Infection diverses et formatage

ok :)

lilidurhone

désoler de te faire attendre mai ça mai du temps .

ba merci beaucoup c'est gentil

Pas grave

Laisse le faire

C'est tout à fait normal :D

Vu que tu n'as pas fait les majs depuis un moment ...

je c'est pas comment tu fait pour être patient

J'ai réinitialisé un Toshiba avec une config de netbook (dual-core E-300 1.3GHz et 2Go de RAM) et Windows 7 64 bits il y a quelques temps, 115 et des poussières de mises à jour Windows, il a fallu plus de 6h... Le processeur collé à 100% de charge pendant des heures... Ça n'avance pas.

arrête tu me fait peur la

miaws

Il parlait de la réinstallation d'usine

Ce n'est pas le cas pour toi

Certes c'est long mais au moins ton netbook sera parfaitement à jour

ok je vais essayer

donc je supprime Avast et je refait une mise a jour comme toute a l'heure ?

ok ça marche

salut

pourquoi ne pas le désinstaller ? comme ça il le mettra à jour en même temps...

oui ;)

j'ai redémarrer mon pc il c'est toujours pas ralume

c'est normal qui mai du temps a redémarrer comme ça ??

je les redémarrer après les mises a jour et la ça fait un bon moment que c'est écrit arrêt en cours

miaws

C'est parfaitement normal vu toutes les mises à jour qu'il y avait à faire


Patientes un peu ça va se débloquer

Je pense qu'on va continuer aujourd'hui mais un peu plus tard si ça te dérange pas

ok tu veut qu'ont commence vers quel heure ??

c'est bon il c'est rallumer maintenant je fait un rapport et je te l'envoi ?

tu est la ? désoler du retard .

miaws

Pas de souci

Content qu'il n'est pas planté

Oui je veux bien :)

donc j'ai désactiver Avast pendant 10 minute comme tu me la dit est j'ai fait un nouveaux rapport.


Rapport de ZHPDiag v2013.7.20.351 par Nicolas Coolman, Update du 21/07/2013
Run by Mounir at 22/07/2013 11:57:31
WebSite: https://nicolascoolman.webs.com/
State : Version à jour.
WhiteList : Enable
High Elevated Privileges : OK
UAC : Activate by user


---\\ Web Browser
MSIE: Internet Explorer v9.0.8112.16421
GCIE: Google Chrome v28.0.1500.72 (Defaut)

---\\ Windows Product Information
~ Langage: Français
Windows 7 Starter Edition, 32-bit (Build 7600)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : X8XG7
Windows License : OK
~ Windows Remaining Initializations Number : 3
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ System Protection
avast! Free Antivirus v6.0.1000.0
Windows Defender W7

---\\ System Optimizer

---\\ Peer To Peer (P2P)

---\\ Software Update
Adobe Flash Player 11 ActiveX
Adobe Reader 9.1 - Français
Java 7 Update 25

---\\ System Information
~ Processor: x86 Family 6 Model 28 Stepping 10, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1013 MB (15% free)
System Restore: Activé (Enable)
System drive C: has 47 GB (55%) free of 85 GB

---\\ Logged in mode
~ Computer Name: MOUNIR-PC
~ User Name: Mounir
~ All Users Names: Mounir, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\Mounir\AppData\Roaming\
~ %Desktop% : C:\Users\Mounir\Desktop\
~ %Favorites% : C:\Users\Mounir\Favorites\
~ %LocalAppData% : C:\Users\Mounir\AppData\Local\
~ %StartMenu% : C:\Users\Mounir\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 47 Go of 85 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 128 Go of 128 Go)
Q:\ Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)



---\\ Security Center & Tools Informations
~ Security Center: 26 Legitimates Filtered in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.2626FC9755BE22F805D3CFA0CE3EE727] - (.Microsoft Corporation - Explorateur Windows.) (.31/10/2009 - 06:45:39.) -- C:\Windows\Explorer.exe [2614272]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.EA952A5C277CABCBA69EA806146BB984] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.21/07/2013 - 19:01:46.) -- C:\Windows\System32\wininet.dll [1129472]
[MD5.37CDB7E72EB66BA85A87CBE37E7F03FD] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.28/10/2009 - 07:17:59.) -- C:\Windows\System32\Winlogon.exe [285696]
[MD5.58C94EAE54BF0C5E2B80B2E5E7744D4C] - (.Microsoft Corporation - Bibliothèque de licences.) (.14/07/2009 - 02:16:15.) -- C:\Windows\System32\sppcomapi.dll [193024]
[MD5.0DB7A48388D54D154EBEC120461A0FCD] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.25/04/2011 - 03:35:40.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BA6E70AA0E6091BC39DE29477D866A77] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.14/07/2009 - 00:11:26.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.83D1ECEA8FAAE75604C0FA49AC7AD996] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.27/04/2011 - 03:33:46.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.717A2207FD6F13AD3E664C7D5A43C7BF] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.14/07/2009 - 00:50:56.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 00:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.CA7570E42522E24324A12161DB14EC02] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.04/05/2011 - 03:43:41.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123392]
[MD5.DD52A733BF4CA5AF84562A5E2F963B91] - (.Microsoft Corporation - MBT Transport driver.) (.14/07/2009 - 00:12:21.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.A8F59428E9F361C7AC42A94AC1560BC9] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 14:58:11.) -- C:\Windows\system32\Drivers\ntfs.sys [1210728]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 00:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/07/2009 - 00:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 00:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.CB39E896A2A83702D1737BFD402B3542] - (.Microsoft Corporation - TDI Translation Driver.) (.14/07/2009 - 00:12:11.) -- C:\Windows\system32\Drivers\tdx.sys [74240]
[MD5.59F06B4968E58BC83DFC56CA4517960E] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.06/09/2012 - 17:48:29.) -- C:\Windows\system32\Drivers\volsnap.sys [245616]
~ Generic Processes: Scanned in 00mn 01s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/4
~ Mes musiques (My Musics) : 1/25
~ Mes Videos (My Videos) : 1/2
~ Mes Favoris (My Favorites) : 1/65
~ Mes Documents (My Documents) : 1/261
~ Mon Bureau (My Desktop) : 0/31
~ Menu demarrer (Programs) : 1/33
~ Hidden Files: Scanned in 00mn 01s



---\\ Processus lancés
[MD5.59D29EF36C6712AAA8607E3484E75259] - (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [8555040] [PID.3892]
[MD5.13B671D7253F29DA148569288CECF74B] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [173592] [PID.2532]
[MD5.052F402E557C9EC01B188AD56E336029] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [150552] [PID.3320]
[MD5.2E9A1A6555C20424FC6DCC3AF21F4D68] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [3451496] [PID.3396]
[MD5.2B3DB9C9D7E206CFCF3E327709BEF3AD] - (.Intel Corporation - igfxsrvc Module.) -- C:\windows\system32\igfxsrvc.exe [252952] [PID.4008]
[MD5.D63797E8E7781EE1500A810CB6194FA6] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816] [PID.3020]
[MD5.055C94C8429EAB0573A31C5BF7B505B0] - (.APN - Ask Toolbar Notifier.) -- C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1541584] [PID.3072] =>Toolbar.Ask
[MD5.35539DC0BA63C39D41D88EACDF80A3D2] - (.Broadcom Corporation. - Bluetooth Tray Application.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [836896] [PID.3524]
[MD5.45B1EFC565886A8BD18232D51357B8B8] - (.Broadcom Corporation. - Bluetooth Stack COM Server.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe [2835744] [PID.2592]
[MD5.CB037F03178E31BA2985ADD15879CA56] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [846288] [PID.4344]
[MD5.355BF4D1387F604CDA47E628C1BF36B5] - (...) -- C:\Users\Mounir\AppData\Local\Temp\909B.tmp [265121] [PID.5084]
[MD5.DE1BD315B11A2C3B11882004A660906F] - (...) -- C:\Users\Mounir\AppData\Local\Temp\restorer1.0.0.1.exe [195072] [PID.5136]
[MD5.D8CC16D8DCC5E31ABAA2CACBC1C9B5B3] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [7742464] [PID.4752]
~ Processes Running: Scanned in 00mn 02s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Mounir\AppData\Local\Google\Chrome\User Data\Default\Preferences
~ Google Browser: 0 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: ActiveCollectorPlugin BHO - {07202B0D-149C-4568-90DF-ACC2B4057809} Clé orpheline
~ BHO: 8 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: (no name) - [HKLM]{99079a25-328f-4bd4-be04-00955acaa0a7} Clé orpheline
O3 - Toolbar: (no name) - [HKLM]{D0F4A166-B8D4-48b8-9D63-80849FE137CB} Clé orpheline
O3 - Toolbar: avast! WebRep - [HKLM]{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.Pas de propriétaire - avast! WebRep Plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{043C5167-00BB-4324-AF7E-62013FAEDACF} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{D4027C7F-154A-4066-A1AD-4243D8127440} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
~ Toolbar: Scanned in 00mn 00s



---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
O4 - HKLM\..\Run: [ApnTBMon] . (.APN - Ask Toolbar Notifier.) -- C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe =>Toolbar.Ask
~ Application: Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\TaskBar: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar: TuneUp Utilities.lnk . (...) -- C:\Program Files\TuneUp Utilities 2013\TUMessages.exe (.not file.)
O4 - GS\TaskBar: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\windows\explorer.exe
O4 - GS\Programs: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Accessories: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Accessories: Private Character Editor.lnk . (.Microsoft Corporation - Éditeur de caractères privés.) -- C:\windows\system32\eudcedit.exe
O4 - GS\SendTo: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) -- C:\windows\system32\WFS.exe
O4 - GS\SendTo: Skype.lnk . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
O4 - GS\Desktop: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
~ Global Startup: Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} . (.Microsoft Corporation - Windows Live Messenger Companion core resources.) -- C:\Program Files\Windows Live\Companion\companionres.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} . (...) -- C:\Program Files\WIDCOMM\Bluetooth Software\bt_hot_icon.ico
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} ((no name)) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} ((no name)) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/fr/uno1/GAME_UNO1.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} ((no name)) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} ((no name)) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} ((no name)) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
~ Objets ActiveX: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{A2E03183-BD63-4AE7-A816-AA7884BECFEA}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{A2E03183-BD63-4AE7-A816-AA7884BECFEA}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{A2E03183-BD63-4AE7-A816-AA7884BECFEA}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (...) - C:\ProgramData\Browser Manager\2.6.1339.144\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll
~ AppInit DLL: Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated - Adobe® Flash® Player Update Service 11.6 r6.) - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Service de mise à jour Ask (APNMCP) . (.APN LLC. - APN Updater.) - C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
O23 - Service: Browser Manager (Browser Manager) . (...) - C:\ProgramData\Browser Manager\2.6.1339.144\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files\Skype\Updater\Updater.exe
~ Services: 7 Legitimates Filtered in 00mn 40s



---\\ Tâches planifiées en automatique (O39)
[MD5.95B63EBDF62D57707FD46393DADB51A4] [APT] [{5CEF62E0-EDC9-469E-8EFB-A7FE3C7C9D7E}] (...) -- C:\Users\Mounir\Downloads\JL_Cmder v1.9 installer\JL_Cmder v1.9.0 Installer\JL_Cmder v1.9.0.exe [155913]
[MD5.00000000000000000000000000000000] [APT] [{5D1AE1E2-3D93-41F6-8FD9-1C26E5BC0498}] (...) -- C:\Program Files\Intel\Intel Matrix Storage Manager\Uninstall\imsmudlg.exe (.not file.) [0]
~ Scheduled Task: 17 Legitimates Filtered in 00mn 05s



---\\ Logiciels installés (O42)
O42 - Logiciel: Ask Toolbar - (.Ask Partner Network.) [HKLM] -- {4F524A2D-5637-006A-76A7-A758B70C0001} =>Toolbar.Ask
O42 - Logiciel: Browser Manager - (...) [HKLM] -- {15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}
O42 - Logiciel: NBT - (...) [HKCU] -- nbt
~ Logic: 86 Legitimates Filtered in 00mn 02s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\AppDataLow\Software\ShoppingReport2] =>Adware.ShoppingReport
[HKCU\Software\AppDataLow\Software\searchqutoolbar] =>PUP.Datamngr
[HKCU\Software\AskPartnerNetwork]
[HKCU\Software\BabSolution] =>Hijacker.BabSolution
[HKCU\Software\BrowserMngr] =>Toolbar.Babylon
[HKCU\Software\DataMngr_Toolbar] =>PUP.Datamngr
[HKCU\Software\Datamngr] =>PUP.Datamngr
[HKCU\Software\NBT]
[HKCU\Software\Trymedia Systems] =>Adware.Trymedia
[HKCU\Software\YahooPartnerToolbar] =>Toolbar.Yahoo
[HKCU\Software\d55dfdfb239ef40]
[HKLM\Software\AskPartnerNetwork]
[HKLM\Software\Babylon] =>Toolbar.Babylon
[HKLM\Software\BrowserMngr] =>Toolbar.Babylon
[HKLM\Software\DataMngr] =>PUP.Datamngr
[HKLM\Software\Trymedia Systems] =>Adware.Trymedia
[HKLM\Software\d55dfdfb239ef40]
~ Key Software: 117 Legitimates Filtered in 00mn 02s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 12/02/2013 - 03:35:19 - [0,388] ----D C:\Program Files\Advanced System Protector =>PUP.AdvancedSystemProtector
O43 - CFD: 10/07/2013 - 18:15:43 - [7,502] ----D C:\Program Files\AskPartnerNetwork
O43 - CFD: 07/06/2013 - 09:44:10 - [20,023] ----D C:\Program Files\Installer
O43 - CFD: 12/02/2013 - 03:35:18 - [0,228] ----D C:\Program Files\RegClean Pro =>Rogue.RegistryPowerCleaner
O43 - CFD: 10/07/2013 - 18:15:15 - [0] ----D C:\ProgramData\APN
O43 - CFD: 05/11/2011 - 13:07:52 - [0] ----D C:\ProgramData\Ask
O43 - CFD: 10/07/2013 - 18:15:43 - [0,429] ----D C:\ProgramData\AskPartnerNetwork
O43 - CFD: 21/04/2012 - 16:14:35 - [0] ----D C:\ProgramData\Babylon =>Toolbar.Babylon
O43 - CFD: 21/04/2012 - 21:10:02 - [0,000] ----D C:\ProgramData\boost_interprocess
O43 - CFD: 15/06/2013 - 11:05:11 - [8,375] ----D C:\ProgramData\Browser Manager
O43 - CFD: 09/07/2011 - 19:03:04 - [0,001] ----D C:\ProgramData\Trymedia =>Adware.Trymedia
O43 - CFD: 03/01/2013 - 18:09:47 - [0] --H-D C:\ProgramData\{05505732-706C-4AFB-8CB4-779D17872B48}
O43 - CFD: 21/04/2012 - 16:14:34 - [0,027] ----D C:\Users\Mounir\AppData\Roaming\Babylon =>Toolbar.Babylon
O43 - CFD: 12/07/2011 - 22:10:55 - [0,053] ----D C:\Users\Mounir\AppData\Roaming\com.socialbox.socialbox
O43 - CFD: 20/06/2013 - 14:43:47 - [0,308] ----D C:\Users\Mounir\AppData\Roaming\File Scout
O43 - CFD: 08/10/2012 - 21:05:37 - [0,203] ----D C:\Users\Mounir\AppData\Roaming\Nbt
O43 - CFD: 17/08/2011 - 23:12:58 - [5,636] ----D C:\Users\Mounir\AppData\Roaming\OpenCandy =>Adware.OpenCandy
O43 - CFD: 21/04/2012 - 21:13:28 - [0,014] ----D C:\Users\Mounir\AppData\Local\Ilivid Player =>Adware.Bandoo
O43 - CFD: 18/08/2011 - 12:40:53 - [0] ----D C:\Users\Mounir\AppData\Local\OpenCandy =>Adware.OpenCandy
~ 1028 Dossiers CLSID vides (CLSID Empty Folders)
~ Program Folder: 1324 Legitimates Filtered in 00mn 43s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.C380CF5835C2EDC9A763987EBEE41AFD] - 21/07/2013 - 19:06:21 ---A- . (...) -- C:\Windows\IE9_main.log [16294]
O44 - LFC:[MD5.4B333D3CC96AE66BD754329FD2989EE2] - 21/07/2013 - 19:01:44 ---A- . (...) -- C:\Windows\System32\ieuinit.inf [72822]
O44 - LFC:[MD5.96E4F8690E27BE967EE1B4C7585CBF3D] - 21/07/2013 - 15:28:50 ---A- . (...) -- C:\ZHPDiag.Txt [42956]
~ Files: 206 Legitimates Filtered in 00mn 06s



---\\ MountPoints2 Shell Key (O51)
O51 - MPSK:{0293d599-d984-11e1-bdbd-806e6f6e6963}\AutoRun\command. (...) -- E:\AutoRun.exe (.not file.)
O51 - MPSK:{0293d5ec-d984-11e1-bdbd-000b6b61d8ff}\AutoRun\command. (...) -- E:\AutoRun.exe (.not file.)
O51 - MPSK:{32604959-e946-11e1-bf59-000b6b61d8ff}\AutoRun\command. (...) -- E:\AutoRun.exe (.not file.)
O51 - MPSK:{b293e8e9-db10-11e1-a557-001e101f1ed9}\AutoRun\command. (...) -- E:\AutoRun.exe (.not file.)
O51 - MPSK:{e0e5bc7f-d986-11e1-b866-000b6b61d8ff}\AutoRun\command. (...) -- E:\AutoRun.exe (.not file.)
~ Keys: Scanned in 00mn 00s



---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s



---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.21E785EBD7DC90A06391141AAC7892FB] - 14/07/2009 - 02:26:15 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [422976]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 13/07/2009 - 22:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
~ Drivers: Scanned in 00mn 00s



---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ ADS: Scanned in 00mn 00s



---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 19 Legitimates Filtered in 00mn 00s



---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] {043C5167-00BB-4324-AF7E-62013FAEDACF} - (Web Search...) - http://ww1.toolbarhome.com =>PUP.VShareRedir
O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} [DefaultScope] - (Search the web (Babylon)) - http://search.babylon.com =>Adware.IMBooster
O69 - SBI: SearchScopes [HKCU] {51D76B41-E224-4B46-92CC-2BDE4E8C2E33} - (Ask Search) - http://www.search.ask.com/?o=10148&l=dis
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - https://www.google.com/?gws_rd=ssl
O69 - SBI: SearchScopes [HKCU] {739E7B8F-383B-4721-B0F0-88695EB431D1} - (Search the web (Babylon)) - http://search.babylon.com =>Adware.IMBooster
O69 - SBI: SearchScopes [HKCU] {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} - (Search Results) - https://www.search.ask.com/web?l=dis&q=&o=APN10655A&apn_dtid=%5EBND101%5EYY%5EFR&shad=s_0048&gct=hp&apn_ptnrs=%5EAG5&d=101-0&lang=en&atb=sysid%3D101%3Auid%3D58c9331d816657ac%3Asrc%3Dhmp%3Ao%3DAPN10655A%3Atg%3D&p2=%5EAG5%5EBND101%5EYY%5EFR =>PUP.SearchResults
~ Keys: Scanned in 00mn 00s



---\\ Recherche particuliere à la racine de certains dossiers (O84)
[MD5.1FE339E72FE03A27DD9D5A9A357CFE7D] [SPRF][16/01/2010] (...) -- C:\ProgramData\FullRemove.exe [131368]
[MD5.3BC853FCC8DABE43A64823C4D2968EDF] [SPRF][10/07/2013] (.Ask Partner Network - Stub Installer.) -- C:\Users\Mounir\AppData\Local\Temp\APNSetup.exe [489936]
[MD5.B1957B038895642DF9F662326E7D4DDC] [SPRF][22/06/2013] (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Users\Mounir\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe [903080]
[MD5.DE1BD315B11A2C3B11882004A660906F] [SPRF][27/02/2013] (...) -- C:\Users\Mounir\AppData\Local\Temp\restorer1.0.0.1.exe [195072]
[MD5.83954C128100AD89746811E92C1B4BF6] [SPRF][20/06/2013] (...) -- C:\Users\Mounir\AppData\Local\Temp\setup_fsu_cid.exe [251299]
[MD5.80F4A456633F78A26A3C6B16E64EFEC5] [SPRF][28/09/2007] (.Microsoft - Uno Messenger.) -- C:\Windows\Downloaded Program Files\GAME_UNO1.dll [381960]
[MD5.8945CCA5FC4F25168E8B6F401EFAF51F] [SPRF][22/02/2007] (.Microsoft Corporation - Zone.com Stats Client for MSN Messenger.) -- C:\Windows\Downloaded Program Files\MessengerStatsPAClient.dll [304544]
[MD5.E661E91B5929632665683222D509D271] [SPRF][28/02/2007] (.Microsoft Corporation - Zone.com Minesweeper Flags for MSN Messenger.) -- C:\Windows\Downloaded Program Files\MineSweeper.dll [130472]
[MD5.1E5CFDF9AEBDD84305A4C8154277A269] [SPRF][28/02/2007] (.Microsoft Corporation - Zone.com Checkers for MSN Messenger.) -- C:\Windows\Downloaded Program Files\msgrchkr.dll [131472]
~ Files: Scanned in 00mn 00s



---\\ Product Upgrade Codes (O90)
O90 - PUC: "D2A425F47365A600677A7A857BC00010" . (.Ask Toolbar.) -- C:\windows\Installer\{4F524A2D-5637-006A-76A7-A758B70C0001}\ToolbarIcon.exe =>Toolbar.Ask
~ Update Products: 465 Legitimates Filtered in 00mn 00s



---\\ Random Export Key (O91)
[HKCU\Software\d55dfdfb239ef40\2.6.1339.144\upd]:="upd=1"
[HKCU\Software\d55dfdfb239ef40\history\{16cdff19-861d-48e3-a751-d99a27784753}2.2.630.40]:guid="{16cdff19-861d-48e3-a751-d99a27784753}"
[HKCU\Software\d55dfdfb239ef40\history\{16cdff19-861d-48e3-a751-d99a27784753}2.2.630.40]:version="2.2.630.40"
[HKCU\Software\d55dfdfb239ef40\history\{16cdff19-861d-48e3-a751-d99a27784753}2.3.787.43]:guid="{16cdff19-861d-48e3-a751-d99a27784753}"
[HKCU\Software\d55dfdfb239ef40\history\{16cdff19-861d-48e3-a751-d99a27784753}2.3.787.43]:version="2.3.787.43"
[HKCU\Software\d55dfdfb239ef40\history\{16cdff19-861d-48e3-a751-d99a27784753}2.6.1123.78]:guid="{16cdff19-861d-48e3-a751-d99a27784753}"
[HKCU\Software\d55dfdfb239ef40\history\{16cdff19-861d-48e3-a751-d99a27784753}2.6.1123.78]:version="2.6.1123.78"
[HKCU\Software\d55dfdfb239ef40\history\{16cdff19-861d-48e3-a751-d99a27784753}2.6.1125.80]:guid="{16cdff19-861d-48e3-a751-d99a27784753}"
[HKCU\Software\d55dfdfb239ef40\history\{16cdff19-861d-48e3-a751-d99a27784753}2.6.1125.80]:version="2.6.1125.80"
[HKCU\Software\d55dfdfb239ef40\history\{16cdff19-861d-48e3-a751-d99a27784753}2.6.1249.132]:guid="{16cdff19-861d-48e3-a751-d99a27784753}"
[HKCU\Software\d55dfdfb239ef40\history\{16cdff19-861d-48e3-a751-d99a27784753}2.6.1249.132]:version="2.6.1249.132"
[HKCU\Software\d55dfdfb239ef40] =>Toolbar.Babylon^
[HKCU\Software\d55dfdfb239ef40]:GUID="{16cdff19-861d-48e3-a751-d99a27784753}"
[HKCU\Software\d55dfdfb239ef40]:version="2.6.1339.144"
[HKLM\Software\d55dfdfb239ef40] =>Toolbar.Babylon^
[HKLM\Software\d55dfdfb239ef40]:GUID="{16cdff19-861d-48e3-a751-d99a27784753}"
[HKLM\Software\d55dfdfb239ef40]:version="2.6.1339.144"
~ Export Key Software: Scanned in 00mn 00s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 28/05/2013 163328 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 06/06/2013 169632 | (APNMCP) . (.APN LLC..) - C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
SR - | Auto 23/02/2011 42184 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 3085264 | (Browser Manager) . (...) - C:\ProgramData\Browser Manager\2.6.1339.144\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
SR - | Auto 21/07/2010 656672 | (btwdins) . (.Broadcom Corporation..) - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
SR - | Auto 18/04/2011 136176 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SR - | Demand 18/04/2011 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SR - | Auto 01/03/2013 161384 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SR - | Auto 14/07/2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 14/07/2009 20992 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 03s



---\\ Scan Additionnel (O88)
Database Version : v2.12804 - (21/07/2013)
Clés trouvées (Keys found) : 26
Valeurs trouvées (Values found) : 1
Dossiers trouvés (Folders found) : 13
Fichiers trouvés (Files found) : 17

[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{043C5167-00BB-4324-AF7E-62013FAEDACF}] =>Parasite.Pugi
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}] =>Toolbar.Babylon
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3B7599DF-3D5D-4EF5-BF51-9C2EDA788E83}] =>Toolbar.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}] =>Adware.Bandoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}] =>Adware.Bandoo
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}] =>Adware.Bandoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4F12-8568-69135F087DB0}] =>Adware.Bandoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}] =>Toolbar.Avira
[HKCU\Software\BrowserMngr] =>Toolbar.Babylon
[HKCU\Software\DataMngr] =>Adware.Bandoo
[HKCU\Software\AppDataLow\Software\searchqutoolbar] =>Adware.Bandoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings] =>PUP.BProtector
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D0F4A166-B8D4-48B8-9D63-80849FE137CB}] =>Toolbar.Babylon
[HKCU\Software\AppDataLow\Software\NetNucleous\ActiveCollector] =>Adware.Mirar
[HKCU\Software\NetNucleous\ActiveCollector] =>Adware.Mirar
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07202B0D-149C-4568-90DF-ACC2B4057809}] =>Adware.Mirar
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07202B0D-149C-4568-90DF-ACC2B4057809}] =>Adware.Mirar
[HKCU\Software\AskPartnerNetwork] =>Toolbar.Ask
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] =>Toolbar.Avast
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] =>Toolbar.Avast
[HKLM\Software\Classes\ShoppingReport2.HbAx] =>Adware.ShoppingReport
[HKLM\Software\Classes\ShoppingReport2.HbInfoBand] =>Adware.ShoppingReport
[HKLM\Software\Classes\ShoppingReport2.IEButton] =>Adware.ShoppingReport
[HKLM\Software\Classes\ShoppingReport2.IEButtonA] =>Adware.ShoppingReport
[HKLM\Software\Classes\ShoppingReport2.RprtCtrl] =>Adware.ShoppingReport
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}] =>Adware.Bandoo^
[HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{D4027C7F-154A-4066-A1AD-4243D8127440} =>Toolbar.Avira
C:\Program Files\Installer =>Adware.InstallPedia
C:\Program Files\RegClean Pro =>Rogue.RegistryPowerCleaner
C:\Program Files\AskPartnerNetwork =>Toolbar.Ask
C:\ProgramData\Babylon =>Toolbar.Babylon
C:\ProgramData\Browser Manager =>Toolbar.Babylon
C:\ProgramData\Trymedia =>Adware.Trymedia
C:\ProgramData\AskPartnerNetwork =>Toolbar.Ask
C:\Users\Mounir\AppData\Roaming\Babylon =>Toolbar.Babylon
C:\Users\Mounir\AppData\Roaming\OpenCandy =>Adware.OpenCandy
C:\Users\Mounir\AppData\Local\OpenCandy =>Adware.OpenCandy
C:\Users\Mounir\AppData\LocalLow\BabylonToolbar =>Toolbar.Babylon
C:\Users\Mounir\AppData\LocalLow\searchquband =>Adware.Bandoo
C:\Users\Mounir\AppData\LocalLow\ShoppingReport2 =>Adware.ShopperReports
C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe =>Toolbar.Ask^
[HKCU\Software\AppDataLow\Software\ShoppingReport2] =>Adware.ShoppingReport^
[HKCU\Software\BabSolution] =>Hijacker.BabSolution^
[HKCU\Software\DataMngr_Toolbar] =>PUP.Datamngr^
[HKCU\Software\Datamngr] =>PUP.Datamngr^
[HKCU\Software\Trymedia Systems] =>Adware.Trymedia^
[HKCU\Software\YahooPartnerToolbar] =>Toolbar.Yahoo^
[HKLM\Software\Babylon] =>Toolbar.Babylon^
[HKLM\Software\BrowserMngr] =>Toolbar.Babylon^
[HKLM\Software\DataMngr] =>PUP.Datamngr^
[HKLM\Software\Trymedia Systems] =>Adware.Trymedia^
C:\Program Files\Advanced System Protector =>PUP.AdvancedSystemProtector^
C:\Users\Mounir\AppData\Local\Ilivid Player =>Adware.Bandoo^
[HKCU\Software\d55dfdfb239ef40] =>Toolbar.Babylon^^
[HKLM\Software\d55dfdfb239ef40] =>Toolbar.Babylon^^
C:\Users\Mounir\AppData\Local\Temp\GoogleToolbarInstaller1.log =>Toolbar.Babylon
C:\Users\Mounir\AppData\Local\Temp\GoogleToolbarInstaller2.log =>Toolbar.Babylon
~ Additionnel Scan: 191767 Items scanned in 01mn 27s



---\\ Malicius Software Information
~ http://nicolascoolman.webs.com/apps/blog/show/28927746-toolbar-ask =>Toolbar.Ask
~ http://nicolascoolman.webs.com/apps/blog/show/27422225-adware-shoppingreport =>Adware.ShoppingReport
~ http://nicolascoolman.webs.com/apps/blog/show/27583992-pup-datamngr =>PUP.Datamngr
~ http://nicolascoolman.webs.com/apps/blog/show/26678994-hijacker-babsolution =>Hijacker.BabSolution
~ http://nicolascoolman.webs.com/apps/blog/show/26627369-toolbar-babylon =>Toolbar.Babylon
~ http://nicolascoolman.webs.com/apps/blog/show/29710349-adware-trymedia =>Adware.Trymedia
~ http://nicolascoolman.webs.com/apps/blog/show/30268689-toolbar-yahoo =>Toolbar.Yahoo
~ http://nicolascoolman.webs.com/apps/blog/show/26630283-pup-advancedsystemprotector =>PUP.AdvancedSystemProtector
~ http://nicolascoolman.webs.com/apps/blog/show/29295819-rogue-registrypowercleaner =>Rogue.RegistryPowerCleaner
~ http://nicolascoolman.webs.com/apps/blog/show/26770694-adware-opencandy =>Adware.OpenCandy
~ http://nicolascoolman.webs.com/apps/blog/show/26611092-adware-bandoo =>Adware.Bandoo
~ http://nicolascoolman.webs.com/apps/blog/show/29432250-pup-vshareredir =>PUP.VShareRedir
~ http://nicolascoolman.webs.com/apps/blog/show/26684723-adware-imbooster =>Adware.IMBooster
~ http://nicolascoolman.webs.com/apps/blog/show/30319724-pup-searchresults =>PUP.SearchResults
~ http://nicolascoolman.webs.com/apps/blog/show/26632288-parasite-pugi =>Parasite.Pugi
~ http://nicolascoolman.webs.com/apps/blog/show/28133096-pup-bprotector =>PUP.BProtector
~ http://nicolascoolman.webs.com/apps/blog/show/27047259-adware-mirar =>Adware.Mirar
~ http://nicolascoolman.webs.com/apps/blog/show/26967630-adware-installpedia =>Adware.InstallPedia
~ MSI: 18 link(s) detected in 01mn 27s



~ 2622 Legitimates filtered by white list
End of the scan (537 lines in 04mn 06s)(0)

oui ok je regarde ça toute suite.

effectivement il y a beaucoup de mise a jour en échec .

en non m'abandonne pas tu part pour longtemps ?

je vois pas de code d'erreur c'est juste écrit mise a jour hier échec.

mwias

Rassure toi c'est juste le temps que j'aille faire les courses :D

Je ne te laisse pas tomber

ok :)

Salut miaws, tkt pas je suis pas loin, fais comme lili t'a dit, essaie de relancer les mises à jour non réussies.

Tiens nous au courant en cas de soucis.

Ben tu refais un scan comme lili t'a demandé, après elle devrait reprendre la main ;-)

ok et je désactive Avast pendant le scan ?

OK

voila

Rapport de ZHPDiag v2013.7.20.351 par Nicolas Coolman, Update du 21/07/2013
Run by Mounir at 22/07/2013 14:31:25
WebSite: https://nicolascoolman.webs.com/
State : Version à jour.
WhiteList : Enable
High Elevated Privileges : OK
UAC : Activate by user


---\\ Web Browser
MSIE: Internet Explorer v9.0.8112.16421
GCIE: Google Chrome v28.0.1500.72 (Defaut)

---\\ Windows Product Information
~ Langage: Français
Windows 7 Starter Edition, 32-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : X8XG7
Windows License : OK
~ Windows Remaining Initializations Number : 4
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ System Protection
avast! Free Antivirus v6.0.1000.0
Windows Defender W7

---\\ System Optimizer

---\\ Peer To Peer (P2P)

---\\ Software Update
Adobe Flash Player 11 ActiveX
Adobe Reader 9.1 - Français
Java 7 Update 25

---\\ System Information
~ Processor: x86 Family 6 Model 28 Stepping 10, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1013 MB (11% free)
System Restore: Activé (Enable)
System drive C: has 50 GB (59%) free of 85 GB

---\\ Logged in mode
~ Computer Name: MOUNIR-PC
~ User Name: Mounir
~ All Users Names: Mounir, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\Mounir\AppData\Roaming\
~ %Desktop% : C:\Users\Mounir\Desktop\
~ %Favorites% : C:\Users\Mounir\Favorites\
~ %LocalAppData% : C:\Users\Mounir\AppData\Local\
~ %StartMenu% : C:\Users\Mounir\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 50 Go of 85 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 128 Go of 128 Go)
Q:\ Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)



---\\ Security Center & Tools Informations
~ Security Center: 26 Legitimates Filtered in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.40D777B7A95E00593EB1568C68514493] - (.Microsoft Corporation - Explorateur Windows.) (.20/11/2010 - 13:17:09.) -- C:\Windows\Explorer.exe [2616320]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.EA952A5C277CABCBA69EA806146BB984] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.21/07/2013 - 19:01:46.) -- C:\Windows\System32\wininet.dll [1129472]
[MD5.6D13E1406F50C66E2A95D97F22C47560] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.20/11/2010 - 13:17:54.) -- C:\Windows\System32\Winlogon.exe [286720]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 13:21:24.) -- C:\Windows\System32\sppcomapi.dll [193536]
[MD5.9EBBBA55060F786F0FCAA3893BFA2806] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.25/04/2011 - 03:18:03.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 09:38:10.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 09:42:32.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 10:59:29.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 00:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:17:22.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 09:39:44.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.5E43D2B0EE64123D4880DFA6626DEFDE] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 14:45:29.) -- C:\Windows\system32\Drivers\ntfs.sys [1211752]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 00:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/07/2009 - 00:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 00:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.B459575348C20E8121D6039DA063C704] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 09:39:17.) -- C:\Windows\system32\Drivers\tdx.sys [74752]
[MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 13:30:16.) -- C:\Windows\system32\Drivers\volsnap.sys [245632]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/4
~ Mes musiques (My Musics) : 1/25
~ Mes Videos (My Videos) : 1/2
~ Mes Favoris (My Favorites) : 1/65
~ Mes Documents (My Documents) : 1/261
~ Mon Bureau (My Desktop) : 0/31
~ Menu demarrer (Programs) : 1/33
~ Hidden Files: Scanned in 00mn 03s



---\\ Processus lancés
[MD5.981794879E8FD26CDD6ABCFF3F3F65EF] - (...) -- C:\ProgramData\Browser Manager\2.6.1339.144\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe [3085264] [PID.1224]
[MD5.59D29EF36C6712AAA8607E3484E75259] - (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [8555040] [PID.1172]
[MD5.13B671D7253F29DA148569288CECF74B] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [173592] [PID.1664]
[MD5.052F402E557C9EC01B188AD56E336029] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [150552] [PID.2720]
[MD5.2B3DB9C9D7E206CFCF3E327709BEF3AD] - (.Intel Corporation - igfxsrvc Module.) -- C:\windows\system32\igfxsrvc.exe [252952] [PID.1056]
[MD5.2E9A1A6555C20424FC6DCC3AF21F4D68] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [3451496] [PID.588]
[MD5.D63797E8E7781EE1500A810CB6194FA6] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816] [PID.1000]
[MD5.055C94C8429EAB0573A31C5BF7B505B0] - (.APN - Ask Toolbar Notifier.) -- C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1541584] [PID.844] =>Toolbar.Ask
[MD5.35539DC0BA63C39D41D88EACDF80A3D2] - (.Broadcom Corporation. - Bluetooth Tray Application.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [836896] [PID.3088]
[MD5.45B1EFC565886A8BD18232D51357B8B8] - (.Broadcom Corporation. - Bluetooth Stack COM Server.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe [2835744] [PID.1028]
[MD5.167F9E5AF87B57763DAAA27D3144C2A0] - (.SEC - Samsung Recovery Solution 4.) -- C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe [2201192] [PID.4888]
[MD5.326691EA3A6B5576A9DEFEF47AA6C327] - (.Samsung Electronics Co., Ltd. - Easy Display Manager.) -- C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe [847360] [PID.4904]
[MD5.10760383AA50CCFC7DB9B5AB0D326AAF] - (.SAMSUNG Electronics - SSCKbdHk.) -- C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe [1749504] [PID.4912]
[MD5.21E2A0921938F193F674FDA3E4287478] - (.Samsung Electronics Co., Ltd. - Smart Restarter Program.) -- C:\Program Files\Samsung\SFB\SmartRestarter.exe [2203136] [PID.4932]
[MD5.01546BF0647BA0CB253A5F38A4B8FBC4] - (.Intel Corporation - igfxext Module.) -- C:\windows\system32\igfxext.exe [173080] [PID.4996]
[MD5.5AFC1F763562C453C64B70886B460CDD] - (.Samsung Electronics Co., Ltd. - EasySpeedUpManager.) -- C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe [719360] [PID.5560]
[MD5.CB037F03178E31BA2985ADD15879CA56] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [846288] [PID.5484]
[MD5.D8CC16D8DCC5E31ABAA2CACBC1C9B5B3] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [7742464] [PID.5488]
[MD5.6F44F5C0BC6B210FE5F5A1C8D899AD0A] - (.Microsoft Corporation - Infrastructure d'extensibilité pour les ser.) -- C:\windows\system32\WLANExt.exe [77312] [PID.1460]
[MD5.2695E3E9497BF72ABB44B5010EC5DA16] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [42184] [PID.1468]
[MD5.249A44DCFA2500EB1C020E33A3E9F25B] - (.Adobe Systems Incorporated - Adobe® Flash® Player Update Service 11.6 r6.) -- C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [163328] [PID.788]
[MD5.DEA1D1757F8F8624E498092684B55D58] - (.APN LLC. - APN Updater.) -- C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [169632] [PID.1148]
[MD5.7778C6BCAFF58C0E876B307514923A48] - (.Broadcom Corporation. - Bluetooth Support Server.) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [656672] [PID.1620]
[MD5.E582B9E88EF4980C3B76276620FE667B] - (.Microsoft Corporation - Message Queuing Service.) -- C:\windows\system32\mqsvc.exe [8704] [PID.2072]
[MD5.A5812F0281CA5081BF696626F9BF324D] - (.Microsoft Corporation - Microsoft Application Virtualization Virtua.) -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe [219496] [PID.2348]
[MD5.CB73BC422C07FB611F194DA18D1E7F36] - (.Microsoft Corporation - Microsoft Application Virtualization Client.) -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe [508776] [PID.2580]
[MD5.72794D112CBAFF3BC0C29BF7350D4741] - (.Microsoft Corporation - Microsoft Office Client Virtualization Serv.) -- C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.exe [822624] [PID.3132]
[MD5.C5A75EB48E2344ABDC162BDA79E16841] - (.Microsoft Corporation - .NET Runtime Optimization Service.) -- C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [130384] [PID.2092]
[MD5.CF87A1DE791347E75B98885214CED2B8] - (.Microsoft Corporation - Service de la plateforme de protection logi.) -- C:\windows\system32\sppsvc.exe [3179520] [PID.1652]
~ Processes Running: Scanned in 00mn 05s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Mounir\AppData\Local\Google\Chrome\User Data\Default\Preferences
~ Google Browser: 0 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: ActiveCollectorPlugin BHO - {07202B0D-149C-4568-90DF-ACC2B4057809} Clé orpheline
~ BHO: 8 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: (no name) - [HKLM]{99079a25-328f-4bd4-be04-00955acaa0a7} Clé orpheline
O3 - Toolbar: (no name) - [HKLM]{D0F4A166-B8D4-48b8-9D63-80849FE137CB} Clé orpheline
O3 - Toolbar: avast! WebRep - [HKLM]{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.Pas de propriétaire - avast! WebRep Plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{043C5167-00BB-4324-AF7E-62013FAEDACF} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{D4027C7F-154A-4066-A1AD-4243D8127440} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
~ Toolbar: Scanned in 00mn 00s



---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
O4 - HKLM\..\Run: [ApnTBMon] . (.APN - Ask Toolbar Notifier.) -- C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe =>Toolbar.Ask
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\windows\System32\SPReview\SPReview.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
~ Application: Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\TaskBar: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar: TuneUp Utilities.lnk . (...) -- C:\Program Files\TuneUp Utilities 2013\TUMessages.exe (.not file.)
O4 - GS\TaskBar: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\windows\explorer.exe
O4 - GS\Programs: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Accessories: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Accessories: Private Character Editor.lnk . (.Microsoft Corporation - Éditeur de caractères privés.) -- C:\windows\system32\eudcedit.exe
O4 - GS\SendTo: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) -- C:\windows\system32\WFS.exe
O4 - GS\SendTo: Skype.lnk . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
O4 - GS\Desktop: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
~ Global Startup: Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} . (.Microsoft Corporation - Windows Live Messenger Companion core resources.) -- C:\Program Files\Windows Live\Companion\companionres.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} . (...) -- C:\Program Files\WIDCOMM\Bluetooth Software\bt_hot_icon.ico
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} ((no name)) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} ((no name)) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/fr/uno1/GAME_UNO1.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} ((no name)) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} ((no name)) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} ((no name)) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
~ Objets ActiveX: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{A2E03183-BD63-4AE7-A816-AA7884BECFEA}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{A2E03183-BD63-4AE7-A816-AA7884BECFEA}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{A2E03183-BD63-4AE7-A816-AA7884BECFEA}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (...) - C:\ProgramData\Browser Manager\2.6.1339.144\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll
~ AppInit DLL: Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated - Adobe® Flash® Player Update Service 11.6 r6.) - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Service de mise à jour Ask (APNMCP) . (.APN LLC. - APN Updater.) - C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
O23 - Service: Browser Manager (Browser Manager) . (...) - C:\ProgramData\Browser Manager\2.6.1339.144\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files\Skype\Updater\Updater.exe
~ Services: 7 Legitimates Filtered in 01mn 06s



---\\ Tâches planifiées en automatique (O39)
[MD5.95B63EBDF62D57707FD46393DADB51A4] [APT] [{5CEF62E0-EDC9-469E-8EFB-A7FE3C7C9D7E}] (...) -- C:\Users\Mounir\Downloads\JL_Cmder v1.9 installer\JL_Cmder v1.9.0 Installer\JL_Cmder v1.9.0.exe [155913]
[MD5.00000000000000000000000000000000] [APT] [{5D1AE1E2-3D93-41F6-8FD9-1C26E5BC0498}] (...) -- C:\Program Files\Intel\Intel Matrix Storage Manager\Uninstall\imsmudlg.exe (.not file.) [0]
~ Scheduled Task: 23 Legitimates Filtered in 00mn 10s



---\\ Logiciels installés (O42)
O42 - Logiciel: Ask Toolbar - (.Ask Partner Network.) [HKLM] -- {4F524A2D-5637-006A-76A7-A758B70C0001} =>Toolbar.Ask
O42 - Logiciel: Browser Manager - (...) [HKLM] -- {15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}
O42 - Logiciel: NBT - (...) [HKCU] -- nbt
~ Logic: 86 Legitimates Filtered in 00mn 02s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\AppDataLow\Software\ShoppingReport2] =>Adware.ShoppingReport
[HKCU\Software\AppDataLow\Software\searchqutoolbar] =>PUP.Datamngr
[HKCU\Software\AskPartnerNetwork]
[HKCU\Software\BabSolution] =>Hijacker.BabSolution
[HKCU\Software\BrowserMngr] =>Toolbar.Babylon
[HKCU\Software\DataMngr_Toolbar] =>PUP.Datamngr
[HKCU\Software\Datamngr] =>PUP.Datamngr
[HKCU\Software\NBT]
[HKCU\Software\Trymedia Systems] =>Adware.Trymedia
[HKCU\Software\YahooPartnerToolbar] =>Toolbar.Yahoo
[HKCU\Software\d55dfdfb239ef40]
[HKLM\Software\AskPartnerNetwork]
[HKLM\Software\Babylon] =>Toolbar.Babylon
[HKLM\Software\BrowserMngr] =>Toolbar.Babylon
[HKLM\Software\DataMngr] =>PUP.Datamngr
[HKLM\Software\Trymedia Systems] =>Adware.Trymedia
[HKLM\Software\d55dfdfb239ef40]
~ Key Software: 117 Legitimates Filtered in 00mn 02s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 12/02/2013 - 03:35:19 - [0,388] ----D C:\Program Files\Advanced System Protector =>PUP.AdvancedSystemProtector
O43 - CFD: 10/07/2013 - 18:15:43 - [7,502] ----D C:\Program Files\AskPartnerNetwork
O43 - CFD: 07/06/2013 - 09:44:10 - [20,023] ----D C:\Program Files\Installer
O43 - CFD: 12/02/2013 - 03:35:18 - [0,228] ----D C:\Program Files\RegClean Pro =>Rogue.RegistryPowerCleaner
O43 - CFD: 10/07/2013 - 18:15:15 - [0] ----D C:\ProgramData\APN
O43 - CFD: 05/11/2011 - 13:07:52 - [0] ----D C:\ProgramData\Ask
O43 - CFD: 10/07/2013 - 18:15:43 - [0,429] ----D C:\ProgramData\AskPartnerNetwork
O43 - CFD: 21/04/2012 - 16:14:35 - [0] ----D C:\ProgramData\Babylon =>Toolbar.Babylon
O43 - CFD: 21/04/2012 - 21:10:02 - [0,000] ----D C:\ProgramData\boost_interprocess
O43 - CFD: 15/06/2013 - 11:05:11 - [8,375] ----D C:\ProgramData\Browser Manager
O43 - CFD: 09/07/2011 - 19:03:04 - [0,001] ----D C:\ProgramData\Trymedia =>Adware.Trymedia
O43 - CFD: 03/01/2013 - 18:09:47 - [0] --H-D C:\ProgramData\{05505732-706C-4AFB-8CB4-779D17872B48}
O43 - CFD: 21/04/2012 - 16:14:34 - [0,027] ----D C:\Users\Mounir\AppData\Roaming\Babylon =>Toolbar.Babylon
O43 - CFD: 12/07/2011 - 22:10:55 - [0,053] ----D C:\Users\Mounir\AppData\Roaming\com.socialbox.socialbox
O43 - CFD: 20/06/2013 - 14:43:47 - [0,308] ----D C:\Users\Mounir\AppData\Roaming\File Scout
O43 - CFD: 08/10/2012 - 21:05:37 - [0,203] ----D C:\Users\Mounir\AppData\Roaming\Nbt
O43 - CFD: 17/08/2011 - 23:12:58 - [5,636] ----D C:\Users\Mounir\AppData\Roaming\OpenCandy =>Adware.OpenCandy
O43 - CFD: 21/04/2012 - 21:13:28 - [0,014] ----D C:\Users\Mounir\AppData\Local\Ilivid Player =>Adware.Bandoo
O43 - CFD: 18/08/2011 - 12:40:53 - [0] ----D C:\Users\Mounir\AppData\Local\OpenCandy =>Adware.OpenCandy
~ 1028 Dossiers CLSID vides (CLSID Empty Folders)
~ Program Folder: 1324 Legitimates Filtered in 01mn 17s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.D365182EC529562A8E4C8C5D5824B390] - 22/07/2013 - 13:09:32 ---A- . (...) -- C:\Windows\iis7.log [100560]
O44 - LFC:[MD5.C380CF5835C2EDC9A763987EBEE41AFD] - 21/07/2013 - 19:06:21 ---A- . (...) -- C:\Windows\IE9_main.log [16294]
O44 - LFC:[MD5.4B333D3CC96AE66BD754329FD2989EE2] - 21/07/2013 - 19:01:44 ---A- . (...) -- C:\Windows\System32\ieuinit.inf [72822]
O44 - LFC:[MD5.B8CBB46B42570D373C9933FBDF25EBCE] - 21/07/2013 - 18:10:54 ---A- . (...) -- C:\Windows\System32\systemsf.ebd [146852]
O44 - LFC:[MD5.03783D0840B2C54D7665248425C74417] - 21/07/2013 - 18:05:38 ---A- . (...) -- C:\Windows\System32\dosx.exe [53600]
O44 - LFC:[MD5.5C18CD22BE4628865FCB63337A6E5EF6] - 21/07/2013 - 18:05:29 ---A- . (...) -- C:\Windows\System32\ScavengeSpace.xml [10429]
O44 - LFC:[MD5.C236A8735A48B165A2A7724357DBE332] - 21/07/2013 - 18:04:50 ---A- . (...) -- C:\Windows\System32\RacRules.xml [105559]
O44 - LFC:[MD5.96E4F8690E27BE967EE1B4C7585CBF3D] - 21/07/2013 - 15:28:50 ---A- . (...) -- C:\ZHPDiag.Txt [42956]
~ Files: 894 Legitimates Filtered in 00mn 34s



---\\ MountPoints2 Shell Key (O51)
O51 - MPSK:{0293d599-d984-11e1-bdbd-806e6f6e6963}\AutoRun\command. (...) -- E:\AutoRun.exe (.not file.)
O51 - MPSK:{0293d5ec-d984-11e1-bdbd-000b6b61d8ff}\AutoRun\command. (...) -- E:\AutoRun.exe (.not file.)
O51 - MPSK:{32604959-e946-11e1-bf59-000b6b61d8ff}\AutoRun\command. (...) -- E:\AutoRun.exe (.not file.)
O51 - MPSK:{b293e8e9-db10-11e1-a557-001e101f1ed9}\AutoRun\command. (...) -- E:\AutoRun.exe (.not file.)
O51 - MPSK:{e0e5bc7f-d986-11e1-b866-000b6b61d8ff}\AutoRun\command. (...) -- E:\AutoRun.exe (.not file.)
~ Keys: Scanned in 00mn 00s



---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s



---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.21E785EBD7DC90A06391141AAC7892FB] - 14/07/2009 - 02:26:15 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [422976]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 13/07/2009 - 22:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
~ Drivers: Scanned in 00mn 00s



---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ ADS: Scanned in 00mn 00s



---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 19 Legitimates Filtered in 00mn 00s



---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] {043C5167-00BB-4324-AF7E-62013FAEDACF} - (Web Search...) - http://ww1.toolbarhome.com =>PUP.VShareRedir
O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} [DefaultScope] - (Search the web (Babylon)) - http://search.babylon.com =>Adware.IMBooster
O69 - SBI: SearchScopes [HKCU] {51D76B41-E224-4B46-92CC-2BDE4E8C2E33} - (Ask Search) - http://www.search.ask.com/?o=10148&l=dis
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - https://www.google.com/?gws_rd=ssl
O69 - SBI: SearchScopes [HKCU] {739E7B8F-383B-4721-B0F0-88695EB431D1} - (Search the web (Babylon)) - http://search.babylon.com =>Adware.IMBooster
O69 - SBI: SearchScopes [HKCU] {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} - (Search Results) - https://www.search.ask.com/web?l=dis&q=&o=APN10655A&apn_dtid=%5EBND101%5EYY%5EFR&shad=s_0048&gct=hp&apn_ptnrs=%5EAG5&d=101-0&lang=en&atb=sysid%3D101%3Auid%3D58c9331d816657ac%3Asrc%3Dhmp%3Ao%3DAPN10655A%3Atg%3D&p2=%5EAG5%5EBND101%5EYY%5EFR =>PUP.SearchResults
~ Keys: Scanned in 00mn 00s



---\\ Recherche particuliere à la racine de certains dossiers (O84)
[MD5.1FE339E72FE03A27DD9D5A9A357CFE7D] [SPRF][16/01/2010] (...) -- C:\ProgramData\FullRemove.exe [131368]
[MD5.3BC853FCC8DABE43A64823C4D2968EDF] [SPRF][10/07/2013] (.Ask Partner Network - Stub Installer.) -- C:\Users\Mounir\AppData\Local\Temp\APNSetup.exe [489936]
[MD5.B1957B038895642DF9F662326E7D4DDC] [SPRF][22/06/2013] (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Users\Mounir\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe [903080]
[MD5.DE1BD315B11A2C3B11882004A660906F] [SPRF][27/02/2013] (...) -- C:\Users\Mounir\AppData\Local\Temp\restorer1.0.0.1.exe [195072]
[MD5.83954C128100AD89746811E92C1B4BF6] [SPRF][20/06/2013] (...) -- C:\Users\Mounir\AppData\Local\Temp\setup_fsu_cid.exe [251299]
[MD5.80F4A456633F78A26A3C6B16E64EFEC5] [SPRF][28/09/2007] (.Microsoft - Uno Messenger.) -- C:\Windows\Downloaded Program Files\GAME_UNO1.dll [381960]
[MD5.8945CCA5FC4F25168E8B6F401EFAF51F] [SPRF][22/02/2007] (.Microsoft Corporation - Zone.com Stats Client for MSN Messenger.) -- C:\Windows\Downloaded Program Files\MessengerStatsPAClient.dll [304544]
[MD5.E661E91B5929632665683222D509D271] [SPRF][28/02/2007] (.Microsoft Corporation - Zone.com Minesweeper Flags for MSN Messenger.) -- C:\Windows\Downloaded Program Files\MineSweeper.dll [130472]
[MD5.1E5CFDF9AEBDD84305A4C8154277A269] [SPRF][28/02/2007] (.Microsoft Corporation - Zone.com Checkers for MSN Messenger.) -- C:\Windows\Downloaded Program Files\msgrchkr.dll [131472]
~ Files: Scanned in 00mn 00s



---\\ Product Upgrade Codes (O90)
O90 - PUC: "D2A425F47365A600677A7A857BC00010" . (.Ask Toolbar.) -- C:\windows\Installer\{4F524A2D-5637-006A-76A7-A758B70C0001}\ToolbarIcon.exe =>Toolbar.Ask
~ Update Products: 465 Legitimates Filtered in 00mn 00s



---\\ Random Export Key (O91)
[HKCU\Software\d55dfdfb239ef40\2.6.1339.144\upd]:="upd=1"
[HKCU\Software\d55dfdfb239ef40\history\{16cdff19-861d-48e3-a751-d99a27784753}2.2.630.40]:guid="{16cdff19-861d-48e3-a751-d99a27784753}"
[HKCU\Software\d55dfdfb239ef40\history\{16cdff19-861d-48e3-a751-d99a27784753}2.2.630.40]:version="2.2.630.40"
[HKCU\Software\d55dfdfb239ef40\history\{16cdff19-861d-48e3-a751-d99a27784753}2.3.787.43]:guid="{16cdff19-861d-48e3-a751-d99a27784753}"
[HKCU\Software\d55dfdfb239ef40\history\{16cdff19-861d-48e3-a751-d99a27784753}2.3.787.43]:version="2.3.787.43"
[HKCU\Software\d55dfdfb239ef40\history\{16cdff19-861d-48e3-a751-d99a27784753}2.6.1123.78]:guid="{16cdff19-861d-48e3-a751-d99a27784753}"
[HKCU\Software\d55dfdfb239ef40\history\{16cdff19-861d-48e3-a751-d99a27784753}2.6.1123.78]:version="2.6.1123.78"
[HKCU\Software\d55dfdfb239ef40\history\{16cdff19-861d-48e3-a751-d99a27784753}2.6.1125.80]:guid="{16cdff19-861d-48e3-a751-d99a27784753}"
[HKCU\Software\d55dfdfb239ef40\history\{16cdff19-861d-48e3-a751-d99a27784753}2.6.1125.80]:version="2.6.1125.80"
[HKCU\Software\d55dfdfb239ef40\history\{16cdff19-861d-48e3-a751-d99a27784753}2.6.1249.132]:guid="{16cdff19-861d-48e3-a751-d99a27784753}"
[HKCU\Software\d55dfdfb239ef40\history\{16cdff19-861d-48e3-a751-d99a27784753}2.6.1249.132]:version="2.6.1249.132"
[HKCU\Software\d55dfdfb239ef40] =>Toolbar.Babylon^
[HKCU\Software\d55dfdfb239ef40]:GUID="{16cdff19-861d-48e3-a751-d99a27784753}"
[HKCU\Software\d55dfdfb239ef40]:version="2.6.1339.144"
[HKLM\Software\d55dfdfb239ef40] =>Toolbar.Babylon^
[HKLM\Software\d55dfdfb239ef40]:GUID="{16cdff19-861d-48e3-a751-d99a27784753}"
[HKLM\Software\d55dfdfb239ef40]:version="2.6.1339.144"
~ Export Key Software: Scanned in 00mn 00s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 28/05/2013 163328 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 06/06/2013 169632 | (APNMCP) . (.APN LLC..) - C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
SR - | Auto 23/02/2011 42184 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 3085264 | (Browser Manager) . (...) - C:\ProgramData\Browser Manager\2.6.1339.144\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
SR - | Auto 21/07/2010 656672 | (btwdins) . (.Broadcom Corporation..) - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
SS - | Auto 18/04/2011 136176 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 18/04/2011 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Auto 01/03/2013 161384 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SR - | Auto 14/07/2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 14/07/2009 20992 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 02s



---\\ Scan Additionnel (O88)
Database Version : v2.12804 - (21/07/2013)
Clés trouvées (Keys found) : 67
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 13
Fichiers trouvés (Files found) : 15

[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{043C5167-00BB-4324-AF7E-62013FAEDACF}] =>Parasite.Pugi
[HKLM\Software\Classes\Interface\{0EB3F101-224A-4B2B-9E5B-DF720857529C}] =>Adware.ShopperReports
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}] =>Toolbar.Babylon
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3B7599DF-3D5D-4EF5-BF51-9C2EDA788E83}] =>Toolbar.Agent
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3B7599DF-3D5D-4EF5-BF51-9C2EDA788E83}] =>Toolbar.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}] =>Adware.Bandoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}] =>Adware.Bandoo
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}] =>Adware.Bandoo
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}] =>Adware.Bandoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4F12-8568-69135F087DB0}] =>Adware.Bandoo
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7}] =>Adware.Softomate
[HKLM\Software\Classes\Interface\{a1f1ecd3-4806-44c6-a869-f0dadf11c57c}] =>Adware.SmartShopper
[HKLM\Software\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}] =>Adware.CDNHelper
[HKLM\Software\Classes\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB}] =>Toolbar.Babylon
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}] =>Toolbar.Avira
[HKLM\Software\Classes\CLSID\{E46C8196-B634-44a1-AF6E-957C64278AB1}] =>Toolbar.Babylon
[HKLM\Software\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}] =>Toolbar.Babylon
[HKLM\Software\Classes\HBLiteAX.UserProfiles] =>Adware.ShopperReports
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E] =>Toolbar.Ask
[HKCU\Software\BrowserMngr] =>Toolbar.Babylon
[HKLM\Software\BrowserMngr] =>Toolbar.Babylon
[HKCU\Software\DataMngr] =>Adware.Bandoo
[HKLM\Software\DataMngr] =>Adware.Bandoo
[HKCU\Software\AppDataLow\Software\searchqutoolbar] =>Adware.Bandoo
[HKLM\Software\Microsoft\Tracing\MyBabylontb_RASAPI32] =>Toolbar.Babylon
[HKLM\Software\Microsoft\Tracing\MyBabylontb_RASMANCS] =>Toolbar.Babylon
[HKLM\Software\Microsoft\Tracing\Searchqu Toolbar uninstall_RASAPI32] =>Adware.Bandoo
[HKLM\Software\Microsoft\Tracing\Searchqu Toolbar uninstall_RASMANCS] =>Adware.Bandoo
[HKLM\Software\Microsoft\Tracing\SearchquMediaBar_RASAPI32] =>Adware.Bandoo
[HKLM\Software\Microsoft\Tracing\SearchquMediaBar_RASMANCS] =>Adware.Bandoo
[HKLM\Software\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32] =>Adware.Bandoo
[HKLM\Software\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS] =>Adware.Bandoo
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}] =>Toolbar.Babylon
[HKLM\Software\Classes\Prod.cap] =>Toolbar.Babylon
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings] =>PUP.BProtector
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D0F4A166-B8D4-48B8-9D63-80849FE137CB}] =>Toolbar.Babylon
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}] =>PUP.BProtector
[HKCU\Software\AppDataLow\Software\NetNucleous\ActiveCollector] =>Adware.Mirar
[HKCU\Software\NetNucleous\ActiveCollector] =>Adware.Mirar
[HKLM\Software\NetNucleous\ActiveCollector] =>Adware.Mirar
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07202B0D-149C-4568-90DF-ACC2B4057809}] =>Adware.Mirar
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07202B0D-149C-4568-90DF-ACC2B4057809}] =>Adware.Mirar
[HKLM\Software\Classes\CLSID\{07202B0D-149C-4568-90DF-ACC2B4057809}] =>Adware.Mirar
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07202B0D-149C-4568-90DF-ACC2B4057809}] =>Adware.Mirar
[HKLM\Software\Classes\Interface\{E766BB98-6F19-469B-A7F4-5092C744767C}] =>Adware.Mirar
[HKCU\Software\AskPartnerNetwork] =>Toolbar.Ask
[HKLM\Software\AskPartnerNetwork] =>Toolbar.Ask
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] =>Toolbar.Avast
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] =>Toolbar.Avast
[HKLM\Software\Classes\CLSID\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] =>Toolbar.Avast
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] =>Toolbar.Avast
[HKLM\Software\Classes\ShoppingReport2.HbAx] =>Adware.ShoppingReport
[HKLM\Software\Classes\ShoppingReport2.HbInfoBand] =>Adware.ShoppingReport
[HKLM\Software\Classes\ShoppingReport2.IEButton] =>Adware.ShoppingReport
[HKLM\Software\Classes\ShoppingReport2.IEButtonA] =>Adware.ShoppingReport
[HKLM\Software\Classes\ShoppingReport2.RprtCtrl] =>Adware.ShoppingReport
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{99079A25-328F-4BD4-BE04-00955ACAA0A7} =>Adware.Bandoo
[HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{D4027C7F-154A-4066-A1AD-4243D8127440} =>Toolbar.Avira
C:\Program Files\Installer =>Adware.InstallPedia
C:\Program Files\RegClean Pro =>Rogue.RegistryPowerCleaner
C:\Program Files\AskPartnerNetwork =>Toolbar.Ask
C:\ProgramData\Babylon =>Toolbar.Babylon
C:\ProgramData\Browser Manager =>Toolbar.Babylon
C:\ProgramData\Trymedia =>Adware.Trymedia
C:\ProgramData\AskPartnerNetwork =>Toolbar.Ask
C:\Users\Mounir\AppData\Roaming\Babylon =>Toolbar.Babylon
C:\Users\Mounir\AppData\Roaming\OpenCandy =>Adware.OpenCandy
C:\Users\Mounir\AppData\Local\OpenCandy =>Adware.OpenCandy
C:\Users\Mounir\AppData\LocalLow\BabylonToolbar =>Toolbar.Babylon
C:\Users\Mounir\AppData\LocalLow\searchquband =>Adware.Bandoo
C:\Users\Mounir\AppData\LocalLow\ShoppingReport2 =>Adware.ShopperReports
C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe =>Toolbar.Ask^
[HKCU\Software\AppDataLow\Software\ShoppingReport2] =>Adware.ShoppingReport^
[HKCU\Software\BabSolution] =>Hijacker.BabSolution^
[HKCU\Software\DataMngr_Toolbar] =>PUP.Datamngr^
[HKCU\Software\Datamngr] =>PUP.Datamngr^
[HKCU\Software\Trymedia Systems] =>Adware.Trymedia^
[HKCU\Software\YahooPartnerToolbar] =>Toolbar.Yahoo^
[HKLM\Software\Babylon] =>Toolbar.Babylon^
[HKLM\Software\Trymedia Systems] =>Adware.Trymedia^
C:\Program Files\Advanced System Protector =>PUP.AdvancedSystemProtector^
C:\Users\Mounir\AppData\Local\Ilivid Player =>Adware.Bandoo^
[HKCU\Software\d55dfdfb239ef40] =>Toolbar.Babylon^^
[HKLM\Software\d55dfdfb239ef40] =>Toolbar.Babylon^^
C:\Users\Mounir\AppData\Local\Temp\GoogleToolbarInstaller1.log =>Toolbar.Babylon
C:\Users\Mounir\AppData\Local\Temp\GoogleToolbarInstaller2.log =>Toolbar.Babylon
~ Additionnel Scan: 191893 Items scanned in 01mn 33s



---\\ Malicius Software Information
~ http://nicolascoolman.webs.com/apps/blog/show/28927746-toolbar-ask =>Toolbar.Ask
~ http://nicolascoolman.webs.com/apps/blog/show/27422225-adware-shoppingreport =>Adware.ShoppingReport
~ http://nicolascoolman.webs.com/apps/blog/show/27583992-pup-datamngr =>PUP.Datamngr
~ http://nicolascoolman.webs.com/apps/blog/show/26678994-hijacker-babsolution =>Hijacker.BabSolution
~ http://nicolascoolman.webs.com/apps/blog/show/26627369-toolbar-babylon =>Toolbar.Babylon
~ http://nicolascoolman.webs.com/apps/blog/show/29710349-adware-trymedia =>Adware.Trymedia
~ http://nicolascoolman.webs.com/apps/blog/show/30268689-toolbar-yahoo =>Toolbar.Yahoo
~ http://nicolascoolman.webs.com/apps/blog/show/26630283-pup-advancedsystemprotector =>PUP.AdvancedSystemProtector
~ http://nicolascoolman.webs.com/apps/blog/show/29295819-rogue-registrypowercleaner =>Rogue.RegistryPowerCleaner
~ http://nicolascoolman.webs.com/apps/blog/show/26770694-adware-opencandy =>Adware.OpenCandy
~ http://nicolascoolman.webs.com/apps/blog/show/26611092-adware-bandoo =>Adware.Bandoo
~ http://nicolascoolman.webs.com/apps/blog/show/29432250-pup-vshareredir =>PUP.VShareRedir
~ http://nicolascoolman.webs.com/apps/blog/show/26684723-adware-imbooster =>Adware.IMBooster
~ http://nicolascoolman.webs.com/apps/blog/show/30319724-pup-searchresults =>PUP.SearchResults
~ http://nicolascoolman.webs.com/apps/blog/show/26632288-parasite-pugi =>Parasite.Pugi
~ http://nicolascoolman.webs.com/apps/blog/show/28345498-adware-softomate =>Adware.Softomate
~ http://nicolascoolman.webs.com/apps/blog/show/28133096-pup-bprotector =>PUP.BProtector
~ http://nicolascoolman.webs.com/apps/blog/show/27047259-adware-mirar =>Adware.Mirar
~ http://nicolascoolman.webs.com/apps/blog/show/26967630-adware-installpedia =>Adware.InstallPedia
~ MSI: 19 link(s) detected in 01mn 33s



~ 3316 Legitimates filtered by white list
End of the scan (604 lines in 05mn 46s)(0)

tu est la ??

donc je vais sur google est je télécharge roguekiller ??

miaws

Non tu n'as plus qu'à cliquer sur le lien bleu :)

Essaie le et tu verras il est direct :)

ok merci

ça scan tout seul c'est normal ?

donc ce rapport est pas bon ??

alors la j'ai pas trop compris le click droit je le fait sur quoi ??