[HKLM\Software\Babylon] => Infection PUP (Toolbar.Babylon)* [HKLM\Software\Web Assistant] => Infection PUP (Adware.IncrediBar)* O43 - CFD: 02/08/2012 - 10:01:15 - [0,001] ----D C:\ProgramData\OptimizerPro => Infection PUP (PUP.OptimizerPro) O43 - CFD: 07/11/2012 - 16:38:11 - [0,006] ----D C:\Users\Administrateur\AppData\Roaming\Babylon => Infection PUP (Toolbar.Babylon)* [MD5.9DD34DCD9565BBDEDA2C62120A4FCA00] [SPRF][08/11/2012] (.Bandoo Media Inc - Free FLV Converter Install.) -- C:\Users\Administrateur\Desktop\Setup_FreeFlvConverter-75.exe [510976] => Infection PUP (Adware.Bandoo)* [HKLM\Software\Classes\CLSID\{35b8892d-c3fb-4d88-990d-31db2ebd72bd}] => Infection PUP (Adware.RecordNRip) [HKLM\Software\Classes\Interface\{3f607e46-0d3c-4442-b1de-de7fa4768f5c}] => Infection PUP (Adware.RecordNRip) [HKLM\Software\Classes\TypeLib\{93e3d79c-0786-48ff-9329-93bc9f6dc2b3}] => Infection PUP (Adware.RecordNRip) [HKLM\Software\Classes\Interface\{fe0273d1-99df-4ac0-87d5-1371c6271785}] => Infection PUP (Adware.RecordNRip) [HKLM\Software\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}] => Infection BT (Adware.Downware) [HKLM\Software\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}] => Infection PUP (Toolbar.Babylon) [HKLM\Software\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}] => Infection PUP (Adware.Yontoo) [HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}] => Infection PUP (Adware.Yontoo) [HKLM\Software\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd] => Infection BT (Adware.Incredibar) [HKLM\Software\Web Assistant] => Infection PUP (Adware.IncrediBar)* [HKLM\Software\Microsoft\Tracing\incredibar_install_RASAPI32] => Infection PUP (Adware.IncrediBar)* [HKLM\Software\Microsoft\Tracing\incredibar_install_RASMANCS] => Infection PUP (Adware.IncrediBar)* [HKLM\Software\Microsoft\Tracing\IncredibarToolbar_RASAPI32] => Infection PUP (Adware.IncrediBar)* [HKLM\Software\Microsoft\Tracing\IncredibarToolbar_RASMANCS] => Infection PUP (Adware.IncrediBar)* [HKLM\Software\Microsoft\Tracing\MyBabylontb_RASAPI32] => Infection PUP (Toolbar.Babylon)* [HKLM\Software\Microsoft\Tracing\MyBabylontb_RASMANCS] => Infection PUP (Toolbar.Babylon)* [HKLM\Software\Classes\Prod.cap] => Infection PUP (Toolbar.Babylon) [HKLM\Software\Microsoft\Tracing\offerbox_RASAPI32] => Infection PUP (PUP.OfferBox)* [HKLM\Software\Microsoft\Tracing\offerbox_RASMANCS] => Infection PUP (PUP.OfferBox)* [HKLM\Software\Microsoft\Tracing\OfferBoxHTTPProxy_RASAPI32] => Infection PUP (PUP.OfferBox)* [HKLM\Software\Microsoft\Tracing\OfferBoxHTTPProxy_RASMANCS] => Infection PUP (PUP.OfferBox)* [HKLM\Software\Microsoft\Tracing\OfferBoxUpdateService_RASAPI32] => Infection PUP (PUP.OfferBox)* [HKLM\Software\Microsoft\Tracing\OfferBoxUpdateService_RASMANCS] => Infection PUP (PUP.OfferBox)* [HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F0B76E1-4E46-427B-B55B-B90593468AC6}] => Infection PUP (Adware.MapsGalaxy) C:\Users\Administrateur\AppData\Roaming\Babylon => Infection PUP (Toolbar.Babylon)* [MD5.1AF481FD411221752AA10DAC1A01E5A3] - (.Pas de propriétaire - VProtect Application.) -- C:\Program Files\AVG Secure Search\vprot.exe [1107552] [PID.3672] P2 - FPN: [HKLM] [@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin] - (.AVG Technologies - npsitesafety.) -- C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\11.2.0\npsitesafety.dll O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} . (.Pas de propriétaire - AVG Secure Search.) -- C:\Program Files\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll => Toolbar.AVGSearch O3 - Toolbar: (no name) - [HKLM]{CCC7A320-B3CA-4199-B1A6-9F516DD69829} Clé orpheline => Toolbar.AVGSearch O3 - Toolbar: AVG Security Toolbar - [HKLM]{95B7759C-8C7F-4BF1-B163-73684A933233} . (.Pas de propriétaire - AVG Secure Search.) -- C:\Program Files\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll => Toolbar.AVGSearch O4 - HKLM\..\Run: [HF_G_Jul] . (...) -- C:\Program Files\AVG Secure Search\HF_G_Jul.exe => AVG%Secure Search Toolbar [HKCU\Software\AVG Secure Search] => Toolbar.AVGSearch [HKCU\Software\Softonic] => Toolbar.Conduit* [HKLM\Software\AVG Secure Search] => Toolbar.AVGSearch [HKLM\Software\AVG Security Toolbar] => Toolbar.AVGSearch O43 - CFD: 18/07/2012 - 19:46:06 - [18,313] ----D C:\Program Files\AVG Secure Search => Toolbar.AVGSearch O43 - CFD: 21/08/2012 - 18:48:03 - [23,210] ----D C:\Program Files\Common Files\AVG Secure Search => Toolbar.AVGSearch O43 - CFD: 09/07/2012 - 19:05:11 - [7,116] ----D C:\ProgramData\AVG Secure Search => Toolbar.AVGSearch O43 - CFD: 15/04/2011 - 20:26:28 - [0,017] ----D C:\ProgramData\AVG Security Toolbar => Toolbar.AVGSearch O43 - CFD: 02/08/2012 - 10:39:54 - [1,798] ----D C:\ProgramData\InstallMate => Toolbar.Tarma O43 - CFD: 07/08/2012 - 17:12:11 - [1,239] ----D C:\Users\Administrateur\AppData\Local\AVG Secure Search => Toolbar.AVGSearch O45 - LFCP:[MD5.FC04DF77D5EB20F5F17C9CD1DD7270A4] - 05/04/2013 - 16:07:38 ---A- - C:\Windows\Prefetch\VPROT.EXE-79112401.pf => Toolbar.AVGSearch O53 - SMSR:HKLM\...\startupreg\ROC_roc_dec12 [Key] . (...) -- C:\Program Files\AVG Secure Search\ROC_roc_dec12.exe => Toolbar.AVGSearch O53 - SMSR:HKLM\...\startupreg\vProt [Key] . (.Pas de propriétaire - VProtect Application.) -- C:\Program Files\AVG Secure Search\vprot.exe O61 - LFC: 05/04/2013 - 15:37:14 ---A- C:\Users\Administrateur\AppData\Local\AVG Secure Search\SiteSafety\l_2013_04_05_07_36_49.db [613968] => Toolbar.AVGSearch O69 - SBI: SearchScopes [HKCU] {95B7759C-8C7F-4BF1-B163-73684A933233} - (AVG Secure Search) - http://isearch.avg.com => Toolbar.AVGSearch [HKLM\Software\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}] => Toolbar.Agent [HKLM\Software\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}] => Toolbar.ViProtocol [HKLM\Software\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}] => Toolbar.ViProtocol [HKLM\Software\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}] => Toolbar.ViProtocol [HKLM\Software\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}] => Toolbar.ViProtocol [HKLM\Software\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}] => Toolbar.Agent [HKLM\Software\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}] => Toolbar.AVGSearch [HKLM\Software\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}] => Toolbar.Conduit [HKLM\Software\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}] => Toolbar.Agent [HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}] => Toolbar.Conduit [HKLM\Software\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}] => Toolbar.Conduit [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}] => Toolbar.Agent [HKLM\Software\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}] => Toolbar.Agent [HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}] => Toolbar.Agent [HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}] => Toolbar.Agent [HKLM\Software\Classes\AppID\ScriptHelper.EXE] => Toolbar.Agent [HKLM\Software\Microsoft\Tracing\BingBar_RASMANCS] => Toolbar.Bing [HKLM\Software\Classes\AVG Secure Search.BrowserWndAPI] => Toolbar.AVGSearch [HKLM\Software\Classes\AVG Secure Search.PugiObj] => Toolbar.AVGSearch [HKLM\Software\Classes\AVG Secure Search.PugiObj.1] => Toolbar.AVGSearch [HKLM\Software\Classes\ScriptHelper.ScriptHelperApi] => Toolbar.Agent [HKLM\Software\Classes\ScriptHelper.ScriptHelperApi.1] => Toolbar.Agent [HKLM\Software\Classes\ViProtocol.ViProtocolOLE] => Toolbar.ViProtocol [HKLM\Software\Classes\ViProtocol.ViProtocolOLE.1] => Toolbar.ViProtocol [HKCU\Software\Softonic] => Toolbar.Conduit* [HKLM\Software\Microsoft\Tracing\BingBar_RASAPI32] => Toolbar.Bing [HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}] => Toolbar.AVGSearch [HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] => Toolbar.Bing [HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] => Toolbar.Bing [HKLM\Software\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla] => Toolbar.AVGSearch [HKLM\Software\Microsoft\Tracing\Setup_RASAPI32] => Toolbar.Conduit [HKLM\Software\Microsoft\Tracing\Setup_RASMANCS] => Toolbar.Conduit [HKLM\Software\Microsoft\Windows\CurrentVersion\Run]:HF_G_Jul => Toolbar.Agent C:\Program Files\AVG Secure Search => Toolbar.AVGSearch C:\Program Files\Common Files\AVG Secure Search => Toolbar.AVGSearch C:\ProgramData\AVG Secure Search => Toolbar.AVGSearch C:\ProgramData\AVG Security Toolbar => Toolbar.AVGSearch C:\ProgramData\InstallMate => Toolbar.Tarma C:\Users\Administrateur\AppData\Local\AVG Secure Search => Toolbar.AVGSearch SS - | Disabled 935008 | (vToolbarUpdater11.2.0) . (...) - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe => Toolbar.AVGSearch O4 - HKLM\..\Run: [vProt] . (.Pas de propriétaire - VProtect Application.) -- C:\Program Files\AVG Secure Search\vprot.exe O4 - GS\Desktop: Windows Update Troubleshooting Info.lnk . (...) -- C:\Users\Administrateur\AppData\Local\Temp\WUDiagTempFolder\2013_03_19T11_13_49 => Temporary file not necessary [MD5.00000000000000000000000000000000] [APT] [{074C9079-D24D-444F-93A5-D5456B824E49}] (...) -- E:\EPSetup.exe (.not file.) [0] => Fichier absent [MD5.00000000000000000000000000000000] [APT] [{2B696A53-87C0-49A5-BB63-631B808212EC}] (...) -- F:\TAROT.exe (.not file.) [0] => Fichier absent [MD5.00000000000000000000000000000000] [APT] [{3C3EC659-9CC1-4638-9455-4BD597C71512}] (...) -- E:\EPSetup.exe (.not file.) [0] => Fichier absent [MD5.00000000000000000000000000000000] [APT] [{3C74B5E5-6D4D-4C71-BAF7-FE86D7CC34EE}] (...) -- F:\TAROT.exe (.not file.) [0] => Fichier absent [MD5.00000000000000000000000000000000] [APT] [{3FFA9179-4D28-43A5-A715-5068A251D8A6}] (...) -- E:\EPSetup.exe (.not file.) [0] => Fichier absent [MD5.00000000000000000000000000000000] [APT] [{4366C7FB-7598-417A-B774-53E8B74E99DB}] (...) -- E:\EPSetup.exe (.not file.) [0] => Fichier absent [MD5.00000000000000000000000000000000] [APT] [{483B4F16-7B8C-459D-BE01-B8CA7B7ED547}] (...) -- E:\LaCie.exe (.not file.) [0] => Fichier absent [MD5.00000000000000000000000000000000] [APT] [{499ED48F-D10E-4792-8737-C74F01B88593}] (...) -- E:\EPSetup.exe (.not file.) [0] => Fichier absent [MD5.00000000000000000000000000000000] [APT] [{6FCB74BC-9801-4BDC-BE31-C763A2FD6362}] (...) -- E:\TAROT.exe (.not file.) [0] => Fichier absent [MD5.00000000000000000000000000000000] [APT] [{761664A3-DF85-4958-82DE-8A7155CC7BC2}] (...) -- E:\POINTSOFT.exe (.not file.) [0] => Fichier absent [MD5.00000000000000000000000000000000] [APT] [{A5094F30-A0DE-4E7B-A5A8-286CC48A745D}] (...) -- F:\TAROT.exe (.not file.) [0] => Fichier absent [MD5.00000000000000000000000000000000] [APT] [{B93BEAC0-060F-4593-89DF-0F4124D590B0}] (...) -- F:\TAROT.exe (.not file.) [0] => Fichier absent [MD5.00000000000000000000000000000000] [APT] [{BB80BDA5-D8D5-4916-9BB6-121D237CF519}] (...) -- E:\EPSetup.exe (.not file.) [0] => Fichier absent [MD5.00000000000000000000000000000000] [APT] [{D641B806-D490-4421-B6ED-2EE666089876}] (...) -- C:\Program Files\Smart Panel\SmaPanel.exe (.not file.) [0] => Fichier absent [MD5.00000000000000000000000000000000] [APT] [{F4208C34-D1D4-4862-8663-CD8BE8FEF541}] (...) -- F:\TAROT.exe (.not file.) [0] => Fichier absent [HKLM\Software\IncrediMail] => Messaging.Incredimail O43 - CFD: 02/08/2012 - 10:03:00 - [0] ----D C:\ProgramData\Premium => Premium O43 - CFD: 11/10/2011 - 08:43:38 - [0,000] ----D C:\ProgramData\Spybot - Search & Destroy => Safer Networking Ltd - Spybot S&D O44 - LFC:[MD5.02428F5FE7034C008F491D82D9E73A2B] - 30/03/2013 - 18:50:13 ---A- . (...) -- C:\AdwCleaner[R13].txt [1185] => XPlode - AdwCleaner Tool O44 - LFC:[MD5.ACA34EFF809DCCFFF97D960F3007271E] - 19/03/2013 - 16:59:27 ---A- . (...) -- C:\Windows\IE10_main.log [9517] => Fichiers de rapport (Log) O45 - LFCP:[MD5.EF47E57469814ADB1D3F16932A80CCD1] - 05/04/2013 - 15:37:24 ---A- - C:\Windows\Prefetch\FIXITCENTER.EXE-AA5AA253.pf => Fichier du dossier Prefetcher O45 - LFCP:[MD5.EEFB159B2919725EF9E7940AB25580A6] - 05/04/2013 - 15:37:24 ---A- - C:\Windows\Prefetch\FIXITCENTER1ST.EXE-1EA6153B.pf => Fichier du dossier Prefetcher O45 - LFCP:[MD5.AEBB068D13ABAEA657202CA136307F2E] - 05/04/2013 - 15:37:25 ---A- - C:\Windows\Prefetch\MATSVC.EXE-81E26B18.pf => Fichier du dossier Prefetcher O45 - LFCP:[MD5.1598D8BC6DC2D67FB43604BB26E099C9] - 05/04/2013 - 16:35:07 ---A- - C:\Windows\Prefetch\HEARTS.EXE-0AA35744.pf => Fichier du dossier Prefetcher O45 - LFCP:[MD5.3F1A05817FE02AC071D9467EDAEFE8FC] - 27/03/2013 - 20:27:24 ---A- - C:\Windows\Prefetch\WMPRPH.EXE-92EA34B9.pf => Fichier du dossier Prefetcher O45 - LFCP:[MD5.72DEA0420E12DF35167FE459AF0AB5E2] - 30/03/2013 - 12:40:07 ---A- - C:\Windows\Prefetch\PHOTOFILTRE7.EXE-6A7B90B1.pf => Fichier du dossier Prefetcher O45 - LFCP:[MD5.5CFCFF203C6F617F232E2E74359190E5] - 31/03/2013 - 09:02:53 ---A- - C:\Windows\Prefetch\HPQDSTCP.EXE-637F4AAD.pf => Fichier du dossier Prefetcher O45 - LFCP:[MD5.A1D81830946B9E895D63BE749FFA67DF] - 31/03/2013 - 09:02:53 ---A- - C:\Windows\Prefetch\HPQKYGRP.EXE-B3F79460.pf => Fichier du dossier Prefetcher O45 - LFCP:[MD5.2DBE0FCC58E5525152865B8AD29E8F65] - 31/03/2013 - 09:03:43 ---A- - C:\Windows\Prefetch\HPISCNAPP.EXE-72467D78.pf => Fichier du dossier Prefetcher O51 - MPSK:{4603539e-f79b-11de-98bc-806e6f6e6963}\AutoRun\command. (...) -- F:\LaCie.exe (.not file.) => Fichier absent O87 - FAEL: "TCP Query User{14D51589-7A3D-4B8D-91BE-8F5B6ADA4BF7}E:\board\chinese checkers\ccheck.exe" |In - Public - P6 - TRUE | .(...) -- E:\board\chinese checkers\ccheck.exe (.not file.) => Fichier absent O87 - FAEL: "UDP Query User{8A67DE67-BCA2-46F8-87BA-06F666B4ADD2}E:\board\chinese checkers\ccheck.exe" |In - Public - P17 - TRUE | .(...) -- E:\board\chinese checkers\ccheck.exe (.not file.) => Fichier absent OPT:O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe