jacqventoux Posted May 9, 2014 ID:828452 Share Posted May 9, 2014 HelloExcuse my poor English, I'm French and I use Google translationFor some days I struggle with blocked sites, for example: "www.google.fr" as well with Firefox, IE or Chrome on my PC while the other PCs on the network are working properly.but some sites will be OK like "www.meteoblue.com"Chrome says "'error : DNS_PROBE_FINISHED_NXDOMAIN"I realized that MBAM 2.0.1.1004 (test Premium) was the cause of my discomfort. Indeed, MBAM off or 'malware protection webs' stopped, everything is correct.config:Windows 8 Pro with Media Center, 4GB RAM, 1TB HDDFirefox 29IE 10Chrome 34avast 2014.9MBAM PREMIUM 2.0.1.1004 -1009 -1010RegardsJacques FRST.txtAddition.txt Link to post Share on other sites More sharing options...
Maniac Posted May 10, 2014 ID:828783 Share Posted May 10, 2014 Hello Jacques! My name is Borislav and I will be glad to help you solve your malware problem. Please note:If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.Make sure you read all of the instructions and fixes thoroughly before continuing with them.Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.P2P/Piracy Warning: If you're using Peer 2 Peer software such as µTorrent, eMule, qBittorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here. Failure to remove or disable such software will result in your topic being closed and no further assistance being provided. If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy. When you are ready, please generate new fresh log files and post them here. Link to post Share on other sites More sharing options...
jacqventoux Posted May 11, 2014 Author ID:828988 Share Posted May 11, 2014 Hello Borislav I am very glad to be helping by youExcuse my poor english Log01 Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:11-05-2014Ran by jb (administrator) on NEW_JACQ on 11-05-2014 06:16:42Running from K:\FRSTPlatform: Windows 8 Pro with Media Center (X86) OS Language: French StandardInternet Explorer Version 10Boot Mode: NormalThe only official download link for FRST:Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/Download link from any site other than Bleeping Computer is unpermitted or outdated.See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/==================== Processes (Whitelisted) =================(NVIDIA Corporation) L:\Windows\System32\nvvsvc.exe(NVIDIA Corporation) L:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe(NVIDIA Corporation) L:\Windows\System32\nvvsvc.exe(AVAST Software) L:\Program Files\AVAST Software\Avast\AvastSvc.exe(ArcSoft Inc.) L:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe() L:\Program Files\BWMeter\BWMeterConSvc.exe(CobianSoft, Luis Cobian) L:\Program Files\Cobian Backup 11\cbVSCService11.exe() L:\Program Files\EATON\PersonalSolutionPac\RunSC.exe(Microsoft Corporation) L:\Windows\System32\dasHost.exe() L:\Program Files\EATON\PersonalSolutionPac\PCtl.exe(Volkswagen AG) O:\ElsaWin\bin\LcSvrAdm.exe(Volkswagen AG) O:\ElsaWin\bin\LcSvrDba.exe(Volkswagen AG) O:\ElsaWin\bin\LcSvrHis.exe(Volkswagen AG) O:\ElsaWin\bin\LcSvrPas.exe(Volkswagen AG) O:\ElsaWin\bin\LcSvrSaz.exe(Malwarebytes Corporation) L:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe(Microsoft Corporation) L:\Program Files\Common Files\microsoft shared\VS7DEBUG\MDM.EXE(Microsoft Corporation) L:\Windows\System32\mqsvc.exe(Microsoft Corporation) L:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe() L:\Program Files\EATON\PersonalSolutionPac\BIL.exe(Microsoft Corporation) L:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe() L:\Program Files\EATON\PersonalSolutionPac\CilUSB.exe(IObit) L:\Program Files\IObit\Start Menu 8\StartMenuServices.exe(Microsoft Corporation) L:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe(Microsoft Corporation) L:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe(Volkswagen AG) O:\ElsaWin\bin\LcSvrAuf.exe(AVAST Software) L:\Program Files\AVAST Software\Avast\AvastUI.exe() L:\Program Files\EATON\PersonalSolutionPac\mgenetsystray.exe(IObit) L:\Program Files\IObit\Start Menu 8\StartMenu8.exe(DeskSoft) L:\Program Files\BWMeter\BWMeter.exe() L:\Program Files\IObit\Start Menu 8\InstallServices32.exe(IObit) L:\Program Files\IObit\Start Menu 8\StartMenu_Hook.exe(Nero AG) L:\Program Files\Nero\Update\NASvc.exe(Malwarebytes Corporation) L:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe(Microsoft Corporation) L:\Windows\System32\sdclt.exe(Malwarebytes Corporation) L:\Program Files\Malwarebytes Anti-Malware\mbam.exe(Mozilla Corporation) L:\Program Files\Mozilla Firefox\firefox.exe==================== Registry (Whitelisted) ==================HKLM\...\Run: [Dimension4] => L:\Program Files\D4\D4.exe [200704 2004-02-04] (Thinking Man Software)HKLM\...\Run: [AvastUI.exe] => L:\Program Files\AVAST Software\Avast\AvastUI.exe [3873704 2014-05-07] (AVAST Software)HKLM\...\Run: [pspNetSystray] => L:\Program Files\EATON\PersonalSolutionPac\mgenetsystray.exe [1253376 2008-09-24] ()Winlogon\Notify\LBTWlgn: l:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)HKU\S-1-5-21-1126985804-3469020229-1997384072-1001\...\Run: [DAEMON Tools Lite] => L:\Program Files\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)HKU\S-1-5-21-1126985804-3469020229-1997384072-1001\...\Policies\Explorer: [NoInstrumentation] 1HKU\S-1-5-21-1126985804-3469020229-1997384072-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1HKU\S-1-5-21-1126985804-3469020229-1997384072-1001\...\MountPoints2: {06fa1e3d-d8f2-11e2-b2e2-6cf0492d6143} - "P:\AutoRun.exe"HKU\S-1-5-21-1126985804-3469020229-1997384072-1001\...\MountPoints2: {23912c0d-c906-11e3-b712-6cf0492d6143} - "Q:\AUTORUN.CMD"HKU\S-1-5-21-1126985804-3469020229-1997384072-1001\...\MountPoints2: {2647b3b1-fd58-11e1-a3ad-6cf0492d6143} - "N:\StartCD.exe"HKU\S-1-5-21-1126985804-3469020229-1997384072-1001\...\MountPoints2: {c9511996-4ce8-11e3-b4d9-6cf0492d6143} - "X:\wubi.exe"HKU\S-1-5-21-1126985804-3469020229-1997384072-1001\...\MountPoints2: {d4809a91-b0f4-11e3-b69e-6cf0492d6143} - "Q:\AUTORUN.CMD"HKU\S-1-5-21-1126985804-3469020229-1997384072-1001\...\MountPoints2: {ef5cf344-d8b9-11e2-b2e2-6cf0492d6143} - "P:\AutoRun.exe"AppInit_DLLs: L:\Program L:\Program => L:\Program L:\Program File Not FoundStartup: L:\Users\jb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BWMeter.lnkShortcutTarget: BWMeter.lnk -> L:\Program Files\BWMeter\BWMeter.exe (DeskSoft)==================== Internet (Whitelisted) ====================HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SRHKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/?ocid=iehpHKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr-FRHKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xB083885FBC6CCD01StartMenuInternet: IEXPLORE.EXE - iexplore.exeSearchScopes: HKLM - DefaultScope value is missing.SearchScopes: HKLM - {52db1893-8a90-4192-aede-08e00b8f8473} URL = http://dts.search.ask.com/sr?src=ieb&gct=ds&appid=103&systemid=473&v=n9602-153&apn_uid=1554175858414576&apn_dtid=BND473&o=APN10640&apn_ptnrs=AG1&q={searchTerms}SearchScopes: HKCU - {52db1893-8a90-4192-aede-08e00b8f8473} URL =BHO: IEPlugin Class - {11222041-111B-46E3-BD29-EFB2449479B1} - L:\Program Files\ArcSoft\Media Converter for Philips\Internet Video Downloader\ArcURLRecord.dll (ArcSoft, Inc.)BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - L:\Program Files\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - L:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - L:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)BHO: FlashGetBHO - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - L:\Users\jb\AppData\Roaming\FlashGetBHO\FlashGetBHO.dll (Trend Media Group)Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - L:\Program Files\Belarc\BelarcAdvisor\System\BAVoilaX.dll (Belarc, Inc.)Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - L:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)Handler: vw-wi - {0F3C833F-FB28-40EA-8CB9-6A55B996C3F6} - o:\ElsaWin\bin\wiprot.dll (TODO: <Company name>)ShellExecuteHooks: - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - No File [ ]Winsock: Catalog5 04 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"Winsock: Catalog5 05 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txtTcpip\Parameters: [DhcpNameServer] 91.121.161.184 188.165.197.144FireFox:========FF ProfilePath: L:\Users\jb\AppData\Roaming\Mozilla\Firefox\Profiles\47cdzkb2.default-1391285319756FF NewTab: https://www.google.fr/webhpFF DefaultSearchEngine: Qwant.comFF SelectedSearchEngine: Qwant.comFF Plugin: @adobe.com/FlashPlayer - L:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_206.dll ()FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - L:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 - L:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)FF Plugin: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf - L:\Program Files\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll No FileFF Plugin: @Google.com/GoogleEarthPlugin - L:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - L:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)FF Plugin: @microsoft.com/WLPG,version=16.4.3508.0205 - L:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin: @Nero.com/KM - L:\Program Files\Common Files\Nero\BrowserPlugin\npBrowserPlugin.dll (Nero AG)FF Plugin: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 - L:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)FF Plugin: @tools.google.com/Google Update;version=3 - L:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)FF Plugin: @tools.google.com/Google Update;version=9 - L:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)FF Plugin: @videolan.org/vlc,version=2.1.0 - L:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)FF Plugin: @videolan.org/vlc,version=2.1.1 - L:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)FF Plugin: @videolan.org/vlc,version=2.1.2 - L:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)FF Plugin: @videolan.org/vlc,version=2.1.3 - L:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)FF Plugin: Adobe Reader - L:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)FF Plugin ProgramFiles/Appdata: L:\Program Files\mozilla firefox\plugins\npfd.dll (FreshDevices Corp.)FF Plugin ProgramFiles/Appdata: L:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)FF Plugin ProgramFiles/Appdata: L:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)FF Plugin ProgramFiles/Appdata: L:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)FF Plugin ProgramFiles/Appdata: L:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)FF Plugin ProgramFiles/Appdata: L:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)FF Plugin ProgramFiles/Appdata: L:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)FF Plugin ProgramFiles/Appdata: L:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)FF SearchPlugin: L:\Users\jb\AppData\Roaming\Mozilla\Firefox\Profiles\47cdzkb2.default-1391285319756\searchplugins\qwantcom.xmlFF SearchPlugin: L:\Program Files\mozilla firefox\browser\searchplugins\amazon-france.xmlFF SearchPlugin: L:\Program Files\mozilla firefox\browser\searchplugins\cnrtl-tlfi-fr.xmlFF SearchPlugin: L:\Program Files\mozilla firefox\browser\searchplugins\eBay-france.xmlFF SearchPlugin: L:\Program Files\mozilla firefox\browser\searchplugins\yahoo-france.xmlFF Extension: Adblock Plus - L:\Users\jb\AppData\Roaming\Mozilla\Firefox\Profiles\47cdzkb2.default-1391285319756\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-05-02]FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - L:\Program Files\AVAST Software\Avast\WebRep\FFFF Extension: avast! Online Security - L:\Program Files\AVAST Software\Avast\WebRep\FF [2012-07-26]FF HKLM\...\Firefox\Extensions: [{B728AB94-9BC7-49b7-B76A-422BB31B2FD0}] - L:\Program Files\ArcSoft\Media Converter for Philips\Internet Video Downloader\Plugin_FireFoxFF Extension: Internet Video Downloader - L:\Program Files\ArcSoft\Media Converter for Philips\Internet Video Downloader\Plugin_FireFox [2012-08-21]FF HKLM\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - L:\Program Files\PDF Architect\FFPDFArchitectExtFF Extension: PDF Architect Converter For Firefox - L:\Program Files\PDF Architect\FFPDFArchitectExt [2013-05-01]FF HKLM\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - L:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExtFF Extension: Logitech SetPoint - L:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2013-09-23]Chrome:=======CHR DefaultSearchKeyword: mysearch.sweetpacks.comCHR DefaultSearchProvider: SweetpacksCHR DefaultSearchURL: http://mysearch.sweetpacks.com/?src=6&q={searchTerms}&st=12&i=48&crg=3.5000006.10059&did=10703&barid=27007973164055389246631657630522499395CHR DefaultNewTabURL:CHR Extension: (Documents Google) - L:\Users\jb\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-12]CHR Extension: (Google Drive) - L:\Users\jb\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-12]CHR Extension: (Kaboom) - L:\Users\jb\AppData\Local\Google\Chrome\User Data\Default\Extensions\beahobhgpojnjfdjglaehfhdanaioode [2014-03-28]CHR Extension: (YouTube) - L:\Users\jb\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-12]CHR Extension: (Recherche Google) - L:\Users\jb\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-12]CHR Extension: (avast! Online Security) - L:\Users\jb\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-03-20]CHR Extension: (Google Wallet) - L:\Users\jb\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-12]CHR Extension: (Gmail) - L:\Users\jb\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-12]CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - L:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-05-07]========================== Services (Whitelisted) =================R2 ACDaemon; L:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)R2 avast! Antivirus; L:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-05-07] (AVAST Software)S4 bgsvcgen; L:\Windows\System32\bgsvcgen.exe [145504 2007-06-15] (B.H.A Corporation)R2 BWMeterConSvc; L:\Program Files\BWMeter\BWMeterConSvc.exe [62464 2014-05-10] ()R2 cbVSCService11; L:\Program Files\Cobian Backup 11\cbVSCService11.exe [67584 2012-12-05] (CobianSoft, Luis Cobian)R2 EATON Service module; L:\Program Files\EATON\PersonalSolutionPac\RunSC.exe [126976 2010-11-29] ()S3 ICCS; L:\Program Files\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation)S4 jswpsapi; L:\Program Files\NETGEAR\WN111v2\jswpsapi.exe [942080 2008-02-29] (Atheros Communications, Inc.)R2 LcSvrAdm; o:\ElsaWin\bin\LcSvrAdm.exe [240640 2013-01-17] (Volkswagen AG)R3 LcSvrAuf; o:\ElsaWin\bin\LcSvrAuf.exe [1321984 2013-01-17] (Volkswagen AG)R2 LcSvrDba; o:\ElsaWin\bin\LcSvrDba.exe [392704 2013-01-17] (Volkswagen AG)R2 LcSvrHis; o:\ElsaWin\bin\LcSvrHis.exe [335360 2013-01-17] (Volkswagen AG)R2 LcSvrPAS; o:\ElsaWin\bin\LcSvrPas.exe [478208 2013-01-17] (Volkswagen AG)R2 LcSvrSaz; o:\ElsaWin\bin\LcSvrSaz.exe [373248 2013-01-17] (Volkswagen AG)S2 LiveUpdateSvc; L:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-12-03] (IObit)R2 MBAMScheduler; L:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-05] (Malwarebytes Corporation)R2 MBAMService; L:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-05] (Malwarebytes Corporation)R2 MSMQ; L:\Windows\system32\mqsvc.exe [24064 2012-07-26] (Microsoft Corporation)S3 MySQL55; L:\ProgramData\MySQL\MySQL Server 5.5\my.ini [9514 2013-07-17] ()R2 NAUpdate; L:\Program Files\Nero\Update\NASvc.exe [762192 2013-07-18] (Nero AG)S4 PDF Architect Helper Service; L:\Program Files\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)S4 PDF Architect Service; L:\Program Files\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)R2 StartMenuService; L:\Program Files\IObit\Start Menu 8\StartMenuServices.exe [72512 2013-12-02] (IObit)S4 UleadBurningHelper; L:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2005-01-31] (Ulead Systems, Inc.)S3 WinDefend; L:\Program Files\Windows Defender\MsMpEng.exe [14480 2013-10-25] (Microsoft Corporation)S2 FoxitCloudUpdateService; L:\Program Files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [X]==================== Drivers (Whitelisted) ====================R2 aswHwid; L:\Windows\system32\drivers\aswHwid.sys [24184 2014-05-07] ()R2 aswMonFlt; L:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-05-07] (AVAST Software)R1 aswRdr; L:\Windows\system32\drivers\aswRdr2.sys [81768 2014-05-07] (AVAST Software)R0 aswRvrt; L:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-05-07] ()R1 aswSnx; L:\Windows\system32\drivers\aswSnx.sys [776976 2014-05-07] (AVAST Software)R1 aswSP; L:\Windows\system32\drivers\aswSP.sys [411552 2014-05-07] (AVAST Software)R2 aswStm; L:\Windows\system32\drivers\aswStm.sys [67776 2014-05-07] (AVAST Software)R0 aswVmm; L:\Windows\system32\Drivers\aswVmm.sys [180632 2014-05-07] ()R1 BasicRender; L:\Windows\System32\drivers\BasicRender.sys [24576 2012-07-26] (Microsoft Corporation)R1 cdrbsdrv; L:\Windows\system32\Drivers\cdrbsdrv.sys [33408 2006-02-20] (B.H.A Corporation)S3 DNIMp50; L:\Windows\System32\Drivers\DNIMp50.sys [21504 2006-11-16] (Printing Communications Assoc., Inc. (PCAUSA))S3 DNISp50; L:\Windows\System32\Drivers\DNISp50.sys [20480 2006-11-16] (Printing Communications Assoc., Inc. (PCAUSA))S3 dot4; L:\Windows\system32\DRIVERS\Dot4.sys [137632 2012-10-19] (Windows ® Win 7 DDK provider)S3 Dot4Print; L:\Windows\System32\drivers\Dot4Prt.sys [22432 2012-10-19] (Windows ® Win 7 DDK provider)R1 dsnpfd; L:\Windows\system32\DRIVERS\dsnpfd.sys [36384 2014-05-02] (DeskSoft)R1 dtsoftbus01; L:\Windows\System32\drivers\dtsoftbus01.sys [243128 2014-04-21] (Disc Soft Ltd)S3 etdrv; L:\Windows\etdrv.sys [17488 2014-03-25] (Windows ® 2000 DDK provider)R0 EUBAKUP; L:\Windows\System32\drivers\eubakup.sys [50248 2012-10-20] (CHENGDU YIWO Tech Development Co., Ltd)R0 EUBKMON; L:\Windows\System32\drivers\EUBKMON.sys [41544 2012-10-20] ()R1 EUDSKACS; L:\Windows\system32\drivers\eudskacs.sys [15944 2012-10-20] (CHENGDU YIWO Tech Development Co., Ltd)R1 EUFDDISK; L:\Windows\system32\drivers\EuFdDisk.sys [185928 2012-10-20] (CHENGDU YIWO Tech Development Co., Ltd)S3 FsUsbExDisk; L:\Windows\system32\FsUsbExDisk.SYS [36608 2010-06-14] ()R1 GDKBFlt; L:\Windows\system32\drivers\GDKBFlt32.sys [20736 2014-04-16] (G Data Software AG)S3 gdrv; L:\Windows\gdrv.sys [17488 2014-03-31] (Windows ® 2000 DDK provider)R0 gfibto; L:\Windows\System32\drivers\gfibto.sys [13560 2013-04-03] (GFI Software)R2 giveio; L:\Windows\system32\giveio.sys [5248 1996-04-03] ()S3 GVTDrv; L:\Windows\system32\Drivers\GVTDrv.sys [24944 2014-03-31] ()R2 Hardlock; L:\Windows\system32\drivers\hardlock.sys [693760 2006-11-22] (Aladdin Knowledge Systems Ltd.)S3 LUsbFilt; L:\Windows\System32\Drivers\LUsbFilt.Sys [30984 2013-01-03] (Logitech, Inc.)S3 LVUSBSta; L:\Windows\system32\DRIVERS\LVUSBSta.sys [41752 2008-07-26] (Logitech Inc.)R3 MBAMProtector; L:\Windows\system32\drivers\mbam.sys [23256 2014-05-05] (Malwarebytes Corporation)R3 MBAMSwissArmy; L:\Windows\system32\drivers\MBAMSwissArmy.sys [110296 2014-05-11] (Malwarebytes Corporation)S3 MBAMWebAccessControl; L:\Windows\system32\drivers\mwac.sys [51928 2014-05-05] (Malwarebytes Corporation)R3 MQAC; L:\Windows\System32\drivers\mqac.sys [141312 2012-07-26] (Microsoft Corporation)R2 NSHE; L:\Windows\system32\Drivers\NSHE.SYS [97792 2012-12-12] (T0r0 2008)S3 pwdrvio; L:\Windows\system32\pwdrvio.sys [15576 2012-08-20] ()S3 pwdspio; L:\Windows\system32\pwdspio.sys [10200 2012-08-20] ()R1 RrNetCapFilterDriver; L:\Windows\system32\DRIVERS\RrNetCapFilterDriver.sys [22184 2013-10-07] (Audials AG)S4 RsFx0105; L:\Windows\System32\DRIVERS\RsFx0105.sys [238696 2011-09-22] (Microsoft Corporation)R2 RtNdPt60; L:\Windows\system32\DRIVERS\RtNdPt60.sys [27648 2011-06-15] (Realtek )S3 RTTEAMPT; L:\Windows\system32\DRIVERS\RtTeam60.sys [50280 2011-06-15] (Realtek Corporation)S3 RTVLANPT; L:\Windows\system32\DRIVERS\RtVlan620.sys [27752 2011-09-16] (Realtek Corporation)S3 SMIGrabber3C; L:\Windows\System32\Drivers\SmiUsbGrabber3C.sys [811936 2013-09-14] (Windows ® Win 7 DDK provider)R2 speedfan; L:\Windows\system32\speedfan.sys [24184 2012-12-29] (Almico Software)S3 ssm_bus; L:\Windows\System32\drivers\ssm_bus.sys [58320 2005-08-30] (MCCI)S3 ssm_mdfl; L:\Windows\system32\DRIVERS\ssm_mdfl.sys [15112 2007-05-02] (MCCI Corporation)S3 ssm_mdm; L:\Windows\system32\DRIVERS\ssm_mdm.sys [109704 2007-05-02] (MCCI Corporation)R1 StarOpen; L:\Windows\system32\Drivers\StarOpen.sys [5632 2006-07-24] ()S3 tbhsd; L:\Windows\system32\drivers\tbhsd.sys [39048 2013-10-07] (RapidSolution Software AG)S3 TEAM; L:\Windows\system32\DRIVERS\RtTeam60.sys [50280 2011-06-15] (Realtek Corporation)S1 UimBus; L:\Windows\System32\drivers\UimBus.sys [91016 2013-12-26] ()S1 Uim_DEVIM; L:\Windows\System32\drivers\uim_devim.sys [20616 2013-12-26] ()S1 Uim_IM; L:\Windows\System32\Drivers\Uim_IM.sys [540168 2013-12-26] ()S1 Uim_Vim; L:\Windows\System32\Drivers\Uim_Vim.sys [284192 2013-04-26] (Paragon)S3 usbser32; L:\Windows\system32\DRIVERS\usbser.sys [27648 2013-08-21] (Microsoft Corporation)R0 vidsflt53; L:\Windows\System32\DRIVERS\vsflt53.sys [83392 2012-11-15] (Acronis)S3 WinDriver6; L:\Windows\system32\drivers\windrvr6.sys [203552 2013-08-18] (Jungo Connectivity)S3 WN111v2; L:\Windows\system32\DRIVERS\WN111v2v.sys [453120 2009-01-13] (Atheros Communications, Inc.)S3 WsAudio_Device; L:\Windows\system32\drivers\VirtualAudio.sys [27496 2013-03-25] (Wondershare)S3 WsAudio_Device(1); L:\Windows\system32\drivers\VirtualAudio1.sys [27496 2013-01-25] (Wondershare)S3 WsAudio_DeviceS(1); L:\Windows\system32\drivers\WsAudio_DeviceS(1).sys [25704 2011-12-09] (Wondershare)S3 WsAudio_DeviceS(2); L:\Windows\system32\drivers\WsAudio_DeviceS(2).sys [25704 2011-12-09] (Wondershare)S3 WsAudio_DeviceS(3); L:\Windows\system32\drivers\WsAudio_DeviceS(3).sys [25704 2011-12-09] (Wondershare)S3 WsAudio_DeviceS(4); L:\Windows\system32\drivers\WsAudio_DeviceS(4).sys [25704 2011-12-09] (Wondershare)S3 WsAudio_DeviceS(5); L:\Windows\system32\drivers\WsAudio_DeviceS(5).sys [25704 2011-12-09] (Wondershare)S3 WUDFWpdMtp; L:\Windows\system32\DRIVERS\WUDFRd.sys [155136 2012-07-26] (Microsoft Corporation)S3 anvsnddrv; \SystemRoot\system32\drivers\anvsnddrv.sys [X]S3 BioNTDrv; \??\L:\Program Files\Paragon Software\Hard Disk Manager 14 Suite\program\BioNTDrv.SYS [X]U5 FontCache3.0.0.0; L:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [43616 2012-07-06] (Microsoft Corporation)U3 idsvc;S3 LVRS; \SystemRoot\system32\DRIVERS\lvrs.sys [X]S4 nvvad_WaveExtensible; \SystemRoot\system32\drivers\nvvad32v.sys [X]S3 pepifilter; \SystemRoot\system32\DRIVERS\lv302af.sys [X]S3 PID_PEPI; \SystemRoot\system32\DRIVERS\LV302V32.SYS [X]S3 taphss; \SystemRoot\system32\DRIVERS\taphss.sys [X]S3 taphss6; \SystemRoot\system32\DRIVERS\taphss6.sys [X]U5 UnlockerDriver5; L:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] ()U5 usbser; L:\Windows\System32\Drivers\usbser.sys [27648 2013-08-21] (Microsoft Corporation)S3 ZSMC301b; \SystemRoot\System32\Drivers\usbVM31b.sys [X]==================== NetSvcs (Whitelisted) ======================================= One Month Created Files and Folders ========2014-05-11 05:12 - 2014-05-11 05:12 - 00000916 __RSH () L:\Users\jb\ntuser.pol2014-05-10 06:32 - 2014-05-10 06:32 - 00000000 ____D () L:\Program Files\Mozilla Firefox2014-05-09 06:14 - 2014-05-09 06:26 - 00043793 _____ () L:\Users\jb\Desktop\CheckResults.txt2014-05-09 06:05 - 2014-05-11 06:16 - 00000000 ____D () L:\FRST2014-05-08 06:03 - 2014-05-08 06:03 - 00001093 _____ () L:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2014-05-08 06:03 - 2014-05-05 13:23 - 00074456 _____ (Malwarebytes Corporation) L:\Windows\system32\Drivers\mbamchameleon.sys2014-05-08 06:03 - 2014-05-05 13:23 - 00051928 _____ (Malwarebytes Corporation) L:\Windows\system32\Drivers\mwac.sys2014-05-08 06:03 - 2014-05-05 13:23 - 00023256 _____ (Malwarebytes Corporation) L:\Windows\system32\Drivers\mbam.sys2014-05-07 05:16 - 2014-05-07 05:16 - 00043152 _____ (AVAST Software) L:\Windows\avastSS.scr2014-05-07 05:16 - 2014-05-07 05:16 - 00024184 _____ () L:\Windows\system32\Drivers\aswHwid.sys2014-05-07 05:16 - 2014-05-07 05:16 - 00002066 _____ () L:\Users\Public\Desktop\avast! Free Antivirus.lnk2014-05-06 21:40 - 2014-05-06 21:40 - 00000770 _____ () L:\esscnx.txt2014-05-06 14:52 - 2014-05-06 14:52 - 00000953 _____ () L:\prot2.txt2014-05-06 09:13 - 2014-05-06 09:13 - 00001721 _____ () L:\prot.txt2014-05-06 06:07 - 2014-05-08 06:03 - 00000000 ____D () L:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware2014-05-06 06:07 - 2014-05-08 06:03 - 00000000 ____D () L:\Program Files\Malwarebytes Anti-Malware2014-05-06 06:05 - 2014-05-11 06:12 - 00110296 _____ (Malwarebytes Corporation) L:\Windows\system32\Drivers\mbamswissarmy.sys2014-05-06 04:48 - 2014-04-19 09:22 - 00509256 _____ (Microsoft Corporation) L:\Windows\system32\NotificationUI.exe2014-05-06 04:48 - 2014-04-19 08:57 - 00566784 _____ (Microsoft Corporation) L:\Windows\system32\WSShared.dll2014-05-06 04:48 - 2014-04-19 08:57 - 00124928 _____ (Microsoft Corporation) L:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll2014-05-05 05:27 - 2014-05-05 05:27 - 00000000 ____D () L:\_OTL2014-05-04 17:09 - 2014-05-04 17:09 - 00180684 _____ () L:\Users\jb\Desktop\OTL.Txt2014-05-04 17:09 - 2014-05-04 17:09 - 00102678 _____ () L:\Users\jb\Desktop\Extras.Txt2014-05-04 17:00 - 2014-05-04 17:48 - 00000664 _____ () L:\Users\jb\Desktop\MsgBloc.txt2014-05-04 17:00 - 2014-05-04 16:48 - 00602112 _____ (OldTimer Tools) L:\Users\jb\Desktop\OTL.exe2014-05-04 15:41 - 2014-05-05 05:12 - 00000000 ____D () L:\Program Files\Mozilla Thunderbird2014-05-02 21:05 - 2014-04-29 14:47 - 14357504 _____ (Microsoft Corporation) L:\Windows\system32\mshtml.dll2014-05-02 21:05 - 2014-04-29 14:25 - 02706432 _____ (Microsoft Corporation) L:\Windows\system32\mshtml.tlb2014-05-02 08:17 - 2014-05-02 08:17 - 00000000 ____D () L:\ProgramData\DeskSoft2014-05-02 08:15 - 2014-05-10 08:15 - 00001790 _____ () L:\Users\jb\Desktop\BWMeter.lnk2014-05-02 08:15 - 2014-05-10 08:15 - 00000000 ____D () L:\Program Files\BWMeter2014-05-02 08:15 - 2014-05-02 08:15 - 00036384 _____ (DeskSoft) L:\Windows\system32\Drivers\dsnpfd.sys2014-05-02 08:15 - 2014-05-02 08:15 - 00000000 ____D () L:\Users\jb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BWMeter2014-05-01 05:24 - 2014-05-07 15:51 - 00001206 _____ () L:\Windows\PFRO.log2014-04-30 19:18 - 2014-05-11 06:13 - 01907911 _____ () L:\Windows\WindowsUpdate.log2014-04-30 19:18 - 2014-05-11 05:12 - 01950676 _____ () L:\Windows\setupact.log2014-04-30 19:18 - 2014-05-11 05:12 - 00005704 _____ () L:\Windows\DtcInstall.log2014-04-30 19:18 - 2014-04-30 19:18 - 00000000 _____ () L:\Windows\setuperr.log2014-04-30 19:12 - 2014-04-30 19:12 - 00001638 _____ () L:\AdwCleaner[R13].txt2014-04-30 19:11 - 2014-04-30 19:11 - 00025436 _____ () L:\Users\jb\Documents\cc_20140430_191134.reg2014-04-30 18:30 - 2014-04-30 18:30 - 00000855 _____ () L:\Windows\system32\Drivers\etc\hosts_bak2014-04-30 17:08 - 2014-04-30 17:08 - 00000707 _____ () L:\Windows\system32\Drivers\etc\hosts_bak_5082014-04-29 05:40 - 2014-04-23 01:47 - 00694232 _____ (Adobe Systems Incorporated) L:\Windows\system32\FlashPlayerApp.exe2014-04-29 05:40 - 2014-04-23 01:47 - 00078296 _____ (Adobe Systems Incorporated) L:\Windows\system32\FlashPlayerCPLApp.cpl2014-04-27 07:22 - 2014-04-27 07:22 - 00040252 _____ () L:\Users\jb\Documents\cc_20140427_072200.reg2014-04-27 06:51 - 2014-04-27 06:51 - 00000000 ____D () L:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP32014-04-22 15:37 - 2006-12-20 11:55 - 03066968 _____ (Aladdin Knowledge Systems.) L:\Windows\system32\hinstd.dll2014-04-22 15:37 - 2006-12-20 10:00 - 02511360 _____ (Aladdin Knowledge Systems Ltd.) L:\Windows\system32\haspds_windows.dll2014-04-22 15:37 - 2006-12-20 10:00 - 00671112 _____ (Aladdin Knowledge Systems Ltd.) L:\Windows\system32\hdinst_windows.dll2014-04-22 15:37 - 2006-11-30 11:06 - 00069632 _____ (Aladdin Knowledge Systems) L:\Windows\system32\hasp_inst_help1.dll2014-04-22 15:37 - 2005-09-06 17:06 - 00028672 _____ () L:\Windows\system32\hlduinst.exe2014-04-22 15:37 - 2002-07-26 17:02 - 00153088 _____ () L:\Windows\system32\UNWISE.EXE2014-04-22 15:27 - 2014-04-22 15:27 - 00000721 _____ () L:\Users\Public\Desktop\ETKA 7.4 PLUS 2013.lnk2014-04-22 15:27 - 2014-04-22 15:27 - 00000000 ____D () L:\ProgramData\Microsoft\Windows\Start Menu\Programs\ETKA2014-04-22 13:44 - 2014-04-22 13:44 - 00592944 _____ () L:\Windows\system32\FNTCACHE.DAT2014-04-22 07:22 - 2014-04-22 15:37 - 00003683 _____ () L:\Windows\system32\HLDRV.LOG2014-04-22 07:22 - 2006-11-22 10:01 - 00693760 _____ (Aladdin Knowledge Systems Ltd.) L:\Windows\system32\Drivers\hardlock.sys2014-04-22 06:21 - 2014-04-22 17:10 - 00000199 _____ () L:\Windows\ETKINST.INI2014-04-22 06:21 - 2014-04-22 06:32 - 00000000 ____D () L:\ProgramData\Microsoft\Windows\Start Menu\Programs\ETKA72014-04-22 06:21 - 2013-02-27 01:12 - 00515179 _____ () L:\Windows\etvwnzun.EXE2014-04-21 07:15 - 2014-04-21 07:15 - 00243128 _____ (Disc Soft Ltd) L:\Windows\system32\Drivers\dtsoftbus01.sys2014-04-21 07:15 - 2014-04-21 07:15 - 00000000 ____D () L:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite2014-04-21 07:15 - 2014-04-21 07:15 - 00000000 ____D () L:\Program Files\DAEMON Tools Lite2014-04-20 17:29 - 2014-04-20 17:33 - 00000000 ____D () L:\Users\jb\Documents\MyHeritage2014-04-20 17:29 - 2012-08-02 08:56 - 00606208 _____ (Lorenzi Davide) L:\Windows\system32\HexUniRTFBox.ocx2014-04-20 17:29 - 2010-06-17 19:49 - 02029056 _____ (Bytescout) L:\Windows\system32\PDFDocScout.DLL2014-04-20 17:29 - 2003-07-06 14:07 - 00372736 _____ (Intel Corporation) L:\Windows\system32\ijl15.dll2014-04-20 17:29 - 2002-03-07 01:19 - 00454656 _____ () L:\Windows\system32\PaintX.dll2014-04-19 08:02 - 2014-04-19 08:02 - 00000962 _____ () L:\Users\jb\Desktop\Etka Updates.lnk2014-04-16 08:26 - 2014-04-16 08:26 - 00000000 _____ () L:\Windows\topsecret.INI2014-04-16 08:26 - 2014-04-16 08:26 - 00000000 _____ () L:\Windows\GDDevCtrl.INI2014-04-16 06:50 - 2014-04-16 07:53 - 00020736 _____ (G Data Software AG) L:\Windows\system32\Drivers\GDKBFlt32.sys2014-04-16 06:50 - 2014-04-16 06:50 - 00000000 ____H () L:\Windows\system32\Drivers\Msft_Kernel_GDKBFlt32_01007.Wdf2014-04-16 06:50 - 2014-04-16 06:50 - 00000000 ____H () L:\Windows\system32\Drivers\Msft_Kernel_gddcd32_01007.Wdf2014-04-16 06:49 - 2014-04-16 14:11 - 00000000 ____D () L:\Program Files\G Data2014-04-16 06:49 - 2014-04-16 14:11 - 00000000 ____D () L:\Program Files\Common Files\G Data2014-04-16 06:49 - 2014-04-16 06:49 - 00000779 _____ () L:\Users\jb\AppData\Roaming\gdscan.log2014-04-16 06:49 - 2014-04-16 06:49 - 00000000 _____ () L:\Users\jb\AppData\Roaming\gdfw.log2014-04-16 06:47 - 2014-04-16 08:38 - 00000000 ____D () L:\ProgramData\G Data2014-04-16 06:17 - 2014-04-16 06:19 - 00000000 ____D () L:\Users\jb\AppData\Roaming\GenJ32014-04-15 15:54 - 2014-04-15 15:54 - 00026760 _____ () L:\Users\jb\Documents\cc_20140415_155405.reg2014-04-15 15:37 - 2014-04-15 15:37 - 02925259 _____ () L:\Users\jb\Downloads\WDCFree.zip2014-04-15 15:34 - 2014-04-15 15:34 - 00929416 _____ (CNET Download.com) L:\Users\jb\Downloads\cbsidlm-cbsi188-Wise_Disk_Cleaner-BP-10613345.exe==================== One Month Modified Files and Folders =======2014-05-11 06:16 - 2014-05-09 06:05 - 00000000 ____D () L:\FRST2014-05-11 06:13 - 2014-04-30 19:18 - 01907911 _____ () L:\Windows\WindowsUpdate.log2014-05-11 06:12 - 2014-05-06 06:05 - 00110296 _____ (Malwarebytes Corporation) L:\Windows\system32\Drivers\mbamswissarmy.sys2014-05-11 06:06 - 2013-01-27 07:06 - 00000000 ____D () L:\Users\jb\AppData\Roaming\Xilisoft2014-05-11 06:03 - 2012-12-22 18:52 - 00000000 ____D () L:\Program Files\VSO2014-05-11 06:03 - 2012-11-26 17:17 - 00087608 _____ () L:\Users\jb\AppData\Roaming\inst.exe2014-05-11 06:03 - 2012-11-26 17:17 - 00047360 _____ (VSO Software) L:\Users\jb\AppData\Roaming\pcouffin.sys2014-05-11 06:03 - 2012-11-26 17:17 - 00007887 _____ () L:\Users\jb\AppData\Roaming\pcouffin.cat2014-05-11 06:03 - 2012-11-26 17:17 - 00000055 _____ () L:\Users\jb\AppData\Roaming\pcouffin.log2014-05-11 06:03 - 2012-11-26 17:17 - 00000000 ____D () L:\Users\jb\AppData\Roaming\Vso2014-05-11 06:02 - 2012-07-26 08:53 - 00000000 ____D () L:\Windows\system32\sru2014-05-11 05:59 - 2014-01-19 08:26 - 00001002 _____ () L:\Windows\Tasks\Adobe Flash Player Updater.job2014-05-11 05:55 - 2012-08-28 15:51 - 00000000 ____D () L:\Users\jb\AppData\Roaming\Shareaza2014-05-11 05:49 - 2012-11-29 20:19 - 00000000 ____D () L:\Program Files\Paragon Software2014-05-11 05:46 - 2012-10-11 08:06 - 00000000 ____D () L:\Program Files\OO Software2014-05-11 05:44 - 2013-12-31 08:19 - 00000000 ____D () L:\Program Files\MAGIX2014-05-11 05:44 - 2012-12-01 19:46 - 00000000 ____D () L:\Users\jb\AppData\Roaming\MAGIX2014-05-11 05:44 - 2012-12-01 19:40 - 00000000 ____D () L:\ProgramData\MAGIX2014-05-11 05:43 - 2013-12-31 08:19 - 00000000 ____D () L:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX2014-05-11 05:43 - 2012-07-26 07:00 - 00000000 ___HD () L:\Program Files\InstallShield Installation Information2014-05-11 05:38 - 2013-04-26 12:24 - 00000000 ____D () L:\Program Files\Simpli Software2014-05-11 05:38 - 2012-11-28 22:52 - 00000000 ____D () L:\Program Files\Hamster Soft2014-05-11 05:37 - 2013-01-18 06:37 - 00000000 ____D () L:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hamster Soft2014-05-11 05:34 - 2012-08-01 19:09 - 00000000 ____D () L:\Program Files\EASEUS2014-05-11 05:33 - 2013-01-31 06:32 - 00000000 ____D () L:\Users\jb\AppData\Roaming\IObit2014-05-11 05:33 - 2012-10-31 07:46 - 00000000 ____D () L:\ProgramData\IObit2014-05-11 05:33 - 2012-10-31 07:28 - 00000000 ____D () L:\Program Files\IObit2014-05-11 05:30 - 2014-02-11 06:13 - 00001082 _____ () L:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2014-05-11 05:27 - 2013-11-17 17:58 - 00000000 ____D () L:\Program Files\Soft Gold2014-05-11 05:27 - 2012-07-28 15:01 - 00000000 ____D () L:\Program Files\FinalWire2014-05-11 05:26 - 2013-04-09 05:07 - 00000000 ____D () L:\Program Files\4Videosoft Studio2014-05-11 05:12 - 2014-05-11 05:12 - 00000916 __RSH () L:\Users\jb\ntuser.pol2014-05-11 05:12 - 2014-04-30 19:18 - 01950676 _____ () L:\Windows\setupact.log2014-05-11 05:12 - 2014-04-30 19:18 - 00005704 _____ () L:\Windows\DtcInstall.log2014-05-11 05:12 - 2014-02-11 06:13 - 00001078 _____ () L:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2014-05-11 05:12 - 2012-10-29 17:26 - 00000000 ____D () L:\Users\jb2014-05-11 05:12 - 2012-07-26 08:04 - 00000006 ____H () L:\Windows\Tasks\SA.DAT2014-05-10 08:15 - 2014-05-02 08:15 - 00001790 _____ () L:\Users\jb\Desktop\BWMeter.lnk2014-05-10 08:15 - 2014-05-02 08:15 - 00000000 ____D () L:\Program Files\BWMeter2014-05-10 07:17 - 2012-07-26 08:53 - 00000000 ____D () L:\Windows\Microsoft.NET2014-05-10 06:32 - 2014-05-10 06:32 - 00000000 ____D () L:\Program Files\Mozilla Firefox2014-05-09 06:26 - 2014-05-09 06:14 - 00043793 _____ () L:\Users\jb\Desktop\CheckResults.txt2014-05-08 06:24 - 2013-10-06 08:04 - 00000000 ____D () L:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive2014-05-08 06:03 - 2014-05-08 06:03 - 00001093 _____ () L:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2014-05-08 06:03 - 2014-05-06 06:07 - 00000000 ____D () L:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware2014-05-08 06:03 - 2014-05-06 06:07 - 00000000 ____D () L:\Program Files\Malwarebytes Anti-Malware2014-05-07 15:51 - 2014-05-01 05:24 - 00001206 _____ () L:\Windows\PFRO.log2014-05-07 05:43 - 2012-07-26 08:53 - 00000000 ____D () L:\Windows\system32\NDF2014-05-07 05:16 - 2014-05-07 05:16 - 00043152 _____ (AVAST Software) L:\Windows\avastSS.scr2014-05-07 05:16 - 2014-05-07 05:16 - 00024184 _____ () L:\Windows\system32\Drivers\aswHwid.sys2014-05-07 05:16 - 2014-05-07 05:16 - 00002066 _____ () L:\Users\Public\Desktop\avast! Free Antivirus.lnk2014-05-07 05:16 - 2013-12-20 19:25 - 00067776 _____ (AVAST Software) L:\Windows\system32\Drivers\aswstm.sys2014-05-07 05:16 - 2013-11-09 06:21 - 00411552 _____ (AVAST Software) L:\Windows\system32\Drivers\aswsp.sys2014-05-07 05:16 - 2013-02-17 15:41 - 00180632 _____ () L:\Windows\system32\Drivers\aswVmm.sys2014-05-07 05:16 - 2013-02-17 15:41 - 00049944 _____ () L:\Windows\system32\Drivers\aswRvrt.sys2014-05-07 05:16 - 2012-11-02 18:09 - 00271264 _____ (AVAST Software) L:\Windows\system32\aswBoot.exe2014-05-07 05:16 - 2012-07-26 07:40 - 00776976 _____ (AVAST Software) L:\Windows\system32\Drivers\aswSnx.sys2014-05-07 05:16 - 2012-07-26 07:40 - 00081768 _____ (AVAST Software) L:\Windows\system32\Drivers\aswRdr2.sys2014-05-07 05:16 - 2012-07-26 07:40 - 00067824 _____ (AVAST Software) L:\Windows\system32\Drivers\aswMonFlt.sys2014-05-06 21:40 - 2014-05-06 21:40 - 00000770 _____ () L:\esscnx.txt2014-05-06 18:36 - 2012-07-26 06:17 - 00524288 ___SH () L:\Windows\system32\config\BBI2014-05-06 18:17 - 2011-04-12 03:44 - 00000000 ____D () L:\Windows\RemotePackages2014-05-06 14:52 - 2014-05-06 14:52 - 00000953 _____ () L:\prot2.txt2014-05-06 09:13 - 2014-05-06 09:13 - 00001721 _____ () L:\prot.txt2014-05-06 08:01 - 2012-07-26 08:53 - 00000000 ____D () L:\Windows\rescache2014-05-06 07:44 - 2012-08-04 16:58 - 00000000 ____D () L:\Program Files\XnView2014-05-06 07:09 - 2012-07-26 08:53 - 00000000 ____D () L:\Windows\WinStore2014-05-06 06:29 - 2012-08-06 06:22 - 00000000 ____D () L:\Users\jb\AppData\Roaming\BITS2014-05-06 06:07 - 2013-08-07 06:00 - 00000000 ____D () L:\Users\jb\AppData\Roaming\Malwarebytes2014-05-06 06:07 - 2013-08-05 15:23 - 00000000 ____D () L:\ProgramData\Malwarebytes2014-05-05 13:23 - 2014-05-08 06:03 - 00074456 _____ (Malwarebytes Corporation) L:\Windows\system32\Drivers\mbamchameleon.sys2014-05-05 13:23 - 2014-05-08 06:03 - 00051928 _____ (Malwarebytes Corporation) L:\Windows\system32\Drivers\mwac.sys2014-05-05 13:23 - 2014-05-08 06:03 - 00023256 _____ (Malwarebytes Corporation) L:\Windows\system32\Drivers\mbam.sys2014-05-05 05:27 - 2014-05-05 05:27 - 00000000 ____D () L:\_OTL2014-05-05 05:12 - 2014-05-04 15:41 - 00000000 ____D () L:\Program Files\Mozilla Thunderbird2014-05-04 17:48 - 2014-05-04 17:00 - 00000664 _____ () L:\Users\jb\Desktop\MsgBloc.txt2014-05-04 17:09 - 2014-05-04 17:09 - 00180684 _____ () L:\Users\jb\Desktop\OTL.Txt2014-05-04 17:09 - 2014-05-04 17:09 - 00102678 _____ () L:\Users\jb\Desktop\Extras.Txt2014-05-04 16:52 - 2012-08-05 15:30 - 00000000 ____D () L:\ProgramData\CanonIJPLM2014-05-04 16:48 - 2014-05-04 17:00 - 00602112 _____ (OldTimer Tools) L:\Users\jb\Desktop\OTL.exe2014-05-02 08:17 - 2014-05-02 08:17 - 00000000 ____D () L:\ProgramData\DeskSoft2014-05-02 08:15 - 2014-05-02 08:15 - 00036384 _____ (DeskSoft) L:\Windows\system32\Drivers\dsnpfd.sys2014-05-02 08:15 - 2014-05-02 08:15 - 00000000 ____D () L:\Users\jb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BWMeter2014-05-02 06:59 - 2012-07-26 08:53 - 00000000 ____D () L:\Windows\AUInstallAgent2014-05-01 05:29 - 2012-09-29 06:46 - 00000000 ____D () L:\Users\jb\AppData\Local\CrashDumps2014-04-30 19:18 - 2014-04-30 19:18 - 00000000 _____ () L:\Windows\setuperr.log2014-04-30 19:17 - 2014-03-04 15:29 - 00000000 ____D () L:\AdwCleaner2014-04-30 19:12 - 2014-04-30 19:12 - 00001638 _____ () L:\AdwCleaner[R13].txt2014-04-30 19:11 - 2014-04-30 19:11 - 00025436 _____ () L:\Users\jb\Documents\cc_20140430_191134.reg2014-04-30 18:35 - 2013-04-06 09:00 - 00181064 _____ (Sysinternals) L:\Windows\PSEXESVC.EXE2014-04-30 18:30 - 2014-04-30 18:30 - 00000855 _____ () L:\Windows\system32\Drivers\etc\hosts_bak2014-04-30 18:29 - 2012-10-29 17:25 - 02333440 _____ () L:\Windows\system32\PerfStringBackup.INI2014-04-30 17:08 - 2014-04-30 17:08 - 00000707 _____ () L:\Windows\system32\Drivers\etc\hosts_bak_5082014-04-30 08:47 - 2013-09-06 21:28 - 00000000 ____D () L:\Users\Administrateur2014-04-30 08:47 - 2013-01-30 20:08 - 00000000 ____D () L:\Users\22014-04-30 08:47 - 2013-01-09 15:33 - 00000000 ____D () L:\Users\DefaultAppPool2014-04-30 08:47 - 2012-07-26 08:53 - 00000000 ____D () L:\Windows\registration2014-04-29 14:47 - 2014-05-02 21:05 - 14357504 _____ (Microsoft Corporation) L:\Windows\system32\mshtml.dll2014-04-29 14:25 - 2014-05-02 21:05 - 02706432 _____ (Microsoft Corporation) L:\Windows\system32\mshtml.tlb2014-04-27 21:17 - 2012-11-25 19:49 - 00000000 ____D () L:\Users\jb\AppData\Roaming\vlc2014-04-27 13:52 - 2014-03-21 15:08 - 00000248 _____ () L:\Windows\Tasks\Driver Booster SkipUAC (jb).job2014-04-27 07:30 - 2013-01-04 07:08 - 00000000 ____D () L:\Users\jb\AppData\Roaming\KC Softwares2014-04-27 07:22 - 2014-04-27 07:22 - 00040252 _____ () L:\Users\jb\Documents\cc_20140427_072200.reg2014-04-27 07:21 - 2012-11-21 19:52 - 00000000 ____D () L:\Users\jb\AppData\Roaming\AIMP32014-04-27 07:21 - 2012-09-13 06:25 - 00000000 ____D () L:\Users\jb\AppData\Roaming\DAEMON Tools Lite2014-04-27 07:18 - 2012-07-28 13:58 - 00000000 ____D () L:\Users\jb\Documents\Bibliothèque calibre2014-04-27 07:11 - 2012-07-28 13:58 - 00000000 ____D () L:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management2014-04-27 07:11 - 2012-07-28 13:58 - 00000000 ____D () L:\Program Files\Calibre22014-04-27 06:56 - 2012-08-01 05:51 - 00000000 ____D () L:\Program Files\Common Files\Adobe AIR2014-04-27 06:54 - 2012-11-27 09:00 - 00001296 _____ () L:\Users\jb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaInfo.lnk2014-04-27 06:54 - 2012-09-02 11:42 - 00000000 ____D () L:\Program Files\CCleaner2014-04-27 06:52 - 2012-08-04 16:58 - 00000000 ____D () L:\ProgramData\Microsoft\Windows\Start Menu\Programs\XnView2014-04-27 06:51 - 2014-04-27 06:51 - 00000000 ____D () L:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP32014-04-27 06:51 - 2012-11-21 19:52 - 00000000 ____D () L:\Program Files\AIMP32014-04-24 09:25 - 2013-12-27 07:14 - 00000000 ____D () L:\Windows\Minidump2014-04-23 19:04 - 2012-08-04 17:07 - 00000000 ____D () L:\Users\jb\AppData\Roaming\XnView2014-04-23 01:47 - 2014-04-29 05:40 - 00694232 _____ (Adobe Systems Incorporated) L:\Windows\system32\FlashPlayerApp.exe2014-04-23 01:47 - 2014-04-29 05:40 - 00078296 _____ (Adobe Systems Incorporated) L:\Windows\system32\FlashPlayerCPLApp.cpl2014-04-22 17:10 - 2014-04-22 06:21 - 00000199 _____ () L:\Windows\ETKINST.INI2014-04-22 15:37 - 2014-04-22 07:22 - 00003683 _____ () L:\Windows\system32\HLDRV.LOG2014-04-22 15:27 - 2014-04-22 15:27 - 00000721 _____ () L:\Users\Public\Desktop\ETKA 7.4 PLUS 2013.lnk2014-04-22 15:27 - 2014-04-22 15:27 - 00000000 ____D () L:\ProgramData\Microsoft\Windows\Start Menu\Programs\ETKA2014-04-22 15:27 - 2012-07-26 08:53 - 00000000 ____D () L:\Windows\System2014-04-22 13:44 - 2014-04-22 13:44 - 00592944 _____ () L:\Windows\system32\FNTCACHE.DAT2014-04-22 08:43 - 2012-11-17 07:13 - 00000000 ____D () L:\Users\jb\AppData\Roaming\Wise Disk Cleaner2014-04-22 06:32 - 2014-04-22 06:21 - 00000000 ____D () L:\ProgramData\Microsoft\Windows\Start Menu\Programs\ETKA72014-04-22 06:22 - 2009-07-14 04:04 - 00000513 _____ () L:\Windows\win.ini2014-04-21 15:52 - 2012-07-26 08:53 - 00000000 ____D () L:\Windows\L2Schemas2014-04-21 07:15 - 2014-04-21 07:15 - 00243128 _____ (Disc Soft Ltd) L:\Windows\system32\Drivers\dtsoftbus01.sys2014-04-21 07:15 - 2014-04-21 07:15 - 00000000 ____D () L:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite2014-04-21 07:15 - 2014-04-21 07:15 - 00000000 ____D () L:\Program Files\DAEMON Tools Lite2014-04-21 07:11 - 2012-09-08 08:29 - 00000000 ____D () L:\Users\jb\AppData\Roaming\GlarySoft2014-04-20 17:33 - 2014-04-20 17:29 - 00000000 ____D () L:\Users\jb\Documents\MyHeritage2014-04-20 07:27 - 2013-01-10 07:40 - 00000000 ____D () L:\DownLoad2014-04-19 09:22 - 2014-05-06 04:48 - 00509256 _____ (Microsoft Corporation) L:\Windows\system32\NotificationUI.exe2014-04-19 08:57 - 2014-05-06 04:48 - 00566784 _____ (Microsoft Corporation) L:\Windows\system32\WSShared.dll2014-04-19 08:57 - 2014-05-06 04:48 - 00124928 _____ (Microsoft Corporation) L:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll2014-04-19 08:02 - 2014-04-19 08:02 - 00000962 _____ () L:\Users\jb\Desktop\Etka Updates.lnk2014-04-16 14:14 - 2012-07-26 08:53 - 00000000 ____D () L:\Windows\system32\spool2014-04-16 14:11 - 2014-04-16 06:49 - 00000000 ____D () L:\Program Files\G Data2014-04-16 14:11 - 2014-04-16 06:49 - 00000000 ____D () L:\Program Files\Common Files\G Data2014-04-16 08:42 - 2014-01-29 16:25 - 00000000 ____D () L:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java2014-04-16 08:42 - 2012-08-08 08:14 - 00000000 ____D () L:\Program Files\Java2014-04-16 08:38 - 2014-04-16 06:47 - 00000000 ____D () L:\ProgramData\G Data2014-04-16 08:36 - 2012-07-26 08:53 - 00000000 ____D () L:\Windows\system32\winevt2014-04-16 08:36 - 2012-07-26 08:53 - 00000000 ____D () L:\Windows\system32\WinBioPlugIns2014-04-16 08:36 - 2012-07-26 08:53 - 00000000 ____D () L:\Windows\system32\MUI2014-04-16 08:36 - 2012-07-26 08:53 - 00000000 ____D () L:\Windows\system32\LogFiles2014-04-16 08:36 - 2012-07-26 08:53 - 00000000 ____D () L:\Windows\system32\IME2014-04-16 08:36 - 2012-07-26 08:53 - 00000000 ____D () L:\Windows\system32\Com2014-04-16 08:36 - 2012-07-26 06:43 - 00000000 ____D () L:\Windows\system32\SMI2014-04-16 08:26 - 2014-04-16 08:26 - 00000000 _____ () L:\Windows\topsecret.INI2014-04-16 08:26 - 2014-04-16 08:26 - 00000000 _____ () L:\Windows\GDDevCtrl.INI2014-04-16 07:53 - 2014-04-16 06:50 - 00020736 _____ (G Data Software AG) L:\Windows\system32\Drivers\GDKBFlt32.sys2014-04-16 06:50 - 2014-04-16 06:50 - 00000000 ____H () L:\Windows\system32\Drivers\Msft_Kernel_GDKBFlt32_01007.Wdf2014-04-16 06:50 - 2014-04-16 06:50 - 00000000 ____H () L:\Windows\system32\Drivers\Msft_Kernel_gddcd32_01007.Wdf2014-04-16 06:49 - 2014-04-16 06:49 - 00000779 _____ () L:\Users\jb\AppData\Roaming\gdscan.log2014-04-16 06:49 - 2014-04-16 06:49 - 00000000 _____ () L:\Users\jb\AppData\Roaming\gdfw.log2014-04-16 06:19 - 2014-04-16 06:17 - 00000000 ____D () L:\Users\jb\AppData\Roaming\GenJ32014-04-15 17:33 - 2012-10-29 17:16 - 00000000 ____D () L:\Windows\system32\msmq2014-04-15 15:54 - 2014-04-15 15:54 - 00026760 _____ () L:\Users\jb\Documents\cc_20140415_155405.reg2014-04-15 15:52 - 2012-11-26 17:16 - 00000000 ____D () L:\ProgramData\VSO2014-04-15 15:48 - 2014-03-06 15:58 - 00000000 ____D () L:\Users\jb\AppData\Roaming\WiseUpdate2014-04-15 15:37 - 2014-04-15 15:37 - 02925259 _____ () L:\Users\jb\Downloads\WDCFree.zip2014-04-15 15:35 - 2012-11-17 07:12 - 00000000 ____D () L:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Disk Cleaner2014-04-15 15:34 - 2014-04-15 15:34 - 00929416 _____ (CNET Download.com) L:\Users\jb\Downloads\cbsidlm-cbsi188-Wise_Disk_Cleaner-BP-10613345.exe2014-04-12 06:49 - 2014-02-02 07:51 - 00000000 ____D () L:\Users\Public\Foxit SoftwareSome content of TEMP:====================L:\Users\jb\AppData\Local\Temp\Foxit PhantomPDF Updater.exeL:\Users\jb\AppData\Local\Temp\Foxit Updater.exeL:\Users\jb\AppData\Local\Temp\Quarantine.exe==================== Bamital & volsnap Check =================L:\Windows\explorer.exe => MD5 is legitL:\Windows\system32\winlogon.exe => MD5 is legitL:\Windows\system32\wininit.exe => MD5 is legitL:\Windows\system32\svchost.exe => MD5 is legitL:\Windows\system32\services.exe => MD5 is legitL:\Windows\system32\User32.dll => MD5 is legitL:\Windows\system32\userinit.exe => MD5 is legitL:\Windows\system32\rpcss.dll => MD5 is legitL:\Windows\system32\Drivers\volsnap.sys => MD5 is legitLastRegBack: 2014-05-10 07:16==================== End Of Log ============================ Link to post Share on other sites More sharing options...
Maniac Posted May 11, 2014 ID:829055 Share Posted May 11, 2014 Launch Malwarebytes' Anti-MalwareGo to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.Go to Scanner tab and select Threat Scan, then click Scan.The scan may take some time to finish,so please be patient.When the scan is complete, click OK, then Show Results to view the results.Make sure that everything is checked, and click Remove Selected.When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.Copy&Paste the entire report in your next reply.Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately. Link to post Share on other sites More sharing options...
jacqventoux Posted May 11, 2014 Author ID:829069 Share Posted May 11, 2014 Hello All OK Log02 Malwarebytes Anti-Malwarewww.malwarebytes.orgScan Date: 11/05/2014Scan Time: 17:36:07Logfile:Administrator: YesVersion: 2.00.2.1010Malware Database: v2014.05.11.06Rootkit Database: v2014.03.27.01License: PremiumMalware Protection: EnabledMalicious Website Protection: DisabledSelf-protection: DisabledOS: Windows 8CPU: x86File System: NTFSUser: jbScan Type: Threat ScanResult: CompletedObjects Scanned: 375484Time Elapsed: 13 min, 22 secMemory: EnabledStartup: EnabledFilesystem: EnabledArchives: EnabledRootkits: DisabledHeuristics: EnabledPUP: WarnPUM: EnabledProcesses: 0(No malicious items detected)Modules: 0(No malicious items detected)Registry Keys: 0(No malicious items detected)Registry Values: 0(No malicious items detected)Registry Data: 0(No malicious items detected)Folders: 0(No malicious items detected)Files: 0(No malicious items detected)Physical Sectors: 0(No malicious items detected)(end) Link to post Share on other sites More sharing options...
Maniac Posted May 12, 2014 ID:829293 Share Posted May 12, 2014 Step 1 Please download Junkware Removal Tool to your desktop.Shut down your protection software now to avoid potential conflicts.Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.The tool will open and start scanning your system.Please be patient as this can take a while to complete depending on your system's specifications.On completion, a log (JRT.txt) is saved to your desktop and will automatically open.Post the contents of JRT.txt into your next message.Step 2 Please download AdwCleaner by Xplode onto your desktop.Close all open programs and internet browsers.Double click on AdwCleaner.exe to run the tool.Click on Scan button. Wait until is finished.Click on Clean.Confirm each time with Ok.Your computer will be rebooted automatically. A text file will open after the restart.Please post the content of that logfile with your next answer.You can find the logfile at C:\AdwCleaner\AdwCleaner[s0].txt as well.In your next reply, post the following log files:Junkware Removal Tool logAdwCleaner log Link to post Share on other sites More sharing options...
jacqventoux Posted May 12, 2014 Author ID:829362 Share Posted May 12, 2014 Hello 03 JRT.txt04 AdwCleaner[s5].txt05 AdwCleaner[R5].txt Cordially Jacques Log03 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Junkware Removal Tool (JRT) by ThisisuVersion: 6.1.4 (04.06.2014:1)OS: Windows 8 Pro with Media Center x86Ran by jb on 12/05/2014 at 18:27:34,00~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Services~~~ Registry ValuesSuccessfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start PageSuccessfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start PageSuccessfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start PageSuccessfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start PageSuccessfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start PageSuccessfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-1126985804-3469020229-1997384072-1001\Software\Microsoft\Internet Explorer\Main\\Start Page~~~ Registry KeysSuccessfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1126985804-3469020229-1997384072-1001\Software\sweetimSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{52db1893-8a90-4192-aede-08e00b8f8473}~~~ Files~~~ FoldersSuccessfully deleted: [Folder] "L:\Users\jb\appdata\locallow\torntv 2"Successfully deleted: [Folder] "L:\Users\jb\Local Settings\Application Data\cre"~~~ Event Viewer Logs were cleared~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Scan was completed on 12/05/2014 at 18:31:57,56End of JRT log~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Log04 # AdwCleaner v3.208 - Rapport créé le 12/05/2014 à 18:58:33# Mis à jour le 11/05/2014 par Xplode# Système d'exploitation : Windows 8 Pro with Media Center (32 bits)# Nom d'utilisateur : jb - NEW_JACQ# Exécuté depuis : K:\DownLoad\AdwCleaner.exe# Option : Nettoyer***** [ Services ] ********** [ Fichiers / Dossiers ] *****Fichier Supprimé : L:\Users\jb\daemonprocess.txt***** [ Raccourcis ] ********** [ Registre ] *****Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\YontooDesktop_RASAPI32Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\YontooDesktop_RASMANCSClé Supprimée : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}***** [ Navigateurs ] *****-\\ Internet Explorer v10.0.9200.16537-\\ Mozilla Firefox v30.0 (fr)[ Fichier : L:\Users\2\AppData\Roaming\Mozilla\Firefox\Profiles\jgfrfwi2.default\prefs.js ][ Fichier : L:\Users\jb\AppData\Roaming\Mozilla\Firefox\Profiles\47cdzkb2.default-1391285319756\prefs.js ]-\\ Google Chrome v34.0.1847.131[ Fichier : L:\Users\jb\AppData\Local\Google\Chrome\User Data\Default\preferences ]*************************AdwCleaner[R3].txt - [19837 octets] - [04/03/2014 16:21:13]AdwCleaner[R4].txt - [1795 octets] - [30/04/2014 19:16:14]AdwCleaner[R5].txt - [1707 octets] - [12/05/2014 18:57:31]AdwCleaner[s3].txt - [19570 octets] - [04/03/2014 16:22:39]AdwCleaner[s4].txt - [1894 octets] - [30/04/2014 19:17:19]AdwCleaner[s5].txt - [1634 octets] - [12/05/2014 18:58:33]########## EOF - L:\AdwCleaner\AdwCleaner[s5].txt - [1694 octets] ########## Log 05 # AdwCleaner v3.208 - Rapport créé le 12/05/2014 à 18:56:43# Mis à jour le 11/05/2014 par Xplode# Système d'exploitation : Windows 8 Pro with Media Center (32 bits)# Nom d'utilisateur : jb - NEW_JACQ# Exécuté depuis : K:\DownLoad\AdwCleaner.exe# Option : Scanner***** [ Services ] ********** [ Fichiers / Dossiers ] *****Fichier Présent : L:\Users\jb\daemonprocess.txt***** [ Raccourcis ] ********** [ Registre ] *****Clé Présente : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}Clé Présente : HKLM\SOFTWARE\Microsoft\Tracing\YontooDesktop_RASAPI32Clé Présente : HKLM\SOFTWARE\Microsoft\Tracing\YontooDesktop_RASMANCS***** [ Navigateurs ] *****-\\ Internet Explorer v10.0.9200.16537-\\ Mozilla Firefox v30.0 (fr)[ Fichier : L:\Users\2\AppData\Roaming\Mozilla\Firefox\Profiles\jgfrfwi2.default\prefs.js ][ Fichier : L:\Users\jb\AppData\Roaming\Mozilla\Firefox\Profiles\47cdzkb2.default-1391285319756\prefs.js ]-\\ Google Chrome v34.0.1847.131[ Fichier : L:\Users\jb\AppData\Local\Google\Chrome\User Data\Default\preferences ]*************************AdwCleaner[R3].txt - [19837 octets] - [04/03/2014 16:21:13]AdwCleaner[R4].txt - [1795 octets] - [30/04/2014 19:16:14]AdwCleaner[R5].txt - [1446 octets] - [12/05/2014 18:56:43]AdwCleaner[s3].txt - [19570 octets] - [04/03/2014 16:22:39]AdwCleaner[s4].txt - [1894 octets] - [30/04/2014 19:17:19]########## EOF - L:\AdwCleaner\AdwCleaner[R5].txt - [1627 octets] ########## Link to post Share on other sites More sharing options...
Maniac Posted May 12, 2014 ID:829412 Share Posted May 12, 2014 Please scan your machine with ESET OnlineScanHold down Control and click on the following link to open ESET OnlineScan in a new window. ESET OnlineScanClick the button.For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your Desktop.Double click on the to download the ESET Smart Installer. icon on your Desktop.Check "YES, I accept the Terms of Use."Click the Start button.Accept any security warnings from your browser.Under Scan Settings, check "Scan Archives" and "Remove found threats" Click Advanced settings and select the following:Scan potentially unwanted applicationsScan for potentially unsafe applicationsEnable Anti-Stealth technologyESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.When the scan completes, click List ThreatsClick Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.Click the Back button.Click the Finish button. Link to post Share on other sites More sharing options...
jacqventoux Posted May 13, 2014 Author ID:829641 Share Posted May 13, 2014 Hello Sorry : Some files "defended" in unused partitions that I will clean as soon as possibleC: for XPN: Windows 7RecallFirefox, IE and ChromeMy problem is that MMFA 2.xxxx (including 2.0.2.1010) blocks some websites including "malwarebytes.org" when "Malicious Website Protection" is enabled, while others work very well.When "Malicious Website Protection" is disabled, all sites are accessibleRegards Jacques Log06 L:\Users\jb\Documents\UseNeXT\alt.binaries.boneless\Philomena_2013_DVDRip_XviD-AQOS.zip MSIL/TrojanDownloader.Agent.NI trojan L:\Users\jb\Downloads\cbsidlm-cbsi188-Wise_Disk_Cleaner-BP-10613345.exe a variant of Win32/CNETInstaller.B potentially unwanted application L:\Users\jb\Downloads\passwordfox.zip Win32/PSWTool.PassFox.D potentially unsafe application N:\Program Files\File Type Assistant\ftacfg.exe Win32/FileTypeAssistant.A potentially unwanted application N:\Program Files\File Type Assistant\TSASetup.exe a variant of Win32/FileTypeAssistant.A potentially unwanted application N:\Program Files\File Type Assistant\tsassist.exe a variant of Win32/FileTypeAssistant.A potentially unwanted application N:\Program Files\jZip\Helper.dll a variant of Win32/Toolbar.SearchSuite.P potentially unwanted application N:\Program Files\jZip\Uninstall.exe probably a variant of Win32/Toolbar.SearchSuite.J potentially unwanted application N:\ProgramData\InstallMate\{41DAF6EE-3A7B-459F-A774-72599A39D418}\Custom.dll Win32/InstalleRex.M potentially unwanted application N:\ProgramData\InstallMate\{8E9AA143-18EA-4ACC-A827-50C8557983B5}\Custom.dll Win32/InstalleRex.M potentially unwanted application N:\Users\All Users\InstallMate\{41DAF6EE-3A7B-459F-A774-72599A39D418}\Custom.dll Win32/InstalleRex.M potentially unwanted application N:\Users\All Users\InstallMate\{8E9AA143-18EA-4ACC-A827-50C8557983B5}\Custom.dll Win32/InstalleRex.M potentially unwanted application N:\Users\jb\AppData\Local\Temp\AskSLib.dll a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application N:\Users\jb\AppData\Local\Temp\DownloadManager.exe a variant of Win32/OutBrowse.D potentially unwanted application N:\Users\jb\AppData\Local\Temp\FirefoxUpdateSetup.exe a variant of Win32/InstallCore.JE.gen potentially unwanted application N:\Users\jb\AppData\Local\Temp\is1914646434\1475458_stp.EXE a variant of Win32/FileTypeAssistant.A potentially unwanted application N:\Users\jb\Desktop\media-player-codec-pack-v4-2-5-setup.exe a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application N:\Users\jb\Downloads\ClickHeretoDownload-cmm70HM.exe Win32/Somoto.A potentially unwanted application N:\Users\jb\Downloads\FinalTorrentSetup [1].exe a variant of Win32/FileTypeAssistant.A potentially unwanted application N:\Users\jb\Downloads\FinalTorrentSetup.exe a variant of Win32/Injected.F trojan N:\Users\jb\Downloads\jZipSetup-r286-n-bf.exe probably a variant of Win32/Toolbar.SearchSuite.J potentially unwanted application N:\Users\jb\Downloads\SoftonicDownloader_pour_media-player-codec-pack.exe a variant of Win32/SoftonicDownloader.F potentially unwanted application N:\Users\jb\Downloads\The%20Secret%20Life%20of%20Walter%20Mitty%202014%20FRENCH%20DVDRip%20XviD-playHD.torrent(1).exe Win32/InstalleRex.M potentially unwanted application N:\Users\jb\Downloads\The%20Secret%20Life%20of%20Walter%20Mitty%202014%20FRENCH%20DVDRip%20XviD-playHD.torrent.exe Win32/InstalleRex.M potentially unwanted application N:\Users\jb\Downloads\trz7982.tmp a variant of Win32/OutBrowse.D potentially unwanted application N:\Users\jb\Downloads\trzE762.tmp a variant of Win32/OutBrowse.D potentially unwanted application N:\W7\FoxitReader531.0606_enu_Setup.exe a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application P:\passwordfox.zip Win32/PSWTool.PassFox.D potentially unsafe application P:\Maintenance\CCleaner_v4.10.4570.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application P:\Maintenance\disk-defrag-setup.exe Win32/MyPCBackup.A potentially unwanted application P:\Maintenance\driver_booster_setup1.2.exe a variant of Win32/Toolbar.Widgi.B potentially unwanted application P:\Maintenance\Recuva_v1.50.1036.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application P:\Maintenance\Originaux\CCleaner_v4.11.4619.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application P:\Maintenance\Originaux\disk-defrag-setup.exe Win32/MyPCBackup.A potentially unwanted application P:\Maintenance\Originaux\driver_booster_setup1.2.exe a variant of Win32/Toolbar.Widgi.B potentially unwanted application P:\Maintenance\Originaux\Driver_Booster_v1.3.0.172.exe a variant of Win32/Toolbar.Widgi.B potentially unwanted application P:\Maintenance\Originaux\Recuva_v1.50.1036.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application P:\Maintenance\Originaux\Recuva_v1.51.1063.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application P:\passwordfox\passwordfox.exe Win32/PSWTool.PassFox.D potentially unsafe application C:\Documents and Settings\Administrateur\Local Settings\Temp\AskSLib.dll a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application deleted - quarantinedC:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\O1RSJX6D\ApnIC[1].0 a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application deleted - quarantinedC:\Documents and Settings\jb\Local Settings\Application Data\BittorrentBar_FR\ldrtbBitt.dll a variant of Win32/Toolbar.Conduit.P potentially unwanted application deleted - quarantinedC:\Documents and Settings\jb\Local Settings\Application Data\BittorrentBar_FR\tbBitt.dll a variant of Win32/Toolbar.Conduit.B potentially unwanted application deleted - quarantinedC:\Documents and Settings\jb\Local Settings\Application Data\Conduit\CT2849852\BittorrentBar_FRAutoUpdateHelper.exe Win32/Toolbar.Conduit.Q potentially unwanted application deleted - quarantinedC:\Documents and Settings\jb\Local Settings\Temporary Internet Files\Content.IE5\9BY0XUCR\SpeedUpMyPC-standalone-setup[1].exe Win32/SpeedUpMyPC potentially unwanted application deleted - quarantinedC:\Documents and Settings\jb\Mes documents\GRMCPRFRER_FR_DVD.iso Win32/HackTool.WinActivator.I potentially unsafe application deleted - quarantinedC:\Program Files\Expat_Shield\Expat_ShieldToolbarHelper.exe Win32/Toolbar.Conduit.Q potentially unwanted application deleted - quarantinedC:\Program Files\Expat_Shield\ldrtbExpa.dll a variant of Win32/Toolbar.Conduit.P potentially unwanted application deleted - quarantinedC:\Program Files\Expat_Shield\prxtbExpa.dll Win32/Toolbar.Conduit.O potentially unwanted application deleted - quarantinedC:\Program Files\Expat_Shield\tbExpa.dll a variant of Win32/Toolbar.Conduit.B potentially unwanted application deleted - quarantinedC:\Tftpd32\tftpd32.exe a variant of Win32/TFTPD32.A potentially unsafe application deleted - quarantinedC:\WINDOWS\uninst.exe a variant of Win32/PCCleaners potentially unwanted application deleted - quarantinedI:\Installation\wiivideo9-504-setup.exe Win32/OpenCandy potentially unsafe application deleted - quarantinedJ:\Downloads\725191_video_deluxe_17_premium_273mo_f.exe a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application deleted - quarantinedJ:\Downloads\BCEbwm61.rar a variant of Win32/HackTool.Patcher.T potentially unsafe application deleted - quarantinedJ:\Downloads\ccsetup320.exe Win32/Bundled.Toolbar.Google.E potentially unsafe application deleted - quarantinedJ:\Downloads\daemon-tools_daemon_tools_lite_4.41.3_francais_10729.exe Win32/OpenCandy potentially unsafe application deleted - quarantinedJ:\Downloads\iLividSetup-r757-n-bf.exe Win32/Toolbar.SearchSuite potentially unwanted application deleted - quarantinedJ:\Downloads\ParetoLogic PC Health Advisor 3.1.2 Patch AoReTeam.rar a variant of Win32/HackTool.Patcher.T potentially unsafe application deleted - quarantinedJ:\Downloads\PDFCreator-1_4_1_setup.exe Win32/OpenCandy potentially unsafe application deleted - quarantinedJ:\Downloads\registrybooster.exe Win32/RegistryBooster potentially unwanted application deleted - quarantinedJ:\Downloads\Samsung-PC-Studio.exe a variant of Win32/InstallCore.AF potentially unwanted application deleted - quarantinedJ:\Downloads\Setup_FreeVideoConverter.exe Win32/Toolbar.Widgi potentially unwanted application deleted - quarantinedJ:\Downloads\slow-pcfighter_Web.exe a variant of Win32/SlowPCfighter potentially unwanted application deleted - quarantinedJ:\Downloads\SoftonicDownloader_pour_fixwin.exe Win32/SoftonicDownloader.E potentially unwanted application deleted - quarantinedJ:\Downloads\SoftonicDownloader_pour_jdownloader.exe Win32/SoftonicDownloader.E potentially unwanted application deleted - quarantinedJ:\Downloads\switchsetup.exe a variant of Win32/Toolbar.Conduit.H potentially unwanted application deleted - quarantinedJ:\Downloads\wiivideo9-504-setup.exe Win32/OpenCandy potentially unsafe application deleted - quarantinedJ:\Downloads\winamp561_full_emusic-7plus_all.exe Win32/OpenCandy potentially unsafe application deleted - quarantinedJ:\Downloads\winzip165-francais.exe Win32/Toolbar.Conduit potentially unwanted application deleted - quarantinedJ:\Downloads\WinZip165International.exe a variant of Win32/OpenInstall potentially unwanted application deleted - quarantinedJ:\Downloads\Magix Video Deluxe 17 PREMIUM HD (2011) [App][French]\vdx17premium_download_version_fr-fr_10_0_0_33.exe a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application deleted - quarantinedJ:\Downloads\SKODA\unlocker.exe Win32/Adware.ADON potentially unwanted application deleted - quarantinedK:\DownLoad\01net_CDBurnerXP_Pro.exe Win32/Toolbar.Conduit.M potentially unwanted application deleted - quarantinedK:\DownLoad\01net_Glary_Utilities.exe Win32/Toolbar.Conduit.M potentially unwanted application deleted - quarantinedK:\DownLoad\01net_Recuva.exe Win32/Toolbar.Conduit.M potentially unwanted application deleted - quarantinedK:\DownLoad\CCleaner_v4.13.4693.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantinedK:\DownLoad\ccsetup412.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantinedK:\DownLoad\cdbxp_setup_4.5.1.4003.exe Win32/OpenCandy potentially unsafe application deleted - quarantinedK:\DownLoad\daemon-tools-lite_daemon_tools_lite_4.46.1.0328_francais_10729.exe Win32/DownWare.L potentially unwanted application deleted - quarantinedK:\DownLoad\DAEMON_Tools_Lite_v4.49.1.exe Win32/DownWare.L potentially unwanted application deleted - quarantinedK:\DownLoad\dfsetup215.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantinedK:\DownLoad\disk-defrag-setup.exe Win32/MyPCBackup.A potentially unwanted application deleted - quarantinedK:\DownLoad\Driver Updater Pro v2.3.2.0 Patch by Under SEH T3am.zip Win32/HackTool.Patcher.A potentially unsafe application deleted - quarantinedK:\DownLoad\DriverUpdaterSetup-2.0.0.6004.exe a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application deleted - quarantinedK:\DownLoad\Driver_Booster_v1.3.0.172.exe a variant of Win32/Toolbar.Widgi.B potentially unwanted application deleted - quarantinedK:\DownLoad\DTLite4481-0347.exe Win32/DownWare.L potentially unwanted application deleted - quarantinedK:\DownLoad\e.m_total_video_converter_3.70_downloader_133.exe a variant of Win32/YourFileDownloader potentially unwanted application deleted - quarantinedK:\DownLoad\epm.exe Win32/OpenCandy potentially unsafe application deleted - quarantinedK:\DownLoad\ffactory3_install.exe a variant of Win32/InstallCore.BY potentially unwanted application deleted - quarantinedK:\DownLoad\FFSetup3.2.1.0.exe a variant of Win32/Hao123.A potentially unwanted application deleted - quarantinedK:\DownLoad\FileViewPro_2013(1).exe a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application deleted - quarantinedK:\DownLoad\FLVPlayerSetup.exe a variant of Win32/InstallCore.BY potentially unwanted application deleted - quarantinedK:\DownLoad\FotoSketcher_2.80_setup.exe a variant of Win32/InstallCore.OF potentially unwanted application deleted - quarantinedK:\DownLoad\FoxitReader614.0217_enu_Setup.exe a variant of Win32/OpenCandy.A potentially unsafe application deleted - quarantinedK:\DownLoad\FreeCodecPackSetup.exe a variant of Win32/InstallBrain.BH potentially unwanted application deleted - quarantinedK:\DownLoad\frostwire-5.6.3.windows.exe Win32/OpenCandy potentially unsafe application deleted - quarantinedK:\DownLoad\frostwire-5.6.8.windows.exe a variant of Win32/OpenCandy.A potentially unsafe application deleted - quarantinedK:\DownLoad\FrostWire_v5.6.9.exe a variant of Win32/OpenCandy.A potentially unsafe application deleted - quarantinedK:\DownLoad\gvsetup.exe a variant of Win32/Toolbar.Conduit.J potentially unwanted application deleted - quarantinedK:\DownLoad\hamsterfreeebookconverter.exe a variant of Win32/OpenInstall potentially unwanted application deleted - quarantinedK:\DownLoad\Hirens.BootCD.15.2.zip Win32/PSWTool.KonBoot.A potentially unsafe application deleted - quarantinedK:\DownLoad\Hotspot Shield Elite 2.65 Full version (automatically updateable).rar Win32/Toolbar.Conduit potentially unwanted application deleted - quarantinedK:\DownLoad\HSS-3.13-install-download-80-conduit.exe Win32/Toolbar.Conduit potentially unwanted application deleted - quarantinedK:\DownLoad\HSS-3.37-install-hss-656-searchprotect.exe Win32/Toolbar.Conduit potentially unwanted application deleted - quarantinedK:\DownLoad\install_sld.exe a variant of Win32/LogicielsEspions.C potentially unsafe application deleted - quarantinedK:\DownLoad\IZArcInstall(1).exe Win32/DownWare.L potentially unwanted application deleted - quarantinedK:\DownLoad\KeyFinderInstaller.exe Win32/OpenCandy potentially unsafe application deleted - quarantinedK:\DownLoad\KMPlayer_3-7-0-109.exe Win32/OpenCandy potentially unsafe application deleted - quarantinedK:\DownLoad\look20312p_v32.zip a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application deleted - quarantinedK:\DownLoad\mb_bios_ga-m720-us3_f7n.exe a variant of Win32/Kryptik.VZ trojan deleted - quarantinedK:\DownLoad\MediaInfo_GUI_0.7.64_Windows.exe Win32/OpenCandy potentially unsafe application deleted - quarantinedK:\DownLoad\MediaInfo_GUI_0.7.67_Windows.exe Win32/OpenCandy potentially unsafe application deleted - quarantinedK:\DownLoad\MediaInfo_v0.7.65.exe Win32/OpenCandy potentially unsafe application deleted - quarantinedK:\DownLoad\MediaInfo_v0.7.68.exe Win32/OpenCandy potentially unsafe application deleted - quarantinedK:\DownLoad\mkvtoavi.exe Win32/InstallMonetizer.AF potentially unwanted application deleted - quarantinedK:\DownLoad\MPSetup.exe a variant of Win32/InstallCore.BY potentially unwanted application deleted - quarantinedK:\DownLoad\o565x.Portable.SolvuSoft.FileViewPro.2013.v1.5.0.0.rar a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application deleted - quarantinedK:\DownLoad\OpenSubtitlesPlayerD.exe a variant of Win32/Toolbar.Babylon.A potentially unwanted application deleted - quarantinedK:\DownLoad\passwordfox.zip Win32/PSWTool.PassFox.D potentially unsafe application deleted - quarantinedK:\DownLoad\PDFCreator-1_7_1_setup.exe Win32/InstallMonetizer.AQ potentially unwanted application deleted - quarantinedK:\DownLoad\PDFCreator_v1.7.2.exe Win32/InstallMonetizer.AQ potentially unwanted application deleted - quarantinedK:\DownLoad\pdfforge_Images2PDF-0_9_2-setup.exe Win32/OpenCandy potentially unsafe application deleted - quarantinedK:\DownLoad\photo_graphic_designer_2013(1).exe a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application deleted - quarantinedK:\DownLoad\photo_graphic_designer_2013.exe a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application deleted - quarantinedK:\DownLoad\produkey.zip a variant of Win32/PSWTool.ProductKey potentially unsafe application deleted - quarantinedK:\DownLoad\Professor.Franklins.Instant.Photo.Effects.v2.0.Incl.Keygen-TSZ.ZIP a variant of Win32/Keygen.FF potentially unsafe application deleted - quarantinedK:\DownLoad\professorfranklin'sinstantphotoeffectsv2.0keygentsz.zip a variant of Win32/Keygen.FF potentially unsafe application deleted - quarantinedK:\DownLoad\ProfessorFranklin__sInstantPhotoEffects2.0.rar a variant of Win32/Keygen.FF potentially unsafe application deleted - quarantinedK:\DownLoad\rcsetup149.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantinedK:\DownLoad\Recuva_v1.50.1036.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantinedK:\DownLoad\Recuva_v1.51.1063.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantinedK:\DownLoad\registry-cleaner-setup.exe a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application deleted - quarantinedK:\DownLoad\routerpassview.zip a variant of Win32/PSWTool.RouterPassView.B potentially unsafe application deleted - quarantinedK:\DownLoad\Serial_Number_Bcl_Easyconverter_Desktop_3_Word_Version_Downloader.exe a variant of Win32/BundleInstaller.C potentially unwanted application deleted - quarantinedK:\DownLoad\Serial_Number_Bcl_Easyconverter_Desktop_3_Word_Version_downloader_fr_99104.exe a variant of Win32/ExpressFiles.B potentially unwanted application deleted - quarantinedK:\DownLoad\SetupImgBurn_2.5.7.0(1).exe a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application deleted - quarantinedK:\DownLoad\SetupImgBurn_2.5.8.0.exe Win32/OpenCandy potentially unsafe application deleted - quarantinedK:\DownLoad\setup_free_pdf_converter(1).exe Win32/OpenCandy potentially unsafe application deleted - quarantinedK:\DownLoad\setup_funny_photo_maker.exe a variant of Win32/InstallCore.BY potentially unwanted application deleted - quarantinedK:\DownLoad\SoftonicDownloader_pour_camuniversal.exe Win32/SoftonicDownloader.E potentially unwanted application deleted - quarantinedK:\DownLoad\SoftonicDownloader_pour_foxit-pdf-editor.exe Win32/SoftonicDownloader.E potentially unwanted application deleted - quarantinedK:\DownLoad\SoftonicDownloader_pour_tweak-7.exe a variant of Win32/SoftonicDownloader.F potentially unwanted application deleted - quarantinedK:\DownLoad\Splayer.exe Win32/OutBrowse.D potentially unwanted application deleted - quarantinedK:\DownLoad\spsetup121.exe Win32/Bundled.Toolbar.Google.E potentially unsafe application deleted - quarantinedK:\DownLoad\sumo(3).exe Win32/DownWare.W potentially unwanted application deleted - quarantinedK:\DownLoad\SUPERsetup.exe Win32/DownWare.W potentially unwanted application deleted - quarantinedK:\DownLoad\sus.exe Win32/DownWare.W potentially unwanted application deleted - quarantinedK:\DownLoad\SweetHome3D-4.2-windows-oc.exe Win32/OpenCandy potentially unsafe application deleted - quarantinedK:\DownLoad\tb_free.exe a variant of Win32/TFTPD32.A potentially unsafe application deleted - quarantinedK:\DownLoad\Tftpd32-4.00-setup.exe a variant of Win32/TFTPD32.A potentially unsafe application deleted - quarantinedK:\DownLoad\tsasetup.exe a variant of Win32/FileTypeAssistant.A potentially unwanted application deleted - quarantinedK:\DownLoad\u.zip Win32/UltraReach potentially unsafe application deleted - quarantinedK:\DownLoad\ubcd511.iso Win32/PSWTool.KonBoot.A potentially unsafe application deleted - quarantinedK:\DownLoad\ubcd529.iso Win32/PSWTool.KonBoot.A potentially unsafe application deleted - quarantinedK:\DownLoad\Unlocker1.9.1.exe a variant of Win32/Toolbar.Babylon.A potentially unwanted application deleted - quarantinedK:\DownLoad\uTorrent-3.4.1-Beta.exe a variant of Win32/InstallCore.JE.gen potentially unwanted application deleted - quarantinedK:\DownLoad\win95_iso_downloader_fr_99333.exe a variant of Win32/ExpressFiles.B potentially unwanted application deleted - quarantinedK:\DownLoad\Windows_95_Full_Version.exe Win32/Adware.1ClickDownload.AJ application cleaned by deleting - quarantinedK:\DownLoad\Windows_95_FULL_version_Bootable_ISO.exe Win32/Adware.1ClickDownload.AJ application cleaned by deleting - quarantinedK:\DownLoad\Winrar-420.exe a variant of Win32/InstallCore.AZ potentially unwanted application deleted - quarantinedK:\DownLoad\WinZip170.exe a variant of Win32/OpenInstall potentially unwanted application deleted - quarantinedK:\DownLoad\WIN_XP_HOME_OEM.ISO Win32/HackTool.WpaKill.B potentially unsafe application deleted - quarantinedK:\DownLoad\wmvtoavi [1].exe Win32/InstallMonetizer.AF potentially unwanted application deleted - quarantinedK:\DownLoad\wmvtoavi.exe Win32/InstallCore.HT potentially unwanted application deleted - quarantinedK:\DownLoad\xilisoft-html-to-epub-converter-1.0.2.1214.exe_downloader_fr_99138.exe a variant of Win32/ExpressFiles.B potentially unwanted application deleted - quarantinedK:\DownLoad\Advanced SystemCare PRO 7.1.0.387 Final incl. Serial {AmanPC}\asc-setup.exe a variant of Win32/Toolbar.Widgi.B potentially unwanted application deleted - quarantinedK:\DownLoad\Hirens.BootCD.15.2\Hiren's.BootCD.15.2.FR.Keyboard.iso Win32/PSWTool.KonBoot.A potentially unsafe application deleted - quarantinedK:\DownLoad\Hirens.BootCD.15.2\Hiren's.BootCD.15.2.iso Win32/PSWTool.KonBoot.A potentially unsafe application deleted - quarantinedK:\DownLoad\Installation W8\Bureautique\Suites\Office 2010\Microsoft Office Proffesional Plus 2010 Corporate Final (full activated).iso a variant of MSIL/HackKMS.A potentially unsafe application deleted - quarantinedK:\DownLoad\Installation W8\Internet\Téléchargements et FTP\FTP Synchroniser Pro 5.2.97.803\crack\ftp.synchroniser.pro.5.2.97.803.crack-tsrh.exe a variant of Win32/HackTool.Patcher.BD potentially unsafe application deleted - quarantinedK:\DownLoad\Installation W8\Internet\Téléchargements et FTP\SmartFTP 4.1.1307 + Patch\SmartFTP 4.1.1307.tgz a variant of Win32/HackTool.Crack.BR potentially unsafe application deleted - quarantinedK:\DownLoad\Installation W8\Livres lus\Convertisseurs\4Media EPUB Creation Suite 1.0.4 (Build 0124){h33t}{imageking}\m-epub-creation-suite.exe Win32/Toolbar.Zugo potentially unwanted application deleted - quarantinedK:\DownLoad\Installation W8\Livres lus\Convertisseurs\4MediaEpubConverter1.0\m-epub-creation-suite.exe Win32/Toolbar.Zugo potentially unwanted application deleted - quarantinedK:\DownLoad\Installation W8\Videos\Convertisseurs\FreemakeVideoConverterSetup(1).exe Win32/OpenCandy potentially unsafe application deleted - quarantinedK:\DownLoad\Installation W8\Videos\Convertisseurs\hamsterfreevideoconverter.exe a variant of Win32/OpenInstall potentially unwanted application deleted - quarantinedK:\DownLoad\look20312p_v32\DriverUpdaterSetup-2.0.0.6004.exe a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application deleted - quarantinedK:\DownLoad\O&O Defrag Professional 17.0 + Keygen\OODefrag17ProfessionalEnu.exe a variant of Win32/Amonetize.Q potentially unwanted application deleted - quarantinedK:\DownLoad\O&O Defrag Professional Full v16.0 build 151(32bit+64) with Incl Key\OODefrag16ProfessionalEnu.exe multiple threats cleaned by deleting - quarantinedK:\DownLoad\Phone Unlocking for All Mobilephones - SPECIAL-\Phone Unlocking for All Mobilephones - SPECIAL-.rar a variant of Win32/TrojanDropper.Surldoe.A trojan deleted - quarantinedK:\DownLoad\Portable.FileViewPro\FileViewPro_2013_1.5.0.0_Install.exe a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application deleted - quarantinedK:\DownLoad\produkey\ProduKey.exe a variant of Win32/PSWTool.ProductKey potentially unsafe application deleted - quarantinedK:\DownLoad\routerpassview\RouterPassView.exe a variant of Win32/PSWTool.RouterPassView.B potentially unsafe application deleted - quarantinedK:\DownLoad\software\Advanced SystemCare Pro 7.0.6.364+Crack\asc-setup.exe a variant of Win32/Toolbar.Widgi.B potentially unwanted application deleted - quarantinedK:\DownLoad\TuneUp Utilities 2013 13.0.2020.9 + Patch\TuneUp Utilities 2013 13.0.2020.9 + Patch.tgz a variant of Win32/HackTool.Patcher.AD potentially unsafe application deleted - quarantinedK:\DownLoad\Windows XP Ultimate Edition (by Johnny) [February2009-R4.1]\Windows XP Ultimate Edition (by Johnny) [February2009-R4.1].iso Win32/WFPDisabler.A potentially unsafe application deleted - quarantinedK:\DownLoad\Winzip 17.0.10.283 pro francais complet\patch 32-64 bits.rar a variant of Win32/HackTool.Patcher.AD potentially unsafe application deleted - quarantinedK:\DownLoad\Winzip 17.0.10.283 pro francais complet\patch 32-64 bits\winzip.pro.17.x.(x64)-patch.exe a variant of Win32/HackTool.Patcher.AD potentially unsafe application deleted - quarantinedK:\DownLoad\Winzip 17.0.10.283 pro francais complet\patch 32-64 bits\winzip.pro.17.x.(x86)-patch.exe a variant of Win32/HackTool.Patcher.AD potentially unsafe application deleted - quarantinedK:\DownLoad\[Torrentfrancais.com]-daemon-tools-pro-advanced-v5-3-0-0359-multilingual-cracked-brd\[Torrentfrancais.com]-daemon-tools-pro-advanced-v5-3-0-0359-multilingual-cracked-brd\Crack\Patch.exe a variant of Win32/HackTool.Patcher.AD potentially unsafe application deleted - quarantinedK:\Maintenance\CCleaner_v4.10.4570.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantinedK:\Maintenance\disk-defrag-setup.exe Win32/MyPCBackup.A potentially unwanted application deleted - quarantinedK:\Maintenance\driver_booster_setup1.2.exe a variant of Win32/Toolbar.Widgi.B potentially unwanted application deleted - quarantinedK:\Maintenance\Recuva_v1.50.1036.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantinedL:\Keygen for [arcsoft]\trzF68A.tmp a variant of Win32/Kryptik.AMFH trojan cleaned by deleting - quarantinedL:\Users\jb\Documents\APNSetup1.exe a variant of Win32/Bundled.Toolbar.Ask.E potentially unsafe application deleted - quarantined Link to post Share on other sites More sharing options...
Maniac Posted May 13, 2014 ID:829746 Share Posted May 13, 2014 Due to our policy I suspend assistance here, because I see that you have a lot of problems caused by pirating. https://forums.malwarebytes.org/index.php?showtopic=97700 This thread will be closed. Link to post Share on other sites More sharing options...
jacqventoux Posted May 13, 2014 Author ID:829773 Share Posted May 13, 2014 good eveningI am awfully sorryI thoroughly clean my current partition on Windows 8 official of all unwanted files.I forgot to clean C: Official XP and N: Official W7, existing but unused partitions.I understand your situation, but the problem still exists, I go back to version 1.75 and will remove the 2.0.xxx version for me is bugged.Thank you again for your supportJacques PS: What can I do more? Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted May 14, 2014 Root Admin ID:829927 Share Posted May 14, 2014 This topic will now be closed due to evidence of cracked or pirated software on this system. Piracy Policy Link to post Share on other sites More sharing options...
Recommended Posts