Infection diverses et formatage

j'ai clicker sur analyse est ça fait rien c'est normal ?

est j'arrive pas a fermer otl pour recommencer

Ne te tracasse pas le rapport est automatiquement sauvegardé sur le bureau

j'ai cliquer sur l'icone représentant une loupe ça fait le diagnostic après plus rien je fait fait quoi ?

Tu as bien un fichier en format texte(bloc notes)?

Regarde ici => C:\ZHP\ZHPDiag.txt

en faite le fichier quand tu va dans parcourir est ce que l'image c'est le par chemin ?

Samsung n150 plus

Hello

J'attends mon rapport moi :D

Coucou scarface

Copies colle le lien de ton rapport afin que je puisse voir ce qui cloche

ok

Rapport de ZHPFix 2013.7.20.5 par Nicolas Coolman, Update du 20/07/2013
Fichier d'export Registre :
Run by Mounir at 21/07/2013 15:20:48
High Elevated Privileges : OK
Windows 7 Starter Edition, 32-bit (Build 7600)

Corbeille vidée


========== Récapitulatif ==========


End of clean in 00mn 00s

========== Chemin de fichier rapport ==========
C:\ZHP\ZHPFix[R1].txt - 21/07/2013 14:18:28 [413]
C:\ZHP\ZHPFix[R2].txt - 21/07/2013 15:20:49 [413]

Voila .

c'est bon tu la reçu ??

Bah télécharge la nouvelle version c'est une mise à jour

oui c'est entrain de diagnostiquer j'attend que ça fini

désoler mai mon pc rame .....

Rapport de ZHPDiag v2013.7.20.351 par Nicolas Coolman, Update du 21/07/2013
Run by Mounir at 21/07/2013 16:18:43
WebSite: https://nicolascoolman.webs.com/
State : Version à jour.
WhiteList : Enable
High Elevated Privileges : OK
UAC : Activate by user


---\\ Web Browser
MSIE: Internet Explorer v8.0.7600.16385
GCIE: Google Chrome v28.0.1500.72 (Defaut)

---\\ Windows Product Information
~ Langage: Français
Windows 7 Starter Edition, 32-bit (Build 7600)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : X8XG7
Windows License : OK
~ Windows Remaining Initializations Number : 3
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ System Protection
avast! Free Antivirus v6.0.1000.0
Windows Defender W7

---\\ System Optimizer

---\\ Peer To Peer (P2P)

---\\ Software Update
Adobe Flash Player 11 ActiveX
Adobe Reader 9.1 - Français
Java 7 Update 25

---\\ System Information
~ Processor: x86 Family 6 Model 28 Stepping 10, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1013 MB (12% free)
System Restore: Activé (Enable)
System drive C: has 49 GB (57%) free of 85 GB

---\\ Logged in mode
~ Computer Name: MOUNIR-PC
~ User Name: Mounir
~ All Users Names: Mounir, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\Mounir\AppData\Roaming\
~ %Desktop% : C:\Users\Mounir\Desktop\
~ %Favorites% : C:\Users\Mounir\Favorites\
~ %LocalAppData% : C:\Users\Mounir\AppData\Local\
~ %StartMenu% : C:\Users\Mounir\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 49 Go of 85 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 128 Go of 128 Go)
Q:\ Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)



---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date
~ Security Center: 26 Legitimates Filtered in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.15BC38A7492BEFE831966ADB477CF76F] - (.Microsoft Corporation - Explorateur Windows.) (.14/07/2009 - 02:14:20.) -- C:\Windows\Explorer.exe [2613248]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.0D874F3BC751CC2198AF2E6783FB8B35] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.14/07/2009 - 02:16:19.) -- C:\Windows\System32\wininet.dll [977920]
[MD5.8EC6A4AB12B8F3759E21F8E3A388F2CF] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.14/07/2009 - 02:14:45.) -- C:\Windows\System32\Winlogon.exe [285696]
[MD5.58C94EAE54BF0C5E2B80B2E5E7744D4C] - (.Microsoft Corporation - Bibliothèque de licences.) (.14/07/2009 - 02:16:15.) -- C:\Windows\System32\sppcomapi.dll [193024]
[MD5.DDC040FDB01EF1712A6B13E52AFB104C] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.14/07/2009 - 00:12:38.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BA6E70AA0E6091BC39DE29477D866A77] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.14/07/2009 - 00:11:26.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.8E09E52EE2E3CEB199EF3DD99CF9E3FB] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/07/2009 - 00:14:17.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.717A2207FD6F13AD3E664C7D5A43C7BF] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.14/07/2009 - 00:50:56.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 00:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.F4A054BE78AF7F410129C4B64B07DC9B] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.14/07/2009 - 00:14:26.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123392]
[MD5.DD52A733BF4CA5AF84562A5E2F963B91] - (.Microsoft Corporation - MBT Transport driver.) (.14/07/2009 - 00:12:21.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.3795DCD21F740EE799FB7223234215AF] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.14/07/2009 - 02:20:44.) -- C:\Windows\system32\Drivers\ntfs.sys [1210432]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 00:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/07/2009 - 00:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 00:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.CB39E896A2A83702D1737BFD402B3542] - (.Microsoft Corporation - TDI Translation Driver.) (.14/07/2009 - 00:12:11.) -- C:\Windows\system32\Drivers\tdx.sys [74240]
[MD5.58DF9D2481A56EDDE167E51B334D44FD] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.14/07/2009 - 02:19:10.) -- C:\Windows\system32\Drivers\volsnap.sys [245328]
~ Generic Processes: Scanned in 00mn 02s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/4
~ Mes musiques (My Musics) : 1/25
~ Mes Videos (My Videos) : 1/2
~ Mes Favoris (My Favorites) : 1/65
~ Mes Documents (My Documents) : 1/261
~ Mon Bureau (My Desktop) : 0/31
~ Menu demarrer (Programs) : 1/33
~ Hidden Files: Scanned in 00mn 02s



---\\ Processus lancés
[MD5.981794879E8FD26CDD6ABCFF3F3F65EF] - (...) -- C:\ProgramData\Browser Manager\2.6.1339.144\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe [3085264] [PID.428]
[MD5.59D29EF36C6712AAA8607E3484E75259] - (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [8555040] [PID.2832]
[MD5.13B671D7253F29DA148569288CECF74B] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [173592] [PID.656]
[MD5.052F402E557C9EC01B188AD56E336029] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [150552] [PID.600]
[MD5.2E9A1A6555C20424FC6DCC3AF21F4D68] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [3451496] [PID.2408]
[MD5.D63797E8E7781EE1500A810CB6194FA6] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816] [PID.2036]
[MD5.2B3DB9C9D7E206CFCF3E327709BEF3AD] - (.Intel Corporation - igfxsrvc Module.) -- C:\windows\system32\igfxsrvc.exe [252952] [PID.3124]
[MD5.055C94C8429EAB0573A31C5BF7B505B0] - (.APN - Ask Toolbar Notifier.) -- C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1541584] [PID.1972] =>Toolbar.Ask
[MD5.35539DC0BA63C39D41D88EACDF80A3D2] - (.Broadcom Corporation. - Bluetooth Tray Application.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [836896] [PID.3388]
[MD5.45B1EFC565886A8BD18232D51357B8B8] - (.Broadcom Corporation. - Bluetooth Stack COM Server.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe [2835744] [PID.3732]
[MD5.167F9E5AF87B57763DAAA27D3144C2A0] - (.SEC - Samsung Recovery Solution 4.) -- C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe [2201192] [PID.4180]
[MD5.326691EA3A6B5576A9DEFEF47AA6C327] - (.Samsung Electronics Co., Ltd. - Easy Display Manager.) -- C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe [847360] [PID.4204]
[MD5.10760383AA50CCFC7DB9B5AB0D326AAF] - (.SAMSUNG Electronics - SSCKbdHk.) -- C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe [1749504] [PID.4224]
[MD5.21E2A0921938F193F674FDA3E4287478] - (.Samsung Electronics Co., Ltd. - Smart Restarter Program.) -- C:\Program Files\Samsung\SFB\SmartRestarter.exe [2203136] [PID.4276]
[MD5.01546BF0647BA0CB253A5F38A4B8FBC4] - (.Intel Corporation - igfxext Module.) -- C:\windows\system32\igfxext.exe [173080] [PID.3088]
[MD5.5AFC1F763562C453C64B70886B460CDD] - (.Samsung Electronics Co., Ltd. - EasySpeedUpManager.) -- C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe [719360] [PID.1084]
[MD5.FCB358973491095D026BB289EA5CC75A] - (.Microsoft Corporation - Internet Low-Mic Utility Tool.) -- C:\Program Files\Internet Explorer\IELowutil.exe [115712] [PID.1880]
[MD5.CB037F03178E31BA2985ADD15879CA56] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [846288] [PID.3656]
[MD5.D8CC16D8DCC5E31ABAA2CACBC1C9B5B3] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [7742464] [PID.3108]
[MD5.6F44F5C0BC6B210FE5F5A1C8D899AD0A] - (.Microsoft Corporation - Infrastructure d'extensibilité pour les ser.) -- C:\windows\system32\WLANExt.exe [77312] [PID.1448]
[MD5.2695E3E9497BF72ABB44B5010EC5DA16] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [42184] [PID.1488]
[MD5.249A44DCFA2500EB1C020E33A3E9F25B] - (.Adobe Systems Incorporated - Adobe® Flash® Player Update Service 11.6 r6.) -- C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [163328] [PID.2020]
[MD5.DEA1D1757F8F8624E498092684B55D58] - (.APN LLC. - APN Updater.) -- C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [169632] [PID.344]
[MD5.7778C6BCAFF58C0E876B307514923A48] - (.Broadcom Corporation. - Bluetooth Support Server.) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [656672] [PID.796]
[MD5.E582B9E88EF4980C3B76276620FE667B] - (.Microsoft Corporation - Message Queuing Service.) -- C:\windows\system32\mqsvc.exe [8704] [PID.592]
[MD5.A5812F0281CA5081BF696626F9BF324D] - (.Microsoft Corporation - Microsoft Application Virtualization Virtua.) -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe [219496] [PID.2320]
[MD5.CB73BC422C07FB611F194DA18D1E7F36] - (.Microsoft Corporation - Microsoft Application Virtualization Client.) -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe [508776] [PID.2568]
[MD5.72794D112CBAFF3BC0C29BF7350D4741] - (.Microsoft Corporation - Microsoft Office Client Virtualization Serv.) -- C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.exe [822624] [PID.2872]
[MD5.4C287F9069FEDBD791178876EE9DE536] - (.Microsoft Corporation - Service de la plateforme de protection logi.) -- C:\windows\system32\sppsvc.exe [3179520] [PID.5724]
~ Processes Running: Scanned in 00mn 08s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Mounir\AppData\Local\Google\Chrome\User Data\Default\Preferences
~ Google Browser: 0 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: ActiveCollectorPlugin BHO - {07202B0D-149C-4568-90DF-ACC2B4057809} Clé orpheline
~ BHO: 8 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: (no name) - [HKLM]{99079a25-328f-4bd4-be04-00955acaa0a7} Clé orpheline
O3 - Toolbar: (no name) - [HKLM]{D0F4A166-B8D4-48b8-9D63-80849FE137CB} Clé orpheline
O3 - Toolbar: avast! WebRep - [HKLM]{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.Pas de propriétaire - avast! WebRep Plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{043C5167-00BB-4324-AF7E-62013FAEDACF} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{D4027C7F-154A-4066-A1AD-4243D8127440} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
~ Toolbar: Scanned in 00mn 00s



---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
O4 - HKLM\..\Run: [ApnTBMon] . (.APN - Ask Toolbar Notifier.) -- C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe =>Toolbar.Ask
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
~ Application: Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\TaskBar: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar: TuneUp Utilities.lnk . (...) -- C:\Program Files\TuneUp Utilities 2013\TUMessages.exe (.not file.)
O4 - GS\TaskBar: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\windows\explorer.exe
O4 - GS\Programs: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Accessories: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Accessories: Private Character Editor.lnk . (.Microsoft Corporation - Éditeur de caractères privés.) -- C:\windows\system32\eudcedit.exe
O4 - GS\SendTo: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) -- C:\windows\system32\WFS.exe
O4 - GS\SendTo: Skype.lnk . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
O4 - GS\Desktop: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
~ Global Startup: Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} . (.Microsoft Corporation - Windows Live Messenger Companion core resources.) -- C:\Program Files\Windows Live\Companion\companionres.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} . (...) -- C:\Program Files\WIDCOMM\Bluetooth Software\bt_hot_icon.ico
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} ((no name)) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} ((no name)) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/fr/uno1/GAME_UNO1.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} ((no name)) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} ((no name)) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} ((no name)) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
~ Objets ActiveX: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{A2E03183-BD63-4AE7-A816-AA7884BECFEA}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{A2E03183-BD63-4AE7-A816-AA7884BECFEA}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{A2E03183-BD63-4AE7-A816-AA7884BECFEA}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\windows\System32\urlmon.dll
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (...) - C:\ProgramData\Browser Manager\2.6.1339.144\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll
~ AppInit DLL: Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated - Adobe® Flash® Player Update Service 11.6 r6.) - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Service de mise à jour Ask (APNMCP) . (.APN LLC. - APN Updater.) - C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
O23 - Service: Browser Manager (Browser Manager) . (...) - C:\ProgramData\Browser Manager\2.6.1339.144\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files\Skype\Updater\Updater.exe
~ Services: 7 Legitimates Filtered in 02mn 07s



---\\ Tâches planifiées en automatique (O39)
[MD5.95B63EBDF62D57707FD46393DADB51A4] [APT] [{5CEF62E0-EDC9-469E-8EFB-A7FE3C7C9D7E}] (...) -- C:\Users\Mounir\Downloads\JL_Cmder v1.9 installer\JL_Cmder v1.9.0 Installer\JL_Cmder v1.9.0.exe [155913]
[MD5.00000000000000000000000000000000] [APT] [{5D1AE1E2-3D93-41F6-8FD9-1C26E5BC0498}] (...) -- C:\Program Files\Intel\Intel Matrix Storage Manager\Uninstall\imsmudlg.exe (.not file.) [0]
~ Scheduled Task: 23 Legitimates Filtered in 00mn 14s



---\\ Logiciels installés (O42)
O42 - Logiciel: Ask Toolbar - (.Ask Partner Network.) [HKLM] -- {4F524A2D-5637-006A-76A7-A758B70C0001} =>Toolbar.Ask
O42 - Logiciel: Browser Manager - (...) [HKLM] -- {15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}
O42 - Logiciel: NBT - (...) [HKCU] -- nbt
~ Logic: 76 Legitimates Filtered in 00mn 03s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\AppDataLow\Software\ShoppingReport2] =>Adware.ShoppingReport
[HKCU\Software\AppDataLow\Software\searchqutoolbar] =>PUP.Datamngr
[HKCU\Software\AskPartnerNetwork]
[HKCU\Software\BabSolution] =>Hijacker.BabSolution
[HKCU\Software\BrowserMngr] =>Toolbar.Babylon
[HKCU\Software\DataMngr_Toolbar] =>PUP.Datamngr
[HKCU\Software\Datamngr] =>PUP.Datamngr
[HKCU\Software\NBT]
[HKCU\Software\Trymedia Systems] =>Adware.Trymedia
[HKCU\Software\YahooPartnerToolbar] =>Toolbar.Yahoo
[HKCU\Software\d55dfdfb239ef40]
[HKLM\Software\AskPartnerNetwork]
[HKLM\Software\Babylon] =>Toolbar.Babylon
[HKLM\Software\BrowserMngr] =>Toolbar.Babylon
[HKLM\Software\DataMngr] =>PUP.Datamngr
[HKLM\Software\Trymedia Systems] =>Adware.Trymedia
[HKLM\Software\d55dfdfb239ef40]
~ Key Software: 106 Legitimates Filtered in 00mn 03s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 12/02/2013 - 03:35:19 - [0,388] ----D C:\Program Files\Advanced System Protector =>PUP.AdvancedSystemProtector
O43 - CFD: 10/07/2013 - 18:15:43 - [7,502] ----D C:\Program Files\AskPartnerNetwork
O43 - CFD: 07/06/2013 - 09:44:10 - [20,023] ----D C:\Program Files\Installer
O43 - CFD: 12/02/2013 - 03:35:18 - [0,228] ----D C:\Program Files\RegClean Pro =>Rogue.RegistryPowerCleaner
O43 - CFD: 10/07/2013 - 18:15:15 - [0] ----D C:\ProgramData\APN
O43 - CFD: 05/11/2011 - 13:07:52 - [0] ----D C:\ProgramData\Ask
O43 - CFD: 10/07/2013 - 18:15:43 - [0,429] ----D C:\ProgramData\AskPartnerNetwork
O43 - CFD: 21/04/2012 - 16:14:35 - [0] ----D C:\ProgramData\Babylon =>Toolbar.Babylon
O43 - CFD: 21/04/2012 - 21:10:02 - [0,000] ----D C:\ProgramData\boost_interprocess
O43 - CFD: 15/06/2013 - 11:05:11 - [8,375] ----D C:\ProgramData\Browser Manager
O43 - CFD: 09/07/2011 - 19:03:04 - [0,001] ----D C:\ProgramData\Trymedia =>Adware.Trymedia
O43 - CFD: 03/01/2013 - 18:09:47 - [0] --H-D C:\ProgramData\{05505732-706C-4AFB-8CB4-779D17872B48}
O43 - CFD: 21/04/2012 - 16:14:34 - [0,027] ----D C:\Users\Mounir\AppData\Roaming\Babylon =>Toolbar.Babylon
O43 - CFD: 12/07/2011 - 22:10:55 - [0,053] ----D C:\Users\Mounir\AppData\Roaming\com.socialbox.socialbox
O43 - CFD: 20/06/2013 - 14:43:47 - [0,308] ----D C:\Users\Mounir\AppData\Roaming\File Scout
O43 - CFD: 08/10/2012 - 21:05:37 - [0,203] ----D C:\Users\Mounir\AppData\Roaming\Nbt
O43 - CFD: 17/08/2011 - 23:12:58 - [5,636] ----D C:\Users\Mounir\AppData\Roaming\OpenCandy =>Adware.OpenCandy
O43 - CFD: 21/04/2012 - 21:13:28 - [0,014] ----D C:\Users\Mounir\AppData\Local\Ilivid Player =>Adware.Bandoo
O43 - CFD: 18/08/2011 - 12:40:53 - [0] ----D C:\Users\Mounir\AppData\Local\OpenCandy =>Adware.OpenCandy
~ 1028 Dossiers CLSID vides (CLSID Empty Folders)
~ Program Folder: 1324 Legitimates Filtered in 01mn 34s



---\\ MountPoints2 Shell Key (O51)
O51 - MPSK:{0293d599-d984-11e1-bdbd-806e6f6e6963}\AutoRun\command. (...) -- E:\AutoRun.exe (.not file.)
O51 - MPSK:{0293d5ec-d984-11e1-bdbd-000b6b61d8ff}\AutoRun\command. (...) -- E:\AutoRun.exe (.not file.)
O51 - MPSK:{32604959-e946-11e1-bf59-000b6b61d8ff}\AutoRun\command. (...) -- E:\AutoRun.exe (.not file.)
O51 - MPSK:{b293e8e9-db10-11e1-a557-001e101f1ed9}\AutoRun\command. (...) -- E:\AutoRun.exe (.not file.)
O51 - MPSK:{e0e5bc7f-d986-11e1-b866-000b6b61d8ff}\AutoRun\command. (...) -- E:\AutoRun.exe (.not file.)
~ Keys: Scanned in 00mn 00s



---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s



---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.21E785EBD7DC90A06391141AAC7892FB] - 14/07/2009 - 02:26:15 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [422976]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 13/07/2009 - 22:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
~ Drivers: Scanned in 00mn 00s



---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ ADS: Scanned in 00mn 00s



---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 19 Legitimates Filtered in 00mn 00s



---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] {043C5167-00BB-4324-AF7E-62013FAEDACF} - (Web Search...) - http://ww1.toolbarhome.com =>PUP.VShareRedir
O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} [DefaultScope] - (Search the web (Babylon)) - http://search.babylon.com =>Adware.IMBooster
O69 - SBI: SearchScopes [HKCU] {51D76B41-E224-4B46-92CC-2BDE4E8C2E33} - (Ask Search) - http://www.search.ask.com/?o=10148&l=dis
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - https://www.google.com/?gws_rd=ssl
O69 - SBI: SearchScopes [HKCU] {739E7B8F-383B-4721-B0F0-88695EB431D1} - (Search the web (Babylon)) - http://search.babylon.com =>Adware.IMBooster
O69 - SBI: SearchScopes [HKCU] {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} - (Search Results) - https://www.search.ask.com/web?l=dis&q=&o=APN10655A&apn_dtid=%5EBND101%5EYY%5EFR&shad=s_0048&gct=hp&apn_ptnrs=%5EAG5&d=101-0&lang=en&atb=sysid%3D101%3Auid%3D58c9331d816657ac%3Asrc%3Dhmp%3Ao%3DAPN10655A%3Atg%3D&p2=%5EAG5%5EBND101%5EYY%5EFR =>PUP.SearchResults
~ Keys: Scanned in 00mn 00s



---\\ Recherche particuliere à la racine de certains dossiers (O84)
[MD5.1FE339E72FE03A27DD9D5A9A357CFE7D] [SPRF][16/01/2010] (...) -- C:\ProgramData\FullRemove.exe [131368]
[MD5.3BC853FCC8DABE43A64823C4D2968EDF] [SPRF][10/07/2013] (.Ask Partner Network - Stub Installer.) -- C:\Users\Mounir\AppData\Local\Temp\APNSetup.exe [489936]
[MD5.B1957B038895642DF9F662326E7D4DDC] [SPRF][22/06/2013] (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Users\Mounir\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe [903080]
[MD5.83954C128100AD89746811E92C1B4BF6] [SPRF][20/06/2013] (...) -- C:\Users\Mounir\AppData\Local\Temp\setup_fsu_cid.exe [251299]
[MD5.80F4A456633F78A26A3C6B16E64EFEC5] [SPRF][28/09/2007] (.Microsoft - Uno Messenger.) -- C:\Windows\Downloaded Program Files\GAME_UNO1.dll [381960]
[MD5.8945CCA5FC4F25168E8B6F401EFAF51F] [SPRF][22/02/2007] (.Microsoft Corporation - Zone.com Stats Client for MSN Messenger.) -- C:\Windows\Downloaded Program Files\MessengerStatsPAClient.dll [304544]
[MD5.E661E91B5929632665683222D509D271] [SPRF][28/02/2007] (.Microsoft Corporation - Zone.com Minesweeper Flags for MSN Messenger.) -- C:\Windows\Downloaded Program Files\MineSweeper.dll [130472]
[MD5.1E5CFDF9AEBDD84305A4C8154277A269] [SPRF][28/02/2007] (.Microsoft Corporation - Zone.com Checkers for MSN Messenger.) -- C:\Windows\Downloaded Program Files\msgrchkr.dll [131472]
~ Files: Scanned in 00mn 00s



---\\ Product Upgrade Codes (O90)
O90 - PUC: "D2A425F47365A600677A7A857BC00010" . (.Ask Toolbar.) -- C:\windows\Installer\{4F524A2D-5637-006A-76A7-A758B70C0001}\ToolbarIcon.exe =>Toolbar.Ask
~ Update Products: 465 Legitimates Filtered in 00mn 00s



---\\ Random Export Key (O91)
[HKCU\Software\d55dfdfb239ef40\2.6.1339.144\upd]:="upd=1"
[HKCU\Software\d55dfdfb239ef40\history\{16cdff19-861d-48e3-a751-d99a27784753}2.2.630.40]:guid="{16cdff19-861d-48e3-a751-d99a27784753}"
[HKCU\Software\d55dfdfb239ef40\history\{16cdff19-861d-48e3-a751-d99a27784753}2.2.630.40]:version="2.2.630.40"
[HKCU\Software\d55dfdfb239ef40\history\{16cdff19-861d-48e3-a751-d99a27784753}2.3.787.43]:guid="{16cdff19-861d-48e3-a751-d99a27784753}"
[HKCU\Software\d55dfdfb239ef40\history\{16cdff19-861d-48e3-a751-d99a27784753}2.3.787.43]:version="2.3.787.43"
[HKCU\Software\d55dfdfb239ef40\history\{16cdff19-861d-48e3-a751-d99a27784753}2.6.1123.78]:guid="{16cdff19-861d-48e3-a751-d99a27784753}"
[HKCU\Software\d55dfdfb239ef40\history\{16cdff19-861d-48e3-a751-d99a27784753}2.6.1123.78]:version="2.6.1123.78"
[HKCU\Software\d55dfdfb239ef40\history\{16cdff19-861d-48e3-a751-d99a27784753}2.6.1125.80]:guid="{16cdff19-861d-48e3-a751-d99a27784753}"
[HKCU\Software\d55dfdfb239ef40\history\{16cdff19-861d-48e3-a751-d99a27784753}2.6.1125.80]:version="2.6.1125.80"
[HKCU\Software\d55dfdfb239ef40\history\{16cdff19-861d-48e3-a751-d99a27784753}2.6.1249.132]:guid="{16cdff19-861d-48e3-a751-d99a27784753}"
[HKCU\Software\d55dfdfb239ef40\history\{16cdff19-861d-48e3-a751-d99a27784753}2.6.1249.132]:version="2.6.1249.132"
[HKCU\Software\d55dfdfb239ef40] =>Toolbar.Babylon^
[HKCU\Software\d55dfdfb239ef40]:GUID="{16cdff19-861d-48e3-a751-d99a27784753}"
[HKCU\Software\d55dfdfb239ef40]:version="2.6.1339.144"
[HKLM\Software\d55dfdfb239ef40] =>Toolbar.Babylon^
[HKLM\Software\d55dfdfb239ef40]:GUID="{16cdff19-861d-48e3-a751-d99a27784753}"
[HKLM\Software\d55dfdfb239ef40]:version="2.6.1339.144"
~ Export Key Software: Scanned in 00mn 00s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 28/05/2013 163328 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 06/06/2013 169632 | (APNMCP) . (.APN LLC..) - C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
SR - | Auto 23/02/2011 42184 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 3085264 | (Browser Manager) . (...) - C:\ProgramData\Browser Manager\2.6.1339.144\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
SR - | Auto 21/07/2010 656672 | (btwdins) . (.Broadcom Corporation..) - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
SS - | Auto 18/04/2011 136176 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 18/04/2011 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Auto 01/03/2013 161384 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SR - | Auto 14/07/2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 14/07/2009 20992 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 07s



---\\ Scan Additionnel (O88)
Database Version : v2.12804 - (21/07/2013)
Clés trouvées (Keys found) : 67
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 13
Fichiers trouvés (Files found) : 15

[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{043C5167-00BB-4324-AF7E-62013FAEDACF}] =>Parasite.Pugi
[HKLM\Software\Classes\Interface\{0EB3F101-224A-4B2B-9E5B-DF720857529C}] =>Adware.ShopperReports
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}] =>Toolbar.Babylon
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3B7599DF-3D5D-4EF5-BF51-9C2EDA788E83}] =>Toolbar.Agent
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3B7599DF-3D5D-4EF5-BF51-9C2EDA788E83}] =>Toolbar.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}] =>Adware.Bandoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}] =>Adware.Bandoo
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}] =>Adware.Bandoo
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}] =>Adware.Bandoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4F12-8568-69135F087DB0}] =>Adware.Bandoo
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7}] =>Adware.Softomate
[HKLM\Software\Classes\Interface\{a1f1ecd3-4806-44c6-a869-f0dadf11c57c}] =>Adware.SmartShopper
[HKLM\Software\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}] =>Adware.CDNHelper
[HKLM\Software\Classes\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB}] =>Toolbar.Babylon
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}] =>Toolbar.Avira
[HKLM\Software\Classes\CLSID\{E46C8196-B634-44a1-AF6E-957C64278AB1}] =>Toolbar.Babylon
[HKLM\Software\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}] =>Toolbar.Babylon
[HKLM\Software\Classes\HBLiteAX.UserProfiles] =>Adware.ShopperReports
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E] =>Toolbar.Ask
[HKCU\Software\BrowserMngr] =>Toolbar.Babylon
[HKLM\Software\BrowserMngr] =>Toolbar.Babylon
[HKCU\Software\DataMngr] =>Adware.Bandoo
[HKLM\Software\DataMngr] =>Adware.Bandoo
[HKCU\Software\AppDataLow\Software\searchqutoolbar] =>Adware.Bandoo
[HKLM\Software\Microsoft\Tracing\MyBabylontb_RASAPI32] =>Toolbar.Babylon
[HKLM\Software\Microsoft\Tracing\MyBabylontb_RASMANCS] =>Toolbar.Babylon
[HKLM\Software\Microsoft\Tracing\Searchqu Toolbar uninstall_RASAPI32] =>Adware.Bandoo
[HKLM\Software\Microsoft\Tracing\Searchqu Toolbar uninstall_RASMANCS] =>Adware.Bandoo
[HKLM\Software\Microsoft\Tracing\SearchquMediaBar_RASAPI32] =>Adware.Bandoo
[HKLM\Software\Microsoft\Tracing\SearchquMediaBar_RASMANCS] =>Adware.Bandoo
[HKLM\Software\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32] =>Adware.Bandoo
[HKLM\Software\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS] =>Adware.Bandoo
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}] =>Toolbar.Babylon
[HKLM\Software\Classes\Prod.cap] =>Toolbar.Babylon
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings] =>PUP.BProtector
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D0F4A166-B8D4-48B8-9D63-80849FE137CB}] =>Toolbar.Babylon
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}] =>PUP.BProtector
[HKCU\Software\AppDataLow\Software\NetNucleous\ActiveCollector] =>Adware.Mirar
[HKCU\Software\NetNucleous\ActiveCollector] =>Adware.Mirar
[HKLM\Software\NetNucleous\ActiveCollector] =>Adware.Mirar
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07202B0D-149C-4568-90DF-ACC2B4057809}] =>Adware.Mirar
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07202B0D-149C-4568-90DF-ACC2B4057809}] =>Adware.Mirar
[HKLM\Software\Classes\CLSID\{07202B0D-149C-4568-90DF-ACC2B4057809}] =>Adware.Mirar
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07202B0D-149C-4568-90DF-ACC2B4057809}] =>Adware.Mirar
[HKLM\Software\Classes\Interface\{E766BB98-6F19-469B-A7F4-5092C744767C}] =>Adware.Mirar
[HKCU\Software\AskPartnerNetwork] =>Toolbar.Ask
[HKLM\Software\AskPartnerNetwork] =>Toolbar.Ask
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] =>Toolbar.Avast
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] =>Toolbar.Avast
[HKLM\Software\Classes\CLSID\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] =>Toolbar.Avast
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] =>Toolbar.Avast
[HKLM\Software\Classes\ShoppingReport2.HbAx] =>Adware.ShoppingReport
[HKLM\Software\Classes\ShoppingReport2.HbInfoBand] =>Adware.ShoppingReport
[HKLM\Software\Classes\ShoppingReport2.IEButton] =>Adware.ShoppingReport
[HKLM\Software\Classes\ShoppingReport2.IEButtonA] =>Adware.ShoppingReport
[HKLM\Software\Classes\ShoppingReport2.RprtCtrl] =>Adware.ShoppingReport
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{99079A25-328F-4BD4-BE04-00955ACAA0A7} =>Adware.Bandoo
[HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{D4027C7F-154A-4066-A1AD-4243D8127440} =>Toolbar.Avira
C:\Program Files\Installer =>Adware.InstallPedia
C:\Program Files\RegClean Pro =>Rogue.RegistryPowerCleaner
C:\Program Files\AskPartnerNetwork =>Toolbar.Ask
C:\ProgramData\Babylon =>Toolbar.Babylon
C:\ProgramData\Browser Manager =>Toolbar.Babylon
C:\ProgramData\Trymedia =>Adware.Trymedia
C:\ProgramData\AskPartnerNetwork =>Toolbar.Ask
C:\Users\Mounir\AppData\Roaming\Babylon =>Toolbar.Babylon
C:\Users\Mounir\AppData\Roaming\OpenCandy =>Adware.OpenCandy
C:\Users\Mounir\AppData\Local\OpenCandy =>Adware.OpenCandy
C:\Users\Mounir\AppData\LocalLow\BabylonToolbar =>Toolbar.Babylon
C:\Users\Mounir\AppData\LocalLow\searchquband =>Adware.Bandoo
C:\Users\Mounir\AppData\LocalLow\ShoppingReport2 =>Adware.ShopperReports
C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe =>Toolbar.Ask^
[HKCU\Software\AppDataLow\Software\ShoppingReport2] =>Adware.ShoppingReport^
[HKCU\Software\BabSolution] =>Hijacker.BabSolution^
[HKCU\Software\DataMngr_Toolbar] =>PUP.Datamngr^
[HKCU\Software\Datamngr] =>PUP.Datamngr^
[HKCU\Software\Trymedia Systems] =>Adware.Trymedia^
[HKCU\Software\YahooPartnerToolbar] =>Toolbar.Yahoo^
[HKLM\Software\Babylon] =>Toolbar.Babylon^
[HKLM\Software\Trymedia Systems] =>Adware.Trymedia^
C:\Program Files\Advanced System Protector =>PUP.AdvancedSystemProtector^
C:\Users\Mounir\AppData\Local\Ilivid Player =>Adware.Bandoo^
[HKCU\Software\d55dfdfb239ef40] =>Toolbar.Babylon^^
[HKLM\Software\d55dfdfb239ef40] =>Toolbar.Babylon^^
C:\Users\Mounir\AppData\Local\Temp\GoogleToolbarInstaller1.log =>Toolbar.Babylon
C:\Users\Mounir\AppData\Local\Temp\GoogleToolbarInstaller2.log =>Toolbar.Babylon
~ Additionnel Scan: 187912 Items scanned in 02mn 47s



---\\ Malicius Software Information
~ http://nicolascoolman.webs.com/apps/blog/show/28927746-toolbar-ask =>Toolbar.Ask
~ http://nicolascoolman.webs.com/apps/blog/show/27422225-adware-shoppingreport =>Adware.ShoppingReport
~ http://nicolascoolman.webs.com/apps/blog/show/27583992-pup-datamngr =>PUP.Datamngr
~ http://nicolascoolman.webs.com/apps/blog/show/26678994-hijacker-babsolution =>Hijacker.BabSolution
~ http://nicolascoolman.webs.com/apps/blog/show/26627369-toolbar-babylon =>Toolbar.Babylon
~ http://nicolascoolman.webs.com/apps/blog/show/29710349-adware-trymedia =>Adware.Trymedia
~ http://nicolascoolman.webs.com/apps/blog/show/30268689-toolbar-yahoo =>Toolbar.Yahoo
~ http://nicolascoolman.webs.com/apps/blog/show/26630283-pup-advancedsystemprotector =>PUP.AdvancedSystemProtector
~ http://nicolascoolman.webs.com/apps/blog/show/29295819-rogue-registrypowercleaner =>Rogue.RegistryPowerCleaner
~ http://nicolascoolman.webs.com/apps/blog/show/26770694-adware-opencandy =>Adware.OpenCandy
~ http://nicolascoolman.webs.com/apps/blog/show/26611092-adware-bandoo =>Adware.Bandoo
~ http://nicolascoolman.webs.com/apps/blog/show/29432250-pup-vshareredir =>PUP.VShareRedir
~ http://nicolascoolman.webs.com/apps/blog/show/26684723-adware-imbooster =>Adware.IMBooster
~ http://nicolascoolman.webs.com/apps/blog/show/30319724-pup-searchresults =>PUP.SearchResults
~ http://nicolascoolman.webs.com/apps/blog/show/26632288-parasite-pugi =>Parasite.Pugi
~ http://nicolascoolman.webs.com/apps/blog/show/28345498-adware-softomate =>Adware.Softomate
~ http://nicolascoolman.webs.com/apps/blog/show/28133096-pup-bprotector =>PUP.BProtector
~ http://nicolascoolman.webs.com/apps/blog/show/27047259-adware-mirar =>Adware.Mirar
~ http://nicolascoolman.webs.com/apps/blog/show/26967630-adware-installpedia =>Adware.InstallPedia
~ MSI: 19 link(s) detected in 02mn 47s



~ 2422 Legitimates filtered by white list
End of the scan (590 lines in 09mn 12s)(0)