Comment se débarrasser de ale.coupthree.com
Fermé
Valéda
Messages postés
7
Date d'inscription
mercredi 24 avril 2013
Statut
Membre
Dernière intervention
28 mars 2016
-
6 déc. 2014 à 03:40
Valéda Messages postés 7 Date d'inscription mercredi 24 avril 2013 Statut Membre Dernière intervention 28 mars 2016 - 9 déc. 2014 à 02:39
Valéda Messages postés 7 Date d'inscription mercredi 24 avril 2013 Statut Membre Dernière intervention 28 mars 2016 - 9 déc. 2014 à 02:39
A voir également:
- Comment se débarrasser de ale.coupthree.com
- Comment se débarrasser de mcafee - Guide
- Comment se débarrasser des cookies ? - Guide
- Svchost.exe c'est quoi comment s'en débarrasser - Guide
- Comment se débarrasser de edge - Guide
- Comment se débarrasser définitivement de bing ? - Guide
2 réponses
cabrier
Messages postés
5591
Date d'inscription
dimanche 7 août 2011
Statut
Contributeur sécurité
Dernière intervention
27 octobre 2020
702
6 déc. 2014 à 06:40
6 déc. 2014 à 06:40
Bonjour,
Télécharge ZHPCleaner à cette adresse :
https://nicolascoolman.eu
ZHPCleaner est un utilitaire conçu pour combattre les pirates de navigateurs (Hijackers). Son objectif principal est de rétablir les paramètres Proxy et de supprimer les redirections des navigateurs.
---> Laisse coché toutes les cases,
---> Clique sur "Réparer"
Un rapport t'indique ce qui a été rétabli, sélectionne le, clic droit copier et colle le dans ta réponse.
A+
Télécharge ZHPCleaner à cette adresse :
https://nicolascoolman.eu
ZHPCleaner est un utilitaire conçu pour combattre les pirates de navigateurs (Hijackers). Son objectif principal est de rétablir les paramètres Proxy et de supprimer les redirections des navigateurs.
---> Laisse coché toutes les cases,
---> Clique sur "Réparer"
Un rapport t'indique ce qui a été rétabli, sélectionne le, clic droit copier et colle le dans ta réponse.
A+
Valéda
Messages postés
7
Date d'inscription
mercredi 24 avril 2013
Statut
Membre
Dernière intervention
28 mars 2016
9 déc. 2014 à 02:39
9 déc. 2014 à 02:39
Bonsoir .
~ ZHPCleaner v2014.12.6.247 by Nicolas Coolman (06/12/2014)
~ Run by PRODUCTION3 (Administrator) (07/12/2014 20:53:16)
~ Forum : https://nicolascoolman.eu
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Scan
~ Report : C:\Users\PRODUCTION3\Desktop\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\PRODUCTION3\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Windows VISTA, 32-bit Service Pack 2 (Build 6002)
---\\ Services (0)
~ No malicious items found.
---\\ Browser internet (23)
FOUND Proxy: ProxyOverride ( <-loopback> )
FOUND IE Params: Tabs ( res://ieframe.dll/tabswelcome.htm )
FOUND: [rdz9sgsg.default-1357946019014] - user_pref("browser.search.order.1", "Ask.com"); (PUP.Babylon)
FOUND: [rdz9sgsg.default-1357946019014] - user_pref("extensions.crossrider.bic", "1471b092b1481235fcfecf21f8fea3c6"); (PUP.CrossRider)
FOUND: [rdz9sgsg.default-1357946019014] - user_pref("extensions.visualbee.admin", false); (Adware.VisualBeeToolbar)
FOUND: [rdz9sgsg.default-1357946019014] - user_pref("extensions.visualbee.aflt", "babsst"); (Adware.VisualBeeToolbar)
FOUND: [rdz9sgsg.default-1357946019014] - user_pref("extensions.visualbee.appId", "{9C69AD01-2505-4FA3-BF08-38DCFB0BF6B3}"); (Adware.VisualBeeToolbar)
FOUND: [rdz9sgsg.default-1357946019014] - user_pref("extensions.visualbee.autoRvrt", "false"); (Adware.VisualBeeToolbar)
FOUND: [rdz9sgsg.default-1357946019014] - user_pref("extensions.visualbee.dfltLng", "en"); (Adware.VisualBeeToolbar)
FOUND: [rdz9sgsg.default-1357946019014] - user_pref("extensions.visualbee.excTlbr", false); (Adware.VisualBeeToolbar)
FOUND: [rdz9sgsg.default-1357946019014] - user_pref("extensions.visualbee.id", "2ab875fc00000000000000242cabbbac"); (Adware.VisualBeeToolbar)
FOUND: [rdz9sgsg.default-1357946019014] - user_pref("extensions.visualbee.instlDay", "15907"); (Adware.VisualBeeToolbar)
FOUND: [rdz9sgsg.default-1357946019014] - user_pref("extensions.visualbee.instlRef", "sst"); (Adware.VisualBeeToolbar)
FOUND: [rdz9sgsg.default-1357946019014] - user_pref("extensions.visualbee.newTab", false); (Adware.VisualBeeToolbar)
FOUND: [rdz9sgsg.default-1357946019014] - user_pref("extensions.visualbee.prdct", "visualbee"); (Adware.VisualBeeToolbar)
FOUND: [rdz9sgsg.default-1357946019014] - user_pref("extensions.visualbee.prtnrId", "visualbee"); (Adware.VisualBeeToolbar)
FOUND: [rdz9sgsg.default-1357946019014] - user_pref("extensions.visualbee.rvrt", "false"); (Adware.VisualBeeToolbar)
FOUND: [rdz9sgsg.default-1357946019014] - user_pref("extensions.visualbee.smplGrp", "none"); (Adware.VisualBeeToolbar)
FOUND: [rdz9sgsg.default-1357946019014] - user_pref("extensions.visualbee.tlbrId", "vbeeyh"); (Adware.VisualBeeToolbar)
FOUND: [rdz9sgsg.default-1357946019014] - user_pref("extensions.visualbee.tlbrSrchUrl", ""); (Adware.VisualBeeToolbar)
FOUND: [rdz9sgsg.default-1357946019014] - user_pref("extensions.visualbee.vrsn", "1.8.9.1"); (Adware.VisualBeeToolbar)
FOUND: [rdz9sgsg.default-1357946019014] - user_pref("extensions.visualbee.vrsnTs", "1.8.9.120:06:49"); (Adware.VisualBeeToolbar)
FOUND: [rdz9sgsg.default-1357946019014] - user_pref("extensions.visualbee.vrsni", "1.8.9.1"); (Adware.VisualBeeToolbar)
---\\ Hosts file (1)
~ The hosts file is legitimate (20)
---\\ Scheduled automatic tasks. (0)
~ No malicious items found.
---\\ Explorer ( File, Folder) (198)
FOUND file:C:\Windows\System32\drivers\{9d5747ee-0448-4681-8337-1555de75a3b6}Gt.sys [StdLib - StdLib] (PUP.LinkiDoo)
FOUND folder: C:\Program Files\0892CCEA-3029-46F2-BD98-F3177431F5F8 (PUP.CrossRider)
FOUND file: C:\Program Files\0892CCEA-3029-46F2-BD98-F3177431F5F8\64.ico (PUP.CrossRider)
FOUND file: C:\Program Files\0892CCEA-3029-46F2-BD98-F3177431F5F8\libeay32.dll [The OpenSSL Project, https://www.openssl.org/ - OpenSSL Shared Library] (PUP.CrossRider)
FOUND file: C:\Program Files\0892CCEA-3029-46F2-BD98-F3177431F5F8\nfapi.dll (PUP.CrossRider)
FOUND file: C:\Program Files\0892CCEA-3029-46F2-BD98-F3177431F5F8\nfregdrv.exe (PUP.CrossRider)
FOUND file: C:\Program Files\0892CCEA-3029-46F2-BD98-F3177431F5F8\ProtocolFilters.dll (PUP.CrossRider)
FOUND file: C:\Program Files\0892CCEA-3029-46F2-BD98-F3177431F5F8\ssleay32.dll [The OpenSSL Project, https://www.openssl.org/ - OpenSSL Shared Library] (PUP.CrossRider)
FOUND file: C:\Program Files\0892CCEA-3029-46F2-BD98-F3177431F5F8\xtloowpkjv.exe (PUP.CrossRider)
FOUND: C:\Users\PRODUCTION3\AppData\Roaming\Mozilla\Firefox\Profiles\rdz9sgsg.default-1357946019014\searchplugins\babylon.xml [] (PUP.Babylon)
FOUND: C:\Users\PRODUCTION3\AppData\Roaming\Mozilla\Firefox\Profiles\rdz9sgsg.default-1357946019014\searchplugins\visualbee.xml [] (Adware.VisualBeeToolbar)
FOUND file:C:\ProgramData\Search Protection\SearchProtection.exe [Visicom Media Inc. - Search Protection] (PUP.SearchProtect)
FOUND file:C:\Windows\Tasks\RegRocket Update.job (PUP.RockTurner)
FOUND: C:\Program Files\003 (Adware.AdPeak)
FOUND: C:\Program Files\003\vxlsnyaiet32.exe [ - ] (Adware.AdPeak)
FOUND: C:\Program Files\globalUpdate (PUP.GlobalUpdate)
FOUND: C:\Program Files\globalUpdate\CrashReports [ - ] (PUP.GlobalUpdate)
FOUND: C:\Program Files\HiDefMedia (PUP.HiDefMedia)
FOUND: C:\Program Files\HiDefMedia\HiDefMedia [ - ] (PUP.HiDefMedia)
FOUND: C:\Program Files\Mobogenie (PUP.Mobogenie)
FOUND: C:\Program Files\Mobogenie\nengine.dll [NewNextDotMe - NewNext Helper Engine] (PUP.Mobogenie)
FOUND: C:\Program Files\Mobogenie\ok.htm [ - ] (PUP.Mobogenie)
FOUND: C:\Program Files\SupraSavings (PUP.SupraSavings)
FOUND: C:\Program Files\SupraSavings\SSL [ - ] (PUP.SupraSavings)
FOUND: C:\Program Files\Uninstaller (PUP.RandomSoftware)
FOUND: C:\Program Files\Uninstaller\Uninstall.exe [Copyright © 2013 - DomaUninstaller] (PUP.RandomSoftware)
FOUND: C:\Program Files\Uninstaller\Uninstall.xml [ - ] (PUP.RandomSoftware)
FOUND: C:\Program Files\003 (Adware.AdPeak)
FOUND: C:\Program Files\003\vxlsnyaiet32.exe [ - ] (Adware.AdPeak)
FOUND: C:\Program Files\globalUpdate (PUP.GlobalUpdate)
FOUND: C:\Program Files\globalUpdate\CrashReports [ - ] (PUP.GlobalUpdate)
FOUND: C:\Program Files\HiDefMedia (PUP.HiDefMedia)
FOUND: C:\Program Files\HiDefMedia\HiDefMedia [ - ] (PUP.HiDefMedia)
FOUND: C:\Program Files\Mobogenie (PUP.Mobogenie)
FOUND: C:\Program Files\Mobogenie\nengine.dll [NewNextDotMe - NewNext Helper Engine] (PUP.Mobogenie)
FOUND: C:\Program Files\Mobogenie\ok.htm [ - ] (PUP.Mobogenie)
FOUND: C:\Program Files\SupraSavings (PUP.SupraSavings)
FOUND: C:\Program Files\SupraSavings\SSL [ - ] (PUP.SupraSavings)
FOUND: C:\Program Files\Uninstaller (PUP.RandomSoftware)
FOUND: C:\Program Files\Uninstaller\Uninstall.exe [Copyright © 2013 - DomaUninstaller] (PUP.RandomSoftware)
FOUND: C:\Program Files\Uninstaller\Uninstall.xml [ - ] (PUP.RandomSoftware)
FOUND: C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1 (PUP.CrossRider)
FOUND: C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1\x86 [ - ] (PUP.CrossRider)
FOUND: C:\ProgramData\Babylon (PUP.Babylon)
FOUND: C:\ProgramData\Babylon (PUP.Babylon)
FOUND: C:\ProgramData\RegRocket Software (PUP.RockTurner)
FOUND: C:\ProgramData\RegRocket Software\RegRocket [ - ] (PUP.RockTurner)
FOUND: C:\ProgramData\VisualBee (Adware.VisualBeeToolbar)
FOUND: C:\ProgramData\VisualBee\VisualBeeDB.exe [ - ] (Adware.VisualBeeToolbar)
FOUND: C:\ProgramData\VisualBee\VisualBeeSoftware.exe [ - ] (Adware.VisualBeeToolbar)
FOUND: C:\Users\PRODUCTION3\AppData\Roaming\BabSolution (Hijacker.BabSolution)
FOUND: C:\Users\PRODUCTION3\AppData\Roaming\BabSolution\Shared [ - ] (Hijacker.BabSolution)
FOUND: C:\Users\PRODUCTION3\AppData\Roaming\Babylon (PUP.Babylon)
FOUND: C:\Users\PRODUCTION3\AppData\Roaming\Babylon\log_file.txt [ - ] (PUP.Babylon)
FOUND: C:\Users\PRODUCTION3\AppData\Roaming\newnext.me (PUP.NextLive)
FOUND: C:\Users\PRODUCTION3\AppData\Roaming\newnext.me\cache [ - ] (PUP.NextLive)
FOUND: C:\Users\PRODUCTION3\AppData\Roaming\newnext.me\nengine.cookie [ - ] (PUP.NextLive)
FOUND: C:\Users\PRODUCTION3\AppData\Roaming\newnext.me\nengine.dll [NewNextDotMe - NewNext Helper Engine] (PUP.NextLive)
FOUND: C:\Users\PRODUCTION3\AppData\Roaming\RegRocket Software (PUP.RockTurner)
FOUND: C:\Users\PRODUCTION3\AppData\Roaming\RegRocket Software\RegRocket [ - ] (PUP.RockTurner)
FOUND: C:\Users\PRODUCTION3\AppData\Roaming\Systweak (PUP.Systweak)
FOUND: C:\Users\PRODUCTION3\AppData\Roaming\visualbee (Adware.VisualBeeToolbar)
FOUND: C:\Users\PRODUCTION3\AppData\Roaming\visualbee\sqlite3.dll [Edmunt Pienkowsky - LiteX Automation] (Adware.VisualBeeToolbar)
FOUND: C:\Users\PRODUCTION3\SkyDrive\Documents\Documents\Mobogenie (PUP.Mobogenie)
FOUND: C:\Users\PRODUCTION3\SkyDrive\Documents\Documents\Optimizer Pro (PUP.OptimizerPro)
FOUND: C:\Users\PRODUCTION3\SkyDrive\Documents\Documents\Optimizer Pro\CookiesException.txt [ - ] (PUP.OptimizerPro)
FOUND: C:\Users\PRODUCTION3\AppData\Local\Babylon (PUP.Babylon)
FOUND: C:\Users\PRODUCTION3\AppData\Local\Babylon\Setup [ - ] (PUP.Babylon)
FOUND: C:\Users\PRODUCTION3\AppData\Local\genienext (PUP.NextLive)
FOUND: C:\Users\PRODUCTION3\AppData\Local\genienext\nengine.dll [NewNextDotMe - NewNext Helper Engine] (PUP.NextLive)
FOUND: C:\Users\PRODUCTION3\AppData\Local\globalUpdate (PUP.GlobalUpdate)
FOUND: C:\Users\PRODUCTION3\AppData\Local\globalUpdate\CrashReports [ - ] (PUP.GlobalUpdate)
FOUND: C:\Users\PRODUCTION3\AppData\Local\Lollipop (Adware.Lollipop)
FOUND: C:\Users\PRODUCTION3\AppData\Local\Mobogenie (PUP.Mobogenie)
FOUND: C:\Users\PRODUCTION3\AppData\Local\Mobogenie\backup [ - ] (PUP.Mobogenie)
FOUND: C:\Users\PRODUCTION3\AppData\Local\Mobogenie\client.time [ - ] (PUP.Mobogenie)
FOUND: C:\Users\PRODUCTION3\AppData\Local\Mobogenie\damo.time [ - ] (PUP.Mobogenie)
FOUND: C:\Users\PRODUCTION3\AppData\Local\Mobogenie\Data [ - ] (PUP.Mobogenie)
FOUND: C:\Users\PRODUCTION3\AppData\Local\Mobogenie\device [ - ] (PUP.Mobogenie)
FOUND: C:\Users\PRODUCTION3\AppData\Local\Mobogenie\Download [ - ] (PUP.Mobogenie)
FOUND: C:\Users\PRODUCTION3\AppData\Local\Mobogenie\driver [ - ] (PUP.Mobogenie)
FOUND: C:\Users\PRODUCTION3\AppData\Local\Mobogenie\mobo.uuid [ - ] (PUP.Mobogenie)
FOUND: C:\Users\PRODUCTION3\AppData\Local\Mobogenie\Source.mu [ - ] (PUP.Mobogenie)
FOUND: C:\Users\PRODUCTION3\AppData\Local\Mobogenie\updatepop.time [ - ] (PUP.Mobogenie)
FOUND: C:\Users\PRODUCTION3\AppData\Local\Mobogenie\Version [ - ] (PUP.Mobogenie)
FOUND: C:\Users\PRODUCTION3\AppData\Local\VisualBeeExe (Adware.VisualBeeToolbar)
FOUND: C:\Windows\System32\Drivers\{9d5747ee-0448-4681-8337-1555de75a3b6}Gt.sys (PUP.LinkiDoo)
FOUND: C:\Windows\system32\Drivers\{9d5747ee-0448-4681-8337-1555de75a3b6}Gt.sys (PUP.LinkiDoo)
FOUND: C:\Users\PRODUCTION3\Downloads\iLividSetup-r312-n-bc (1).exe (Adware.Bandoo)
FOUND: C:\Users\PRODUCTION3\Downloads\iLividSetup-r312-n-bc.exe (Adware.Bandoo)
FOUND: C:\Users\PRODUCTION3\Downloads\iLividSetup-r679-n-bc (1).exe (Adware.Bandoo)
FOUND: C:\Users\PRODUCTION3\Downloads\iLividSetup-r679-n-bc.exe (Adware.Bandoo)
FOUND: C:\Users\PRODUCTION3\Downloads\iLividSetup.exe (Adware.Bandoo)
FOUND: C:\Users\PRODUCTION3\Downloads\SoftonicDownloader_pour_bad-piggies.exe (PUP.Softonic)
FOUND: C:\Users\PRODUCTION3\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.re-markable00.re-markable.net_0.localstorage (PUP.Re-Markable)
FOUND: C:\Users\PRODUCTION3\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.re-markable00.re-markable.net_0.localstorage-journal (PUP.Re-Markable)
FOUND: C:\Users\PRODUCTION3\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage (PUP.SpecialSavings)
FOUND: C:\Users\PRODUCTION3\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal (PUP.SpecialSavings)
FOUND: C:\Users\PRODUCTION3\Downloads\FlashPlayerPro.exe [AirInstaller ] (Adware.AirInstaller)
FOUND: C:\Users\PRODUCTION3\Downloads\iLividSetup-r312-n-bc (1).exe [Bandoo Media Inc] (Adware.Bandoo)
FOUND: C:\Users\PRODUCTION3\Downloads\iLividSetup-r312-n-bc.exe [Bandoo Media Inc] (Adware.Bandoo)
FOUND: C:\Users\PRODUCTION3\Downloads\iLividSetup-r679-n-bc (1).exe [Bandoo Media Inc] (Adware.Bandoo)
FOUND: C:\Users\PRODUCTION3\Downloads\iLividSetup-r679-n-bc.exe [Bandoo Media Inc] (Adware.Bandoo)
FOUND: C:\Users\PRODUCTION3\Downloads\iLividSetup.exe [Bandoo Media Inc] (Adware.Bandoo)
FOUND: C:\Users\PRODUCTION3\Downloads\MalwareRemover_WIN.exe [Enigma Software Group USA, LLC.] (PUP.EnigmaSoftware)
FOUND: C:\END [ - ] (Toolbar.Conduit)
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{01422321-E1F1-456D-9257-0A9ADA0763CD}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{027C5493-FF56-4D49-AE23-561D8157FBDF}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{060FDD70-DBB9-4537-A76F-4FCCA3A91F4C}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{0806A522-B76A-4190-83C3-F1FC9418348B}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{0A0DCCD7-E697-442E-A33E-9D1F371F140C}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{0B5B0D10-0724-4281-9554-24D675CBC158}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{0BC3AE53-0A4D-4795-8F92-A1E155FDD659}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{0D7C578F-EECE-42C4-A442-275AFA703069}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{0E350A79-0A6E-4ED0-B9DC-28088DC345AA}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{10E55FC0-77F0-40C0-B6C6-7462500CC6AD}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{1361902E-1841-4105-B821-C9F597F91911}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{138B2023-8B2A-4A88-AF94-3ED6E1A7190F}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{269992D7-5501-4BFF-BA33-F291B89D0440}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{273F0494-4036-4477-872C-40BC2FA78905}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{29E43EAB-F470-4224-9B2F-BBA9C8779C9D}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{2AF24D86-FE24-4821-A00D-5F7578B3ABCF}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{2CA35716-F60B-484D-8946-A2B9DCE903B1}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{2E0C2BD9-0798-4DEC-BCF6-D16F672B1EDC}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{329203E4-E08C-444E-81D2-CE038EB6F209}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{386D11A8-F63F-4D1B-B8EF-D317D62327C1}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{40A39B4E-E727-4940-9FF8-FC5CD02D6415}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{441140CF-BA40-419F-BFCE-EFD635EAF705}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{48ECC6D9-27F3-4C9C-BF70-FA7F303B563D}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{51B3550A-F93E-4CFA-8B2E-EECAF99E78F9}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{5781D83E-5F07-43D8-924C-3686341E06AB}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{57E69B10-164F-4DF8-BA3F-BD986BA2D8CB}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{58B3E132-A615-4980-9588-897CDF0CD32A}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{59FE8121-DAD7-49B6-BEEA-654CF2CFBC44}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{5A5E0DAA-7F78-47A2-B44C-EB75B304805D}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{5A960BD3-9FC1-42D7-8F8F-242ADC8610F9}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{5AFABC40-135C-4D36-A42D-EA4B3161A7C6}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{5BE4CC55-325B-49B7-BD2A-D048812754CB}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{6476CB52-F272-41DE-818E-012212248377}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{67FDCAF4-34A2-4A8D-81B3-D8476B5214D8}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{684C3485-BB82-4693-9138-2CD93B7385B7}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{6A69B801-84FA-4DE4-A523-9D083D19541D}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{6D3B0EB9-82E8-4864-AD95-7D0C66B6AB31}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{6D64B8C7-8FC5-49A6-8A5B-BB079DCA670C}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{6EC99BD0-F35A-4FB9-A884-7F22874AC454}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{70384F0D-CF63-4FAC-8672-61DF9FAD8090}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{7169FB25-5C85-4017-91F0-341917D1E825}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{7303DB8E-CEFE-41CC-BF57-B53CD0784FFA}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{75006DE4-EF2A-4F01-A9B6-449FB7905373}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{79380866-E67E-42CF-9A46-7B6057E94141}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{7C7ED029-B0D9-494A-82E3-9F40DCE7EAAE}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{7F7B384B-4457-4DCA-BFBE-43A286159CB9}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{7F82FBD9-9BE8-46EE-83F7-8B8303870526}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{7FC5DC93-FA3D-4C19-9873-A7A490584C46}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{80BE886D-C756-44C8-9A10-70C844649582}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{80CD66B9-C9D5-4F16-8E70-DB6FA0C9AB51}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{84EE8A04-8C13-4F1A-BA96-90CBFD1A2608}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{852B0132-B90E-48F6-B7B6-DBF1732D75C6}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{8BDC6B83-B9A2-4781-83CA-6D90D835C5B5}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{8D01DC30-BEF8-49AB-A0FF-DAA5AF13BDE9}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{913E111A-FFD6-40DE-AD94-C49EF8D9E42F}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{918238EA-6C64-4F93-98ED-5A9678AC24DE}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{91DEF082-C6B5-4A9B-8059-CFF6D6D1CD22}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{94EA1610-420A-41C9-A3A1-55254F192C0B}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{97D37047-FDE3-4A94-BA9B-159EB3A23F4F}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{9B076A13-5728-4490-BD8C-4E9922970804}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{9BBB0FA8-DF8B-4017-8649-6A4A8BDBC32A}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{9BD4CD0E-02A0-48CE-B756-EECF510E3EDE}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{9EBEC680-5265-42D4-BF79-35625768EE81}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{A14106BF-6BC3-4914-8EAA-2923DE3951B5}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{A1A4A319-8E85-4EAB-97D8-815922A64510}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{A6E4FE88-F5B8-448B-9A86-5B2DFE2BC691}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{A932D149-054C-4731-9C60-0022DDE795F8}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{B0E3C5E2-E1CE-4F83-B1B5-AC61BEBA6352}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{B292D527-B519-4337-8368-0D18250D027D}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{B2A1A11F-EC7E-4583-8B16-2ED0F001DB9D}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{B359CD7E-4722-4A6A-9A00-81DB5F1B7723}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{B50CA2FE-292A-4AD5-9872-08968C7C0B5E}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{B658F08C-88DB-4FB4-9B71-9848354801C7}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{B6D466A9-DA62-47DB-85DC-5B906BDCA166}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{C23B157A-2E2F-4DBD-84BE-105972501280}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{C778B848-D3D9-407B-A4A4-38A7D240425E}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{CBEE7EC3-8353-466C-B5A6-B7FC6134C00A}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{CDDA0361-6331-4B1E-A8E7-BDFA59708288}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{CDE3D153-C3A6-4933-8C44-3CB014F7E66D}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{D7DC81D3-217C-4864-AA46-66E5D90212D2}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{DEC6A0CA-6B2A-48A9-9993-4FBD7E29A3F2}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{E3DC399C-911E-42CD-8394-64D4AC8C4F7F}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{E6C7DDC5-115C-4371-8739-C620ABDA7ACA}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{E823DEEF-5056-491F-B370-709CE66C4680}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{E88FD3F7-8E8E-4C6A-B315-8EA9A46E6688}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{EC921D07-0265-41D2-B66D-50DA1A1C8738}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{EEB9B04C-C582-4E05-9DE7-11086631D85E}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{F0CDB76C-6700-45B2-B4A0-D2C43BF29870}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{F35A0257-93B1-4FC4-845F-A61ACAF84279}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{F8096A97-3622-4BE4-AA3D-E37A0E694DAE}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{F96083B8-D32B-4BF3-A141-9FB55BD2C5CF}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{FFD7B05C-97FA-47D4-A1CE-65087CF58516}
---\\ Registry ( Key, Value, Data) (49)
FOUND: HKLM\SYSTEM\CurrentControlSet\Services\{9d5747ee-0448-4681-8337-1555de75a3b6}Gt [C:\Windows\System32\drivers\{9d5747ee-0448-4681-8337-1555de75a3b6}Gt.sys] (PUP.LinkiDoo)
FOUND: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{66F57190-01EB-45A6-8260-7895267209F7} [visualbee Helper Object] (Adware.VisualBeeToolbar)
FOUND TOOLBAR: HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{610AF794-9293-4129-9FAF-A81BBDFBFA14} (Adware.VisualBeeToolbar)
FOUND: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}\\http://search.conduit.com/?ctid=CT3317742&o[...] [Conduit Search] (Toolbar.Conduit)
FOUND RUN: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\NextLive [C:\Windows\system32\rundll32.exe "C:\Users\PRODUCTION3\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l] (PUP.NextLive)
FOUND RUN: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Search Protection [C:\ProgramData\Search Protection\SearchProtection.exe] (PUP.SearchProtect)
FOUND: HKCR\CLSID\{3c471948-f874-49f5-b338-4f214a2ee0b1} [Conduit Community Alerts] (Toolbar.Conduit)
FOUND: HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{100EB1FD-D03E-47FD-81F3-EE91287F9465} [ShopperReports.dll] (Adware.ShopperReports)
FOUND: HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{258C9770-1713-4021-8D7E-1F184A2BD754} [ShoppingReport.dll] (Adware.ShoppingReport)
FOUND: HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B} [BabylonToolbar.dll] (PUP.Babylon)
FOUND: HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} [BabylonToolbar.dll] (PUP.Babylon)
FOUND: HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC} [BabylonToolbarTlbr.dll] (PUP.Babylon)
FOUND: HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939} [ShoppingReport.dll] (Adware.ShoppingReport)
FOUND: HKCU\SOFTWARE\SearchProtectINT (PUP.SearchProtect)
FOUND: HKLM\SOFTWARE\0892CCEA-3029-46F2-BD98-F3177431F5F8 (PUP.CrossRider)
FOUND: HKLM\SOFTWARE\CDDCF87A-3EAD-40C4-8099-34C6869D3E9D (PUP.CrossRider)
FOUND: HKCR\Prod.cap [] (PUP.ClaroSearch)
FOUND: HKCR\escort.escortIEPane [escortIEPane Object] (PUP.Babylon)
FOUND: HKCR\escort.escortIEPane [escortIEPane Object] (PUP.Funmoods)
FOUND: HKCR\escort.escortIEPane.1 [escortIEPane Object] (PUP.Funmoods)
FOUND: HKCR\escort.escortIEPane.1 [escortIEPane Object] (PUP.Funmoods)
FOUND: HKCR\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5} [IMdt] (Adware.IMBooster)
FOUND: HKCR\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB} [IManager] (Adware.IMBooster)
FOUND: HKCR\AppID\esrv.EXE [] (PUP.Funmoods)
FOUND: HKCR\AppID\escort.dll [] (PUP.Babylon)
FOUND: HKCR\AppID\escortapp.dll [] (PUP.Babylon)
FOUND: HKCR\AppID\escorteng.dll [] (PUP.Babylon)
FOUND: HKCR\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D} [escortEng] (Adware.Funmoods)
FOUND: HKCR\Toolbar.CT3298581 (Toolbar.Conduit)
FOUND: HKCU\Software\BabSolution (Hijacker.BabSolution)
FOUND: HKCU\Software\DataMngr (PUP.Datamngr)
FOUND: HKCU\Software\globalUpdate (PUP.GlobalUpdate)
FOUND: HKCU\Software\iLivid (Adware.Bandoo)
FOUND: HKCU\Software\lollipop (Adware.Lollipop)
FOUND: HKCU\Software\SearchProtectINT (PUP.SearchProtect)
FOUND: HKCU\Software\Smartbar (Hijacker.SmartBar)
FOUND: HKCU\Software\Softonic (PUP.Softonic)
FOUND: HKCU\Software\usyndication.com (Trojan.USyndication)
FOUND: HKCU\Software\Visualbee (Adware.VisualBeeToolbar)
FOUND: HKCU\Software\YahooPartnerToolbar (Toolbar.YahooPartner)
FOUND: HKCU\Software\AppDataLow\Software\Conduit (Toolbar.Conduit)
FOUND: HKCU\Software\AppDataLow\Software\ConduitSearchScopes (Toolbar.Conduit)
FOUND: HKCU\Software\AppDataLow\Software\Crossrider (PUP.CrossRider)
FOUND: HKCU\Software\AppDataLow\Software\SmartBar (Hijacker.SmartBar)
FOUND: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyPC Backup (PUP.MyPCBackup)
FOUND: HKLM\SOFTWARE\Conduit (Toolbar.Conduit)
FOUND: HKLM\SOFTWARE\DataMngr (PUP.Datamngr)
FOUND: HKLM\SOFTWARE\Systweak (PUP.Systweak)
FOUND: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00EFC7C02E777BC4B80F44ACFEC4E830 [C:\Perl\lib\auto\ExtUtils\] (PUP.Manager)
---\\ Result of repair
~ Any repair made
~ Browser not found (Opera Software)
~ Repair canceled by the user (Mozilla Firefox)
~ Repair canceled by the user (Internet Explorer)
End of clean at 07:01:07
~ ZHPCleaner v2014.12.6.247 by Nicolas Coolman (06/12/2014)
~ Run by PRODUCTION3 (Administrator) (08/12/2014 07:12:11)
~ Forum : https://nicolascoolman.eu
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Repair
~ Report : C:\Users\PRODUCTION3\Desktop\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\PRODUCTION3\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Windows VISTA, 32-bit Service Pack 2 (Build 6002)
---\\ Services (0)
~ No malicious items found.
---\\ Browser internet (23)
REPLACED Proxy: ProxyOverride ( <-loopback> )
REPLACED IE Params: Tabs ( res://ieframe.dll/tabswelcome.htm )
REPLACED: [rdz9sgsg.default-1357946019014] - user_pref("browser.search.order.1", "Ask.com"); (PUP.Babylon)
REPLACED: [rdz9sgsg.default-1357946019014] - user_pref("extensions.crossrider.bic", "1471b092b1481235fcfecf21f8fea3c6"); (PUP.CrossRider)
REPLACED: [rdz9sgsg.default-1357946019014] - user_pref("extensions.visualbee.admin", false); (Adware.VisualBeeToolbar)
REPLACED: [rdz9sgsg.default-1357946019014] - user_pref("extensions.visualbee.aflt", "babsst"); (Adware.VisualBeeToolbar)
REPLACED: [rdz9sgsg.default-1357946019014] - user_pref("extensions.visualbee.appId", "{9C69AD01-2505-4FA3-BF08-38DCFB0BF6B3}"); (Adware.VisualBeeToolbar)
REPLACED: [rdz9sgsg.default-1357946019014] - user_pref("extensions.visualbee.autoRvrt", "false"); (Adware.VisualBeeToolbar)
REPLACED: [rdz9sgsg.default-1357946019014] - user_pref("extensions.visualbee.dfltLng", "en"); (Adware.VisualBeeToolbar)
REPLACED: [rdz9sgsg.default-1357946019014] - user_pref("extensions.visualbee.excTlbr", false); (Adware.VisualBeeToolbar)
REPLACED: [rdz9sgsg.default-1357946019014] - user_pref("extensions.visualbee.id", "2ab875fc00000000000000242cabbbac"); (Adware.VisualBeeToolbar)
REPLACED: [rdz9sgsg.default-1357946019014] - user_pref("extensions.visualbee.instlDay", "15907"); (Adware.VisualBeeToolbar)
REPLACED: [rdz9sgsg.default-1357946019014] - user_pref("extensions.visualbee.instlRef", "sst"); (Adware.VisualBeeToolbar)
REPLACED: [rdz9sgsg.default-1357946019014] - user_pref("extensions.visualbee.newTab", false); (Adware.VisualBeeToolbar)
REPLACED: [rdz9sgsg.default-1357946019014] - user_pref("extensions.visualbee.prdct", "visualbee"); (Adware.VisualBeeToolbar)
REPLACED: [rdz9sgsg.default-1357946019014] - user_pref("extensions.visualbee.prtnrId", "visualbee"); (Adware.VisualBeeToolbar)
REPLACED: [rdz9sgsg.default-1357946019014] - user_pref("extensions.visualbee.rvrt", "false"); (Adware.VisualBeeToolbar)
REPLACED: [rdz9sgsg.default-1357946019014] - user_pref("extensions.visualbee.smplGrp", "none"); (Adware.VisualBeeToolbar)
REPLACED: [rdz9sgsg.default-1357946019014] - user_pref("extensions.visualbee.tlbrId", "vbeeyh"); (Adware.VisualBeeToolbar)
REPLACED: [rdz9sgsg.default-1357946019014] - user_pref("extensions.visualbee.tlbrSrchUrl", ""); (Adware.VisualBeeToolbar)
REPLACED: [rdz9sgsg.default-1357946019014] - user_pref("extensions.visualbee.vrsn", "1.8.9.1"); (Adware.VisualBeeToolbar)
REPLACED: [rdz9sgsg.default-1357946019014] - user_pref("extensions.visualbee.vrsnTs", "1.8.9.120:06:49"); (Adware.VisualBeeToolbar)
REPLACED: [rdz9sgsg.default-1357946019014] - user_pref("extensions.visualbee.vrsni", "1.8.9.1"); (Adware.VisualBeeToolbar)
---\\ Hosts file (1)
~ The hosts file is legitimate (20)
---\\ Scheduled automatic tasks. (0)
~ No malicious items found.
---\\ Explorer ( File, Folder) (166)
MOVED file: C:\Windows\System32\drivers\{9d5747ee-0448-4681-8337-1555de75a3b6}Gt.sys [StdLib - StdLib] (PUP.LinkiDoo)
MOVED folder: C:\Program Files\0892CCEA-3029-46F2-BD98-F3177431F5F8 (PUP.CrossRider)
MOVED: C:\Users\PRODUCTION3\AppData\Roaming\Mozilla\Firefox\Profiles\rdz9sgsg.default-1357946019014\searchplugins\babylon.xml [] (PUP.Babylon)
MOVED: C:\Users\PRODUCTION3\AppData\Roaming\Mozilla\Firefox\Profiles\rdz9sgsg.default-1357946019014\searchplugins\visualbee.xml [] (Adware.VisualBeeToolbar)
MOVED file: C:\ProgramData\Search Protection\SearchProtection.exe [Visicom Media Inc. - Search Protection] (PUP.SearchProtect)
MOVED file: C:\Windows\Tasks\RegRocket Update.job (PUP.RockTurner)
MOVED: C:\Program Files\003 (Adware.AdPeak)
MOVED: C:\Program Files\003\vxlsnyaiet32.exe [ - ] (Adware.AdPeak)
MOVED: C:\Program Files\globalUpdate (PUP.GlobalUpdate)
MOVED: C:\Program Files\globalUpdate\CrashReports [ - ] (PUP.GlobalUpdate)
MOVED: C:\Program Files\HiDefMedia (PUP.HiDefMedia)
MOVED: C:\Program Files\HiDefMedia\HiDefMedia [ - ] (PUP.HiDefMedia)
MOVED: C:\Program Files\Mobogenie (PUP.Mobogenie)
MOVED: C:\Program Files\Mobogenie\nengine.dll [ - ] (PUP.Mobogenie)
MOVED: C:\Program Files\Mobogenie\ok.htm [ - ] (PUP.Mobogenie)
MOVED: C:\Program Files\SupraSavings (PUP.SupraSavings)
MOVED: C:\Program Files\SupraSavings\SSL [ - ] (PUP.SupraSavings)
MOVED: C:\Program Files\Uninstaller (PUP.RandomSoftware)
MOVED: C:\Program Files\Uninstaller\Uninstall.exe [ - ] (PUP.RandomSoftware)
MOVED: C:\Program Files\Uninstaller\Uninstall.xml [ - ] (PUP.RandomSoftware)
MOVED: C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1 (PUP.CrossRider)
MOVED: C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1\x86 [ - ] (PUP.CrossRider)
MOVED: C:\ProgramData\Babylon (PUP.Babylon)
MOVED: C:\ProgramData\RegRocket Software (PUP.RockTurner)
MOVED: C:\ProgramData\RegRocket Software\RegRocket [ - ] (PUP.RockTurner)
MOVED: C:\ProgramData\VisualBee (Adware.VisualBeeToolbar)
MOVED: C:\ProgramData\VisualBee\VisualBeeDB.exe [ - ] (Adware.VisualBeeToolbar)
MOVED: C:\ProgramData\VisualBee\VisualBeeSoftware.exe [ - ] (Adware.VisualBeeToolbar)
MOVED: C:\Users\PRODUCTION3\AppData\Roaming\BabSolution (Hijacker.BabSolution)
MOVED: C:\Users\PRODUCTION3\AppData\Roaming\BabSolution\Shared [ - ] (Hijacker.BabSolution)
MOVED: C:\Users\PRODUCTION3\AppData\Roaming\Babylon (PUP.Babylon)
MOVED: C:\Users\PRODUCTION3\AppData\Roaming\Babylon\log_file.txt [ - ] (PUP.Babylon)
MOVED: C:\Users\PRODUCTION3\AppData\Roaming\newnext.me (PUP.NextLive)
MOVED: C:\Users\PRODUCTION3\AppData\Roaming\newnext.me\cache [ - ] (PUP.NextLive)
MOVED: C:\Users\PRODUCTION3\AppData\Roaming\newnext.me\nengine.cookie [ - ] (PUP.NextLive)
MOVED: C:\Users\PRODUCTION3\AppData\Roaming\newnext.me\nengine.dll [ - ] (PUP.NextLive)
MOVED: C:\Users\PRODUCTION3\AppData\Roaming\RegRocket Software (PUP.RockTurner)
MOVED: C:\Users\PRODUCTION3\AppData\Roaming\RegRocket Software\RegRocket [ - ] (PUP.RockTurner)
MOVED: C:\Users\PRODUCTION3\AppData\Roaming\Systweak (PUP.Systweak)
MOVED: C:\Users\PRODUCTION3\AppData\Roaming\visualbee (Adware.VisualBeeToolbar)
MOVED: C:\Users\PRODUCTION3\AppData\Roaming\visualbee\sqlite3.dll [ - ] (Adware.VisualBeeToolbar)
MOVED: C:\Users\PRODUCTION3\SkyDrive\Documents\Documents\Mobogenie (PUP.Mobogenie)
MOVED: C:\Users\PRODUCTION3\SkyDrive\Documents\Documents\Optimizer Pro (PUP.OptimizerPro)
MOVED: C:\Users\PRODUCTION3\SkyDrive\Documents\Documents\Optimizer Pro\CookiesException.txt [ - ] (PUP.OptimizerPro)
MOVED: C:\Users\PRODUCTION3\AppData\Local\Babylon (PUP.Babylon)
MOVED: C:\Users\PRODUCTION3\AppData\Local\Babylon\Setup [ - ] (PUP.Babylon)
MOVED: C:\Users\PRODUCTION3\AppData\Local\genienext (PUP.NextLive)
MOVED: C:\Users\PRODUCTION3\AppData\Local\genienext\nengine.dll [ - ] (PUP.NextLive)
MOVED: C:\Users\PRODUCTION3\AppData\Local\globalUpdate (PUP.GlobalUpdate)
MOVED: C:\Users\PRODUCTION3\AppData\Local\globalUpdate\CrashReports [ - ] (PUP.GlobalUpdate)
MOVED: C:\Users\PRODUCTION3\AppData\Local\Lollipop (Adware.Lollipop)
MOVED: C:\Users\PRODUCTION3\AppData\Local\Mobogenie (PUP.Mobogenie)
MOVED: C:\Users\PRODUCTION3\AppData\Local\Mobogenie\backup [ - ] (PUP.Mobogenie)
MOVED: C:\Users\PRODUCTION3\AppData\Local\Mobogenie\client.time [ - ] (PUP.Mobogenie)
MOVED: C:\Users\PRODUCTION3\AppData\Local\Mobogenie\damo.time [ - ] (PUP.Mobogenie)
MOVED: C:\Users\PRODUCTION3\AppData\Local\Mobogenie\Data [ - ] (PUP.Mobogenie)
MOVED: C:\Users\PRODUCTION3\AppData\Local\Mobogenie\device [ - ] (PUP.Mobogenie)
MOVED: C:\Users\PRODUCTION3\AppData\Local\Mobogenie\Download [ - ] (PUP.Mobogenie)
MOVED: C:\Users\PRODUCTION3\AppData\Local\Mobogenie\driver [ - ] (PUP.Mobogenie)
MOVED: C:\Users\PRODUCTION3\AppData\Local\Mobogenie\mobo.uuid [ - ] (PUP.Mobogenie)
MOVED: C:\Users\PRODUCTION3\AppData\Local\Mobogenie\Source.mu [ - ] (PUP.Mobogenie)
MOVED: C:\Users\PRODUCTION3\AppData\Local\Mobogenie\updatepop.time [ - ] (PUP.Mobogenie)
MOVED: C:\Users\PRODUCTION3\AppData\Local\Mobogenie\Version [ - ] (PUP.Mobogenie)
MOVED: C:\Users\PRODUCTION3\AppData\Local\VisualBeeExe (Adware.VisualBeeToolbar)
MOVED: C:\Users\PRODUCTION3\Downloads\iLividSetup-r312-n-bc (1).exe[Bandoo Media Inc] (Adware.Bandoo)
MOVED: C:\Users\PRODUCTION3\Downloads\iLividSetup-r312-n-bc.exe[Bandoo Media Inc] (Adware.Bandoo)
MOVED: C:\Users\PRODUCTION3\Downloads\iLividSetup-r679-n-bc (1).exe[Bandoo Media Inc] (Adware.Bandoo)
MOVED: C:\Users\PRODUCTION3\Downloads\iLividSetup-r679-n-bc.exe[Bandoo Media Inc] (Adware.Bandoo)
MOVED: C:\Users\PRODUCTION3\Downloads\iLividSetup.exe[Bandoo Media Inc] (Adware.Bandoo)
MOVED: C:\Users\PRODUCTION3\Downloads\SoftonicDownloader_pour_bad-piggies.exe[Softonic ] (PUP.Softonic)
MOVED: C:\Users\PRODUCTION3\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal[] (PUP.SpecialSavings)
MOVED: C:\Users\PRODUCTION3\Downloads\FlashPlayerPro.exe [AirInstaller ] (Adware.AirInstaller)
MOVED: C:\Users\PRODUCTION3\Downloads\MalwareRemover_WIN.exe [Enigma Software Group USA, LLC.] (PUP.EnigmaSoftware)
MOVED: C:\END [ - ] (Toolbar.Conduit)
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{01422321-E1F1-456D-9257-0A9ADA0763CD}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{027C5493-FF56-4D49-AE23-561D8157FBDF}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{060FDD70-DBB9-4537-A76F-4FCCA3A91F4C}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{0806A522-B76A-4190-83C3-F1FC9418348B}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{0A0DCCD7-E697-442E-A33E-9D1F371F140C}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{0B5B0D10-0724-4281-9554-24D675CBC158}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{0BC3AE53-0A4D-4795-8F92-A1E155FDD659}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{0D7C578F-EECE-42C4-A442-275AFA703069}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{0E350A79-0A6E-4ED0-B9DC-28088DC345AA}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{10E55FC0-77F0-40C0-B6C6-7462500CC6AD}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{1361902E-1841-4105-B821-C9F597F91911}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{138B2023-8B2A-4A88-AF94-3ED6E1A7190F}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{269992D7-5501-4BFF-BA33-F291B89D0440}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{273F0494-4036-4477-872C-40BC2FA78905}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{29E43EAB-F470-4224-9B2F-BBA9C8779C9D}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{2AF24D86-FE24-4821-A00D-5F7578B3ABCF}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{2CA35716-F60B-484D-8946-A2B9DCE903B1}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{2E0C2BD9-0798-4DEC-BCF6-D16F672B1EDC}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{329203E4-E08C-444E-81D2-CE038EB6F209}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{386D11A8-F63F-4D1B-B8EF-D317D62327C1}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{40A39B4E-E727-4940-9FF8-FC5CD02D6415}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{441140CF-BA40-419F-BFCE-EFD635EAF705}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{48ECC6D9-27F3-4C9C-BF70-FA7F303B563D}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{51B3550A-F93E-4CFA-8B2E-EECAF99E78F9}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{5781D83E-5F07-43D8-924C-3686341E06AB}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{57E69B10-164F-4DF8-BA3F-BD986BA2D8CB}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{58B3E132-A615-4980-9588-897CDF0CD32A}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{59FE8121-DAD7-49B6-BEEA-654CF2CFBC44}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{5A5E0DAA-7F78-47A2-B44C-EB75B304805D}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{5A960BD3-9FC1-42D7-8F8F-242ADC8610F9}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{5AFABC40-135C-4D36-A42D-EA4B3161A7C6}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{5BE4CC55-325B-49B7-BD2A-D048812754CB}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{6476CB52-F272-41DE-818E-012212248377}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{67FDCAF4-34A2-4A8D-81B3-D8476B5214D8}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{684C3485-BB82-4693-9138-2CD93B7385B7}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{6A69B801-84FA-4DE4-A523-9D083D19541D}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{6D3B0EB9-82E8-4864-AD95-7D0C66B6AB31}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{6D64B8C7-8FC5-49A6-8A5B-BB079DCA670C}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{6EC99BD0-F35A-4FB9-A884-7F22874AC454}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{70384F0D-CF63-4FAC-8672-61DF9FAD8090}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{7169FB25-5C85-4017-91F0-341917D1E825}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{7303DB8E-CEFE-41CC-BF57-B53CD0784FFA}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{75006DE4-EF2A-4F01-A9B6-449FB7905373}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{79380866-E67E-42CF-9A46-7B6057E94141}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{7C7ED029-B0D9-494A-82E3-9F40DCE7EAAE}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{7F7B384B-4457-4DCA-BFBE-43A286159CB9}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{7F82FBD9-9BE8-46EE-83F7-8B8303870526}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{7FC5DC93-FA3D-4C19-9873-A7A490584C46}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{80BE886D-C756-44C8-9A10-70C844649582}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{80CD66B9-C9D5-4F16-8E70-DB6FA0C9AB51}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{84EE8A04-8C13-4F1A-BA96-90CBFD1A2608}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{852B0132-B90E-48F6-B7B6-DBF1732D75C6}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{8BDC6B83-B9A2-4781-83CA-6D90D835C5B5}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{8D01DC30-BEF8-49AB-A0FF-DAA5AF13BDE9}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{913E111A-FFD6-40DE-AD94-C49EF8D9E42F}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{918238EA-6C64-4F93-98ED-5A9678AC24DE}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{91DEF082-C6B5-4A9B-8059-CFF6D6D1CD22}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{94EA1610-420A-41C9-A3A1-55254F192C0B}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{97D37047-FDE3-4A94-BA9B-159EB3A23F4F}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{9B076A13-5728-4490-BD8C-4E9922970804}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{9BBB0FA8-DF8B-4017-8649-6A4A8BDBC32A}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{9BD4CD0E-02A0-48CE-B756-EECF510E3EDE}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{9EBEC680-5265-42D4-BF79-35625768EE81}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{A14106BF-6BC3-4914-8EAA-2923DE3951B5}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{A1A4A319-8E85-4EAB-97D8-815922A64510}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{A6E4FE88-F5B8-448B-9A86-5B2DFE2BC691}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{A932D149-054C-4731-9C60-0022DDE795F8}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{B0E3C5E2-E1CE-4F83-B1B5-AC61BEBA6352}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{B292D527-B519-4337-8368-0D18250D027D}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{B2A1A11F-EC7E-4583-8B16-2ED0F001DB9D}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{B359CD7E-4722-4A6A-9A00-81DB5F1B7723}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{B50CA2FE-292A-4AD5-9872-08968C7C0B5E}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{B658F08C-88DB-4FB4-9B71-9848354801C7}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{B6D466A9-DA62-47DB-85DC-5B906BDCA166}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{C23B157A-2E2F-4DBD-84BE-105972501280}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{C778B848-D3D9-407B-A4A4-38A7D240425E}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{CBEE7EC3-8353-466C-B5A6-B7FC6134C00A}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{CDDA0361-6331-4B1E-A8E7-BDFA59708288}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{CDE3D153-C3A6-4933-8C44-3CB014F7E66D}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{D7DC81D3-217C-4864-AA46-66E5D90212D2}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{DEC6A0CA-6B2A-48A9-9993-4FBD7E29A3F2}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{E3DC399C-911E-42CD-8394-64D4AC8C4F7F}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{E6C7DDC5-115C-4371-8739-C620ABDA7ACA}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{E823DEEF-5056-491F-B370-709CE66C4680}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{E88FD3F7-8E8E-4C6A-B315-8EA9A46E6688}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{EC921D07-0265-41D2-B66D-50DA1A1C8738}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{EEB9B04C-C582-4E05-9DE7-11086631D85E}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{F0CDB76C-6700-45B2-B4A0-D2C43BF29870}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{F35A0257-93B1-4FC4-845F-A61ACAF84279}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{F8096A97-3622-4BE4-AA3D-E37A0E694DAE}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{F96083B8-D32B-4BF3-A141-9FB55BD2C5CF}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{FFD7B05C-97FA-47D4-A1CE-65087CF58516}
---\\ Registry ( Key, Value, Data) (46)
DELETED: HKLM\SYSTEM\CurrentControlSet\Services\{9d5747ee-0448-4681-8337-1555de75a3b6}Gt [C:\Windows\System32\drivers\{9d5747ee-0448-4681-8337-1555de75a3b6}Gt.sys] (PUP.LinkiDoo)
DELETED: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{66F57190-01EB-45A6-8260-7895267209F7} [visualbee Helper Object] (Adware.VisualBeeToolbar)
DELETED: HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{610AF794-9293-4129-9FAF-A81BBDFBFA14} (Adware.VisualBeeToolbar)
DELETED: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}\\http://search.conduit.com/?ctid=CT3317742&o[...] [Conduit Search] (Toolbar.Conduit)
DELETED: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\NextLive [C:\Windows\system32\rundll32.exe "C:\Users\PRODUCTION3\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l] (PUP.NextLive)
DELETED: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Search Protection [C:\ProgramData\Search Protection\SearchProtection.exe] (PUP.SearchProtect)
DELETED: HKCR\CLSID\{3c471948-f874-49f5-b338-4f214a2ee0b1} [Conduit Community Alerts] (Toolbar.Conduit)
DELETED: HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{100EB1FD-D03E-47FD-81F3-EE91287F9465} [ShopperReports.dll] (Adware.ShopperReports)
DELETED: HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{258C9770-1713-4021-8D7E-1F184A2BD754} [ShoppingReport.dll] (Adware.ShoppingReport)
DELETED: HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B} [BabylonToolbar.dll] (PUP.Babylon)
DELETED: HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} [BabylonToolbar.dll] (PUP.Babylon)
DELETED: HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC} [BabylonToolbarTlbr.dll] (PUP.Babylon)
DELETED: HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939} [ShoppingReport.dll] (Adware.ShoppingReport)
DELETED: HKCU\SOFTWARE\SearchProtectINT (PUP.SearchProtect)
DELETED: HKLM\SOFTWARE\0892CCEA-3029-46F2-BD98-F3177431F5F8 (PUP.CrossRider)
DELETED: HKLM\SOFTWARE\CDDCF87A-3EAD-40C4-8099-34C6869D3E9D (PUP.CrossRider)
DELETED: HKCR\Prod.cap [] (PUP.ClaroSearch)
DELETED: HKCR\escort.escortIEPane [escortIEPane Object] (PUP.Babylon)
DELETED: HKCR\escort.escortIEPane.1 [escortIEPane Object] (PUP.Funmoods)
DELETED: HKCR\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5} [IMdt] (Adware.IMBooster)
DELETED: HKCR\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB} [IManager] (Adware.IMBooster)
DELETED: HKCR\AppID\esrv.EXE [] (PUP.Funmoods)
DELETED: HKCR\AppID\escort.dll [] (PUP.Babylon)
DELETED: HKCR\AppID\escortapp.dll [] (PUP.Babylon)
DELETED: HKCR\AppID\escorteng.dll [] (PUP.Babylon)
DELETED: HKCR\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D} [escortEng] (Adware.Funmoods)
DELETED: HKCR\Toolbar.CT3298581 (Toolbar.Conduit)
DELETED: HKCU\Software\BabSolution (Hijacker.BabSolution)
DELETED: HKCU\Software\DataMngr (PUP.Datamngr)
DELETED: HKCU\Software\globalUpdate (PUP.GlobalUpdate)
DELETED: HKCU\Software\iLivid (Adware.Bandoo)
DELETED: HKCU\Software\lollipop (Adware.Lollipop)
DELETED: HKCU\Software\Smartbar (Hijacker.SmartBar)
DELETED: HKCU\Software\Softonic (PUP.Softonic)
DELETED: HKCU\Software\usyndication.com (Trojan.USyndication)
DELETED: HKCU\Software\Visualbee (Adware.VisualBeeToolbar)
DELETED: HKCU\Software\YahooPartnerToolbar (Toolbar.YahooPartner)
DELETED: HKCU\Software\AppDataLow\Software\Conduit (Toolbar.Conduit)
DELETED: HKCU\Software\AppDataLow\Software\ConduitSearchScopes (Toolbar.Conduit)
DELETED: HKCU\Software\AppDataLow\Software\Crossrider (PUP.CrossRider)
DELETED: HKCU\Software\AppDataLow\Software\SmartBar (Hijacker.SmartBar)
DELETED: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyPC Backup (PUP.MyPCBackup)
DELETED: HKLM\SOFTWARE\Conduit (Toolbar.Conduit)
DELETED: HKLM\SOFTWARE\DataMngr (PUP.Datamngr)
DELETED: HKLM\SOFTWARE\Systweak (PUP.Systweak)
DELETED: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00EFC7C02E777BC4B80F44ACFEC4E830 [C:\Perl\lib\auto\ExtUtils\] (PUP.Manager)
---\\ Result of repair
~ Repair carried out successfully
~ Browser not found (Opera Software)
~ Repair canceled by the user (Mozilla Firefox)
~ Repair canceled by the user (Internet Explorer)
End of clean at 07:40:37
Tout n'a pas été enleve. J'ai toujours ceci:
http://cdn.downloadcocci.com/...
et ceci:
http://xgpzz.super-promo.baitstream.biz/?sov=63634301&hid=bpbhfdjtlnbrr&noalert=1&nodl=nodl&redid=6961&id=XNSX.730522079%3A%3Anotrefamille.com-r6961
qui ouvrent toujours de nouvelles fenêtres ...
Y a un moyen de s'en débarrasser aussi ?
~ ZHPCleaner v2014.12.6.247 by Nicolas Coolman (06/12/2014)
~ Run by PRODUCTION3 (Administrator) (07/12/2014 20:53:16)
~ Forum : https://nicolascoolman.eu
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Scan
~ Report : C:\Users\PRODUCTION3\Desktop\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\PRODUCTION3\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Windows VISTA, 32-bit Service Pack 2 (Build 6002)
---\\ Services (0)
~ No malicious items found.
---\\ Browser internet (23)
FOUND Proxy: ProxyOverride ( <-loopback> )
FOUND IE Params: Tabs ( res://ieframe.dll/tabswelcome.htm )
FOUND: [rdz9sgsg.default-1357946019014] - user_pref("browser.search.order.1", "Ask.com"); (PUP.Babylon)
FOUND: [rdz9sgsg.default-1357946019014] - user_pref("extensions.crossrider.bic", "1471b092b1481235fcfecf21f8fea3c6"); (PUP.CrossRider)
FOUND: [rdz9sgsg.default-1357946019014] - user_pref("extensions.visualbee.admin", false); (Adware.VisualBeeToolbar)
FOUND: [rdz9sgsg.default-1357946019014] - user_pref("extensions.visualbee.aflt", "babsst"); (Adware.VisualBeeToolbar)
FOUND: [rdz9sgsg.default-1357946019014] - user_pref("extensions.visualbee.appId", "{9C69AD01-2505-4FA3-BF08-38DCFB0BF6B3}"); (Adware.VisualBeeToolbar)
FOUND: [rdz9sgsg.default-1357946019014] - user_pref("extensions.visualbee.autoRvrt", "false"); (Adware.VisualBeeToolbar)
FOUND: [rdz9sgsg.default-1357946019014] - user_pref("extensions.visualbee.dfltLng", "en"); (Adware.VisualBeeToolbar)
FOUND: [rdz9sgsg.default-1357946019014] - user_pref("extensions.visualbee.excTlbr", false); (Adware.VisualBeeToolbar)
FOUND: [rdz9sgsg.default-1357946019014] - user_pref("extensions.visualbee.id", "2ab875fc00000000000000242cabbbac"); (Adware.VisualBeeToolbar)
FOUND: [rdz9sgsg.default-1357946019014] - user_pref("extensions.visualbee.instlDay", "15907"); (Adware.VisualBeeToolbar)
FOUND: [rdz9sgsg.default-1357946019014] - user_pref("extensions.visualbee.instlRef", "sst"); (Adware.VisualBeeToolbar)
FOUND: [rdz9sgsg.default-1357946019014] - user_pref("extensions.visualbee.newTab", false); (Adware.VisualBeeToolbar)
FOUND: [rdz9sgsg.default-1357946019014] - user_pref("extensions.visualbee.prdct", "visualbee"); (Adware.VisualBeeToolbar)
FOUND: [rdz9sgsg.default-1357946019014] - user_pref("extensions.visualbee.prtnrId", "visualbee"); (Adware.VisualBeeToolbar)
FOUND: [rdz9sgsg.default-1357946019014] - user_pref("extensions.visualbee.rvrt", "false"); (Adware.VisualBeeToolbar)
FOUND: [rdz9sgsg.default-1357946019014] - user_pref("extensions.visualbee.smplGrp", "none"); (Adware.VisualBeeToolbar)
FOUND: [rdz9sgsg.default-1357946019014] - user_pref("extensions.visualbee.tlbrId", "vbeeyh"); (Adware.VisualBeeToolbar)
FOUND: [rdz9sgsg.default-1357946019014] - user_pref("extensions.visualbee.tlbrSrchUrl", ""); (Adware.VisualBeeToolbar)
FOUND: [rdz9sgsg.default-1357946019014] - user_pref("extensions.visualbee.vrsn", "1.8.9.1"); (Adware.VisualBeeToolbar)
FOUND: [rdz9sgsg.default-1357946019014] - user_pref("extensions.visualbee.vrsnTs", "1.8.9.120:06:49"); (Adware.VisualBeeToolbar)
FOUND: [rdz9sgsg.default-1357946019014] - user_pref("extensions.visualbee.vrsni", "1.8.9.1"); (Adware.VisualBeeToolbar)
---\\ Hosts file (1)
~ The hosts file is legitimate (20)
---\\ Scheduled automatic tasks. (0)
~ No malicious items found.
---\\ Explorer ( File, Folder) (198)
FOUND file:C:\Windows\System32\drivers\{9d5747ee-0448-4681-8337-1555de75a3b6}Gt.sys [StdLib - StdLib] (PUP.LinkiDoo)
FOUND folder: C:\Program Files\0892CCEA-3029-46F2-BD98-F3177431F5F8 (PUP.CrossRider)
FOUND file: C:\Program Files\0892CCEA-3029-46F2-BD98-F3177431F5F8\64.ico (PUP.CrossRider)
FOUND file: C:\Program Files\0892CCEA-3029-46F2-BD98-F3177431F5F8\libeay32.dll [The OpenSSL Project, https://www.openssl.org/ - OpenSSL Shared Library] (PUP.CrossRider)
FOUND file: C:\Program Files\0892CCEA-3029-46F2-BD98-F3177431F5F8\nfapi.dll (PUP.CrossRider)
FOUND file: C:\Program Files\0892CCEA-3029-46F2-BD98-F3177431F5F8\nfregdrv.exe (PUP.CrossRider)
FOUND file: C:\Program Files\0892CCEA-3029-46F2-BD98-F3177431F5F8\ProtocolFilters.dll (PUP.CrossRider)
FOUND file: C:\Program Files\0892CCEA-3029-46F2-BD98-F3177431F5F8\ssleay32.dll [The OpenSSL Project, https://www.openssl.org/ - OpenSSL Shared Library] (PUP.CrossRider)
FOUND file: C:\Program Files\0892CCEA-3029-46F2-BD98-F3177431F5F8\xtloowpkjv.exe (PUP.CrossRider)
FOUND: C:\Users\PRODUCTION3\AppData\Roaming\Mozilla\Firefox\Profiles\rdz9sgsg.default-1357946019014\searchplugins\babylon.xml [] (PUP.Babylon)
FOUND: C:\Users\PRODUCTION3\AppData\Roaming\Mozilla\Firefox\Profiles\rdz9sgsg.default-1357946019014\searchplugins\visualbee.xml [] (Adware.VisualBeeToolbar)
FOUND file:C:\ProgramData\Search Protection\SearchProtection.exe [Visicom Media Inc. - Search Protection] (PUP.SearchProtect)
FOUND file:C:\Windows\Tasks\RegRocket Update.job (PUP.RockTurner)
FOUND: C:\Program Files\003 (Adware.AdPeak)
FOUND: C:\Program Files\003\vxlsnyaiet32.exe [ - ] (Adware.AdPeak)
FOUND: C:\Program Files\globalUpdate (PUP.GlobalUpdate)
FOUND: C:\Program Files\globalUpdate\CrashReports [ - ] (PUP.GlobalUpdate)
FOUND: C:\Program Files\HiDefMedia (PUP.HiDefMedia)
FOUND: C:\Program Files\HiDefMedia\HiDefMedia [ - ] (PUP.HiDefMedia)
FOUND: C:\Program Files\Mobogenie (PUP.Mobogenie)
FOUND: C:\Program Files\Mobogenie\nengine.dll [NewNextDotMe - NewNext Helper Engine] (PUP.Mobogenie)
FOUND: C:\Program Files\Mobogenie\ok.htm [ - ] (PUP.Mobogenie)
FOUND: C:\Program Files\SupraSavings (PUP.SupraSavings)
FOUND: C:\Program Files\SupraSavings\SSL [ - ] (PUP.SupraSavings)
FOUND: C:\Program Files\Uninstaller (PUP.RandomSoftware)
FOUND: C:\Program Files\Uninstaller\Uninstall.exe [Copyright © 2013 - DomaUninstaller] (PUP.RandomSoftware)
FOUND: C:\Program Files\Uninstaller\Uninstall.xml [ - ] (PUP.RandomSoftware)
FOUND: C:\Program Files\003 (Adware.AdPeak)
FOUND: C:\Program Files\003\vxlsnyaiet32.exe [ - ] (Adware.AdPeak)
FOUND: C:\Program Files\globalUpdate (PUP.GlobalUpdate)
FOUND: C:\Program Files\globalUpdate\CrashReports [ - ] (PUP.GlobalUpdate)
FOUND: C:\Program Files\HiDefMedia (PUP.HiDefMedia)
FOUND: C:\Program Files\HiDefMedia\HiDefMedia [ - ] (PUP.HiDefMedia)
FOUND: C:\Program Files\Mobogenie (PUP.Mobogenie)
FOUND: C:\Program Files\Mobogenie\nengine.dll [NewNextDotMe - NewNext Helper Engine] (PUP.Mobogenie)
FOUND: C:\Program Files\Mobogenie\ok.htm [ - ] (PUP.Mobogenie)
FOUND: C:\Program Files\SupraSavings (PUP.SupraSavings)
FOUND: C:\Program Files\SupraSavings\SSL [ - ] (PUP.SupraSavings)
FOUND: C:\Program Files\Uninstaller (PUP.RandomSoftware)
FOUND: C:\Program Files\Uninstaller\Uninstall.exe [Copyright © 2013 - DomaUninstaller] (PUP.RandomSoftware)
FOUND: C:\Program Files\Uninstaller\Uninstall.xml [ - ] (PUP.RandomSoftware)
FOUND: C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1 (PUP.CrossRider)
FOUND: C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1\x86 [ - ] (PUP.CrossRider)
FOUND: C:\ProgramData\Babylon (PUP.Babylon)
FOUND: C:\ProgramData\Babylon (PUP.Babylon)
FOUND: C:\ProgramData\RegRocket Software (PUP.RockTurner)
FOUND: C:\ProgramData\RegRocket Software\RegRocket [ - ] (PUP.RockTurner)
FOUND: C:\ProgramData\VisualBee (Adware.VisualBeeToolbar)
FOUND: C:\ProgramData\VisualBee\VisualBeeDB.exe [ - ] (Adware.VisualBeeToolbar)
FOUND: C:\ProgramData\VisualBee\VisualBeeSoftware.exe [ - ] (Adware.VisualBeeToolbar)
FOUND: C:\Users\PRODUCTION3\AppData\Roaming\BabSolution (Hijacker.BabSolution)
FOUND: C:\Users\PRODUCTION3\AppData\Roaming\BabSolution\Shared [ - ] (Hijacker.BabSolution)
FOUND: C:\Users\PRODUCTION3\AppData\Roaming\Babylon (PUP.Babylon)
FOUND: C:\Users\PRODUCTION3\AppData\Roaming\Babylon\log_file.txt [ - ] (PUP.Babylon)
FOUND: C:\Users\PRODUCTION3\AppData\Roaming\newnext.me (PUP.NextLive)
FOUND: C:\Users\PRODUCTION3\AppData\Roaming\newnext.me\cache [ - ] (PUP.NextLive)
FOUND: C:\Users\PRODUCTION3\AppData\Roaming\newnext.me\nengine.cookie [ - ] (PUP.NextLive)
FOUND: C:\Users\PRODUCTION3\AppData\Roaming\newnext.me\nengine.dll [NewNextDotMe - NewNext Helper Engine] (PUP.NextLive)
FOUND: C:\Users\PRODUCTION3\AppData\Roaming\RegRocket Software (PUP.RockTurner)
FOUND: C:\Users\PRODUCTION3\AppData\Roaming\RegRocket Software\RegRocket [ - ] (PUP.RockTurner)
FOUND: C:\Users\PRODUCTION3\AppData\Roaming\Systweak (PUP.Systweak)
FOUND: C:\Users\PRODUCTION3\AppData\Roaming\visualbee (Adware.VisualBeeToolbar)
FOUND: C:\Users\PRODUCTION3\AppData\Roaming\visualbee\sqlite3.dll [Edmunt Pienkowsky - LiteX Automation] (Adware.VisualBeeToolbar)
FOUND: C:\Users\PRODUCTION3\SkyDrive\Documents\Documents\Mobogenie (PUP.Mobogenie)
FOUND: C:\Users\PRODUCTION3\SkyDrive\Documents\Documents\Optimizer Pro (PUP.OptimizerPro)
FOUND: C:\Users\PRODUCTION3\SkyDrive\Documents\Documents\Optimizer Pro\CookiesException.txt [ - ] (PUP.OptimizerPro)
FOUND: C:\Users\PRODUCTION3\AppData\Local\Babylon (PUP.Babylon)
FOUND: C:\Users\PRODUCTION3\AppData\Local\Babylon\Setup [ - ] (PUP.Babylon)
FOUND: C:\Users\PRODUCTION3\AppData\Local\genienext (PUP.NextLive)
FOUND: C:\Users\PRODUCTION3\AppData\Local\genienext\nengine.dll [NewNextDotMe - NewNext Helper Engine] (PUP.NextLive)
FOUND: C:\Users\PRODUCTION3\AppData\Local\globalUpdate (PUP.GlobalUpdate)
FOUND: C:\Users\PRODUCTION3\AppData\Local\globalUpdate\CrashReports [ - ] (PUP.GlobalUpdate)
FOUND: C:\Users\PRODUCTION3\AppData\Local\Lollipop (Adware.Lollipop)
FOUND: C:\Users\PRODUCTION3\AppData\Local\Mobogenie (PUP.Mobogenie)
FOUND: C:\Users\PRODUCTION3\AppData\Local\Mobogenie\backup [ - ] (PUP.Mobogenie)
FOUND: C:\Users\PRODUCTION3\AppData\Local\Mobogenie\client.time [ - ] (PUP.Mobogenie)
FOUND: C:\Users\PRODUCTION3\AppData\Local\Mobogenie\damo.time [ - ] (PUP.Mobogenie)
FOUND: C:\Users\PRODUCTION3\AppData\Local\Mobogenie\Data [ - ] (PUP.Mobogenie)
FOUND: C:\Users\PRODUCTION3\AppData\Local\Mobogenie\device [ - ] (PUP.Mobogenie)
FOUND: C:\Users\PRODUCTION3\AppData\Local\Mobogenie\Download [ - ] (PUP.Mobogenie)
FOUND: C:\Users\PRODUCTION3\AppData\Local\Mobogenie\driver [ - ] (PUP.Mobogenie)
FOUND: C:\Users\PRODUCTION3\AppData\Local\Mobogenie\mobo.uuid [ - ] (PUP.Mobogenie)
FOUND: C:\Users\PRODUCTION3\AppData\Local\Mobogenie\Source.mu [ - ] (PUP.Mobogenie)
FOUND: C:\Users\PRODUCTION3\AppData\Local\Mobogenie\updatepop.time [ - ] (PUP.Mobogenie)
FOUND: C:\Users\PRODUCTION3\AppData\Local\Mobogenie\Version [ - ] (PUP.Mobogenie)
FOUND: C:\Users\PRODUCTION3\AppData\Local\VisualBeeExe (Adware.VisualBeeToolbar)
FOUND: C:\Windows\System32\Drivers\{9d5747ee-0448-4681-8337-1555de75a3b6}Gt.sys (PUP.LinkiDoo)
FOUND: C:\Windows\system32\Drivers\{9d5747ee-0448-4681-8337-1555de75a3b6}Gt.sys (PUP.LinkiDoo)
FOUND: C:\Users\PRODUCTION3\Downloads\iLividSetup-r312-n-bc (1).exe (Adware.Bandoo)
FOUND: C:\Users\PRODUCTION3\Downloads\iLividSetup-r312-n-bc.exe (Adware.Bandoo)
FOUND: C:\Users\PRODUCTION3\Downloads\iLividSetup-r679-n-bc (1).exe (Adware.Bandoo)
FOUND: C:\Users\PRODUCTION3\Downloads\iLividSetup-r679-n-bc.exe (Adware.Bandoo)
FOUND: C:\Users\PRODUCTION3\Downloads\iLividSetup.exe (Adware.Bandoo)
FOUND: C:\Users\PRODUCTION3\Downloads\SoftonicDownloader_pour_bad-piggies.exe (PUP.Softonic)
FOUND: C:\Users\PRODUCTION3\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.re-markable00.re-markable.net_0.localstorage (PUP.Re-Markable)
FOUND: C:\Users\PRODUCTION3\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.re-markable00.re-markable.net_0.localstorage-journal (PUP.Re-Markable)
FOUND: C:\Users\PRODUCTION3\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage (PUP.SpecialSavings)
FOUND: C:\Users\PRODUCTION3\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal (PUP.SpecialSavings)
FOUND: C:\Users\PRODUCTION3\Downloads\FlashPlayerPro.exe [AirInstaller ] (Adware.AirInstaller)
FOUND: C:\Users\PRODUCTION3\Downloads\iLividSetup-r312-n-bc (1).exe [Bandoo Media Inc] (Adware.Bandoo)
FOUND: C:\Users\PRODUCTION3\Downloads\iLividSetup-r312-n-bc.exe [Bandoo Media Inc] (Adware.Bandoo)
FOUND: C:\Users\PRODUCTION3\Downloads\iLividSetup-r679-n-bc (1).exe [Bandoo Media Inc] (Adware.Bandoo)
FOUND: C:\Users\PRODUCTION3\Downloads\iLividSetup-r679-n-bc.exe [Bandoo Media Inc] (Adware.Bandoo)
FOUND: C:\Users\PRODUCTION3\Downloads\iLividSetup.exe [Bandoo Media Inc] (Adware.Bandoo)
FOUND: C:\Users\PRODUCTION3\Downloads\MalwareRemover_WIN.exe [Enigma Software Group USA, LLC.] (PUP.EnigmaSoftware)
FOUND: C:\END [ - ] (Toolbar.Conduit)
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{01422321-E1F1-456D-9257-0A9ADA0763CD}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{027C5493-FF56-4D49-AE23-561D8157FBDF}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{060FDD70-DBB9-4537-A76F-4FCCA3A91F4C}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{0806A522-B76A-4190-83C3-F1FC9418348B}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{0A0DCCD7-E697-442E-A33E-9D1F371F140C}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{0B5B0D10-0724-4281-9554-24D675CBC158}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{0BC3AE53-0A4D-4795-8F92-A1E155FDD659}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{0D7C578F-EECE-42C4-A442-275AFA703069}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{0E350A79-0A6E-4ED0-B9DC-28088DC345AA}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{10E55FC0-77F0-40C0-B6C6-7462500CC6AD}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{1361902E-1841-4105-B821-C9F597F91911}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{138B2023-8B2A-4A88-AF94-3ED6E1A7190F}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{269992D7-5501-4BFF-BA33-F291B89D0440}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{273F0494-4036-4477-872C-40BC2FA78905}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{29E43EAB-F470-4224-9B2F-BBA9C8779C9D}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{2AF24D86-FE24-4821-A00D-5F7578B3ABCF}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{2CA35716-F60B-484D-8946-A2B9DCE903B1}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{2E0C2BD9-0798-4DEC-BCF6-D16F672B1EDC}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{329203E4-E08C-444E-81D2-CE038EB6F209}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{386D11A8-F63F-4D1B-B8EF-D317D62327C1}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{40A39B4E-E727-4940-9FF8-FC5CD02D6415}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{441140CF-BA40-419F-BFCE-EFD635EAF705}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{48ECC6D9-27F3-4C9C-BF70-FA7F303B563D}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{51B3550A-F93E-4CFA-8B2E-EECAF99E78F9}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{5781D83E-5F07-43D8-924C-3686341E06AB}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{57E69B10-164F-4DF8-BA3F-BD986BA2D8CB}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{58B3E132-A615-4980-9588-897CDF0CD32A}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{59FE8121-DAD7-49B6-BEEA-654CF2CFBC44}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{5A5E0DAA-7F78-47A2-B44C-EB75B304805D}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{5A960BD3-9FC1-42D7-8F8F-242ADC8610F9}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{5AFABC40-135C-4D36-A42D-EA4B3161A7C6}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{5BE4CC55-325B-49B7-BD2A-D048812754CB}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{6476CB52-F272-41DE-818E-012212248377}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{67FDCAF4-34A2-4A8D-81B3-D8476B5214D8}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{684C3485-BB82-4693-9138-2CD93B7385B7}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{6A69B801-84FA-4DE4-A523-9D083D19541D}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{6D3B0EB9-82E8-4864-AD95-7D0C66B6AB31}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{6D64B8C7-8FC5-49A6-8A5B-BB079DCA670C}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{6EC99BD0-F35A-4FB9-A884-7F22874AC454}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{70384F0D-CF63-4FAC-8672-61DF9FAD8090}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{7169FB25-5C85-4017-91F0-341917D1E825}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{7303DB8E-CEFE-41CC-BF57-B53CD0784FFA}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{75006DE4-EF2A-4F01-A9B6-449FB7905373}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{79380866-E67E-42CF-9A46-7B6057E94141}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{7C7ED029-B0D9-494A-82E3-9F40DCE7EAAE}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{7F7B384B-4457-4DCA-BFBE-43A286159CB9}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{7F82FBD9-9BE8-46EE-83F7-8B8303870526}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{7FC5DC93-FA3D-4C19-9873-A7A490584C46}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{80BE886D-C756-44C8-9A10-70C844649582}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{80CD66B9-C9D5-4F16-8E70-DB6FA0C9AB51}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{84EE8A04-8C13-4F1A-BA96-90CBFD1A2608}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{852B0132-B90E-48F6-B7B6-DBF1732D75C6}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{8BDC6B83-B9A2-4781-83CA-6D90D835C5B5}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{8D01DC30-BEF8-49AB-A0FF-DAA5AF13BDE9}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{913E111A-FFD6-40DE-AD94-C49EF8D9E42F}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{918238EA-6C64-4F93-98ED-5A9678AC24DE}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{91DEF082-C6B5-4A9B-8059-CFF6D6D1CD22}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{94EA1610-420A-41C9-A3A1-55254F192C0B}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{97D37047-FDE3-4A94-BA9B-159EB3A23F4F}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{9B076A13-5728-4490-BD8C-4E9922970804}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{9BBB0FA8-DF8B-4017-8649-6A4A8BDBC32A}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{9BD4CD0E-02A0-48CE-B756-EECF510E3EDE}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{9EBEC680-5265-42D4-BF79-35625768EE81}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{A14106BF-6BC3-4914-8EAA-2923DE3951B5}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{A1A4A319-8E85-4EAB-97D8-815922A64510}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{A6E4FE88-F5B8-448B-9A86-5B2DFE2BC691}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{A932D149-054C-4731-9C60-0022DDE795F8}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{B0E3C5E2-E1CE-4F83-B1B5-AC61BEBA6352}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{B292D527-B519-4337-8368-0D18250D027D}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{B2A1A11F-EC7E-4583-8B16-2ED0F001DB9D}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{B359CD7E-4722-4A6A-9A00-81DB5F1B7723}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{B50CA2FE-292A-4AD5-9872-08968C7C0B5E}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{B658F08C-88DB-4FB4-9B71-9848354801C7}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{B6D466A9-DA62-47DB-85DC-5B906BDCA166}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{C23B157A-2E2F-4DBD-84BE-105972501280}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{C778B848-D3D9-407B-A4A4-38A7D240425E}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{CBEE7EC3-8353-466C-B5A6-B7FC6134C00A}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{CDDA0361-6331-4B1E-A8E7-BDFA59708288}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{CDE3D153-C3A6-4933-8C44-3CB014F7E66D}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{D7DC81D3-217C-4864-AA46-66E5D90212D2}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{DEC6A0CA-6B2A-48A9-9993-4FBD7E29A3F2}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{E3DC399C-911E-42CD-8394-64D4AC8C4F7F}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{E6C7DDC5-115C-4371-8739-C620ABDA7ACA}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{E823DEEF-5056-491F-B370-709CE66C4680}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{E88FD3F7-8E8E-4C6A-B315-8EA9A46E6688}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{EC921D07-0265-41D2-B66D-50DA1A1C8738}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{EEB9B04C-C582-4E05-9DE7-11086631D85E}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{F0CDB76C-6700-45B2-B4A0-D2C43BF29870}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{F35A0257-93B1-4FC4-845F-A61ACAF84279}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{F8096A97-3622-4BE4-AA3D-E37A0E694DAE}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{F96083B8-D32B-4BF3-A141-9FB55BD2C5CF}
FOUND [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{FFD7B05C-97FA-47D4-A1CE-65087CF58516}
---\\ Registry ( Key, Value, Data) (49)
FOUND: HKLM\SYSTEM\CurrentControlSet\Services\{9d5747ee-0448-4681-8337-1555de75a3b6}Gt [C:\Windows\System32\drivers\{9d5747ee-0448-4681-8337-1555de75a3b6}Gt.sys] (PUP.LinkiDoo)
FOUND: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{66F57190-01EB-45A6-8260-7895267209F7} [visualbee Helper Object] (Adware.VisualBeeToolbar)
FOUND TOOLBAR: HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{610AF794-9293-4129-9FAF-A81BBDFBFA14} (Adware.VisualBeeToolbar)
FOUND: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}\\http://search.conduit.com/?ctid=CT3317742&o[...] [Conduit Search] (Toolbar.Conduit)
FOUND RUN: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\NextLive [C:\Windows\system32\rundll32.exe "C:\Users\PRODUCTION3\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l] (PUP.NextLive)
FOUND RUN: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Search Protection [C:\ProgramData\Search Protection\SearchProtection.exe] (PUP.SearchProtect)
FOUND: HKCR\CLSID\{3c471948-f874-49f5-b338-4f214a2ee0b1} [Conduit Community Alerts] (Toolbar.Conduit)
FOUND: HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{100EB1FD-D03E-47FD-81F3-EE91287F9465} [ShopperReports.dll] (Adware.ShopperReports)
FOUND: HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{258C9770-1713-4021-8D7E-1F184A2BD754} [ShoppingReport.dll] (Adware.ShoppingReport)
FOUND: HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B} [BabylonToolbar.dll] (PUP.Babylon)
FOUND: HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} [BabylonToolbar.dll] (PUP.Babylon)
FOUND: HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC} [BabylonToolbarTlbr.dll] (PUP.Babylon)
FOUND: HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939} [ShoppingReport.dll] (Adware.ShoppingReport)
FOUND: HKCU\SOFTWARE\SearchProtectINT (PUP.SearchProtect)
FOUND: HKLM\SOFTWARE\0892CCEA-3029-46F2-BD98-F3177431F5F8 (PUP.CrossRider)
FOUND: HKLM\SOFTWARE\CDDCF87A-3EAD-40C4-8099-34C6869D3E9D (PUP.CrossRider)
FOUND: HKCR\Prod.cap [] (PUP.ClaroSearch)
FOUND: HKCR\escort.escortIEPane [escortIEPane Object] (PUP.Babylon)
FOUND: HKCR\escort.escortIEPane [escortIEPane Object] (PUP.Funmoods)
FOUND: HKCR\escort.escortIEPane.1 [escortIEPane Object] (PUP.Funmoods)
FOUND: HKCR\escort.escortIEPane.1 [escortIEPane Object] (PUP.Funmoods)
FOUND: HKCR\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5} [IMdt] (Adware.IMBooster)
FOUND: HKCR\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB} [IManager] (Adware.IMBooster)
FOUND: HKCR\AppID\esrv.EXE [] (PUP.Funmoods)
FOUND: HKCR\AppID\escort.dll [] (PUP.Babylon)
FOUND: HKCR\AppID\escortapp.dll [] (PUP.Babylon)
FOUND: HKCR\AppID\escorteng.dll [] (PUP.Babylon)
FOUND: HKCR\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D} [escortEng] (Adware.Funmoods)
FOUND: HKCR\Toolbar.CT3298581 (Toolbar.Conduit)
FOUND: HKCU\Software\BabSolution (Hijacker.BabSolution)
FOUND: HKCU\Software\DataMngr (PUP.Datamngr)
FOUND: HKCU\Software\globalUpdate (PUP.GlobalUpdate)
FOUND: HKCU\Software\iLivid (Adware.Bandoo)
FOUND: HKCU\Software\lollipop (Adware.Lollipop)
FOUND: HKCU\Software\SearchProtectINT (PUP.SearchProtect)
FOUND: HKCU\Software\Smartbar (Hijacker.SmartBar)
FOUND: HKCU\Software\Softonic (PUP.Softonic)
FOUND: HKCU\Software\usyndication.com (Trojan.USyndication)
FOUND: HKCU\Software\Visualbee (Adware.VisualBeeToolbar)
FOUND: HKCU\Software\YahooPartnerToolbar (Toolbar.YahooPartner)
FOUND: HKCU\Software\AppDataLow\Software\Conduit (Toolbar.Conduit)
FOUND: HKCU\Software\AppDataLow\Software\ConduitSearchScopes (Toolbar.Conduit)
FOUND: HKCU\Software\AppDataLow\Software\Crossrider (PUP.CrossRider)
FOUND: HKCU\Software\AppDataLow\Software\SmartBar (Hijacker.SmartBar)
FOUND: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyPC Backup (PUP.MyPCBackup)
FOUND: HKLM\SOFTWARE\Conduit (Toolbar.Conduit)
FOUND: HKLM\SOFTWARE\DataMngr (PUP.Datamngr)
FOUND: HKLM\SOFTWARE\Systweak (PUP.Systweak)
FOUND: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00EFC7C02E777BC4B80F44ACFEC4E830 [C:\Perl\lib\auto\ExtUtils\] (PUP.Manager)
---\\ Result of repair
~ Any repair made
~ Browser not found (Opera Software)
~ Repair canceled by the user (Mozilla Firefox)
~ Repair canceled by the user (Internet Explorer)
End of clean at 07:01:07
~ ZHPCleaner v2014.12.6.247 by Nicolas Coolman (06/12/2014)
~ Run by PRODUCTION3 (Administrator) (08/12/2014 07:12:11)
~ Forum : https://nicolascoolman.eu
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Repair
~ Report : C:\Users\PRODUCTION3\Desktop\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\PRODUCTION3\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Windows VISTA, 32-bit Service Pack 2 (Build 6002)
---\\ Services (0)
~ No malicious items found.
---\\ Browser internet (23)
REPLACED Proxy: ProxyOverride ( <-loopback> )
REPLACED IE Params: Tabs ( res://ieframe.dll/tabswelcome.htm )
REPLACED: [rdz9sgsg.default-1357946019014] - user_pref("browser.search.order.1", "Ask.com"); (PUP.Babylon)
REPLACED: [rdz9sgsg.default-1357946019014] - user_pref("extensions.crossrider.bic", "1471b092b1481235fcfecf21f8fea3c6"); (PUP.CrossRider)
REPLACED: [rdz9sgsg.default-1357946019014] - user_pref("extensions.visualbee.admin", false); (Adware.VisualBeeToolbar)
REPLACED: [rdz9sgsg.default-1357946019014] - user_pref("extensions.visualbee.aflt", "babsst"); (Adware.VisualBeeToolbar)
REPLACED: [rdz9sgsg.default-1357946019014] - user_pref("extensions.visualbee.appId", "{9C69AD01-2505-4FA3-BF08-38DCFB0BF6B3}"); (Adware.VisualBeeToolbar)
REPLACED: [rdz9sgsg.default-1357946019014] - user_pref("extensions.visualbee.autoRvrt", "false"); (Adware.VisualBeeToolbar)
REPLACED: [rdz9sgsg.default-1357946019014] - user_pref("extensions.visualbee.dfltLng", "en"); (Adware.VisualBeeToolbar)
REPLACED: [rdz9sgsg.default-1357946019014] - user_pref("extensions.visualbee.excTlbr", false); (Adware.VisualBeeToolbar)
REPLACED: [rdz9sgsg.default-1357946019014] - user_pref("extensions.visualbee.id", "2ab875fc00000000000000242cabbbac"); (Adware.VisualBeeToolbar)
REPLACED: [rdz9sgsg.default-1357946019014] - user_pref("extensions.visualbee.instlDay", "15907"); (Adware.VisualBeeToolbar)
REPLACED: [rdz9sgsg.default-1357946019014] - user_pref("extensions.visualbee.instlRef", "sst"); (Adware.VisualBeeToolbar)
REPLACED: [rdz9sgsg.default-1357946019014] - user_pref("extensions.visualbee.newTab", false); (Adware.VisualBeeToolbar)
REPLACED: [rdz9sgsg.default-1357946019014] - user_pref("extensions.visualbee.prdct", "visualbee"); (Adware.VisualBeeToolbar)
REPLACED: [rdz9sgsg.default-1357946019014] - user_pref("extensions.visualbee.prtnrId", "visualbee"); (Adware.VisualBeeToolbar)
REPLACED: [rdz9sgsg.default-1357946019014] - user_pref("extensions.visualbee.rvrt", "false"); (Adware.VisualBeeToolbar)
REPLACED: [rdz9sgsg.default-1357946019014] - user_pref("extensions.visualbee.smplGrp", "none"); (Adware.VisualBeeToolbar)
REPLACED: [rdz9sgsg.default-1357946019014] - user_pref("extensions.visualbee.tlbrId", "vbeeyh"); (Adware.VisualBeeToolbar)
REPLACED: [rdz9sgsg.default-1357946019014] - user_pref("extensions.visualbee.tlbrSrchUrl", ""); (Adware.VisualBeeToolbar)
REPLACED: [rdz9sgsg.default-1357946019014] - user_pref("extensions.visualbee.vrsn", "1.8.9.1"); (Adware.VisualBeeToolbar)
REPLACED: [rdz9sgsg.default-1357946019014] - user_pref("extensions.visualbee.vrsnTs", "1.8.9.120:06:49"); (Adware.VisualBeeToolbar)
REPLACED: [rdz9sgsg.default-1357946019014] - user_pref("extensions.visualbee.vrsni", "1.8.9.1"); (Adware.VisualBeeToolbar)
---\\ Hosts file (1)
~ The hosts file is legitimate (20)
---\\ Scheduled automatic tasks. (0)
~ No malicious items found.
---\\ Explorer ( File, Folder) (166)
MOVED file: C:\Windows\System32\drivers\{9d5747ee-0448-4681-8337-1555de75a3b6}Gt.sys [StdLib - StdLib] (PUP.LinkiDoo)
MOVED folder: C:\Program Files\0892CCEA-3029-46F2-BD98-F3177431F5F8 (PUP.CrossRider)
MOVED: C:\Users\PRODUCTION3\AppData\Roaming\Mozilla\Firefox\Profiles\rdz9sgsg.default-1357946019014\searchplugins\babylon.xml [] (PUP.Babylon)
MOVED: C:\Users\PRODUCTION3\AppData\Roaming\Mozilla\Firefox\Profiles\rdz9sgsg.default-1357946019014\searchplugins\visualbee.xml [] (Adware.VisualBeeToolbar)
MOVED file: C:\ProgramData\Search Protection\SearchProtection.exe [Visicom Media Inc. - Search Protection] (PUP.SearchProtect)
MOVED file: C:\Windows\Tasks\RegRocket Update.job (PUP.RockTurner)
MOVED: C:\Program Files\003 (Adware.AdPeak)
MOVED: C:\Program Files\003\vxlsnyaiet32.exe [ - ] (Adware.AdPeak)
MOVED: C:\Program Files\globalUpdate (PUP.GlobalUpdate)
MOVED: C:\Program Files\globalUpdate\CrashReports [ - ] (PUP.GlobalUpdate)
MOVED: C:\Program Files\HiDefMedia (PUP.HiDefMedia)
MOVED: C:\Program Files\HiDefMedia\HiDefMedia [ - ] (PUP.HiDefMedia)
MOVED: C:\Program Files\Mobogenie (PUP.Mobogenie)
MOVED: C:\Program Files\Mobogenie\nengine.dll [ - ] (PUP.Mobogenie)
MOVED: C:\Program Files\Mobogenie\ok.htm [ - ] (PUP.Mobogenie)
MOVED: C:\Program Files\SupraSavings (PUP.SupraSavings)
MOVED: C:\Program Files\SupraSavings\SSL [ - ] (PUP.SupraSavings)
MOVED: C:\Program Files\Uninstaller (PUP.RandomSoftware)
MOVED: C:\Program Files\Uninstaller\Uninstall.exe [ - ] (PUP.RandomSoftware)
MOVED: C:\Program Files\Uninstaller\Uninstall.xml [ - ] (PUP.RandomSoftware)
MOVED: C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1 (PUP.CrossRider)
MOVED: C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1\x86 [ - ] (PUP.CrossRider)
MOVED: C:\ProgramData\Babylon (PUP.Babylon)
MOVED: C:\ProgramData\RegRocket Software (PUP.RockTurner)
MOVED: C:\ProgramData\RegRocket Software\RegRocket [ - ] (PUP.RockTurner)
MOVED: C:\ProgramData\VisualBee (Adware.VisualBeeToolbar)
MOVED: C:\ProgramData\VisualBee\VisualBeeDB.exe [ - ] (Adware.VisualBeeToolbar)
MOVED: C:\ProgramData\VisualBee\VisualBeeSoftware.exe [ - ] (Adware.VisualBeeToolbar)
MOVED: C:\Users\PRODUCTION3\AppData\Roaming\BabSolution (Hijacker.BabSolution)
MOVED: C:\Users\PRODUCTION3\AppData\Roaming\BabSolution\Shared [ - ] (Hijacker.BabSolution)
MOVED: C:\Users\PRODUCTION3\AppData\Roaming\Babylon (PUP.Babylon)
MOVED: C:\Users\PRODUCTION3\AppData\Roaming\Babylon\log_file.txt [ - ] (PUP.Babylon)
MOVED: C:\Users\PRODUCTION3\AppData\Roaming\newnext.me (PUP.NextLive)
MOVED: C:\Users\PRODUCTION3\AppData\Roaming\newnext.me\cache [ - ] (PUP.NextLive)
MOVED: C:\Users\PRODUCTION3\AppData\Roaming\newnext.me\nengine.cookie [ - ] (PUP.NextLive)
MOVED: C:\Users\PRODUCTION3\AppData\Roaming\newnext.me\nengine.dll [ - ] (PUP.NextLive)
MOVED: C:\Users\PRODUCTION3\AppData\Roaming\RegRocket Software (PUP.RockTurner)
MOVED: C:\Users\PRODUCTION3\AppData\Roaming\RegRocket Software\RegRocket [ - ] (PUP.RockTurner)
MOVED: C:\Users\PRODUCTION3\AppData\Roaming\Systweak (PUP.Systweak)
MOVED: C:\Users\PRODUCTION3\AppData\Roaming\visualbee (Adware.VisualBeeToolbar)
MOVED: C:\Users\PRODUCTION3\AppData\Roaming\visualbee\sqlite3.dll [ - ] (Adware.VisualBeeToolbar)
MOVED: C:\Users\PRODUCTION3\SkyDrive\Documents\Documents\Mobogenie (PUP.Mobogenie)
MOVED: C:\Users\PRODUCTION3\SkyDrive\Documents\Documents\Optimizer Pro (PUP.OptimizerPro)
MOVED: C:\Users\PRODUCTION3\SkyDrive\Documents\Documents\Optimizer Pro\CookiesException.txt [ - ] (PUP.OptimizerPro)
MOVED: C:\Users\PRODUCTION3\AppData\Local\Babylon (PUP.Babylon)
MOVED: C:\Users\PRODUCTION3\AppData\Local\Babylon\Setup [ - ] (PUP.Babylon)
MOVED: C:\Users\PRODUCTION3\AppData\Local\genienext (PUP.NextLive)
MOVED: C:\Users\PRODUCTION3\AppData\Local\genienext\nengine.dll [ - ] (PUP.NextLive)
MOVED: C:\Users\PRODUCTION3\AppData\Local\globalUpdate (PUP.GlobalUpdate)
MOVED: C:\Users\PRODUCTION3\AppData\Local\globalUpdate\CrashReports [ - ] (PUP.GlobalUpdate)
MOVED: C:\Users\PRODUCTION3\AppData\Local\Lollipop (Adware.Lollipop)
MOVED: C:\Users\PRODUCTION3\AppData\Local\Mobogenie (PUP.Mobogenie)
MOVED: C:\Users\PRODUCTION3\AppData\Local\Mobogenie\backup [ - ] (PUP.Mobogenie)
MOVED: C:\Users\PRODUCTION3\AppData\Local\Mobogenie\client.time [ - ] (PUP.Mobogenie)
MOVED: C:\Users\PRODUCTION3\AppData\Local\Mobogenie\damo.time [ - ] (PUP.Mobogenie)
MOVED: C:\Users\PRODUCTION3\AppData\Local\Mobogenie\Data [ - ] (PUP.Mobogenie)
MOVED: C:\Users\PRODUCTION3\AppData\Local\Mobogenie\device [ - ] (PUP.Mobogenie)
MOVED: C:\Users\PRODUCTION3\AppData\Local\Mobogenie\Download [ - ] (PUP.Mobogenie)
MOVED: C:\Users\PRODUCTION3\AppData\Local\Mobogenie\driver [ - ] (PUP.Mobogenie)
MOVED: C:\Users\PRODUCTION3\AppData\Local\Mobogenie\mobo.uuid [ - ] (PUP.Mobogenie)
MOVED: C:\Users\PRODUCTION3\AppData\Local\Mobogenie\Source.mu [ - ] (PUP.Mobogenie)
MOVED: C:\Users\PRODUCTION3\AppData\Local\Mobogenie\updatepop.time [ - ] (PUP.Mobogenie)
MOVED: C:\Users\PRODUCTION3\AppData\Local\Mobogenie\Version [ - ] (PUP.Mobogenie)
MOVED: C:\Users\PRODUCTION3\AppData\Local\VisualBeeExe (Adware.VisualBeeToolbar)
MOVED: C:\Users\PRODUCTION3\Downloads\iLividSetup-r312-n-bc (1).exe[Bandoo Media Inc] (Adware.Bandoo)
MOVED: C:\Users\PRODUCTION3\Downloads\iLividSetup-r312-n-bc.exe[Bandoo Media Inc] (Adware.Bandoo)
MOVED: C:\Users\PRODUCTION3\Downloads\iLividSetup-r679-n-bc (1).exe[Bandoo Media Inc] (Adware.Bandoo)
MOVED: C:\Users\PRODUCTION3\Downloads\iLividSetup-r679-n-bc.exe[Bandoo Media Inc] (Adware.Bandoo)
MOVED: C:\Users\PRODUCTION3\Downloads\iLividSetup.exe[Bandoo Media Inc] (Adware.Bandoo)
MOVED: C:\Users\PRODUCTION3\Downloads\SoftonicDownloader_pour_bad-piggies.exe[Softonic ] (PUP.Softonic)
MOVED: C:\Users\PRODUCTION3\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal[] (PUP.SpecialSavings)
MOVED: C:\Users\PRODUCTION3\Downloads\FlashPlayerPro.exe [AirInstaller ] (Adware.AirInstaller)
MOVED: C:\Users\PRODUCTION3\Downloads\MalwareRemover_WIN.exe [Enigma Software Group USA, LLC.] (PUP.EnigmaSoftware)
MOVED: C:\END [ - ] (Toolbar.Conduit)
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{01422321-E1F1-456D-9257-0A9ADA0763CD}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{027C5493-FF56-4D49-AE23-561D8157FBDF}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{060FDD70-DBB9-4537-A76F-4FCCA3A91F4C}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{0806A522-B76A-4190-83C3-F1FC9418348B}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{0A0DCCD7-E697-442E-A33E-9D1F371F140C}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{0B5B0D10-0724-4281-9554-24D675CBC158}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{0BC3AE53-0A4D-4795-8F92-A1E155FDD659}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{0D7C578F-EECE-42C4-A442-275AFA703069}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{0E350A79-0A6E-4ED0-B9DC-28088DC345AA}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{10E55FC0-77F0-40C0-B6C6-7462500CC6AD}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{1361902E-1841-4105-B821-C9F597F91911}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{138B2023-8B2A-4A88-AF94-3ED6E1A7190F}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{269992D7-5501-4BFF-BA33-F291B89D0440}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{273F0494-4036-4477-872C-40BC2FA78905}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{29E43EAB-F470-4224-9B2F-BBA9C8779C9D}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{2AF24D86-FE24-4821-A00D-5F7578B3ABCF}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{2CA35716-F60B-484D-8946-A2B9DCE903B1}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{2E0C2BD9-0798-4DEC-BCF6-D16F672B1EDC}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{329203E4-E08C-444E-81D2-CE038EB6F209}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{386D11A8-F63F-4D1B-B8EF-D317D62327C1}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{40A39B4E-E727-4940-9FF8-FC5CD02D6415}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{441140CF-BA40-419F-BFCE-EFD635EAF705}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{48ECC6D9-27F3-4C9C-BF70-FA7F303B563D}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{51B3550A-F93E-4CFA-8B2E-EECAF99E78F9}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{5781D83E-5F07-43D8-924C-3686341E06AB}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{57E69B10-164F-4DF8-BA3F-BD986BA2D8CB}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{58B3E132-A615-4980-9588-897CDF0CD32A}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{59FE8121-DAD7-49B6-BEEA-654CF2CFBC44}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{5A5E0DAA-7F78-47A2-B44C-EB75B304805D}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{5A960BD3-9FC1-42D7-8F8F-242ADC8610F9}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{5AFABC40-135C-4D36-A42D-EA4B3161A7C6}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{5BE4CC55-325B-49B7-BD2A-D048812754CB}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{6476CB52-F272-41DE-818E-012212248377}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{67FDCAF4-34A2-4A8D-81B3-D8476B5214D8}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{684C3485-BB82-4693-9138-2CD93B7385B7}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{6A69B801-84FA-4DE4-A523-9D083D19541D}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{6D3B0EB9-82E8-4864-AD95-7D0C66B6AB31}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{6D64B8C7-8FC5-49A6-8A5B-BB079DCA670C}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{6EC99BD0-F35A-4FB9-A884-7F22874AC454}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{70384F0D-CF63-4FAC-8672-61DF9FAD8090}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{7169FB25-5C85-4017-91F0-341917D1E825}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{7303DB8E-CEFE-41CC-BF57-B53CD0784FFA}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{75006DE4-EF2A-4F01-A9B6-449FB7905373}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{79380866-E67E-42CF-9A46-7B6057E94141}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{7C7ED029-B0D9-494A-82E3-9F40DCE7EAAE}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{7F7B384B-4457-4DCA-BFBE-43A286159CB9}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{7F82FBD9-9BE8-46EE-83F7-8B8303870526}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{7FC5DC93-FA3D-4C19-9873-A7A490584C46}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{80BE886D-C756-44C8-9A10-70C844649582}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{80CD66B9-C9D5-4F16-8E70-DB6FA0C9AB51}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{84EE8A04-8C13-4F1A-BA96-90CBFD1A2608}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{852B0132-B90E-48F6-B7B6-DBF1732D75C6}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{8BDC6B83-B9A2-4781-83CA-6D90D835C5B5}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{8D01DC30-BEF8-49AB-A0FF-DAA5AF13BDE9}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{913E111A-FFD6-40DE-AD94-C49EF8D9E42F}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{918238EA-6C64-4F93-98ED-5A9678AC24DE}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{91DEF082-C6B5-4A9B-8059-CFF6D6D1CD22}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{94EA1610-420A-41C9-A3A1-55254F192C0B}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{97D37047-FDE3-4A94-BA9B-159EB3A23F4F}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{9B076A13-5728-4490-BD8C-4E9922970804}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{9BBB0FA8-DF8B-4017-8649-6A4A8BDBC32A}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{9BD4CD0E-02A0-48CE-B756-EECF510E3EDE}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{9EBEC680-5265-42D4-BF79-35625768EE81}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{A14106BF-6BC3-4914-8EAA-2923DE3951B5}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{A1A4A319-8E85-4EAB-97D8-815922A64510}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{A6E4FE88-F5B8-448B-9A86-5B2DFE2BC691}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{A932D149-054C-4731-9C60-0022DDE795F8}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{B0E3C5E2-E1CE-4F83-B1B5-AC61BEBA6352}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{B292D527-B519-4337-8368-0D18250D027D}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{B2A1A11F-EC7E-4583-8B16-2ED0F001DB9D}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{B359CD7E-4722-4A6A-9A00-81DB5F1B7723}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{B50CA2FE-292A-4AD5-9872-08968C7C0B5E}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{B658F08C-88DB-4FB4-9B71-9848354801C7}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{B6D466A9-DA62-47DB-85DC-5B906BDCA166}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{C23B157A-2E2F-4DBD-84BE-105972501280}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{C778B848-D3D9-407B-A4A4-38A7D240425E}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{CBEE7EC3-8353-466C-B5A6-B7FC6134C00A}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{CDDA0361-6331-4B1E-A8E7-BDFA59708288}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{CDE3D153-C3A6-4933-8C44-3CB014F7E66D}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{D7DC81D3-217C-4864-AA46-66E5D90212D2}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{DEC6A0CA-6B2A-48A9-9993-4FBD7E29A3F2}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{E3DC399C-911E-42CD-8394-64D4AC8C4F7F}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{E6C7DDC5-115C-4371-8739-C620ABDA7ACA}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{E823DEEF-5056-491F-B370-709CE66C4680}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{E88FD3F7-8E8E-4C6A-B315-8EA9A46E6688}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{EC921D07-0265-41D2-B66D-50DA1A1C8738}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{EEB9B04C-C582-4E05-9DE7-11086631D85E}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{F0CDB76C-6700-45B2-B4A0-D2C43BF29870}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{F35A0257-93B1-4FC4-845F-A61ACAF84279}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{F8096A97-3622-4BE4-AA3D-E37A0E694DAE}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{F96083B8-D32B-4BF3-A141-9FB55BD2C5CF}
MOVED [Empty Folder]: C:\Users\PRODUCTION3\AppData\Local\{FFD7B05C-97FA-47D4-A1CE-65087CF58516}
---\\ Registry ( Key, Value, Data) (46)
DELETED: HKLM\SYSTEM\CurrentControlSet\Services\{9d5747ee-0448-4681-8337-1555de75a3b6}Gt [C:\Windows\System32\drivers\{9d5747ee-0448-4681-8337-1555de75a3b6}Gt.sys] (PUP.LinkiDoo)
DELETED: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{66F57190-01EB-45A6-8260-7895267209F7} [visualbee Helper Object] (Adware.VisualBeeToolbar)
DELETED: HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{610AF794-9293-4129-9FAF-A81BBDFBFA14} (Adware.VisualBeeToolbar)
DELETED: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}\\http://search.conduit.com/?ctid=CT3317742&o[...] [Conduit Search] (Toolbar.Conduit)
DELETED: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\NextLive [C:\Windows\system32\rundll32.exe "C:\Users\PRODUCTION3\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l] (PUP.NextLive)
DELETED: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Search Protection [C:\ProgramData\Search Protection\SearchProtection.exe] (PUP.SearchProtect)
DELETED: HKCR\CLSID\{3c471948-f874-49f5-b338-4f214a2ee0b1} [Conduit Community Alerts] (Toolbar.Conduit)
DELETED: HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{100EB1FD-D03E-47FD-81F3-EE91287F9465} [ShopperReports.dll] (Adware.ShopperReports)
DELETED: HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{258C9770-1713-4021-8D7E-1F184A2BD754} [ShoppingReport.dll] (Adware.ShoppingReport)
DELETED: HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B} [BabylonToolbar.dll] (PUP.Babylon)
DELETED: HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} [BabylonToolbar.dll] (PUP.Babylon)
DELETED: HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC} [BabylonToolbarTlbr.dll] (PUP.Babylon)
DELETED: HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939} [ShoppingReport.dll] (Adware.ShoppingReport)
DELETED: HKCU\SOFTWARE\SearchProtectINT (PUP.SearchProtect)
DELETED: HKLM\SOFTWARE\0892CCEA-3029-46F2-BD98-F3177431F5F8 (PUP.CrossRider)
DELETED: HKLM\SOFTWARE\CDDCF87A-3EAD-40C4-8099-34C6869D3E9D (PUP.CrossRider)
DELETED: HKCR\Prod.cap [] (PUP.ClaroSearch)
DELETED: HKCR\escort.escortIEPane [escortIEPane Object] (PUP.Babylon)
DELETED: HKCR\escort.escortIEPane.1 [escortIEPane Object] (PUP.Funmoods)
DELETED: HKCR\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5} [IMdt] (Adware.IMBooster)
DELETED: HKCR\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB} [IManager] (Adware.IMBooster)
DELETED: HKCR\AppID\esrv.EXE [] (PUP.Funmoods)
DELETED: HKCR\AppID\escort.dll [] (PUP.Babylon)
DELETED: HKCR\AppID\escortapp.dll [] (PUP.Babylon)
DELETED: HKCR\AppID\escorteng.dll [] (PUP.Babylon)
DELETED: HKCR\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D} [escortEng] (Adware.Funmoods)
DELETED: HKCR\Toolbar.CT3298581 (Toolbar.Conduit)
DELETED: HKCU\Software\BabSolution (Hijacker.BabSolution)
DELETED: HKCU\Software\DataMngr (PUP.Datamngr)
DELETED: HKCU\Software\globalUpdate (PUP.GlobalUpdate)
DELETED: HKCU\Software\iLivid (Adware.Bandoo)
DELETED: HKCU\Software\lollipop (Adware.Lollipop)
DELETED: HKCU\Software\Smartbar (Hijacker.SmartBar)
DELETED: HKCU\Software\Softonic (PUP.Softonic)
DELETED: HKCU\Software\usyndication.com (Trojan.USyndication)
DELETED: HKCU\Software\Visualbee (Adware.VisualBeeToolbar)
DELETED: HKCU\Software\YahooPartnerToolbar (Toolbar.YahooPartner)
DELETED: HKCU\Software\AppDataLow\Software\Conduit (Toolbar.Conduit)
DELETED: HKCU\Software\AppDataLow\Software\ConduitSearchScopes (Toolbar.Conduit)
DELETED: HKCU\Software\AppDataLow\Software\Crossrider (PUP.CrossRider)
DELETED: HKCU\Software\AppDataLow\Software\SmartBar (Hijacker.SmartBar)
DELETED: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyPC Backup (PUP.MyPCBackup)
DELETED: HKLM\SOFTWARE\Conduit (Toolbar.Conduit)
DELETED: HKLM\SOFTWARE\DataMngr (PUP.Datamngr)
DELETED: HKLM\SOFTWARE\Systweak (PUP.Systweak)
DELETED: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00EFC7C02E777BC4B80F44ACFEC4E830 [C:\Perl\lib\auto\ExtUtils\] (PUP.Manager)
---\\ Result of repair
~ Repair carried out successfully
~ Browser not found (Opera Software)
~ Repair canceled by the user (Mozilla Firefox)
~ Repair canceled by the user (Internet Explorer)
End of clean at 07:40:37
Tout n'a pas été enleve. J'ai toujours ceci:
http://cdn.downloadcocci.com/...
et ceci:
http://xgpzz.super-promo.baitstream.biz/?sov=63634301&hid=bpbhfdjtlnbrr&noalert=1&nodl=nodl&redid=6961&id=XNSX.730522079%3A%3Anotrefamille.com-r6961
qui ouvrent toujours de nouvelles fenêtres ...
Y a un moyen de s'en débarrasser aussi ?