Script ZHPFix R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 O2 - BHO: Breowse2savue - {780CF7CA-747B-5B06-EB93-8A6276596766} Clé orpheline O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} . (...) -- C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (.not file.) O3 - Toolbar\WebBrowser: (no name) - [HKCU]{BB1227AC-7A0D-4076-8C1A-51A1348F6FA8} Clé orpheline OPT:O4 - HKLM\..\Run: [LManager] . (.Dritek System Inc. - Launch Manager.) -- C:\Program Files\Launch Manager\LManager.exe OPT:O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe OPT:O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe OPT:O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no [MD5.00000000000000000000000000000000] [APT] [4773] (...) -- C:\Users\Celine\AppData\Local\Temp\launchie.vbs \\B (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [AVG-Secure-Search-Update_JUNE2013_TB_rmv] (...) -- C:\Windows\TEMP\{9B0DE3D8-0B6F-4BFE-9F4A-553FBD27C1EC}.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [ROC_JAN2013_TB_rmv] (...) -- C:\Program Files\AVG Secure Search\PostInstall\ROC.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{73ABC6DA-3944-43D2-ABC3-0454F8784E7F}] (...) -- C:\Users\Celine\Desktop\HP_HBP_PEGI_DEMO.exe (.not file.) [0] O39 - APT: AVG-Secure-Search-Update_JUNE2013_TB_rmv - (...) -- C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job [352] O39 - APT: AVG-Secure-Search-Update_JUNE2013_TB_rmv - (...) -- C:\Windows\System32\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv [352] O39 - APT: ROC_JAN2013_TB_rmv - (...) -- C:\Windows\Tasks\ROC_JAN2013_TB_rmv.job [344] O39 - APT: ROC_JAN2013_TB_rmv - (...) -- C:\Windows\System32\Tasks\ROC_JAN2013_TB_rmv [344] [HKLM\Software\BrowserChoice] O43 - CFD: 21/07/2013 - 11:59:28 - [] ----D C:\Program Files\SEARCH~1 O43 - CFD: 31/07/2013 - 16:06:58 - [] ----D C:\ProgramData\AVG10 O43 - CFD: 31/03/2013 - 00:30:51 - [] ----D C:\ProgramData\InstallMate O43 - CFD: 02/05/2012 - 21:02:57 - [] ----D C:\ProgramData\McAfee O45 - LFCP:[MD5.01AF24BD41725D332DE6BB74BC263F5B] - 25/05/2014 - 11:51:02 ---A- - C:\Windows\Prefetch\DELTATB.EXE-8B7758E3.pf O45 - LFCP:[MD5.38CBD3BF018911E7D36DF969909D7BE7] - 28/05/2014 - 18:38:51 ---A- - C:\Windows\Prefetch\YONTOODESKTOP.EXE-0D15F019.pf O51 - MPSK:{7ff50842-a1a2-11e1-a9b6-705ab6f8c437}\AutoRun\command. (...) -- E:\Autorun.exe (.not file.) O51 - MPSK:{c44a072b-a431-11e1-a9ba-705ab6f8c437}\AutoRun\command. (...) -- E:\Autorun.exe (.not file.) O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 O61 - LFC: 26/05/2014 - 22:41:54 ---A- . (...) -- C:\Users\Celine\AppData\Local\Temp\Quarantine.exe [384141] [MD5.6ACBD475647D7A160657CB3E460F0F35] [SPRF][27/01/2010] (...) -- C:\ProgramData\FullRemove.exe [131472] [MD5.3561A670FD52E8DB7EBEE4E2F85AB036] [WIS][16/12/2013] (.Microsoft Corporation - Bing Bar.) -- C:\Windows\Installer\133439.msi [741376] HKLM\SOFTWARE\Microsoft\Tracing\AVG-Secure-Search-Update_JUNE2013_TB_RASAPI32 HKLM\SOFTWARE\Microsoft\Tracing\AVG-Secure-Search-Update_JUNE2013_TB_RASMANCS HKLM\SOFTWARE\Microsoft\Tracing\ExpressFiles_RASAPI32 HKLM\SOFTWARE\Microsoft\Tracing\ExpressFiles_RASMANCS HKLM\SOFTWARE\Microsoft\Tracing\GoogleToolbarNotifier_RASAPI32 HKLM\SOFTWARE\Microsoft\Tracing\GoogleToolbarNotifier_RASMANCS HKLM\SOFTWARE\Microsoft\Tracing\sweetim_2509-f3a0ca71_RASAPI32 HKLM\SOFTWARE\Microsoft\Tracing\sweetim_2509-f3a0ca71_RASMANCS HKLM\SOFTWARE\Microsoft\Tracing\tuto4pc_fr_7_RASAPI32 HKLM\SOFTWARE\Microsoft\Tracing\tuto4pc_fr_7_RASMANCS HKLM\SOFTWARE\Microsoft\Tracing\yontoo-C4-1620_RASAPI32 HKLM\SOFTWARE\Microsoft\Tracing\yontoo-C4-1620_RASMANCS [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{780CF7CA-747B-5B06-EB93-8A6276596766}] [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}] C:\ProgramData\InstallMate C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job C:\Windows\System32\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv C:\Windows\Installer\133439.msi C:\Users\Celine\AppData\Local\Temp\GoogleToolbarInstaller1.log EmptyTemp EmptyPrefetch EmptyFlash EmptyCLSID CTFFIX FirewallRAZ ProxyFix SysRestore