Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 30-10-2014 01
Ran by Véronique at 2014-11-01 09:32:47 Run:2
Running from C:\Users\Véronique\Downloads
Loaded Profiles: Véronique & (Available profiles: Véronique & Véro & UpdatusUser)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
start
CloseProcesses:
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File Not Found
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => "C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll" File Not Found
GroupPolicy: Group Policy on Chrome detected
ProxyServer: http=127.0.0.1:56847
URLSearchHook: HKLM-x32 - Default Value = {3B81079D-2AC9-425f-A494-A1C7D93AFA3C}
URLSearchHook: HKLM-x32 - (No Name) - {3B81079D-2AC9-425f-A494-A1C7D93AFA3C} - No File
BHO-x32: IDMIEHlprObj Class -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> No File
BHO-x32: FG2CatchUrl -> {1F364306-AA45-47B5-9F9D-39A8B94E7EF1} -> No File
BHO-x32: Advanced SystemCare Browser Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
Toolbar: HKLM - No Name - {EFEED92A-A33D-4873-BA8F-32BAA631E54D} - No File
Toolbar: HKLM-x32 - AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - No File
Toolbar: HKLM-x32 - No Name - {EFEED92A-A33D-4873-BA8F-32BAA631E54D} - No File
Toolbar: HKLM-x32 - No Name - {3B81079D-2AC9-425f-A494-A1C7D93AFA3C} - No File
Toolbar: HKCU - No Name - {DE9C389F-3316-41A7-809B-AA305ED9D922} - No File
Toolbar: HKCU - No Name - {EFEED92A-A33D-4873-BA8F-32BAA631E54D} - No File
Handler-x32: bubbledock - {3050F3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
Tcpip\..\Interfaces\{57791F99-25AC-40AA-A238-02CC970CD339}: [NameServer] 178.33.41.181,46.4.70.20
Tcpip\..\Interfaces\{68FA0B06-2BB5-4AE8-A852-2162B295BA20}: [NameServer] 178.33.41.181,46.4.70.20
Tcpip\..\Interfaces\{86F6A176-C8B4-414C-B0BB-D24137A85C87}: [NameServer] 178.33.41.181,46.4.70.20
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\Véronique\AppData\Roaming\Mozilla\Firefox\Profiles\gz59g32w.default\Extensions\
ascsurfingprotection@iobit.com [2014-08-27]
FF HKCU\...\Firefox\Extensions: [
goobar@gootoolbar.com] - C:\Users\Véronique\AppData\Roaming\GooToolBar\GooToolBar Installer\1.0.0.0
FF Extension: goobar - C:\Users\Véronique\AppData\Roaming\GooToolBar\GooToolBar Installer\1.0.0.0 [2011-10-10]
FF HKCU\...\Firefox\Extensions: [{39207FA9-632F-58D1-AE46-2F7C370FBF59}] - C:\Program Files (x86)\di8BlockAndSurf\175.xpi
FF Extension: No Name - C:\Program Files (x86)\IObit Apps Toolbar\FF [Not Found]
CHR HomePage: Default -> hxxp://
www.trovi.com/?gd=&ctid=CT331791 ... 04D1&SSPV=
CHR StartupUrls: Default -> "hxxp://
www.trovi.com/?gd=&ctid=CT3317919&octid ... 04D1&SSPV="
CHR DefaultSearchKeyword: Default -> trovi.search_
CHR DefaultSearchURL: Default ->
http://www.trovi.com/Results.aspx?gd=&c ... C5C27BE&q={searchTerms}&SSPV=SP21514T3B_sp_ch
CHR HKLM-x32\...\Chrome\Extension: [kpipfkmkpknchlpbaghhhlfpjpidfaif] - C:\ProgramData\Download and Sa\kpipfkmkpknchlpbaghhhlfpjpidfaif.crx []
R2 AdvancedSystemCareService7; C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [881952 2014-01-14] (IObit)
R2 tor; C:\Program Files (x86)\Tor\tor.exe [3233806 2013-09-04] () [File not signed]
C:\Program Files (x86)\di8BlockAndSurf
C:\PROGRA~2\SearchProtect
C:\Program Files (x86)\Babylon
C:\Program Files (x86)\IObit
C:\Program Files (x86)\PenWes
C:\Program Files (x86)\MyPC Backup
C:\Program Files (x86)\Tor
C:\Users\Véronique\AppData\Roaming\~gtypvnx.exe
C:\Users\Véronique\AppData\Roaming\~ifclqpj.exe
C:\Users\Véronique\AppData\Roaming\GooToolBar
Task: {3A6DF6E8-783B-4E44-A5E8-C94B1D13F676} - System32\Tasks\ASC7_SkipUac_Véronique => C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe [2014-05-23] (IObit)
Task: {4CFF79D9-0CC6-4D08-9A4F-E59072513925} - System32\Tasks\PenWes => C:\Program Files (x86)\PenWes\penwes.exe
Task: {76976753-734E-4280-930E-108138819EF1} - System32\Tasks\TaskUserUpdate_wp => C:\Users\Véronique\AppData\Roaming\~gtypvnx.exe
Task: {8F6E60C8-A5BD-4A8F-B91F-23E2130E8781} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe
Task: {AA6D6CFA-61AF-4C7F-BCDB-AD00F54BE39D} - System32\Tasks\WIN-GGfIfEGCfEGbGffIfCfEGC => C:\Users\Véronique\AppData\Roaming\~ifclqpj.exe
AlternateDataStreams: C:\ProgramData\Temp:373E1720
AlternateDataStreams: C:\ProgramData\Temp:6FE816BE
AlternateDataStreams: C:\ProgramData\Temp:B26E984E
Reg: reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v Shell /t REG_SZ /d explorer.exe /f
Hosts:
EmptyTemp:
end
*****************
Processes closed successfully.
"C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll" => Value Data not found.
"C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll" => Value Data not found.
"C:\Windows\system32\GroupPolicy\Machine" => File/Directory not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => Value not found.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\URLSearchHooks\\ => Value not found.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\URLSearchHooks\\{3B81079D-2AC9-425f-A494-A1C7D93AFA3C} => Value not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}" => Key not found.
"HKCR\Wow6432Node\CLSID\{0055C089-8582-441B-A0BF-17B458C2A3A8}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1F364306-AA45-47B5-9F9D-39A8B94E7EF1}" => Key not found.
"HKCR\Wow6432Node\CLSID\{1F364306-AA45-47B5-9F9D-39A8B94E7EF1}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}" => Key not found.
"HKCR\Wow6432Node\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}" => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{EFEED92A-A33D-4873-BA8F-32BAA631E54D} => Value not found.
"HKCR\CLSID\{EFEED92A-A33D-4873-BA8F-32BAA631E54D}" => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{DE9C389F-3316-41A7-809B-AA305ED9D922} => Value not found.
"HKCR\Wow6432Node\CLSID\{DE9C389F-3316-41A7-809B-AA305ED9D922}" => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{EFEED92A-A33D-4873-BA8F-32BAA631E54D} => Value not found.
"HKCR\Wow6432Node\CLSID\{EFEED92A-A33D-4873-BA8F-32BAA631E54D}" => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{3B81079D-2AC9-425f-A494-A1C7D93AFA3C} => Value not found.
"HKCR\Wow6432Node\CLSID\{3B81079D-2AC9-425f-A494-A1C7D93AFA3C}" => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{DE9C389F-3316-41A7-809B-AA305ED9D922} => Value not found.
"HKCR\CLSID\{DE9C389F-3316-41A7-809B-AA305ED9D922}" => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EFEED92A-A33D-4873-BA8F-32BAA631E54D} => Value not found.
"HKCR\CLSID\{EFEED92A-A33D-4873-BA8F-32BAA631E54D}" => Key not found.
"HKCR\Wow6432Node\PROTOCOLS\Handler\bubbledock" => Key not found.
"HKCR\Wow6432Node\CLSID\{3050F3DA-98B5-11CF-BB82-00AA00BDCE0B}" => Key not found.
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{57791F99-25AC-40AA-A238-02CC970CD339}\\NameServer => Value not found.
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{68FA0B06-2BB5-4AE8-A852-2162B295BA20}\\NameServer => Value not found.
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{86F6A176-C8B4-414C-B0BB-D24137A85C87}\\NameServer => Value not found.
C:\Users\Véronique\AppData\Roaming\Mozilla\Firefox\Profiles\gz59g32w.default\Extensions\
ascsurfingprotection@iobit.com not found.
HKCU\Software\Mozilla\Firefox\Extensions\\
goobar@gootoolbar.com => Value not found.
C:\Users\Véronique\AppData\Roaming\GooToolBar\GooToolBar Installer\1.0.0.0 not found.
HKCU\Software\Mozilla\Firefox\Extensions\\{39207FA9-632F-58D1-AE46-2F7C370FBF59} => Value not found.
C:\Program Files (x86)\IObit Apps Toolbar\FF not found.
Chrome HomePage not detected.
Chrome StartupUrls not detected.
Chrome DefaultSearchKeyword deleted successfully.
Chrome DefaultSearchURL deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\kpipfkmkpknchlpbaghhhlfpjpidfaif" => Key not found.
"C:\ProgramData\Download and Sa\kpipfkmkpknchlpbaghhhlfpjpidfaif.crx" => File/Directory not found.
AdvancedSystemCareService7 => Service not found.
tor => Service not found.
"C:\Program Files (x86)\di8BlockAndSurf" => File/Directory not found.
"C:\PROGRA~2\SearchProtect" => File/Directory not found.
"C:\Program Files (x86)\Babylon" => File/Directory not found.
"C:\Program Files (x86)\IObit" => File/Directory not found.
"C:\Program Files (x86)\PenWes" => File/Directory not found.
"C:\Program Files (x86)\MyPC Backup" => File/Directory not found.
"C:\Program Files (x86)\Tor" => File/Directory not found.
"C:\Users\Véronique\AppData\Roaming\~gtypvnx.exe" => File/Directory not found.
"C:\Users\Véronique\AppData\Roaming\~ifclqpj.exe" => File/Directory not found.
"C:\Users\Véronique\AppData\Roaming\GooToolBar" => File/Directory not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3A6DF6E8-783B-4E44-A5E8-C94B1D13F676}" => Key not found.
C:\Windows\System32\Tasks\ASC7_SkipUac_Véronique not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASC7_SkipUac_Véronique" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4CFF79D9-0CC6-4D08-9A4F-E59072513925}" => Key not found.
C:\Windows\System32\Tasks\PenWes not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PenWes" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{76976753-734E-4280-930E-108138819EF1}" => Key not found.
C:\Windows\System32\Tasks\TaskUserUpdate_wp not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\TaskUserUpdate_wp" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8F6E60C8-A5BD-4A8F-B91F-23E2130E8781}" => Key not found.
C:\Windows\System32\Tasks\LaunchSignup not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\LaunchSignup" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AA6D6CFA-61AF-4C7F-BCDB-AD00F54BE39D}" => Key not found.
C:\Windows\System32\Tasks\WIN-GGfIfEGCfEGbGffIfCfEGC not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WIN-GGfIfEGCfEGbGffIfCfEGC" => Key not found.
"C:\ProgramData\Temp" => ":373E1720" ADS not found.
"C:\ProgramData\Temp" => ":6FE816BE" ADS not found.
"C:\ProgramData\Temp" => ":B26E984E" ADS not found.
========= reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v Shell /t REG_SZ /d explorer.exe /f =========
L'op‚ration a r‚ussi.
========= End of Reg: =========
"C:\Windows\System32\Drivers\etc\hosts" => Could not move.
Could not reset Hosts.
EmptyTemp: => Removed 14.3 MB temporary data.
The system needed a reboot.
==== End of Fixlog ====