Avira ne peut compléter l'analyse du système
Fermé
Chuckyy2
Messages postés
98
Date d'inscription
mercredi 22 avril 2009
Statut
Membre
Dernière intervention
21 octobre 2017
-
29 avril 2015 à 00:09
artaban7 Messages postés 2204 Date d'inscription samedi 12 juillet 2014 Statut Membre Dernière intervention 19 août 2015 - 29 mai 2015 à 10:45
artaban7 Messages postés 2204 Date d'inscription samedi 12 juillet 2014 Statut Membre Dernière intervention 19 août 2015 - 29 mai 2015 à 10:45
A voir également:
- Avira ne peut compléter l'analyse du système
- Restauration du système - Guide
- Analyse disque dur - Télécharger - Informations & Diagnostic
- Avira gratuit - Télécharger - Antivirus & Antimalwares
- Analyse performance pc - Guide
- Comment refaire le système d'un ordinateur - Guide
8 réponses
artaban7
Messages postés
2204
Date d'inscription
samedi 12 juillet 2014
Statut
Membre
Dernière intervention
19 août 2015
90
29 avril 2015 à 01:16
29 avril 2015 à 01:16
Bonsoir,
tu peux passer ces deux logiciels et poster leurs rapports ?
1)ZHP cleaner sur ce lien : https://nicolascoolman.eu
Faits un scan et un nettoyage ....
2) ADWcleaner , ici : https://nicolascoolman.eu
Là aussi scan et nettoyage et bien sur redémarrage.
NB : Si tu utilises AVAST, désactives-le pendant le nettoyage.
tu peux passer ces deux logiciels et poster leurs rapports ?
1)ZHP cleaner sur ce lien : https://nicolascoolman.eu
Faits un scan et un nettoyage ....
2) ADWcleaner , ici : https://nicolascoolman.eu
Là aussi scan et nettoyage et bien sur redémarrage.
NB : Si tu utilises AVAST, désactives-le pendant le nettoyage.
Chuckyy2
Messages postés
98
Date d'inscription
mercredi 22 avril 2009
Statut
Membre
Dernière intervention
21 octobre 2017
1 mai 2015 à 04:35
1 mai 2015 à 04:35
~ ZHPCleaner v2015.4.30.204 by Nicolas Coolman (30/04/2015)
~ Run by Chuck (Administrator) (30/04/2015 22:29:01)
~ Forum : https://nicolascoolman.eu
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Repair
~ Report : C:\Users\Chuckyy2\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Chuckyy2\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
~ Windows 81, 64-bit (Build 9600)
---\\ Services (1)
---\\ Browser internet (0)
~ No malicious items found.
---\\ Hosts file (1)
~ The hosts file is legitimate (21)
---\\ Scheduled automatic tasks. (0)
~ No malicious items found.
---\\ Explorer ( File, Folder) (7)
MOVED folder: C:\Program Files (x86)\LenovoBrowserGuard (PUP.LenovoBrowserGuard)
MOVED folder: C:\Program Files (x86)\TampaGeneration (PUP.TampaGeneration)
MOVED folder: C:\Program Files (x86)\unisAAles (Adware.Multiplug)
MOVED folder: C:\Program Files (x86)\unnisalees (Adware.Multiplug)
MOVED folder: C:\Program Files (x86)\youtubeadblocker (Adware.Multiplug)
MOVED folder: C:\ProgramData\279323722916508353 (Adware.CrossRider)
MOVED folder^: C:\Users\Chuckyy2\AppData\Local\LenovoBrowserGuard (PUP.LenovoBrowserGuard)
---\\ Registry ( Key, Value, Data) (25)
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\34d4e569-20d1-7193-fbf1-3029e7231929 [] (Adware.CrossRider)
DELETED key*: [X64] HKLM\SYSTEM\CurrentControlSet\Services\VisualDiscovery [C:\Program Files (x86)\Lenovo\VisualDiscovery\VisualDiscovery.exe (Not File)] (PUP.VisualDiscovery)
DELETED key*: HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA} [] (Adware.Graftor)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\VisualDiscoveryLib.DataContainer [] (PUP.VisualDiscovery)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\VisualDiscoveryLib.DataContainer.1 [] (PUP.VisualDiscovery)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\VisualDiscoveryLib.DataController [] (PUP.VisualDiscovery)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\VisualDiscoveryLib.DataController.1 [] (PUP.VisualDiscovery)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\VisualDiscoveryLib.DataTable [] (PUP.VisualDiscovery)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\VisualDiscoveryLib.DataTable.1 [] (PUP.VisualDiscovery)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\VisualDiscoveryLib.DataTableFields [] (PUP.VisualDiscovery)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\VisualDiscoveryLib.DataTableFields.1 [] (PUP.VisualDiscovery)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\VisualDiscoveryLib.DataTableHolder [] (PUP.VisualDiscovery)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\VisualDiscoveryLib.DataTableHolder.1 [] (PUP.VisualDiscovery)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\VisualDiscoveryLib.LSPLogic [] (PUP.VisualDiscovery)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\VisualDiscoveryLib.LSPLogic.1 [] (PUP.VisualDiscovery)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\VisualDiscoveryLib.ReadOnlyManager [] (PUP.VisualDiscovery)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\VisualDiscoveryLib.ReadOnlyManager.1 [] (PUP.VisualDiscovery)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\VisualDiscoveryLib.WFPController [] (PUP.VisualDiscovery)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\VisualDiscoveryLib.WFPController.1 [] (PUP.VisualDiscovery)
DELETED key*: [X64] HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VisualDiscovery [service] (PUP.VisualDiscovery)
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\LenovoBrowserGuard [] (PUP.LenovoBrowserGuard)
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\VisualDiscovery [] (PUP.VisualDiscovery)
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\{12DA0E6F-5543-440C-BAA2-28BF01070AFA} [] (Adware.Graftor)
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\LenovoBrowserGuard [ClientConnect LTD] (PUP.ClientConnect)
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{d65a1a66} [DownloadManager] (Adware.Graftor)
---\\ Result of repair
~ Repair carried out successfully
~ Browser not found (Google Chrome)
~ Browser not found (Opera Software)
~ The system has been restarted.
---\\ Statistics
~ Items scanned : 749
~ Items found : 0
~ Items cancelled : 0
~ Items repaired : 33
End of clean at 22:29:11
===================
ZHPCleaner-[R]-30042015-22_29_11.txt
ZHPCleaner-[S]-30042015-22_15_49.txt
~ Run by Chuck (Administrator) (30/04/2015 22:29:01)
~ Forum : https://nicolascoolman.eu
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Repair
~ Report : C:\Users\Chuckyy2\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Chuckyy2\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
~ Windows 81, 64-bit (Build 9600)
---\\ Services (1)
---\\ Browser internet (0)
~ No malicious items found.
---\\ Hosts file (1)
~ The hosts file is legitimate (21)
---\\ Scheduled automatic tasks. (0)
~ No malicious items found.
---\\ Explorer ( File, Folder) (7)
MOVED folder: C:\Program Files (x86)\LenovoBrowserGuard (PUP.LenovoBrowserGuard)
MOVED folder: C:\Program Files (x86)\TampaGeneration (PUP.TampaGeneration)
MOVED folder: C:\Program Files (x86)\unisAAles (Adware.Multiplug)
MOVED folder: C:\Program Files (x86)\unnisalees (Adware.Multiplug)
MOVED folder: C:\Program Files (x86)\youtubeadblocker (Adware.Multiplug)
MOVED folder: C:\ProgramData\279323722916508353 (Adware.CrossRider)
MOVED folder^: C:\Users\Chuckyy2\AppData\Local\LenovoBrowserGuard (PUP.LenovoBrowserGuard)
---\\ Registry ( Key, Value, Data) (25)
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\34d4e569-20d1-7193-fbf1-3029e7231929 [] (Adware.CrossRider)
DELETED key*: [X64] HKLM\SYSTEM\CurrentControlSet\Services\VisualDiscovery [C:\Program Files (x86)\Lenovo\VisualDiscovery\VisualDiscovery.exe (Not File)] (PUP.VisualDiscovery)
DELETED key*: HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA} [] (Adware.Graftor)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\VisualDiscoveryLib.DataContainer [] (PUP.VisualDiscovery)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\VisualDiscoveryLib.DataContainer.1 [] (PUP.VisualDiscovery)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\VisualDiscoveryLib.DataController [] (PUP.VisualDiscovery)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\VisualDiscoveryLib.DataController.1 [] (PUP.VisualDiscovery)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\VisualDiscoveryLib.DataTable [] (PUP.VisualDiscovery)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\VisualDiscoveryLib.DataTable.1 [] (PUP.VisualDiscovery)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\VisualDiscoveryLib.DataTableFields [] (PUP.VisualDiscovery)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\VisualDiscoveryLib.DataTableFields.1 [] (PUP.VisualDiscovery)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\VisualDiscoveryLib.DataTableHolder [] (PUP.VisualDiscovery)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\VisualDiscoveryLib.DataTableHolder.1 [] (PUP.VisualDiscovery)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\VisualDiscoveryLib.LSPLogic [] (PUP.VisualDiscovery)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\VisualDiscoveryLib.LSPLogic.1 [] (PUP.VisualDiscovery)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\VisualDiscoveryLib.ReadOnlyManager [] (PUP.VisualDiscovery)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\VisualDiscoveryLib.ReadOnlyManager.1 [] (PUP.VisualDiscovery)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\VisualDiscoveryLib.WFPController [] (PUP.VisualDiscovery)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\VisualDiscoveryLib.WFPController.1 [] (PUP.VisualDiscovery)
DELETED key*: [X64] HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VisualDiscovery [service] (PUP.VisualDiscovery)
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\LenovoBrowserGuard [] (PUP.LenovoBrowserGuard)
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\VisualDiscovery [] (PUP.VisualDiscovery)
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\{12DA0E6F-5543-440C-BAA2-28BF01070AFA} [] (Adware.Graftor)
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\LenovoBrowserGuard [ClientConnect LTD] (PUP.ClientConnect)
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{d65a1a66} [DownloadManager] (Adware.Graftor)
---\\ Result of repair
~ Repair carried out successfully
~ Browser not found (Google Chrome)
~ Browser not found (Opera Software)
~ The system has been restarted.
---\\ Statistics
~ Items scanned : 749
~ Items found : 0
~ Items cancelled : 0
~ Items repaired : 33
End of clean at 22:29:11
===================
ZHPCleaner-[R]-30042015-22_29_11.txt
ZHPCleaner-[S]-30042015-22_15_49.txt
Chuckyy2
Messages postés
98
Date d'inscription
mercredi 22 avril 2009
Statut
Membre
Dernière intervention
21 octobre 2017
1 mai 2015 à 04:43
1 mai 2015 à 04:43
# AdwCleaner v4.202 - Logfile created 30/04/2015 at 22:40:15
# Updated 23/04/2015 by Xplode
# Database : 2015-04-30.2 [Server]
# Operating system : Windows 8.1 (x64)
# Username : Chuck - CHUCK-PC
# Running from : C:\Users\Chuckyy2\Downloads\adwcleaner_4.203.exe
# Option : Cleaning
Folder Deleted : C:\ProgramData\pokki
Folder Deleted : C:\ProgramData\{5ec326d1-5206-351f-5ec3-326d15209b45}
Key Deleted : HKCU\Software\Classes\pokki
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Pokki]
Key Deleted : HKCU\Software\Classes\AllFileSystemObjects\shell\pokki
Key Deleted : HKCU\Software\Classes\Directory\shell\pokki
Key Deleted : HKCU\Software\Classes\Drive\shell\pokki
Key Deleted : HKCU\Software\Classes\lnkfile\shell\pokki
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{533403E2-6E21-4615-9E28-43F4E97E977B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{230332DF-D235-47EE-BC42-60860EF144CD}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Key Deleted : HKCU\Software\Pokki
Key Deleted : HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Key Deleted : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_Start_Menu
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\LenovoBrowserGuard\LenovoBrowserGuard\bin\SPVC32Loader.dll
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\EFEE0228DC83E77358593193D847A0EC
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\EFEE0228DC83E77358593193D847A0EC
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EFEE0228DC83E77358593193D847A0EC
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local
-\\ Internet Explorer v11.0.9600.17416
-\\ Mozilla Firefox v37.0.2 (x86 fr)
AdwCleaner[R0].txt - [4006 bytes] - [30/04/2015 22:39:12]
AdwCleaner[S0].txt - [3932 bytes] - [30/04/2015 22:40:15]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3991 bytes] ##########
# Updated 23/04/2015 by Xplode
# Database : 2015-04-30.2 [Server]
# Operating system : Windows 8.1 (x64)
# Username : Chuck - CHUCK-PC
# Running from : C:\Users\Chuckyy2\Downloads\adwcleaner_4.203.exe
# Option : Cleaning
- [ Services ] *****
- [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\pokki
Folder Deleted : C:\ProgramData\{5ec326d1-5206-351f-5ec3-326d15209b45}
- [ Scheduled tasks ] *****
- [ Shortcuts ] *****
- [ Registry ] *****
Key Deleted : HKCU\Software\Classes\pokki
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Pokki]
Key Deleted : HKCU\Software\Classes\AllFileSystemObjects\shell\pokki
Key Deleted : HKCU\Software\Classes\Directory\shell\pokki
Key Deleted : HKCU\Software\Classes\Drive\shell\pokki
Key Deleted : HKCU\Software\Classes\lnkfile\shell\pokki
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{533403E2-6E21-4615-9E28-43F4E97E977B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{230332DF-D235-47EE-BC42-60860EF144CD}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Key Deleted : HKCU\Software\Pokki
Key Deleted : HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Key Deleted : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_Start_Menu
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\LenovoBrowserGuard\LenovoBrowserGuard\bin\SPVC32Loader.dll
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\EFEE0228DC83E77358593193D847A0EC
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\EFEE0228DC83E77358593193D847A0EC
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EFEE0228DC83E77358593193D847A0EC
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local
- [ Web browsers ] *****
-\\ Internet Explorer v11.0.9600.17416
-\\ Mozilla Firefox v37.0.2 (x86 fr)
AdwCleaner[R0].txt - [4006 bytes] - [30/04/2015 22:39:12]
AdwCleaner[S0].txt - [3932 bytes] - [30/04/2015 22:40:15]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3991 bytes] ##########
artaban7
Messages postés
2204
Date d'inscription
samedi 12 juillet 2014
Statut
Membre
Dernière intervention
19 août 2015
90
1 mai 2015 à 11:28
1 mai 2015 à 11:28
ok Chucky , une cinquantaine d'erreurs ont été corrigées, comment ça tourne de ton côté ?
Il reste surement des bébêtes , pour ça il nous un diagnostique plus poussé du système :
Pour le diagnostique il s'agit de ce logiciel : https://nicolascoolman.eu
il suffit de le lancer, il va ensuite créer un rapport du système sur le bureau au format .txt qu'il faudra transmettre ici à l'aide de : http://pjjoint.malekal.com/
Si tu as besoins d'explication sur des points précis comme l'utilisation du générateur de fichier, n'hésites pas..
NB : Si tu utilises AVAST, désactives-le pendant le scan.
Il reste surement des bébêtes , pour ça il nous un diagnostique plus poussé du système :
Pour le diagnostique il s'agit de ce logiciel : https://nicolascoolman.eu
il suffit de le lancer, il va ensuite créer un rapport du système sur le bureau au format .txt qu'il faudra transmettre ici à l'aide de : http://pjjoint.malekal.com/
Si tu as besoins d'explication sur des points précis comme l'utilisation du générateur de fichier, n'hésites pas..
NB : Si tu utilises AVAST, désactives-le pendant le scan.
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Chuckyy2
Messages postés
98
Date d'inscription
mercredi 22 avril 2009
Statut
Membre
Dernière intervention
21 octobre 2017
Modifié par Chuckyy2 le 2/05/2015 à 22:50
Modifié par Chuckyy2 le 2/05/2015 à 22:50
Je viens de tester le tout en écoutant une vidéo et même chose.
L'ordinateur arrête gèle pendant 2 sec pour ensuite repartir...
Voici le rapport de recherche fait:
https://pjjoint.malekal.com/files.php?id=ZHPDiag_20150502_o6s10y13y13s6
L'ordinateur arrête gèle pendant 2 sec pour ensuite repartir...
Voici le rapport de recherche fait:
https://pjjoint.malekal.com/files.php?id=ZHPDiag_20150502_o6s10y13y13s6
Chuckyy2
Messages postés
98
Date d'inscription
mercredi 22 avril 2009
Statut
Membre
Dernière intervention
21 octobre 2017
8 mai 2015 à 00:01
8 mai 2015 à 00:01
Quelle serait la prochaine étape?
artaban7
Messages postés
2204
Date d'inscription
samedi 12 juillet 2014
Statut
Membre
Dernière intervention
19 août 2015
90
10 mai 2015 à 13:00
10 mai 2015 à 13:00
salut,
je viens de renter de congés, il me faudrait ton rapport ZHP diag , fait aujourd'hui , et je te ferais éventuellement un script s'il faut pour enlever le reste de tes malwares...
je viens de renter de congés, il me faudrait ton rapport ZHP diag , fait aujourd'hui , et je te ferais éventuellement un script s'il faut pour enlever le reste de tes malwares...
Chuckyy2
Messages postés
98
Date d'inscription
mercredi 22 avril 2009
Statut
Membre
Dernière intervention
21 octobre 2017
10 mai 2015 à 18:38
10 mai 2015 à 18:38
J'espère que tu as passé un bon congé!
Merci pour ton aide, c'est apprécié.
Voici le rapport:
https://pjjoint.malekal.com/files.php?id=ZHPDiag_20150510_e14b12o12t15s5
Merci pour ton aide, c'est apprécié.
Voici le rapport:
https://pjjoint.malekal.com/files.php?id=ZHPDiag_20150510_e14b12o12t15s5
artaban7
Messages postés
2204
Date d'inscription
samedi 12 juillet 2014
Statut
Membre
Dernière intervention
19 août 2015
90
10 mai 2015 à 18:44
10 mai 2015 à 18:44
Bien merci :)
tu peux passer roguekiller?
https://nicolascoolman.eu
c'est assez facile, tu scan, tu sélectionnes dans tous les onglets les trucs en PUP et tu vires tout ce qui est orange dans les autres.....
tu peux passer roguekiller?
https://nicolascoolman.eu
c'est assez facile, tu scan, tu sélectionnes dans tous les onglets les trucs en PUP et tu vires tout ce qui est orange dans les autres.....
Chuckyy2
Messages postés
98
Date d'inscription
mercredi 22 avril 2009
Statut
Membre
Dernière intervention
21 octobre 2017
11 mai 2015 à 22:42
11 mai 2015 à 22:42
C'est fait, 3 éléments supprimés voici le rapport:
RogueKiller V10.6.3.0 (x64) [May 11 2015] par Adlice Software
email : https://www.adlice.com/contact/
Remontées : https://forum.adlice.com/
Site web : https://www.adlice.com/fr/roguekiller/
Blog : https://www.adlice.com/
Système d'exploitation : Windows 8.1 (6.3.9200 ) 64 bits version
Démarré en : Mode normal
Utilisateur : Chuck [Administrateur]
Démarré depuis : C:\Users\Chuckyy2\Downloads\RogueKillerX64.exe
Mode : Suppression -- Date : 05/11/2015 16:41:05
¤¤¤ Processus : 0 ¤¤¤
¤¤¤ Registre : 12 ¤¤¤
[Orphan] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad | WebCheck : {E6FB5E20-DE35-11CF-9C87-00AA005127ED} -> Supprimé(e)
[Orphan] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad | WebCheck : {E6FB5E20-DE35-11CF-9C87-00AA005127ED} -> Supprimé(e)
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-916638824-3781038639-2039977346-1001\Software\Microsoft\Internet Explorer\Main | Start Page : https://www.msn.com/fr-fr/?cobrand=lenovo13.msn.com&ocid=LENDHP&pc=MALNJS -> Non sélectionné
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-916638824-3781038639-2039977346-1001\Software\Microsoft\Internet Explorer\Main | Start Page : https://www.msn.com/fr-fr/?cobrand=lenovo13.msn.com&ocid=LENDHP&pc=MALNJS -> Non sélectionné
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-916638824-3781038639-2039977346-1001\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : https://www.msn.com/fr-fr/?cobrand=lenovo13.msn.com&ocid=LENDHP&pc=MALNJS -> Non sélectionné
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-916638824-3781038639-2039977346-1001\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : https://www.msn.com/fr-fr/?cobrand=lenovo13.msn.com&ocid=LENDHP&pc=MALNJS -> Non sélectionné
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{ED24EC5D-0CD7-4626-8A90-391213FFEFFA} | DhcpNameServer : 74.116.184.28 74.116.184.29 [CANADA (CA)][CANADA (CA)] -> Non sélectionné
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{ED24EC5D-0CD7-4626-8A90-391213FFEFFA} | DhcpNameServer : 74.116.184.28 74.116.184.29 [CANADA (CA)][CANADA (CA)] -> Non sélectionné
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Non sélectionné
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Non sélectionné
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Non sélectionné
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Non sélectionné
¤¤¤ Tâches : 1 ¤¤¤
[Suspicious.Path] \Lenovo\Experience Improvement -- "C:\Users\Chuckyy2\AppData\Local\Temp\LenovoExperienceImprovement.exe" -> Supprimé(e)
¤¤¤ Fichiers : 0 ¤¤¤
¤¤¤ Fichier Hosts : 0 ¤¤¤
¤¤¤ Antirootkit : 0 (Driver: Chargé) ¤¤¤
¤¤¤ Navigateurs web : 0 ¤¤¤
¤¤¤ Vérification MBR : ¤¤¤
+++++ PhysicalDrive0: WDC WD10S21X-24R1BT0-SSHD-8GB +++++
--- User ---
[MBR] 9bfa4a18d383d30d21d8b05c06e2f7fb
[BSP] 087995cefadddb5a10e06ceaece65d0d : Empty|VT.Unknown MBR Code
Partition table:
0 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 2048 | Size: 1000 MB
1 - [SYSTEM][MAN-MOUNT] EFI system partition | Offset (sectors): 2050048 | Size: 260 MB
2 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 2582528 | Size: 1000 MB
3 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 4630528 | Size: 128 MB
4 - Basic data partition | Offset (sectors): 4892672 | Size: 909866 MB
5 - Basic data partition | Offset (sectors): 1868298240 | Size: 25600 MB
6 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 1920727040 | Size: 16014 MB
User = LL1 ... OK
User = LL2 ... OK
============================================
RKreport_SCN_05112015_163445.log
RogueKiller V10.6.3.0 (x64) [May 11 2015] par Adlice Software
email : https://www.adlice.com/contact/
Remontées : https://forum.adlice.com/
Site web : https://www.adlice.com/fr/roguekiller/
Blog : https://www.adlice.com/
Système d'exploitation : Windows 8.1 (6.3.9200 ) 64 bits version
Démarré en : Mode normal
Utilisateur : Chuck [Administrateur]
Démarré depuis : C:\Users\Chuckyy2\Downloads\RogueKillerX64.exe
Mode : Suppression -- Date : 05/11/2015 16:41:05
¤¤¤ Processus : 0 ¤¤¤
¤¤¤ Registre : 12 ¤¤¤
[Orphan] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad | WebCheck : {E6FB5E20-DE35-11CF-9C87-00AA005127ED} -> Supprimé(e)
[Orphan] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad | WebCheck : {E6FB5E20-DE35-11CF-9C87-00AA005127ED} -> Supprimé(e)
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-916638824-3781038639-2039977346-1001\Software\Microsoft\Internet Explorer\Main | Start Page : https://www.msn.com/fr-fr/?cobrand=lenovo13.msn.com&ocid=LENDHP&pc=MALNJS -> Non sélectionné
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-916638824-3781038639-2039977346-1001\Software\Microsoft\Internet Explorer\Main | Start Page : https://www.msn.com/fr-fr/?cobrand=lenovo13.msn.com&ocid=LENDHP&pc=MALNJS -> Non sélectionné
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-916638824-3781038639-2039977346-1001\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : https://www.msn.com/fr-fr/?cobrand=lenovo13.msn.com&ocid=LENDHP&pc=MALNJS -> Non sélectionné
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-916638824-3781038639-2039977346-1001\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : https://www.msn.com/fr-fr/?cobrand=lenovo13.msn.com&ocid=LENDHP&pc=MALNJS -> Non sélectionné
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{ED24EC5D-0CD7-4626-8A90-391213FFEFFA} | DhcpNameServer : 74.116.184.28 74.116.184.29 [CANADA (CA)][CANADA (CA)] -> Non sélectionné
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{ED24EC5D-0CD7-4626-8A90-391213FFEFFA} | DhcpNameServer : 74.116.184.28 74.116.184.29 [CANADA (CA)][CANADA (CA)] -> Non sélectionné
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Non sélectionné
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Non sélectionné
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Non sélectionné
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Non sélectionné
¤¤¤ Tâches : 1 ¤¤¤
[Suspicious.Path] \Lenovo\Experience Improvement -- "C:\Users\Chuckyy2\AppData\Local\Temp\LenovoExperienceImprovement.exe" -> Supprimé(e)
¤¤¤ Fichiers : 0 ¤¤¤
¤¤¤ Fichier Hosts : 0 ¤¤¤
¤¤¤ Antirootkit : 0 (Driver: Chargé) ¤¤¤
¤¤¤ Navigateurs web : 0 ¤¤¤
¤¤¤ Vérification MBR : ¤¤¤
+++++ PhysicalDrive0: WDC WD10S21X-24R1BT0-SSHD-8GB +++++
--- User ---
[MBR] 9bfa4a18d383d30d21d8b05c06e2f7fb
[BSP] 087995cefadddb5a10e06ceaece65d0d : Empty|VT.Unknown MBR Code
Partition table:
0 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 2048 | Size: 1000 MB
1 - [SYSTEM][MAN-MOUNT] EFI system partition | Offset (sectors): 2050048 | Size: 260 MB
2 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 2582528 | Size: 1000 MB
3 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 4630528 | Size: 128 MB
4 - Basic data partition | Offset (sectors): 4892672 | Size: 909866 MB
5 - Basic data partition | Offset (sectors): 1868298240 | Size: 25600 MB
6 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 1920727040 | Size: 16014 MB
User = LL1 ... OK
User = LL2 ... OK
============================================
RKreport_SCN_05112015_163445.log
artaban7
Messages postés
2204
Date d'inscription
samedi 12 juillet 2014
Statut
Membre
Dernière intervention
19 août 2015
90
11 mai 2015 à 22:59
11 mai 2015 à 22:59
toujours des freeze?
tu peux me faire un nouveau ZHPdiag?
tu peux me faire un nouveau ZHPdiag?
Chuckyy2
Messages postés
98
Date d'inscription
mercredi 22 avril 2009
Statut
Membre
Dernière intervention
21 octobre 2017
12 mai 2015 à 04:09
12 mai 2015 à 04:09
Oui toujours des freezes, je viens de réessayer le jeu et un film et c'est pareil.
Je commence à croire que l'ordinateur a un problème et qu'il me faudrait contacter le tech support de lenovo... Mais bon, je ne m'y connais pas trop.
Voici le nouveau rapport:
~ Rapport de ZHPDiag v2015.5.8.47 - Nicolas Coolman (2015-05-05)
~ Lancé par Chuck (2015-05-11 22:06:36)
~ Facebook : https://www.facebook.com/nicolascoolman1
~ Adresse du Forum https://nicolascoolman.eu
~ Traduit par Nicolas Coolman
~ Etat de la version : Version à jour.
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user
---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.17728
MFIE: Mozilla Firefox 37.0.2 (Defaut)
---\\ Informations sur les produits Windows
~ Langage: Français
Windows Server License Manager Script : OK
~ Windows(R) Operating System, OEM_DM channel
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
Windows 8.1, 64-bit (Build 9600)
---\\ Logiciels de protection du système
Avira Antivirus v15.0.9.504
Malwarebytes Anti-Malware version 2.0.4.1028
Windows Defender W8 (Deactivate)
---\\ Logiciels d'optimisation du système
CCleaner v5.02
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
Adobe Flash Player 17 NPAPI
---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 60 Stepping 3, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 8104 MB (65% free)
System Restore: Activé (Enable)
System drive C: has 732 GB (82%) free of 889 GB
---\\ Mode de connexion au système
~ Computer Name: CHUCK-PC
~ User Name: Chuck
~ All Users Names: Guest, Chuck, Administrator,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\Chuckyy2\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Chuckyy2\AppData\Roaming\
~ %Desktop% : C:\Users\Chuckyy2\Desktop\
~ %Favorites% : C:\Users\Chuckyy2\Favorites\
~ %LocalAppData% : C:\Users\Chuckyy2\AppData\Local\
~ %StartMenu% : C:\Users\Chuckyy2\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 732 Go of 889 Go)
D: Hard drive, Flash drive, Thumb drive (Free 22 Go of 25 Go)
---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 41 Legitimates Filtered in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.C10A66189DC8C090E7C84873EDCEBC88] - (.Microsoft Corporation - Windows Explorer.) (.2015-01-27 - 18:47:12.) -- C:\Windows\Explorer.exe [2501368]
[MD5.A570A64292214C43E0BA50E6A72A6380] - (.Microsoft Corporation - Windows Start-Up Application.) (.2014-10-28 - 20:25:54.) -- C:\Windows\System32\Wininit.exe [145920]
[MD5.77B35D0FC22A2D2EAC8D07C3F9784DBF] - (.Microsoft Corporation - Internet Extensions for Win32.) (.2015-03-12 - 21:45:57.) -- C:\Windows\System32\wininet.dll [2358784]
[MD5.EC498BAE1F0D3E0E401C963F8D76C437] - (.Microsoft Corporation - Windows Logon Application.) (.2014-10-28 - 20:22:52.) -- C:\Windows\System32\Winlogon.exe [572416]
[MD5.AFCAB4DC692CCE37E283B00E2D7B438F] - (.Microsoft Corporation - Software Licensing Library.) (.2014-03-18 - 04:54:56.) -- C:\Windows\System32\sppcomapi.dll [447488]
[MD5.374E27295F0A9DCAA8FC96370F9BEEA5] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.2014-05-29 - 22:03:03.) -- C:\Windows\system32\Drivers\AFD.sys [563200]
[MD5.74B14192CF79A72F7536B27CB8814FBD] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.2013-08-22 - 07:43:41.) -- C:\Windows\system32\Drivers\atapi.sys [26464]
[MD5.2FA6510E33F7DEFEC03658B74101A9B9] - (.Microsoft Corporation - CD-ROM File System Driver.) (.2013-08-22 - 06:40:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [88576]
[MD5.C6796EA22B513E3457514D92DCDB1A3D] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.2013-08-22 - 03:46:35.) -- C:\Windows\system32\Drivers\Cdrom.sys [164352]
[MD5.A03F362C5557E238CBFA914689C77248] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.2014-03-06 - 04:22:50.) -- C:\Windows\system32\Drivers\DfsC.sys [134144]
[MD5.D4B7ED39C7900384D9E5C1283F1E7926] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.2014-07-24 - 06:45:39.) -- C:\Windows\system32\Drivers\HDAudBus.sys [76800]
[MD5.D887446F3F6051C60C26F4FD1FC8D43F] - (.Microsoft Corporation - i8042 Port Driver.) (.2014-10-06 - 22:29:50.) -- C:\Windows\system32\Drivers\i8042prt.sys [107520]
[MD5.B7342B3C58E91107F6E946A93D9D4EFD] - (.Microsoft Corporation - IP Network Address Translator.) (.2014-03-18 - 04:54:57.) -- C:\Windows\system32\Drivers\IpNat.sys [142848]
[MD5.31233271EDE50D1BBB220F78AFA60486] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.2014-10-08 - 02:32:10.) -- C:\Windows\system32\Drivers\MRxSmb.sys [405504]
[MD5.0217532E19A748F0E5D569307363D5FD] - (.Microsoft Corporation - MBT Transport driver.) (.2013-08-22 - 06:37:02.) -- C:\Windows\system32\Drivers\netBT.sys [282624]
[MD5.7F68063A5A0461E02BC860CE0E6BFDDC] - (.Microsoft Corporation - NT File System Driver.) (.2014-10-15 - 03:32:37.) -- C:\Windows\system32\Drivers\ntfs.sys [2025792]
[MD5.764B1121867B2D9B31C491668AC72B2B] - (.Microsoft Corporation - Parallel Port Driver.) (.2013-08-22 - 06:40:02.) -- C:\Windows\system32\Drivers\Parport.sys [94208]
[MD5.BBB6272B7F46C4640A8CDB8A70C3450F] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.2013-08-22 - 06:35:51.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [120832]
[MD5.680C1DAE268B6FB67FA21B389A8B79EF] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.2014-03-18 - 04:38:05.) -- C:\Windows\system32\Drivers\rdpdr.sys [195584]
[MD5.FFF28F9F6823EB1756C60F1649560BBF] - (.Microsoft Corporation - TDI Translation Driver.) (.2013-08-22 - 08:25:35.) -- C:\Windows\system32\Drivers\tdx.sys [107520]
[MD5.64CA2B4A49A8EAF495E435623ECCE7DB] - (.Microsoft Corporation - Volume Shadow Copy Driver.) (.2014-06-18 - 21:13:36.) -- C:\Windows\system32\Drivers\volsnap.sys [310080]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/15965
~ Mes musiques (My Musics) : 1/6968
~ Mes Favoris (My Favorites) : 1/10
~ Mes Documents (My Documents) : 1/2257
~ Mon Bureau (My Desktop) : 1/10
~ Menu demarrer (Programs) : 1/24
~ Hidden Files: Scanned in 00mn 00s
---\\ Processus lancés
[MD5.638644168D9B5B5093AD84C9C162B550] - (.NVIDIA Corporation - NVIDIA Backend.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2673296] [PID.7032]
[MD5.73CD25C93C41D174AFFCB140A10A8B1E] - (.Valve Corporation - Steam Client Bootstrapper.) -- C:\Program Files (x86)\Steam\Steam.exe [2889408] [PID.6468]
[MD5.3E23D1F7E91627DBD44AC82077E2BA7C] - (.Avira Operations GmbH & Co. KG - Avira system tray application.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [726320] [PID.6236]
[MD5.0EF0822810009D58118CCDFD098FA9F4] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480] [PID.4612]
[MD5.A097F470DB5D1B09CAD8C177C72FB267] - (.Avira Operations GmbH & Co. KG - Avira.) -- C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [130048] [PID.4388]
[MD5.C049C40CAEE8900130BD5F80B594CC7B] - (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [95192] [PID.4292]
[MD5.28E8693CE398825659632336C4B24451] - (.Valve Corporation - Steam Client WebHelper.) -- C:\Program Files (x86)\Steam\bin\steamwebhelper.exe [1543872] [PID.4620]
[MD5.345B45BE09381D2011EB7F9AC11D8AC4] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [376944] [PID.8060]
[MD5.2727208EA26F6B6DA898AB6890417214] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8208384] [PID.3588]
~ Processes Running: Scanned in 00mn 00s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\Chuckyy2\AppData\Roaming\Mozilla\Firefox\Profiles\66x0krh7.default\prefs.js
M2 - MFEP: prefs.js [Chuck - 66x0krh7.default\abs@avira.com] [] Segurança do navegador Avira v1.4.7 (..)
M2 - MFEP: Extension [Chuck - 66x0krh7.default] abs@avira.com
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\ddg.xml
~ Firefox Browser: 20 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\windows\System32\Userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (21)
~ Hosts File: Scanned in 00mn 00s
---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [NvBackend] . (.NVIDIA Corporation - NVIDIA Backend.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
O4 - HKLM\..\Run: [ShadowPlay] . (.NVIDIA Corporation - NVIDIA Capture Server Proxy.) -- C:\windows\system32\nvspcap64.dll
O4 - HKLM\..\Run: [RtsFT] . (.Realtek semiconductor - RTFTrack.) -- C:\Windows\RTFTrack.exe
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Realtek HD Audio Manager.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
O4 - HKLM\..\Run: [RtHDVBg_Dolby] . (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
O4 - HKLM\..\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] . (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
O4 - HKLM\..\Run: [RtHDVBg_LENOVO_MICPKEY] . (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
O4 - HKLM\..\Run: [OnekeyStudio] . (.Lenovo - Lenovo Onekey Theater Application.) -- C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd
O4 - HKCU\..\Run: [Steam] . (.Valve Corporation - Steam Client Bootstrapper.) -- C:\Program Files (x86)\Steam\steam.exe
O4 - HKLM\..\Wow6432Node\Run: [UpdateP2GShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [avgnt] . (.Avira Operations GmbH & Co. KG - Avira system tray application.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
O4 - HKLM\..\Wow6432Node\Run: [Avira Systray] . (.Avira Operations GmbH & Co. KG - Avira.) -- C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
O4 - HKUS\S-1-5-21-916638824-3781038639-2039977346-1001\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd
O4 - HKUS\S-1-5-21-916638824-3781038639-2039977346-1001\..\Run: [Steam] . (.Valve Corporation - Steam Client Bootstrapper.) -- C:\Program Files (x86)\Steam\steam.exe
~ Application: Scanned in 00mn 00s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Se&nd to OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll =>.Microsoft Corporation
O9 - Extra button: Skype for Business Click to Call [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\lync.exe (.not file.)
O9 - Extra button: OneNote Lin&ked Notes [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll =>.Microsoft Corporation
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{DD0C7492-975C-4112-8FF4-6CE2328388D4}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{ED24EC5D-0CD7-4626-8A90-391213FFEFFA}: DhcpNameServer = 74.116.184.28 74.116.184.29
O17 - HKLM\System\CS1\Services\Tcpip\..\{DD0C7492-975C-4112-8FF4-6CE2328388D4}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{ED24EC5D-0CD7-4626-8A90-391213FFEFFA}: DhcpNameServer = 74.116.184.28 74.116.184.29
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: PGService (PGService) . (.PointGrab LTD - Lenovo Motion Control.) - C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe
O23 - Service: PG_Service_Launcher (PG_Service_Launcher) . (.PointGrab LTD - Lenovo Motion Control.) - C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe
~ Services: 25 Legitimates Filtered in 00mn 06s
---\\ Tâches planifiées en automatique (O39)
[MD5.5C9B001D8970C2DA36254A916F3DA8F7] [APT] [IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473] (...) -- C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368]
[MD5.5C9B001D8970C2DA36254A916F3DA8F7] [APT] [IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon] (...) -- C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368]
[MD5.00000000000000000000000000000000] [APT] [{20DF0A74-D7B3-4D39-9A81-A8526F0B9460}] (...) -- C:\Jeux\Sim City\EAUninstall.exe (.not file.) [0]
[MD5.53D9D3FEFA549BBD9043CCD3534F7AC6] [APT] [{238807CC-B1BE-474C-B9B2-E27A740DFEE5}] (...) -- C:\Jeux\League of Legends\lol.launcher.exe [97464]
[MD5.00000000000000000000000000000000] [APT] [{37BB22DA-D2AE-4EE9-AC59-F8D3FE0DDD20}] (...) -- E:\autorun.exe (.not file.) [0]
[MD5.53D9D3FEFA549BBD9043CCD3534F7AC6] [APT] [{A073765E-D5B7-4B26-A39D-C4EFEDD0FCBF}] (...) -- C:\Jeux\League of Legends\lol.launcher.exe [97464]
[MD5.53D9D3FEFA549BBD9043CCD3534F7AC6] [APT] [{BDB4704D-09BF-4BE2-9534-B076ECC12F29}] (...) -- C:\Jeux\League of Legends\lol.launcher.exe [97464]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [830]
~ Scheduled Task: 13 Legitimates Filtered in 00mn 01s
---\\ Logiciels installés (O42)
O42 - Logiciel: Broforce - (.Free Lives.) [HKLM][64Bits] -- Steam App 274190
~ Logic: 24 Legitimates Filtered in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\Fuzzywurtle]
[HKLM\Software\Open Labs]
[HKLM\Software\PartnerShared]
[HKLM\Software\Wow6432Node\FusionEngine]
~ Key Software: 231 Legitimates Filtered in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 2015-01-26 - 12:01:47 - [] ----D C:\Program Files (x86)\CRX Inspector
O43 - CFD: 2014-09-08 - 01:28:45 - [0] ----D C:\Program Files (x86)\New Folder
O43 - CFD: 2015-01-10 - 12:19:49 - [] ----D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
O43 - CFD: 2014-12-16 - 18:00:18 - [0] ----D C:\ProgramData\Energy Manager
O43 - CFD: 2014-12-10 - 22:51:17 - [] ----D C:\ProgramData\LU
O43 - CFD: 2015-01-10 - 13:08:35 - [0] ----D C:\ProgramData\Office2013
O43 - CFD: 2014-03-18 - 05:38:10 - [0] R-H-D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 2014-12-14 - 15:44:00 - [] ----D C:\Users\Chuckyy2\AppData\Roaming\OpenLabsLibrary
O43 - CFD: 2014-12-14 - 17:59:18 - [] -SH-D C:\Users\Chuckyy2\AppData\Local\EmieBrowserModeList
O43 - CFD: 2015-03-07 - 19:36:48 - [0] ----D C:\Users\Chuckyy2\AppData\Local\MediaStory
~ Program Folder: 155 Legitimates Filtered in 00mn 00s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.446EEF9A831C79DCE705CAB833833023] - 2015-04-27 - 15:53:22 ---A- . (...) -- C:\IFRToolLog.txt [1239]
O44 - LFC:[MD5.531121E7ED50084B493A69F8F8A7A927] - 2015-05-11 - 15:24:32 ---A- . (...) -- C:\Windows\System32\Drivers\TrueSight.sys [37624]
~ Files: 10 Legitimates Filtered in 00mn 00s
---\\ Déni du service (Local Security Authority) (O48)
~ LSA: 3 Legitimates Filtered in 00mn 00s
---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 17 Legitimates Filtered in 00mn 00s
---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s
---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:2013-08-12 - 18:25:46 ---A- . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\Windows\System32\Drivers\bcmfn2.sys [17624]
O58 - SDL:2013-08-22 - 07:43:32 ---A- . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) -- C:\Windows\System32\Drivers\stexstor.sys [31072]
O58 - SDL:2015-05-11 - 15:24:32 ---A- . (...) -- C:\Windows\System32\Drivers\TrueSight.sys [37624]
O58 - SDL:2014-08-15 - 23:35:00 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl64.sys [54784]
~ Drivers: 60 Legitimates Filtered in 00mn 00s
---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2015 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - https://www.bing.com/?toHttps=1&redig=69DA0EF8272048D9864AF4DB37211DE8
O69 - SBI: SearchScopes [HKCU] {3A345A16-C930-4943-93E2-171B90BB276E} - (Bing) - https://www.bing.com/?toHttps=1&redig=69DA0EF8272048D9864AF4DB37211DE8
~ Keys: Scanned in 00mn 00s
---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.70EC95FC7732CA1428DD4C9B7595CF00] [SPRF][2014-12-14] (.http://www.ruby-lang.org/ - Ruby interpreter (DLL) 1.9.3p0 [i386-mswin32_90].) -- C:\Users\Chuckyy2\AppData\Roaming\msvcr90-ruby191.dll [1249792]
~ Files: 1 Legitimates Filtered in 00mn 00s
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 2015-04-14 268464 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 2015-04-08 815920 | (AntiVirMailService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
SS - | Auto 2015-04-08 1004280 | (AntiVirWebService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
SS - | Demand 2014-04-16 279024 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SS - | Demand 2013-08-27 828376 | (Intel(R) Capability Licensing Service TCP IP Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
SS - | Demand 2014-02-28 174368 | (iumsvc) . (...) - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
SS - | Disabled 2014-09-08 198192 | (LenovoWiFiHotspotSvr) . (.Lenovo(beijing) Limited.) - C:\Windows\System32\LenovoWiFiHotspotSvr.exe
SS - | Disabled 2015-04-22 148080 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Demand 2014-05-29 284912 | (MyWiFiDHCPDNS) . (...) - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
SS - | Disabled 2014-04-03 315008 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Demand 2014-09-08 104696 | (TESHelper) . (.Lenovo.) - c:\Program Files\Common Files\Lenovo\Magic Transfer\x64\MagicTransferTESHelper.exe
SS - | Disabled 2014-09-08 68880 | (VeriFaceSrv) . (...) - C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
SS - | Demand 1658-07-22 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SS - | Demand 2014-10-28 38792 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 2015-04-08 434424 | (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
SR - | Auto 2015-04-08 434424 | (AntiVirService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
SR - | Auto 2014-10-07 60744 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 2015-04-10 205104 | (Avira.OE.ServiceHost) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
SR - | Auto 2011-08-30 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 2014-05-29 632048 | (EvtEng) . (.Intel(R) Corporation.) - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
SR - | Auto 2015-03-27 1152144 | (GfExperienceService) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
SR - | Auto 2014-04-16 296432 | (igfxCUIService1.0.0.0) . (.Intel Corporation.) - C:\Windows\System32\igfxCUIService.exe
SR - | Auto 2013-08-27 747520 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
SR - | Auto 2013-09-16 131544 | (Intel(R) ME Service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
SR - | Demand 2014-10-15 643880 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 2013-09-16 169432 | (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SR - | Auto 2014-05-21 584960 | (Lenovo System Agent Service) . (.LENOVO INCORPORATED..) - C:\Program Files\Lenovo\iMController\SystemAgentService.exe
SR - | Auto 2014-09-08 389680 | (LenovoSetSvr) . (.Lenovo(beijing) Limited.) - C:\Program Files (x86)\Lenovo\Lenovo Settings\LenovoSetSvr.exe
SR - | Auto 2014-02-17 38896 | (LUService) . (.Lenovo(beijing) Limited.) - C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe
SR - | Auto 2015-03-27 1878672 | (NvNetworkService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
SR - | Auto 2015-03-27 22995600 | (NvStreamSvc) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
SR - | Auto 2015-03-13 935056 | (nvsvc) . (.NVIDIA Corporation.) - C:\windows\system32\nvvsvc.exe
SR - | Auto 2014-02-25 167176 | (PGService) . (.PointGrab LTD.) - C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe
SR - | Auto 2014-02-25 512776 | (PG_Service_Launcher) . (.PointGrab LTD.) - C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe
SR - | Auto 2014-05-29 154864 | (RegSrvc) . (.Intel(R) Corporation.) - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
SR - | Auto 2012-04-24 390632 | (RichVideo64) . (...) - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
SR - | Demand 2015-04-13 836288 | (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
SR - | Auto 2015-03-13 410768 | (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
SR - | Demand 1658-07-22 0 | (WdNisSvc) . (...) - C:\Program Files (x86)\Windows Defender\NisSrv.exe
SR - | Demand 1658-07-22 0 | (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe
SR - | Auto 2014-05-29 3816176 | (ZeroConfigService) . (.Intel® Corporation.) - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
~ Services: Scanned in 00mn 05s
---\\ Scan Additionnel (O88)
Database Version : 13008 - (2015-05-05)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 0
~ Additionnel Scan: 267473 Items scanned in 00mn 09s
---\\ Informations complémentaires sur les modules
~ https://nicolascoolman.eu =>.Internet Explorer, Proxy Management (R5)
~ https://nicolascoolman.eu =>.Applications lancées au démarrage du système (O4)
~ AMI: 2 Legitimates Filtered in 00mn 00s
~ 597 Legitimates filtered by white list
End of the scan (380 lines in 00mn 31s)(0.7)
Je commence à croire que l'ordinateur a un problème et qu'il me faudrait contacter le tech support de lenovo... Mais bon, je ne m'y connais pas trop.
Voici le nouveau rapport:
~ Rapport de ZHPDiag v2015.5.8.47 - Nicolas Coolman (2015-05-05)
~ Lancé par Chuck (2015-05-11 22:06:36)
~ Facebook : https://www.facebook.com/nicolascoolman1
~ Adresse du Forum https://nicolascoolman.eu
~ Traduit par Nicolas Coolman
~ Etat de la version : Version à jour.
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user
---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.17728
MFIE: Mozilla Firefox 37.0.2 (Defaut)
---\\ Informations sur les produits Windows
~ Langage: Français
Windows Server License Manager Script : OK
~ Windows(R) Operating System, OEM_DM channel
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
Windows 8.1, 64-bit (Build 9600)
---\\ Logiciels de protection du système
Avira Antivirus v15.0.9.504
Malwarebytes Anti-Malware version 2.0.4.1028
Windows Defender W8 (Deactivate)
---\\ Logiciels d'optimisation du système
CCleaner v5.02
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
Adobe Flash Player 17 NPAPI
---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 60 Stepping 3, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 8104 MB (65% free)
System Restore: Activé (Enable)
System drive C: has 732 GB (82%) free of 889 GB
---\\ Mode de connexion au système
~ Computer Name: CHUCK-PC
~ User Name: Chuck
~ All Users Names: Guest, Chuck, Administrator,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\Chuckyy2\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Chuckyy2\AppData\Roaming\
~ %Desktop% : C:\Users\Chuckyy2\Desktop\
~ %Favorites% : C:\Users\Chuckyy2\Favorites\
~ %LocalAppData% : C:\Users\Chuckyy2\AppData\Local\
~ %StartMenu% : C:\Users\Chuckyy2\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 732 Go of 889 Go)
D: Hard drive, Flash drive, Thumb drive (Free 22 Go of 25 Go)
---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 41 Legitimates Filtered in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.C10A66189DC8C090E7C84873EDCEBC88] - (.Microsoft Corporation - Windows Explorer.) (.2015-01-27 - 18:47:12.) -- C:\Windows\Explorer.exe [2501368]
[MD5.A570A64292214C43E0BA50E6A72A6380] - (.Microsoft Corporation - Windows Start-Up Application.) (.2014-10-28 - 20:25:54.) -- C:\Windows\System32\Wininit.exe [145920]
[MD5.77B35D0FC22A2D2EAC8D07C3F9784DBF] - (.Microsoft Corporation - Internet Extensions for Win32.) (.2015-03-12 - 21:45:57.) -- C:\Windows\System32\wininet.dll [2358784]
[MD5.EC498BAE1F0D3E0E401C963F8D76C437] - (.Microsoft Corporation - Windows Logon Application.) (.2014-10-28 - 20:22:52.) -- C:\Windows\System32\Winlogon.exe [572416]
[MD5.AFCAB4DC692CCE37E283B00E2D7B438F] - (.Microsoft Corporation - Software Licensing Library.) (.2014-03-18 - 04:54:56.) -- C:\Windows\System32\sppcomapi.dll [447488]
[MD5.374E27295F0A9DCAA8FC96370F9BEEA5] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.2014-05-29 - 22:03:03.) -- C:\Windows\system32\Drivers\AFD.sys [563200]
[MD5.74B14192CF79A72F7536B27CB8814FBD] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.2013-08-22 - 07:43:41.) -- C:\Windows\system32\Drivers\atapi.sys [26464]
[MD5.2FA6510E33F7DEFEC03658B74101A9B9] - (.Microsoft Corporation - CD-ROM File System Driver.) (.2013-08-22 - 06:40:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [88576]
[MD5.C6796EA22B513E3457514D92DCDB1A3D] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.2013-08-22 - 03:46:35.) -- C:\Windows\system32\Drivers\Cdrom.sys [164352]
[MD5.A03F362C5557E238CBFA914689C77248] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.2014-03-06 - 04:22:50.) -- C:\Windows\system32\Drivers\DfsC.sys [134144]
[MD5.D4B7ED39C7900384D9E5C1283F1E7926] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.2014-07-24 - 06:45:39.) -- C:\Windows\system32\Drivers\HDAudBus.sys [76800]
[MD5.D887446F3F6051C60C26F4FD1FC8D43F] - (.Microsoft Corporation - i8042 Port Driver.) (.2014-10-06 - 22:29:50.) -- C:\Windows\system32\Drivers\i8042prt.sys [107520]
[MD5.B7342B3C58E91107F6E946A93D9D4EFD] - (.Microsoft Corporation - IP Network Address Translator.) (.2014-03-18 - 04:54:57.) -- C:\Windows\system32\Drivers\IpNat.sys [142848]
[MD5.31233271EDE50D1BBB220F78AFA60486] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.2014-10-08 - 02:32:10.) -- C:\Windows\system32\Drivers\MRxSmb.sys [405504]
[MD5.0217532E19A748F0E5D569307363D5FD] - (.Microsoft Corporation - MBT Transport driver.) (.2013-08-22 - 06:37:02.) -- C:\Windows\system32\Drivers\netBT.sys [282624]
[MD5.7F68063A5A0461E02BC860CE0E6BFDDC] - (.Microsoft Corporation - NT File System Driver.) (.2014-10-15 - 03:32:37.) -- C:\Windows\system32\Drivers\ntfs.sys [2025792]
[MD5.764B1121867B2D9B31C491668AC72B2B] - (.Microsoft Corporation - Parallel Port Driver.) (.2013-08-22 - 06:40:02.) -- C:\Windows\system32\Drivers\Parport.sys [94208]
[MD5.BBB6272B7F46C4640A8CDB8A70C3450F] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.2013-08-22 - 06:35:51.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [120832]
[MD5.680C1DAE268B6FB67FA21B389A8B79EF] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.2014-03-18 - 04:38:05.) -- C:\Windows\system32\Drivers\rdpdr.sys [195584]
[MD5.FFF28F9F6823EB1756C60F1649560BBF] - (.Microsoft Corporation - TDI Translation Driver.) (.2013-08-22 - 08:25:35.) -- C:\Windows\system32\Drivers\tdx.sys [107520]
[MD5.64CA2B4A49A8EAF495E435623ECCE7DB] - (.Microsoft Corporation - Volume Shadow Copy Driver.) (.2014-06-18 - 21:13:36.) -- C:\Windows\system32\Drivers\volsnap.sys [310080]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/15965
~ Mes musiques (My Musics) : 1/6968
~ Mes Favoris (My Favorites) : 1/10
~ Mes Documents (My Documents) : 1/2257
~ Mon Bureau (My Desktop) : 1/10
~ Menu demarrer (Programs) : 1/24
~ Hidden Files: Scanned in 00mn 00s
---\\ Processus lancés
[MD5.638644168D9B5B5093AD84C9C162B550] - (.NVIDIA Corporation - NVIDIA Backend.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2673296] [PID.7032]
[MD5.73CD25C93C41D174AFFCB140A10A8B1E] - (.Valve Corporation - Steam Client Bootstrapper.) -- C:\Program Files (x86)\Steam\Steam.exe [2889408] [PID.6468]
[MD5.3E23D1F7E91627DBD44AC82077E2BA7C] - (.Avira Operations GmbH & Co. KG - Avira system tray application.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [726320] [PID.6236]
[MD5.0EF0822810009D58118CCDFD098FA9F4] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480] [PID.4612]
[MD5.A097F470DB5D1B09CAD8C177C72FB267] - (.Avira Operations GmbH & Co. KG - Avira.) -- C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [130048] [PID.4388]
[MD5.C049C40CAEE8900130BD5F80B594CC7B] - (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [95192] [PID.4292]
[MD5.28E8693CE398825659632336C4B24451] - (.Valve Corporation - Steam Client WebHelper.) -- C:\Program Files (x86)\Steam\bin\steamwebhelper.exe [1543872] [PID.4620]
[MD5.345B45BE09381D2011EB7F9AC11D8AC4] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [376944] [PID.8060]
[MD5.2727208EA26F6B6DA898AB6890417214] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8208384] [PID.3588]
~ Processes Running: Scanned in 00mn 00s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\Chuckyy2\AppData\Roaming\Mozilla\Firefox\Profiles\66x0krh7.default\prefs.js
M2 - MFEP: prefs.js [Chuck - 66x0krh7.default\abs@avira.com] [] Segurança do navegador Avira v1.4.7 (..)
M2 - MFEP: Extension [Chuck - 66x0krh7.default] abs@avira.com
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\ddg.xml
~ Firefox Browser: 20 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\windows\System32\Userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (21)
~ Hosts File: Scanned in 00mn 00s
---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [NvBackend] . (.NVIDIA Corporation - NVIDIA Backend.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
O4 - HKLM\..\Run: [ShadowPlay] . (.NVIDIA Corporation - NVIDIA Capture Server Proxy.) -- C:\windows\system32\nvspcap64.dll
O4 - HKLM\..\Run: [RtsFT] . (.Realtek semiconductor - RTFTrack.) -- C:\Windows\RTFTrack.exe
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Realtek HD Audio Manager.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
O4 - HKLM\..\Run: [RtHDVBg_Dolby] . (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
O4 - HKLM\..\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] . (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
O4 - HKLM\..\Run: [RtHDVBg_LENOVO_MICPKEY] . (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
O4 - HKLM\..\Run: [OnekeyStudio] . (.Lenovo - Lenovo Onekey Theater Application.) -- C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd
O4 - HKCU\..\Run: [Steam] . (.Valve Corporation - Steam Client Bootstrapper.) -- C:\Program Files (x86)\Steam\steam.exe
O4 - HKLM\..\Wow6432Node\Run: [UpdateP2GShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [avgnt] . (.Avira Operations GmbH & Co. KG - Avira system tray application.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
O4 - HKLM\..\Wow6432Node\Run: [Avira Systray] . (.Avira Operations GmbH & Co. KG - Avira.) -- C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
O4 - HKUS\S-1-5-21-916638824-3781038639-2039977346-1001\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd
O4 - HKUS\S-1-5-21-916638824-3781038639-2039977346-1001\..\Run: [Steam] . (.Valve Corporation - Steam Client Bootstrapper.) -- C:\Program Files (x86)\Steam\steam.exe
~ Application: Scanned in 00mn 00s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Se&nd to OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll =>.Microsoft Corporation
O9 - Extra button: Skype for Business Click to Call [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\lync.exe (.not file.)
O9 - Extra button: OneNote Lin&ked Notes [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll =>.Microsoft Corporation
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{DD0C7492-975C-4112-8FF4-6CE2328388D4}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{ED24EC5D-0CD7-4626-8A90-391213FFEFFA}: DhcpNameServer = 74.116.184.28 74.116.184.29
O17 - HKLM\System\CS1\Services\Tcpip\..\{DD0C7492-975C-4112-8FF4-6CE2328388D4}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{ED24EC5D-0CD7-4626-8A90-391213FFEFFA}: DhcpNameServer = 74.116.184.28 74.116.184.29
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: PGService (PGService) . (.PointGrab LTD - Lenovo Motion Control.) - C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe
O23 - Service: PG_Service_Launcher (PG_Service_Launcher) . (.PointGrab LTD - Lenovo Motion Control.) - C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe
~ Services: 25 Legitimates Filtered in 00mn 06s
---\\ Tâches planifiées en automatique (O39)
[MD5.5C9B001D8970C2DA36254A916F3DA8F7] [APT] [IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473] (...) -- C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368]
[MD5.5C9B001D8970C2DA36254A916F3DA8F7] [APT] [IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon] (...) -- C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368]
[MD5.00000000000000000000000000000000] [APT] [{20DF0A74-D7B3-4D39-9A81-A8526F0B9460}] (...) -- C:\Jeux\Sim City\EAUninstall.exe (.not file.) [0]
[MD5.53D9D3FEFA549BBD9043CCD3534F7AC6] [APT] [{238807CC-B1BE-474C-B9B2-E27A740DFEE5}] (...) -- C:\Jeux\League of Legends\lol.launcher.exe [97464]
[MD5.00000000000000000000000000000000] [APT] [{37BB22DA-D2AE-4EE9-AC59-F8D3FE0DDD20}] (...) -- E:\autorun.exe (.not file.) [0]
[MD5.53D9D3FEFA549BBD9043CCD3534F7AC6] [APT] [{A073765E-D5B7-4B26-A39D-C4EFEDD0FCBF}] (...) -- C:\Jeux\League of Legends\lol.launcher.exe [97464]
[MD5.53D9D3FEFA549BBD9043CCD3534F7AC6] [APT] [{BDB4704D-09BF-4BE2-9534-B076ECC12F29}] (...) -- C:\Jeux\League of Legends\lol.launcher.exe [97464]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [830]
~ Scheduled Task: 13 Legitimates Filtered in 00mn 01s
---\\ Logiciels installés (O42)
O42 - Logiciel: Broforce - (.Free Lives.) [HKLM][64Bits] -- Steam App 274190
~ Logic: 24 Legitimates Filtered in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\Fuzzywurtle]
[HKLM\Software\Open Labs]
[HKLM\Software\PartnerShared]
[HKLM\Software\Wow6432Node\FusionEngine]
~ Key Software: 231 Legitimates Filtered in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 2015-01-26 - 12:01:47 - [] ----D C:\Program Files (x86)\CRX Inspector
O43 - CFD: 2014-09-08 - 01:28:45 - [0] ----D C:\Program Files (x86)\New Folder
O43 - CFD: 2015-01-10 - 12:19:49 - [] ----D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
O43 - CFD: 2014-12-16 - 18:00:18 - [0] ----D C:\ProgramData\Energy Manager
O43 - CFD: 2014-12-10 - 22:51:17 - [] ----D C:\ProgramData\LU
O43 - CFD: 2015-01-10 - 13:08:35 - [0] ----D C:\ProgramData\Office2013
O43 - CFD: 2014-03-18 - 05:38:10 - [0] R-H-D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 2014-12-14 - 15:44:00 - [] ----D C:\Users\Chuckyy2\AppData\Roaming\OpenLabsLibrary
O43 - CFD: 2014-12-14 - 17:59:18 - [] -SH-D C:\Users\Chuckyy2\AppData\Local\EmieBrowserModeList
O43 - CFD: 2015-03-07 - 19:36:48 - [0] ----D C:\Users\Chuckyy2\AppData\Local\MediaStory
~ Program Folder: 155 Legitimates Filtered in 00mn 00s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.446EEF9A831C79DCE705CAB833833023] - 2015-04-27 - 15:53:22 ---A- . (...) -- C:\IFRToolLog.txt [1239]
O44 - LFC:[MD5.531121E7ED50084B493A69F8F8A7A927] - 2015-05-11 - 15:24:32 ---A- . (...) -- C:\Windows\System32\Drivers\TrueSight.sys [37624]
~ Files: 10 Legitimates Filtered in 00mn 00s
---\\ Déni du service (Local Security Authority) (O48)
~ LSA: 3 Legitimates Filtered in 00mn 00s
---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 17 Legitimates Filtered in 00mn 00s
---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s
---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:2013-08-12 - 18:25:46 ---A- . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\Windows\System32\Drivers\bcmfn2.sys [17624]
O58 - SDL:2013-08-22 - 07:43:32 ---A- . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) -- C:\Windows\System32\Drivers\stexstor.sys [31072]
O58 - SDL:2015-05-11 - 15:24:32 ---A- . (...) -- C:\Windows\System32\Drivers\TrueSight.sys [37624]
O58 - SDL:2014-08-15 - 23:35:00 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl64.sys [54784]
~ Drivers: 60 Legitimates Filtered in 00mn 00s
---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2015 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - https://www.bing.com/?toHttps=1&redig=69DA0EF8272048D9864AF4DB37211DE8
O69 - SBI: SearchScopes [HKCU] {3A345A16-C930-4943-93E2-171B90BB276E} - (Bing) - https://www.bing.com/?toHttps=1&redig=69DA0EF8272048D9864AF4DB37211DE8
~ Keys: Scanned in 00mn 00s
---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.70EC95FC7732CA1428DD4C9B7595CF00] [SPRF][2014-12-14] (.http://www.ruby-lang.org/ - Ruby interpreter (DLL) 1.9.3p0 [i386-mswin32_90].) -- C:\Users\Chuckyy2\AppData\Roaming\msvcr90-ruby191.dll [1249792]
~ Files: 1 Legitimates Filtered in 00mn 00s
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 2015-04-14 268464 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 2015-04-08 815920 | (AntiVirMailService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
SS - | Auto 2015-04-08 1004280 | (AntiVirWebService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
SS - | Demand 2014-04-16 279024 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SS - | Demand 2013-08-27 828376 | (Intel(R) Capability Licensing Service TCP IP Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
SS - | Demand 2014-02-28 174368 | (iumsvc) . (...) - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
SS - | Disabled 2014-09-08 198192 | (LenovoWiFiHotspotSvr) . (.Lenovo(beijing) Limited.) - C:\Windows\System32\LenovoWiFiHotspotSvr.exe
SS - | Disabled 2015-04-22 148080 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Demand 2014-05-29 284912 | (MyWiFiDHCPDNS) . (...) - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
SS - | Disabled 2014-04-03 315008 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Demand 2014-09-08 104696 | (TESHelper) . (.Lenovo.) - c:\Program Files\Common Files\Lenovo\Magic Transfer\x64\MagicTransferTESHelper.exe
SS - | Disabled 2014-09-08 68880 | (VeriFaceSrv) . (...) - C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
SS - | Demand 1658-07-22 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SS - | Demand 2014-10-28 38792 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 2015-04-08 434424 | (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
SR - | Auto 2015-04-08 434424 | (AntiVirService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
SR - | Auto 2014-10-07 60744 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 2015-04-10 205104 | (Avira.OE.ServiceHost) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
SR - | Auto 2011-08-30 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 2014-05-29 632048 | (EvtEng) . (.Intel(R) Corporation.) - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
SR - | Auto 2015-03-27 1152144 | (GfExperienceService) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
SR - | Auto 2014-04-16 296432 | (igfxCUIService1.0.0.0) . (.Intel Corporation.) - C:\Windows\System32\igfxCUIService.exe
SR - | Auto 2013-08-27 747520 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
SR - | Auto 2013-09-16 131544 | (Intel(R) ME Service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
SR - | Demand 2014-10-15 643880 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 2013-09-16 169432 | (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SR - | Auto 2014-05-21 584960 | (Lenovo System Agent Service) . (.LENOVO INCORPORATED..) - C:\Program Files\Lenovo\iMController\SystemAgentService.exe
SR - | Auto 2014-09-08 389680 | (LenovoSetSvr) . (.Lenovo(beijing) Limited.) - C:\Program Files (x86)\Lenovo\Lenovo Settings\LenovoSetSvr.exe
SR - | Auto 2014-02-17 38896 | (LUService) . (.Lenovo(beijing) Limited.) - C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe
SR - | Auto 2015-03-27 1878672 | (NvNetworkService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
SR - | Auto 2015-03-27 22995600 | (NvStreamSvc) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
SR - | Auto 2015-03-13 935056 | (nvsvc) . (.NVIDIA Corporation.) - C:\windows\system32\nvvsvc.exe
SR - | Auto 2014-02-25 167176 | (PGService) . (.PointGrab LTD.) - C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe
SR - | Auto 2014-02-25 512776 | (PG_Service_Launcher) . (.PointGrab LTD.) - C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe
SR - | Auto 2014-05-29 154864 | (RegSrvc) . (.Intel(R) Corporation.) - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
SR - | Auto 2012-04-24 390632 | (RichVideo64) . (...) - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
SR - | Demand 2015-04-13 836288 | (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
SR - | Auto 2015-03-13 410768 | (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
SR - | Demand 1658-07-22 0 | (WdNisSvc) . (...) - C:\Program Files (x86)\Windows Defender\NisSrv.exe
SR - | Demand 1658-07-22 0 | (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe
SR - | Auto 2014-05-29 3816176 | (ZeroConfigService) . (.Intel® Corporation.) - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
~ Services: Scanned in 00mn 05s
---\\ Scan Additionnel (O88)
Database Version : 13008 - (2015-05-05)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 0
~ Additionnel Scan: 267473 Items scanned in 00mn 09s
---\\ Informations complémentaires sur les modules
~ https://nicolascoolman.eu =>.Internet Explorer, Proxy Management (R5)
~ https://nicolascoolman.eu =>.Applications lancées au démarrage du système (O4)
~ AMI: 2 Legitimates Filtered in 00mn 00s
~ 597 Legitimates filtered by white list
End of the scan (380 lines in 00mn 31s)(0.7)
artaban7
Messages postés
2204
Date d'inscription
samedi 12 juillet 2014
Statut
Membre
Dernière intervention
19 août 2015
90
12 mai 2015 à 11:19
12 mai 2015 à 11:19
ok, tu peux faire un nouveau ZHPdiag?
Chuckyy2
Messages postés
98
Date d'inscription
mercredi 22 avril 2009
Statut
Membre
Dernière intervention
21 octobre 2017
>
artaban7
Messages postés
2204
Date d'inscription
samedi 12 juillet 2014
Statut
Membre
Dernière intervention
19 août 2015
12 mai 2015 à 22:32
12 mai 2015 à 22:32
artaban7
Messages postés
2204
Date d'inscription
samedi 12 juillet 2014
Statut
Membre
Dernière intervention
19 août 2015
90
13 mai 2015 à 01:05
13 mai 2015 à 01:05
tu peux passer USBfix :
tu branches simplement tes supports externes et tu le lance .
https://www.sosvirus.net/usbfix-2018-previsualiser/
tu branches simplement tes supports externes et tu le lance .
https://www.sosvirus.net/usbfix-2018-previsualiser/
Chuckyy2
Messages postés
98
Date d'inscription
mercredi 22 avril 2009
Statut
Membre
Dernière intervention
21 octobre 2017
19 mai 2015 à 03:58
19 mai 2015 à 03:58
C'est enfin fait.
Voici le rapport:
[b]############################## | UsbFix V 7.940 | [Research][/b]
User: Chuck (Administrator) # CHUCK-PC
Updated 18/05/2015 by El Desaparecido - SosVirus
Started at 21:55:56 | 18/05/2015
Website : [url=http://www.en.usbfix.net/]http://www.en.usbfix.net/[/url]
Changelog : [url=http://www.en.usbfix.net/changelog/]http://www.en.usbfix.net/changelog/[/url]
Support : [url=http://www.sos-virus.net/]http://ww38.sos-virus.net/[/url]
Live detection : [url=http://how-to-remove.us/]http://ww17.how-to-remove.us/[/url]
Contact : [url=http://www.en.usbfix.net/contact/]http://www.en.usbfix.net/contact/[/url]
[b]################## | System information |[/b]
MB: LENOVO (Lenovo Y50-70)
CPU: Intel(R) Core(TM) i7-4710HQ CPU @ 2.50GHz
GC: Intel(R) HD Graphics 4600
RAM -> [Total : 8104 Mo | Free : 6078 Mo]
Bios: LENOVO
Boot: Normal boot
OS: Microsoft(TM) Windows 8.1 (6.3.9600 64-Bit)
WB: Internet Explorer : 11.00.9600.16384
WB: Mozilla Firefox : 38.0.1
[b]################## | Security Information |[/b]
AV: Avira Antivirus [Enabled |Updated]
AV: Windows Defender [[b](!) Disabled[/b] |Updated]
AS: Avira Antivirus [Enabled |Updated]
AS: Windows Defender [[b](!) Disabled[/b] |Updated]
AS: Malwarebytes Anti-Malware : 2.0.4.1028
FW: Windows Firewall [Enabled]
SC: Security Center [Enabled]
WU: Windows Update [Enabled]
[b]################## | Disk Information |[/b]
C:\ (%SystemDrive%) -> Fixed disk # 889 Gb (729 Gb free - 82%) [Windows8_OS] # NTFS
D:\ -> Fixed disk # 25 Gb (22 Gb free - 89%) [LENOVO] # NTFS
E:\ -> Fixed disk # 466 Gb (269 Gb free - 58%) [My Passport] # FAT32
F:\ -> Fixed disk # 932 Gb (704 Gb free - 76%) [TOURO Mobile 3.0] # NTFS
G:\ -> Removable disk # 8 Gb (6 Gb free - 78%) [USB CHARLES] # FAT32
[b]################## | Autorun |[/b]
[b]################## | Startup |[/b]
F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [x64] HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] userinit.exe
F2 - [x64] HKLM\..\Winlogon : [Userinit] C:\windows\System32\Userinit.exe,
04 - HKCU\..\Run : [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
04 - HKCU\..\Run : [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
04 - HKCU\..\RunOnce : [FlashPlayerUpdate] C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_17_0_0_169_Plugin.exe -update plugin
04 - HKLM\..\Run : [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
04 - HKLM\..\Run : [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
04 - HKLM\..\Run : [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
04 - HKLM\..\Run : [Avira Systray] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
04 - [x64] HKLM\..\Run : [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
04 - [x64] HKLM\..\Run : [ShadowPlay] C:\windows\system32\rundll32.exe C:\windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
04 - [x64] HKLM\..\Run : [RtsFT] RTFTrack.exe
04 - [x64] HKLM\..\Run : [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
04 - [x64] HKLM\..\Run : [RtHDVBg_Dolby] "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
04 - [x64] HKLM\..\Run : [RtHDVBg_LENOVO_DOLBYDRAGON] "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_DOLBYDRAGON
04 - [x64] HKLM\..\Run : [RtHDVBg_LENOVO_MICPKEY] "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_MICPKEY
04 - [x64] HKLM\..\Run : [OnekeyStudio] C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe -start
04 - HKU\S-1-5-21-916638824-3781038639-2039977346-1001\..\Run : [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
04 - HKU\S-1-5-21-916638824-3781038639-2039977346-1001\..\Run : [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
04 - HKU\S-1-5-21-916638824-3781038639-2039977346-1001\..\RunOnce : [FlashPlayerUpdate] C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_17_0_0_169_Plugin.exe -update plugin
[b]################## | Generic Research |[/b]
Found! E:\autorun.in_2.org
[b]################## | Registry |[/b]
[b]################## | UsbFix - Information |[/b]
Info : [url=https://www.youtube.com/watch?v=vUZYYASd7FE]How to remove shortcut virus on flash disk (Video)[/url]
Info : [url=http://www.en.usbfix.net/2014/03/remove-shortcut-virus-usb/]Shortcut virus on flash disk, What is it ?[/url]
Live detection : [url=http://how-to-remove.us/]http://ww17.how-to-remove.us/[/url]
[b]################## | Attrib - Restore |[/b]
[b]################## | E.O.F | [url=http://www.sosvirus.net/]https://www.sosvirus.net/[/url] | [url=http://www.en.usbfix.net/]http://www.en.usbfix.net/[/url] |[/b]
Voici le rapport:
[b]############################## | UsbFix V 7.940 | [Research][/b]
User: Chuck (Administrator) # CHUCK-PC
Updated 18/05/2015 by El Desaparecido - SosVirus
Started at 21:55:56 | 18/05/2015
Website : [url=http://www.en.usbfix.net/]http://www.en.usbfix.net/[/url]
Changelog : [url=http://www.en.usbfix.net/changelog/]http://www.en.usbfix.net/changelog/[/url]
Support : [url=http://www.sos-virus.net/]http://ww38.sos-virus.net/[/url]
Live detection : [url=http://how-to-remove.us/]http://ww17.how-to-remove.us/[/url]
Contact : [url=http://www.en.usbfix.net/contact/]http://www.en.usbfix.net/contact/[/url]
[b]################## | System information |[/b]
MB: LENOVO (Lenovo Y50-70)
CPU: Intel(R) Core(TM) i7-4710HQ CPU @ 2.50GHz
GC: Intel(R) HD Graphics 4600
RAM -> [Total : 8104 Mo | Free : 6078 Mo]
Bios: LENOVO
Boot: Normal boot
OS: Microsoft(TM) Windows 8.1 (6.3.9600 64-Bit)
WB: Internet Explorer : 11.00.9600.16384
WB: Mozilla Firefox : 38.0.1
[b]################## | Security Information |[/b]
AV: Avira Antivirus [Enabled |Updated]
AV: Windows Defender [[b](!) Disabled[/b] |Updated]
AS: Avira Antivirus [Enabled |Updated]
AS: Windows Defender [[b](!) Disabled[/b] |Updated]
AS: Malwarebytes Anti-Malware : 2.0.4.1028
FW: Windows Firewall [Enabled]
SC: Security Center [Enabled]
WU: Windows Update [Enabled]
[b]################## | Disk Information |[/b]
C:\ (%SystemDrive%) -> Fixed disk # 889 Gb (729 Gb free - 82%) [Windows8_OS] # NTFS
D:\ -> Fixed disk # 25 Gb (22 Gb free - 89%) [LENOVO] # NTFS
E:\ -> Fixed disk # 466 Gb (269 Gb free - 58%) [My Passport] # FAT32
F:\ -> Fixed disk # 932 Gb (704 Gb free - 76%) [TOURO Mobile 3.0] # NTFS
G:\ -> Removable disk # 8 Gb (6 Gb free - 78%) [USB CHARLES] # FAT32
[b]################## | Autorun |[/b]
[b]################## | Startup |[/b]
F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [x64] HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] userinit.exe
F2 - [x64] HKLM\..\Winlogon : [Userinit] C:\windows\System32\Userinit.exe,
04 - HKCU\..\Run : [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
04 - HKCU\..\Run : [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
04 - HKCU\..\RunOnce : [FlashPlayerUpdate] C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_17_0_0_169_Plugin.exe -update plugin
04 - HKLM\..\Run : [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
04 - HKLM\..\Run : [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
04 - HKLM\..\Run : [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
04 - HKLM\..\Run : [Avira Systray] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
04 - [x64] HKLM\..\Run : [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
04 - [x64] HKLM\..\Run : [ShadowPlay] C:\windows\system32\rundll32.exe C:\windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
04 - [x64] HKLM\..\Run : [RtsFT] RTFTrack.exe
04 - [x64] HKLM\..\Run : [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
04 - [x64] HKLM\..\Run : [RtHDVBg_Dolby] "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
04 - [x64] HKLM\..\Run : [RtHDVBg_LENOVO_DOLBYDRAGON] "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_DOLBYDRAGON
04 - [x64] HKLM\..\Run : [RtHDVBg_LENOVO_MICPKEY] "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_MICPKEY
04 - [x64] HKLM\..\Run : [OnekeyStudio] C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe -start
04 - HKU\S-1-5-21-916638824-3781038639-2039977346-1001\..\Run : [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
04 - HKU\S-1-5-21-916638824-3781038639-2039977346-1001\..\Run : [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
04 - HKU\S-1-5-21-916638824-3781038639-2039977346-1001\..\RunOnce : [FlashPlayerUpdate] C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_17_0_0_169_Plugin.exe -update plugin
[b]################## | Generic Research |[/b]
Found! E:\autorun.in_2.org
[b]################## | Registry |[/b]
[b]################## | UsbFix - Information |[/b]
Info : [url=https://www.youtube.com/watch?v=vUZYYASd7FE]How to remove shortcut virus on flash disk (Video)[/url]
Info : [url=http://www.en.usbfix.net/2014/03/remove-shortcut-virus-usb/]Shortcut virus on flash disk, What is it ?[/url]
Live detection : [url=http://how-to-remove.us/]http://ww17.how-to-remove.us/[/url]
[b]################## | Attrib - Restore |[/b]
[b]################## | E.O.F | [url=http://www.sosvirus.net/]https://www.sosvirus.net/[/url] | [url=http://www.en.usbfix.net/]http://www.en.usbfix.net/[/url] |[/b]
artaban7
Messages postés
2204
Date d'inscription
samedi 12 juillet 2014
Statut
Membre
Dernière intervention
19 août 2015
90
19 mai 2015 à 16:44
19 mai 2015 à 16:44
toujours des Freezes ?
tu peux refaire un ZHPdiag?
tu peux refaire un ZHPdiag?
