[Résolu] Toshiba Sattellite devenu brusquement très lent

[tanaud]

Bonjour,

 

depuis quelques jours mon ordinateur toshiba satellite winbdows seven acheté en sept 2012 est très trés lent pour tout, pages internet, ouverture du moindre progamme.

il fait de temps en temps aussi de drôles de trucs.

Je pense qu'il faut que je télécharge zpdiag sur votre site et que je poste un rapport et que je pourrais ainsi avoir votre aide pour savoir si cela vient d'une infetion?

merci de m'indiquer la marche à suivre

 

cordialement

tanaud

 

en fait j'ai téléchargé zhpdiag et je vous adresse le lien vers mon rapport si vous pouvez m'indiquer si c'est infecté.

Je rame pour tout.

Merci pour votre aide

 

pjjoint.malekal.com - Submit a file

[bernard53]

Bonjour

He bien il y a du monde donc ceci.

 

* Copie le tout le texte présent dans l'encadré ci-dessous (tu le sélectionnes avec ta souris / Clique droit dessus et choisis "copier" ou fait Ctrl+C)

[MD5.2A6C01BAC0F8AA9143D61AE1E28E263A] - (.Yontoo LLC - Yontoo Desktop.) -- C:\Users\aromes\AppData\Roaming\Yontoo\YontooDesktop.exe [42784] [PID.2292] =>

[MD5.A74AC411798DA32CFC655A9A9F2EB74A] - (...) -- C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe [2569168] [PID.1928] => Infection PUP (Hijacker.Eazel)*

[MD5.11DFC7FF30B9B44F1477989C8FFF478F] - (.SweetIM Technologies Ltd. - SweetIM Instant Messenger Enhancer.) -- C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe [115032] [PID.3040] => Infection PUP (PUP.SweetIM)*

[MD5.84A878D2D4A84CC73D53733F80FB57CE] - (.SweetIM Technologies Ltd. - Update Manager for SweetPacks.) -- C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe [231768] [PID.2268] =>

[MD5.2E61503CBFEC0D6C81DFAF1337930D22] - (...) -- C:\Program Files\Web Assistant\ExtensionUpdaterService.exe [188760] [PID.3232] => Infection PUP (Adware.IncrediBar)*

M3 - MFPP: Plugins - [aromes] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\babylon.xml => Infection BT (Toolbar.Babylon)

R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Funmoods Search => Infection PUP (PUP.Funmoods)*

R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = Funmoods Search => Infection PUP (PUP.Funmoods)*

O2 - BHO: Babylon toolbar helper [64Bits] - {2EECD738-5844-4a99-B4B6-146BF802613B} . (...) -- C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.6.9.12\bh\BabylonToolbar.dll (.not file.) => Infection BT (Toolbar.Babylon)

O2 - BHO: Web Assistant Helper [64Bits] - {336D0C35-8A85-403a-B9D2-65C292C39087} . (...) -- C:\Program Files\Web Assistant\Extension32.dll => Infection PUP (Adware.IncrediBar)*

O2 - BHO: Funmoods Helper Object [64Bits] - {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} . (.Funmoods BHO - Pas de description.) -- C:\Program Files (x86)\Funmoods\1.5.23.22\bh\escort.dll => Infection PUP (PUP.Funmoods)*

O2 - BHO: GamesBarBHO Class [64Bits] - {CB0D163C-E9F4-4236-9496-0597E24B23A5} . (.Oberon Media Ltd. - GamesBar.) -- C:\Program Files (x86)\GamesBar\oberontb.dll => Infection BT (Adware.GamesBar)

O2 - BHO: SWEETIE [64Bits] - {EEE6C35C-6118-11DC-9C72-001320C79847} . (.SweetIM Technologies Ltd. - SweetPacks Toolbar module for Internet Expl.) -- C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll => Infection PUP (PUP.SweetIM)*

O2 - BHO: Yontoo Layers [64Bits] - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} . (.Yontoo LLC - Yontoo Runtime.) -- C:\Program Files (x86)\Yontoo\YontooIEClient.dll => Infection PUP (Adware.Yontoo)*

O4 - HKCU\..\Run: [Yontoo Desktop] . (.Yontoo LLC - Yontoo Desktop.) -- C:\Users\aromes\AppData\Roaming\Yontoo\YontooDesktop.exe => Infection PUP (Adware.Yontoo)*

O4 - HKLM\..\Wow6432Node\Run: [sweetIM] . (.SweetIM Technologies Ltd. - SweetIM Instant Messenger Enhancer.) -- C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe => Infection PUP (PUP.SweetIM)*

O4 - HKLM\..\Wow6432Node\Run: [sweetpacks Communicator] . (.SweetIM Technologies Ltd. - Update Manager for SweetPacks.) -- C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe => Infection PUP (PUP.SweetIM)*

O4 - HKUS\S-1-5-21-1908728232-2089281993-3517589363-1000\..\Run: [Yontoo Desktop] . (.Yontoo LLC - Yontoo Desktop.) -- C:\Users\aromes\AppData\Roaming\Yontoo\YontooDesktop.exe => Infection PUP (Adware.Yontoo)*

O4 - Global Startup: C:\Users\aromes\Desktop\Search the Web.url . (...) -- C:\Users\aromes\Desktop\Search the Web.url => Infection PUP (Adware.IMBooster)*

O23 - Service: BrowserProtect (BrowserProtect) . (...) - C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe => Infection PUP (Hijacker.Eazel)*

O23 - Service: (IBUpdaterService) . (...) - C:\Windows\System32\dmwu.exe => Infection PUP (Adware.InstallBrain)*

O23 - Service: Web Assistant (Web Assistant) . (...) - C:\Program Files\Web Assistant\ExtensionUpdaterService.exe => Infection PUP (Adware.IncrediBar)*

[MD5.90FB85DF126AC74CF57AD9C528C08B49] [APT] [DealPly] (...) -- C:\Users\aromes\AppData\Roaming\DealPly\UPDATE~1\UPDATE~1.exe [91024] => Infection PUP (PUP.DealPly)*

[MD5.F8981A707176C89162202985F45A5947] [APT] [Funmoods] (...) -- C:\Users\aromes\AppData\Roaming\Funmoods\UPDATE~1\UPDATE~1.exe [99704] => Infection PUP (PUP.Funmoods)*

O42 - Logiciel: BrowserProtect - (...) [HKLM][64Bits] -- {15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693} => Infection PUP (Hijacker.Eazel)*

O42 - Logiciel: Funmoods Web Search - (...) [HKLM][64Bits] -- funmoods => Infection PUP (PUP.Funmoods)*

O42 - Logiciel: IB Updater Service - (...) [HKLM][64Bits] -- WNLT => Infection PUP (Adware.InstallBrain)*

O42 - Logiciel: SweetIM for Messenger 3.7 - (.SweetIM Technologies Ltd..) [HKLM][64Bits] -- {7683B745-6060-41FD-AA75-0BBB383FEAD4} => Infection PUP (PUP.SweetIM)*

O42 - Logiciel: Update Manager for SweetPacks 1.1 - (.SweetIM Technologies Ltd..) [HKLM][64Bits] -- {EA8FA6BE-29BE-4AF2-9352-841F83215EB0} => Infection PUP (PUP.SweetIM)*

O42 - Logiciel: Update_DealPly - (...) [HKCU][64Bits] -- DealPly => Infection PUP (PUP.DealPly)*

O42 - Logiciel: Web Assistant 2.0.0.572 - (.IncrediBar.) [HKLM][64Bits] -- {336D0C35-8A85-403a-B9D2-65C292C39087}_is1 => Infection PUP (Adware.IncrediBar)*

O42 - Logiciel: Yontoo 2.04.1 - (.Yontoo LLC.) [HKLM][64Bits] -- {889DF117-14D1-44EE-9F31-C5FB5D47F68B} => Infection PUP (Adware.Yontoo)*

[HKCU\Software\BabylonToolbar] => Infection BT (Toolbar.Babylon)

[HKCU\Software\BrowserMngr] => Infection BT (Toolbar.Babylon)

[HKCU\Software\DataMngr] => Infection PUP (PUP.BearShare)*

[HKCU\Software\DataMngr_Toolbar] => Infection PUP (PUP.BearShare)*

[HKCU\Software\GamesBar] => Infection BT (Adware.GamesBar)

[HKCU\Software\SweetIM] => Infection PUP (PUP.SweetIM)*

[HKCU\Software\WNLT] => Infection PUP (Adware.IncrediBar)

[HKCU\Software\iLivid] => Infection PUP (Adware.Bandoo)*

[HKCU\Software\iMesh] => Infection PUP (PUP.iMesh)*

[HKLM\Software\WNLT] => Infection PUP (Adware.IncrediBar)

[HKLM\Software\Web Assistant] => Infection PUP (Adware.IncrediBar)*

[HKLM\Software\Wow6432Node\BabylonToolbar] => Infection BT (Toolbar.Babylon)

[HKLM\Software\Wow6432Node\Babylon] => Infection BT (Toolbar.Babylon)

[HKLM\Software\Wow6432Node\BrowserMngr] => Infection BT (Toolbar.Babylon)

[HKLM\Software\Wow6432Node\DataMngr] => Infection PUP (PUP.BearShare)*

[HKLM\Software\Wow6432Node\DealPly] => Infection PUP (PUP.DealPly)*

[HKLM\Software\Wow6432Node\GamesBarSetup] => Infection BT (Adware.GamesBar)

[HKLM\Software\Wow6432Node\Iminent] => Infection PUP (Adware.IMBooster)*

[HKLM\Software\Wow6432Node\SweetIM] => Infection PUP (PUP.SweetIM)*

[HKLM\Software\Wow6432Node\Trymedia Systems] => Infection PUP (Adware.TryMedia)

[HKLM\Software\Wow6432Node\Web Assistant] => Infection PUP (Adware.IncrediBar)*

O43 - CFD: 13/01/2013 - 20:05:50 - [0,113] ----D C:\Program Files (x86)\DealPly => Infection PUP (PUP.DealPly)*

O43 - CFD: 23/09/2012 - 23:25:05 - [2,012] ----D C:\Program Files (x86)\Funmoods => Infection PUP (PUP.Funmoods)*

O43 - CFD: 02/10/2012 - 08:02:44 - [0,588] ----D C:\Program Files (x86)\GamesBar => Infection BT (Adware.GamesBar)

O43 - CFD: 22/09/2012 - 10:23:09 - [11,448] ----D C:\Program Files (x86)\SweetIM => Infection PUP (PUP.SweetIM)*

O43 - CFD: 11/03/2013 - 19:35:24 - [0,801] ----D C:\Program Files (x86)\Yontoo => Infection PUP (Adware.Yontoo)*

O43 - CFD: 22/09/2012 - 10:23:59 - [0] ----D C:\ProgramData\Babylon => Infection BT (Toolbar.Babylon)

O43 - CFD: 16/05/2013 - 17:13:45 - [8,256] ----D C:\ProgramData\BrowserProtect => Infection PUP (Hijacker.Eazel)*

O43 - CFD: 02/10/2012 - 08:02:43 - [0,002] ----D C:\ProgramData\GamesBar => Infection BT (Adware.GamesBar)

O43 - CFD: 21/09/2012 - 23:29:36 - [0,001] ----D C:\ProgramData\Partner => Infection PUP (Spyware.Partner)

O43 - CFD: 22/09/2012 - 10:23:09 - [1,114] ----D C:\ProgramData\SweetIM => Infection PUP (PUP.SweetIM)*

O43 - CFD: 25/10/2012 - 09:13:12 - [1,660] ----D C:\ProgramData\Trymedia => Infection PUP (Adware.Trymedia)

O43 - CFD: 02/11/2012 - 10:11:30 - [17,574] ----D C:\ProgramData\~Browser Manager => Infection PUP (Toolbar.Babylon)*

O43 - CFD: 11/03/2013 - 19:36:04 - [0,069] ----D C:\Users\aromes\AppData\Roaming\Babylon => Infection BT (Toolbar.Babylon)

O43 - CFD: 05/02/2013 - 23:54:09 - [0,087] ----D C:\Users\aromes\AppData\Roaming\DealPly => Infection PUP (PUP.DealPly)*

O43 - CFD: 12/02/2013 - 01:11:28 - [0,095] ----D C:\Users\aromes\AppData\Roaming\Funmoods => Infection PUP (PUP.Funmoods)*

O43 - CFD: 23/05/2013 - 22:06:30 - [0,165] ----D C:\Users\aromes\AppData\Roaming\Yontoo => Infection PUP (Adware.Yontoo)*

O43 - CFD: 27/09/2012 - 22:00:08 - [40,485] ----D C:\Users\aromes\AppData\Local\iMesh => Infection PUP (PUP.iMesh)*

O69 - SBI: SearchScopes [HKCU] {06EB98F7-426A-A124-E1BE-6B5F388CC4E1} - ({06EB98F7-426A-A124-E1BE-6B5F388CC4E1}) - Babylon Search => Infection PUP (Toolbar.Babylon)

O69 - SBI: SearchScopes [HKCU] {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} - (MyStart Search) - http://mystart.incredibar.com => Infection PUP (Spyware.VMNToolbar)*

O69 - SBI: SearchScopes [HKCU] {EEE6C360-6118-11DC-9C72-001320C79847} - (SweetIM Search) - http://search.sweetim.com => Infection PUP (PUP.SweetIM)*

[MD5.CC3CAAF342940584F2B8BD51BC7D41CD] [sPRF][27/09/2012] (.iMesh Inc. - iMesh.) -- C:\Users\aromes\AppData\Local\Temp\iMesh_setup.exe [2439376] => Infection PUP (PUP.iMesh)*

[MD5.8A4AF3B0695F29186AD02E2FD766FA3B] [sPRF][22/09/2012] (.SweetIM Technologies Ltd. - SQLite DLL.) -- C:\Users\aromes\AppData\Local\Temp\mgsqlite3.dll [393016] =>

[MD5.C64833C39286461D29BF37CB61672522] [sPRF][22/09/2012] (.SweetIM Technologies Ltd. - SweetIM Installer by SweetPacks.) -- C:\Users\aromes\AppData\Local\Temp\Shortcut_setup.exe [6796120] => Infection PUP (PUP.SweetIM)*

[MD5.7704B843006444B69486FD27D4660845] [sPRF][22/09/2012] (.SweetIM Technologies Lt - This installer.) -- C:\Users\aromes\AppData\Local\Temp\SIMEEIInstaller.exe [3380216] => Infection PUP (PUP.SweetIM)*

[MD5.8A4AF3B0695F29186AD02E2FD766FA3B] [sPRF][02/11/2012] (.SweetIM Technologies Ltd. - SQLite DLL.) -- C:\Users\aromes\AppData\Local\Temp\SQLite.dll [393016] =>

[MD5.62520FED3AC0663F82061A8FB21E1F67] [sPRF][11/03/2013] (.Web Deals Interactive LLC - Installer.) -- C:\Users\aromes\AppData\Local\Temp\toolbar5757388.exe [1384752] =>

[MD5.5AC98C84160A9400DB448D153C959BB6] [sPRF][11/03/2013] (...) -- C:\Users\aromes\AppData\Local\Temp\toolbar5757731.exe [773104] => Infection PUP (Toolbar.Babylon)

[MD5.62520FED3AC0663F82061A8FB21E1F67] [sPRF][11/03/2013] (.Web Deals Interactive LLC - Installer.) -- C:\Users\aromes\AppData\Local\Temp\toolbar6732191.exe [1384752] =>

[MD5.5AC98C84160A9400DB448D153C959BB6] [sPRF][11/03/2013] (...) -- C:\Users\aromes\AppData\Local\Temp\toolbar6732316.exe [773104] => Infection PUP (Toolbar.Babylon)

[MD5.4DA57E612033ACE195B21F97DEE211E8] [sPRF][25/02/2013] (.Babylon Ltd. - Uninstaller Application.) -- C:\Users\aromes\AppData\Local\Temp\uninst1.exe [394832] =>

[MD5.AE7E0C99C5BC7D28325C0CD7885C851F] [sPRF][24/10/2012] (.Yontoo LLC - Installer.) -- C:\Users\aromes\AppData\Local\Temp\YontooSetup-S.exe [1062504] =>

[MD5.B7947FCDDF0F7DCA29F03372E8FD607B] [sPRF][27/03/2013] (.Systweak Inc - RegClean Pro.) -- C:\Users\aromes\Desktop\rcpsetup_marim_marm.exe [4459120] => Infection Rogue (Rogue.RegistryPowerCleaner)*

O87 - FAEL: "{07ADCC1C-DF91-451D-8966-B291F1878FD2}" | In - Private - P6 - TRUE | .(.SweetIM Technologies Ltd. - Update Manager for SweetPacks.) -- C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe => Infection PUP (PUP.SweetIM)*

O87 - FAEL: "{1F236461-F9D1-41C6-95C6-3A8F4978736C}" | In - Private - P17 - TRUE | .(.SweetIM Technologies Ltd. - Update Manager for SweetPacks.) -- C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe => Infection PUP (PUP.SweetIM)*

O87 - FAEL: "{4B754D1C-B1C8-4F41-B344-D5A32FDCB293}" |In - Domain - P6 - TRUE | .(...) -- C:\Program Files (x86)\iMesh Applications\iMesh\iMesh.exe (.not file.) => Infection PUP (PUP.iMesh)*

O87 - FAEL: "{ACA3B69F-F138-45D6-8D8E-F8AEEB7C1C2D}" |In - Domain - P17 - TRUE | .(...) -- C:\Program Files (x86)\iMesh Applications\iMesh\iMesh.exe (.not file.) => Infection PUP (PUP.iMesh)*

O87 - FAEL: "{D66FEF3C-8CDA-479C-A8B4-1084ABDA6A15}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\iMesh Applications\iMesh\iMesh.exe (.not file.) => Infection PUP (PUP.iMesh)*

O87 - FAEL: "{44B3CB16-F799-439B-ADBC-1561F3201E25}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\iMesh Applications\iMesh\iMesh.exe (.not file.) => Infection PUP (PUP.iMesh)*

[HKLM\Software\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}] => Infection PUP (Adware.Funmoods)

[HKLM\Software\Wow6432Node\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}] => Infection PUP (Adware.Funmoods)

[HKLM\Software\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}] => Infection BT (Adware.IMBooster)

[HKLM\Software\Wow6432Node\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}] => Infection BT (Adware.IMBooster)

[HKLM\Software\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}] => Infection BT (Adware.IMBooster)

[HKLM\Software\Wow6432Node\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}] => Infection BT (Adware.IMBooster)

[HKLM\Software\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}] => Infection BT (Adware.IMBooster)

[HKLM\Software\Wow6432Node\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}] => Infection BT (Adware.IMBooster)

[HKLM\Software\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}] => Infection BT (Adware.IMBooster)

[HKLM\Software\Wow6432Node\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}] => Infection BT (Adware.IMBooster)

[HKLM\Software\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}] => Infection PUP (PUP.Funmoods)

[HKLM\Software\Wow6432Node\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}] => Infection PUP (PUP.Funmoods)

[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}] => Infection BT (PUP.ClaroSearch)

[HKLM\Software\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Wow6432Node\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}] => Infection BT (Adware.Yontoo)

[HKLM\Software\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}] => Infection BT (Adware.Yontoo)

[HKLM\Software\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Wow6432Node\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Wow6432Node\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\extensions\{1a93c934-025b-4c3a-b38e-9654a7003239}] => Infection BT (Adware.Zango)

[HKLM\Software\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}] => Infection BT (Adware.Yontoo)

[HKLM\Software\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}] => Infection BT (Adware.Yontoo)

[HKLM\Software\Classes\TypeLib\{1D085C0A-E4F4-4F66-BDBF-4BE51015BFC3}] => Infection PUP (PUP.Funmoods)

[HKLM\Software\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Wow6432Node\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Wow6432Node\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Wow6432Node\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}] => Infection PUP (PUP.RewardsArcade)

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403a-B9D2-65C292C39087}] => Infection BT (Adware.IncrediBar)

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403a-B9D2-65C292C39087}] => Infection BT (Adware.IncrediBar)

[HKLM\Software\Classes\CLSID\{336D0C35-8A85-403a-B9D2-65C292C39087}] => Infection BT (Adware.IncrediBar)

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087}] => Infection BT (Adware.IncrediBar)

[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087}] => Infection BT (Adware.IncrediBar)

[HKLM\Software\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}] => Infection BT (Toolbar.Babylon)

[HKLM\Software\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}] => Infection BT (Toolbar.Babylon)

[HKLM\Software\Wow6432Node\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}] => Infection BT (Toolbar.Babylon)

[HKLM\Software\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Wow6432Node\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}] => Infection BT (Toolbar.Babylon)

[HKLM\Software\Wow6432Node\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}] => Infection BT (Toolbar.Babylon)

[HKLM\Software\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Wow6432Node\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Wow6432Node\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Classes\TypeLib\{4d3b167e-5fd8-4276-8fd7-9df19c1e4d19}] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}] => Infection BT (Toolbar.Babylon)

[HKLM\Software\Wow6432Node\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}] => Infection BT (Toolbar.Babylon)

[HKLM\Software\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Wow6432Node\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Wow6432Node\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}] => Infection BT (Adware.Downware)

[HKLM\Software\Wow6432Node\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}] => Infection BT (Adware.Downware)

[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}] => Infection BT (Adware.SocialSkinz)

[HKLM\Software\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Wow6432Node\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}] => Infection BT (Adware.IMBooster)

[HKLM\Software\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}] => Infection BT (Toolbar.Babylon)

[HKLM\Software\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}] => Infection BT (Toolbar.Babylon)

[HKLM\Software\Wow6432Node\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}] => Infection BT (Toolbar.Babylon)

[HKLM\Software\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Wow6432Node\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Wow6432Node\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}] => Infection PUP (PUP.RewardsArcade)

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}] => Infection PUP (PUP.Funmoods)

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}] => Infection PUP (PUP.Funmoods)

[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}] => Infection PUP (PUP.Funmoods)

[HKLM\Software\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Wow6432Node\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}] => Infection BT (Toolbar.Babylon)

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4}] => Infection BT (Spyware.BHO)

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4}] => Infection BT (Spyware.BHO)

[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}] => Infection BT (Adware.Yontoo)

[HKLM\Software\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Wow6432Node\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}] => Infection BT (Toolbar.Babylon)

[HKLM\Software\Wow6432Node\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}] => Infection BT (Toolbar.Babylon)

[HKLM\Software\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Wow6432Node\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Wow6432Node\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Wow6432Node\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}] => Infection BT (Toolbar.Babylon)

[HKLM\Software\Wow6432Node\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}] => Infection BT (Toolbar.Babylon)

[HKLM\Software\Classes\AppID\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}] => Infection PUP (PUP.Funmoods)

[HKLM\Software\Classes\TypeLib\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}] => Infection PUP (PUP.Funmoods)

[HKLM\Software\Wow6432Node\Classes\AppID\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}] => Infection PUP (PUP.Funmoods)

[HKLM\Software\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Wow6432Node\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Wow6432Node\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}] => Infection BT (Toolbar.Babylon)

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}] => Infection PUP (PUP.Funmoods)

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}] => Infection PUP (PUP.Funmoods)

[HKLM\Software\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Wow6432Node\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Wow6432Node\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Classes\TypeLib\{ad76633e-e50d-4844-9e7f-4dfbc7c18467}] => Infection PUP (Adware.GamesBar)

[HKLM\Software\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Wow6432Node\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Wow6432Node\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}] => Infection BT (Toolbar.Babylon)

[HKLM\Software\Wow6432Node\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}] => Infection BT (Toolbar.Babylon)

[HKLM\Software\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}] => Infection BT (Toolbar.Babylon)

[HKLM\Software\Wow6432Node\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}] => Infection BT (Toolbar.Babylon)

[HKLM\Software\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}] => Infection BT (Toolbar.Babylon)

[HKLM\Software\Wow6432Node\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}] => Infection BT (Toolbar.Babylon)

[HKLM\Software\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}] => Infection BT (Toolbar.Babylon)

[HKLM\Software\Wow6432Node\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}] => Infection BT (Toolbar.Babylon)

[HKLM\Software\Classes\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB}] => Infection BT (Toolbar.Babylon)

[HKLM\Software\Wow6432Node\Classes\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB}] => Infection BT (Toolbar.Babylon)

[HKLM\Software\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Wow6432Node\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}] => Infection BT (Toolbar.Babylon)

[HKLM\Software\Wow6432Node\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}] => Infection BT (Toolbar.Babylon)

[HKLM\Software\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}] => Infection BT (Toolbar.Babylon)

[HKLM\Software\Wow6432Node\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}] => Infection BT (Toolbar.Babylon)

[HKLM\Software\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Wow6432Node\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}] => Infection BT (Adware.Yontoo)

[HKLM\Software\Wow6432Node\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}] => Infection BT (Adware.Yontoo)

[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}] => Infection PUP (Spyware.VMNToolbar)

[HKLM\Software\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Wow6432Node\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Wow6432Node\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Wow6432Node\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Wow6432Node\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}] => Infection BT (Adware.Yontoo)

[HKLM\Software\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Wow6432Node\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Wow6432Node\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Wow6432Node\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}] => Infection PUP (PUP.RewardsArcade)

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}] => Infection BT (Adware.Yontoo)

[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}] => Infection BT (Adware.Yontoo)

[HKLM\Software\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}] => Infection BT (Toolbar.Babylon)

[HKLM\Software\Wow6432Node\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}] => Infection BT (Toolbar.Babylon)

[HKLM\Software\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Wow6432Node\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}] => Infection BT (Toolbar.Babylon)

[HKLM\Software\Wow6432Node\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}] => Infection BT (Toolbar.Babylon)

[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48d2-9061-8BBD4899EB08}] => Infection BT (Adware.IMBooster)

[HKLM\Software\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}] => Infection BT (Toolbar.Babylon)

[HKLM\Software\Wow6432Node\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}] => Infection BT (Toolbar.Babylon)

[HKLM\Software\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Wow6432Node\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Wow6432Node\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Wow6432Node\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Wow6432Node\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Wow6432Node\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}] => Infection BT (Toolbar.Babylon)

[HKLM\Software\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}] => Infection PUP (PUP.RewardsArcade)

[HKLM\Software\Wow6432Node\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}] => Infection PUP (PUP.RewardsArcade)

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}] => Infection BT (Adware.Yontoo)

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}] => Infection BT (Adware.Yontoo)

[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}] => Infection BT (Adware.Yontoo)

[HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\sweetim.exe] => Infection PUP (PUP.SweetIM)*

[HKLM\Software\Classes\b] => Infection BT (Toolbar.Babylon)

[HKLM\Software\Classes\Babylon.dskBnd] => Infection BT (Toolbar.Babylon)

[HKLM\Software\Classes\Babylon.dskBnd.1] => Infection BT (Toolbar.Babylon)

[HKLM\Software\Classes\bbylnApp.appCore] => Infection BT (Toolbar.Babylon)

[HKLM\Software\Classes\bbylnApp.appCore.1] => Infection BT (Toolbar.Babylon)

[HKLM\Software\Classes\esrv.BabylonESrvc] => Infection BT (Toolbar.Babylon)

[HKLM\Software\Classes\esrv.BabylonESrvc.1] => Infection BT (Toolbar.Babylon)

[HKLM\Software\Classes\esrv.funmoodsESrvc] => Infection PUP (PUP.Funmoods)*

[HKLM\Software\Classes\esrv.funmoodsESrvc.1] => Infection PUP (PUP.Funmoods)*

[HKLM\Software\Classes\f] => Infection PUP (PUP.Funmoods)

[HKLM\Software\Classes\funmoods.dskBnd] => Infection PUP (PUP.Funmoods)*

[HKLM\Software\Classes\funmoods.dskBnd.1] => Infection PUP (PUP.Funmoods)*

[HKLM\Software\Classes\oberontb.band] => Infection BT (Adware.GamesBar)

[HKLM\Software\Classes\oberontb.band.1] => Infection BT (Adware.GamesBar)

[HKLM\Software\Classes\oberontb.GamesBarBHO] => Infection BT (Adware.GamesBar)

[HKLM\Software\Classes\oberontb.GamesBarBHO.1] => Infection BT (Adware.GamesBar)

[HKLM\Software\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh] => Infection PUP (PUP.Funmoods)

[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh] => Infection PUP (PUP.Funmoods)

[HKLM\Software\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj] => Infection PUP (Adware.SearchYa)

[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj] => Infection PUP (Adware.SearchYa)

[HKLM\Software\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd] => Infection BT (Adware.Incredibar)

[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd] => Infection BT (Adware.Incredibar)

[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje] => Infection PUP (PUP.DealPly)

[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj] => Infection PUP (PUP.SweetIM)

[HKLM\SYSTEM\CurrentControlSet\Services\IBUpdaterService] => Infection PUP (Adware.InstallBrain)*

[HKCU\Software\BabylonToolbar] => Infection BT (Toolbar.Babylon)

[HKLM\Software\Wow6432Node\BabylonToolbar] => Infection BT (Toolbar.Babylon)

[HKCU\Software\BrowserMngr] => Infection BT (Toolbar.Babylon)

[HKLM\Software\Wow6432Node\BrowserMngr] => Infection BT (Toolbar.Babylon)

[HKCU\Software\DataMngr] => Infection PUP (PUP.BearShare)*

[HKLM\Software\Wow6432Node\DataMngr] => Infection PUP (PUP.BearShare)*

[HKCU\Software\funmoods] => Infection PUP (PUP.Funmoods)*

[HKCU\Software\gamesbar] => Infection BT (Adware.GamesBar)

[HKLM\Software\Wow6432Node\gamesbar] => Infection BT (Adware.GamesBar)

[HKLM\Software\Wow6432Node\GamesBarSetup] => Infection BT (Adware.GamesBar)

[HKCU\Software\ilivid] => Infection PUP (Adware.Bandoo)*

[HKCU\Software\iMesh] => Infection PUP (PUP.iMesh)*

[HKLM\Software\Wow6432Node\Iminent] => Infection PUP (Adware.IMBooster)*

[HKLM\Software\Classes\Installer\Features\EB6AF8AEEB922FA4392548F13812E50B] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Classes\Installer\Products\EB6AF8AEEB922FA4392548F13812E50B] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EB6AF8AEEB922FA4392548F13812E50B] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Wow6432Node\Classes\Installer\Features\EB6AF8AEEB922FA4392548F13812E50B] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Wow6432Node\Classes\Installer\Products\EB6AF8AEEB922FA4392548F13812E50B] => Infection PUP (PUP.SweetIM)

[HKCU\Software\SweetIM] => Infection PUP (PUP.SweetIM)*

[HKLM\Software\Wow6432Node\SweetIM] => Infection PUP (PUP.SweetIM)*

[HKLM\Software\Web Assistant] => Infection PUP (Adware.IncrediBar)*

[HKLM\Software\Wow6432Node\Web Assistant] => Infection PUP (Adware.IncrediBar)*

[HKCU\Software\WNLT] => Infection PUP (Adware.IncrediBar)

[HKLM\Software\WNLT] => Infection PUP (Adware.IncrediBar)

[HKCU\Software\DealPly] => Infection PUP (PUP.DealPly)*

[HKLM\Software\Wow6432Node\DealPly] => Infection PUP (PUP.DealPly)*

[HKLM\Software\Wow6432Node\Microsoft\Tracing\Iminent_RASAPI32] => Infection PUP (Adware.IMBooster)*

[HKLM\Software\Wow6432Node\Microsoft\Tracing\Iminent_RASMANCS] => Infection PUP (Adware.IMBooster)*

[HKLM\Software\Wow6432Node\Microsoft\Tracing\IncredibarToolbar_RASAPI32] => Infection PUP (Adware.IncrediBar)*

[HKLM\Software\Wow6432Node\Microsoft\Tracing\IncredibarToolbar_RASMANCS] => Infection PUP (Adware.IncrediBar)*

[HKLM\Software\Wow6432Node\Microsoft\Tracing\MyBabylontb_RASAPI32] => Infection PUP (Toolbar.babylon)

[HKLM\Software\Wow6432Node\Microsoft\Tracing\MyBabylontb_RASMANCS] => Infection PUP (Toolbar.babylon)

[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1] => Infection BT (Adware.IncrediBar)

[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}] => Infection PUP (PUP.SweetIM)

[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DealPly] => Infection PUP (PUP.DealPly)*

[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\gamesbar] => Infection BT (Adware.GamesBar)

[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP] => Infection PUP (Adware.IMBooster)*

[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WNLT] => Infection PUP (Adware.IncrediBar)

[HKLM\Software\Classes\Prod.cap] => Infection PUP (Toolbar.Babylon)

[HKLM\Software\Classes\Installer\Features\547B38670606DF14AA57B0BB83F3AE4D] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Classes\Installer\Products\547B38670606DF14AA57B0BB83F3AE4D] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\547B38670606DF14AA57B0BB83F3AE4D] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Wow6432Node\Classes\Installer\Features\547B38670606DF14AA57B0BB83F3AE4D] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Wow6432Node\Classes\Installer\Products\547B38670606DF14AA57B0BB83F3AE4D] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7683B745-6060-41FD-AA75-0BBB383FEAD4}] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Classes\Installer\Features\9EE58E3C298524145B73CBBED3CAC4D3] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Classes\Installer\Products\9EE58E3C298524145B73CBBED3CAC4D3] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9EE58E3C298524145B73CBBED3CAC4D3] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Wow6432Node\Classes\Installer\Features\9EE58E3C298524145B73CBBED3CAC4D3] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Wow6432Node\Classes\Installer\Products\9EE58E3C298524145B73CBBED3CAC4D3] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}] => Infection PUP (PUP.SweetIM)

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings] => Infection PUP (PUP.BProtector)

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403A-B9D2-65C292C39087}] => Infection BT (Adware.IncrediBar)

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403A-B9D2-65C292C39087}] => Infection BT (Adware.IncrediBar)

[HKLM\Software\Classes\CLSID\{336D0C35-8A85-403A-B9D2-65C292C39087}] => Infection BT (Adware.IncrediBar)

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403A-B9D2-65C292C39087}] => Infection BT (Adware.IncrediBar)

[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403A-B9D2-65C292C39087}] => Infection BT (Adware.IncrediBar)

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3}] => Infection PUP (PUP.Funmoods)

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3}] => Infection PUP (PUP.Funmoods)

[HKLM\Software\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}] => Infection PUP (PUP.Funmoods)

[HKLM\Software\Wow6432Node\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}] => Infection PUP (PUP.Funmoods)

[HKLM\Software\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}] => Infection PUP (PUP.Funmoods)

[HKLM\Software\Wow6432Node\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}] => Infection PUP (PUP.Funmoods)

[HKLM\Software\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}] => Infection PUP (PUP.Funmoods)

[HKLM\Software\Wow6432Node\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}] => Infection PUP (PUP.Funmoods)

[HKLM\Software\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}] => Infection PUP (PUP.Funmoods)

[HKLM\Software\Wow6432Node\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}] => Infection PUP (PUP.Funmoods)

[HKLM\Software\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}] => Infection PUP (PUP.Funmoods)

[HKLM\Software\Wow6432Node\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}] => Infection PUP (PUP.Funmoods)

[HKLM\Software\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}] => Infection PUP (PUP.Funmoods)

[HKLM\Software\Wow6432Node\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}] => Infection PUP (PUP.Funmoods)

[HKLM\Software\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}] => Infection PUP (PUP.Funmoods)

[HKLM\Software\Wow6432Node\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}] => Infection PUP (PUP.Funmoods)

[HKLM\Software\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}] => Infection PUP (PUP.Funmoods)

[HKLM\Software\Wow6432Node\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}] => Infection PUP (PUP.Funmoods)

[HKLM\Software\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}] => Infection PUP (PUP.Funmoods)

[HKLM\Software\Wow6432Node\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}] => Infection PUP (PUP.Funmoods)

[HKLM\Software\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}] => Infection PUP (PUP.Funmoods)

[HKLM\Software\Wow6432Node\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}] => Infection PUP (PUP.Funmoods)

[HKLM\Software\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}] => Infection PUP (PUP.Funmoods)

[HKLM\Software\Wow6432Node\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}] => Infection PUP (PUP.Funmoods)

[HKLM\Software\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}] => Infection PUP (PUP.Funmoods)

[HKLM\Software\Wow6432Node\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}] => Infection PUP (PUP.Funmoods)

[HKLM\Software\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}] => Infection PUP (PUP.Funmoods)

[HKLM\Software\Wow6432Node\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}] => Infection PUP (PUP.Funmoods)

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8724E58E6C7D00C48A0D4F3345EB2C26] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB676B0E1B9EFA049B9F7DDDA9645734] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B31BBB0B825EDEF45AB0FE7099C68C81] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B471D8D7319336B4CA89374ED0D7B806] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC30043663AA2CA4DA1DAA9CA5FDCC75] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FDC83385E6C239F4C876A77A37DF581D] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Classes\MediaPlayer.GraphicsUtils] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Classes\MediaPlayer.GraphicsUtils.1] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Classes\MgMediaPlayer.GifAnimator] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Classes\MgMediaPlayer.GifAnimator.1] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420] => Infection PUP (PUP.SweetIM)

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}] => Infection BT (Spyware.BHO)

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}] => Infection BT (Spyware.BHO)

[HKLM\SYSTEM\CurrentControlSet\Services\Yontoo Desktop Updater] => Infection PUP (Adware.Yontoo)*

[HKLM\Software\Classes\funmoods.funmoodsHlpr] => Infection PUP (PUP.Funmoods)*

[HKLM\Software\Classes\funmoods.funmoodsHlpr.1] => Infection PUP (PUP.Funmoods)*

[HKLM\Software\Classes\funmoodsApp.appCore] => Infection PUP (PUP.Funmoods)*

[HKLM\Software\Classes\funmoodsApp.appCore.1] => Infection PUP (PUP.Funmoods)*

[HKLM\Software\Classes\SWEETIE.IEToolbar] => Infection PUP (PUP.SweetIM)*

[HKLM\Software\Classes\SWEETIE.IEToolbar.1] => Infection PUP (PUP.SweetIM)*

[HKLM\Software\Classes\SweetIM_URLSearchHook.ToolbarURLSearchHook] => Infection PUP (PUP.SweetIM)*

[HKLM\Software\Classes\SweetIM_URLSearchHook.ToolbarURLSearchHook.1] => Infection PUP (PUP.SweetIM)*

[HKLM\Software\Classes\YontooIEClient.Api] => Infection PUP (Adware.Yontoo)*

[HKLM\Software\Classes\YontooIEClient.Api.1] => Infection PUP (Adware.Yontoo)*

[HKLM\Software\Classes\YontooIEClient.Layers] => Infection PUP (Adware.Yontoo)*

[HKLM\Software\Classes\YontooIEClient.Layers.1] => Infection PUP (Adware.Yontoo)*

[HKLM\Software\Classes\AppID\YontooIEClient.DLL] => Infection PUP (Adware.Yontoo)*

[HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe] => Infection PUP (PUP.SweetIM)*

[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Funmoods] => Infection PUP (PUP.Funmoods)*

[HKLM\Software\Wow6432Node\Classes\esrv.funmoodsESrvc] => Infection PUP (PUP.Funmoods)*

[HKLM\Software\Wow6432Node\Classes\esrv.funmoodsESrvc.1] => Infection PUP (PUP.Funmoods)*

[HKLM\Software\Wow6432Node\Classes\funmoods.dskBnd] => Infection PUP (PUP.Funmoods)*

[HKLM\Software\Wow6432Node\Classes\funmoods.dskBnd.1] => Infection PUP (PUP.Funmoods)*

[HKLM\Software\Wow6432Node\Classes\funmoods.funmoodsHlpr] => Infection PUP (PUP.Funmoods)*

[HKLM\Software\Wow6432Node\Classes\funmoods.funmoodsHlpr.1] => Infection PUP (PUP.Funmoods)*

[HKLM\Software\Wow6432Node\Classes\funmoodsApp.appCore] => Infection PUP (PUP.Funmoods)*

[HKLM\Software\Wow6432Node\Classes\funmoodsApp.appCore.1] => Infection PUP (PUP.Funmoods)*

[HKLM\Software\Wow6432Node\Classes\SWEETIE.IEToolbar] => Infection PUP (PUP.SweetIM)*

[HKLM\Software\Wow6432Node\Classes\SWEETIE.IEToolbar.1] => Infection PUP (PUP.SweetIM)*

[HKLM\Software\Wow6432Node\Classes\SweetIM_URLSearchHook.ToolbarURLSearchHook] => Infection PUP (PUP.SweetIM)*

[HKLM\Software\Wow6432Node\Classes\SweetIM_URLSearchHook.ToolbarURLSearchHook.1] => Infection PUP (PUP.SweetIM)*

[HKLM\Software\Wow6432Node\Classes\YontooIEClient.Api] => Infection PUP (Adware.Yontoo)*

[HKLM\Software\Wow6432Node\Classes\YontooIEClient.Api.1] => Infection PUP (Adware.Yontoo)*

[HKLM\Software\Wow6432Node\Classes\YontooIEClient.Layers] => Infection PUP (Adware.Yontoo)*

[HKLM\Software\Wow6432Node\Classes\YontooIEClient.Layers.1] => Infection PUP (Adware.Yontoo)*

[HKLM\Software\Wow6432Node\Classes\AppID\YontooIEClient.DLL] => Infection PUP (Adware.Yontoo)*

[HKLM\Software\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\12BF94BD06C95F343A77631402B9556A] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2124D8A8CF720FD44866190AF560228E] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\27A325ACED8CA4743A30127638591ADB] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\350D17402BD84234EAF7D32F08172D7C] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3EE8C5F419057E1478A654868CEE60B5] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4735D908D66E1BA46B6C2D7185A12B2B] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\76D8378E2DDAED3428720A631F6E3BF0] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A001B259DB7D694E818BE29B973992C] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BAE2EC163C6A68A48921573E0E7E199D] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C06C6662FA5B04646829E4A460857770] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CEEB3E14ABE8270419B0FD762E18F7C6] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1B5E9A3BDB51349BF96E842C062D98] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FECBC2BC14DA6CD459BD59A041709836] => Infection PUP (PUP.SweetIM)

[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar]:{6f282b65-56bf-4bd1-a8b2-a4449a05863d} => Infection BT (Zango/Hotbar.Adw)

[HKCU\Software\Mozilla\Firefox\Extensions]:{0F827075-B026-42F3-885D-98981EE7B1AE} => Infection PUP (Toolbar.Babylon)

[HKCU\Software\Microsoft\Windows\CurrentVersion\Run]:Yontoo Desktop => Infection PUP (Adware.Yontoo)*

C:\Program Files (x86)\yontoo => Infection PUP (Adware.Yontoo)*

C:\Program Files (x86)\DealPly => Infection PUP (PUP.DealPly)*

C:\Program Files (x86)\Funmoods => Infection PUP (PUP.Funmoods)*

C:\Program Files (x86)\GamesBar => Infection BT (Adware.GamesBar)

C:\Program Files (x86)\SweetIM => Infection PUP (PUP.SweetIM)*

C:\ProgramData\Babylon => Infection BT (Toolbar.Babylon)

C:\ProgramData\GamesBar => Infection BT (Adware.GamesBar)

C:\ProgramData\SweetIM => Infection PUP (PUP.SweetIM)*

C:\ProgramData\Trymedia => Infection PUP (Adware.Trymedia)

C:\ProgramData\Partner => Infection PUP (Spyware.Partner)

C:\ProgramData\BrowserProtect => Infection PUP (Hijacker.Eazel)*

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DealPly => Infection PUP (PUP.DealPly)*

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GamesBar => Infection BT (Adware.GamesBar)

C:\Users\aromes\AppData\Roaming\yontoo => Infection PUP (Adware.Yontoo)*

C:\Users\aromes\AppData\Roaming\Babylon => Infection BT (Toolbar.Babylon)

C:\Users\aromes\AppData\Roaming\DealPly => Infection PUP (PUP.DealPly)*

C:\Users\aromes\AppData\Roaming\Funmoods => Infection PUP (PUP.Funmoods)*

C:\Users\aromes\AppData\Local\iMesh => Infection PUP (PUP.iMesh)*

C:\Users\aromes\AppData\LocalLow\BabylonToolbar => Infection BT (Toolbar.Babylon)

C:\Users\aromes\AppData\Local\Temp\uninst1.exe => Infection BT (Toolbar.Babylon)

C:\Users\aromes\AppData\Local\Temp\SIMEEIInstaller.exe => Infection PUP (PUP.SweetIM)

C:\Users\aromes\AppData\Local\Temp\YontooSetup-S.exe => Infection PUP (Adware.Yontoo)*

C:\Users\aromes\AppData\Local\Temp\iMesh.ico => Infection PUP (PUP.iMesh)*

C:\Users\aromes\AppData\Local\Temp\iMesh_setup.exe => Infection PUP (PUP.iMesh)*

C:\Users\aromes\AppData\Local\Temp\GoogleToolbarInstaller1.log => Infection PUP (Toolbar.Babylon)

C:\Users\aromes\AppData\Local\Temp\GoogleToolbarInstaller2.log => Infection PUP (Toolbar.Babylon)

C:\Users\aromes\AppData\Local\Temp\mgsqlite3.dll => Infection PUP (PUP.SweetIM)

C:\Users\aromes\AppData\Local\Temp\SQLite.dll => Infection PUP (PUP.SweetIM)

O90 - PUC: "9EE58E3C298524145B73CBBED3CAC4D3" . (.Internet Explorer Toolbar 4.6 by SweetPacks.) -- C:\windows\Installer\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}\ARPPRODUCTICON.exe => Infection PUP (PUP.SweetIM)*

[HKCU\Software\5c2df8de73ce514\history\{16cdff19-861d-48e3-a751-d99a27784753}]:guid="{16cdff19-861d-48e3-a751-d99a27784753}" => Infection FakeAlert (PUP.VideoPerformer)

[HKCU\Software\5c2df8de73ce514\history\{16cdff19-861d-48e3-a751-d99a27784753}]:version="" => Infection FakeAlert (PUP.VideoPerformer)

[HKCU\Software\5c2df8de73ce514\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1095.52]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" => Infection PUP (Toolbar.Babylon)

[HKCU\Software\5c2df8de73ce514\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1095.52]:version="2.6.1095.52" => Infection PUP (Toolbar.Babylon)

[HKCU\Software\5c2df8de73ce514\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1125.80]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" => Infection PUP (Toolbar.Babylon)

[HKCU\Software\5c2df8de73ce514\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1125.80]:version="2.6.1125.80" => Infection PUP (Toolbar.Babylon)

[HKCU\Software\5c2df8de73ce514\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1249.132]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" => Infection PUP (Toolbar.Babylon)

[HKCU\Software\5c2df8de73ce514\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1249.132]:version="2.6.1249.132" => Infection PUP (Toolbar.Babylon)

[HKCU\Software\5c2df8de73ce514]:GUID="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" => Infection PUP (Toolbar.Babylon)

[HKLM\Software\Wow6432Node\5c2df8de73ce514]:GUID="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" => Infection PUP (Toolbar.Babylon)

SR - | Auto 2569168 | (BrowserProtect) . (...) - C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe => Infection PUP (Hijacker.Eazel)*

SR - | Auto 1455408 | (IBUpdaterService) . (...) - C:\Windows\System32\dmwu.exe => Infection PUP (Adware.InstallBrain)*

SR - | Auto 188760 | (Web Assistant) . (...) - C:\Program Files\Web Assistant\ExtensionUpdaterService.exe => Infection PUP (Adware.IncrediBar)*

SS - | Auto 06/03/2013 23552 | (Yontoo Desktop Updater) . (.Microsoft.) - C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe => Infection PUP (Adware.Yontoo)*

G0 - GCSP: Preference [user Data\Default] Delta Search => Toolbar.DeltaSearch

[HKCU\Software\delta LTD] => Toolbar.DeltaSearch

[HKLM\Software\Tarma Installer] => Toolbar.Tarma

O43 - CFD: 11/03/2013 - 19:35:18 - [2,583] ----D C:\ProgramData\Tarma Installer => Toolbar.Tarma

O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} [DefaultScope] - (Delta Search) - Delta Search => Toolbar.DeltaSearch*

[MD5.E69425B44416761178538CCE849FAC19] [sPRF][27/12/2012] (...) -- C:\Users\aromes\AppData\Local\Temp\wajam_install.exe [417384] => Toolbar.Wajam*

[HKCU\Software\delta LTD] => Toolbar.DeltaSearch

[HKLM\Software\Classes\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}] => Toolbar.Expresso

[HKLM\Software\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}] => Toolbar.Expresso

[HKLM\Software\Wow6432Node\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}] => Toolbar.Expresso

[HKLM\Software\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}] => Toolbar.Expresso

[HKLM\Software\Wow6432Node\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}] => Toolbar.Expresso

[HKLM\Software\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}] => Toolbar.Wajam

[HKLM\Software\Wow6432Node\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}] => Toolbar.Wajam

[HKLM\Software\Classes\AppID\Extension.DLL] => Toolbar.Expresso

[HKLM\Software\Classes\Extension.ExtensionHelperObject] => Toolbar.Expresso

[HKLM\Software\Classes\Extension.ExtensionHelperObject.1] => Toolbar.Expresso

[HKLM\Software\Classes\sim-packages] => Toolbar.Agent

[HKLM\Software\Tarma Installer] => Toolbar.Tarma

[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}] => Toolbar.Bing

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}] => Toolbar.DeltaSearch

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}] => Toolbar.DeltaSearch

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] => Toolbar.Agent

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] => Toolbar.Agent

[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}] => Toolbar.Bing

[HKLM\Software\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}] => Toolbar.DeltaSearch

[HKLM\Software\Wow6432Node\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}] => Toolbar.DeltaSearch

[HKLM\Software\Classes\Toolbar3.SWEETIE] => Toolbar.Agent*

[HKLM\Software\Classes\Toolbar3.SWEETIE.1] => Toolbar.Agent*

[HKLM\Software\Classes\Toolband.EB_ExplorerBar] => Toolbar.Agent*

[HKLM\Software\Classes\Toolband.EB_ExplorerBar.1] => Toolbar.Agent*

[HKLM\Software\Classes\Toolband.FH_HookEventSink] => Toolbar.Agent*

[HKLM\Software\Classes\Toolband.FH_HookEventSink.1] => Toolbar.Agent*

[HKLM\Software\Classes\Toolband.IPM_PrintListItem] => Toolbar.Agent*

[HKLM\Software\Classes\Toolband.IPM_PrintListItem.1] => Toolbar.Agent*

[HKLM\Software\Classes\Toolband.PM_DialogEventsHandler] => Toolbar.Agent*

[HKLM\Software\Classes\Toolband.PM_DialogEventsHandler.1] => Toolbar.Agent*

[HKLM\Software\Classes\Toolband.PM_Launcher] => Toolbar.Agent*

[HKLM\Software\Classes\Toolband.PM_Launcher.1] => Toolbar.Agent*

[HKLM\Software\Classes\Toolband.PM_PrintManager] => Toolbar.Agent*

[HKLM\Software\Classes\Toolband.PM_PrintManager.1] => Toolbar.Agent*

[HKLM\Software\Classes\Toolband.PR_BindStatusCallback] => Toolbar.Agent*

[HKLM\Software\Classes\Toolband.PR_BindStatusCallback.1] => Toolbar.Agent*

[HKLM\Software\Classes\Toolband.PR_CancelButtonEventHandler] => Toolbar.Agent*

[HKLM\Software\Classes\Toolband.PR_CancelButtonEventHandler.1] => Toolbar.Agent*

[HKLM\Software\Classes\Toolband.PR_PrintDialogCallback] => Toolbar.Agent*

[HKLM\Software\Classes\Toolband.PR_PrintDialogCallback.1] => Toolbar.Agent*

[HKLM\Software\Classes\Toolband.TBToolband] => Toolbar.Agent*

[HKLM\Software\Classes\Toolband.TBToolband.1] => Toolbar.Agent*

[HKLM\Software\Classes\Toolband.UserOptions] => Toolbar.Agent*

[HKLM\Software\Classes\Toolband.UserOptions.1] => Toolbar.Agent*

[HKLM\Software\Wow6432Node\Classes\Toolbar3.SWEETIE] => Toolbar.Agent*

[HKLM\Software\Wow6432Node\Classes\Toolbar3.SWEETIE.1] => Toolbar.Agent*

[HKLM\Software\Wow6432Node\Classes\Toolband.EB_ExplorerBar] => Toolbar.Agent*

[HKLM\Software\Wow6432Node\Classes\Toolband.EB_ExplorerBar.1] => Toolbar.Agent*

[HKLM\Software\Wow6432Node\Classes\Toolband.FH_HookEventSink] => Toolbar.Agent*

[HKLM\Software\Wow6432Node\Classes\Toolband.FH_HookEventSink.1] => Toolbar.Agent*

[HKLM\Software\Wow6432Node\Classes\Toolband.IPM_PrintListItem] => Toolbar.Agent*

[HKLM\Software\Wow6432Node\Classes\Toolband.IPM_PrintListItem.1] => Toolbar.Agent*

[HKLM\Software\Wow6432Node\Classes\Toolband.PM_DialogEventsHandler] => Toolbar.Agent*

[HKLM\Software\Wow6432Node\Classes\Toolband.PM_DialogEventsHandler.1] => Toolbar.Agent*

[HKLM\Software\Wow6432Node\Classes\Toolband.PM_Launcher] => Toolbar.Agent*

[HKLM\Software\Wow6432Node\Classes\Toolband.PM_Launcher.1] => Toolbar.Agent*

[HKLM\Software\Wow6432Node\Classes\Toolband.PM_PrintManager] => Toolbar.Agent*

[HKLM\Software\Wow6432Node\Classes\Toolband.PM_PrintManager.1] => Toolbar.Agent*

[HKLM\Software\Wow6432Node\Classes\Toolband.PR_BindStatusCallback] => Toolbar.Agent*

[HKLM\Software\Wow6432Node\Classes\Toolband.PR_BindStatusCallback.1] => Toolbar.Agent*

[HKLM\Software\Wow6432Node\Classes\Toolband.PR_CancelButtonEventHandler] => Toolbar.Agent*

[HKLM\Software\Wow6432Node\Classes\Toolband.PR_CancelButtonEventHandler.1] => Toolbar.Agent*

[HKLM\Software\Wow6432Node\Classes\Toolband.PR_PrintDialogCallback] => Toolbar.Agent*

[HKLM\Software\Wow6432Node\Classes\Toolband.PR_PrintDialogCallback.1] => Toolbar.Agent*

[HKLM\Software\Wow6432Node\Classes\Toolband.TBToolband] => Toolbar.Agent*

[HKLM\Software\Wow6432Node\Classes\Toolband.TBToolband.1] => Toolbar.Agent*

[HKLM\Software\Wow6432Node\Classes\Toolband.UserOptions] => Toolbar.Agent*

[HKLM\Software\Wow6432Node\Classes\Toolband.UserOptions.1] => Toolbar.Agent*

C:\Users\aromes\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde => Toolbar.DeltaSearch

C:\Users\aromes\AppData\Local\Temp\wajam_install.exe => Toolbar.Wajam*

 

FirewallRaz

EmptyFlash

Emptytemp

SysRestore

 

 

Puis Lance ZHPFix depuis le raccourci du bureau.

 

-> laisse travailler l'outil et ne touche à rien ...

 

Une fois terminée, un nouveau rapport s'affiche : copie/colle le contenu de ce dernier dans ta prochaine réponse ...

 

(ce rapport est en outre sauvegardé dans ce dossier > C:\Program files\ZHPDiag\ZHPFixReport.txt)

 

Important : s'il t'est demandé de redémarrer le PC pour finir le nettoyage, fais le de suite !

 

 

Ensuite;

Télécharge AdwCleaner ( d'Xplode ) sur ton bureau.

 

Téléchargements - Outils de Xplode - AdwCleaner

 

 

 

- Lances le en mode normal , puis cliques sur [suppression]

- Lorsque le message indiquant qu'AdwCleaner a détecté une variante spécifique d'adware s'affiche , cliquez sur [OK]

 

- L'ordinateur va redémarrer tout seul. Redémarre-le en mode normal.

- AdwCleaner s'ouvrira normalement, avec comme seul choix possible [suppression]

 

- Cliquez dessus, puis patientes pendant la suppression.

- Une fois la suppression effectuée, AdwCleaner vous invitera à redémarrer l'ordinateur

 

- Au redémarrage, un rapport s'ouvrira. Postes le sur le forum.

 

Note : Le rapport est également sauvegardé sous C:\AdwCleaner[s1].txt

 

Ensuite:

Installe Malewarebytes' Antimalware,

 

Malwarebytes : Malwarebytes Anti-Malware removes malware including viruses, spyware, worms and trojans, plus it protects your computer

 

Prends bien la version FREE

*** Met-le à jour puis choisi, Exécuter un examen complet

 

*** Si une infection est trouvée, coche la case a coté et valides avec l’Onglet Supprimer la sélection

 

Poste le rapport final.

[tanaud]

Bonjour

He bien il y a du monde donc ceci.

 

* Copie le tout le texte présent dans l'encadré ci-dessous (tu le sélectionnes avec ta souris / Clique droit dessus et choisis "copier" ou fait Ctrl+C)

 

 

Puis Lance ZHPFix depuis le raccourci du bureau.

 

-> laisse travailler l'outil et ne touche à rien ...

 

Une fois terminée, un nouveau rapport s'affiche : copie/colle le contenu de ce dernier dans ta prochaine réponse ...

 

(ce rapport est en outre sauvegardé dans ce dossier > C:\Program files\ZHPDiag\ZHPFixReport.txt)

 

Important : s'il t'est demandé de redémarrer le PC pour finir le nettoyage, fais le de suite !

 

 

Ensuite;

Télécharge AdwCleaner ( d'Xplode ) sur ton bureau.

 

Téléchargements - Outils de Xplode - AdwCleaner

 

 

 

- Lances le en mode normal , puis cliques sur [suppression]

- Lorsque le message indiquant qu'AdwCleaner a détecté une variante spécifique d'adware s'affiche , cliquez sur [OK]

 

- L'ordinateur va redémarrer tout seul. Redémarre-le en mode normal.

- AdwCleaner s'ouvrira normalement, avec comme seul choix possible [suppression]

 

- Cliquez dessus, puis patientes pendant la suppression.

- Une fois la suppression effectuée, AdwCleaner vous invitera à redémarrer l'ordinateur

 

- Au redémarrage, un rapport s'ouvrira. Postes le sur le forum.

 

Note : Le rapport est également sauvegardé sous C:\AdwCleaner[s1].txt

 

Ensuite:

Installe Malewarebytes' Antimalware,

 

Malwarebytes : Malwarebytes Anti-Malware removes malware including viruses, spyware, worms and trojans, plus it protects your computer

 

Prends bien la version FREE

*** Met-le à jour puis choisi, Exécuter un examen complet

 

*** Si une infection est trouvée, coche la case a coté et valides avec l’Onglet Supprimer la sélection

 

Poste le rapport final.

 

 

 

Bonjour,

 

J'ai eu du mail mais je vous poste ci-dessous le rapport de ed-aware

 

# AdwCleaner v2.301 - Rapport créé le 25/05/2013 à 14:34:10

# Mis à jour le 16/05/2013 par Xplode

# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)

# Nom d'utilisateur : aromes - AROMES

# Mode de démarrage : Normal

# Exécuté depuis : C:\Users\aromes\Desktop\adwcleaner.exe

# Option [suppression]

 

 

***** [services] *****

 

Arrêté & Supprimé : BrowserProtect

Arrêté & Supprimé : IBUpdaterService

Arrêté & Supprimé : Web Assistant

 

***** [Fichiers / Dossiers] *****

 

Dossier Supprimé : C:\Program Files (x86)\~BabylonToolbar

Dossier Supprimé : C:\Program Files (x86)\DealPly

Dossier Supprimé : C:\Program Files (x86)\GamesBar

Dossier Supprimé : C:\Program Files (x86)\Perion

Dossier Supprimé : C:\Program Files (x86)\SweetIM

Dossier Supprimé : C:\Program Files\Web Assistant

Dossier Supprimé : C:\ProgramData\Babylon

Dossier Supprimé : C:\ProgramData\GamesBar

Dossier Supprimé : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DealPly

Dossier Supprimé : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GamesBar

Dossier Supprimé : C:\ProgramData\Partner

Dossier Supprimé : C:\ProgramData\Tarma Installer

Dossier Supprimé : C:\ProgramData\Trymedia

Dossier Supprimé : C:\Users\aromes\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh

Dossier Supprimé : C:\Users\aromes\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpglkicenollcignonpgiafdgfeehoj

Dossier Supprimé : C:\Users\aromes\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd

Dossier Supprimé : C:\Users\aromes\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde

Dossier Supprimé : C:\Users\aromes\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje

Dossier Supprimé : C:\Users\aromes\AppData\Local\PackageAware

Dossier Supprimé : C:\Users\aromes\AppData\LocalLow\BabylonToolbar

Dossier Supprimé : C:\Users\aromes\AppData\LocalLow\Delta

Dossier Supprimé : C:\Users\aromes\AppData\Roaming\Babylon

Dossier Supprimé : C:\Users\aromes\AppData\Roaming\DealPly

Dossier Supprimé : C:\Users\aromes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Video Downloader

Dossier Supprimé : C:\Users\aromes\AppData\Roaming\Mozilla\Firefox\Profiles\b7nbom0s.default\extensions\ffxtlbr@babylon.com

Dossier Supprimé : C:\Users\aromes\AppData\Roaming\Mozilla\Firefox\Profiles\b7nbom0s.default\extensions\ffxtlbr@funmoods.com

Dossier Supprimé : C:\Users\aromes\AppData\Roaming\Mozilla\Firefox\Profiles\b7nbom0s.default\extensions\ffxtlbr@incredibar.com

Dossier Supprimé : C:\Users\aromes\AppData\Roaming\Mozilla\Firefox\Profiles\b7nbom0s.default\SweetPacksToolbarData

Dossier Supprimé : C:\windows\Installer\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}

Dossier Supprimé : C:\windows\SysWOW64\WNLT

Fichier Supprimé : C:\user.js

Fichier Supprimé : C:\Users\aromes\AppData\Local\funmoods.crx

Fichier Supprimé : C:\Users\aromes\AppData\Local\funmoods-speeddial.crx

Fichier Supprimé : C:\Users\aromes\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data

Fichier Supprimé : C:\Users\aromes\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences

Fichier Supprimé : C:\Users\aromes\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bbjciahceamgodcoidkjpchnokgfpphh_0.localstorage

Fichier Supprimé : C:\Users\aromes\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cjpglkicenollcignonpgiafdgfeehoj_0.localstorage

Fichier Supprimé : C:\Users\aromes\AppData\Roaming\Mozilla\Firefox\Profiles\b7nbom0s.default\bprotector_extensions.sqlite

Fichier Supprimé : C:\Users\aromes\AppData\Roaming\Mozilla\Firefox\Profiles\b7nbom0s.default\bprotector_prefs.js

Fichier Supprimé : C:\Users\aromes\AppData\Roaming\Mozilla\Firefox\Profiles\b7nbom0s.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi

Fichier Supprimé : C:\Users\aromes\AppData\Roaming\Mozilla\Firefox\Profiles\b7nbom0s.default\searchplugins\Babylon.xml

Fichier Supprimé : C:\Users\aromes\AppData\Roaming\Mozilla\Firefox\Profiles\b7nbom0s.default\searchplugins\BabylonMngr.xml

Fichier Supprimé : C:\Users\aromes\AppData\Roaming\Mozilla\Firefox\Profiles\b7nbom0s.default\searchplugins\BrowserProtect.xml

Fichier Supprimé : C:\Users\aromes\AppData\Roaming\Mozilla\Firefox\Profiles\b7nbom0s.default\searchplugins\delta.xml

Fichier Supprimé : C:\Users\aromes\AppData\Roaming\Mozilla\Firefox\Profiles\b7nbom0s.default\searchplugins\MyStart Search.xml

Fichier Supprimé : C:\Users\aromes\AppData\Roaming\Mozilla\Firefox\Profiles\b7nbom0s.default\searchplugins\search.xml

Fichier Supprimé : C:\Users\aromes\AppData\Roaming\Mozilla\Firefox\Profiles\b7nbom0s.default\searchplugins\SweetIm.xml

Supprimé au redémarrage : C:\ProgramData\BrowserProtect

 

***** [Registre] *****

 

Clé Supprimée : HKCU\Software\DealPly

Clé Supprimée : HKCU\Software\delta LTD

Clé Supprimée : HKCU\Software\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh

Clé Supprimée : HKCU\Software\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj

Clé Supprimée : HKCU\Software\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje

Clé Supprimée : HKCU\Software\ilivid

Clé Supprimée : HKCU\Software\IM

Clé Supprimée : HKCU\Software\ImInstaller

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403A-B9D2-65C292C39087}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6F282B65-56BF-4BD1-A8B2-A4449A05863D}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403A-B9D2-65C292C39087}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6F282B65-56BF-4BD1-A8B2-A4449A05863D}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DealPly

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Funmoods

Clé Supprimée : HKCU\Software\WNLT

Clé Supprimée : HKCU\Software\5c2df8de73ce514

Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}

Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}

Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}

Clé Supprimée : HKLM\Software\Babylon

Clé Supprimée : HKLM\Software\BabylonToolbar

Clé Supprimée : HKLM\Software\BrowserMngr

Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}

Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}

Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}

Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}

Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}

Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}

Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}

Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\Extension.DLL

Clé Supprimée : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe

Clé Supprimée : HKLM\SOFTWARE\Classes\b

Clé Supprimée : HKLM\SOFTWARE\Classes\Babylon.dskBnd

Clé Supprimée : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1

Clé Supprimée : HKLM\SOFTWARE\Classes\bbylnApp.appCore

Clé Supprimée : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1

Clé Supprimée : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr

Clé Supprimée : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1

Clé Supprimée : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc

Clé Supprimée : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1

Clé Supprimée : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject

Clé Supprimée : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject.1

Clé Supprimée : HKLM\SOFTWARE\Classes\f

Clé Supprimée : HKLM\SOFTWARE\Classes\funmoods.dskBnd

Clé Supprimée : HKLM\SOFTWARE\Classes\funmoods.dskBnd.1

Clé Supprimée : HKLM\SOFTWARE\Classes\funmoods.funmoodsHlpr

Clé Supprimée : HKLM\SOFTWARE\Classes\funmoods.funmoodsHlpr.1

Clé Supprimée : HKLM\SOFTWARE\Classes\funmoodsApp.appCore

Clé Supprimée : HKLM\SOFTWARE\Classes\funmoodsApp.appCore.1

Clé Supprimée : HKLM\Software\Classes\Installer\Features\9EE58E3C298524145B73CBBED3CAC4D3

Clé Supprimée : HKLM\Software\Classes\Installer\Products\9EE58E3C298524145B73CBBED3CAC4D3

Clé Supprimée : HKLM\SOFTWARE\Classes\Prod.cap

Clé Supprimée : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar

Clé Supprimée : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1

Clé Supprimée : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook

Clé Supprimée : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1

Clé Supprimée : HKLM\SOFTWARE\Classes\toolband.eb_explorerbar

Clé Supprimée : HKLM\SOFTWARE\Classes\toolband.eb_explorerbar.1

Clé Supprimée : HKLM\SOFTWARE\Classes\toolband.fh_hookeventsink

Clé Supprimée : HKLM\SOFTWARE\Classes\toolband.fh_hookeventsink.1

Clé Supprimée : HKLM\SOFTWARE\Classes\toolband.ipm_printlistitem

Clé Supprimée : HKLM\SOFTWARE\Classes\toolband.ipm_printlistitem.1

Clé Supprimée : HKLM\SOFTWARE\Classes\toolband.pm_dialogeventshandler

Clé Supprimée : HKLM\SOFTWARE\Classes\toolband.pm_dialogeventshandler.1

Clé Supprimée : HKLM\SOFTWARE\Classes\toolband.pm_launcher

Clé Supprimée : HKLM\SOFTWARE\Classes\toolband.pm_launcher.1

Clé Supprimée : HKLM\SOFTWARE\Classes\toolband.pm_printmanager

Clé Supprimée : HKLM\SOFTWARE\Classes\toolband.pm_printmanager.1

Clé Supprimée : HKLM\SOFTWARE\Classes\toolband.pr_bindstatuscallback

Clé Supprimée : HKLM\SOFTWARE\Classes\toolband.pr_bindstatuscallback.1

Clé Supprimée : HKLM\SOFTWARE\Classes\toolband.pr_cancelbuttoneventhandler

Clé Supprimée : HKLM\SOFTWARE\Classes\toolband.pr_cancelbuttoneventhandler.1

Clé Supprimée : HKLM\SOFTWARE\Classes\toolband.pr_printdialogcallback

Clé Supprimée : HKLM\SOFTWARE\Classes\toolband.pr_printdialogcallback.1

Clé Supprimée : HKLM\SOFTWARE\Classes\toolband.tbtoolband

Clé Supprimée : HKLM\SOFTWARE\Classes\toolband.tbtoolband.1

Clé Supprimée : HKLM\SOFTWARE\Classes\toolband.useroptions

Clé Supprimée : HKLM\SOFTWARE\Classes\toolband.useroptions.1

Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar3.sweetie

Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1

Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{1D085C0A-E4F4-4F66-BDBF-4BE51015BFC3}

Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}

Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}

Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}

Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}

Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}

Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}

Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}

Clé Supprimée : HKLM\Software\Conduit

Clé Supprimée : HKLM\Software\DataMngr

Clé Supprimée : HKLM\Software\DealPly

Clé Supprimée : HKLM\Software\GamesBarSetup

Clé Supprimée : HKLM\Software\Iminent

Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{1A93C934-025B-4C3A-B38E-9654A7003239}

Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\iLivid_RASAPI32

Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\iLivid_RASMANCS

Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASAPI32

Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASMANCS

Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32

Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS

Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32

Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS

Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32

Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS

Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASAPI32

Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASMANCS

Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASAPI32

Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS

Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_RASAPI32

Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_RASMANCS

Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASAPI32

Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASMANCS

Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\5aafce0215f0b3e82ec9fe7eecc6c2b5

Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\fbb1f81051744ac8311578809b9de657

Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\fc35d4f6ebcdd7fccd1d0adbc09da1b5

Clé Supprimée : HKLM\Software\Web Assistant

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\5c2df8de73ce514

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{336D0C35-8A85-403A-B9D2-65C292C39087}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{6F282B65-56BF-4BD1-A8B2-A4449A05863D}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{965B9DBE-B104-44AC-950A-8A5F97AFF439}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A9DB719C-7156-415E-B49D-BAD039DE4F13}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F03FD9D0-4F2B-497C-8A71-DD41D70B07D9}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FD8F79A0-D2E2-4FA2-AEAF-393EAC8064F7}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}

Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{FD8F79A0-D2E2-4FA2-AEAF-393EAC8064F7}

Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh

Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj

Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd

Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}

Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403A-B9D2-65C292C39087}

Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1

Clé Supprimée : HKLM\SOFTWARE\Software

Clé Supprimée : HKLM\SOFTWARE\Tarma Installer

Clé Supprimée : HKLM\SOFTWARE\Web Assistant

Donnée Supprimée : HKLM\..\Windows [AppInit_DLLs] = c:\progra~3\browse~1\261125~1.80\{c16c1~1\browse~1.dll

Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]

Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]

Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [browserMngrDefaultScope]

Valeur Supprimée : HKCU\Software\Mozilla\Firefox\Extensions [{0F827075-B026-42F3-885D-98981EE7B1AE}]

Valeur Supprimée : HKCU\Software\Mozilla\Firefox\Extensions [{b64982b1-d112-42b5-b1e4-d3867c4533f8}]

Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]

Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]

Valeur Supprimée : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]

Valeur Supprimée : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}]

Valeur Supprimée : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [webbooster@iminent.com]

Valeur Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{6F282B65-56BF-4BD1-A8B2-A4449A05863D}]

Valeur Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]

Valeur Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}]

Valeur Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]

 

***** [Navigateurs] *****

 

-\\ Internet Explorer v9.0.8112.16483

 

Remplacé : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Page] = hxxp://start.funmoods.com/?f=1&a=bndlr&chnl=bndlr&cd=2XzuyEtN2Y1L1QzuyE0CyBtB0BzyyDzytDyBzztC0CtDzy0EtN0D0Tzu0CtByCyBtN1L2XzutBtFtCtFtCtFtAtCtB&cr=129315070 --> hxxp://www.google.com

 

-\\ Mozilla Firefox v21.0 (fr)

 

Fichier : C:\Users\aromes\AppData\Roaming\Mozilla\Firefox\Profiles\b7nbom0s.default\prefs.js

 

C:\Users\aromes\AppData\Roaming\Mozilla\Firefox\Profiles\b7nbom0s.default\user.js ... Supprimé !

 

Supprimée : user_pref("avg.install.userHPSettings", "hxxp://www.delta-search.com/?affID=119292&tt=100313_9111gen[...]

Supprimée : user_pref("avg.install.userSPSettings", "Delta Search");

Supprimée : user_pref("backup.old.browser.search.selectedEngine", "Search the web (Babylon)");

Supprimée : user_pref("extensions.BabylonToolbar.admin", false);

Supprimée : user_pref("extensions.BabylonToolbar.aflt", "babsst");

Supprimée : user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");

Supprimée : user_pref("extensions.BabylonToolbar.autoRvrt", "false");

Supprimée : user_pref("extensions.BabylonToolbar.babext", "babExt");

Supprimée : user_pref("extensions.BabylonToolbar.babtrack", "babTrack");

Supprimée : user_pref("extensions.BabylonToolbar.bbDpng", "20");

Supprimée : user_pref("extensions.BabylonToolbar.cntry", "FR");

Supprimée : user_pref("extensions.BabylonToolbar.dfltLng", "en");

Supprimée : user_pref("extensions.BabylonToolbar.dfltlng", "en");

Supprimée : user_pref("extensions.BabylonToolbar.dfltsrch", "false");

Supprimée : user_pref("extensions.BabylonToolbar.dpkLst", "");

Supprimée : user_pref("extensions.BabylonToolbar.envrmnt", "production");

Supprimée : user_pref("extensions.BabylonToolbar.excTlbr", false);

Supprimée : user_pref("extensions.BabylonToolbar.firstrun", false);

Supprimée : user_pref("extensions.BabylonToolbar.hdrMd5", "D8C9BCB4C7D917F64C928C522821A53E");

Supprimée : user_pref("extensions.BabylonToolbar.hmpg", false);

Supprimée : user_pref("extensions.BabylonToolbar.hrdid", "741dc09e0000000000001cc63c670126");

Supprimée : user_pref("extensions.BabylonToolbar.id", "741dc09e0000000000001cc63c670126");

Supprimée : user_pref("extensions.BabylonToolbar.instlDay", "15605");

Supprimée : user_pref("extensions.BabylonToolbar.instlRef", "sst");

Supprimée : user_pref("extensions.BabylonToolbar.instlday", "15605");

Supprimée : user_pref("extensions.BabylonToolbar.instlref", "sst");

Supprimée : user_pref("extensions.BabylonToolbar.isdcmntcmplt", "false");

Supprimée : user_pref("extensions.BabylonToolbar.keywordurl", "");

Supprimée : user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.6.9.1210:24:16");

Supprimée : user_pref("extensions.BabylonToolbar.lastdp", 22);

Supprimée : user_pref("extensions.BabylonToolbar.mntrvrsn", "1.3.1");

Supprimée : user_pref("extensions.BabylonToolbar.newtab", "false");

Supprimée : user_pref("extensions.BabylonToolbar.newtaburl", "");

Supprimée : user_pref("extensions.BabylonToolbar.pnu_base", "{\"newVrsn\":\"69\",\"lastVrsn\":\"69\",\"vrsnLoad\[...]

Supprimée : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");

Supprimée : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");

Supprimée : user_pref("extensions.BabylonToolbar.prtnrid", "babylon");

Supprimée : user_pref("extensions.BabylonToolbar.savedVrsnTs", "1");

Supprimée : user_pref("extensions.BabylonToolbar.sg", "azb");

Supprimée : user_pref("extensions.BabylonToolbar.smplGrp", "azb");

Supprimée : user_pref("extensions.BabylonToolbar.smplgrp", "azb");

Supprimée : user_pref("extensions.BabylonToolbar.srcext", "ss");

Supprimée : user_pref("extensions.BabylonToolbar.srch", "");

Supprimée : user_pref("extensions.BabylonToolbar.srchprvdr", "");

Supprimée : user_pref("extensions.BabylonToolbar.tlbrId", "base");

Supprimée : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=[...]

Supprimée : user_pref("extensions.BabylonToolbar.tlbrid", "base");

Supprimée : user_pref("extensions.BabylonToolbar.tlbrsrchurl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=[...]

Supprimée : user_pref("extensions.BabylonToolbar.vrsn", "1.6.9.12");

Supprimée : user_pref("extensions.BabylonToolbar.vrsni", "1.6.9.12");

Supprimée : user_pref("extensions.BabylonToolbar.vrsnts", "1.6.9.1210:24:16");

Supprimée : user_pref("extensions.BabylonToolbar_i.babExt", "");

Supprimée : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=114352&tt=120912_pcp_3812_3");

Supprimée : user_pref("extensions.BabylonToolbar_i.newTab", false);

Supprimée : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://www.delta-search.com/?affID=119292&babsrc[...]

Supprimée : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");

Supprimée : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");

Supprimée : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.6.9.1210:24:16");

Supprimée : user_pref("extensions.delta.admin", false);

Supprimée : user_pref("extensions.delta.aflt", "babsst");

Supprimée : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");

Supprimée : user_pref("extensions.delta.autoRvrt", "false");

Supprimée : user_pref("extensions.delta.babTrack", "affID=114352&tt=120912_pcp_3812_3");

Supprimée : user_pref("extensions.delta.bbDpng", "20");

Supprimée : user_pref("extensions.delta.cntry", "FR");

Supprimée : user_pref("extensions.delta.dfltLng", "en");

Supprimée : user_pref("extensions.delta.dfltSrch", false);

Supprimée : user_pref("extensions.delta.excTlbr", false);

Supprimée : user_pref("extensions.delta.hdrMd5", "FA691A7ABBCB1A6FA8ADBF58DC938750");

Supprimée : user_pref("extensions.delta.hmpg", false);

Supprimée : user_pref("extensions.delta.id", "741dc09e0000000000001cc63c670126");

Supprimée : user_pref("extensions.delta.instlDay", "15775");

Supprimée : user_pref("extensions.delta.instlRef", "sst");

Supprimée : user_pref("extensions.delta.lastVrsnTs", "");

Supprimée : user_pref("extensions.delta.newTab", false);

Supprimée : user_pref("extensions.delta.prdct", "delta");

Supprimée : user_pref("extensions.delta.prtnrId", "delta");

Supprimée : user_pref("extensions.delta.rvrt", "false");

Supprimée : user_pref("extensions.delta.sg", "azb");

Supprimée : user_pref("extensions.delta.smplGrp", "none");

Supprimée : user_pref("extensions.delta.tlbrId", "base");

Supprimée : user_pref("extensions.delta.tlbrSrchUrl", "");

Supprimée : user_pref("extensions.delta.vrsn", "1.8.10.0");

Supprimée : user_pref("extensions.delta.vrsnTs", "1.8.10.018:35:54");

Supprimée : user_pref("extensions.delta.vrsni", "1.8.10.0");

Supprimée : user_pref("extensions.funmoods.aflt", "bndlr");

Supprimée : user_pref("extensions.funmoods.autoRvrt", false);

Supprimée : user_pref("extensions.funmoods.brwsrsrc", "ietlbr");

Supprimée : user_pref("extensions.funmoods.cntry", "FR");

Supprimée : user_pref("extensions.funmoods.cv", "cv5");

Supprimée : user_pref("extensions.funmoods.dfltLng", "");

Supprimée : user_pref("extensions.funmoods.dfltSrch", true);

Supprimée : user_pref("extensions.funmoods.dfltlng", "en");

Supprimée : user_pref("extensions.funmoods.dfltsrch", true);

Supprimée : user_pref("extensions.funmoods.dnsErr", true);

Supprimée : user_pref("extensions.funmoods.envrmnt", "production");

Supprimée : user_pref("extensions.funmoods.excTlbr", false);

Supprimée : user_pref("extensions.funmoods.fmupdtFirst", false);

Supprimée : user_pref("extensions.funmoods.hdrMd5", "D2BA99CF0AA12441E7F51E39C134E6EB");

Supprimée : user_pref("extensions.funmoods.hmpg", true);

Supprimée : user_pref("extensions.funmoods.hmpgUrl", "hxxp://start.funmoods.com/?f=1&a=bndlr&chnl=bndlr&cd=2Xzuy[...]

Supprimée : user_pref("extensions.funmoods.hrdid", "4C72B9590781C09E");

Supprimée : user_pref("extensions.funmoods.id", "4C72B9590781C09E");

Supprimée : user_pref("extensions.funmoods.instlDay", "15606");

Supprimée : user_pref("extensions.funmoods.instlRef", "bndlr");

Supprimée : user_pref("extensions.funmoods.instlday", "15606");

Supprimée : user_pref("extensions.funmoods.instlref", "bndlr");

Supprimée : user_pref("extensions.funmoods.isdcmntcmplt", true);

Supprimée : user_pref("extensions.funmoods.keywordurl", "");

Supprimée : user_pref("extensions.funmoods.lastVrsnTs", "1.5.23.2223:25:3");

Supprimée : user_pref("extensions.funmoods.mntrvrsn", "1.3.0");

Supprimée : user_pref("extensions.funmoods.monitorreport", true);

Supprimée : user_pref("extensions.funmoods.newTabUrl", "hxxp://start.funmoods.com/?f=2&a=bndlr&chnl=bndlr&cd=2Xz[...]

Supprimée : user_pref("extensions.funmoods.newtab", true);

Supprimée : user_pref("extensions.funmoods.newtaburl", "hxxp://start.funmoods.com/?f=2&a=bndlr&chnl=bndlr&cd=2Xz[...]

Supprimée : user_pref("extensions.funmoods.prdct", "funmoods");

Supprimée : user_pref("extensions.funmoods.prtnrId", "funmoods");

Supprimée : user_pref("extensions.funmoods.prtnrid", "funmoods");

Supprimée : user_pref("extensions.funmoods.savedVrsnTs", "1");

Supprimée : user_pref("extensions.funmoods.sg", "{smplGrp}");

Supprimée : user_pref("extensions.funmoods.smplgrp", "free");

Supprimée : user_pref("extensions.funmoods.srch", "");

Supprimée : user_pref("extensions.funmoods.srchPrvdr", "Search");

Supprimée : user_pref("extensions.funmoods.srchprvdr", "Search");

Supprimée : user_pref("extensions.funmoods.tlbrId", "base");

Supprimée : user_pref("extensions.funmoods.tlbrSrchUrl", "hxxp://start.funmoods.com/?f=3&a=bndlr&chnl=bndlr&cd=2[...]

Supprimée : user_pref("extensions.funmoods.tlbrid", "base");

Supprimée : user_pref("extensions.funmoods.tlbrsrchurl", "hxxp://start.funmoods.com/?f=3&a=bndlr&chnl=bndlr&cd=2[...]

Supprimée : user_pref("extensions.funmoods.vrsn", "1.5.23.22");

Supprimée : user_pref("extensions.funmoods.vrsni", "1.5.23.22");

Supprimée : user_pref("extensions.funmoods.vrsnts", "");

Supprimée : user_pref("extensions.funmoods_i.newTab", true);

Supprimée : user_pref("extensions.funmoods_i.smplGrp", "none");

Supprimée : user_pref("extensions.funmoods_i.vrsnTs", "1.5.23.2223:25:3");

Supprimée : user_pref("extensions.incredibar.actvtyRptTime", "1353567414709");

Supprimée : user_pref("extensions.incredibar.admin", false);

Supprimée : user_pref("extensions.incredibar.aflt", "orgnl");

Supprimée : user_pref("extensions.incredibar.afterInstallRpt", "sent");

Supprimée : user_pref("extensions.incredibar.cntry", "FR");

Supprimée : user_pref("extensions.incredibar.dfltlng", "en");

Supprimée : user_pref("extensions.incredibar.dfltsrch", "false");

Supprimée : user_pref("extensions.incredibar.did", "10657");

Supprimée : user_pref("extensions.incredibar.envrmnt", "production");

Supprimée : user_pref("extensions.incredibar.excTlbr", false);

Supprimée : user_pref("extensions.incredibar.hdrMd5", "1929288440D82BAC127E3C7B9280A89D");

Supprimée : user_pref("extensions.incredibar.hmpg", false);

Supprimée : user_pref("extensions.incredibar.hrdid", "741dc09e0000000000001cc63c670126");

Supprimée : user_pref("extensions.incredibar.id", "741dc09e0000000000001cc63c670126");

Supprimée : user_pref("extensions.incredibar.installerproductid", "26");

Supprimée : user_pref("extensions.incredibar.instlday", "15605");

Supprimée : user_pref("extensions.incredibar.instlref", "");

Supprimée : user_pref("extensions.incredibar.isdcmntcmplt", "false");

Supprimée : user_pref("extensions.incredibar.keywordurl", "");

Supprimée : user_pref("extensions.incredibar.lastVrsnTs", "1.5.11.1410:27:16");

Supprimée : user_pref("extensions.incredibar.mntrvrsn", "1.2.0");

Supprimée : user_pref("extensions.incredibar.newtab", "false");

Supprimée : user_pref("extensions.incredibar.newtaburl", "");

Supprimée : user_pref("extensions.incredibar.noFFXTlbr", false);

Supprimée : user_pref("extensions.incredibar.ppd", "");

Supprimée : user_pref("extensions.incredibar.prdct", "incredibar");

Supprimée : user_pref("extensions.incredibar.productid", "26");

Supprimée : user_pref("extensions.incredibar.prtnrid", "Incredibar");

Supprimée : user_pref("extensions.incredibar.sg", "none");

Supprimée : user_pref("extensions.incredibar.smplgrp", "none");

Supprimée : user_pref("extensions.incredibar.srch", "");

Supprimée : user_pref("extensions.incredibar.srchprvdr", "");

Supprimée : user_pref("extensions.incredibar.tlbrid", "base");

Supprimée : user_pref("extensions.incredibar.tlbrsrchurl", "hxxp://mystart.Incredibar.com/?a=6R8FVp9aQC&loc=IB_T[...]

Supprimée : user_pref("extensions.incredibar.upn2", "6R8FVp9aQC");

Supprimée : user_pref("extensions.incredibar.upn2n", "92825099191255886");

Supprimée : user_pref("extensions.incredibar.vrsn", "1.5.11.14");

Supprimée : user_pref("extensions.incredibar.vrsni", "1.5.11.14");

Supprimée : user_pref("extensions.incredibar.vrsnts", "1.5.11.1410:27:16");

Supprimée : user_pref("extensions.incredibar_i.aflt", "orgnl");

Supprimée : user_pref("extensions.incredibar_i.dfltLng", "");

Supprimée : user_pref("extensions.incredibar_i.did", "10657");

Supprimée : user_pref("extensions.incredibar_i.excTlbr", false);

Supprimée : user_pref("extensions.incredibar_i.id", "741dc09e0000000000001cc63c670126");

Supprimée : user_pref("extensions.incredibar_i.installerproductid", "26");

Supprimée : user_pref("extensions.incredibar_i.instlDay", "15605");

Supprimée : user_pref("extensions.incredibar_i.instlRef", "");

Supprimée : user_pref("extensions.incredibar_i.ms_url_id", "");

Supprimée : user_pref("extensions.incredibar_i.newTab", false);

Supprimée : user_pref("extensions.incredibar_i.ppd", "");

Supprimée : user_pref("extensions.incredibar_i.prdct", "incredibar");

Supprimée : user_pref("extensions.incredibar_i.productid", "26");

Supprimée : user_pref("extensions.incredibar_i.prtnrId", "Incredibar");

Supprimée : user_pref("extensions.incredibar_i.smplGrp", "none");

Supprimée : user_pref("extensions.incredibar_i.tlbrId", "base");

Supprimée : user_pref("extensions.incredibar_i.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6R8FVp9aQC&loc=IB[...]

Supprimée : user_pref("extensions.incredibar_i.upn2", "6R8FVp9aQC");

Supprimée : user_pref("extensions.incredibar_i.upn2n", "92825099191255886");

Supprimée : user_pref("extensions.incredibar_i.vrsn", "1.5.11.14");

Supprimée : user_pref("extensions.incredibar_i.vrsnTs", "1.5.11.1410:27:16");

Supprimée : user_pref("extensions.incredibar_i.vrsni", "1.5.11.14");

Supprimée : user_pref("extentions.y2layers.defaultEnableAppsList", "DropDownDeals,buzzdock,YontooNewOffers");

Supprimée : user_pref("extentions.y2layers.installId", "83212efc-4e86-4a4d-8f17-cb0a1bc92c77");

Supprimée : user_pref("sweetim.toolbar.RevertDialog.enable", "false");

Supprimée : user_pref("sweetim.toolbar.UserSelectedSaveSettings", "true");

Supprimée : user_pref("sweetim.toolbar.Visibility.VisibilityGuardLastUnHide", "1369041047121");

Supprimée : user_pref("sweetim.toolbar.Visibility.enable", "true");

Supprimée : user_pref("sweetim.toolbar.Visibility.intervaldays", "7");

Supprimée : user_pref("sweetim.toolbar.cargo", "3.1010000.10016");

Supprimée : user_pref("sweetim.toolbar.cda.DisableOveride.enable", "true");

Supprimée : user_pref("sweetim.toolbar.cda.HideOveride.enable", "true");

Supprimée : user_pref("sweetim.toolbar.cda.RemoveOveride.enable", "true");

Supprimée : user_pref("sweetim.toolbar.cda.returnValue", "disable");

Supprimée : user_pref("sweetim.toolbar.dialogs.0.enable", "true");

Supprimée : user_pref("sweetim.toolbar.dialogs.0.handler", "chrome://sim_toolbar_package/content/optionsdialog-h[...]

Supprimée : user_pref("sweetim.toolbar.dialogs.0.height", "335");

Supprimée : user_pref("sweetim.toolbar.dialogs.0.id", "id_options_dialog");

Supprimée : user_pref("sweetim.toolbar.dialogs.0.title", "$string.config.label;");

Supprimée : user_pref("sweetim.toolbar.dialogs.0.url", "hxxp://www.sweetim.com/simffbar/options_remote_ff.asp?la[...]

Supprimée : user_pref("sweetim.toolbar.dialogs.0.width", "761");

Supprimée : user_pref("sweetim.toolbar.dialogs.1.enable", "true");

Supprimée : user_pref("sweetim.toolbar.dialogs.1.handler", "chrome://sim_toolbar_package/content/exampledialog-h[...]

Supprimée : user_pref("sweetim.toolbar.dialogs.1.height", "300");

Supprimée : user_pref("sweetim.toolbar.dialogs.1.id", "id_example_dialog");

Supprimée : user_pref("sweetim.toolbar.dialogs.1.title", "Example (unit-test) dialog");

Supprimée : user_pref("sweetim.toolbar.dialogs.1.url", "chrome://sim_toolbar_package/content/exampledialog.html"[...]

Supprimée : user_pref("sweetim.toolbar.dialogs.1.width", "500");

Supprimée : user_pref("sweetim.toolbar.dialogs.2.enable", "true");

Supprimée : user_pref("sweetim.toolbar.dialogs.2.handler", "chrome://sim_toolbar_package/content/cdadialog-handl[...]

Supprimée : user_pref("sweetim.toolbar.dialogs.2.height", "150");

Supprimée : user_pref("sweetim.toolbar.dialogs.2.id", "id_dialog_hide_disable_remove");

Supprimée : user_pref("sweetim.toolbar.dialogs.2.title", "Option Dialog");

Supprimée : user_pref("sweetim.toolbar.dialogs.2.url", "hxxp://www.sweetim.com/simffbar/simcdadialog.asp");

Supprimée : user_pref("sweetim.toolbar.dialogs.2.width", "530");

Supprimée : user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");

Supprimée : user_pref("sweetim.toolbar.keywordUrlGuard.enable", "false");

Supprimée : user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");

Supprimée : user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");

Supprimée : user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");

Supprimée : user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");

Supprimée : user_pref("sweetim.toolbar.mode.debug", "false");

Supprimée : user_pref("sweetim.toolbar.newtab.created", "true");

Supprimée : user_pref("sweetim.toolbar.newtab.enable", "true");

Supprimée : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "Search the web (Babylon)");

Supprimée : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "hxxp://www.google.fr/");

Supprimée : user_pref("sweetim.toolbar.rc.url", "hxxp://www.sweetim.com/simffbar/rc.html?toolbar_version=$ITEM_V[...]

Supprimée : user_pref("sweetim.toolbar.scripts.0.addcontextdiv", "true");

Supprimée : user_pref("sweetim.toolbar.scripts.0.callback", "simVerification");

Supprimée : user_pref("sweetim.toolbar.scripts.0.domain-blacklist", "");

Supprimée : user_pref("sweetim.toolbar.scripts.0.domain-whitelist", "hxxp://(www.|apps.)?facebook\\.com.*");

Supprimée : user_pref("sweetim.toolbar.scripts.0.elementid", "id_script_sim_fb");

Supprimée : user_pref("sweetim.toolbar.scripts.0.enable", "false");

Supprimée : user_pref("sweetim.toolbar.scripts.0.id", "id_script_fb");

Supprimée : user_pref("sweetim.toolbar.scripts.0.url", "hxxp://sc.sweetim.com/apps/in/fb/infb.js");

Supprimée : user_pref("sweetim.toolbar.scripts.1.addcontextdiv", "true");

Supprimée : user_pref("sweetim.toolbar.scripts.1.callback", "simVerification");

Supprimée : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");

Supprimée : user_pref("sweetim.toolbar.scripts.1.domain-whitelist", "hxxps://(www.|apps.)?facebook\\.com.*");

Supprimée : user_pref("sweetim.toolbar.scripts.1.elementid", "id_script_sim_fb");

Supprimée : user_pref("sweetim.toolbar.scripts.1.enable", "false");

Supprimée : user_pref("sweetim.toolbar.scripts.1.id", "id_script_fb_hxxpS");

Supprimée : user_pref("sweetim.toolbar.scripts.1.url", "hxxps://sc.sweetim.com/apps/in/fb/infb.js");

Supprimée : user_pref("sweetim.toolbar.scripts.2.addcontextdiv", "false");

Supprimée : user_pref("sweetim.toolbar.scripts.2.callback", "");

Supprimée : user_pref("sweetim.toolbar.scripts.2.domain-blacklist", ".*.google..*|.*.bing..*|.*.live..*|.*.msn..[...]

Supprimée : user_pref("sweetim.toolbar.scripts.2.domain-whitelist", "");

Supprimée : user_pref("sweetim.toolbar.scripts.2.elementid", "id_predict_include_script");

Supprimée : user_pref("sweetim.toolbar.scripts.2.enable", "false");

Supprimée : user_pref("sweetim.toolbar.scripts.2.id", "id_script_prad");

Supprimée : user_pref("sweetim.toolbar.scripts.2.url", "hxxp://cdn1.certified-apps.com/scripts/shared/enable.js?[...]

Supprimée : user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engin[...]

Supprimée : user_pref("sweetim.toolbar.search.history", "impression%20%C3%A9cran%20sur%20toshiba%20satellite");

Supprimée : user_pref("sweetim.toolbar.search.history.capacity", "10");

Supprimée : user_pref("sweetim.toolbar.searchguard.enable", "false");

Supprimée : user_pref("sweetim.toolbar.searchguard.initialized_by_rc", "true");

Supprimée : user_pref("sweetim.toolbar.simapp_id", "{AA4DE9AD-048E-11E2-AB40-4C72B9590781}");

Supprimée : user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com/?st=6&barid={AA4DE9AD-048E-11E2-[...]

Supprimée : user_pref("sweetim.toolbar.version", "1.9.0.0");

Supprimée : user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_referrer", "hxxp://search.sweetim.c[...]

Supprimée : user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_temp_referer", "hxxp://search.sweet[...]

Supprimée : user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_whiteList", "{\"search.babylon.com\[...]

Supprimée : user_pref("{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}.ScriptData_WSG_blackList", "form=CONTLB|babsrc=too[...]

Supprimée : user_pref("{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}.ScriptData_WSG_whiteList", "{\"search.babylon.com\[...]

 

-\\ Google Chrome v [impossible d'obtenir la version]

 

Fichier : C:\Users\aromes\AppData\Local\Google\Chrome\User Data\Default\Preferences

 

Supprimée [l.78] : urls_to_restore_on_startup ={"restore_on_startup": 4, [ "hxxp://www.delta-search.com/?affID=11929[...]

 

*************************

 

AdwCleaner[s1].txt - [57708 octets] - [25/05/2013 14:34:10]

 

########## EOF - C:\AdwCleaner[s1].txt - [57769 octets] ##########

 

Je vais faire l'autre maintenant.

[tanaud]

voici le rapport de malwarebyte

 

Malwarebytes Anti-Malware (Essai) 1.75.0.1300

www.malwarebytes.org

 

Version de la base de données: v2013.05.25.04

 

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

aromes :: AROMES [administrateur]

 

Protection: Activé

 

25/05/2013 14:49:15

mbam-log-2013-05-25 (14-49-15).txt

 

Type d'examen: Examen complet (C:\|)

Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM

Options d'examen désactivées: P2P

Elément(s) analysé(s): 443200

Temps écoulé: 1 heure(s), 18 minute(s), 26 seconde(s)

 

Processus mémoire détecté(s): 0

(Aucun élément nuisible détecté)

 

Module(s) mémoire détecté(s): 0

(Aucun élément nuisible détecté)

 

Clé(s) du Registre détectée(s): 4

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} (PUP.FunMoods) -> Mis en quarantaine et supprimé avec succès.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} (PUP.Funmoods) -> Mis en quarantaine et supprimé avec succès.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Video Downloader (PUP.BundleInstaller.VG) -> Mis en quarantaine et supprimé avec succès.

HKCR\AppID\activex.DLL (Adware.180Solutions) -> Mis en quarantaine et supprimé avec succès.

 

Valeur(s) du Registre détectée(s): 0

(Aucun élément nuisible détecté)

 

Elément(s) de données du Registre détecté(s): 0

(Aucun élément nuisible détecté)

 

Dossier(s) détecté(s): 0

(Aucun élément nuisible détecté)

 

Fichier(s) détecté(s): 1

C:\Program Files (x86)\vGrabber-software\Uninstall.exe (PUP.BundleInstaller.VG) -> Mis en quarantaine et supprimé avec succès.

 

(fin)

 

 

merci et que dois-je faire?

 

clt

tanaud

[bernard53]

ok tu as bien passer ZHPFix aussi je ne vois pas le rapport.

 

Comment va ton pc cette fois?

[tanaud]

beaucoup mieux semble-t-il

 

merci

Modifié le 25 mai 2013 par Tonton
Suppression citation inutile. Utiliser le bouton "AJOUTER UNE REPONSE" et non "REPONDRE" :-)

[bernard53]

Très bien si tu penses que ton sujet est résolu alors valide ton post comme cela.

http://forum.zebulon.fr/comment-afficher-son-sujet-comme-resolu-t180253.html

Bonne soirée

[tanaud]

merci c'est revenu commme avant. je revis.

 

Bien à vous

 

tanaud

Modifié le 2 juin 2013 par Tonton
Suppression citation inutile. Utiliser le bouton "AJOUTER UNE REPONSE" et non "REPONDRE" :-)