Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

can't instal: antivirus + (Ccleaner, Flash, silverlight, etc+..) VISTA 32 bits


  • Please log in to reply
45 replies to this topic

#1 VistaProblemoi

VistaProblemoi

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:09:54 PM

Posted 16 February 2016 - 03:53 PM

Hi,

  First of all, thank you for reading this ; I'm asking for your help following the advice of a moderator on this site, who --- I don't know if he/she took a long look at my FRST logs --- suggested I post here because I might have a Trojan problem. 

 

  My problems began as follow :

 

   I couldn't install any of the programs I'm used to have on my recently bought second hand PC,

   Vista 32 bits,

E6750 2,66 ghz

process duo core.

75 Gb.

2 Gb RAM

 

I can't install Bitdefender 2016, although I downloaded the right version. I have a screen saver of a message I can't possibly understand without long reseach, time I have not right now. And, come to the thought of it might be because I was earasing the install file at the same time it was trying to run it...
 
 
Sry my pictures extensions are faulty. I will need your advice in order to share them here.
 
Afterwards, a message also requested I download Vista Service Pack 2  (and then I got suspicious when I read all steps to install Service pack 1 in order to get nbr 2), please confirm or invalid my suspicions. I need to create a admin (username which I already have even if it's a stranger who named the OS before I bought it, and stuff ... got me uncertain).
 
 
 
 
I was also wondering if my ''wuauclt"exe was a trojan horse, since that moderator had his/her suspicions. I still took the time to research a bit and found an article saying this program could be a treat sometimes. Also, I thought Ccleaner and Deflagler I downloaded were compatible as I thought  flash player and silverlight would be compatible on my vista because I downloaded from a source that said it was after entering : " VISTA 32 bits [name of program I was looking for] in google. Did I read too fast and they aren't compatible afterwards, do I need the Service pack, is it safe ?  I'm not a computer buff yet.
 
 I also ran a FRST, which is the only software I succeeded installing amongst the only ones I tried to install and which I listed above.   Unfortunately
 
  Thank you for your time. I have no training whatsoever in computer so I might only need reassurance..  
 
Synthesis of the problem :
 
 1 ) can't run Ccleaner, deffragler, flash player last version, silverlight doesn't work after installed.
 
 2 ) research guided me towards FRST, which logs + addition will appear below.
 
3 ) Tried to install bitdefender (antivirus) (Vista version)
      A -  screen saved a message that surpasses my area of expertise (which is low in computer sc.)
      B -  had a message box from Bitdefender I needed to install

 

4 )  A moderator Stumbled upon an article on the web saying ''wuauclt.exe" could also be trojan horse, got worriederer

 

 

Farbar logs.  Pardon my french again.

 

 

Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x86) Version:07-02-2016
Exécuté par user (administrateur) sur PC-DE-USER (12-02-2016 20:37:49)
Exécuté depuis C:\Users\user\Downloads
Profils chargés: user (Profils disponibles: user)
Platform: Microsoft® Windows Vista Professionnel (X86) Langue: Français (France)
Internet Explorer Version 7 (Navigateur par défaut: FF)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: <a href="http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/">http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/</a>

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe


==================== Registre (Avec liste blanche) ===========================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [Windows Defender] =&gt; C:\Program Files\Windows Defender\MSASCui.exe [1006264 2016-02-11] (Microsoft Corporation)
HKLM\...\Run: [SynTPEnh] =&gt; C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2436848 2013-06-04] (Synaptics Incorporated)
HKU\S-1-5-21-205599845-1719410022-3420110066-1000\...\MountPoints2: {742e9450-a772-11e5-8de3-806e6f6e6963} - D:\setup.exe
HKU\S-1-5-21-205599845-1719410022-3420110066-1000\...\MountPoints2: {cdc64894-a5ba-11e5-a5e8-d86db11d4f23} - E:\setup.exe

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{16A4E759-CFDE-4BFA-9E96-BBC402A0DB3B}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

FireFox:
========
FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\1q2ejnuz.default
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -&gt; c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)

==================== Services (Avec liste blanche) ========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [265912 2016-02-11] (Microsoft Corporation)

===================== Pilotes (Avec liste blanche) ==========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois - Créés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2016-02-12 20:37 - 2016-02-12 20:37 - 01721344 _____ (Farbar) C:\Users\user\Downloads\FRST.exe
2016-02-12 20:37 - 2016-02-12 20:37 - 00003633 _____ C:\Users\user\Downloads\FRST.txt
2016-02-12 20:37 - 2016-02-12 20:37 - 00000000 ____D C:\FRST
2016-02-12 20:08 - 2016-02-12 20:08 - 06828320 _____ (Piriform Ltd) C:\Users\user\Desktop\ccleaner_5-14-5493_fr_14492.exe
2016-02-11 21:10 - 2016-02-11 21:10 - 00361984 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2016-02-11 21:10 - 2016-02-11 21:10 - 00289792 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-02-11 21:10 - 2016-02-11 21:10 - 00272896 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll
2016-02-11 21:10 - 2016-02-11 21:10 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2016-02-11 21:10 - 2016-02-11 21:10 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-02-11 21:10 - 2016-02-11 21:10 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\winipsec.dll
2016-02-11 21:10 - 2016-02-11 21:10 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-02-11 21:10 - 2016-02-11 21:10 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2016-02-11 21:10 - 2016-02-11 21:10 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-02-11 21:10 - 2016-02-11 21:10 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-02-11 21:09 - 2016-02-11 21:09 - 00306688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-02-11 21:09 - 2016-02-11 21:09 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceApi.dll
2016-02-11 21:09 - 2016-02-11 21:09 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\msoeacct.dll
2016-02-11 21:09 - 2016-02-11 21:09 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceTypes.dll
2016-02-11 21:09 - 2016-02-11 21:09 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceClassExtension.dll
2016-02-11 21:09 - 2016-02-11 21:09 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\msoert2.dll
2016-02-11 21:09 - 2016-02-11 21:09 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-02-11 21:09 - 2016-02-11 21:09 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\ACCTRES.dll
2016-02-11 21:08 - 2016-02-11 21:08 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\netiohlp.dll
2016-02-11 21:08 - 2016-02-11 21:08 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\NETSTAT.EXE
2016-02-11 21:08 - 2016-02-11 21:08 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\ARP.EXE
2016-02-11 21:08 - 2016-02-11 21:08 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\ROUTE.EXE
2016-02-11 21:08 - 2016-02-11 21:08 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2016-02-11 21:08 - 2016-02-11 21:08 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\MRINFO.EXE
2016-02-11 21:08 - 2016-02-11 21:08 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\finger.exe
2016-02-11 21:08 - 2016-02-11 21:08 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\TCPSVCS.EXE
2016-02-11 21:08 - 2016-02-11 21:08 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\HOSTNAME.EXE
2016-02-11 21:07 - 2016-02-11 21:07 - 01657350 _____ C:\Windows\system32\wlan.tmf
2016-02-11 21:07 - 2016-02-11 21:07 - 00704000 _____ (Microsoft Corporation) C:\Windows\system32\PhotoScreensaver.scr
2016-02-11 21:07 - 2016-02-11 21:07 - 00542720 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2016-02-11 21:07 - 2016-02-11 21:07 - 00502272 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2016-02-11 21:07 - 2016-02-11 21:07 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2016-02-11 21:07 - 2016-02-11 21:07 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2016-02-11 21:07 - 2016-02-11 21:07 - 00258232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys
2016-02-11 21:07 - 2016-02-11 21:07 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2016-02-11 21:07 - 2016-02-11 21:07 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\L2SecHC.dll
2016-02-11 21:07 - 2016-02-11 21:07 - 00110080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-02-11 21:07 - 2016-02-11 21:07 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll
2016-02-11 21:07 - 2016-02-11 21:07 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2016-02-11 21:07 - 2016-02-11 21:07 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\wtsapi32.dll
2016-02-11 21:07 - 2016-02-11 21:07 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wmiacpi.sys
2016-02-11 21:06 - 2016-02-11 21:06 - 01406464 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2016-02-11 21:06 - 2016-02-11 21:06 - 01260032 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2016-02-11 21:06 - 2016-02-11 21:06 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-02-11 21:06 - 2016-02-11 21:06 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2016-02-11 21:06 - 2016-02-11 21:06 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2016-02-11 21:05 - 2016-02-11 21:05 - 02855424 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-02-11 21:05 - 2016-02-11 21:05 - 02433536 _____ (Microsoft Corporation) C:\Windows\system32\WMVCORE.DLL
2016-02-11 21:05 - 2016-02-11 21:05 - 00376320 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-02-11 21:05 - 2016-02-11 21:05 - 00211968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-02-11 21:05 - 2016-02-11 21:05 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-02-11 21:05 - 2016-02-11 21:05 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-02-11 21:05 - 2016-02-11 21:05 - 00058368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-02-11 21:05 - 2016-02-11 21:05 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2016-02-11 21:05 - 2016-02-11 21:05 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-02-11 21:05 - 2016-02-11 21:05 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2016-02-11 21:05 - 2016-02-11 21:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2016-02-11 21:04 - 2016-02-11 21:04 - 03502480 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2016-02-11 21:04 - 2016-02-11 21:04 - 03468168 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-02-11 21:03 - 2016-02-11 21:03 - 00434176 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-02-11 21:03 - 2016-02-11 21:03 - 00376832 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-02-11 21:02 - 2016-02-11 21:02 - 00297472 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-02-11 21:02 - 2016-02-11 21:02 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\atl.dll
2016-02-11 21:02 - 2016-02-11 21:02 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2016-02-11 21:01 - 2016-02-11 21:01 - 01060920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2016-02-11 21:01 - 2016-02-11 21:01 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\monitor.sys
2016-02-11 21:00 - 2016-02-11 21:00 - 00500736 _____ (Microsoft Corporation) C:\Windows\system32\msdtcprx.dll
2016-02-11 21:00 - 2016-02-11 21:00 - 00374456 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2016-02-11 21:00 - 2016-02-11 21:00 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\wkssvc.dll
2016-02-11 21:00 - 2016-02-11 21:00 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\xolehlp.dll
2016-02-11 20:59 - 2016-02-11 20:59 - 01871872 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2016-02-11 20:59 - 2016-02-11 20:59 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\wmpeffects.dll
2016-02-11 20:59 - 2016-02-11 20:59 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2016-02-11 20:59 - 2016-02-11 20:59 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2016-02-11 20:58 - 2016-02-11 20:58 - 00713728 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2016-02-11 20:58 - 2016-02-11 20:58 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2016-02-11 20:58 - 2016-02-11 20:58 - 00356864 _____ (Microsoft Corporation) C:\Windows\system32\MediaMetadataHandler.dll
2016-02-11 20:57 - 2016-02-11 20:57 - 00425472 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2016-02-11 20:57 - 2016-02-11 20:57 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2016-02-11 20:57 - 2016-02-11 20:57 - 00392192 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2016-02-11 20:57 - 2016-02-11 20:57 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\icfupgd.dll
2016-02-11 20:57 - 2016-02-11 20:57 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys
2016-02-11 20:57 - 2016-02-11 20:57 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\cmifw.dll
2016-02-11 20:57 - 2016-02-11 20:57 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\wfapigp.dll
2016-02-11 20:56 - 2016-02-11 20:56 - 11315712 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-02-11 20:55 - 2016-02-11 20:55 - 00696832 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2016-02-11 20:55 - 2016-02-11 20:55 - 00211000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2016-02-11 20:55 - 2016-02-11 20:55 - 00154624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2016-02-11 20:55 - 2016-02-11 20:55 - 00109624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2016-02-11 20:55 - 2016-02-11 20:55 - 00045112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pciidex.sys
2016-02-11 20:55 - 2016-02-11 20:55 - 00021560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\atapi.sys
2016-02-11 20:55 - 2016-02-11 20:55 - 00015928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pciide.sys
2016-02-11 20:55 - 2016-02-11 20:55 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-02-11 20:54 - 2016-02-11 20:54 - 02923520 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-02-11 20:54 - 2016-02-11 20:54 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-02-11 20:54 - 2016-02-11 20:54 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\DWWIN.EXE
2016-02-11 20:53 - 2016-02-11 20:53 - 01233920 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-02-11 20:53 - 2016-02-11 20:53 - 00494592 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-02-11 20:53 - 2016-02-11 20:53 - 00408136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-02-11 20:53 - 2016-02-11 20:53 - 00272384 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-02-11 20:53 - 2016-02-11 20:53 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-02-11 20:53 - 2016-02-11 20:53 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-02-11 20:53 - 2016-02-11 20:53 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\netcfg.exe
2016-02-11 20:53 - 2016-02-11 20:53 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-02-11 20:52 - 2016-02-11 20:52 - 01585664 _____ (Microsoft Corporation) C:\Windows\system32\setupapi.dll
2016-02-11 20:52 - 2016-02-11 20:52 - 00944184 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-02-11 20:52 - 2016-02-11 20:52 - 00905400 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2016-02-11 20:52 - 2016-02-11 20:52 - 00620088 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2016-02-11 20:52 - 2016-02-11 20:52 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\wpd_ci.dll
2016-02-11 20:52 - 2016-02-11 20:52 - 00595456 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2016-02-11 20:52 - 2016-02-11 20:52 - 00558080 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-02-11 20:52 - 2016-02-11 20:52 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-02-11 20:52 - 2016-02-11 20:52 - 00313856 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-02-11 20:52 - 2016-02-11 20:52 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\dpx.dll
2016-02-11 20:52 - 2016-02-11 20:52 - 00224824 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2016-02-11 20:52 - 2016-02-11 20:52 - 00221696 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2016-02-11 20:52 - 2016-02-11 20:52 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\loadperf.dll
2016-02-11 20:52 - 2016-02-11 20:52 - 00101888 _____ (Microsoft Corporation) C:\Windows\system32\drvinst.exe
2016-02-11 20:52 - 2016-02-11 20:52 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\i8042prt.sys
2016-02-11 20:52 - 2016-02-11 20:52 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-02-11 20:52 - 2016-02-11 20:52 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\lodctr.exe
2016-02-11 20:52 - 2016-02-11 20:52 - 00035384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdclass.sys
2016-02-11 20:52 - 2016-02-11 20:52 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\dispci.dll
2016-02-11 20:52 - 2016-02-11 20:52 - 00034360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouclass.sys
2016-02-11 20:52 - 2016-02-11 20:52 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\unlodctr.exe
2016-02-11 20:52 - 2016-02-11 20:52 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sermouse.sys
2016-02-11 20:52 - 2016-02-11 20:52 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\cfgmgr32.dll
2016-02-11 20:52 - 2016-02-11 20:52 - 00019000 _____ (Microsoft Corporation) C:\Windows\system32\kd1394.dll
2016-02-11 20:52 - 2016-02-11 20:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\prflbmsg.dll
2016-02-11 20:52 - 2016-02-11 20:52 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\srdelayed.exe
2016-02-11 20:52 - 2016-02-11 20:52 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouhid.sys
2016-02-11 20:52 - 2016-02-11 20:52 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdhid.sys
2016-02-11 20:52 - 2016-02-11 20:52 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\batt.dll
2016-02-11 20:52 - 2016-02-11 20:52 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\f3ahvoas.dll
2016-02-11 20:52 - 2016-02-11 20:52 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\kbd106n.dll
2016-02-11 20:51 - 2016-02-11 20:51 - 00815104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2016-02-11 20:51 - 2016-02-11 20:51 - 00654336 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelinesvc.exe
2016-02-11 20:51 - 2016-02-11 20:51 - 00549888 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2016-02-11 20:51 - 2016-02-11 20:51 - 00512000 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-02-11 20:51 - 2016-02-11 20:51 - 00220672 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Windows\system32\l3codecp.acm
2016-02-11 20:51 - 2016-02-11 20:51 - 00213592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2016-02-11 20:51 - 2016-02-11 20:51 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2016-02-11 20:51 - 2016-02-11 20:51 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\tcpipcfg.dll
2016-02-11 20:51 - 2016-02-11 20:51 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\sdohlp.dll
2016-02-11 20:51 - 2016-02-11 20:51 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\iasrecst.dll
2016-02-11 20:51 - 2016-02-11 20:51 - 00062464 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Windows\system32\l3codeca.acm
2016-02-11 20:51 - 2016-02-11 20:51 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\iasads.dll
2016-02-11 20:51 - 2016-02-11 20:51 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\iasdatastore.dll
2016-02-11 20:51 - 2016-02-11 20:51 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys
2016-02-11 20:51 - 2016-02-11 20:51 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelineprxy.dll
2016-02-11 20:51 - 2016-02-11 20:51 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\netiougc.exe
2016-02-11 20:51 - 2016-02-11 20:51 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TUNMP.SYS
2016-02-11 20:50 - 2016-02-11 20:50 - 02605568 _____ (Microsoft Corporation) C:\Windows\system32\SLsvc.exe
2016-02-11 20:50 - 2016-02-11 20:50 - 00875520 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-02-11 20:50 - 2016-02-11 20:50 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\SLCommDlg.dll
2016-02-11 20:50 - 2016-02-11 20:50 - 00351232 _____ (Microsoft Corporation) C:\Windows\system32\SLUI.exe
2016-02-11 20:50 - 2016-02-11 20:50 - 00268288 _____ (Microsoft Corporation) C:\Windows\system32\mcbuilder.exe
2016-02-11 20:50 - 2016-02-11 20:50 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\WMASF.DLL
2016-02-11 20:50 - 2016-02-11 20:50 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\SLC.dll
2016-02-11 20:50 - 2016-02-11 20:50 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\SLLUA.exe
2016-02-11 20:50 - 2016-02-11 20:50 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\SLUINotify.dll
2016-02-11 20:50 - 2016-02-11 20:50 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\slcinst.dll
2016-02-11 20:50 - 2016-02-11 20:50 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\slwmi.dll
2016-02-11 20:50 - 2016-02-11 20:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\amxread.dll
2016-02-11 20:50 - 2016-02-11 20:50 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\apilogen.dll
2016-02-11 20:50 - 2016-02-11 20:50 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\LAPRXY.DLL
2016-02-11 20:50 - 2016-02-11 20:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\asferror.dll
2016-02-11 20:49 - 2016-02-11 20:49 - 00712192 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2016-02-11 20:49 - 2016-02-11 20:49 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-02-11 20:49 - 2016-02-11 20:49 - 00425472 _____ (Microsoft Corporation) C:\Windows\system32\PhotoMetadataHandler.dll
2016-02-11 20:49 - 2016-02-11 20:49 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2016-02-11 20:49 - 2016-02-11 20:49 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\cabview.dll
2016-02-11 20:49 - 2016-02-11 20:49 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\printcom.dll
2016-02-11 20:48 - 2016-02-11 20:48 - 02031104 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-02-11 20:48 - 2016-02-11 20:48 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2016-02-11 20:48 - 2016-02-11 20:48 - 00515584 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2016-02-11 20:48 - 2016-02-11 20:48 - 00473088 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2016-02-11 20:48 - 2016-02-11 20:48 - 00472576 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2016-02-11 20:48 - 2016-02-11 20:48 - 00435712 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2016-02-11 20:48 - 2016-02-11 20:48 - 00431104 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2016-02-11 20:48 - 2016-02-11 20:48 - 00313344 _____ (Microsoft Corporation) C:\Windows\system32\wmpdxm.dll
2016-02-11 20:48 - 2016-02-11 20:48 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2016-02-11 20:48 - 2016-02-11 20:48 - 00154624 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2016-02-11 20:48 - 2016-02-11 20:48 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2016-02-11 20:48 - 2016-02-11 20:48 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2016-02-11 20:48 - 2016-02-11 20:48 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.tlb
2016-02-11 20:48 - 2016-02-11 20:48 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\amcompat.tlb
2016-02-11 20:48 - 2016-02-11 20:48 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll
2016-02-11 20:47 - 2016-02-11 20:47 - 04247552 _____ (Microsoft) C:\Windows\system32\GameUXLegacyGDFs.dll
2016-02-11 20:47 - 2016-02-11 20:47 - 01686528 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2016-02-11 20:47 - 2016-02-11 20:47 - 00162816 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2016-02-11 20:47 - 2016-02-11 20:47 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2016-02-11 20:47 - 2016-02-11 20:47 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2016-02-11 20:47 - 2016-02-11 20:47 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\Apphlpdm.dll
2016-02-11 20:47 - 2016-02-11 20:47 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2016-02-11 20:47 - 2016-02-11 20:47 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\sbunattend.exe
2016-02-11 20:46 - 2016-02-11 20:46 - 01645568 _____ (Microsoft Corporation) C:\Windows\system32\connect.dll
2016-02-11 20:46 - 2016-02-11 20:46 - 00996352 _____ (Microsoft Corporation) C:\Windows\system32\WMNetMgr.dll
2016-02-11 20:46 - 2016-02-11 20:46 - 00737792 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-02-11 20:46 - 2016-02-11 20:46 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\logagent.exe
2016-02-11 20:46 - 2016-02-11 20:46 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2016-02-11 20:46 - 2016-02-11 20:46 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\msasn1.dll
2016-02-11 20:45 - 2016-02-11 20:45 - 00788992 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-02-11 20:45 - 2016-02-11 20:45 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2016-02-11 20:45 - 2016-02-11 20:45 - 00152576 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2016-02-11 20:45 - 2016-02-11 20:45 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\httpapi.dll
2016-02-11 20:45 - 2016-02-11 20:45 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\nshhttp.dll
2016-02-11 20:45 - 2016-02-11 20:45 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2016-02-11 20:45 - 2016-02-11 20:45 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2016-02-11 20:44 - 2016-02-11 20:44 - 00974336 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-02-11 20:44 - 2016-02-11 20:44 - 00274432 _____ (Microsoft Corporation) C:\Windows\system32\raschap.dll
2016-02-11 20:44 - 2016-02-11 20:44 - 00232960 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2016-02-11 20:44 - 2016-02-11 20:44 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-02-11 20:43 - 2016-02-11 20:43 - 01327616 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-02-11 20:43 - 2016-02-11 20:43 - 00750080 _____ (Microsoft Corporation) C:\Windows\system32\qmgr.dll
2016-02-11 20:43 - 2016-02-11 20:43 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2016-02-11 20:43 - 2016-02-11 20:43 - 00604672 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2016-02-11 20:43 - 2016-02-11 20:43 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
2016-02-11 20:43 - 2016-02-11 20:43 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\msvfw32.dll
2016-02-11 20:43 - 2016-02-11 20:43 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2016-02-11 20:43 - 2016-02-11 20:43 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\avifil32.dll
2016-02-11 20:43 - 2016-02-11 20:43 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\mciavi32.dll
2016-02-11 20:43 - 2016-02-11 20:43 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\avicap32.dll
2016-02-11 20:43 - 2016-02-11 20:43 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\iyuv_32.dll
2016-02-11 20:43 - 2016-02-11 20:43 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\msvidc32.dll
2016-02-11 20:43 - 2016-02-11 20:43 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\msyuv.dll
2016-02-11 20:43 - 2016-02-11 20:43 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msrle32.dll
2016-02-11 20:43 - 2016-02-11 20:43 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\tsbyuv.dll
2016-02-11 20:42 - 2016-02-11 20:42 - 10622464 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-02-11 20:42 - 2016-02-11 20:42 - 08147968 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-02-11 20:42 - 2016-02-11 20:42 - 00311296 _____ (Microsoft Corporation) C:\Windows\system32\unregmp2.exe
2016-02-11 20:42 - 2016-02-11 20:42 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2016-02-11 20:42 - 2016-02-11 20:42 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2016-02-11 20:42 - 2016-02-11 20:42 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2016-02-11 20:29 - 2016-02-11 20:29 - 04527736 _____ (Piriform Ltd) C:\Users\user\Downloads\dfsetup220.exe
2016-02-11 20:28 - 2016-02-11 20:29 - 06828320 _____ (Piriform Ltd) C:\Users\user\Downloads\ccsetup514.exe
2016-02-11 20:25 - 2016-02-11 20:25 - 01190608 _____ (Adobe Systems Incorporated) C:\Users\user\Downloads\flashplayer20_ha_install.exe
2016-02-11 20:20 - 2016-02-11 20:20 - 00000858 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-02-11 20:20 - 2016-02-11 20:20 - 00000846 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-02-11 20:20 - 2016-02-11 20:20 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-02-11 20:07 - 2016-02-11 20:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-02-11 20:07 - 2016-02-11 20:07 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-02-11 20:06 - 2016-02-11 20:07 - 07021280 _____ (Microsoft Corporation) C:\Users\user\Downloads\Silverlight.exe
2016-02-11 19:51 - 2016-02-11 19:51 - 00000000 ____D C:\Program Files\Common Files\Bitdefender
2016-02-11 19:44 - 2016-02-11 19:44 - 00011196 _____ C:\Users\user\Downloads\151102973.pdf
2016-02-11 19:38 - 2016-02-11 20:20 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-02-11 19:38 - 2016-02-11 19:38 - 00000000 ____D C:\Users\user\AppData\Roaming\Mozilla
2016-02-11 19:38 - 2016-02-11 19:38 - 00000000 ____D C:\Users\user\AppData\Local\Mozilla
2016-02-11 19:36 - 2016-02-11 19:37 - 45811976 _____ C:\Users\user\Downloads\Firefox Setup 43.0.1.exe
2016-02-11 19:32 - 2015-12-02 13:25 - 00247976 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== Un mois - Modifiés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2016-02-12 20:30 - 2015-12-18 13:12 - 00000680 _____ C:\Users\user\AppData\Local\d3d9caps.dat
2016-02-12 20:20 - 2006-11-02 07:47 - 00005792 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2016-02-12 20:20 - 2006-11-02 07:47 - 00005792 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2016-02-12 19:25 - 2006-11-02 10:47 - 00689846 _____ C:\Windows\system32\perfh00C.dat
2016-02-12 19:25 - 2006-11-02 10:47 - 00116988 _____ C:\Windows\system32\perfc00C.dat
2016-02-12 19:25 - 2006-11-02 06:18 - 00000000 ____D C:\Windows\inf
2016-02-12 19:25 - 2006-11-02 05:33 - 01512256 _____ C:\Windows\system32\PerfStringBackup.INI
2016-02-12 19:20 - 2015-12-18 13:13 - 00049168 _____ C:\Users\user\AppData\Local\GDIPFONTCACHEV1.DAT
2016-02-12 19:20 - 2015-12-18 13:12 - 00000915 _____ C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
2016-02-12 19:20 - 2006-11-02 08:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-02-12 19:19 - 2006-11-02 08:01 - 00012080 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-02-12 19:18 - 2006-11-02 07:56 - 00001757 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Defender.lnk
2016-02-12 19:18 - 2006-11-02 07:55 - 00001768 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Movie Maker.lnk
2016-02-12 19:18 - 2006-11-02 07:55 - 00001743 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
2016-02-12 19:18 - 2006-11-02 07:50 - 00000749 ___RH C:\Windows\WindowsShell.Manifest
2016-02-12 19:18 - 2006-11-02 07:37 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-02-12 19:18 - 2006-11-02 06:18 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Extras and Upgrades
2016-02-12 19:18 - 2006-11-02 06:18 - 00000000 ____D C:\Windows\rescache
2016-02-12 19:16 - 2006-11-02 07:47 - 00228296 _____ C:\Windows\system32\FNTCACHE.DAT
2016-02-12 19:15 - 2006-11-02 07:37 - 00000000 ____D C:\Program Files\Windows Sidebar
2016-02-12 19:15 - 2006-11-02 07:37 - 00000000 ____D C:\Program Files\Windows Defender
2016-02-12 19:15 - 2006-11-02 07:37 - 00000000 ____D C:\Program Files\Movie Maker
2016-02-12 19:15 - 2006-11-02 06:18 - 00000000 ____D C:\Windows\system32\SLUI
2016-02-12 19:15 - 2006-11-02 06:18 - 00000000 ____D C:\Windows\system32\manifeststore
2016-02-12 19:15 - 2006-11-02 06:18 - 00000000 ____D C:\Windows\servicing
2016-02-12 19:15 - 2006-11-02 06:18 - 00000000 ____D C:\Program Files\Common Files\System
2016-02-11 19:23 - 2006-11-02 06:18 - 00000000 ____D C:\Windows\system32\NDF

==================== Fichiers à la racine de certains dossiers =======

2015-12-18 13:12 - 2016-02-12 20:30 - 0000680 _____ () C:\Users\user\AppData\Local\d3d9caps.dat

==================== Bamital &amp; volsnap =================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

C:\Windows\explorer.exe =&gt; Le fichier est signé numériquement
C:\Windows\system32\winlogon.exe =&gt; Le fichier est signé numériquement
C:\Windows\system32\wininit.exe =&gt; Le fichier est signé numériquement
C:\Windows\system32\svchost.exe =&gt; Le fichier est signé numériquement
C:\Windows\system32\services.exe =&gt; Le fichier est signé numériquement
C:\Windows\system32\User32.dll =&gt; Le fichier est signé numériquement
C:\Windows\system32\userinit.exe =&gt; Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll =&gt; Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll =&gt; Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys =&gt; Le fichier est signé numériquement


LastRegBack: 2016-02-12 19:25

==================== Fin de FRST.txt ============================



Here's the Addition text :

Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x86) Version:07-02-2016
Exécuté par user (2016-02-12 20:38:12)
Exécuté depuis C:\Users\user\Downloads
Microsoft® Windows Vista Professionnel (X86) (2015-12-18 19:07:56)
Mode d'amorçage: Normal
==========================================================


==================== Comptes: =============================

Administrateur (S-1-5-21-205599845-1719410022-3420110066-500 - Administrator - Disabled)
Invité (S-1-5-21-205599845-1719410022-3420110066-501 - Limited - Disabled)
user (S-1-5-21-205599845-1719410022-3420110066-1000 - Administrator - Enabled) =&gt; C:\Users\user

==================== Centre de sécurité ========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)


==================== Programmes installés ======================

(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)

Intel® Network Connections Drivers (HKLM\...\PROSet) (Version: 18.4 - Intel)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Mozilla Firefox 43.0.1 (x86 fr) (HKLM\...\Mozilla Firefox 43.0.1 (x86 fr)) (Version: 43.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 43.0.1 - Mozilla)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.6.5.1 - Synaptics Incorporated)

==================== Personnalisé CLSID (Avec liste blanche): ==========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Tâches planifiées (Avec liste blanche) =============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)


==================== Raccourcis =============================

(Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.)

==================== Modules chargés (Avec liste blanche) ==============


==================== Alternate Data Streams (Avec liste blanche) =========

(Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.)


==================== Mode sans échec (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)


==================== EXE Association (Avec liste blanche) ===============

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.)


==================== Internet Explorer sites de confiance/sensibles ===============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.)


==================== Hosts contenu: ===============================

(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)

2006-11-02 05:23 - 2006-09-18 16:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost
::1 localhost

==================== Autres zones ============================

(Actuellement, il n'y a pas de correction automatique pour cette section.)

HKU\S-1-5-21-205599845-1719410022-3420110066-1000\Control Panel\Desktop\\Wallpaper -&gt; C:\Windows\web\Wallpaper\img24.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System =&gt; (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Le Pare-feu est activé.

==================== MSCONFIG/TASK MANAGER éléments désactivés ==

(Actuellement, il n'y a pas de correction automatique pour cette section.)


==================== RèglesPare-feu (Avec liste blanche) ===============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

FirewallRules: [SLSVC-In-TCP] =&gt; (Allow) %SystemRoot%\system32\slsvc.exe
FirewallRules: [SLSVC-In-TCP-NoScope] =&gt; (Allow) %SystemRoot%\system32\slsvc.exe
FirewallRules: [WinCollab-DFSR-In-TCP] =&gt; (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] =&gt; (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-In-TCP] =&gt; (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] =&gt; (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] =&gt; (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-UDP] =&gt; (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [{76EA1173-5E1E-407D-A31D-A5CB7CB398C5}] =&gt; (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{D0C6EEC3-6FEB-4CA7-B0AB-B1C8975F9598}] =&gt; (Allow) C:\Program Files\Mozilla Firefox\firefox.exe

==================== Points de restauration =========================

11-02-2016 19:32:10 Windows Update
11-02-2016 20:41:09 Windows Update
12-02-2016 19:30:42 Windows Update

==================== Éléments en erreur du Gestionnaire de périphériques =============

Name: Synaptics PS/2 Port Compatible TouchPad
Description: Synaptics PS/2 Port Compatible TouchPad
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Synaptics
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Erreurs du Journal des événements: =========================

Erreurs Application:
==================
Error: (02/12/2016 07:20:52 PM) (Source: ESENT) (EventID: 215) (User: )
Description: WinMail (2516) WindowsMail0: The backup has been stopped because it was halted by the client or the connection with the client failed.


Erreurs système:
=============
Error: (02/12/2016 07:33:44 PM) (Source: Microsoft-Windows-Servicing) (EventID: 4375) (User: AUTORITE NT)
Description: Windows Servicing a échoué lors de la définition du package KB937287 (Update) à létat Génération(Staging)

Error: (02/12/2016 07:33:44 PM) (Source: Microsoft-Windows-Servicing) (EventID: 4375) (User: AUTORITE NT)
Description: Windows Servicing a échoué lors de la définition du package KB937287 (Update) à létat Génération(Staging)

Error: (02/12/2016 07:33:44 PM) (Source: Microsoft-Windows-Servicing) (EventID: 4375) (User: AUTORITE NT)
Description: Windows Servicing a échoué lors de la définition du package KB937287 (Update) à létat Génération(Staging)

Error: (02/12/2016 07:33:44 PM) (Source: Microsoft-Windows-Servicing) (EventID: 4375) (User: AUTORITE NT)
Description: Windows Servicing a échoué lors de la définition du package KB937287 (Update) à létat Génération(Staging)

Error: (02/12/2016 07:33:44 PM) (Source: Microsoft-Windows-Servicing) (EventID: 4385) (User: AUTORITE NT)
Description: Windows Servicing a échoué lors de la modification de la mise à jour 937287-1_neutral_GDR du package KB937287(Update) à létat Génération(Staging)

Error: (02/12/2016 07:33:44 PM) (Source: Microsoft-Windows-Servicing) (EventID: 4385) (User: AUTORITE NT)
Description: Windows Servicing a échoué lors de la modification de la mise à jour 937287-2_neutral_PACKAGE du package KB937287(Update) à létat Génération(Staging)

Error: (02/12/2016 07:33:44 PM) (Source: Microsoft-Windows-Servicing) (EventID: 4385) (User: AUTORITE NT)
Description: Windows Servicing a échoué lors de la modification de la mise à jour 937287-3_neutral_PACKAGE du package KB937287(Update) à létat Génération(Staging)

Error: (02/12/2016 07:33:44 PM) (Source: Microsoft-Windows-Servicing) (EventID: 4385) (User: AUTORITE NT)
Description: Windows Servicing a échoué lors de la modification de la mise à jour 937287-4_neutral_PACKAGE du package KB937287(Update) à létat Génération(Staging)

Error: (02/12/2016 07:29:31 PM) (Source: Microsoft-Windows-Servicing) (EventID: 4375) (User: AUTORITE NT)
Description: Windows Servicing a échoué lors de la définition du package KB971737 (Update) à létat Génération(Staging)

Error: (02/12/2016 07:29:31 PM) (Source: Microsoft-Windows-Servicing) (EventID: 4375) (User: AUTORITE NT)
Description: Windows Servicing a échoué lors de la définition du package KB971737 (Update) à létat Génération(Staging)


==================== Infos Mémoire ===========================

Processeur: Intel® Core™2 Duo CPU E6750 @ 2.66GHz
Pourcentage de mémoire utilisée: 51%
Mémoire physique - RAM - totale: 2001.68 MB
Mémoire physique - RAM - disponible: 966.91 MB
Mémoire virtuelle totale: 4220.92 MB
Mémoire virtuelle disponible: 3249.06 MB

==================== Lecteurs ================================

Drive c: () (Fixed) (Total:74.53 GB) (Free:59.24 GB) NTFS ==&gt;[lecteur avec composants d'amorçage (obtenu depuis BCD)]

==================== MBR &amp; Table des partitions ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 74.5 GB) (Disk ID: 20B918FD)
Partition 1: (Active) - (Size=74.5 GB) - (Type=07 NTFS)

==================== Fin de Addition.txt ============================



THANK YOU. DANKE. GRACIAS. TASHAKAAR. MERCI.



BC AdBot (Login to Remove)

 


#2 olgun52

olgun52

  • Malware Response Team
  • 3,784 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:54 PM

Posted 16 February 2016 - 06:22 PM

Hello VistaProblemoi and Welcome to the BleepingComputer. :welcome:
My name is Yılmaz and I'll help you with the cleanup of malware from your computer.

Before we move on, please read the following points carefully.

  • Please complete all steps in the specified order.
  • Even if tools don't find malware, I want you to post the logfiles anyway.
  • Please copy and paste the logfiles directly into your posts. Please do not attach them unless you are instructed to do so.
  • Read the instructions carefully. If you have problems, stop what you  were doing and describe the problems you encountered as precisely as  you can.
  • Don't install or uninstall software during the cleanup unless you are told to do so.
  • If you can't answer for the next few days, please let me know. If  you haven't answered within 5 days, I am assuming that you don't need  help anymore and your topic will be closed.
  • I can not guarantee that we will find and be able to remove all  malware. The cleaning process is not instant. Please continue to review  my answers until I tell you that your computer is clean
  • Please reply to this thread. Do not start a new topic
  • As my first language is not English, please do not use slang or idioms. It could be hard for me to understand.
  • Please open as administrator  the computer. How is open as administrator  the computer?
  • Disable your AntiVirus and AntiSpyware applications, as they will  interfere with our tools and the removal. If you are unsure how to do  this, please refer to get help here

Thanks

 

Let's check.

I Would like you to do the following

Step 1:
Scan with Zemana AntiMalware Free:

  • Turn off the real time scanner of any existing antivirus and firewall programs while performing scan
  • Please download and install Zemana AntiMalware Free
  • Double-click software shortcut on the desktop and follow the prompts to install the program .
  • If an update is available, click the Update now button.
  • At the end Click Settings > Advanced > ''I have read the warning an wish to proceed anyway'' Click
  • Auto Launch > Untick the box next
  • Scan type > Smart scan (Default)
  • Close all open files, folders and browsers
  • Click scan now ''Run as Administrator'' and a threat Scan will begin.
  • When the scan is complete, Press report and send me report.
  • Please PC restart now.

Step 2:

ComboFix run:

Please be sure to run our tools with administrator rights.

* IMPORTAN: 1   Place ComboFix.exe on your Desktop

* IMPORTAN: 2   Ensure your external and/or USB drives are inserted during the scan

Next, download ComboFix Save to the Desktop

  • Disable all antivirus and antispyware programs. Get help here
  • Now, close all open windows
  • Double-click combofix.exe to run the program
  • Follow the prompts.
  • If the option is offered, it is in your best interest to allow the download and install of the Recovery Console when prompted.
  • When told that the RC is installed correctly, press YES to continue scanning for malware.
  • ComboFix will run. Please don't click on the window while the program is running, it may cause your system to stall.
  • CF may reboot the computer and resume running when it restarts.
  • When finished, a log, ComboFix.txt, is produced.

Please provide the contents of the ComboFix report in your reply.

 

Have a nice day.
:hello:


Best regards
 
paypal.gif
If you wish to show appreciation and support me personally fighting against malware, then you can consider a donation. Thank you. :thumbup2:
Malware fix forum
If I don't reply within 24 hours please PM me!

 


 


#3 olgun52

olgun52

  • Malware Response Team
  • 3,784 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:54 PM

Posted 18 February 2016 - 05:45 PM

Hello ,

 

3 Day Inactivity

This is the third day since my last post. Are you still there?

If you need more time, just let me know.

If you do not post within 48 hours, this thread will be closed due to inactivity.


Best regards
 
paypal.gif
If you wish to show appreciation and support me personally fighting against malware, then you can consider a donation. Thank you. :thumbup2:
Malware fix forum
If I don't reply within 24 hours please PM me!

 


 


#4 VistaProblemoi

VistaProblemoi
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:09:54 PM

Posted 21 February 2016 - 03:14 PM

Hi man, yes please give me some time. I have crazy hours. And thank you for your support. I'll look it up when I can.



#5 olgun52

olgun52

  • Malware Response Team
  • 3,784 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:54 PM

Posted 21 February 2016 - 05:46 PM

Thank you. Welcome Back!

 

Okay, I'm waiting for 3 more days.


Best regards
 
paypal.gif
If you wish to show appreciation and support me personally fighting against malware, then you can consider a donation. Thank you. :thumbup2:
Malware fix forum
If I don't reply within 24 hours please PM me!

 


 


#6 VistaProblemoi

VistaProblemoi
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:09:54 PM

Posted 23 February 2016 - 06:11 AM

thanks to you, I would like to know how much time do I have to plan ahead (predict), for more convienience in my week. Thank you again.


Edited by VistaProblemoi, 23 February 2016 - 06:12 AM.


#7 VistaProblemoi

VistaProblemoi
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:09:54 PM

Posted 23 February 2016 - 06:31 AM

Unfortunately, Zemana won't run (I tried. I deactivated my Window defender step by step, I'm logged on as Admin, and I deactivated window Firewall. The Tool Zemana does not work, does not start). :nono:  :(


Edited by VistaProblemoi, 23 February 2016 - 07:18 AM.


#8 olgun52

olgun52

  • Malware Response Team
  • 3,784 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:54 PM

Posted 23 February 2016 - 07:12 PM

Please run ComboFix now.


Best regards
 
paypal.gif
If you wish to show appreciation and support me personally fighting against malware, then you can consider a donation. Thank you. :thumbup2:
Malware fix forum
If I don't reply within 24 hours please PM me!

 


 


#9 VistaProblemoi

VistaProblemoi
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:09:54 PM

Posted 25 February 2016 - 10:09 PM

ComboFix 16-02-23.01 - user 2016-02-25  22:04:20.1.2 - x86
Microsoft® Windows Vista™ Professionnel   6.0.6000.0.1252.2.1036.18.2002.1159 [GMT -5:00]
Lancé depuis: c:\users\user\Downloads\ComboFix.exe
 * Un nouveau point de restauration a été créé
.
.
((((((((((((((((((((((((((((((((((((   Autres suppressions   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\1455651253.bdinstall.bin
.
.
(((((((((((((((((((((((((((((   Fichiers créés du 2016-01-26 au 2016-02-26  ))))))))))))))))))))))))))))))))))))
.
.
2016-02-16 18:59 . 2015-12-16 15:15    9014120    ----a-w-    c:\programdata\Microsoft\Windows Defender\Definition Updates\{37148A87-48F2-4A0D-8E11-335FC323FE37}\mpengine.dll
2016-02-13 06:53 . 2016-02-13 06:53    378368    ----a-w-    c:\windows\system32\winhttp.dll
2016-02-13 06:52 . 2016-02-13 06:52    268800    ----a-w-    c:\windows\system32\es.dll
2016-02-13 01:37 . 2016-02-13 01:38    --------    d-----w-    C:\FRST
2016-02-12 02:10 . 2016-02-12 02:10    156672    ----a-w-    c:\windows\system32\t2embed.dll
2016-02-12 02:10 . 2016-02-12 02:10    72704    ----a-w-    c:\windows\system32\fontsub.dll
2016-02-12 02:10 . 2016-02-12 02:10    34304    ----a-w-    c:\windows\system32\atmlib.dll
2016-02-12 02:10 . 2016-02-12 02:10    289792    ----a-w-    c:\windows\system32\atmfd.dll
2016-02-12 02:10 . 2016-02-12 02:10    24064    ----a-w-    c:\windows\system32\lpk.dll
2016-02-12 02:10 . 2016-02-12 02:10    10240    ----a-w-    c:\windows\system32\dciman32.dll
2016-02-12 02:10 . 2016-02-12 02:10    61440    ----a-w-    c:\windows\system32\winipsec.dll
2016-02-12 02:10 . 2016-02-12 02:10    361984    ----a-w-    c:\windows\system32\IPSECSVC.DLL
2016-02-12 02:10 . 2016-02-12 02:10    28672    ----a-w-    c:\windows\system32\FwRemoteSvr.dll
2016-02-12 02:10 . 2016-02-12 02:10    272896    ----a-w-    c:\windows\system32\polstore.dll
2016-02-12 02:08 . 2016-02-12 02:08    9728    ----a-w-    c:\windows\system32\TCPSVCS.EXE
2016-02-12 02:08 . 2016-02-12 02:08    8704    ----a-w-    c:\windows\system32\HOSTNAME.EXE
2016-02-12 02:08 . 2016-02-12 02:08    27136    ----a-w-    c:\windows\system32\NETSTAT.EXE
2016-02-12 02:08 . 2016-02-12 02:08    19968    ----a-w-    c:\windows\system32\ARP.EXE
2016-02-12 02:08 . 2016-02-12 02:08    17920    ----a-w-    c:\windows\system32\ROUTE.EXE
2016-02-12 02:08 . 2016-02-12 02:08    15360    ----a-w-    c:\windows\system32\netevent.dll
2016-02-12 02:08 . 2016-02-12 02:08    11264    ----a-w-    c:\windows\system32\MRINFO.EXE
2016-02-12 02:08 . 2016-02-12 02:08    103936    ----a-w-    c:\windows\system32\netiohlp.dll
2016-02-12 02:08 . 2016-02-12 02:08    10240    ----a-w-    c:\windows\system32\finger.exe
2016-02-12 02:06 . 2016-02-12 02:06    2048    ----a-w-    c:\windows\system32\msxml3r.dll
2016-02-12 02:06 . 2016-02-12 02:06    1406464    ----a-w-    c:\windows\system32\msxml6.dll
2016-02-12 02:06 . 2016-02-12 02:06    1260032    ----a-w-    c:\windows\system32\msxml3.dll
2016-02-12 02:06 . 2016-02-12 02:06    2048    ----a-w-    c:\windows\system32\msxml6r.dll
2016-02-12 02:06 . 2016-02-12 02:06    216576    ----a-w-    c:\windows\system32\msv1_0.dll
2016-02-12 02:05 . 2016-02-12 02:05    58368    ----a-w-    c:\windows\system32\drivers\mrxsmb20.sys
2016-02-12 02:05 . 2016-02-12 02:05    211968    ----a-w-    c:\windows\system32\drivers\mrxsmb10.sys
2016-02-12 02:05 . 2016-02-12 02:05    102400    ----a-w-    c:\windows\system32\drivers\mrxsmb.sys
2016-02-12 02:05 . 2016-02-12 02:05    49664    ----a-w-    c:\windows\system32\csrsrv.dll
2016-02-12 02:05 . 2016-02-12 02:05    376320    ----a-w-    c:\windows\system32\winsrv.dll
2016-02-12 02:05 . 2016-02-12 02:05    98816    ----a-w-    c:\windows\system32\mfps.dll
2016-02-12 02:05 . 2016-02-12 02:05    52736    ----a-w-    c:\windows\system32\rrinstaller.exe
2016-02-12 02:05 . 2016-02-12 02:05    2855424    ----a-w-    c:\windows\system32\mf.dll
2016-02-12 02:05 . 2016-02-12 02:05    24576    ----a-w-    c:\windows\system32\mfpmp.exe
2016-02-12 02:05 . 2016-02-12 02:05    2048    ----a-w-    c:\windows\system32\mferror.dll
2016-02-12 02:04 . 2016-02-12 02:04    3502480    ----a-w-    c:\windows\system32\ntkrnlpa.exe
2016-02-12 02:04 . 2016-02-12 02:04    3468168    ----a-w-    c:\windows\system32\ntoskrnl.exe
2016-02-12 02:02 . 2016-02-12 02:02    71680    ----a-w-    c:\windows\system32\atl.dll
2016-02-12 02:02 . 2016-02-12 02:02    297472    ----a-w-    c:\windows\system32\gdi32.dll
2016-02-12 02:01 . 2016-02-12 02:01    41984    ----a-w-    c:\windows\system32\drivers\monitor.sys
2016-02-12 02:01 . 2016-02-12 02:01    1060920    ----a-w-    c:\windows\system32\drivers\ntfs.sys
2016-02-12 02:00 . 2016-02-12 02:00    374456    ----a-w-    c:\windows\system32\mcupdate_GenuineIntel.dll
2016-02-12 02:00 . 2016-02-12 02:00    500736    ----a-w-    c:\windows\system32\msdtcprx.dll
2016-02-12 02:00 . 2016-02-12 02:00    30208    ----a-w-    c:\windows\system32\xolehlp.dll
2016-02-12 02:00 . 2016-02-12 02:00    156160    ----a-w-    c:\windows\system32\wkssvc.dll
2016-02-12 01:59 . 2016-02-12 01:59    36352    ----a-w-    c:\windows\system32\tsgqec.dll
2016-02-12 01:59 . 2016-02-12 01:59    1871872    ----a-w-    c:\windows\system32\mstscax.dll
2016-02-12 01:59 . 2016-02-12 01:59    116736    ----a-w-    c:\windows\system32\aaclient.dll
2016-02-12 01:59 . 2016-02-12 01:59    303616    ----a-w-    c:\windows\system32\wmpeffects.dll
2016-02-12 01:58 . 2016-02-12 01:58    414208    ----a-w-    c:\windows\system32\msscp.dll
2016-02-12 01:58 . 2016-02-12 01:58    713728    ----a-w-    c:\windows\system32\timedate.cpl
2016-02-12 01:58 . 2016-02-12 01:58    356864    ----a-w-    c:\windows\system32\MediaMetadataHandler.dll
2016-02-12 01:57 . 2016-02-12 01:57    86016    ----a-w-    c:\windows\system32\icfupgd.dll
2016-02-12 01:57 . 2016-02-12 01:57    63488    ----a-w-    c:\windows\system32\drivers\mpsdrv.sys
2016-02-12 01:57 . 2016-02-12 01:57    61952    ----a-w-    c:\windows\system32\cmifw.dll
2016-02-12 01:57 . 2016-02-12 01:57    396800    ----a-w-    c:\windows\system32\MPSSVC.dll
2016-02-12 01:57 . 2016-02-12 01:57    392192    ----a-w-    c:\windows\system32\FirewallAPI.dll
2016-02-12 01:57 . 2016-02-12 01:57    16896    ----a-w-    c:\windows\system32\wfapigp.dll
2016-02-12 01:57 . 2016-02-12 01:57    23040    ----a-w-    c:\program files\Movie Maker\WMM2EXT.dll
2016-02-12 01:57 . 2016-02-12 01:57    195072    ----a-w-    c:\program files\Movie Maker\WMM2AE.dll
2016-02-12 01:57 . 2016-02-12 01:57    150016    ----a-w-    c:\program files\Movie Maker\MOVIEMK.exe
2016-02-12 01:57 . 2016-02-12 01:57    10922496    ----a-w-    c:\program files\Movie Maker\MOVIEMK.dll
2016-02-12 01:55 . 2016-02-12 01:55    2048    ----a-w-    c:\windows\system32\tzres.dll
2016-02-12 01:55 . 2016-02-12 01:55    696832    ----a-w-    c:\windows\system32\localspl.dll
2016-02-12 01:55 . 2016-02-12 01:55    45112    ----a-w-    c:\windows\system32\drivers\pciidex.sys
2016-02-12 01:55 . 2016-02-12 01:55    21560    ----a-w-    c:\windows\system32\drivers\atapi.sys
2016-02-12 01:55 . 2016-02-12 01:55    211000    ----a-w-    c:\windows\system32\drivers\volsnap.sys
2016-02-12 01:55 . 2016-02-12 01:55    15928    ----a-w-    c:\windows\system32\drivers\pciide.sys
2016-02-12 01:55 . 2016-02-12 01:55    154624    ----a-w-    c:\windows\system32\drivers\nwifi.sys
2016-02-12 01:55 . 2016-02-12 01:55    109624    ----a-w-    c:\windows\system32\drivers\ataport.sys
2016-02-12 01:54 . 2016-02-12 01:54    104448    ----a-w-    c:\windows\system32\DWWIN.EXE
2016-02-12 01:54 . 2016-02-12 01:54    2923520    ----a-w-    c:\windows\explorer.exe
2016-02-12 01:54 . 2016-02-12 01:54    171520    ----a-w-    c:\windows\system32\wintrust.dll
2016-02-12 01:53 . 2016-02-12 01:53    7680    ----a-w-    c:\windows\system32\lsass.exe
2016-02-12 01:53 . 2016-02-12 01:53    72704    ----a-w-    c:\windows\system32\secur32.dll
2016-02-12 01:53 . 2016-02-12 01:53    494592    ----a-w-    c:\windows\system32\kerberos.dll
2016-02-12 01:53 . 2016-02-12 01:53    408136    ----a-w-    c:\windows\system32\drivers\ksecdd.sys
2016-02-12 01:53 . 2016-02-12 01:53    175104    ----a-w-    c:\windows\system32\wdigest.dll
2016-02-12 01:53 . 2016-02-12 01:53    1233920    ----a-w-    c:\windows\system32\lsasrv.dll
2016-02-12 01:53 . 2016-02-12 01:53    272384    ----a-w-    c:\windows\system32\schannel.dll
2016-02-12 01:53 . 2016-02-12 01:53    24064    ----a-w-    c:\windows\system32\netcfg.exe
2016-02-12 01:51 . 2016-02-12 01:51    549888    ----a-w-    c:\windows\system32\rpcss.dll
2016-02-12 01:50 . 2016-02-12 01:50    454656    ----a-w-    c:\program files\Common Files\System\msadc\msadce.dll
2016-02-12 01:49 . 2016-02-12 01:49    712192    ----a-w-    c:\windows\system32\WindowsCodecs.dll
2016-02-12 01:49 . 2016-02-12 01:49    425472    ----a-w-    c:\windows\system32\PhotoMetadataHandler.dll
2016-02-12 01:49 . 2016-02-12 01:49    347136    ----a-w-    c:\windows\system32\WindowsCodecsExt.dll
2016-02-12 01:49 . 2016-02-12 01:49    97792    ----a-w-    c:\windows\system32\cabview.dll
2016-02-12 01:49 . 2016-02-12 01:49    37376    ----a-w-    c:\windows\system32\printcom.dll
2016-02-12 01:49 . 2016-02-12 01:49    441856    ----a-w-    c:\windows\system32\win32spl.dll
2016-02-12 01:47 . 2016-02-12 01:47    66048    ----a-w-    c:\program files\Windows Sidebar\sbdrop.dll
2016-02-12 01:47 . 2016-02-12 01:47    1232896    ----a-w-    c:\program files\Windows Sidebar\sidebar.exe
2016-02-12 01:47 . 2016-02-12 01:47    11776    ----a-w-    c:\windows\system32\sbunattend.exe
2016-02-12 01:47 . 2016-02-12 01:47    83968    ----a-w-    c:\windows\system32\dnsrslvr.dll
2016-02-12 01:47 . 2016-02-12 01:47    24576    ----a-w-    c:\windows\system32\dnscacheugc.exe
2016-02-12 01:47 . 2016-02-12 01:47    53760    ----a-w-    c:\windows\system32\drivers\hdaudbus.sys
2016-02-12 01:47 . 2016-02-12 01:47    28672    ----a-w-    c:\windows\system32\Apphlpdm.dll
2016-02-12 01:47 . 2016-02-12 01:47    4247552    ----a-w-    c:\windows\system32\GameUXLegacyGDFs.dll
2016-02-12 01:47 . 2016-02-12 01:47    1686528    ----a-w-    c:\windows\system32\gameux.dll
2016-02-12 01:46 . 2016-02-12 01:46    996352    ----a-w-    c:\windows\system32\WMNetMgr.dll
2016-02-12 01:46 . 2016-02-12 01:46    94720    ----a-w-    c:\windows\system32\logagent.exe
2016-02-12 01:46 . 2016-02-12 01:46    84480    ----a-w-    c:\windows\system32\INETRES.dll
2016-02-12 01:46 . 2016-02-12 01:46    737792    ----a-w-    c:\windows\system32\inetcomm.dll
2016-02-12 01:46 . 2016-02-12 01:46    60928    ----a-w-    c:\windows\system32\msasn1.dll
2016-02-12 01:46 . 2016-02-12 01:46    1645568    ----a-w-    c:\windows\system32\connect.dll
2016-02-12 01:45 . 2016-02-12 01:45    5120    ----a-w-    c:\windows\system32\wmi.dll
2016-02-12 01:45 . 2016-02-12 01:45    152576    ----a-w-    c:\windows\system32\imagehlp.dll
2016-02-12 01:45 . 2016-02-12 01:45    12800    ----a-w-    c:\windows\system32\drivers\fs_rec.sys
2016-02-12 01:45 . 2016-02-12 01:45    788992    ----a-w-    c:\windows\system32\rpcrt4.dll
2016-02-12 01:45 . 2016-02-12 01:45    396800    ----a-w-    c:\windows\system32\drivers\http.sys
2016-02-12 01:45 . 2016-02-12 01:45    31232    ----a-w-    c:\windows\system32\httpapi.dll
2016-02-12 01:45 . 2016-02-12 01:45    24064    ----a-w-    c:\windows\system32\nshhttp.dll
2016-02-12 01:44 . 2016-02-12 01:44    130048    ----a-w-    c:\windows\system32\drivers\srv2.sys
2016-02-12 01:44 . 2016-02-12 01:44    974336    ----a-w-    c:\windows\system32\crypt32.dll
2016-02-12 01:44 . 2016-02-12 01:44    274432    ----a-w-    c:\windows\system32\raschap.dll
2016-02-12 01:44 . 2016-02-12 01:44    232960    ----a-w-    c:\windows\system32\rastls.dll
2016-02-12 01:42 . 2016-02-12 01:42    8147968    ----a-w-    c:\windows\system32\wmploc.DLL
2016-02-12 01:42 . 2016-02-12 01:42    7680    ----a-w-    c:\windows\system32\spwmp.dll
2016-02-12 01:42 . 2016-02-12 01:42    168960    ----a-w-    c:\program files\Windows Media Player\wmplayer.exe
2016-02-12 01:42 . 2016-02-12 01:42    4096    ----a-w-    c:\windows\system32\msdxm.ocx
2016-02-12 01:42 . 2016-02-12 01:42    4096    ----a-w-    c:\windows\system32\dxmasf.dll
2016-02-12 01:42 . 2016-02-12 01:42    107520    ----a-w-    c:\program files\Windows Media Player\wmpshare.exe
2016-02-12 01:42 . 2016-02-12 01:42    107520    ----a-w-    c:\program files\Windows Media Player\wmpconfig.exe
.
.
((((((((((((((((((((((((((((((((((   Compte-rendu de Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-02-13 06:51 . 2016-02-13 06:51    40960    ----a-w-    c:\windows\system32\drivers\fr-FR\http.sys.mui
2016-02-12 01:52 . 2016-02-12 01:52    6656    ----a-w-    c:\windows\system32\drivers\fr-FR\sermouse.sys.mui
2016-02-12 01:52 . 2016-02-12 01:52    5632    ----a-w-    c:\windows\system32\drivers\fr-FR\mouclass.sys.mui
2016-02-12 01:52 . 2016-02-12 01:52    5632    ----a-w-    c:\windows\system32\drivers\fr-FR\kbdclass.sys.mui
2016-02-12 01:52 . 2016-02-12 01:52    3584    ----a-w-    c:\windows\system32\drivers\fr-FR\mouhid.sys.mui
2016-02-12 01:52 . 2016-02-12 01:52    3072    ----a-w-    c:\windows\system32\drivers\fr-FR\kbdhid.sys.mui
2016-02-12 01:52 . 2016-02-12 01:52    12288    ----a-w-    c:\windows\system32\drivers\fr-FR\i8042prt.sys.mui
2016-02-12 01:50 . 2016-02-12 01:50    40960    ----a-w-    c:\windows\apppatch\apihex86.dll
2016-02-12 01:47 . 2016-02-12 01:47    449024    ----a-w-    c:\windows\apppatch\AcSpecfc.dll
2016-02-12 01:47 . 2016-02-12 01:47    2560    ----a-w-    c:\windows\apppatch\AcRes.dll
2016-02-12 01:47 . 2016-02-12 01:47    2143744    ----a-w-    c:\windows\apppatch\AcGenral.dll
2016-02-12 01:47 . 2016-02-12 01:47    537600    ----a-w-    c:\windows\apppatch\AcLayers.dll
2016-02-12 01:47 . 2016-02-12 01:47    173056    ----a-w-    c:\windows\apppatch\AcXtrnal.dll
2015-12-18 18:23 . 2015-12-18 18:23    445008    ----a-w-    c:\windows\system32\drivers\Wdf01000.sys
2015-12-18 18:23 . 2015-12-18 18:23    38480    ----a-w-    c:\windows\system32\drivers\WdfLdr.sys
2015-12-18 18:23 . 2015-12-18 18:23    2560    ----a-w-    c:\windows\system32\drivers\fr-FR\wdf01000.sys.mui
.
.
(((((((((((((((((((((((((((((((((   Points de chargement Reg   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2016-02-12 1232896]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2013-06-04 2436848]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork    REG_MULTI_SZ       PLA DPS BFE mpssvc
.
.
------- Examen supplémentaire -------
.
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\1q2ejnuz.default\
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2016-02-25 22:06
Windows 6.0.6000  NTFS
.
Recherche de processus cachés ...
.
Recherche d'éléments en démarrage automatique cachés ...
.
Recherche de fichiers cachés ...
.
Scan terminé avec succès
Fichiers cachés: 0
.
**************************************************************************
.
Heure de fin: 2016-02-25  22:07:48
ComboFix-quarantined-files.txt  2016-02-26 03:07
.
Avant-CF: 62 860 050 432 octets libres
Après-CF: 62 555 340 800 octets libres
.
- - End Of File - - 87AE9499A2785151DC04AAB12FFB9A63
5C616939100B85E558DA92B899A0FC36
 



#10 olgun52

olgun52

  • Malware Response Team
  • 3,784 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:54 PM

Posted 26 February 2016 - 06:38 PM

Hi again,

 

Step1:
Scan with Malwarebytes Antimalware:

Please download Malwarebytes Anti-Malware to your desktop.

  • Double-click the downloaded setup file and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:
  • Launch Malwarebytes Anti-Malware
  • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
  • Click Finish.

If the program is already installed:

  • Run Malwarebytes Antimalware
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.
  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click 'Copy to Clipboard'
  • Paste the contents of the clipboard into your reply

Step2:
Please download and run RogueKiller  32/64 bit to your desktop

Quit all running programs.

For Windows XP, double-click to start.
For Vista or Windows 7-8, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

Click Scan to scan the system.
When the scan completes > Close out the program > Don't Fix anything!

Don't run any other options, they're not all bad!

Post back the report which should be located on your desktop.
(please don't put logs in code or quotes)

 

Step3:

Please scan your machine with ESET OnlineScan

  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer.
      Save it to your Desktop.
    • Double click on the esetsmartinstaller_enu.png to download the ESET Smart Installer. icon on your Desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under Scan Settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • A log file is created at C:\Program Files\ESET\EsetOnlineScanner\log.txt.

 


Best regards
 
paypal.gif
If you wish to show appreciation and support me personally fighting against malware, then you can consider a donation. Thank you. :thumbup2:
Malware fix forum
If I don't reply within 24 hours please PM me!

 


 


#11 VistaProblemoi

VistaProblemoi
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:09:54 PM

Posted 01 March 2016 - 12:54 PM

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 2016-03-01
Scan Time: 12:49:35
Logfile:
Administrator: Yes

Version: 2.2.0.1024
Malware Database: v2016.03.01.05
Rootkit Database: v2016.02.27.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows Vista
CPU: x86
File System: NTFS
User: user

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 295380
Time Elapsed: 3 min, 48 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)



#12 VistaProblemoi

VistaProblemoi
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:09:54 PM

Posted 01 March 2016 - 01:02 PM

as for RogueKiller : doesn't start.

I tried : "[...] do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run." 

 Did not start.


Edited by VistaProblemoi, 01 March 2016 - 01:04 PM.


#13 VistaProblemoi

VistaProblemoi
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:09:54 PM

Posted 01 March 2016 - 01:39 PM

C:\Users\user\Desktop\ccleaner_5-14-5493_fr_14492.exe    Win32/Bundled.Toolbar.Google.D potentially unsafe application    deleted
C:\Users\user\Downloads\ccsetup514.exe    Win32/Bundled.Toolbar.Google.D potentially unsafe application    deleted
C:\Users\user\Downloads\dfsetup220.exe    Win32/Bundled.Toolbar.Google.D potentially unsafe application    deleted
 



#14 olgun52

olgun52

  • Malware Response Team
  • 3,784 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:54 PM

Posted 01 March 2016 - 01:51 PM

user (S-1-5-21-205599845-1719410022-3420110066-1000 - Administrator - Enabled) =&gt; C:\Users\user

 

For you, what does it mean,i have marked  information with red writing. Do you have any ideas?


Best regards
 
paypal.gif
If you wish to show appreciation and support me personally fighting against malware, then you can consider a donation. Thank you. :thumbup2:
Malware fix forum
If I don't reply within 24 hours please PM me!

 


 


#15 VistaProblemoi

VistaProblemoi
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Local time:09:54 PM

Posted 01 March 2016 - 01:54 PM

It means |absolutely| nothing to me.

here is my log

 

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=11642ed6aeafae4ca3ecb3eff07c8979
# end=init
# utc_time=2016-03-01 06:22:43
# local_time=2016-03-01 01:22:43 (-0500, Est)
# country="Canada"
# osver=6.0.6000 NT
Update Init
Update Download
Update Finalize
Updated modules version: 28374
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=11642ed6aeafae4ca3ecb3eff07c8979
# end=updated
# utc_time=2016-03-01 06:27:15
# local_time=2016-03-01 01:27:15 (-0500, Est)
# country="Canada"
# osver=6.0.6000 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=11642ed6aeafae4ca3ecb3eff07c8979
# engine=28374
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2016-03-01 06:36:45
# local_time=2016-03-01 01:36:45 (-0500, Est)
# country="Canada"
# lang=1033
# osver=6.0.6000 NT
# compatibility_mode_1=''
# compatibility_mode=5892 16776638 100 100 286623 293464907 0 0
# scanned=50319
# found=3
# cleaned=3
# scan_time=570
sh=91352F7C0C03DBAFE73A9D7B2539C7B346EF9582 ft=1 fh=50f3aee05957228d vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (deleted)" ac=C fn="C:\Users\user\Desktop\ccleaner_5-14-5493_fr_14492.exe"
sh=91352F7C0C03DBAFE73A9D7B2539C7B346EF9582 ft=1 fh=50f3aee05957228d vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (deleted)" ac=C fn="C:\Users\user\Downloads\ccsetup514.exe"
sh=E66A274F5C2AE467630E107B6BCB41D29B387C00 ft=1 fh=f88f6e618f531d2d vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (deleted)" ac=C fn="C:\Users\user\Downloads\dfsetup220.exe"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=11642ed6aeafae4ca3ecb3eff07c8979
# end=init
# utc_time=2016-03-01 06:39:05
# local_time=2016-03-01 01:39:05 (-0500, Est)
# country="Canada"
# osver=6.0.6000 NT
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=11642ed6aeafae4ca3ecb3eff07c8979
# end=init
# utc_time=2016-03-01 06:41:07
# local_time=2016-03-01 01:41:07 (-0500, Est)
# country="Canada"
# osver=6.0.6000 NT
Update Init
Update Download
esets_scanner_update returned -1 esets_gle=53251
Update Finalize
Updated modules version: 28374
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=11642ed6aeafae4ca3ecb3eff07c8979
# end=updated
# utc_time=2016-03-01 06:41:28
# local_time=2016-03-01 01:41:28 (-0500, Est)
# country="Canada"
# osver=6.0.6000 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=11642ed6aeafae4ca3ecb3eff07c8979
# engine=28374
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2016-03-01 06:49:03
# local_time=2016-03-01 01:49:03 (-0500, Est)
# country="Canada"
# lang=1033
# osver=6.0.6000 NT
# compatibility_mode_1=''
# compatibility_mode=5892 16776638 100 100 290961 293465645 0 0
# scanned=50348
# found=0
# cleaned=0
# scan_time=454
 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users