Demarrage IE impossible
tonylafenetre
-
tonylafenetre -
tonylafenetre -
Bonjour,
Mon PC démarre normalement, mais a la demande de IE, il tourne en rond, tous les programmes sont devenues Lent....
Apres plusieurs Réinitialisation de IE, rien n'a change...
Actuellement il fonctionne bien, mais si je le coupe et redémarre il recommence.
Je Voulais réinstalle WIN7, mais peut-être il y a plus simple.
Merci de vos infos.
Mon PC démarre normalement, mais a la demande de IE, il tourne en rond, tous les programmes sont devenues Lent....
Apres plusieurs Réinitialisation de IE, rien n'a change...
Actuellement il fonctionne bien, mais si je le coupe et redémarre il recommence.
Je Voulais réinstalle WIN7, mais peut-être il y a plus simple.
Merci de vos infos.
A voir également:
- Demarrage IE impossible
- Forcer demarrage pc - Guide
- Ordinateur lent au démarrage - Guide
- Reinitialiser pc au demarrage - Guide
- Problème démarrage windows 10 - Guide
- Demarrage windows 10 - Guide
Mais des que je demande IE, il tourne en rond. J'ai dautres prog, comme word, excel, Outloock, c'est pareil et le pire quand j'ouvre Money 2005. Ce sont des programmes que j'utilise depuis plusieurs années, sans soucis. Le PB, viens des derniers jours.
~ Lancé par Tony (09/08/2015 10:37:14)
~ Facebook : https://www.facebook.com/nicolascoolman1
~ Adresse du Forum http://forum.nicolascoolman.fr
~ Traduit par Nicolas Coolman
~ Etat de la version : Nouvelle version disponible
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by program
---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.17914 (Defaut)
---\\ Informations sur les produits Windows
~ Langage: Français
Windows Server License Manager Script : OK
~ Windows Operating System - Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 8Q2F3
Windows License : OK
~ Windows Remaining Initializations Number : 4
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
Windows 7 Ultimate, 32-bit Service Pack 1 (Build 7601)
---\\ Logiciels de protection du système
Windows Defender W7 (Activate)
---\\ Logiciels d'optimisation du système
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
Adobe Reader XI
---\\ Informations sur le système
~ Processor: x86 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2940 MB (53% free)
System Restore: Activé (Enable)
System drive C: has 44 GB (51%) free of 85 GB
---\\ Mode de connexion au système
~ Computer Name: PORTABLETONY
~ User Name: Tony
~ All Users Names: Tony, HomeGroupUser$, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\Tony\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Tony\AppData\Roaming\
~ %Desktop% : C:\Users\Tony\Desktop\
~ %Favorites% : C:\Users\Tony\Favorites\
~ %LocalAppData% : C:\Users\Tony\AppData\Local\
~ %StartMenu% : C:\Users\Tony\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 44 Go of 85 Go)
D: Hard drive, Flash drive, Thumb drive (Free 67 Go of 186 Go)
E: CD-ROM drive (Free 0 Go of 2 Go)
F: Hard drive, Flash drive, Thumb drive (Free 49 Go of 195 Go)
---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date
~ Security Center: 43 Legitimates Filtered in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 06:30:54.) -- C:\Windows\Explorer.exe [2616320]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.63B01F72FD727D5736DBEF54174D8F93] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.19/06/2015 - 18:15:43.) -- C:\Windows\System32\wininet.dll [1951232]
[MD5.52449FD429D6053B78AE564DEF303870] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.17/07/2014 - 02:39:27.) -- C:\Windows\System32\Winlogon.exe [304128]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 13:21:24.) -- C:\Windows\System32\sppcomapi.dll [193536]
[MD5.D0B388DA1D111A34366E04EB4A5DD156] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.30/05/2014 - 07:36:07.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 09:38:10.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 09:42:32.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 10:59:29.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 00:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.01C5B803F6E1FDF8F16F0763DA9B997D] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.01/07/2015 - 20:18:29.) -- C:\Windows\system32\Drivers\MRxSmb.sys [124416]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 09:39:44.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.C8DFF8D07755A66C7A4A738930F0FEAC] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.24/01/2014 - 03:18:22.) -- C:\Windows\system32\Drivers\ntfs.sys [1212352]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 00:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/07/2009 - 00:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.B973FCFC50DC1434E1970A146F7E3885] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.20/11/2010 - 11:24:46.) -- C:\Windows\system32\Drivers\rdpdr.sys [133632]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 00:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.B459575348C20E8121D6039DA063C704] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 09:39:17.) -- C:\Windows\system32\Drivers\tdx.sys [74752]
[MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 13:30:16.) -- C:\Windows\system32\Drivers\volsnap.sys [245632]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/4
~ Mes Favoris (My Favorites) : 1/72
~ Mes Documents (My Documents) : 2/11
~ Mon Bureau (My Desktop) : 3/794
~ Menu demarrer (Programs) : 1/32
~ Hidden Files: Scanned in 00mn 00s
---\\ Processus lancés
[MD5.27044650FA30414BEC7F9BEB7F937386] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [172064] [PID.2620]
[MD5.A63DC5C2EA944E6657203E0C8EDEAF61] - (.Microsoft Corporation - COM Surrogate.) -- C:\Windows\system32\DllHost.exe [7168] [PID.196]
[MD5.A7B6589F92C9CB498CDBA42EBEB23EE4] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [815312] [PID.5620]
[MD5.AC128D5676EE9CE8E644F7958804148B] - (.Microsoft Corporation - Microsoft Spell Checking Facility.) -- C:\Windows\System32\MsSpellCheckingFacility.exe [667648] [PID.1792]
[MD5.06C2BB8F9089C3C091584F8AD5C1A01E] - (.Microsoft Corporation - Microsoft Outlook.) -- C:\Program Files\Microsoft Office\Office14\OUTLOOK.exe [16001192] [PID.3732]
[MD5.12E2FC1F74265881402DE856D01EFFFE] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8214016] [PID.5852]
~ Processes Running: Scanned in 00mn 00s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = preserve
~ IE Browser: 15 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (21)
~ Hosts File: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\QuickLaunch [Tony]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Tony\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Global Startup: 1 Legitimates Filtered in 00mn 00s
---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKCU\..\Run: [FrameWorkService] Clé orpheline
O4 - HKCU\..\Run: [DAEMON Tools Ultra Agent] . (.Disc Soft Ltd - DAEMON Tools Ultra Agent.) -- C:\Program Files\DAEMON Tools Ultra\DTAgent.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\SPReview.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\SPReview.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-2921974886-1332853579-3120648741-1001\..\Run: [FrameWorkService] Clé orpheline
O4 - HKUS\S-1-5-21-2921974886-1332853579-3120648741-1001\..\Run: [DAEMON Tools Ultra Agent] . (.Disc Soft Ltd - DAEMON Tools Ultra Agent.) -- C:\Program Files\DAEMON Tools Ultra\DTAgent.exe
~ Application: Scanned in 00mn 00s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~2\Office14\ONBttnIE.dll =>.Microsoft Corporation
O9 - Extra button: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~2\Office14\ONBTTN~1.dll =>.Microsoft Corporation
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{200FE21A-5978-4661-8B48-97D88A1FD3A4}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{24673D66-E659-4DB8-AB19-24385824F09F}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{200FE21A-5978-4661-8B48-97D88A1FD3A4}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{24673D66-E659-4DB8-AB19-24385824F09F}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{24673D66-E659-4DB8-AB19-24385824F09F}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: InterBase Guardian (InterBaseGuardian) . (...) - F:\BUILDER C++\bin\ibguard.exe (.not file.)
O23 - Service: S7 HSP Service (s7hspsvx) . (...) - C:\Program Files\Siemens\Step7\s7bin\s7hspsvx.exe (.not file.)
O23 - Service: Usb PLC (UsbConnect) . (.Schneider Electric Industries SAS - USB PLC NT Service.) - C:\Windows\system32\UsbConnect.exe
~ Services: 6 Legitimates Filtered in 00mn 03s
---\\ Tâches planifiées en automatique (O39)
[MD5.07605ABEB10FC533881C91F19DECF69A] [APT] [AutoKMS] (...) -- C:\WINDOWS\AutoKMS\AutoKMS.exe [1923584] =>Hacktool.AutoKMS
[MD5.00000000000000000000000000000000] [APT] [{1CBA7F52-D4F5-4F1B-9FBE-6E53721C410A}] (...) -- F:\BUILDER C++\ibuninst.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{204B464C-7928-4874-8809-AEB376E86B34}] (...) -- C:\Users\Tony\Desktop\Vega\Sony.Vegas.Pro.v13.0.310\Sony.Vegas.Pro.v13.0.310.x64.10TH.BIRTHDAY-DVT\vegaspro13.0.310_64bit.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{49177375-E6F7-44E7-9F8C-3EF0FDC45AE3}] (...) -- C:\Users\Tony\AppData\Roaming\mystartsearch\UninstallManager.exe (.not file.) [0] =>PUP.StartSearch
[MD5.00000000000000000000000000000000] [APT] [{545E225A-9E90-4122-B003-06C42199824D}] (...) -- C:\Users\Tony\Desktop\Vega\Sony.Vegas.Pro.v13.0.310\Sony.Vegas.Pro.v13.0.310.x64.10TH.BIRTHDAY-DVT\vegaspro13.0.310_64bit.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{54ECB68B-95F7-4EF8-BDF6-F187B0745299}] (...) -- C:\Windows\system32\XWAYMgr.cpl (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{66A1259E-EAD6-4E31-8801-D8CD7C9EB241}] (...) -- C:\Users\Tony\Desktop\VEGAS\Sony Vegas Pro 10 Portable\Sony Vegas Pro 10.0a Build 387 Portable.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{672C5BF8-A5BF-4507-9A07-4A2870A74187}] (...) -- C:\PL7\PL7PRO44\exe\pl7pro.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{67CB2527-7B96-4603-B46D-0BC4085FDC85}] (...) -- C:\Users\Tony\Desktop\Vega\Sony.Vegas.Pro.v13.0.310\Sony.Vegas.Pro.v13.0.310.x64.10TH.BIRTHDAY-DVT\vegaspro13.0.310_64bit.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{95409EC9-92B9-4319-BCA9-63FC940C2523}] (...) -- C:\Users\Tony\Desktop\musique USB\Maman.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{AF8DC8DD-A76D-49EE-BCE0-DA7E40E6BEAC}] (...) -- C:\Users\Tony\Desktop\112æ\SVG10.0AUpByAndorria\Sony Vegas Pro 10.0a Portable.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{C3A5192E-77F7-42D9-93CA-DC2E5FC19769}] (...) -- C:\Users\Tony\Desktop\Vega\Sony.Vegas.Pro.v13.0.310\Sony.Vegas.Pro.v13.0.310.x64.10TH.BIRTHDAY-DVT\vegaspro13.0.310_64bit.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{C52AC18B-7853-49DE-8908-B2642B6243E5}] (...) -- C:\Users\Tony\Desktop\Builder\Builder6-1\INSTALL\SETUP.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{EC0F086C-DD06-4309-9943-011941054B78}] (...) -- C:\Users\Tony\Desktop\Builder\Builder6-1\INSTALL.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{ECEE7A90-392B-4B65-8707-ACADD5FFB1A2}] (...) -- C:\Users\Tony\AppData\Roaming\sweet-page\UninstallManager.exe (.not file.) [0] =>PUP.SweetPage
O39 - APT: AutoKMS - (...) -- C:\Windows\Tasks\AutoKMS.job [268] =>Hacktool.AutoKMS
O39 - APT: AutoKMS - (...) -- C:\Windows\System32\Tasks\AutoKMS [268] =>Hacktool.AutoKMS
~ Scheduled Task: 21 Legitimates Filtered in 00mn 01s
---\\ Logiciels installés (O42)
O42 - Logiciel: Fox Audio Converter v7.4.0.10 - (...) [HKLM] -- Fox Audio Converter_is1
~ Logic: 13 Legitimates Filtered in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\CoinisRevShare]
[HKCU\Software\DIMEGLIO]
[HKCU\Software\RoyalTek]
[HKCU\Software\Toocharger]
[HKCU\Software\sysM32]
[HKLM\Software\FDT]
[HKLM\Software\SafetySearch]
~ Key Software: 210 Legitimates Filtered in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 23/02/2015 - 19:15:03 - [] ----D C:\Program Files\Danew
O43 - CFD: 30/08/2014 - 20:28:14 - [] ----D C:\Program Files\Fox Audio Converter
O43 - CFD: 08/11/2014 - 21:05:26 - [] ----D C:\Program Files\Prosyst
O43 - CFD: 21/10/2014 - 18:10:42 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InterBase
O43 - CFD: 14/07/2009 - 11:00:32 - [0] R-H-D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 21/12/2014 - 12:54:58 - [] ----D C:\Users\Tony\AppData\Roaming\driver
O43 - CFD: 21/10/2014 - 21:18:06 - [] ----D C:\Users\Tony\AppData\Local\Disc_Soft_Ltd
O43 - CFD: 15/06/2015 - 07:53:19 - [0] -SH-D C:\Users\Tony\AppData\Local\EmieBrowserModeList
~ Program Folder: 214 Legitimates Filtered in 00mn 00s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.365FEE24A11D1C9C93C18364CF380D9A] - 09/08/2015 - 08:08:04 ---A- . (...) -- C:\Windows\ntbtlog.txt [140012]
~ Files: 13 Legitimates Filtered in 00mn 01s
---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
~ ShellExecuteHooks: Scanned in 00mn 00s
---\\ Clé de registre Shell MountPoints2 (MPSK) (O51)
O51 - MPSK:{0b229a7c-4e40-11e4-9427-001e33a3e60c}\AutoRun\command. (...) -- G:\Setup.exe (.not file.)
O51 - MPSK:{7f0b6a16-039e-11e4-8698-806e6f6e6963}\AutoRun\command. (.Microsoft Corporation - Windows Installer.) -- E:\setup.exe
O51 - MPSK:{7f189f72-643d-11e4-99aa-001e33a3e60c}\AutoRun\command. (...) -- H:\Setup.exe (.not file.)
O51 - MPSK:{90a5db3a-5692-11e4-8a56-001e33a3e60c}\AutoRun\command. (...) -- G:\Setup.exe (.not file.)
O51 - MPSK:{f01d8fc9-593c-11e4-a3b8-001e33a3e60c}\AutoRun\command. (...) -- H:\setup.exe (.not file.)
~ Keys: Scanned in 00mn 00s
---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s
---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:14/07/2009 - 02:20:28 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [453712]
O58 - SDL:13/07/2009 - 23:54:14 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [26624]
O58 - SDL:07/09/2009 - 08:00:28 ---A- . (.REDC - RICOH SD/MMC Driver.) -- C:\Windows\System32\Drivers\rimmptsk.sys [48128]
O58 - SDL:15/09/2009 - 02:36:18 ---A- . (.REDC - RICOH MS Driver.) -- C:\Windows\System32\Drivers\rimsptsk.sys [44544]
O58 - SDL:15/09/2009 - 03:30:08 ---A- . (.REDC - RICOH XD SM Driver.) -- C:\Windows\System32\Drivers\rixdptsk.sys [38400]
O58 - SDL:14/07/2009 - 02:19:04 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [21072]
O58 - SDL:13/07/2009 - 22:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
O58 - SDL:13/07/2009 - 22:40:44 ---A- . (...) -- C:\Windows\System32\country.sys [27097]
O58 - SDL:13/07/2009 - 22:40:40 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS [4768]
O58 - SDL:13/07/2009 - 22:40:43 ---A- . (...) -- C:\Windows\System32\KEY01.SYS [42809]
O58 - SDL:13/07/2009 - 22:40:43 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537]
O58 - SDL:13/07/2009 - 22:40:23 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS [27866]
O58 - SDL:13/07/2009 - 22:40:31 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS [29146]
O58 - SDL:13/07/2009 - 22:40:35 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS [29370]
O58 - SDL:13/07/2009 - 22:40:39 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS [29274]
O58 - SDL:13/07/2009 - 22:40:27 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS [29146]
O58 - SDL:13/07/2009 - 22:40:11 ---A- . (...) -- C:\Windows\System32\NTIO.SYS [33952]
O58 - SDL:13/07/2009 - 22:40:15 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS [34672]
O58 - SDL:13/07/2009 - 22:40:17 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS [35776]
O58 - SDL:13/07/2009 - 22:40:19 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS [35536]
O58 - SDL:13/07/2009 - 22:40:13 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS [34672]
~ Drivers: 81 Legitimates Filtered in 00mn 00s
---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2015 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {5BA508E6-C3D7-4579-B8F3-6DCF10D23733} [DefaultScope] - (Google) - http://www.google.com
~ Keys: Scanned in 00mn 00s
---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.8BD99C041BE1DC7F9F8CE97FD5EB5BFF] [SPRF][08/07/2014] (...) -- C:\Users\Tony\AppData\Roaming\DOK52P4Q3J.dat [36]
[MD5.16391B454F891F2687584649AD94734A] [SPRF][08/04/2007] (...) -- C:\Users\Tony\AppData\Roaming\lsass.exe [479744]
[MD5.09B6F6FCCC35DBAFCB38CB3751FA7C2F] [SPRF][28/07/2015] (.Pas de propriétaire - AdwCleaner.) -- C:\Users\Tony\Desktop\AdwCleaner-4.208.exe [2248704]
~ Files: 4 Legitimates Filtered in 00mn 00s
---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "TCP Query User{CCFCCF4C-2C49-4810-B50A-82146BE5B0CC}C:\users\tony\appdata\roaming\utorrent\utorrent.exe" | In - Private - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\users\tony\appdata\roaming\utorrent\utorrent.exe =>P2P.BitTorrent
O87 - FAEL: "UDP Query User{B2065DBB-C3B2-44AA-9672-AE009608BEEF}C:\users\tony\appdata\roaming\utorrent\utorrent.exe" | In - Private - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\users\tony\appdata\roaming\utorrent\utorrent.exe =>P2P.BitTorrent
~ Firewall: 2 Legitimates Filtered in 00mn 01s
---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "7895631F184ED144A9FF92512315826B" . (.Driver Manager.) -- C:\Windows\Installer\{F1365987-E481-441D-9AFF-2915325128B6}\ARPPRODUCTICON.exe =>PUP.DriverManager
~ Update Products: 1 Legitimates Filtered in 00mn 00s
---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.F7FEB4D081804EEB3CA61A72403E3891] [WIS][10/10/2014] (.Schneider Electric - Driver Manager.) -- C:\Windows\Installer\1697d2.msi [8974336] =>PUP.DriverManager
~ WIS: 1 Legitimates Filtered in 00mn 00s
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 07/10/2014 1045840 | (FlexNet Licensing Service) . (.Flexera Software LLC..) - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
SS - | Auto 22/07/1658 0 | (InterBaseGuardian) . (...) - F:\BUILDER C++\bin\ibguard.exe
SS - | Demand 22/07/1658 0 | (InterBaseServer) . (...) - F:\BUILDER C++\bin\ibserver.exe
SS - | Demand 08/01/2014 259824 | (MyWiFiDHCPDNS) . (...) - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
SS - | Demand 26/06/2014 1771560 | (PDF Architect 2) . (.pdfforge GmbH.) - C:\Program Files\PDF Architect 2\ws.exe
SS - | Demand 26/06/2014 861736 | (pdfforge CrashHandler) . (.pdfforge GmbH.) - C:\Program Files\PDF Architect 2\crash-handler-ws.exe
SS - | Auto 22/07/1658 0 | (s7hspsvx) . (...) - C:\Program Files\Siemens\Step7\s7bin\s7hspsvx.exe
SR - | Auto 07/07/2015 82128 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Demand 14/11/2013 723192 | (Disc Soft Bus Service) . (.Disc Soft Ltd.) - C:\Program Files\DAEMON Tools Ultra\DiscSoftBusService.exe
SR - | Auto 08/01/2014 539888 | (EvtEng) . (.Intel(R) Corporation.) - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
SR - | Auto 18/07/2013 762192 | (NAUpdate) . (.Nero AG.) - C:\Program Files\Nero\Update\NASvc.exe
SR - | Auto 08/01/2014 111856 | (RegSrvc) . (.Intel(R) Corporation.) - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
SR - | Auto 18/01/2010 102400 | (UsbConnect) . (.Schneider Electric Industries SAS.) - C:\Windows\system32\UsbConnect.exe
SR - | Auto 14/07/2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 14/07/2009 20992 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 08/01/2014 2725616 | (ZeroConfigService) . (.Intel® Corporation.) - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
~ Services: Scanned in 00mn 17s
---\\ Scan Additionnel (O88)
Database Version : 13008 - (31/05/2015)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 1
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 1
C:\Windows\Installer\1697d2.msi =>PUP.DriverManager^
~ Additionnel Scan: 345680 Items scanned in 00mn 20s
---\\ Informations complémentaires sur les modules
~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, Proxy Management (R5)
~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Applications lancées au démarrage du système (O4)
~ http://nicolascoolman.fr/o51-mountpoints2-shell-key-mpsk/ =>.Clé de registre Shell MountPoints2 (MPSK) (O51)
~ AMI: 3 Legitimates Filtered in 00mn 00s
---\\ Récapitulatif des détections trouvées sur votre station
http://www.nicolascoolman.fr/blog/ =>Hacktool.AutoKMS
http://nicolascoolman.fr/pup-startsearch =>PUP.StartSearch
http://nicolascoolman.fr/pup-sweetpage =>PUP.SweetPage
http://www.nicolascoolman.fr/blog/ =>PUP.DriverManager
~ MSI: 4 link(s) detected in 00mn 00s
~ 719 Legitimates filtered by white list
End of the scan (428 lines in 01mn 01s)(0.11)
Merci de tes infos.