~ Rapport de ZHPDiag v2014.5.14.63 - Nicolas Coolman (14/05/2014) ~ Lancé par marj (15/05/2014 07:11:37) ~ Adresse du Site Web http://nicolascoolman.webs.com ~ Blog d'analyse software : http://nicolascoolman.byethost7.com ~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/ ~ Traduit par Nicolas Coolman ~ Etat de la version : ~ Liste blanche : Activée par le programme ~ Elévation des Privilèges : OK ~ User Account Control (UAC): Deactivate by user ---\\ Navigateurs Internet MSIE: Internet Explorer v11.0.9600.17105 MFIE: Mozilla Firefox 22.0 (Defaut) ---\\ Informations sur les produits Windows ~ Langage: Français Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601) Windows Server License Manager Script : OK ~ Windows Operating System - Windows(R) 7, OEM_SLP channel System Locked Preinstallation (OEM_SLP) : OK Windows ID Activation : OK ~ Windows Partial Key : RMV82 Windows License : OK ~ Windows Remaining Initializations Number : 1 Software Protection Service (Protection logicielle) : OK Windows Automatic Updates : OK Windows Activation Technologies : OK ---\\ Logiciels de protection du système Kaspersky Internet Security 2013 v13.0.1.4190 McAfee Security Scan Plus v3.8.141.11 Windows Defender W7 ---\\ Logiciels d'optimisation du système ---\\ Logiciels de partage PeerToPeer ---\\ Surveillance de Logiciels ---\\ Informations sur le système ~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel ~ Operating System: 64 Bits Boot mode: Normal (Normal boot) Total RAM: 4003 MB (52% free) System Restore: Activé (Enable) System drive C: has 295 GB (65%) free of 451 GB ---\\ Mode de connexion au système ~ Computer Name: MARJ-PC ~ User Name: marj ~ All Users Names: UpdatusUser, marj, HomeGroupUser$, Administrateur, ~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89 Logged in as Administrator ---\\ Variables d'environnement ~ System Unit : C:\ ~ %AppZHP% : C:\Users\marj\AppData\Roaming\ZHP\ ~ %AppData% : C:\Users\marj\AppData\Roaming\ ~ %Desktop% : C:\Users\marj\Desktop\ ~ %Favorites% : C:\Users\marj\Favorites\ ~ %LocalAppData% : C:\Users\marj\AppData\Local\ ~ %StartMenu% : C:\Users\marj\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir% : C:\Windows\ ~ %System% : C:\Windows\System32\ ---\\ Enumération des unités disques C: Hard drive, Flash drive, Thumb drive (Free 295 Go of 451 Go) D: CD-ROM drive (Not Inserted) Q: Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go) ---\\ Etat du Centre de Sécurité Windows [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified ~ Security Center: 44 Legitimates Filtered in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808] [MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024] [MD5.F220BA78AB542C70211D73AE4729B2CD] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.06/03/2014 - 07:22:40.) -- C:\Windows\System32\wininet.dll [2260480] [MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.21/11/2010 - 04:24:29.) -- C:\Windows\System32\Winlogon.exe [390656] [MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.21/11/2010 - 04:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448] [MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/09/2013 - 02:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152] [MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128] [MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160] [MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456] [MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400] [MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368] [MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472] [MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224] [MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208] [MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 04:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632] [MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.24/01/2014 - 03:37:55.) -- C:\Windows\system32\Drivers\ntfs.sys [1684928] [MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280] [MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 04:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536] [MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184] [MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296] [MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\volsnap.sys [295808] ~ Generic Processes: Scanned in 00mn 00s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 2/725 ~ Mes musiques (My Musics) : 20/569 ~ Mes Videos (My Videos) : 2/13 ~ Mes Favoris (My Favorites) : 1/93 ~ Mes Documents (My Documents) : 1/130 ~ Mon Bureau (My Desktop) : 2/6914 ~ Menu demarrer (Programs) : 1/35 ~ Hidden Files: Scanned in 00mn 15s ---\\ Processus lancés [MD5.1136B11FB4B6A598051BD9648A798F7C] - (.Pas de propriétaire - Stage Remote Manager.) -- C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe [2022976] [PID.2148] [MD5.812DD9FBA5EF2136AEF738CAA499D47C] - (.Pas de propriétaire - Dell Stage.) -- C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe [2195824] [PID.2496] [MD5.2EF0B3C51971F51ED700C01CFBC5B82A] - (.Creative Technology Ltd - Webcam Central.) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [503942] [PID.3244] [MD5.4A73AB8412D3AA6CFAD24051FF9DBFA7] - (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160] [PID.3264] [MD5.9D51EA92A612B37E76E5E4621650C50A] - (.Renesas Electronics Corporation - USB 3.0 Monitor.) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288] [PID.3288] [MD5.4164A47F3A2DA7EA44572904C3DF44A4] - (.Pas de propriétaire - Roxio Burn Launcher.) -- C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe [514544] [PID.3364] [MD5.918850CDD168605454665D160B034837] - (...) -- C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe [67496] [PID.3420] [MD5.0A61A3ACE26CA4FC637BC8AF8C05CC00] - (.SweetIM Technologies Ltd. - SweetIM Instant Messenger Enhancer.) -- C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe [115032] [PID.3496] =>PUP.SweetIM [MD5.84A878D2D4A84CC73D53733F80FB57CE] - (.SweetIM Technologies Ltd. - Update Manager for SweetPacks.) -- C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe [231768] [PID.3540] =>PUP.SweetIM [MD5.15D2DB9BFA8E833ED31FAB2BB088FDDA] - (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356128] [PID.1240] [MD5.CE5C9977DA751DDC30952AC4DCBCA788] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe [49208] [PID.3588] [MD5.C265BFF559718F341D16C8355B4EDAED] - (.Pas de propriétaire - Stage Remote Service.) -- C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe [474176] [PID.3704] [MD5.6017CA94BE482BCB527D92C6D481B2CC] - (.Duuqu Group - FrameFox Extensions.) -- C:\Program Files (x86)\FrameFox\Extensions\InternetExplorer\framefox.exe [287216] [PID.3792] =>PUP.Duuqu [MD5.EBDD3032297EF6832A1D6D3AA6DC3537] - (.SoftThinks - Dell - Dell DataSafe Local Backup.) -- C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.exe [4259648] [PID.4308] [MD5.CD4F7B90CB09831BCDEDE0A206CCDB35] - (.Pas de propriétaire - ST Service Scheduling.) -- C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.exe [2751808] [PID.4372] [MD5.09890A2F032B138A74B5DF2C1233FB1D] - (.SoftThinks - Dell - DataSafe Update Launcher.) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe [460096] [PID.4396] [MD5.43561AE883C36EF9C52FB9C7765FE8ED] - (...) -- C:\Windows\SysWOW64\jmdp\stij.exe [1100592] [PID.5028] [MD5.F168869067FDF08BC6291988173B5025] - (.Pas de propriétaire - Dell Stage.) -- C:\Program Files (x86)\Dell Stage\Dell Stage\stage_secondary.exe [1850224] [PID.516] [MD5.715C62B9A059001BFA2A0224F4691AFD] - (.Intel Corporation - Bluetooth Media Player Controller.) -- C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe [839744] [PID.5844] [MD5.E1B4EE856AD8A31B64D9E2AB20542D96] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [7874560] [PID.3212] [MD5.6E3245DF783E58375B3465F03274743E] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254696] [PID.4996] [MD5.F0359F7CE712D69ACEF0886BDB4792ED] - (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [382824] [PID.996] [MD5.5FF7B9916A10E8E69E7C0D16F0B4787A] - (.Intel Corporation - Bluetooth Device Monitor.) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [921664] [PID.1380] [MD5.DF2D5FB7E9964C7E626ABE86ADA8C108] - (.Hewlett-Packard Company - SolutionsFrameworkService.) -- C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [47416] [PID.2536] [MD5.74EC60E20516AAA573BE74F31175270F] - (.SoftThinks SAS - SoftThinks Agent Service.) -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.exe [1692480] [PID.536] [MD5.39B1D0A636A400304565D4521FAD6D77] - (.Microsoft Corporation - Microsoft Application Virtualization Virtua.) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [207528] [PID.688] [MD5.20427929646784A482DF34EF8C4FED23] - (.Intel Corporation - Bluetooth OBEX Service.) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [995392] [PID.4192] [MD5.77C5A741A7452812F278EF2C18478862] - (.Microsoft Corporation - Microsoft Application Virtualization Client.) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [523944] [PID.4328] [MD5.FD557A50A65E44041CD2FCEF4BEB04DB] - (.Microsoft Corporation - Microsoft Office Client Virtualization Serv.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.exe [822504] [PID.5096] [MD5.E43D73CAF1023976EFBA1D0F0E69E271] - (.Intel Corporation - Bluetooth Media Service.) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [1335360] [PID.5572] ~ Processes Running: Scanned in 00mn 01s ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) C:\Users\marj\AppData\Local\Google\Chrome\User Data\Default\Preferences ---\\ Liste des dossiers d'extension Google Chrome ~ Google Lines Browser: 0 Legitimates Filtered in 00mn 00s ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) C:\Users\marj\AppData\Roaming\Mozilla\Firefox\Profiles\4zzuattf.default\prefs.js ~ Firefox Browser: 4 Legitimates Filtered in 00mn 00s ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.sweetpacks-search.com =>PUP.SweetIM R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com =>Hijacker.Qvo6 ~ IE Browser: 19 Legitimates Filtered in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:14328 =>Hijacker.Proxy R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Proxy management: Scanned in 00mn 00s ---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: Shell=C:\Windows\explorer.exe F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe ~ Keys: Scanned in 00mn 00s ---\\ Hosts file redirection (O1) ~ Le fichier hosts est sain (The hosts file is clean). ~ Hosts File: Scanned in 00mn 00s ~ Nombre de lignes (Lines number): 21 ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: DealPly Shopping [64Bits] - {4B6ACEA2-308A-4876-AD36-57CEC5B4FCC7} . (.DealPly - DealPly Shopping for Internet Explorer.) -- C:\Program Files (x86)\DealPly\DealPlyIE.dll =>PUP.DealPly O2 - BHO: Ask Toolbar BHO [64Bits] - {D4027C7F-154A-4066-A1AD-4243D8127440} . (.Ask - Ask Toolbar.) -- C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll =>Toolbar.Ask O2 - BHO: SWEETIE [64Bits] - {EEE6C35C-6118-11DC-9C72-001320C79847} . (.SweetIM Technologies Ltd. - SweetPacks Toolbar module for Internet Expl.) -- C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll =>PUP.SweetIM ~ BHO: 18 Legitimates Filtered in 00mn 00s ---\\ Autres liens utilisateurs (O4) O4 - GS\QuickLaunch [marj]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://www.qvo6.com =>Hijacker.Qvo6 O4 - GS\Program [marj]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.qvo6.com =>Hijacker.Qvo6 O4 - GS\SystemTools [marj]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.qvo6.com =>Hijacker.Qvo6 ~ Global Startup: 3 Legitimates Filtered in 00mn 03s ---\\ Applications lancées au démarrage du système (O4) O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [SysTrayApp] . (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray64.exe O4 - HKLM\..\Run: [Apoint] . (.Alps Electric Co., Ltd. - Alps Pointing-device Driver.) -- C:\Program Files\DellTPad\Apoint.exe O4 - HKLM\..\Run: [QuickSet] . (.Dell Inc. - QuickSet.) -- C:\Program Files\Dell\QuickSet\QuickSet.exe O4 - HKLM\..\Run: [IntelPAN] . (.Intel(R) Corporation - Intel(R) PROSet/Wireless Framework.) -- C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe O4 - HKLM\..\Run: [BTMTrayAgent] . (.Intel Corporation - Bluetooth Shell Extension.) -- C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll O4 - HKLM\..\Run: [Stage Remote] . (.Pas de propriétaire - Stage Remote Manager.) -- C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe O4 - HKLM\..\Run: [DellStage] . (.Pas de propriétaire - Dell Stage.) -- C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe O4 - HKLM\..\Wow6432Node\Run: [Dell Webcam Central] . (.Creative Technology Ltd - Webcam Central.) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe O4 - HKLM\..\Wow6432Node\Run: [IAStorIcon] . (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Wow6432Node\Run: [NUSB3MON] . (.Renesas Electronics Corporation - USB 3.0 Monitor.) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe O4 - HKLM\..\Wow6432Node\Run: [Dell Registration] . (.Dell, Inc. - System Registration.) -- C:\Program Files (x86)\System Registration\prodreg.exe O4 - HKLM\..\Wow6432Node\Run: [RoxWatchTray] . (.Sonic Solutions - RoxMMTrayApp Module.) -- c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe =>.Sonic Solutions O4 - HKLM\..\Wow6432Node\Run: [Desktop Disc Tool] . (.Pas de propriétaire - Roxio Burn Launcher.) -- c:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe =>.Roxio O4 - HKLM\..\Wow6432Node\Run: [NeroLauncher] . (...) -- C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe O4 - HKLM\..\Wow6432Node\Run: [AccuWeatherWidget] . (.Pas de propriétaire - AccuWeather.com desktop weather widget.) -- C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe O4 - HKLM\..\Wow6432Node\Run: [SweetIM] . (.SweetIM Technologies Ltd. - SweetIM Instant Messenger Enhancer.) -- C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe =>PUP.SweetIM O4 - HKLM\..\Wow6432Node\Run: [Sweetpacks Communicator] . (.SweetIM Technologies Ltd. - Update Manager for SweetPacks.) -- C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe =>PUP.SweetIM O4 - HKLM\..\Wow6432Node\Run: [AVP] . (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe O4 - HKLM\..\Wow6432Node\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe =>.Hewlett-Packard Co O4 - HKLM\..\Wow6432Node\Run: [FrameFox Extensions] . (.Duuqu Group - FrameFox Extensions.) -- C:\Program Files (x86)\FrameFox\Extensions\InternetExplorer\framefox.exe =>PUP.Duuqu O4 - HKUS\.DEFAULT\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-18\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation ~ Application: Scanned in 00mn 00s ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: Clavier virtuel [64Bits] - {0C4CC089-D306-440D-9772-464E226F6539} . (...) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\kbrd.ico O9 - Extra button: Analyse des liens [64Bits] - {CCF151D8-D089-449F-A5A4-D9909053F20F} . (...) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\logo.ico ~ IE Extra Buttons: Scanned in 00mn 00s ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{7FEFB7DC-DDF6-46F4-A49E-C9BC085B9027}: DhcpNameServer = 212.27.40.240 212.27.40.241 O17 - HKLM\System\CCS\Services\Tcpip\..\{F6DBE30F-DF9B-46DA-B45C-8D7977803804}: DhcpNameServer = 212.27.40.240 212.27.40.241 O17 - HKLM\System\CS1\Services\Tcpip\..\{7FEFB7DC-DDF6-46F4-A49E-C9BC085B9027}: DhcpNameServer = 212.27.40.240 212.27.40.241 O17 - HKLM\System\CS1\Services\Tcpip\..\{F6DBE30F-DF9B-46DA-B45C-8D7977803804}: DhcpNameServer = 212.27.40.240 212.27.40.241 O17 - HKLM\System\CS2\Services\Tcpip\..\{7FEFB7DC-DDF6-46F4-A49E-C9BC085B9027}: DhcpNameServer = 212.27.40.240 212.27.40.241 O17 - HKLM\System\CS2\Services\Tcpip\..\{F6DBE30F-DF9B-46DA-B45C-8D7977803804}: DhcpNameServer = 212.27.40.240 212.27.40.241 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.240 212.27.40.241 ~ Domain: Scanned in 00mn 00s ---\\ Protocole additionnel (O18) O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) -- O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation ~ Protocole Additionnel: Scanned in 00mn 00s ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll ~ Winlogon: Scanned in 00mn 00s ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - AppInit_DLLs: . (.NVIDIA Corporation - NVIDIA shim initialization dll, Version 306.) - C:\Windows\system32\nvinitx.dll ~ AppInit DLL: Scanned in 00mn 00s ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: (IBUpdaterService) . (...) - C:\Windows\System32\dmwu.exe =>Adware.InstallBrain ~ Services: 21 Legitimates Filtered in 00mn 10s ---\\ Tâches planifiées en automatique (O39) [MD5.534C82F1D7246EDF654B5257CA82FE70] [APT] [DealPly] (...) -- C:\Users\marj\AppData\Roaming\DealPly\UPDATE~1\UPDATE~1.exe [93728] =>PUP.DealPly [MD5.64A46A45A6AB3FD9EA19489AEB76BB76] [APT] [DealPlyUpdate] (.DealPly.) -- C:\Program Files (x86)\DealPly\DealPlyUpdate.exe [78424] =>PUP.DealPly [MD5.00000000000000000000000000000000] [APT] [Desk 365 RunAsStdUser] (...) -- C:\Program Files (x86)\Desk 365\desk365.exe (.not file.) [0] =>Hijacker.22Find [MD5.00000000000000000000000000000000] [APT] [RunAsStdUser] (...) -- C:\Program Files (x86)\Desk 365\desk365.exe (.not file.) [0] =>Hijacker.22Find [MD5.6B773BA457B813850A76493B3425AB35] [APT] [Scheduled Update for Ask Toolbar] (...) -- C:\Program Files (x86)\Ask.com\UpdateTask.exe [131976] =>Toolbar.Ask [MD5.7F91A8D7192B1664D4C4B19996ED8281] [APT] [Test TimeTrigger] (...) -- C:\Users\marj\AppData\Local\Temp\Runner.exe [40587] O39 - APT: - (..) -- C:\Windows\Tasks\AmiUpdXp.job [352] =>PUP.Software.Updater O39 - APT: - (..) -- C:\Windows\Tasks\DuuquUpdateTaskMachineCore.job [880] =>PUP.Duuqu O39 - APT: - (..) -- C:\Windows\Tasks\DuuquUpdateTaskMachineUA.job [884] =>PUP.Duuqu O39 - APT: - (..) -- C:\Windows\Tasks\ViewPassword Update.job [422] =>PUP.ViewPassword O39 - APT: - (..) -- C:\Windows\Tasks\ViewPassword_wd.job [412] =>PUP.ViewPassword ~ Scheduled Task: 14 Legitimates Filtered in 00mn 06s ---\\ Logiciels installés (O42) O42 - Logiciel: Ask Toolbar - (.Ask.com.) [HKLM][64Bits] -- {86D4B82A-ABED-442A-BE86-96357B70F4FE} =>Toolbar.Ask O42 - Logiciel: DealPly (remove only) - (.DealPly Technologies Ltd..) [HKLM][64Bits] -- DealPly =>PUP.DealPly O42 - Logiciel: DealPly - (...) [HKCU][64Bits] -- DealPly =>PUP.DealPly O42 - Logiciel: Duuqu Update Helper - (.Duuqu Group.) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} =>PUP.Duuqu O42 - Logiciel: Genesis - (...) [HKCU][64Bits] -- genesis =>PUP.Genesis O42 - Logiciel: IB Updater Service - (...) [HKLM][64Bits] -- WNLT =>Adware.InstallBrain O42 - Logiciel: SweetIM for Messenger 3.7 - (.SweetIM Technologies Ltd..) [HKLM][64Bits] -- {A0C9DF2B-89B5-4483-8983-18A68200F1B4} =>PUP.SweetIM O42 - Logiciel: SweetPacks bundle uninstaller - (.SweetIM Technologies Ltd..) [HKLM][64Bits] -- {0C43FE6B-E881-4AFC-B384-4AEBC90047E8} =>PUP.SweetIM O42 - Logiciel: TELEVITALE - (.TELEVITALE.) [HKLM][64Bits] -- {D3631AF5-5492-49DC-84FB-AAE587D5EBB2}_is1 O42 - Logiciel: Update Manager for SweetPacks 1.1 - (.SweetIM Technologies Ltd..) [HKLM][64Bits] -- {EA8FA6BE-29BE-4AF2-9352-841F83215EB0} =>PUP.SweetIM O42 - Logiciel: ViewPassword - (.ViewPassword-software.) [HKLM][64Bits] -- 52938534-B616-89B7-AD47-79F78A0B5F29 =>PUP.ViewPassword ~ Logic: 27 Legitimates Filtered in 00mn 00s ---\\ HKCU & HKLM Software Keys [HKCU\Software\5c55da8cbc3ab845] =>Hijacker.Eazel [HKCU\Software\APN PIP] [HKCU\Software\Ask.com] [HKCU\Software\BabylonToolbar] =>PUP.Babylon [HKCU\Software\DataMngr] =>PUP.Datamngr [HKCU\Software\DataMngr_Toolbar] =>PUP.Datamngr [HKCU\Software\Duuqu] =>PUP.Duuqu [HKCU\Software\Genesis] =>PUP.Genesis [HKCU\Software\IM] [HKCU\Software\Iminent] =>Adware.IMBooster [HKCU\Software\IncrediMail] [HKCU\Software\SweetIM] =>PUP.SweetIM [HKCU\Software\TELEVITALE] [HKCU\Software\V9] [HKCU\Software\WNLT] =>Adware.IncrediBar [HKLM\Software\WNLT] =>Adware.IncrediBar [HKLM\Software\Wow6432Node\5c55da8cbc3ab845] =>Hijacker.Eazel [HKLM\Software\Wow6432Node\AskToolbar] [HKLM\Software\Wow6432Node\Babylon] =>PUP.Babylon [HKLM\Software\Wow6432Node\DataMngr] =>PUP.Datamngr [HKLM\Software\Wow6432Node\Duuqu] =>PUP.Duuqu [HKLM\Software\Wow6432Node\Iminent] =>Adware.IMBooster [HKLM\Software\Wow6432Node\PIP] [HKLM\Software\Wow6432Node\SweetIM] =>PUP.SweetIM [HKLM\Software\Wow6432Node\V9] [HKLM\Software\Wow6432Node\deskSvc] =>Hijacker.22Find [HKLM\Software\Wow6432Node\eSafeSecControl] =>PUP.eSafeSecurity ~ Key Software: 307 Legitimates Filtered in 00mn 00s ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 05/03/2012 - 19:29:48 - [] ----D C:\Program Files (x86)\Ask.com O43 - CFD: 06/05/2013 - 11:16:25 - [] ----D C:\Program Files (x86)\DealPly =>PUP.DealPly O43 - CFD: 02/05/2013 - 17:42:11 - [] ----D C:\Program Files (x86)\Desk 365 =>Hijacker.22Find O43 - CFD: 07/05/2014 - 21:49:39 - [] ----D C:\Program Files (x86)\Duuqu =>PUP.Duuqu O43 - CFD: 07/05/2014 - 21:50:26 - [] ----D C:\Program Files (x86)\FrameFox O43 - CFD: 02/05/2013 - 17:49:00 - [] ----D C:\Program Files (x86)\Iminent =>Adware.IMBooster O43 - CFD: 11/05/2014 - 22:32:02 - [0] ----D C:\Program Files (x86)\MediaWatchV1 =>PUP.MediaWatch O43 - CFD: 31/10/2012 - 14:21:21 - [] ----D C:\Program Files (x86)\SweetIM =>PUP.SweetIM O43 - CFD: 14/05/2014 - 12:36:35 - [] ----D C:\Program Files (x86)\ViewPassword-soft =>PUP.ViewPassword O43 - CFD: 29/03/2013 - 21:07:51 - [] ----D C:\Program Files (x86)\Common Files\337 =>Hijacker.22Find O43 - CFD: 08/05/2014 - 23:39:38 - [] ----D C:\ProgramData\374311380 O43 - CFD: 29/03/2013 - 21:00:24 - [0] ----D C:\ProgramData\Babylon =>PUP.Babylon O43 - CFD: 11/08/2013 - 14:31:43 - [] ----D C:\ProgramData\eSafe =>PUP.eSafeSecurity O43 - CFD: 31/10/2012 - 14:21:21 - [] ----D C:\ProgramData\SweetIM =>PUP.SweetIM O43 - CFD: 29/03/2013 - 21:00:24 - [] ----D C:\Users\marj\AppData\Roaming\Babylon =>PUP.Babylon O43 - CFD: 06/05/2013 - 11:16:40 - [] ----D C:\Users\marj\AppData\Roaming\DealPly =>PUP.DealPly O43 - CFD: 30/04/2013 - 08:35:59 - [] ----D C:\Users\marj\AppData\Roaming\Desk 365 =>Hijacker.22Find O43 - CFD: 30/05/2013 - 14:23:42 - [] ----D C:\Users\marj\AppData\Roaming\eIntaller O43 - CFD: 29/03/2013 - 21:02:38 - [] ----D C:\Users\marj\AppData\Roaming\Iminent =>Adware.IMBooster O43 - CFD: 20/08/2012 - 19:37:55 - [] ----D C:\Users\marj\AppData\Roaming\OpenCandy =>Adware.OpenCandy O43 - CFD: 07/05/2014 - 21:49:38 - [] ----D C:\Users\marj\AppData\Local\Duuqu =>PUP.Duuqu O43 - CFD: 14/05/2014 - 12:36:35 - [] ----D C:\Users\marj\AppData\Local\Genesis =>PUP.Genesis O43 - CFD: 01/05/2014 - 16:14:49 - [] ----D C:\Users\marj\AppData\Local\SwvUpdater =>PUP.Software.Updater O43 - CFD: 02/05/2013 - 17:47:14 - [0] ----D C:\Users\marj\AppData\Local\Tiger Savings =>PUP.SpecialSavings O43 - CFD: 29/03/2013 - 21:00:29 - [] ----D C:\Users\marj\AppData\Local\Wajam =>PUP.Wajam O43 - CFD: 06/05/2013 - 11:16:26 - [] ----D C:\Users\marj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly =>PUP.DealPly ~ 5 Dossier CLSID vide (CLSID Empty Folder) ~ Program Folder: 212 Legitimates Filtered in 00mn 01s ---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55) O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 ~ MWPS: 17 Legitimates Filtered in 00mn 00s ---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56) O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1 ~ MWPE Keys: 4 Legitimates Filtered in 00mn 00s ---\\ Liste des pilotes du système (SDL) (O58) O58 - SDL:08/08/2011 - 13:32:08 ---A- . (.Windows (R) Win 7 DDK provider - Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual A.) -- C:\Windows\System32\Drivers\AmpPal.sys [299008] O58 - SDL:14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496] O58 - SDL:10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232] O58 - SDL:14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656] O58 - SDL:25/01/2011 - 10:57:18 ---A- . (.IDT, Inc. - IDT PC Audio.) -- C:\Windows\System32\Drivers\stwrt64.sys [520192] ~ Drivers: 76 Legitimates Filtered in 00mn 02s ---\\ Liste des outils de désinfection (LATC) (O63) O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman ~ ADS: Scanned in 00mn 00s ---\\ Menu de démarrage Internet (SMI) (O68) O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ~ Keys: Scanned in 00mn 00s ---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69) O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} - (Delta Search) - http://www.delta-search.com =>Toolbar.DeltaSearch O69 - SBI: SearchScopes [HKCU] {33BB0A4E-99AF-4226-BDF6-49120163DE86} - (delta-homes) - http://search.delta-homes.com =>Toolbar.DeltaSearch O69 - SBI: SearchScopes [HKCU] {4C4A7472-6469-4161-A5E6-8C1D96E56FE0} - (Google) - http://www.google.com O69 - SBI: SearchScopes [HKCU] {EEE6C360-6118-11DC-9C72-001320C79847} [DefaultScope] - (Sweetpacks Search) - http://mysearch.sweetpacks.com =>PUP.SweetIM ~ Keys: Scanned in 00mn 00s ---\\ Recherche particulière à la racine du système (SPRF) (O84) [MD5.EDA1713C513BF5A0177C9DD01C531885] [SPRF][05/03/2014] (.TELEVITALE - Pas de description.) -- C:\Users\marj\Desktop\televitale.exe [15295468] ~ Files: 1 Legitimates Filtered in 00mn 00s ---\\ Liste des exceptions du parefeu (FirewallRules) (O87) O87 - FAEL: "{A515976E-61E4-47C4-A81E-AB8C052F3966}" | In - Public - P6 - TRUE | .(.SweetIM Technologies Ltd. - Update Manager for SweetPacks.) -- C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe =>PUP.SweetIM O87 - FAEL: "{BD8A378A-4412-4A22-A84A-D421F36CC5C6}" | In - Public - P17 - TRUE | .(.SweetIM Technologies Ltd. - Update Manager for SweetPacks.) -- C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe =>PUP.SweetIM ~ Firewall: 2 Legitimates Filtered in 00mn 01s ---\\ Enumère les codes produits des logiciels (PUC) (O90) O90 - PUC: "098CCE33084C42149BB5AB630E521B02" . (.FrameFox Extensions 1.0.7.0.) -- C:\windows\Installer\{33ECC890-C480-4124-B95B-BA36E025B120}\FrameFox.ico =>PUP.FrameFox O90 - PUC: "9EE58E3C298524145B73CBBED3CAC4D3" . (.Internet Explorer Toolbar 4.6 by SweetPacks.) -- C:\windows\Installer\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}\ARPPRODUCTICON.exe =>PUP.SweetIM O90 - PUC: "B2FD9C0A5B9838449838816A28001F4B" . (.SweetIM for Messenger 3.7.) -- C:\windows\Installer\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}\ARPPRODUCTICON.exe =>PUP.SweetIM ~ Update Products: 3 Legitimates Filtered in 00mn 00s ---\\ Export de clés de registre aléatoires (O91) [HKCU\Software\5c55da8cbc3ab845\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1125.80]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Eazel [HKCU\Software\5c55da8cbc3ab845\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1125.80]:version="2.6.1125.80" =>Hijacker.Eazel [HKCU\Software\5c55da8cbc3ab845] =>PUP.Babylon^ [HKLM\Software\Wow6432Node\5c55da8cbc3ab845] => Clé orpheline => Clé orpheline => Clé orpheline => Clé orpheline ~ Export Key Software: Scanned in 00mn 00s ---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS) [MD5.39509F7D4B7E345BE537D01B3E1ABEB9] [WIS][31/10/2012] (.SweetIM Technologies Ltd. - SweetIM for Messenger 3.7.) -- C:\Windows\Installer\483cf.msi [3760128] =>PUP.SweetIM [MD5.EDD21B7C504C7E3F36DE766B31BD3178] [WIS][31/10/2012] (.SweetIM Technologies Ltd. - SweetPacks Toolbar for Internet Explorer 4.0.) -- C:\Windows\Installer\48434.msi [3304960] =>PUP.SweetIM [MD5.3CD19859CD377AD00B30E4BEE49D374E] [WIS][31/10/2012] (.SweetIM Technologies Ltd. - Sweetpacks Communicator 1.1.) -- C:\Windows\Installer\48449.msi [2997248] =>PUP.SweetIM [MD5.BBF4134424D0556F36DC086028750937] [WIS][31/10/2012] (.SweetIM Technologies Ltd. - SweetPacks bundle uninstaller.) -- C:\Windows\Installer\4844f.msi [2579456] =>PUP.SweetIM [MD5.C13388A1D0EB8A495C7014805AE236EF] [WIS][07/05/2014] (.Duuqu Group - Duuqu Update Helper.) -- C:\Windows\Installer\ba72cbc.msi [45056] =>PUP.Duuqu [MD5.5FF2B0F7835519063800D9F2DB535131] [WIS][22/08/2013] (.QwertyBox Team - FrameFox Extensions 1.0.7.0 Setup.) -- C:\Windows\Installer\ba72cc2.msi [417792] =>PUP.FrameFox ~ WIS: 6 Legitimates Filtered in 00mn 05s ---\\ Recherche de clés de registre Tracing (O100) HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Bubble Dock BSetup_RASAPI32 =>PUP.BubbleDock HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Bubble Dock BSetup_RASMANCS =>PUP.BubbleDock HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Bubble Dock Update_RASAPI32 =>PUP.BubbleDock HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Bubble Dock Update_RASMANCS =>PUP.BubbleDock HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Bubble Dock_RASAPI32 =>PUP.BubbleDock HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Bubble Dock_RASMANCS =>PUP.BubbleDock HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\bundlesweetimsetup_RASAPI32 =>PUP.SweetIM HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\bundlesweetimsetup_RASMANCS =>PUP.SweetIM HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ConduitInstaller_RASAPI32 =>Adware.Bloson HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ConduitInstaller_RASMANCS =>Adware.Bloson HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\desk365_RASAPI32 =>Hijacker.22Find HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\desk365_RASMANCS =>Hijacker.22Find HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\deskSvc_RASAPI32 =>Hijacker.22Find HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\deskSvc_RASMANCS =>Hijacker.22Find HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\googletoolbarinstaller_full_signed_RASAPI32 =>Toolbar.Google HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\googletoolbarinstaller_full_signed_RASMANCS =>Toolbar.Google HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarInstaller_updater_signed_RASAPI32 =>Toolbar.Google HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarInstaller_updater_signed_RASMANCS =>Toolbar.Google HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarNotifier_RASAPI32 =>Toolbar.Google HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarNotifier_RASMANCS =>Toolbar.Google HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\IminentSetup_2203-bd84cda8_RASAPI32 =>Adware.IMBooster HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\IminentSetup_2203-bd84cda8_RASMANCS =>Adware.IMBooster HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Iminent_RASAPI32 =>Adware.IMBooster HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Iminent_RASMANCS =>Adware.IMBooster HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Install_BubbleDock_RASAPI32 =>PUP.BubbleDock HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Install_BubbleDock_RASMANCS =>PUP.BubbleDock HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\MyBabylonTB_RASAPI32 =>PUP.Babylon HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\MyBabylonTB_RASMANCS =>PUP.Babylon HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\nsb1_ar_qvo6_RASAPI32 =>Hijacker.Qvo6 HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\nsb1_ar_qvo6_RASMANCS =>Hijacker.Qvo6 HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\portaldosites_2203-cf3fd19d_RASAPI32 =>Hijacker.PortaldoSites HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\portaldosites_2203-cf3fd19d_RASMANCS =>Hijacker.PortaldoSites HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Shortcut_SweetImSetup_RASAPI32 =>PUP.SweetIM HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Shortcut_SweetImSetup_RASMANCS =>PUP.SweetIM HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_pour_free-youtube-to-mp3-converter_RASAPI32 =>Toolbar.Conduit HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_pour_free-youtube-to-mp3-converter_RASMANCS =>Toolbar.Conduit HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\softonic_ggl_1_RASAPI32 =>Toolbar.Conduit HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\softonic_ggl_1_RASMANCS =>Toolbar.Conduit HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SweetImSetup_RASAPI32 =>PUP.SweetIM HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SweetImSetup_RASMANCS =>PUP.SweetIM HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SweetIM_RASAPI32 =>PUP.SweetIM HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SweetIM_RASMANCS =>PUP.SweetIM HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SweetPacksUpdateManager_RASAPI32 =>PUP.SweetIM HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS =>PUP.SweetIM HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\tiger savings-bg_RASAPI32 =>PUP.SpecialSavings HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\tiger savings-bg_RASMANCS =>PUP.SpecialSavings HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Tiger Savings_RASAPI32 =>PUP.SpecialSavings HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Tiger Savings_RASMANCS =>PUP.SpecialSavings HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WajamUpdater_RASAPI32 =>PUP.Wajam HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WajamUpdater_RASMANCS =>PUP.Wajam HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\wajam_install_RASAPI32 =>PUP.Wajam HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\wajam_install_RASMANCS =>PUP.Wajam ~ BTK: 337 Legitimates Filtered in 00mn 00s ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SS - | Demand 16/01/2014 289256 | (McComponentHostService) . (.McAfee, Inc..) - C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe SS - | Demand 18/06/2013 117144 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe SS - | Demand 28/07/2011 340240 | (MyWiFiDHCPDNS) . (...) - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe SS - | Auto 08/10/2012 1258856 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe SS - | Demand 25/11/2010 1116656 | (RoxMediaDB12OEM) . (.Sonic Solutions.) - c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe SS - | Auto 25/11/2010 219632 | (RoxWatch12) . (.Sonic Solutions.) - c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe SS - | Auto 23/10/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe SS - | Demand 08/11/2010 74392 | (stllssvr) . (.MicroVision Development, Inc..) - c:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe SR - | Auto 03/03/2009 89600 | (AESTFilters) . (.Andrea Electronics Corporation.) - C:\Program Files\IDT\WDM\AESTSr64.exe SR - | Auto 08/08/2011 1166848 | (AMPPALR3) . (.Intel Corporation.) - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe SR - | Auto 09/10/2013 356128 | (AVP) . (.Kaspersky Lab ZAO.) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe SR - | Auto 19/05/2011 921664 | (Bluetooth Device Monitor) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe SR - | Demand 19/05/2011 1335360 | (Bluetooth Media Service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe SR - | Auto 19/05/2011 995392 | (Bluetooth OBEX Service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe SR - | Auto 03/06/2011 134928 | (BTHSSecurityMgr) . (.Intel(R) Corporation.) - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe SR - | Auto 28/07/2011 1517328 | (EvtEng) . (.Intel(R) Corporation.) - C:\Program Files\Intel\WiFi\bin\EvtEng.exe SR - | Auto 05/02/2014 47416 | (HPSupportSolutionsFrameworkService) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe SR - | Auto 06/11/2010 13336 | (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe SR - | Auto 07/04/2014 2276144 | (IBUpdaterService) . (...) - C:\Windows\System32\dmwu.exe =>Adware.InstallBrain SR - | Auto 06/10/2010 325656 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe SR - | Auto 13/07/2012 769432 | (NAUpdate) . (.Nero AG.) - C:\Program Files (x86)\Nero\Update\NASvc.exe SR - | Auto 02/10/2012 891240 | (NVSvc) . (.NVIDIA Corporation.) - C:\Windows\System32\nvvsvc.exe SR - | Auto 28/07/2011 844560 | (RegSrvc) . (.Intel(R) Corporation.) - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe SR - | Auto 18/08/2011 1692480 | (SftService) . (.SoftThinks SAS.) - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.exe SR - | Auto 25/01/2011 296448 | (STacSV) . (.IDT, Inc..) - C:\Program Files\IDT\WDM\STacSV64.exe SR - | Auto 02/10/2012 382824 | (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe SR - | Auto 06/10/2010 2655768 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe ~ Services: Scanned in 00mn 08s ---\\ Scan Additionnel (O88) Database Version : 13045 - (14/05/2014) Clés trouvées (Keys found) : 350 Valeurs trouvées (Values found) : 5 Dossiers trouvés (Folders found) : 27 Fichiers trouvés (Files found) : 30 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4B6ACEA2-308A-4876-AD36-57CEC5B4FCC7}] =>PUP.DealPly^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] =>Toolbar.Ask^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}] =>PUP.SweetIM^ [HKLM\SYSTEM\CurrentControlSet\Services\IBUpdaterService] =>Adware.InstallBrain^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}] =>Toolbar.Ask^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\DealPly] =>PUP.DealPly^ [HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DealPly] =>PUP.DealPly^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}] =>PUP.Duuqu^ [HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\genesis] =>PUP.Genesis^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\WNLT] =>Adware.InstallBrain^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}] =>PUP.SweetIM^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{0C43FE6B-E881-4AFC-B384-4AEBC90047E8}] =>PUP.SweetIM^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}] =>PUP.SweetIM^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\52938534-B616-89B7-AD47-79F78A0B5F29] =>PUP.ViewPassword^ [HKLM\Software\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}] =>Adware.IMBooster [HKLM\Software\Wow6432Node\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}] =>Adware.IMBooster [HKLM\Software\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}] =>Adware.IMBooster [HKLM\Software\Wow6432Node\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}] =>Adware.IMBooster [HKLM\Software\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}] =>Adware.IMBooster [HKLM\Software\Wow6432Node\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}] =>Adware.IMBooster [HKLM\Software\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}] =>Adware.IMBooster [HKLM\Software\Wow6432Node\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}] =>Adware.IMBooster [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0C43FE6B-E881-4AFC-B384-4AEBC90047E8}] =>PUP.SweetIM [HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}] =>PUP.Babylon [HKLM\Software\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}] =>PUP.RewardsArcade [HKLM\Software\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] =>Toolbar.Ask [HKLM\Software\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}] =>PUP.RewardsArcade [HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software [HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software [HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software [HKLM\Software\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}] =>PUP.RewardsArcade [HKLM\Software\Classes\TypeLib\{4d3b167e-5fd8-4276-8fd7-9df19c1e4d19}] =>PUP.SweetIM [HKLM\Software\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}] =>Adware.IMBooster [HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}] =>Toolbar.Ask [HKLM\Software\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}] =>Toolbar.Ask [HKLM\Software\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}] =>PUP.RewardsArcade [HKLM\Software\Classes\AppID\{835315FC-1BF6-4CA9-80CD-F6C158D40692}] =>Adware.PriceGong [HKLM\Software\Wow6432Node\Classes\AppID\{835315FC-1BF6-4CA9-80CD-F6C158D40692}] =>Adware.PriceGong [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}] =>Toolbar.Ask [HKLM\Software\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}] =>Toolbar.Ask [HKLM\Software\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}] =>Toolbar.Ask [HKLM\Software\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}] =>PUP.RewardsArcade [HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}] =>Toolbar.Ask [HKLM\Software\Wow6432Node\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}] =>Toolbar.Ask [HKLM\Software\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}] =>PUP.Software.Updater [HKLM\Software\Wow6432Node\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}] =>PUP.Software.Updater [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}] =>PUP.SweetIM [HKLM\Software\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}] =>PUP.Software.Updater [HKLM\Software\Wow6432Node\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}] =>PUP.Babylon [HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}] =>Toolbar.Ask [HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}] =>Toolbar.Ask [HKLM\Software\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}] =>Toolbar.Ask [HKLM\Software\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}] =>Toolbar.Ask [HKLM\Software\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}] =>PUP.RewardsArcade [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}] =>Toolbar.Avira [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}] =>Toolbar.Avira [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] =>Toolbar.Avira [HKLM\Software\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}] =>Toolbar.Wajam [HKLM\Software\Wow6432Node\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}] =>Toolbar.Wajam [HKLM\Software\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}] =>PUP.RewardsArcade [HKLM\Software\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48d2-9061-8BBD4899EB08}] =>Adware.IMBooster [HKLM\Software\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}] =>PUP.RewardsArcade [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635] =>PUP.SweetIM [HKLM\Software\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}] =>PUP.Babylon [HKLM\Software\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}] =>PUP.RewardsArcade [HKLM\Software\Classes\AppID\GenericAskToolbar.DLL] =>Toolbar.Ask [HKLM\Software\Classes\AppID\PriceGongIE.DLL] =>Adware.PriceGong [HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\sweetim.exe] =>PUP.SweetIM [HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd] =>Toolbar.Ask [HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd.1] =>Toolbar.Ask [HKLM\Software\Classes\sim-packages] =>Toolbar.Agent [HKLM\Software\Classes\Updater.AmiUpd] =>PUP.Software.Updater [HKLM\Software\Classes\Updater.AmiUpd.1] =>PUP.Software.Updater [HKLM\Software\Wow6432Node\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp] =>Toolbar.Wajam [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E] =>Toolbar.Ask [HKLM\Software\Classes\Installer\Features\0E9201899CF73FC4BA93F631631229A1] =>Toolbar.Agent [HKLM\Software\Classes\Installer\Products\0E9201899CF73FC4BA93F631631229A1] =>Toolbar.Agent [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0E9201899CF73FC4BA93F631631229A1] =>Toolbar.Agent [HKLM\Software\Wow6432Node\Classes\Installer\Features\0E9201899CF73FC4BA93F631631229A1] =>Toolbar.Agent [HKLM\Software\Wow6432Node\Classes\Installer\Products\0E9201899CF73FC4BA93F631631229A1] =>Toolbar.Agent [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED] =>Toolbar.Ask [HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AVGSearch [HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AVGSearch [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AVGSearch [HKLM\Software\Wow6432Node\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AVGSearch [HKLM\Software\Wow6432Node\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AVGSearch [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9] =>Adware.MyWebSearch [HKCU\Software\APN PIP] =>Toolbar.Ask [HKCU\Software\Ask.com] =>Toolbar.AskBar [HKCU\Software\AppDataLow\Software\AskToolbar] =>Toolbar.AskTBar [HKLM\Software\Wow6432Node\AskToolbar] =>Toolbar.AskTBar [HKCU\Software\BabylonToolbar] =>PUP.Babylon [HKCU\Software\DataMngr] =>Adware.Bandoo [HKLM\Software\Wow6432Node\DataMngr] =>Adware.Bandoo [HKCU\Software\Iminent] =>Adware.IMBooster [HKLM\Software\Wow6432Node\Iminent] =>Adware.IMBooster [HKLM\Software\Wow6432Node\PIP] =>Toolbar.Ask [HKCU\Software\AppDataLow\Software\PriceGong] =>Adware.PriceGong [HKLM\Software\Classes\Installer\Features\EB6AF8AEEB922FA4392548F13812E50B] =>PUP.SweetIM [HKLM\Software\Classes\Installer\Products\EB6AF8AEEB922FA4392548F13812E50B] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EB6AF8AEEB922FA4392548F13812E50B] =>PUP.SweetIM [HKLM\Software\Wow6432Node\Classes\Installer\Features\EB6AF8AEEB922FA4392548F13812E50B] =>PUP.SweetIM [HKLM\Software\Wow6432Node\Classes\Installer\Products\EB6AF8AEEB922FA4392548F13812E50B] =>PUP.SweetIM [HKCU\Software\SweetIM] =>PUP.SweetIM [HKLM\Software\Wow6432Node\SweetIM] =>PUP.SweetIM [HKCU\Software\WNLT] =>Adware.IncrediBar [HKLM\Software\WNLT] =>Adware.IncrediBar [HKLM\Software\Wow6432Node\WNLT] =>Adware.IncrediBar [HKCU\Software\DealPly] =>PUP.DealPly [HKLM\Software\Wow6432Node\DealPly] =>PUP.DealPly [HKLM\Software\Wow6432Node\Microsoft\Tracing\Iminent_RASAPI32] =>Adware.Bandoo [HKLM\Software\Wow6432Node\Microsoft\Tracing\Iminent_RASMANCS] =>Adware.Bandoo [HKLM\Software\Wow6432Node\Microsoft\Tracing\MyBabylontb_RASAPI32] =>PUP.Babylon [HKLM\Software\Wow6432Node\Microsoft\Tracing\MyBabylontb_RASMANCS] =>PUP.Babylon [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{981029E0-7FC9-4CF3-AB39-6F133621921A}] =>Toolbar.Agent [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}] =>PUP.SweetIM [HKLM\Software\Classes\Interface\{88F6D55F-AA3F-4003-BE69-4AC1998D6492}] =>Toolbar.Conduit [HKLM\Software\Classes\Interface\{84F06F7A-F811-48D7-8B34-3F4145183D8F}] =>Toolbar.Conduit [HKLM\Software\Classes\Interface\{717BAE33-7061-4279-8AE5-6C13BC8AF3F9}] =>Toolbar.Conduit [HKLM\Software\Classes\Interface\{66C8FD57-54C4-4D4F-BC95-DCCC763B410A}] =>Toolbar.Conduit [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DealPly] =>PUP.DealPly [HKLM\Software\Classes\Interface\{55D69CD1-6715-4C40-BF05-9519AC4DC6E6}] =>Toolbar.Conduit [HKLM\Software\Classes\Interface\{41226591-6F7A-4082-B63A-67FE4A0CF7A6}] =>Toolbar.Conduit [HKLM\Software\Classes\Interface\{349C0469-ACDD-49DF-9B3E-0D82E7C7DC4D}] =>Toolbar.Conduit [HKLM\Software\Classes\Interface\{2AC7B9EB-3881-4EB9-8DEE-0A731A309FDE}] =>Toolbar.Conduit [HKLM\Software\Classes\Interface\{088BF3A9-6AE8-47B9-A3FB-26262F236C79}] =>Toolbar.Conduit [HKLM\Software\Classes\Interface\{087CDC12-0A11-4D1D-8DCF-44185D7C3496}] =>Toolbar.Conduit [HKLM\Software\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}] =>PUP.Funmoods [HKLM\Software\Wow6432Node\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}] =>PUP.Funmoods [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP] =>Adware.IMBooster [HKLM\Software\Classes\Interface\{A0F66203-1A86-4812-9603-A57E09A4D7A3}] =>Toolbar.Conduit [HKLM\Software\Classes\Interface\{BC39D1B3-4471-41C1-AACA-E097FAF4B7AA}] =>Toolbar.Conduit [HKLM\Software\Classes\Interface\{DEB85542-1311-4EC6-8A32-5372EB27FC94}] =>Toolbar.Conduit [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WNLT] =>Adware.IncrediBar [HKLM\Software\Classes\Prod.cap] =>PUP.Babylon [HKLM\Software\Classes\Installer\Features\9EE58E3C298524145B73CBBED3CAC4D3] =>PUP.SweetIM [HKLM\Software\Classes\Installer\Products\9EE58E3C298524145B73CBBED3CAC4D3] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9EE58E3C298524145B73CBBED3CAC4D3] =>PUP.SweetIM [HKLM\Software\Wow6432Node\Classes\Installer\Features\9EE58E3C298524145B73CBBED3CAC4D3] =>PUP.SweetIM [HKLM\Software\Wow6432Node\Classes\Installer\Products\9EE58E3C298524145B73CBBED3CAC4D3] =>PUP.SweetIM [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}] =>PUP.SweetIM [HKLM\Software\Classes\Installer\Features\B2FD9C0A5B9838449838816A28001F4B] =>PUP.SweetIM [HKLM\Software\Classes\Installer\Products\B2FD9C0A5B9838449838816A28001F4B] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B2FD9C0A5B9838449838816A28001F4B] =>PUP.SweetIM [HKLM\Software\Wow6432Node\Classes\Installer\Features\B2FD9C0A5B9838449838816A28001F4B] =>PUP.SweetIM [HKLM\Software\Wow6432Node\Classes\Installer\Products\B2FD9C0A5B9838449838816A28001F4B] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>PUP.Tarma [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>PUP.Tarma [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8724E58E6C7D00C48A0D4F3345EB2C26] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB676B0E1B9EFA049B9F7DDDA9645734] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B31BBB0B825EDEF45AB0FE7099C68C81] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B471D8D7319336B4CA89374ED0D7B806] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC30043663AA2CA4DA1DAA9CA5FDCC75] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FDC83385E6C239F4C876A77A37DF581D] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0] =>PUP.SweetIM [HKLM\Software\Classes\MediaPlayer.GraphicsUtils] =>PUP.SweetIM [HKLM\Software\Classes\MediaPlayer.GraphicsUtils.1] =>PUP.SweetIM [HKLM\Software\Classes\MgMediaPlayer.GifAnimator] =>PUP.SweetIM [HKLM\Software\Classes\MgMediaPlayer.GifAnimator.1] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420] =>PUP.SweetIM [HKLM\Software\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}] =>Toolbar.DeltaSearch [HKLM\Software\Wow6432Node\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}] =>Toolbar.DeltaSearch [HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\desksvc] =>Hijacker.22find [HKLM\Software\Wow6432Node\qvo6Software] =>Hijacker.Qvo6 [HKLM\Software\Wow6432Node\eSafeSecControl] =>PUP.eSafeSecurity [HKCU\Software\AppDataLow\Software\Crossrider] =>PUP.CrossRider [HKLM\Software\Wow6432Node\Microsoft\Tracing\ConduitInstaller_RASAPI32] =>Toolbar.Conduit [HKLM\Software\Wow6432Node\Microsoft\Tracing\ConduitInstaller_RASMANCS] =>Toolbar.Conduit [HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\eSafeSvc] =>PUP.eSafeSecurity [HKLM\Software\Wow6432Node\portaldositesSoftware] =>Hijacker.PortaldoSites [HKLM\Software\Wow6432Node\delta-homesSoftware] =>Toolbar.DeltaSearch [HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc] =>PUP.eSafeSecurity [HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}] =>PUP.OptimizerPro [HKLM\Software\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}] =>PUP.OptimizerPro [HKLM\Software\Wow6432Node\Microsoft\Tracing\askpartnercobrandingtool_rasapi32] =>Toolbar.Ask [HKLM\Software\Wow6432Node\Microsoft\Tracing\askpartnercobrandingtool_rasmancs] =>Toolbar.Ask [HKLM\Software\Classes\SWEETIE.IEToolbar] =>PUP.SweetIM [HKLM\Software\Classes\SWEETIE.IEToolbar.1] =>PUP.SweetIM [HKLM\Software\Classes\SweetIM_URLSearchHook.ToolbarURLSearchHook] =>PUP.SweetIM [HKLM\Software\Classes\SweetIM_URLSearchHook.ToolbarURLSearchHook.1] =>PUP.SweetIM [HKLM\Software\Classes\Toolbar3.SWEETIE] =>PUP.SweetIM [HKLM\Software\Classes\Toolbar3.SWEETIE.1] =>PUP.SweetIM [HKLM\Software\Wow6432Node\Classes\SWEETIE.IEToolbar] =>PUP.SweetIM [HKLM\Software\Wow6432Node\Classes\SWEETIE.IEToolbar.1] =>PUP.SweetIM [HKLM\Software\Wow6432Node\Classes\SweetIM_URLSearchHook.ToolbarURLSearchHook] =>PUP.SweetIM [HKLM\Software\Wow6432Node\Classes\SweetIM_URLSearchHook.ToolbarURLSearchHook.1] =>PUP.SweetIM [HKLM\Software\Wow6432Node\Classes\Toolbar3.SWEETIE] =>PUP.SweetIM [HKLM\Software\Wow6432Node\Classes\Toolbar3.SWEETIE.1] =>PUP.SweetIM [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110111271167}] =>PUP.CrossRider [HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110111271167}] =>PUP.CrossRider [HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110111271167}] =>PUP.CrossRider [HKLM\Software\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}] =>PUP.SweetIM^ [HKLM\Software\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}] =>PUP.SweetIM^ [HKLM\Software\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}] =>PUP.SweetIM^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636] =>PUP.SweetIM^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094] =>PUP.SweetIM^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\12BF94BD06C95F343A77631402B9556A] =>PUP.SweetIM^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2124D8A8CF720FD44866190AF560228E] =>PUP.SweetIM^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\27A325ACED8CA4743A30127638591ADB] =>PUP.SweetIM^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536] =>PUP.SweetIM^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\350D17402BD84234EAF7D32F08172D7C] =>PUP.SweetIM^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3EE8C5F419057E1478A654868CEE60B5] =>PUP.SweetIM^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4735D908D66E1BA46B6C2D7185A12B2B] =>PUP.SweetIM^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4] =>PUP.SweetIM^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\76D8378E2DDAED3428720A631F6E3BF0] =>PUP.SweetIM^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2] =>PUP.SweetIM^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C] =>PUP.SweetIM^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A001B259DB7D694E818BE29B973992C] =>PUP.SweetIM^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789] =>PUP.SweetIM^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BAE2EC163C6A68A48921573E0E7E199D] =>PUP.SweetIM^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399] =>PUP.SweetIM^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C06C6662FA5B04646829E4A460857770] =>PUP.SweetIM^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156] =>PUP.SweetIM^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CEEB3E14ABE8270419B0FD762E18F7C6] =>PUP.SweetIM^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1B5E9A3BDB51349BF96E842C062D98] =>PUP.SweetIM^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FECBC2BC14DA6CD459BD59A041709836] =>PUP.SweetIM^ [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:SweetIM =>PUP.SweetIM^ [HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar]:{D4027C7F-154A-4066-A1AD-4243D8127440} =>Toolbar.Avira C:\Program Files (x86)\DealPly =>PUP.DealPly^ C:\Program Files (x86)\Desk 365 =>Hijacker.22Find^ C:\Program Files (x86)\Duuqu =>PUP.Duuqu^ C:\Program Files (x86)\Iminent =>Adware.IMBooster^ C:\Program Files (x86)\MediaWatchV1 =>PUP.MediaWatch^ C:\Program Files (x86)\SweetIM =>PUP.SweetIM^ C:\Program Files (x86)\ViewPassword-soft =>PUP.ViewPassword^ C:\Program Files (x86)\Common Files\337 =>Hijacker.22Find^ C:\ProgramData\Babylon =>PUP.Babylon^ C:\ProgramData\eSafe =>PUP.eSafeSecurity^ C:\ProgramData\SweetIM =>PUP.SweetIM^ C:\Users\marj\AppData\Roaming\Babylon =>PUP.Babylon^ C:\Users\marj\AppData\Roaming\DealPly =>PUP.DealPly^ C:\Users\marj\AppData\Roaming\Desk 365 =>Hijacker.22Find^ C:\Users\marj\AppData\Roaming\Iminent =>Adware.IMBooster^ C:\Users\marj\AppData\Roaming\OpenCandy =>Adware.OpenCandy^ C:\Users\marj\AppData\Local\Duuqu =>PUP.Duuqu^ C:\Users\marj\AppData\Local\Genesis =>PUP.Genesis^ C:\Users\marj\AppData\Local\SwvUpdater =>PUP.Software.Updater^ C:\Users\marj\AppData\Local\Tiger Savings =>PUP.SpecialSavings^ C:\Users\marj\AppData\Local\Wajam =>PUP.Wajam^ C:\Users\marj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly =>PUP.DealPly^ C:\Program Files (x86)\Ask.com =>Toolbar.AskBar C:\Program Files (x86)\FrameFox =>Toolbar.DeltaSearch C:\Users\marj\AppData\Roaming\eIntaller =>PUP.eSafeSecurity C:\Users\marj\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok =>Adware.PriceGong C:\Users\marj\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp =>Toolbar.Wajam C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe =>PUP.SweetIM^ C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe =>PUP.SweetIM^ C:\Program Files (x86)\FrameFox\Extensions\InternetExplorer\framefox.exe =>PUP.Duuqu^ C:\Users\marj\AppData\Roaming\DealPly\UPDATE~1\UPDATE~1.exe =>PUP.DealPly^ C:\Program Files (x86)\DealPly\DealPlyUpdate.exe =>PUP.DealPly^ C:\Program Files (x86)\Ask.com\UpdateTask.exe =>Toolbar.Ask^ C:\Windows\Tasks\AmiUpdXp.job =>PUP.Software.Updater^ C:\Windows\Tasks\DuuquUpdateTaskMachineCore.job =>PUP.Duuqu^ C:\Windows\Tasks\DuuquUpdateTaskMachineUA.job =>PUP.Duuqu^ C:\Windows\Tasks\ViewPassword Update.job =>PUP.ViewPassword^ C:\Windows\Tasks\ViewPassword_wd.job =>PUP.ViewPassword^ [HKCU\Software\DataMngr_Toolbar] =>PUP.Datamngr^ [HKCU\Software\Duuqu] =>PUP.Duuqu^ [HKCU\Software\Genesis] =>PUP.Genesis^ [HKLM\Software\Wow6432Node\Babylon] =>PUP.Babylon^ [HKLM\Software\Wow6432Node\Duuqu] =>PUP.Duuqu^ [HKLM\Software\Wow6432Node\deskSvc] =>Hijacker.22Find^ [HKCU\Software\5c55da8cbc3ab845\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1125.80]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Eazel^ [HKCU\Software\5c55da8cbc3ab845] =>PUP.Babylon^^ C:\Windows\Installer\483cf.msi =>PUP.SweetIM^ C:\Windows\Installer\48434.msi =>PUP.SweetIM^ C:\Windows\Installer\48449.msi =>PUP.SweetIM^ C:\Windows\Installer\4844f.msi =>PUP.SweetIM^ C:\Windows\Installer\ba72cbc.msi =>PUP.Duuqu^ C:\Windows\Installer\ba72cc2.msi =>PUP.FrameFox^ C:\Users\marj\AppData\Local\Temp\uninst1.exe =>PUP.Babylon C:\Users\marj\AppData\Local\Temp\LollipopInstaller_amonetize_14633.exe =>Adware.Lollipop C:\Users\marj\AppData\Local\Temp\GoogleToolbarInstaller1.log =>PUP.Babylon C:\Users\marj\AppData\Local\Temp\GoogleToolbarInstaller2.log =>PUP.Babylon ~ Additionnel Scan: 311360 Items scanned in 01mn 32s ---\\ Récapitulatif des détections trouvées sur votre station http://nicolascoolman.byethost7.com/pup-sweetim =>PUP.SweetIM http://nicolascoolman.byethost7.com/pup-duuqu =>PUP.Duuqu http://nicolascoolman.webs.com/apps/blog/show/26631242-hijacker-qvo6 =>Hijacker.Qvo6 http://nicolascoolman.byethost7.com/hijacker-proxy =>Hijacker.Proxy http://nicolascoolman.byethost7.com/pup-dealply =>PUP.DealPly http://nicolascoolman.byethost7.com/toolbar-ask =>Toolbar.Ask http://nicolascoolman.byethost7.com/adware-installbrain =>Adware.InstallBrain http://nicolascoolman.byethost7.com/hijacker-22find =>Hijacker.22Find http://nicolascoolman.webs.com/apps/blog/show/32713686-pup-software-updater =>PUP.Software.Updater http://nicolascoolman.webs.com/apps/blog/show/35740148-pup-viewpassword =>PUP.ViewPassword http://nicolascoolman.byethost7.com/hijacker-eazel =>Hijacker.Eazel http://nicolascoolman.byethost7.com/pup-babylon =>PUP.Babylon http://nicolascoolman.byethost7.com/pup-datamngr =>PUP.Datamngr http://nicolascoolman.byethost7.com/adware-imbooster =>Adware.IMBooster http://nicolascoolman.byethost7.com/adware-incredibar =>Adware.IncrediBar http://nicolascoolman.byethost7.com/pup-esafesecurity =>PUP.eSafeSecurity http://nicolascoolman.byethost7.com/adware-opencandy =>Adware.OpenCandy http://nicolascoolman.webs.com/apps/blog/show/26686441-pup-specialsavings =>PUP.SpecialSavings http://nicolascoolman.byethost7.com/pup-wajam =>PUP.Wajam http://nicolascoolman.byethost7.com/toolbar-deltasearch =>Toolbar.DeltaSearch http://nicolascoolman.webs.com/apps/blog/show/32789922-pup-framefox =>PUP.FrameFox http://nicolascoolman.byethost7.com/pup-bubbledock =>PUP.BubbleDock http://nicolascoolman.webs.com/apps/blog/show/32755958-adware-bloson =>Adware.Bloson http://nicolascoolman.webs.com/apps/blog/show/28051375-hijacker-portaldosites =>Hijacker.PortaldoSites http://nicolascoolman.byethost7.com/toolbar-conduit =>Toolbar.Conduit http://nicolascoolman.byethost7.com/pup-rewardsarcade =>PUP.RewardsArcade http://nicolascoolman.byethost7.com/pup-v9software =>PUP.V9Software http://nicolascoolman.byethost7.com/adware-pricegong =>Adware.PriceGong http://nicolascoolman.byethost7.com/adware-mywebsearch =>Adware.MyWebSearch http://nicolascoolman.byethost7.com/adware-bandoo =>Adware.Bandoo http://nicolascoolman.byethost7.com/pup-funmoods =>PUP.Funmoods http://nicolascoolman.byethost7.com/pup-tarma =>PUP.Tarma http://nicolascoolman.byethost7.com/pup-crossrider =>PUP.CrossRider http://nicolascoolman.byethost7.com/pup-optimizerpro =>PUP.OptimizerPro http://nicolascoolman.byethost7.com/adware-lollipop =>Adware.Lollipop ~ MSI: 35 link(s) detected in 00mn 00s ~ 846 Legitimates filtered by white list End of the scan (1031 lines in 04mn 05s)(0)