J’ai utiliser la clef USB de mon patron j’aurai pas du. 2014-06-07T07:41:17+00:00

Dépannage Informatique : J’ai utiliser la clef USB de mon patron j’aurai pas du.

  • Auteur
    Messages
  • Kaikai01
    Participant
    Nombre d'articles : 12

    Bonjour,

    Je vais essayer de m’expliquer, trop de choses se sont passées depuis 😡
    Les symptômes résiduels sont un démarrage qui détecte un CD ou une Clef USB (boot priority comme lors d’un démarrage avec le DVD de Windows). Et un Exécutable (Dllhost.exe) qui clignote dans le gestionnaire des tâches.
    Au début :
    En Branchant la clef USB, AVG m’a avertit qu’il me protégeait d’un virus (je me rappelle plus du nom).
    J’ai fait se que je devait faire.
    Puis le soir même, j’ai eu dllhost.exe qui, d’après le gestionnaire des tâches, prenait tout la ram de mon PC.
    J’ai donc surfé sur internet et j’ai trouvé certaines solutions.
    Un fix que je utilisé en mode sans échec. et maintenant j’ai ce même dllhost.exe qui clignote constamment ou presque dans mon gestionnaire des tâches …
    Les programmes (malwarebytes, adwcleaner, Spybot 2 et glary utilities) n’ont pas donné de résultats positifs à mon Problème.
    Voici les Rapports que vous demandez pour pouvoir m’aider :

    Adwcleaner :[spoiler:3f1vagse]# AdwCleaner v3.212 – Rapport créé le 07/06/2014 à 08:32:37
    # Mis à jour le 05/06/2014 par Xplode
    # Système d'exploitation : Windows 7 Ultimate Service Pack 1 (64 bits)
    # Nom d'utilisateur : MEGE GAEL – GAELMEGE-PC
    # Exécuté depuis : H:ReseauCCGTéléchargementVia Firefoxadwcleaner_3.212.exe
    # Option : Nettoyer

    ***** [ Services ] *****

    ***** [ Fichiers / Dossiers ] *****

    ***** [ Raccourcis ] *****

    ***** [ Registre ] *****

    Clé Supprimée : HKLMSOFTWAREClassesInterface{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
    Clé Supprimée : HKLMSOFTWAREClassesInterface{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
    Clé Supprimée : [x64] HKLMSOFTWAREClassesInterface{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
    Clé Supprimée : [x64] HKLMSOFTWAREClassesInterface{BCFF5F55-6F44-11D2-86F8-00104B265ED5}

    ***** [ Navigateurs ] *****

    -\ Internet Explorer v11.0.9600.17041

    -\ Mozilla Firefox v29.0.1 (fr)

    [ Fichier : C:UsersMEGE GAELAppDataRoamingMozillaFirefoxProfilesk67hxax4.defaultprefs.js ]

    *************************

    AdwCleaner[R0].txt – [1200 octets] – [07/06/2014 08:31:55]
    AdwCleaner[S0].txt – [1117 octets] – [07/06/2014 08:32:37]

    ########## EOF – C:AdwCleanerAdwCleaner[S0].txt – [1177 octets] ##########[/spoiler:3f1vagse]

    Malewarebytes :
    [spoiler:3f1vagse]Malwarebytes Anti-Malware 1.75.0.1300
    http://www.malwarebytes.org” onclick=”window.open(this.href);return false;

    Version de la base de données: v2014.06.07.02

    Windows 7 Service Pack 1 x64 NTFS
    Internet Explorer 11.0.9600.17107
    MEGE GAEL :: GAELMEGE-PC [administrateur]

    07/06/2014 08:37:40
    mbam-log-2014-06-07 (08-37-40).txt

    Type d'examen: Examen rapide
    Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
    Options d'examen désactivées: P2P
    Elément(s) analysé(s): 252038
    Temps écoulé: 2 minute(s), 46 seconde(s)

    Processus mémoire détecté(s): 0
    (Aucun élément nuisible détecté)

    Module(s) mémoire détecté(s): 0
    (Aucun élément nuisible détecté)

    Clé(s) du Registre détectée(s): 0
    (Aucun élément nuisible détecté)

    Valeur(s) du Registre détectée(s): 0
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre détecté(s): 0
    (Aucun élément nuisible détecté)

    Dossier(s) détecté(s): 0
    (Aucun élément nuisible détecté)

    Fichier(s) détecté(s): 0
    (Aucun élément nuisible détecté)

    (fin)[/spoiler:3f1vagse]

    ZHPDiag :

    [spoiler:3f1vagse]~ Rapport de ZHPDiag v2014.6.6.85 – Nicolas Coolman (06/06/2014)
    ~ Lancé par MEGE GAEL (07/06/2014 08:44:51)
    ~ Adresse du Site Web http://nicolascoolman.fr” onclick=”window.open(this.href);return false;
    ~ Traduit par Nicolas Coolman
    ~ Etat de la version : Version à jour.
    ~ Liste blanche : Activée par le programme
    ~ Elévation des Privilèges : OK
    ~ User Account Control (UAC): Activate by user

    —\ Navigateurs Internet
    MSIE: Internet Explorer v11.0.9600.17107
    MFIE: Mozilla Firefox 29.0.1 (Defaut)

    —\ Informations sur les produits Windows
    ~ Langage: Français
    Windows 7 Ultimate, 64-bit Service Pack 1 (Build 7601)
    Windows Server License Manager Script : OK

    —\ Logiciels de protection du système
    AVG 2014 v14.0.3955
    Malwarebytes Anti-Malware version 1.75.0.1300
    Spybot – Search & Destroy v2.2.25
    Windows Defender W7 (Deactivate)

    —\ Logiciels d'optimisation du système

    —\ Logiciels de partage PeerToPeer

    —\ Surveillance de Logiciels
    Adobe Flash Player 13 Plugin
    Java 7 Update 55

    —\ Informations sur le système
    ~ Processor: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
    ~ Operating System: 64 Bits
    Boot mode: Normal (Normal boot)
    Total RAM: 4095 MB (54% free)
    System Restore: Activé (Enable)
    System drive C: has 74 GB (66%) free of 112 GB

    —\ Mode de connexion au système
    ~ Computer Name: GAELMEGE-PC
    ~ User Name: MEGE GAEL
    ~ All Users Names: MEGE GAEL, HomeGroupUser$, Administrateur,
    ~ Unselected Option: None
    Logged in as Administrator

    —\ Variables d'environnement
    ~ System Unit : C:
    ~ %AppZHP% : C:UsersMEGE GAELAppDataRoamingZHP
    ~ %AppData% : C:UsersMEGE GAELAppDataRoaming
    ~ %Desktop% : C:UsersMEGE GAELDesktop
    ~ %Favorites% : C:UsersMEGE GAELFavorites
    ~ %LocalAppData% : C:UsersMEGE GAELAppDataLocal
    ~ %StartMenu% : C:UsersMEGE GAELAppDataRoamingMicrosoftWindowsStart Menu
    ~ %Windir% : C:Windows
    ~ %System% : C:WindowsSystem32

    —\ Enumération des unités disques
    C: Hard drive, Flash drive, Thumb drive (Free 74 Go of 112 Go)
    D: CD-ROM drive (Free 0 Go of 0 Go)
    E: Hard drive, Flash drive, Thumb drive (Free 410 Go of 466 Go)
    H: Hard drive, Flash drive, Thumb drive (Free 373 Go of 932 Go)
    I: Hard drive, Flash drive, Thumb drive (Free 175 Go of 298 Go)

    —\ Etat du Centre de Sécurité Windows
    [HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesExplorer] NoActiveDesktopChanges: Modified
    [HKLMSOFTWAREMicrosoftWindowsCurrentVersionWindowsUpdateAuto UpdateResultsInstall] LastSuccessTime : Out Of Date
    ~ Security Center: 41 Legitimates Filtered in 00mn 00s

    —\ Recherche particulière de fichiers génériques
    [MD5.AC4C51EB24AA95B77F705AB159189E24] – (.Microsoft Corporation – Explorateur Windows.) (.20/11/2010 – 14:24:45.) — C:WindowsExplorer.exe [2872320]
    [MD5.94355C28C1970635A31B3FE52EB7CEBA] – (.Microsoft Corporation – Application de démarrage de Windows.) (.14/07/2009 – 02:39:52.) — C:WindowsSystem32Wininit.exe [129024]
    [MD5.F220BA78AB542C70211D73AE4729B2CD] – (.Microsoft Corporation – Extensions Internet pour Win32.) (.06/03/2014 – 07:22:40.) — C:WindowsSystem32wininet.dll [2260480]
    [MD5.88AB9B72B4BF3963A0DE0820B4B0B06C] – (.Microsoft Corporation – Application d’ouverture de session Windows.) (.04/03/2014 – 10:43:50.) — C:WindowsSystem32Winlogon.exe [455168]
    [MD5.067FA52BFB59A56110A12312EF9AF243] – (.Microsoft Corporation – Bibliothèque de licences.) (.20/11/2010 – 14:27:26.) — C:WindowsSystem32sppcomapi.dll [232448]
    [MD5.79059559E89D06E8B80CE2944BE20228] – (.Microsoft Corporation – Ancillary Function Driver for WinSock.) (.28/09/2013 – 02:09:10.) — C:Windowssystem32DriversAFD.sys [497152]
    [MD5.02062C0B390B7729EDC9E69C680A6F3C] – (.Microsoft Corporation – ATAPI IDE Miniport Driver.) (.14/07/2009 – 02:52:21.) — C:Windowssystem32Driversatapi.sys [24128]
    [MD5.B8BD2BB284668C84865658C77574381A] – (.Microsoft Corporation – CD-ROM File System Driver.) (.14/07/2009 – 00:19:47.) — C:Windowssystem32DriversCdfs.sys [92160]
    [MD5.F036CE71586E93D94DAB220D7BDF4416] – (.Microsoft Corporation – SCSI CD-ROM Driver.) (.20/11/2010 – 10:19:21.) — C:Windowssystem32DriversCdrom.sys [147456]
    [MD5.9BB2EF44EAA163B29C4A4587887A0FE4] – (.Microsoft Corporation – DFS Namespace Client Driver.) (.20/11/2010 – 10:26:32.) — C:Windowssystem32DriversDfsC.sys [102400]
    [MD5.97BFED39B6B79EB12CDDBFEED51F56BB] – (.Microsoft Corporation – High Definition Audio Bus Driver.) (.20/11/2010 – 11:43:43.) — C:Windowssystem32DriversHDAudBus.sys [122368]
    [MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] – (.Microsoft Corporation – Pilote de port i8042.) (.14/07/2009 – 00:19:57.) — C:Windowssystem32Driversi8042prt.sys [105472]
    [MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] – (.Microsoft Corporation – IP Network Address Translator.) (.14/07/2009 – 01:10:03.) — C:Windowssystem32DriversIpNat.sys [116224]
    [MD5.A5D9106A73DC88564C825D317CAC68AC] – (.Microsoft Corporation – Windows NT SMB Minirdr.) (.27/04/2011 – 03:40:40.) — C:Windowssystem32DriversMRxSmb.sys [158208]
    [MD5.09594D1089C523423B32A4229263F068] – (.Microsoft Corporation – MBT Transport driver.) (.20/11/2010 – 10:23:20.) — C:Windowssystem32DriversnetBT.sys [261632]
    [MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] – (.Microsoft Corporation – Pilote du système de fichiers NT.) (.12/04/2013 – 15:45:08.) — C:Windowssystem32Driversntfs.sys [1656680]
    [MD5.0086431C29C35BE1DBC43F52CC273887] – (.Microsoft Corporation – Pilote de port parallèle.) (.14/07/2009 – 01:00:41.) — C:Windowssystem32DriversParport.sys [97280]
    [MD5.471815800AE33E6F1C32FB1B97C490CA] – (.Microsoft Corporation – RAS L2TP mini-port/call-manager driver.) (.20/11/2010 – 11:52:35.) — C:Windowssystem32DriversRasl2tp.sys [129536]
    [MD5.1B6163C503398B23FF8B939C67747683] – (.Microsoft Corporation – Microsoft RDP Device redirector.) (.20/11/2010 – 12:06:41.) — C:Windowssystem32Driversrdpdr.sys [165888]
    [MD5.548260A7B8654E024DC30BF8A7C5BAA4] – (.Microsoft Corporation – SMB Transport driver.) (.14/07/2009 – 01:09:09.) — C:Windowssystem32Driverssmb.sys [93184]
    [MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] – (.Microsoft Corporation – TDI Translation Driver.) (.20/11/2010 – 10:21:56.) — C:Windowssystem32Driverstdx.sys [119296]
    [MD5.0D08D2F3B3FF84E433346669B5E0F639] – (.Microsoft Corporation – Pilote de cliché instantané du volume.) (.20/11/2010 – 14:34:02.) — C:Windowssystem32Driversvolsnap.sys [295808]
    ~ Generic Processes: Scanned in 00mn 00s

    —\ Etat des fichiers cachés (Caché/Total)
    ~ Mes images (My Pictures) : 1/88
    ~ Mes Favoris (My Favorites) : 1/26
    ~ Mes Documents (My Documents) : 2/6
    ~ Mon Bureau (My Desktop) : 2/9
    ~ Menu demarrer (Programs) : 1/30
    ~ Hidden Files: Scanned in 00mn 00s

    —\ Processus lancés
    [MD5.EEC17187C9CE2FF35CC8294DC3CB39AC] – (.LG Electronics – BlueBirds Module.) — C:UsersMEGE GAELBluebirdsBlueBirds.exe [270336] [PID.3480]
    [MD5.275F70AF9857755E0440137FB3A6D2C8] – (.FreeDownloadManager.ORG – Free Download Manager.) — E:Free Download Managerfdm.exe [6983168] [PID.3556]
    [MD5.646A34526CC33BE4CA933C5680D80B48] – (.Nokia – Nokia Suite.) — C:Program Files (x86)NokiaNokia SuiteNokiaSuite.exe [1090912] [PID.3568]
    [MD5.C8F0DCA0E032881B6C4422B502194629] – (.AVG Technologies CZ, s.r.o. – AVG User Interface.) — C:Program Files (x86)AVGAVG2014avgui.exe [5181456] [PID.3668]
    [MD5.AF49D1C79EA49A7833017F290EE63B82] – (.Safer-Networking Ltd. – Spybot – Search & Destroy tray access.) — C:Program Files (x86)Spybot – Search & Destroy 2SDTray.exe [5624784] [PID.3692]
    [MD5.58FBD16C4BB84D9F69C25F30DAA4CE31] – (.Nokia – Microsoft Bluetooth Media Server.) — C:Program Files (x86)PC Connectivity SolutionTransportsNclMSBTSrvEx.exe [158032] [PID.4484]
    [MD5.6B2DD56DD048F6FEF998737BE88A17AC] – (.Glarysoft Ltd – Glary Utilities 5.) — C:Program Files (x86)Glary Utilities 5Integrator.exe [792864] [PID.3740]
    [MD5.0DA891CB0703D912CEAFA072F54D002B] – (.Mozilla Corporation – Firefox.) — C:Program Files (x86)Mozilla Firefoxfirefox.exe [275568] [PID.5580]
    [MD5.C0E392910782C2BB9A28C8538CC1E1A1] – (.Intel Corporation – IAStorIcon.) — C:Program Files (x86)IntelIntel(R) Rapid Storage TechnologyIAStorIcon.exe [285240] [PID.5408]
    [MD5.B2A76113F901D808E80FBF11077C0033] – (.Nicolas Coolman – ZHPDiag.) — C:Program Files (x86)ZHPDiagZHPDiag.exe [8065024] [PID.5484]
    ~ Processes Running: Scanned in 00mn 00s

    —\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
    C:UsersMEGE GAELAppDataRoamingMozillaFirefoxProfilesk67hxax4.defaultprefs.js
    M3 – MFPP: Plugins – [MEGE GAEL] — C:UsersMEGE GAELAppDataRoamingMozillaFirefoxProfilesk67hxax4.defaultsearchpluginsutorrentbarfr-customized-web-search.xml =>Toolbar.Conduit
    M0 – MFSP: prefs.js [MEGE GAEL – k67hxax4.default] about:newtab
    M2 – MFEP: prefs.js [MEGE GAEL – k67hxax4.default{3d7eb24f-2740-49df-8937-200b1cc08f8a}] [] Flashblock v1.5.17 (..)
    ~ Firefox Browser: 10 Legitimates Filtered in 00mn 00s

    —\ Internet Explorer, Proxy Management (R5)
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = no key
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyEnable = 0
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,MigrateProxy = 1
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,EnableHttp1_1 = 1
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,AutoConfigProxy = wininet.dll
    ~ Proxy management: Scanned in 00mn 00s

    —\ Analyse des lignes F0, F1, F2, F3 – IniFiles, Autoloading programs
    F2 – REG:system.ini: USERINIT=C:Windowssystem32userinit.exe,
    F2 – REG:system.ini: Shell=C:Windowsexplorer.exe
    F2 – REG:system.ini: VMApplet=C:WindowsSystem32SystemPropertiesPerformance.exe
    ~ Keys: Scanned in 00mn 00s

    —\ Hosts file redirection (O1)
    ~ Le fichier hosts est sain (The hosts file is clean).
    ~ Hosts File: Scanned in 00mn 05s
    ~ Nombre de lignes (Lines number): 15516

    —\ Applications lancées au démarrage du système (O4)
    O4 – HKCU..Run: [GUDelayStartup] . (.Glarysoft Ltd – StartupManager.) — C:Program Files (x86)Glary Utilities 5StartupManager.exe
    O4 – HKCU..Run: [AVG-Secure-Search-Update_1213b] C:UsersMEGE GAELAppDataRoamingAVG 1213b CampaignAVG-Secure-Search-Update-1213b.exe (.not file.) =>Toolbar.AVGSearch
    O4 – HKCU..Run: [bluebirds] . (.LG Electronics – BlueBirds Module.) — C:UsersMEGE GAELBluebirdsBlueBirds.exe
    O4 – HKCU..Run: [AVG-Secure-Search-Update_0214c] C:UsersMEGE GAELAppDataRoamingAVG 0214c CampaignAVG-Secure-Search-Update-0214c.exe (.not file.) =>Toolbar.AVGSearch
    O4 – HKCU..Run: [FreeMi UPnP Media Server] . (.Stéphane Mitermite – FreeMi UPnP Media Server.) — E:FreeMi UPnP Media ServerFreeMi UPnP Media Server.exe
    O4 – HKCU..Run: [Free Download Manager] . (.FreeDownloadManager.ORG – Free Download Manager.) — E:Free Download Managerfdm.exe
    O4 – HKCU..Run: [NokiaSuite.exe] . (.Nokia – Nokia Suite.) — C:Program Files (x86)NokiaNokia SuiteNokiaSuite.exe
    O4 – HKLM..Wow6432NodeRun: [AVG_UI] . (.AVG Technologies CZ, s.r.o. – AVG User Interface.) — C:Program Files (x86)AVGAVG2014avgui.exe
    O4 – HKLM..Wow6432NodeRun: [SDTray] . (.Safer-Networking Ltd. – Spybot – Search & Destroy tray access.) — C:Program Files (x86)Spybot – Search & Destroy 2SDTray.exe
    O4 – HKLM..Wow6432NodeRun: [IAStorIcon] . (.Intel Corporation – Delayed launcher.) — C:Program Files (x86)IntelIntel(R) Rapid Storage TechnologyIAStorIconLaunch.exe
    O4 – HKUSS-1-5-19..Run: [Sidebar] . (.Microsoft Corporation – Gadgets du Bureau Windows.) — C:Program Files (x86)Windows SidebarSidebar.exe =>.Microsoft Corporation
    O4 – HKUSS-1-5-20..Run: [Sidebar] . (.Microsoft Corporation – Gadgets du Bureau Windows.) — C:Program Files (x86)Windows SidebarSidebar.exe =>.Microsoft Corporation
    O4 – HKUS.DEFAULT..RunOnce: [SPReview] . (.Microsoft Corporation – SP Reviewer.) — C:WindowsSystem32SPReviewSPReview.exe =>.Microsoft Corporation
    O4 – HKUSS-1-5-18..RunOnce: [SPReview] . (.Microsoft Corporation – SP Reviewer.) — C:WindowsSystem32SPReviewSPReview.exe =>.Microsoft Corporation
    O4 – HKUSS-1-5-19..RunOnce: [mctadmin] . (.Microsoft Corporation – MCTAdmin.) — C:WindowsSystem32mctadmin.exe =>.Microsoft Corporation
    O4 – HKUSS-1-5-20..RunOnce: [mctadmin] . (.Microsoft Corporation – MCTAdmin.) — C:WindowsSystem32mctadmin.exe =>.Microsoft Corporation
    O4 – HKUSS-1-5-21-507685455-2490628450-608314737-1001..Run: [GUDelayStartup] . (.Glarysoft Ltd – StartupManager.) — C:Program Files (x86)Glary Utilities 5StartupManager.exe
    O4 – HKUSS-1-5-21-507685455-2490628450-608314737-1001..Run: [AVG-Secure-Search-Update_1213b] C:UsersMEGE GAELAppDataRoamingAVG 1213b CampaignAVG-Secure-Search-Update-1213b.exe (.not file.) =>Toolbar.AVGSearch
    O4 – HKUSS-1-5-21-507685455-2490628450-608314737-1001..Run: [bluebirds] . (.LG Electronics – BlueBirds Module.) — C:UsersMEGE GAELBluebirdsBlueBirds.exe
    O4 – HKUSS-1-5-21-507685455-2490628450-608314737-1001..Run: [AVG-Secure-Search-Update_0214c] C:UsersMEGE GAELAppDataRoamingAVG 0214c CampaignAVG-Secure-Search-Update-0214c.exe (.not file.) =>Toolbar.AVGSearch
    O4 – HKUSS-1-5-21-507685455-2490628450-608314737-1001..Run: [FreeMi UPnP Media Server] . (.Stéphane Mitermite – FreeMi UPnP Media Server.) — E:FreeMi UPnP Media ServerFreeMi UPnP Media Server.exe
    O4 – HKUSS-1-5-21-507685455-2490628450-608314737-1001..Run: [Free Download Manager] . (.FreeDownloadManager.ORG – Free Download Manager.) — E:Free Download Managerfdm.exe
    O4 – HKUSS-1-5-21-507685455-2490628450-608314737-1001..Run: [NokiaSuite.exe] . (.Nokia – Nokia Suite.) — C:Program Files (x86)NokiaNokia SuiteNokiaSuite.exe
    ~ Application: Scanned in 00mn 00s

    —\ Modification Domaine/Adresses DNS (O17)
    O17 – HKLMSystemCCSServicesTcpip..{1F35FBEF-BB14-4268-ACF3-739C09A4C4E4}: DhcpNameServer = 192.168.0.254
    O17 – HKLMSystemCCSServicesTcpip..{CD378C4E-6253-4414-A0A0-D47B6F4E7655}: DhcpNameServer = 192.168.0.254
    O17 – HKLMSystemCS1ServicesTcpip..{1F35FBEF-BB14-4268-ACF3-739C09A4C4E4}: DhcpNameServer = 192.168.0.254
    O17 – HKLMSystemCS1ServicesTcpip..{CD378C4E-6253-4414-A0A0-D47B6F4E7655}: DhcpNameServer = 192.168.0.254
    O17 – HKLMSystemCS2ServicesTcpip..{1F35FBEF-BB14-4268-ACF3-739C09A4C4E4}: DhcpNameServer = 192.168.0.254
    O17 – HKLMSystemCS2ServicesTcpip..{CD378C4E-6253-4414-A0A0-D47B6F4E7655}: DhcpNameServer = 192.168.0.254
    O17 – HKLMSystemCCSServicesTcpipParameters: DhcpNameServer = 192.168.0.254
    ~ Domain: Scanned in 00mn 00s

    —\ Protocole additionnel (O18)
    O18 – Handler: vbscript [64Bits] – {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation – Visionneuse HTML Microsoft (R).) — C:WindowsSystem32mshtml.dll =>.Microsoft Corporation
    O18 – Filter: text/xml [64Bits] – {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation – Microsoft Office XML MIME Filter.) — C:Program FilesCommon FilesMicrosoft SharedOFFICE12MSOXMLMF.dll =>.Microsoft Corporation
    ~ Protocole Additionnel: Scanned in 00mn 00s

    —\ Liste des services NT non Microsoft et non désactivés (O23)
    O23 – Service: Spybot-S&D 2 Security Center Service (SDWSCService) . (.Safer-Networking Ltd. – Windows Security Center integration..) – C:Program Files (x86)Spybot – Search & Destroy 2SDWSCSvc.exe
    ~ Services: 8 Legitimates Filtered in 00mn 03s

    —\ Enumère les données de BootExecute (BEX) (O34)
    O34 – HKLM BootExecute: (autocheck autochk * ) – File not found
    ~ BEX: 1 Legitimates Filtered in 00mn 00s

    —\ Tâches planifiées en automatique (O39)
    [MD5.00000000000000000000000000000000] [APT] [{46F843C0-679F-4868-900F-2D0959B958A0}] (…) — H:ReseauCCGT‚l‚chargementVia FirefoxLanguagePack.exe (.not file.) [0]
    O39 – APT: – (..) — C:WindowsSystem32TasksAdobe Flash Player Updater [1002]
    O39 – APT: – (..) — C:WindowsSystem32TasksGlaryInitialize 5 [340]
    ~ Scheduled Task: 9 Legitimates Filtered in 00mn 01s

    —\ HKCU & HKLM Software Keys
    [HKCUSoftwareHLDS]
    ~ Key Software: 206 Legitimates Filtered in 00mn 00s

    —\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
    O43 – CFD: 01/03/2014 – 10:22:30 – [] —-D C:UsersMEGE GAELAppDataLocalStéphane_Mitermite
    O43 – CFD: 11/01/2014 – 17:01:11 – [] —-D C:UsersMEGE GAELAppDataRoamingMicrosoftWindowsStart MenuProgramsBluebirds
    ~ Program Folder: 142 Legitimates Filtered in 00mn 00s

    —\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
    O44 – LFC:[MD5.D4385950E30FA543F1D7FD5F63A29757] – 07/06/2014 – 07:34:45 —A- . (…) — C:BackupLoader.ini [234]
    ~ Files: 12 Legitimates Filtered in 00mn 02s

    —\ Clé de registre Shell MountPoints2 (MPKS) (O51)
    O51 – MPSK:{2f3032dd-7ac0-11e3-b004-806e6f6e6963}AutoRuncommand. (.LG Electronics – BlueBirds Module.) — D:BlueBirds.exe
    O51 – MPSK:{b9cb5f12-7af5-11e3-a83c-806e6f6e6963}AutoRuncommand. (.LG Electronics – BlueBirds Module.) — D:BlueBirds.exe
    ~ Keys: Scanned in 00mn 00s

    —\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
    O55 – MWPS:[HKLM…PoliciesSystem] – “EnableUIADesktopToggle”=0
    O55 – MWPS:[HKLM…PoliciesSystem] – “FilterAdministratorToken”=0
    ~ MWPS: 16 Legitimates Filtered in 00mn 00s

    —\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
    O56 – MWPE:[HKLM…policiesExplorer] – “NoActiveDesktopChanges”=1
    ~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s

    —\ Liste des pilotes du système (SDL) (O58)
    O58 – SDL:29/03/2005 – 01:30:38 —A- . (.Pas de propriétaire – ATK0110 ACPI Utility.) — C:WindowsSystem32DriversASACPI.sys [8192]
    O58 – SDL:14/07/2009 – 02:47:48 —A- . (.Emulex – Storport Miniport Driver for LightPulse HBAs.) — C:WindowsSystem32Driverselxstor.sys [530496]
    O58 – SDL:10/06/2009 – 21:31:59 —A- . (.Hauppauge Computer Works, Inc. – Hauppauge WinTV 885 Consumer IR Driver for eHome.) — C:WindowsSystem32Drivershcw85cir.sys [31232]
    O58 – SDL:14/07/2009 – 02:45:55 —A- . (.Promise Technology – Promise SuperTrak EX Series Driver for Windows.) — C:WindowsSystem32Driversstexstor.sys [24656]
    ~ Drivers: 69 Legitimates Filtered in 00mn 00s

    —\ Liste des outils de désinfection (LATC) (O63)
    O63 – Logiciel: UsbFix – (.El Desaparecido – http://www.usbfix.net” onclick=”window.open(this.href);return false; – https://www.sosvirus.net.)” onclick=”window.open(this.href);return false; [HKLM] — Usbfix
    O63 – Logiciel: ZHPDiag 2014 – (.Nicolas Coolman.) [HKLM] — ZHPDiag_is1 =>.Nicolas Coolman
    ~ ADS: Scanned in 00mn 00s

    —\ Liste les services legacy du registre (LALS) (O64)
    O64 – Services: CurCS – 13/05/2014 – C:WindowsSystem32DRIVERSavgtdia.sys (Avgtdia) .(.AVG Technologies CZ, s.r.o. – AVG Network connection watcher.) – LEGACY_AVGTDIA
    O64 – Services: CurCS – 30/05/2012 – C:WindowsSystem32DRIVERSiaStor.sys (iaStor) .(.Intel Corporation – Intel Rapid Storage Technology driver – x64.) – LEGACY_IASTOR
    ~ Legacy: 80 Legitimates Filtered in 00mn 00s

    —\ Menu de démarrage Internet (SMI) (O68)
    O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Mozilla Corporation – Firefox.) — C:Program Files (x86)Mozilla Firefoxfirefox.exe
    O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Microsoft Corporation – Internet Explorer.) — C:Program FilesInternet Exploreriexplore.exe
    ~ Keys: Scanned in 00mn 00s

    —\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
    O69 – SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} – (Bing) – http://www.bing.com” onclick=”window.open(this.href);return false;
    ~ Keys: Scanned in 00mn 00s

    —\ Recherche de clés de registre Tracing (O100)
    HKLMSOFTWAREWow6432NodeMicrosoftTracingAVG-Secure-Search-Update-1213b_RASAPI32 =>Toolbar.AVGSearch
    HKLMSOFTWAREWow6432NodeMicrosoftTracingAVG-Secure-Search-Update-1213b_RASMANCS =>Toolbar.AVGSearch
    ~ BTK: 67 Legitimates Filtered in 00mn 00s

    —\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
    SS – | Demand 13/05/2014 257712 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) – C:WindowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe
    SS – | Demand 09/05/2014 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) – C:Program Files (x86)Mozilla Maintenance Servicemaintenanceservice.exe
    SS – | Demand 10/07/1658 0 | (npggsvc) . (.INCA Internet Co., Ltd..) – C:Windowssystem32GameMon.des
    SS – | Demand 14/07/2009 27136 | C:Program Files (x86)Windows Defendermpsvc.dll (WinDefend) . (.Microsoft Corporation.) – C:WindowsSystem32svchost.exe
    SR – | Auto 30/04/2013 238080 | (AMD External Events Utility) . (.AMD.) – C:WindowsSystem32atiesrxx.exe
    SR – | Auto 13/05/2014 3644432 | (AVGIDSAgent) . (.AVG Technologies CZ, s.r.o..) – C:Program Files (x86)AVGAVG2014avgidsagent.exe
    SR – | Auto 13/05/2014 292424 | (avgwd) . (.AVG Technologies CZ, s.r.o..) – C:Program Files (x86)AVGAVG2014avgwdsvc.exe
    SR – | Auto 19/11/2012 14904 | (IAStorDataMgrSvc) . (.Intel Corporation.) – C:Program Files (x86)IntelIntel(R) Rapid Storage TechnologyIAStorDataMgrSvc.exe
    SR – | Auto 01/04/2014 2818888 | (MaConfigAgent) . (.CybelSoft.) – C:Program Filesma-config.comMaConfigAgent.exe
    SR – | Auto 15/10/2013 3921880 | (SDScannerService) . (.Safer-Networking Ltd..) – C:Program Files (x86)Spybot – Search & Destroy 2SDFSSvc.exe
    SR – | Auto 20/09/2013 1042272 | (SDUpdateService) . (.Safer-Networking Ltd..) – C:Program Files (x86)Spybot – Search & Destroy 2SDUpdSvc.exe
    SR – | Auto 13/09/2013 171416 | (SDWSCService) . (.Safer-Networking Ltd..) – C:Program Files (x86)Spybot – Search & Destroy 2SDWSCSvc.exe
    SR – | Demand 18/04/2013 737616 | (ServiceLayer) . (.Nokia.) – C:Program Files (x86)PC Connectivity SolutionServiceLayer.exe
    SR – | Auto 10/07/1658 0 | (WMPNetworkSvc) . (…) – C:Program Files (x86)Windows Media Playerwmpnetwk.exe =>.Microsoft Corporation
    SR – | Auto 14/07/2009 27136 | C:WindowsSystem32wuaueng.dll (wuauserv) . (.Microsoft Corporation.) – C:WindowsSystem32svchost.exe
    ~ Services: Scanned in 00mn 05s

    —\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
    Run by MEGE GAEL at 07/06/2014 08:46:47
    ~ OS 64 not supported by MBR tool
    ~ MBR: 0 Legitimates Filtered in 00mn 00s

    —\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
    Written by ad13, http://ad13.geekstog” onclick=”window.open(this.href);return false;
    Run by MEGE GAEL at 07/06/2014 08:46:49
    ********* Dump file Name *********
    C:PhysicalDisk0_MBR.bin
    ~ MBR: Scanned in 00mn 02s

    —\ Scan Additionnel (O88)
    Database Version : 13026 – (06/06/2014)
    Clés trouvées (Keys found) : 0
    Valeurs trouvées (Values found) : 1
    Dossiers trouvés (Folders found) : 0
    Fichiers trouvés (Files found) : 0

    [HKCUSOFTWAREMicrosoftWindowsCurrentVersionRun]:AVG-Secure-Search-Update_1213b =>Toolbar.AVGSearch^
    ~ Additionnel Scan: 190635 Items scanned in 00mn 21s

    —\ Informations complémentaires sur les modules
    ~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/” onclick=”window.open(this.href);return false; =>.Internet Explorer, Proxy Management (R5)
    ~ AMI: 1 Legitimates Filtered in 00mn 00s

    —\ Récapitulatif des détections trouvées sur votre station
    http://nicolascoolman.fr/toolbar-conduit” onclick=”window.open(this.href);return false; =>Toolbar.Conduit
    ~ MSI: 1 link(s) detected in 00mn 00s

    ~ 668 Legitimates filtered by white list
    End of the scan (371 lines in 02mn 19s)(0)[/spoiler:3f1vagse]

    Merci d’avance pour votre attention, et votre aide.

  • buckhulk
    Participant
    Nombre d'articles : 2391

    bonjour Kaikai01

    J'ai utiliser la clef USB de mon patron j'aurai pas du.

    ^^
    c’est pas bien ça ! mdr

    bon déjà tu va commencer par supprimer Spybot – Search & Destroy v2.2.25 mettre à jour java : java dernier
    puis passer USBFix s’il te plait :

    USBFix

    Télécharge : UsbFix par El Desaparecido sur ton Bureau.

    A / Si ton antivirus affiche une alerte, ignore-la et désactive l’antivirus temporairement. Tous les Antivirus

    B / Branche toutes tes sources de données externes à ton PC (clé USB, disque dur externe, etc…) sans les ouvrir.
    C / Double clique sur UsbFix.exe.
    D / Valide en cliquant sur Appliquer.
    E / UsbFix se relancera pour prendre en compte tes réglages.
    F / Clique sur Nettoyage.

    H / Laisse travailler l’outil, ton bureau ne sera pas accessible durant la phase de nettoyage.
    I / À la fin du scan, un rapport va s’afficher, poste-le dans ta prochaine réponse sur le forum.

    1 / Le rapport est aussi sauvegardé à la racine du disque système.
    ( C:UsbFixLogUsbFix [Clean 1] Nom de l’ordinateur.txt ).

    ( CTRL+A pour sélectionner, CTRL+C pour copier et CTRL+V pour coller )

    2 / ->> Tutoriel (aide) en images sur le site de l’auteur.

  • Kaikai01
    Participant
    Nombre d'articles : 12

    USBfFix :
    [spoiler:1kvd61c7]############################## | UsbFix V 7.171 | [Nettoyage]

    Utilisateur: MEGE GAEL (Administrateur) # GAELMEGE-PC
    Mis à jour le 18/05/2014 par El Desaparecido – SosVirus
    Lancé à 10:38:33 | 07/06/2014

    Site Web : http://www.usbfix.net/
    Changelog : http://www.usbfix.net/maj/
    Assistance : https://www.sosvirus.net/aide-nettoyage-pc/
    Upload Malware : https://www.sosvirus.net/upload_malware.php
    Contact : http://www.usbfix.net/contact/

    PC: ASUSTeK Computer INC. (Maximus II Formula)
    CPU: Intel(R) Core(TM)2 Quad CPU Q8400 @ 2.66GHz
    RAM -> [Total : 4095 Mo| Free : 1709 Mo]
    Bios: American Megatrends Inc.
    Boot: Normal boot

    OS: Microsoft Windows 7 Édition Intégrale (6.1.7601 64-Bit) Service Pack 1
    WB: Windows Internet Explorer : 11.0.9600.17107
    WB: Mozilla Firefox : 29.0.1

    SC: Security Center [Enabled]
    WU: Windows Update [Enabled]
    AV: AVG AntiVirus Free Edition 2014 [Enabled | Updated]
    AS: Windows Defender [(!) Disabled | Updated]
    AS: AVG AntiVirus Free Edition 2014 [Enabled | Updated]
    FW: Windows FireWall [(!) Disabled]

    C: (%SystemDrive%) -> Disque fixe # 112 Go (74 Go libre(s) – 66%) [] # NTFS
    D: -> CD-ROM
    E: -> Disque fixe # 466 Go (410 Go libre(s) – 88%) [Programmes] # NTFS
    F: -> Disque fixe # 931 Go (606 Go libre(s) – 65%) [Elements] # NTFS
    H: -> Disque fixe # 932 Go (376 Go libre(s) – 40%) [Réseau] # NTFS
    I: -> Disque fixe # 298 Go (175 Go libre(s) – 59%) [Sauvegarde] # NTFS

    ################## | Processus Stoppés |

    C:WindowsSystem32atiesrxx.exe (ID: 780|ParentID: 824)
    C:WindowsSystem32atieclxx.exe (ID: 1500|ParentID: 780)
    C:WindowsSystem32spoolsv.exe (ID: 1596|ParentID: 824)
    C:WindowsSystem32taskhost.exe (ID: 1852|ParentID: 824|MEGE GAEL)
    C:Windowsexplorer.exe (ID: 1712|ParentID: 1996|MEGE GAEL)
    C:Program Filesma-config.comMaConfigAgent.exe (ID: 2056|ParentID: 824|Système)
    E:FreeMi UPnP Media ServerFreeMi UPnP Media Server.exe (ID: 3220|ParentID: 1712|MEGE GAEL)
    E:Free Download Managerfdm.exe (ID: 3280|ParentID: 1712|MEGE GAEL)
    C:Program Files (x86)NokiaNokia SuiteNokiaSuite.exe (ID: 3292|ParentID: 1712|MEGE GAEL)
    C:WindowsSysWOW64ctfmon.exe (ID: 3588|ParentID: 3332|MEGE GAEL)
    C:Program Files (x86)PC Connectivity SolutionServiceLayer.exe (ID: 3724|ParentID: 824|Système)
    C:Program Files (x86)PC Connectivity SolutionTransportsNclUSBSrv64.exe (ID: 3820|ParentID: 3724|Système)
    C:WindowsSystem32SearchIndexer.exe (ID: 1776|ParentID: 824|Système)
    C:Program Files (x86)PC Connectivity SolutionTransportsNclMSBTSrvEx.exe (ID: 3892|ParentID: 3724|MEGE GAEL)
    C:Program FilesWindows Media Playerwmpnetwk.exe (ID: 3544|ParentID: 824|SERVICE RÉSEAU)
    C:Program Files (x86)Glary Utilities 5Integrator.exe (ID: 5024|ParentID: 2124|MEGE GAEL)
    C:Program Files (x86)Mozilla Firefoxfirefox.exe (ID: 4760|ParentID: 1712|MEGE GAEL)
    C:Program FilesMicrosoft IntelliPointipoint.exe (ID: 2892|ParentID: 2684|MEGE GAEL)
    C:Program Files (x86)IntelIntel(R) Rapid Storage TechnologyIAStorIcon.exe (ID: 5432|ParentID: 3348|MEGE GAEL)
    C:WindowsSystem32msiexec.exe (ID: 5536|ParentID: 824|Système)
    C:UsersMEGE GAELBluebirdsBlueBirds.exe (ID: 5852|ParentID: 2684|MEGE GAEL)
    E:ATI TechnologiesATI.ACECore-StaticMOM.exe (ID: 5124|ParentID: 5920|MEGE GAEL)
    E:ATI TechnologiesATI.ACECore-StaticCCC.exe (ID: 5364|ParentID: 5124|MEGE GAEL)
    C:Program Files (x86)IntelIntel(R) Rapid Storage TechnologyIAStorDataMgrSvc.exe (ID: 5920|ParentID: 824|Système)
    C:WindowsMicrosoft.NETFramework64v3.0WPFPresentationFontCache.exe (ID: 5568|ParentID: 824|SERVICE LOCAL)
    C:WindowsservicingTrustedInstaller.exe (ID: 3420|ParentID: 824|Système)

    ################## | Autorun |

    ################## | Recherche générique |

    (!) Fichiers temporaires supprimés.

    ################## | Registre |

    Supprimé! HKUS-1-5-21-507685455-2490628450-608314737-1001Software….Mountpoints2{2f3032dd-7ac0-11e3-b004-806e6f6e6963}
    Supprimé! HKUS-1-5-21-507685455-2490628450-608314737-1001Software….Mountpoints2{b9cb5f12-7af5-11e3-a83c-806e6f6e6963}

    ################## | Regedit Run |

    F2 – HKLM..Winlogon : [Shell] explorer.exe
    F2 – [x64] HKLM..Winlogon : [Shell] explorer.exe
    F2 – HKLM..Winlogon : [Userinit] userinit.exe,
    F2 – [x64] HKLM..Winlogon : [Userinit] C:Windowssystem32userinit.exe,
    04 – HKCU..Run : [GUDelayStartup] “C:Program Files (x86)Glary Utilities 5StartupManager.exe” -delayrun
    04 – HKCU..Run : [AVG-Secure-Search-Update_1213b] C:UsersMEGE GAELAppDataRoamingAVG 1213b CampaignAVG-Secure-Search-Update-1213b.exe /PROMPT /mid=060a275cacd047d2946ad16f5e78f4fc-bba2f273edd347e78438b9186cb1d4b6db94722d /CMPID=1213b
    04 – HKCU..Run : [bluebirds] C:UsersMEGE GAELBluebirdsBlueBirds.exe
    04 – HKCU..Run : [AVG-Secure-Search-Update_0214c] C:UsersMEGE GAELAppDataRoamingAVG 0214c CampaignAVG-Secure-Search-Update-0214c.exe /PROMPT /mid=060a275cacd047d2946ad16f5e78f4fc-bba2f273edd347e78438b9186cb1d4b6db94722d /CMPID=0214c
    04 – HKCU..Run : [FreeMi UPnP Media Server] E:FreeMi UPnP Media ServerFreeMi UPnP Media Server.exe
    04 – HKCU..Run : [Free Download Manager] “E:Free Download Managerfdm.exe” -autorun
    04 – HKCU..Run : [NokiaSuite.exe] C:Program Files (x86)NokiaNokia SuiteNokiaSuite.exe -tray
    04 – HKLM..Run : [AVG_UI] “C:Program Files (x86)AVGAVG2014avgui.exe” /TRAYONLY
    04 – HKLM..Run : [IAStorIcon] C:Program Files (x86)IntelIntel(R) Rapid Storage TechnologyIAStorIconLaunch.exe “C:Program Files (x86)IntelIntel(R) Rapid Storage TechnologyIAStorIcon.exe” 60
    04 – HKLM..Run : [SunJavaUpdateSched] “C:Program Files (x86)Common FilesJavaJava Updatejusched.exe”
    04 – HKUS-1-5-19..Run : [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun
    04 – HKUS-1-5-20..Run : [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun
    04 – HKUS-1-5-21-507685455-2490628450-608314737-1001..Run : [GUDelayStartup] “C:Program Files (x86)Glary Utilities 5StartupManager.exe” -delayrun
    04 – HKUS-1-5-21-507685455-2490628450-608314737-1001..Run : [AVG-Secure-Search-Update_1213b] C:UsersMEGE GAELAppDataRoamingAVG 1213b CampaignAVG-Secure-Search-Update-1213b.exe /PROMPT /mid=060a275cacd047d2946ad16f5e78f4fc-bba2f273edd347e78438b9186cb1d4b6db94722d /CMPID=1213b
    04 – HKUS-1-5-21-507685455-2490628450-608314737-1001..Run : [bluebirds] C:UsersMEGE GAELBluebirdsBlueBirds.exe
    04 – HKUS-1-5-21-507685455-2490628450-608314737-1001..Run : [AVG-Secure-Search-Update_0214c] C:UsersMEGE GAELAppDataRoamingAVG 0214c CampaignAVG-Secure-Search-Update-0214c.exe /PROMPT /mid=060a275cacd047d2946ad16f5e78f4fc-bba2f273edd347e78438b9186cb1d4b6db94722d /CMPID=0214c
    04 – HKUS-1-5-21-507685455-2490628450-608314737-1001..Run : [FreeMi UPnP Media Server] E:FreeMi UPnP Media ServerFreeMi UPnP Media Server.exe
    04 – HKUS-1-5-21-507685455-2490628450-608314737-1001..Run : [Free Download Manager] “E:Free Download Managerfdm.exe” -autorun
    04 – HKUS-1-5-21-507685455-2490628450-608314737-1001..Run : [NokiaSuite.exe] C:Program Files (x86)NokiaNokia SuiteNokiaSuite.exe -tray
    04 – HKUS-1-5-19..RunOnce : [mctadmin] C:WindowsSystem32mctadmin.exe
    04 – HKUS-1-5-20..RunOnce : [mctadmin] C:WindowsSystem32mctadmin.exe
    04 – HKUS-1-5-18..RunOnce : [SPReview] “C:WindowsSystem32SPReviewSPReview.exe” /sp:1 /errorfwlink:”http://go.microsoft.com/fwlink/?LinkID=122915″ /build:7601

    ################## | C: %SystemDrive% – Disque Fixe (NTFS) |

    [07/06/2014 – 10:31:10 | ASH | 4193396 Ko] – C:pagefile.sys
    [07/06/2014 – 10:31:10 | ASH | 3145044 Ko] – C:hiberfil.sys
    [07/06/2014 – 10:31:52 | N | 0 Ko] – C:BackupLoader.ini
    [11/01/2014 – 15:08:01 | SHD] – C:$Recycle.Bin
    [07/06/2014 – 08:46:48 | N | 1 Ko] – C:PhysicalDisk0_MBR.bin
    [11/01/2014 – 14:58:24 | RASH | 8 Ko] – C:BOOTSECT.BAK
    [14/07/2009 – 05:20:08 | D] – C:PerfLogs
    [14/07/2009 – 07:08:56 | SHD] – C:Documents and Settings
    [20/11/2010 – 14:40:07 | RASH | 375 Ko] – C:bootmgr
    [11/01/2014 – 15:07:49 | SHD] – C:Recovery
    [11/01/2014 – 17:08:31 | D] – C:$AVG
    [11/01/2014 – 21:07:25 | D] – C:Intel
    [12/01/2014 – 19:35:07 | SHD] – C:Boot
    [01/04/2014 – 14:04:00 | D] – C:Downloads
    [15/05/2014 – 06:06:21 | D] – C:Program Files
    [16/05/2014 – 11:12:26 | HD] – C:ProgramData
    [07/06/2014 – 08:14:28 | D] – C:UsbFix
    [07/06/2014 – 08:32:41 | D] – C:AdwCleaner
    [07/06/2014 – 08:42:48 | D] – C:Program Files (x86)
    [07/06/2014 – 08:44:51 | D] – C:Users
    [07/06/2014 – 10:29:43 | D] – C:Windows
    [07/06/2014 – 10:32:52 | SHD] – C:System Volume Information

    ################## | E: – Disque Fixe (NTFS) |

    [07/11/2007 – 09:00:40 | N | 17 Ko] – E:eula.1040.txt
    [07/11/2007 – 09:00:40 | N | 17 Ko] – E:eula.3082.txt
    [07/11/2007 – 09:00:40 | N | 17 Ko] – E:eula.2052.txt
    [07/11/2007 – 09:00:40 | N | 17 Ko] – E:eula.1042.txt
    [07/11/2007 – 09:00:40 | N | 0 Ko] – E:eula.1041.txt
    [07/11/2007 – 09:00:40 | N | 10 Ko] – E:eula.1033.txt
    [07/11/2007 – 09:00:40 | N | 17 Ko] – E:eula.1036.txt
    [07/11/2007 – 09:00:40 | N | 17 Ko] – E:eula.1028.txt
    [07/11/2007 – 09:00:40 | N | 17 Ko] – E:eula.1031.txt
    [07/11/2007 – 09:53:12 | N | 237 Ko] – E:VC_RED.MSI
    [20/01/2014 – 15:49:35 | D] – E:Config.Msi
    [07/11/2007 – 09:00:40 | N | 1 Ko] – E:globdata.ini
    [07/11/2007 – 09:00:40 | N | 1 Ko] – E:install.ini
    [08/02/2014 – 23:41:08 | N | 0 Ko] – E:mapui.ini
    [08/02/2014 – 23:41:30 | N | 1 Ko] – E:attach.ini
    [07/11/2007 – 09:44:20 | N | 835 Ko | VirusTotal – (0/52)] – E:install.exe
    [07/11/2007 – 09:44:20 | N | 92 Ko | VirusTotal – (0/52)] – E:install.res.1040.dll
    [07/11/2007 – 09:44:20 | N | 94 Ko | VirusTotal – (0/52)] – E:install.res.1036.dll
    [07/11/2007 – 09:44:20 | N | 73 Ko | VirusTotal – (0/48)] – E:install.res.2052.dll
    [07/11/2007 – 09:44:20 | N | 88 Ko | VirusTotal – (0/49)] – E:install.res.1033.dll
    [07/11/2007 – 09:44:20 | N | 79 Ko | VirusTotal – (0/53)] – E:install.res.1041.dll
    [07/11/2007 – 09:44:20 | N | 93 Ko | VirusTotal – (0/52)] – E:install.res.3082.dll
    [07/11/2007 – 09:44:20 | N | 77 Ko | VirusTotal – (0/52)] – E:install.res.1042.dll
    [07/11/2007 – 09:44:20 | N | 74 Ko | VirusTotal – (0/51)] – E:install.res.1028.dll
    [07/11/2007 – 09:44:20 | N | 93 Ko | VirusTotal – (0/47)] – E:install.res.1031.dll
    [07/11/2007 – 09:50:40 | N | 1883 Ko] – E:VC_RED.cab
    [07/11/2007 – 09:00:40 | N | 6 Ko] – E:vcredist.bmp
    [11/01/2014 – 17:09:36 | SHD] – E:$RECYCLE.BIN
    [11/01/2014 – 17:40:41 | D] – E:Malwarebytes' Anti-Malware
    [11/01/2014 – 19:18:20 | RHD] – E:MSOCache
    [11/01/2014 – 19:44:30 | D] – E:AMD
    [11/01/2014 – 19:48:59 | D] – E:ATI Technologies
    [11/01/2014 – 20:54:25 | SHD] – E:System Volume Information
    [20/01/2014 – 15:39:12 | D] – E:Microsoft Office
    [29/01/2014 – 14:57:14 | D] – E:GIMP 2
    [19/02/2014 – 15:13:46 | D] – E:Spectacle Clement
    [20/02/2014 – 19:59:49 | D] – E:Programmes Créatifs
    [21/02/2014 – 21:46:23 | D] – E:REencodeur
    [23/02/2014 – 22:51:08 | D] – E:$AVG
    [08/03/2014 – 11:26:44 | D] – E:Mumble
    [13/03/2014 – 11:36:15 | D] – E:FreeMi UPnP Media Server
    [01/04/2014 – 11:21:20 | D] – E:Jeux
    [27/04/2014 – 11:09:19 | D] – E:Handbrake
    [27/04/2014 – 11:22:51 | D] – E:MKVToolNix
    [02/05/2014 – 05:49:31 | D] – E:Mozilla
    [16/05/2014 – 11:16:43 | D] – E:Nokia Suite
    [07/06/2014 – 07:03:56 | D] – E:Free Download Manager
    [07/06/2014 – 07:21:49 | D] – E:Ebook

    ################## | F: – Disque Fixe (NTFS) |

    [08/04/2013 – 01:45:00 | N | 1024 Ko] – F:ReadMe.pdf
    [02/11/2012 – 22:39:44 | N | 0 Ko] – F:autorun.inf
    [13/10/2013 – 14:04:48 | N | 6016 Ko] – F:test_write1.dvr
    [13/10/2013 – 14:04:53 | N | 6016 Ko] – F:test_write2.dvr
    [27/01/2014 – 10:10:03 | ASH | 7 Ko] – F:Thumbs.db
    [07/06/2014 – 10:39:15 | SHD] – F:$RECYCLE.BIN
    [10/08/2013 – 18:45:19 | SHD] – F:System Volume Information
    [13/10/2013 – 14:04:48 | D] – F:ALIDVR
    [27/01/2014 – 10:10:02 | D] – F:autorun
    [16/02/2014 – 18:46:19 | SHD] – F:RECYCLER
    [13/04/2014 – 11:31:45 | D] – F:ReseauCCG

    ################## | H: – Disque Fixe (NTFS) |

    [11/01/2014 – 15:20:13 | SHD] – H:$RECYCLE.BIN
    [13/09/2013 – 06:25:45 | D] – H:Gael Mege
    [13/09/2013 – 11:47:32 | SHD] – H:System Volume Information
    [04/02/2014 – 22:20:39 | D] – H:Les indispensables ^^
    [16/04/2014 – 14:13:37 | D] – H:ReseauCCG
    [25/04/2014 – 10:00:43 | D] – H:$AVG
    [25/04/2014 – 12:21:29 | D] – H:jobs

    ################## | I: – Disque Fixe (NTFS) |

    [11/01/2014 – 20:41:32 | N | 1 Ko] – I:MediaID.bin
    [11/01/2014 – 20:55:11 | SHD] – I:$RECYCLE.BIN
    [02/02/2014 – 20:01:11 | D] – I:MEGEGAEL-PC
    [09/02/2014 – 20:01:32 | D] – I:WindowsImageBackup
    [18/05/2014 – 19:01:29 | D] – I:GAELMEGE-PC
    [01/06/2014 – 19:09:55 | SHD] – I:System Volume Information

    ################## | Vaccin |

    E:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
    F:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
    H:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
    I:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

    ################## | E.O.F | https://www.sosvirus.net/ | http://www.usbfix.net/ |[/spoiler:1kvd61c7]
    J’ai branché un disque dur qui et normalement branché sur ma freebox pour servir à l’ensemble des PC sur mon “réseau domestique”
    Si il faut désinfecter les autres PC je ferais un nouveau post avec le PC conserné.
    Merci de ta réponse rapide 🙂
    Je vais m’absenter 1 heure ou 2 (je préviens pour pas que tu t’impatiente (je pensais pas que ça soit aussi rapide).
    P.S. : Par contre, pourquoi désinstaller spybot ?(j’aime bien savoir) ^^ merci

  • buckhulk
    Participant
    Nombre d'articles : 2391
    Je vais m'absenter 1 heure ou 2 (je préviens pour pas que tu t'impatiente (je pensais pas que ça soit aussi rapide)

    pas de problèmes.. 😉

    P.S. : Par contre, pourquoi désinstaller spybot ?(j'aime bien savoir) ^^ merci

    parcequ’il ne sert à rien et n’est plus mis à jour il vaut mieux utiliser Malwarebytes une fois par mois (si utilisation simple de l’ordi )

    as-tu mis java à jour comme demandé ?

    refais moi un ZHPDiag pour vérifier stp
    :merci2:

  • Kaikai01
    Participant
    Nombre d'articles : 12

    Oups 😡
    Oui j’ai bien mis java à jour (update 60)
    Le nouveau rapport de ZHPdiag :
    [spoiler:2nem0zbq]~ Rapport de ZHPDiag v2014.6.7.86 – Nicolas Coolman (07/06/2014)
    ~ Lancé par MEGE GAEL (07/06/2014 13:03:44)
    ~ Adresse du Site Web http://nicolascoolman.fr” onclick=”window.open(this.href);return false;
    ~ Traduit par Nicolas Coolman
    ~ Etat de la version : Version à jour.
    ~ Liste blanche : Activée par le programme
    ~ Elévation des Privilèges : OK
    ~ User Account Control (UAC): Deactivate by program

    —\ Navigateurs Internet
    MSIE: Internet Explorer v11.0.9600.17107
    MFIE: Mozilla Firefox 29.0.1 (Defaut)

    —\ Informations sur les produits Windows
    ~ Langage: Français
    Windows 7 Ultimate, 64-bit Service Pack 1 (Build 7601)
    Windows Server License Manager Script : OK

    —\ Logiciels de protection du système
    AVG 2014 v14.0.3955
    Malwarebytes Anti-Malware version 1.75.0.1300
    Windows Defender W7 (Deactivate)

    —\ Logiciels d'optimisation du système

    —\ Logiciels de partage PeerToPeer

    —\ Surveillance de Logiciels
    Adobe Flash Player 13 Plugin
    Java 7 Update 60

    —\ Informations sur le système
    ~ Processor: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
    ~ Operating System: 64 Bits
    Boot mode: Normal (Normal boot)
    Total RAM: 4095 MB (55% free)
    System Restore: Activé (Enable)
    System drive C: has 74 GB (66%) free of 112 GB

    —\ Mode de connexion au système
    ~ Computer Name: GAELMEGE-PC
    ~ User Name: MEGE GAEL
    ~ All Users Names: MEGE GAEL, HomeGroupUser$, Administrateur,
    ~ Unselected Option: None
    Logged in as Administrator

    —\ Variables d'environnement
    ~ System Unit : C:
    ~ %AppZHP% : C:UsersMEGE GAELAppDataRoamingZHP
    ~ %AppData% : C:UsersMEGE GAELAppDataRoaming
    ~ %Desktop% : C:UsersMEGE GAELDesktop
    ~ %Favorites% : C:UsersMEGE GAELFavorites
    ~ %LocalAppData% : C:UsersMEGE GAELAppDataLocal
    ~ %StartMenu% : C:UsersMEGE GAELAppDataRoamingMicrosoftWindowsStart Menu
    ~ %Windir% : C:Windows
    ~ %System% : C:WindowsSystem32

    —\ Enumération des unités disques
    C: Hard drive, Flash drive, Thumb drive (Free 74 Go of 112 Go)
    D: CD-ROM drive (Free 0 Go of 0 Go)
    E: Hard drive, Flash drive, Thumb drive (Free 410 Go of 466 Go)
    F: Hard drive, Flash drive, Thumb drive (Free 606 Go of 931 Go)
    H: Hard drive, Flash drive, Thumb drive (Free 376 Go of 932 Go)
    I: Hard drive, Flash drive, Thumb drive (Free 175 Go of 298 Go)

    —\ Etat du Centre de Sécurité Windows
    [HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesExplorer] NoActiveDesktopChanges: Modified
    [HKLMSOFTWAREMicrosoftWindowsCurrentVersionWindowsUpdateAuto UpdateResultsInstall] LastSuccessTime : Out Of Date
    ~ Security Center: 41 Legitimates Filtered in 00mn 00s

    —\ Recherche particulière de fichiers génériques
    [MD5.AC4C51EB24AA95B77F705AB159189E24] – (.Microsoft Corporation – Explorateur Windows.) (.20/11/2010 – 14:24:45.) — C:WindowsExplorer.exe [2872320]
    [MD5.94355C28C1970635A31B3FE52EB7CEBA] – (.Microsoft Corporation – Application de démarrage de Windows.) (.14/07/2009 – 02:39:52.) — C:WindowsSystem32Wininit.exe [129024]
    [MD5.F220BA78AB542C70211D73AE4729B2CD] – (.Microsoft Corporation – Extensions Internet pour Win32.) (.06/03/2014 – 07:22:40.) — C:WindowsSystem32wininet.dll [2260480]
    [MD5.88AB9B72B4BF3963A0DE0820B4B0B06C] – (.Microsoft Corporation – Application d’ouverture de session Windows.) (.04/03/2014 – 10:43:50.) — C:WindowsSystem32Winlogon.exe [455168]
    [MD5.067FA52BFB59A56110A12312EF9AF243] – (.Microsoft Corporation – Bibliothèque de licences.) (.20/11/2010 – 14:27:26.) — C:WindowsSystem32sppcomapi.dll [232448]
    [MD5.79059559E89D06E8B80CE2944BE20228] – (.Microsoft Corporation – Ancillary Function Driver for WinSock.) (.28/09/2013 – 02:09:10.) — C:Windowssystem32DriversAFD.sys [497152]
    [MD5.02062C0B390B7729EDC9E69C680A6F3C] – (.Microsoft Corporation – ATAPI IDE Miniport Driver.) (.14/07/2009 – 02:52:21.) — C:Windowssystem32Driversatapi.sys [24128]
    [MD5.B8BD2BB284668C84865658C77574381A] – (.Microsoft Corporation – CD-ROM File System Driver.) (.14/07/2009 – 00:19:47.) — C:Windowssystem32DriversCdfs.sys [92160]
    [MD5.F036CE71586E93D94DAB220D7BDF4416] – (.Microsoft Corporation – SCSI CD-ROM Driver.) (.20/11/2010 – 10:19:21.) — C:Windowssystem32DriversCdrom.sys [147456]
    [MD5.9BB2EF44EAA163B29C4A4587887A0FE4] – (.Microsoft Corporation – DFS Namespace Client Driver.) (.20/11/2010 – 10:26:32.) — C:Windowssystem32DriversDfsC.sys [102400]
    [MD5.97BFED39B6B79EB12CDDBFEED51F56BB] – (.Microsoft Corporation – High Definition Audio Bus Driver.) (.20/11/2010 – 11:43:43.) — C:Windowssystem32DriversHDAudBus.sys [122368]
    [MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] – (.Microsoft Corporation – Pilote de port i8042.) (.14/07/2009 – 00:19:57.) — C:Windowssystem32Driversi8042prt.sys [105472]
    [MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] – (.Microsoft Corporation – IP Network Address Translator.) (.14/07/2009 – 01:10:03.) — C:Windowssystem32DriversIpNat.sys [116224]
    [MD5.A5D9106A73DC88564C825D317CAC68AC] – (.Microsoft Corporation – Windows NT SMB Minirdr.) (.27/04/2011 – 03:40:40.) — C:Windowssystem32DriversMRxSmb.sys [158208]
    [MD5.09594D1089C523423B32A4229263F068] – (.Microsoft Corporation – MBT Transport driver.) (.20/11/2010 – 10:23:20.) — C:Windowssystem32DriversnetBT.sys [261632]
    [MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] – (.Microsoft Corporation – Pilote du système de fichiers NT.) (.12/04/2013 – 15:45:08.) — C:Windowssystem32Driversntfs.sys [1656680]
    [MD5.0086431C29C35BE1DBC43F52CC273887] – (.Microsoft Corporation – Pilote de port parallèle.) (.14/07/2009 – 01:00:41.) — C:Windowssystem32DriversParport.sys [97280]
    [MD5.471815800AE33E6F1C32FB1B97C490CA] – (.Microsoft Corporation – RAS L2TP mini-port/call-manager driver.) (.20/11/2010 – 11:52:35.) — C:Windowssystem32DriversRasl2tp.sys [129536]
    [MD5.1B6163C503398B23FF8B939C67747683] – (.Microsoft Corporation – Microsoft RDP Device redirector.) (.20/11/2010 – 12:06:41.) — C:Windowssystem32Driversrdpdr.sys [165888]
    [MD5.548260A7B8654E024DC30BF8A7C5BAA4] – (.Microsoft Corporation – SMB Transport driver.) (.14/07/2009 – 01:09:09.) — C:Windowssystem32Driverssmb.sys [93184]
    [MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] – (.Microsoft Corporation – TDI Translation Driver.) (.20/11/2010 – 10:21:56.) — C:Windowssystem32Driverstdx.sys [119296]
    [MD5.0D08D2F3B3FF84E433346669B5E0F639] – (.Microsoft Corporation – Pilote de cliché instantané du volume.) (.20/11/2010 – 14:34:02.) — C:Windowssystem32Driversvolsnap.sys [295808]
    ~ Generic Processes: Scanned in 00mn 00s

    —\ Etat des fichiers cachés (Caché/Total)
    ~ Mes images (My Pictures) : 1/88
    ~ Mes Favoris (My Favorites) : 1/26
    ~ Mes Documents (My Documents) : 2/6
    ~ Mon Bureau (My Desktop) : 2/11
    ~ Menu demarrer (Programs) : 1/30
    ~ Hidden Files: Scanned in 00mn 00s

    —\ Processus lancés
    [MD5.561CE09C52F6E945ED4CE7E173D1F542] – (.AVG Technologies CZ, s.r.o. – AVG Identity Protection Service.) — C:Program Files (x86)AVGAVG2014avgidsagent.exe [3644432] [PID.1752]
    [MD5.E5C581D358B62CF65776B8E4E17B9E5C] – (.AVG Technologies CZ, s.r.o. – AVG Watchdog Service.) — C:Program Files (x86)AVGAVG2014avgwdsvc.exe [292424] [PID.1860]
    [MD5.C8F0DCA0E032881B6C4422B502194629] – (.AVG Technologies CZ, s.r.o. – AVG User Interface.) — C:Program Files (x86)AVGAVG2014avgui.exe [5181456] [PID.3332]
    [MD5.0DA891CB0703D912CEAFA072F54D002B] – (.Mozilla Corporation – Firefox.) — C:Program Files (x86)Mozilla Firefoxfirefox.exe [275568] [PID.5376]
    [MD5.28B02EA673489A4EFBB20A9B302D523C] – (.Mozilla Corporation – Plugin Container for Firefox.) — C:Program Files (x86)Mozilla Firefoxplugin-container.exe [18544] [PID.4108]
    [MD5.038053B5DB6B0DCFB32B7682334B7625] – (.Adobe Systems, Inc. – Adobe Flash Player 13.0 r0.) — C:WindowsSysWOW64MacromedFlashFlashPlayerPlugin_13_0_0_214.exe [1863856] [PID.5560]
    [MD5.103EB6A11590470DAF516D65718263C9] – (.Nicolas Coolman – ZHPDiag.) — C:Program Files (x86)ZHPDiagZHPDiag.exe [8065536] [PID.3388]
    ~ Processes Running: Scanned in 00mn 00s

    —\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
    C:UsersMEGE GAELAppDataRoamingMozillaFirefoxProfilesk67hxax4.defaultprefs.js
    M3 – MFPP: Plugins – [MEGE GAEL] — C:UsersMEGE GAELAppDataRoamingMozillaFirefoxProfilesk67hxax4.defaultsearchpluginsutorrentbarfr-customized-web-search.xml =>Toolbar.Conduit
    M0 – MFSP: prefs.js [MEGE GAEL – k67hxax4.default] about:newtab
    M2 – MFEP: prefs.js [MEGE GAEL – k67hxax4.default{3d7eb24f-2740-49df-8937-200b1cc08f8a}] [] Flashblock v1.5.17 (..)
    ~ Firefox Browser: 10 Legitimates Filtered in 00mn 00s

    —\ Internet Explorer, Proxy Management (R5)
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = no key
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyEnable = 0
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,MigrateProxy = 1
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,EnableHttp1_1 = 1
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,AutoConfigProxy = wininet.dll
    ~ Proxy management: Scanned in 00mn 00s

    —\ Analyse des lignes F0, F1, F2, F3 – IniFiles, Autoloading programs
    F2 – REG:system.ini: USERINIT=C:Windowssystem32userinit.exe,
    F2 – REG:system.ini: Shell=C:Windowsexplorer.exe
    F2 – REG:system.ini: VMApplet=C:WindowsSystem32SystemPropertiesPerformance.exe
    ~ Keys: Scanned in 00mn 00s

    —\ Hosts file redirection (O1)
    ~ Le fichier hosts est sain (The hosts file is clean).
    ~ Hosts File: Scanned in 00mn 04s
    ~ Nombre de lignes (Lines number): 15516

    —\ Applications lancées au démarrage du système (O4)
    O4 – HKCU..Run: [GUDelayStartup] . (.Glarysoft Ltd – StartupManager.) — C:Program Files (x86)Glary Utilities 5StartupManager.exe
    O4 – HKCU..Run: [AVG-Secure-Search-Update_1213b] C:UsersMEGE GAELAppDataRoamingAVG 1213b CampaignAVG-Secure-Search-Update-1213b.exe (.not file.) =>Toolbar.AVGSearch
    O4 – HKCU..Run: [bluebirds] . (.LG Electronics – BlueBirds Module.) — C:UsersMEGE GAELBluebirdsBlueBirds.exe
    O4 – HKCU..Run: [AVG-Secure-Search-Update_0214c] C:UsersMEGE GAELAppDataRoamingAVG 0214c CampaignAVG-Secure-Search-Update-0214c.exe (.not file.) =>Toolbar.AVGSearch
    O4 – HKCU..Run: [FreeMi UPnP Media Server] . (.Stéphane Mitermite – FreeMi UPnP Media Server.) — E:FreeMi UPnP Media ServerFreeMi UPnP Media Server.exe
    O4 – HKCU..Run: [Free Download Manager] . (.FreeDownloadManager.ORG – Free Download Manager.) — E:Free Download Managerfdm.exe
    O4 – HKCU..Run: [NokiaSuite.exe] . (.Nokia – Nokia Suite.) — C:Program Files (x86)NokiaNokia SuiteNokiaSuite.exe
    O4 – HKLM..Wow6432NodeRun: [AVG_UI] . (.AVG Technologies CZ, s.r.o. – AVG User Interface.) — C:Program Files (x86)AVGAVG2014avgui.exe
    O4 – HKLM..Wow6432NodeRun: [IAStorIcon] . (.Intel Corporation – Delayed launcher.) — C:Program Files (x86)IntelIntel(R) Rapid Storage TechnologyIAStorIconLaunch.exe
    O4 – HKLM..Wow6432NodeRun: [SunJavaUpdateSched] . (.Oracle Corporation – Java(TM) Update Scheduler.) — C:Program Files (x86)Common FilesJavaJava Updatejusched.exe =>.Oracle Corporation
    O4 – HKUSS-1-5-19..Run: [Sidebar] . (.Microsoft Corporation – Gadgets du Bureau Windows.) — C:Program Files (x86)Windows SidebarSidebar.exe =>.Microsoft Corporation
    O4 – HKUSS-1-5-20..Run: [Sidebar] . (.Microsoft Corporation – Gadgets du Bureau Windows.) — C:Program Files (x86)Windows SidebarSidebar.exe =>.Microsoft Corporation
    O4 – HKUS.DEFAULT..RunOnce: [SPReview] . (.Microsoft Corporation – SP Reviewer.) — C:WindowsSystem32SPReviewSPReview.exe =>.Microsoft Corporation
    O4 – HKUSS-1-5-18..RunOnce: [SPReview] . (.Microsoft Corporation – SP Reviewer.) — C:WindowsSystem32SPReviewSPReview.exe =>.Microsoft Corporation
    O4 – HKUSS-1-5-19..RunOnce: [mctadmin] . (.Microsoft Corporation – MCTAdmin.) — C:WindowsSystem32mctadmin.exe =>.Microsoft Corporation
    O4 – HKUSS-1-5-20..RunOnce: [mctadmin] . (.Microsoft Corporation – MCTAdmin.) — C:WindowsSystem32mctadmin.exe =>.Microsoft Corporation
    O4 – HKUSS-1-5-21-507685455-2490628450-608314737-1001..Run: [GUDelayStartup] . (.Glarysoft Ltd – StartupManager.) — C:Program Files (x86)Glary Utilities 5StartupManager.exe
    O4 – HKUSS-1-5-21-507685455-2490628450-608314737-1001..Run: [AVG-Secure-Search-Update_1213b] C:UsersMEGE GAELAppDataRoamingAVG 1213b CampaignAVG-Secure-Search-Update-1213b.exe (.not file.) =>Toolbar.AVGSearch
    O4 – HKUSS-1-5-21-507685455-2490628450-608314737-1001..Run: [bluebirds] . (.LG Electronics – BlueBirds Module.) — C:UsersMEGE GAELBluebirdsBlueBirds.exe
    O4 – HKUSS-1-5-21-507685455-2490628450-608314737-1001..Run: [AVG-Secure-Search-Update_0214c] C:UsersMEGE GAELAppDataRoamingAVG 0214c CampaignAVG-Secure-Search-Update-0214c.exe (.not file.) =>Toolbar.AVGSearch
    O4 – HKUSS-1-5-21-507685455-2490628450-608314737-1001..Run: [FreeMi UPnP Media Server] . (.Stéphane Mitermite – FreeMi UPnP Media Server.) — E:FreeMi UPnP Media ServerFreeMi UPnP Media Server.exe
    O4 – HKUSS-1-5-21-507685455-2490628450-608314737-1001..Run: [Free Download Manager] . (.FreeDownloadManager.ORG – Free Download Manager.) — E:Free Download Managerfdm.exe
    O4 – HKUSS-1-5-21-507685455-2490628450-608314737-1001..Run: [NokiaSuite.exe] . (.Nokia – Nokia Suite.) — C:Program Files (x86)NokiaNokia SuiteNokiaSuite.exe
    ~ Application: Scanned in 00mn 00s

    —\ Modification Domaine/Adresses DNS (O17)
    O17 – HKLMSystemCCSServicesTcpip..{1F35FBEF-BB14-4268-ACF3-739C09A4C4E4}: DhcpNameServer = 192.168.0.254
    O17 – HKLMSystemCCSServicesTcpip..{CD378C4E-6253-4414-A0A0-D47B6F4E7655}: DhcpNameServer = 192.168.0.254
    O17 – HKLMSystemCS1ServicesTcpip..{1F35FBEF-BB14-4268-ACF3-739C09A4C4E4}: DhcpNameServer = 192.168.0.254
    O17 – HKLMSystemCS1ServicesTcpip..{CD378C4E-6253-4414-A0A0-D47B6F4E7655}: DhcpNameServer = 192.168.0.254
    O17 – HKLMSystemCS2ServicesTcpip..{1F35FBEF-BB14-4268-ACF3-739C09A4C4E4}: DhcpNameServer = 192.168.0.254
    O17 – HKLMSystemCS2ServicesTcpip..{CD378C4E-6253-4414-A0A0-D47B6F4E7655}: DhcpNameServer = 192.168.0.254
    O17 – HKLMSystemCCSServicesTcpipParameters: DhcpNameServer = 192.168.0.254
    ~ Domain: Scanned in 00mn 00s

    —\ Protocole additionnel (O18)
    O18 – Handler: vbscript [64Bits] – {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation – Visionneuse HTML Microsoft (R).) — C:WindowsSystem32mshtml.dll =>.Microsoft Corporation
    O18 – Filter: text/xml [64Bits] – {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation – Microsoft Office XML MIME Filter.) — C:Program FilesCommon FilesMicrosoft SharedOFFICE12MSOXMLMF.dll =>.Microsoft Corporation
    ~ Protocole Additionnel: Scanned in 00mn 00s

    —\ Enumère les données de BootExecute (BEX) (O34)
    O34 – HKLM BootExecute: (autocheck autochk * ) – File not found
    ~ BEX: 1 Legitimates Filtered in 00mn 00s

    —\ Tâches planifiées en automatique (O39)
    [MD5.00000000000000000000000000000000] [APT] [{46F843C0-679F-4868-900F-2D0959B958A0}] (…) — H:ReseauCCGT‚l‚chargementVia FirefoxLanguagePack.exe (.not file.) [0]
    O39 – APT: – (..) — C:WindowsSystem32TasksAdobe Flash Player Updater [1002]
    O39 – APT: – (..) — C:WindowsSystem32TasksGlaryInitialize 5 [340]
    ~ Scheduled Task: 6 Legitimates Filtered in 00mn 01s

    —\ HKCU & HKLM Software Keys
    [HKCUSoftwareHLDS]
    ~ Key Software: 205 Legitimates Filtered in 00mn 00s

    —\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
    O43 – CFD: 01/03/2014 – 10:22:30 – [] —-D C:UsersMEGE GAELAppDataLocalStéphane_Mitermite
    O43 – CFD: 11/01/2014 – 17:01:11 – [] —-D C:UsersMEGE GAELAppDataRoamingMicrosoftWindowsStart MenuProgramsBluebirds
    ~ Program Folder: 142 Legitimates Filtered in 00mn 00s

    —\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
    O44 – LFC:[MD5.0A34066D56D57C0DA73BFFC1E4169FF2] – 07/06/2014 – 09:29:46 —A- . (…) — C:Windowswininit.ini [85]
    O44 – LFC:[MD5.D4385950E30FA543F1D7FD5F63A29757] – 07/06/2014 – 09:31:52


    . (…) — C:BackupLoader.ini [234]
    ~ Files: 14 Legitimates Filtered in 00mn 01s

    —\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
    O55 – MWPS:[HKLM…PoliciesSystem] – “EnableUIADesktopToggle”=0
    O55 – MWPS:[HKLM…PoliciesSystem] – “FilterAdministratorToken”=0
    ~ MWPS: 16 Legitimates Filtered in 00mn 00s

    —\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
    O56 – MWPE:[HKLM…policiesExplorer] – “NoActiveDesktopChanges”=1
    ~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s

    —\ Liste des pilotes du système (SDL) (O58)
    O58 – SDL:29/03/2005 – 01:30:38 —A- . (.Pas de propriétaire – ATK0110 ACPI Utility.) — C:WindowsSystem32DriversASACPI.sys [8192]
    O58 – SDL:14/07/2009 – 02:47:48 —A- . (.Emulex – Storport Miniport Driver for LightPulse HBAs.) — C:WindowsSystem32Driverselxstor.sys [530496]
    O58 – SDL:10/06/2009 – 21:31:59 —A- . (.Hauppauge Computer Works, Inc. – Hauppauge WinTV 885 Consumer IR Driver for eHome.) — C:WindowsSystem32Drivershcw85cir.sys [31232]
    O58 – SDL:14/07/2009 – 02:45:55 —A- . (.Promise Technology – Promise SuperTrak EX Series Driver for Windows.) — C:WindowsSystem32Driversstexstor.sys [24656]
    ~ Drivers: 69 Legitimates Filtered in 00mn 00s

    —\ Liste des outils de désinfection (LATC) (O63)
    O63 – Logiciel: UsbFix – (.El Desaparecido – http://www.usbfix.net” onclick=”window.open(this.href);return false; – https://www.sosvirus.net.)” onclick=”window.open(this.href);return false; [HKLM] — Usbfix
    O63 – Logiciel: ZHPDiag 2014 – (.Nicolas Coolman.) [HKLM] — ZHPDiag_is1 =>.Nicolas Coolman
    ~ ADS: Scanned in 00mn 00s

    —\ Liste les services legacy du registre (LALS) (O64)
    O64 – Services: CurCS – 13/05/2014 – C:WindowsSystem32DRIVERSavgtdia.sys (Avgtdia) .(.AVG Technologies CZ, s.r.o. – AVG Network connection watcher.) – LEGACY_AVGTDIA
    O64 – Services: CurCS – 30/05/2012 – C:WindowsSystem32DRIVERSiaStor.sys (iaStor) .(.Intel Corporation – Intel Rapid Storage Technology driver – x64.) – LEGACY_IASTOR
    ~ Legacy: 80 Legitimates Filtered in 00mn 00s

    —\ Menu de démarrage Internet (SMI) (O68)
    O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Mozilla Corporation – Firefox.) — C:Program Files (x86)Mozilla Firefoxfirefox.exe
    O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Microsoft Corporation – Internet Explorer.) — C:Program FilesInternet Exploreriexplore.exe
    ~ Keys: Scanned in 00mn 00s

    —\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
    O69 – SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} – (Bing) – http://www.bing.com” onclick=”window.open(this.href);return false;
    ~ Keys: Scanned in 00mn 00s

    —\ Recherche de clés de registre Tracing (O100)
    HKLMSOFTWAREWow6432NodeMicrosoftTracingAVG-Secure-Search-Update-1213b_RASAPI32 =>Toolbar.AVGSearch
    HKLMSOFTWAREWow6432NodeMicrosoftTracingAVG-Secure-Search-Update-1213b_RASMANCS =>Toolbar.AVGSearch
    ~ BTK: 67 Legitimates Filtered in 00mn 00s

    —\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
    SS – | Demand 13/05/2014 257712 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) – C:WindowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe
    SS – | Auto 30/04/2013 238080 | (AMD External Events Utility) . (.AMD.) – C:WindowsSystem32atiesrxx.exe
    SS – | Auto 19/11/2012 14904 | (IAStorDataMgrSvc) . (.Intel Corporation.) – C:Program Files (x86)IntelIntel(R) Rapid Storage TechnologyIAStorDataMgrSvc.exe
    SS – | Demand 09/05/2014 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) – C:Program Files (x86)Mozilla Maintenance Servicemaintenanceservice.exe
    SS – | Demand 10/07/1658 0 | (npggsvc) . (.INCA Internet Co., Ltd..) – C:Windowssystem32GameMon.des
    SS – | Demand 18/04/2013 737616 | (ServiceLayer) . (.Nokia.) – C:Program Files (x86)PC Connectivity SolutionServiceLayer.exe
    SS – | Demand 14/07/2009 27136 | C:Program Files (x86)Windows Defendermpsvc.dll (WinDefend) . (.Microsoft Corporation.) – C:WindowsSystem32svchost.exe
    SR – | Auto 13/05/2014 3644432 | (AVGIDSAgent) . (.AVG Technologies CZ, s.r.o..) – C:Program Files (x86)AVGAVG2014avgidsagent.exe
    SR – | Auto 13/05/2014 292424 | (avgwd) . (.AVG Technologies CZ, s.r.o..) – C:Program Files (x86)AVGAVG2014avgwdsvc.exe
    SR – | Auto 01/04/2014 2818888 | (MaConfigAgent) . (.CybelSoft.) – C:Program Filesma-config.comMaConfigAgent.exe
    SR – | Auto 10/07/1658 0 | (WMPNetworkSvc) . (…) – C:Program Files (x86)Windows Media Playerwmpnetwk.exe =>.Microsoft Corporation
    SR – | Auto 14/07/2009 27136 | C:WindowsSystem32wuaueng.dll (wuauserv) . (.Microsoft Corporation.) – C:WindowsSystem32svchost.exe
    ~ Services: Scanned in 00mn 05s

    —\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
    Run by MEGE GAEL at 07/06/2014 13:05:19
    ~ OS 64 not supported by MBR tool
    ~ MBR: 0 Legitimates Filtered in 00mn 00s

    —\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
    Written by ad13, http://ad13.geekstog” onclick=”window.open(this.href);return false;
    Run by MEGE GAEL at 07/06/2014 13:05:21
    ********* Dump file Name *********
    C:PhysicalDisk0_MBR.bin
    ~ MBR: Scanned in 00mn 02s

    —\ Scan Additionnel (O88)
    Database Version : 13026 – (07/06/2014)
    Clés trouvées (Keys found) : 0
    Valeurs trouvées (Values found) : 1
    Dossiers trouvés (Folders found) : 0
    Fichiers trouvés (Files found) : 0

    [HKCUSOFTWAREMicrosoftWindowsCurrentVersionRun]:AVG-Secure-Search-Update_1213b =>Toolbar.AVGSearch^
    ~ Additionnel Scan: 189239 Items scanned in 00mn 20s

    —\ Informations complémentaires sur les modules
    ~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/” onclick=”window.open(this.href);return false; =>.Internet Explorer, Proxy Management (R5)
    ~ AMI: 1 Legitimates Filtered in 00mn 00s

    —\ Récapitulatif des détections trouvées sur votre station
    http://nicolascoolman.fr/toolbar-conduit” onclick=”window.open(this.href);return false; =>Toolbar.Conduit
    ~ MSI: 1 link(s) detected in 00mn 00s

    ~ 659 Legitimates filtered by white list
    End of the scan (353 lines in 01mn 58s)(0)[/spoiler:2nem0zbq]
    Merci 🙂

  • buckhulk
    Participant
    Nombre d'articles : 2391

    comment ça va maintenant car à part la toolbar de AVG plus d’infection 😀

    ^^

  • Kaikai01
    Participant
    Nombre d'articles : 12

    Alors j’ai plus de problèmes au démarrage (je suis un peu chiant pour un truc qui dérangeait pas vraiment le démarrage :x).
    Le DLLhost.exe a l’air de ne plus être là. Donc je dirai qu’il ne clignote plus :p
    La barre avg est-elle utile, si la réponse est non, comment l’enlever ?

    Merci d’avoir utilisé de ton temps pour m’aider même si j’ai pas compris comment les manipulations que j’ai fait on pu changer quelques chose au démarrage de mon PC ^^

    Merci encore pour l’explication sur spybot 2 je trouvait qu’il n’y avait pas souvent de mise à jour 🙂 Je comprends mieux.
    P.S. : Du coup je vais passer sur le 2eme PC de la Maison pour faire un Poste sur le forum ^^

  • buckhulk
    Participant
    Nombre d'articles : 2391
    La barre avg est-elle utile, si la réponse est non, comment l'enlever ?

    non pas vraiment mais pas infectieuse non plus !

    pour la désactiver , je crois que tu dois faire un clic droit en haut et désactiver simplement mais si cela ne te gène pas c’est pas important !
    si plus de problèmes …..
    voici les canneds de fin :

    [fin2desinf:y6dqy65u][/fin2desinf:y6dqy65u]
    [diapo2:y6dqy65u][/diapo2:y6dqy65u]

    :bye: bon week-end

Le sujet ‘J’ai utiliser la clef USB de mon patron j’aurai pas du.’ est fermé à de nouvelles réponses.