Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Backdoor.win64.zaccess.bt


  • Please log in to reply
35 replies to this topic

#1 breqkfury

breqkfury

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:02:53 AM

Posted 31 August 2012 - 09:50 AM

Hello

my kaspersky keep saying that i am infected by Backdoor.win64.zaccess.bt, it remove it, but at every restart the virus is back on the computer so i can't do anything, i also can't enable firewall, windows update and windows defender!!!

What to do? help me please

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:53 AM

Posted 31 August 2012 - 09:55 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

Download

System look

Launch it,copy this script

:reg
HKEY_CLASSES_ROOT\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InprocServer32 /s

Click on LOOK,post the generated log

Edited by narenxp, 31 August 2012 - 09:56 AM.


#3 breqkfury

breqkfury
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:02:53 AM

Posted 31 August 2012 - 11:28 AM

Hello :)

TDSSKiller LOG

16:57:21.0515 2108 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
16:57:21.0605 2108 ============================================================
16:57:21.0605 2108 Current date / time: 2012/08/31 16:57:21.0605
16:57:21.0605 2108 SystemInfo:
16:57:21.0605 2108
16:57:21.0605 2108 OS Version: 6.1.7601 ServicePack: 1.0
16:57:21.0605 2108 Product type: Workstation
16:57:21.0605 2108 ComputerName: FRANCOISE-PC
16:57:21.0605 2108 UserName: Francoise
16:57:21.0605 2108 Windows directory: C:\Windows
16:57:21.0605 2108 System windows directory: C:\Windows
16:57:21.0605 2108 Running under WOW64
16:57:21.0605 2108 Processor architecture: Intel x64
16:57:21.0605 2108 Number of processors: 4
16:57:21.0605 2108 Page size: 0x1000
16:57:21.0605 2108 Boot type: Normal boot
16:57:21.0605 2108 ============================================================
16:57:22.0775 2108 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:57:22.0778 2108 ============================================================
16:57:22.0778 2108 \Device\Harddisk0\DR0:
16:57:22.0778 2108 MBR partitions:
16:57:22.0778 2108 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
16:57:22.0778 2108 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
16:57:22.0778 2108 ============================================================
16:57:22.0818 2108 C: <-> \Device\Harddisk0\DR0\Partition2
16:57:22.0818 2108 ============================================================
16:57:22.0819 2108 Initialize success
16:57:22.0819 2108 ============================================================
16:57:33.0155 0732 ============================================================
16:57:33.0155 0732 Scan started
16:57:33.0155 0732 Mode: Manual; TDLFS;
16:57:33.0155 0732 ============================================================
16:57:34.0385 0732 ================ Scan system memory ========================
16:57:34.0385 0732 System memory - ok
16:57:34.0386 0732 ================ Scan services =============================
16:57:34.0480 0732 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
16:57:34.0482 0732 1394ohci - ok
16:57:34.0493 0732 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
16:57:34.0496 0732 ACPI - ok
16:57:34.0513 0732 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
16:57:34.0514 0732 AcpiPmi - ok
16:57:34.0598 0732 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:57:34.0599 0732 AdobeFlashPlayerUpdateSvc - ok
16:57:34.0630 0732 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
16:57:34.0634 0732 adp94xx - ok
16:57:34.0659 0732 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
16:57:34.0662 0732 adpahci - ok
16:57:34.0674 0732 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
16:57:34.0675 0732 adpu320 - ok
16:57:34.0691 0732 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:57:34.0692 0732 AeLookupSvc - ok
16:57:34.0729 0732 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
16:57:34.0733 0732 AFD - ok
16:57:34.0753 0732 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
16:57:34.0754 0732 agp440 - ok
16:57:34.0774 0732 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
16:57:34.0775 0732 ALG - ok
16:57:34.0787 0732 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
16:57:34.0788 0732 aliide - ok
16:57:34.0790 0732 ALSysIO - ok
16:57:34.0833 0732 [ 20C8A3E435A47F0408A1EA674AFA6194 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
16:57:34.0835 0732 AMD External Events Utility - ok
16:57:34.0838 0732 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
16:57:34.0839 0732 amdide - ok
16:57:34.0856 0732 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
16:57:34.0857 0732 AmdK8 - ok
16:57:34.0995 0732 [ 0B45C18B0F3EE996D25BAA4E74884B83 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
16:57:35.0114 0732 amdkmdag - ok
16:57:35.0136 0732 [ 0E57258E5CC4CC7A9A9A877AFDF0CEC6 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
16:57:35.0139 0732 amdkmdap - ok
16:57:35.0155 0732 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
16:57:35.0156 0732 AmdPPM - ok
16:57:35.0187 0732 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
16:57:35.0188 0732 amdsata - ok
16:57:35.0209 0732 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
16:57:35.0211 0732 amdsbs - ok
16:57:35.0228 0732 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
16:57:35.0229 0732 amdxata - ok
16:57:35.0245 0732 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
16:57:35.0249 0732 AppID - ok
16:57:35.0273 0732 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
16:57:35.0273 0732 AppIDSvc - ok
16:57:35.0278 0732 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
16:57:35.0279 0732 Appinfo - ok
16:57:35.0293 0732 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
16:57:35.0294 0732 arc - ok
16:57:35.0308 0732 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
16:57:35.0310 0732 arcsas - ok
16:57:35.0388 0732 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:57:35.0389 0732 aspnet_state - ok
16:57:35.0407 0732 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
16:57:35.0407 0732 AsyncMac - ok
16:57:35.0412 0732 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
16:57:35.0412 0732 atapi - ok
16:57:35.0449 0732 [ 24464B908E143D2561E9E452FEE97309 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
16:57:35.0450 0732 AtiHDAudioService - ok
16:57:35.0475 0732 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:57:35.0481 0732 AudioEndpointBuilder - ok
16:57:35.0488 0732 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
16:57:35.0491 0732 AudioSrv - ok
16:57:35.0503 0732 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
16:57:35.0505 0732 AxInstSV - ok
16:57:35.0522 0732 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
16:57:35.0526 0732 b06bdrv - ok
16:57:35.0550 0732 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
16:57:35.0553 0732 b57nd60a - ok
16:57:35.0570 0732 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
16:57:35.0571 0732 BDESVC - ok
16:57:35.0580 0732 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
16:57:35.0580 0732 Beep - ok
16:57:35.0625 0732 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
16:57:35.0631 0732 BFE - ok
16:57:35.0650 0732 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
16:57:35.0656 0732 blbdrive - ok
16:57:35.0692 0732 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:57:35.0693 0732 bowser - ok
16:57:35.0704 0732 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
16:57:35.0704 0732 BrFiltLo - ok
16:57:35.0715 0732 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
16:57:35.0715 0732 BrFiltUp - ok
16:57:35.0734 0732 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\Windows\System32\browser.dll
16:57:35.0736 0732 Browser - ok
16:57:35.0748 0732 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
16:57:35.0751 0732 Brserid - ok
16:57:35.0760 0732 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
16:57:35.0760 0732 BrSerWdm - ok
16:57:35.0775 0732 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
16:57:35.0776 0732 BrUsbMdm - ok
16:57:35.0778 0732 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
16:57:35.0779 0732 BrUsbSer - ok
16:57:35.0793 0732 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
16:57:35.0794 0732 BTHMODEM - ok
16:57:35.0806 0732 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
16:57:35.0807 0732 bthserv - ok
16:57:35.0819 0732 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:57:35.0820 0732 cdfs - ok
16:57:35.0826 0732 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
16:57:35.0827 0732 cdrom - ok
16:57:35.0842 0732 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
16:57:35.0843 0732 CertPropSvc - ok
16:57:35.0854 0732 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
16:57:35.0855 0732 circlass - ok
16:57:35.0869 0732 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
16:57:35.0872 0732 CLFS - ok
16:57:35.0927 0732 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:57:35.0928 0732 clr_optimization_v2.0.50727_32 - ok
16:57:35.0962 0732 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:57:35.0963 0732 clr_optimization_v2.0.50727_64 - ok
16:57:36.0032 0732 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:57:36.0034 0732 clr_optimization_v4.0.30319_32 - ok
16:57:36.0046 0732 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:57:36.0047 0732 clr_optimization_v4.0.30319_64 - ok
16:57:36.0062 0732 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
16:57:36.0063 0732 CmBatt - ok
16:57:36.0065 0732 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
16:57:36.0066 0732 cmdide - ok
16:57:36.0104 0732 [ C4943B6C962E4B82197542447AD599F4 ] CNG C:\Windows\system32\Drivers\cng.sys
16:57:36.0108 0732 CNG - ok
16:57:36.0111 0732 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
16:57:36.0112 0732 Compbatt - ok
16:57:36.0121 0732 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
16:57:36.0122 0732 CompositeBus - ok
16:57:36.0124 0732 COMSysApp - ok
16:57:36.0126 0732 cpuidlep - ok
16:57:36.0160 0732 [ 262969A3FAB32B9E17E63E2D17A57744 ] cpuz135 C:\Windows\system32\drivers\cpuz135_x64.sys
16:57:36.0160 0732 cpuz135 - ok
16:57:36.0171 0732 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
16:57:36.0172 0732 crcdisk - ok
16:57:36.0202 0732 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:57:36.0203 0732 CryptSvc - ok
16:57:36.0233 0732 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
16:57:36.0237 0732 DcomLaunch - ok
16:57:36.0262 0732 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
16:57:36.0264 0732 defragsvc - ok
16:57:36.0281 0732 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
16:57:36.0283 0732 DfsC - ok
16:57:36.0300 0732 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
16:57:36.0303 0732 Dhcp - ok
16:57:36.0309 0732 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
16:57:36.0309 0732 discache - ok
16:57:36.0317 0732 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
16:57:36.0318 0732 Disk - ok
16:57:36.0351 0732 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:57:36.0353 0732 Dnscache - ok
16:57:36.0374 0732 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
16:57:36.0377 0732 dot3svc - ok
16:57:36.0387 0732 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
16:57:36.0389 0732 DPS - ok
16:57:36.0404 0732 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:57:36.0405 0732 drmkaud - ok
16:57:36.0443 0732 [ D3D64CF7B2BCEAA34A270F45A3FFFB36 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
16:57:36.0446 0732 dtsoftbus01 - ok
16:57:36.0479 0732 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:57:36.0487 0732 DXGKrnl - ok
16:57:36.0508 0732 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
16:57:36.0509 0732 EapHost - ok
16:57:36.0559 0732 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
16:57:36.0585 0732 ebdrv - ok
16:57:36.0615 0732 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
16:57:36.0624 0732 EFS - ok
16:57:36.0733 0732 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
16:57:36.0830 0732 ehRecvr - ok
16:57:36.0862 0732 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
16:57:36.0864 0732 ehSched - ok
16:57:36.0894 0732 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
16:57:36.0898 0732 elxstor - ok
16:57:36.0909 0732 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
16:57:36.0910 0732 ErrDev - ok
16:57:36.0932 0732 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
16:57:36.0935 0732 EventSystem - ok
16:57:36.0949 0732 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
16:57:36.0951 0732 exfat - ok
16:57:36.0965 0732 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:57:36.0967 0732 fastfat - ok
16:57:36.0984 0732 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
16:57:36.0991 0732 Fax - ok
16:57:37.0004 0732 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
16:57:37.0004 0732 fdc - ok
16:57:37.0011 0732 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
16:57:37.0012 0732 fdPHost - ok
16:57:37.0033 0732 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
16:57:37.0034 0732 FDResPub - ok
16:57:37.0053 0732 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:57:37.0054 0732 FileInfo - ok
16:57:37.0061 0732 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:57:37.0062 0732 Filetrace - ok
16:57:37.0141 0732 [ 73081CF28F0AE20A52CA4F67CEE6E6B0 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
16:57:37.0149 0732 FLEXnet Licensing Service - ok
16:57:37.0162 0732 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
16:57:37.0163 0732 flpydisk - ok
16:57:37.0187 0732 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:57:37.0190 0732 FltMgr - ok
16:57:37.0240 0732 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
16:57:37.0249 0732 FontCache - ok
16:57:37.0283 0732 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:57:37.0283 0732 FontCache3.0.0.0 - ok
16:57:37.0294 0732 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
16:57:37.0295 0732 FsDepends - ok
16:57:37.0331 0732 [ DC0DCE4EC2C5D2CF6472F9FD6AA9A7DC ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
16:57:37.0332 0732 fssfltr - ok
16:57:37.0366 0732 [ 40CDFAD174B3D5E80F95DDA003C0B97F ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
16:57:37.0379 0732 fsssvc - ok
16:57:37.0409 0732 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:57:37.0410 0732 Fs_Rec - ok
16:57:37.0425 0732 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
16:57:37.0427 0732 fvevol - ok
16:57:37.0442 0732 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
16:57:37.0443 0732 gagp30kx - ok
16:57:37.0474 0732 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
16:57:37.0481 0732 gpsvc - ok
16:57:37.0554 0732 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:57:37.0555 0732 gupdate - ok
16:57:37.0558 0732 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:57:37.0559 0732 gupdatem - ok
16:57:37.0577 0732 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
16:57:37.0578 0732 hcw85cir - ok
16:57:37.0595 0732 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:57:37.0598 0732 HdAudAddService - ok
16:57:37.0605 0732 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
16:57:37.0606 0732 HDAudBus - ok
16:57:37.0617 0732 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
16:57:37.0620 0732 HidBatt - ok
16:57:37.0636 0732 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
16:57:37.0640 0732 HidBth - ok
16:57:37.0661 0732 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
16:57:37.0662 0732 HidIr - ok
16:57:37.0686 0732 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
16:57:37.0687 0732 hidserv - ok
16:57:37.0706 0732 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
16:57:37.0706 0732 HidUsb - ok
16:57:37.0730 0732 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
16:57:37.0731 0732 hkmsvc - ok
16:57:37.0746 0732 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:57:37.0749 0732 HomeGroupListener - ok
16:57:37.0768 0732 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:57:37.0770 0732 HomeGroupProvider - ok
16:57:37.0781 0732 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
16:57:37.0782 0732 HpSAMD - ok
16:57:37.0848 0732 [ BEF7D9760E0B00973E0F7EFCE68875C1 ] hshld C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe
16:57:37.0852 0732 hshld - ok
16:57:37.0906 0732 [ BBC89DA4065BDCE34257BE95B2F636EE ] HssDRV6 C:\Windows\system32\DRIVERS\hssdrv6.sys
16:57:37.0907 0732 HssDRV6 - ok
16:57:37.0992 0732 [ 01947D3CBAFCFEF066E1EB45DADC182D ] HssSrv C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe
16:57:37.0996 0732 HssSrv - ok
16:57:38.0039 0732 [ 5527CF1FF457E819112EAC7DC0AA69CB ] HssTrayService C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE
16:57:38.0040 0732 HssTrayService - ok
16:57:38.0079 0732 [ F4C1B3C4847BBA031ACFDCE5A3F0CFCB ] HssWd C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
16:57:38.0082 0732 HssWd - ok
16:57:38.0106 0732 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:57:38.0112 0732 HTTP - ok
16:57:38.0121 0732 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
16:57:38.0121 0732 hwpolicy - ok
16:57:38.0138 0732 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
16:57:38.0139 0732 i8042prt - ok
16:57:38.0172 0732 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
16:57:38.0176 0732 iaStorV - ok
16:57:38.0223 0732 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:57:38.0231 0732 idsvc - ok
16:57:38.0251 0732 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
16:57:38.0251 0732 iirsp - ok
16:57:38.0272 0732 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
16:57:38.0279 0732 IKEEXT - ok
16:57:38.0289 0732 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
16:57:38.0290 0732 intelide - ok
16:57:38.0303 0732 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
16:57:38.0304 0732 intelppm - ok
16:57:38.0312 0732 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
16:57:38.0313 0732 IPBusEnum - ok
16:57:38.0323 0732 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:57:38.0325 0732 IpFilterDriver - ok
16:57:38.0346 0732 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
16:57:38.0347 0732 IPMIDRV - ok
16:57:38.0352 0732 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
16:57:38.0354 0732 IPNAT - ok
16:57:38.0367 0732 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:57:38.0368 0732 IRENUM - ok
16:57:38.0375 0732 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
16:57:38.0376 0732 isapnp - ok
16:57:38.0391 0732 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
16:57:38.0393 0732 iScsiPrt - ok
16:57:38.0407 0732 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
16:57:38.0408 0732 kbdclass - ok
16:57:38.0419 0732 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
16:57:38.0420 0732 kbdhid - ok
16:57:38.0431 0732 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
16:57:38.0432 0732 KeyIso - ok
16:57:38.0464 0732 [ DA1E991A61CFDD755A589E206B97644B ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:57:38.0465 0732 KSecDD - ok
16:57:38.0509 0732 [ 7E33198D956943A4F11A5474C1E9106F ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
16:57:38.0511 0732 KSecPkg - ok
16:57:38.0523 0732 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
16:57:38.0524 0732 ksthunk - ok
16:57:38.0553 0732 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
16:57:38.0557 0732 KtmRm - ok
16:57:38.0585 0732 [ CE4347E2D90DB2E5517B6F2BC720A862 ] LADF_CaptureOnly C:\Windows\system32\DRIVERS\ladfGSCamd64.sys
16:57:38.0589 0732 LADF_CaptureOnly - ok
16:57:38.0598 0732 [ 85A9D21D3AE2EA963E111CB150895877 ] LADF_RenderOnly C:\Windows\system32\DRIVERS\ladfGSRamd64.sys
16:57:38.0601 0732 LADF_RenderOnly - ok
16:57:38.0634 0732 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
16:57:38.0637 0732 LanmanServer - ok
16:57:38.0654 0732 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:57:38.0656 0732 LanmanWorkstation - ok
16:57:38.0675 0732 [ FA529FB35694C24BF98A9EF67C1CD9D0 ] LGBusEnum C:\Windows\system32\drivers\LGBusEnum.sys
16:57:38.0676 0732 LGBusEnum - ok
16:57:38.0694 0732 [ 94B29CE153765E768F004FB3440BE2B0 ] LGVirHid C:\Windows\system32\drivers\LGVirHid.sys
16:57:38.0695 0732 LGVirHid - ok
16:57:38.0704 0732 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:57:38.0704 0732 lltdio - ok
16:57:38.0726 0732 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:57:38.0729 0732 lltdsvc - ok
16:57:38.0737 0732 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
16:57:38.0738 0732 lmhosts - ok
16:57:38.0759 0732 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
16:57:38.0760 0732 LSI_FC - ok
16:57:38.0770 0732 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
16:57:38.0771 0732 LSI_SAS - ok
16:57:38.0783 0732 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
16:57:38.0784 0732 LSI_SAS2 - ok
16:57:38.0795 0732 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
16:57:38.0797 0732 LSI_SCSI - ok
16:57:38.0812 0732 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
16:57:38.0813 0732 luafv - ok
16:57:38.0851 0732 [ D33E2B74CF8B3A652BF0A9FBD068E87A ] ManyCam C:\Windows\system32\DRIVERS\ManyCam_x64.sys
16:57:38.0851 0732 ManyCam - ok
16:57:38.0872 0732 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
16:57:38.0874 0732 Mcx2Svc - ok
16:57:38.0887 0732 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
16:57:38.0887 0732 megasas - ok
16:57:38.0916 0732 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
16:57:38.0918 0732 MegaSR - ok
16:57:38.0950 0732 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
16:57:38.0951 0732 MEIx64 - ok
16:57:38.0969 0732 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
16:57:38.0970 0732 MMCSS - ok
16:57:38.0982 0732 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
16:57:38.0983 0732 Modem - ok
16:57:38.0991 0732 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
16:57:38.0991 0732 monitor - ok
16:57:39.0031 0732 [ EB03D4164E7F10B601D280413655ADE4 ] MotioninJoyXFilter C:\Windows\system32\DRIVERS\MijXfilt.sys
16:57:39.0033 0732 MotioninJoyXFilter - ok
16:57:39.0049 0732 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
16:57:39.0049 0732 mouclass - ok
16:57:39.0059 0732 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
16:57:39.0060 0732 mouhid - ok
16:57:39.0068 0732 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
16:57:39.0069 0732 mountmgr - ok
16:57:39.0114 0732 [ E8D79312373F254DC13F3965BDB3D521 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:57:39.0115 0732 MozillaMaintenance - ok
16:57:39.0134 0732 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
16:57:39.0136 0732 mpio - ok
16:57:39.0155 0732 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:57:39.0155 0732 mpsdrv - ok
16:57:39.0185 0732 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
16:57:39.0192 0732 MpsSvc - ok
16:57:39.0214 0732 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:57:39.0215 0732 MRxDAV - ok
16:57:39.0253 0732 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:57:39.0254 0732 mrxsmb - ok
16:57:39.0267 0732 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:57:39.0270 0732 mrxsmb10 - ok
16:57:39.0282 0732 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:57:39.0283 0732 mrxsmb20 - ok
16:57:39.0295 0732 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
16:57:39.0296 0732 msahci - ok
16:57:39.0310 0732 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
16:57:39.0312 0732 msdsm - ok
16:57:39.0328 0732 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
16:57:39.0330 0732 MSDTC - ok
16:57:39.0343 0732 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:57:39.0344 0732 Msfs - ok
16:57:39.0361 0732 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
16:57:39.0362 0732 mshidkmdf - ok
16:57:39.0371 0732 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
16:57:39.0372 0732 msisadrv - ok
16:57:39.0396 0732 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:57:39.0398 0732 MSiSCSI - ok
16:57:39.0400 0732 msiserver - ok
16:57:39.0442 0732 [ 192476C10371DC83243D67432B2CDCBF ] MSI_MSIBIOS_010507 C:\Program Files (x86)\MSI\Live Update 5\msibios64_100507.sys
16:57:39.0443 0732 MSI_MSIBIOS_010507 - ok
16:57:39.0456 0732 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:57:39.0456 0732 MSKSSRV - ok
16:57:39.0469 0732 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:57:39.0470 0732 MSPCLOCK - ok
16:57:39.0481 0732 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:57:39.0482 0732 MSPQM - ok
16:57:39.0505 0732 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:57:39.0508 0732 MsRPC - ok
16:57:39.0521 0732 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
16:57:39.0521 0732 mssmbios - ok
16:57:39.0542 0732 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:57:39.0543 0732 MSTEE - ok
16:57:39.0554 0732 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
16:57:39.0555 0732 MTConfig - ok
16:57:39.0567 0732 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
16:57:39.0567 0732 Mup - ok
16:57:39.0582 0732 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
16:57:39.0586 0732 napagent - ok
16:57:39.0608 0732 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:57:39.0611 0732 NativeWifiP - ok
16:57:39.0650 0732 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
16:57:39.0658 0732 NDIS - ok
16:57:39.0673 0732 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
16:57:39.0673 0732 NdisCap - ok
16:57:39.0696 0732 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:57:39.0697 0732 NdisTapi - ok
16:57:39.0706 0732 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:57:39.0707 0732 Ndisuio - ok
16:57:39.0714 0732 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:57:39.0715 0732 NdisWan - ok
16:57:39.0722 0732 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:57:39.0722 0732 NDProxy - ok
16:57:39.0730 0732 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:57:39.0731 0732 NetBIOS - ok
16:57:39.0739 0732 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
16:57:39.0741 0732 NetBT - ok
16:57:39.0756 0732 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
16:57:39.0757 0732 Netlogon - ok
16:57:39.0779 0732 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
16:57:39.0783 0732 Netman - ok
16:57:39.0823 0732 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:57:39.0824 0732 NetMsmqActivator - ok
16:57:39.0827 0732 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:57:39.0828 0732 NetPipeActivator - ok
16:57:39.0842 0732 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
16:57:39.0846 0732 netprofm - ok
16:57:39.0874 0732 [ 618C55B392238B9467F9113E13525C49 ] netr28ux C:\Windows\system32\DRIVERS\netr28ux.sys
16:57:39.0882 0732 netr28ux - ok
16:57:39.0885 0732 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:57:39.0886 0732 NetTcpActivator - ok
16:57:39.0888 0732 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:57:39.0889 0732 NetTcpPortSharing - ok
16:57:39.0909 0732 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
16:57:39.0910 0732 nfrd960 - ok
16:57:39.0936 0732 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
16:57:39.0939 0732 NlaSvc - ok
16:57:39.0941 0732 NPF - ok
16:57:39.0950 0732 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:57:39.0950 0732 Npfs - ok
16:57:39.0959 0732 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
16:57:39.0960 0732 nsi - ok
16:57:39.0966 0732 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:57:39.0967 0732 nsiproxy - ok
16:57:40.0017 0732 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:57:40.0031 0732 Ntfs - ok
16:57:40.0036 0732 [ 1B32C54B95121AB1683C7B83B2DB4B96 ] NTIOLib_1_0_4 C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys
16:57:40.0037 0732 NTIOLib_1_0_4 - ok
16:57:40.0056 0732 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
16:57:40.0056 0732 Null - ok
16:57:40.0073 0732 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
16:57:40.0074 0732 nvraid - ok
16:57:40.0111 0732 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
16:57:40.0113 0732 nvstor - ok
16:57:40.0131 0732 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
16:57:40.0132 0732 nv_agp - ok
16:57:40.0144 0732 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
16:57:40.0145 0732 ohci1394 - ok
16:57:40.0167 0732 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
16:57:40.0171 0732 p2pimsvc - ok
16:57:40.0190 0732 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
16:57:40.0194 0732 p2psvc - ok
16:57:40.0205 0732 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
16:57:40.0206 0732 Parport - ok
16:57:40.0236 0732 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:57:40.0237 0732 partmgr - ok
16:57:40.0249 0732 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
16:57:40.0251 0732 PcaSvc - ok
16:57:40.0264 0732 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
16:57:40.0265 0732 pci - ok
16:57:40.0277 0732 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
16:57:40.0278 0732 pciide - ok
16:57:40.0288 0732 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
16:57:40.0290 0732 pcmcia - ok
16:57:40.0306 0732 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
16:57:40.0307 0732 pcw - ok
16:57:40.0336 0732 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:57:40.0341 0732 PEAUTH - ok
16:57:40.0403 0732 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
16:57:40.0404 0732 PerfHost - ok
16:57:40.0433 0732 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
16:57:40.0445 0732 pla - ok
16:57:40.0482 0732 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:57:40.0486 0732 PlugPlay - ok
16:57:40.0496 0732 PnkBstrA - ok
16:57:40.0508 0732 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
16:57:40.0509 0732 PNRPAutoReg - ok
16:57:40.0526 0732 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
16:57:40.0528 0732 PNRPsvc - ok
16:57:40.0558 0732 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:57:40.0562 0732 PolicyAgent - ok
16:57:40.0585 0732 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
16:57:40.0587 0732 Power - ok
16:57:40.0611 0732 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
16:57:40.0612 0732 PptpMiniport - ok
16:57:40.0624 0732 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
16:57:40.0625 0732 Processor - ok
16:57:40.0657 0732 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
16:57:40.0659 0732 ProfSvc - ok
16:57:40.0673 0732 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:57:40.0674 0732 ProtectedStorage - ok
16:57:40.0681 0732 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
16:57:40.0682 0732 Psched - ok
16:57:40.0718 0732 [ A283E768FA12EF33087F07B01F82D6DD ] PSEXESVC C:\Windows\PSEXESVC.EXE
16:57:40.0720 0732 PSEXESVC - ok
16:57:40.0755 0732 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
16:57:40.0767 0732 ql2300 - ok
16:57:40.0780 0732 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
16:57:40.0782 0732 ql40xx - ok
16:57:40.0811 0732 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
16:57:40.0814 0732 QWAVE - ok
16:57:40.0825 0732 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:57:40.0826 0732 QWAVEdrv - ok
16:57:40.0842 0732 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:57:40.0842 0732 RasAcd - ok
16:57:40.0857 0732 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
16:57:40.0858 0732 RasAgileVpn - ok
16:57:40.0866 0732 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
16:57:40.0868 0732 RasAuto - ok
16:57:40.0878 0732 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
16:57:40.0879 0732 Rasl2tp - ok
16:57:40.0905 0732 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
16:57:40.0909 0732 RasMan - ok
16:57:40.0919 0732 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:57:40.0921 0732 RasPppoe - ok
16:57:40.0927 0732 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
16:57:40.0928 0732 RasSstp - ok
16:57:40.0941 0732 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:57:40.0944 0732 rdbss - ok
16:57:40.0956 0732 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
16:57:40.0957 0732 rdpbus - ok
16:57:40.0967 0732 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
16:57:40.0968 0732 RDPCDD - ok
16:57:40.0972 0732 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
16:57:40.0972 0732 RDPENCDD - ok
16:57:40.0976 0732 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
16:57:40.0977 0732 RDPREFMP - ok
16:57:41.0015 0732 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
16:57:41.0018 0732 RDPWD - ok
16:57:41.0031 0732 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
16:57:41.0033 0732 rdyboost - ok
16:57:41.0058 0732 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
16:57:41.0059 0732 RemoteAccess - ok
16:57:41.0074 0732 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:57:41.0076 0732 RemoteRegistry - ok
16:57:41.0089 0732 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
16:57:41.0090 0732 RpcEptMapper - ok
16:57:41.0100 0732 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
16:57:41.0101 0732 RpcLocator - ok
16:57:41.0115 0732 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
16:57:41.0118 0732 RpcSs - ok
16:57:41.0138 0732 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:57:41.0139 0732 rspndr - ok
16:57:41.0179 0732 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
16:57:41.0184 0732 RTL8167 - ok
16:57:41.0213 0732 [ 248ABD858FF7DCC966E5A54529DDD225 ] SaiH0464 C:\Windows\system32\DRIVERS\SaiH0464.sys
16:57:41.0215 0732 SaiH0464 - ok
16:57:41.0223 0732 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
16:57:41.0223 0732 SamSs - ok
16:57:41.0237 0732 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
16:57:41.0238 0732 sbp2port - ok
16:57:41.0261 0732 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:57:41.0263 0732 SCardSvr - ok
16:57:41.0294 0732 [ B2F50286DC82B93C013E3FC57BA1A956 ] SCDEmu C:\Windows\system32\drivers\SCDEmu.sys
16:57:41.0295 0732 SCDEmu - ok
16:57:41.0300 0732 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
16:57:41.0301 0732 scfilter - ok
16:57:41.0319 0732 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
16:57:41.0328 0732 Schedule - ok
16:57:41.0342 0732 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
16:57:41.0342 0732 SCPolicySvc - ok
16:57:41.0358 0732 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
16:57:41.0360 0732 SDRSVC - ok
16:57:41.0378 0732 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:57:41.0379 0732 secdrv - ok
16:57:41.0385 0732 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
16:57:41.0386 0732 seclogon - ok
16:57:41.0399 0732 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
16:57:41.0400 0732 SENS - ok
16:57:41.0408 0732 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
16:57:41.0409 0732 SensrSvc - ok
16:57:41.0413 0732 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
16:57:41.0413 0732 Serenum - ok
16:57:41.0424 0732 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
16:57:41.0425 0732 Serial - ok
16:57:41.0432 0732 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
16:57:41.0433 0732 sermouse - ok
16:57:41.0447 0732 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
16:57:41.0448 0732 SessionEnv - ok
16:57:41.0458 0732 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
16:57:41.0459 0732 sffdisk - ok
16:57:41.0479 0732 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
16:57:41.0479 0732 sffp_mmc - ok
16:57:41.0482 0732 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
16:57:41.0482 0732 sffp_sd - ok
16:57:41.0489 0732 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
16:57:41.0490 0732 sfloppy - ok
16:57:41.0512 0732 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:57:41.0516 0732 ShellHWDetection - ok
16:57:41.0525 0732 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
16:57:41.0526 0732 SiSRaid2 - ok
16:57:41.0536 0732 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
16:57:41.0537 0732 SiSRaid4 - ok
16:57:41.0623 0732 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
16:57:41.0625 0732 SkypeUpdate - ok
16:57:41.0656 0732 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
16:57:41.0660 0732 Smb - ok
16:57:41.0704 0732 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:57:41.0705 0732 SNMPTRAP - ok
16:57:41.0763 0732 [ 12583AF6CBE0050651EAF2723B3AD7B3 ] speedfan C:\Windows\syswow64\speedfan.sys
16:57:41.0767 0732 speedfan - ok
16:57:41.0821 0732 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
16:57:41.0821 0732 spldr - ok
16:57:41.0851 0732 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
16:57:41.0857 0732 Spooler - ok
16:57:41.0921 0732 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
16:57:41.0950 0732 sppsvc - ok
16:57:41.0968 0732 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
16:57:41.0970 0732 sppuinotify - ok
16:57:42.0010 0732 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
16:57:42.0014 0732 srv - ok
16:57:42.0025 0732 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:57:42.0028 0732 srv2 - ok
16:57:42.0037 0732 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:57:42.0039 0732 srvnet - ok
16:57:42.0058 0732 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:57:42.0060 0732 SSDPSRV - ok
16:57:42.0071 0732 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:57:42.0072 0732 SstpSvc - ok
16:57:42.0084 0732 Steam Client Service - ok
16:57:42.0098 0732 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
16:57:42.0098 0732 stexstor - ok
16:57:42.0124 0732 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
16:57:42.0129 0732 stisvc - ok
16:57:42.0135 0732 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
16:57:42.0136 0732 swenum - ok
16:57:42.0154 0732 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
16:57:42.0159 0732 swprv - ok
16:57:42.0197 0732 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
16:57:42.0211 0732 SysMain - ok
16:57:42.0228 0732 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:57:42.0230 0732 TabletInputService - ok
16:57:42.0269 0732 [ F9BE29D5E097F03F81D3CD12B794CB66 ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys
16:57:42.0270 0732 tap0901 - ok
16:57:42.0299 0732 [ B70DF208E97536CA9F29289E609F5B16 ] taphss C:\Windows\system32\DRIVERS\taphss.sys
16:57:42.0300 0732 taphss - ok
16:57:42.0317 0732 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
16:57:42.0320 0732 TapiSrv - ok
16:57:42.0326 0732 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
16:57:42.0327 0732 TBS - ok
16:57:42.0382 0732 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:57:42.0398 0732 Tcpip - ok
16:57:42.0417 0732 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
16:57:42.0424 0732 TCPIP6 - ok
16:57:42.0445 0732 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:57:42.0445 0732 tcpipreg - ok
16:57:42.0456 0732 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
16:57:42.0457 0732 TDPIPE - ok
16:57:42.0489 0732 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
16:57:42.0490 0732 TDTCP - ok
16:57:42.0503 0732 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:57:42.0505 0732 tdx - ok
16:57:42.0577 0732 [ 74FC70AE64A7B7DABEC9697CE0A1F4FA ] TeamViewer7 C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
16:57:42.0600 0732 TeamViewer7 - ok
16:57:42.0617 0732 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
16:57:42.0618 0732 TermDD - ok
16:57:42.0636 0732 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
16:57:42.0643 0732 TermService - ok
16:57:42.0660 0732 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
16:57:42.0661 0732 THREADORDER - ok
16:57:42.0672 0732 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
16:57:42.0673 0732 TrkWks - ok
16:57:42.0714 0732 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:57:42.0716 0732 TrustedInstaller - ok
16:57:42.0727 0732 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
16:57:42.0728 0732 tssecsrv - ok
16:57:42.0740 0732 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
16:57:42.0741 0732 TsUsbFlt - ok
16:57:42.0755 0732 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
16:57:42.0755 0732 TsUsbGD - ok
16:57:42.0768 0732 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:57:42.0769 0732 tunnel - ok
16:57:42.0783 0732 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
16:57:42.0784 0732 uagp35 - ok
16:57:42.0796 0732 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:57:42.0799 0732 udfs - ok
16:57:42.0818 0732 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:57:42.0819 0732 UI0Detect - ok
16:57:42.0822 0732 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
16:57:42.0823 0732 uliagpkx - ok
16:57:42.0842 0732 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
16:57:42.0843 0732 umbus - ok
16:57:42.0857 0732 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
16:57:42.0857 0732 UmPass - ok
16:57:42.0913 0732 [ 8F387A1CC015A3F5020700C657A0FC85 ] UnsignedThemes C:\Windows\UnsignedThemesSvc.exe
16:57:42.0914 0732 UnsignedThemes - ok
16:57:42.0942 0732 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
16:57:42.0945 0732 upnphost - ok
16:57:42.0963 0732 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
16:57:42.0964 0732 usbaudio - ok
16:57:43.0007 0732 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
16:57:43.0009 0732 usbccgp - ok
16:57:43.0026 0732 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
16:57:43.0028 0732 usbcir - ok
16:57:43.0044 0732 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
16:57:43.0045 0732 usbehci - ok
16:57:43.0058 0732 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
16:57:43.0061 0732 usbhub - ok
16:57:43.0077 0732 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
16:57:43.0078 0732 usbohci - ok
16:57:43.0094 0732 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
16:57:43.0095 0732 usbprint - ok
16:57:43.0128 0732 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
16:57:43.0129 0732 usbscan - ok
16:57:43.0139 0732 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:57:43.0140 0732 USBSTOR - ok
16:57:43.0166 0732 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
16:57:43.0167 0732 usbuhci - ok
16:57:43.0204 0732 [ 297EE9C666FC8BB96A232DB0DDBA1E49 ] uxpatch C:\Windows\system32\drivers\uxpatch.sys
16:57:43.0204 0732 uxpatch - ok
16:57:43.0221 0732 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
16:57:43.0222 0732 UxSms - ok
16:57:43.0231 0732 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
16:57:43.0231 0732 VaultSvc - ok
16:57:43.0254 0732 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
16:57:43.0255 0732 vdrvroot - ok
16:57:43.0270 0732 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
16:57:43.0275 0732 vds - ok
16:57:43.0286 0732 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
16:57:43.0287 0732 vga - ok
16:57:43.0289 0732 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
16:57:43.0290 0732 VgaSave - ok
16:57:43.0298 0732 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
16:57:43.0300 0732 vhdmp - ok
16:57:43.0312 0732 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
16:57:43.0312 0732 viaide - ok
16:57:43.0324 0732 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
16:57:43.0325 0732 volmgr - ok
16:57:43.0350 0732 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:57:43.0353 0732 volmgrx - ok
16:57:43.0367 0732 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
16:57:43.0370 0732 volsnap - ok
16:57:43.0382 0732 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
16:57:43.0383 0732 vsmraid - ok
16:57:43.0432 0732 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
16:57:43.0446 0732 VSS - ok
16:57:43.0460 0732 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
16:57:43.0461 0732 vwifibus - ok
16:57:43.0484 0732 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
16:57:43.0485 0732 vwififlt - ok
16:57:43.0496 0732 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
16:57:43.0500 0732 W32Time - ok
16:57:43.0516 0732 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
16:57:43.0517 0732 WacomPen - ok
16:57:43.0527 0732 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
16:57:43.0529 0732 WANARP - ok
16:57:43.0531 0732 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
16:57:43.0531 0732 Wanarpv6 - ok
16:57:43.0581 0732 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
16:57:43.0592 0732 WatAdminSvc - ok
16:57:43.0717 0732 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
16:57:43.0730 0732 wbengine - ok
16:57:43.0766 0732 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
16:57:43.0769 0732 WbioSrvc - ok
16:57:43.0781 0732 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:57:43.0784 0732 wcncsvc - ok
16:57:43.0806 0732 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:57:43.0807 0732 WcsPlugInService - ok
16:57:43.0830 0732 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
16:57:43.0831 0732 Wd - ok
16:57:43.0849 0732 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:57:43.0854 0732 Wdf01000 - ok
16:57:43.0865 0732 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:57:43.0866 0732 WdiServiceHost - ok
16:57:43.0869 0732 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:57:43.0870 0732 WdiSystemHost - ok
16:57:43.0880 0732 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
16:57:43.0883 0732 WebClient - ok
16:57:43.0902 0732 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
16:57:43.0905 0732 Wecsvc - ok
16:57:43.0914 0732 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:57:43.0915 0732 wercplsupport - ok
16:57:43.0925 0732 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
16:57:43.0927 0732 WerSvc - ok
16:57:43.0942 0732 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
16:57:43.0943 0732 WfpLwf - ok
16:57:43.0956 0732 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
16:57:43.0957 0732 WIMMount - ok
16:57:43.0960 0732 WinHttpAutoProxySvc - ok
16:57:44.0000 0732 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:57:44.0003 0732 Winmgmt - ok
16:57:44.0076 0732 [ 0C0195C48B6B8582FA6F6373032118DA ] WinRing0_1_2_0 C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys
16:57:44.0077 0732 WinRing0_1_2_0 - ok
16:57:44.0117 0732 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
16:57:44.0134 0732 WinRM - ok
16:57:44.0157 0732 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
16:57:44.0165 0732 Wlansvc - ok
16:57:44.0226 0732 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
16:57:44.0227 0732 wlcrasvc - ok
16:57:44.0287 0732 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:57:44.0306 0732 wlidsvc - ok
16:57:44.0311 0732 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
16:57:44.0312 0732 WmiAcpi - ok
16:57:44.0333 0732 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:57:44.0335 0732 wmiApSrv - ok
16:57:44.0345 0732 WMPNetworkSvc - ok
16:57:44.0361 0732 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:57:44.0362 0732 WPCSvc - ok
16:57:44.0373 0732 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:57:44.0375 0732 WPDBusEnum - ok
16:57:44.0385 0732 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:57:44.0385 0732 ws2ifsl - ok
16:57:44.0400 0732 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
16:57:44.0402 0732 wscsvc - ok
16:57:44.0404 0732 WSearch - ok
16:57:44.0413 0732 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
16:57:44.0415 0732 WudfPf - ok
16:57:44.0423 0732 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
16:57:44.0425 0732 WUDFRd - ok
16:57:44.0432 0732 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:57:44.0433 0732 wudfsvc - ok
16:57:44.0445 0732 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
16:57:44.0447 0732 WwanSvc - ok
16:57:44.0476 0732 [ 9176C0822FAA649E45121875BE32F5D2 ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
16:57:44.0477 0732 xusb21 - ok
16:57:44.0495 0732 ================ Scan global ===============================
16:57:44.0518 0732 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
16:57:44.0548 0732 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
16:57:44.0554 0732 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
16:57:44.0579 0732 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
16:57:44.0594 0732 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
16:57:44.0598 0732 [Global] - ok
16:57:44.0598 0732 ================ Scan MBR ==================================
16:57:44.0607 0732 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:57:44.0934 0732 \Device\Harddisk0\DR0 - ok
16:57:44.0935 0732 ================ Scan VBR ==================================
16:57:44.0973 0732 [ 3595CEF1BF717DFCEDE0CD1CAE230E02 ] \Device\Harddisk0\DR0\Partition1
16:57:44.0974 0732 \Device\Harddisk0\DR0\Partition1 - ok
16:57:44.0979 0732 [ 376500C2CA3820C8534F5820C0A6AE06 ] \Device\Harddisk0\DR0\Partition2
16:57:44.0980 0732 \Device\Harddisk0\DR0\Partition2 - ok
16:57:44.0980 0732 ============================================================
16:57:44.0980 0732 Scan finished
16:57:44.0980 0732 ============================================================
16:57:44.0985 1276 Detected object count: 0
16:57:44.0985 1276 Actual detected object count: 0


aswMBR LOG

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-31 16:59:02
-----------------------------
16:59:02.922 OS Version: Windows x64 6.1.7601 Service Pack 1
16:59:02.922 Number of processors: 4 586 0x2A07
16:59:02.923 ComputerName: FRANCOISE-PC UserName: Francoise
16:59:04.535 Initialize success
17:10:43.609 AVAST engine defs: 12083100
17:12:39.582 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-2
17:12:39.584 Disk 0 Vendor: Hitachi_HDS721050CLA362 JP2OA50E Size: 476940MB BusType: 3
17:12:39.676 Disk 0 MBR read successfully
17:12:39.678 Disk 0 MBR scan
17:12:39.680 Disk 0 Windows 7 default MBR code
17:12:39.749 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
17:12:39.796 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 476838 MB offset 206848
17:12:39.977 Disk 0 scanning C:\Windows\system32\drivers
17:13:00.533 Service scanning
17:14:15.295 Modules scanning
17:14:15.305 Disk 0 trace - called modules:
17:14:15.328 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys
17:14:15.329 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004d51060]
17:14:15.330 3 CLASSPNP.SYS[fffff8800199943f] -> nt!IofCallDriver -> [0xfffffa8004af2520]
17:14:15.330 5 ACPI.sys[fffff88000f5c7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-2[0xfffffa8004aee680]
17:14:30.468 AVAST engine scan C:\Windows
17:14:46.092 AVAST engine scan C:\Windows\system32
17:19:40.830 AVAST engine scan C:\Windows\system32\drivers
17:19:59.360 AVAST engine scan C:\Users\Francoise
17:41:49.268 File: C:\Users\Francoise\AppData\Local\Temp\8D95.tmp **INFECTED** Win32:ZAccess-ID [Trj]
17:45:57.704 File: C:\Users\Francoise\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38\1d8e8fe6-64ac803a **INFECTED** Win32:Karagany-LA [Trj]
17:53:00.404 AVAST engine scan C:\ProgramData
17:55:55.266 Scan finished successfully
17:56:20.600 Disk 0 MBR has been saved successfully to "C:\Users\Francoise\Desktop\MBR.dat"
17:56:20.604 The log file has been saved successfully to "C:\Users\Francoise\Desktop\aswMBR.txt"


ESET Online Scanner LOG

C:\Program Files (x86)\U2bviews\U2bviews Software\U2bviews Software.exe a variant of MSIL/Injector.AJG trojan cleaned by deleting - quarantined
C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\BrowserConnection.dll Win32/Toolbar.SearchSuite application cleaned by deleting - quarantined
C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\datamngr.dll Win32/Toolbar.SearchSuite application cleaned by deleting - quarantined
C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\datamngrUI.exe Win32/Toolbar.SearchSuite application cleaned by deleting - quarantined
C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\DnsBHO.dll Win32/Toolbar.SearchSuite application cleaned by deleting - quarantined
C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\IEBHO.dll Win32/Toolbar.SearchSuite application cleaned by deleting - quarantined
C:\Users\Francoise\AppData\Local\Apps\2.0\ROB6CTQX.P2W\M2M2B4K7.QMN\senu..tion_d26c5b5a75a0893b_0001.0000_324357c1b5ecf485\Build\SENuke.exe a variant of MSIL/Packed.CryptoObfuscator.D application cleaned by deleting - quarantined
C:\Users\Francoise\AppData\Local\Temp\8D95.tmp Win32/Sirefef.EV trojan cleaned by deleting - quarantined
C:\Users\Francoise\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38\1d8e8fe6-64ac803a a variant of Win32/Injector.VTL trojan deleted - quarantined
C:\Users\Francoise\Downloads\hotspot-shield_hotspot_shield_2.67_francais_57194.exe Win32/HotSpotShield application cleaned by deleting - quarantined
C:\Windows\System32\flt1chk3.dll Win32/SuspLibLoad.B trojan cleaned - quarantined

SystemLook LOG

SystemLook 30.07.11 by jpshortstuff
Log created at 17:22 on 31/08/2012 by Francoise
Administrator - Elevation successful

========== reg ==========

[HKEY_CLASSES_ROOT\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InprocServer32]
@="C:\$Recycle.Bin\S-1-5-21-3849335524-1970740220-1426121856-1000\$2dff94a1ae8f024b49bb300883798341\n."
"ThreadingModel"="Both"


-= EOF =-

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:53 AM

Posted 31 August 2012 - 12:50 PM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#5 breqkfury

breqkfury
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:02:53 AM

Posted 31 August 2012 - 03:41 PM

Mini toolbox LOG

MiniToolBox by Farbar Version: 23-07-2012
Ran by Francoise (administrator) on 31-08-2012 at 22:39:31
Microsoft Windows 7 Édition Familiale Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Configuration IP de Windows

Cache de r‚solution DNS vid‚.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================
88.80.4.19 www.video-marketing-blaster.com 255.255.255.255 easyanticheat.se 255.255.255.255 www.easyanticheat.se 255.255.255.255 easyanticheat.com 255.255.255.255 www.easyanticheat.com 255.255.255.255 easyanticheat.info 255.255.255.255 www.easyanticheat.info 255.255.255.255 easyanticheat.org 255.255.255.255 www.easyanticheat.org


========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Connexion au réseau local (Connected)


# ----------------------------------
# Configuration du protocole IPv4
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# Fin de la configuration du protocole IPv4



Configuration IP de Windows

Nom de l'h“te . . . . . . . . . . : Francoise-PC
Suffixe DNS principal . . . . . . :
Type de noeud. . . . . . . . . . : Hybride
Routage IP activ‚ . . . . . . . . : Non
Proxy WINS activ‚ . . . . . . . . : Non

Carte Ethernet Connexion au r‚seau local* 9 :

Statut du m‚dia. . . . . . . . . . . . : M‚dia d‚connect‚
Suffixe DNS propre … la connexion. . . : hshld.com
Description. . . . . . . . . . . . . . : Anchorfree HSS Adapter
Adresse physique . . . . . . . . . . . : 00-FF-6B-3B-D6-F4
DHCP activ‚. . . . . . . . . . . . . . : Oui
Configuration automatique activ‚e. . . : Oui

Carte Ethernet Connexion au r‚seau local :

Suffixe DNS propre … la connexion. . . :
Description. . . . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Adresse physique . . . . . . . . . . . : 8C-89-A5-10-72-BF
DHCP activ‚. . . . . . . . . . . . . . : Oui
Configuration automatique activ‚e. . . : Oui
Adresse IPv6 de liaison locale. . . . .: fe80::b4a1:e08a:c794:5220%14(pr‚f‚r‚)
Adresse IPv4. . . . . . . . . . . . . .: 192.168.1.2(pr‚f‚r‚)
Masque de sous-r‚seau. . . .ÿ. . . . . : 255.255.255.0
Bail obtenu. . . . . . . . .ÿ. . . . . : vendredi 31 ao–t 2012 22:37:42
Bail expirant. . . . . . . . .ÿ. . . . : samedi 1 septembre 2012 10:37:42
Passerelle par d‚faut. . . .ÿ. . . . . : 192.168.1.254
Serveur DHCP . . . . . . . . . . . . . : 192.168.1.254
IAID DHCPv6 . . . . . . . . . . . : 378309029
DUID de client DHCPv6. . . . . . . . : 00-01-00-01-16-30-DF-CE-00-26-4D-3F-90-2C
Serveurs DNS. . . . . . . . . . . . . : 192.168.1.254
NetBIOS sur Tcpip. . . . . . . . . . . : Activ‚

Carte Tunnel isatap.{ADCB5010-7572-47CF-B7F7-E594346CB532} :

Statut du m‚dia. . . . . . . . . . . . : M‚dia d‚connect‚
Suffixe DNS propre … la connexion. . . :
Description. . . . . . . . . . . . . . : Carte Microsoft ISATAP
Adresse physique . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP activ‚. . . . . . . . . . . . . . : Non
Configuration automatique activ‚e. . . : Oui

Carte Tunnel Teredo Tunneling Pseudo-Interface :

Statut du m‚dia. . . . . . . . . . . . : M‚dia d‚connect‚
Suffixe DNS propre … la connexion. . . :
Description. . . . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Adresse physique . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP activ‚. . . . . . . . . . . . . . : Non
Configuration automatique activ‚e. . . : Oui

Carte Tunnel isatap.hshld.com :

Statut du m‚dia. . . . . . . . . . . . : M‚dia d‚connect‚
Suffixe DNS propre … la connexion. . . :
Description. . . . . . . . . . . . . . : Carte Microsoft ISATAP #2
Adresse physique . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP activ‚. . . . . . . . . . . . . . : Non
Configuration automatique activ‚e. . . : Oui

Carte Tunnel isatap.{3F681266-F533-44F6-B1A0-CAC36161F02F} :

Statut du m‚dia. . . . . . . . . . . . : M‚dia d‚connect‚
Suffixe DNS propre … la connexion. . . :
Description. . . . . . . . . . . . . . : Carte Microsoft ISATAP #3
Adresse physique . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP activ‚. . . . . . . . . . . . . . : Non
Configuration automatique activ‚e. . . : Oui
Serveur : UnKnown
Address: 192.168.1.254

Nom : google.com
Addresses: 2a00:1450:4007:804::1004
74.125.230.193
74.125.230.206
74.125.230.201
74.125.230.195
74.125.230.198
74.125.230.192
74.125.230.200
74.125.230.196
74.125.230.199
74.125.230.194
74.125.230.197


Envoi d'une requˆte 'ping' sur google.com [74.125.230.197] avec 32 octets de donn‚esÿ:
R‚ponse de 74.125.230.197ÿ: octets=32 temps=42 ms TTL=55
R‚ponse de 74.125.230.197ÿ: octets=32 temps=42 ms TTL=55

Statistiques Ping pour 74.125.230.197:
Paquetsÿ: envoy‚s = 2, re‡us = 2, perdus = 0 (perte 0%),
Dur‚e approximative des boucles en millisecondes :
Minimum = 42ms, Maximum = 42ms, Moyenne = 42ms
Serveur : UnKnown
Address: 192.168.1.254

Nom : yahoo.com
Addresses: 72.30.38.140
98.139.183.24
98.138.253.109


Envoi d'une requˆte 'ping' sur yahoo.com [98.138.253.109] avec 32 octets de donn‚esÿ:
R‚ponse de 98.138.253.109ÿ: octets=32 temps=177 ms TTL=50
R‚ponse de 98.138.253.109ÿ: octets=32 temps=218 ms TTL=50

Statistiques Ping pour 98.138.253.109:
Paquetsÿ: envoy‚s = 2, re‡us = 2, perdus = 0 (perte 0%),
Dur‚e approximative des boucles en millisecondes :
Minimum = 177ms, Maximum = 218ms, Moyenne = 197ms
Serveur : UnKnown
Address: 192.168.1.254

Nom : bleepingcomputer.com
Address: 208.43.87.2


Envoi d'une requˆte 'ping' sur bleepingcomputer.com [208.43.87.2] avec 32 octets de donn‚esÿ:
R‚ponse de 208.43.87.2ÿ: Impossible de joindre l'h“te de destination.
R‚ponse de 208.43.87.2ÿ: Impossible de joindre l'h“te de destination.

Statistiques Ping pour 208.43.87.2:
Paquetsÿ: envoy‚s = 2, re‡us = 2, perdus = 0 (perte 0%),

Envoi d'une requˆte 'Ping' 127.0.0.1 avec 32 octets de donn‚esÿ:
R‚ponse de 127.0.0.1ÿ: octets=32 temps<1ms TTL=128
R‚ponse de 127.0.0.1ÿ: octets=32 temps<1ms TTL=128

Statistiques Ping pour 127.0.0.1:
Paquetsÿ: envoy‚s = 2, re‡us = 2, perdus = 0 (perte 0%),
Dur‚e approximative des boucles en millisecondes :
Minimum = 0ms, Maximum = 0ms, Moyenne = 0ms
===========================================================================
Liste d'Interfaces
19...00 ff 6b 3b d6 f4 ......Anchorfree HSS Adapter
14...8c 89 a5 10 72 bf ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
16...00 00 00 00 00 00 00 e0 Carte Microsoft ISATAP
12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
15...00 00 00 00 00 00 00 e0 Carte Microsoft ISATAP #2
18...00 00 00 00 00 00 00 e0 Carte Microsoft ISATAP #3
===========================================================================

IPv4 Table de routage
===========================================================================
Itin‚raires actifsÿ:
Destination r‚seau Masque r‚seau Adr. passerelle Adr. interface M‚trique
0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.2 10
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.2 266
192.168.1.2 255.255.255.255 On-link 192.168.1.2 266
192.168.1.255 255.255.255.255 On-link 192.168.1.2 266
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.2 266
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.2 266
===========================================================================
Itin‚raires persistantsÿ:
Aucun

IPv6 Table de routage
===========================================================================
Itin‚raires actifsÿ:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
14 266 fe80::/64 On-link
14 266 fe80::b4a1:e08a:c794:5220/128
On-link
1 306 ff00::/8 On-link
14 266 ff00::/8 On-link
===========================================================================
Itin‚raires persistantsÿ:
Aucun
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/31/2012 10:37:44 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/31/2012 05:06:38 PM) (Source: SideBySide) (User: )
Description: La création du contexte d’activation a échoué pour « C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1 ». Erreur dans le fichier de manifeste ou de stratégie « C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2 » à la ligne C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Une version de composant nécessaire à l’application est en conflit avec une autre version de composant déjà active.
Les composants en conflit sont :
Composant 1 : C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Composant 2 : C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/31/2012 05:06:38 PM) (Source: SideBySide) (User: )
Description: La création du contexte d’activation a échoué pour « C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1 ». Erreur dans le fichier de manifeste ou de stratégie « C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2 » à la ligne C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Une version de composant nécessaire à l’application est en conflit avec une autre version de composant déjà active.
Les composants en conflit sont :
Composant 1 : C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Composant 2 : C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/31/2012 04:36:56 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/31/2012 04:10:11 PM) (Source: SideBySide) (User: )
Description: La création du contexte d’activation a échoué pour « Microsoft.FlightSimulator.SimConnect,processorArchitecture="x86",publicKeyToken="67c7c14424d61b5b",type="win32",version="10.0.61259.0"1 ».
Assembly dépendant Microsoft.FlightSimulator.SimConnect,processorArchitecture="x86",publicKeyToken="67c7c14424d61b5b",type="win32",version="10.0.61259.0" introuvable.
Utilisez sxstrace.exe pour un diagnostic détaillé.

Error: (08/31/2012 04:03:32 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/31/2012 03:39:30 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/31/2012 03:26:35 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/31/2012 01:59:59 PM) (Source: MsiInstaller) (User: Francoise-PC)Francoise-PC
Description: Produit : Driver Detective -- Erreur 1001. (NULL)(NULL)(NULL)(NULL)(NULL)

Error: (08/31/2012 01:59:59 PM) (Source: MsiInstaller) (User: Francoise-PC)Francoise-PC
Description: Produit : Driver Detective -- Erreur 2869. Le bit de style de la boîte de dialogue SetupError est défini sur erreur, mais il ne s'agit pas d'une boîte de dialogue d'erreur.


System errors:
=============
Error: (08/31/2012 10:37:56 PM) (Source: Service Control Manager) (User: )
Description: Le service Fournisseur HomeGroup dépend du service Hôte du fournisseur de découverte de fonctions qui n’a pas pu démarrer en raison de l’erreur :
%%1058

Error: (08/31/2012 10:37:46 PM) (Source: Service Control Manager) (User: )
Description: Le pilote de démarrage système ou d’amorçage suivant n’a pas pu se charger :
cpuidlep

Error: (08/31/2012 10:37:44 PM) (Source: Service Control Manager) (User: )
Description: Le service Agent de stratégie IPsec dépend du service Moteur de filtrage de base qui n’a pas pu démarrer en raison de l’erreur :
%%1297

Error: (08/31/2012 10:37:44 PM) (Source: Service Control Manager) (User: )
Description: Le service Modules de génération de clés IKE et AuthIP dépend du service Moteur de filtrage de base qui n’a pas pu démarrer en raison de l’erreur :
%%1297

Error: (08/31/2012 10:37:44 PM) (Source: Service Control Manager) (User: )
Description: Le service Pare-feu Windows dépend du service Moteur de filtrage de base qui n’a pas pu démarrer en raison de l’erreur :
%%1297

Error: (08/31/2012 10:37:44 PM) (Source: Service Control Manager) (User: )
Description: Le service Moteur de filtrage de base n’a pas pu démarrer en raison de l’erreur :
%%1297

Error: (08/31/2012 10:37:41 PM) (Source: Service Control Manager) (User: )
Description: Le service Unsigned Themes s’est arrêté avec l’erreur :
%%1411

Error: (08/31/2012 10:37:29 PM) (Source: Application Popup) (User: )
Description: Le chargement de \SystemRoot\SysWow64\Drivers\cpuidlep.SYS a été bloqué en raison d’une incompatibilité avec ce système. Contactez l’éditeur de votre logiciel pour obtenir une version compatible du pilote.

Error: (08/31/2012 10:36:31 PM) (Source: Service Control Manager) (User: )
Description: Le service Cliché instantané des volumes s’est terminé de façon inattendue pour la 1ème fois.

Error: (08/31/2012 10:36:31 PM) (Source: Service Control Manager) (User: )
Description: Le service Windows Live ID Sign-in Assistant s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 10000 millisecondes : Redémarrer le service.


Microsoft Office Sessions:
=========================
Error: (08/31/2012 10:37:44 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/31/2012 05:06:38 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Francoise\Downloads\esetsmartinstaller_enu.exe

Error: (08/31/2012 05:06:38 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Francoise\Downloads\esetsmartinstaller_enu.exe

Error: (08/31/2012 04:36:56 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/31/2012 04:10:11 PM) (Source: SideBySide)(User: )
Description: Microsoft.FlightSimulator.SimConnect,processorArchitecture="x86",publicKeyToken="67c7c14424d61b5b",type="win32",version="10.0.61259.0"C:\Users\Francoise\couatl.exe

Error: (08/31/2012 04:03:32 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/31/2012 03:39:30 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/31/2012 03:26:35 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/31/2012 01:59:59 PM) (Source: MsiInstaller)(User: Francoise-PC)Francoise-PC
Description: Produit : Driver Detective -- Erreur 1001. (NULL)(NULL)(NULL)(NULL)(NULL)

Error: (08/31/2012 01:59:59 PM) (Source: MsiInstaller)(User: Francoise-PC)Francoise-PC
Description: Produit : Driver Detective -- Erreur 2869. Le bit de style de la boîte de dialogue SetupError est défini sur erreur, mais il ne s'agit pas d'une boîte de dialogue d'erreur.(NULL)(NULL)(NULL)(NULL)(NULL)


=========================== Installed Programs ============================

abgx360 v1.0.6
Adobe AIR (Version: 3.3.0.3650)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.271)
Adobe Flash Player 11 Plugin (Version: 11.3.300.271)
Adobe Reader 9.5.1 - Français (Version: 9.5.1)
AMD Accelerated Video Transcoding (Version: 2.00.0002)
AMD APP SDK Runtime (Version: 10.0.923.1)
AMD Catalyst Install Manager (Version: 8.0.873.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Media Foundation Decoders (Version: 1.0.70405.2224)
Analyseur et SDK MSXML 4.0 SP2 (Version: 4.20.9818.0)
ATI AVIVO64 Codecs (Version: 11.6.0.10524)
µTorrent (Version: 3.1.3)
aTube Catcher (Version: 2.7.778)
Big Fish Games: Game Manager (Version: 3.0.1.60)
BitTorrent (Version: 7.6.1)
Bulletin de Salaire 1.9.15 (Version: 1.9.15)
Call of Duty: Modern Warfare 3 - Multiplayer
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center (Version: 2011.1109.2212.39826)
Catalyst Control Center (Version: 2012.0405.2205.37728)
Catalyst Control Center Graphics Previews Common (Version: 2012.0405.2205.37728)
Catalyst Control Center InstallProxy (Version: 2012.0405.2205.37728)
Catalyst Control Center Localization All (Version: 2012.0405.2205.37728)
ccc-utility64 (Version: 2012.0405.2205.37728)
CCC Help Chinese Standard (Version: 2012.0405.2204.37728)
CCC Help Chinese Traditional (Version: 2012.0405.2204.37728)
CCC Help Czech (Version: 2012.0405.2204.37728)
CCC Help Danish (Version: 2012.0405.2204.37728)
CCC Help Dutch (Version: 2012.0405.2204.37728)
CCC Help English (Version: 2012.0405.2204.37728)
CCC Help Finnish (Version: 2012.0405.2204.37728)
CCC Help French (Version: 2012.0405.2204.37728)
CCC Help German (Version: 2012.0405.2204.37728)
CCC Help Greek (Version: 2012.0405.2204.37728)
CCC Help Hungarian (Version: 2012.0405.2204.37728)
CCC Help Italian (Version: 2012.0405.2204.37728)
CCC Help Japanese (Version: 2012.0405.2204.37728)
CCC Help Korean (Version: 2012.0405.2204.37728)
CCC Help Norwegian (Version: 2012.0405.2204.37728)
CCC Help Polish (Version: 2012.0405.2204.37728)
CCC Help Portuguese (Version: 2012.0405.2204.37728)
CCC Help Russian (Version: 2012.0405.2204.37728)
CCC Help Spanish (Version: 2012.0405.2204.37728)
CCC Help Swedish (Version: 2012.0405.2204.37728)
CCC Help Thai (Version: 2012.0405.2204.37728)
CCC Help Turkish (Version: 2012.0405.2204.37728)
CCleaner (Version: 3.19)
Ciel Compta 15.0 (Version: 230.00.0000)
CodeStuff Starter (Version: 5.6.2.9)
Complément Messenger (Version: 15.4.3502.0922)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (Version: 15.4.5722.2)
Core Temp 1.0 RC2 (Version: 1.0)
Counter-Strike: Global Offensive Beta
Counter-Strike: Source
CPUID HWMonitor 1.18
CpuIdle (remove only)
D3DX10 (Version: 15.4.2368.0902)
DiRT 3 (Version: 1.0.0000.130)
Dragon Age 2 (Version: 1.0.5174.0)
ESET Online Scanner v3
FeelThere ERJ v.2 SP2
FIFA 12 (Version: 1.6.0.0)
FileZilla Client 3.5.1 (Version: 3.5.1)
Flight One ATR 72-500
FSX Google Earth Tracker (Version: 0.1.2)
Galerie de photos Windows Live (Version: 15.4.3502.0922)
Game Booster 3 (Version: 3.5)
Google Chrome (Version: 21.0.1180.83)
Google Update Helper (Version: 1.3.21.115)
Google Earth (Version: 6.2.2.6613)
Hex Workshop v6.6 (Version: 6.6.1.5158)
Hotspot Shield 2.67 (Version: 2.67)
HxD Hex Editor version 1.7.7.0 (Version: 1.7.7.0)
HydraVision (Version: 4.2.206.0)
ImgBurn (Version: 2.5.6.0)
Java Auto Updater (Version: 2.1.6.0)
Java™ 6 Update 29 (Version: 6.0.290)
Java™ 7 Update 5 (Version: 7.0.50)
JavaFX 2.1.1 (Version: 2.1.1)
Junk Mail filter update (Version: 15.4.3502.0922)
Librairies de VB6
Live Update 5 (Version: 5.0.069)
Logitech - Assistant pour jeux vidéos 8.12 (Version: 8.12.030)
Malwarebytes Anti-Malware version 1.61.0.1400 (Version: 1.61.0.1400)
Market Samurai (Version: 0.88.77)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Multi-Targeting Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Flight Simulator X (Version: 10.0.61355.0)
Microsoft Flight Simulator X Service Pack 1 (Version: 10.0.61355.0)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.88.0)
Microsoft Games for Windows Marketplace (Version: 3.5.50.0)
Microsoft Help Viewer 1.0 (Version: 1.0.30319)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft SQL Server 2008 R2 Management Objects (Version: 10.50.1447.4)
Microsoft SQL Server Compact 3.5 SP2 ENU (Version: 3.5.8080.0)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (Version: 3.5.8080.0)
Microsoft SQL Server System CLR Types (Version: 10.50.1447.4)
Microsoft Visual Basic 2010 Express - ENU (Version: 10.0.30319)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (Version: 9.0.21022.218)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (Version: 10.0.30319)
Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU (Version: 10.0.30319)
Microsoft Xbox 360 Accessories 1.2 (Version: 1.20.146.0)
Module linguistique Microsoft .NET Framework 4 Client Profile FRA (Version: 4.0.30319)
Morrowind
MotioninJoy DS3 driver version 0.6.0004 (Version: 0.6.0004)
Mozilla Firefox 15.0 (x86 fr) (Version: 15.0)
Mozilla Maintenance Service (Version: 15.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Need for Speed: Undercover
NetTools 5.0 (Version: 5.0)
Notepad++ (Version: 6.1.3)
NVIDIA PhysX (Version: 9.10.0513)
Origin (Version: 8.5.0.4554)
PowerISO (Version: 4.8)
Realtek Ethernet Controller Driver (Version: 7.46.610.2011)
Resize My Pictures (Version: 1.0.0)
Shader 3 Mod for Flight Simulator X (Version: 1.5.0)
Share YouTube Videos version 1 (Version: 1)
Skype™ 5.10 (Version: 5.10.116)
SpeedFan (remove only)
Spiral Knights
SquawkBox
Star Wars: The Old Republic (Version: 1.00)
Steam (Version: 1.0.0.0)
System Requirements Lab CYRI (Version: 4.5.1.0)
TeamSpeak 3 Client (Version: 3.0.6)
TeamViewer 7 (Version: 7.0.12799)
The Elder Scrolls IV: Oblivion
The Elder Scrolls V - Skyrim (Version: 1.5.26.0)
The Witcher 2 (Version: 1.00.0000)
Theme Resource Changer X64 v1.0
Toolbar Uninstaller 1.0.0.1
Tube Toolbox (Version: 2.10.5)
TweetTwain
U2bviews Software (Version: 1.9.2)
Ultimate Traffic for FS2004 (2007 Edition)
Ultimate Traffic for FSX
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update or Uninstall SENukeX (Version: 1.0.0.149)
UxStyle Core Beta (Version: 0.2.1.1)
Video Marketing Blaster (Version: 1.15)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (Version: 4.0.8080.0)
WeatherBug Alert (Version: 1.3.0.1)
Windows Installer Clean Up (Version: 3.00.00.0000)
Windows Live (Version: 15.4.3502.0922)
Windows Live (Version: 15.4.3538.0513)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Family Safety (Version: 15.4.3538.0513)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3538.0513)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinHTTrack Website Copier 3.46-1 (Version: 3.46.1)
WinPcap 3.0
WinRAR 4.00 (32 bits) (Version: 4.00.0)
XPort 360
Zuma Deluxe

========================= Memory info: ===================================

Percentage of memory in use: 26%
Total physical RAM: 4066.27 MB
Available physical RAM: 3007.76 MB
Total Pagefile: 8130.74 MB
Available Pagefile: 6969.63 MB
Total Virtual: 4095.88 MB
Available Virtual: 3961.38 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:465.66 GB) (Free:303.45 GB) NTFS

========================= Users: ========================================

comptes d'utilisateurs de \\FRANCOISE-PC

Administrateur Francoise Invit‚
La commande s'est termin‚e correctement.


**** End of log ****

FSS Log

Farbar Service Scanner Version: 06-08-2012
Ran by Francoise (administrator) on 31-08-2012 at 22:40:16
Running from "C:\Users\Francoise\Downloads"
Microsoft Windows 7 Édition Familiale Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
MpsSvc Service is not running. Checking service configuration:
The start type of MpsSvc service is OK.
The ImagePath of MpsSvc service is OK.
The ServiceDll of MpsSvc service is OK.

bfe Service is not running. Checking service configuration:
The start type of bfe service is OK.
The ImagePath of bfe service is OK.
The ServiceDll of bfe service is OK.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============
wuauserv Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.

BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


Other Services:
==============
Checking Start type of SharedAccess: ATTENTION!=====> Unable to retrieve start type of SharedAccess. The value does not exist.
Checking ImagePath of SharedAccess: ATTENTION!=====> Unable to retrieve ImagePath of SharedAccess. The value does not exist.
Checking ServiceDll of SharedAccess: ATTENTION!=====> Unable to open SharedAccess registry key. The service key does not exist.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

ADWCleaner LOG

# AdwCleaner v2.000 - Rapport créé le 31/08/2012 à 22:36:31
# Mis à jour le 30/08/2012 par Xplode
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nom d'utilisateur : Francoise - FRANCOISE-PC
# Mode de démarrage : Normal
# Exécuté depuis : C:\Users\Francoise\Downloads\adwcleaner.exe
# Option [Suppression]


***** [Services] *****


***** [Fichiers / Dossiers] *****

Dossier Supprimé : C:\Program Files (x86)\Ask.com
Dossier Supprimé : C:\Program Files (x86)\BasicScan
Dossier Supprimé : C:\Program Files (x86)\Conduit
Dossier Supprimé : C:\Program Files (x86)\Mozilla Firefox\Extensions\afurladvisor@anchorfree.com
Dossier Supprimé : C:\Program Files (x86)\uTorrentBar_FR
Dossier Supprimé : C:\Program Files (x86)\Windows Searchqu Toolbar
Dossier Supprimé : C:\ProgramData\Ask
Dossier Supprimé : C:\ProgramData\Babylon
Dossier Supprimé : C:\ProgramData\boost_interprocess
Dossier Supprimé : C:\ProgramData\IBUpdaterService
Dossier Supprimé : C:\Users\Francoise\AppData\Local\APN
Dossier Supprimé : C:\Users\Francoise\AppData\Local\Babylon
Dossier Supprimé : C:\Users\Francoise\AppData\Local\Conduit
Dossier Supprimé : C:\Users\Francoise\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdhffggcfjnkigeciffmipblemhphbjl
Dossier Supprimé : C:\Users\Francoise\AppData\Local\Ilivid Player
Dossier Supprimé : C:\Users\Francoise\AppData\LocalLow\AskToolbar
Dossier Supprimé : C:\Users\Francoise\AppData\LocalLow\Conduit
Dossier Supprimé : C:\Users\Francoise\AppData\LocalLow\PriceGong
Dossier Supprimé : C:\Users\Francoise\AppData\LocalLow\searchquband
Dossier Supprimé : C:\Users\Francoise\AppData\LocalLow\Searchqutoolbar
Dossier Supprimé : C:\Users\Francoise\AppData\LocalLow\uTorrentBar_FR
Dossier Supprimé : C:\Users\Francoise\AppData\Roaming\Babylon
Dossier Supprimé : C:\Users\Francoise\AppData\Roaming\Mozilla\Firefox\Profiles\7h8372dk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}
Dossier Supprimé : C:\Users\Francoise\AppData\Roaming\Mozilla\Firefox\Profiles\7h8372dk.default\Searchqutoolbar
Dossier Supprimé : C:\Users\Francoise\AppData\Roaming\Mozilla\Firefox\Profiles\7h8372dk.default\Smartbar
Dossier Supprimé : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Fichier Supprimé : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
Fichier Supprimé : C:\Program Files (x86)\Mozilla FireFox\searchplugins\Search_Results.xml
Fichier Supprimé : C:\Program Files (x86)\Mozilla Firefox\searchplugins\SearchResults.xml
Fichier Supprimé : C:\user.js
Fichier Supprimé : C:\Users\Francoise\AppData\Roaming\Mozilla\Firefox\Profiles\7h8372dk.default\searchplugins\Conduit.xml
Fichier Supprimé : C:\Users\Francoise\AppData\Roaming\Mozilla\Firefox\Profiles\7h8372dk.default\searchplugins\Search_Results.xml
Fichier Supprimé : C:\Users\Francoise\AppData\Roaming\Mozilla\Firefox\Profiles\7h8372dk.default\searchplugins\SearchResults.xml

***** [Registre] *****

Clé Supprimée : HKCU\Software\APN
Clé Supprimée : HKCU\Software\AppDataLow\Software\AskToolbar
Clé Supprimée : HKCU\Software\AppDataLow\Software\Conduit
Clé Supprimée : HKCU\Software\AppDataLow\Software\PriceGong
Clé Supprimée : HKCU\Software\AppDataLow\Software\searchqutoolbar
Clé Supprimée : HKCU\Software\AppDataLow\Software\SmartBar
Clé Supprimée : HKCU\Software\AppDataLow\Software\uTorrentBar_FR
Clé Supprimée : HKCU\Software\AppDataLow\Toolbar
Clé Supprimée : HKCU\Software\Ask.com
Clé Supprimée : HKCU\Software\BabylonToolbar
Clé Supprimée : HKCU\Software\Conduit
Clé Supprimée : HKCU\Software\DataMngr
Clé Supprimée : HKCU\Software\Google\Chrome\Extensions\bdhffggcfjnkigeciffmipblemhphbjl
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D6533F74-218B-41BE-9D91-5BD471FECFFD}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2421}
Clé Supprimée : HKLM\Software\APN
Clé Supprimée : HKLM\Software\AskToolbar
Clé Supprimée : HKLM\Software\Babylon
Clé Supprimée : HKLM\Software\BabylonToolbar
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Clé Supprimée : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Clé Supprimée : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar.CT2851639
Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar.CT3198785
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Clé Supprimée : HKLM\Software\Conduit
Clé Supprimée : HKLM\Software\DataMngr
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D6533F74-218B-41BE-9D91-5BD471FECFFD}
Clé Supprimée : HKLM\Software\SearchquMediabarTb
Clé Supprimée : HKLM\Software\uTorrentBar_FR
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D6533F74-218B-41BE-9D91-5BD471FECFFD}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\bdhffggcfjnkigeciffmipblemhphbjl
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{160264A4-1A5C-4E3A-B549-E5331A369F41}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D5E3BB71-F98D-4413-9746-FD883B948808}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2421}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentBar_FR Toolbar
Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Windows Searchqu Toolbar
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2421}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Clé Supprimée : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{33524C00-63FB-43DB-A6BF-0A4E14B24649}
Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E}]
Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E}]
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E}]
Valeur Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E}]
Valeur Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]
Valeur Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{99079A25-328F-4BD4-BE04-00955ACAA0A7}]

***** [Navigateurs] *****

-\\ Internet Explorer v9.0.8112.16421

Restauré : [HKCU\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restauré : [HKCU\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restauré : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restauré : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restauré : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restauré : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restauré : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Remplacé : [HKCU\Software\Microsoft\Internet Explorer\Main - bProtector Start Page] = hxxp://search.babylon.com/?AF=110398&babsrc=HP_ss&mntrId=c27c35460000000000008c89a51072bf --> hxxp://www.google.com

-\\ Mozilla Firefox v15.0 (fr)

Nom du profil : default
Fichier : C:\Users\Francoise\AppData\Roaming\Mozilla\Firefox\Profiles\7h8372dk.default\prefs.js

C:\Users\Francoise\AppData\Roaming\Mozilla\Firefox\Profiles\7h8372dk.default\user.js ... Supprimé !

Supprimée : user_pref("CT3198785.1000082.isPlayDisplay", "true");
Supprimée : user_pref("CT3198785.1000082.state", "{\"state\":\"stopped\",\"text\":\"Californi...\",\"description[...]
Supprimée : user_pref("CT3198785.129761883816955218.pid2", "657b9f5a7138ac0");
Supprimée : user_pref("CT3198785.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"false\"}");
Supprimée : user_pref("CT3198785.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...]
Supprimée : user_pref("CT3198785.FirstTime", "true");
Supprimée : user_pref("CT3198785.FirstTimeFF3", "true");
Supprimée : user_pref("CT3198785.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT319[...]
Supprimée : user_pref("CT3198785.UserID", "UN94210776350477933");
Supprimée : user_pref("CT3198785.addressBarTakeOverEnabledInHidden", "true");
Supprimée : user_pref("CT3198785.autoDisableScopes", -1);
Supprimée : user_pref("CT3198785.browser.search.defaultthis.engineName", true);
Supprimée : user_pref("CT3198785.defaultSearch", "true");
Supprimée : user_pref("CT3198785.embeddedsData", "[{\"appId\":\"129761883813986480\",\"apiPermissions\":{\"cross[...]
Supprimée : user_pref("CT3198785.enableAlerts", "always");
Supprimée : user_pref("CT3198785.enableSearchFromAddressBar", "true");
Supprimée : user_pref("CT3198785.firstTimeDialogOpened", "true");
Supprimée : user_pref("CT3198785.first_time_search", "1");
Supprimée : user_pref("CT3198785.fixPageNotFoundError", "false");
Supprimée : user_pref("CT3198785.fixPageNotFoundErrorInHidden", "true");
Supprimée : user_pref("CT3198785.fixUrls", true);
Supprimée : user_pref("CT3198785.installId", "9513");
Supprimée : user_pref("CT3198785.installType", "ConduitNSISIntegration");
Supprimée : user_pref("CT3198785.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"false\"}");
Supprimée : user_pref("CT3198785.isNewTabEnabled", false);
Supprimée : user_pref("CT3198785.isPerformedSmartBarTransition", "true");
Supprimée : user_pref("CT3198785.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Supprimée : user_pref("CT3198785.keyword", true);
Supprimée : user_pref("CT3198785.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"about[...]
Supprimée : user_pref("CT3198785.openThankYouPage", "false");
Supprimée : user_pref("CT3198785.openUninstallPage", "false");
Supprimée : user_pref("CT3198785.search.searchAppId", "129761883813986480");
Supprimée : user_pref("CT3198785.search.searchCount", "0");
Supprimée : user_pref("CT3198785.searchInNewTabEnabled", "false");
Supprimée : user_pref("CT3198785.searchInNewTabEnabledInHidden", "true");
Supprimée : user_pref("CT3198785.searchProtector.notifyChanges", "{\"dataType\":\"string\",\"data\":\"false\"}")[...]
Supprimée : user_pref("CT3198785.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"false\"}");
Supprimée : user_pref("CT3198785.sendUsageEnabled", "false");
Supprimée : user_pref("CT3198785.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]
Supprimée : user_pref("CT3198785.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...]
Supprimée : user_pref("CT3198785.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
Supprimée : user_pref("CT3198785.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
Supprimée : user_pref("CT3198785.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
Supprimée : user_pref("CT3198785.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
Supprimée : user_pref("CT3198785.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data[...]
Supprimée : user_pref("CT3198785.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1341501806018");
Supprimée : user_pref("CT3198785.serviceLayer_services_appTracking_lastUpdate", "1341501807161");
Supprimée : user_pref("CT3198785.serviceLayer_services_appsMetadata_lastUpdate", "1341501805727");
Supprimée : user_pref("CT3198785.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1341501806247");
Supprimée : user_pref("CT3198785.serviceLayer_services_login_10.10.12.5_lastUpdate", "1341549407137");
Supprimée : user_pref("CT3198785.serviceLayer_services_optimizer_lastUpdate", "1341501806002");
Supprimée : user_pref("CT3198785.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1341501806285");
Supprimée : user_pref("CT3198785.serviceLayer_services_searchAPI_lastUpdate", "1341501805413");
Supprimée : user_pref("CT3198785.serviceLayer_services_serviceMap_lastUpdate", "1341501804961");
Supprimée : user_pref("CT3198785.serviceLayer_services_toolbarContextMenu_lastUpdate", "1341501806067");
Supprimée : user_pref("CT3198785.serviceLayer_services_toolbarSettings_lastUpdate", "1341561842883");
Supprimée : user_pref("CT3198785.serviceLayer_services_translation_lastUpdate", "1341501806411");
Supprimée : user_pref("CT3198785.settingsINI", true);
Supprimée : user_pref("CT3198785.shouldFirstTimeDialog", "false");
Supprimée : user_pref("CT3198785.smartbar.CTID", "CT3198785");
Supprimée : user_pref("CT3198785.smartbar.Uninstall", "0");
Supprimée : user_pref("CT3198785.smartbar.homepage", true);
Supprimée : user_pref("CT3198785.smartbar.toolbarName", "WhiteSmoke US ");
Supprimée : user_pref("CT3198785.toolbarBornServerTime", "5-7-2012");
Supprimée : user_pref("CT3198785.toolbarCurrentServerTime", "6-7-2012");
Supprimée : user_pref("Smartbar.ConduitHomepagesList", "");
Supprimée : user_pref("Smartbar.ConduitSearchEngineList", "");
Supprimée : user_pref("Smartbar.ConduitSearchUrlList", "");
Supprimée : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=C[...]
Supprimée : user_pref("browser.babylon.hponnewtab", "search.babylon.com");
Supprimée : user_pref("browser.search.defaultthis.engineName", "uTorrentBar_FR Customized Web Search");
Supprimée : user_pref("browser.search.defaultthis.enginename", "utorrentbar_fr customized web search");
Supprimée : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2851639&Sea[...]
Supprimée : user_pref("browser.search.order.1", "search the web (babylon)");
Supprimée : user_pref("browser.search.selectedengine", "search the web (babylon)");
Supprimée : user_pref("communitytoolbar.conduitsearchlist", "utorrentbar_fr customized web search");
Supprimée : user_pref("communitytoolbar.etag.hxxp://alerts.conduit-services.com/root/1243674/1239347/fr", "\"0\"[...]
Supprimée : user_pref("communitytoolbar.etag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=ct2851639", [...]
Supprimée : user_pref("communitytoolbar.etag.hxxp://contextmenu.toolbar.conduit-services.com/?name=gottenapps&lo[...]
Supprimée : user_pref("communitytoolbar.etag.hxxp://contextmenu.toolbar.conduit-services.com/?name=gottenapps&lo[...]
Supprimée : user_pref("communitytoolbar.etag.hxxp://contextmenu.toolbar.conduit-services.com/?name=otherapps&loc[...]
Supprimée : user_pref("communitytoolbar.etag.hxxp://contextmenu.toolbar.conduit-services.com/?name=otherapps&loc[...]
Supprimée : user_pref("communitytoolbar.etag.hxxp://contextmenu.toolbar.conduit-services.com/?name=sharedapps&lo[...]
Supprimée : user_pref("communitytoolbar.etag.hxxp://contextmenu.toolbar.conduit-services.com/?name=sharedapps&lo[...]
Supprimée : user_pref("communitytoolbar.etag.hxxp://contextmenu.toolbar.conduit-services.com/?name=toolbar&local[...]
Supprimée : user_pref("communitytoolbar.etag.hxxp://contextmenu.toolbar.conduit-services.com/?name=toolbar&local[...]
Supprimée : user_pref("communitytoolbar.etag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Supprimée : user_pref("communitytoolbar.etag.hxxp://dynamicdialogs.toolbar.conduit-services.com/dlg.pkg?ver=3.10[...]
Supprimée : user_pref("communitytoolbar.etag.hxxp://dynamicdialogs.toolbar.conduit-services.com/dlg.pkg?ver=3.12[...]
Supprimée : user_pref("communitytoolbar.etag.hxxp://dynamicdialogs.toolbar.conduit-services.com/dlg.pkg?ver=3.12[...]
Supprimée : user_pref("communitytoolbar.etag.hxxp://dynamicdialogs.toolbar.conduit-services.com/dlg.pkg?ver=3.13[...]
Supprimée : user_pref("communitytoolbar.etag.hxxp://dynamicdialogs.toolbar.conduit-services.com/dlg.pkg?ver=3.8.[...]
Supprimée : user_pref("communitytoolbar.etag.hxxp://dynamicdialogs.toolbar.conduit-services.com/dlg.pkg?ver=3.9.[...]
Supprimée : user_pref("communitytoolbar.etag.hxxp://servicemap.conduit-services.com/toolbar/?ownerid=ct2851639",[...]
Supprimée : user_pref("communitytoolbar.etag.hxxp://settings.toolbar.search.conduit.com/root/ct2851639/ct2851639[...]
Supprimée : user_pref("communitytoolbar.etag.hxxp://translation.toolbar.conduit-services.com/?locale=eb_locale",[...]
Supprimée : user_pref("communitytoolbar.etag.hxxp://translation.toolbar.conduit-services.com/?locale=fr", "\"686[...]
Supprimée : user_pref("communitytoolbar.facebook.settingslastchecktime", "mon apr 16 2012 17:58:11 gmt+0200");
Supprimée : user_pref("communitytoolbar.globaluserid", "b8760089-74f0-4b5b-bece-d2d33543c168");
Supprimée : user_pref("communitytoolbar.isalerturladdedtofeeditemtable", true);
Supprimée : user_pref("communitytoolbar.isclickactionaddedtofeeditemtable", true);
Supprimée : user_pref("communitytoolbar.keywordurlselectedctid", "ct2851639");
Supprimée : user_pref("communitytoolbar.latestlibspath", "file:///c:\\users\\francoise\\appdata\\roaming\\mozill[...]
Supprimée : user_pref("communitytoolbar.latesttoolbarversioninstalled", "3.13.0.6");
Supprimée : user_pref("communitytoolbar.miniipagegadgetsize.hxxp://listen.grooveshark.com/ ", "800x598");
Supprimée : user_pref("communitytoolbar.miniipagegadgetsize.hxxp://youtube.conduitapps.com/v115/gadget.php?appmo[...]
Supprimée : user_pref("communitytoolbar.notifications.alertdialogsgetterlastchecktime", "mon jun 18 2012 11:28:1[...]
Supprimée : user_pref("communitytoolbar.notifications.alertenabled", true);
Supprimée : user_pref("communitytoolbar.notifications.alertinfointerval", 1440);
Supprimée : user_pref("communitytoolbar.notifications.alertinfolastchecktime", "thu jun 21 2012 23:11:27 gmt+020[...]
Supprimée : user_pref("communitytoolbar.notifications.clientsserverurl", "hxxp://alert.client.conduit.com");
Supprimée : user_pref("communitytoolbar.notifications.locale", "en");
Supprimée : user_pref("communitytoolbar.notifications.loginintervalmin", 1440);
Supprimée : user_pref("communitytoolbar.notifications.loginlastchecktime", "thu jun 21 2012 23:11:20 gmt+0200");
Supprimée : user_pref("communitytoolbar.notifications.loginlastupdatetime", "1313487611");
Supprimée : user_pref("communitytoolbar.notifications.messageshowtimesec", 20);
Supprimée : user_pref("communitytoolbar.notifications.servicesserverurl", "hxxp://alert.services.conduit.com");
Supprimée : user_pref("communitytoolbar.notifications.showtrayicon", false);
Supprimée : user_pref("communitytoolbar.notifications.usercloseintervalmin", 300);
Supprimée : user_pref("communitytoolbar.notifications.userid", "85513884-88d0-4ecd-bae4-805207310619");
Supprimée : user_pref("communitytoolbar.originalhomepage", "hxxp://www.searchqu.com/406");
Supprimée : user_pref("communitytoolbar.originalsearchengine", "search results");
Supprimée : user_pref("communitytoolbar.searchfromaddressbarsavedurl", "hxxp://dts.search-results.com/sr?src=ffb[...]
Supprimée : user_pref("communitytoolbar.toolbarslist", "ct2851639");
Supprimée : user_pref("communitytoolbar.toolbarslist2", "ct2851639");
Supprimée : user_pref("communitytoolbar.toolbarslist4", "ct2851639");
Supprimée : user_pref("ct2851639..clientlogisenabled", false);
Supprimée : user_pref("ct2851639..clientlogserviceurl", "hxxp://clientlog.users.conduit.com/clientdiagnostics.as[...]
Supprimée : user_pref("ct2851639..uninstalllogserviceurl", "hxxp://uninstall.users.conduit.com/uninstall.asmx/re[...]
Supprimée : user_pref("ct2851639.aboutprivacyurl", "hxxp://www.conduit.com/privacy/default.aspx");
Supprimée : user_pref("ct2851639.alertchannelid", "1243674");
Supprimée : user_pref("ct2851639.allow_showing_hidden_toolbar", false);
Supprimée : user_pref("ct2851639.apptrackinglastchecktime", "mon jun 18 2012 11:51:35 gmt+0200");
Supprimée : user_pref("ct2851639.autodisablescopes", -1);
Supprimée : user_pref("ct2851639.backendstorage.cb_experience_000", "313531");
Supprimée : user_pref("ct2851639.backendstorage.cb_firstuse0100", "31");
Supprimée : user_pref("ct2851639.backendstorage.cb_user_id_000", "43423133333130373937303038365f46697265666f78")[...]
Supprimée : user_pref("ct2851639.backendstorage.cbcountry_000", "4652");
Supprimée : user_pref("ct2851639.backendstorage.cbcountry_001", "4652");
Supprimée : user_pref("ct2851639.backendstorage.cbfirsttime", "53756e204a616e20303120323031322031343a31393a35362[...]
Supprimée : user_pref("ct2851639.backendstorage.pairingkey", "39383134323535443733364232333342314535464233464234[...]
Supprimée : user_pref("ct2851639.backendstorage.scriptsource", "687474703a2f2f3132372e302e302e313a31303030302f67[...]
Supprimée : user_pref("ct2851639.backendstorage.url_history", "687474703a2f2f7777772e6c6976656174632e6e65742f736[...]
Supprimée : user_pref("ct2851639.backendstorage.url_history0001", "687474703a2f2f7777772e696f6269742e636f6d2f616[...]
Supprimée : user_pref("ct2851639.backendstorage.url_history_time", "31333235343334363939313339");
Supprimée : user_pref("ct2851639.backendstorage.uttorrents", "7b226275696c64223a32373332382c226c6162656c223a5b5d[...]
Supprimée : user_pref("ct2851639.ct2851639", "ct2851639");
Supprimée : user_pref("ct2851639.ctid", "ct2851639");
Supprimée : user_pref("ct2851639.currentserverdate", "22-6-2012");
Supprimée : user_pref("ct2851639.dialogsalignmode", "ltr");
Supprimée : user_pref("ct2851639.dialogsgetterlastchecktime", "fri jun 22 2012 12:05:06 gmt+0200");
Supprimée : user_pref("ct2851639.downloadreferralcookiedata", "");
Supprimée : user_pref("ct2851639.dsinstall", false);
Supprimée : user_pref("ct2851639.emailnotifierpolldate", "fri jun 22 2012 15:47:36 gmt+0200");
Supprimée : user_pref("ct2851639.feedlastcount2548968607390276962", 501);
Supprimée : user_pref("ct2851639.feedpolldate2429156812186649977", "fri jun 22 2012 15:12:37 gmt+0200");
Supprimée : user_pref("ct2851639.feedpolldate2429156813040823546", "fri jun 22 2012 15:12:37 gmt+0200");
Supprimée : user_pref("ct2851639.feedpolldate2429156813130095866", "fri jun 22 2012 15:12:36 gmt+0200");
Supprimée : user_pref("ct2851639.feedpolldate2429156813224203613", "fri jun 22 2012 15:12:37 gmt+0200");
Supprimée : user_pref("ct2851639.feedpolldate2429156813230837251", "fri jun 22 2012 15:12:37 gmt+0200");
Supprimée : user_pref("ct2851639.feedpolldate2429156813454291735", "fri jun 22 2012 15:12:37 gmt+0200");
Supprimée : user_pref("ct2851639.feedpolldate2429156813729834876", "fri jun 22 2012 15:12:36 gmt+0200");
Supprimée : user_pref("ct2851639.feedpolldate2429156813860870021", "fri jun 22 2012 15:12:37 gmt+0200");
Supprimée : user_pref("ct2851639.feedpolldate2429156814264681793", "fri jun 22 2012 15:12:37 gmt+0200");
Supprimée : user_pref("ct2851639.feedpolldate2429156814863075366", "fri jun 22 2012 15:12:37 gmt+0200");
Supprimée : user_pref("ct2851639.feedpolldate2429156815257761081", "fri jun 22 2012 15:12:37 gmt+0200");
Supprimée : user_pref("ct2851639.feedttl2429156813040823546", 15);
Supprimée : user_pref("ct2851639.feedttl2429156813130095866", 10);
Supprimée : user_pref("ct2851639.feedttl2429156813454291735", 5);
Supprimée : user_pref("ct2851639.feedttl2429156814264681793", 5);
Supprimée : user_pref("ct2851639.firstserverdate", "1-1-2012");
Supprimée : user_pref("ct2851639.firsttime", true);
Supprimée : user_pref("ct2851639.firsttimeff3", true);
Supprimée : user_pref("ct2851639.firsttimehiddenver", true);
Supprimée : user_pref("ct2851639.fixpagenotfounderrors", true);
Supprimée : user_pref("ct2851639.generalconfigfromlogin", "{\"apimaxalerts\":\"12\",\"socialdomains\":\"social.c[...]
Supprimée : user_pref("ct2851639.globalfirsttimeinfolastchecktime", "sat jun 16 2012 00:35:57 gmt+0200");
Supprimée : user_pref("ct2851639.groupingservercheckinterval", 1440);
Supprimée : user_pref("ct2851639.groupingserviceurl", "hxxp://grouping.services.conduit.com/");
Supprimée : user_pref("ct2851639.hasuserglobalkeys", true);
Supprimée : user_pref("ct2851639.homepagebeforeunload", "hxxp://www.searchqu.com/406");
Supprimée : user_pref("ct2851639.homepageprotectorenablebylogin", true);
Supprimée : user_pref("ct2851639.homepageprotectorenabled", false);
Supprimée : user_pref("ct2851639.hpinstall", false);
Supprimée : user_pref("ct2851639.initdone", true);
Supprimée : user_pref("ct2851639.initialize", true);
Supprimée : user_pref("ct2851639.initializecommonprefs", true);
Supprimée : user_pref("ct2851639.installationandcookiedatasentcount", 3);
Supprimée : user_pref("ct2851639.installationid", "conduitxpeintegration");
Supprimée : user_pref("ct2851639.installationtype", "conduitxpeintegration");
Supprimée : user_pref("ct2851639.installeddate", "sun jan 01 2012 14:19:54 gmt+0100");
Supprimée : user_pref("ct2851639.isalertdbupdated", true);
Supprimée : user_pref("ct2851639.isapptrackingmanageron", true);
Supprimée : user_pref("ct2851639.isgrouping", false);
Supprimée : user_pref("ct2851639.isinitsetupini", true);
Supprimée : user_pref("ct2851639.ismulticommunity", false);
Supprimée : user_pref("ct2851639.isopenthankyoupage", true);
Supprimée : user_pref("ct2851639.isopenuninstallpage", false);
Supprimée : user_pref("ct2851639.isprotectorsinit", true);
Supprimée : user_pref("ct2851639.languagepacklastchecktime", "thu jun 21 2012 23:11:19 gmt+0200");
Supprimée : user_pref("ct2851639.languagepackreloadintervalmm", 1440);
Supprimée : user_pref("ct2851639.languagepackserviceurl", "hxxp://translation.users.conduit.com/translation.ashx[...]
Supprimée : user_pref("ct2851639.lastlogin_3.10.0.1", "tue apr 17 2012 20:37:28 gmt+0200");
Supprimée : user_pref("ct2851639.lastlogin_3.12.0.7", "wed apr 25 2012 06:42:15 gmt+0200");
Supprimée : user_pref("ct2851639.lastlogin_3.12.2.3", "wed may 30 2012 17:10:33 gmt+0200");
Supprimée : user_pref("ct2851639.lastlogin_3.13.0.6", "fri jun 22 2012 14:13:32 gmt+0200");
Supprimée : user_pref("ct2851639.lastlogin_3.8.1.0", "thu jan 12 2012 19:38:16 gmt+0100");
Supprimée : user_pref("ct2851639.lastlogin_3.9.0.3", "thu mar 08 2012 15:56:28 gmt+0100");
Supprimée : user_pref("ct2851639.latestversion", "3.13.0.6");
Supprimée : user_pref("ct2851639.locale", "fr");
Supprimée : user_pref("ct2851639.mcdetecttooltipheight", "83");
Supprimée : user_pref("ct2851639.mcdetecttooltipurl", "hxxp://@eb_install_link@/rank/tooltip/?version=1");
Supprimée : user_pref("ct2851639.mcdetecttooltipwidth", "295");
Supprimée : user_pref("ct2851639.mystuffenabled", true);
Supprimée : user_pref("ct2851639.mystuffenabledatinstallation", true);
Supprimée : user_pref("ct2851639.mystuffpublihserminwidth", 400);
Supprimée : user_pref("ct2851639.mystuffsearchurl", "hxxp://apps.conduit.com/search?q=search_term&searchsourceor[...]
Supprimée : user_pref("ct2851639.mystuffserviceintervalmm", 1440);
Supprimée : user_pref("ct2851639.mystuffserviceurl", "hxxp://mystuff.conduit-services.com/mystuffservice.ashx?co[...]
Supprimée : user_pref("ct2851639.navigatetourlonsearch", false);
Supprimée : user_pref("ct2851639.oldappslist", "129351529700431300,129351529700743801,1000234,129791404828153723[...]
Supprimée : user_pref("ct2851639.originalfirstversion", "3.8.1.0");
Supprimée : user_pref("ct2851639.revertsettingsenabled", true);
Supprimée : user_pref("ct2851639.searchboxwidth", 151);
Supprimée : user_pref("ct2851639.searchcaption", "utorrentbar_fr customized web search");
Supprimée : user_pref("ct2851639.searchenginebeforeunload", "search results");
Supprimée : user_pref("ct2851639.searchfromaddressbarisinit", true);
Supprimée : user_pref("ct2851639.searchfromaddressbarurl", "hxxp://search.conduit.com/resultsext.aspx?ctid=ct285[...]
Supprimée : user_pref("ct2851639.searchinnewtabenabled", true);
Supprimée : user_pref("ct2851639.searchinnewtabintervalmm", 1440);
Supprimée : user_pref("ct2851639.searchinnewtablastchecktime", "thu jun 21 2012 23:11:18 gmt+0200");
Supprimée : user_pref("ct2851639.searchinnewtabserviceurl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=eb_t[...]
Supprimée : user_pref("ct2851639.searchinnewtabusageurl", "hxxp://usage.hosting.toolbar.conduit-services.com/usa[...]
Supprimée : user_pref("ct2851639.searchprotectordialogdelayinsec", 10);
Supprimée : user_pref("ct2851639.searchprotectorenablebylogin", true);
Supprimée : user_pref("ct2851639.searchprotectorenabled", false);
Supprimée : user_pref("ct2851639.searchprotectortoolbardisabled", false);
Supprimée : user_pref("ct2851639.sendprotectordatavialogin", true);
Supprimée : user_pref("ct2851639.servicemaplastchecktime", "thu jun 21 2012 23:11:18 gmt+0200");
Supprimée : user_pref("ct2851639.settingslastchecktime", "fri jun 22 2012 14:12:36 gmt+0200");
Supprimée : user_pref("ct2851639.settingslastupdate", "1337169810");
Supprimée : user_pref("ct2851639.shrink_toolbar", 1);
Supprimée : user_pref("ct2851639.tbhomepageurl", "hxxp://search.conduit.com/?ctid=ct2851639&searchsource=13");
Supprimée : user_pref("ct2851639.testingctid", "");
Supprimée : user_pref("ct2851639.thirdpartycomponentsinterval", 504);
Supprimée : user_pref("ct2851639.thirdpartycomponentslastcheck", "mon jun 18 2012 10:02:36 gmt+0200");
Supprimée : user_pref("ct2851639.thirdpartycomponentslastupdate", "1331805999");
Supprimée : user_pref("ct2851639.toolbarappmetadatalastchecktime", "thu jun 21 2012 23:11:19 gmt+0200");
Supprimée : user_pref("ct2851639.toolbarcontextmenulastchecktime", "mon jun 18 2012 10:02:36 gmt+0200");
Supprimée : user_pref("ct2851639.toolbarshrinkedfromsetup", false);
Supprimée : user_pref("ct2851639.trustedapidomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Supprimée : user_pref("ct2851639.trustelinkurl", "hxxp://trust.conduit.com/ct2851639");
Supprimée : user_pref("ct2851639.usagesflag", 2);
Supprimée : user_pref("ct2851639.userid", "un87980711056534739");
Supprimée : user_pref("ct2851639.validationdata_search", 2);
Supprimée : user_pref("ct2851639.validationdata_toolbar", 2);
Supprimée : user_pref("ct2851639.weathernetwork", "");
Supprimée : user_pref("ct2851639.weatherpolldate", "fri jun 22 2012 15:42:37 gmt+0200");
Supprimée : user_pref("ct2851639.weatherunit", "c");
Supprimée : user_pref("extensions.BabylonToolbar.admin", false);
Supprimée : user_pref("extensions.BabylonToolbar.aflt", "babsst");
Supprimée : user_pref("extensions.BabylonToolbar.babExt", "");
Supprimée : user_pref("extensions.BabylonToolbar.babTrack", "affID=110398");
Supprimée : user_pref("extensions.BabylonToolbar.bbDpng", 6);
Supprimée : user_pref("extensions.BabylonToolbar.dfltSrch", false);
Supprimée : user_pref("extensions.BabylonToolbar.hmpg", false);
Supprimée : user_pref("extensions.BabylonToolbar.id", "c27c354600000000000000ffadcb5010");
Supprimée : user_pref("extensions.BabylonToolbar.instlDay", "15476");
Supprimée : user_pref("extensions.BabylonToolbar.instlRef", "sst");
Supprimée : user_pref("extensions.BabylonToolbar.lastDP", 6);
Supprimée : user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.5.3.1718:47:15");
Supprimée : user_pref("extensions.BabylonToolbar.mntrFFxVrsn", "13.0");
Supprimée : user_pref("extensions.BabylonToolbar.newTab", true);
Supprimée : user_pref("extensions.BabylonToolbar.newTabUrl", "hxxp://search.babylon.com/?babsrc=NT_bb");
Supprimée : user_pref("extensions.BabylonToolbar.noFFXTlbr", false);
Supprimée : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
Supprimée : user_pref("extensions.BabylonToolbar.propectorlck", 80122890);
Supprimée : user_pref("extensions.BabylonToolbar.prtkHmpg", 1);
Supprimée : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
Supprimée : user_pref("extensions.BabylonToolbar.ptch_0717", true);
Supprimée : user_pref("extensions.BabylonToolbar.smplGrp", "none");
Supprimée : user_pref("extensions.BabylonToolbar.srcExt", "ss");
Supprimée : user_pref("extensions.BabylonToolbar.tlbrId", "base");
Supprimée : user_pref("extensions.BabylonToolbar.vrsn", "1.5.3.17");
Supprimée : user_pref("extensions.BabylonToolbar.vrsnTs", "1.5.3.1718:47:15");
Supprimée : user_pref("extensions.BabylonToolbar.vrsni", "1.5.3.17");
Supprimée : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
Supprimée : user_pref("extensions.BabylonToolbar_i.babExt", "");
Supprimée : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=110398");
Supprimée : user_pref("extensions.BabylonToolbar_i.hardId", "c27c354600000000000000ffadcb5010");
Supprimée : user_pref("extensions.BabylonToolbar_i.id", "c27c354600000000000000ffadcb5010");
Supprimée : user_pref("extensions.BabylonToolbar_i.instlDay", "15476");
Supprimée : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
Supprimée : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
Supprimée : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
Supprimée : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Supprimée : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Supprimée : user_pref("extensions.BabylonToolbar_i.tlbrId", "base");
Supprimée : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
Supprimée : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1718:47:15");
Supprimée : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
Supprimée : user_pref("extensions.asktb.abar-war-timeout", "4000");
Supprimée : user_pref("extensions.asktb.apn_dbr", "ff_7.0.1");
Supprimée : user_pref("extensions.asktb.autofill-competitor-query-enabled", true);
Supprimée : user_pref("extensions.asktb.autofill-text-highlight-enabled", true);
Supprimée : user_pref("extensions.asktb.cbid", "cv");
Supprimée : user_pref("extensions.asktb.config-updated", true);
Supprimée : user_pref("extensions.asktb.crumb", "2011.10.30+08.22.18-toolbar007iad-fr-tmfuy3ksrnjhbmnl");
Supprimée : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://fr.ask.com/web?q={query}&qsrc={qsrc}&[...]
Supprimée : user_pref("extensions.asktb.displaybehavior", "");
Supprimée : user_pref("extensions.asktb.displaytext", "");
Supprimée : user_pref("extensions.asktb.dtid", "yyyyyyyyfr");
Supprimée : user_pref("extensions.asktb.dyn-weather-do-locid-lookup-weatherwidget", false);
Supprimée : user_pref("extensions.asktb.dyn-weather-locid-weatherwidget", "frxx5361");
Supprimée : user_pref("extensions.asktb.dyn-weather-tempunit-weatherwidget", "c");
Supprimée : user_pref("extensions.asktb.first-restart-after-config-update", true);
Supprimée : user_pref("extensions.asktb.guid", "d36f0ef1-a016-4867-aa4f-1d63118c7ad6");
Supprimée : user_pref("extensions.asktb.hxxp-header-whitelist-hosts", "[\"static-dev.en.dev.ask.com\", \"ask.com[...]
Supprimée : user_pref("extensions.asktb.if", "first");
Supprimée : user_pref("extensions.asktb.installdir", "c:\\program files (x86)\\ask.com\\");
Supprimée : user_pref("extensions.asktb.l", "dis");
Supprimée : user_pref("extensions.asktb.last-config-req", "1325096801338");
Supprimée : user_pref("extensions.asktb.last-search-timestamp", "1324399673089");
Supprimée : user_pref("extensions.asktb.locale", "fr_fr");
Supprimée : user_pref("extensions.asktb.location", "nancy,france");
Supprimée : user_pref("extensions.asktb.lstation", "");
Supprimée : user_pref("extensions.asktb.o", "14654");
Supprimée : user_pref("extensions.asktb.pstate", "");
Supprimée : user_pref("extensions.asktb.qsrc", "2871");
Supprimée : user_pref("extensions.asktb.sa", "no");
Supprimée : user_pref("extensions.asktb.search-history-queries", "0621457535||| liste des torrents | torrents[...]
Supprimée : user_pref("extensions.asktb.search-suggestions-enabled", true);
Supprimée : user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", false);
Supprimée : user_pref("extensions.asktb.socialmini-first", true);
Supprimée : user_pref("extensions.asktb.socialmini-interval", "1200000");
Supprimée : user_pref("extensions.asktb.socialmini-max-char-ticker", "33");
Supprimée : user_pref("extensions.asktb.socialmini-max-items", "30");
Supprimée : user_pref("extensions.asktb.socialmini-native-on", true);
Supprimée : user_pref("extensions.asktb.socialmini-speed", "10000");
Supprimée : user_pref("extensions.asktb.socialmini-transition-first-open", false);
Supprimée : user_pref("extensions.asktb.themeid", "");
Supprimée : user_pref("extensions.asktb.timeinstalled", "30/10/2011 16:22:50");
Supprimée : user_pref("extensions.asktb.to", "");
Supprimée : user_pref("extensions.babylontoolbar.admin", false);
Supprimée : user_pref("extensions.babylontoolbar.aflt", "babsst");
Supprimée : user_pref("extensions.babylontoolbar.babext", "");
Supprimée : user_pref("extensions.babylontoolbar.babtrack", "affid=110398");
Supprimée : user_pref("extensions.babylontoolbar.bbdpng", 22);
Supprimée : user_pref("extensions.babylontoolbar.dfltsrch", false);
Supprimée : user_pref("extensions.babylontoolbar.hmpg", false);
Supprimée : user_pref("extensions.babylontoolbar.id", "c27c354600000000000000ffadcb5010");
Supprimée : user_pref("extensions.babylontoolbar.instlday", "15476");
Supprimée : user_pref("extensions.babylontoolbar.instlref", "sst");
Supprimée : user_pref("extensions.babylontoolbar.lastdp", 22);
Supprimée : user_pref("extensions.babylontoolbar.lastvrsnts", "1.5.3.1718:47:15");
Supprimée : user_pref("extensions.babylontoolbar.mntrffxvrsn", "13.0");
Supprimée : user_pref("extensions.babylontoolbar.newtab", true);
Supprimée : user_pref("extensions.babylontoolbar.newtaburl", "hxxp://search.babylon.com/?babsrc=nt_ffup");
Supprimée : user_pref("extensions.babylontoolbar.noffxtlbr", false);
Supprimée : user_pref("extensions.babylontoolbar.prdct", "babylontoolbar");
Supprimée : user_pref("extensions.babylontoolbar.propectorlck", 78932940);
Supprimée : user_pref("extensions.babylontoolbar.prtkds", 1);
Supprimée : user_pref("extensions.babylontoolbar.prtkhmpg", 1);
Supprimée : user_pref("extensions.babylontoolbar.prtnrid", "babylon");
Supprimée : user_pref("extensions.babylontoolbar.ptch_0717", true);
Supprimée : user_pref("extensions.babylontoolbar.smplgrp", "none");
Supprimée : user_pref("extensions.babylontoolbar.srcext", "ss");
Supprimée : user_pref("extensions.babylontoolbar.tlbrid", "base");
Supprimée : user_pref("extensions.babylontoolbar.vrsn", "1.5.3.17");
Supprimée : user_pref("extensions.babylontoolbar.vrsni", "1.5.3.17");
Supprimée : user_pref("extensions.babylontoolbar.vrsnts", "1.5.3.1718:47:15");
Supprimée : user_pref("extensions.babylontoolbar_i.aflt", "babsst");
Supprimée : user_pref("extensions.babylontoolbar_i.babext", "");
Supprimée : user_pref("extensions.babylontoolbar_i.babtrack", "affid=110398");
Supprimée : user_pref("extensions.babylontoolbar_i.hardid", "c27c354600000000000000ffadcb5010");
Supprimée : user_pref("extensions.babylontoolbar_i.id", "c27c354600000000000000ffadcb5010");
Supprimée : user_pref("extensions.babylontoolbar_i.instlday", "15476");
Supprimée : user_pref("extensions.babylontoolbar_i.instlref", "sst");
Supprimée : user_pref("extensions.babylontoolbar_i.newtab", true);
Supprimée : user_pref("extensions.babylontoolbar_i.newtaburl", "hxxp://search.babylon.com/?af=110398&babsrc=nt_s[...]
Supprimée : user_pref("extensions.babylontoolbar_i.prdct", "babylontoolbar");
Supprimée : user_pref("extensions.babylontoolbar_i.prtnrid", "babylon");
Supprimée : user_pref("extensions.babylontoolbar_i.smplgrp", "none");
Supprimée : user_pref("extensions.babylontoolbar_i.srcext", "ss");
Supprimée : user_pref("extensions.babylontoolbar_i.tlbrid", "base");
Supprimée : user_pref("extensions.babylontoolbar_i.vrsn", "1.5.3.17");
Supprimée : user_pref("extensions.babylontoolbar_i.vrsni", "1.5.3.17");
Supprimée : user_pref("extensions.babylontoolbar_i.vrsnts", "1.5.3.1718:47:15");
Supprimée : user_pref("extensions.basicscan.init", true);
Supprimée : user_pref("extensions.enabledaddons", "ffxtlbr@babylon.com:1.1.9,{05eeb91a-aef7-4f8a-978f-fb83e7b03f[...]
Supprimée : user_pref("extensions.installcache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{3c5f0f00-683d-[...]
Supprimée : user_pref("keyword.url", "hxxp://search.conduit.com/resultsext.aspx?ctid=ct2851639&q=");

-\\ Google Chrome v [Impossible d'obtenir la version]

Fichier : C:\Users\Francoise\AppData\Local\Google\Chrome\User Data\Default\Preferences

Supprimée [l.9] : homepage = "hxxp://search.conduit.com/?ctid=CT3198785&SearchSource=48",
Supprimée [l.13] : urls_to_restore_on_startup = [ "hxxp://search.conduit.com/?ctid=CT3198785&SearchSource=48" ]
Supprimée [l.37] : icon_url = "hxxp://search.conduit.com/fav.ico",
Supprimée [l.40] : keyword = "search.conduit.com",
Supprimée [l.43] : search_url = "hxxp://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&ctid=CT3198785",
Supprimée [l.44] : suggest_url = "hxxp://search.conduit.com/"
Supprimée [l.1275] : homepage = "hxxp://search.conduit.com/?ctid=CT3198785&SearchSource=48",
Supprimée [l.2110] : urls_to_restore_on_startup = [ "hxxp://search.conduit.com/?ctid=CT3198785&SearchSource=48" ]

*************************

AdwCleaner[S2].txt - [48408 octets] - [31/08/2012 22:36:31]

########## EOF - C:\AdwCleaner[S2].txt - [48469 octets] ##########

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:53 AM

Posted 31 August 2012 - 06:32 PM

Download

http://download.sysinternals.com/files/ProcessExplorer.zip

Extract and launch it.

Copy this command

rd /s /q C:\$Recycle.Bin\S-1-5-21-3849335524-1970740220-1426121856-1000

Now launch process explorer,right click on EXPLORER.EXE and end the process.

Now click on FILE-RUN and type

cmd and click ok

and copy paste the above command and present ENTER

Now type EXPLORER again and press ENTER

Restart the PC and let me know if you have any issues

Run the services repair tool

http://kb.eset.com/library/ESET/KB%20Team%20Only/Malware/ServicesRepair.exe

Post the new FSS log

download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here

#7 breqkfury

breqkfury
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:02:53 AM

Posted 01 September 2012 - 02:45 AM

FSS LOG

Farbar Service Scanner Version: 06-08-2012
Ran by Francoise (administrator) on 01-09-2012 at 09:42:25
Running from "C:\Users\Francoise\Downloads"
Microsoft Windows 7 Édition Familiale Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.

BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

RKILL LOG

Rkill 2.3.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 09/01/2012 09:42:56 AM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop.

* No malware services found to stop.

Checking for processes to terminate.

* C:\Users\Francoise\Downloads\FSS(1).exe (PID: 480) [UP-HEUR]

1 proccess terminated!

Checking Registry for malware related settings.

* Explorer Policy Removed: NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
C:\Users\Francoise\Desktop\rkill\rkill-09-01-2012-09-43-01.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks.
* No issues found.

Checking Windows Service Integrity:

* BITS [Missing Service]
* Themes [Missing Service]
* UmRdpService [Missing Service]
* wuauserv [Missing Service]

* AppMgmt [Missing ImagePath]
* CscService [Missing ImagePath]
* PeerDistSvc [Missing ImagePath]

Searching for Missing Digital Signatures:

* C:\Windows\System32\UxTheme.dll [NoSig]
+-> C:\Windows\SysWOW64\uxtheme.dll : 245 760 : 08/03/2012 01:37 PM : 5791d764ef253b4400b53d15ae6a5c17 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-uxtheme_31bf3856ad364e35_6.1.7600.16385_none_01d98c7b2040a1b9\uxtheme.dll : 332 288 : 07/14/2009 00:41 AM : d29e998e8277666982b4f0303bf4e7af [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-uxtheme_31bf3856ad364e35_6.1.7600.16385_none_0c2e36cd54a163b4\uxtheme.dll : 245 760 : 07/14/2009 00:11 AM : 43964fa89ccf97ba6be34d69455ac65f [Pos Repl]

Program finished at: 09/01/2012 09:44:03 AM
Execution time: 0 hours(s), 1 minute(s), and 7 seconds(s)


I am now able to run Windows Defender and Firewall but i still can't launch Windows Update, thank you for giving me help

Edited by breqkfury, 01 September 2012 - 02:55 AM.


#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:53 AM

Posted 01 September 2012 - 03:04 AM

Click on startmenu and type

cmd

Right click on it and select run as administrator and run this command

sfc /scanfile= C:\Windows\System32\UxTheme.dll

After scan completes,

Download

BITS
Themes

Launch them,click YES

Restart the PC,post the new RKill log

Do you have any current issues?

#9 breqkfury

breqkfury
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:02:53 AM

Posted 01 September 2012 - 03:14 AM

RKILL LOG

Rkill 2.3.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 09/01/2012 10:12:12 AM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop.

* No malware services found to stop.

Checking for processes to terminate.

* No malware processes found to kill.

Checking Registry for malware related settings.

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks.
* No issues found.

Checking Windows Service Integrity:

* BITS [Missing Service]
* UmRdpService [Missing Service]
* wuauserv [Missing Service]

* AppMgmt [Missing ImagePath]
* CscService [Missing ImagePath]
* PeerDistSvc [Missing ImagePath]

Searching for Missing Digital Signatures:

* No issues found.

Program finished at: 09/01/2012 10:12:20 AM
Execution time: 0 hours(s), 0 minute(s), and 7 seconds(s)

My Windows 7 theme is still missing, i just have like the old windows theme, and i still can't run Windows Update.

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:53 AM

Posted 01 September 2012 - 03:16 AM

Download

wuauserv

Launch it,click YES

Restart the PC

Press Windows+R key and type

services.msc and click ok

RIght click on themes service start it

Let me know if that solves both the issues.

Edited by narenxp, 01 September 2012 - 03:18 AM.


#11 breqkfury

breqkfury
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:02:53 AM

Posted 01 September 2012 - 03:28 AM

Download

wuauserv

Launch it,click YES

Restart the PC

Press Windows+R key and type

services.msc and click ok

RIght click on themes service start it

Let me know if that solves both the issues.


Hey,

When i go to services to enable Themes, here is what i get: Error 1083 "The executable program that this service is configured to run does not implemented the service"

And when i try to enable Windows Update it say that it cannot run it because the service is not running, so i try to go to services to enable Windows Update, but i can't find it on the Services page

Thanks.

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:53 AM

Posted 01 September 2012 - 03:31 AM

When i go to services to enable Themes, here is what i get: Error 1083 "The executable program that this service is configured to run does not implemented the service"

And when i try to enable Windows Update it say that it cannot run it because the service is not running, so i try to go to services to enable Windows Update, but i can't find it on the Services page


Restart the PC and try again

#13 breqkfury

breqkfury
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:02:53 AM

Posted 01 September 2012 - 03:48 AM

When i go to services to enable Themes, here is what i get: Error 1083 "The executable program that this service is configured to run does not implemented the service"

And when i try to enable Windows Update it say that it cannot run it because the service is not running, so i try to go to services to enable Windows Update, but i can't find it on the Services page


Restart the PC and try again


Did it two times, still same thing :/

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:53 AM

Posted 01 September 2012 - 03:57 AM

Run RKILL again and post the new log

#15 breqkfury

breqkfury
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:02:53 AM

Posted 01 September 2012 - 04:15 AM

RKILL LOG

Rkill 2.3.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 09/01/2012 11:14:50 AM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop.

* No malware services found to stop.

Checking for processes to terminate.

* C:\Users\Francoise\Desktop\Vagex\Vagex.exe (PID: 2864) [UP-HEUR]

1 proccess terminated!

Checking Registry for malware related settings.

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks.
* No issues found.

Checking Windows Service Integrity:

* BITS [Missing Service]
* UmRdpService [Missing Service]
* wuauserv [Missing Service]

* AppMgmt [Missing ImagePath]
* CscService [Missing ImagePath]
* PeerDistSvc [Missing ImagePath]

Searching for Missing Digital Signatures:

* No issues found.

Program finished at: 09/01/2012 11:15:00 AM
Execution time: 0 hours(s), 0 minute(s), and 10 seconds(s)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users