PC très lent et écrans bleus
Résolu/Fermé
xelyia
Messages postés
52
Date d'inscription
jeudi 10 février 2011
Statut
Membre
Dernière intervention
22 juillet 2020
-
21 oct. 2014 à 13:54
AskepiosFFC Messages postés 69 Date d'inscription lundi 4 août 2014 Statut Membre Dernière intervention 22 décembre 2014 - 24 oct. 2014 à 16:14
AskepiosFFC Messages postés 69 Date d'inscription lundi 4 août 2014 Statut Membre Dernière intervention 22 décembre 2014 - 24 oct. 2014 à 16:14
A voir également:
- PC très lent et écrans bleus
- Pc tres lent - Guide
- Double ecran pc - Guide
- Test performance pc - Guide
- Reinitialiser pc - Guide
- Ecran noir pc - Guide
5 réponses
AskepiosFFC
Messages postés
69
Date d'inscription
lundi 4 août 2014
Statut
Membre
Dernière intervention
22 décembre 2014
14
Modifié par AskepiosFFC le 21/10/2014 à 14:32
Modifié par AskepiosFFC le 21/10/2014 à 14:32
xelyia
Messages postés
52
Date d'inscription
jeudi 10 février 2011
Statut
Membre
Dernière intervention
22 juillet 2020
21 oct. 2014 à 15:04
21 oct. 2014 à 15:04
J'ai bien suivi toutes les étapes et fait un test dont voici le résultat :
~ Rapport de ZHPDiag v2014.10.18.148 - Nicolas Coolman (18/10/2014)
~ Lancé par CIO (21/10/2014 14:52:41)
~ Adresse du Site Web https://nicolascoolman.eu
~ Adresse du Forum https://nicolascoolman.eu
~ Traduit par Nicolas Coolman
~ Etat de la version : Version à jour.
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user
---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.17358
MFIE: Mozilla Firefox 32.0.3 (Defaut)
GCIE: Google Chrome v38.0.2125.104
---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Professional, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows Operating System - Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 24367
Windows License : OK
~ Windows Remaining Initializations Number : 2
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Logiciels de protection du système
avast! Free Antivirus v7.0.1474.0
Windows Defender W7 (Activate)
---\\ Logiciels d'optimisation du système
CCleaner v4.05
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
Adobe Flash Player 11 ActiveX 64-bit
Adobe Flash Player 15 Plugin
Adobe Reader XI
---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1888 MB (42% free)
System Restore: Activé (Enable)
System drive C: has 231 GB (80%) free of 285 GB
---\\ Mode de connexion au système
~ Computer Name: CIO-LENOVO1
~ User Name: CIO
~ All Users Names: HomeGroupUser$, Formasarthe, CIO, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\CIO\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\CIO\AppData\Roaming\
~ %Desktop% : C:\Users\CIO\Desktop\
~ %Favorites% : C:\Users\CIO\Favorites\
~ %LocalAppData% : C:\Users\CIO\AppData\Local\
~ %StartMenu% : C:\Users\CIO\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 231 Go of 285 Go)
Q: Hard drive, Flash drive, Thumb drive (Free 3 Go of 12 Go)
---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyGames: Modified
~ Security Center: 49 Legitimates Filtered in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.04/01/2012 - 05:24:51.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.9D98D4F390F0B14A782F3B931E613A1A] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.19/09/2014 - 01:33:18.) -- C:\Windows\System32\wininet.dll [2309632]
[MD5.8CEBD9D0A0A879CDE9F36F4383B7CAEA] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.17/07/2014 - 03:07:24.) -- C:\Windows\System32\Winlogon.exe [455168]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.21/11/2010 - 04:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.FA886682CFC5D36718D3E436AACF10B9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.30/05/2014 - 07:45:52.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.04/01/2012 - 05:26:48.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 04:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 04:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.1B6163C503398B23FF8B939C67747683] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/11/2010 - 04:25:07.) -- C:\Windows\system32\Drivers\rdpdr.sys [165888]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/58
~ Mes musiques (My Musics) : 26/292
~ Mes Favoris (My Favorites) : 1/21
~ Mes Documents (My Documents) : 10/2136
~ Mon Bureau (My Desktop) : 2/35
~ Menu demarrer (Programs) : 1/39
~ Hidden Files: Scanned in 00mn 06s
---\\ Processus lancés
[MD5.EC80D4878D3824C289868E007B9C43EF] - (.Lenovo Group Limited - Microphone volume control module.) -- C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe [40808] [PID.3592]
[MD5.F6987FF6C6D683F79FDCE707B071A997] - (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files (x86)\SuperCopier2\SuperCopier2.exe [955392] [PID.3832]
[MD5.51138BEEA3E2C21EC44D0932C71762A8] - (...) -- ysWOW64\rundll32.exe [0] [PID.4104]
[MD5.083649EF692A066880C9326020915AFE] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [4297136] [PID.4232]
[MD5.12916E0642E92561C98B18A2A2D01B14] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848] [PID.4312]
[MD5.048EA4B978851788E9F5E8E4F081DF7A] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904] [PID.4324]
[MD5.6F2ED4B6BE48C85134EEEBBAE1CD87AD] - (.Lenovo Group Limited - Power Manager Power Agenda.) -- C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.exe [62824] [PID.4340]
[MD5.B53D59915A356B06C1D7DE5B22B4177C] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [854344] [PID.4568]
[MD5.3B376496187AB240FAC6ECD7BD1251F6] - (.Pas de propriétaire - Message Center Plus Launcher.) -- C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe [49976] [PID.3372]
[MD5.5DFE72B9F1FF669070FC032090B7B982] - (.Sun Microsystems, Inc. - Java(TM) Update Checker.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe [507312] [PID.3736]
[MD5.7787F1E659DCDF85E47BBF374B502FAC] - (.Nicolas Coolman - ZHPDiag.) -- C:\ZHPDiag\ZHPDiag.exe [8113664] [PID.4912]
[MD5.8FA553E9AE69808D99C164733A0F9590] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [44808] [PID.1604]
[MD5.7060C98E81EB082C2AEC2491CCD41A02] - (.Index Education - Pas de description.) -- C:\Program Files (x86)\Index Education\Mise a jour automatique\ServiceMiseAJourIndex.exe [3211264] [PID.1872]
[MD5.B362181ED3771DC03B4141927C80F801] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65432] [PID.2024]
[MD5.56B74943929BC575914631EDC0E72220] - (.Lenovo Group Limited - Camera Mute Control Service for ThinkPad.) -- C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe [41320] [PID.1792]
[MD5.F9B51B2A5DA1222A910021C71E9EA559] - (.Lenovo Group Limited - Microphone volume control service.) -- C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe [59240] [PID.1888]
[MD5.F036CFB275D0C55F4E45FBBF5F98B3C8] - (.Protexis Inc. - PsiService PsiService.) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [193824] [PID.1864]
[MD5.BE788A747457E6916586C410EC0111E7] - (.Ulead Systems, Inc. - ULCDRSvr.) -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [61440] [PID.2112]
[MD5.E7859BA062DB5E23C6DD34AD66B09F50] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [326168] [PID.3504]
[MD5.6EA2F517373771CAC5188E82617C9C0B] - (.Lenovo Group Limited - ThinkVantage System Update Service.) -- C:\Program Files (x86)\Lenovo\System Update\SUService.exe [28672] [PID.3412]
[MD5.E91F8AFBD7FB96C94B266579D6BFA77A] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2656280] [PID.3780]
~ Processes Running: Scanned in 00mn 01s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\CIO\AppData\Local\Google\Chrome\User Data\Default\Preferences
---\\ Liste des dossiers d'extension Google Chrome
~ Google Lines Browser: 0 Legitimates Filtered in 00mn 00s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\CIO\AppData\Roaming\Mozilla\Firefox\Profiles\uq712f6o.default\prefs.js
M3 - MFPP: Plugins - [CIO] -- C:\Users\CIO\AppData\Roaming\Mozilla\Firefox\Profiles\uq712f6o.default\searchplugins\askcom.xml
M2 - MFEP: prefs.js [CIO - uq712f6o.default\toolbar@ask.com] [] Ask Toolbar v3.8.0.12304 (..) =>Toolbar.Ask
P2 - FPN: [HKLM] [@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf] - (...) -- C:\Program Files\Tracker Software\npPDFXCviewNPPlugin.dll (.not file.)
P2 - FPN: [HKCU] [@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf] - (...) -- C:\Program Files\Tracker Software\Win32\npPDFXCviewNPPlugin.dll (.not file.)
~ Firefox Browser: 14 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://kogoa.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = preserve
~ IE Browser: 18 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (21)
~ Hosts File: Scanned in 00mn 00s
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Ask Toolbar BHO [64Bits] - {D4027C7F-154A-4066-A1AD-4243D8127440} . (.Ask - Ask Toolbar.) -- C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll =>Toolbar.Ask
~ BHO: 7 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: avast! WebRep - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} . (.AVAST Software - avast! WebRep Plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{D4027C7F-154A-4066-A1AD-4243D8127440} Clé orpheline
~ Toolbar: Scanned in 00mn 00s
---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKLM\..\Run: [TpShocks] . (.Lenovo. - ThinkVantage Active Protection System.) -- C:\Windows\System32\TpShocks.exe
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [LENOVO.TPKNRRES] . (.Lenovo Group Limited - Microphone volume control module.) -- C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe
O4 - HKCU\..\Run: [LTT] . (.PC-Doctor, Inc. - PC-Doctor Module.) -- C:\Program Files\PC-Doctor\EnableToolbarW32.exe
O4 - HKCU\..\Run: [SuperCopier2.exe] . (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files (x86)\SuperCopier2\SuperCopier2.exe
O4 - HKLM\..\Wow6432Node\Run: [PWMTRV] rundll32 C:\Program Files (x86)\ThinkPad\UTILIT~1\PWMTR64V.dll (.not file.)
O4 - HKLM\..\Wow6432Node\Run: [Lenovo Registration] . (.Lenovo, Inc. - Lenovo Registration.) -- C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe
O4 - HKLM\..\Wow6432Node\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1168201799-2390514144-3352934515-1000\..\Run: [LTT] . (.PC-Doctor, Inc. - PC-Doctor Module.) -- C:\Program Files\PC-Doctor\EnableToolbarW32.exe
O4 - HKUS\S-1-5-21-1168201799-2390514144-3352934515-1000\..\Run: [SuperCopier2.exe] . (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files (x86)\SuperCopier2\SuperCopier2.exe
~ Application: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{163DC53A-DE9E-41C8-A0DE-3AB7DF060DAB}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{F8E6C08E-AD27-4F26-89DC-60D97556A0B9}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{163DC53A-DE9E-41C8-A0DE-3AB7DF060DAB}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{F8E6C08E-AD27-4F26-89DC-60D97556A0B9}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{163DC53A-DE9E-41C8-A0DE-3AB7DF060DAB}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{F8E6C08E-AD27-4F26-89DC-60D97556A0B9}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Tâches planifiées en automatique (O39)
[MD5.95B44F3CCAC43A47649C1F1BC84ED517] [APT] [Scheduled Update for Ask Toolbar] (...) -- C:\Program Files (x86)\Ask.com\UpdateTask.exe [96136] =>Toolbar.Ask
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [1002]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1066]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1070]
O39 - APT: - (..) -- C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job [528]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask [528]
O39 - APT: - (..) -- C:\Windows\Tasks\SystemToolsDailyTest.job [466]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\SystemToolsDailyTest [466]
~ Scheduled Task: 19 Legitimates Filtered in 00mn 07s
---\\ Logiciels installés (O42)
O42 - Logiciel: Anawisc - Assistant d'analyse et d'interprétation du WISC-IV - (.Namexe.) [HKCU][64Bits] -- 9499e1cc2b057519
O42 - Logiciel: Ask Toolbar - (.Ask.com.) [HKLM][64Bits] -- {86D4B82A-ABED-442A-BE86-96357B70F4FE} =>Toolbar.Ask
O42 - Logiciel: GPO2 Collège - (.Delta-Expert.) [HKLM][64Bits] -- {14672513-CC60-459E-B48B-A36402B9B5AB}
O42 - Logiciel: GPO2 Lycée - (.Delta-Expert.) [HKLM][64Bits] -- {28EC8CEB-9DF6-4F21-8EB4-2E18A653FD8A}
O42 - Logiciel: GPO5 - (.Delta-Expert.) [HKLM][64Bits] -- {36273000-68AB-469B-836C-33D87A6D6715}
O42 - Logiciel: Printer Status Monitor Version 4.2.0 - (.SHARP.) [HKLM][64Bits] -- Printer Status Monitor
O42 - Logiciel: Updater Service - (...) [HKLM][64Bits] -- Updater Service =>Adware.IncrediBar
O42 - Logiciel: Valeurs (C:\Program Files (x86)\Valeurs\) - (...) [HKLM][64Bits] -- ST6UNST #2
O42 - Logiciel: Valeurs - (...) [HKLM][64Bits] -- ST6UNST #1
~ Logic: 32 Legitimates Filtered in 00mn 01s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\Ask.com]
[HKCU\Software\FileScout] =>PUP.FileScout
[HKCU\Software\ONISEP]
[HKCU\Software\WEDLMNGR] =>PUP.weDownloadManager
[HKLM\Software\Wow6432Node\ECPA]
~ Key Software: 277 Legitimates Filtered in 00mn 01s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 17/06/2014 - 22:10:33 - [] ----D C:\Program Files (x86)\Ask.com
O43 - CFD: 24/09/2013 - 15:02:31 - [] ----D C:\Program Files (x86)\Delta-Expert
O43 - CFD: 06/02/2012 - 17:36:37 - [] ----D C:\Program Files (x86)\ECPA
O43 - CFD: 18/01/2012 - 18:12:27 - [] ----D C:\Program Files (x86)\Valeurs
O43 - CFD: 08/11/2012 - 22:38:03 - [] ----D C:\ProgramData\Ask
O43 - CFD: 06/11/2013 - 15:27:20 - [] ----D C:\ProgramData\IBUpdaterService =>Adware.InstallBrain
O43 - CFD: 13/02/2012 - 11:43:39 - [] ----D C:\ProgramData\Partner
O43 - CFD: 15/02/2013 - 00:44:35 - [] ----D C:\Users\CIO\AppData\Roaming\Anawisc
O43 - CFD: 05/07/2014 - 15:28:07 - [] ----D C:\Users\CIO\AppData\Roaming\File Scout =>PUP.FileScout
O43 - CFD: 18/01/2012 - 18:58:36 - [] ----D C:\Users\CIO\AppData\Roaming\PwrMgr
O43 - CFD: 09/04/2014 - 22:14:42 - [] ----D C:\Users\CIO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Parade
~ 42 Dossier CLSID vide (CLSID Empty Folder)
~ Program Folder: 201 Legitimates Filtered in 00mn 01s
---\\ Clé de registre Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{d8267a46-3641-11e1-9c7f-806e6f6e6963}\AutoRun\command. (.Lenovo Group Limited - Lenovo Factory Backup Partition Information.) -- Q:\LenovoQDrive.exe
~ Keys: Scanned in 00mn 00s
---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 18 Legitimates Filtered in 00mn 00s
---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 4 Legitimates Filtered in 00mn 00s
---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
~ Drivers: 66 Legitimates Filtered in 00mn 26s
---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: C:\Users\CIO\AppData\Roaming\Mozilla\Firefox\Profiles\uq712f6o.default\searchplugins\askcom.xml
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - https://www.bing.com/?toHttps=1&redig=69DA0EF8272048D9864AF4DB37211DE8
O69 - SBI: SearchScopes [HKCU] {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} - (Ask Search) - http://www.search.ask.com/?o=10148&l=dis =>Toolbar.Ask
O69 - SBI: SearchScopes [HKCU] {548487BA-9160-451C-9E59-89BBE01A600C} - (Ask Search) - http://www.search.ask.com/?o=10148&l=dis =>Toolbar.Ask
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - https://www.google.com/?gws_rd=ssl
~ Keys: Scanned in 00mn 00s
---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "A28B4D68DEBAA244EB686953B7074FEF" . (.Ask Toolbar.) -- c:\program files (x86)\ask.com\fv_b110.ico =>Toolbar.Ask
~ Update Products: 1 Legitimates Filtered in 00mn 00s
---\\ Recherche de clés de registre Tracing (O100)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ApnStub_RASAPI32 =>Toolbar.Ask
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ApnStub_RASMANCS =>Toolbar.Ask
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\AskInstallChecker_RASAPI32 =>Toolbar.Ask
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\AskInstallChecker_RASMANCS =>Toolbar.Ask
~ BTK: 175 Legitimates Filtered in 00mn 00s
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 11/09/2014 267440 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 20/10/2014 107912 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 20/10/2014 107912 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Auto 08/07/2011 144232 | (HyperW7Svc) . (.Lenovo Group Limited.) - C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe
SS - | Demand 22/10/2004 73728 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
SS - | Demand 09/10/2014 114288 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Demand 31/08/2011 87400 | (Power Manager DBC Service) . (.Lenovo.) - C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe
SS - | Demand 31/08/2011 173416 | (PwmEWSvc) . (.Lenovo Group Limited.) - C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.exe
SS - | Demand 09/12/2010 47728 | (TPHDEXLGSVC) . (.Lenovo..) - C:\Windows\System32\TPHDEXLG64.exe
SR - | Auto 21/12/2013 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 30/10/2012 44808 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Demand 31/08/2011 478056 | (DozeSvc) . (.Lenovo..) - C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.exe
SR - | Auto 14/07/2009 27136 | C:\Users\CIO\AppData\Local\Temp\7zS1A1F\hpslpsvc64.dll (HPSLPSVC) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 12/11/2010 45928 | (IBMPMSVC) . (.Lenovo..) - C:\Windows\System32\ibmpmsvc.exe
SR - | Auto 31/05/2011 41320 | (LENOVO.CAMMUTE) . (.Lenovo Group Limited.) - C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
SR - | Auto 31/05/2011 59240 | (LENOVO.TPKNRSVC) . (.Lenovo Group Limited.) - C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
SR - | Auto 12/07/2011 133992 | (Lenovo.VIRTSCRLSVC) . (.Lenovo Group Limited.) - C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
SR - | Auto 22/02/2011 326168 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 10/06/2014 3211264 | (MajIndexEducationService) . (.Index Education.) - C:\Program Files (x86)\Index Education\Mise a jour automatique\ServiceMiseAJourIndex.exe
SR - | Auto 11/03/2010 193824 | (PSI_SVC_2) . (.Protexis Inc..) - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
SR - | Auto 18/05/2011 199272 | (RtkAudioService) . (.Realtek Semiconductor.) - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
SR - | Auto 25/07/2011 28672 | (SUService) . (.Lenovo Group Limited.) - C:\Program Files (x86)\Lenovo\System Update\SUService.exe
SR - | Auto 10/01/2008 61440 | (UleadBurningHelper) . (.Ulead Systems, Inc..) - C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
SR - | Auto 22/02/2011 2656280 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Demand 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 23s
---\\ Scan Additionnel (O88)
Database Version : 13026 - (18/10/2014)
Clés trouvées (Keys found) : 60
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 5
Fichiers trouvés (Files found) : 3
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] =>Toolbar.Ask^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}] =>Toolbar.Ask^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Updater Service] =>Adware.IncrediBar^
[HKLM\Software\Classes\Interface\{3f607e46-0d3c-4442-b1de-de7fa4768f5c}] =>Adware.RecordNRip
[HKLM\Software\Wow6432Node\Classes\Interface\{3f607e46-0d3c-4442-b1de-de7fa4768f5c}] =>Adware.RecordNRip
[HKLM\Software\Classes\TypeLib\{93e3d79c-0786-48ff-9329-93bc9f6dc2b3}] =>Adware.RecordNRip
[HKLM\Software\Classes\Interface\{fe0273d1-99df-4ac0-87d5-1371c6271785}] =>Adware.RecordNRip
[HKLM\Software\Wow6432Node\Classes\Interface\{fe0273d1-99df-4ac0-87d5-1371c6271785}] =>Adware.RecordNRip
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}] =>Toolbar.Ask
[HKLM\Software\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] =>Toolbar.Ask
[HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}] =>Toolbar.Ask
[HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}] =>Toolbar.Ask
[HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}] =>Toolbar.Ask
[HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}] =>Toolbar.Ask
[HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}] =>Toolbar.Ask
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}] =>Toolbar.Avira
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}] =>Toolbar.Avira
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] =>Toolbar.Avira
[HKLM\Software\Classes\AppID\GenericAskToolbar.DLL] =>Toolbar.Ask
[HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd] =>Toolbar.Ask
[HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd.1] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED] =>Toolbar.Ask
[HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AVGSearch
[HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AVGSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AVGSearch
[HKLM\Software\Wow6432Node\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AVGSearch
[HKLM\Software\Wow6432Node\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AVGSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9] =>Adware.MyWebSearch
[HKCU\Software\Ask.com] =>Toolbar.AskBar
[HKCU\Software\AppDataLow\Software\AskToolbar] =>Toolbar.AskTBar
[HKCU\Software\AppDataLow\AskToolbarInfo] =>Toolbar.AskTBar
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Updater Service] =>Adware.IncrediBar
[HKLM\Software\Wow6432Node\Microsoft\Tracing\apnstub_RASMANCS] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Microsoft\Tracing\apnstub_RASAPI32] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Microsoft\Tracing\AskInstallChecker_RASMANCS] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Microsoft\Tracing\AskInstallChecker_RASAPI32] =>Toolbar.Ask
[HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{D4027C7F-154A-4066-A1AD-4243D8127440} =>Toolbar.Avira
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar]:{D4027C7F-154A-4066-A1AD-4243D8127440} =>Toolbar.Avira
C:\Users\CIO\AppData\Roaming\Mozilla\Firefox\Profiles\uq712f6o.default\extensions\toolbar@ask.com =>Toolbar.Ask^
C:\ProgramData\IBUpdaterService =>Adware.InstallBrain^
C:\Users\CIO\AppData\Roaming\File Scout =>PUP.FileScout^
C:\Program Files (x86)\Ask.com =>Toolbar.AskBar
C:\Users\CIO\AppData\Local\Temp\AskSearch =>Toolbar.AskBarDis
C:\Program Files (x86)\Ask.com\UpdateTask.exe =>Toolbar.Ask^
[HKCU\Software\FileScout] =>PUP.FileScout^
[HKCU\Software\WEDLMNGR] =>PUP.weDownloadManager^
~ Additionnel Scan: 286426 Items scanned in 01mn 01s
---\\ Informations complémentaires sur les modules
~ https://nicolascoolman.eu =>.Internet Explorer, Proxy Management (R5)
~ https://nicolascoolman.eu =>.Browser Helper Objects de navigateur (O2)
~ https://nicolascoolman.eu =>.Internet Explorer Toolbars (O3)
~ https://nicolascoolman.eu =>.Applications lancées au démarrage du système (O4)
~ https://nicolascoolman.eu =>.Clé de registre Shell MountPoints2 (MPKS) (O51)
~ AMI: 5 Legitimates Filtered in 00mn 00s
---\\ Récapitulatif des détections trouvées sur votre station
https://nicolascoolman.eu =>Toolbar.Ask
https://nicolascoolman.eu =>Adware.IncrediBar
https://nicolascoolman.eu =>PUP.FileScout
https://nicolascoolman.eu =>PUP.weDownloadManager
https://nicolascoolman.eu =>Adware.InstallBrain
https://nicolascoolman.eu =>Adware.RecordNRip
https://nicolascoolman.eu =>Adware.MyWebSearch
https://nicolascoolman.eu =>Toolbar.AskBar
https://nicolascoolman.eu =>Toolbar.AskTBar
https://nicolascoolman.eu =>Toolbar.AskBarDis
~ MSI: 10 link(s) detected in 00mn 00s
~ 851 Legitimates filtered by white list
End of the scan (521 lines in 03mn 37s)(0)
~ Rapport de ZHPDiag v2014.10.18.148 - Nicolas Coolman (18/10/2014)
~ Lancé par CIO (21/10/2014 14:52:41)
~ Adresse du Site Web https://nicolascoolman.eu
~ Adresse du Forum https://nicolascoolman.eu
~ Traduit par Nicolas Coolman
~ Etat de la version : Version à jour.
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user
---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.17358
MFIE: Mozilla Firefox 32.0.3 (Defaut)
GCIE: Google Chrome v38.0.2125.104
---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Professional, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows Operating System - Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 24367
Windows License : OK
~ Windows Remaining Initializations Number : 2
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Logiciels de protection du système
avast! Free Antivirus v7.0.1474.0
Windows Defender W7 (Activate)
---\\ Logiciels d'optimisation du système
CCleaner v4.05
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
Adobe Flash Player 11 ActiveX 64-bit
Adobe Flash Player 15 Plugin
Adobe Reader XI
---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1888 MB (42% free)
System Restore: Activé (Enable)
System drive C: has 231 GB (80%) free of 285 GB
---\\ Mode de connexion au système
~ Computer Name: CIO-LENOVO1
~ User Name: CIO
~ All Users Names: HomeGroupUser$, Formasarthe, CIO, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\CIO\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\CIO\AppData\Roaming\
~ %Desktop% : C:\Users\CIO\Desktop\
~ %Favorites% : C:\Users\CIO\Favorites\
~ %LocalAppData% : C:\Users\CIO\AppData\Local\
~ %StartMenu% : C:\Users\CIO\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 231 Go of 285 Go)
Q: Hard drive, Flash drive, Thumb drive (Free 3 Go of 12 Go)
---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyGames: Modified
~ Security Center: 49 Legitimates Filtered in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.04/01/2012 - 05:24:51.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.9D98D4F390F0B14A782F3B931E613A1A] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.19/09/2014 - 01:33:18.) -- C:\Windows\System32\wininet.dll [2309632]
[MD5.8CEBD9D0A0A879CDE9F36F4383B7CAEA] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.17/07/2014 - 03:07:24.) -- C:\Windows\System32\Winlogon.exe [455168]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.21/11/2010 - 04:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.FA886682CFC5D36718D3E436AACF10B9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.30/05/2014 - 07:45:52.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.04/01/2012 - 05:26:48.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 04:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 04:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.1B6163C503398B23FF8B939C67747683] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/11/2010 - 04:25:07.) -- C:\Windows\system32\Drivers\rdpdr.sys [165888]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/58
~ Mes musiques (My Musics) : 26/292
~ Mes Favoris (My Favorites) : 1/21
~ Mes Documents (My Documents) : 10/2136
~ Mon Bureau (My Desktop) : 2/35
~ Menu demarrer (Programs) : 1/39
~ Hidden Files: Scanned in 00mn 06s
---\\ Processus lancés
[MD5.EC80D4878D3824C289868E007B9C43EF] - (.Lenovo Group Limited - Microphone volume control module.) -- C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe [40808] [PID.3592]
[MD5.F6987FF6C6D683F79FDCE707B071A997] - (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files (x86)\SuperCopier2\SuperCopier2.exe [955392] [PID.3832]
[MD5.51138BEEA3E2C21EC44D0932C71762A8] - (...) -- ysWOW64\rundll32.exe [0] [PID.4104]
[MD5.083649EF692A066880C9326020915AFE] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [4297136] [PID.4232]
[MD5.12916E0642E92561C98B18A2A2D01B14] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848] [PID.4312]
[MD5.048EA4B978851788E9F5E8E4F081DF7A] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904] [PID.4324]
[MD5.6F2ED4B6BE48C85134EEEBBAE1CD87AD] - (.Lenovo Group Limited - Power Manager Power Agenda.) -- C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.exe [62824] [PID.4340]
[MD5.B53D59915A356B06C1D7DE5B22B4177C] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [854344] [PID.4568]
[MD5.3B376496187AB240FAC6ECD7BD1251F6] - (.Pas de propriétaire - Message Center Plus Launcher.) -- C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe [49976] [PID.3372]
[MD5.5DFE72B9F1FF669070FC032090B7B982] - (.Sun Microsystems, Inc. - Java(TM) Update Checker.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe [507312] [PID.3736]
[MD5.7787F1E659DCDF85E47BBF374B502FAC] - (.Nicolas Coolman - ZHPDiag.) -- C:\ZHPDiag\ZHPDiag.exe [8113664] [PID.4912]
[MD5.8FA553E9AE69808D99C164733A0F9590] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [44808] [PID.1604]
[MD5.7060C98E81EB082C2AEC2491CCD41A02] - (.Index Education - Pas de description.) -- C:\Program Files (x86)\Index Education\Mise a jour automatique\ServiceMiseAJourIndex.exe [3211264] [PID.1872]
[MD5.B362181ED3771DC03B4141927C80F801] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65432] [PID.2024]
[MD5.56B74943929BC575914631EDC0E72220] - (.Lenovo Group Limited - Camera Mute Control Service for ThinkPad.) -- C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe [41320] [PID.1792]
[MD5.F9B51B2A5DA1222A910021C71E9EA559] - (.Lenovo Group Limited - Microphone volume control service.) -- C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe [59240] [PID.1888]
[MD5.F036CFB275D0C55F4E45FBBF5F98B3C8] - (.Protexis Inc. - PsiService PsiService.) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [193824] [PID.1864]
[MD5.BE788A747457E6916586C410EC0111E7] - (.Ulead Systems, Inc. - ULCDRSvr.) -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [61440] [PID.2112]
[MD5.E7859BA062DB5E23C6DD34AD66B09F50] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [326168] [PID.3504]
[MD5.6EA2F517373771CAC5188E82617C9C0B] - (.Lenovo Group Limited - ThinkVantage System Update Service.) -- C:\Program Files (x86)\Lenovo\System Update\SUService.exe [28672] [PID.3412]
[MD5.E91F8AFBD7FB96C94B266579D6BFA77A] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2656280] [PID.3780]
~ Processes Running: Scanned in 00mn 01s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\CIO\AppData\Local\Google\Chrome\User Data\Default\Preferences
---\\ Liste des dossiers d'extension Google Chrome
~ Google Lines Browser: 0 Legitimates Filtered in 00mn 00s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\CIO\AppData\Roaming\Mozilla\Firefox\Profiles\uq712f6o.default\prefs.js
M3 - MFPP: Plugins - [CIO] -- C:\Users\CIO\AppData\Roaming\Mozilla\Firefox\Profiles\uq712f6o.default\searchplugins\askcom.xml
M2 - MFEP: prefs.js [CIO - uq712f6o.default\toolbar@ask.com] [] Ask Toolbar v3.8.0.12304 (..) =>Toolbar.Ask
P2 - FPN: [HKLM] [@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf] - (...) -- C:\Program Files\Tracker Software\npPDFXCviewNPPlugin.dll (.not file.)
P2 - FPN: [HKCU] [@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf] - (...) -- C:\Program Files\Tracker Software\Win32\npPDFXCviewNPPlugin.dll (.not file.)
~ Firefox Browser: 14 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://kogoa.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = preserve
~ IE Browser: 18 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (21)
~ Hosts File: Scanned in 00mn 00s
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Ask Toolbar BHO [64Bits] - {D4027C7F-154A-4066-A1AD-4243D8127440} . (.Ask - Ask Toolbar.) -- C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll =>Toolbar.Ask
~ BHO: 7 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: avast! WebRep - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} . (.AVAST Software - avast! WebRep Plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{D4027C7F-154A-4066-A1AD-4243D8127440} Clé orpheline
~ Toolbar: Scanned in 00mn 00s
---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKLM\..\Run: [TpShocks] . (.Lenovo. - ThinkVantage Active Protection System.) -- C:\Windows\System32\TpShocks.exe
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [LENOVO.TPKNRRES] . (.Lenovo Group Limited - Microphone volume control module.) -- C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe
O4 - HKCU\..\Run: [LTT] . (.PC-Doctor, Inc. - PC-Doctor Module.) -- C:\Program Files\PC-Doctor\EnableToolbarW32.exe
O4 - HKCU\..\Run: [SuperCopier2.exe] . (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files (x86)\SuperCopier2\SuperCopier2.exe
O4 - HKLM\..\Wow6432Node\Run: [PWMTRV] rundll32 C:\Program Files (x86)\ThinkPad\UTILIT~1\PWMTR64V.dll (.not file.)
O4 - HKLM\..\Wow6432Node\Run: [Lenovo Registration] . (.Lenovo, Inc. - Lenovo Registration.) -- C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe
O4 - HKLM\..\Wow6432Node\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1168201799-2390514144-3352934515-1000\..\Run: [LTT] . (.PC-Doctor, Inc. - PC-Doctor Module.) -- C:\Program Files\PC-Doctor\EnableToolbarW32.exe
O4 - HKUS\S-1-5-21-1168201799-2390514144-3352934515-1000\..\Run: [SuperCopier2.exe] . (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files (x86)\SuperCopier2\SuperCopier2.exe
~ Application: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{163DC53A-DE9E-41C8-A0DE-3AB7DF060DAB}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{F8E6C08E-AD27-4F26-89DC-60D97556A0B9}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{163DC53A-DE9E-41C8-A0DE-3AB7DF060DAB}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{F8E6C08E-AD27-4F26-89DC-60D97556A0B9}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{163DC53A-DE9E-41C8-A0DE-3AB7DF060DAB}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{F8E6C08E-AD27-4F26-89DC-60D97556A0B9}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Tâches planifiées en automatique (O39)
[MD5.95B44F3CCAC43A47649C1F1BC84ED517] [APT] [Scheduled Update for Ask Toolbar] (...) -- C:\Program Files (x86)\Ask.com\UpdateTask.exe [96136] =>Toolbar.Ask
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [1002]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1066]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1070]
O39 - APT: - (..) -- C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job [528]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask [528]
O39 - APT: - (..) -- C:\Windows\Tasks\SystemToolsDailyTest.job [466]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\SystemToolsDailyTest [466]
~ Scheduled Task: 19 Legitimates Filtered in 00mn 07s
---\\ Logiciels installés (O42)
O42 - Logiciel: Anawisc - Assistant d'analyse et d'interprétation du WISC-IV - (.Namexe.) [HKCU][64Bits] -- 9499e1cc2b057519
O42 - Logiciel: Ask Toolbar - (.Ask.com.) [HKLM][64Bits] -- {86D4B82A-ABED-442A-BE86-96357B70F4FE} =>Toolbar.Ask
O42 - Logiciel: GPO2 Collège - (.Delta-Expert.) [HKLM][64Bits] -- {14672513-CC60-459E-B48B-A36402B9B5AB}
O42 - Logiciel: GPO2 Lycée - (.Delta-Expert.) [HKLM][64Bits] -- {28EC8CEB-9DF6-4F21-8EB4-2E18A653FD8A}
O42 - Logiciel: GPO5 - (.Delta-Expert.) [HKLM][64Bits] -- {36273000-68AB-469B-836C-33D87A6D6715}
O42 - Logiciel: Printer Status Monitor Version 4.2.0 - (.SHARP.) [HKLM][64Bits] -- Printer Status Monitor
O42 - Logiciel: Updater Service - (...) [HKLM][64Bits] -- Updater Service =>Adware.IncrediBar
O42 - Logiciel: Valeurs (C:\Program Files (x86)\Valeurs\) - (...) [HKLM][64Bits] -- ST6UNST #2
O42 - Logiciel: Valeurs - (...) [HKLM][64Bits] -- ST6UNST #1
~ Logic: 32 Legitimates Filtered in 00mn 01s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\Ask.com]
[HKCU\Software\FileScout] =>PUP.FileScout
[HKCU\Software\ONISEP]
[HKCU\Software\WEDLMNGR] =>PUP.weDownloadManager
[HKLM\Software\Wow6432Node\ECPA]
~ Key Software: 277 Legitimates Filtered in 00mn 01s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 17/06/2014 - 22:10:33 - [] ----D C:\Program Files (x86)\Ask.com
O43 - CFD: 24/09/2013 - 15:02:31 - [] ----D C:\Program Files (x86)\Delta-Expert
O43 - CFD: 06/02/2012 - 17:36:37 - [] ----D C:\Program Files (x86)\ECPA
O43 - CFD: 18/01/2012 - 18:12:27 - [] ----D C:\Program Files (x86)\Valeurs
O43 - CFD: 08/11/2012 - 22:38:03 - [] ----D C:\ProgramData\Ask
O43 - CFD: 06/11/2013 - 15:27:20 - [] ----D C:\ProgramData\IBUpdaterService =>Adware.InstallBrain
O43 - CFD: 13/02/2012 - 11:43:39 - [] ----D C:\ProgramData\Partner
O43 - CFD: 15/02/2013 - 00:44:35 - [] ----D C:\Users\CIO\AppData\Roaming\Anawisc
O43 - CFD: 05/07/2014 - 15:28:07 - [] ----D C:\Users\CIO\AppData\Roaming\File Scout =>PUP.FileScout
O43 - CFD: 18/01/2012 - 18:58:36 - [] ----D C:\Users\CIO\AppData\Roaming\PwrMgr
O43 - CFD: 09/04/2014 - 22:14:42 - [] ----D C:\Users\CIO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Parade
~ 42 Dossier CLSID vide (CLSID Empty Folder)
~ Program Folder: 201 Legitimates Filtered in 00mn 01s
---\\ Clé de registre Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{d8267a46-3641-11e1-9c7f-806e6f6e6963}\AutoRun\command. (.Lenovo Group Limited - Lenovo Factory Backup Partition Information.) -- Q:\LenovoQDrive.exe
~ Keys: Scanned in 00mn 00s
---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 18 Legitimates Filtered in 00mn 00s
---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 4 Legitimates Filtered in 00mn 00s
---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
~ Drivers: 66 Legitimates Filtered in 00mn 26s
---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: C:\Users\CIO\AppData\Roaming\Mozilla\Firefox\Profiles\uq712f6o.default\searchplugins\askcom.xml
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - https://www.bing.com/?toHttps=1&redig=69DA0EF8272048D9864AF4DB37211DE8
O69 - SBI: SearchScopes [HKCU] {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} - (Ask Search) - http://www.search.ask.com/?o=10148&l=dis =>Toolbar.Ask
O69 - SBI: SearchScopes [HKCU] {548487BA-9160-451C-9E59-89BBE01A600C} - (Ask Search) - http://www.search.ask.com/?o=10148&l=dis =>Toolbar.Ask
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - https://www.google.com/?gws_rd=ssl
~ Keys: Scanned in 00mn 00s
---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "A28B4D68DEBAA244EB686953B7074FEF" . (.Ask Toolbar.) -- c:\program files (x86)\ask.com\fv_b110.ico =>Toolbar.Ask
~ Update Products: 1 Legitimates Filtered in 00mn 00s
---\\ Recherche de clés de registre Tracing (O100)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ApnStub_RASAPI32 =>Toolbar.Ask
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ApnStub_RASMANCS =>Toolbar.Ask
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\AskInstallChecker_RASAPI32 =>Toolbar.Ask
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\AskInstallChecker_RASMANCS =>Toolbar.Ask
~ BTK: 175 Legitimates Filtered in 00mn 00s
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 11/09/2014 267440 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 20/10/2014 107912 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 20/10/2014 107912 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Auto 08/07/2011 144232 | (HyperW7Svc) . (.Lenovo Group Limited.) - C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe
SS - | Demand 22/10/2004 73728 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
SS - | Demand 09/10/2014 114288 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Demand 31/08/2011 87400 | (Power Manager DBC Service) . (.Lenovo.) - C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe
SS - | Demand 31/08/2011 173416 | (PwmEWSvc) . (.Lenovo Group Limited.) - C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.exe
SS - | Demand 09/12/2010 47728 | (TPHDEXLGSVC) . (.Lenovo..) - C:\Windows\System32\TPHDEXLG64.exe
SR - | Auto 21/12/2013 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 30/10/2012 44808 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Demand 31/08/2011 478056 | (DozeSvc) . (.Lenovo..) - C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.exe
SR - | Auto 14/07/2009 27136 | C:\Users\CIO\AppData\Local\Temp\7zS1A1F\hpslpsvc64.dll (HPSLPSVC) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 12/11/2010 45928 | (IBMPMSVC) . (.Lenovo..) - C:\Windows\System32\ibmpmsvc.exe
SR - | Auto 31/05/2011 41320 | (LENOVO.CAMMUTE) . (.Lenovo Group Limited.) - C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
SR - | Auto 31/05/2011 59240 | (LENOVO.TPKNRSVC) . (.Lenovo Group Limited.) - C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
SR - | Auto 12/07/2011 133992 | (Lenovo.VIRTSCRLSVC) . (.Lenovo Group Limited.) - C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
SR - | Auto 22/02/2011 326168 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 10/06/2014 3211264 | (MajIndexEducationService) . (.Index Education.) - C:\Program Files (x86)\Index Education\Mise a jour automatique\ServiceMiseAJourIndex.exe
SR - | Auto 11/03/2010 193824 | (PSI_SVC_2) . (.Protexis Inc..) - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
SR - | Auto 18/05/2011 199272 | (RtkAudioService) . (.Realtek Semiconductor.) - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
SR - | Auto 25/07/2011 28672 | (SUService) . (.Lenovo Group Limited.) - C:\Program Files (x86)\Lenovo\System Update\SUService.exe
SR - | Auto 10/01/2008 61440 | (UleadBurningHelper) . (.Ulead Systems, Inc..) - C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
SR - | Auto 22/02/2011 2656280 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Demand 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 23s
---\\ Scan Additionnel (O88)
Database Version : 13026 - (18/10/2014)
Clés trouvées (Keys found) : 60
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 5
Fichiers trouvés (Files found) : 3
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] =>Toolbar.Ask^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}] =>Toolbar.Ask^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Updater Service] =>Adware.IncrediBar^
[HKLM\Software\Classes\Interface\{3f607e46-0d3c-4442-b1de-de7fa4768f5c}] =>Adware.RecordNRip
[HKLM\Software\Wow6432Node\Classes\Interface\{3f607e46-0d3c-4442-b1de-de7fa4768f5c}] =>Adware.RecordNRip
[HKLM\Software\Classes\TypeLib\{93e3d79c-0786-48ff-9329-93bc9f6dc2b3}] =>Adware.RecordNRip
[HKLM\Software\Classes\Interface\{fe0273d1-99df-4ac0-87d5-1371c6271785}] =>Adware.RecordNRip
[HKLM\Software\Wow6432Node\Classes\Interface\{fe0273d1-99df-4ac0-87d5-1371c6271785}] =>Adware.RecordNRip
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}] =>Toolbar.Ask
[HKLM\Software\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] =>Toolbar.Ask
[HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}] =>Toolbar.Ask
[HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}] =>Toolbar.Ask
[HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}] =>Toolbar.Ask
[HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}] =>Toolbar.Ask
[HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}] =>Toolbar.Ask
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}] =>Toolbar.Avira
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}] =>Toolbar.Avira
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] =>Toolbar.Avira
[HKLM\Software\Classes\AppID\GenericAskToolbar.DLL] =>Toolbar.Ask
[HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd] =>Toolbar.Ask
[HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd.1] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED] =>Toolbar.Ask
[HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AVGSearch
[HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AVGSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AVGSearch
[HKLM\Software\Wow6432Node\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AVGSearch
[HKLM\Software\Wow6432Node\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AVGSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9] =>Adware.MyWebSearch
[HKCU\Software\Ask.com] =>Toolbar.AskBar
[HKCU\Software\AppDataLow\Software\AskToolbar] =>Toolbar.AskTBar
[HKCU\Software\AppDataLow\AskToolbarInfo] =>Toolbar.AskTBar
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Updater Service] =>Adware.IncrediBar
[HKLM\Software\Wow6432Node\Microsoft\Tracing\apnstub_RASMANCS] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Microsoft\Tracing\apnstub_RASAPI32] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Microsoft\Tracing\AskInstallChecker_RASMANCS] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Microsoft\Tracing\AskInstallChecker_RASAPI32] =>Toolbar.Ask
[HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{D4027C7F-154A-4066-A1AD-4243D8127440} =>Toolbar.Avira
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar]:{D4027C7F-154A-4066-A1AD-4243D8127440} =>Toolbar.Avira
C:\Users\CIO\AppData\Roaming\Mozilla\Firefox\Profiles\uq712f6o.default\extensions\toolbar@ask.com =>Toolbar.Ask^
C:\ProgramData\IBUpdaterService =>Adware.InstallBrain^
C:\Users\CIO\AppData\Roaming\File Scout =>PUP.FileScout^
C:\Program Files (x86)\Ask.com =>Toolbar.AskBar
C:\Users\CIO\AppData\Local\Temp\AskSearch =>Toolbar.AskBarDis
C:\Program Files (x86)\Ask.com\UpdateTask.exe =>Toolbar.Ask^
[HKCU\Software\FileScout] =>PUP.FileScout^
[HKCU\Software\WEDLMNGR] =>PUP.weDownloadManager^
~ Additionnel Scan: 286426 Items scanned in 01mn 01s
---\\ Informations complémentaires sur les modules
~ https://nicolascoolman.eu =>.Internet Explorer, Proxy Management (R5)
~ https://nicolascoolman.eu =>.Browser Helper Objects de navigateur (O2)
~ https://nicolascoolman.eu =>.Internet Explorer Toolbars (O3)
~ https://nicolascoolman.eu =>.Applications lancées au démarrage du système (O4)
~ https://nicolascoolman.eu =>.Clé de registre Shell MountPoints2 (MPKS) (O51)
~ AMI: 5 Legitimates Filtered in 00mn 00s
---\\ Récapitulatif des détections trouvées sur votre station
https://nicolascoolman.eu =>Toolbar.Ask
https://nicolascoolman.eu =>Adware.IncrediBar
https://nicolascoolman.eu =>PUP.FileScout
https://nicolascoolman.eu =>PUP.weDownloadManager
https://nicolascoolman.eu =>Adware.InstallBrain
https://nicolascoolman.eu =>Adware.RecordNRip
https://nicolascoolman.eu =>Adware.MyWebSearch
https://nicolascoolman.eu =>Toolbar.AskBar
https://nicolascoolman.eu =>Toolbar.AskTBar
https://nicolascoolman.eu =>Toolbar.AskBarDis
~ MSI: 10 link(s) detected in 00mn 00s
~ 851 Legitimates filtered by white list
End of the scan (521 lines in 03mn 37s)(0)
AskepiosFFC
Messages postés
69
Date d'inscription
lundi 4 août 2014
Statut
Membre
Dernière intervention
22 décembre 2014
14
22 oct. 2014 à 16:00
22 oct. 2014 à 16:00
Passer un coup de AdwCleaner https://www.commentcamarche.net/telecharger/securite/2759-adwcleaner/
Passer un coup de MalwareBytes' Anti-Malware :
https://www.commentcamarche.net/telecharger/securite/14361-malwarebytes-anti-malware/
Passer un coup de CCleaner :
https://www.commentcamarche.net/telecharger/utilitaires/5647-ccleaner/#tutoriel-ccleaner#q=ccleaner&cur=4&url=%2F
Passer un coup de MalwareBytes' Anti-Malware :
https://www.commentcamarche.net/telecharger/securite/14361-malwarebytes-anti-malware/
Passer un coup de CCleaner :
https://www.commentcamarche.net/telecharger/utilitaires/5647-ccleaner/#tutoriel-ccleaner#q=ccleaner&cur=4&url=%2F
xelyia
Messages postés
52
Date d'inscription
jeudi 10 février 2011
Statut
Membre
Dernière intervention
22 juillet 2020
24 oct. 2014 à 16:02
24 oct. 2014 à 16:02
Tout va beaucoup mieux déjà.
Merci beaucoup :)
Merci beaucoup :)
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
AskepiosFFC
Messages postés
69
Date d'inscription
lundi 4 août 2014
Statut
Membre
Dernière intervention
22 décembre 2014
14
Modifié par AskepiosFFC le 24/10/2014 à 16:19
Modifié par AskepiosFFC le 24/10/2014 à 16:19
Un petit conseil, prends un antivirus bien plus performant. Oublie vite Avast et Windows Defender !
Utilise régulièrement AdwCleaner, MalwareBytes' Anti-Malware et CCleaner.
Pense aussi à defragmenter régulièrement.
Utilise régulièrement AdwCleaner, MalwareBytes' Anti-Malware et CCleaner.
Pense aussi à defragmenter régulièrement.
