[MD5.0116540F8C9E1FC81073DEEE505BE48A] - (...) -- C:\Users\valery\AppData\Local\Lollipop\lollipop.exe [1752064] [PID.4200] [MD5.D41D8CD98F00B204E9800998ECF8427E] - (...) -- C:\ProgramData\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe [2561488] [PID.2292] M3 - MFPP: Plugins - [valery] -- C:\Users\valery\AppData\Roaming\Mozilla\Firefox\Profiles\9hlm2q5n.default\searchplugins\BabylonMngr.xml M3 - MFPP: Plugins - [valery] -- C:\Users\valery\AppData\Roaming\Mozilla\Firefox\Profiles\9hlm2q5n.default\searchplugins\MyStart Search.xml M3 - MFPP: Plugins - [valery] -- C:\Users\valery\AppData\Roaming\Mozilla\Firefox\Profiles\9hlm2q5n.default\searchplugins\sweetim.xml M0 - MFSP: prefs.js [valery - 9hlm2q5n.default] http://search.babylon.com M2 - MFEP: prefs.js [valery - 9hlm2q5n.default\ffxtlbr@babylon.com] [] Babylon v1.5.0 (.Babylon.) M2 - MFEP: prefs.js [valery - 9hlm2q5n.default\plugin@yontoo.com] [] Yontoo v1.20.00 (.Yontoo LLC.) M2 - MFEP: prefs.js [valery - 9hlm2q5n.default\{C9B68337-E93A-44EA-94DC-CB300EC06444}] [] IMinent Toolbar v5.30.4 (.IMinent.) M2 - MFEP: prefs.js [valery - 9hlm2q5n.default\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}] [] DealPly v2.0 (.dealply.com.) M2 - MFEP: prefs.js [valery - 9hlm2q5n.default\{EEE6C361-6118-11DC-9C72-001320C79847}] [] SweetIM Toolbar for Firefox v1.2.0.2 (.SweetIM Technologies LTD..) R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} . (.Skype Limited - Facebook Video Calling Plugin.) (No version) -- (.not file.) O2 - BHO: Interest recogniser for Widestream6 (powered by Spointer) - {1a6dc111-b030-4c3e-be65-299284128b91} . (.Widestream6 - Interest Recognizer for Widestream6.) -- C:\Program Files\Widestream6\spointer\extensions\widestream6_air_ie.dll O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} . (.Babylon BHO - Pas de description.) -- C:\Program Files\BabylonToolbar\BabylonToolbar\1.6.9.12\bh\BabylonToolbar.dll O2 - BHO: OfferBox - {703740c1-0f1a-4cec-a4df-d78db0158477} . (.Aedge Performance BCN SL - OfferBox.) -- C:\Program Files\OfferBox\extensions-4.0.4376.15\offerbox_air_iexplorer.dll O2 - BHO: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} . (...) -- C:\PROGRA~1\WI371A~1\Datamngr\ToolBar\searchqudtx.dll (.not file.) O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} . (.SweetIM Technologies Ltd. - SweetIM Toolbar for Internet Explorer.) -- C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} . (.Yontoo LLC - Yontoo Runtime.) -- C:\Program Files\Yontoo\YontooIEClient.dll O3 - Toolbar: SweetIM Toolbar for Internet Explorer - [HKLM]{EEE6C35B-6118-11DC-9C72-001320C79847} . (.SweetIM Technologies Ltd. - SweetIM Toolbar for Internet Explorer.) -- C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll O3 - Toolbar: Searchqu Toolbar - [HKLM]{99079a25-328f-4bd4-be04-00955acaa0a7} . (...) -- C:\Program Files\WI371A~1\Datamngr\ToolBar\searchqudtx.dll O3 - Toolbar: Babylon Toolbar - [HKLM]{98889811-442D-49dd-99D7-DC866BE87DBC} . (.Babylon Ltd. - Pas de description.) -- C:\Program Files\BabylonToolbar\BabylonToolbar\1.6.9.12\BabylonToolbarTlbr.dll O4 - HKLM\..\Run: [SweetIM] . (.SweetIM Technologies Ltd. - SweetIM Instant Messenger Enhancer.) -- C:\Program Files\SweetIM\Messenger\SweetIM.exe O4 - HKLM\..\Run: [widestream6@spointer.com] . (.Aedge Performance BCN SL - Spointer Browser Extension Setup.) -- C:\Program Files\Widestream6\spointer\spointer_browserext_setup.exe O20 - AppInit_DLLs: . (...) - C:\ProgramData\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll O23 - Service: Browser Manager (Browser Manager) . (...) - C:\ProgramData\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe [MD5.90FB85DF126AC74CF57AD9C528C08B49] [APT] [DealPly] (...) -- C:\Users\valery\AppData\Roaming\DealPly\UPDATE~1\UPDATE~1.exe [MD5.7E68E29CF66FBA108527BC38189636FF] [APT] [DealPlyUpdate] (.DealPly.) -- C:\Program Files\DealPly\DealPlyUpdate.exe O42 - Logiciel: Babylon toolbar on IE - (.BabylonToolbar.) [HKLM] -- BabylonToolbar O42 - Logiciel: BabylonObjectInstaller - (.Babylon Ltd.) [HKLM] -- {E55E7026-EF2A-4A17-AAA7-DB98EA3FD1B1} O42 - Logiciel: Browser Manager - (.Pas de propriétaire.) [HKLM] -- {15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693} O42 - Logiciel: Lollipop - (.Pas de propriétaire.) [HKCU] -- lollipop O42 - Logiciel: OfferBox Browser - (.Aedge Performance BCN SL.) [HKLM] -- OfferBox Browser O42 - Logiciel: ShopperReports - (.ShopperReports.) [HKLM] -- ShoppingReport2 O42 - Logiciel: SweetIM Toolbar for Internet Explorer 4.1 - (.SweetIM Technologies Ltd..) [HKLM] -- {A1194237-547A-461d-BD44-B97B1574A7DA} O42 - Logiciel: SweetIM for Messenger 3.4 - (.SweetIM Technologies Ltd..) [HKLM] -- {F70AE624-2B41-476F-BC9C-0A7F158C3F15} O42 - Logiciel: Update_DealPly - (.Pas de propriétaire.) [HKCU] -- DealPly O42 - Logiciel: Widestream6 - (.Aedge Performance BCN SL.) [HKLM] -- {835525BE-63BD-4EC4-9425-00CEAD4849C2} O42 - Logiciel: Yontoo 1.10.02 - (.Yontoo LLC.) [HKLM] -- {889DF117-14D1-44EE-9F31-C5FB5D47F68B} [HKCU\Software\52ed7dee268bd14] [HKCU\Software\AppDataLow\Software\ShoppingReport2] [HKCU\Software\AppDataLow\Software\Smartbar] [HKCU\Software\AppDataLow\Software\searchqutoolbar] [HKCU\Software\BabylonToolbar] [HKCU\Software\Babylon] [HKCU\Software\BrowserMngr] [HKCU\Software\DataMngr_Toolbar] [HKCU\Software\Datamngr] [HKCU\Software\InstallCore] [HKCU\Software\OfferBox] [HKCU\Software\ShoppingReport2] [HKCU\Software\SweetIM] [HKCU\Software\WideStream] [HKCU\Software\clickpotatolitesa] [HKCU\Software\ilivid] [HKLM\Software\52ed7dee268bd14] [HKLM\Software\Babylon] [HKLM\Software\BrowserMngr] [HKLM\Software\ClickPotatoLite] [HKLM\Software\DataMngr] [HKLM\Software\DealPly] [HKLM\Software\Iminent] [HKLM\Software\OfferBox] [HKLM\Software\SweetIM] [HKLM\Software\widestream] O43 - CFD: 07/09/2012 - 21:40:46 - [1,985] ----D C:\Program Files\BabylonToolbar O43 - CFD: 25/02/2011 - 14:55:35 - [0,061] ----D C:\Program Files\ClickPotatoLite O43 - CFD: 22/02/2013 - 13:31:14 - [0,888] ----D C:\Program Files\DealPly O43 - CFD: 12/08/2011 - 15:01:30 - [3,459] ----D C:\Program Files\OfferBox O43 - CFD: 25/02/2011 - 14:55:15 - [0,086] ----D C:\Program Files\ShoppingReport2 O43 - CFD: 13/08/2012 - 13:15:36 - [0] ----D C:\Program Files\Software O43 - CFD: 12/08/2011 - 15:00:40 - [8,441] ----D C:\Program Files\SweetIM O43 - CFD: 12/08/2011 - 15:11:39 - [3,148] ----D C:\Program Files\Widestream6 O43 - CFD: 13/08/2012 - 13:09:46 - [0,756] ----D C:\Program Files\Yontoo O43 - CFD: 25/02/2011 - 14:55:35 - [0] ----D C:\ProgramData\2ACA5CC3-0F83-453D-A079-1076FE1A8B65 O43 - CFD: 07/09/2012 - 21:39:30 - [0] ----D C:\ProgramData\Babylon O43 - CFD: 03/02/2013 - 18:37:52 - [14,613] ----D C:\ProgramData\Browser Manager O43 - CFD: 25/02/2011 - 14:56:26 - [1,166] ----D C:\ProgramData\ClickPotatoLiteSA O43 - CFD: 13/08/2012 - 13:15:36 - [0] ----D C:\ProgramData\Software O43 - CFD: 12/08/2011 - 15:00:24 - [1,453] ----D C:\ProgramData\SweetIM O43 - CFD: 07/09/2012 - 21:39:30 - [0,007] ----D C:\Users\valery\AppData\Roaming\Babylon O43 - CFD: 07/09/2012 - 21:41:00 - [2,228] ----D C:\Users\valery\AppData\Roaming\BabylonToolbar O43 - CFD: 25/02/2011 - 14:55:35 - [0] ----D C:\Users\valery\AppData\Roaming\ClickPotatoLite O43 - CFD: 16/02/2013 - 14:16:56 - [0,087] ----D C:\Users\valery\AppData\Roaming\DealPly O43 - CFD: 10/12/2012 - 18:52:57 - [0,609] ----D C:\Users\valery\AppData\Roaming\OfferBox O43 - CFD: 12/08/2011 - 15:05:22 - [0,001] ----D C:\Users\valery\AppData\Roaming\widestream O43 - CFD: 18/02/2012 - 12:39:43 - [1,134] ----D C:\Users\valery\AppData\Local\BrightBreezeSA O43 - CFD: 18/02/2012 - 12:47:51 - [0,014] ----D C:\Users\valery\AppData\Local\Ilivid Player O43 - CFD: 22/02/2013 - 18:41:18 - [6,420] ----D C:\Users\valery\AppData\Local\Lollipop O43 - CFD: 13/08/2012 - 13:09:46 - [0] ----D C:\Users\valery\AppData\Local\Software O43 - CFD: 22/02/2013 - 20:49:38 - [0,482] ----D C:\Users\valery\AppData\Local\widestream6 Air O69 - SBI: prefs.js [valery - 9hlm2q5n.default] user_pref("browser.search.order.1", "Search Results"); O69 - SBI: prefs.js [valery - 9hlm2q5n.default] user_pref("browser.startup.homepage", "http://search.babylon.com/?affID=115299&tt=3612_4&babsrc=HP_ss_cr&mntrId=9897fdae0000000000[...] O69 - SBI: prefs.js [valery - 9hlm2q5n.default] user_pref("extensions.BabylonToolbar.admin", false); O69 - SBI: prefs.js [valery - 9hlm2q5n.default] user_pref("extensions.BabylonToolbar.aflt", "babsst"); O69 - SBI: prefs.js [valery - 9hlm2q5n.default] user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}"); O69 - SBI: prefs.js [valery - 9hlm2q5n.default] user_pref("extensions.BabylonToolbar.autoRvrt", "false"); O69 - SBI: prefs.js [valery - 9hlm2q5n.default] user_pref("extensions.BabylonToolbar.dfltLng", "en"); O69 - SBI: prefs.js [valery - 9hlm2q5n.default] user_pref("extensions.BabylonToolbar.excTlbr", false); O69 - SBI: prefs.js [valery - 9hlm2q5n.default] user_pref("extensions.BabylonToolbar.id", "9897fdae000000000000001a4d35a70a"); O69 - SBI: prefs.js [valery - 9hlm2q5n.default] user_pref("extensions.BabylonToolbar.instlDay", "15590"); O69 - SBI: prefs.js [valery - 9hlm2q5n.default] user_pref("extensions.BabylonToolbar.instlRef", "sst"); O69 - SBI: prefs.js [valery - 9hlm2q5n.default] user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar"); O69 - SBI: prefs.js [valery - 9hlm2q5n.default] user_pref("extensions.BabylonToolbar.prtnrId", "babylon"); O69 - SBI: prefs.js [valery - 9hlm2q5n.default] user_pref("extensions.BabylonToolbar.tlbrId", "base"); O69 - SBI: prefs.js [valery - 9hlm2q5n.default] user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "http://search.babylon.com/?babsrc=TB_def&mntrId=9897fdae000000000000001a4d35a7[...] O69 - SBI: prefs.js [valery - 9hlm2q5n.default] user_pref("extensions.BabylonToolbar.vrsn", "1.6.9.12"); O69 - SBI: prefs.js [valery - 9hlm2q5n.default] user_pref("extensions.BabylonToolbar.vrsni", "1.6.9.12"); O69 - SBI: prefs.js [valery - 9hlm2q5n.default] user_pref("extensions.BabylonToolbar_i.babExt", ""); O69 - SBI: prefs.js [valery - 9hlm2q5n.default] user_pref("extensions.BabylonToolbar_i.babTrack", "affID=115299&tt=3612_4"); O69 - SBI: prefs.js [valery - 9hlm2q5n.default] user_pref("extensions.BabylonToolbar_i.newTab", false); O69 - SBI: prefs.js [valery - 9hlm2q5n.default] user_pref("extensions.BabylonToolbar_i.smplGrp", "none"); O69 - SBI: prefs.js [valery - 9hlm2q5n.default] user_pref("extensions.BabylonToolbar_i.srcExt", "ss"); O69 - SBI: prefs.js [valery - 9hlm2q5n.default] user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.6.9.1222:40:50"); O69 - SBI: prefs.js [valery - 9hlm2q5n.default] user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0"); O69 - SBI: prefs.js [valery - 9hlm2q5n.default] user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7"); O69 - SBI: prefs.js [valery - 9hlm2q5n.default] user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log"); O69 - SBI: prefs.js [valery - 9hlm2q5n.default] user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000"); O69 - SBI: prefs.js [valery - 9hlm2q5n.default] user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7"); O69 - SBI: prefs.js [valery - 9hlm2q5n.default] user_pref("sweetim.toolbar.mode.debug", "false"); O69 - SBI: prefs.js [valery - 9hlm2q5n.default] user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "Yahoo! Search"); O69 - SBI: prefs.js [valery - 9hlm2q5n.default] user_pref("sweetim.toolbar.previous.browser.search.defaulturl", "http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="); O69 - SBI: prefs.js [valery - 9hlm2q5n.default] user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "Yahoo! Search"); O69 - SBI: prefs.js [valery - 9hlm2q5n.default] user_pref("sweetim.toolbar.previous.browser.startup.homepage", "http://fr.msn.com/"); O69 - SBI: prefs.js [valery - 9hlm2q5n.default] user_pref("sweetim.toolbar.previous.keyword.URL", "http://search.live.com/results.aspx?mkt=fr-FR&FORM=MIMWA5&q="); O69 - SBI: prefs.js [valery - 9hlm2q5n.default] user_pref("sweetim.toolbar.search.external", "