Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

One of my urls is redirected to several games and competition websites


  • Please log in to reply
16 replies to this topic

#1 goalsurfer

goalsurfer

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:05:41 PM

Posted 01 February 2014 - 07:05 PM

This is something that regularly seems to happen, yesterday for the second time.  The first time it disappeared just by a "SuperAntispyware Free" scan, but this time it didn't go away with this program.  I found Combofix.exe on the internet, but only now read you shouldn't use this without suppervision.  The installation went without problems and it run for about one hour, without change in the popup.  I closed the program without problems again, but as the redirect on my site hasn't disppeared (Combofix wasn't finished yet), I come to this forum for further help.

 

In case I really need a scan with Combofix, please can somebody tell me what to do further?  The problem is thus that the program doesn't show any progress after the blue popup telling it is scanning the computer system and that it can take 10 minutes or the double in case of heavy infections.  I thought an hour is too much and then, the program seemed never to finish .

 

Please is Combofix the best program to get the redirect removed or do I need to use something else?

 

What I further to know is if you can avoid these redirects by protecting your site with Norton or another antivirus?

 

And at last, doesn't the inbuilt antivirus of a browser (when it is 'on') not protect against redirects?



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:41 AM

Posted 01 February 2014 - 08:23 PM

Hello, so you do NOT have a CF log?

What browser are you using?

The infection could have come with something you installed, in that event the AV ignored it s you said yes to the install.

Let's do all these and see what we get.

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
.
.
.
ADW Cleaner

Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • After the scan has finished...
    <-insert any special instructions here for what to uncheck OR remove this line if there are none->
  • This time click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S#].txt) will open automatically (where the largest value of # represents the most recent report).
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • .
    .
    .

    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
    • Shut down your protection software now to avoid potential conflicts.
    • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete depending on your system's specifications.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Post the contents of JRT.txt into your next message.
    .
    .
    .
    .
    • Last run ESET.
      • Hold down Control and click on this link to open ESET OnlineScan in a new window.
      • Click the esetonlinebtn.png button.
      • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
      • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
      • Double click on the esetsmartinstaller_enu.png icon on your desktop.
      • Check "YES, I accept the Terms of Use."
      • Click the Start button.
      • Accept any security warnings from your browser.
      • Under scan settings, check "Scan Archives" and "Remove found threats"
      • Click Advanced settings and select the following:
      • Scan potentially unwanted applications
      • Scan for potentially unsafe applications
      • Enable Anti-Stealth technology
      • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
      • When the scan completes, click List Threats
      • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
      • Click the Back button.
      • Click the Finish button.
      • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 goalsurfer

goalsurfer
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:05:41 PM

Posted 02 February 2014 - 05:24 PM

Mostly I use firefox.  Since some time when the browser is being opened I always see that it downloads something but I don't know what and so far no one could tell what is this download about.  Chrome is very slow on my computer so I seldom use it.

 

Combofix is uninstalled but it left a map with one file: NircmdB.  I have no log file.

 

This morning the redirect had disappeared but since 23.15 PM is is there back.  Maybe it is timed.

 

I'll now try the programs what you recommended.



#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:41 AM

Posted 02 February 2014 - 05:47 PM

That file can be deleted.. I'll check the logs after they are posted.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 goalsurfer

goalsurfer
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:05:41 PM

Posted 02 February 2014 - 06:39 PM

MiniToolBox by Farbar  Version: 23-01-2014
Ran by Administrateur (administrator) on 02-02-2014 at 23:33:42
Running from "C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Bureau"
Microsoft Windows XP Professionnel Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Configuration IP de Windows



Cache de résolution DNS vidé.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


127.0.0.1       localhost

========================= IP Configuration: ================================

TL-WN321G USB Wireless Adapter = Connexion réseau sans fil 4 (Connected)


# ----------------------------------
# Configuration IP de l'interface         
# ----------------------------------
pushd interface ip


# Configuration IP de l'interface pour "Connexion réseau sans fil 4"

set address name="Connexion réseau sans fil 4" source=dhcp
set dns name="Connexion réseau sans fil 4" source=dhcp register=PRIMARY
set wins name="Connexion réseau sans fil 4" source=dhcp


popd
# Fin de la configuration IP de l'interface




Configuration IP de Windows



        Nom de l'hôte . . . . . . . . . . : monique-c3360ea

        Suffixe DNS principal . . . . . . :

        Type de nœud . . . . . . . . . . : Inconnu

        Routage IP activé . . . . . . . . : Non

        Proxy WINS activé . . . . . . . . : Non



Carte Ethernet Connexion réseau sans fil 4:



        Suffixe DNS propre à la connexion :

        Description . . . . . . . . . . . : TL-WN321G USB Wireless Adapter

        Adresse physique . . . . . . . . .: 00-27-19-B9-25-3A

        DHCP activé. . . . . . . . . . . : Oui

        Configuration automatique activée . . . . : Oui

        Adresse IP. . . . . . . . . . . . : 192.168.0.2

        Masque de sous-réseau . . . . . . : 255.255.255.0

        Adresse IP. . . . . . . . . . . . : 2a02:2788:78:272:25c1:f05d:f1f8:e091

        Adresse IP. . . . . . . . . . . . : 2a02:2788:78:272:227:19ff:feb9:253a

        Adresse IP. . . . . . . . . . . . : fe80::227:19ff:feb9:253a%5

        Passerelle par défaut . . . . . . : 192.168.0.1

                                        fe80::a221:b7ff:fef1:40e7%5

        Serveur DHCP. . . . . . . . . . . : 192.168.0.1

        Serveurs DNS . . . . . . . . . .  : 109.88.203.3

                                        62.197.111.140

                                        fec0:0:0:ffff::1%1

                                        fec0:0:0:ffff::2%1

                                        fec0:0:0:ffff::3%1

        Bail obtenu . . . . . . . . . . . : dimanche 2 février 2014 23:28:43

        Bail expirant . . . . . . . . . . : lundi 3 février 2014 00:28:43



Carte Tunnel Teredo Tunneling Pseudo-Interface :



        Suffixe DNS propre à la connexion :

        Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface

        Adresse physique . . . . . . . . .: 00-00-90-BE-6A-65-33-B4

        DHCP activé. . . . . . . . . . . : Non

        Adresse IP. . . . . . . . . . . . : fe80::5445:5245:444f%4

        Passerelle par défaut . . . . . . :

        NetBIOS sur TCPIP. . . . . . . .  : Désactivé



Carte Tunnel Automatic Tunneling Pseudo-Interface :



        Suffixe DNS propre à la connexion :

        Description . . . . . . . . . . . : Automatic Tunneling Pseudo-Interface

        Adresse physique . . . . . . . . .: C0-A8-00-02

        DHCP activé. . . . . . . . . . . : Non

        Adresse IP. . . . . . . . . . . . : fe80::5efe:192.168.0.2%2

        Passerelle par défaut . . . . . . :

        Serveurs DNS . . . . . . . . . .  : fec0:0:0:ffff::1%1

                                        fec0:0:0:ffff::2%1

                                        fec0:0:0:ffff::3%1

        NetBIOS sur TCPIP. . . . . . . .  : Désactivé

Serveur :  62-197-111-140.teledisnet.be
Address:  62.197.111.140

Nom :    google.com
Addresses:  109.88.203.108, 109.88.203.89, 109.88.203.118, 109.88.203.113
      109.88.203.98, 109.88.203.99, 109.88.203.104, 109.88.203.93, 109.88.203.114
      109.88.203.109, 109.88.203.84, 109.88.203.94, 109.88.203.103, 109.88.203.119
      109.88.203.88, 109.88.203.123



Envoi d'une requˆte 'ping' sur google.com [2a00:1450:400c:c03::71] avec 32 octets de donn‚esÿ:



R‚ponse de 2a00:1450:400c:c03::71ÿ: temps=31 ms

R‚ponse de 2a00:1450:400c:c03::71ÿ: temps=44 ms



Statistiques Ping pour 2a00:1450:400c:c03::71:

    Paquetsÿ: envoy‚s = 2, re‡us = 2, perdus = 0 (perte 0%),

Dur‚e approximative des boucles en millisecondes :

    Minimum = 31ms, Maximum = 44ms, Moyenne = 37ms

Serveur :  62-197-111-140.teledisnet.be
Address:  62.197.111.140

Nom :    yahoo.com
Addresses:  206.190.36.45, 98.138.253.109, 98.139.183.24



Envoi d'une requˆte 'ping' sur yahoo.com [206.190.36.45] avec 32 octets de donn‚esÿ:



D‚lai d'attente de la demande d‚pass‚.

R‚ponse de 206.190.36.45ÿ: octets=32 temps=293 ms TTL=37



Statistiques Ping pour 206.190.36.45:

    Paquetsÿ: envoy‚s = 2, re‡us = 1, perdus = 1 (perte 50%),

Dur‚e approximative des boucles en millisecondes :

    Minimum = 293ms, Maximum = 293ms, Moyenne = 293ms



Envoi d'une requˆte 'ping' sur 127.0.0.1 avec 32 octets de donn‚esÿ:



R‚ponse de 127.0.0.1ÿ: octets=32 temps<1ms TTL=128

R‚ponse de 127.0.0.1ÿ: octets=32 temps<1ms TTL=128



Statistiques Ping pour 127.0.0.1:

    Paquetsÿ: envoy‚s = 2, re‡us = 2, perdus = 0 (perte 0%),

Dur‚e approximative des boucles en millisecondes :

    Minimum = 0ms, Maximum = 0ms, Moyenne = 0ms

===========================================================================
Liste d'Interfaces
0x1 ........................... MS TCP Loopback interface
0x10003 ...00 27 19 b9 25 3a ...... TL-WN321G USB Wireless Adapter - Miniport d'ordonnancement de paquets
===========================================================================
===========================================================================
Itin‚raires actifsÿ:
Destination r‚seau    Masque r‚seau  Adr. passerelle   Adr. interface M‚trique
          0.0.0.0          0.0.0.0      192.168.0.1     192.168.0.2      25
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1      1
      192.168.0.0    255.255.255.0      192.168.0.2     192.168.0.2      25
      192.168.0.2  255.255.255.255        127.0.0.1       127.0.0.1      25
    192.168.0.255  255.255.255.255      192.168.0.2     192.168.0.2      25
        224.0.0.0        240.0.0.0      192.168.0.2     192.168.0.2      25
  255.255.255.255  255.255.255.255      192.168.0.2     192.168.0.2      1
Passerelle par d‚fautÿ:       192.168.0.1
===========================================================================
Itin‚raires persistantsÿ:
  Aucun
========================= Winsock entries =====================================

Catalog5 01 C:\WINDOWS\system32\mswsock.dll [247808] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\system32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\system32\mswsock.dll [247808] (Microsoft Corporation)
Catalog5 04 C:\WINDOWS\system32\pnrpnsp.dll [48640] (Microsoft Corporation)
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\pnrpnsp.dll"

Catalog5 05 C:\WINDOWS\system32\pnrpnsp.dll [48640] (Microsoft Corporation)
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\pnrpnsp.dll"

Catalog5 06 C:\WINDOWS\system32\nwprovau.dll [147968] (Microsoft Corporation)
Catalog9 01 C:\WINDOWS\system32\mswsock.dll [247808] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\system32\mswsock.dll [247808] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\system32\mswsock.dll [247808] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\system32\rsvpsp.dll [90112] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\system32\rsvpsp.dll [90112] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\system32\mswsock.dll [247808] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\system32\mswsock.dll [247808] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\system32\mswsock.dll [247808] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\system32\mswsock.dll [247808] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\system32\mswsock.dll [247808] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\system32\mswsock.dll [247808] (Microsoft Corporation)
Catalog9 12 C:\WINDOWS\system32\mswsock.dll [247808] (Microsoft Corporation)
Catalog9 13 C:\WINDOWS\system32\mswsock.dll [247808] (Microsoft Corporation)
Catalog9 14 C:\WINDOWS\system32\mswsock.dll [247808] (Microsoft Corporation)
Catalog9 15 C:\WINDOWS\system32\mswsock.dll [247808] (Microsoft Corporation)
Catalog9 16 C:\WINDOWS\system32\mswsock.dll [247808] (Microsoft Corporation)
Catalog9 17 C:\WINDOWS\system32\mswsock.dll [247808] (Microsoft Corporation)
Catalog9 18 C:\WINDOWS\system32\mswsock.dll [247808] (Microsoft Corporation)
Catalog9 19 C:\WINDOWS\system32\mswsock.dll [247808] (Microsoft Corporation)
Catalog9 20 C:\WINDOWS\system32\mswsock.dll [247808] (Microsoft Corporation)
Catalog9 21 C:\WINDOWS\system32\mswsock.dll [247808] (Microsoft Corporation)
Catalog9 22 C:\WINDOWS\system32\mswsock.dll [247808] (Microsoft Corporation)
Catalog9 23 C:\WINDOWS\system32\mswsock.dll [247808] (Microsoft Corporation)
Catalog9 24 C:\WINDOWS\system32\mswsock.dll [247808] (Microsoft Corporation)
Catalog9 25 C:\WINDOWS\system32\mswsock.dll [247808] (Microsoft Corporation)
Catalog9 26 C:\WINDOWS\system32\mswsock.dll [247808] (Microsoft Corporation)
Catalog9 27 C:\WINDOWS\system32\mswsock.dll [247808] (Microsoft Corporation)
Catalog9 28 C:\WINDOWS\system32\mswsock.dll [247808] (Microsoft Corporation)
Catalog9 29 C:\WINDOWS\system32\mswsock.dll [247808] (Microsoft Corporation)
Catalog9 30 C:\WINDOWS\system32\mswsock.dll [247808] (Microsoft Corporation)
Catalog9 31 C:\WINDOWS\system32\mswsock.dll [247808] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (02/02/2014 08:38:14 PM) (Source: Application Hang) (User: )
Description: Détecteur d'erreurs -1314946475.

Error: (02/02/2014 08:38:07 PM) (Source: Application Hang) (User: )
Description: Application bloquée coreftp.exe, version 2.2.1747.0, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error: (02/02/2014 02:02:29 PM) (Source: Application Error) (User: )
Description: Application défaillante coreftp.exe, version 2.2.1747.0, module défaillant , version 0.0.0.0, adresse de défaillance 0x00000000.
Traitement de l'événement propre au support pour [coreftp.exe!ws!]

Error: (02/01/2014 05:56:02 PM) (Source: Application Error) (User: )
Description: Détecteur d'erreurs -1299802022.
L'échange de clé Wep n'a pas abouti à une installation de connexion sécurisée après l'authentification 802.1x. Le paramètre actuel a été marqué comme défectueux, et la connexion sans fil va être déconnectée.

Error: (02/01/2014 05:55:54 PM) (Source: Application Error) (User: )
Description: Application défaillante coreftp.exe, version 2.2.1747.0, module défaillant ntdll.dll, version 5.1.2600.2180, adresse de défaillance 0x00018fea.
Traitement de l'événement propre au support pour [coreftp.exe!ws!]

Error: (02/01/2014 02:55:03 PM) (Source: Application Error) (User: )
Description: Détecteur d'erreurs 46243206.
L'échange de clé Wep n'a pas abouti à une installation de connexion sécurisée après l'authentification 802.1x. Le paramètre actuel a été marqué comme défectueux, et la connexion sans fil va être déconnectée.

Error: (02/01/2014 02:54:45 PM) (Source: Application Error) (User: )
Description: Application défaillante coreftp.exe, version 2.2.1747.0, module défaillant unknown, version 0.0.0.0, adresse de défaillance 0x00db0183.
Traitement de l'événement propre au support pour [coreftp.exe!ws!]

Error: (02/01/2014 00:01:44 PM) (Source: Application Error) (User: )
Description: Application défaillante coreftp.exe, version 2.2.1747.0, module défaillant unknown, version 0.0.0.0, adresse de défaillance 0x01a6c287.
Traitement de l'événement propre au support pour [coreftp.exe!ws!]

Error: (01/31/2014 09:04:21 PM) (Source: Application Hang) (User: )
Description: Application bloquée explorer.exe, version 6.0.2900.2180, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error: (01/31/2014 09:04:21 PM) (Source: Application Hang) (User: )
Description: Application bloquée explorer.exe, version 6.0.2900.2180, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000.


System errors:
=============
Error: (02/02/2014 06:23:02 PM) (Source: Service Control Manager) (User: )
Description: Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se charger :
i8042prt

Error: (02/02/2014 06:23:00 PM) (Source: Service Control Manager) (User: )
Description: Le service aswFsBlk n'a pas pu démarrer en raison de l'erreur :
%%2

Error: (02/02/2014 09:42:04 AM) (Source: IPRIP) (User: )
Description: IPRIP n'a pas pu joindre le groupe multidiffusion 224.0.0.9
sur l'interface locale avec l'adresse IP 169.254.121.90.
Les données sont dans le code d'erreur.

Error: (02/02/2014 09:37:15 AM) (Source: Service Control Manager) (User: )
Description: Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se charger :
i8042prt

Error: (02/02/2014 09:36:50 AM) (Source: Service Control Manager) (User: )
Description: Le service aswFsBlk n'a pas pu démarrer en raison de l'erreur :
%%2

Error: (02/02/2014 01:26:43 AM) (Source: Service Control Manager) (User: )
Description: Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se charger :
i8042prt

Error: (02/02/2014 01:26:21 AM) (Source: Service Control Manager) (User: )
Description: Le service aswFsBlk n'a pas pu démarrer en raison de l'erreur :
%%2

Error: (02/02/2014 01:25:57 AM) (Source: Server) (User: )
Description: Le serveur n'a pas pu se lier au transport \Device\NetBT_Tcpip_{4502CC01-2C77-453B-BF69-754A8601DA89} car un autre ordinateur du réseau porte le même nom. Le serveur n'a pas pu démarrer.

Error: (02/02/2014 00:25:48 AM) (Source: Service Control Manager) (User: )
Description: Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se charger :
i8042prt

Error: (02/02/2014 00:25:28 AM) (Source: Service Control Manager) (User: )
Description: Le service aswFsBlk n'a pas pu démarrer en raison de l'erreur :
%%2


Microsoft Office Sessions:
=========================
Error: (02/02/2014 08:38:14 PM) (Source: Application Hang)(User: )
Description: -1314946475

Error: (02/02/2014 08:38:07 PM) (Source: Application Hang)(User: )
Description: coreftp.exe2.2.1747.0hungapp0.0.0.000000000

Error: (02/02/2014 02:02:29 PM) (Source: Application Error)(User: )
Description: coreftp.exe2.2.1747.00.0.0.000000000

Error: (02/01/2014 05:56:02 PM) (Source: Application Error)(User: )
Description: -1299802022

Error: (02/01/2014 05:55:54 PM) (Source: Application Error)(User: )
Description: coreftp.exe2.2.1747.0ntdll.dll5.1.2600.218000018fea

Error: (02/01/2014 02:55:03 PM) (Source: Application Error)(User: )
Description: 46243206

Error: (02/01/2014 02:54:45 PM) (Source: Application Error)(User: )
Description: coreftp.exe2.2.1747.0unknown0.0.0.000db0183

Error: (02/01/2014 00:01:44 PM) (Source: Application Error)(User: )
Description: coreftp.exe2.2.1747.0unknown0.0.0.001a6c287

Error: (01/31/2014 09:04:21 PM) (Source: Application Hang)(User: )
Description: explorer.exe6.0.2900.2180hungapp0.0.0.000000000

Error: (01/31/2014 09:04:21 PM) (Source: Application Hang)(User: )
Description: explorer.exe6.0.2900.2180hungapp0.0.0.000000000


=========================== Installed Programs ============================

Adobe AIR (Version: 3.8.0.1280)
Adobe Flash Player 12 ActiveX (Version: 12.0.0.38)
Adobe Flash Player 12 Plugin (Version: 12.0.0.43)
Adobe Flash Professional CS6 (Version: 12.0)
Adobe Help Manager (Version: 4.0.244)
Adobe Photoshop Elements 6.0 (Version: 6.0)
Adobe Reader 8.1.0 - Nederlands (Version: 8.1.0)
Alexa Toolbar
Any Video Converter 5 5.0.3
ArcSoft PhotoStudio 5.5
avast! Free Antivirus (Version: 9.0.2011)
Canon CanoScan Toolbox 4.5
CCleaner (Version: 4.02)
Connect DLC 5 Toolbar for IE (Version: 6.17.1.25)
Core FTP LE
Directory Submitter 1.0.29
Fast Blog Finder 3
Fast Directory Submitter (Version: 2.0.5.168)
Google Chrome (Version: 32.0.1700.102)
Google Talk Plugin (Version: 4.9.1.16010)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.5.4805.320)
Google Update Helper (Version: 1.3.22.3)
Java 7 Update 21 (Version: 7.0.210)
Java Auto Updater (Version: 2.1.9.5)
Java SE Development Kit 7 Update 9 (Version: 1.7.0.90)
Manual CanoScan LiDE 35
McAfee Security Scan Plus (Version: 3.8.130.10)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Mise à jour pour Windows XP (KB911164) (Version: 1)
Mobipocket Creator 4.2 (Version: 4.2.41)
Mobipocket Reader 6.2 (Version: 6.2.608)
Mozilla Firefox 26.0 (x86 en-US) (Version: 26.0)
Mozilla Maintenance Service (Version: 23.0.1)
No Hands SEO
OpenOffice.org 3.4.1 (Version: 3.41.9593)
PDF Settings CS6 (Version: 11.0)
SUPERAntiSpyware (Version: 5.6.1014)
TL-WN321G Wireless Utility (Version: 1.0.3.0)
Ubuntu (Version: 12.10-rev273)
VLC media player 2.0.6 (Version: 2.0.6)
WebFldrs XP (Version: 9.50.7523)
Windows Installer 3.1 (KB893803) (Version: 3.1)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Media Format Runtime
WinRAR 4.20 (32-bit) (Version: 4.20.0)
XAMPP 1.8.1

========================= Memory info: ===================================

Percentage of memory in use: 39%
Total physical RAM: 503.48 MB
Available physical RAM: 307.07 MB
Total Pagefile: 1230.06 MB
Available Pagefile: 693.9 MB
Total Virtual: 2047.88 MB
Available Virtual: 1976.59 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:37.26 GB) (Free:7.62 GB) NTFS

========================= Users: ========================================

comptes d'utilisateurs de \\MONIQUE-C3360EA

Administrateur           HelpAssistant            Invit‚                   
SUPPORT_388945a0         
La commande s'est termin‚e correctement.


**** End of log ****
 



#6 goalsurfer

goalsurfer
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:05:41 PM

Posted 02 February 2014 - 06:40 PM

23:37:32.0609 0x1790  TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:50
23:37:41.0125 0x1790  ============================================================
23:37:41.0125 0x1790  Current date / time: 2014/02/02 23:37:41.0125
23:37:41.0125 0x1790  SystemInfo:
23:37:41.0125 0x1790  
23:37:41.0125 0x1790  OS Version: 5.1.2600 ServicePack: 2.0
23:37:41.0125 0x1790  Product type: Workstation
23:37:41.0125 0x1790  ComputerName: MONIQUE-C3360EA
23:37:41.0125 0x1790  UserName: Administrateur
23:37:41.0125 0x1790  Windows directory: C:\WINDOWS
23:37:41.0125 0x1790  System windows directory: C:\WINDOWS
23:37:41.0125 0x1790  Processor architecture: Intel x86
23:37:41.0125 0x1790  Number of processors: 1
23:37:41.0125 0x1790  Page size: 0x1000
23:37:41.0125 0x1790  Boot type: Normal boot
23:37:41.0125 0x1790  ============================================================
23:37:44.0062 0x1790  KLMD registered as C:\WINDOWS\system32\drivers\03072667.sys
23:37:44.0593 0x1790  System UUID: {9CF8C9BC-4542-60F2-88A6-37361A99EA83}
23:37:46.0125 0x1790  Drive \Device\Harddisk0\DR0 - Size: 0x9516AE000 (37.27 Gb), SectorSize: 0x200, Cylinders: 0x1431, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000054
23:37:46.0234 0x1790  ============================================================
23:37:46.0234 0x1790  \Device\Harddisk0\DR0:
23:37:46.0234 0x1790  MBR partitions:
23:37:46.0234 0x1790  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x4A852C1
23:37:46.0234 0x1790  ============================================================
23:37:46.0265 0x1790  C: <-> \Device\Harddisk0\DR0\Partition1
23:37:46.0265 0x1790  ============================================================
23:37:46.0265 0x1790  Initialize success
23:37:46.0265 0x1790  ============================================================
23:37:50.0453 0x08b4  ============================================================
23:37:50.0453 0x08b4  Scan started
23:37:50.0453 0x08b4  Mode: Manual;
23:37:50.0453 0x08b4  ============================================================
23:37:50.0453 0x08b4  KSN ping started
23:38:04.0093 0x08b4  KSN ping finished: true
23:38:05.0796 0x08b4  ================ Scan system memory ========================
23:38:05.0796 0x08b4  System memory - ok
23:38:05.0812 0x08b4  ================ Scan services =============================
23:38:05.0937 0x08b4  [ 01E81C84AD1D0ACC61CF3CFD06632210, 1140756BA2F28CA8DFCFF8FD223654E6A78BA1B770A169CC557ECE0E01381B17 ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
23:38:05.0953 0x08b4  !SASCORE - ok
23:38:06.0250 0x08b4  [ E126DA94EEC1A239DFFF5EAF6C41F352, 1D76871A742F9EE33AEB60932B92ECB44C5581C6FF10DD4A6939632C45A0317A ] 6to4            C:\WINDOWS\System32\6to4svc.dll
23:38:06.0265 0x08b4  6to4 - ok
23:38:06.0312 0x08b4  Abiosdsk - ok
23:38:06.0343 0x08b4  abp480n5 - ok
23:38:06.0437 0x08b4  [ 0F2D66D5F08EBE2F77BB904288DCF6F0, 5969A64B6995DCAF16F9A76BD1235472F76D71DFE629B956221D2C3D73EDF98A ] ac97intc        C:\WINDOWS\system32\drivers\ac97intc.sys
23:38:06.0453 0x08b4  ac97intc - ok
23:38:06.0546 0x08b4  [ 0BD94FBFC14EA3606CD6CA4C0255BAA3, 8FC074D479D2873C875115E1B1ED2705F63C79F6C7F01948FCA873F297F40967 ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
23:38:06.0546 0x08b4  ACPI - ok
23:38:06.0625 0x08b4  [ E4ABC1212B70BB03D35E60681C447210, 8EB16B67A6D44DA7A4C2090195F1A24A58CA97DA66F66958F5CD6C5695648F2F ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
23:38:06.0640 0x08b4  ACPIEC - ok
23:38:06.0796 0x08b4  [ E8FE4FCE23D2809BD88BCC1D0F8408CE, D744A1052BF104490A8D9BDE2B331F2C0157FCF58B54867E192B62CEE85F697E ] AdobeActiveFileMonitor6.0 C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
23:38:06.0796 0x08b4  AdobeActiveFileMonitor6.0 - ok
23:38:06.0937 0x08b4  [ 2471BCB6E1388A3484E78243A1BE5F33, CB7FBA6C15791554594228A5A1A7A5040BEB1BD725F08947D780E301D8AE788A ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
23:38:06.0953 0x08b4  AdobeFlashPlayerUpdateSvc - ok
23:38:07.0000 0x08b4  adpu160m - ok
23:38:07.0078 0x08b4  [ 841F385C6CFAF66B58FBD898722BB4F0, 0DA17CCA27DF5C7245959249162A5393B2E36B7C9A3A3525AE1371DE6AE698A3 ] aec             C:\WINDOWS\system32\drivers\aec.sys
23:38:07.0093 0x08b4  aec - ok
23:38:07.0156 0x08b4  [ 023867B6606FBABCDD52E089C4A507DA, 30BE26F63B7EC6C9607AB46A97ACE83DD8140191D28BAB9E6292DA835A922289 ] AegisP          C:\WINDOWS\system32\DRIVERS\AegisP.sys
23:38:07.0171 0x08b4  AegisP - ok
23:38:07.0296 0x08b4  [ 5AC495F4CB807B2B98AD2AD591E6D92E, F645FAD628EC81C3D2555862BEE8DF3975FD9EAE326885528E773B2F148D70FB ] AFD             C:\WINDOWS\System32\drivers\afd.sys
23:38:07.0296 0x08b4  AFD - ok
23:38:07.0328 0x08b4  Aha154x - ok
23:38:07.0359 0x08b4  aic78u2 - ok
23:38:07.0406 0x08b4  aic78xx - ok
23:38:07.0468 0x08b4  [ CB0067EB22B6BDD9E978934C5B951D8B, 1D46967FBDE89D3E06437914040ADAC1E148AD7EABB547B3CFDB91494DD4D0B3 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
23:38:07.0484 0x08b4  Alerter - ok
23:38:07.0531 0x08b4  [ B43CC0F07752D456038CD0268E4D84E9, 701120D3CBA178B4A711F59A3D3043ACA4577F8A5B197596C2B0E424A9A72301 ] ALG             C:\WINDOWS\System32\alg.exe
23:38:07.0531 0x08b4  ALG - ok
23:38:07.0578 0x08b4  AliIde - ok
23:38:07.0625 0x08b4  amsint - ok
23:38:07.0812 0x08b4  [ 2467E63FC4F5831898A57FA3482EAFD5, 364CC2A42E0D12EFFEB71252850DEEAA3AF5C2EE925A8D0BE166CD36240ED7A8 ] Apache2.4       c:\xampp\apache\bin\httpd.exe
23:38:07.0812 0x08b4  Apache2.4 - ok
23:38:07.0906 0x08b4  [ 7E9D138DC991BCCE6E6026CD74E69CC4, 07DE35693DA4036985911C51780DFF5446184844490F9618B737AE8DF14CE18C ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
23:38:07.0921 0x08b4  AppMgmt - ok
23:38:07.0984 0x08b4  asc - ok
23:38:08.0031 0x08b4  asc3350p - ok
23:38:08.0078 0x08b4  asc3550 - ok
23:38:08.0234 0x08b4  [ 0E5E4957549056E2BF2C49F4F6B601AD, F7F19FDC906B719A3516D30A9B4A2262C8CC5B36B94E3D4195C345EC4610FF2B ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
23:38:08.0343 0x08b4  aspnet_state - ok
23:38:08.0375 0x08b4  aswFsBlk - ok
23:38:08.0500 0x08b4  [ 4691B3FE3717F9D9C64A5282C8543D4D, A7E627C832DA9F1C4F3864F3B75D53E7860752C5E34848B82779A2039751B4B1 ] aswKbd          C:\WINDOWS\system32\drivers\aswKbd.sys
23:38:08.0500 0x08b4  aswKbd - ok
23:38:08.0562 0x08b4  [ 6F1505608202BBD179095A6A150D103F, 0102548296B89A7036B55D13BE54A44F11C4C98E9B8F8E02C58138D47AF5951E ] aswMonFlt       C:\WINDOWS\system32\drivers\aswMonFlt.sys
23:38:08.0578 0x08b4  aswMonFlt - ok
23:38:08.0656 0x08b4  [ B269C41DF93EFF71DF0986BD982D1C46, 78EBDA9D17B0003694748F2BBDFFD31AA02011E5ECAC781B0E62B3F8EC2A02F7 ] AswRdr          C:\WINDOWS\system32\drivers\aswRdr.sys
23:38:08.0671 0x08b4  AswRdr - ok
23:38:08.0703 0x08b4  [ F385467DF95D0A73775CB3B076B8B969, D427A5F4FB4D1DAB04AFC29E7EC510844F907ABBA053538995E65747BAD37422 ] aswRvrt         C:\WINDOWS\system32\drivers\aswRvrt.sys
23:38:08.0718 0x08b4  aswRvrt - ok
23:38:08.0828 0x08b4  [ 0F639D0526820BA7872C963813E0EB8D, 2F0B04F09531AF34AF9B9C9746494D963EA58DEF96AB9FDDD86CF31EDB9E19CD ] aswSnx          C:\WINDOWS\system32\drivers\aswSnx.sys
23:38:08.0890 0x08b4  aswSnx - ok
23:38:09.0015 0x08b4  [ 7BA7543EA7936A7ADA615F6DE7C95494, E28EF95A2C05A8303AF8464CCD664821B4B0441D9E30A98BACB53D4C3EE771CE ] aswSP           C:\WINDOWS\system32\drivers\aswSP.sys
23:38:09.0078 0x08b4  aswSP - ok
23:38:09.0140 0x08b4  [ 875D2B1054F2ECD8F575D6CBE78DD7BA, D5F9C1F3A5FB248741AEE3764C44A1261358174D77DD2836917D1A97BFCF0146 ] aswTdi          C:\WINDOWS\system32\drivers\aswTdi.sys
23:38:09.0140 0x08b4  aswTdi - ok
23:38:09.0203 0x08b4  [ 1B0662514A68C3A42E60D240C5ABEF28, 71301759C135895C72CAED297A669BA58B3F73E0B7E46DB981F6559D5D5E2B89 ] aswVmm          C:\WINDOWS\system32\drivers\aswVmm.sys
23:38:09.0218 0x08b4  aswVmm - ok
23:38:09.0296 0x08b4  [ 02000ABF34AF4C218C35D257024807D6, FDE21F7FCB198A44A6F2BCAF5EB11C9D90A094B4A2F8C307244A7655848954DA ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
23:38:09.0296 0x08b4  AsyncMac - ok
23:38:09.0390 0x08b4  [ CDFE4411A69C224BD1D11B2DA92DAC51, 0E6B23A80F171550575BEBC56F7500CD87A5CF03B2B9FDC49BC3DE96282CD69D ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
23:38:09.0390 0x08b4  atapi - ok
23:38:09.0437 0x08b4  Atdisk - ok
23:38:09.0531 0x08b4  [ EC88DA854AB7D7752EC8BE11A741BB7F, 91FAF224CB4B44608C85CC25C3A82A3EC83F379D14A119A60A75505A30043255 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
23:38:09.0546 0x08b4  Atmarpc - ok
23:38:09.0625 0x08b4  [ 21620DF34B0ACF0A37F72396F855820C, 7098AED8642009A1B05B34484F8D89BC26CE8994FDD0B86B0AC012EB43715A5B ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
23:38:09.0640 0x08b4  AudioSrv - ok
23:38:09.0718 0x08b4  [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
23:38:09.0718 0x08b4  audstub - ok
23:38:09.0890 0x08b4  [ D74884939D53612FD84AC82C59CCFE27, 07BFB34A3748E018C0A674A6253A03FFA522B31AE1942E84B3CC4DDDED9C16A9 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
23:38:09.0906 0x08b4  avast! Antivirus - ok
23:38:10.0015 0x08b4  [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
23:38:10.0015 0x08b4  Beep - ok
23:38:10.0156 0x08b4  [ 659F7B6C502051BFA37910614B225548, 3B54C0E422C528175997278C33231102922B8471A923E3C4B07B61B29313F5DF ] BITS            C:\WINDOWS\system32\qmgr.dll
23:38:10.0234 0x08b4  BITS - ok
23:38:10.0343 0x08b4  [ 75AC49029966BFFEA09F96C1C194F684, 5D96C8DD50A74044F997A9F36CA1A78AE9D2048F5BBE5D758DF92D339492CEB3 ] Browser         C:\WINDOWS\System32\browser.dll
23:38:10.0359 0x08b4  Browser - ok
23:38:10.0421 0x08b4  [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
23:38:10.0421 0x08b4  cbidf2k - ok
23:38:10.0515 0x08b4  [ 6163ED60B684BAB19D3352AB22FC48B2, 5A7ED636D8B2178EA21FA986CC9168DEF258AA4FFB9DCD792A81A1D615AC5D5E ] CCDECODE        C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
23:38:10.0531 0x08b4  CCDECODE - ok
23:38:10.0578 0x08b4  cd20xrnt - ok
23:38:10.0687 0x08b4  [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
23:38:10.0687 0x08b4  Cdaudio - ok
23:38:10.0765 0x08b4  [ CD7D5152DF32B47F4E36F710B35AAE02, 7382890CC1B27FC66C3E94E064562BBD87B3C75577CB0FD10860B8E2CE07D12E ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
23:38:10.0781 0x08b4  Cdfs - ok
23:38:10.0875 0x08b4  [ AF9C19B3100FE010496B1A27181FBF72, 64E9E4461F631EED2B2A1FC80DCC9C31DCECB5738289D322E6A6428C840DC621 ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
23:38:10.0875 0x08b4  Cdrom - ok
23:38:10.0921 0x08b4  Changer - ok
23:38:11.0000 0x08b4  [ ABFAC5D58218C0A655DFCAE2D8A535F3, 8BE4807507A09BCD7D0CBDD39689762121172A11E7419E2DED59A41FB92EA09A ] cisvc           C:\WINDOWS\system32\cisvc.exe
23:38:11.0000 0x08b4  cisvc - ok
23:38:11.0093 0x08b4  [ E42101918C50F754FC15367814FEC11C, D53218F35C99FB87FE6418A116ACB51DBBD43C23D95B2C205F9E92D36F593FBA ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
23:38:11.0109 0x08b4  ClipSrv - ok
23:38:11.0187 0x08b4  [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:38:11.0296 0x08b4  clr_optimization_v2.0.50727_32 - ok
23:38:11.0359 0x08b4  CmdIde - ok
23:38:11.0406 0x08b4  COMSysApp - ok
23:38:11.0484 0x08b4  Cpqarray - ok
23:38:11.0546 0x08b4  [ CD73133EB24C572019944001FAD1B8D9, F57064E1D41B6353695D5FFA402A01BB3AFE946DA4481BD440C3930654E485A5 ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
23:38:11.0562 0x08b4  CryptSvc - ok
23:38:11.0609 0x08b4  dac2w2k - ok
23:38:11.0640 0x08b4  dac960nt - ok
23:38:11.0718 0x08b4  [ C6FE0B727A5D13419D480150631ADC09, 1156D64EBDC0F607D937BA15CD4D9C4D159A4F5828D59FC4EF68BDC67FA7B1D6 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
23:38:11.0765 0x08b4  DcomLaunch - ok
23:38:11.0859 0x08b4  [ A44C9220F460E38FC7EC0B4BE4716077, 78105D400CD5AC6AF5D027D9B5FBE44CA7419ED0132C7BCA3E007F104F42E422 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
23:38:11.0859 0x08b4  Dhcp - ok
23:38:11.0921 0x08b4  [ 00CA44E4534865F8A3B64F7C0984BFF0, 3FD73CCD9892F6CFEE776CB384C2E35FA15F4101D308A67E1358F85299501E3D ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
23:38:11.0937 0x08b4  Disk - ok
23:38:11.0984 0x08b4  dmadmin - ok
23:38:12.0140 0x08b4  [ E2D3B7620310FE56685F9B15A6B404B3, B87524063BFF35A2683F796A0C71EA554D17B69F24E67BC1478E6B25D288A157 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
23:38:12.0218 0x08b4  dmboot - ok
23:38:12.0328 0x08b4  [ C77F5C20AA70197A69AA84BAA9DE43C8, 7EDB3B2E5AEE1625C65A825BFFBBFC647ABAE8093C1A66BB80D9B190BB4A5D91 ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
23:38:12.0343 0x08b4  dmio - ok
23:38:12.0421 0x08b4  [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
23:38:12.0421 0x08b4  dmload - ok
23:38:12.0484 0x08b4  [ 893CC650E9E7AA8C9EE14D61E7C150CE, C17222C476AD8F19AD733377B91E81F402A747E9B08FABFA189E983B36C01F1A ] dmserver        C:\WINDOWS\System32\dmserver.dll
23:38:12.0484 0x08b4  dmserver - ok
23:38:12.0578 0x08b4  [ A6F881284AC1150E37D9AE47FF601267, 6C07654CF21637E527FC727EB50F4138BF0EFF0680000AC94001063B436389DB ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
23:38:12.0578 0x08b4  DMusic - ok
23:38:12.0656 0x08b4  [ 3B352C41F5087E637B60745BAC262D94, 1AF947B10B574FF08AFD2B1526E5D0474D939400209479187F92E6D323173DAF ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
23:38:12.0656 0x08b4  Dnscache - ok
23:38:12.0703 0x08b4  dpti2o - ok
23:38:12.0781 0x08b4  [ 1ED4DBBAE9F5D558DBBA4CC450E3EB2E, B941AB5D9D504486083E0D1539B1A96E27721C9EFD7A67CA1DB7258B0D33AB78 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
23:38:12.0781 0x08b4  drmkaud - ok
23:38:12.0859 0x08b4  [ A4661552CAEAF05A7CAE43431987910C, 639A513B40EAE648E08922DE637233E10690B2E7E84CBEB6CC4670BA2BA1D0D8 ] ERSvc           C:\WINDOWS\System32\ersvc.dll
23:38:12.0859 0x08b4  ERSvc - ok
23:38:12.0953 0x08b4  esgiguard - ok
23:38:13.0046 0x08b4  [ 63DCDE1A0D86EEB8924D6738FF616EAD, 349EED6BA2E6D89E95BE681C001360FE6307E310959DEB878A44AC3B928943DF ] Eventlog        C:\WINDOWS\system32\services.exe
23:38:13.0062 0x08b4  Eventlog - ok
23:38:13.0171 0x08b4  [ FDE7FBE9CC9DD9484DF3E0241737C091, DF6795D02D5C76C1791582D0B1F2D3B0EEF07193CA341C42ED07DEA9EC2C042C ] EventSystem     C:\WINDOWS\system32\es.dll
23:38:13.0187 0x08b4  EventSystem - ok
23:38:13.0328 0x08b4  [ 3117F595E9615E04F05A54FC15A03B20, 4708E8F1CDE6E9663B5DBEBAB8C684B16E45D41AEF20E4071D0A2931B305BD76 ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
23:38:13.0328 0x08b4  Fastfat - ok
23:38:13.0421 0x08b4  [ ABA25E49F6589FD73F1143FDC39A6B46, 67708EDF502F009061F666E09001554412B71E0927F633AFAF1C102428ED5D6E ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
23:38:13.0437 0x08b4  FastUserSwitchingCompatibility - ok
23:38:13.0578 0x08b4  [ FBE05797F3A311596D0DDBB6AB60FE19, EE7662DB26272170C2E331B1BC05EEDB4F2CEEE35470761D3B986886583A48D8 ] Fax             C:\WINDOWS\system32\fxssvc.exe
23:38:13.0593 0x08b4  Fax - ok
23:38:13.0671 0x08b4  [ CED2E8396A8838E59D8FD529C680E02C, 8542AE6A2D65D3F843EA70F5FFBC150B773C5CFA3FE6388FA68A95416FAD0F6E ] Fdc             C:\WINDOWS\system32\DRIVERS\fdc.sys
23:38:13.0671 0x08b4  Fdc - ok
23:38:13.0750 0x08b4  [ 8B121FF880683607AB2AEF0340721718, 539EDCD29AACBD103B80CB4E2804DF67FA3EDC4334596DAA8C9D1122D81E17FD ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
23:38:13.0750 0x08b4  Fips - ok
23:38:13.0906 0x08b4  [ 227846995AFEEFA70D328BF5334A86A5, B8EF22DE552B44E7DC352742C775BB6B4992B653AF4B66B231A60182CE7A7201 ] FLEXnet Licensing Service C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
23:38:13.0984 0x08b4  FLEXnet Licensing Service - ok
23:38:14.0093 0x08b4  [ 0DD1DE43115B93F4D85E889D7A86F548, D50F7AAE5416C6D41845960BDDA24E97226F609AA726E4F88601ADC9ED50E872 ] Flpydisk        C:\WINDOWS\system32\DRIVERS\flpydisk.sys
23:38:14.0093 0x08b4  Flpydisk - ok
23:38:14.0203 0x08b4  [ 157754F0DF355A9E0A6F54721914F9C6, 1EB1424D98000FE80901287F9D51DDD18132B7C2CFEC4C7767F32F71DC2F64F9 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
23:38:14.0203 0x08b4  FltMgr - ok
23:38:14.0250 0x08b4  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
23:38:14.0265 0x08b4  Fs_Rec - ok
23:38:14.0359 0x08b4  [ A86859B77B908C18C2657F284AA29FE3, EB571928AC961B143A5A8D2DC95BFCFDC1DF35A9098401944F299DB98209E543 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
23:38:14.0375 0x08b4  Ftdisk - ok
23:38:14.0421 0x08b4  [ C0F1D4A21DE5A415DF8170616703DEBF, 3E21AAD06CF6EB95662B568671B1DBD129CED481761BCDB67088E965E5C0BC5B ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
23:38:14.0437 0x08b4  Gpc - ok
23:38:14.0625 0x08b4  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
23:38:14.0625 0x08b4  gupdate - ok
23:38:14.0671 0x08b4  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
23:38:14.0687 0x08b4  gupdatem - ok
23:38:14.0781 0x08b4  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
23:38:14.0812 0x08b4  gusvc - ok
23:38:14.0921 0x08b4  [ 3A18F1FE2E70E736014710EF85857EF8, 22290FE781B2C2A61CA2F032B806B0668A31DD0DB138B7EE3DF4E10771B736E4 ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
23:38:14.0937 0x08b4  helpsvc - ok
23:38:15.0046 0x08b4  [ BBA013D455C7CD9D8C42E8C7CC7418F9, AB6AA213AEC0EE1BD3BC63445A7494D781B1DA02763C697CC9CA6E2AF4DE3E51 ] HidServ         C:\WINDOWS\System32\hidserv.dll
23:38:15.0046 0x08b4  HidServ - ok
23:38:15.0125 0x08b4  [ 1DE6783B918F540149AA69943BDFEBA8, 6ED28109CA0A7738857D840E369EAB91C1605F2643950762D327CCE241C135A1 ] hidusb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
23:38:15.0125 0x08b4  hidusb - ok
23:38:15.0171 0x08b4  hpn - ok
23:38:15.0281 0x08b4  [ C19B522A9AE0BBC3293397F3055E80A1, C04F067E06798E50AE90743F6ACB53FEB83DC749C76F97C962B14616A49E15CE ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
23:38:15.0328 0x08b4  HTTP - ok
23:38:15.0421 0x08b4  [ FDCD442CF729D30B5D9C07ADE37901AB, 59448397F622958AFE12426E5BC3CE70899E6DCEA88727ECEBF0BCC9BCFC4E57 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
23:38:15.0421 0x08b4  HTTPFilter - ok
23:38:15.0453 0x08b4  i2omgmt - ok
23:38:15.0500 0x08b4  i2omp - ok
23:38:15.0578 0x08b4  [ D1EFCBD693B5BA21314D06368C471070, 4D042FBC352410C3B1FA4F68FE5D96CF71E46DC92864C3EA8749239AED842E23 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
23:38:15.0578 0x08b4  i8042prt - ok
23:38:15.0656 0x08b4  [ F8AA320C6A0409C0380E5D8A99D76EC6, A848B9C489DDFBD48BDA140CB9DD43097686115042745F6444F803739168D391 ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
23:38:15.0656 0x08b4  Imapi - ok
23:38:15.0750 0x08b4  [ 17B7A4375868B8C38F2DFC98B3B420C6, 906AF89BA0918F58065267CF27DCAA0A4CB5B5886F01AEBDAA095D16EA639D0D ] ImapiService    C:\WINDOWS\system32\imapi.exe
23:38:15.0750 0x08b4  ImapiService - ok
23:38:15.0828 0x08b4  ini910u - ok
23:38:15.0921 0x08b4  [ 1367812F8A974E0C13A4888FA5E7EDE6, E2AE81785DFCF7068BD6F5627B2D9C7A70DDC73F58CFEC1D92C7C8641D788020 ] IntelIde        C:\WINDOWS\system32\DRIVERS\intelide.sys
23:38:15.0921 0x08b4  IntelIde - ok
23:38:16.0000 0x08b4  [ DD5AD1E79AC26D3F8D8828AD4627F160, F556038FD9F50EEA86471EB9AC0C52D0F795CEACC9C1454E5452BE5D580B5EE7 ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
23:38:16.0000 0x08b4  intelppm - ok
23:38:16.0031 0x08b4  [ 4448006B6BC60E6C027932CFC38D6855, C377235EBE475C281ACB6A3267F12D8FE623433F05134A6CE50562414F94D7B1 ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys
23:38:16.0031 0x08b4  Ip6Fw - ok
23:38:16.0093 0x08b4  [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
23:38:16.0109 0x08b4  IpFilterDriver - ok
23:38:16.0171 0x08b4  [ E1EC7F5DA720B640CD8FB8424F1B14BB, E5CF9F43D8C8028E8F29CAF8AD1E2179E5B02DCAA430900672FCB4C4EE288EF0 ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
23:38:16.0203 0x08b4  IpInIp - ok
23:38:16.0265 0x08b4  [ B5A8E215AC29D24D60B4D1250EF05ACE, D1D47DCF9F35325549833710BD9B1C431698819914212FF6A328DD338FBA0E1D ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
23:38:16.0296 0x08b4  IpNat - ok
23:38:16.0359 0x08b4  [ CE017FAA313DF7CC98EB08E87869BD06, CFBF067EC345D072477F2856717DCFE34381832E035ABC5FB6201941F7CD6A98 ] Iprip           C:\WINDOWS\System32\iprip.dll
23:38:16.0375 0x08b4  Iprip - ok
23:38:16.0468 0x08b4  [ 64537AA5C003A6AFEEE1DF819062D0D1, 5A6C11317DEF14B8C34A8C669EB75F7A8D46F05090C43D3DFF602CFA13CC504E ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
23:38:16.0468 0x08b4  IPSec - ok
23:38:16.0562 0x08b4  [ 50708DAA1B1CBB7D6AC1CF8F56A24410, A5657038A66B83472B456246E58884D5DF2E5B63BD176AE3DFFB6D5B6998E8B7 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
23:38:16.0562 0x08b4  IRENUM - ok
23:38:16.0671 0x08b4  [ 54632F1A7DE61DC3615D756F2A90FA72, 9BEAA20A2A7C19327C46A90D21A1E8C78540AA4871B04420A993A5E78FFBC986 ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
23:38:16.0671 0x08b4  isapnp - ok
23:38:16.0828 0x08b4  [ 5739F2821D49975CEDE6BF0153D0CF01, DF45BD1A9F6DDB893C99F28C3730C50C61A612C4297A4B00D857533FC0973CD9 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
23:38:16.0859 0x08b4  JavaQuickStarterService - ok
23:38:16.0937 0x08b4  [ E798705E8DC7FAB596EF6BFDF167E007, 1501AC348F95C7D3871F6E68D98CA30281F793565E9B865F4A35AD0A817B8F39 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
23:38:16.0937 0x08b4  Kbdclass - ok
23:38:17.0015 0x08b4  [ 62DD5EEFCEC4EF4163F1168D4262A9E4, 6F50595E71D546A5E9674113310BF93F0F6B9C0A390087DB5F37D8135844A384 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
23:38:17.0015 0x08b4  kbdhid - ok
23:38:17.0093 0x08b4  [ D93CAD07C5683DB066B0B2D2D3790EAD, 4C96F68F9914DCCDAFB5D6FC1A765ADFF37C6E4675AF0EF20AA1EDFF04CE27AD ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
23:38:17.0093 0x08b4  kmixer - ok
23:38:17.0156 0x08b4  [ EB7FFE87FD367EA8FCA0506F74A87FBB, 5D318CD7DB88473A6FFB74939FF62EB8DD0E6C79847844212D7168095F635531 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
23:38:17.0156 0x08b4  KSecDD - ok
23:38:17.0250 0x08b4  [ EF009A39AE1D3EB6E154BA06A331579C, EC4DB80325CD0D8C84301524075D1B263AAE556329C152B93B4452EC74857D2E ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
23:38:17.0265 0x08b4  lanmanserver - ok
23:38:17.0328 0x08b4  [ 22F8CBA5164AE37734FDCF5FB9B7D9B3, 068807EAEACB5B66E565C237E3692450ADC46FC6BF08B73472DCE151A639EA8E ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
23:38:17.0343 0x08b4  lanmanworkstation - ok
23:38:17.0375 0x08b4  lbrtfdc - ok
23:38:17.0484 0x08b4  [ 2C6D3047910B70CCD571BA2698B0C98B, 4D805813C620C24C506B5513C155549119FE4AFADEF9D3C8A28C08E539548AB7 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
23:38:17.0484 0x08b4  LmHosts - ok
23:38:17.0656 0x08b4  [ E4DFBE4C4A9C2BD87C1430F445F3E3CB, 34A0295D0AC37537B010FEC4534535D92AA4C30900DC37444C992C15F86D3AA4 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe
23:38:17.0687 0x08b4  McComponentHostService - ok
23:38:17.0750 0x08b4  [ DE71362123E81D268088E78543752576, A9A97B0BBE7221CE485BD52C033FCFEB8FACC1C9B81D8A215756042F431B1000 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
23:38:17.0750 0x08b4  Messenger - ok
23:38:17.0812 0x08b4  [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
23:38:17.0812 0x08b4  mnmdd - ok
23:38:17.0906 0x08b4  [ 5B219F99CF6D5BE05A6C6E86C38CB7CE, 27AE7B989B68DDA5AE9C76FFEFCE69720869694BE4201890E98F58815791ED14 ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
23:38:17.0921 0x08b4  mnmsrvc - ok
23:38:18.0015 0x08b4  [ 5AC7E16F5B40A6DA14B5F2B3ADA4693E, 79758046549E3BABECF8721C72AD5A8DD6B2E2C8CBC8437864F9ADA4DBF3BACD ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
23:38:18.0015 0x08b4  Modem - ok
23:38:18.0093 0x08b4  [ 7D4F19411BD941E1D432A99E24230386, 8FCBF0283F5707B4D9ACBD68C109058A1DA341E14C183B62AF482FC8737891B3 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
23:38:18.0093 0x08b4  Mouclass - ok
23:38:18.0171 0x08b4  [ 124D6846040C79B9C997F78EF4B2A4E5, 2C0FA3B5F57D757CB4487F523CAB944E470256685F1C4AF4F06D0D27B67D5BEB ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
23:38:18.0171 0x08b4  mouhid - ok
23:38:18.0265 0x08b4  [ 65653F3B4477F3C63E68A9659F85EE2E, 32A34B22A4C1F50A966F321FD228C6B85F0F0315ABF3D40FC416618E786A4024 ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
23:38:18.0265 0x08b4  MountMgr - ok
23:38:18.0359 0x08b4  [ DB07B0088CDFD20C2A22E675120EDE34, A9864414F79E2F56E1E93B1C2725B5ED253A2EC36BFDFC69D695C5E8D266444C ] MQAC            C:\WINDOWS\system32\drivers\mqac.sys
23:38:18.0359 0x08b4  MQAC - ok
23:38:18.0406 0x08b4  mraid35x - ok
23:38:18.0468 0x08b4  [ 46EDCC8F2DB2F322C24F48785CB46366, 0300EC19CAAEEC52001EBB7F3BE6DE314B42FE7F8BA072905070FEA75CC06E3B ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
23:38:18.0484 0x08b4  MRxDAV - ok
23:38:18.0609 0x08b4  [ 1FD607FC67F7F7C633C3DA65BFC53D18, 0FDD53C72F3158283306892A57A2687D5358A468380E8BE6EB58EAE100D813C1 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
23:38:18.0671 0x08b4  MRxSmb - ok
23:38:18.0765 0x08b4  [ 11CA338B8765DB8E2D1B459F2CFAD147, 7B04649DF7C6593EF4B9A1115E7836D2C05306B35BFFCA607193E40805E817BE ] MSDTC           C:\WINDOWS\system32\msdtc.exe
23:38:18.0765 0x08b4  MSDTC - ok
23:38:18.0812 0x08b4  [ 561B3A4333CA2DBDBA28B5B956822519, 5B53906A29B9AA55A399F880CA989F9878BD943D3E97FB10A25BFD723654AF49 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
23:38:18.0812 0x08b4  Msfs - ok
23:38:18.0859 0x08b4  MSIServer - ok
23:38:18.0937 0x08b4  [ AE431A8DD3C1D0D0610CDBAC16057AD0, 8B3BCAC3DA71778DC8B863E6DEF10F02F65D1BDD3381802DDC0B2980F4F1FBB9 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
23:38:18.0937 0x08b4  MSKSSRV - ok
23:38:19.0031 0x08b4  [ 0680E10014C9D9F181475B059E0F204E, E4977740084DFEABCC0C3A9C8F00BD6EDBE671EE7C61DEF99CF2B45B2102AB0A ] MSMQ            C:\WINDOWS\system32\mqsvc.exe
23:38:19.0031 0x08b4  MSMQ - ok
23:38:19.0109 0x08b4  [ 3526350A3E76E2F33A4ADBE9DB0D43CC, 6DDD5A73703E7FB5D0C46FC65B2353A7902BA31D41546AF57F2B6A2E205481F9 ] MSMQTriggers    C:\WINDOWS\system32\mqtgsvc.exe
23:38:19.0125 0x08b4  MSMQTriggers - ok
23:38:19.0218 0x08b4  [ 13E75FEF9DFEB08EEDED9D0246E1F448, 69D4CF483753FF253431656E1CB680F6702375696F94E259729BD11C25004031 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
23:38:19.0218 0x08b4  MSPCLOCK - ok
23:38:19.0328 0x08b4  [ 1988A33FF19242576C3D0EF9CE785DA7, 9E1C07F364DA7EF0D859BB7A3A06F849A153722E27E872640120CC6855D9FC51 ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
23:38:19.0328 0x08b4  MSPQM - ok
23:38:19.0406 0x08b4  [ 469541F8BFD2B32659D5D463A6714BCE, 46AA7D2442DCC4C51C08BA0C00136F058F9160E6D6EDE78B2FD82545AE4FD10B ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
23:38:19.0406 0x08b4  mssmbios - ok
23:38:19.0468 0x08b4  [ BF13612142995096AB084F2DB7F40F77, E23FA89B54772A33A0A92A0701F02CB9683823FCA5CC192235378E1433FB21CF ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
23:38:19.0484 0x08b4  MSTEE - ok
23:38:19.0531 0x08b4  [ 82035E0F41C2DD05AE41D27FE6CF7DE1, 6111D330E7ACB77E23EA6A9E001FC651DE1DC49D772DC6FDD3C4B8EDA57E1C7A ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
23:38:19.0546 0x08b4  Mup - ok
23:38:19.0593 0x08b4  [ 5C8DC6429C43DC6177C1FA5B76290D1A, BBD145E87D4CF25A873CAE89DF29DF297187B604D42CD36AD8D3F62A033D906E ] NABTSFEC        C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
23:38:19.0593 0x08b4  NABTSFEC - ok
23:38:19.0656 0x08b4  [ 558635D3AF1C7546D26067D5D9B6959E, 8C1802908DF35E442575969D29F4B22019A2B3E4C309B8E193F98F75AE81F013 ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
23:38:19.0671 0x08b4  NDIS - ok
23:38:19.0750 0x08b4  [ 520CE427A8B298F54112857BCF6BDE15, 521BFFC460D64CD69D12F8C9D61CEBE409A63F1F1FB928450E4564DA29C0FFEA ] NdisIP          C:\WINDOWS\system32\DRIVERS\NdisIP.sys
23:38:19.0765 0x08b4  NdisIP - ok
23:38:19.0828 0x08b4  [ 08D43BBDACDF23F34D79E44ED35C1B4C, F72CB8FA67C361C40B4C83F08302D7B2FD9178C1C60A7C236AF08B9CB5162591 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
23:38:19.0828 0x08b4  NdisTapi - ok
23:38:19.0906 0x08b4  [ 34D6CD56409DA9A7ED573E1C90A308BF, DE2060F57C913272524AFB0D472714ABF6F7E49A01534F23D95EE67F207CC6CF ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
23:38:19.0906 0x08b4  Ndisuio - ok
23:38:20.0000 0x08b4  [ 0B90E255A9490166AB368CD55A529893, 90EB17422BF52FE6D0CC6ADA4262D605806C5B583DE04EDEC95FD47EE9697865 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
23:38:20.0015 0x08b4  NdisWan - ok
23:38:20.0015 0x08b4  [ 59FC3FB44D2669BC144FD87826BB571F, B3C8CEFB09D5C85CBF12AED8CDB1FE455679D3436337263EFDABDC5116D92453 ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
23:38:20.0031 0x08b4  NDProxy - ok
23:38:20.0109 0x08b4  [ 3A2ACA8FC1D7786902CA434998D7CEB4, ECE218DCDCB4D0A5CA8CBD14E931BAA3B5F381B70BBACB65B0EBBB46D2D31683 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
23:38:20.0109 0x08b4  NetBIOS - ok
23:38:20.0187 0x08b4  [ 0C80E410CD2F47134407EE7DD19CC86B, 2A1D0CE9797F4AB7A24873947A26DD6413B8DBB5A82C24CF28D1FC243AEFC5C8 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
23:38:20.0187 0x08b4  NetBT - ok
23:38:20.0265 0x08b4  [ D40598FD7B7DCCBFB22D777E0DFB1CF0, 6B6125E0961791C693CFF62058F1B9D96D8393A7F7E0C4F6E5A19ECCF53FF9AB ] NetDDE          C:\WINDOWS\system32\netdde.exe
23:38:20.0296 0x08b4  NetDDE - ok
23:38:20.0343 0x08b4  [ D40598FD7B7DCCBFB22D777E0DFB1CF0, 6B6125E0961791C693CFF62058F1B9D96D8393A7F7E0C4F6E5A19ECCF53FF9AB ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
23:38:20.0359 0x08b4  NetDDEdsdm - ok
23:38:20.0437 0x08b4  [ 259AF82A0932EEA4F316F92DB94707B6, 8A096232C4FF41EB0A0FD1811C62269A4396D7B5C96CCB1A57261506FA2CAACA ] Netlogon        C:\WINDOWS\system32\lsass.exe
23:38:20.0437 0x08b4  Netlogon - ok
23:38:20.0562 0x08b4  [ 237F77C91B70469E3AF9F7FD0A524954, D781C51AAA5AD339AA1CD209B622E273663203FE9EA9643FDCC100D40F4F1479 ] Netman          C:\WINDOWS\System32\netman.dll
23:38:20.0578 0x08b4  Netman - ok
23:38:20.0671 0x08b4  [ 6FA2DDF70DC9B762EBF8920F89B6BEA3, F359173E77C950002BF154593E7D70E097459339A486B0FD3C950B85CE1667C1 ] Nla             C:\WINDOWS\System32\mswsock.dll
23:38:20.0703 0x08b4  Nla - ok
23:38:20.0734 0x08b4  [ 4F601BCB8F64EA3AC0994F98FED03F8E, D9D6783B970CB871DE0C6EDD8BE42F30CD1DCD55D4DF006922D9CFC0CF020D27 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
23:38:20.0750 0x08b4  Npfs - ok
23:38:20.0937 0x08b4  [ B78BE402C3F63DD55521F73876951CDD, 020D75527B4814C544820D29CA064E94F2FCB7B1BA011D63E9D2BFD4CF91BA61 ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
23:38:21.0031 0x08b4  Ntfs - ok
23:38:21.0109 0x08b4  [ 259AF82A0932EEA4F316F92DB94707B6, 8A096232C4FF41EB0A0FD1811C62269A4396D7B5C96CCB1A57261506FA2CAACA ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
23:38:21.0109 0x08b4  NtLmSsp - ok
23:38:21.0234 0x08b4  [ 951543FFB84012D13F4CB09DA2EACE96, 1C0801D146F11AAED55F2F885E8E8543FC5CE170D0D8F4CEE8AB2863DAF3A290 ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
23:38:21.0250 0x08b4  NtmsSvc - ok
23:38:21.0328 0x08b4  [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null            C:\WINDOWS\system32\drivers\Null.sys
23:38:21.0343 0x08b4  Null - ok
23:38:21.0421 0x08b4  [ C5583B853F4F4924684A436485B7B1BE, 761AD2518B5F427E386F0DCFBE5CF3F49BD8A5A7EA3BC3D43A2391F23EB6C7E9 ] NWCWorkstation  C:\WINDOWS\System32\nwwks.dll
23:38:21.0437 0x08b4  NWCWorkstation - ok
23:38:21.0500 0x08b4  [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
23:38:21.0500 0x08b4  NwlnkFlt - ok
23:38:21.0562 0x08b4  [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
23:38:21.0562 0x08b4  NwlnkFwd - ok
23:38:21.0625 0x08b4  [ 79EA3FCDA7067977625B3363A2657C80, 8D3525701644F6207321AEE6AD783249CAF2990CE15664BB04A3F6DFAD16194B ] NwlnkIpx        C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys
23:38:21.0640 0x08b4  NwlnkIpx - ok
23:38:21.0687 0x08b4  [ 56D34A67C05E94E16377C60609741FF8, ABE48D3E7D38DB20E9D4884FC6FE42FAE0C5FAFD3AC86F1E585A4BB17C6F09C5 ] NwlnkNb         C:\WINDOWS\system32\DRIVERS\nwlnknb.sys
23:38:21.0687 0x08b4  NwlnkNb - ok
23:38:21.0718 0x08b4  [ C0BB7D1615E1ACBDC99757F6CEAF8CF0, 899905C0EB182ABCDAE0D0D749C0BC39CD231B9FAEE733D5DFDAE86EB8BC755B ] NwlnkSpx        C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys
23:38:21.0750 0x08b4  NwlnkSpx - ok
23:38:21.0812 0x08b4  [ 03373A79440473062C6F3AEDEC6A49C8, E8BCA129F599516173351899615D2A8CAEDC4A42D5C29CF6105DF96CC6BD7BD0 ] NWRDR           C:\WINDOWS\system32\DRIVERS\nwrdr.sys
23:38:21.0828 0x08b4  NWRDR - ok
23:38:21.0937 0x08b4  [ 85546CD9E69993F4AB37915208BF7B46, 09632377A6C13493AEF4D7DAB8AA4345CF9897A498FD214332C7D09A18FDC3D2 ] p2pgasvc        C:\WINDOWS\system32\p2pgasvc.dll
23:38:21.0937 0x08b4  p2pgasvc - ok
23:38:22.0031 0x08b4  [ 563EF3CACBA337EACA3902C82610E614, B6A083170BF469AA0F8F5BB04222F8A800F06FA00BFE0552DE8DC66827549690 ] p2pimsvc        C:\WINDOWS\system32\p2psvc.dll
23:38:22.0078 0x08b4  p2pimsvc - ok
23:38:22.0171 0x08b4  [ 563EF3CACBA337EACA3902C82610E614, B6A083170BF469AA0F8F5BB04222F8A800F06FA00BFE0552DE8DC66827549690 ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
23:38:22.0203 0x08b4  p2psvc - ok
23:38:22.0265 0x08b4  [ 318696359AC7DF48D1E51974EC527DD2, 45D477382C50FFC34D21F8BB26A2D9A2AF4E5E243D8A92AA20970592304DC3CE ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
23:38:22.0281 0x08b4  Parport - ok
23:38:22.0328 0x08b4  [ 3334430C29DC338092F79C38EF7B4CD0, B54989B46D77F124D66741A939FF2033F73854FC39AF13C8165D01203A94A94E ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
23:38:22.0328 0x08b4  PartMgr - ok
23:38:22.0406 0x08b4  [ 9575C5630DB8FB804649A6959737154C, B73094C0043CC5CB97D7DF1243D30DF3E41C453F0721C7265F20B735AEF8E723 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
23:38:22.0421 0x08b4  ParVdm - ok
23:38:22.0468 0x08b4  [ 7C5DA5C1ED801AD8B0309D5514F0B75E, 9BE57E2133FCA9EAA9ADF945AEFC627E5DE60673B1EBBF3C1CB2991D92F09DAD ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
23:38:22.0484 0x08b4  PCI - ok
23:38:22.0515 0x08b4  PCIDump - ok
23:38:22.0578 0x08b4  [ F4BFDE7209C14A07AAA61E4D6AE69EAC, B67D87F22169572AD41884080FA9CBD5BABC248F40B71EA7297E516576982DD3 ] PCIIde          C:\WINDOWS\system32\drivers\PCIIde.sys
23:38:22.0578 0x08b4  PCIIde - ok
23:38:22.0703 0x08b4  [ 641DA274E163617EA7A33506BC6DA8E3, 75EE80EF28D012B94D18C7BBBA31CF3DF185837F426B382CA5114DFFD4E2F025 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
23:38:22.0718 0x08b4  Pcmcia - ok
23:38:22.0765 0x08b4  PDCOMP - ok
23:38:22.0812 0x08b4  PDFRAME - ok
23:38:22.0843 0x08b4  PDRELI - ok
23:38:22.0890 0x08b4  PDRFRAME - ok
23:38:22.0953 0x08b4  perc2 - ok
23:38:22.0984 0x08b4  perc2hib - ok
23:38:23.0140 0x08b4  [ 63DCDE1A0D86EEB8924D6738FF616EAD, 349EED6BA2E6D89E95BE681C001360FE6307E310959DEB878A44AC3B928943DF ] PlugPlay        C:\WINDOWS\system32\services.exe
23:38:23.0140 0x08b4  PlugPlay - ok
23:38:23.0265 0x08b4  [ 563EF3CACBA337EACA3902C82610E614, B6A083170BF469AA0F8F5BB04222F8A800F06FA00BFE0552DE8DC66827549690 ] PNRPSvc         C:\WINDOWS\system32\p2psvc.dll
23:38:23.0281 0x08b4  PNRPSvc - ok
23:38:23.0359 0x08b4  [ 259AF82A0932EEA4F316F92DB94707B6, 8A096232C4FF41EB0A0FD1811C62269A4396D7B5C96CCB1A57261506FA2CAACA ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
23:38:23.0359 0x08b4  PolicyAgent - ok
23:38:23.0437 0x08b4  [ 1C5CC65AAC0783C344F16353E60B72AC, 7786CFE970A79B327DB57AEBADA8B0B94B4DE07CE8AF285E9835B2AADD597296 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
23:38:23.0437 0x08b4  PptpMiniport - ok
23:38:23.0468 0x08b4  [ 259AF82A0932EEA4F316F92DB94707B6, 8A096232C4FF41EB0A0FD1811C62269A4396D7B5C96CCB1A57261506FA2CAACA ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
23:38:23.0500 0x08b4  ProtectedStorage - ok
23:38:23.0562 0x08b4  [ 48671F327553DCF1D27F6197F622A668, CB34A17BC36E8F8BB5F87F9EE21311C50DE9AE156513D682581DE47C93EC155D ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
23:38:23.0562 0x08b4  PSched - ok
23:38:23.0609 0x08b4  [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
23:38:23.0609 0x08b4  Ptilink - ok
23:38:23.0703 0x08b4  [ D86B4A68565E444D76457F14172C875A, 06B1CF81A62B3DAA8D0C5A8B88C56A504DE8E9278C520F754AF363A6676C58B0 ] PxHelp20        C:\WINDOWS\system32\Drivers\PxHelp20.sys
23:38:23.0718 0x08b4  PxHelp20 - ok
23:38:23.0750 0x08b4  ql1080 - ok
23:38:23.0796 0x08b4  Ql10wnt - ok
23:38:23.0843 0x08b4  ql12160 - ok
23:38:23.0875 0x08b4  ql1240 - ok
23:38:23.0921 0x08b4  ql1280 - ok
23:38:24.0093 0x08b4  [ CB6849A0F18A49E694762E93A58A853B, C08EFF555245503614BCCD7F7A5A6CAA1129F67A6971270CE1EE5F440A9BBAB4 ] RalinkRegistryWriter C:\Program Files\TP-LINK\TL-WN321G\COMMON\RegistryWriter.exe
23:38:24.0140 0x08b4  RalinkRegistryWriter - ok
23:38:24.0218 0x08b4  [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
23:38:24.0234 0x08b4  RasAcd - ok
23:38:24.0359 0x08b4  [ 03D5509F513EAC463D1C5B3601EBC62C, 6373DFCA7443899A71CF5C5F65FFA4A16C36EB21ACBD11319C0C9A3820BEC4F3 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
23:38:24.0406 0x08b4  RasAuto - ok
23:38:24.0468 0x08b4  [ 98FAEB4A4DCF812BA1C6FCA4AA3E115C, F59974A2A3C21071BC72CA4DAF5D2DDF93471EC16FD1A34DE9DC1A50027F6835 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
23:38:24.0500 0x08b4  Rasl2tp - ok
23:38:24.0640 0x08b4  [ 846E0536290C0488BF3D797F2CABBCCF, 6755B56B323881B1F17129C8C310322A69C79317DEE2424E388FF49E9FD4FB61 ] RasMan          C:\WINDOWS\System32\rasmans.dll
23:38:24.0765 0x08b4  RasMan - ok
23:38:24.0843 0x08b4  [ 7306EEED8895454CBED4669BE9F79FAA, DC6874ECAD9105BC9EAB007291958911D7D4D3649124472070B3496B36C45200 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
23:38:24.0875 0x08b4  RasPppoe - ok
23:38:24.0937 0x08b4  [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
23:38:24.0937 0x08b4  Raspti - ok
23:38:25.0062 0x08b4  [ 29D66245ADBA878FFF574CD66ABD2884, E85710229E61DB37BAB291E2E13ABD99FA8DFF7C8245853253BE540D8741990E ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
23:38:25.0109 0x08b4  Rdbss - ok
23:38:25.0187 0x08b4  [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
23:38:25.0218 0x08b4  RDPCDD - ok
23:38:25.0359 0x08b4  [ A2CAE2C60BC37E0751EF9DDA7CEAF4AD, 586900D30F44E132AC75520EFF4FF615AA46283F1F050AC93FF9C235AC0F1D75 ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys
23:38:25.0421 0x08b4  rdpdr - ok
23:38:25.0500 0x08b4  [ D4F5643D7714EF499AE9527FDCD50894, 6D9EDD9DE3B21324FBDEF074F815A4925F656E06BD15B73B53CD255FD8F0D63F ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
23:38:25.0531 0x08b4  RDPWD - ok
23:38:25.0656 0x08b4  [ F35A23E5B6413F93CCCA0D05D00183FB, 1F965C2EBDAB1D0CC8F404E6211F841AFD5249FE946D2E64CB8617DE52AD6DAE ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
23:38:25.0765 0x08b4  RDSessMgr - ok
23:38:25.0828 0x08b4  [ 2CC30B68DD62B73D444A41322CD7FC4C, B4D6D0688F560C1173FE6C93DAD7C193B872836E648ED4EC1BA88313960A82A2 ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
23:38:25.0890 0x08b4  redbook - ok
23:38:25.0984 0x08b4  [ 6E2CBBD6956A605EF98FFD4843928FED, EC5EEAA40C876DEE2988CB868B3AD7D42D81DEEE5F0E901E86A942CE73B689C5 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
23:38:26.0093 0x08b4  RemoteAccess - ok
23:38:26.0234 0x08b4  [ B6F76CE10953A141545A0D01F1776885, A7EF16CCC3059AEB5B11894C2F3545D9B22A86246F6AF903826D90F6125CCFC7 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
23:38:26.0265 0x08b4  RemoteRegistry - ok
23:38:26.0406 0x08b4  [ 35E81B908AE4E97FC7BDF4607C516FF4, 62D92B15A3794D25C1230B81EDB43E79E2BD98AADC752E43DF7C93865E0926CE ] RMCAST          C:\WINDOWS\system32\drivers\RMCast.sys
23:38:26.0578 0x08b4  RMCAST - ok
23:38:26.0671 0x08b4  [ DAB8E0B2F07DC4D44F8F72BF3994630B, BE4896C6508F75D9785AED3131D7E469863A1999022092BBD275FB4ED4F55373 ] RpcLocator      C:\WINDOWS\system32\locator.exe
23:38:26.0703 0x08b4  RpcLocator - ok
23:38:26.0765 0x08b4  [ C6FE0B727A5D13419D480150631ADC09, 1156D64EBDC0F607D937BA15CD4D9C4D159A4F5828D59FC4EF68BDC67FA7B1D6 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
23:38:26.0781 0x08b4  RpcSs - ok
23:38:26.0921 0x08b4  [ 414964844F4793ACB868D057E8ED997E, 843E0C7761AC001BF1169251167B08DA24E227F041F80586F2A54197A166FD13 ] RSVP            C:\WINDOWS\system32\rsvp.exe
23:38:27.0031 0x08b4  RSVP - ok
23:38:27.0234 0x08b4  [ D40E3CEC0813F6B812BB556F809DEE49, 35E40D127E0935DA5FC8655D2EA92BF55B7158FCF26834B41A0F1C1A6653C043 ] RT73            C:\WINDOWS\system32\DRIVERS\rt73.sys
23:38:27.0671 0x08b4  RT73 - ok
23:38:27.0718 0x08b4  [ 259AF82A0932EEA4F316F92DB94707B6, 8A096232C4FF41EB0A0FD1811C62269A4396D7B5C96CCB1A57261506FA2CAACA ] SamSs           C:\WINDOWS\system32\lsass.exe
23:38:27.0718 0x08b4  SamSs - ok
23:38:27.0828 0x08b4  [ 39763504067962108505BFF25F024345, 73C9710B61EDC7FBEDE1D7A767AA3D3A169E7AD012494D05CB5EE7E5C5752BB9 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
23:38:27.0859 0x08b4  SASDIFSV - ok
23:38:27.0937 0x08b4  [ 77B9FC20084B48408AD3E87570EB4A85, B5BC5FEC1356DECB66A7A671DB67112BDAC8F942BF1C4B986B1805B41EF362B1 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
23:38:27.0953 0x08b4  SASKUTIL - ok
23:38:28.0062 0x08b4  [ 8866078139C403A28CB4CB460CA6DC90, 77DF7DA9D8FD86294B5C33957939FC12B02D0B8C3FCB2CEDFE09D2A758C99EEA ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
23:38:28.0078 0x08b4  SCardSvr - ok
23:38:28.0187 0x08b4  [ A65E74CC5831CED5762AA16033ED20EE, BCEB2BF69E789205118F23467C689DC208CE90A6E0B86540C1A1111C639B7B85 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
23:38:28.0187 0x08b4  Schedule - ok
23:38:28.0265 0x08b4  [ D26E26EA516450AF9D072635C60387F4, C78D26B2E6343176EA9E09DD96CDAE108F832B7973FABF756D05E24392FEF388 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
23:38:28.0265 0x08b4  Secdrv - ok
23:38:28.0328 0x08b4  [ 27ADC5543DBDFFF3FCB8D14D36395072, 22E19516595A14917E1EE373B05274C8E357686469D80C380A8F0D6D4300A788 ] seclogon        C:\WINDOWS\System32\seclogon.dll
23:38:28.0343 0x08b4  seclogon - ok
23:38:28.0390 0x08b4  [ 3C6BE06A5E464056F7A10E4D66EF92C0, 122B811F0DDDDE9F89BA0FC65AC9BFF7E012EE832B26A20E0D2D8C312EAE1AC6 ] SENS            C:\WINDOWS\system32\sens.dll
23:38:28.0406 0x08b4  SENS - ok
23:38:28.0453 0x08b4  [ A2D868AEEFF612E70E213C451A70CAFB, 25CBB9E26CDCBD8E221ACF4364E82E8F811C3144E0EEF9DF9DAEC8534243BD3B ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
23:38:28.0468 0x08b4  serenum - ok
23:38:28.0531 0x08b4  [ 653201755CA96AB4AAA4131DAF6DA356, 78249D4FB5082785BE192E9D524789FE710F528864373E120A0E384C6E47AF85 ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
23:38:28.0546 0x08b4  Serial - ok
23:38:28.0578 0x08b4  [ 0D13B6DF6E9E101013A7AFB0CE629FE0, 2214EA0F16BB33970E299CE457EB50AEE0BEF7959BC1EBD3C06C78A46B42B808 ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
23:38:28.0578 0x08b4  Sfloppy - ok
23:38:28.0656 0x08b4  [ BC919495F27AEEDAC71C123E859413D0, B22AAEF18A76408C4B8BFD0D060C518FF47A0A6F92AA35B2A9F8E67FAE5B5749 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
23:38:28.0687 0x08b4  SharedAccess - ok
23:38:28.0750 0x08b4  [ ABA25E49F6589FD73F1143FDC39A6B46, 67708EDF502F009061F666E09001554412B71E0927F633AFAF1C102428ED5D6E ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
23:38:28.0765 0x08b4  ShellHWDetection - ok
23:38:28.0812 0x08b4  Simbad - ok
23:38:28.0890 0x08b4  [ 50F22575C0FB5D85A9D41EF963610C32, 3A797D1D4ED0FBC2D1C109ED04CDFDE6A3DB11E9F145B8CAFB3928EE7CD610ED ] SimpTcp         C:\WINDOWS\system32\tcpsvcs.exe
23:38:28.0890 0x08b4  SimpTcp - ok
23:38:28.0984 0x08b4  [ 5CAEED86821FA2C6139E32E9E05CCDC9, 63F91C95FD2914DAEC648A6EAF75EE5E18EAA7754F5A03A57D693AC49C66479E ] SLIP            C:\WINDOWS\system32\DRIVERS\SLIP.sys
23:38:28.0984 0x08b4  SLIP - ok
23:38:29.0078 0x08b4  [ F143B2E34BA845F3631D1FB623ED538A, A498CE6AD161B671C8031E9E4BE4EEB05ED6B146C3AA6E94E430C4DF3726A896 ] SNMP            C:\WINDOWS\System32\snmp.exe
23:38:29.0078 0x08b4  SNMP - ok
23:38:29.0171 0x08b4  [ 3ECF4A20333ED56CD49F204729394771, B0DB98A2223D88F2E173CAB545397FE33BD2919EFFFD17BBE1A30C22CCC2D07D ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
23:38:29.0171 0x08b4  SNMPTRAP - ok
23:38:29.0218 0x08b4  Sparrow - ok
23:38:29.0281 0x08b4  [ 8E186B8F23295D1E42C573B82B80D548, C418568C2071E2761CD26F736443BD7BF9C6914D47D171A5AC990278E855A74F ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
23:38:29.0281 0x08b4  splitter - ok
23:38:29.0343 0x08b4  [ DF9FC62AD51CB082B0AE371919A232CB, B456A9768BBE14B77DCD3835CF873783B6367BE989F6AB571E98608AA046C953 ] Spooler         C:\WINDOWS\system32\spoolsv.exe
23:38:29.0359 0x08b4  Spooler - ok
23:38:29.0468 0x08b4  [ B52181023B827ACDA36C1B76751EBFFD, 8C17028EF8C811ADBC913C9120E0B4512477B19CEB929E8F692D0C3EE9130DD1 ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
23:38:29.0468 0x08b4  sr - ok
23:38:29.0531 0x08b4  [ CE978404558CE2D82896AC2032F06DBF, 07943B0EE9B8F8BB9F24A20AD798D6E0D696857AF233F99FD007766B85855E9C ] srservice       C:\WINDOWS\system32\srsvc.dll
23:38:29.0546 0x08b4  srservice - ok
23:38:29.0656 0x08b4  [ 20B7E396720353E4117D64D9DCB926CA, 55E35EBA5792DC42BE2F10A4FAD4BE5721C05C134C153E37AC4D5E68982DED6C ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
23:38:29.0703 0x08b4  Srv - ok
23:38:29.0796 0x08b4  [ DCB185C829538971E47AFFE77BA138C3, 15CD13134918CE2E105CCDAD266E24EB5C55F8E32FE28123AD4B1F731080AB3C ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
23:38:29.0796 0x08b4  SSDPSRV - ok
23:38:29.0906 0x08b4  [ 3180D308BA44C96F18E6A83AD2BEF13A, 36634761A74E737E8F52FB20155FEC76FC21187FEAAC8A40EB9DBAF6404E407A ] stisvc          C:\WINDOWS\system32\wiaservc.dll
23:38:29.0937 0x08b4  stisvc - ok
23:38:30.0000 0x08b4  [ 284C57DF5DC7ABCA656BC2B96A667AFB, 7E3CAE1911E710B1CC37571AE1B92DC981FCD46E67A3AD3C258672D17781C709 ] streamip        C:\WINDOWS\system32\DRIVERS\StreamIP.sys
23:38:30.0015 0x08b4  streamip - ok
23:38:30.0062 0x08b4  [ 03C1BAE4766E2450219D20B993D6E046, 0D8E5B141EAA9E2C8D1F8BFD522F57EE8074216A336CBE37FE77B8ADDB791DBE ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
23:38:30.0109 0x08b4  swenum - ok
23:38:30.0312 0x08b4  [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard     C:\Program Files\Fichiers communs\Adobe\SwitchBoard\SwitchBoard.exe
23:38:30.0359 0x08b4  SwitchBoard - ok
23:38:30.0468 0x08b4  [ 94ABC808FC4B6D7D2BBF42B85E25BB4D, EEF6DB9EDD8C273A6595675A7A12B9D440FA4E178BA7C69FB1942D97E291F989 ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
23:38:30.0468 0x08b4  swmidi - ok
23:38:30.0515 0x08b4  SwPrv - ok
23:38:30.0578 0x08b4  symc810 - ok
23:38:30.0625 0x08b4  symc8xx - ok
23:38:30.0687 0x08b4  sym_hi - ok
23:38:30.0734 0x08b4  sym_u3 - ok
23:38:30.0812 0x08b4  [ 650AD082D46BAC0E64C9C0E0928492FD, 6A587A55418A3A7867602D92B99FE393152DED191F27992C4BA909BD268AC43C ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
23:38:30.0812 0x08b4  sysaudio - ok
23:38:30.0906 0x08b4  [ 0FAAD412D36E668260A6D5699875D534, CD21D853A879CF8AB101036D3AB267CA1BA9D9949B7E327B2B7F15769A4E36F7 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
23:38:30.0937 0x08b4  SysmonLog - ok
23:38:31.0062 0x08b4  [ 5CC2A233DAC03CAF99D20B87598675CD, 9E70E44A4C823810E35093EE83C0BADB1CE6DEB9FB8C471DCF808EB965FA24BA ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
23:38:31.0078 0x08b4  TapiSrv - ok
23:38:31.0171 0x08b4  [ 9F4B36614A0FC234525BA224957DE55C, 56766EF576479367C29B2EE16CF232EDE2569CEB0A72BF8E38FBABC9BF7C1BEC ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
23:38:31.0218 0x08b4  Tcpip - ok
23:38:31.0328 0x08b4  [ 4D58BB1AE8841AAFD8790AD7E1E3B8EA, 1B5AA1BFE3943FBC871D1C9B7C85556944433C6387A399B8AAB0395E5F8B9EA7 ] Tcpip6          C:\WINDOWS\system32\DRIVERS\tcpip6.sys
23:38:31.0343 0x08b4  Tcpip6 - ok
23:38:31.0421 0x08b4  [ 38D437CF2D98965F239B0ABCD66DCB0F, CC497A25C7AC1FF1E07CEE25FB0C5A5E6C4005C1CB244601FE620884A5C26506 ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
23:38:31.0437 0x08b4  TDPIPE - ok
23:38:31.0500 0x08b4  [ ED0580AF02502D00AD8C4C066B156BE9, 41AA6C88CF48CAF0DA8E374F37E74206E4F558332075304A28983D04E08B3154 ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
23:38:31.0500 0x08b4  TDTCP - ok
23:38:31.0593 0x08b4  [ A540A99C281D933F3D69D55E48727F47, CC430FA0E0F1745E167877003FDCC35FE940AF8CAD05387ECBA880CC3A3F6709 ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
23:38:31.0609 0x08b4  TermDD - ok
23:38:31.0734 0x08b4  [ 78F90C3E230AD122BCB116ABAD5FEFE9, EF0C7E59115D0ADE39272C8C549EC96135DD65B6BC3F036C74E378D4AE6E4136 ] TermService     C:\WINDOWS\System32\termsrv.dll
23:38:31.0765 0x08b4  TermService - ok
23:38:31.0843 0x08b4  [ ABA25E49F6589FD73F1143FDC39A6B46, 67708EDF502F009061F666E09001554412B71E0927F633AFAF1C102428ED5D6E ] Themes          C:\WINDOWS\System32\shsvcs.dll
23:38:31.0843 0x08b4  Themes - ok
23:38:31.0937 0x08b4  [ D244322BE1A7C8AD252EC5397EA6D296, 385ED0AD5CD36F751B05E004012C5581460E2C91E9D65C8170B33F7166083169 ] TlntSvr         C:\WINDOWS\system32\tlntsvr.exe
23:38:31.0953 0x08b4  TlntSvr - ok
23:38:32.0000 0x08b4  TosIde - ok
23:38:32.0078 0x08b4  [ 215E18CA64CEA34540AD2984F4A06FAE, CB9CECA60FF2647C7E1E17E7D5185C8CF57408E4CA39FB7C1F7ECAF6ED5D86E4 ] TrkWks          C:\WINDOWS\system32\trkwks.dll
23:38:32.0093 0x08b4  TrkWks - ok
23:38:32.0171 0x08b4  [ 87A0E9E18C10A9E454238E3330E2A26D, D595633568C5E1EC4353FB12341EECC7E141E96A5ABD9064AD63C07C46F95706 ] tunmp           C:\WINDOWS\system32\DRIVERS\tunmp.sys
23:38:32.0171 0x08b4  tunmp - ok
23:38:32.0234 0x08b4  [ 12F70256F140CD7D52C58C7048FDE657, F2E3E645AA713A520452F5E17513D258D3900E93F65013551FC2B542BFA15BB3 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
23:38:32.0265 0x08b4  Udfs - ok
23:38:32.0296 0x08b4  ultra - ok
23:38:32.0390 0x08b4  [ AB0A7CA90D9E3D6A193905DC1715DED0, CA764A2B92E727E3398134CD50D5622B4EC387436A3644063DA1D114CE63BD64 ] UMWdf           C:\WINDOWS\system32\wdfmgr.exe
23:38:32.0406 0x08b4  UMWdf - ok
23:38:32.0531 0x08b4  [ AFF2E5045961BBC0A602BB6F95EB1345, FEEF47B9683B0F26355AC0947019DE9AE27002A7019C1C4A2D22FA0046E9F07B ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
23:38:32.0546 0x08b4  Update - ok
23:38:32.0671 0x08b4  [ 0B6A726C2DE9BBB80A48459F0C318F44, 08D254AB8090E22031D4EB41EF1A7C48BE064B856A9EA64B5F1F3D188DE275B3 ] upnphost        C:\WINDOWS\System32\upnphost.dll
23:38:32.0687 0x08b4  upnphost - ok
23:38:32.0734 0x08b4  [ 394C9B28C1A97E1AE0421BE88DDAC102, 67E8EEB8EC002D679E0136DBA17172349597293C1C81277BA9EB2271840E5457 ] UPS             C:\WINDOWS\System32\ups.exe
23:38:32.0750 0x08b4  UPS - ok
23:38:32.0859 0x08b4  [ 45A0D14B26C35497AD93BCE7E15C9941, F88F51D03BE33D19E98EA0B45273E84AB77C9927669ADBE7D175354034D9610F ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys
23:38:32.0875 0x08b4  usbaudio - ok
23:38:32.0953 0x08b4  [ BFFD9F120CC63BCBAA3D840F3EEF9F79, 0183D82E341473200FB1A05F6ABBBA3F2BD635654F49599E4CEB3E6394A33D36 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
23:38:32.0968 0x08b4  usbccgp - ok
23:38:33.0031 0x08b4  [ 15E993BA2F6946B2BFBBFCD30398621E, 10AD5B133C9C68B8E11DF702C50BDE5162693C5A9F132DFE1823D03D70D4EB89 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
23:38:33.0031 0x08b4  usbehci - ok
23:38:33.0109 0x08b4  [ C72F40947F92CEA56A8FB532EDF025F1, EBB9E235C973574B835B1FD22D813E9215029B3FC5030591D6F7971C9A23AEF7 ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
23:38:33.0125 0x08b4  usbhub - ok
23:38:33.0203 0x08b4  [ A6BC71402F4F7DD5B77FD7F4A8DDBA85, E40B73D4E2417F4874D155885C86E4FB44557324616AABD84EFE6C4751DCC46B ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
23:38:33.0203 0x08b4  usbscan - ok
23:38:33.0281 0x08b4  [ 6CD7B22193718F1D17A47A1CD6D37E75, CFD74FE06819DA488654F88BFCCBF29994FE7F04EC6CD5CD41552B0C95A8130F ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
23:38:33.0296 0x08b4  USBSTOR - ok
23:38:33.0390 0x08b4  [ F8FD1400092E23C8F2F31406EF06167B, AE93C83BA1966535AFA3E72D6F69156B7E56F021A6808EC8DA44C7E7D506D7E5 ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
23:38:33.0390 0x08b4  usbuhci - ok
23:38:33.0484 0x08b4  [ 8968FF3973A883C49E8B564200F565B9, 64811243DA03B8B538E6B10954655C2A87D8CF8090F4BF4537A97947D4E6C3DC ] usbvideo        C:\WINDOWS\system32\Drivers\usbvideo.sys
23:38:33.0531 0x08b4  usbvideo - ok
23:38:33.0546 0x08b4  [ 8A60EDD72B4EA5AEA8202DAF0E427925, ED0624B285E4F64E07E30C12490873A2090F9DFD6A91A2EDA7A1082B88A8199E ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
23:38:33.0562 0x08b4  VgaSave - ok
23:38:33.0593 0x08b4  ViaIde - ok
23:38:33.0656 0x08b4  [ 313B1A0D5DB26DFE1C34A6C13B2CE0A7, 141D75982D2840FC71B6C10C8E543E9159119909510644129E4173398357004C ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
23:38:33.0656 0x08b4  VolSnap - ok
23:38:33.0812 0x08b4  [ CE38755FF8C161A66E45FC0C10CDEE87, 65C068F28F65F4D6170BCC67495052ADD8CBCA6BBFE28BFE41BEEA92D16151AF ] VSS             C:\WINDOWS\System32\vssvc.exe
23:38:33.0843 0x08b4  VSS - ok
23:38:33.0937 0x08b4  [ B46F3ABAC633B2CFD34DE56FE5130735, 3188A95E9217FA9BCDCEBAF5CF473B91A615267EBC89B2E995E75E234BDAC76B ] W32Time         C:\WINDOWS\system32\w32time.dll
23:38:33.0953 0x08b4  W32Time - ok
23:38:34.0015 0x08b4  [ 984EF0B9788ABF89974CFED4BFBAACBC, 8178888E3A1AA3BD3BE34456118BB76AF2DD04EC575E4880F97A8EFB182C9E92 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
23:38:34.0015 0x08b4  Wanarp - ok
23:38:34.0062 0x08b4  WDICA - ok
23:38:34.0140 0x08b4  [ 2797F33EBF50466020C430EE4F037933, F134F8C091D944880714E4D193D2753BE4F1C18757D5274A892195C4EC9C4D08 ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
23:38:34.0140 0x08b4  wdmaud - ok
23:38:34.0218 0x08b4  [ BDDA07933F4CAC14A7E35D1084649AF5, CBCCC878A6D6472A6045831E6C8993A623CB848BFD88930BC53913A31BD21BD1 ] WebClient       C:\WINDOWS\System32\webclnt.dll
23:38:34.0218 0x08b4  WebClient - ok
23:38:34.0328 0x08b4  [ D62DD45D691350A7029A554831B42BBA, 96716ECD35AAB92E6AF3364FAEC5E44BBD940B0719CDAE896CB6A29B301E6077 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
23:38:34.0343 0x08b4  winmgmt - ok
23:38:34.0484 0x08b4  [ 140EF97B64F560FD78643CAE2CDAD838, 1DEA8005220A3EFEC6E32A7DE4386026CCC1E5328E2FDCB82B1FB335905D1962 ] WmdmPmSN        C:\WINDOWS\system32\mspmsnsv.dll
23:38:34.0484 0x08b4  WmdmPmSN - ok
23:38:34.0609 0x08b4  [ 8788AC79968A829A0B385E3B2F12D23E, 88CC02F3A5E10C25264EACD879D26999C1C9F5CE634E59626454D312C2F045C3 ] Wmi             C:\WINDOWS\System32\advapi32.dll
23:38:34.0656 0x08b4  Wmi - ok
23:38:34.0781 0x08b4  [ 93A3FC4CF42587A7AB54788F19B9259C, 5D02FAC5D541C8D3683FED3B9CDFB13C312C4B76F05D1EAA96C9F207CF8F5706 ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
23:38:34.0812 0x08b4  WmiApSrv - ok
23:38:34.0906 0x08b4  [ 6ABE6E225ADB5A751622A9CC3BC19CE8, 4061C5D0F051DFF1730E2A3BFC1CCA97B29602FC50F10F6B44D93B0D28F42024 ] WS2IFSL         C:\WINDOWS\System32\drivers\ws2ifsl.sys
23:38:34.0906 0x08b4  WS2IFSL - ok
23:38:34.0984 0x08b4  [ 53760D195988739A9945E5F738B85723, A48FE518E4C455E4CD3E375E038DCDAA2469B59C1092C3EEDCDABF3A4FC18E8A ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
23:38:35.0000 0x08b4  wscsvc - ok
23:38:35.0062 0x08b4  [ D5842484F05E12121C511AA93F6439EC, 531888E914578172534BBC3220A86C99D1FCE423E89834B533E0A79F583436F3 ] WSTCODEC        C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
23:38:35.0062 0x08b4  WSTCODEC - ok
23:38:35.0140 0x08b4  [ A01A65BEA57E71DE6AFB80940D3E1F77, 79BD04929D6A8CCF14CDAC0AECFDF0C10732CA8574256CD2CD0DB6146A20F9ED ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
23:38:35.0156 0x08b4  wuauserv - ok
23:38:35.0250 0x08b4  [ 2536E6BACDD146C5C2398B2D41B372E5, 2E4C95D111D0BDE67205C67EE4866471E599980A6C18523387DF9218FD9E5997 ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
23:38:35.0296 0x08b4  WZCSVC - ok
23:38:35.0375 0x08b4  [ 912591E2055E26566D1CB54092A7E8B0, 4E05E51F4666F1CEB6FB1A0C848994C12C85B27F9B28A27C7479E48A9EBB02CE ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
23:38:35.0390 0x08b4  xmlprov - ok
23:38:35.0453 0x08b4  ================ Scan global ===============================
23:38:35.0515 0x08b4  [ FC73E963C354A0427CC17EBC579A485F, 22F390EDD97CCAE5C7A512C2E6B9C8CD67EBCC23A2B7CF1E3E182D37064AF378 ] C:\WINDOWS\system32\basesrv.dll
23:38:35.0578 0x08b4  [ A4D0C2375201B13B5971DF54B55156EA, 478F48594E0D071097A79765E502DBD83E31982955206C1E844DB2B2EF5F09FE ] C:\WINDOWS\system32\winsrv.dll
23:38:35.0640 0x08b4  [ A4D0C2375201B13B5971DF54B55156EA, 478F48594E0D071097A79765E502DBD83E31982955206C1E844DB2B2EF5F09FE ] C:\WINDOWS\system32\winsrv.dll
23:38:35.0703 0x08b4  [ 63DCDE1A0D86EEB8924D6738FF616EAD, 349EED6BA2E6D89E95BE681C001360FE6307E310959DEB878A44AC3B928943DF ] C:\WINDOWS\system32\services.exe
23:38:35.0703 0x08b4  [ Global ] - ok
23:38:35.0734 0x08b4  ================ Scan MBR ==================================
23:38:35.0765 0x08b4  [ C99C3199CFAA4CBDCD91493F6D113A50 ] \Device\Harddisk0\DR0
23:38:36.0187 0x08b4  \Device\Harddisk0\DR0 - ok
23:38:36.0203 0x08b4  ================ Scan VBR ==================================
23:38:36.0234 0x08b4  [ 075DC09E8B266F501A75257C569D9E4B ] \Device\Harddisk0\DR0\Partition1
23:38:36.0234 0x08b4  \Device\Harddisk0\DR0\Partition1 - ok
23:38:36.0265 0x08b4  Waiting for KSN requests completion. In queue: 222
23:38:37.0265 0x08b4  Waiting for KSN requests completion. In queue: 222
23:38:38.0265 0x08b4  Waiting for KSN requests completion. In queue: 222
23:38:39.0515 0x08b4  AV detected via SS1: avast! Antivirus, 5.0.150996955, enabled, updated
23:38:39.0515 0x08b4  FW detected via SS1: avast! Antivirus, 5.0.134219225, disabled
23:38:39.0531 0x08b4  Win FW state via NFM: enabled
23:38:42.0062 0x08b4  ============================================================
23:38:42.0062 0x08b4  Scan finished
23:38:42.0062 0x08b4  ============================================================
23:38:42.0125 0x15a0  Detected object count: 0
23:38:42.0125 0x15a0  Actual detected object count: 0
 



#7 goalsurfer

goalsurfer
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:05:41 PM

Posted 02 February 2014 - 06:43 PM

# AdwCleaner v3.018 - Rapport créé le 02/02/2014 à 23:47:20
# Mis à jour le 28/01/2014 par Xplode
# Système d'exploitation : Microsoft Windows XP Service Pack 2 (32 bits)
# Nom d'utilisateur : Administrateur - MONIQUE-C3360EA
# Exécuté depuis : C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Bureau\AdwCleaner.exe
# Option : Nettoyer

***** [ Services ] *****


***** [ Fichiers / Dossiers ] *****

Dossier Supprimé : C:\Documents and Settings\All Users.WINDOWS\Application Data\apn
Dossier Supprimé : C:\Documents and Settings\All Users.WINDOWS\Application Data\Babylon
Dossier Supprimé : C:\Documents and Settings\All Users.WINDOWS\Application Data\Conduit
Dossier Supprimé : C:\Documents and Settings\All Users.WINDOWS\Application Data\DealPlyLive
Dossier Supprimé : C:\Documents and Settings\All Users.WINDOWS\Application Data\Premium
Dossier Supprimé : C:\Documents and Settings\All Users.WINDOWS\Application Data\StarApp
Dossier Supprimé : C:\Documents and Settings\All Users.WINDOWS\Application Data\savensHare
Dossier Supprimé : C:\Documents and Settings\All Users.WINDOWS\Application Data\SiEaarycah--NeewTaab
Dossier Supprimé : C:\Documents and Settings\All Users.WINDOWS\Application Data\wxDownload
Dossier Supprimé : C:\Program Files\Advanced System Protector
[x] Non Supprimé : C:\Program Files\Alexa Toolbar
Dossier Supprimé : C:\Program Files\Conduit
Dossier Supprimé : C:\Program Files\DealPly
Dossier Supprimé : C:\Program Files\DealPlyLive
Dossier Supprimé : C:\Program Files\MyPC Backup
Dossier Supprimé : C:\Program Files\OApps
Dossier Supprimé : C:\Program Files\optimizer pro
Dossier Supprimé : C:\Program Files\SearchAmong Toolbar
Dossier Supprimé : C:\Program Files\Seekapp
Dossier Supprimé : C:\Program Files\wxDownload
Dossier Supprimé : C:\Program Files\Connect_DLC_5
Dossier Supprimé : C:\WINDOWS\Installer\{7683B745-6060-41FD-AA75-0BBB383FEAD4}
Fichier Supprimé : C:\END
Fichier Supprimé : C:\WINDOWS\system32\p5PSSavr.scr
Fichier Supprimé : C:\WINDOWS\system32\roboot.exe
Fichier Supprimé : C:\DOCUME~1\ADMINI~1.MON\LOCALS~1\Temp\Uninstall.exe

***** [ Raccourcis ] *****


***** [ Registre ] *****

Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\bicnnkjibmphdeigoodpjlcklcnaobdj
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Search
Clé Supprimée : HKCU\Toolbar
Clé Supprimée : HKLM\SOFTWARE\Classes\AlxSSB.AlxTBSSB
Clé Supprimée : HKLM\SOFTWARE\Classes\AlxSSB.AlxTBSSB.1
Clé Supprimée : HKLM\SOFTWARE\Classes\AlxTB2.ToolBarProxy
Clé Supprimée : HKLM\SOFTWARE\Classes\AlxTB2.ToolBarProxy.1
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Clé Supprimée : HKLM\SOFTWARE\Classes\esrv.funmoodsESrvc
Clé Supprimée : HKLM\SOFTWARE\Classes\esrv.funmoodsESrvc.1
Clé Supprimée : HKLM\SOFTWARE\Classes\Prod.cap
Clé Supprimée : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Clé Supprimée : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dealplylive.exe
Clé Supprimée : HKCU\Software\e6dfdbe569b843
Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar.CT3306061
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{1F02FB61-2BE5-4C16-8199-AEAA16EB0342}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{51F04BD6-3888-4849-864C-617FAE709CE0}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{69A72A8A-84ED-4A75-8CE7-263DBEF3E5D3}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{75A4D144-506D-4BE5-81DB-EC7DA1E7F840}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{B3EAD50C-ECB0-459A-9EDA-F505AB99675B}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{E57091A7-B5F0-4C42-9329-72ED3E59ED31}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{EA582743-9076-4178-9AA6-7393FDF4D5CE}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{24C1F23B-0796-4C3A-8E00-BAB4D876D4A9}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{0923E315-2D8B-48CE-A37C-AE9A42F9711C}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{1A1BBE49-C6F1-40EA-9D2F-262F0AF6DDE3}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{2022154E-7E3E-4809-871E-1B45A6FC7058}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{292ECB89-350E-45D2-816F-52C15305B144}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{36CC2180-B6BF-4951-9578-6B0C40044AAA}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{44A36944-22C6-4A08-BC7C-161F3E540DBF}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{51F04BD6-3888-4849-864C-617FAE709CE0}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{6247DD2C-8CF9-4041-A235-93691D71B8B4}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{835BED79-DF7E-4096-B355-ED43FA2EA87B}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{8C953EC4-8CFA-44FB-B32E-1249E5505091}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{8E863BD6-50DE-47D0-A6F1-3C1F6DB72451}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{9DD36F1E-5111-41C5-ADED-A2A11A2FF3E4}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{A2FB8217-E320-434E-BA79-513E357AD54F}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{A9CEBBF4-9129-479A-9231-E833ED3D3A8F}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{AFD4D1F9-167C-4884-95AE-B5A9797B0D16}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{B3EAD50C-ECB0-459A-9EDA-F505AB99675B}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{C47788B1-9604-4D7A-A684-F4D450F2D7D2}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{CA3B41D0-D4C1-4808-B248-75DA27238828}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D4A2FF6C-087F-4D40-8DFE-92AAD484BFB8}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D88B9D5C-A9CF-4C69-906D-1CCA5D85A2EF}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E4E394E0-D331-431F-B76D-E3A19193D5F6}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{F83AF01C-AA2F-469F-8BE7-D178FB15FD07}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{33D0AD98-3347-4A54-8929-5163EBEB9F72}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{AC329328-7EC4-4C34-B672-0A2B90CB9B00}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{DA9FC525-41ED-4C00-B046-946DA7CDD305}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D1B5AAD5-D1AE-4B20-88B1-FEEAEB4C1EBC}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EA582743-9076-4178-9AA6-7393FDF4D5CE}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2477E7AC-386B-083A-C59C-3CDCA6B17D6F}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE48ED75-5A56-4C5F-BBCE-6F1AC3875F66}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EA582743-9076-4178-9AA6-7393FDF4D5CE}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2477E7AC-386B-083A-C59C-3CDCA6B17D6F}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{24C1F23B-0796-4C3A-8E00-BAB4D876D4A9}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C87FC351-A80D-43E9-9A86-CF1E29DC443A}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E57091A7-B5F0-4C42-9329-72ED3E59ED31}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EB83CC62-B6C8-4844-BE8A-79DC3890BF62}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0304E64F-FD6C-4823-B56F-6C2D189D3010}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EA582743-9076-4178-9AA6-7393FDF4D5CE}]
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D1B5AAD5-D1AE-4B20-88B1-FEEAEB4C1EBC}]
Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D1B5AAD5-D1AE-4B20-88B1-FEEAEB4C1EBC}]
Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{D1B5AAD5-D1AE-4B20-88B1-FEEAEB4C1EBC}]
Valeur Supprimée : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\TornTV.com\Torntv Downloader.exe]
Clé Supprimée : HKCU\Software\1ClickDownload
Clé Supprimée : HKCU\Software\Alexa Internet
Clé Supprimée : HKCU\Software\BabSolution
Clé Supprimée : HKCU\Software\Conduit
Clé Supprimée : HKCU\Software\ConduitSearchScopes
Clé Supprimée : HKCU\Software\Crossrider
Clé Supprimée : HKCU\Software\DataMngr
Clé Supprimée : HKCU\Software\DealPlyLive
Clé Supprimée : HKCU\Software\Delta
Clé Supprimée : HKCU\Software\Funmoods
Clé Supprimée : HKCU\Software\InstallCore
Clé Supprimée : HKCU\Software\smartbar
Clé Supprimée : HKCU\Software\Softonic
Clé Supprimée : HKCU\Software\systweak
Clé Supprimée : HKCU\Software\Connect_DLC_5
Clé Supprimée : HKCU\Software\AppDataLow\SProtector
Clé Supprimée : HKLM\Software\Alexa Toolbar
Clé Supprimée : HKLM\Software\Babylon
Clé Supprimée : HKLM\Software\Conduit
Clé Supprimée : HKLM\Software\DataMngr
Clé Supprimée : HKLM\Software\DealPlyLive
Clé Supprimée : HKLM\Software\Delta
Clé Supprimée : HKLM\Software\Funmoods
Clé Supprimée : HKLM\Software\InstallCore
Clé Supprimée : HKLM\Software\SProtector
Clé Supprimée : HKLM\Software\systweak
Clé Supprimée : HKLM\Software\Connect_DLC_5
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Alexa Toolbar
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Connect_DLC_5 Toolbar
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~B9F029BF_is1
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Alexa Toolbar
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DefaultTab
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\RegClean Pro_is1

***** [ Navigateurs ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Mozilla Firefox v26.0 (en-US)

-\\ Google Chrome v32.0.1700.102

*************************

AdwCleaner[R0].txt - [14585 octets] - [02/02/2014 23:44:02]
AdwCleaner[S0].txt - [14341 octets] - [02/02/2014 23:47:20]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [14402 octets] ##########
 


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Microsoft Windows XP x64
Ran by Administrateur on 03/02/2014 at  0:00:55,42
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110311551178}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110311551178}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{103B6F16-FC71-4F77-BA7F-6C1C69853F50}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{46197f3d-30e7-4905-a14b-02bee3aaeb58}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{4ABEB403-CCAB-43E1-9D7B-089F8DF3A047}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{801BF98F-54CD-4113-BC9D-2A038B983F48}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{A50757FF-C83D-4C1D-9B64-9F5F6A192D15}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Application Data\babylon"
Successfully deleted: [Folder] "C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Application Data\dealply"
Successfully deleted: [Folder] "C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Application Data\funmoods"
Successfully deleted: [Folder] "C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Application Data\getrighttogo"
Successfully deleted: [Folder] "C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Application Data\opencandy"
Successfully deleted: [Folder] "C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Application Data\searchprotect"
Successfully deleted: [Folder] "C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Application Data\systweak"



~~~ FireFox

Successfully deleted: [File] C:\user.js
Emptied folder: C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Application Data\mozilla\firefox\profiles\qasq2ebw.default-1383666577015\minidumps [3 files]



~~~ Chrome

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Google [Blacklisted Policy]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 03/02/2014 at  0:08:57,93
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 


C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users.WINDOWS\Application Data\savensHare\51f82d8bac785.dll.vir    a variant of Win32/Adware.MultiPlug.I application
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users.WINDOWS\Application Data\SiEaarycah--NeewTaab\51f82e876dc86.dll.vir    a variant of Win32/Adware.MultiPlug.I application
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users.WINDOWS\Application Data\wxDownload\50c7a6093eca6.ocx.vir    Win32/Adware.MultiPlug.E application
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users.WINDOWS\Application Data\wxDownload\50c7a6093ecde.html.vir    Win32/Adware.MultiPlug.H application
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users.WINDOWS\Application Data\wxDownload\feblpbhiiiiiodnabocokabifaplfkoi.crx.vir    Win32/Adware.MultiPlug.H application
C:\AdwCleaner\Quarantine\C\Program Files\Connect_DLC_5\ldrtbCon0.dll.vir    a variant of Win32/Toolbar.Conduit.P application
C:\AdwCleaner\Quarantine\C\Program Files\Connect_DLC_5\ldrtbConn.dll.vir    a variant of Win32/Toolbar.Conduit.P application
C:\AdwCleaner\Quarantine\C\Program Files\Connect_DLC_5\tbCon0.dll.vir    a variant of Win32/Toolbar.Conduit.B application
C:\AdwCleaner\Quarantine\C\Program Files\Connect_DLC_5\tbConn.dll.vir    a variant of Win32/Toolbar.Conduit.B application
C:\AdwCleaner\Quarantine\C\Program Files\SearchAmong Toolbar\SearchAmongToolbar.dll.vir    Win32/Toolbar.SearchAmong.A application
C:\AdwCleaner\Quarantine\C\Program Files\Seekapp\seekapp.dll.vir    a variant of Win32/Adware.OneStep.D application
C:\AdwCleaner\Quarantine\C\Program Files\wxDownload\sprotector.dll.vir    a variant of Win32/SProtector.A application
C:\AdwCleaner\Quarantine\C\WINDOWS\system32\p5PSSavr.scr.vir    Win32/Toolbar.MyWebSearch application
 



#8 goalsurfer

goalsurfer
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:05:41 PM

Posted 02 February 2014 - 06:50 PM

The ESET report at the end of previous post isn't complete, the scan 'was interupted by user'.  What happened is that the screen went to screensaver.  I don't know how to avoid this, but maybe a second scan will go quicker.



#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:41 AM

Posted 02 February 2014 - 07:07 PM

OK.
How to Disable a Screen Saver in Windows XP

 

In Conrol Panel, uninstall these with ADD/Remove.

 

Adobe Reader 8.1.0 - Nederlands (Version: 8.1.0)
Alexa Toolbar
Java 7 Update 21 (Version: 7.0.210)
Java Auto Updater (Version: 2.1.9.5)
Java SE Development Kit 7 Update 9 (Version: 1.7.0.90)

 

 

Repair your Winsock.....

Go to Start ... Run and type in cmd
A dos Window will appear.
Type in the dos window: netsh winsock reset
Click on the enter key.

Reboot your system to complete the process.

 


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 goalsurfer

goalsurfer
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:05:41 PM

Posted 03 February 2014 - 02:56 PM

C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Temp\ct3306061\ffLogic.exe    Win32/Conduit.SearchProtect.J application    
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Temp\ct3306061\ieLogic.exe    multiple threats    
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Temp\ct3306061\spff.exe    Win32/Conduit.SearchProtect.J application    
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Temp\dlm124.tmp\DefaultTab0923.exe    a variant of Win32/Toolbar.DefaultTab.B application    
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Temp\dlm124.tmp\mconduitinstaller.exe    Win32/Toolbar.Conduit.S application    
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Temp\dlm124.tmp\mypcbackuptier2_0529.exe    Win32/MyPCBackup.A application    
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Temp\dlmE3.tmp\DefaultTab0923.exe    a variant of Win32/Toolbar.DefaultTab.B application    
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Temp\dlmE3.tmp\mconduitinstaller.exe    Win32/Toolbar.Conduit.S application    
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Temp\dlmE3.tmp\mypcbackuptier2_0529.exe    Win32/MyPCBackup.A application    
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Temp\scoped_dir_4680_18230\feblpbhiiiiiodnabocokabifaplfkoi.crx    Win32/Adware.MultiPlug.H application    
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Temp\scoped_dir_4680_18230\CRX_INSTALL\50c7a5d167f480.38707432.js    Win32/Adware.MultiPlug.H application    
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Temp\scoped_dir_760_9725\feblpbhiiiiiodnabocokabifaplfkoi.crx    Win32/Adware.MultiPlug.H application    
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Temp\scoped_dir_760_9725\CRX_INSTALL\50c7a5d167f480.38707432.js    Win32/Adware.MultiPlug.H application    
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Mes documents\Downloads\Nouveau dossier (2)\cbsidlm-cbsi134-Blog_Comment_Poster_Extreme-SEO-75300647.exe    a variant of Win32/CNETInstaller.B application    
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Mes documents\Downloads\Nouveau dossier (2)\cbsidlm-cbsi134-Make_Money_Online_with_your_Own_Dating_Site-SEO-10531370.exe    a variant of Win32/CNETInstaller.B application    
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Mes documents\Downloads\Nouveau dossier (2)\ccsetup402.exe    Win32/Bundled.Toolbar.Google.D application    
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Mes documents\Downloads\Nouveau dossier (2)\setup-ziggygames.exe    a variant of Win32/Bundled.Toolbar.Ask.D application    
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Mes documents\Downloads\Nouveau dossier (2)\SoftonicDownloader_for_icomment.exe    a variant of Win32/SoftonicDownloader.E application    
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Mes documents\Downloads\Nouveau dossier (2)\Tons_Of_Great_WholeSale&DropShip_eBooks_rar.exe    Win32/Adware.1ClickDownload.AO application    
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Mes documents\Downloads\Nouveau dossier (2)\WatchTheGreatGatsby2013FullHd-TheGreatGatsby2013FullMovieInEnglish(1).exe    Win32/InstalleRex.J application    
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Mes documents\Downloads\Nouveau dossier (2)\WatchTheGreatGatsby2013FullHd-TheGreatGatsby2013FullMovieInEnglish.exe    Win32/InstalleRex.J application    
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Mes documents\Mes images\images2\images\Nouveau dossier (5)\Albania_Font_Installer.exe    a variant of Win32/OpenInstall application    
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Mes documents\Mes images\images2\Nouveau dossier\ver1.1\ver1.1.zip    PHP/Obfuscated.F application    
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Mes documents\Mes images\images2\Nouveau dossier\ver1.1\links\index.php    PHP/Obfuscated.F application    
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Mes documents\Mes images\images2\Nouveau dossier\ver1.1\links\admin\index.php    PHP/Obfuscated.F application    
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Mes documents\Mes images\images2\Nouveau dossier\ver1.1\links\inc\file_stream_lib.php    PHP/Obfuscated.F application    
C:\Documents and Settings\All Users\Application Data\Ask\APN-Stub\PCD\APNIC.dll    a variant of Win32/Bundled.Toolbar.Ask application    
C:\Downloads\_a.exe    Win32/Toolbar.SearchAmong.A application    
C:\WINDOWS\Installer\MSI3D.tmp    a variant of Win32/Bundled.Toolbar.Ask.F application    
C:\WINDOWS\Temp\Optimizer_Pro.exe    multiple threats    
C:\xampp\htdocs\wordpress\wp-content\plugins\ad-squares-widget\index.php    PHP/Agent.AR trojan    
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users.WINDOWS\Application Data\savensHare\51f82d8bac785.dll.vir    a variant of Win32/Adware.MultiPlug.I application    cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users.WINDOWS\Application Data\SiEaarycah--NeewTaab\51f82e876dc86.dll.vir    a variant of Win32/Adware.MultiPlug.I application    cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users.WINDOWS\Application Data\wxDownload\50c7a6093eca6.ocx.vir    Win32/Adware.MultiPlug.E application    cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users.WINDOWS\Application Data\wxDownload\50c7a6093ecde.html.vir    Win32/Adware.MultiPlug.H application    cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users.WINDOWS\Application Data\wxDownload\feblpbhiiiiiodnabocokabifaplfkoi.crx.vir    Win32/Adware.MultiPlug.H application    cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\Connect_DLC_5\Connect_DLC_5ToolbarHelper.exe.vir    Win32/Toolbar.Conduit.V application    cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\Connect_DLC_5\Connect_DLC_5ToolbarHelper1.exe.vir    Win32/Toolbar.Conduit.V application    cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\Connect_DLC_5\ldrtbCon0.dll.vir    a variant of Win32/Toolbar.Conduit.P application    cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\Connect_DLC_5\ldrtbConn.dll.vir    a variant of Win32/Toolbar.Conduit.P application    cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\Connect_DLC_5\tbCon0.dll.vir    a variant of Win32/Toolbar.Conduit.B application    cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\Connect_DLC_5\tbConn.dll.vir    a variant of Win32/Toolbar.Conduit.B application    cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\SearchAmong Toolbar\SearchAmongToolbar.dll.vir    Win32/Toolbar.SearchAmong.A application    cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\Seekapp\seekapp.dll.vir    a variant of Win32/Adware.OneStep.D application    cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\wxDownload\sprotector.dll.vir    a variant of Win32/SProtector.A application    cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\WINDOWS\system32\p5PSSavr.scr.vir    Win32/Toolbar.MyWebSearch application    cleaned by deleting - quarantined
C:\Documents and Settings\Administrateur\Local Settings\Temp\Shortcut_FlashPlayerSDM.exe    a variant of Win32/SweetIM.C application    cleaned by deleting - quarantined
C:\Documents and Settings\Administrateur\Local Settings\Temp\softonic_ggl_1.6.7.4.exe    multiple threats    cleaned by deleting - quarantined
C:\Documents and Settings\Administrateur\Local Settings\Temp\is2029326378\MyBabylonTB.exe    a variant of Win32/Toolbar.Babylon.A application    cleaned by deleting - quarantined
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\ApnStub.exe    a variant of Win32/Bundled.Toolbar.Ask application    cleaned by deleting - quarantined
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Bureau\hfs.exe    a variant of Win32/Server-Web.HFS.A application    cleaned by deleting - quarantined
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Bureau\PFPortChecker.exe    Win32/InstallMonetizer.AN application    cleaned by deleting - quarantined
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Bureau\sysrc_trial_9407_dutch01.exe    Win32/Systweak.B application    cleaned by deleting - quarantined
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Conduit\CT3306061\Connect_DLC_5AutoUpdateHelper.exe    multiple threats    cleaned by deleting - quarantined
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\ldrtbCon0.dll    a variant of Win32/Toolbar.Conduit.P application    cleaned by deleting - quarantined
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\ldrtbConn.dll    a variant of Win32/Toolbar.Conduit.P application    cleaned by deleting - quarantined
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\tbCon0.dll    a variant of Win32/Toolbar.Conduit.B application    cleaned by deleting - quarantined
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\tbConn.dll    a variant of Win32/Toolbar.Conduit.B application    cleaned by deleting - quarantined
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\feblpbhiiiiiodnabocokabifaplfkoi\4_0\50c7a5d167f480.38707432.js    Win32/Adware.MultiPlug.H application    cleaned by deleting - quarantined
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\16\43b130d0-7a20adbe    multiple threats    cleaned by deleting - quarantined
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\19\7ad8d893-70c5ecae    multiple threats    cleaned by deleting - quarantined
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\32\1f299820-4b7018cd    multiple threats    cleaned by deleting - quarantined
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\34\34201e2-6d0cd3bf    multiple threats    cleaned by deleting - quarantined
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\39\4e91c727-5f068afe    multiple threats    cleaned by deleting - quarantined
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\41\3c4799a9-59d44a9e    multiple threats    cleaned by deleting - quarantined
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\52\1f8b30b4-145f810a    multiple threats    cleaned by deleting - quarantined
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\6\388fb046-45fa6c4a    multiple threats    cleaned by deleting - quarantined
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\62\e661d3e-7d74ae83    multiple threats    cleaned by deleting - quarantined
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Temp\a6jWcUlT.exe.part    Win32/Toolbar.SearchSuite application    cleaned by deleting - quarantined
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Temp\AYgpC3pG.exe.part    multiple threats    cleaned by deleting - quarantined
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Temp\cPXXRO4x.exe.part    multiple threats    cleaned by deleting - quarantined
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Temp\crp21.exe    a variant of Win32/Toolbar.Babylon.F application    cleaned by deleting - quarantined
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Temp\crp23.exe    a variant of Win32/DealPly.I application    cleaned by deleting - quarantined
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Temp\crp2A.exe    a variant of Win32/Toolbar.Babylon.F application    cleaned by deleting - quarantined
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Temp\crp2C.exe    a variant of Win32/DealPly.I application    cleaned by deleting - quarantined
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Temp\CSM2.tmp    Win32/Adware.Mongoose.A application    cleaned by deleting - quarantined
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Temp\CSM4E.tmp    Win32/Adware.Mongoose.A application    cleaned by deleting - quarantined
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Temp\DT22.tmp.exe    a variant of Win32/Toolbar.Babylon.F application    cleaned by deleting - quarantined
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Temp\dUwkWxb1.exe.part    multiple threats    cleaned by deleting - quarantined
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Temp\Ldkbd_6o.exe.part    a variant of Win32/Maxiget.B application    cleaned by deleting - quarantined
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Temp\MixiDJToolbar.exe    a variant of Win32/Toolbar.Babylon.E application    cleaned by deleting - quarantined
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Temp\MixiYD.exe    multiple threats    cleaned by deleting - quarantined
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Temp\oRSFfy1c.exe.part    multiple threats    cleaned by deleting - quarantined
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Temp\p06tBKjf.exe.part    Win32/InstalleRex.J application    cleaned by deleting - quarantined
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Temp\PLqPGQsP.exe.part    Win32/Toolbar.SearchSuite application    cleaned by deleting - quarantined
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Temp\SPStub.exe    Win32/Conduit.SearchProtect.J application    cleaned by deleting - quarantined
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Temp\wtmKe4vP.exe.part    multiple threats    cleaned by deleting - quarantined
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Temp\_om354V9.exe.part    multiple threats    cleaned by deleting - quarantined
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Temp\0DF4BED7-BAB0-7891-8219-C6134F169692\Latest\BExternal.dll    a variant of Win32/Toolbar.Babylon.F application    cleaned by deleting - quarantined
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Temp\0DF4BED7-BAB0-7891-8219-C6134F169692\Latest\ccp.exe    Win32/Toolbar.Babylon.M application    cleaned by deleting - quarantined
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Temp\0DF4BED7-BAB0-7891-8219-C6134F169692\Latest\CrxInstaller.dll    Win32/Toolbar.Babylon.U application    cleaned by deleting - quarantined
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Temp\0DF4BED7-BAB0-7891-8219-C6134F169692\Latest\IEHelper.dll    Win32/Toolbar.Babylon.E application    cleaned by deleting - quarantined
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Temp\0DF4BED7-BAB0-7891-8219-C6134F169692\Latest\MntrDLLInstall.dll    Win32/Toolbar.Babylon.V application    cleaned by deleting - quarantined
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Temp\0DF4BED7-BAB0-7891-8219-C6134F169692\Latest\MyDeltaTB.exe    multiple threats    cleaned by deleting - quarantined
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Temp\0DF4BED7-BAB0-7891-8219-C6134F169692\Latest\NTRedirect.dll    Win32/Toolbar.Babylon.W application    cleaned by deleting - quarantined
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Temp\0DF4BED7-BAB0-7891-8219-C6134F169692\Latest\Setup.exe    a variant of Win32/Toolbar.Babylon.H application    cleaned by deleting - quarantined
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Temp\2E62EEE7-BAB0-7891-8300-B47A60D32F89\Latest\BExternal.dll    a variant of Win32/Toolbar.Babylon.F application    cleaned by deleting - quarantined
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Temp\2E62EEE7-BAB0-7891-8300-B47A60D32F89\Latest\ccp.exe    Win32/Toolbar.Babylon.M application    cleaned by deleting - quarantined
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Temp\2E62EEE7-BAB0-7891-8300-B47A60D32F89\Latest\CrxInstaller.dll    Win32/Toolbar.Babylon.U application    cleaned by deleting - quarantined
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Temp\2E62EEE7-BAB0-7891-8300-B47A60D32F89\Latest\IEHelper.dll    Win32/Toolbar.Babylon.E application    cleaned by deleting - quarantined
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Temp\2E62EEE7-BAB0-7891-8300-B47A60D32F89\Latest\MntrDLLInstall.dll    Win32/Toolbar.Babylon.V application    cleaned by deleting - quarantined
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Temp\2E62EEE7-BAB0-7891-8300-B47A60D32F89\Latest\MyDeltaTB.exe    multiple threats    cleaned by deleting - quarantined
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Temp\2E62EEE7-BAB0-7891-8300-B47A60D32F89\Latest\NTRedirect.dll    Win32/Toolbar.Babylon.W application    cleaned by deleting - quarantined
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Temp\2E62EEE7-BAB0-7891-8300-B47A60D32F89\Latest\Setup.exe    a variant of Win32/Toolbar.Babylon.H application    cleaned by deleting - quarantined
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Temp\bus11\enhancedNT.dll    a variant of Win32/Toolbar.Babylon.W application    cleaned by deleting - quarantined
 

 

 

That's it.  It took 4 hours.



#11 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:41 AM

Posted 03 February 2014 - 06:39 PM

?Yes ESET s very thorough.

So the pops should be gone now.

You have done post 9?

How is it running? As I want to do a couple updates.

Run one more tool. Takes about 20 minutes.


Please download Malwarebytes Anti-Malware and save it to your desktop.
  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.
  • Double-click on the renamed file to install, then follow these instructions
  • for doing a Quick Scan in normal mode.
  • Don't forget to check for database definition updates through the program's interface (preferable method) before scanning.
  • If you cannot update Malwarebytes or use the Internet to download any files to the infected computer, manually update the database by following the instructions in FAQ Section A: 4. Issues
Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
  • After completing the scan, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab .
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.
Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

-- Some types of malware will target Malwarebytes and other security tools to keep them from running properly. If that's the case, use Malwarebytes Chameleon and follow the onscreen instructions. The Chameleon folder can be accessed by opening the program folder for Malwarebytes Anti-Malware (normally C:\Program Files\Malwarebytes' Anti-Malware or C:\Program Files (x86)\Malwarebytes' Anti-Malware).
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#12 goalsurfer

goalsurfer
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:05:41 PM

Posted 04 February 2014 - 09:29 AM

No, I haven't done post 9.  Before I read it, when I did ESET for the second time, I discovered that when you get out of the screensaver by moving the mouse, the program just continued.  It only stopped when I entered or used any other key of the keyboard. 

 

I'll run Malwarebytes Anti-Malware now and let you know after 23.15 local time here (= greenwich + 1) if the trouble has gone.  As I told before it appears to be timed and always starts at that time.  Today I haven't seen it yet and it's now 15.28 local time.



#13 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:41 AM

Posted 04 February 2014 - 10:20 AM

Ok, the updates we cn do later but the winsock is malware affected.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#14 goalsurfer

goalsurfer
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:05:41 PM

Posted 04 February 2014 - 05:52 PM

Post 9 and 11 are done now.  11 took more than 3 hours instead of 20 minutes.  There were only very few checked by the program.  I checked them all and hope I didn't wrong with this but they were all listed as malware.  So now everything is deleted.

 

Until now everything is OK, there is no redirect anymore.  Here the log:

 

 

Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org

Database version: v2014.02.04.08

Windows XP Service Pack 2 x86 NTFS
Internet Explorer 8.0.6001.18702
Administrateur :: MONIQUE-C3360EA [administrator]

Protection: Enabled

04/02/2014 17:59:30
MBAM-log-2014-02-04 (23-14-46).txt

Scan type: Full scan (A:\|C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 443423
Time elapsed: 4 hour(s), 44 minute(s), 23 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 4
HKCR\AppID\{A2773ED4-83BD-488A-A186-73590706C916} (PUP.Optional.MixiDJToolbar.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{96A25A24-2E87-4374-8A50-CC6F943FCE4D} (PUP.Optional.RelatedSearchs.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{96A25A24-2E87-4374-8A50-CC6F943FCE4D} (PUP.Optional.RelatedSearchs.A) -> No action taken.
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SEEKAPP_SERVICE (Adware.SeekApp) -> No action taken.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 43
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Temp\installdt.tmp (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Temp\installdt.tmp\XPI (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Temp\installdt.tmp\XPI\defaulttab (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Temp\installdt.tmp\XPI\defaulttab\locale (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Temp\installdt.tmp\XPI\defaulttab\locale\en-US (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\DealPlyLive (PUP.Optional.DealPly.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\DealPlyLive\CrashReports (PUP.Optional.DealPly.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Temp\ct3306061 (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Temp\ct3306061\xpi (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Temp\ct3306061\xpi\defaults (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Temp\ct3306061\xpi\defaults\preferences (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5 (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\CacheIcons (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Dialogs (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Dialogs\AddedAppDialog (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Dialogs\DefualtImages (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Dialogs\DetectedAppDialog (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Dialogs\EngineFirstTimeDialog (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Dialogs\NewSearchProtectorDialog (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Dialogs\NewSearchProtectorDialog\images (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Dialogs\SearchProtectorBubbleDialog (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Dialogs\SearchProtectorBubbleDialog\images (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Dialogs\SearchProtectorDialog (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Dialogs\SearchProtectorDialog\Images (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Dialogs\SearchProtectorRetakeoverDialog (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Dialogs\SearchProtectorRetakeoverDialog\Images (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Dialogs\ToolbarFirstTimeDialog (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Dialogs\ToolbarFirstTimeDialog\images (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Dialogs\ToolbarUntrustedAppsApprovalDialog (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Dialogs\UntrustedAddedAppDialog (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Dialogs\UntrustedAppApprovalDialog (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Dialogs\UntrustedAppPendingDialog (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\EmailNotifier (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\ExternalComponent (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Logs (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\MyStuffApps (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Repository (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Repository\conduit_CT3306061_CT3306061 (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Repository\conduit_CT3306061_CT3306061\DynamicDialogs (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Repository\conduit_CT3306061_CT3306061\ToolbarLogin (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Repository\conduit_CT3306061_CT3306061\ToolbarSettings (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Repository\conduit_CT3306061_en (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Repository\conduit_CT3306061_en\ToolbarTranslation (PUP.Optional.Conduit.A) -> No action taken.

Files Detected: 154
C:\AdwCleaner\Quarantine\C\Program Files\Conduit\Community Alerts\Alert.dll.vir (PUP.Optional.Conduit) -> No action taken.
C:\AdwCleaner\Quarantine\C\Program Files\Connect_DLC_5\hk64tbCon0.dll.vir (PUP.Optional.Conduit) -> No action taken.
C:\AdwCleaner\Quarantine\C\Program Files\Connect_DLC_5\hktbCon0.dll.vir (PUP.Optional.Conduit) -> No action taken.
C:\AdwCleaner\Quarantine\C\Program Files\Connect_DLC_5\prxtbCon0.dll.vir (PUP.Optional.Conduit) -> No action taken.
C:\Documents and Settings\Administrateur\Local Settings\Temp\mgsqlite3.7z (PUP.Optional.SweetIM) -> No action taken.
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\05UVSRS9\mgsqlite3[1].7z (PUP.Optional.SweetIM) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\hk64tbCon0.dll (PUP.Optional.Conduit) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\hktbCon0.dll (PUP.Optional.Conduit) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Temp\mgsqlite3.dll (PUP.Optional.SweetIM) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Temp\DefaultTabSetup2.exe (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Temp\bus20\CrxUpdater_d.exe (PUP.Optional.CRX.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Temp\bus24\CrxUpdater_d.exe (PUP.Optional.CRX.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Temp\bus2E\CrxUpdater_d.exe (PUP.Optional.CRX.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Temp\bus37\CrxUpdater_d.exe (PUP.Optional.CRX.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Temp\bus39\CrxUpdater_d.exe (PUP.Optional.CRX.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Temp\bus3A\CrxUpdater_d.exe (PUP.Optional.CRX.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Temp\bus54\CrxUpdater_d.exe (PUP.Optional.CRX.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Temp\bus55\CrxUpdater_d.exe (PUP.Optional.CRX.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Temp\ct3306061\ctbe.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Temp\ct3306061\ffLogic.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Temp\ct3306061\ieLogic.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Temp\ct3306061\spff.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Temp\ct3306061\statisticsStub.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Temp\ct3306061\stub.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Temp\dlm124.tmp\DefaultTab0923.exe (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Temp\dlm124.tmp\mconduitinstaller.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Temp\dlmE3.tmp\DefaultTab0923.exe (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Temp\dlmE3.tmp\mconduitinstaller.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Mes documents\Downloads\Nouveau dossier (2)\WatchTheGreatGatsby2013FullHd-TheGreatGatsby2013FullMovieInEnglish(1).exe (PUP.Optional.Installex) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Mes documents\Downloads\Nouveau dossier (2)\WatchTheGreatGatsby2013FullHd-TheGreatGatsby2013FullMovieInEnglish.exe (PUP.Optional.Installex) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Mes documents\Downloads\Nouveau dossier (2)\Tons_Of_Great_WholeSale&DropShip_eBooks_rar.exe (PUP.BundleInstaller.DW) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Mes documents\Downloads\Nouveau dossier (2)\SoftonicDownloader_for_icomment.exe (PUP.Optional.Softonic.A) -> No action taken.
C:\Documents and Settings\All Users.WINDOWS\Application Data\InstallMate\{77D53261-C3EE-4E8E-AC65-8BCCAC361097}\Custom.dll (Adware.Agent) -> No action taken.
C:\Documents and Settings\All Users.WINDOWS\Application Data\InstallMate\{95EFD20F-D6CC-42E8-A003-9EEE4E0CF0F9}\Custom.dll (Adware.Agent) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Temp\installdt.tmp\DefaultTab.xpi (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Temp\installdt.tmp\XPI\defaulttab\locale\en-US\defaulttab.properties (PUP.Optional.DefaultTab.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Temp\ct3306061\chromeid.txt (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Temp\ct3306061\conduit.xml (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Temp\ct3306061\CT3306061.xpi (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Temp\ct3306061\setup.ini.txt (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Temp\ct3306061\version.txt (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Temp\ct3306061\xpi\install.rdf (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Temp\ct3306061\xpi\defaults\preferences\defaults.js (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\hk64tbConn.dll (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\hktbConn.dll (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\tbCon1.dll (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\ThirdPartyComponents.xml (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\toolbar.cfg (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\CacheIcons\http___storage_conduit_com_43_330_CT3301943_Images_635040680223907925_png.png (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\CacheIcons\http___storage_conduit_com_43_330_CT3301943_images_635057641690978441_24PX_png.png (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\CacheIcons\http___storage_conduit_com_images_main_menu_home_page_gif.gif (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\CacheIcons\http___storage_conduit_com_images_main_menu_options_gif.gif (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\CacheIcons\http___storage_conduit_com_images_main_menu_privacy_gif.gif (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\CacheIcons\http___storage_conduit_com_images_main_menu_refresh_gif.gif (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\CacheIcons\http___storage_conduit_com_images_main_menu_shrink_gif.gif (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\CacheIcons\http___storage_conduit_com_images_main_menu_upgrade_gif.gif (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\CacheIcons\http___storage_conduit_com_images_Menu_uninstall-icon_png.png (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\CacheIcons\http___storage_conduit_com_images_SearchEngines_images_search_gif.gif (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\CacheIcons\http___storage_conduit_com_images_SearchEngines_news_icon_gif.gif (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\CacheIcons\http___storage_conduit_com_images_SearchEngines_tfd_gif.gif (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\CacheIcons\http___storage_conduit_com_images_SearchEngines_video_gif.gif (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_About_png.png (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_Contact_png.png (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_Hide_png.png (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_LikeIcon_png.png (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_MoreFromPublisher_png.png (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_More_png.png (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_Options_png.png (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_Privacy_png.png (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_Refresh_png.png (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_Upgrade_png.png (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\CacheIcons\http___storage_conduit_com_images_eula_png.png (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\CacheIcons\http___storage_conduit_com_images_main_menu_about_gif.gif (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\CacheIcons\http___storage_conduit_com_images_main_menu_clear_history_gif.gif (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\CacheIcons\http___storage_conduit_com_images_main_menu_contact_gif.gif (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\CacheIcons\http___storage_conduit_com_43_330_CT3301943_Sharing_temp_635057639562816360_16PX_png.png (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\CacheIcons\http___storage_conduit_com_images_main_menu_help_gif.gif (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Dialogs\RoundedCornersIE9.css (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Dialogs\DialogsAPI.js (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Dialogs\excanvas.js (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Dialogs\generalDialogStyle.css (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Dialogs\PIE.htc (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Dialogs\RoundedCorners.css (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Dialogs\settings.js (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Dialogs\version.txt (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Dialogs\AddedAppDialog\app-added.js (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Dialogs\AddedAppDialog\main.html (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Dialogs\DefualtImages\icon.png (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Dialogs\DetectedAppDialog\app-2go.js (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Dialogs\DetectedAppDialog\main.html (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Dialogs\EngineFirstTimeDialog\EngineFirstTimeDialog.js (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Dialogs\EngineFirstTimeDialog\main.html (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Dialogs\EngineFirstTimeDialog\right-click.gif (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Dialogs\NewSearchProtectorDialog\main.html (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Dialogs\NewSearchProtectorDialog\SearchProtector.css (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Dialogs\NewSearchProtectorDialog\SearchProtector.js (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Dialogs\NewSearchProtectorDialog\images\ok-button.png (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Dialogs\NewSearchProtectorDialog\images\separation-line.png (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Dialogs\NewSearchProtectorDialog\images\warning.png (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Dialogs\SearchProtectorBubbleDialog\bubble.css (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Dialogs\SearchProtectorBubbleDialog\bubble.js (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Dialogs\SearchProtectorBubbleDialog\main.html (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Dialogs\SearchProtectorBubbleDialog\images\information.png (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Dialogs\SearchProtectorBubbleDialog\images\x-default-LTR.png (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Dialogs\SearchProtectorBubbleDialog\images\x-default-RTL.png (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Dialogs\SearchProtectorBubbleDialog\images\x-mouseover-LTR.png (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Dialogs\SearchProtectorBubbleDialog\images\x-mouseover-RTL.png (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Dialogs\SearchProtectorDialog\main.html (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Dialogs\SearchProtectorDialog\SearchProtector.css (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Dialogs\SearchProtectorDialog\SearchProtector.js (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Dialogs\SearchProtectorDialog\Images\info.png (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Dialogs\SearchProtectorDialog\Images\ok-on.png (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Dialogs\SearchProtectorDialog\Images\ok.png (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Dialogs\SearchProtectorRetakeoverDialog\main.html (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Dialogs\SearchProtectorRetakeoverDialog\SearchProtectorRetakeover.css (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Dialogs\SearchProtectorRetakeoverDialog\SearchProtectorRetakeover.js (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Dialogs\SearchProtectorRetakeoverDialog\Images\Icon.png (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Dialogs\SearchProtectorRetakeoverDialog\Images\info.png (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Dialogs\SearchProtectorRetakeoverDialog\Images\ok-on.png (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Dialogs\SearchProtectorRetakeoverDialog\Images\ok.png (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Dialogs\ToolbarFirstTimeDialog\main.html (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Dialogs\ToolbarFirstTimeDialog\ToolbarFirstTimeDialog.css (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Dialogs\ToolbarFirstTimeDialog\ToolbarFirstTimeDialog.js (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Dialogs\ToolbarFirstTimeDialog\images\app-store-icon.png (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Dialogs\ToolbarFirstTimeDialog\images\arrow.png (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Dialogs\ToolbarFirstTimeDialog\images\divider.png (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Dialogs\ToolbarFirstTimeDialog\images\emailNotifier.gif (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Dialogs\ToolbarFirstTimeDialog\images\facebook.png (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Dialogs\ToolbarFirstTimeDialog\images\radio.GIF (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Dialogs\ToolbarFirstTimeDialog\images\Thumbs.db (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Dialogs\ToolbarFirstTimeDialog\images\truste_welcome.GIF (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Dialogs\ToolbarFirstTimeDialog\images\weather.GIF (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Dialogs\ToolbarUntrustedAppsApprovalDialog\main.html (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Dialogs\ToolbarUntrustedAppsApprovalDialog\ToolbarUntrustedAppsApprovalDialog.js (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Dialogs\UntrustedAddedAppDialog\main.html (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Dialogs\UntrustedAddedAppDialog\UT-app-dialog-added.js (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Dialogs\UntrustedAppApprovalDialog\main.html (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Dialogs\UntrustedAppApprovalDialog\UT-app-dialog-needs-your-approval.js (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Dialogs\UntrustedAppPendingDialog\main.html (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Dialogs\UntrustedAppPendingDialog\UT-app-dialog-is-waiting.js (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\ExternalComponent\http___contextmenu_toolbar_conduit-services_com__name=GottenApps&locale=en&ctid=CT3306061.xml (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\ExternalComponent\http___contextmenu_toolbar_conduit-services_com__name=OtherApps&locale=en&ctid=CT3306061.xml (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\ExternalComponent\http___contextmenu_toolbar_conduit-services_com__name=SharedApps&locale=en&ctid=CT3306061.xml (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\ExternalComponent\http___contextmenu_toolbar_conduit-services_com__name=Toolbar&locale=en&ctid=CT3306061&UM=UM_UNINSTALL_ID.xml (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\ExternalComponent\http___contextmenu_toolbar_conduit-services_com__name=Toolbar&locale=en&ctid=CT3306061.xml (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Repository\conduit_CT3306061_CT3306061\DynamicDialogs\data.bck.txt (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Repository\conduit_CT3306061_CT3306061\DynamicDialogs\data.txt (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Repository\conduit_CT3306061_CT3306061\ToolbarLogin\data.bck.txt (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Repository\conduit_CT3306061_CT3306061\ToolbarLogin\data.txt (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Repository\conduit_CT3306061_CT3306061\ToolbarSettings\data.bck.txt (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Repository\conduit_CT3306061_CT3306061\ToolbarSettings\data.txt (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Repository\conduit_CT3306061_en\ToolbarTranslation\data.bck.txt (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Local Settings\Application Data\Connect_DLC_5\Repository\conduit_CT3306061_en\ToolbarTranslation\data.txt (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Administrateur.MONIQUE-C3360EA\Bureau\explorer.exe (Heuristics.Reserved.Word.Exploit) -> No action taken.

(end)
 



#15 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:41 AM

Posted 04 February 2014 - 07:16 PM

OK... didn't think there would still have been that much.

All that MBAM found needs to be removed/

You shoud probabaly install Service Pack 3 now as

End Of Support For Windows XP SP3 is April 8, 2014


Edited by boopme, 04 February 2014 - 07:19 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users