J’ai besoin de votre aide !! 2014-04-30T09:54:47+00:00
  • Auteur
    Messages
  • Photo du profil de Nicolas09120Nicolas09120
    Participant
    Post count: 2

    Depuis cette nuit mon pc à un soucis avec le ping il tourne coutinuellement autour de 400 ms sans aucune raison au lieu de 40 ms. Ce n’est pas normal, je pense que mon pc est infecté, j’ai donc besoin de vos lumières. Par contre je me demandais, si le problème vient vraiment de mon ordinateur ? Aurais le même problème sur un autre ordinateur connecté sur ma livebox ??

    Voici le rapport adwcleaner :

    [spoiler:bphfc5fc]# AdwCleaner v3.205 – Rapport créé le 30/04/2014 à 11:45:31
    # Mis à jour le 28/04/2014 par Xplode
    # Système d'exploitation : Windows 8 Pro (64 bits)
    # Nom d'utilisateur : Nico – NICOLAS
    # Exécuté depuis : C:UsersNicoDownloadsadwcleaner.exe
    # Option : Nettoyer

    ***** [ Services ] *****

    ***** [ Fichiers / Dossiers ] *****

    Dossier Supprimé : C:WindowsSysWOW64AI_RecycleBin
    Dossier Supprimé : C:UsersNicoAppDataLocalTempAirInstaller
    Dossier Supprimé : C:UsersNicoAppDataRoamingDefaultTab
    Fichier Supprimé : C:UsersNicoAppDataRoamingMozillaFirefoxProfilesrcp9fslh.defaultExtensionsaddon@defaulttab.com.xpi
    Fichier Supprimé : C:WindowsSystem32TasksDTReg

    ***** [ Raccourcis ] *****

    ***** [ Registre ] *****

    Clé Supprimée : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{25A3A431-30BB-47C8-AD6A-E1063801134F}
    Clé Supprimée : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{25A3A431-30BB-47C8-AD6A-E1063801134F}
    Clé Supprimée : [x64] HKLMSOFTWAREClassesInterface{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}
    Clé Supprimée : HKCUSoftwareDefaultTab
    Clé Supprimée : HKCUSoftwareSoftonic

    ***** [ Navigateurs ] *****

    -\ Internet Explorer v10.0.9200.16537

    -\ Mozilla Firefox v28.0 (fr)

    [ Fichier : C:UsersNicoAppDataRoamingMozillaFirefoxProfilesrcp9fslh.defaultprefs.js ]

    *************************

    AdwCleaner[R0].txt – [1631 octets] – [30/04/2014 11:44:42]
    AdwCleaner[S0].txt – [1466 octets] – [30/04/2014 11:45:31]

    ########## EOF – C:AdwCleanerAdwCleaner[S0].txt – [1526 octets] ##########[/spoiler:bphfc5fc]

    Rapport malwarebytes :

    [spoiler:bphfc5fc]Malwarebytes Anti-Malware
    http://www.malwarebytes.org

    Date de l'examen: 30/04/2014
    Heure de l'examen: 12:02:09
    Fichier journal: aze.txt
    Administrateur: Oui

    Version: 2.00.1.1004
    Base de données Malveillants: v2014.04.30.03
    Base de données Rootkits: v2014.03.27.01
    Licence: Essai
    Protection contre les malveillants: Activé(e)
    Protection contre les sites Web malveillants: Activé(e)
    Chameleon: Désactivé(e)

    Système d'exploitation: Windows 8
    Processeur: x64
    Système de fichiers: NTFS
    Utilisateur: Nico

    Type d'examen: Examen “Menaces”
    Résultat: Terminé
    Objets analysés: 255158
    Temps écoulé: 6 min, 55 sec

    Mémoire: Activé(e)
    Démarrage: Activé(e)
    Système de fichiers: Activé(e)
    Archives: Activé(e)
    Rootkits: Désactivé(e)
    Shuriken: Activé(e)
    PUP: Avertir
    PUM: Activé(e)

    Processus: 0
    (No malicious items detected)

    Modules: 0
    (No malicious items detected)

    Clés du Registre: 3
    PUP.Optional.DefaultTab.A, HKUS-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0SOFTWAREMICROSOFTWINDOWSCURRENTVERSIONEXPLORERBROWSER HELPER OBJECTS{7F6AFBF1-E065-4627-A2FD-810366367D01}, Mis en quarantaine, [5e1dc66afb807fb766961f002cd628d8],
    PUP.Optional.DefaultTab.A, HKUS-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0SOFTWAREAPPDATALOWSOFTWAREDefaultTab, Mis en quarantaine, [7ffccf61ed8e85b1e9fe8506649efb05],
    PUP.Optional.DefaultTab.A, HKUS-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0SOFTWAREDEFAULT TAB, Mis en quarantaine, [ee8d35fbceadd95d1fc73556986a2ad6],

    Valeurs du Registre: 1
    PUP.Optional.DefaultTab.A, HKUS-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0SOFTWAREDEFAULT TAB|Version, 2.4.8.0, Mis en quarantaine, [ee8d35fbceadd95d1fc73556986a2ad6]

    Données du Registre: 0
    (No malicious items detected)

    Dossiers: 0
    (No malicious items detected)

    Fichiers: 0
    (No malicious items detected)

    Secteurs physiques: 0
    (No malicious items detected)

    (end)[/spoiler:bphfc5fc]

    Les autres rapports vont suivre !!

  • Photo du profil de Nicolas09120Nicolas09120
    Participant
    Post count: 2

    ZHPdiag :

    [spoiler:uqlhjv87]~ Rapport de ZHPDiag v2014.4.28.48 – Nicolas Coolman (28/04/2014)
    ~ Lancé par Nico (30/04/2014 12:05:30)
    ~ Adresse du Site Web http://nicolascoolman.webs.com” onclick=”window.open(this.href);return false;
    ~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/” onclick=”window.open(this.href);return false;
    ~ Traduit par Nicolas Coolman
    ~ Etat de la version :
    ~ Liste blanche : Activée par le programme
    ~ Elévation des Privilèges : OK
    ~ User Account Control (UAC): Activate by user

    —\ Navigateurs Internet
    MSIE: Internet Explorer v10.0.9200.16863
    MFIE: Mozilla Firefox 28.0 (Defaut)

    —\ Informations sur les produits Windows
    ~ Langage: Français
    Windows 8 Pro, 64-bit (Build 9200)
    Windows Server License Manager Script : OK
    ~ Windows(R) Operating System, VOLUME_MAK channel
    Windows ID Activation : OK
    ~ Windows Partial Key : QV3HC
    Windows License : OK
    ~ Windows Remaining Initializations Number : 1000
    Software Protection Service (Protection logicielle) : OK
    Windows Automatic Updates : OK
    Windows Activation Technologies : OK

    —\ Logiciels de protection du système
    Kaspersky Internet Security v14.0.0.4651
    Malwarebytes Anti-Malware version 2.0.1.1004
    SUPERAntiSpyware v5.7.1018
    Windows Defender W8

    —\ Logiciels d'optimisation du système

    —\ Logiciels de partage PeerToPeer
    Pando Media Booster v2.6.0.7

    —\ Surveillance de Logiciels
    Adobe Flash Player 13 Plugin
    Adobe Reader XI
    Java 7 Update 51

    —\ Informations sur le système
    ~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
    ~ Operating System: 64 Bits
    Boot mode: Normal (Normal boot)
    Total RAM: 8175 MB (78% free)
    System Restore: Activé (Enable)
    System drive C: has 222 GB (47%) free of 466 GB

    —\ Mode de connexion au système
    ~ Computer Name: NICOLAS
    ~ User Name: Nico
    ~ All Users Names: Nico, HomeGroupUser$, Administrateur,
    ~ Unselected Option: None
    Logged in as Administrator

    —\ Variables d'environnement
    ~ System Unit : C:
    ~ %AppZHP% : C:UsersNicoAppDataRoamingZHP
    ~ %AppData% : C:UsersNicoAppDataRoaming
    ~ %Desktop% : C:UsersNicoDesktop
    ~ %Favorites% : C:UsersNicoFavorites
    ~ %LocalAppData% : C:UsersNicoAppDataLocal
    ~ %StartMenu% : C:UsersNicoAppDataRoamingMicrosoftWindowsStart Menu
    ~ %Windir% : C:Windows
    ~ %System% : C:WindowsSystem32

    —\ Enumération des unités disques
    C: Hard drive, Flash drive, Thumb drive (Free 222 Go of 466 Go)
    D: Hard drive, Flash drive, Thumb drive (Free 493 Go of 1863 Go)
    F: CD-ROM drive (Free 0 Go of 7 Go)

    —\ Etat du Centre de Sécurité Windows
    [HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesExplorer] NoActiveDesktopChanges: Modified
    ~ Security Center: 46 Legitimates Filtered in 00mn 00s

    —\ Recherche particulière de fichiers génériques
    [MD5.0E8E6463F81C80AFBED533E0F1F8895D] – (.Microsoft Corporation – Explorateur Windows.) (.01/06/2013 – 12:34:21.) — C:WindowsExplorer.exe [2391280]
    [MD5.FE9AB232B56A12224E8A3F3F9878C9A3] – (.Microsoft Corporation – Application de démarrage de Windows.) (.26/07/2012 – 04:08:50.) — C:WindowsSystem32Wininit.exe [132608]
    [MD5.2B7920C7885AC45FD0E27DD860F095A1] – (.Microsoft Corporation – Extensions Internet pour Win32.) (.07/03/2014 – 01:08:30.) — C:WindowsSystem32wininet.dll [2240000]
    [MD5.BCF2036A0DD579E47C008C133550283E] – (.Microsoft Corporation – Application d’ouverture de session Windows.) (.11/10/2012 – 06:46:58.) — C:WindowsSystem32Winlogon.exe [517120]
    [MD5.9448F5740A037EC0C18F0E9177232DD0] – (.Microsoft Corporation – Bibliothèque de licences.) (.26/07/2012 – 04:07:20.) — C:WindowsSystem32sppcomapi.dll [273408]
    [MD5.7C0E0EDF18D6CC565D7BFBB451709FA5] – (.Microsoft Corporation – Pilote de fonction connexe pour WinSock.) (.04/09/2013 – 04:11:23.) — C:Windowssystem32DriversAFD.sys [576512]
    [MD5.A721FF570C2387E383BDDEA9632863C9] – (.Microsoft Corporation – ATAPI IDE Miniport Driver.) (.26/07/2012 – 06:00:48.) — C:Windowssystem32Driversatapi.sys [25840]
    [MD5.990B1BABE6E81FB18E65A87EBEFB1772] – (.Microsoft Corporation – CD-ROM File System Driver.) (.26/07/2012 – 03:30:10.) — C:Windowssystem32DriversCdfs.sys [108544]
    [MD5.339BFF85D788268752DA8C9644B188EE] – (.Microsoft Corporation – SCSI CD-ROM Driver.) (.26/07/2012 – 03:26:36.) — C:Windowssystem32DriversCdrom.sys [174080]
    [MD5.431141C6859990824D17F71C30A78728] – (.Microsoft Corporation – DFS Namespace Client Driver.) (.16/01/2014 – 00:42:58.) — C:Windowssystem32DriversDfsC.sys [118784]
    [MD5.7D87B5B6C7188D553E11B59DC7F0B111] – (.Microsoft Corporation – High Definition Audio Bus Driver.) (.20/09/2012 – 07:08:44.) — C:Windowssystem32DriversHDAudBus.sys [71168]
    [MD5.C9E9CBF73AFFBFE3E801EFB516787BA3] – (.Microsoft Corporation – Pilote de port i8042.) (.26/07/2012 – 03:28:51.) — C:Windowssystem32Driversi8042prt.sys [112640]
    [MD5.3969B9C218DD3FAA9F4ED2FFC3651C02] – (.Microsoft Corporation – IP Network Address Translator.) (.26/07/2012 – 03:23:01.) — C:Windowssystem32DriversIpNat.sys [145920]
    [MD5.93179D48066918323628CB016D8C94DC] – (.Microsoft Corporation – Minirdr SMB Windows NT.) (.05/02/2013 – 23:29:09.) — C:Windowssystem32DriversMRxSmb.sys [370688]
    [MD5.7CEC25C682D319D484630B3952C31A11] – (.Microsoft Corporation – MBT Transport driver.) (.26/07/2012 – 03:24:28.) — C:Windowssystem32DriversnetBT.sys [331776]
    [MD5.7BE3EDFFA3216F989A6BDCB14795DD08] – (.Microsoft Corporation – Pilote du système de fichiers NT.) (.27/01/2014 – 04:39:40.) — C:Windowssystem32Driversntfs.sys [1939288]
    [MD5.4563DAF8C6A740AD7F501E219BD10766] – (.Microsoft Corporation – Pilote de port parallèle.) (.26/07/2012 – 03:29:53.) — C:Windowssystem32DriversParport.sys [105984]
    [MD5.A14D625C5AEE5FFE0F47D1A1D419FAAE] – (.Microsoft Corporation – RAS L2TP mini-port/call-manager driver.) (.26/07/2012 – 03:23:17.) — C:Windowssystem32DriversRasl2tp.sys [124928]
    [MD5.B2A3AD74FF2E2FFA73AF2567108231B3] – (.Microsoft Corporation – Redirecteur de périphérique de Microsoft RDP.) (.26/07/2012 – 03:25:18.) — C:Windowssystem32Driversrdpdr.sys [179712]
    [MD5.73DC722CE5DF26D7638CE2446F2655C7] – (.Microsoft Corporation – TDI Translation Driver.) (.26/07/2012 – 06:26:47.) — C:Windowssystem32Driverstdx.sys [117248]
    [MD5.78A5BBA3819FFFC62FFEC3E2220D102D] – (.Microsoft Corporation – Pilote de cliché instantané du volume.) (.01/06/2013 – 12:26:33.) — C:Windowssystem32Driversvolsnap.sys [327936]
    ~ Generic Processes: Scanned in 00mn 00s

    —\ Etat des fichiers cachés (Caché/Total)
    ~ Mes images (My Pictures) : 2/132
    ~ Mes musiques (My Musics) : 32/98
    ~ Mes Videos (My Videos) : 2/23
    ~ Mes Favoris (My Favorites) : 1/3
    ~ Mes Documents (My Documents) : 2/366
    ~ Mon Bureau (My Desktop) : 3/1322
    ~ Menu demarrer (Programs) : 1/44
    ~ Hidden Files: Scanned in 00mn 00s

    —\ Processus lancés
    [MD5.A0012C1D9B8648C20C00202418B9D02F] – (.NVIDIA Corporation – NVIDIA GeForce Experience Backend.) — C:Program Files (x86)NVIDIA CorporationUpdate CoreNvBackend.exe [2279712] [PID.1840]
    [MD5.8E556A72D54F7E3B7844AB9217F02DD7] – (.Mozilla Corporation – Firefox.) — C:Program Files (x86)Mozilla Firefoxfirefox.exe [275568] [PID.4464]
    [MD5.640A4CF41563844AE4D3F7C903269523] – (.Logitech Inc. – Logitech G-series Media Display.) — C:Program FilesLogitech Gaming SoftwareAppletsLCDMedia.exe [664344] [PID.4944]
    [MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] – (.Oracle Corporation – Java(TM) Update Scheduler.) — C:Program Files (x86)Common FilesJavaJava Updatejusched.exe [254336] [PID.4636]
    [MD5.CBA0013EBDE3F0B08B043F61857E9809] – (.Mozilla Corporation – Plugin Container for Firefox.) — C:Program Files (x86)Mozilla Firefoxplugin-container.exe [18544] [PID.4444]
    [MD5.C54C8B8DAE3CC59CBAFF15FAC00084D7] – (.Adobe Systems, Inc. – Adobe Flash Player 13.0 r0.) — C:WindowsSysWOW64MacromedFlashFlashPlayerPlugin_13_0_0_206.exe [1864368] [PID.5628]
    [MD5.1780A53FCE5975B94604775CD9460F22] – (.Nicolas Coolman – ZHPDiag.) — C:Program Files (x86)ZHPDiagZHPDiag.exe [7865344] [PID.1268]
    ~ Processes Running: Scanned in 00mn 00s

    —\ Internet Explorer, Proxy Management (R5)
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = no key
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyEnable = 0
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,MigrateProxy = 1
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,EnableHttp1_1 = 1
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,AutoConfigProxy = wininet.dll
    ~ Proxy management: Scanned in 00mn 00s

    —\ Analyse des lignes F0, F1, F2, F3 – IniFiles, Autoloading programs
    F2 – REG:system.ini: USERINIT=C:Windowssystem32userinit.exe,
    F2 – REG:system.ini: Shell=C:Windowsexplorer.exe
    F2 – REG:system.ini: VMApplet=C:WindowsSystem32SystemPropertiesPerformance.exe
    ~ Keys: Scanned in 00mn 00s

    —\ Hosts file redirection (O1)
    ~ Le fichier hosts est sain (The hosts file is clean).
    ~ Hosts File: Scanned in 00mn 00s
    ~ Nombre de lignes (Lines number): 24

    —\ Autres liens utilisateurs (O4)
    O4 – GSQuickLaunch [Nico]: µTorrent.lnk . (.BitTorrent Inc. – µTorrent.) — C:UsersNicoAppDataRoaminguTorrentuTorrent.exe =>P2P.BitTorrent
    ~ Global Startup: 1 Legitimates Filtered in 00mn 00s

    —\ Applications lancées au démarrage du système (O4)
    O4 – HKLM..Run: [Launch LCore] . (.Logitech Inc. – Logitech Gaming Framework.) — C:Program FilesLogitech Gaming SoftwareLCore.exe =>.Logitech Inc
    O4 – HKLM..Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated – Adobe Updater Startup Utility.) — C:Program Files (x86)Common FilesAdobeOOBEPDAppUWAUpdaterStartupUtility.exe =>.Adobe Systems Incorporated
    O4 – HKLM..Run: [NvBackend] . (.NVIDIA Corporation – NVIDIA GeForce Experience Backend.) — C:Program Files (x86)NVIDIA CorporationUpdate CoreNvBackend.exe
    O4 – HKLM..Run: [ShadowPlay] . (.NVIDIA Corporation – NVIDIA Capture Server Proxy.) — C:Windowssystem32nvspcap64.dll
    O4 – HKCU..Run: [EADM] . (.Electronic Arts – Origin.) — C:Program Files (x86)OriginOrigin.exe
    O4 – HKCU..Run: [AdobeBridge] Clé orpheline
    O4 – HKCU..Run: [Google Update] . (.Google Inc. – Programme d'installation de Google.) — C:UsersNicoAppDataLocalGoogleUpdateGoogleUpdate.exe =>.Google Inc
    O4 – HKCU..Run: [SUPERAntiSpyware] . (.SUPERAntiSpyware – SUPERAntiSpyware Application.) — C:Program FilesSUPERAntiSpywareSUPERAntiSpyware.exe
    O4 – HKLM..Wow6432NodeRun: [SwitchBoard] . (.Adobe Systems Incorporated – SwitchBoard Server (32 bit).) — C:Program Files (x86)Common FilesAdobeSwitchBoardSwitchBoard.exe
    O4 – HKLM..Wow6432NodeRun: [AdobeCS5ServiceManager] . (.Adobe Systems Incorporated – Adobe CS5 Service Manager.) — C:Program Files (x86)Common FilesAdobeCS5ServiceManagerCS5ServiceManager.exe
    O4 – HKLM..Wow6432NodeRun: [Adobe ARM] . (.Adobe Systems Incorporated – Adobe Reader and Acrobat Manager.) — C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe =>.Adobe Systems Incorporated
    O4 – HKLM..Wow6432NodeRun: [SunJavaUpdateSched] . (.Oracle Corporation – Java(TM) Update Scheduler.) — C:Program Files (x86)Common FilesJavaJava Updatejusched.exe =>.Oracle Corporation
    O4 – HKUSS-1-5-21-1262373737-3184833486-918223608-1001..Run: [EADM] . (.Electronic Arts – Origin.) — C:Program Files (x86)OriginOrigin.exe
    O4 – HKUSS-1-5-21-1262373737-3184833486-918223608-1001..Run: [AdobeBridge] Clé orpheline
    O4 – HKUSS-1-5-21-1262373737-3184833486-918223608-1001..Run: [Google Update] . (.Google Inc. – Programme d'installation de Google.) — C:UsersNicoAppDataLocalGoogleUpdateGoogleUpdate.exe =>.Google Inc
    O4 – HKUSS-1-5-21-1262373737-3184833486-918223608-1001..Run: [SUPERAntiSpyware] . (.SUPERAntiSpyware – SUPERAntiSpyware Application.) — C:Program FilesSUPERAntiSpywareSUPERAntiSpyware.exe
    ~ Application: Scanned in 00mn 00s

    —\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
    O9 – Extra button: Clavier virtuel [64Bits] – {0C4CC089-D306-440D-9772-464E226F6539} . (…) — C:Program Files (x86)Kaspersky LabKaspersky Internet Security 14.0.0kbrd.ico
    O9 – Extra button: &Envoyer à OneNote [64Bits] – {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation – Microsoft OneNote Internet Explorer Add-in.) — C:Program Files (x86)MICROS~1Office15ONBttnIE.dll =>.Microsoft Corporation
    O9 – Extra button: Cliquer pour appeler Lync [64Bits] – {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} . (.Microsoft Corporation – Microsoft Lync.) — C:Program FilesMicrosoft OfficeOffice15lync.exe
    O9 – Extra button: Notes &liées OneNote [64Bits] – {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation – Microsoft OneNote Internet Explorer Add-in.) — C:Program Files (x86)MICROS~1Office15ONBTTN~1.dll =>.Microsoft Corporation
    O9 – Extra button: Analyse des liens [64Bits] – {CCF151D8-D089-449F-A5A4-D9909053F20F} . (…) — C:Program Files (x86)Kaspersky LabKaspersky Internet Security 14.0.0logo.ico
    ~ IE Extra Buttons: Scanned in 00mn 00s

    —\ Site dans la Zone de confiance d'Internet Explorer (O15)
    O15 – Trusted Zone: [HKCU…Domains] http.ma-config.com
    O15 – Trusted Zone: [HKCU…Domains] http.touslesdrivers.com
    ~ IE Zone Confiance: Scanned in 00mn 00s

    —\ Modification Domaine/Adresses DNS (O17)
    O17 – HKLMSystemCCSServicesTcpip..{CDDB9808-5733-4ED4-A0B7-A2E32C19E81E}: DhcpNameServer = 192.168.1.1 192.168.1.1
    O17 – HKLMSystemCS1ServicesTcpip..{CDDB9808-5733-4ED4-A0B7-A2E32C19E81E}: DhcpNameServer = 192.168.1.1 192.168.1.1
    O17 – HKLMSystemCCSServicesTcpipParameters: DhcpNameServer = 192.168.1.1 192.168.1.1
    ~ Domain: Scanned in 00mn 00s

    —\ Protocole additionnel (O18)
    O18 – Handler: vbscript [64Bits] – {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation – Visionneuse HTML Microsoft (R).) — C:WindowsSystem32mshtml.dll =>.Microsoft Corporation
    O18 – Filter: text/xml [64Bits] – {807583E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation – Microsoft Office XML MIME Filter.) — C:Program FilesCommon FilesMicrosoft SharedOFFICE15MSOXMLMF.dll =>.Microsoft Corporation
    ~ Protocole Additionnel: Scanned in 00mn 00s

    —\ Tâches planifiées en automatique (O39)
    [MD5.00000000000000000000000000000000] [APT] [DTChk] (…) — C:UsersNicoUtilDTChk.exe (.not file.) [0]
    O39 – APT: – (..) — C:WindowsSystem32TasksAdobe Flash Player Updater [1002]
    O39 – APT: – (..) — C:WindowsSystem32TasksGoogleUpdateTaskUserS-1-5-21-1262373737-3184833486-918223608-1001Core [1038]
    O39 – APT: – (..) — C:WindowsSystem32TasksGoogleUpdateTaskUserS-1-5-21-1262373737-3184833486-918223608-1001UA [1090]
    O39 – APT: – (..) — C:WindowsSystem32TasksSUPERAntiSpyware Scheduled Task 0ec49b0c-1d57-4f6a-ac1f-c5a64ecd2a95 [524]
    O39 – APT: – (..) — C:WindowsSystem32TasksSUPERAntiSpyware Scheduled Task 8790db2d-b61c-4d52-823e-ea23106491db [524]
    ~ Scheduled Task: 11 Legitimates Filtered in 00mn 01s

    —\ Logiciels installés (O42)
    O42 – Logiciel: Octodad: Dadliest Catch – (.Young Horses.) [HKLM][64Bits] — Steam App 224480
    ~ Logic: 21 Legitimates Filtered in 00mn 00s

    —\ HKCU & HKLM Software Keys
    [HKCUSoftware2K75]
    [HKCUSoftwarePando Networks]
    [HKLMSoftwareWow6432NodePando Networks]
    ~ Key Software: 304 Legitimates Filtered in 00mn 00s

    —\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
    O43 – CFD: 12/01/2014 – 10:14:02 – [] —-D C:Program Files (x86)Pando Networks
    O43 – CFD: 21/02/2014 – 00:44:35 – [] —-D C:UsersNicoAppDataLocalDayZ
    O43 – CFD: 16/03/2014 – 10:58:28 – [] —-D C:UsersNicoAppDataLocalOctodad Dadliest Catch
    ~ Program Folder: 183 Legitimates Filtered in 00mn 00s

    —\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
    O44 – LFC:[MD5.47FC56D4765DA46182F2AE1BD1A3733C] – 30/04/2014 – 11:02:32 —A- . (…) — C:aze.txt [1919]
    ~ Files: 20 Legitimates Filtered in 00mn 00s

    —\ Derniers fichiers créés dans Windows Prefetcher (O45)
    O45 – LFCP:[MD5.911C93CCCB9553938ABC84AFCBCC70DA] – 29/04/2014 – 23:44:52 —A- – C:WindowsPrefetchUTORRENT.EXE-72D3F8C3.pf =>P2P.µTorrent
    ~ Prefetcher: 1 Legitimates Filtered in 00mn 00s

    —\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
    O55 – MWPS:[HKLM…PoliciesSystem] – “EnableUIADesktopToggle”=0
    O55 – MWPS:[HKLM…PoliciesSystem] – “FilterAdministratorToken”=0
    ~ MWPS: 17 Legitimates Filtered in 00mn 00s

    —\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
    O56 – MWPE:[HKLM…policiesExplorer] – “NoActiveDesktopChanges”=1
    ~ MWPE Keys: 4 Legitimates Filtered in 00mn 00s

    —\ Liste des pilotes du système (SDL) (O58)
    O58 – SDL:26/07/2012 – 06:00:55 —A- . (.Promise Technology, Inc. – Promise SuperTrak EX Series Driver for Windows x64.) — C:WindowsSystem32Driversstexstor.sys [30960]
    ~ Drivers: 57 Legitimates Filtered in 00mn 00s

    —\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
    O61 – LFC: 24/04/2014 – 12:05:49 —A- . (…) — C:UsersNicoAppDataLocalMicrosoftWindows1036StructuredQuerySchema.bin [362367]
    O61 – LFC: 25/04/2014 – 12:05:53 —A- . (.Google.) — C:UsersNicoAppDataRoamingMozillapluginsnpgoogletalk.dll [326016]
    O61 – LFC: 25/04/2014 – 12:05:53 —A- . (.Google.) — C:UsersNicoAppDataRoamingMozillapluginsnpo1d.dll [299904]
    O61 – LFC: 30/04/2014 – 12:05:53 —A- . (…) — C:UsersNicoDownloadsadwcleaner.exe [1310621]
    O61 – LFC: 30/04/2014 – 12:05:53 —A- . (.SUPERAntiSpyware.) — C:UsersNicoDownloadsSUPERAntiSpyware.exe [18866336]
    ~ 512 Fichiers temporaires (Temporary files)
    ~ 277 Fichiers cookies (Cookies files)
    ~ Files: 15 Legitimates Filtered in 00mn 04s

    —\ Liste des outils de désinfection (LATC) (O63)
    O63 – Logiciel: ZHPDiag 2014 – (.Nicolas Coolman.) [HKLM] — ZHPDiag_is1 =>.Nicolas Coolman
    ~ ADS: Scanned in 00mn 00s

    —\ Menu de démarrage Internet (SMI) (O68)
    O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Mozilla Corporation – Firefox.) — C:Program Files (x86)Mozilla Firefoxfirefox.exe
    O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Microsoft Corporation – Internet Explorer.) — C:Program FilesInternet Exploreriexplore.exe
    ~ Keys: Scanned in 00mn 00s

    —\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
    O69 – SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} – (Bing) – http://www.bing.com” onclick=”window.open(this.href);return false;
    O69 – SBI: SearchScopes [HKCU] {07D08450-983A-4327-AE03-83C290CAB868} – (Search Here) – http://www.mysearchresults.com” onclick=”window.open(this.href);return false; =>Adware.MyWebSearch
    ~ Keys: Scanned in 00mn 00s

    —\ Enumère les fichiers Crack & Keygen (CKF) (O82)
    D:JeuxFEARKeygen.exe =>.Crack,Keygen
    D:JeuxMystery case files 13th craneMystery Case Files – 13th Skull Edition CollectorMystery Case Files – 13th Skull Edition Collector-frKeygen.exe =>.Crack,Keygen
    D:JeuxRoller Coaster Tycoon 3 + Délires Aquatiques + Distractions SauvagesRoller Coaster Tycoon 3 + Keygen + No-CDKeygen.exe =>.Crack,Keygen
    D:JeuxRoller Coaster Tycoon 3 + Délires Aquatiques + Distractions SauvagesRoller Coaster Tycoon 3 + Keygen + No-CDRCT3.exe =>.Crack,Keygen
    D:ProgrammesAurora 3D Text_Logo Maker+keygenAurora 3D Text_Logo Maker.exe =>.Crack,Keygen
    D:ProgrammesAurora 3D Text_Logo Maker+keygenaurora.3d.text.and.logo.maker.11.022.keygenkeygen.exe =>.Crack,Keygen
    D:Programmesphotofiltre studio 10PhotoFiltre.Studio.X.v10.3.2.French.Incl.Keymaker-COREKeygenkeygen.zip =>.Crack,Keygen
    D:sauvegardeDownloadskeygen sony vegas pro 11Keygen.exe =>.Crack,Keygen
    D:sauvegardeDownloadskeygen vegas pro 11.rar =>.Crack,Keygen
    D:sauvegardeDownloadsPhotoshop CS 5Keygen Patch Photoshop CS5.exe =>.Crack,Keygen
    ~ Files: Scanned in 02mn 06s

    —\ Recherche particulière à la racine du système (SPRF) (O84)
    [MD5.FF22FE12E7380FF55DE3565028496FB3] [SPRF][19/04/2014] (.Gala Networks Europe Limited – Flyff Setup.) — C:UsersNicoDesktopFlyff_FR_setup.exe [1167216422]
    ~ Files: 1 Legitimates Filtered in 00mn 09s

    —\ Liste des exceptions du parefeu (FirewallRules) (O87)
    O87 – FAEL: “{834057A2-9679-4377-826B-DFBCCBA323F0}” | In – None – P6 – TRUE | .(.BitTorrent Inc. – µTorrent.) — C:UsersNicoAppDataRoaminguTorrentuTorrent.exe =>P2P.BitTorrent
    O87 – FAEL: “{E6A43D30-B0A4-44D3-B629-F64448437EC0}” | In – None – P17 – TRUE | .(.BitTorrent Inc. – µTorrent.) — C:UsersNicoAppDataRoaminguTorrentuTorrent.exe =>P2P.BitTorrent
    ~ Firewall: 2 Legitimates Filtered in 00mn 01s

    —\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
    SS – | Demand 30/04/2014 257712 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) – C:WindowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe
    SS – | Auto 15/11/2013 214512 | (AVP) . (.Kaspersky Lab ZAO.) – C:Program Files (x86)Kaspersky LabKaspersky Internet Security 14.0.0avp.exe
    SS – | Auto 03/04/2014 1809720 | (MBAMScheduler) . (.Malwarebytes Corporation.) – C:Program Files (x86)Malwarebytes Anti-Malwarembamscheduler.exe
    SS – | Auto 03/04/2014 857912 | (MBAMService) . (.Malwarebytes Corporation.) – C:Program Files (x86)Malwarebytes Anti-Malwarembamservice.exe
    SS – | Demand 29/03/2014 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) – C:Program Files (x86)Mozilla Maintenance Servicemaintenanceservice.exe
    SS – | Demand 10/07/1658 0 | (npggsvc) . (.INCA Internet Co., Ltd..) – C:Windowssystem32GameMon.des
    SS – | Auto 23/10/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) – C:Program Files (x86)SkypeUpdaterUpdater.exe
    SS – | Demand 23/04/2014 572096 | (Steam Client Service) . (.Valve Corporation.) – C:Program Files (x86)Common FilesSteamSteamService.exe
    SS – | Demand 19/02/2010 517096 | (SwitchBoard) . (.Adobe Systems Incorporated.) – C:Program Files (x86)Common FilesAdobeSwitchBoardSwitchBoard.exe
    SS – | Demand 13/05/2012 22016 | (wampapache) . (.Apache Software Foundation.) – c:wampbinapacheapache2.2.22binhttpd.exe
    SS – | Demand 19/04/2012 9693696 | (wampmysqld) . (…) – c:wampbinmysqlmysql5.5.24binmysqld.exe
    SS – | Demand 20/09/2012 29696 | C:WindowsSystem32wuaueng.dll (wuauserv) . (.Microsoft Corporation.) – C:WindowsSystem32svchost.exe
    SR – | Auto 10/10/2013 144152 | (!SASCORE) . (.SUPERAntiSpyware.com.) – C:Program FilesSUPERAntiSpywareSASCORE64.exe
    SR – | Auto 21/12/2013 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) – C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe
    SR – | Auto 28/02/2014 9216 | (HiPatchService) . (.Hi-Rez Studios.) – C:Program Files (x86)Hi-Rez StudiosHiPatchService.exe
    SR – | Auto 08/01/2014 2768720 | (MaConfigAgent) . (.CybelSoft.) – C:Program Filesma-config.comMaConfigAgent.exe
    SR – | Auto 10/12/2013 1494304 | (NvNetworkService) . (.NVIDIA Corporation.) – C:Program Files (x86)NVIDIA CorporationNetServiceNvNetworkService.exe
    SR – | Auto 10/12/2013 15129376 | (NvStreamSvc) . (.NVIDIA Corporation.) – C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamsvc.exe
    SR – | Auto 19/12/2013 922912 | (nvsvc) . (.NVIDIA Corporation.) – C:Windowssystem32nvvsvc.exe
    SR – | Auto 10/07/1658 0 | (PnkBstrA) . (…) – C:Windowssystem32PnkBstrA.exe
    SR – | Auto 19/12/2013 411936 | (Stereo Service) . (.NVIDIA Corporation.) – C:Program Files (x86)NVIDIA Corporation3D VisionnvSCPAPISvr.exe
    SR – | Demand 10/07/1658 0 | (WinDefend) . (…) – C:Program Files (x86)Windows DefenderMsMpEng.exe
    SR – | Auto 10/07/1658 0 | (WMPNetworkSvc) . (…) – C:Program Files (x86)Windows Media Playerwmpnetwk.exe =>.Microsoft Corporation
    ~ Services: Scanned in 00mn 04s

    —\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
    Run by Nico at 30/04/2014 12:08:19
    ~ OS 64 not supported by MBR tool
    ~ MBR: 0 Legitimates Filtered in 00mn 00s

    —\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
    Written by ad13, http://ad13.geekstog” onclick=”window.open(this.href);return false;
    Run by Nico at 30/04/2014 12:08:21
    ********* Dump file Name *********
    C:PhysicalDisk0_MBR.bin
    ~ MBR: Scanned in 00mn 02s

    —\ Scan Additionnel (O88)
    Database Version : 13045 – (28/04/2014)
    Clés trouvées (Keys found) : 0
    Valeurs trouvées (Values found) : 1
    Dossiers trouvés (Folders found) : 0
    Fichiers trouvés (Files found) : 0

    ~ Additionnel Scan: 387722 Items scanned in 00mn 10s

    —\ Récapitulatif des détections trouvées sur votre station
    http://nicolascoolman.webs.com/apps/blog/show/27146838-adware-mywebsearch” onclick=”window.open(this.href);return false; =>Adware.MyWebSearch
    ~ MSI: 1 link(s) detected in 00mn 00s

    ~ 710 Legitimates filtered by white list
    End of the scan (403 lines in 03mn 02s)(10)[/spoiler:uqlhjv87]

  • Anonyme
    Post count: 0

    Hello :hello: ,

    Bienvenue sur SosVirus :welcome:

    Aurais le même problème sur un autre ordinateur connecté sur ma livebox

    Logiquement oui.

    Ton PC ne montre pas vraiment de signes d’infections, juste des résidus.

    T’avais pas utorrent ou pando de connecté hier soir ? …

  • Photo du profil de Nicolas09120Nicolas09120
    Participant
    Post count: 2

    Pas d’utorrent ou de pando hier soir, maintenant utorrent est effectivement installé sur mon pc et le problème est présent continuellement.

  • Anonyme
    Post count: 0

    Sur les autres PC aussi ?

    T’as essayé de redémarrer ta box, voir de la réinitialiser ?

Le sujet ‘J’ai besoin de votre aide !!’ est fermé à de nouvelles réponses.