Sujet Précédent Sujet Suivant

Vérification préléminaire

Résolu/Fermé
fidmais - 19 avril 2015 à 20:16
 fidmais - 23 avril 2015 à 17:14
Bonjour,

Je voudrais faire un diagnostic préliminaire de sécurité voici le diag : lien

http://pjjoint.malekal.com/files.php?id=ZHPDiag_20150419_j12i15k1413i11

Merci pour votre aide


10 réponses

Réponse 1 / 10
ArnaudLy6 Messages postés 4411 Date d'inscription samedi 22 mai 2010 Statut Membre Dernière intervention 13 février 2016 188
19 avril 2015 à 20:18
Salut,

Ton Pc est infecté par des logiciels publicitaires, voici les étapes à suivre :

Télécharge AdwCleaner
Ensuite suis ces étapes :

- Lance le logiciel
- Clique sur "Scanner"
- Une fois le scan terminé, clique sur "Nettoyer"
- Le logiciel va redémarrer ton ordinateur
- Une fois ta session ouverte, tu devrais avoir un rapport de nettoyage
- Colle ce rapport dans ton prochain message

Une fois que c'est fait,

Télécharge maintenant Malwarebytes Anti-Malware

- Décoche "Activer l'essai gratuit de Malwarebytes Anti-Malware Premium"
- Lance MalwareBytes
- Dans l'onglet Tableau de Bord, clique sur Mettre à jour
- Clique ensuite sur l'onglet " Examen "
- Coche " Examen Menaces "
- Clique sur " Examiner maintenant "
- Attends la fin de l'analyse
- Une fois l'analyse terminée, clique sur " Supprimer la sélection "
- Accepte le redémarrage du PC si demandé

Une fois que ton ordinateur a redémarré, relance Malwarebytes Anti-Malware et cette fois-ci rends toi dans l'onglet " Historique ",
puis " Journaux de l'application ".
Sélectionne le rapport le plus récent, ouvre-le et clique en bas sur Coller dans le presse-papier.
Il ne te reste plus qu'à coller le rapport dans ton prochain message.
0
Réponse 2 / 10
fidmais
22 avril 2015 à 18:23
bonsoir,

Voici les 2 rapports:

ADWCLEANER:

# AdwCleaner v4.201 - Rapport créé le 19/04/2015 à 19:46:26
# Mis à jour le 08/04/2015 par Xplode
# Base de données : 2015-04-19.4 [Serveur]
# Système d'exploitation : Windows 7 Professional Service Pack 1 (x86)
# Nom d'utilisateur : MIZI Yacine - MIZIYACINE-HP
# Exécuté depuis : C:\Users\MIZI Yacine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CNQXCINF\adwcleaner_4.201.exe
# Option : Nettoyer
          • [ Services ] *****
          • [ Fichiers / Dossiers ] *****


Dossier Supprimé : C:\ProgramData\apn
Dossier Supprimé : C:\Program Files\BearShare Applications
Dossier Supprimé : C:\Program Files\Mobogenie
Dossier Supprimé : C:\Users\MIZI Yacine\AppData\Local\Mobogenie
Dossier Supprimé : C:\Users\MIZI Yacine\AppData\Local\PackageAware
Fichier Supprimé : C:\Users\MIZI Yacine\daemonprocess.txt
          • [ Tâches planifiées ] *****
          • [ Raccourcis ] *****
          • [ Registre ] *****


Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Clé Supprimée : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Clé Supprimée : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Clé Supprimée : HKCU\Software\Conduit
Clé Supprimée : HKCU\Software\YahooPartnerToolbar
Clé Supprimée : HKLM\SOFTWARE\DeviceVM
Clé Supprimée : HKLM\SOFTWARE\dt soft\daemon tools toolbar
          • [ Navigateurs ] *****


-\\ Internet Explorer v11.0.9600.17728


-\\ Mozilla Firefox v37.0.1 (x86 fr)


-\\ Google Chrome v42.0.2311.90


AdwCleaner[R0].txt - [1820 octets] - [19/04/2015 19:24:52]
AdwCleaner[R1].txt - [1880 octets] - [19/04/2015 19:40:50]
AdwCleaner[S0].txt - [1831 octets] - [19/04/2015 19:46:26]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1891 octets] ##########

MALWAREBYTES:

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 22/04/2015
Scan Time: 11:56:16
Logfile: malw.txt
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2015.04.21.03
Rootkit Database: v2015.04.20.01
License: Premium
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Enabled

OS: Windows 7 Service Pack 1
CPU: x86
File System: NTFS
User: MIZI Yacine

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 331150
Time Elapsed: 56 min, 33 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Deep Rootkit Scan: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)


Merci!!!!
0
ArnaudLy6 Messages postés 4411 Date d'inscription samedi 22 mai 2010 Statut Membre Dernière intervention 13 février 2016 188
22 avril 2015 à 18:24
Re,

Pourrais-tu refaire une analyse ZHPDiag ?
0
Réponse 3 / 10
fidmais
23 avril 2015 à 13:44
~ Rapport de ZHPDiag v2015.4.20.40 - Nicolas Coolman (20/04/2015)
~ Lancé par MIZI Yacine (23/04/2015 12:35:29)
~ Facebook : https://www.facebook.com/nicolascoolman1
~ Adresse du Forum http://forum.nicolascoolman.fr
~ Traduit par Nicolas Coolman
~ Etat de la version : Version à jour.
~ Liste blanche : Désactivée par l'utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by program


---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.17728
MFIE: Mozilla Firefox 37.0.1 (Defaut)
GCIE: Google Chrome v42.0.2311.90

---\\ Informations sur les produits Windows
~ Langage: Français
Windows Server License Manager Script : OK

---\\ Logiciels de protection du système
Malwarebytes Anti-Malware version 2.0.4.1028
Microsoft Security Client v4.7.0205.0
McAfee Security Scan Plus v3.8.150.1
Windows Defender W7 (Deactivate)

---\\ Logiciels d'optimisation du système
CCleaner v4.03

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 17 NPAPI
Adobe Reader XI
Java 7 Update 71

---\\ Informations sur le système
~ Processor: x86 Family 6 Model 37 Stepping 2, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1909 MB (14% free)
System Restore: Activé (Enable)
System drive C: has 3 GB (2%) free of 128 GB

---\\ Mode de connexion au système
~ Computer Name: MIZIYACINE-HP
~ User Name: MIZI Yacine
~ All Users Names: MIZI Yacine, HomeGroupUser$, Administrateur,
~ Unselected Option: None
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\MIZI Yacine\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\MIZI Yacine\AppData\Roaming\
~ %Desktop% : C:\Users\MIZI Yacine\Desktop\
~ %Favorites% : C:\Users\MIZI Yacine\Favorites\
~ %LocalAppData% : C:\Users\MIZI Yacine\AppData\Local\
~ %StartMenu% : C:\Users\MIZI Yacine\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 3 Go of 128 Go)
D: Hard drive, Flash drive, Thumb drive (Free 2 Go of 88 Go)
E: CD-ROM drive (Not Inserted)
F: Hard drive, Flash drive, Thumb drive (Free 2 Go of 2 Go)
G: CD-ROM drive (Not Inserted)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyGames: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified =>Hijacker.Application
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: 38 Scanned in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 06:30:54.) -- C:\Windows\Explorer.exe [2616320]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.C46904F2E9E121A91DDDABB48D7648C3] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.13/03/2015 - 03:20:28.) -- C:\Windows\System32\wininet.dll [1888256]
[MD5.52449FD429D6053B78AE564DEF303870] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.17/07/2014 - 02:39:27.) -- C:\Windows\System32\Winlogon.exe [304128]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 13:21:24.) -- C:\Windows\System32\sppcomapi.dll [193536]
[MD5.D0B388DA1D111A34366E04EB4A5DD156] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.30/05/2014 - 07:36:07.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 09:38:10.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 09:42:32.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 10:59:29.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 00:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:17:22.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 09:39:44.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.C8DFF8D07755A66C7A4A738930F0FEAC] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.24/01/2014 - 03:18:22.) -- C:\Windows\system32\Drivers\ntfs.sys [1212352]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 00:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/07/2009 - 00:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.B973FCFC50DC1434E1970A146F7E3885] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.20/11/2010 - 11:24:46.) -- C:\Windows\system32\Drivers\rdpdr.sys [133632]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 00:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.7FE680A3DFA421C4A8E4879AE4C5AAB0] - (.Microsoft Corporation - TDI Translation Driver.) (.11/11/2014 - 02:32:14.) -- C:\Windows\system32\Drivers\tdx.sys [74752]
[MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 13:30:16.) -- C:\Windows\system32\Drivers\volsnap.sys [245632]
~ Generic Processes: Scanned in 00mn 01s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/436
~ Mes musiques (My Musics) : 1/583
~ Mes Videos (My Videos) : 1/12
~ Mes Favoris (My Favorites) : 1/46
~ Mes Documents (My Documents) : 3/5452
~ Mon Bureau (My Desktop) : 2/8170
~ Menu demarrer (Programs) : 1/26
~ Hidden Files: Scanned in 00mn 31s



---\\ Processus lancés
[MD5.3C13F26A4766752314A5413038BD86B4] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- D:\Program Files\Malwarebytes Anti-Malware\mbam.exe [7229752] [PID.5952]
[MD5.423D3D1F049CA9AC89AA6E30804A98CD] - (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray.exe [495708] [PID.5260]
[MD5.36D602F19419B84F31807EB438CD8A93] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [171032] [PID.5504]
[MD5.1754B50F15E856B90B6AF0C1ED183A85] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [170520] [PID.2012]
[MD5.1FC71A719B45A6A90BAFE2387EA07984] - (.Pas de propriétaire - HSDPALauncher MFC Application.) -- C:\Program Files\HSPA USB Modem\HSPALauncher.exe [233472] [PID.5668]
[MD5.F4A755E3A99F4F2324FC2138D30F01B4] - (.LogMeIn Inc. - Hamachi Client Application.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [3978600] [PID.6016]
[MD5.B18DD75D9A482A56A1E61D8512EB4206] - (.DigitalPersona, Inc. - DigitalPersona Local Agent.) -- C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe [634192] [PID.4588]
[MD5.BF93DA78B62A4F13D631657EE2FDCEBD] - (.Salaat Time - www.salaattime.com - Salaat Time is a multi-function Islamic fre.) -- C:\Program Files\Salaat Time\SalaatTime.exe [15376384] [PID.4864]
[MD5.BCDBA189B917C4F5C2E9F1F0EC2EB2A2] - (.Broadcom Corporation. - Bluetooth Tray Application.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [795936] [PID.5404]
[MD5.3D558E2572EDF52FAD098AF2534B4E20] - (.McAfee, Inc. - McAfee Security Scanner Scheduler.) -- C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe [279456] [PID.4436]
[MD5.C7D6234A39B7F5237006AF5A0B305D32] - (.Broadcom Corporation. - Bluetooth Stack COM Server.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe [2360608] [PID.4188]
[MD5.B3581F426DC500A51091CDD5BACF0454] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [815288] [PID.3144]
[MD5.3BAE1445A43835CEEC3B8548578EB08A] - (.McAfee, Inc. - SiteAdvisor.) -- C:\Program Files\McAfee\SiteAdvisor\saUI.exe [1212112] [PID.1920]
[MD5.E8B7FD67DA14A7BE57A5CB80E3139E60] - (.Google Inc. - Google Toolbar Broker.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe [309704] [PID.5900]
[MD5.7E6B4AD487ED241D8224108E8E86A351] - (.Adobe Systems Incorporated - Adobe® Flash® Player Installer/Uninstaller.) -- C:\windows\system32\Macromed\Flash\FlashUtil32_17_0_0_169_ActiveX.exe [927920] [PID.6392]
[MD5.2C009C50C0EE073EC0F993698CDB6C92] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8198656] [PID.6160]
~ Processes Running: Scanned in 00mn 01s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\MIZI Yacine\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] None

---\\ Liste des dossiers d'extension Google Chrome
G2 - EXT: C:\Users\MIZI Yacine\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [Google Voice Search Hotword (Beta)]
G2 - EXT: C:\Users\MIZI Yacine\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [SiteAdvisor]
G2 - EXT: C:\Users\MIZI Yacine\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [__MSG_APP_NAME__]
~ Google Lines Browser: 7 Scanned in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
M2 - MFEP: RegExtension {e4f94d1e-2f53-401e-8885-681602c0ddd8} . (...) -- C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
M0 - MFSP: prefs.js [MIZI Yacine - ssgf1vb4.default-1416367533829] http://mizi.no-ip.org
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 11.0.10.) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin6.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin7.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\windows\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll
P2 - FPN: [HKLM] [@java.com/DTPlugin,version=10.71.2] - (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Oracle Corporation - Next Generation Java Plug-in 10.71.2 for Mozilla browsers.) -- C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=10.71.2] - (.Oracle Corporation - Next Generation Java Plug-in 10.71.2 for Mozilla browsers.) -- C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.30514.0.) -- c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3502.0922] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3508.1109] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.1.0] - (.VideoLAN - VLC media player Web Plugin 2.1.3.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll =>.VideoLAN
P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.1.2] - (.VideoLAN - VLC media player Web Plugin 2.1.3.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll =>.VideoLAN
P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.1.5] - (.VideoLAN - VLC media player Web Plugin 2.1.3.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll =>.VideoLAN
P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 11.0.10.) -- C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
~ Firefox Browser: 31 Scanned in 00mn 01s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dz
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = preserve
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 11.0.10.) (No version) -- (.not file.)
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
~ IE Browser: 12 Scanned in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
O1 - Hosts: 25.200.201.226 server-db
O1 - Hosts: 25.73.7.223 server-db-mizi
O1 - Hosts: 25.34.61.29 server-db-bio
~ Nombre lignes détournées 3/26 (Hosts file redirected)
~ Hosts File: Scanned in 00mn 00s



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} . (.McAfee, Inc. - Quick Browser Identifier for MSS+ Tool.) -- C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} . (.Hewlett-Packard - File Sanitizer for HP ProtectTools.) -- C:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: HP ProtectTools Security Manager Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} . (.DigitalPersona, Inc. - DigitalPersona OTS Feedback component.) -- C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} . (.Microsoft Corporation - Windows Live Messenger Companion Core.) -- C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} . (.McAfee, Inc. - SiteAdvisor.) -- C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} . (.Hewlett-Packard - HP Network Check IE Plug-in.) -- C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
~ BHO: 20 Scanned in 00mn 01s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: McAfee SiteAdvisor Toolbar - [HKLM]{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} . (.McAfee, Inc. - SiteAdvisor.) -- C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll
O3 - Toolbar: Google Toolbar - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{21FA44EF-376D-4D53-9B0F-8A89D3229068} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{47833539-D0C5-4125-9FA8-0819E2EAAC93} Clé orpheline
~ Toolbar: Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\QuickLaunch [MIZI Yacine]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\MIZI Yacine\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Global Startup: 1 Scanned in 00mn 09s



---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- C:\Program Files\Microsoft Security Client\msseces.exe
O4 - HKLM\..\Run: [SysTrayApp] . (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [HSPALauncher] . (.Pas de propriétaire - HSDPALauncher MFC Application.) -- C:\Program Files\HSPA USB Modem\HSPALauncher.exe
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] . (.LogMeIn Inc. - Hamachi Client Application.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
O4 - HKCU\..\Run: [HPADVISOR] . (.Hewlett-Packard - HP Advisor.) -- C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
O4 - HKCU\..\Run: [ccleaner] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe =>.Piriform Ltd
O4 - HKCU\..\Run: [SalaatTime] . (.Salaat Time - www.salaattime.com - Salaat Time is a multi-function Islamic fre.) -- C:\Program Files\Salaat Time\SalaatTime.exe
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\MIZI Yacine\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-4109991188-1815089142-2490107785-1002\..\Run: [HPADVISOR] . (.Hewlett-Packard - HP Advisor.) -- C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
O4 - HKUS\S-1-5-21-4109991188-1815089142-2490107785-1002\..\Run: [ccleaner] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe =>.Piriform Ltd
O4 - HKUS\S-1-5-21-4109991188-1815089142-2490107785-1002\..\Run: [SalaatTime] . (.Salaat Time - www.salaattime.com - Salaat Time is a multi-function Islamic fre.) -- C:\Program Files\Salaat Time\SalaatTime.exe
O4 - HKUS\S-1-5-21-4109991188-1815089142-2490107785-1002\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-21-4109991188-1815089142-2490107785-1002\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-4109991188-1815089142-2490107785-1002\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\MIZI Yacine\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Application: Scanned in 00mn 00s



---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} . (.Microsoft Corporation - Windows Live Messenger Companion core resources.) -- C:\Program Files\Windows Live\Companion\companionres.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} . (...) -- C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\Resources\Icons\HP.ico
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} . (...) -- C:\Program Files\WIDCOMM\Bluetooth Software\bt_hot_icon.ico
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\windows\system32\wshbth.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll =>.Microsoft Corporation
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll =>.Microsoft Corporation
O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\windows\system32\mswsock.dll =>.Microsoft Corporation
O10 - WLSP:\000000000009\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\windows\system32\winrnr.dll
~ Winsock: 9 Scanned in 00mn 00s



---\\ Site dans la Zone de confiance d'Internet Explorer (O15)
O15 - Trusted Zone: [HKLM\...\EscDomains\www] http.mcafeeasap.com
~ IE Zone Confiance: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{6E3851DC-4BDB-4E20-9FE2-65F6AFAF9EE8}: DhcpNameServer = 192.168.21.10
O17 - HKLM\System\CS1\Services\Tcpip\..\{6E3851DC-4BDB-4E20-9FE2-65F6AFAF9EE8}: DhcpNameServer = 192.168.21.10
O17 - HKLM\System\CS2\Services\Tcpip\..\{6E3851DC-4BDB-4E20-9FE2-65F6AFAF9EE8}: DhcpNameServer = 192.168.21.10
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.21.10
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: DeviceNP . (.Hewlett-Packard Limited - Pas de description.) -- C:\Windows\System32\DeviceNP.dll
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ SSODL: 1 Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) . (.Andrea Electronics Corporation - Andrea filters APO access service (32-bit).) - C:\Program Files\IDT\WDM\aestsrv.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) . (.LSI Corporation - LSI Soft Modem Call Progress Service.) - C:\Program Files\LSI SoftModem\agrsmsvc.exe
O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bluetooth Service (btwdins) . (.Broadcom Corporation. - Bluetooth Support Server.) - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Canon Driver Information Assist Service (Canon Driver Information Assist Service) . (.CANON INC. - Driver Information Assist Core Module.) - C:\Program Files\Canon\DIAS\CnxDIAS.exe
O23 - Service: (DpHost) . (.DigitalPersona, Inc. - DigitalPersona Local Host.) - C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe =>.Google Inc
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) . (.LogMeIn Inc. - Hamachi Client Tunneling Engine.) - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: HP Power Assistant Service (HP Power Assistant Service) . (.Hewlett-Packard Company - HPPA_Service.) - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
O23 - Service: HP ProtectTools Service (HP ProtectTools Service) . (.Hewlett-Packard Development Company, L.P - PTChangeFilterService.) - C:\Program Files\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
O23 - Service: HP Support Assistant Service (HP Support Assistant Service) . (.Hewlett-Packard Company - HP Support Assistant Service.) - C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe =>.Hewlett-Packard Co
O23 - Service: HP Wireless Assistant Service (HP Wireless Assistant Service) . (.Hewlett-Packard Company - HPPA_Service.) - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
O23 - Service: HP DayStarter Service (HPDayStarterService) . (.Hewlett-Packard Company - HP DayStarter service.) - c:\Program Files\Hewlett-Packard\HP QuickLook\HPDayStarterService.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) . (.Hewlett-Packard Company - HP Quick Synchronization Service.) - C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: Drive Encryption Service (HpFkCryptService) . (.McAfee, Inc. - Drive Encryption for HP ProtectTools Servic.) - C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
O23 - Service: File Sanitizer for HP ProtectTools (HPFSService) . (.Hewlett-Packard - HPFSService Application.) - C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: HP Hotkey Monitor (hpHotkeyMonitor) . (.Hewlett-Packard Company - hpHotkeyMonitor Service.) - C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
O23 - Service: HP Service (hpsrv) . (.Hewlett-Packard Company - HpService.) - C:\Windows\System32\Hpservice.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) . (.Intel Corporation - RAID Monitor.) - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) . (.Hewlett-Packard Company - LightScribe Service.) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LMIGuardianSvc (LMIGuardianSvc) . (.LogMeIn, Inc. - LMIGuardianSvc.) - C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation - Local Manageability Service.) - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: (MBAMScheduler) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - D:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - D:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: McAfee SiteAdvisor Service (McAfee SiteAdvisor Service) . (.McAfee, Inc. - SiteAdvisor.) - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: Portrait Displays SDK Service (PdiService) . (.Portrait Displays, Inc. - pdisrvc.) - C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) . (.Protexis Inc. - PsiService PsiService.) - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: C:\Windows\System32\stlang.dll (STacSV) . (.IDT, Inc. - IDT PC Audio.) - C:\Program Files\IDT\WDM\STacSV.exe
O23 - Service: ArcCapture (uArcCapture) . (.ArcSoft, Inc. - ArcVCapture.) - C:\windows\system32\uArcCapture.exe
O23 - Service: Intel(R) Management & Security Application User Notificatio (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) . (.Validity Sensors, Inc. - Validity Sensors Fingerprint Service.) - C:\windows\system32\vcsFPService.exe
~ Services: 33 Scanned in 00mn 21s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s



---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
[MD5.3E04F1E482357B1FC8B088197C3D9FF8] [APT] [Adobe Acrobat Update Task] (.Adobe Systems Incorporated.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152]
[MD5.B04A4810C6CC205F9DC72DC22E4AB236] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [268464]
[MD5.4999625054FFA2AFFCAFD085C1218307] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [3611416]
[MD5.51508F0C2476177E50C31B0BBFBF1BDB] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [107912]
[MD5.51508F0C2476177E50C31B0BBFBF1BDB] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [107912]
[MD5.00000000000000000000000000000000] [APT] [iMeshNAG] (...) -- C:\Users\MIZI Yacine\AppData\Local\Temp\iMesh_setup.exe (.not file.) [0] =>PUP.iMesh
[MD5.C80E8FBCE9CCD83F2BA7C952A982DD0B] [APT] [{873B4149-DB38-46D7-8598-4BBD243C05ED}] (.Hewlett-Packard Company.) -- C:\swsetup\AppInstl\HPSoftwareSetup.exe [898616]
[MD5.00000000000000000000000000000000] [APT] [{9CEFE3C6-0AB7-462B-9FAC-BE655FE5FC98}] (...) -- H:\Software Offer.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{A1B30B2B-513F-4961-9CA4-75A21D2E20B2}] (...) -- C:\Program Files\McAfee\MANAGE~1\Agent\myinx.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{EA02CF60-0864-44A6-B8BF-E9C02FD80013}] (...) -- C:\Users\MIZI Yacine\Desktop\Setup.exe (.not file.) [0]
[MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [561984]
[MD5.E1A81F436A8C8492562C9E39D73A7569] [APT] [Canon OIP Product Extended Survey Program] (.CANON INC..) -- C:\Program Files\Canon\OIPPESP\Cnpspcnt.exe [1257160]
[MD5.3E53CC4591B043C8D42FB3D771D55FCE] [APT] [HP Support Assistant Quick Start] (.Hewlett-Packard Company.) -- C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [542008]
[MD5.3E53CC4591B043C8D42FB3D771D55FCE] [APT] [PC Health Analysis] (.Hewlett-Packard Company.) -- C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [542008]
[MD5.3E53CC4591B043C8D42FB3D771D55FCE] [APT] [PC Health Analysis Restart] (.Hewlett-Packard Company.) -- C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [542008]
[MD5.3E53CC4591B043C8D42FB3D771D55FCE] [APT] [PC Tuneup] (.Hewlett-Packard Company.) -- C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [542008]
[MD5.16F1F09240540D9409DA192839C9D786] [APT] [Update Check] (.Hewlett-Packard Company.) -- C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [630584]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\Tasks\Adobe Flash Player Updater.job [1002]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [1002]
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [1054]
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1054]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [1058]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1058]
O39 - APT: iMeshNAG - (...) -- C:\Windows\Tasks\iMeshNAG.job [310] =>Hijacker.iHaveNet
O39 - APT: iMeshNAG - (...) -- C:\Windows\System32\Tasks\iMeshNAG [310] =>PUP.iMesh
~ Scheduled Task: 23 Scanned in 00mn 11s



---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Microsoft VM - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Microsoft Corporation - Microsoft® VM.) -- C:\windows\system32\msjava.dll
O40 - ASIC: LightScribe Control Panel - {10880D85-AAD9-4558-ABDC-2AB1552D831F} . (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Common Files\LightScribe\LSRunOnce.exe
O40 - ASIC: Microsoft Windows Media Player 12.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Disable SSL3 - {7D715857-A67C-4C2F-A929-038448584D63} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\windows\System32\ie4uinit.exe
O40 - ASIC: Windows Desktop Update - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
O40 - ASIC: Google Chrome - {8A69D345-D564-463c-AFF1-A69D9E530F96} . (.Google Inc. - Google Chrome Installer.) -- C:\Program Files\Google\Chrome\Application\42.0.2311.90\Installer\chrmstp.exe
O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11CF-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 17.0 r0.) -- C:\windows\system32\Macromed\Flash\Flash32_17_0_0_169.ocx
~ Active Setup: 14 Scanned in 00mn 00s



---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\DRIVERS\blbdrive.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\System32\cscsvc.dll (CSC) . (.Microsoft Corporation - Windows Client Side Caching Driver.) - C:\Windows\System32\drivers\csc.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: (mbamchameleon) . (.Malwarebytes Corporation - Malwarebytes Chameleon Protection Driver.) - C:\windows\system32\drivers\mbamchameleon.sys
O41 - Driver: McAfee Inc. mfetdik (mfetdik) . (.McAfee, Inc. - Anti-Virus Mini-Firewall Driver.) - C:\Windows\System32\drivers\mfetdik.sys
O41 - Driver: (MpKslbc911b9b) . (...) - C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{5681CAE9-0575-4588-B577-48683EB0CCD4}\MpKslbc911b9b.sys
O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (vpcnfltr) . (.Microsoft Corporation - Virtual PC Network Filter Driver.) - C:\Windows\System32\DRIVERS\vpcnfltr.sys
O41 - Driver: C:\Windows\System32\drivers\vpcvmm.sys (vpcvmm) . (.Microsoft Corporation - Moniteur d'ordinateur virtuel Virtual PC.) - C:\Windows\System32\drivers\vpcvmm.sys
O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys
~ Drivers: 78 Scanned in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: Adobe Flash Player 17 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 17 NPAPI - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player NPAPI
O42 - Logiciel: Adobe Reader XI (11.0.10) - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AB0000000001}
O42 - Logiciel: Adobe Refresh Manager - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-0804-1033-1959-001802114130}
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {F5266D28-E0B2-4130-BFC5-EE155AD514DC}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {C23CD6DA-1958-43A5-ADD0-59396572E02E}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} =>.Apple Inc
O42 - Logiciel: ArcSoft TotalMedia - (.ArcSoft.) [HKLM] -- ArcSoft TotalMedia
O42 - Logiciel: ArcSoft TotalMedia - (.ArcSoft.) [HKLM] -- {4F765E00-EE1C-4392-93B4-54310358F41A}
O42 - Logiciel: ArcSoft Webcam Sharing Manager - (.ArcSoft.) [HKLM] -- {190A7D93-3823-439C-91B9-ADCE3EC2A6A2}
O42 - Logiciel: Atheros Driver Installation Program - (.Atheros.) [HKLM] -- {C3A32068-8AB1-4327-BB16-BED9C6219DC7}
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: Canon LBP2900 - (...) [HKLM] -- Canon LBP2900
O42 - Logiciel: Canon Laser Printer/Scanner/Fax Extended Survey Program - (.CANON INC..) [HKLM] -- Canon Laser Printer/Scanner/Fax Extended Survey Program
O42 - Logiciel: Canon Laser Printer/Scanner/Fax Extended Survey Program - (.CANON INC..) [HKLM] -- {4D7B6C53-B3E7-4D93-B27C-B7A50A9627C9}
O42 - Logiciel: Canon MF Toolbox 4.9.1.1.mf15 - (.CANON INC..) [HKLM] -- {6767DFEE-8909-453A-B553-C7693912B2EB}
O42 - Logiciel: Canon MF3010 - (.CANON INC..) [HKLM] -- {A97F4E18-3053-4652-B763-9A40AE2B1EE5}
O42 - Logiciel: Complément Messenger - (.Microsoft Corporation.) [HKLM] -- {6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}
O42 - Logiciel: Corel Home Office - (.Corel Corporation.) [HKLM] -- _{36C95AD3-D330-4BAA-884A-9F3EFD15A5EA}
O42 - Logiciel: Corel Home Office - (.Corel Corporation.) [HKLM] -- {36C95AD3-D330-4BAA-884A-9F3EFD15A5EA}
O42 - Logiciel: Corel Home Office - (.Corel Corporation.) [HKLM] -- {670234D0-42BE-493E-B3EB-6B5275530461}
O42 - Logiciel: Corel Home Office - CS Templates - (.????.) [HKLM] -- {1A1E33D2-9824-454A-B8CB-50072118635A}
O42 - Logiciel: Corel Home Office - CT Templates - (.??????.) [HKLM] -- {26D19512-874B-4EDA-B7F1-779850B2AD5A}
O42 - Logiciel: Corel Home Office - IPM - (.Corel Corporation.) [HKLM] -- {39FE455F-9478-451B-9420-73C15143DF8E}
O42 - Logiciel: Corel Home Office - JP Templates - (.???.) [HKLM] -- {1D11E96F-0405-4B99-8356-5750B1D9FAE9}
O42 - Logiciel: Corel Home Office - KR Templates - (.???.) [HKLM] -- {5746E4F9-77C6-47E8-A737-A5975A57B4AA}
O42 - Logiciel: Corel Home Office - Launcher - (.Corel Corporation.) [HKLM] -- {E74EA3B1-7192-489D-9A57-0AE918FEC001}
O42 - Logiciel: Corel Home Office - Templates RU - (.???????? ???????????.) [HKLM] -- {F45048A1-12C4-4B08-A3EB-32D88033368A}
O42 - Logiciel: Corel Home Office - Templates1 - (.Your Company Name.) [HKLM] -- {5017D60D-C0A5-4CC8-8D2F-0BDA1ADF39D0}
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: Defraggler - (.Piriform.) [HKLM] -- Defraggler
O42 - Logiciel: Device Access Manager for HP ProtectTools - (.Hewlett-Packard.) [HKLM] -- {55B52830-024A-443E-AF61-61E1E71AFA1B}
O42 - Logiciel: Drive Encryption for HP ProtectTools - (.Hewlett-Packard.) [HKLM] -- Drive Encryption
O42 - Logiciel: Face Recognition for HP ProtectTools - (.Hewlett-Packard.) [HKLM] -- {E793990C-90BE-4B69-AC29-BF5E8FD4ED54}
O42 - Logiciel: File Sanitizer For HP ProtectTools - (.Hewlett-Packard.) [HKLM] -- {6D6ADF03-B257-4EA5-BBC1-1D145AF8D514}
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {18455581-E099-4BA8-BC6B-F34B2F06600C}
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: HP 3D DriveGuard - (.Hewlett-Packard.) [HKLM] -- {67C090D6-109A-47D7-8DED-4160C4D96F32}
O42 - Logiciel: HP Advisor - (.Hewlett-Packard.) [HKLM] -- {40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}
O42 - Logiciel: HP Customer Experience Enhancements - (.Hewlett-Packard.) [HKLM] -- {07FA4960-B038-49EB-891B-9F95930AA544}
O42 - Logiciel: HP ESU for Microsoft Windows 7 - (.Hewlett-Packard Company.) [HKLM] -- {871732B3-1EE5-4C54-8462-8BFF516880B7}
O42 - Logiciel: HP HotKey Support - (.Hewlett-Packard Company.) [HKLM] -- {0497B553-0E3F-4CCD-BE13-E28F1A54B318}
O42 - Logiciel: HP Integrated Module with Bluetooth wireless technology - (.Broadcom Corporation.) [HKLM] -- {9E9D49A4-1DF4-4138-B7DB-5D87A893088E}
O42 - Logiciel: HP Power Assistant - (.Hewlett-Packard Company.) [HKLM] -- {F79012AC-A56B-45D2-B677-5A75345F1A76}
O42 - Logiciel: HP Power Data - (.Hewlett-Packard Company.) [HKLM] -- {79306E28-8621-44F2-BC15-99B7E21CF2C6}
O42 - Logiciel: HP ProtectTools Security Manager - (.Hewlett-Packard Company.) [HKLM] -- HPProtectTools
O42 - Logiciel: HP ProtectTools Security Manager - (.Hewlett-Packard Company.) [HKLM] -- {BE3AD89B-F9B2-4E22-8FAB-BCF63190ABCD}
O42 - Logiciel: HP QuickLook - (.Hewlett-Packard.) [HKLM] -- {8B49BD5E-C896-4F65-95DC-3F84424226E8}
O42 - Logiciel: HP QuickWeb - (.DeviceVM, Inc..) [HKLM] -- {7861911B-4270-498A-8F7A-FCF0570F48BB}
O42 - Logiciel: HP Setup - (.Hewlett-Packard.) [HKLM] -- {1E6219D4-027E-47EE-AB83-DD2F26E31A32}
O42 - Logiciel: HP SoftPaq Download Manager - (.Hewlett-Packard Company.) [HKLM] -- {2DA697D7-FED3-4DE2-A174-92A2A12F9688}
O42 - Logiciel: HP Software Framework - (.Hewlett-Packard Company.) [HKLM] -- {2712DAD6-C1F7-4295-B06E-17D6DC62EC20}
O42 - Logiciel: HP Software Setup - (.Hewlett-Packard Company.) [HKLM] -- {04801E42-B1A6-4C52-9F3D-CADB5A050433} =>.Hewlett-Packard Co
O42 - Logiciel: HP Support Assistant - (.Hewlett-Packard Company.) [HKLM] -- {E35A3B13-78CD-4967-8AC8-AA9FDA693EDE} =>.Hewlett-Packard Co
O42 - Logiciel: HP User Guides 0189 - (.Hewlett-Packard.) [HKLM] -- {3BDB9B89-56B5-4953-B052-AEB75FCBFC93}
O42 - Logiciel: HP Wallpaper - (.Hewlett-Packard Company.) [HKLM] -- {F173C2B3-296F-458C-98FF-1676A42EBA02}
O42 - Logiciel: HP Webcam Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}
O42 - Logiciel: HP Wireless Assistant - (.Hewlett-Packard.) [HKLM] -- {48EE0E00-86DE-47A5-8D00-B5D72A70BCCD}
O42 - Logiciel: HSPA USB Modem - (.Nom de votre société.) [HKLM] -- InstallShield_{AFE2039C-010F-4EA1-9A0E-F2D7293F68E9}
O42 - Logiciel: HSPA USB Modem - (.Nom de votre société.) [HKLM] -- {AFE2039C-010F-4EA1-9A0E-F2D7293F68E9}
O42 - Logiciel: Hewlett-Packard ACLM.NET v1.2.2.3 - (.Hewlett-Packard Company.) [HKLM] -- {6F340107-F9AA-47C6-B54C-C3A19F11553F}
O42 - Logiciel: IDT Audio - (.IDT.) [HKLM] -- {E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}
O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver - (.Intel Corporation.) [HKLM] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A}
O42 - Logiciel: Intel® Matrix Storage Manager - (.Intel Corporation.) [HKLM] -- {9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}
O42 - Logiciel: Java 7 Update 71 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F03217071FF}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
O42 - Logiciel: K-Lite Mega Codec Pack 6.4.0 - (...) [HKLM] -- KLiteCodecPack_is1
O42 - Logiciel: LSI HDA Modem - (.LSI Corporation.) [HKLM] -- LSI Soft Modem
O42 - Logiciel: LightScribe System Software - (.LightScribe.) [HKLM] -- {82EF29B1-9B60-4142-A155-0599216DD053}
O42 - Logiciel: LogMeIn Hamachi - (.LogMeIn, Inc..) [HKLM] -- LogMeIn Hamachi
O42 - Logiciel: LogMeIn Hamachi - (.LogMeIn, Inc..) [HKLM] -- {80EE9168-BB59-4F87-BF1A-57C137EAF714}
O42 - Logiciel: Logiciel d'archivage WinRAR - (...) [HKLM] -- WinRAR archiver
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: Malwarebytes Anti-Malware version 2.0.4.1028 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes Anti-Malware_is1
O42 - Logiciel: McAfee Security Scan Plus - (.McAfee, Inc..) [HKLM] -- McAfee Security Scan
O42 - Logiciel: Mesh Runtime - (.Microsoft Corporation.) [HKLM] -- {8C6D6116-B724-4810-8F2D-D047E6B7D68E}
O42 - Logiciel: Microsoft Antimalware Service FR-FR Language Pack - (.Microsoft Corporation.) [HKLM] -- {32E9C1A5-0FDA-4483-987D-DBABF9CC1DD8}
O42 - Logiciel: Microsoft Security Client - (.Microsoft Corporation.) [HKLM] -- {D6F9CBDC-58B6-430A-8DD4-8F61CBC1ADF4}
O42 - Logiciel: Microsoft Security Client FR-FR Language Pack - (.Microsoft Corporation.) [HKLM] -- {50779A29-834E-4E36-BBEB-B7CABC67A825}
O42 - Logiciel: Microsoft Security Essentials - (.Microsoft Corporation.) [HKLM] -- Microsoft Security Client
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Mozilla Firefox 37.0.1 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 37.0.1 (x86 fr)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService
O42 - Logiciel: Norton Online Backup - (.Symantec.) [HKLM] -- {C57BCDE1-7CB9-467D-B3BA-7E119916CDC1} =>.Symantec Corporation
O42 - Logiciel: Pre-Boot Security for HP ProtectTools - (.Hewlett-Packard.) [HKLM] -- {3513DD3C-7680-4C7C-BF18-BA375D5F4132}
O42 - Logiciel: Privacy Manager for HP ProtectTools - (.Hewlett-Packard.) [HKLM] -- {142D2DFA-1FB7-41B9-8509-DAB5F3978CE4}
O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}
O42 - Logiciel: Realtek Ethernet Controller All-In-One Windows Driver - (.Realtek.) [HKLM] -- {F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}
O42 - Logiciel: Realtek USB 2.0 Card Reader - (.Realtek Semiconductor Corp..) [HKLM] -- {96AE7E41-E34E-47D0-AC07-1091A8127911}
O42 - Logiciel: Recuva - (.Piriform.) [HKLM] -- Recuva
O42 - Logiciel: SAMSUNG CDMA Modem Driver Set - (...) [HKLM] -- SAMSUNG CDMA Modem
O42 - Logiciel: SAMSUNG Mobile USB Modem 1.0 Software - (...) [HKLM] -- SAMSUNG Mobile USB Modem 1.0
O42 - Logiciel: SAMSUNG Mobile USB Modem Software - (...) [HKLM] -- SAMSUNG Mobile USB Modem
O42 - Logiciel: SDK - (.Portrait Displays, Inc..) [HKLM] -- {0DEA342C-15CB-4F52-97B6-06A9C4B9C06F}
O42 - Logiciel: Salaat Time 2.1 - (.Salaat Time.) [HKLM] -- {F993F285-0F98-4E13-9421-41DB36806EE3}
O42 - Logiciel: Samsung PC Studio 3 USB Driver Installer - (.Samsung Electronics Co., Ltd..) [HKLM] -- {EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}
O42 - Logiciel: SiteAdvisor - (.McAfee, Inc..) [HKLM] -- {35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}
O42 - Logiciel: Skype(TM) 7.0 - (.Skype Technologies S.A..) [HKLM] -- {24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM] -- SynTPDeinstKey
O42 - Logiciel: Theft Recovery - (.Hewlett-Packard.) [HKLM] -- InstallShield_{33C9F24B-1D92-4632-A915-81E3BB1D5D6B}
O42 - Logiciel: Theft Recovery - (.Hewlett-Packard.) [HKLM] -- {33C9F24B-1D92-4632-A915-81E3BB1D5D6B}
O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM] -- VLC media player =>.VideoLAN
O42 - Logiciel: Validity Fingerprint Driver - (.Validity Sensors, Inc..) [HKLM] -- {78365FC6-09CA-4AC3-BC01-70FB46596047}
O42 - Logiciel: WinDjView 1.0.3 - (.Andrew Zhezherun.) [HKLM] -- WinDjView
O42 - Logiciel: Windows 7 Default Setting - (.Hewlett-Packard Company.) [HKLM] -- {5BF8E079-D6E2-4323-B794-75152371122A}
O42 - Logiciel: Windows Driver Package - Broadcom Bluetooth (06/15/2009 6.2.0.9000) - (.Broadcom.) [HKLM] -- B7541EC5F72AA713F557569278EB6273725F5607
O42 - Logiciel: Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405) - (.Broadcom.) [HKLM] -- A6A8668C0A13640CA28FE2A7D9654BE4AE478B13
O42 - Logiciel: Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) - (.Broadcom.) [HKLM] -- BF20603967CFDCB2BBF91950E8A56DFBC5C833FE
O42 - Logiciel: Wise Disk Cleaner 8.43 - (.WiseCleaner.com, Inc..) [HKLM] -- Wise Disk Cleaner_is1
O42 - Logiciel: doPDF 7.1 printer - (.Softland.) [HKLM] -- doPDF 7 printer_is1
O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU] -- uTorrent =>P2P.BitTorrent
~ Logic: 53 Scanned in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\Ability 5.0]
[HKCU\Software\Adobe]
[HKCU\Software\Alcohol Soft]
[HKCU\Software\Andrew Zhezherun]
[HKCU\Software\AppDataLow\Software\DigitalPersona]
[HKCU\Software\AppDataLow\Software\JavaSoft]
[HKCU\Software\AppDataLow\Software\Smartbar] =>Hijacker.SmartBar
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\ArcSoft]
[HKCU\Software\BearShare] =>PUP.BearShare
[HKCU\Software\BitTorrent] =>P2P.BitTorrent
[HKCU\Software\BugSplat]
[HKCU\Software\Canon]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\DT Soft]
[HKCU\Software\DigitalPersona]
[HKCU\Software\DivXNetworks]
[HKCU\Software\FileOpen]
[HKCU\Software\GNU]
[HKCU\Software\Gabest]
[HKCU\Software\Google]
[HKCU\Software\Haali]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\HookNetwork]
[HKCU\Software\IDT]
[HKCU\Software\IM Providers]
[HKCU\Software\Intel]
[HKCU\Software\JavaSoft]
[HKCU\Software\Leadertech]
[HKCU\Software\LightScribe]
[HKCU\Software\MONOGRAM]
[HKCU\Software\Macromedia]
[HKCU\Software\Macrovision]
[HKCU\Software\Magnet]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\McAfee]
[HKCU\Software\MediaInfo]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\NITRO]
[HKCU\Software\Nero]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\Portrait Displays]
[HKCU\Software\Salaat Time]
[HKCU\Software\Skype]
[HKCU\Software\Softland]
[HKCU\Software\Synaptics]
[HKCU\Software\TeamViewer]
[HKCU\Software\TeleCharger]
[HKCU\Software\Trolltech]
[HKCU\Software\VMware, Inc.]
[HKCU\Software\Widcomm]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\Windows Live Writer]
[HKCU\Software\ZebHelpProcess Helper]
[HKCU\Software\kde.org]
[HKCU\Software\madFlac]
[HKCU\Software\sYk0]
[HKLM\Software\ATI Technologies]
[HKLM\Software\Ability 5.0]
[HKLM\Software\Adobe]
[HKLM\Software\AdwCleaner]
[HKLM\Software\Agere]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\ArcSoft]
[HKLM\Software\Atheros]
[HKLM\Software\Bunndle]
[HKLM\Software\CANON]
[HKLM\Software\Caphyon]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Codec Tweak Tool]
[HKLM\Software\Cogent Inc.]
[HKLM\Software\Corel]
[HKLM\Software\DT Soft]
[HKLM\Software\DVDVideoSoft]
[HKLM\Software\Digital River]
[HKLM\Software\DigitalPersona]
[HKLM\Software\DivXNetworks]
[HKLM\Software\DivX]
[HKLM\Software\GEAR Software]
[HKLM\Software\GNU]
[HKLM\Software\Gabest]
[HKLM\Software\Google]
[HKLM\Software\HPQ]
[HKLM\Software\HSPA]
[HKLM\Software\HaaliMkx]
[HKLM\Software\Hewlett-Packard Company]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\IDT]
[HKLM\Software\IM Providers]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\InterVideo]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\KLCodecPack]
[HKLM\Software\LSI]
[HKLM\Software\Licenses]
[HKLM\Software\LightScribe]
[HKLM\Software\LogMeIn, Inc.]
[HKLM\Software\LogMeInRescueCallingCard]
[HKLM\Software\MCCI]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\McAfee]
[HKLM\Software\MimarSinan]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\My Company]
[HKLM\Software\Nalpeiron]
[HKLM\Software\Nero]
[HKLM\Software\ODBC]
[HKLM\Software\PDFComplete]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\Portrait Displays, Inc.]
[HKLM\Software\Portrait Displays]
[HKLM\Software\RTLSetup]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SafeBoot International]
[HKLM\Software\Samsung Electronics Co., Ltd.]
[HKLM\Software\SiteAdvisor]
[HKLM\Software\Skype]
[HKLM\Software\Softland]
[HKLM\Software\Sonic]
[HKLM\Software\Synaptics]
[HKLM\Software\TeamViewer]
[HKLM\Software\VMware, Inc.]
[HKLM\Software\Validity]
[HKLM\Software\VideoLAN]
[HKLM\Software\Volatile]
[HKLM\Software\Widcomm]
[HKLM\Software\WinRAR]
[HKLM\Software\Windows]
[HKLM\Software\WiseCleaner]
[HKLM\Software\Wow6432Node]
[HKLM\Software\mcafeeupdater]
[HKLM\Software\mozilla.org]
~ Key Software: 320 Scanned in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 18/10/2014 - 12:35:57 - [] ----D C:\Program Files\Adobe
O43 - CFD: 17/07/2011 - 20:45:16 - [] ----D C:\Program Files\Apple Software Update =>.Apple Inc
O43 - CFD: 07/04/2010 - 13:38:23 - [] ----D C:\Program Files\Arcsoft
O43 - CFD: 07/04/2010 - 13:42:51 - [] ----D C:\Program Files\Atheros
O43 - CFD: 05/01/2015 - 18:55:31 - [] ----D C:\Program Files\Canon
O43 - CFD: 29/06/2013 - 00:09:12 - [] ----D C:\Program Files\CCleaner
O43 - CFD: 19/04/2015 - 14:51:05 - [] ----D C:\Program Files\Common Files
O43 - CFD: 02/02/2010 - 01:15:13 - [] ----D C:\Program Files\Corel Home Office
O43 - CFD: 21/12/2010 - 20:24:15 - [] ----D C:\Program Files\DAEMON Tools Lite =>.DT Soft Ltd
O43 - CFD: 02/12/2012 - 22:16:38 - [] ----D C:\Program Files\Defraggler
O43 - CFD: 07/04/2010 - 13:28:05 - [] ----D C:\Program Files\DIFX
O43 - CFD: 02/10/2010 - 22:23:33 - [] ----D C:\Program Files\DivX
O43 - CFD: 27/04/2011 - 15:26:17 - [] ----D C:\Program Files\DVD Maker
O43 - CFD: 11/04/2013 - 17:49:27 - [] ----D C:\Program Files\Google
O43 - CFD: 02/03/2014 - 16:02:57 - [] ----D C:\Program Files\Hewlett-Packard
O43 - CFD: 16/03/2014 - 22:26:27 - [] ----D C:\Program Files\HSPA USB Modem
O43 - CFD: 05/01/2013 - 19:54:15 - [] ----D C:\Program Files\IDT
O43 - CFD: 16/03/2014 - 22:26:28 - [] --H-D C:\Program Files\InstallShield Installation Information
O43 - CFD: 24/02/2014 - 23:30:24 - [] ----D C:\Program Files\Intel
O43 - CFD: 19/04/2015 - 15:09:28 - [] ----D C:\Program Files\Internet Explorer
O43 - CFD: 02/12/2014 - 10:54:43 - [] ----D C:\Program Files\Java
O43 - CFD: 28/10/2010 - 01:12:04 - [] ----D C:\Program Files\Kaspersky Lab
O43 - CFD: 31/03/2015 - 12:55:52 - [] ----D C:\Program Files\LogMeIn Hamachi
O43 - CFD: 07/04/2010 - 13:35:26 - [] ----D C:\Program Files\LSI SoftModem
O43 - CFD: 16/04/2015 - 12:44:45 - [] ----D C:\Program Files\McAfee
O43 - CFD: 18/06/2014 - 23:28:00 - [] ----D C:\Program Files\McAfee Security Scan
O43 - CFD: 29/06/2011 - 07:13:24 - [] ----D C:\Program Files\Microsoft Office
O43 - CFD: 02/02/2010 - 01:44:52 - [] ----D C:\Program Files\Microsoft Office Suite Activation Assistant
O43 - CFD: 13/02/2015 - 12:15:06 - [] ----D C:\Program Files\Microsoft Security Client
O43 - CFD: 25/07/2014 - 22:52:22 - [] ----D C:\Program Files\Microsoft Silverlight
O43 - CFD: 25/10/2010 - 21:21:08 - [] ----D C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD: 02/02/201
0
ArnaudLy6 Messages postés 4411 Date d'inscription samedi 22 mai 2010 Statut Membre Dernière intervention 13 février 2016 188
23 avril 2015 à 13:46
Le rapport ne rentre pas, il faudrait le poster sur pjjoint
0
Réponse 4 / 10
fidmais
23 avril 2015 à 14:14
Ok voici le lien:

http://pjjoint.malekal.com/files.php?id=ZHPDiag_20150423_g13v5j8u9x6

Merci.
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 10
ArnaudLy6 Messages postés 4411 Date d'inscription samedi 22 mai 2010 Statut Membre Dernière intervention 13 février 2016 188
23 avril 2015 à 14:33
Voici les étapes à suivre :

On va commencer par désinstaller McAfee Security Scan Plus, et par mettre Java à jour ...

Puis,

- Vide complètement ta corbeille
- Ensuite lance cette fois-ci ZhpFix ( Pour Vista/7/8 : clique droit et "Exécuter en tant qu'Administrateur")
- Clique sur "Importer'
- Et colle ça :




Script ZHPFix
SysRestore
FirewallRaz
EmptyPrefetch
EmptyFlash
EmptyTemp
EmptyCLSID
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified
O1 - Hosts: 25.200.201.226 server-db
O1 - Hosts: 25.73.7.223 server-db-mizi
O1 - Hosts: 25.34.61.29 server-db-bio
[MD5.00000000000000000000000000000000] [APT] [iMeshNAG] (...) -- C:\Users\MIZI Yacine\AppData\Local\Temp\iMesh_setup.exe (.not file.) [0]
O39 - APT: iMeshNAG - (...) -- C:\Windows\Tasks\iMeshNAG.job [310]
O39 - APT: iMeshNAG - (...) -- C:\Windows\System32\Tasks\iMeshNAG [310]
[HKCU\Software\AppDataLow\Software\Smartbar]
[HKCU\Software\BearShare]
C:\ProgramData\InstallMate
C:\Users\MIZI Yacine\AppData\Local\Apps
C:\Users\MIZI Yacine\AppData\Local\BearShare
[HKLM\Software\Classes\Applications\iMeshV10.exe]
C:\Windows\Tasks\iMeshNAG.job
C:\Windows\System32\Tasks\iMeshNAG








- Clique sur Go en bas à gauche
- Confirme le nettoyage
- Et accepte le "vidage de corbeille"
- Colle le rapport de nettoyage obtenu

ATTENTION : ce script ne doit pas être utilisé par un autre ordinateur
0
Réponse 6 / 10
fidmais
23 avril 2015 à 16:07
Rapport de ZHPFix 2015.4.9.5 par Nicolas Coolman, Update du 18/03/2015
Fichier d'export Registre :
Run by MIZI Yacine at 23/04/2015 15:04:55
High Elevated Privileges : OK
Windows 7 Business Edition, 32-bit Service Pack 1 (Build 7601)

Corbeille vidée (00mn 39s)
Dossier Prefetcher vidé

========== Clés du Registre ==========
SUPPRIMÉ: HKCU\Software\AppDataLow\Software\Smartbar
SUPPRIMÉ: HKCU\Software\BearShare
SUPPRIMÉ: HKLM\Software\Classes\Applications\iMeshV10.exe

========== Valeurs du Registre ==========
Aucune Valeur Standard Profile: FirewallRaz :
Aucune Valeur Domain Profile: FirewallRaz :

========== Eléments de donnée du Registre ==========
SUPPRIMÉ Explorer Association Data Application: http://www.filefacts.net/redirect.php?ext=%s

========== Dossiers ==========
SUPPRIMÉ: C:\Users\MIZI Yacine\AppData\Local\{07B5F9EA-6B5C-458D-9323-24AED30F9879}
SUPPRIMÉ: C:\Users\MIZI Yacine\AppData\Local\{0B14F7E4-2AB0-4763-BC09-F2AB0B0C7A64}
SUPPRIMÉ: C:\Users\MIZI Yacine\AppData\Local\{116283C4-6637-4587-9CAC-904EAE86C839}
SUPPRIMÉ: C:\Users\MIZI Yacine\AppData\Local\{1746153A-F9AD-4683-8833-A8FC980906DD}
SUPPRIMÉ: C:\Users\MIZI Yacine\AppData\Local\{20495DEC-42B9-4507-A810-45C3FFB3F48C}
SUPPRIMÉ: C:\Users\MIZI Yacine\AppData\Local\{27B0CD5F-8480-42F7-B87E-FAAF56F6F4E4}
SUPPRIMÉ: C:\Users\MIZI Yacine\AppData\Local\{2EEEF000-AAAA-4787-AA89-EB239E9BC7A5}
SUPPRIMÉ: C:\Users\MIZI Yacine\AppData\Local\{3C36C4FB-76F2-4557-B916-7EEB515ED4E1}
SUPPRIMÉ: C:\Users\MIZI Yacine\AppData\Local\{4151CB2F-EC17-498D-8C10-32918D1413A4}
SUPPRIMÉ: C:\Users\MIZI Yacine\AppData\Local\{527F3946-0747-4481-BDDF-5C578FCA4070}
SUPPRIMÉ: C:\Users\MIZI Yacine\AppData\Local\{7AC6E776-72D3-41B6-A4E8-A7B17DF07BAB}
SUPPRIMÉ: C:\Users\MIZI Yacine\AppData\Local\{961C14FB-B04F-4C69-916F-F51A124540D5}
SUPPRIMÉ: C:\Users\MIZI Yacine\AppData\Local\{AE896D72-1A40-4B61-9566-707A17C524F4}
SUPPRIMÉ: C:\Users\MIZI Yacine\AppData\Local\{BBF70706-C2FD-4C7E-BCEB-09F81C9D0E00}
SUPPRIMÉ: C:\Users\MIZI Yacine\AppData\Local\{CD2089A0-6B84-4760-9CEA-7481CFDFCDF4}
SUPPRIMÉ: C:\Users\MIZI Yacine\AppData\Local\{DA3C8460-AAA9-4301-A43A-9D00B2AD07E0}
SUPPRIMÉ: C:\Users\MIZI Yacine\AppData\Local\{DEB723B6-F1A2-4B1A-B7AC-8C7FE6BCF627}
SUPPRIMÉ: C:\Users\MIZI Yacine\AppData\Local\{F3B74BC7-D90A-43B2-99C0-5D0F42FC1758}
SUPPRIMÉ: C:\Users\MIZI Yacine\AppData\Local\{FA83DBCF-F70C-4622-977E-3708C5AB2D40}
SUPPRIMÉ: c:\programdata\installmate
SUPPRIMÉ: c:\users\mizi yacine\appdata\local\apps
SUPPRIMÉ: c:\users\mizi yacine\appdata\local\bearshare

========== Fichiers ==========
SUPPRIMÉS Flash Cookies (0) (0 octets)
SUPPRIMÉS Temporaires Windows (22) (3 323 133 octets)

========== Fichier HOSTS ==========
Le fichier Hosts n'est pas réparé, veuillez désactiver votre antivirus.

========== Tache planifiée ==========
SUPPRIMÉ: iMeshNAG

========== Restauration Système ==========
Point de restauration du système créé avec succès


========== Récapitulatif ==========
3 : Clés du Registre
2 : Valeurs du Registre
1 : Eléments de donnée du Registre
22 : Dossiers
2 : Fichiers
1 : Fichier HOSTS
1 : Tache planifiée
1 : Restauration Système


End of clean in 01mn 59s

========== Chemin de fichier rapport ==========
C:\Users\MIZI Yacine\AppData\Roaming\ZHP\ZHPFix[R1].txt - 23/04/2015 15:05:35 [3267]
0
ArnaudLy6 Messages postés 4411 Date d'inscription samedi 22 mai 2010 Statut Membre Dernière intervention 13 février 2016 188
23 avril 2015 à 16:12
Comment va ton Pc ?
0
Réponse 7 / 10
fidmais
23 avril 2015 à 16:41
ça va!!!

ça a l'air d'aller mieux!!!

Juste un détail:

Sur malwarebytes, je n'arrive pas à activer la protection contre les sites web malveillants??? depuis les dernières interventions

Quid?
0
ArnaudLy6 Messages postés 4411 Date d'inscription samedi 22 mai 2010 Statut Membre Dernière intervention 13 février 2016 188
23 avril 2015 à 16:44
C'est payant, c'est pour ça ;)
0
Réponse 8 / 10
fidmais
23 avril 2015 à 16:47
Ah bon???

elle était active avant!

mais je suppose qu'on poura survivre sans?
0
ArnaudLy6 Messages postés 4411 Date d'inscription samedi 22 mai 2010 Statut Membre Dernière intervention 13 février 2016 188
23 avril 2015 à 16:52
Oui, elle se désactive au bout d'un certain temps ...
0
Réponse 9 / 10
fidmais
23 avril 2015 à 16:57
Merci pour la précieuse aide!!!
0
ArnaudLy6 Messages postés 4411 Date d'inscription samedi 22 mai 2010 Statut Membre Dernière intervention 13 février 2016 188
23 avril 2015 à 16:59
Je t'en prie ;)

On supprime juste les logiciels utilisés et c'est bon :

- Télécharge DelFix
- Lance-le
- Coche Réactiver l'UAC et Supprimer les outils de désinfection
- Enfin clique sur Exécuter

Je te conseille de lire ce petit dossier pour éviter une nouvelle infection : https://www.malekal.com/adwares-pup-protection/

Si ton sujet est résolu, merci de cliquer sur Marquer comme résolu :


Merci d'avance ;)

Si tu as d'autres problèmes, n'hésite pas.

A+
0
Réponse 10 / 10
fidmais
23 avril 2015 à 17:14
a +
0

Discussions similaires

compte fb bloqué pour verification d'identité
KarolScrattNawski -
Ar168 -

14 réponses
Code de vérification inconnu
Itakk -
Xileh -

7 réponses
Vérification de l’identité du serveur impossible sur IPHONE
Yo86170 -
Pappy -

20 réponses
Quel est le délai de validation sur Le Bon coin?
Ddaavviid -
jeanbern -

1 réponse
Spam SMS : your messenger vérification code is ***
Metheor -
Radinoz -

1 réponse