[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified G2 - GCE: Preference [User Data\Default] [amfclgbdpgndipgoegfpkkgobahigbcl] Messenger Plus! Community Smartbar v.1.4, (Désactivé) =>Hijacker.SmartBar G2 - GCE: Preference [User Data\Default] [bjeikeheijdjdfjbmknpefojickbkmom] Offerbox v.2.1.3128.64 (Désactivé) =>PUP.OfferBox M2 - MFEP: prefs.js [Vivie - y6jc2wt2.default\bbrs_003@blabbers.com] [] Ginyas Browser Companions v1.0.5 (..) =>PUP.Blabbers O2 - BHO: ToolbarOrange.InitToolbarBHO [64Bits] - {1d970ed5-3eda-438d-bffd-715931e2775b} . (...) -- mscoree.dll (.not file.) O3 - Toolbar: (no name) [64Bits] - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} Clé orpheline O4 - HKCU\..\Run: [SearchEngineProtection] C:\Program Files (x86)\Gamesbar\SearchEngineProtection.exe (.not file.) =>Adware.GamesBar O4 - HKUS\S-1-5-21-1042879119-3641776606-230875828-1000\..\Run: [SearchEngineProtection] C:\Program Files (x86)\Gamesbar\SearchEngineProtection.exe (.not file.) =>Adware.GamesBar O4 - GS\QuickLaunch: Babylon.lnk . (...) -- C:\Program Files (x86)\Babylon\Babylon-Pro\Babylon.exe (.not file.) =>Toolbar.Babylon O4 - GS\QuickLaunch: Meteo en France.lnk - Clé orpheline O4 - GS\Desktop: Search The Web.lnk - Clé orpheline =>Adware.IMBooster O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GinyasBrowserCompanions Chrome Watcher.job [1002] =>PUP.Blabbers O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GinyasBrowserCompanions FireFox Watcher.job [1002] =>PUP.Blabbers O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GinyasBrowserCompanions Stats Report.job [1050] =>PUP.Blabbers O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GinyasBrowserCompanions Update Checker.job [934] =>PUP.Blabbers [MD5.193A62BC5A4E580E3547BC7270CA74C9] [APT] [GinyasBrowserCompanions Chrome Watcher] (.Blabbers Communications Ltd.) -- C:\ProgramData\GinyasBrowserCompanions\tbhcns.exe [741888] =>PUP.Blabbers [MD5.193A62BC5A4E580E3547BC7270CA74C9] [APT] [GinyasBrowserCompanions FireFox Watcher] (.Blabbers Communications Ltd.) -- C:\ProgramData\GinyasBrowserCompanions\tbhcns.exe [741888] =>PUP.Blabbers [MD5.193A62BC5A4E580E3547BC7270CA74C9] [APT] [GinyasBrowserCompanions Stats Report] (.Blabbers Communications Ltd.) -- C:\ProgramData\GinyasBrowserCompanions\tbhcns.exe [741888] =>PUP.Blabbers [MD5.00000000000000000000000000000000] [APT] [RMSchedule] (...) -- C:\Program Files (x86)\Registry Mechanic\RegMech.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [RMSmartUpdate] (...) -- C:\Program Files (x86)\Registry Mechanic\update.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [Scheduled Update for Ask Toolbar] (...) -- C:\Program Files (x86)\Ask.com\UpdateTask.exe (.not file.) [0] =>Toolbar.Ask [MD5.00000000000000000000000000000000] [APT] [{0E6EF0EA-A34B-490C-A4AC-DB834787A632}] (...) -- C:\Users\Vivie\AppData\Local\Babylon\Setup\Setup.exe (.not file.) [0] =>Toolbar.Babylon [MD5.00000000000000000000000000000000] [APT] [{22B8ED6E-F722-4C65-B265-8B2F9BFFFF03}] (...) -- H:\EAutorun.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{4891A602-9F6A-4780-8F2A-A595CED2EE57}] (...) -- H:\Livebox\Setup\Livebox.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{512DDBEF-48B9-4824-A390-C6A9B5161D25}] (...) -- H:\noautorun.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{5E5AB197-D7BA-40CC-BC4C-7637D7810FD3}] (...) -- H:\noautorun.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{5EDB34FA-E878-4067-9555-671A61483B3B}] (...) -- C:\Users\Vivie\AppData\Local\Babylon\Setup\Setup.exe (.not file.) [0] =>Toolbar.Babylon [MD5.00000000000000000000000000000000] [APT] [{60A9200A-691E-4EF1-8E43-B08BFCF591E6}] (...) -- H:\noautorun.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{766F96F5-4A28-4759-9459-29C97848F925}] (...) -- H:\noautorun.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{76AF1677-8CC4-4376-B10A-F4EA4C157122}] (...) -- H:\TopGun_Install.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{8940135D-8BC9-488F-9916-2156220110A1}] (...) -- H:\Eurodocs\Fran‡ais\Acrobat\FRANCAIS.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{8B39387A-C124-4244-8F81-C9B4BCC734DD}] (...) -- C:\Users\Vivie\AppData\Local\Babylon\Setup\Setup.exe (.not file.) [0] =>Toolbar.Babylon [MD5.00000000000000000000000000000000] [APT] [{A3CE2A16-E0A1-40C7-8B3C-DAEF443460E9}] (...) -- C:\Users\Vivie\Desktop\ZHPhep.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{A5E5696E-4049-4B43-B794-86C4E6D46C56}] (...) -- C:\Users\Vivie\AppData\Local\Babylon\Setup\Setup.exe (.not file.) [0] =>Toolbar.Babylon [MD5.00000000000000000000000000000000] [APT] [{C89D1B0F-8787-4B7E-BDD4-EB566A567282}] (...) -- H:\noautorun.exe (.not file.) [0] O42 - Logiciel: Boxore Client - (.Boxore OU.) [HKLM][64Bits] -- {0E25BB07-62EB-476F-87FC-6AF426AB059E} =>Adware.Boxore O42 - Logiciel: GinyasBrowserCompanions - (.Ginyas.) [HKLM][64Bits] -- GinyasBrowserCompanions =>PUP.Blabbers O42 - Logiciel: SelectionLinks - (.SelectionLinks.) [HKLM][64Bits] -- sl-apl =>Hijacker.SelectionLinks [HKCU\Software\Blabbers ] =>PUP.Blabbers [HKCU\Software\GamesBar] =>Adware.GamesBar [HKLM\Software\Wow6432Node\BrowserCompanions] =>PUP.Blabbers O43 - CFD: 10/03/2013 - 17:16:31 - [0,658] ----D C:\Program Files (x86)\GinyasBrowserCompanions =>PUP.Blabbers O43 - CFD: 20/06/2013 - 18:05:01 - [0,855] ----D C:\ProgramData\GinyasBrowserCompanions =>PUP.Blabbers O43 - CFD: 18/06/2013 - 19:06:12 - [0] ----D C:\Users\Vivie\AppData\Local\Updater4479 =>PUP.CrossRider O45 - LFCP:[MD5.A7C60118BDAF30F005443097E6B05D12] - 17/06/2013 - 19:23:50 ---A- - C:\Windows\Prefetch\GIANT SAVINGS.EXE-C804FBA0.pf =>Adware.VidSaver O45 - LFCP:[MD5.D35649CE1FFA7546942A6C4A19D39519] - 17/06/2013 - 19:23:58 ---A- - C:\Windows\Prefetch\GIANT SAVINGS-BG.EXE-1FE0580E.pf =>Adware.VidSaver O45 - LFCP:[MD5.B3F9B9EAC5247C131A06678D48EE1F05] - 19/06/2013 - 14:20:15 ---A- - C:\Windows\Prefetch\SMARTBAR.EXE-5B8FAF35.pf =>Hijacker.SmartBar O45 - LFCP:[MD5.07D044C7CFF22FFEE63375B8186953DF] - 19/06/2013 - 14:20:23 ---A- - C:\Windows\Prefetch\DATAMNGRUI.EXE-76D259A4.pf =>PUP.Datamngr O45 - LFCP:[MD5.3D8FB26E78CC2E48D3AB5A8418DD89CF] - 19/06/2013 - 14:20:26 ---A- - C:\Windows\Prefetch\BABYLON.EXE-3F0E444F.pf =>Toolbar.Babylon O45 - LFCP:[MD5.E8BE3D74E47FF645A6D9295ADD9A2067] - 19/06/2013 - 14:22:23 ---A- - C:\Windows\Prefetch\BABYLONHELPER64.EXE-6D0CC836.pf =>Toolbar.Babylon O69 - SBI: prefs.js [Vivie - y6jc2wt2.default] user_pref("extensions.crossrider.bic", "13e85a1100ee420d9b197fe05deb2b6f"); =>PUP.CrossRider O69 - SBI: prefs.js [Vivie - y6jc2wt2.default] user_pref("extensions.helperbar.DockingPositionDown", false); O69 - SBI: prefs.js [Vivie - y6jc2wt2.default] user_pref("extensions.helperbar.Visibility", false); O69 - SBI: SearchScopes [HKCU] {7B002C36-538E-48D7-B0D5-2D3EC2DED52C} - (Ask Search) - http://websearch.ask.com [MD5.B28C334C03CEE7C5E829C43AE75DAE5A] [SPRF][24/02/2013] (.Ask.com - AskIC Dynamic Link Library.) -- C:\Users\Vivie\AppData\Local\Temp\AskSLib.dll [248008] [MD5.EF239B23E6096BCB1ECF623B93625187] [SPRF][23/02/2013] (.Ask.com - Setup Launcher.) -- C:\Users\Vivie\AppData\Local\Temp\NEWA30A.tmp.exe [3694960] [MD5.28DF0219AA78485DF36C4136002F2786] [SPRF][23/02/2013] (.Ask - Wrapper Application.) -- C:\Users\Vivie\AppData\Local\Temp\setup.exe [4082312] [MD5.752AE35B747419542C83130107BDCDD6] [SPRF][10/11/2011] (.Bandoo Media Inc. - Bandoo Install.) -- C:\Users\Vivie\Desktop\BandooV6.exe [1578008] =>Adware.Bandoo O87 - FAEL: "{1A38C64C-38E4-4809-8DE9-CEA8BCC29A84}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files (x86)\Eidos\Kane and Lynch Dead Men\kaneandlynch.exe (.not file.) O87 - FAEL: "{AFC5B587-A29E-46B0-8E95-85A5272A3977}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files (x86)\Eidos\Kane and Lynch Dead Men\kaneandlynch.exe (.not file.) O87 - FAEL: "{8F209B4B-49FF-4BD6-B146-EBC984C1CBAD}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Windows Searchqu Toolbar\ToolBar\dtUser.exe (.not file.) =>PUP.Datamngr O87 - FAEL: "{F17F8DA1-714F-4976-A70A-DF7E4518930A}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Windows Searchqu Toolbar\ToolBar\dtUser.exe (.not file.) =>PUP.Datamngr O87 - FAEL: "TCP Query User{33A35422-E520-47C1-8F05-F7B167380092}C:\users\vivie\appdata\roaming\nosibay\bubble dock\bubble dock.exe" |In - Private - P6 - TRUE | .(...) -- C:\users\vivie\appdata\roaming\nosibay\bubble dock\bubble dock.exe (.not file.) O87 - FAEL: "UDP Query User{9596BF05-1E84-4397-889F-C8356D9F7A67}C:\users\vivie\appdata\roaming\nosibay\bubble dock\bubble dock.exe" |In - Private - P17 - TRUE | .(...) -- C:\users\vivie\appdata\roaming\nosibay\bubble dock\bubble dock.exe (.not file.) [HKCU\Software\Microsoft\Office\Word\Addins\BabylonOfficeAddin.OfficeAddin] =>Toolbar.Babylon [HKCU\Software\Microsoft\Office\PowerPoint\Addins\BabylonOfficeAddin.OfficeAddin] =>Toolbar.Babylon [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A047FE02-C91C-41CB-898C-4ED21B86025A}] =>Toolbar.Orange [HKLM\Software\Classes\TypeLib\{ad76633e-e50d-4844-9e7f-4dfbc7c18467}] =>Adware.GamesBar [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C9A6357B-25CC-4BCF-96C1-78736985D412}] =>Toolbar.Agent [HKLM\Software\Classes\TypeLib\{c9c5deaf-0a1f-4660-8279-9edfad6fefe1}] =>Adware.PopCap [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{df780f87-ff2b-4df8-92d0-73db16a1543a}] =>Adware.PopCap [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{df780f87-ff2b-4df8-92d0-73db16a1543a}] =>Adware.PopCap [HKLM\Software\Wow6432Node\Microsoft\Code Store Database\Distribution Units\{df780f87-ff2b-4df8-92d0-73db16a1543a}] =>Adware.PopCap [HKLM\Software\Classes\Interface\{e4e3e0f8-cd30-4380-8ce9-b96904bdefca}] =>Adware.PopCap [HKLM\Software\Wow6432Node\Classes\Interface\{e4e3e0f8-cd30-4380-8ce9-b96904bdefca}] =>Adware.PopCap [HKLM\Software\Classes\Interface\{fe8a736f-4124-4d9c-b4b1-3b12381efabe}] =>Adware.PopCap [HKLM\Software\Wow6432Node\Classes\Interface\{fe8a736f-4124-4d9c-b4b1-3b12381efabe}] =>Adware.PopCap [HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASMANCS] =>Toolbar.Bing [HKLM\Software\Classes\oberontb.band] =>Adware.GamesBar [HKLM\Software\Classes\oberontb.band.1] =>Adware.GamesBar [HKLM\Software\Classes\oberontb.GamesBarBHO] =>Adware.GamesBar [HKLM\Software\Classes\oberontb.GamesBarBHO.1] =>Adware.GamesBar [HKLM\Software\Classes\popcaploader.popcaploaderctrl2] =>Adware.PopCap [HKLM\Software\Classes\popcaploader.popcaploaderctrl2.1] =>Adware.PopCap [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\482AA67AD25E6E74E9F48BD5FBE8533C] =>Adware.IMBooster [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E] =>Toolbar.Ask [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{08C06D61-F1F3-4799-86F8-BE1A89362C85}] =>Toolbar.Orange [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9] =>Adware.MyWebSearch [HKCU\Software\BlabbersToolbar] =>PUP.Blabbers [HKCU\Software\gamesbar] =>Adware.GamesBar [HKLM\Software\Wow6432Node\gamesbar] =>Adware.GamesBar [HKLM\Software\Wow6432Node\Productivity_2.2] =>Toolbar.Conduit [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\gamesbar] =>Adware.GamesBar [HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32] =>Toolbar.Bing [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\64A6E60055D801F4BB8AC269354B72B8] =>Adware.Boxore [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>Toolbar.Agent [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>Toolbar.Agent [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2] =>Toolbar.Ask [HKLM\Software\Classes\Interface\{3AE26843-9171-4F23-A8E5-5421701276A4}] =>Adware.Agent [HKLM\Software\Wow6432Node\Classes\Interface\{3AE26843-9171-4F23-A8E5-5421701276A4}] =>Adware.Agent [HKLM\Software\Classes\.bdc] =>Toolbar.Conduit [HKLM\Software\Classes\.bgl] =>Toolbar.Conduit [HKLM\Software\Classes\.bof] =>Toolbar.Conduit [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D970ED5-3EDA-438D-BFFD-715931E2775B}] =>Toolbar.Sorcim [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1D970ED5-3EDA-438D-BFFD-715931E2775B}] =>Toolbar.Sorcim [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1D970ED5-3EDA-438D-BFFD-715931E2775B}] =>Toolbar.Sorcim [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\464AA55239C100F32AF2D438EDDC0F47] =>Adware.IMBooster [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5652BA3D5FB98AE31B337BF0AF939856] =>Adware.IMBooster [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EB95E1AFCBABE3DB9ECCC669B99494] =>Adware.IMBooster [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\sl-apl] =>Hijacker.SelectionLinks [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BA71D41F6CC0B6247B05D473850A8AEA] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^ [HKCU\Software\Microsoft\Windows\CurrentVersion\Run]:SearchEngineProtection =>Adware.GamesBar C:\Users\Vivie\AppData\Local\Software =>Adware.Boxore C:\Users\Vivie\AppData\Local\Temp\wajam_install.exe =>Toolbar.Wajam C:\Users\Vivie\Desktop\BandooV6.exe =>Adware.Bandoo O90 - PUC: "70BB52E0BE26F67478CFA64F62BA50E9" . (.Boxore Client.) -- C:\Windows\Installer\{0E25BB07-62EB-476F-87FC-6AF426AB059E}\boxore.ico =>Adware.Boxore SR - | Auto 22/01/2012 124832 | (MsgPlusService) . (.Yuna Software.) - C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe SysRestore FirewallRAZ EmptyCLSID EmptyTemp EmptyFlash