Vérification préléminaire
Résolu/Fermé
A voir également:
- Vérification préléminaire
- Vérification lien - Guide
- Ps4 verification de l'etat du stockage ✓ - Forum PS4
- Vérification d'état du pc - Guide
- Temporisation de la verification wechat - Forum Mobile
- Human verification - Forum Jeux vidéos smartphones
10 réponses
ArnaudLy6
Messages postés
4411
Date d'inscription
samedi 22 mai 2010
Statut
Membre
Dernière intervention
13 février 2016
188
19 avril 2015 à 20:18
19 avril 2015 à 20:18
Salut,
Ton Pc est infecté par des logiciels publicitaires, voici les étapes à suivre :
Télécharge AdwCleaner
Ensuite suis ces étapes :
- Lance le logiciel
- Clique sur "Scanner"
- Une fois le scan terminé, clique sur "Nettoyer"
- Le logiciel va redémarrer ton ordinateur
- Une fois ta session ouverte, tu devrais avoir un rapport de nettoyage
- Colle ce rapport dans ton prochain message
Une fois que c'est fait,
Télécharge maintenant Malwarebytes Anti-Malware
- Décoche "Activer l'essai gratuit de Malwarebytes Anti-Malware Premium"
- Lance MalwareBytes
- Dans l'onglet Tableau de Bord, clique sur Mettre à jour
- Clique ensuite sur l'onglet " Examen "
- Coche " Examen Menaces "
- Clique sur " Examiner maintenant "
- Attends la fin de l'analyse
- Une fois l'analyse terminée, clique sur " Supprimer la sélection "
- Accepte le redémarrage du PC si demandé
Une fois que ton ordinateur a redémarré, relance Malwarebytes Anti-Malware et cette fois-ci rends toi dans l'onglet " Historique ",
puis " Journaux de l'application ".
Sélectionne le rapport le plus récent, ouvre-le et clique en bas sur Coller dans le presse-papier.
Il ne te reste plus qu'à coller le rapport dans ton prochain message.
Ton Pc est infecté par des logiciels publicitaires, voici les étapes à suivre :
Télécharge AdwCleaner
Ensuite suis ces étapes :
- Lance le logiciel
- Clique sur "Scanner"
- Une fois le scan terminé, clique sur "Nettoyer"
- Le logiciel va redémarrer ton ordinateur
- Une fois ta session ouverte, tu devrais avoir un rapport de nettoyage
- Colle ce rapport dans ton prochain message
Une fois que c'est fait,
Télécharge maintenant Malwarebytes Anti-Malware
- Décoche "Activer l'essai gratuit de Malwarebytes Anti-Malware Premium"
- Lance MalwareBytes
- Dans l'onglet Tableau de Bord, clique sur Mettre à jour
- Clique ensuite sur l'onglet " Examen "
- Coche " Examen Menaces "
- Clique sur " Examiner maintenant "
- Attends la fin de l'analyse
- Une fois l'analyse terminée, clique sur " Supprimer la sélection "
- Accepte le redémarrage du PC si demandé
Une fois que ton ordinateur a redémarré, relance Malwarebytes Anti-Malware et cette fois-ci rends toi dans l'onglet " Historique ",
puis " Journaux de l'application ".
Sélectionne le rapport le plus récent, ouvre-le et clique en bas sur Coller dans le presse-papier.
Il ne te reste plus qu'à coller le rapport dans ton prochain message.
bonsoir,
Voici les 2 rapports:
ADWCLEANER:
# AdwCleaner v4.201 - Rapport créé le 19/04/2015 à 19:46:26
# Mis à jour le 08/04/2015 par Xplode
# Base de données : 2015-04-19.4 [Serveur]
# Système d'exploitation : Windows 7 Professional Service Pack 1 (x86)
# Nom d'utilisateur : MIZI Yacine - MIZIYACINE-HP
# Exécuté depuis : C:\Users\MIZI Yacine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CNQXCINF\adwcleaner_4.201.exe
# Option : Nettoyer
Dossier Supprimé : C:\ProgramData\apn
Dossier Supprimé : C:\Program Files\BearShare Applications
Dossier Supprimé : C:\Program Files\Mobogenie
Dossier Supprimé : C:\Users\MIZI Yacine\AppData\Local\Mobogenie
Dossier Supprimé : C:\Users\MIZI Yacine\AppData\Local\PackageAware
Fichier Supprimé : C:\Users\MIZI Yacine\daemonprocess.txt
Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Clé Supprimée : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Clé Supprimée : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Clé Supprimée : HKCU\Software\Conduit
Clé Supprimée : HKCU\Software\YahooPartnerToolbar
Clé Supprimée : HKLM\SOFTWARE\DeviceVM
Clé Supprimée : HKLM\SOFTWARE\dt soft\daemon tools toolbar
-\\ Internet Explorer v11.0.9600.17728
-\\ Mozilla Firefox v37.0.1 (x86 fr)
-\\ Google Chrome v42.0.2311.90
AdwCleaner[R0].txt - [1820 octets] - [19/04/2015 19:24:52]
AdwCleaner[R1].txt - [1880 octets] - [19/04/2015 19:40:50]
AdwCleaner[S0].txt - [1831 octets] - [19/04/2015 19:46:26]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1891 octets] ##########
MALWAREBYTES:
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 22/04/2015
Scan Time: 11:56:16
Logfile: malw.txt
Administrator: Yes
Version: 2.00.4.1028
Malware Database: v2015.04.21.03
Rootkit Database: v2015.04.20.01
License: Premium
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Enabled
OS: Windows 7 Service Pack 1
CPU: x86
File System: NTFS
User: MIZI Yacine
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 331150
Time Elapsed: 56 min, 33 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Deep Rootkit Scan: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 0
(No malicious items detected)
Registry Values: 0
(No malicious items detected)
Merci!!!!
Voici les 2 rapports:
ADWCLEANER:
# AdwCleaner v4.201 - Rapport créé le 19/04/2015 à 19:46:26
# Mis à jour le 08/04/2015 par Xplode
# Base de données : 2015-04-19.4 [Serveur]
# Système d'exploitation : Windows 7 Professional Service Pack 1 (x86)
# Nom d'utilisateur : MIZI Yacine - MIZIYACINE-HP
# Exécuté depuis : C:\Users\MIZI Yacine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CNQXCINF\adwcleaner_4.201.exe
# Option : Nettoyer
- [ Services ] *****
- [ Fichiers / Dossiers ] *****
Dossier Supprimé : C:\ProgramData\apn
Dossier Supprimé : C:\Program Files\BearShare Applications
Dossier Supprimé : C:\Program Files\Mobogenie
Dossier Supprimé : C:\Users\MIZI Yacine\AppData\Local\Mobogenie
Dossier Supprimé : C:\Users\MIZI Yacine\AppData\Local\PackageAware
Fichier Supprimé : C:\Users\MIZI Yacine\daemonprocess.txt
- [ Tâches planifiées ] *****
- [ Raccourcis ] *****
- [ Registre ] *****
Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Clé Supprimée : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Clé Supprimée : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Clé Supprimée : HKCU\Software\Conduit
Clé Supprimée : HKCU\Software\YahooPartnerToolbar
Clé Supprimée : HKLM\SOFTWARE\DeviceVM
Clé Supprimée : HKLM\SOFTWARE\dt soft\daemon tools toolbar
- [ Navigateurs ] *****
-\\ Internet Explorer v11.0.9600.17728
-\\ Mozilla Firefox v37.0.1 (x86 fr)
-\\ Google Chrome v42.0.2311.90
AdwCleaner[R0].txt - [1820 octets] - [19/04/2015 19:24:52]
AdwCleaner[R1].txt - [1880 octets] - [19/04/2015 19:40:50]
AdwCleaner[S0].txt - [1831 octets] - [19/04/2015 19:46:26]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1891 octets] ##########
MALWAREBYTES:
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 22/04/2015
Scan Time: 11:56:16
Logfile: malw.txt
Administrator: Yes
Version: 2.00.4.1028
Malware Database: v2015.04.21.03
Rootkit Database: v2015.04.20.01
License: Premium
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Enabled
OS: Windows 7 Service Pack 1
CPU: x86
File System: NTFS
User: MIZI Yacine
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 331150
Time Elapsed: 56 min, 33 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Deep Rootkit Scan: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 0
(No malicious items detected)
Registry Values: 0
(No malicious items detected)
Merci!!!!
ArnaudLy6
Messages postés
4411
Date d'inscription
samedi 22 mai 2010
Statut
Membre
Dernière intervention
13 février 2016
188
22 avril 2015 à 18:24
22 avril 2015 à 18:24
Re,
Pourrais-tu refaire une analyse ZHPDiag ?
Pourrais-tu refaire une analyse ZHPDiag ?
~ Rapport de ZHPDiag v2015.4.20.40 - Nicolas Coolman (20/04/2015)
~ Lancé par MIZI Yacine (23/04/2015 12:35:29)
~ Facebook : https://www.facebook.com/nicolascoolman1
~ Adresse du Forum http://forum.nicolascoolman.fr
~ Traduit par Nicolas Coolman
~ Etat de la version : Version à jour.
~ Liste blanche : Désactivée par l'utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by program
---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.17728
MFIE: Mozilla Firefox 37.0.1 (Defaut)
GCIE: Google Chrome v42.0.2311.90
---\\ Informations sur les produits Windows
~ Langage: Français
Windows Server License Manager Script : OK
---\\ Logiciels de protection du système
Malwarebytes Anti-Malware version 2.0.4.1028
Microsoft Security Client v4.7.0205.0
McAfee Security Scan Plus v3.8.150.1
Windows Defender W7 (Deactivate)
---\\ Logiciels d'optimisation du système
CCleaner v4.03
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
Adobe Flash Player 17 NPAPI
Adobe Reader XI
Java 7 Update 71
---\\ Informations sur le système
~ Processor: x86 Family 6 Model 37 Stepping 2, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1909 MB (14% free)
System Restore: Activé (Enable)
System drive C: has 3 GB (2%) free of 128 GB
---\\ Mode de connexion au système
~ Computer Name: MIZIYACINE-HP
~ User Name: MIZI Yacine
~ All Users Names: MIZI Yacine, HomeGroupUser$, Administrateur,
~ Unselected Option: None
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\MIZI Yacine\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\MIZI Yacine\AppData\Roaming\
~ %Desktop% : C:\Users\MIZI Yacine\Desktop\
~ %Favorites% : C:\Users\MIZI Yacine\Favorites\
~ %LocalAppData% : C:\Users\MIZI Yacine\AppData\Local\
~ %StartMenu% : C:\Users\MIZI Yacine\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 3 Go of 128 Go)
D: Hard drive, Flash drive, Thumb drive (Free 2 Go of 88 Go)
E: CD-ROM drive (Not Inserted)
F: Hard drive, Flash drive, Thumb drive (Free 2 Go of 2 Go)
G: CD-ROM drive (Not Inserted)
---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyGames: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified =>Hijacker.Application
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: 38 Scanned in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 06:30:54.) -- C:\Windows\Explorer.exe [2616320]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.C46904F2E9E121A91DDDABB48D7648C3] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.13/03/2015 - 03:20:28.) -- C:\Windows\System32\wininet.dll [1888256]
[MD5.52449FD429D6053B78AE564DEF303870] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.17/07/2014 - 02:39:27.) -- C:\Windows\System32\Winlogon.exe [304128]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 13:21:24.) -- C:\Windows\System32\sppcomapi.dll [193536]
[MD5.D0B388DA1D111A34366E04EB4A5DD156] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.30/05/2014 - 07:36:07.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 09:38:10.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 09:42:32.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 10:59:29.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 00:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:17:22.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 09:39:44.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.C8DFF8D07755A66C7A4A738930F0FEAC] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.24/01/2014 - 03:18:22.) -- C:\Windows\system32\Drivers\ntfs.sys [1212352]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 00:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/07/2009 - 00:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.B973FCFC50DC1434E1970A146F7E3885] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.20/11/2010 - 11:24:46.) -- C:\Windows\system32\Drivers\rdpdr.sys [133632]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 00:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.7FE680A3DFA421C4A8E4879AE4C5AAB0] - (.Microsoft Corporation - TDI Translation Driver.) (.11/11/2014 - 02:32:14.) -- C:\Windows\system32\Drivers\tdx.sys [74752]
[MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 13:30:16.) -- C:\Windows\system32\Drivers\volsnap.sys [245632]
~ Generic Processes: Scanned in 00mn 01s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/436
~ Mes musiques (My Musics) : 1/583
~ Mes Videos (My Videos) : 1/12
~ Mes Favoris (My Favorites) : 1/46
~ Mes Documents (My Documents) : 3/5452
~ Mon Bureau (My Desktop) : 2/8170
~ Menu demarrer (Programs) : 1/26
~ Hidden Files: Scanned in 00mn 31s
---\\ Processus lancés
[MD5.3C13F26A4766752314A5413038BD86B4] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- D:\Program Files\Malwarebytes Anti-Malware\mbam.exe [7229752] [PID.5952]
[MD5.423D3D1F049CA9AC89AA6E30804A98CD] - (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray.exe [495708] [PID.5260]
[MD5.36D602F19419B84F31807EB438CD8A93] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [171032] [PID.5504]
[MD5.1754B50F15E856B90B6AF0C1ED183A85] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [170520] [PID.2012]
[MD5.1FC71A719B45A6A90BAFE2387EA07984] - (.Pas de propriétaire - HSDPALauncher MFC Application.) -- C:\Program Files\HSPA USB Modem\HSPALauncher.exe [233472] [PID.5668]
[MD5.F4A755E3A99F4F2324FC2138D30F01B4] - (.LogMeIn Inc. - Hamachi Client Application.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [3978600] [PID.6016]
[MD5.B18DD75D9A482A56A1E61D8512EB4206] - (.DigitalPersona, Inc. - DigitalPersona Local Agent.) -- C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe [634192] [PID.4588]
[MD5.BF93DA78B62A4F13D631657EE2FDCEBD] - (.Salaat Time - www.salaattime.com - Salaat Time is a multi-function Islamic fre.) -- C:\Program Files\Salaat Time\SalaatTime.exe [15376384] [PID.4864]
[MD5.BCDBA189B917C4F5C2E9F1F0EC2EB2A2] - (.Broadcom Corporation. - Bluetooth Tray Application.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [795936] [PID.5404]
[MD5.3D558E2572EDF52FAD098AF2534B4E20] - (.McAfee, Inc. - McAfee Security Scanner Scheduler.) -- C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe [279456] [PID.4436]
[MD5.C7D6234A39B7F5237006AF5A0B305D32] - (.Broadcom Corporation. - Bluetooth Stack COM Server.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe [2360608] [PID.4188]
[MD5.B3581F426DC500A51091CDD5BACF0454] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [815288] [PID.3144]
[MD5.3BAE1445A43835CEEC3B8548578EB08A] - (.McAfee, Inc. - SiteAdvisor.) -- C:\Program Files\McAfee\SiteAdvisor\saUI.exe [1212112] [PID.1920]
[MD5.E8B7FD67DA14A7BE57A5CB80E3139E60] - (.Google Inc. - Google Toolbar Broker.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe [309704] [PID.5900]
[MD5.7E6B4AD487ED241D8224108E8E86A351] - (.Adobe Systems Incorporated - Adobe® Flash® Player Installer/Uninstaller.) -- C:\windows\system32\Macromed\Flash\FlashUtil32_17_0_0_169_ActiveX.exe [927920] [PID.6392]
[MD5.2C009C50C0EE073EC0F993698CDB6C92] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8198656] [PID.6160]
~ Processes Running: Scanned in 00mn 01s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\MIZI Yacine\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] None
---\\ Liste des dossiers d'extension Google Chrome
G2 - EXT: C:\Users\MIZI Yacine\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [Google Voice Search Hotword (Beta)]
G2 - EXT: C:\Users\MIZI Yacine\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [SiteAdvisor]
G2 - EXT: C:\Users\MIZI Yacine\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [__MSG_APP_NAME__]
~ Google Lines Browser: 7 Scanned in 00mn 00s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
M2 - MFEP: RegExtension {e4f94d1e-2f53-401e-8885-681602c0ddd8} . (...) -- C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
M0 - MFSP: prefs.js [MIZI Yacine - ssgf1vb4.default-1416367533829] http://mizi.no-ip.org
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 11.0.10.) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin6.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin7.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\windows\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll
P2 - FPN: [HKLM] [@java.com/DTPlugin,version=10.71.2] - (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Oracle Corporation - Next Generation Java Plug-in 10.71.2 for Mozilla browsers.) -- C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=10.71.2] - (.Oracle Corporation - Next Generation Java Plug-in 10.71.2 for Mozilla browsers.) -- C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.30514.0.) -- c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3502.0922] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3508.1109] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.1.0] - (.VideoLAN - VLC media player Web Plugin 2.1.3.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll =>.VideoLAN
P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.1.2] - (.VideoLAN - VLC media player Web Plugin 2.1.3.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll =>.VideoLAN
P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.1.5] - (.VideoLAN - VLC media player Web Plugin 2.1.3.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll =>.VideoLAN
P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 11.0.10.) -- C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
~ Firefox Browser: 31 Scanned in 00mn 01s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dz
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = preserve
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 11.0.10.) (No version) -- (.not file.)
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
~ IE Browser: 12 Scanned in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
O1 - Hosts: 25.200.201.226 server-db
O1 - Hosts: 25.73.7.223 server-db-mizi
O1 - Hosts: 25.34.61.29 server-db-bio
~ Nombre lignes détournées 3/26 (Hosts file redirected)
~ Hosts File: Scanned in 00mn 00s
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} . (.McAfee, Inc. - Quick Browser Identifier for MSS+ Tool.) -- C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} . (.Hewlett-Packard - File Sanitizer for HP ProtectTools.) -- C:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: HP ProtectTools Security Manager Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} . (.DigitalPersona, Inc. - DigitalPersona OTS Feedback component.) -- C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} . (.Microsoft Corporation - Windows Live Messenger Companion Core.) -- C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} . (.McAfee, Inc. - SiteAdvisor.) -- C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} . (.Hewlett-Packard - HP Network Check IE Plug-in.) -- C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
~ BHO: 20 Scanned in 00mn 01s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: McAfee SiteAdvisor Toolbar - [HKLM]{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} . (.McAfee, Inc. - SiteAdvisor.) -- C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll
O3 - Toolbar: Google Toolbar - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{21FA44EF-376D-4D53-9B0F-8A89D3229068} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{47833539-D0C5-4125-9FA8-0819E2EAAC93} Clé orpheline
~ Toolbar: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\QuickLaunch [MIZI Yacine]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\MIZI Yacine\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Global Startup: 1 Scanned in 00mn 09s
---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- C:\Program Files\Microsoft Security Client\msseces.exe
O4 - HKLM\..\Run: [SysTrayApp] . (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [HSPALauncher] . (.Pas de propriétaire - HSDPALauncher MFC Application.) -- C:\Program Files\HSPA USB Modem\HSPALauncher.exe
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] . (.LogMeIn Inc. - Hamachi Client Application.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
O4 - HKCU\..\Run: [HPADVISOR] . (.Hewlett-Packard - HP Advisor.) -- C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
O4 - HKCU\..\Run: [ccleaner] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe =>.Piriform Ltd
O4 - HKCU\..\Run: [SalaatTime] . (.Salaat Time - www.salaattime.com - Salaat Time is a multi-function Islamic fre.) -- C:\Program Files\Salaat Time\SalaatTime.exe
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\MIZI Yacine\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-4109991188-1815089142-2490107785-1002\..\Run: [HPADVISOR] . (.Hewlett-Packard - HP Advisor.) -- C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
O4 - HKUS\S-1-5-21-4109991188-1815089142-2490107785-1002\..\Run: [ccleaner] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe =>.Piriform Ltd
O4 - HKUS\S-1-5-21-4109991188-1815089142-2490107785-1002\..\Run: [SalaatTime] . (.Salaat Time - www.salaattime.com - Salaat Time is a multi-function Islamic fre.) -- C:\Program Files\Salaat Time\SalaatTime.exe
O4 - HKUS\S-1-5-21-4109991188-1815089142-2490107785-1002\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-21-4109991188-1815089142-2490107785-1002\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-4109991188-1815089142-2490107785-1002\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\MIZI Yacine\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Application: Scanned in 00mn 00s
---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in 00mn 00s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} . (.Microsoft Corporation - Windows Live Messenger Companion core resources.) -- C:\Program Files\Windows Live\Companion\companionres.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} . (...) -- C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\Resources\Icons\HP.ico
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} . (...) -- C:\Program Files\WIDCOMM\Bluetooth Software\bt_hot_icon.ico
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\windows\system32\wshbth.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll =>.Microsoft Corporation
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll =>.Microsoft Corporation
O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\windows\system32\mswsock.dll =>.Microsoft Corporation
O10 - WLSP:\000000000009\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\windows\system32\winrnr.dll
~ Winsock: 9 Scanned in 00mn 00s
---\\ Site dans la Zone de confiance d'Internet Explorer (O15)
O15 - Trusted Zone: [HKLM\...\EscDomains\www] http.mcafeeasap.com
~ IE Zone Confiance: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{6E3851DC-4BDB-4E20-9FE2-65F6AFAF9EE8}: DhcpNameServer = 192.168.21.10
O17 - HKLM\System\CS1\Services\Tcpip\..\{6E3851DC-4BDB-4E20-9FE2-65F6AFAF9EE8}: DhcpNameServer = 192.168.21.10
O17 - HKLM\System\CS2\Services\Tcpip\..\{6E3851DC-4BDB-4E20-9FE2-65F6AFAF9EE8}: DhcpNameServer = 192.168.21.10
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.21.10
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: DeviceNP . (.Hewlett-Packard Limited - Pas de description.) -- C:\Windows\System32\DeviceNP.dll
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ SSODL: 1 Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) . (.Andrea Electronics Corporation - Andrea filters APO access service (32-bit).) - C:\Program Files\IDT\WDM\aestsrv.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) . (.LSI Corporation - LSI Soft Modem Call Progress Service.) - C:\Program Files\LSI SoftModem\agrsmsvc.exe
O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bluetooth Service (btwdins) . (.Broadcom Corporation. - Bluetooth Support Server.) - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Canon Driver Information Assist Service (Canon Driver Information Assist Service) . (.CANON INC. - Driver Information Assist Core Module.) - C:\Program Files\Canon\DIAS\CnxDIAS.exe
O23 - Service: (DpHost) . (.DigitalPersona, Inc. - DigitalPersona Local Host.) - C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe =>.Google Inc
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) . (.LogMeIn Inc. - Hamachi Client Tunneling Engine.) - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: HP Power Assistant Service (HP Power Assistant Service) . (.Hewlett-Packard Company - HPPA_Service.) - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
O23 - Service: HP ProtectTools Service (HP ProtectTools Service) . (.Hewlett-Packard Development Company, L.P - PTChangeFilterService.) - C:\Program Files\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
O23 - Service: HP Support Assistant Service (HP Support Assistant Service) . (.Hewlett-Packard Company - HP Support Assistant Service.) - C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe =>.Hewlett-Packard Co
O23 - Service: HP Wireless Assistant Service (HP Wireless Assistant Service) . (.Hewlett-Packard Company - HPPA_Service.) - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
O23 - Service: HP DayStarter Service (HPDayStarterService) . (.Hewlett-Packard Company - HP DayStarter service.) - c:\Program Files\Hewlett-Packard\HP QuickLook\HPDayStarterService.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) . (.Hewlett-Packard Company - HP Quick Synchronization Service.) - C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: Drive Encryption Service (HpFkCryptService) . (.McAfee, Inc. - Drive Encryption for HP ProtectTools Servic.) - C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
O23 - Service: File Sanitizer for HP ProtectTools (HPFSService) . (.Hewlett-Packard - HPFSService Application.) - C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: HP Hotkey Monitor (hpHotkeyMonitor) . (.Hewlett-Packard Company - hpHotkeyMonitor Service.) - C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
O23 - Service: HP Service (hpsrv) . (.Hewlett-Packard Company - HpService.) - C:\Windows\System32\Hpservice.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) . (.Intel Corporation - RAID Monitor.) - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) . (.Hewlett-Packard Company - LightScribe Service.) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LMIGuardianSvc (LMIGuardianSvc) . (.LogMeIn, Inc. - LMIGuardianSvc.) - C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation - Local Manageability Service.) - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: (MBAMScheduler) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - D:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - D:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: McAfee SiteAdvisor Service (McAfee SiteAdvisor Service) . (.McAfee, Inc. - SiteAdvisor.) - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: Portrait Displays SDK Service (PdiService) . (.Portrait Displays, Inc. - pdisrvc.) - C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) . (.Protexis Inc. - PsiService PsiService.) - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: C:\Windows\System32\stlang.dll (STacSV) . (.IDT, Inc. - IDT PC Audio.) - C:\Program Files\IDT\WDM\STacSV.exe
O23 - Service: ArcCapture (uArcCapture) . (.ArcSoft, Inc. - ArcVCapture.) - C:\windows\system32\uArcCapture.exe
O23 - Service: Intel(R) Management & Security Application User Notificatio (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) . (.Validity Sensors, Inc. - Validity Sensors Fingerprint Service.) - C:\windows\system32\vcsFPService.exe
~ Services: 33 Scanned in 00mn 21s
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s
---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s
---\\ Tâches planifiées en automatique (O39)
[MD5.3E04F1E482357B1FC8B088197C3D9FF8] [APT] [Adobe Acrobat Update Task] (.Adobe Systems Incorporated.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152]
[MD5.B04A4810C6CC205F9DC72DC22E4AB236] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [268464]
[MD5.4999625054FFA2AFFCAFD085C1218307] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [3611416]
[MD5.51508F0C2476177E50C31B0BBFBF1BDB] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [107912]
[MD5.51508F0C2476177E50C31B0BBFBF1BDB] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [107912]
[MD5.00000000000000000000000000000000] [APT] [iMeshNAG] (...) -- C:\Users\MIZI Yacine\AppData\Local\Temp\iMesh_setup.exe (.not file.) [0] =>PUP.iMesh
[MD5.C80E8FBCE9CCD83F2BA7C952A982DD0B] [APT] [{873B4149-DB38-46D7-8598-4BBD243C05ED}] (.Hewlett-Packard Company.) -- C:\swsetup\AppInstl\HPSoftwareSetup.exe [898616]
[MD5.00000000000000000000000000000000] [APT] [{9CEFE3C6-0AB7-462B-9FAC-BE655FE5FC98}] (...) -- H:\Software Offer.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{A1B30B2B-513F-4961-9CA4-75A21D2E20B2}] (...) -- C:\Program Files\McAfee\MANAGE~1\Agent\myinx.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{EA02CF60-0864-44A6-B8BF-E9C02FD80013}] (...) -- C:\Users\MIZI Yacine\Desktop\Setup.exe (.not file.) [0]
[MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [561984]
[MD5.E1A81F436A8C8492562C9E39D73A7569] [APT] [Canon OIP Product Extended Survey Program] (.CANON INC..) -- C:\Program Files\Canon\OIPPESP\Cnpspcnt.exe [1257160]
[MD5.3E53CC4591B043C8D42FB3D771D55FCE] [APT] [HP Support Assistant Quick Start] (.Hewlett-Packard Company.) -- C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [542008]
[MD5.3E53CC4591B043C8D42FB3D771D55FCE] [APT] [PC Health Analysis] (.Hewlett-Packard Company.) -- C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [542008]
[MD5.3E53CC4591B043C8D42FB3D771D55FCE] [APT] [PC Health Analysis Restart] (.Hewlett-Packard Company.) -- C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [542008]
[MD5.3E53CC4591B043C8D42FB3D771D55FCE] [APT] [PC Tuneup] (.Hewlett-Packard Company.) -- C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [542008]
[MD5.16F1F09240540D9409DA192839C9D786] [APT] [Update Check] (.Hewlett-Packard Company.) -- C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [630584]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\Tasks\Adobe Flash Player Updater.job [1002]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [1002]
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [1054]
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1054]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [1058]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1058]
O39 - APT: iMeshNAG - (...) -- C:\Windows\Tasks\iMeshNAG.job [310] =>Hijacker.iHaveNet
O39 - APT: iMeshNAG - (...) -- C:\Windows\System32\Tasks\iMeshNAG [310] =>PUP.iMesh
~ Scheduled Task: 23 Scanned in 00mn 11s
---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Microsoft VM - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Microsoft Corporation - Microsoft® VM.) -- C:\windows\system32\msjava.dll
O40 - ASIC: LightScribe Control Panel - {10880D85-AAD9-4558-ABDC-2AB1552D831F} . (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Common Files\LightScribe\LSRunOnce.exe
O40 - ASIC: Microsoft Windows Media Player 12.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Disable SSL3 - {7D715857-A67C-4C2F-A929-038448584D63} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\windows\System32\ie4uinit.exe
O40 - ASIC: Windows Desktop Update - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
O40 - ASIC: Google Chrome - {8A69D345-D564-463c-AFF1-A69D9E530F96} . (.Google Inc. - Google Chrome Installer.) -- C:\Program Files\Google\Chrome\Application\42.0.2311.90\Installer\chrmstp.exe
O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11CF-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 17.0 r0.) -- C:\windows\system32\Macromed\Flash\Flash32_17_0_0_169.ocx
~ Active Setup: 14 Scanned in 00mn 00s
---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\DRIVERS\blbdrive.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\System32\cscsvc.dll (CSC) . (.Microsoft Corporation - Windows Client Side Caching Driver.) - C:\Windows\System32\drivers\csc.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: (mbamchameleon) . (.Malwarebytes Corporation - Malwarebytes Chameleon Protection Driver.) - C:\windows\system32\drivers\mbamchameleon.sys
O41 - Driver: McAfee Inc. mfetdik (mfetdik) . (.McAfee, Inc. - Anti-Virus Mini-Firewall Driver.) - C:\Windows\System32\drivers\mfetdik.sys
O41 - Driver: (MpKslbc911b9b) . (...) - C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{5681CAE9-0575-4588-B577-48683EB0CCD4}\MpKslbc911b9b.sys
O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (vpcnfltr) . (.Microsoft Corporation - Virtual PC Network Filter Driver.) - C:\Windows\System32\DRIVERS\vpcnfltr.sys
O41 - Driver: C:\Windows\System32\drivers\vpcvmm.sys (vpcvmm) . (.Microsoft Corporation - Moniteur d'ordinateur virtuel Virtual PC.) - C:\Windows\System32\drivers\vpcvmm.sys
O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys
~ Drivers: 78 Scanned in 00mn 00s
---\\ Logiciels installés (O42)
O42 - Logiciel: Adobe Flash Player 17 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 17 NPAPI - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player NPAPI
O42 - Logiciel: Adobe Reader XI (11.0.10) - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AB0000000001}
O42 - Logiciel: Adobe Refresh Manager - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-0804-1033-1959-001802114130}
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {F5266D28-E0B2-4130-BFC5-EE155AD514DC}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {C23CD6DA-1958-43A5-ADD0-59396572E02E}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} =>.Apple Inc
O42 - Logiciel: ArcSoft TotalMedia - (.ArcSoft.) [HKLM] -- ArcSoft TotalMedia
O42 - Logiciel: ArcSoft TotalMedia - (.ArcSoft.) [HKLM] -- {4F765E00-EE1C-4392-93B4-54310358F41A}
O42 - Logiciel: ArcSoft Webcam Sharing Manager - (.ArcSoft.) [HKLM] -- {190A7D93-3823-439C-91B9-ADCE3EC2A6A2}
O42 - Logiciel: Atheros Driver Installation Program - (.Atheros.) [HKLM] -- {C3A32068-8AB1-4327-BB16-BED9C6219DC7}
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: Canon LBP2900 - (...) [HKLM] -- Canon LBP2900
O42 - Logiciel: Canon Laser Printer/Scanner/Fax Extended Survey Program - (.CANON INC..) [HKLM] -- Canon Laser Printer/Scanner/Fax Extended Survey Program
O42 - Logiciel: Canon Laser Printer/Scanner/Fax Extended Survey Program - (.CANON INC..) [HKLM] -- {4D7B6C53-B3E7-4D93-B27C-B7A50A9627C9}
O42 - Logiciel: Canon MF Toolbox 4.9.1.1.mf15 - (.CANON INC..) [HKLM] -- {6767DFEE-8909-453A-B553-C7693912B2EB}
O42 - Logiciel: Canon MF3010 - (.CANON INC..) [HKLM] -- {A97F4E18-3053-4652-B763-9A40AE2B1EE5}
O42 - Logiciel: Complément Messenger - (.Microsoft Corporation.) [HKLM] -- {6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}
O42 - Logiciel: Corel Home Office - (.Corel Corporation.) [HKLM] -- _{36C95AD3-D330-4BAA-884A-9F3EFD15A5EA}
O42 - Logiciel: Corel Home Office - (.Corel Corporation.) [HKLM] -- {36C95AD3-D330-4BAA-884A-9F3EFD15A5EA}
O42 - Logiciel: Corel Home Office - (.Corel Corporation.) [HKLM] -- {670234D0-42BE-493E-B3EB-6B5275530461}
O42 - Logiciel: Corel Home Office - CS Templates - (.????.) [HKLM] -- {1A1E33D2-9824-454A-B8CB-50072118635A}
O42 - Logiciel: Corel Home Office - CT Templates - (.??????.) [HKLM] -- {26D19512-874B-4EDA-B7F1-779850B2AD5A}
O42 - Logiciel: Corel Home Office - IPM - (.Corel Corporation.) [HKLM] -- {39FE455F-9478-451B-9420-73C15143DF8E}
O42 - Logiciel: Corel Home Office - JP Templates - (.???.) [HKLM] -- {1D11E96F-0405-4B99-8356-5750B1D9FAE9}
O42 - Logiciel: Corel Home Office - KR Templates - (.???.) [HKLM] -- {5746E4F9-77C6-47E8-A737-A5975A57B4AA}
O42 - Logiciel: Corel Home Office - Launcher - (.Corel Corporation.) [HKLM] -- {E74EA3B1-7192-489D-9A57-0AE918FEC001}
O42 - Logiciel: Corel Home Office - Templates RU - (.???????? ???????????.) [HKLM] -- {F45048A1-12C4-4B08-A3EB-32D88033368A}
O42 - Logiciel: Corel Home Office - Templates1 - (.Your Company Name.) [HKLM] -- {5017D60D-C0A5-4CC8-8D2F-0BDA1ADF39D0}
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: Defraggler - (.Piriform.) [HKLM] -- Defraggler
O42 - Logiciel: Device Access Manager for HP ProtectTools - (.Hewlett-Packard.) [HKLM] -- {55B52830-024A-443E-AF61-61E1E71AFA1B}
O42 - Logiciel: Drive Encryption for HP ProtectTools - (.Hewlett-Packard.) [HKLM] -- Drive Encryption
O42 - Logiciel: Face Recognition for HP ProtectTools - (.Hewlett-Packard.) [HKLM] -- {E793990C-90BE-4B69-AC29-BF5E8FD4ED54}
O42 - Logiciel: File Sanitizer For HP ProtectTools - (.Hewlett-Packard.) [HKLM] -- {6D6ADF03-B257-4EA5-BBC1-1D145AF8D514}
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {18455581-E099-4BA8-BC6B-F34B2F06600C}
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: HP 3D DriveGuard - (.Hewlett-Packard.) [HKLM] -- {67C090D6-109A-47D7-8DED-4160C4D96F32}
O42 - Logiciel: HP Advisor - (.Hewlett-Packard.) [HKLM] -- {40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}
O42 - Logiciel: HP Customer Experience Enhancements - (.Hewlett-Packard.) [HKLM] -- {07FA4960-B038-49EB-891B-9F95930AA544}
O42 - Logiciel: HP ESU for Microsoft Windows 7 - (.Hewlett-Packard Company.) [HKLM] -- {871732B3-1EE5-4C54-8462-8BFF516880B7}
O42 - Logiciel: HP HotKey Support - (.Hewlett-Packard Company.) [HKLM] -- {0497B553-0E3F-4CCD-BE13-E28F1A54B318}
O42 - Logiciel: HP Integrated Module with Bluetooth wireless technology - (.Broadcom Corporation.) [HKLM] -- {9E9D49A4-1DF4-4138-B7DB-5D87A893088E}
O42 - Logiciel: HP Power Assistant - (.Hewlett-Packard Company.) [HKLM] -- {F79012AC-A56B-45D2-B677-5A75345F1A76}
O42 - Logiciel: HP Power Data - (.Hewlett-Packard Company.) [HKLM] -- {79306E28-8621-44F2-BC15-99B7E21CF2C6}
O42 - Logiciel: HP ProtectTools Security Manager - (.Hewlett-Packard Company.) [HKLM] -- HPProtectTools
O42 - Logiciel: HP ProtectTools Security Manager - (.Hewlett-Packard Company.) [HKLM] -- {BE3AD89B-F9B2-4E22-8FAB-BCF63190ABCD}
O42 - Logiciel: HP QuickLook - (.Hewlett-Packard.) [HKLM] -- {8B49BD5E-C896-4F65-95DC-3F84424226E8}
O42 - Logiciel: HP QuickWeb - (.DeviceVM, Inc..) [HKLM] -- {7861911B-4270-498A-8F7A-FCF0570F48BB}
O42 - Logiciel: HP Setup - (.Hewlett-Packard.) [HKLM] -- {1E6219D4-027E-47EE-AB83-DD2F26E31A32}
O42 - Logiciel: HP SoftPaq Download Manager - (.Hewlett-Packard Company.) [HKLM] -- {2DA697D7-FED3-4DE2-A174-92A2A12F9688}
O42 - Logiciel: HP Software Framework - (.Hewlett-Packard Company.) [HKLM] -- {2712DAD6-C1F7-4295-B06E-17D6DC62EC20}
O42 - Logiciel: HP Software Setup - (.Hewlett-Packard Company.) [HKLM] -- {04801E42-B1A6-4C52-9F3D-CADB5A050433} =>.Hewlett-Packard Co
O42 - Logiciel: HP Support Assistant - (.Hewlett-Packard Company.) [HKLM] -- {E35A3B13-78CD-4967-8AC8-AA9FDA693EDE} =>.Hewlett-Packard Co
O42 - Logiciel: HP User Guides 0189 - (.Hewlett-Packard.) [HKLM] -- {3BDB9B89-56B5-4953-B052-AEB75FCBFC93}
O42 - Logiciel: HP Wallpaper - (.Hewlett-Packard Company.) [HKLM] -- {F173C2B3-296F-458C-98FF-1676A42EBA02}
O42 - Logiciel: HP Webcam Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}
O42 - Logiciel: HP Wireless Assistant - (.Hewlett-Packard.) [HKLM] -- {48EE0E00-86DE-47A5-8D00-B5D72A70BCCD}
O42 - Logiciel: HSPA USB Modem - (.Nom de votre société.) [HKLM] -- InstallShield_{AFE2039C-010F-4EA1-9A0E-F2D7293F68E9}
O42 - Logiciel: HSPA USB Modem - (.Nom de votre société.) [HKLM] -- {AFE2039C-010F-4EA1-9A0E-F2D7293F68E9}
O42 - Logiciel: Hewlett-Packard ACLM.NET v1.2.2.3 - (.Hewlett-Packard Company.) [HKLM] -- {6F340107-F9AA-47C6-B54C-C3A19F11553F}
O42 - Logiciel: IDT Audio - (.IDT.) [HKLM] -- {E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}
O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver - (.Intel Corporation.) [HKLM] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A}
O42 - Logiciel: Intel® Matrix Storage Manager - (.Intel Corporation.) [HKLM] -- {9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}
O42 - Logiciel: Java 7 Update 71 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F03217071FF}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
O42 - Logiciel: K-Lite Mega Codec Pack 6.4.0 - (...) [HKLM] -- KLiteCodecPack_is1
O42 - Logiciel: LSI HDA Modem - (.LSI Corporation.) [HKLM] -- LSI Soft Modem
O42 - Logiciel: LightScribe System Software - (.LightScribe.) [HKLM] -- {82EF29B1-9B60-4142-A155-0599216DD053}
O42 - Logiciel: LogMeIn Hamachi - (.LogMeIn, Inc..) [HKLM] -- LogMeIn Hamachi
O42 - Logiciel: LogMeIn Hamachi - (.LogMeIn, Inc..) [HKLM] -- {80EE9168-BB59-4F87-BF1A-57C137EAF714}
O42 - Logiciel: Logiciel d'archivage WinRAR - (...) [HKLM] -- WinRAR archiver
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: Malwarebytes Anti-Malware version 2.0.4.1028 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes Anti-Malware_is1
O42 - Logiciel: McAfee Security Scan Plus - (.McAfee, Inc..) [HKLM] -- McAfee Security Scan
O42 - Logiciel: Mesh Runtime - (.Microsoft Corporation.) [HKLM] -- {8C6D6116-B724-4810-8F2D-D047E6B7D68E}
O42 - Logiciel: Microsoft Antimalware Service FR-FR Language Pack - (.Microsoft Corporation.) [HKLM] -- {32E9C1A5-0FDA-4483-987D-DBABF9CC1DD8}
O42 - Logiciel: Microsoft Security Client - (.Microsoft Corporation.) [HKLM] -- {D6F9CBDC-58B6-430A-8DD4-8F61CBC1ADF4}
O42 - Logiciel: Microsoft Security Client FR-FR Language Pack - (.Microsoft Corporation.) [HKLM] -- {50779A29-834E-4E36-BBEB-B7CABC67A825}
O42 - Logiciel: Microsoft Security Essentials - (.Microsoft Corporation.) [HKLM] -- Microsoft Security Client
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Mozilla Firefox 37.0.1 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 37.0.1 (x86 fr)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService
O42 - Logiciel: Norton Online Backup - (.Symantec.) [HKLM] -- {C57BCDE1-7CB9-467D-B3BA-7E119916CDC1} =>.Symantec Corporation
O42 - Logiciel: Pre-Boot Security for HP ProtectTools - (.Hewlett-Packard.) [HKLM] -- {3513DD3C-7680-4C7C-BF18-BA375D5F4132}
O42 - Logiciel: Privacy Manager for HP ProtectTools - (.Hewlett-Packard.) [HKLM] -- {142D2DFA-1FB7-41B9-8509-DAB5F3978CE4}
O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}
O42 - Logiciel: Realtek Ethernet Controller All-In-One Windows Driver - (.Realtek.) [HKLM] -- {F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}
O42 - Logiciel: Realtek USB 2.0 Card Reader - (.Realtek Semiconductor Corp..) [HKLM] -- {96AE7E41-E34E-47D0-AC07-1091A8127911}
O42 - Logiciel: Recuva - (.Piriform.) [HKLM] -- Recuva
O42 - Logiciel: SAMSUNG CDMA Modem Driver Set - (...) [HKLM] -- SAMSUNG CDMA Modem
O42 - Logiciel: SAMSUNG Mobile USB Modem 1.0 Software - (...) [HKLM] -- SAMSUNG Mobile USB Modem 1.0
O42 - Logiciel: SAMSUNG Mobile USB Modem Software - (...) [HKLM] -- SAMSUNG Mobile USB Modem
O42 - Logiciel: SDK - (.Portrait Displays, Inc..) [HKLM] -- {0DEA342C-15CB-4F52-97B6-06A9C4B9C06F}
O42 - Logiciel: Salaat Time 2.1 - (.Salaat Time.) [HKLM] -- {F993F285-0F98-4E13-9421-41DB36806EE3}
O42 - Logiciel: Samsung PC Studio 3 USB Driver Installer - (.Samsung Electronics Co., Ltd..) [HKLM] -- {EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}
O42 - Logiciel: SiteAdvisor - (.McAfee, Inc..) [HKLM] -- {35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}
O42 - Logiciel: Skype(TM) 7.0 - (.Skype Technologies S.A..) [HKLM] -- {24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM] -- SynTPDeinstKey
O42 - Logiciel: Theft Recovery - (.Hewlett-Packard.) [HKLM] -- InstallShield_{33C9F24B-1D92-4632-A915-81E3BB1D5D6B}
O42 - Logiciel: Theft Recovery - (.Hewlett-Packard.) [HKLM] -- {33C9F24B-1D92-4632-A915-81E3BB1D5D6B}
O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM] -- VLC media player =>.VideoLAN
O42 - Logiciel: Validity Fingerprint Driver - (.Validity Sensors, Inc..) [HKLM] -- {78365FC6-09CA-4AC3-BC01-70FB46596047}
O42 - Logiciel: WinDjView 1.0.3 - (.Andrew Zhezherun.) [HKLM] -- WinDjView
O42 - Logiciel: Windows 7 Default Setting - (.Hewlett-Packard Company.) [HKLM] -- {5BF8E079-D6E2-4323-B794-75152371122A}
O42 - Logiciel: Windows Driver Package - Broadcom Bluetooth (06/15/2009 6.2.0.9000) - (.Broadcom.) [HKLM] -- B7541EC5F72AA713F557569278EB6273725F5607
O42 - Logiciel: Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405) - (.Broadcom.) [HKLM] -- A6A8668C0A13640CA28FE2A7D9654BE4AE478B13
O42 - Logiciel: Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) - (.Broadcom.) [HKLM] -- BF20603967CFDCB2BBF91950E8A56DFBC5C833FE
O42 - Logiciel: Wise Disk Cleaner 8.43 - (.WiseCleaner.com, Inc..) [HKLM] -- Wise Disk Cleaner_is1
O42 - Logiciel: doPDF 7.1 printer - (.Softland.) [HKLM] -- doPDF 7 printer_is1
O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU] -- uTorrent =>P2P.BitTorrent
~ Logic: 53 Scanned in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\Ability 5.0]
[HKCU\Software\Adobe]
[HKCU\Software\Alcohol Soft]
[HKCU\Software\Andrew Zhezherun]
[HKCU\Software\AppDataLow\Software\DigitalPersona]
[HKCU\Software\AppDataLow\Software\JavaSoft]
[HKCU\Software\AppDataLow\Software\Smartbar] =>Hijacker.SmartBar
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\ArcSoft]
[HKCU\Software\BearShare] =>PUP.BearShare
[HKCU\Software\BitTorrent] =>P2P.BitTorrent
[HKCU\Software\BugSplat]
[HKCU\Software\Canon]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\DT Soft]
[HKCU\Software\DigitalPersona]
[HKCU\Software\DivXNetworks]
[HKCU\Software\FileOpen]
[HKCU\Software\GNU]
[HKCU\Software\Gabest]
[HKCU\Software\Google]
[HKCU\Software\Haali]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\HookNetwork]
[HKCU\Software\IDT]
[HKCU\Software\IM Providers]
[HKCU\Software\Intel]
[HKCU\Software\JavaSoft]
[HKCU\Software\Leadertech]
[HKCU\Software\LightScribe]
[HKCU\Software\MONOGRAM]
[HKCU\Software\Macromedia]
[HKCU\Software\Macrovision]
[HKCU\Software\Magnet]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\McAfee]
[HKCU\Software\MediaInfo]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\NITRO]
[HKCU\Software\Nero]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\Portrait Displays]
[HKCU\Software\Salaat Time]
[HKCU\Software\Skype]
[HKCU\Software\Softland]
[HKCU\Software\Synaptics]
[HKCU\Software\TeamViewer]
[HKCU\Software\TeleCharger]
[HKCU\Software\Trolltech]
[HKCU\Software\VMware, Inc.]
[HKCU\Software\Widcomm]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\Windows Live Writer]
[HKCU\Software\ZebHelpProcess Helper]
[HKCU\Software\kde.org]
[HKCU\Software\madFlac]
[HKCU\Software\sYk0]
[HKLM\Software\ATI Technologies]
[HKLM\Software\Ability 5.0]
[HKLM\Software\Adobe]
[HKLM\Software\AdwCleaner]
[HKLM\Software\Agere]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\ArcSoft]
[HKLM\Software\Atheros]
[HKLM\Software\Bunndle]
[HKLM\Software\CANON]
[HKLM\Software\Caphyon]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Codec Tweak Tool]
[HKLM\Software\Cogent Inc.]
[HKLM\Software\Corel]
[HKLM\Software\DT Soft]
[HKLM\Software\DVDVideoSoft]
[HKLM\Software\Digital River]
[HKLM\Software\DigitalPersona]
[HKLM\Software\DivXNetworks]
[HKLM\Software\DivX]
[HKLM\Software\GEAR Software]
[HKLM\Software\GNU]
[HKLM\Software\Gabest]
[HKLM\Software\Google]
[HKLM\Software\HPQ]
[HKLM\Software\HSPA]
[HKLM\Software\HaaliMkx]
[HKLM\Software\Hewlett-Packard Company]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\IDT]
[HKLM\Software\IM Providers]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\InterVideo]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\KLCodecPack]
[HKLM\Software\LSI]
[HKLM\Software\Licenses]
[HKLM\Software\LightScribe]
[HKLM\Software\LogMeIn, Inc.]
[HKLM\Software\LogMeInRescueCallingCard]
[HKLM\Software\MCCI]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\McAfee]
[HKLM\Software\MimarSinan]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\My Company]
[HKLM\Software\Nalpeiron]
[HKLM\Software\Nero]
[HKLM\Software\ODBC]
[HKLM\Software\PDFComplete]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\Portrait Displays, Inc.]
[HKLM\Software\Portrait Displays]
[HKLM\Software\RTLSetup]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SafeBoot International]
[HKLM\Software\Samsung Electronics Co., Ltd.]
[HKLM\Software\SiteAdvisor]
[HKLM\Software\Skype]
[HKLM\Software\Softland]
[HKLM\Software\Sonic]
[HKLM\Software\Synaptics]
[HKLM\Software\TeamViewer]
[HKLM\Software\VMware, Inc.]
[HKLM\Software\Validity]
[HKLM\Software\VideoLAN]
[HKLM\Software\Volatile]
[HKLM\Software\Widcomm]
[HKLM\Software\WinRAR]
[HKLM\Software\Windows]
[HKLM\Software\WiseCleaner]
[HKLM\Software\Wow6432Node]
[HKLM\Software\mcafeeupdater]
[HKLM\Software\mozilla.org]
~ Key Software: 320 Scanned in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 18/10/2014 - 12:35:57 - [] ----D C:\Program Files\Adobe
O43 - CFD: 17/07/2011 - 20:45:16 - [] ----D C:\Program Files\Apple Software Update =>.Apple Inc
O43 - CFD: 07/04/2010 - 13:38:23 - [] ----D C:\Program Files\Arcsoft
O43 - CFD: 07/04/2010 - 13:42:51 - [] ----D C:\Program Files\Atheros
O43 - CFD: 05/01/2015 - 18:55:31 - [] ----D C:\Program Files\Canon
O43 - CFD: 29/06/2013 - 00:09:12 - [] ----D C:\Program Files\CCleaner
O43 - CFD: 19/04/2015 - 14:51:05 - [] ----D C:\Program Files\Common Files
O43 - CFD: 02/02/2010 - 01:15:13 - [] ----D C:\Program Files\Corel Home Office
O43 - CFD: 21/12/2010 - 20:24:15 - [] ----D C:\Program Files\DAEMON Tools Lite =>.DT Soft Ltd
O43 - CFD: 02/12/2012 - 22:16:38 - [] ----D C:\Program Files\Defraggler
O43 - CFD: 07/04/2010 - 13:28:05 - [] ----D C:\Program Files\DIFX
O43 - CFD: 02/10/2010 - 22:23:33 - [] ----D C:\Program Files\DivX
O43 - CFD: 27/04/2011 - 15:26:17 - [] ----D C:\Program Files\DVD Maker
O43 - CFD: 11/04/2013 - 17:49:27 - [] ----D C:\Program Files\Google
O43 - CFD: 02/03/2014 - 16:02:57 - [] ----D C:\Program Files\Hewlett-Packard
O43 - CFD: 16/03/2014 - 22:26:27 - [] ----D C:\Program Files\HSPA USB Modem
O43 - CFD: 05/01/2013 - 19:54:15 - [] ----D C:\Program Files\IDT
O43 - CFD: 16/03/2014 - 22:26:28 - [] --H-D C:\Program Files\InstallShield Installation Information
O43 - CFD: 24/02/2014 - 23:30:24 - [] ----D C:\Program Files\Intel
O43 - CFD: 19/04/2015 - 15:09:28 - [] ----D C:\Program Files\Internet Explorer
O43 - CFD: 02/12/2014 - 10:54:43 - [] ----D C:\Program Files\Java
O43 - CFD: 28/10/2010 - 01:12:04 - [] ----D C:\Program Files\Kaspersky Lab
O43 - CFD: 31/03/2015 - 12:55:52 - [] ----D C:\Program Files\LogMeIn Hamachi
O43 - CFD: 07/04/2010 - 13:35:26 - [] ----D C:\Program Files\LSI SoftModem
O43 - CFD: 16/04/2015 - 12:44:45 - [] ----D C:\Program Files\McAfee
O43 - CFD: 18/06/2014 - 23:28:00 - [] ----D C:\Program Files\McAfee Security Scan
O43 - CFD: 29/06/2011 - 07:13:24 - [] ----D C:\Program Files\Microsoft Office
O43 - CFD: 02/02/2010 - 01:44:52 - [] ----D C:\Program Files\Microsoft Office Suite Activation Assistant
O43 - CFD: 13/02/2015 - 12:15:06 - [] ----D C:\Program Files\Microsoft Security Client
O43 - CFD: 25/07/2014 - 22:52:22 - [] ----D C:\Program Files\Microsoft Silverlight
O43 - CFD: 25/10/2010 - 21:21:08 - [] ----D C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD: 02/02/201
~ Lancé par MIZI Yacine (23/04/2015 12:35:29)
~ Facebook : https://www.facebook.com/nicolascoolman1
~ Adresse du Forum http://forum.nicolascoolman.fr
~ Traduit par Nicolas Coolman
~ Etat de la version : Version à jour.
~ Liste blanche : Désactivée par l'utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by program
---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.17728
MFIE: Mozilla Firefox 37.0.1 (Defaut)
GCIE: Google Chrome v42.0.2311.90
---\\ Informations sur les produits Windows
~ Langage: Français
Windows Server License Manager Script : OK
---\\ Logiciels de protection du système
Malwarebytes Anti-Malware version 2.0.4.1028
Microsoft Security Client v4.7.0205.0
McAfee Security Scan Plus v3.8.150.1
Windows Defender W7 (Deactivate)
---\\ Logiciels d'optimisation du système
CCleaner v4.03
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
Adobe Flash Player 17 NPAPI
Adobe Reader XI
Java 7 Update 71
---\\ Informations sur le système
~ Processor: x86 Family 6 Model 37 Stepping 2, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1909 MB (14% free)
System Restore: Activé (Enable)
System drive C: has 3 GB (2%) free of 128 GB
---\\ Mode de connexion au système
~ Computer Name: MIZIYACINE-HP
~ User Name: MIZI Yacine
~ All Users Names: MIZI Yacine, HomeGroupUser$, Administrateur,
~ Unselected Option: None
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\MIZI Yacine\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\MIZI Yacine\AppData\Roaming\
~ %Desktop% : C:\Users\MIZI Yacine\Desktop\
~ %Favorites% : C:\Users\MIZI Yacine\Favorites\
~ %LocalAppData% : C:\Users\MIZI Yacine\AppData\Local\
~ %StartMenu% : C:\Users\MIZI Yacine\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 3 Go of 128 Go)
D: Hard drive, Flash drive, Thumb drive (Free 2 Go of 88 Go)
E: CD-ROM drive (Not Inserted)
F: Hard drive, Flash drive, Thumb drive (Free 2 Go of 2 Go)
G: CD-ROM drive (Not Inserted)
---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyGames: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified =>Hijacker.Application
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: 38 Scanned in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 06:30:54.) -- C:\Windows\Explorer.exe [2616320]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.C46904F2E9E121A91DDDABB48D7648C3] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.13/03/2015 - 03:20:28.) -- C:\Windows\System32\wininet.dll [1888256]
[MD5.52449FD429D6053B78AE564DEF303870] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.17/07/2014 - 02:39:27.) -- C:\Windows\System32\Winlogon.exe [304128]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 13:21:24.) -- C:\Windows\System32\sppcomapi.dll [193536]
[MD5.D0B388DA1D111A34366E04EB4A5DD156] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.30/05/2014 - 07:36:07.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 09:38:10.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 09:42:32.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 10:59:29.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 00:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:17:22.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 09:39:44.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.C8DFF8D07755A66C7A4A738930F0FEAC] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.24/01/2014 - 03:18:22.) -- C:\Windows\system32\Drivers\ntfs.sys [1212352]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 00:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/07/2009 - 00:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.B973FCFC50DC1434E1970A146F7E3885] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.20/11/2010 - 11:24:46.) -- C:\Windows\system32\Drivers\rdpdr.sys [133632]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 00:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.7FE680A3DFA421C4A8E4879AE4C5AAB0] - (.Microsoft Corporation - TDI Translation Driver.) (.11/11/2014 - 02:32:14.) -- C:\Windows\system32\Drivers\tdx.sys [74752]
[MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 13:30:16.) -- C:\Windows\system32\Drivers\volsnap.sys [245632]
~ Generic Processes: Scanned in 00mn 01s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/436
~ Mes musiques (My Musics) : 1/583
~ Mes Videos (My Videos) : 1/12
~ Mes Favoris (My Favorites) : 1/46
~ Mes Documents (My Documents) : 3/5452
~ Mon Bureau (My Desktop) : 2/8170
~ Menu demarrer (Programs) : 1/26
~ Hidden Files: Scanned in 00mn 31s
---\\ Processus lancés
[MD5.3C13F26A4766752314A5413038BD86B4] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- D:\Program Files\Malwarebytes Anti-Malware\mbam.exe [7229752] [PID.5952]
[MD5.423D3D1F049CA9AC89AA6E30804A98CD] - (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray.exe [495708] [PID.5260]
[MD5.36D602F19419B84F31807EB438CD8A93] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [171032] [PID.5504]
[MD5.1754B50F15E856B90B6AF0C1ED183A85] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [170520] [PID.2012]
[MD5.1FC71A719B45A6A90BAFE2387EA07984] - (.Pas de propriétaire - HSDPALauncher MFC Application.) -- C:\Program Files\HSPA USB Modem\HSPALauncher.exe [233472] [PID.5668]
[MD5.F4A755E3A99F4F2324FC2138D30F01B4] - (.LogMeIn Inc. - Hamachi Client Application.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [3978600] [PID.6016]
[MD5.B18DD75D9A482A56A1E61D8512EB4206] - (.DigitalPersona, Inc. - DigitalPersona Local Agent.) -- C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe [634192] [PID.4588]
[MD5.BF93DA78B62A4F13D631657EE2FDCEBD] - (.Salaat Time - www.salaattime.com - Salaat Time is a multi-function Islamic fre.) -- C:\Program Files\Salaat Time\SalaatTime.exe [15376384] [PID.4864]
[MD5.BCDBA189B917C4F5C2E9F1F0EC2EB2A2] - (.Broadcom Corporation. - Bluetooth Tray Application.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [795936] [PID.5404]
[MD5.3D558E2572EDF52FAD098AF2534B4E20] - (.McAfee, Inc. - McAfee Security Scanner Scheduler.) -- C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe [279456] [PID.4436]
[MD5.C7D6234A39B7F5237006AF5A0B305D32] - (.Broadcom Corporation. - Bluetooth Stack COM Server.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe [2360608] [PID.4188]
[MD5.B3581F426DC500A51091CDD5BACF0454] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [815288] [PID.3144]
[MD5.3BAE1445A43835CEEC3B8548578EB08A] - (.McAfee, Inc. - SiteAdvisor.) -- C:\Program Files\McAfee\SiteAdvisor\saUI.exe [1212112] [PID.1920]
[MD5.E8B7FD67DA14A7BE57A5CB80E3139E60] - (.Google Inc. - Google Toolbar Broker.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe [309704] [PID.5900]
[MD5.7E6B4AD487ED241D8224108E8E86A351] - (.Adobe Systems Incorporated - Adobe® Flash® Player Installer/Uninstaller.) -- C:\windows\system32\Macromed\Flash\FlashUtil32_17_0_0_169_ActiveX.exe [927920] [PID.6392]
[MD5.2C009C50C0EE073EC0F993698CDB6C92] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8198656] [PID.6160]
~ Processes Running: Scanned in 00mn 01s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\MIZI Yacine\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] None
---\\ Liste des dossiers d'extension Google Chrome
G2 - EXT: C:\Users\MIZI Yacine\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [Google Voice Search Hotword (Beta)]
G2 - EXT: C:\Users\MIZI Yacine\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [SiteAdvisor]
G2 - EXT: C:\Users\MIZI Yacine\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [__MSG_APP_NAME__]
~ Google Lines Browser: 7 Scanned in 00mn 00s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
M2 - MFEP: RegExtension {e4f94d1e-2f53-401e-8885-681602c0ddd8} . (...) -- C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
M0 - MFSP: prefs.js [MIZI Yacine - ssgf1vb4.default-1416367533829] http://mizi.no-ip.org
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 11.0.10.) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin6.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin7.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\windows\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll
P2 - FPN: [HKLM] [@java.com/DTPlugin,version=10.71.2] - (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Oracle Corporation - Next Generation Java Plug-in 10.71.2 for Mozilla browsers.) -- C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=10.71.2] - (.Oracle Corporation - Next Generation Java Plug-in 10.71.2 for Mozilla browsers.) -- C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.30514.0.) -- c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3502.0922] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3508.1109] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.1.0] - (.VideoLAN - VLC media player Web Plugin 2.1.3.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll =>.VideoLAN
P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.1.2] - (.VideoLAN - VLC media player Web Plugin 2.1.3.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll =>.VideoLAN
P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.1.5] - (.VideoLAN - VLC media player Web Plugin 2.1.3.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll =>.VideoLAN
P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 11.0.10.) -- C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
~ Firefox Browser: 31 Scanned in 00mn 01s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dz
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = preserve
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 11.0.10.) (No version) -- (.not file.)
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
~ IE Browser: 12 Scanned in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
O1 - Hosts: 25.200.201.226 server-db
O1 - Hosts: 25.73.7.223 server-db-mizi
O1 - Hosts: 25.34.61.29 server-db-bio
~ Nombre lignes détournées 3/26 (Hosts file redirected)
~ Hosts File: Scanned in 00mn 00s
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} . (.McAfee, Inc. - Quick Browser Identifier for MSS+ Tool.) -- C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} . (.Hewlett-Packard - File Sanitizer for HP ProtectTools.) -- C:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: HP ProtectTools Security Manager Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} . (.DigitalPersona, Inc. - DigitalPersona OTS Feedback component.) -- C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} . (.Microsoft Corporation - Windows Live Messenger Companion Core.) -- C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} . (.McAfee, Inc. - SiteAdvisor.) -- C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} . (.Hewlett-Packard - HP Network Check IE Plug-in.) -- C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
~ BHO: 20 Scanned in 00mn 01s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: McAfee SiteAdvisor Toolbar - [HKLM]{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} . (.McAfee, Inc. - SiteAdvisor.) -- C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll
O3 - Toolbar: Google Toolbar - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{21FA44EF-376D-4D53-9B0F-8A89D3229068} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{47833539-D0C5-4125-9FA8-0819E2EAAC93} Clé orpheline
~ Toolbar: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\QuickLaunch [MIZI Yacine]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\MIZI Yacine\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Global Startup: 1 Scanned in 00mn 09s
---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- C:\Program Files\Microsoft Security Client\msseces.exe
O4 - HKLM\..\Run: [SysTrayApp] . (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [HSPALauncher] . (.Pas de propriétaire - HSDPALauncher MFC Application.) -- C:\Program Files\HSPA USB Modem\HSPALauncher.exe
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] . (.LogMeIn Inc. - Hamachi Client Application.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
O4 - HKCU\..\Run: [HPADVISOR] . (.Hewlett-Packard - HP Advisor.) -- C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
O4 - HKCU\..\Run: [ccleaner] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe =>.Piriform Ltd
O4 - HKCU\..\Run: [SalaatTime] . (.Salaat Time - www.salaattime.com - Salaat Time is a multi-function Islamic fre.) -- C:\Program Files\Salaat Time\SalaatTime.exe
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\MIZI Yacine\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-4109991188-1815089142-2490107785-1002\..\Run: [HPADVISOR] . (.Hewlett-Packard - HP Advisor.) -- C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
O4 - HKUS\S-1-5-21-4109991188-1815089142-2490107785-1002\..\Run: [ccleaner] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe =>.Piriform Ltd
O4 - HKUS\S-1-5-21-4109991188-1815089142-2490107785-1002\..\Run: [SalaatTime] . (.Salaat Time - www.salaattime.com - Salaat Time is a multi-function Islamic fre.) -- C:\Program Files\Salaat Time\SalaatTime.exe
O4 - HKUS\S-1-5-21-4109991188-1815089142-2490107785-1002\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-21-4109991188-1815089142-2490107785-1002\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-4109991188-1815089142-2490107785-1002\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\MIZI Yacine\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Application: Scanned in 00mn 00s
---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in 00mn 00s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} . (.Microsoft Corporation - Windows Live Messenger Companion core resources.) -- C:\Program Files\Windows Live\Companion\companionres.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} . (...) -- C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\Resources\Icons\HP.ico
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} . (...) -- C:\Program Files\WIDCOMM\Bluetooth Software\bt_hot_icon.ico
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\windows\system32\wshbth.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll =>.Microsoft Corporation
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll =>.Microsoft Corporation
O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\windows\system32\mswsock.dll =>.Microsoft Corporation
O10 - WLSP:\000000000009\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\windows\system32\winrnr.dll
~ Winsock: 9 Scanned in 00mn 00s
---\\ Site dans la Zone de confiance d'Internet Explorer (O15)
O15 - Trusted Zone: [HKLM\...\EscDomains\www] http.mcafeeasap.com
~ IE Zone Confiance: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{6E3851DC-4BDB-4E20-9FE2-65F6AFAF9EE8}: DhcpNameServer = 192.168.21.10
O17 - HKLM\System\CS1\Services\Tcpip\..\{6E3851DC-4BDB-4E20-9FE2-65F6AFAF9EE8}: DhcpNameServer = 192.168.21.10
O17 - HKLM\System\CS2\Services\Tcpip\..\{6E3851DC-4BDB-4E20-9FE2-65F6AFAF9EE8}: DhcpNameServer = 192.168.21.10
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.21.10
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: DeviceNP . (.Hewlett-Packard Limited - Pas de description.) -- C:\Windows\System32\DeviceNP.dll
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ SSODL: 1 Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) . (.Andrea Electronics Corporation - Andrea filters APO access service (32-bit).) - C:\Program Files\IDT\WDM\aestsrv.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) . (.LSI Corporation - LSI Soft Modem Call Progress Service.) - C:\Program Files\LSI SoftModem\agrsmsvc.exe
O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bluetooth Service (btwdins) . (.Broadcom Corporation. - Bluetooth Support Server.) - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Canon Driver Information Assist Service (Canon Driver Information Assist Service) . (.CANON INC. - Driver Information Assist Core Module.) - C:\Program Files\Canon\DIAS\CnxDIAS.exe
O23 - Service: (DpHost) . (.DigitalPersona, Inc. - DigitalPersona Local Host.) - C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe =>.Google Inc
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) . (.LogMeIn Inc. - Hamachi Client Tunneling Engine.) - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: HP Power Assistant Service (HP Power Assistant Service) . (.Hewlett-Packard Company - HPPA_Service.) - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
O23 - Service: HP ProtectTools Service (HP ProtectTools Service) . (.Hewlett-Packard Development Company, L.P - PTChangeFilterService.) - C:\Program Files\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
O23 - Service: HP Support Assistant Service (HP Support Assistant Service) . (.Hewlett-Packard Company - HP Support Assistant Service.) - C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe =>.Hewlett-Packard Co
O23 - Service: HP Wireless Assistant Service (HP Wireless Assistant Service) . (.Hewlett-Packard Company - HPPA_Service.) - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
O23 - Service: HP DayStarter Service (HPDayStarterService) . (.Hewlett-Packard Company - HP DayStarter service.) - c:\Program Files\Hewlett-Packard\HP QuickLook\HPDayStarterService.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) . (.Hewlett-Packard Company - HP Quick Synchronization Service.) - C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: Drive Encryption Service (HpFkCryptService) . (.McAfee, Inc. - Drive Encryption for HP ProtectTools Servic.) - C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
O23 - Service: File Sanitizer for HP ProtectTools (HPFSService) . (.Hewlett-Packard - HPFSService Application.) - C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: HP Hotkey Monitor (hpHotkeyMonitor) . (.Hewlett-Packard Company - hpHotkeyMonitor Service.) - C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
O23 - Service: HP Service (hpsrv) . (.Hewlett-Packard Company - HpService.) - C:\Windows\System32\Hpservice.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) . (.Intel Corporation - RAID Monitor.) - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) . (.Hewlett-Packard Company - LightScribe Service.) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LMIGuardianSvc (LMIGuardianSvc) . (.LogMeIn, Inc. - LMIGuardianSvc.) - C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation - Local Manageability Service.) - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: (MBAMScheduler) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - D:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - D:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: McAfee SiteAdvisor Service (McAfee SiteAdvisor Service) . (.McAfee, Inc. - SiteAdvisor.) - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: Portrait Displays SDK Service (PdiService) . (.Portrait Displays, Inc. - pdisrvc.) - C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) . (.Protexis Inc. - PsiService PsiService.) - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: C:\Windows\System32\stlang.dll (STacSV) . (.IDT, Inc. - IDT PC Audio.) - C:\Program Files\IDT\WDM\STacSV.exe
O23 - Service: ArcCapture (uArcCapture) . (.ArcSoft, Inc. - ArcVCapture.) - C:\windows\system32\uArcCapture.exe
O23 - Service: Intel(R) Management & Security Application User Notificatio (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) . (.Validity Sensors, Inc. - Validity Sensors Fingerprint Service.) - C:\windows\system32\vcsFPService.exe
~ Services: 33 Scanned in 00mn 21s
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s
---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s
---\\ Tâches planifiées en automatique (O39)
[MD5.3E04F1E482357B1FC8B088197C3D9FF8] [APT] [Adobe Acrobat Update Task] (.Adobe Systems Incorporated.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152]
[MD5.B04A4810C6CC205F9DC72DC22E4AB236] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [268464]
[MD5.4999625054FFA2AFFCAFD085C1218307] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [3611416]
[MD5.51508F0C2476177E50C31B0BBFBF1BDB] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [107912]
[MD5.51508F0C2476177E50C31B0BBFBF1BDB] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [107912]
[MD5.00000000000000000000000000000000] [APT] [iMeshNAG] (...) -- C:\Users\MIZI Yacine\AppData\Local\Temp\iMesh_setup.exe (.not file.) [0] =>PUP.iMesh
[MD5.C80E8FBCE9CCD83F2BA7C952A982DD0B] [APT] [{873B4149-DB38-46D7-8598-4BBD243C05ED}] (.Hewlett-Packard Company.) -- C:\swsetup\AppInstl\HPSoftwareSetup.exe [898616]
[MD5.00000000000000000000000000000000] [APT] [{9CEFE3C6-0AB7-462B-9FAC-BE655FE5FC98}] (...) -- H:\Software Offer.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{A1B30B2B-513F-4961-9CA4-75A21D2E20B2}] (...) -- C:\Program Files\McAfee\MANAGE~1\Agent\myinx.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{EA02CF60-0864-44A6-B8BF-E9C02FD80013}] (...) -- C:\Users\MIZI Yacine\Desktop\Setup.exe (.not file.) [0]
[MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [561984]
[MD5.E1A81F436A8C8492562C9E39D73A7569] [APT] [Canon OIP Product Extended Survey Program] (.CANON INC..) -- C:\Program Files\Canon\OIPPESP\Cnpspcnt.exe [1257160]
[MD5.3E53CC4591B043C8D42FB3D771D55FCE] [APT] [HP Support Assistant Quick Start] (.Hewlett-Packard Company.) -- C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [542008]
[MD5.3E53CC4591B043C8D42FB3D771D55FCE] [APT] [PC Health Analysis] (.Hewlett-Packard Company.) -- C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [542008]
[MD5.3E53CC4591B043C8D42FB3D771D55FCE] [APT] [PC Health Analysis Restart] (.Hewlett-Packard Company.) -- C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [542008]
[MD5.3E53CC4591B043C8D42FB3D771D55FCE] [APT] [PC Tuneup] (.Hewlett-Packard Company.) -- C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [542008]
[MD5.16F1F09240540D9409DA192839C9D786] [APT] [Update Check] (.Hewlett-Packard Company.) -- C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [630584]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\Tasks\Adobe Flash Player Updater.job [1002]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [1002]
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [1054]
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1054]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [1058]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1058]
O39 - APT: iMeshNAG - (...) -- C:\Windows\Tasks\iMeshNAG.job [310] =>Hijacker.iHaveNet
O39 - APT: iMeshNAG - (...) -- C:\Windows\System32\Tasks\iMeshNAG [310] =>PUP.iMesh
~ Scheduled Task: 23 Scanned in 00mn 11s
---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Microsoft VM - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Microsoft Corporation - Microsoft® VM.) -- C:\windows\system32\msjava.dll
O40 - ASIC: LightScribe Control Panel - {10880D85-AAD9-4558-ABDC-2AB1552D831F} . (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Common Files\LightScribe\LSRunOnce.exe
O40 - ASIC: Microsoft Windows Media Player 12.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Disable SSL3 - {7D715857-A67C-4C2F-A929-038448584D63} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\windows\System32\ie4uinit.exe
O40 - ASIC: Windows Desktop Update - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
O40 - ASIC: Google Chrome - {8A69D345-D564-463c-AFF1-A69D9E530F96} . (.Google Inc. - Google Chrome Installer.) -- C:\Program Files\Google\Chrome\Application\42.0.2311.90\Installer\chrmstp.exe
O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11CF-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 17.0 r0.) -- C:\windows\system32\Macromed\Flash\Flash32_17_0_0_169.ocx
~ Active Setup: 14 Scanned in 00mn 00s
---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\DRIVERS\blbdrive.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\System32\cscsvc.dll (CSC) . (.Microsoft Corporation - Windows Client Side Caching Driver.) - C:\Windows\System32\drivers\csc.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: (mbamchameleon) . (.Malwarebytes Corporation - Malwarebytes Chameleon Protection Driver.) - C:\windows\system32\drivers\mbamchameleon.sys
O41 - Driver: McAfee Inc. mfetdik (mfetdik) . (.McAfee, Inc. - Anti-Virus Mini-Firewall Driver.) - C:\Windows\System32\drivers\mfetdik.sys
O41 - Driver: (MpKslbc911b9b) . (...) - C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{5681CAE9-0575-4588-B577-48683EB0CCD4}\MpKslbc911b9b.sys
O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (vpcnfltr) . (.Microsoft Corporation - Virtual PC Network Filter Driver.) - C:\Windows\System32\DRIVERS\vpcnfltr.sys
O41 - Driver: C:\Windows\System32\drivers\vpcvmm.sys (vpcvmm) . (.Microsoft Corporation - Moniteur d'ordinateur virtuel Virtual PC.) - C:\Windows\System32\drivers\vpcvmm.sys
O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys
~ Drivers: 78 Scanned in 00mn 00s
---\\ Logiciels installés (O42)
O42 - Logiciel: Adobe Flash Player 17 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 17 NPAPI - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player NPAPI
O42 - Logiciel: Adobe Reader XI (11.0.10) - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AB0000000001}
O42 - Logiciel: Adobe Refresh Manager - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-0804-1033-1959-001802114130}
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {F5266D28-E0B2-4130-BFC5-EE155AD514DC}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {C23CD6DA-1958-43A5-ADD0-59396572E02E}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} =>.Apple Inc
O42 - Logiciel: ArcSoft TotalMedia - (.ArcSoft.) [HKLM] -- ArcSoft TotalMedia
O42 - Logiciel: ArcSoft TotalMedia - (.ArcSoft.) [HKLM] -- {4F765E00-EE1C-4392-93B4-54310358F41A}
O42 - Logiciel: ArcSoft Webcam Sharing Manager - (.ArcSoft.) [HKLM] -- {190A7D93-3823-439C-91B9-ADCE3EC2A6A2}
O42 - Logiciel: Atheros Driver Installation Program - (.Atheros.) [HKLM] -- {C3A32068-8AB1-4327-BB16-BED9C6219DC7}
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: Canon LBP2900 - (...) [HKLM] -- Canon LBP2900
O42 - Logiciel: Canon Laser Printer/Scanner/Fax Extended Survey Program - (.CANON INC..) [HKLM] -- Canon Laser Printer/Scanner/Fax Extended Survey Program
O42 - Logiciel: Canon Laser Printer/Scanner/Fax Extended Survey Program - (.CANON INC..) [HKLM] -- {4D7B6C53-B3E7-4D93-B27C-B7A50A9627C9}
O42 - Logiciel: Canon MF Toolbox 4.9.1.1.mf15 - (.CANON INC..) [HKLM] -- {6767DFEE-8909-453A-B553-C7693912B2EB}
O42 - Logiciel: Canon MF3010 - (.CANON INC..) [HKLM] -- {A97F4E18-3053-4652-B763-9A40AE2B1EE5}
O42 - Logiciel: Complément Messenger - (.Microsoft Corporation.) [HKLM] -- {6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}
O42 - Logiciel: Corel Home Office - (.Corel Corporation.) [HKLM] -- _{36C95AD3-D330-4BAA-884A-9F3EFD15A5EA}
O42 - Logiciel: Corel Home Office - (.Corel Corporation.) [HKLM] -- {36C95AD3-D330-4BAA-884A-9F3EFD15A5EA}
O42 - Logiciel: Corel Home Office - (.Corel Corporation.) [HKLM] -- {670234D0-42BE-493E-B3EB-6B5275530461}
O42 - Logiciel: Corel Home Office - CS Templates - (.????.) [HKLM] -- {1A1E33D2-9824-454A-B8CB-50072118635A}
O42 - Logiciel: Corel Home Office - CT Templates - (.??????.) [HKLM] -- {26D19512-874B-4EDA-B7F1-779850B2AD5A}
O42 - Logiciel: Corel Home Office - IPM - (.Corel Corporation.) [HKLM] -- {39FE455F-9478-451B-9420-73C15143DF8E}
O42 - Logiciel: Corel Home Office - JP Templates - (.???.) [HKLM] -- {1D11E96F-0405-4B99-8356-5750B1D9FAE9}
O42 - Logiciel: Corel Home Office - KR Templates - (.???.) [HKLM] -- {5746E4F9-77C6-47E8-A737-A5975A57B4AA}
O42 - Logiciel: Corel Home Office - Launcher - (.Corel Corporation.) [HKLM] -- {E74EA3B1-7192-489D-9A57-0AE918FEC001}
O42 - Logiciel: Corel Home Office - Templates RU - (.???????? ???????????.) [HKLM] -- {F45048A1-12C4-4B08-A3EB-32D88033368A}
O42 - Logiciel: Corel Home Office - Templates1 - (.Your Company Name.) [HKLM] -- {5017D60D-C0A5-4CC8-8D2F-0BDA1ADF39D0}
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: Defraggler - (.Piriform.) [HKLM] -- Defraggler
O42 - Logiciel: Device Access Manager for HP ProtectTools - (.Hewlett-Packard.) [HKLM] -- {55B52830-024A-443E-AF61-61E1E71AFA1B}
O42 - Logiciel: Drive Encryption for HP ProtectTools - (.Hewlett-Packard.) [HKLM] -- Drive Encryption
O42 - Logiciel: Face Recognition for HP ProtectTools - (.Hewlett-Packard.) [HKLM] -- {E793990C-90BE-4B69-AC29-BF5E8FD4ED54}
O42 - Logiciel: File Sanitizer For HP ProtectTools - (.Hewlett-Packard.) [HKLM] -- {6D6ADF03-B257-4EA5-BBC1-1D145AF8D514}
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {18455581-E099-4BA8-BC6B-F34B2F06600C}
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: HP 3D DriveGuard - (.Hewlett-Packard.) [HKLM] -- {67C090D6-109A-47D7-8DED-4160C4D96F32}
O42 - Logiciel: HP Advisor - (.Hewlett-Packard.) [HKLM] -- {40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}
O42 - Logiciel: HP Customer Experience Enhancements - (.Hewlett-Packard.) [HKLM] -- {07FA4960-B038-49EB-891B-9F95930AA544}
O42 - Logiciel: HP ESU for Microsoft Windows 7 - (.Hewlett-Packard Company.) [HKLM] -- {871732B3-1EE5-4C54-8462-8BFF516880B7}
O42 - Logiciel: HP HotKey Support - (.Hewlett-Packard Company.) [HKLM] -- {0497B553-0E3F-4CCD-BE13-E28F1A54B318}
O42 - Logiciel: HP Integrated Module with Bluetooth wireless technology - (.Broadcom Corporation.) [HKLM] -- {9E9D49A4-1DF4-4138-B7DB-5D87A893088E}
O42 - Logiciel: HP Power Assistant - (.Hewlett-Packard Company.) [HKLM] -- {F79012AC-A56B-45D2-B677-5A75345F1A76}
O42 - Logiciel: HP Power Data - (.Hewlett-Packard Company.) [HKLM] -- {79306E28-8621-44F2-BC15-99B7E21CF2C6}
O42 - Logiciel: HP ProtectTools Security Manager - (.Hewlett-Packard Company.) [HKLM] -- HPProtectTools
O42 - Logiciel: HP ProtectTools Security Manager - (.Hewlett-Packard Company.) [HKLM] -- {BE3AD89B-F9B2-4E22-8FAB-BCF63190ABCD}
O42 - Logiciel: HP QuickLook - (.Hewlett-Packard.) [HKLM] -- {8B49BD5E-C896-4F65-95DC-3F84424226E8}
O42 - Logiciel: HP QuickWeb - (.DeviceVM, Inc..) [HKLM] -- {7861911B-4270-498A-8F7A-FCF0570F48BB}
O42 - Logiciel: HP Setup - (.Hewlett-Packard.) [HKLM] -- {1E6219D4-027E-47EE-AB83-DD2F26E31A32}
O42 - Logiciel: HP SoftPaq Download Manager - (.Hewlett-Packard Company.) [HKLM] -- {2DA697D7-FED3-4DE2-A174-92A2A12F9688}
O42 - Logiciel: HP Software Framework - (.Hewlett-Packard Company.) [HKLM] -- {2712DAD6-C1F7-4295-B06E-17D6DC62EC20}
O42 - Logiciel: HP Software Setup - (.Hewlett-Packard Company.) [HKLM] -- {04801E42-B1A6-4C52-9F3D-CADB5A050433} =>.Hewlett-Packard Co
O42 - Logiciel: HP Support Assistant - (.Hewlett-Packard Company.) [HKLM] -- {E35A3B13-78CD-4967-8AC8-AA9FDA693EDE} =>.Hewlett-Packard Co
O42 - Logiciel: HP User Guides 0189 - (.Hewlett-Packard.) [HKLM] -- {3BDB9B89-56B5-4953-B052-AEB75FCBFC93}
O42 - Logiciel: HP Wallpaper - (.Hewlett-Packard Company.) [HKLM] -- {F173C2B3-296F-458C-98FF-1676A42EBA02}
O42 - Logiciel: HP Webcam Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}
O42 - Logiciel: HP Wireless Assistant - (.Hewlett-Packard.) [HKLM] -- {48EE0E00-86DE-47A5-8D00-B5D72A70BCCD}
O42 - Logiciel: HSPA USB Modem - (.Nom de votre société.) [HKLM] -- InstallShield_{AFE2039C-010F-4EA1-9A0E-F2D7293F68E9}
O42 - Logiciel: HSPA USB Modem - (.Nom de votre société.) [HKLM] -- {AFE2039C-010F-4EA1-9A0E-F2D7293F68E9}
O42 - Logiciel: Hewlett-Packard ACLM.NET v1.2.2.3 - (.Hewlett-Packard Company.) [HKLM] -- {6F340107-F9AA-47C6-B54C-C3A19F11553F}
O42 - Logiciel: IDT Audio - (.IDT.) [HKLM] -- {E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}
O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver - (.Intel Corporation.) [HKLM] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A}
O42 - Logiciel: Intel® Matrix Storage Manager - (.Intel Corporation.) [HKLM] -- {9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}
O42 - Logiciel: Java 7 Update 71 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F03217071FF}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
O42 - Logiciel: K-Lite Mega Codec Pack 6.4.0 - (...) [HKLM] -- KLiteCodecPack_is1
O42 - Logiciel: LSI HDA Modem - (.LSI Corporation.) [HKLM] -- LSI Soft Modem
O42 - Logiciel: LightScribe System Software - (.LightScribe.) [HKLM] -- {82EF29B1-9B60-4142-A155-0599216DD053}
O42 - Logiciel: LogMeIn Hamachi - (.LogMeIn, Inc..) [HKLM] -- LogMeIn Hamachi
O42 - Logiciel: LogMeIn Hamachi - (.LogMeIn, Inc..) [HKLM] -- {80EE9168-BB59-4F87-BF1A-57C137EAF714}
O42 - Logiciel: Logiciel d'archivage WinRAR - (...) [HKLM] -- WinRAR archiver
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: Malwarebytes Anti-Malware version 2.0.4.1028 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes Anti-Malware_is1
O42 - Logiciel: McAfee Security Scan Plus - (.McAfee, Inc..) [HKLM] -- McAfee Security Scan
O42 - Logiciel: Mesh Runtime - (.Microsoft Corporation.) [HKLM] -- {8C6D6116-B724-4810-8F2D-D047E6B7D68E}
O42 - Logiciel: Microsoft Antimalware Service FR-FR Language Pack - (.Microsoft Corporation.) [HKLM] -- {32E9C1A5-0FDA-4483-987D-DBABF9CC1DD8}
O42 - Logiciel: Microsoft Security Client - (.Microsoft Corporation.) [HKLM] -- {D6F9CBDC-58B6-430A-8DD4-8F61CBC1ADF4}
O42 - Logiciel: Microsoft Security Client FR-FR Language Pack - (.Microsoft Corporation.) [HKLM] -- {50779A29-834E-4E36-BBEB-B7CABC67A825}
O42 - Logiciel: Microsoft Security Essentials - (.Microsoft Corporation.) [HKLM] -- Microsoft Security Client
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Mozilla Firefox 37.0.1 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 37.0.1 (x86 fr)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService
O42 - Logiciel: Norton Online Backup - (.Symantec.) [HKLM] -- {C57BCDE1-7CB9-467D-B3BA-7E119916CDC1} =>.Symantec Corporation
O42 - Logiciel: Pre-Boot Security for HP ProtectTools - (.Hewlett-Packard.) [HKLM] -- {3513DD3C-7680-4C7C-BF18-BA375D5F4132}
O42 - Logiciel: Privacy Manager for HP ProtectTools - (.Hewlett-Packard.) [HKLM] -- {142D2DFA-1FB7-41B9-8509-DAB5F3978CE4}
O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}
O42 - Logiciel: Realtek Ethernet Controller All-In-One Windows Driver - (.Realtek.) [HKLM] -- {F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}
O42 - Logiciel: Realtek USB 2.0 Card Reader - (.Realtek Semiconductor Corp..) [HKLM] -- {96AE7E41-E34E-47D0-AC07-1091A8127911}
O42 - Logiciel: Recuva - (.Piriform.) [HKLM] -- Recuva
O42 - Logiciel: SAMSUNG CDMA Modem Driver Set - (...) [HKLM] -- SAMSUNG CDMA Modem
O42 - Logiciel: SAMSUNG Mobile USB Modem 1.0 Software - (...) [HKLM] -- SAMSUNG Mobile USB Modem 1.0
O42 - Logiciel: SAMSUNG Mobile USB Modem Software - (...) [HKLM] -- SAMSUNG Mobile USB Modem
O42 - Logiciel: SDK - (.Portrait Displays, Inc..) [HKLM] -- {0DEA342C-15CB-4F52-97B6-06A9C4B9C06F}
O42 - Logiciel: Salaat Time 2.1 - (.Salaat Time.) [HKLM] -- {F993F285-0F98-4E13-9421-41DB36806EE3}
O42 - Logiciel: Samsung PC Studio 3 USB Driver Installer - (.Samsung Electronics Co., Ltd..) [HKLM] -- {EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}
O42 - Logiciel: SiteAdvisor - (.McAfee, Inc..) [HKLM] -- {35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}
O42 - Logiciel: Skype(TM) 7.0 - (.Skype Technologies S.A..) [HKLM] -- {24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM] -- SynTPDeinstKey
O42 - Logiciel: Theft Recovery - (.Hewlett-Packard.) [HKLM] -- InstallShield_{33C9F24B-1D92-4632-A915-81E3BB1D5D6B}
O42 - Logiciel: Theft Recovery - (.Hewlett-Packard.) [HKLM] -- {33C9F24B-1D92-4632-A915-81E3BB1D5D6B}
O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM] -- VLC media player =>.VideoLAN
O42 - Logiciel: Validity Fingerprint Driver - (.Validity Sensors, Inc..) [HKLM] -- {78365FC6-09CA-4AC3-BC01-70FB46596047}
O42 - Logiciel: WinDjView 1.0.3 - (.Andrew Zhezherun.) [HKLM] -- WinDjView
O42 - Logiciel: Windows 7 Default Setting - (.Hewlett-Packard Company.) [HKLM] -- {5BF8E079-D6E2-4323-B794-75152371122A}
O42 - Logiciel: Windows Driver Package - Broadcom Bluetooth (06/15/2009 6.2.0.9000) - (.Broadcom.) [HKLM] -- B7541EC5F72AA713F557569278EB6273725F5607
O42 - Logiciel: Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405) - (.Broadcom.) [HKLM] -- A6A8668C0A13640CA28FE2A7D9654BE4AE478B13
O42 - Logiciel: Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) - (.Broadcom.) [HKLM] -- BF20603967CFDCB2BBF91950E8A56DFBC5C833FE
O42 - Logiciel: Wise Disk Cleaner 8.43 - (.WiseCleaner.com, Inc..) [HKLM] -- Wise Disk Cleaner_is1
O42 - Logiciel: doPDF 7.1 printer - (.Softland.) [HKLM] -- doPDF 7 printer_is1
O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU] -- uTorrent =>P2P.BitTorrent
~ Logic: 53 Scanned in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\Ability 5.0]
[HKCU\Software\Adobe]
[HKCU\Software\Alcohol Soft]
[HKCU\Software\Andrew Zhezherun]
[HKCU\Software\AppDataLow\Software\DigitalPersona]
[HKCU\Software\AppDataLow\Software\JavaSoft]
[HKCU\Software\AppDataLow\Software\Smartbar] =>Hijacker.SmartBar
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\ArcSoft]
[HKCU\Software\BearShare] =>PUP.BearShare
[HKCU\Software\BitTorrent] =>P2P.BitTorrent
[HKCU\Software\BugSplat]
[HKCU\Software\Canon]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\DT Soft]
[HKCU\Software\DigitalPersona]
[HKCU\Software\DivXNetworks]
[HKCU\Software\FileOpen]
[HKCU\Software\GNU]
[HKCU\Software\Gabest]
[HKCU\Software\Google]
[HKCU\Software\Haali]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\HookNetwork]
[HKCU\Software\IDT]
[HKCU\Software\IM Providers]
[HKCU\Software\Intel]
[HKCU\Software\JavaSoft]
[HKCU\Software\Leadertech]
[HKCU\Software\LightScribe]
[HKCU\Software\MONOGRAM]
[HKCU\Software\Macromedia]
[HKCU\Software\Macrovision]
[HKCU\Software\Magnet]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\McAfee]
[HKCU\Software\MediaInfo]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\NITRO]
[HKCU\Software\Nero]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\Portrait Displays]
[HKCU\Software\Salaat Time]
[HKCU\Software\Skype]
[HKCU\Software\Softland]
[HKCU\Software\Synaptics]
[HKCU\Software\TeamViewer]
[HKCU\Software\TeleCharger]
[HKCU\Software\Trolltech]
[HKCU\Software\VMware, Inc.]
[HKCU\Software\Widcomm]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\Windows Live Writer]
[HKCU\Software\ZebHelpProcess Helper]
[HKCU\Software\kde.org]
[HKCU\Software\madFlac]
[HKCU\Software\sYk0]
[HKLM\Software\ATI Technologies]
[HKLM\Software\Ability 5.0]
[HKLM\Software\Adobe]
[HKLM\Software\AdwCleaner]
[HKLM\Software\Agere]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\ArcSoft]
[HKLM\Software\Atheros]
[HKLM\Software\Bunndle]
[HKLM\Software\CANON]
[HKLM\Software\Caphyon]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Codec Tweak Tool]
[HKLM\Software\Cogent Inc.]
[HKLM\Software\Corel]
[HKLM\Software\DT Soft]
[HKLM\Software\DVDVideoSoft]
[HKLM\Software\Digital River]
[HKLM\Software\DigitalPersona]
[HKLM\Software\DivXNetworks]
[HKLM\Software\DivX]
[HKLM\Software\GEAR Software]
[HKLM\Software\GNU]
[HKLM\Software\Gabest]
[HKLM\Software\Google]
[HKLM\Software\HPQ]
[HKLM\Software\HSPA]
[HKLM\Software\HaaliMkx]
[HKLM\Software\Hewlett-Packard Company]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\IDT]
[HKLM\Software\IM Providers]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\InterVideo]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\KLCodecPack]
[HKLM\Software\LSI]
[HKLM\Software\Licenses]
[HKLM\Software\LightScribe]
[HKLM\Software\LogMeIn, Inc.]
[HKLM\Software\LogMeInRescueCallingCard]
[HKLM\Software\MCCI]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\McAfee]
[HKLM\Software\MimarSinan]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\My Company]
[HKLM\Software\Nalpeiron]
[HKLM\Software\Nero]
[HKLM\Software\ODBC]
[HKLM\Software\PDFComplete]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\Portrait Displays, Inc.]
[HKLM\Software\Portrait Displays]
[HKLM\Software\RTLSetup]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SafeBoot International]
[HKLM\Software\Samsung Electronics Co., Ltd.]
[HKLM\Software\SiteAdvisor]
[HKLM\Software\Skype]
[HKLM\Software\Softland]
[HKLM\Software\Sonic]
[HKLM\Software\Synaptics]
[HKLM\Software\TeamViewer]
[HKLM\Software\VMware, Inc.]
[HKLM\Software\Validity]
[HKLM\Software\VideoLAN]
[HKLM\Software\Volatile]
[HKLM\Software\Widcomm]
[HKLM\Software\WinRAR]
[HKLM\Software\Windows]
[HKLM\Software\WiseCleaner]
[HKLM\Software\Wow6432Node]
[HKLM\Software\mcafeeupdater]
[HKLM\Software\mozilla.org]
~ Key Software: 320 Scanned in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 18/10/2014 - 12:35:57 - [] ----D C:\Program Files\Adobe
O43 - CFD: 17/07/2011 - 20:45:16 - [] ----D C:\Program Files\Apple Software Update =>.Apple Inc
O43 - CFD: 07/04/2010 - 13:38:23 - [] ----D C:\Program Files\Arcsoft
O43 - CFD: 07/04/2010 - 13:42:51 - [] ----D C:\Program Files\Atheros
O43 - CFD: 05/01/2015 - 18:55:31 - [] ----D C:\Program Files\Canon
O43 - CFD: 29/06/2013 - 00:09:12 - [] ----D C:\Program Files\CCleaner
O43 - CFD: 19/04/2015 - 14:51:05 - [] ----D C:\Program Files\Common Files
O43 - CFD: 02/02/2010 - 01:15:13 - [] ----D C:\Program Files\Corel Home Office
O43 - CFD: 21/12/2010 - 20:24:15 - [] ----D C:\Program Files\DAEMON Tools Lite =>.DT Soft Ltd
O43 - CFD: 02/12/2012 - 22:16:38 - [] ----D C:\Program Files\Defraggler
O43 - CFD: 07/04/2010 - 13:28:05 - [] ----D C:\Program Files\DIFX
O43 - CFD: 02/10/2010 - 22:23:33 - [] ----D C:\Program Files\DivX
O43 - CFD: 27/04/2011 - 15:26:17 - [] ----D C:\Program Files\DVD Maker
O43 - CFD: 11/04/2013 - 17:49:27 - [] ----D C:\Program Files\Google
O43 - CFD: 02/03/2014 - 16:02:57 - [] ----D C:\Program Files\Hewlett-Packard
O43 - CFD: 16/03/2014 - 22:26:27 - [] ----D C:\Program Files\HSPA USB Modem
O43 - CFD: 05/01/2013 - 19:54:15 - [] ----D C:\Program Files\IDT
O43 - CFD: 16/03/2014 - 22:26:28 - [] --H-D C:\Program Files\InstallShield Installation Information
O43 - CFD: 24/02/2014 - 23:30:24 - [] ----D C:\Program Files\Intel
O43 - CFD: 19/04/2015 - 15:09:28 - [] ----D C:\Program Files\Internet Explorer
O43 - CFD: 02/12/2014 - 10:54:43 - [] ----D C:\Program Files\Java
O43 - CFD: 28/10/2010 - 01:12:04 - [] ----D C:\Program Files\Kaspersky Lab
O43 - CFD: 31/03/2015 - 12:55:52 - [] ----D C:\Program Files\LogMeIn Hamachi
O43 - CFD: 07/04/2010 - 13:35:26 - [] ----D C:\Program Files\LSI SoftModem
O43 - CFD: 16/04/2015 - 12:44:45 - [] ----D C:\Program Files\McAfee
O43 - CFD: 18/06/2014 - 23:28:00 - [] ----D C:\Program Files\McAfee Security Scan
O43 - CFD: 29/06/2011 - 07:13:24 - [] ----D C:\Program Files\Microsoft Office
O43 - CFD: 02/02/2010 - 01:44:52 - [] ----D C:\Program Files\Microsoft Office Suite Activation Assistant
O43 - CFD: 13/02/2015 - 12:15:06 - [] ----D C:\Program Files\Microsoft Security Client
O43 - CFD: 25/07/2014 - 22:52:22 - [] ----D C:\Program Files\Microsoft Silverlight
O43 - CFD: 25/10/2010 - 21:21:08 - [] ----D C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD: 02/02/201
ArnaudLy6
Messages postés
4411
Date d'inscription
samedi 22 mai 2010
Statut
Membre
Dernière intervention
13 février 2016
188
23 avril 2015 à 13:46
23 avril 2015 à 13:46
Le rapport ne rentre pas, il faudrait le poster sur pjjoint
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
ArnaudLy6
Messages postés
4411
Date d'inscription
samedi 22 mai 2010
Statut
Membre
Dernière intervention
13 février 2016
188
23 avril 2015 à 14:33
23 avril 2015 à 14:33
Voici les étapes à suivre :
On va commencer par désinstaller McAfee Security Scan Plus, et par mettre Java à jour ...
Puis,
- Vide complètement ta corbeille
- Ensuite lance cette fois-ci ZhpFix ( Pour Vista/7/8 : clique droit et "Exécuter en tant qu'Administrateur")
- Clique sur "Importer'
- Et colle ça :
Script ZHPFix
SysRestore
FirewallRaz
EmptyPrefetch
EmptyFlash
EmptyTemp
EmptyCLSID
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified
O1 - Hosts: 25.200.201.226 server-db
O1 - Hosts: 25.73.7.223 server-db-mizi
O1 - Hosts: 25.34.61.29 server-db-bio
[MD5.00000000000000000000000000000000] [APT] [iMeshNAG] (...) -- C:\Users\MIZI Yacine\AppData\Local\Temp\iMesh_setup.exe (.not file.) [0]
O39 - APT: iMeshNAG - (...) -- C:\Windows\Tasks\iMeshNAG.job [310]
O39 - APT: iMeshNAG - (...) -- C:\Windows\System32\Tasks\iMeshNAG [310]
[HKCU\Software\AppDataLow\Software\Smartbar]
[HKCU\Software\BearShare]
C:\ProgramData\InstallMate
C:\Users\MIZI Yacine\AppData\Local\Apps
C:\Users\MIZI Yacine\AppData\Local\BearShare
[HKLM\Software\Classes\Applications\iMeshV10.exe]
C:\Windows\Tasks\iMeshNAG.job
C:\Windows\System32\Tasks\iMeshNAG
- Clique sur Go en bas à gauche
- Confirme le nettoyage
- Et accepte le "vidage de corbeille"
- Colle le rapport de nettoyage obtenu
ATTENTION : ce script ne doit pas être utilisé par un autre ordinateur
On va commencer par désinstaller McAfee Security Scan Plus, et par mettre Java à jour ...
Puis,
- Vide complètement ta corbeille
- Ensuite lance cette fois-ci ZhpFix ( Pour Vista/7/8 : clique droit et "Exécuter en tant qu'Administrateur")
- Clique sur "Importer'
- Et colle ça :
Script ZHPFix
SysRestore
FirewallRaz
EmptyPrefetch
EmptyFlash
EmptyTemp
EmptyCLSID
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified
O1 - Hosts: 25.200.201.226 server-db
O1 - Hosts: 25.73.7.223 server-db-mizi
O1 - Hosts: 25.34.61.29 server-db-bio
[MD5.00000000000000000000000000000000] [APT] [iMeshNAG] (...) -- C:\Users\MIZI Yacine\AppData\Local\Temp\iMesh_setup.exe (.not file.) [0]
O39 - APT: iMeshNAG - (...) -- C:\Windows\Tasks\iMeshNAG.job [310]
O39 - APT: iMeshNAG - (...) -- C:\Windows\System32\Tasks\iMeshNAG [310]
[HKCU\Software\AppDataLow\Software\Smartbar]
[HKCU\Software\BearShare]
C:\ProgramData\InstallMate
C:\Users\MIZI Yacine\AppData\Local\Apps
C:\Users\MIZI Yacine\AppData\Local\BearShare
[HKLM\Software\Classes\Applications\iMeshV10.exe]
C:\Windows\Tasks\iMeshNAG.job
C:\Windows\System32\Tasks\iMeshNAG
- Clique sur Go en bas à gauche
- Confirme le nettoyage
- Et accepte le "vidage de corbeille"
- Colle le rapport de nettoyage obtenu
ATTENTION : ce script ne doit pas être utilisé par un autre ordinateur
Rapport de ZHPFix 2015.4.9.5 par Nicolas Coolman, Update du 18/03/2015
Fichier d'export Registre :
Run by MIZI Yacine at 23/04/2015 15:04:55
High Elevated Privileges : OK
Windows 7 Business Edition, 32-bit Service Pack 1 (Build 7601)
Corbeille vidée (00mn 39s)
Dossier Prefetcher vidé
========== Clés du Registre ==========
SUPPRIMÉ: HKCU\Software\AppDataLow\Software\Smartbar
SUPPRIMÉ: HKCU\Software\BearShare
SUPPRIMÉ: HKLM\Software\Classes\Applications\iMeshV10.exe
========== Valeurs du Registre ==========
Aucune Valeur Standard Profile: FirewallRaz :
Aucune Valeur Domain Profile: FirewallRaz :
========== Eléments de donnée du Registre ==========
SUPPRIMÉ Explorer Association Data Application: http://www.filefacts.net/redirect.php?ext=%s
========== Dossiers ==========
SUPPRIMÉ: C:\Users\MIZI Yacine\AppData\Local\{07B5F9EA-6B5C-458D-9323-24AED30F9879}
SUPPRIMÉ: C:\Users\MIZI Yacine\AppData\Local\{0B14F7E4-2AB0-4763-BC09-F2AB0B0C7A64}
SUPPRIMÉ: C:\Users\MIZI Yacine\AppData\Local\{116283C4-6637-4587-9CAC-904EAE86C839}
SUPPRIMÉ: C:\Users\MIZI Yacine\AppData\Local\{1746153A-F9AD-4683-8833-A8FC980906DD}
SUPPRIMÉ: C:\Users\MIZI Yacine\AppData\Local\{20495DEC-42B9-4507-A810-45C3FFB3F48C}
SUPPRIMÉ: C:\Users\MIZI Yacine\AppData\Local\{27B0CD5F-8480-42F7-B87E-FAAF56F6F4E4}
SUPPRIMÉ: C:\Users\MIZI Yacine\AppData\Local\{2EEEF000-AAAA-4787-AA89-EB239E9BC7A5}
SUPPRIMÉ: C:\Users\MIZI Yacine\AppData\Local\{3C36C4FB-76F2-4557-B916-7EEB515ED4E1}
SUPPRIMÉ: C:\Users\MIZI Yacine\AppData\Local\{4151CB2F-EC17-498D-8C10-32918D1413A4}
SUPPRIMÉ: C:\Users\MIZI Yacine\AppData\Local\{527F3946-0747-4481-BDDF-5C578FCA4070}
SUPPRIMÉ: C:\Users\MIZI Yacine\AppData\Local\{7AC6E776-72D3-41B6-A4E8-A7B17DF07BAB}
SUPPRIMÉ: C:\Users\MIZI Yacine\AppData\Local\{961C14FB-B04F-4C69-916F-F51A124540D5}
SUPPRIMÉ: C:\Users\MIZI Yacine\AppData\Local\{AE896D72-1A40-4B61-9566-707A17C524F4}
SUPPRIMÉ: C:\Users\MIZI Yacine\AppData\Local\{BBF70706-C2FD-4C7E-BCEB-09F81C9D0E00}
SUPPRIMÉ: C:\Users\MIZI Yacine\AppData\Local\{CD2089A0-6B84-4760-9CEA-7481CFDFCDF4}
SUPPRIMÉ: C:\Users\MIZI Yacine\AppData\Local\{DA3C8460-AAA9-4301-A43A-9D00B2AD07E0}
SUPPRIMÉ: C:\Users\MIZI Yacine\AppData\Local\{DEB723B6-F1A2-4B1A-B7AC-8C7FE6BCF627}
SUPPRIMÉ: C:\Users\MIZI Yacine\AppData\Local\{F3B74BC7-D90A-43B2-99C0-5D0F42FC1758}
SUPPRIMÉ: C:\Users\MIZI Yacine\AppData\Local\{FA83DBCF-F70C-4622-977E-3708C5AB2D40}
SUPPRIMÉ: c:\programdata\installmate
SUPPRIMÉ: c:\users\mizi yacine\appdata\local\apps
SUPPRIMÉ: c:\users\mizi yacine\appdata\local\bearshare
========== Fichiers ==========
SUPPRIMÉS Flash Cookies (0) (0 octets)
SUPPRIMÉS Temporaires Windows (22) (3 323 133 octets)
========== Fichier HOSTS ==========
Le fichier Hosts n'est pas réparé, veuillez désactiver votre antivirus.
========== Tache planifiée ==========
SUPPRIMÉ: iMeshNAG
========== Restauration Système ==========
Point de restauration du système créé avec succès
========== Récapitulatif ==========
3 : Clés du Registre
2 : Valeurs du Registre
1 : Eléments de donnée du Registre
22 : Dossiers
2 : Fichiers
1 : Fichier HOSTS
1 : Tache planifiée
1 : Restauration Système
End of clean in 01mn 59s
========== Chemin de fichier rapport ==========
C:\Users\MIZI Yacine\AppData\Roaming\ZHP\ZHPFix[R1].txt - 23/04/2015 15:05:35 [3267]
Fichier d'export Registre :
Run by MIZI Yacine at 23/04/2015 15:04:55
High Elevated Privileges : OK
Windows 7 Business Edition, 32-bit Service Pack 1 (Build 7601)
Corbeille vidée (00mn 39s)
Dossier Prefetcher vidé
========== Clés du Registre ==========
SUPPRIMÉ: HKCU\Software\AppDataLow\Software\Smartbar
SUPPRIMÉ: HKCU\Software\BearShare
SUPPRIMÉ: HKLM\Software\Classes\Applications\iMeshV10.exe
========== Valeurs du Registre ==========
Aucune Valeur Standard Profile: FirewallRaz :
Aucune Valeur Domain Profile: FirewallRaz :
========== Eléments de donnée du Registre ==========
SUPPRIMÉ Explorer Association Data Application: http://www.filefacts.net/redirect.php?ext=%s
========== Dossiers ==========
SUPPRIMÉ: C:\Users\MIZI Yacine\AppData\Local\{07B5F9EA-6B5C-458D-9323-24AED30F9879}
SUPPRIMÉ: C:\Users\MIZI Yacine\AppData\Local\{0B14F7E4-2AB0-4763-BC09-F2AB0B0C7A64}
SUPPRIMÉ: C:\Users\MIZI Yacine\AppData\Local\{116283C4-6637-4587-9CAC-904EAE86C839}
SUPPRIMÉ: C:\Users\MIZI Yacine\AppData\Local\{1746153A-F9AD-4683-8833-A8FC980906DD}
SUPPRIMÉ: C:\Users\MIZI Yacine\AppData\Local\{20495DEC-42B9-4507-A810-45C3FFB3F48C}
SUPPRIMÉ: C:\Users\MIZI Yacine\AppData\Local\{27B0CD5F-8480-42F7-B87E-FAAF56F6F4E4}
SUPPRIMÉ: C:\Users\MIZI Yacine\AppData\Local\{2EEEF000-AAAA-4787-AA89-EB239E9BC7A5}
SUPPRIMÉ: C:\Users\MIZI Yacine\AppData\Local\{3C36C4FB-76F2-4557-B916-7EEB515ED4E1}
SUPPRIMÉ: C:\Users\MIZI Yacine\AppData\Local\{4151CB2F-EC17-498D-8C10-32918D1413A4}
SUPPRIMÉ: C:\Users\MIZI Yacine\AppData\Local\{527F3946-0747-4481-BDDF-5C578FCA4070}
SUPPRIMÉ: C:\Users\MIZI Yacine\AppData\Local\{7AC6E776-72D3-41B6-A4E8-A7B17DF07BAB}
SUPPRIMÉ: C:\Users\MIZI Yacine\AppData\Local\{961C14FB-B04F-4C69-916F-F51A124540D5}
SUPPRIMÉ: C:\Users\MIZI Yacine\AppData\Local\{AE896D72-1A40-4B61-9566-707A17C524F4}
SUPPRIMÉ: C:\Users\MIZI Yacine\AppData\Local\{BBF70706-C2FD-4C7E-BCEB-09F81C9D0E00}
SUPPRIMÉ: C:\Users\MIZI Yacine\AppData\Local\{CD2089A0-6B84-4760-9CEA-7481CFDFCDF4}
SUPPRIMÉ: C:\Users\MIZI Yacine\AppData\Local\{DA3C8460-AAA9-4301-A43A-9D00B2AD07E0}
SUPPRIMÉ: C:\Users\MIZI Yacine\AppData\Local\{DEB723B6-F1A2-4B1A-B7AC-8C7FE6BCF627}
SUPPRIMÉ: C:\Users\MIZI Yacine\AppData\Local\{F3B74BC7-D90A-43B2-99C0-5D0F42FC1758}
SUPPRIMÉ: C:\Users\MIZI Yacine\AppData\Local\{FA83DBCF-F70C-4622-977E-3708C5AB2D40}
SUPPRIMÉ: c:\programdata\installmate
SUPPRIMÉ: c:\users\mizi yacine\appdata\local\apps
SUPPRIMÉ: c:\users\mizi yacine\appdata\local\bearshare
========== Fichiers ==========
SUPPRIMÉS Flash Cookies (0) (0 octets)
SUPPRIMÉS Temporaires Windows (22) (3 323 133 octets)
========== Fichier HOSTS ==========
Le fichier Hosts n'est pas réparé, veuillez désactiver votre antivirus.
========== Tache planifiée ==========
SUPPRIMÉ: iMeshNAG
========== Restauration Système ==========
Point de restauration du système créé avec succès
========== Récapitulatif ==========
3 : Clés du Registre
2 : Valeurs du Registre
1 : Eléments de donnée du Registre
22 : Dossiers
2 : Fichiers
1 : Fichier HOSTS
1 : Tache planifiée
1 : Restauration Système
End of clean in 01mn 59s
========== Chemin de fichier rapport ==========
C:\Users\MIZI Yacine\AppData\Roaming\ZHP\ZHPFix[R1].txt - 23/04/2015 15:05:35 [3267]
ArnaudLy6
Messages postés
4411
Date d'inscription
samedi 22 mai 2010
Statut
Membre
Dernière intervention
13 février 2016
188
23 avril 2015 à 16:12
23 avril 2015 à 16:12
Comment va ton Pc ?
ça va!!!
ça a l'air d'aller mieux!!!
Juste un détail:
Sur malwarebytes, je n'arrive pas à activer la protection contre les sites web malveillants??? depuis les dernières interventions
Quid?
ça a l'air d'aller mieux!!!
Juste un détail:
Sur malwarebytes, je n'arrive pas à activer la protection contre les sites web malveillants??? depuis les dernières interventions
Quid?
ArnaudLy6
Messages postés
4411
Date d'inscription
samedi 22 mai 2010
Statut
Membre
Dernière intervention
13 février 2016
188
23 avril 2015 à 16:44
23 avril 2015 à 16:44
C'est payant, c'est pour ça ;)
Ah bon???
elle était active avant!
mais je suppose qu'on poura survivre sans?
elle était active avant!
mais je suppose qu'on poura survivre sans?
ArnaudLy6
Messages postés
4411
Date d'inscription
samedi 22 mai 2010
Statut
Membre
Dernière intervention
13 février 2016
188
23 avril 2015 à 16:52
23 avril 2015 à 16:52
Oui, elle se désactive au bout d'un certain temps ...
Merci pour la précieuse aide!!!
ArnaudLy6
Messages postés
4411
Date d'inscription
samedi 22 mai 2010
Statut
Membre
Dernière intervention
13 février 2016
188
23 avril 2015 à 16:59
23 avril 2015 à 16:59
Je t'en prie ;)
On supprime juste les logiciels utilisés et c'est bon :
- Télécharge DelFix
- Lance-le
- Coche Réactiver l'UAC et Supprimer les outils de désinfection
- Enfin clique sur Exécuter
Je te conseille de lire ce petit dossier pour éviter une nouvelle infection : https://www.malekal.com/adwares-pup-protection/
Si ton sujet est résolu, merci de cliquer sur Marquer comme résolu :
Merci d'avance ;)
Si tu as d'autres problèmes, n'hésite pas.
A+
On supprime juste les logiciels utilisés et c'est bon :
- Télécharge DelFix
- Lance-le
- Coche Réactiver l'UAC et Supprimer les outils de désinfection
- Enfin clique sur Exécuter
Je te conseille de lire ce petit dossier pour éviter une nouvelle infection : https://www.malekal.com/adwares-pup-protection/
Si ton sujet est résolu, merci de cliquer sur Marquer comme résolu :
Merci d'avance ;)
Si tu as d'autres problèmes, n'hésite pas.
A+