O4 - Global Startup: C:\Users\Maxime\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Babylon.lnk . (...) -- C:\Program Files (x86)\Babylon\Babylon-Pro\Babylon.exe (.not file.) => Infection BT (Toolbar.Babylon)
O4 - Global Startup: C:\Users\Maxime\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\MediaGet.lnk . (...) -- C:\Users\Elise\AppData\Local\MediaGet2\mediaget.exe (.not file.) => Infection PUP (PUP.MediaGet)
O20 - AppInit_DLLs: . (...) - C:\Program Files\WIA6EB~1\Datamngr\x64\datamngr.dll (.not file.) => Infection BT (Adware.Bandoo)
[MD5.00000000000000000000000000000000] [APT] [{BDA10EBC-EB0A-4166-808D-691FDA01AF6E}] (...) -- C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\uninstbb.exe (.not file.) => Infection BT (Toolbar.Babylon)
O42 - Logiciel: Dealio Toolbar v4.6 - (.Spigot, Inc..) [HKLM] -- {10404646-77C5-4f07-947E-58E5FA78A8BE} => Infection PUP (PUP.Dealio)
[HKCU\Software\AppDataLow\Software\bearsharemediabartb] => Infection PUP (PUP.BearShare)
[HKLM\Software\BearShareMediabarTb] => Infection PUP (PUP.BearShare)
[HKLM\Software\MediaGet] => Infection PUP (PUP.MediaGet)
O43 - CFD: 18/06/2011 - 22:49:58 - [0] ----D- C:\Program Files\Babylon => Infection BT (Toolbar.Babylon)
O43 - CFD: 01/08/2011 - 15:21:04 - [0,001] ----D- C:\ProgramData\Media Get LLC => Infection PUP (PUP.MediaGet)
O87 - FAEL: "TCP Query User{5C436CDE-9376-4AEB-9D61-03DD741E3D57}C:\users\maxime\appdata\local\mediaget2\mediaget.exe" | In - Private - P6 - TRUE | .(.MediaGet LLC - MediaGet torrent client.) -- C:\Users\Maxime\AppData\Local\MediaGet2\mediaget.exe => Infection PUP (PUP.MediaGet)
O87 - FAEL: "UDP Query User{3CCA73C1-639D-448D-91F7-8ED4DECDC290}C:\users\maxime\appdata\local\mediaget2\mediaget.exe" | In - Private - P17 - TRUE | .(.MediaGet LLC - MediaGet torrent client.) -- C:\Users\Maxime\AppData\Local\MediaGet2\mediaget.exe => Infection PUP (PUP.MediaGet)
O87 - FAEL: "TCP Query User{3AAA6950-E550-46DF-8B4B-4BE2DD5AD79F}C:\users\maxime\appdata\local\mediaget2\mediaget.exe" | In - Public - P6 - TRUE | .(.MediaGet LLC - MediaGet torrent client.) -- C:\Users\Maxime\AppData\Local\MediaGet2\mediaget.exe => Infection PUP (PUP.MediaGet)
O87 - FAEL: "UDP Query User{EF329EE8-FA7A-448F-A3D9-ED66EB3166B9}C:\users\maxime\appdata\local\mediaget2\mediaget.exe" | In - Public - P17 - TRUE | .(.MediaGet LLC - MediaGet torrent client.) -- C:\Users\Maxime\AppData\Local\MediaGet2\mediaget.exe => Infection PUP (PUP.MediaGet)
O87 - FAEL: "{CFF52D4C-5FE2-4406-AC23-10876BD56248}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe (.not file.) => Infection BT (Adware.Bandoo)
O87 - FAEL: "{35D24723-D9BD-4474-9AF0-061863E76747}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe (.not file.) => Infection BT (Adware.Bandoo)
[HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69}] => Infection BT (Adware.BearShare)
[HKCU\Software\AppDataLow\Software\BearShareMediabarTb] => Infection PUP (PUP.BearShare)
[HKLM\Software\WOW6432Node\BearShareMediabarTb] => Infection PUP (PUP.BearShare)
[HKLM\Software\WOW6432Node\MediaGet] => Infection PUP (PUP.MediaGet)
C:\Program Files\Babylon => Infection BT (Toolbar.Babylon)
C:\ProgramData\Media Get LLC => Infection PUP (PUP.MediaGet)
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MediaGet2 => Infection PUP (PUP.MediaGet)
C:\Users\Elise\AppData\LocalLow\bearsharemediabartb => Infection PUP (PUP.BearShare)
C:\Users\Elise\AppData\LocalLow\searchqutoolbar => Infection PUP (Adware.Bandoo)
O87 - FAEL: "{3A3791FA-1BA5-4EC9-A373-00F1BFCFAA64}" | In - Private - P6 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe
O87 - FAEL: "{541338D4-A7A6-4343-9DD9-7FEC09586602}" | In - Private - P17 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe
O87 - FAEL: "{7B330BCB-C8D7-4470-8251-7514F8AF0BC1}" | In - Private - P6 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O87 - FAEL: "{6A7BB89A-77D4-48B6-8C88-BBC444F74808}" | In - Private - P17 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O4 - Global Startup: C:\Users\Maxime\Desktop\3D Matrix Corridors.lnk . (...) -- C:\Windows\SysWOW64\3D Matrix Corridors.scr (.not file.) => Fichier absent
O4 - Global Startup: C:\Users\Maxime\Desktop\James Cameron's AVATAR THE GAME - Raccourci.lnk - Clé orpheline => Orphean Key not necessary
O4 - Global Startup: C:\Users\Maxime\Desktop\Play Star Wars Republic Commando Demo.lnk . (...) -- C:\Program Files (x86)\LucasArts\Star Wars Republic Commando Demo\LaunchRCDemo.exe (.not file.) => Fichier absent
[MD5.00000000000000000000000000000000] [APT] [{52F30136-35E7-440A-B527-0C59F98B639C}] (...) -- D:\LaunchBOPC2.exe (.not file.) => Fichier absent
[MD5.00000000000000000000000000000000] [APT] [{A1590770-4A2D-4754-B7F0-904FF0673150}] (...) -- C:\Users\Elise\Downloads\star_wars_republic_commando_demo_jouable_1_anglais_13826.exe (.not file.) => Fichier absent
[MD5.00000000000000000000000000000000] [APT] [{EA563EC8-9C92-40A6-8789-F7E94F607F1B}] (...) -- C:\Users\Elise\Downloads\enemy_territory_quake_wars_demo_jouable_2_anglais_207456.exe (.not file.) => Fichier absent
O41 - Driver: (PCLEPCI) . (. - .) - C:\Windows\system32\drivers\pclepci.sys (.not file.) => Fichier absent
O43 - CFD: 28/06/2011 - 14:10:42 - [30,779] ----D- C:\ProgramData\Wild Tangent => Wild Tangent
O87 - FAEL: "TCP Query User{9355BB83-5129-4BF4-A1DA-95D8C2788CE1}C:\program files (x86)\wings over vietnam\wov.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files (x86)\wings over vietnam\wov.exe (.not file.) => Fichier absent
O87 - FAEL: "UDP Query User{30564A47-40CB-4629-95C2-C9D0BEBA0F01}C:\program files (x86)\wings over vietnam\wov.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files (x86)\wings over vietnam\wov.exe (.not file.) => Fichier absent
[MD5.00000000000000000000000000000000] [APT] [{020AD9EC-0636-4EFA-B10C-87C42E7238CD}] (...) -- D:\SETUP.exe (.not file.) => Existe aussi en malware DELF-CA.Troj
R3 - URLSearchHook: Softonic France FF Toolbar [64Bits] - {6d6b212b-2245-4898-8b16-9a11b81ff9e1} . (.Conduit Ltd. - Conduit Toolbar.) (6.3.2.0) -- C:\Program Files (x86)\Softonic_France_FF\prxtbSof2.dll
R3 - URLSearchHook: SFT_France Toolbar [64Bits] - {4d51f677-2a0b-43e2-b444-a2b384d24b91} . (.Conduit Ltd. - Conduit Toolbar.) (6.3.4.1) -- C:\Program Files (x86)\SFT_France\prxtbSFT_.dll
O2 - BHO: SFT_France [64Bits] - {4d51f677-2a0b-43e2-b444-a2b384d24b91} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files (x86)\SFT_France\prxtbSFT_.dll
O2 - BHO: Softonic France FF [64Bits] - {6d6b212b-2245-4898-8b16-9a11b81ff9e1} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files (x86)\Softonic_France_FF\prxtbSof2.dll
O8 - Extra context menu item: Search the Web - (.not file.) - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html => SweetIM Toolbar
O42 - Logiciel: Softonic France FF Toolbar - (.Softonic France FF.) [HKLM] -- Softonic_France_FF Toolbar => Toolbar.Conduit
[HKCU\Software\AppDataLow\Software\SFT_France] => SFT France
[HKCU\Software\AppDataLow\Software\Softonic_France_FF] => Toolbar.Conduit
[HKLM\Software\SFT_France] => SFT France
[HKLM\Software\Softonic_France_FF] => Toolbar.Conduit
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6d6b212b-2245-4898-8b16-9a11b81ff9e1}] => Softonic France FF Toolbar
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6d6b212b-2245-4898-8b16-9a11b81ff9e1}] => Softonic France FF Toolbar
[HKLM\Software\WOW6432Node\Classes\CLSID\{6d6b212b-2245-4898-8b16-9a11b81ff9e1}] => Softonic France FF Toolbar
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6d6b212b-2245-4898-8b16-9a11b81ff9e1}] => Softonic France FF Toolbar
[HKCU\Software\AppDataLow\Software\Softonic_France_FF] => Toolbar.Conduit
[HKLM\Software\WOW6432Node\Softonic_France_FF] => Toolbar.Conduit
C:\Users\Elise\AppData\LocalLow\Softonic_France_FF => Toolbar.Conduit
C:\Users\Elise\AppData\LocalLow\SweetIM => SweetIM Toolbar
Sysrestore
EmptyTemp
FirewallRaz
ProxyFix