Sujet Précédent Sujet Suivant

Mon pc freeze regulierement

Fermé
Viking040184 Messages postés 7 Date d'inscription vendredi 6 février 2015 Statut Membre Dernière intervention 6 février 2015 - 6 févr. 2015 à 10:54
skillnoobs Messages postés 59 Date d'inscription vendredi 3 janvier 2014 Statut Membre Dernière intervention 26 octobre 2015 - 9 févr. 2015 à 13:53
Bonjour,

depuis qq temps mon pc freeze a chaque fois que j'ouvre une nouvelle page internet, une nouvelle fenetre ou programme.
Ca affiche pas de reponse et je dois attendre plusieurs secondes voire minutes avant que tout redevienne normal.

J'ai utilise ccleaner, malwarebytes, glary utilities, defragmenter, scanner mais rien n'y a fait.

J'ai beaucoup de services ouvert mais ne sait pas si le probleme vient de la ou lesquels desactiver sans risque.

Si vous avez une solution ca serait top.

Merci
A voir également:

5 réponses

Réponse 1 / 5
Viking040184 Messages postés 7 Date d'inscription vendredi 6 février 2015 Statut Membre Dernière intervention 6 février 2015
6 févr. 2015 à 11:04
Voici le resultat de ZHPdiag si ca peut aider:

~ Report of ZHPDiag v2015.2.5.16 - Nicolas Coolman (2/5/2015)
~ Launched by Aurelien (2/6/2015 11:01:30 AM)
~ Facebook : https://www.facebook.com/nicolascoolman1
~ Web forum address : https://nicolascoolman.eu
~ Translated by
~ Version State : Updated version.
~ White List : Activate by program
~ Elevation of privilege : OK
~ User Account Control : Deactivate by user


---\\ Internet browsers
MSIE: Internet Explorer v11.0.9600.17501
MFIE: Mozilla Firefox 35.0.1 (Defaut)
GCIE: Google Chrome v40.0.2214.91

---\\ Windows product information
~ Langage: Anglais
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : KO
Windows Automatic Updates : OK
Windows Activation Technologies : OK
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)

---\\ System protection software
Avast Free Antivirus v10.0.2208
Malwarebytes Anti-Malware version 2.0.4.1028
McAfee Security Scan Plus v3.8.150.1
Windows Defender W7 (Activate)

---\\ System optimization software
CCleaner v5.01

---\\ Sharing software PeerToPeer
Vuze v4.8 =>P2P.Azureus

---\\ Surveillance software
Adobe Flash Player 16 NPAPI

---\\ Information on the system
~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 8086.2 MB (74% free)
System Restore: Activé (Enable)
System drive C: has 777 GB (85%) free of 912 GB

---\\ Connection to the system mode
~ Computer Name: AURELIEN-PC
~ User Name: Aurelien
~ All Users Names: HomeGroupUser$, Guest, Aurelien, ASPNET, Administrator,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Environment variables
~ System Unit : C:\
~ %AppZHP% : C:\Users\Aurelien\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Aurelien\AppData\Roaming\
~ %Desktop% : C:\Users\Aurelien\Desktop\
~ %Favorites% : C:\Users\Aurelien\Favorites\
~ %LocalAppData% : C:\Users\Aurelien\AppData\Local\
~ %StartMenu% : C:\Users\Aurelien\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeration of the disk units
C: Hard drive, Flash drive, Thumb drive (Free 777 Go of 912 Go)
D: CD-ROM drive (Not Inserted)



---\\ State of the Windows Security Center
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
~ Security Center: 46 Legitimates Filtered in 00mn AMs



---\\ Search Generic System Files
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Windows Explorer.) (.11/2/2012 - 5:47:05 AM.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Windows Start-Up Application.) (.7/14/2009 - 2:39:52 AM.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.4AF089160FE082E5EA5C4AA72782DCA2] - (.Microsoft Corporation - Internet Extensions for Win32.) (.11/22/2014 - 2:28:21 AM.) -- C:\Windows\System32\wininet.dll [2358272]
[MD5.8CEBD9D0A0A879CDE9F36F4383B7CAEA] - (.Microsoft Corporation - Windows Logon Application.) (.7/17/2014 - 3:07:24 AM.) -- C:\Windows\System32\Winlogon.exe [455168]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Software Licensing Library.) (.11/21/2010 - 4:24:16 AM.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.FA886682CFC5D36718D3E436AACF10B9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.5/30/2014 - 7:45:52 AM.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.7/14/2009 - 2:52:21 AM.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.7/14/2009 - 12:19:47 AM.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.11/21/2010 - 4:23:47 AM.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.11/21/2010 - 4:24:32 AM.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.11/21/2010 - 4:23:47 AM.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - i8042 Port Driver.) (.7/14/2009 - 12:19:57 AM.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.7/14/2009 - 1:10:03 AM.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.11/2/2012 - 5:47:06 AM.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.11/21/2010 - 4:23:51 AM.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - NT File System Driver.) (.1/24/2014 - 3:37:55 AM.) -- C:\Windows\system32\Drivers\ntfs.sys [1684928]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Parallel Port Driver.) (.7/14/2009 - 1:00:41 AM.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.11/21/2010 - 4:24:33 AM.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.7/14/2009 - 1:09:09 AM.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.70988118145F5F10EF24720B97F35F65] - (.Microsoft Corporation - TDI Translation Driver.) (.11/11/2014 - 2:46:26 AM.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Volume Shadow Copy Driver.) (.11/21/2010 - 4:23:47 AM.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn AMs



---\\ Hidden files state (Hidden/Total)
~ Mes images (My Pictures) : 1/22
~ Mes musiques (My Musics) : 1/74
~ Mes Favoris (My Favorites) : 1/10
~ Mes Documents (My Documents) : 1/218
~ Mon Bureau (My Desktop) : 2/353
~ Menu demarrer (Programs) : 1/25
~ Hidden Files: Scanned in 00mn AMs



---\\ Process running
[MD5.44ADDA5FB88EE14F57A246285775AC2F] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastui.exe [5227112] [PID.2176]
[MD5.265B49EF94A5AA713192EE97A7D248B5] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [338032] [PID.2852]
[MD5.B8A1DC08D5D15482476DCE7661C9A334] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8162816] [PID.828]
[MD5.E3F7EC811923F3F1A77B185F22638E5E] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344] [PID.1372]
[MD5.507E699BD36530491BA0F95251B22F06] - (.NVIDIA Corporation - NVIDIA Network Service.) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912] [PID.2004]
[MD5.E495E408C93141E8FC72DC0C6046DDFA] - (.Microsoft Corporation - x86 Performance Counter Host.) -- C:\Windows\SysWow64\perfhost.exe [20992] [PID.2608]
~ Processes Running: Scanned in 00mn AMs



---\\ Google Chrome, Start,Search,Extensions (G0,G1,G2)
C:\Users\Aurelien\AppData\Local\Google\Chrome\User Data\Default\Preferences

---\\ Google Chrome Extension Folder
~ Google Lines Browser: 0 Legitimates Filtered in 00mn AMs



---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (P2,M0,M1,M2,M3)
M2 - MFEP: RegExtension {e4f94d1e-2f53-401e-8885-681602c0ddd8} . (...) -- C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi (.not file.)
~ Firefox Browser: 6 Legitimates Filtered in 00mn AMs



---\\ Internet Explorer Extensions, Start, Search (R4,R3,R0,R1)
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = about:newtab
~ IE Browser: 20 Legitimates Filtered in 00mn AMs



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn AMs



---\\ Line Analysis F0, F1, F2, F3 - IniFiles, Auto loading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn AMs



---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (21)
~ Hosts File: Scanned in 00mn AMs



---\\ Internet Explorer toolbars (O3)
O3 - Toolbar: avast! Online Security - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} . (...) -- (.not file.)
O3 - Toolbar: (no name) - [HKLM]{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} Orphan key
~ Toolbar: Scanned in 00mn AMs



---\\ Other User Links (O4)
O4 - GS\Program [Public]: Vuze.lnk . (...) -- C:\Program Files (x86)\Vuze\Azureus.exe (.not file.) =>P2P.Azureus
O4 - GS\QuickLaunch [Aurelien]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://isearch.omiga-plus.com =>Hijacker.OmigaPlus
O4 - GS\QuickLaunch [Aurelien]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe http://isearch.omiga-plus.com =>Hijacker.OmigaPlus
O4 - GS\QuickLaunch [Aurelien]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Aurelien\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - GS\TaskBar [Aurelien]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://isearch.omiga-plus.com =>Hijacker.OmigaPlus
O4 - GS\Program [Aurelien]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://isearch.omiga-plus.com =>Hijacker.OmigaPlus
O4 - GS\SystemTools [Aurelien]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://isearch.omiga-plus.com =>Hijacker.OmigaPlus
~ Global Startup: 7 Legitimates Filtered in 01mn AMs



---\\ Auto loading programs from Registry and folders (O4)
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Windows Desktop Gadgets.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Windows Desktop Gadgets.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
~ Application: Scanned in 00mn AMs



---\\ Extra buttons on main IE button toolbar, or extra items in IE 'Tools' menu (O9)
O9 - Extra button: Se&nd to OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} -- C:\Program Files (x86)\MICROS~2\Office14\ONBttnIE.dll (.not file.)
O9 - Extra button: OneNote Lin&ked Notes [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} -- C:\Program Files (x86)\MICROS~2\Office14\ONBTTN~1.dll (.not file.)
~ IE Extra Buttons: Scanned in 00mn AMs



---\\ Site in Trusted Zone (O15)
O15 - Trusted Zone: [HKCU\...\Domains] *.dell.com
~ IE Zone Confiance: Scanned in 00mn AMs



---\\ Lop.com/Domain Hijackers (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{BA93946E-A1B3-4360-8272-39A9FB2C5775}: NameServer = 128.227.116.4,128.227.128.24
O17 - HKLM\System\CCS\Services\Tcpip\..\{5CF877A3-C55A-403B-83C9-464E160BEEB5}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{BA93946E-A1B3-4360-8272-39A9FB2C5775}: NameServer = 128.227.116.4,128.227.128.24
O17 - HKLM\System\CS1\Services\Tcpip\..\{5CF877A3-C55A-403B-83C9-464E160BEEB5}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{BA93946E-A1B3-4360-8272-39A9FB2C5775}: NameServer = 128.227.116.4,128.227.128.24
O17 - HKLM\System\CS2\Services\Tcpip\..\{5CF877A3-C55A-403B-83C9-464E160BEEB5}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = ad.ufl.edu,abe.ufl.edu
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
~ Domain: Scanned in 00mn AMs



---\\ Extra protocols (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn AMs



---\\ AppInit_DLLs Registry value Autorun (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn AMs



---\\ AppInit_DLLs Registry value Autorun (O20)
O20 - AppInit_DLLs: . (.NVIDIA Corporation - NVIDIA shim initialization dll, Version 344.) - C:\Windows\system32\nvinitx.dll
~ AppInit DLL: Scanned in 00mn AMs



---\\ BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk * ) - File not found
O34 - HKLM BootExecute: (BootDefrag.exe) - File not found
~ BEX: 2 Legitimates Filtered in 00mn AMs



---\\ Task Planned Automatically (039)
[MD5.00000000000000000000000000000000] [APT] [SK.Enabler-S-1495795506] (...) -- c:\programdata\quickset\sk.enabler\SK.Enabler.exe (.not file.) [0] =>Adware.SurfAndKeep
[MD5.00000000000000000000000000000000] [APT] [{E84D8BE9-9B6E-4096-A559-4988E3E94ED0}] (...) -- C:\Users\Aurelien\AppData\Roaming\omiga-plus\UninstallManager.exe (.not file.) [0] =>Hijacker.OmigaPlus
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [830]
O39 - APT: - (..) -- C:\Windows\Tasks\GlaryUpdate 3.job [384]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GlaryUpdate 3 [384]
O39 - APT: - (..) -- C:\Windows\Tasks\PCFix.job [202]
O39 - APT: SK.Enabler-S-1495795506 - (...) -- C:\Windows\Tasks\SK.Enabler-S-1495795506.job [450] =>Adware.SurfAndKeep
O39 - APT: SK.Enabler-S-1495795506 - (...) -- C:\Windows\System32\Tasks\SK.Enabler-S-1495795506 [450] =>Adware.SurfAndKeep
~ Scheduled Task: 11 Legitimates Filtered in 03mn AMs



---\\ Software installed (O42)
O42 - Logiciel: Ticket to Ride - (...) [HKLM][64Bits] -- Steam App 108200
~ Logic: 15 Legitimates Filtered in 00mn AMs



---\\ HKCU & HKLM Software Keys
[HKCU\Software\ELIGCHK]
[HKCU\Software\Mixi.DJ]
[HKCU\Software\OB]
[HKCU\Software\PC-Progress]
[HKCU\Software\USSL]
[HKCU\Software\WordOv]
[HKLM\Software\Wow6432Node\SK.Enabler] =>Adware.SurfAndKeep
[HKLM\Software\Wow6432Node\USSL]
[HKLM\Software\Wow6432Node\WordOv]
~ Key Software: 291 Legitimates Filtered in 00mn AMs



---\\ Contents of the Common Files folders (O43)
O43 - CFD: 12/12/2013 - 10:23:38 PM - [0] ----D C:\Program Files (x86)\Epubor
O43 - CFD: 1/24/2015 - 5:55:23 PM - [] ----D C:\Program Files (x86)\GUM9137.tmp
O43 - CFD: 12/27/2013 - 11:28:54 PM - [0] ----D C:\Program Files (x86)\SK Supporter =>PUP.SaveClicker
O43 - CFD: 2/2/2014 - 4:42:25 PM - [0] ----D C:\Program Files (x86)\Ss_Helper =>Adware.SaveShare
O43 - CFD: 9/26/2013 - 7:59:09 PM - [] ----D C:\Program Files (x86)\UCR
O43 - CFD: 1/2/2014 - 4:30:04 PM - [] ----D C:\ProgramData\ALLSaver =>PUP.AllSaver
O43 - CFD: 1/26/2015 - 4:42:51 PM - [] ----D C:\ProgramData\APN
O43 - CFD: 1/17/2015 - 6:21:37 PM - [] ----D C:\ProgramData\Baidu
O43 - CFD: 1/16/2014 - 5:52:25 AM - [] ----D C:\ProgramData\InstallMate =>PUP.Tarma
O43 - CFD: 2/1/2015 - 11:36:45 AM - [] ----D C:\ProgramData\MailUpdate =>PUP.MailUpdate
O43 - CFD: 5/22/2014 - 8:59:22 AM - [] -SH-D C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
O43 - CFD: 2/1/2015 - 11:51:01 AM - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Fix Cleaner Registry Cleaner
O43 - CFD: 11/17/2012 - 3:20:31 PM - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SILKYPIX Developer Studio 3.1 SE
O43 - CFD: 11/21/2010 - 8:16:41 AM - [0] R-H-D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 12/12/2013 - 1:29:39 AM - [] ----D C:\Users\Aurelien\AppData\Roaming\.Epubor
O43 - CFD: 5/22/2014 - 8:59:33 AM - [] ----D C:\Users\Aurelien\AppData\Roaming\AdvertismentImages
O43 - CFD: 8/25/2014 - 8:16:09 AM - [] ----D C:\Users\Aurelien\AppData\Roaming\iSafe =>Trojan.Staser
O43 - CFD: 1/30/2015 - 2:19:11 PM - [] ----D C:\Users\Aurelien\AppData\Roaming\MailUpdate =>PUP.MailUpdate
O43 - CFD: 5/22/2014 - 9:03:27 AM - [] ----D C:\Users\Aurelien\AppData\Roaming\Time Inspector
O43 - CFD: 11/16/2014 - 11:38:47 AM - [] -SH-D C:\Users\Aurelien\AppData\Local\EmieBrowserModeList
O43 - CFD: 11/25/2012 - 1:26:30 AM - [] ----D C:\Users\Aurelien\AppData\Local\Ticket to Ride
O43 - CFD: 9/16/2014 - 1:54:17 PM - [] ----D C:\Users\Aurelien\AppData\Local\tt
O43 - CFD: 9/19/2013 - 2:10:44 PM - [0] ----D C:\Users\Aurelien\AppData\Local\WordOv
~ 4 Dossier CLSID vide (CLSID Empty Folder)
~ Program Folder: 302 Legitimates Filtered in 01mn AMs



---\\ Last modified or created files under Windows and System32 (O44)
O44 - LFC:[MD5.9BE9F2B83DE80E2752B1405CC427E2EC] - 1/24/2015 - 5:54:57 PM ---A- . (...) -- C:\Windows\System32\Drivers\aswHwid.sys [29208]
O44 - LFC:[MD5.2F04DE30523E4F64FB1C6F318A59B8B6] - 1/25/2015 - 5:53:58 PM ---A- . (...) -- C:\WirelessDiagLog.csv [350]
O44 - LFC:[MD5.A0E56B47908796BA22DE6A7EB0627708] - 2/5/2015 - 11:54:36 AM ---A- . (...) -- C:\Windows\ntbtlog.txt [257464]
O44 - LFC:[MD5.20AE73D6C0CCB1C65B8BA9B0CF34B2F1] - 2/6/2015 - 9:46:51 AM --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [28352]
O44 - LFC:[MD5.20AE73D6C0CCB1C65B8BA9B0CF34B2F1] - 2/6/2015 - 9:46:51 AM --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [28352]
~ Files: 29 Legitimates Filtered in 04mn AMs



---\\ Operations and functions at Windows Explorer startup (O46)
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook [64Bits] - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
~ ShellExecuteHooks: Scanned in 00mn AMs



---\\ ShareTools MSconfig StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\GUDelayStartup [Key] . (...) -- C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe (.not file.)
~ SMSR Keys: 1 Legitimates Filtered in 00mn AMs



---\\ Microsoft Windows Policies System (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 17 Legitimates Filtered in 00mn AMs



---\\ Microsoft Windows Policies Explorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoLowDiskSpaceChecks"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 5 Legitimates Filtered in 00mn AMs



---\\ System Drivers List (SDL) (O58)
O58 - SDL:12/13/2010 - 6:34:14 PM ---A- . (.ST Microelectronics - Accelerometer Port I/O.) -- C:\Windows\System32\Drivers\Accelern.sys [27760]
O58 - SDL:3/15/2012 - 11:02:46 AM ---A- . (.Windows (R) Win 7 DDK provider - Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapt.) -- C:\Windows\System32\Drivers\AmpPal.sys [198144]
O58 - SDL:1/24/2015 - 5:54:57 PM ---A- . (...) -- C:\Windows\System32\Drivers\aswHwid.sys [29208] =>.ALWIL Software
O58 - SDL:1/24/2015 - 5:54:57 PM ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65776] =>.ALWIL Software
O58 - SDL:1/24/2015 - 5:54:57 PM ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [267632] =>.ALWIL Software
O58 - SDL:7/14/2009 - 2:47:48 AM ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:6/10/2009 - 9:31:59 PM ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:8/8/2014 - 7:24:04 AM ---A- . (.Elex do Brasil Participações Ltda - iSafe Kernel Boot Driver.) -- C:\Windows\System32\Drivers\iSafeKrnlBoot.sys [45248] =>PUP.Elex
O58 - SDL:7/13/2010 - 3:38:06 AM ---A- . (.Quanta Computer - Win7 QicFilterDriver-64Bits.) -- C:\Windows\System32\Drivers\qicflt.sys [29288]
O58 - SDL:8/20/2010 - 7:05:12 PM ---A- . (.ST Microelectronics - Disk Class Filter Driver for Accelerometer.) -- C:\Windows\System32\Drivers\stdcfltn.sys [21616]
O58 - SDL:7/14/2009 - 2:45:55 AM ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:12/13/2012 - 6:50:36 PM ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl64.sys [54784]
~ Drivers: 93 Legitimates Filtered in 05mn AMs



---\\ List all tools cleaner (LATC) (O63)
O63 - Logiciel: ZHPDiag 2015 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn AMs



---\\ List all legacy services(LALS) (O64)
O64 - Services: CurCS - 1/24/2015 - C:\Windows\system32\drivers\aswHwid.sys (aswHwid) .(...) - LEGACY_ASWHWID
~ Legacy: 104 Legitimates Filtered in 00mn AMs



---\\ Start Menu Internet (SMI) (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (...) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: <ZOTERO.EXE> <>[HKLM\..\Shell\open\Command] (.Not Key.)
~ Keys: Scanned in 00mn AMs



---\\ Search Browser Infection (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] 1F97E41FB74F4C9EAA76F8D5BADAA628 - (u-Search) - http://ww38.u-search.net/ =>Hijacker.SearchNet
O69 - SBI: SearchScopes [HKCU] {0191A6B0-1154-4C22-9182-23A95BBE92D9} - (Google) - https://www.google.com/?gws_rd=ssl
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - https://www.bing.com/?toHttps=1&redig=69DA0EF8272048D9864AF4DB37211DE8
O69 - SBI: SearchScopes [HKCU] {23A99B22-32BB-408A-AAD9-B17BE60F688E} - (Bing) - https://www.bing.com/?toHttps=1&redig=69DA0EF8272048D9864AF4DB37211DE8
O69 - SBI: SearchScopes [HKCU] {25D5C2F2-8E63-457E-8172-17EB1107B232} - (u-Search) - http://ww38.u-search.net/ =>Hijacker.SearchNet
O69 - SBI: SearchScopes [HKCU] {2DD6A560-2A7F-4664-8E7D-15F633BB27C4} - (u-Search) - http://ww38.u-search.net/ =>Hijacker.SearchNet
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Goo) - https://www.google.com/?gws_rd=ssl
O69 - SBI: SearchScopes [HKCU] {AD333C01-D264-447E-9A43-744C3E8C9969} - (Google) - https://www.google.com/?gws_rd=ssl
O69 - SBI: SearchScopes [HKCU] {B76745E9-7D60-4B82-A33F-68F15D450D57} - (Yahoo) - https://search.yahoo.com/
O69 - SBI: SearchScopes [HKCU] {DF0AFB12-5834-48D6-8C27-44548965ED51} - (u-Search) - http://ww38.u-search.net/ =>Hijacker.SearchNet
O69 - SBI: SearchScopes [HKCU] {E6249C2C-DEC1-4BCF-B542-35E4607C6C29} - (Search By ZoneAlarm) - https://search.zonealarm.com/
O69 - SBI: SearchScopes [HKCU] {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} [DefaultScope] - (Google) - https://www.google.com/?gws_rd=ssl
O69 - SBI: SearchScopes [HKUS\.DEFAULT] {0191A6B0-1154-4C22-9182-23A95BBE92D9} [DefaultScope] - (Google) - https://www.google.com/?gws_rd=ssl
O69 - SBI: SearchScopes [HKUS\S-1-5-18] {0191A6B0-1154-4C22-9182-23A95BBE92D9} [DefaultScope] - (Google) - https://www.google.com/?gws_rd=ssl
O69 - SBI: SearchScopes [HKUS\S-1-5-19] {0191A6B0-1154-4C22-9182-23A95BBE92D9} [DefaultScope] - (Google) - https://www.google.com/?gws_rd=ssl
O69 - SBI: SearchScopes [HKUS\S-1-5-20] {0191A6B0-1154-4C22-9182-23A95BBE92D9} [DefaultScope] - (Google) - https://www.google.com/?gws_rd=ssl
~ Keys: Scanned in 00mn AMs



---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "{B29EB2C1-3586-4D1B-A3FE-7B7D1CD5727B}" | In - Private - P6 - TRUE | .(.Azureus Software, Inc - No Comment.) -- C:\Program Files\Vuze\Azureus.exe =>P2P.Azureus
O87 - FAEL: "{BC576FF0-4DD5-4C97-99E1-CA786661C6B7}" | In - Private - P17 - TRUE | .(.Azureus Software, Inc - No Comment.) -- C:\Program Files\Vuze\Azureus.exe =>P2P.Azureus
O87 - FAEL: "TCP Query User{2BB1AC7A-1AAB-4751-A4FB-424483C53FE5}C:\Program Files\Vuze\Azureus.exe" | In - Public - P6 - TRUE | .(.Azureus Software, Inc - No Comment.) -- C:\Program Files\Vuze\Azureus.exe =>P2P.Azureus
O87 - FAEL: "UDP Query User{DD840D08-2B23-4737-8FBF-87D98EE8DACE}C:\Program Files\Vuze\Azureus.exe" | In - Public - P17 - TRUE | .(.Azureus Software, Inc - No Comment.) -- C:\Program Files\Vuze\Azureus.exe =>P2P.Azureus
O87 - FAEL: "{FD2D9727-707C-4AB8-92A1-821B5611550A}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Aurelien\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{A93B1599-AC46-416E-AF19-9C5ED7ADC424}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Aurelien\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Firewall: 6 Legitimates Filtered in 02mn AMs



---\\ Search Tracing Registry Key (O100)
HKLM\SOFTWARE\Microsoft\Tracing\Azureus_RASAPI32 =>P2P.Azureus
HKLM\SOFTWARE\Microsoft\Tracing\Azureus_RASMANCS =>P2P.Azureus
HKLM\SOFTWARE\Microsoft\Tracing\Torntv Downloader_RASAPI32 =>Hijacker.TornTV
HKLM\SOFTWARE\Microsoft\Tracing\Torntv Downloader_RASMANCS =>Hijacker.TornTV
HKLM\SOFTWARE\Microsoft\Tracing\updateLemurLeap_RASAPI32 =>PUP.LemurLeap
HKLM\SOFTWARE\Microsoft\Tracing\updateLemurLeap_RASMANCS =>PUP.LemurLeap
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ExtensionUpdaterService_RASAPI32 =>Adware.Incredibar
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ExtensionUpdaterService_RASMANCS =>Adware.Incredibar
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ShopToWin_RASAPI32 =>Adware.ShopToWin
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ShopToWin_RASMANCS =>Adware.ShopToWin
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updatediamondata_RASAPI32 =>Hijacker.Diamondata
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updatediamondata_RASMANCS =>Hijacker.Diamondata
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateKozaka_RASAPI32 =>PUP.Kozaka
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateKozaka_RASMANCS =>PUP.Kozaka
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilKozaka_RASAPI32 =>PUP.Kozaka
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilKozaka_RASMANCS =>PUP.Kozaka
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\VuzeToolbar-stub-1_RASAPI32 =>P2P.Azureus
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\VuzeToolbar-stub-1_RASMANCS =>P2P.Azureus
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Vuze_Installer_RASAPI32 =>P2P.Azureus
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Vuze_Installer_RASMANCS =>P2P.Azureus
~ BTK: 422 Legitimates Filtered in 00mn AMs



---\\ Search CLSID Registry Key (O101)
[HKCR\CLSID\{CD76EFE9-A659-0E8B-4FE6-7AFDFA8D4F36}] (ALLSaver) =>PUP.CrossRider
~ BCK: 4661 Legitimates Filtered in 06mn AMs



---\\ General States of Services not Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 2/5/2015 267440 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 3/15/2012 659976 | (AMPPALR3) . (.Intel Corporation.) - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
SS - | Disabled 10/18/2011 936272 | (Bluetooth Device Monitor) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
SS - | Disabled 10/18/2011 1354064 | (Bluetooth Media Service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
SS - | Disabled 10/18/2011 1001808 | (Bluetooth OBEX Service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
SS - | Demand 4/23/2012 135952 | (BTHSSecurityMgr) . (.Intel(R) Corporation.) - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
SS - | Demand 10/9/2012 173568 | (DellDigitalDelivery) . (.Dell Products, LP..) - C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
SS - | Auto 7/9/2013 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 7/9/2013 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 5/9/2011 136120 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Disabled 4/4/2005 69632 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
SS - | Demand 12/20/2010 325656 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SS - | Disabled 4/9/2014 289256 | (McComponentHostService) . (.McAfee, Inc..) - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe
SS - | Demand 1/23/2015 114800 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Demand 6/25/2012 272688 | (MyWiFiDHCPDNS) . (...) - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
SS - | Demand 7/14/2009 27136 | C:\Windows\system32\HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SS - | Demand 9/17/2014 19439944 | (NvStreamSvc) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
SS - | Demand 11/12/2014 934032 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SS - | Demand 7/14/2009 27136 | C:\Windows\system32\HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SS - | Demand 5/4/2013 543656 | (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
SS - | Demand 11/12/2014 409800 | (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
SS - | Demand 12/20/2010 2656280 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SS - | Disabled 7/22/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 1/24/2015 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Demand 1/24/2015 4012248 | (AvastVBoxSvc) . (.Avast Software.) - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
SR - | Auto 6/25/2012 628016 | (EvtEng) . (.Intel(R) Corporation.) - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
SR - | Auto 9/17/2014 1148744 | (GfExperienceService) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
SR - | Auto 9/17/2014 1795912 | (NvNetworkService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
SR - | Auto 6/25/2012 149296 | (RegSrvc) . (.Intel(R) Corporation.) - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
SR - | Auto 11/29/2010 149504 | (TurboBoost) . (.Intel(R) Corporation.) - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
SR - | Auto 7/14/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 7/14/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 6/25/2012 3325232 | (ZeroConfigService) . (.Intel® Corporation.) - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
~ Services: Scanned in 07mn AMs



---\\ Scan Additionnel (O88)
Database Version : 13008 - (2/5/2015)
Clés trouvées (Keys found) : 6
Valeurs trouvées (Values found) : 7
Dossiers trouvés (Folders found) : 7
Fichiers trouvés (Files found) : 4

[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}] =>Toolbar.Yahoo
[HKCU\Software\Mixi.DJ] =>Toolbar.MixiDJ
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}] =>Toolbar.Yahoo
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110111251155}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110111251155}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110111251155}] =>PUP.CrossRider
C:\Program Files (x86)\SK Supporter =>PUP.SaveClicker^
C:\Program Files (x86)\Ss_Helper =>Adware.SaveShare^
C:\ProgramData\ALLSaver =>PUP.AllSaver^
C:\ProgramData\InstallMate =>PUP.Tarma^
C:\ProgramData\MailUpdate =>PUP.MailUpdate^
C:\Users\Aurelien\AppData\Roaming\iSafe =>Trojan.Staser^
C:\Users\Aurelien\AppData\Roaming\MailUpdate =>PUP.MailUpdate^
C:\Windows\Tasks\SK.Enabler-S-1495795506.job =>Adware.SurfAndKeep^
C:\Windows\System32\Tasks\SK.Enabler-S-1495795506 =>Adware.SurfAndKeep^
[HKLM\Software\Wow6432Node\SK.Enabler] =>Adware.SurfAndKeep^
[HKCR\CLSID\{CD76EFE9-A659-0E8B-4FE6-7AFDFA8D4F36}] (ALLSaver) =>PUP.CrossRider^
~ Additionnel Scan: 259484 Items scanned in 25mn AMs



---\\ Additional information about modules
~ https://nicolascoolman.eu =>.Internet Explorer, Proxy Management (R5)
~ https://nicolascoolman.eu =>.Internet Explorer toolbars (O3)
~ https://nicolascoolman.eu =>.Auto loading programs from Registry and folders (O4)
~ AMI: 3 Legitimates Filtered in 00mn AMs



---\\ Summary of the detections found on your workstation
https://nicolascoolman.eu =>Hijacker.OmigaPlus
https://nicolascoolman.eu =>Adware.SurfAndKeep
https://nicolascoolman.eu =>PUP.SaveClicker
http://nicolascoolman.fr/31929570-adware-saveshare =>Adware.SaveShare
https://nicolascoolman.eu =>PUP.AllSaver
https://nicolascoolman.eu =>PUP.Tarma
https://nicolascoolman.eu =>PUP.MailUpdate
https://nicolascoolman.eu =>Trojan.Staser
https://nicolascoolman.eu =>PUP.Elex
https://nicolascoolman.eu =>Hijacker.SearchNet
https://nicolascoolman.eu =>Hijacker.TornTV
https://nicolascoolman.eu =>PUP.LemurLeap
https://nicolascoolman.eu =>Adware.Incredibar
http://nicolascoolman.fr/32151568-adware-shoptowin =>Adware.ShopToWin
http://nicolascoolman.fr/hijacker-diamondata =>Hijacker.Diamondata
https://nicolascoolman.eu =>PUP.Kozaka
https://nicolascoolman.eu =>PUP.CrossRider
https://nicolascoolman.eu =>Toolbar.Yahoo
https://nicolascoolman.eu =>Toolbar.MixiDJ
~ MSI: 19 link(s) detected in 00mn AMs



~ 970 Legitimates filtered by white list
End of the scan (552 lines in 11mn AMs)(0.6)
0
Réponse 2 / 5
skillnoobs Messages postés 59 Date d'inscription vendredi 3 janvier 2014 Statut Membre Dernière intervention 26 octobre 2015 30
6 févr. 2015 à 11:41
Bonjour, s'il n'y a que les performances qui t'intérresse va dans la barre de recherche window tabe
-"visuel"n'appuie pas sur la entrée.
-regarde la liste de proposition et clique sur régler l'apparence...de window.
-coche "ajuster afin d'obtenir les meilleur performances"

Bon sa sera moche mais tu devrais moins freeze.
Ta un anti-virus?
0
Utilisateur anonyme
6 févr. 2015 à 11:45
Hé hé hé... Si cette manipulation peut faire baisser un peu l'utilisation du processeur et de la RAM, c'est pas encore gagné.
Le tout, c'est de supprimer les logiciels publicitaires qui ne contribuent pas du tout au bon fonctionnement du système...
0
skillnoobs Messages postés 59 Date d'inscription vendredi 3 janvier 2014 Statut Membre Dernière intervention 26 octobre 2015 30
Modifié par skillnoobs le 6/02/2015 à 11:53
Sachant que malwarebytes supprime les Adwares mais AdwClearner ne les supprime pas tous.
0
Utilisateur anonyme
6 févr. 2015 à 11:54
Relis : 

J'ai utilise ccleaner, malwarebytes, glary utilities, defragmenter, scanner mais rien n'y a fait.


Cela signifie que c'est la dernière solution.
0
skillnoobs Messages postés 59 Date d'inscription vendredi 3 janvier 2014 Statut Membre Dernière intervention 26 octobre 2015 30
6 févr. 2015 à 11:55
Si malwarebytes est passé alors les adwares sont supprimer
0
Utilisateur anonyme
6 févr. 2015 à 15:11
Il te suffit de chercher dans la page (Ctrl+F) le mot-clé "adware" dans le rapport d'infection pour te rendre compte qu'il y a plein d'adwares dans cet ordinateur que AdwCleaner est en mesure de supprimer. Et il y a aussi ceux qui ne sont pas mentionnés qui le sont... 

-- c:\programdata\quickset\sk.enabler\SK.Enabler.exe (.not file.) [0] =>Adware.SurfAndKeep 
O39 - APT: SK.Enabler-S-1495795506 - (...) -- C:\Windows\Tasks\SK.Enabler-S-1495795506.job [450] =>Adware.SurfAndKeep 
O39 - APT: SK.Enabler-S-1495795506 - (...) -- C:\Windows\System32\Tasks\SK.Enabler-S-1495795506 [450] =>Adware.SurfAndKeep 
[HKLM\Software\Wow6432Node\SK.Enabler] =>Adware.SurfAndKeep 
O43 - CFD: 2/2/2014 - 4:42:25 PM - [0] ----D C:\Program Files (x86)\Ss_Helper =>Adware.SaveShare
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ExtensionUpdaterService_RASAPI32 =>Adware.Incredibar 
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ExtensionUpdaterService_RASMANCS =>Adware.Incredibar 
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ShopToWin_RASAPI32 =>Adware.ShopToWin 
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ShopToWin_RASMANCS =>Adware.ShopToWin 
C:\Windows\Tasks\SK.Enabler-S-1495795506.job =>Adware.SurfAndKeep^ 
C:\Windows\System32\Tasks\SK.Enabler-S-1495795506 =>Adware.SurfAndKeep^ 
[HKLM\Software\Wow6432Node\SK.Enabler] =>Adware.SurfAndKeep^ 
C:\Program Files (x86)\Ss_Helper =>Adware.SaveShare^


Quand on ne sait pas, on se tait.
0
Réponse 3 / 5
Utilisateur anonyme
Modifié par kaki87 le 6/02/2015 à 11:42
Bonjour,

Installe AdwCleaner sur ton ordinateur, fais une analyse.
Ensuite, exécute le nettoyage puis publie le rapport.
Attention au redémarrage après la désinfection et ne lance aucune application pendant la procédure.

Quelles sont les caractéristiques de ton ordinateur ?
0
Réponse 4 / 5
skillnoobs Messages postés 59 Date d'inscription vendredi 3 janvier 2014 Statut Membre Dernière intervention 26 octobre 2015 30
Modifié par skillnoobs le 6/02/2015 à 11:53
Si avec ces solutions ça ne fonctionne pas alors la meilleure solution serait la réinstallation de ton système d'exploitation.
;)
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 5
Viking040184 Messages postés 7 Date d'inscription vendredi 6 février 2015 Statut Membre Dernière intervention 6 février 2015
6 févr. 2015 à 12:19
Merci de vos reponses

Voila le rapport apres le nettoyage adwcleaner

# AdwCleaner v4.110 - Logfile created 06/02/2015 at 12:05:54
# Updated 05/02/2015 by Xplode
# Database : 2015-02-05.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Aurelien - AURELIEN-PC
# Running from : C:\Users\Aurelien\Downloads\adwcleaner_4.110.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\baidu
Folder Deleted : C:\ProgramData\MailUpdate
Folder Deleted : C:\ProgramData\ALLSaver
Folder Deleted : C:\Program Files (x86)\globalUpdate
Folder Deleted : C:\Users\Aurelien\AppData\Local\globalUpdate
Folder Deleted : C:\Users\Aurelien\AppData\Roaming\eCyber
Folder Deleted : C:\Users\Aurelien\AppData\Roaming\iSafe
Folder Deleted : C:\Users\Aurelien\AppData\Roaming\MailUpdate
Folder Deleted : C:\Users\Aurelien\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lmnbobhffedhdhfpcjkjphcfpeeiocdn
Folder Deleted : C:\Users\Aurelien\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lmnbobhffedhdhfpcjkjphcfpeeiocdn
File Deleted : C:\Windows\System32\drivers\iSafeKrnlBoot.sys
File Deleted : C:\Windows\System32\log\iSafeKrnlCall.log

***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****

Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Aurelien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\Aurelien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Shortcut Disinfected : C:\Users\Aurelien\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Aurelien\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Shortcut Disinfected : C:\Users\Aurelien\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\1F97E41FB74F4C9EAA76F8D5BADAA628
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{25D5C2F2-8E63-457E-8172-17EB1107B232}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2DD6A560-2A7F-4664-8E7D-15F633BB27C4}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{DF0AFB12-5834-48D6-8C27-44548965ED51}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E6249C2C-DEC1-4BCF-B542-35E4607C6C29}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2030A5DE-5F83-448A-9FEE-DBE40FE8CA1D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{23A99B22-32BB-408A-AAD9-B17BE60F688E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{25D5C2F2-8E63-457E-8172-17EB1107B232}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2DD6A560-2A7F-4664-8E7D-15F633BB27C4}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{DF0AFB12-5834-48D6-8C27-44548965ED51}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2030A5DE-5F83-448A-9FEE-DBE40FE8CA1D}
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17496


-\\ Mozilla Firefox v35.0.1 (x86 en-US)


-\\ Google Chrome v


-\\ Comodo Dragon v


-\\ Opera v0.0.0.0


-\\ Chrome Canary v


*************************

AdwCleaner[R0].txt - [25241 bytes] - [25/08/2014 07:35:54]
AdwCleaner[R1].txt - [1077 bytes] - [25/08/2014 07:47:43]
AdwCleaner[R2].txt - [8449 bytes] - [06/02/2015 12:01:10]
AdwCleaner[S0].txt - [25328 bytes] - [25/08/2014 07:37:28]
AdwCleaner[S1].txt - [1290 bytes] - [25/08/2014 07:53:57]
AdwCleaner[S2].txt - [8700 bytes] - [06/02/2015 12:05:54]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [8759 bytes] ##########




Ou sinon mon PC est un Dell xps L502x
Interl Core i&-2670QM
CPU 2.2 GHZ
8 GB RAM
sous windows 7 Home premium SP1
0
Utilisateur anonyme
6 févr. 2015 à 15:14
Bien. Comment cela se présente, maintenant ?
Il semble que la majorité des adwares ont été supprimés.
0
Viking040184 Messages postés 7 Date d'inscription vendredi 6 février 2015 Statut Membre Dernière intervention 6 février 2015 > Utilisateur anonyme
6 févr. 2015 à 15:16
Ca a l'air d'etre un peu mieux.
Mon PC freeze encore qqfois mais moins frequemment et moins lgtps.

Merci c'est deja un bon debut:)
0
Utilisateur anonyme
Modifié par kaki87 le 6/02/2015 à 15:28
Bien. Ensuite, avez-vous un antivirus ? Quel navigateur internet utilisez-vous ?
Si vous utilisez Internet Explorer, je vous suggère de passer à Mozilla Firefox ou Google Chrome. Si vous utilisez l'un de ces deux, c'est parfait. Installez ensuite Adblock Plus (un bloqueur de publicités) puis WOT (une extension anti-arnaque) qui vous évitera également d'installer des logiciels publicitaires.
0
skillnoobs Messages postés 59 Date d'inscription vendredi 3 janvier 2014 Statut Membre Dernière intervention 26 octobre 2015 30
Modifié par skillnoobs le 6/02/2015 à 15:43
Oui, aprés si tu n'as pas d'antivirus c'est normal, plusieurs logiciels malveillants pouraient s'installer.
0
skillnoobs Messages postés 59 Date d'inscription vendredi 3 janvier 2014 Statut Membre Dernière intervention 26 octobre 2015 30
6 févr. 2015 à 15:27
Aprés je te conseille d'installer l'extension de navigateur WOT.
0