Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856] "DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-12-29 687560] C:\Users\Styx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup OpenOffice.org 3.0.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLS"="C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL,avgrsstx.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\Windows\system32\igfxdev.dll [2008-07-11 208896] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{03c779b3-fdbf-11dd-a977-001eecd66ae5}] shell\AutoRun\command - RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\svchost.exe shell\open\command - RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\svchost.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{27b9865d-2c24-11de-a747-001eecd66ae5}] shell\AutoRun\command - E:\Hyouiust.exe shell\hyouiHelp\command - WinHelp.EXE hyoui.HLP ======List of files/folders created in the last 1 months====== 2009-11-05 22:49:56 ----D---- C:\rsit 2009-11-05 22:49:56 ----D---- C:\Program Files\trend micro 2009-11-05 18:34:51 ----D---- C:\Users\Styx\AppData\Roaming\Malwarebytes 2009-11-05 18:34:43 ----D---- C:\ProgramData\Malwarebytes 2009-11-05 18:34:43 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2009-11-04 21:34:07 ----SHD---- C:\ProgramData\ab9f7b4 2009-11-04 12:38:37 ----A---- C:\Windows\system32\mshtml.dll 2009-10-28 13:54:01 ----A---- C:\Windows\system32\wmp.dll 2009-10-28 13:54:00 ----A---- C:\Windows\system32\unregmp2.exe 2009-10-28 13:53:56 ----A---- C:\Windows\system32\wmploc.DLL 2009-10-25 15:17:59 ----D---- C:\ProgramData\InterVideo 2009-10-22 12:23:59 ----A---- C:\Windows\system32\occache.dll 2009-10-22 12:23:58 ----A---- C:\Windows\system32\wininet.dll 2009-10-22 12:23:58 ----A---- C:\Windows\system32\urlmon.dll 2009-10-22 12:23:57 ----A---- C:\Windows\system32\ieframe.dll 2009-10-22 12:23:56 ----A---- C:\Windows\system32\ieapfltr.dll 2009-10-22 12:23:55 ----A---- C:\Windows\system32\msfeeds.dll 2009-10-22 12:23:55 ----A---- C:\Windows\system32\iertutil.dll 2009-10-22 12:23:55 ----A---- C:\Windows\system32\iedkcs32.dll 2009-10-22 12:23:54 ----A---- C:\Windows\system32\mstime.dll 2009-10-22 12:23:54 ----A---- C:\Windows\system32\jsproxy.dll 2009-10-22 12:23:54 ----A---- C:\Windows\system32\ieUnatt.exe 2009-10-22 12:23:54 ----A---- C:\Windows\system32\ieencode.dll 2009-10-22 12:23:54 ----A---- C:\Windows\system32\ieaksie.dll 2009-10-16 10:43:09 ----A---- C:\Windows\system32\msv1_0.dll 2009-10-16 10:43:04 ----A---- C:\Windows\system32\ntkrnlpa.exe 2009-10-16 10:43:03 ----A---- C:\Windows\system32\ntoskrnl.exe 2009-10-16 10:42:52 ----A---- C:\Windows\system32\msasn1.dll 2009-10-16 10:42:45 ----A---- C:\Windows\system32\WMSPDMOD.DLL 2009-10-08 18:56:58 ----D---- C:\Program Files\Microsoft 2009-10-07 14:23:38 ----A---- C:\Windows\system32\wups2.dll 2009-10-07 14:23:38 ----A---- C:\Windows\system32\wucltux.dll 2009-10-07 14:23:38 ----A---- C:\Windows\system32\wuaueng.dll 2009-10-07 14:23:38 ----A---- C:\Windows\system32\wuauclt.exe 2009-10-07 14:23:10 ----A---- C:\Windows\system32\wups.dll 2009-10-07 14:23:10 ----A---- C:\Windows\system32\wudriver.dll 2009-10-07 14:23:10 ----A---- C:\Windows\system32\wuapi.dll 2009-10-07 14:22:56 ----A---- C:\Windows\system32\wuwebv.dll 2009-10-07 14:22:56 ----A---- C:\Windows\system32\wuapp.exe 2009-10-06 17:43:00 ----D---- C:\Program Files\directx 2009-10-06 17:42:59 ----A---- C:\Windows\DXT81AF.tmp 2009-10-06 17:42:59 ----A---- C:\Windows\DXT81AE.tmp ======List of files/folders modified in the last 1 months====== 2009-11-05 22:49:56 ----RD---- C:\Program Files 2009-11-05 22:49:56 ----D---- C:\Windows\Prefetch 2009-11-05 22:49:38 ----D---- C:\Windows\Temp 2009-11-05 22:46:11 ----D---- C:\Windows\System32 2009-11-05 22:46:11 ----D---- C:\Windows\inf 2009-11-05 22:46:11 ----A---- C:\Windows\system32\PerfStringBackup.INI 2009-11-05 22:36:51 ----HD---- C:\ProgramData 2009-11-05 22:03:50 ----D---- C:\Users\Styx\AppData\Roaming\vlc 2009-11-05 19:50:20 ----SHD---- C:\System Volume Information 2009-11-05 18:34:44 ----D---- C:\Windows\system32\drivers 2009-11-05 13:13:44 ----D---- C:\Users\Styx\AppData\Roaming\PLT Scheme 2009-11-05 12:34:09 ----D---- C:\Windows\winsxs 2009-11-04 21:32:22 ----D---- C:\Windows 2009-11-04 12:24:30 ----D---- C:\Windows\system32\catroot 2009-11-03 14:27:39 ----D---- C:\Users\Styx\AppData\Roaming\dvdcss 2009-10-30 15:04:02 ----D---- C:\Program Files\Mozilla Firefox 2009-10-30 15:02:53 ----D---- C:\Windows\rescache 2009-10-29 01:00:21 ----D---- C:\Program Files\Windows Media Player 2009-10-29 01:00:20 ----D---- C:\Windows\system32\fr-FR 2009-10-28 13:51:00 ----D---- C:\Windows\system32\catroot2 2009-10-23 09:43:59 ----D---- C:\Program Files\Internet Explorer 2009-10-17 20:40:24 ----D---- C:\Windows\Microsoft.NET 2009-10-17 20:40:12 ----RSD---- C:\Windows\assembly 2009-10-17 12:30:56 ----D---- C:\Program Files\Windows Mail 2009-10-16 23:43:22 ----SHD---- C:\Windows\Installer 2009-10-08 18:57:32 ----D---- C:\Program Files\Windows Live ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 AvgLdx86;AVG AVI Loader Driver x86; C:\Windows\System32\Drivers\avgldx86.sys [2009-08-17 335240] R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\Windows\System32\Drivers\avgmfx86.sys [2009-08-17 27784] R1 AvgTdiX;AVG8 Network Redirector; C:\Windows\System32\Drivers\avgtdix.sys [2009-05-02 108552] R1 DritekPortIO;Dritek General Port I/O; \??\C:\PROGRA~1\LAUNCH~1\DPortIO.sys [2006-11-02 20112] R2 {09BB444F-B2E2-4009-BAF2-7B727681223E};BuddyVM; \??\C:\Program Files\VMLaunch\BuddyVM.sys [2004-12-03 15872] R2 int15;int15; \??\C:\Windows\system32\drivers\int15.sys [2008-06-11 15392] R2 regi;regi; C:\Windows\system32\drivers\regi.sys [2007-04-17 11032] R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2008-02-18 166960] R3 BCM43XX;Pilote pour carte réseau Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2007-10-26 1044984] R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208] R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2006-11-02 21264] R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-07-11 2381312] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-06-27 2147928] R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2008-01-30 14848] R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-06-10 123904] R3 usbvideo;Périphérique vidéo USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016] R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264] S1 ASPI32;ASPI32; C:\Windows\system32\drivers\ASPI32.sys [] S3 amz2cx5r;amz2cx5r; C:\Windows\system32\drivers\amz2cx5r.sys [] S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632] S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520] S3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2008-01-21 987648] S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2008-01-21 200704] S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192] S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888] S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016] S3 winachsf;winachsf; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2008-01-21 654336] S3 winusb;Pilote WinUsb; C:\Windows\system32\DRIVERS\winusb.sys [2008-01-21 31616] S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328] S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656] S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 avg8emc;AVG8 E-mail Scanner; C:\PROGRA~1\AVG\AVG8\avgemc.exe [2009-08-17 908056] R2 avg8wd;AVG8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-08-17 297752] R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504] R2 BUNAgentSvc;NTI Backup Now 5 Agent Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [2008-03-03 16384] R2 ETService;Empowering Technology Service; C:\Program Files\EMACHINES\eMachines Recovery Management\Service\ETService.exe [2008-06-11 24576] R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-04 112152] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440] R2 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-04-06 50424] R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-04-04 131072] R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2008-01-21 21504] R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2008-01-21 21504] -----------------EOF----------------- Le rapport info de RSIT : info.txt logfile of random's system information tool 1.06 2009-11-05 22:51:54 ======Uninstall list====== -->"C:\Program Files\InstallShield Installation Information\{8F1B6239-FEA0-450A-A950-B05276CE177C}\setup.exe" -runfromtemp -l0x040c -removeonly -->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER Active WebCam-->"C:\Program Files\Active WebCam\PY_UNINSTAL.EXE" SOFTWARE\PySoft\Act_WebCam Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe Adobe Flash Player ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe Adobe Reader 8.1.0-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81000000003} Agatha Christie Death on the Nile-->"C:\Program Files\eMachines GameZone\Agatha Christie Death on the Nile\Uninstall.exe" "C:\Program Files\eMachines GameZone\Agatha Christie Death on the Nile\install.log" Alice Greenfingers-->"C:\Program Files\eMachines GameZone\Alice Greenfingers\Uninstall.exe" "C:\Program Files\eMachines GameZone\Alice Greenfingers\install.log" ALPS Touch Pad Driver-->C:\Program Files\Apoint2K\Uninstap.exe ADDREMOVE Amazing Adventures The Lost Tomb-->"C:\Program Files\eMachines GameZone\Amazing Adventures The Lost Tomb\Uninstall.exe" "C:\Program Files\eMachines GameZone\Amazing Adventures The Lost Tomb\install.log" Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7} Audacity 1.2.6-->"C:\Program Files\Audacity\unins000.exe" AVG Free 8.5-->C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL Azada-->"C:\Program Files\eMachines GameZone\Azada\Uninstall.exe" "C:\Program Files\eMachines GameZone\Azada\install.log" Bejeweled 2 Deluxe-->"C:\Program Files\eMachines GameZone\Bejeweled 2 Deluxe\Uninstall.exe" "C:\Program Files\eMachines GameZone\Bejeweled 2 Deluxe\install.log" BitComet 1.10-->C:\Program Files\BitComet\uninst.exe Bookworm Deluxe-->"C:\Program Files\eMachines GameZone\Bookworm Deluxe\Uninstall.exe" "C:\Program Files\eMachines GameZone\Bookworm Deluxe\install.log" Bricks of Egypt-->"C:\Program Files\eMachines GameZone\Bricks of Egypt\Uninstall.exe" "C:\Program Files\eMachines GameZone\Bricks of Egypt\install.log" Build-a-lot-->"C:\Program Files\eMachines GameZone\Build-a-lot\Uninstall.exe" "C:\Program Files\eMachines GameZone\Build-a-lot\install.log" Cake Mania-->"C:\Program Files\eMachines GameZone\Cake Mania\Uninstall.exe" "C:\Program Files\eMachines GameZone\Cake Mania\install.log" Chuzzle-->"C:\Program Files\eMachines GameZone\Chuzzle\Uninstall.exe" "C:\Program Files\eMachines GameZone\Chuzzle\install.log" Delete Virtual-Mate Launcher-->"C:\Program Files\VMLaunch\unins000.exe" Diner Dash-->"C:\Program Files\eMachines GameZone\Diner Dash\Uninstall.exe" "C:\Program Files\eMachines GameZone\Diner Dash\install.log" DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER DivX Plus DirectShow Filters-->C:\Program Files\DivX\DivXDSFiltersUninstall.exe /DSFILTERS DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN Dofus 1.26.0-->C:\Program Files\Dofus\uninstall.exe Dream Day First Home-->"C:\Program Files\eMachines GameZone\Dream Day First Home\Uninstall.exe" "C:\Program Files\eMachines GameZone\Dream Day First Home\install.log" eMachines Recovery Management-->"C:\Program Files\InstallShield Installation Information\{7F811A54-5A09-4579-90E1-C93498E230D9}\setup.exe" -runfromtemp -l0x040c -removeonly eMachines ScreenSaver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}\setup.exe" -l0x9 -removeonly eMachines-->"C:\Program Files\Oberon Media\eMachines\Uninstall.exe" "C:\Program Files\Oberon Media\eMachines\install.log" eMule-->"C:\Program Files\eMule\Uninstall.exe" EPSON Printer Software-->C:\Windows\system32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R Farm Frenzy-->"C:\Program Files\eMachines GameZone\Farm Frenzy\Uninstall.exe" "C:\Program Files\eMachines GameZone\Farm Frenzy\install.log" Galapago-->"C:\Program Files\eMachines GameZone\Galapago\Uninstall.exe" "C:\Program Files\eMachines GameZone\Galapago\install.log" Gestionnaire pour appareils Windows Mobile-->MsiExec.exe /I{1F2A5DF9-40E1-4644-ADBD-D80F347BA6C8} Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT="" Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31} Intel(R) Graphics Media Accelerator Driver-->C:\Windows\system32\igxpun.exe -uninstall InterVideo WinDVD 8-->C:\Program Files\InstallShield Installation Information\{20471B27-D702-4FE8-8DEC-0702CC8C0A85}\setup.exe -runfromtemp Java(TM) 6 Update 15-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF} Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5} Launch Manager-->C:\Windows\UnInst32.exe LManager.UNI LimeWire 5.0.11-->"C:\Program Files\LimeWire\uninstall.exe" Luxor-->"C:\Program Files\eMachines GameZone\Luxor\Uninstall.exe" "C:\Program Files\eMachines GameZone\Luxor\install.log" Mahjong Escape Ancient China-->"C:\Program Files\eMachines GameZone\Mahjong Escape Ancient China\Uninstall.exe" "C:\Program Files\eMachines GameZone\Mahjong Escape Ancient China\install.log" Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" MediaCoder 0.6.2-->C:\Program Files\MediaCoder\uninst.exe Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31} Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570} Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Mise à jour du pilote du Gestionnaire pour appareils Windows Mobile-->MsiExec.exe /X{CB8CA439-DA83-419C-A4CF-5A0A50025144} Module de compatibilité pour Microsoft Office System 2007-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE} Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe Mozilla Firefox (3.5.4)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} Mystery Case Files - Huntsville-->"C:\Program Files\eMachines GameZone\Mystery Case Files - Huntsville\Uninstall.exe" "C:\Program Files\eMachines GameZone\Mystery Case Files - Huntsville\install.log" Mystery Solitaire - Secret Island-->"C:\Program Files\eMachines GameZone\Mystery Solitaire - Secret Island\Uninstall.exe" "C:\Program Files\eMachines GameZone\Mystery Solitaire - Secret Island\install.log" NTI Backup Now 5-->C:\Program Files\InstallShield Installation Information\{12EFA1A4-AC3B-443C-8143-237EDE760403}\setup.exe -runfromtemp -l0x040c NTI Media Maker 8-->C:\Program Files\InstallShield Installation Information\{2413930C-8309-47A6-BC61-5EF27A4222BC}\setup.exe -runfromtemp -l0x040c OpenOffice.org 3.0-->MsiExec.exe /I{1572F66F-F9AD-4D45-B0D2-0F45A0D5A0F6} Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238} PDFCreator-->C:\Program Files\PDFCreator\unins000.exe Personal Media Manager 2.5-->C:\Program Files\Personal Media Manager\Uninstal.exe PLT Scheme v372-->"C:\Program Files\PLT\Uninstall.exe" Project64 1.6-->MsiExec.exe /X{9559F7CA-5E34-4237-A2D9-D856464AD727} Real Alternative 1.9.0-->"C:\Program Files\Real Alternative\unins000.exe" Realtek 8169 8168 8101E 8102E Ethernet Driver-->C:\Program Files\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -l0x040c -removeonly Realtek High Definition Audio Driver-->RtlUpd.exe -r -m -nrg2709 Skype™ 4.0-->MsiExec.exe /X{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D} SopCast 3.0.3-->C:\Program Files\SopCast\uninst.exe Tokimeki Check in!-->C:\Windows\unvise32.exe i:\pron temporaire\games\tokimeki check in\uninstal.log Turbo Pizza-->"C:\Program Files\eMachines GameZone\Turbo Pizza\Uninstall.exe" "C:\Program Files\eMachines GameZone\Turbo Pizza\install.log" TVAnts 1.0-->C:\PROGRA~1\TVAnts\UNWISE.EXE C:\PROGRA~1\TVAnts\INSTALL.LOG Universal Document Converter-->"C:\Program Files\Universal Document Converter\unins000.exe" Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT="" VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B} VLC media player 1.0.1-->C:\Program Files\VideoLAN\VLC\uninstall.exe Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41} Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52} Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818} Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1} Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4} Zuma Deluxe-->"C:\Program Files\eMachines GameZone\Zuma Deluxe\Uninstall.exe" "C:\Program Files\eMachines GameZone\Zuma Deluxe\install.log" ======Security center information====== AS: Windows Defender ======System event log====== Computer Name: Saucisson Event Code: 1001 Message: Le réseau n'a attribué aucune adresse à votre ordinateur (par le serveur DHCP) pour la carte réseau avec l'adresse réseau 00234DC2E5AE. Il s'est produit l'erreur suivante : L'opération a été annulée par l'utilisateur.. Votre ordinateur va continuer à essayer d'obtenir sa propre adresse auprès du serveur d'adresse réseau (DHCP). Record Number: 77775 Source Name: Microsoft-Windows-Dhcp-Client Time Written: 20091105121112.000000-000 Event Type: Erreur User: Computer Name: Saucisson Event Code: 10002 Message: Le module d’extensibilité WLAN s’est arrêté. Chemin d’accès du module : C:\Windows\System32\bcmihvsrv.dll Record Number: 77815 Source Name: Microsoft-Windows-WLAN-AutoConfig Time Written: 20091105213854.536400-000 Event Type: Avertissement User: AUTORITE NT\SYSTEM Computer Name: Saucisson Event Code: 4001 Message: Le Service d’autoconfiguration WLAN s’est arrêté correctement. Record Number: 77819 Source Name: Microsoft-Windows-WLAN-AutoConfig Time Written: 20091105213855.815600-000 Event Type: Avertissement User: AUTORITE NT\SYSTEM Computer Name: Saucisson Event Code: 15016 Message: Impossible d’initialiser le package de sécurité Kerberos pour l’authentification côté serveur. Le champ de données contient le numéro de l’erreur. Record Number: 77828 Source Name: Microsoft-Windows-HttpEvent Time Written: 20091105214028.468378-000 Event Type: Erreur User: Computer Name: Saucisson Event Code: 7026 Message: Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se charger : ASPI32 Record Number: 77895 Source Name: Service Control Manager Time Written: 20091105214132.000000-000 Event Type: Erreur User: =====Application event log===== Computer Name: Saucisson Event Code: 10 Message: Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé. Record Number: 10557 Source Name: Microsoft-Windows-WMI Time Written: 20091105113037.000000-000 Event Type: Erreur User: Computer Name: Saucisson Event Code: 11 Message: Échec de l'extraction de la liste racine tierce partie depuis le fichier CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> avec l'erreur : Données non valides. . Record Number: 10577 Source Name: Microsoft-Windows-CAPI2 Time Written: 20091105173001.000000-000 Event Type: Erreur User: Computer Name: Saucisson Event Code: 1000 Message: Application défaillante Explorer.EXE, version 6.0.6001.18164, horodatage 0x4907e242, module défaillant wmp.dll, version 11.0.6001.7008, horodatage 0x4aa938dc, code d’exception 0xc0000005, décalage d’erreur 0x000d764d, ID du processus 0xe90, heure de début de l’application 0x01ca5e10ef47b937. Record Number: 10578 Source Name: Application Error Time Written: 20091105173412.000000-000 Event Type: Erreur User: Computer Name: Saucisson Event Code: 1530 Message: Windows a détecté que votre fichier de Registre est toujours utilisé par d'autres applications ou services. Le fichier va être déchargé. Les applications ou services qui ont accès à votre Registre risquent de ne pas fonctionner correctement après cela. DÉTAIL - 12 user registry handles leaked from \Registry\User\S-1-5-21-452165501-2776503953-3857520977-1000: Process 656 (\Device\HarddiskVolume2\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-452165501-2776503953-3857520977-1000 Process 656 (\Device\HarddiskVolume2\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-452165501-2776503953-3857520977-1000 Process 656 (\Device\HarddiskVolume2\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-452165501-2776503953-3857520977-1000 Process 656 (\Device\HarddiskVolume2\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-452165501-2776503953-3857520977-1000\Software\Microsoft\SystemCertificates\Root Process 656 (\Device\HarddiskVolume2\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-452165501-2776503953-3857520977-1000\Software\Microsoft\SystemCertificates\My Process 656 (\Device\HarddiskVolume2\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-452165501-2776503953-3857520977-1000\Software\Microsoft\SystemCertificates\CA Process 656 (\Device\HarddiskVolume2\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-452165501-2776503953-3857520977-1000\Software\Microsoft\SystemCertificates\Disallowed Process 656 (\Device\HarddiskVolume2\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-452165501-2776503953-3857520977-1000\Software\Microsoft\SystemCertificates\SmartCardRoot Process 656 (\Device\HarddiskVolume2\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-452165501-2776503953-3857520977-1000\Software\Microsoft\SystemCertificates\trust Process 656 (\Device\HarddiskVolume2\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-452165501-2776503953-3857520977-1000\Software\Policies\Microsoft\SystemCertificates Process 656 (\Device\HarddiskVolume2\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-452165501-2776503953-3857520977-1000\Software\Policies\Microsoft\SystemCertificates Process 656 (\Device\HarddiskVolume2\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-452165501-2776503953-3857520977-1000\Software\Policies\Microsoft\SystemCertificates Record Number: 10582 Source Name: Microsoft-Windows-User Profiles Service Time Written: 20091105213833.000000-000 Event Type: Avertissement User: AUTORITE NT\SYSTEM Computer Name: Saucisson Event Code: 10 Message: Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé. Record Number: 10602 Source Name: Microsoft-Windows-WMI Time Written: 20091105214131.000000-000 Event Type: Erreur User: =====Security event log===== Computer Name: Saucisson Event Code: 5032 Message: Le Pare-feu Windows n’a pas pu notifier l’utilisateur qu’il a empêché une application d’accepter des connexions entrantes sur le réseau. Code d’erreur : 2 Record Number: 21359 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20091105214510.100785-000 Event Type: Échec de l'audit User: Computer Name: Saucisson Event Code: 5032 Message: Le Pare-feu Windows n’a pas pu notifier l’utilisateur qu’il a empêché une application d’accepter des connexions entrantes sur le réseau. Code d’erreur : 2 Record Number: 21360 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20091105214510.100785-000 Event Type: Échec de l'audit User: Computer Name: Saucisson Event Code: 5032 Message: Le Pare-feu Windows n’a pas pu notifier l’utilisateur qu’il a empêché une application d’accepter des connexions entrantes sur le réseau. Code d’erreur : 2 Record Number: 21361 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20091105214519.289185-000 Event Type: Échec de l'audit User: Computer Name: Saucisson Event Code: 5032 Message: Le Pare-feu Windows n’a pas pu notifier l’utilisateur qu’il a empêché une application d’accepter des connexions entrantes sur le réseau. Code d’erreur : 2 Record Number: 21362 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20091105214519.289185-000 Event Type: Échec de l'audit User: Computer Name: Saucisson Event Code: 5032 Message: Le Pare-feu Windows n’a pas pu notifier l’utilisateur qu’il a empêché une application d’accepter des connexions entrantes sur le réseau. Code d’erreur : 2 Record Number: 21363 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20091105214519.289185-000 Event Type: Échec de l'audit User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Common Files\DivX Shared\ "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC "PROCESSOR_ARCHITECTURE"=x86 "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "USERNAME"=SYSTEM "windir"=%SystemRoot% "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel "PROCESSOR_REVISION"=0f0d "NUMBER_OF_PROCESSORS"=1 "TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat "DFSTRACINGON"=FALSE "Pathtem"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem "NTIPath"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\NewTech Infosystems\NTI Backup Now 5\; -----------------EOF----------------- Voilà.
  3. Styx90
    Merci de répondre. Je fais ça ce soir, après les cours, et j'éditerais pour poster les rapports.
  4. Styx90
    Bonsoir, depuis quelques heures je subis les assauts de Windows Defender qui intervient sous la forme de fenêtres me signalant que mon PC est infecté et qu'il faille absolument me protéger. Etant absolument une quiche en PC, je sollicite votre aide, et ai toute la soirée/nuit pour me battre. Enfin je précise, je suis une quiche, mais pas au point de ne pas pouvoir suivre des instructions. Voila je précise, bien que ca n'ait qu'une importance relative pour vous, que c'est le pc ou j'ai mes cours/travaux en cours et que ca m'arrangerais de pas le griller. Merci d'avance à ceux qui voudront bien m'aider.
×
×
  • Créer...