PC infesté: Legacy_ABP470N5, Service_abp470n5
jamalroumane
-
juju666 Messages postés 35446 Date d'inscription Statut Contributeur sécurité Dernière intervention -
juju666 Messages postés 35446 Date d'inscription Statut Contributeur sécurité Dernière intervention -
Bonjour,
Logfile of random's system information tool 1.10 (written by random/random)
Run by Client at 2014-06-25 11:47:45
WIN_XP Service Pack 3
System drive C: has 45 GB (75%) free of 60 GB
Total RAM: 1982 MB (67% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:48:42, on 25/06/2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe
C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesApp32.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Client\Mes documents\Downloads\Programs\RSIT.exe
C:\Program Files\trend micro\Client.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKUS\S-1-5-21-823518204-1454471165-839522115-1003\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Télécharger avec Internet Download Manager - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Télécharger tous les liens avec Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetAll.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{64D33C18-F3CF-430F-87ED-60677A29B797}: NameServer = 216.146.35.35,216.146.36.36
O17 - HKLM\System\CCS\Services\Tcpip\..\{A75E0683-2944-4068-8327-744BA02A074D}: NameServer = 8.8.8.8 8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\..\{EDB82E9F-1070-4352-A965-65F82CBCE708}: NameServer = 216.146.35.35,216.146.36.36
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Telnet (TlntSvr) - Unknown owner - C:\WINDOWS\system32\tlntsvr.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe
--
End of file - 5865 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\avast! Emergency Update.job - C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
C:\WINDOWS\tasks\Notification de fin de service de Microsoft Windows XP - à la connexion.job - C:\WINDOWS\system32\xp_eos.exe -c
C:\WINDOWS\tasks\Notification de fin de service de Microsoft Windows XP -mensuellement.job - C:\WINDOWS\system32\xp_eos.exe
C:\WINDOWS\tasks\User_Feed_Synchronization-{30786781-C237-4283-B252-79BA605A21E6}.job - C:\WINDOWS\system32\msfeedssync.exe sync
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\Client\Application Data\Mozilla\Firefox\Profiles\t3i2mr5p.default
prefs.js - "browser.search.suggest.enabled" - false
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "www.google.fr"
prefs.js - "keyword.URL" - "http://www.google.com/search?ie=UTF-8&btnI=&q="
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"***@***"=C:\Program Files\AVAST Software\Avast\WebRep\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 9
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69]
"Description"=6.0.12.69
"Path"=C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=
C:\Program Files\Mozilla Firefox\components\
nppl3260.xpt
nsJSRealPlayerPlugin.xpt
C:\Program Files\Mozilla Firefox\plugins\
NPOFF12.DLL
nppl3260.dll
nprpjplug.dll
C:\Documents and Settings\Client\Application Data\Mozilla\Firefox\Profiles\t3i2mr5p.default\extensions\
temp
C:\Documents and Settings\Client\Application Data\Mozilla\Firefox\Profiles\t3i2mr5p.default\searchplugins\
binsearch.xml
exalead.xml
live-search.xml
nowtorrents.xml
opensubtitlesorg.xml
vidos-dailymotion.xml
wikipedia-english.xml
youtube---videos.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDM integration (IDMIEHlprObj Class) - C:\Program Files\Internet Download Manager\IDMIECC.dll [2014-02-03 401944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll [2008-03-25 509328]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-06-20 436600]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"IDMan"=C:\Program Files\Internet Download Manager\IDMan.exe [2014-04-09 3907152]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
ALCMTR.EXE []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AvastUI.exe]
C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-06-21 3890208]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDRegion]
C:\Program Files\Cyberlink\Shared Files\brs.exe [2008-05-19 161064]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CNAP2 Launcher]
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\CNAP2LAK.EXE [2011-01-12 406944]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HDAudDeck]
C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe [2011-01-12 29818880]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\WINDOWS\system32\hkcmd.exe [2011-01-12 228120]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IDMan]
C:\Program Files\Internet Download Manager\IDMan.exe [2014-04-09 3907152]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\WINDOWS\system32\igfxtray.exe [2011-01-12 215832]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]
C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-04 208952]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
C:\WINDOWS\system32\dumprep 0 -k []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2011-01-12 222768]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray]
C:\Program Files\OO Software\Defrag\oodtray.exe [2013-10-01 3316016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OrderReminder]
C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe [2006-01-30 172032]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVD8LanguageShortcut]
C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe [2011-01-12 128296]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
C:\WINDOWS\system32\igfxpers.exe [2011-01-12 207640]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl8]
C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe [2008-03-20 156968]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
C:\WINDOWS\RTHDCPL.EXE [2008-10-28 17331200]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\S3Trayp]
C:\WINDOWS\system32\S3trayp.exe [2007-06-11 249856]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]
C:\Program Files\Analog Devices\Core\smax4pnp.exe [2011-01-12 1454080]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTimer]
C:\WINDOWS\system32\VTTimer.exe [2006-09-21 131072]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^DynDNS Updater Tray Icon.lnk]
C:\PROGRA~1\DYNDNS~1\DynTray.exe [2010-04-15 165232]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^O&O Defrag Tray.lnk]
C:\WINDOWS\Installer\{89E55086-6AF5-4C78-BC96-C9EBA300A4F5}\app_icon.ico [2014-06-20 292878]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Client^Menu Démarrer^Programmes^Démarrage^PS.lnk]
C:\PSCRIPT.DLG\PScript.exe [2008-07-07 875008]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"OODefragAgent"=2
"usnjsvc"=3
"ose"=3
"odserv"=3
"NMIndexingService"=3
"idsvc"=3
"DynDNS Updater"=2
"MBAMService"=2
"MBAMScheduler"=2
"TuneUp.UtilitiesSvc"=2
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2007-06-05 204800]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
WgaLogon.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5}
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=1
"DisableRegistryTools"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\CyberLink\PowerDVD8\PowerDVD8.exe"="C:\Program Files\CyberLink\PowerDVD8\PowerDVD8.exe:*:Enabled:CyberLink PowerDVD 8.0"
"C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe"="C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe:*:Enabled:ipsec"
"C:\WINDOWS\system32\igfxtray.exe"="C:\WINDOWS\system32\igfxtray.exe:*:Enabled:ipsec"
"C:\WINDOWS\system32\netsh.exe"="C:\WINDOWS\system32\netsh.exe:*:Enabled:ipsec"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Internet Download Manager\IDMan.exe"="C:\Program Files\Internet Download Manager\IDMan.exe:*:Enabled:ipsec"
"C:\Program Files\OO Software\Defrag\oodtray.exe"="C:\Program Files\OO Software\Defrag\oodtray.exe:*:Enabled:ipsec"
"C:\WINDOWS\system32\wscntfy.exe"="C:\WINDOWS\system32\wscntfy.exe:*:Enabled:ipsec"
"C:\Program Files\CCleaner\CCleaner.exe"="C:\Program Files\CCleaner\CCleaner.exe:*:Enabled:ipsec"
"C:\WINDOWS\system32\xp_eos.exe"="C:\WINDOWS\system32\xp_eos.exe:*:Enabled:ipsec"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:ipsec"
"C:\Program Files\TuneUp Utilities 2014\OneClick.exe"="C:\Program Files\TuneUp Utilities 2014\OneClick.exe:*:Enabled:ipsec"
"C:\Program Files\OO Software\Defrag\OOLiveUpdate.exe"="C:\Program Files\OO Software\Defrag\OOLiveUpdate.exe:*:Enabled:ipsec"
"C:\WINDOWS\system32\VTTimer.exe"="C:\WINDOWS\system32\VTTimer.exe:*:Enabled:ipsec"
"C:\WINDOWS\system32\igfxsrvc.exe"="C:\WINDOWS\system32\igfxsrvc.exe:*:Enabled:ipsec"
"C:\Documents and Settings\Client\Mes documents\Téléchargements\adwcleaner_3.213.exe"="C:\Documents and Settings\Client\Mes documents\Téléchargements\adwcleaner_3.213.exe:*:Enabled:ipsec"
"C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesApp32.exe"="C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesApp32.exe:*:Enabled:ipsec"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Program Files\CyberLink\PowerDVD8\PowerDVD8.exe"="C:\Program Files\CyberLink\PowerDVD8\PowerDVD8.exe:*:Enabled:CyberLink PowerDVD 8.0"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.siren"=sirenacm.dll
"VIDC.MPG4"=mpg4c32.dll
"VIDC.MP42"=mpg4c32.dll
"VIDC.MP43"=mpg4c32.dll
"msacm.voxacm160"=vct3216.acm
"vidc.DIV3"=DIVXc32.dll
"vidc.DIV4"=DIVXc32f.dll
"msacm.divxa32"=DivXa32.acm
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=DivX.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"vidc.DIVX"=DivX.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
======List of files/folders created in the last 1 month======
2014-06-25 11:47:45 ----D---- C:\rsit
2014-06-25 11:47:45 ----D---- C:\Program Files\trend micro
2014-06-25 11:40:29 ----SHD---- C:\RECYCLER
2014-06-25 11:28:37 ----D---- C:\WINDOWS\temp
2014-06-25 11:28:35 ----A---- C:\ComboFix.txt
2014-06-24 01:33:49 ----HDC---- C:\WINDOWS\$NtUninstallKB2868626$
2014-06-24 01:33:45 ----HDC---- C:\WINDOWS\$NtUninstallKB2922229$
2014-06-24 01:33:39 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2014-06-24 01:33:34 ----HDC---- C:\WINDOWS\$NtUninstallKB2387149$
2014-06-24 01:33:28 ----HDC---- C:\WINDOWS\$NtUninstallKB2712808$
2014-06-24 01:33:23 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2014-06-24 01:33:17 ----HDC---- C:\WINDOWS\$NtUninstallKB2479943$
2014-06-24 01:33:14 ----HDC---- C:\WINDOWS\$NtUninstallKB2659262$
2014-06-24 01:33:07 ----HDC---- C:\WINDOWS\$NtUninstallKB2564958$
2014-06-24 01:33:03 ----HDC---- C:\WINDOWS\$NtUninstallKB2916036$
2014-06-24 01:32:57 ----HDC---- C:\WINDOWS\$NtUninstallKB2478971$
2014-06-24 01:32:52 ----HDC---- C:\WINDOWS\$NtUninstallKB2544893-v2$
2014-06-24 01:32:48 ----HDC---- C:\WINDOWS\$NtUninstallKB2834886$
2014-06-24 01:32:43 ----HDC---- C:\WINDOWS\$NtUninstallKB2536276-v2$
2014-06-24 01:32:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2585542$
2014-06-24 01:32:32 ----HDC---- C:\WINDOWS\$NtUninstallKB2631813$
2014-06-24 01:32:28 ----HDC---- C:\WINDOWS\$NtUninstallKB2296011$
2014-06-24 01:32:09 ----HDC---- C:\WINDOWS\$NtUninstallKB2691442$
2014-06-24 01:32:03 ----HDC---- C:\WINDOWS\$NtUninstallKB2115168$
2014-06-24 01:31:55 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2014-06-24 01:31:51 ----HDC---- C:\WINDOWS\$NtUninstallKB2847311$
2014-06-24 01:31:42 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2014-06-24 01:31:37 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2014-06-24 01:31:31 ----HDC---- C:\WINDOWS\$NtUninstallKB2443105$
2014-06-24 01:31:26 ----HDC---- C:\WINDOWS\$NtUninstallKB2655992$
2014-06-24 01:31:21 ----HDC---- C:\WINDOWS\$NtUninstallKB2802968$
2014-06-24 01:31:16 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$
2014-06-24 01:31:09 ----HDC---- C:\WINDOWS\$NtUninstallKB2898715$
2014-06-24 01:31:04 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2014-06-24 01:30:58 ----HDC---- C:\WINDOWS\$NtUninstallKB2598479$
2014-06-24 01:30:54 ----HDC---- C:\WINDOWS\$NtUninstallKB2929961$
2014-06-24 01:30:50 ----HDC---- C:\WINDOWS\$NtUninstallKB2686509$
2014-06-24 01:30:43 ----HDC---- C:\WINDOWS\$NtUninstallKB982132$
2014-06-24 01:30:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2862335$
2014-06-24 01:30:31 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2014-06-24 01:30:26 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2014-06-24 01:30:11 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2014-06-24 01:30:04 ----HDC---- C:\WINDOWS\$NtUninstallKB2507938$
2014-06-24 01:29:59 ----HDC---- C:\WINDOWS\$NtUninstallKB2780091$
2014-06-24 01:29:54 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2014-06-24 01:29:49 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2014-06-24 01:29:42 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2014-06-24 01:29:35 ----HDC---- C:\WINDOWS\$NtUninstallKB2904266$
2014-06-24 01:29:30 ----HDC---- C:\WINDOWS\$NtUninstallKB2347290$
2014-06-24 01:29:25 ----HDC---- C:\WINDOWS\$NtUninstallKB2876217$
2014-06-24 01:29:19 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2014-06-24 01:29:12 ----HDC---- C:\WINDOWS\$NtUninstallKB2483185$
2014-06-24 01:29:06 ----HDC---- C:\WINDOWS\$NtUninstallKB979687$
2014-06-24 01:29:01 ----HDC---- C:\WINDOWS\$NtUninstallKB2930275$
2014-06-24 01:28:57 ----HDC---- C:\WINDOWS\$NtUninstallKB2864063$
2014-06-24 01:28:52 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2014-06-24 01:28:47 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2014-06-24 01:28:41 ----HDC---- C:\WINDOWS\$NtUninstallKB2719985$
2014-06-24 01:28:35 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2014-06-24 01:28:29 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2014-06-24 01:28:25 ----HDC---- C:\WINDOWS\$NtUninstallKB2862152$
2014-06-24 01:28:20 ----HDC---- C:\WINDOWS\$NtUninstallKB2592799$
2014-06-24 01:28:15 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2014-06-24 01:28:08 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2014-06-24 01:28:03 ----HDC---- C:\WINDOWS\$NtUninstallKB2770660$
2014-06-24 01:27:59 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2014-06-24 01:27:28 ----HDC---- C:\WINDOWS\$NtUninstallKB2535512$
2014-06-24 01:27:23 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$
2014-06-24 01:27:18 ----HDC---- C:\WINDOWS\$NtUninstallKB2850869$
2014-06-24 01:27:13 ----HDC---- C:\WINDOWS\$NtUninstallKB2876331$
2014-06-24 01:27:08 ----HDC---- C:\WINDOWS\$NtUninstallKB2859537$
2014-06-24 01:27:02 ----HDC---- C:\WINDOWS\$NtUninstallKB2807986$
2014-06-24 01:26:57 ----HDC---- C:\WINDOWS\$NtUninstallKB2570947$
2014-06-24 01:26:52 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$
2014-06-24 01:26:48 ----HDC---- C:\WINDOWS\$NtUninstallKB2820917$
2014-06-24 01:26:43 ----HDC---- C:\WINDOWS\$NtUninstallKB2603381$
2014-06-24 01:26:38 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2014-06-24 01:26:33 ----HDC---- C:\WINDOWS\$NtUninstallKB2893294$
2014-06-24 01:26:28 ----HDC---- C:\WINDOWS\$NtUninstallKB2757638$
2014-06-24 01:26:17 ----HDC---- C:\WINDOWS\$NtUninstallKB2419632$
2014-06-24 01:26:11 ----HDC---- C:\WINDOWS\$NtUninstallKB2508429$
2014-06-24 01:26:06 ----HDC---- C:\WINDOWS\$NtUninstallKB2653956$
2014-06-24 01:26:01 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2014-06-24 01:25:56 ----HDC---- C:\WINDOWS\$NtUninstallKB2749655$
2014-06-24 01:25:48 ----HDC---- C:\WINDOWS\$NtUninstallKB971029$
2014-06-24 01:25:42 ----HDC---- C:\WINDOWS\$NtUninstallKB2506212$
2014-06-24 01:25:34 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2014-06-24 01:25:26 ----HDC---- C:\WINDOWS\$NtUninstallKB2892075$
2014-06-24 01:25:21 ----HDC---- C:\WINDOWS\$NtUninstallKB2698365$
2014-06-24 01:25:16 ----HDC---- C:\WINDOWS\$NtUninstallKB2619339$
2014-06-24 01:25:11 ----HDC---- C:\WINDOWS\$NtUninstallKB2705219-v2$
2014-06-24 01:25:05 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$
2014-06-24 01:25:01 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2014-06-24 01:24:56 ----HDC---- C:\WINDOWS\$NtUninstallKB2727528$
2014-06-24 01:24:51 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$
2014-06-24 01:24:46 ----HDC---- C:\WINDOWS\$NtUninstallKB981997$
2014-06-24 01:24:40 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2014-06-24 01:24:34 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2014-06-24 01:24:31 ----HDC---- C:\WINDOWS\$NtUninstallKB2862330$
2014-06-24 01:24:20 ----HDC---- C:\WINDOWS\$NtUninstallKB2509553$
2014-06-24 01:24:08 ----HDC---- C:\WINDOWS\$NtUninstallKB2676562$
2014-06-24 01:23:39 ----HDC---- C:\WINDOWS\$NtUninstallKB982665$
2014-06-24 01:23:34 ----HDC---- C:\WINDOWS\$NtUninstallKB2478960$
2014-06-24 01:23:26 ----HDC---- C:\WINDOWS\$NtUninstallKB2393802$
2014-06-24 01:23:21 ----HDC---- C:\WINDOWS\$NtUninstallKB2620712$
2014-06-24 01:23:16 ----HDC---- C:\WINDOWS\$NtUninstallKB2566454$
2014-06-24 01:23:12 ----HDC---- C:\WINDOWS\$NtUninstallKB2914368$
2014-06-24 01:23:07 ----HDC---- C:\WINDOWS\$NtUninstallKB2584146$
2014-06-24 01:23:02 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2014-06-24 01:22:56 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2014-06-24 01:22:52 ----A---- C:\WINDOWS\imsins.BAK
2014-06-24 01:22:49 ----HDC---- C:\WINDOWS\$NtUninstallKB2423089$
2014-06-23 19:58:11 ----A---- C:\WINDOWS\system32\wups2.dll
2014-06-23 19:51:05 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT
2014-06-23 18:28:58 ----D---- C:\Program Files\WinThruster
2014-06-23 12:51:42 ----A---- C:\WINDOWS\ModemLog_HUAWEI WIRELESS MODEM(153.6K).txt
2014-06-23 12:48:23 ----D---- C:\HUAWEI
2014-06-23 12:48:23 ----A---- C:\WINDOWS\system32\drivers\UmpUsbXP.sys
2014-06-23 12:45:00 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2014-06-22 13:54:59 ----ASH---- C:\pagefile.sys
2014-06-22 13:38:12 ----A---- C:\WINDOWS\system32\drivers\revoflt.sys
2014-06-22 13:38:11 ----D---- C:\Program Files\VS Revo Group
2014-06-22 13:20:04 ----D---- C:\WINDOWS\Prefetch
2014-06-22 12:37:48 ----A---- C:\WINDOWS\system32\wshirda.dll
2014-06-22 12:37:48 ----A---- C:\WINDOWS\system32\irmon.dll
2014-06-22 12:37:48 ----A---- C:\WINDOWS\system32\irftp.exe
2014-06-22 12:37:48 ----A---- C:\WINDOWS\system32\drivers\irda.sys
2014-06-22 12:25:50 ----A---- C:\WINDOWS\system32\drivers\rasirda.sys
2014-06-22 12:23:29 ----A---- C:\WINDOWS\system32\spxcoins.dll
2014-06-22 12:23:29 ----A---- C:\WINDOWS\system32\irclass.dll
2014-06-21 19:57:56 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2014-06-21 11:25:47 ----D---- C:\Documents and Settings\Client\Application Data\AVAST Software
2014-06-20 21:57:26 ----A---- C:\WINDOWS\system32\TURegOpt.exe
2014-06-20 21:57:08 ----D---- C:\Documents and Settings\Client\Application Data\TuneUp Software
2014-06-20 21:55:10 ----D---- C:\Program Files\TuneUp Utilities 2014
2014-06-20 21:54:08 ----D---- C:\Documents and Settings\All Users\Application Data\TuneUp Software
2014-06-20 21:53:58 ----SHD---- C:\Documents and Settings\All Users\Application Data\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-06-20 21:53:58 ----HD---- C:\Documents and Settings\All Users\Application Data\Common Files
2014-06-20 21:19:31 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys
2014-06-20 21:19:30 ----A---- C:\WINDOWS\system32\drivers\aswVmm.sys
2014-06-20 21:19:30 ----A---- C:\WINDOWS\system32\drivers\aswsp.sys
2014-06-20 21:19:30 ----A---- C:\WINDOWS\system32\drivers\aswsnx.sys
2014-06-20 21:19:29 ----A---- C:\WINDOWS\system32\drivers\aswRvrt.sys
2014-06-20 21:19:29 ----A---- C:\WINDOWS\system32\drivers\aswMonFlt.sys
2014-06-20 21:19:29 ----A---- C:\WINDOWS\system32\drivers\aswHwid.sys
2014-06-20 21:19:28 ----A---- C:\WINDOWS\system32\drivers\aswrdr.sys
2014-06-20 21:19:25 ----A---- C:\WINDOWS\system32\aswBoot.exe
2014-06-20 21:19:23 ----A---- C:\WINDOWS\avastSS.scr
2014-06-20 21:08:48 ----D---- C:\Program Files\AVAST Software
2014-06-20 20:13:37 ----D---- C:\Documents and Settings\All Users\Application Data\Package Cache
2014-06-20 20:13:34 ----D---- C:\OETemp
2014-06-20 15:21:37 ----D---- C:\Program Files\Mozilla Firefox
2014-06-20 14:43:05 ----D---- C:\WINDOWS\Minidump
2014-06-20 00:49:15 ----D---- C:\WINDOWS\ie8updates
2014-06-20 00:03:30 ----N---- C:\WINDOWS\system32\xp_eos.exe
2014-06-19 23:24:28 ----D---- C:\Program Files\Mozilla Maintenance Service
2014-06-19 23:24:28 ----D---- C:\Documents and Settings\All Users\Application Data\Mozilla
2014-06-19 23:20:42 ----D---- C:\Documents and Settings\All Users\Application Data\AVAST Software
2014-06-19 23:10:12 ----N---- C:\WINDOWS\system32\iacenc.dll
2014-06-19 21:47:23 ----D---- C:\Documents and Settings\Client\Application Data\Malwarebytes
2014-06-19 21:47:16 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2014-06-19 21:36:47 ----HD---- C:\WINDOWS\system32\GroupPolicy
2014-06-19 21:09:54 ----HDC---- C:\WINDOWS\ie8
2014-06-19 21:09:08 ----D---- C:\AdwCleaner
2014-06-19 21:03:50 ----D---- C:\Documents and Settings\Client\Application Data\IDM
2014-06-19 21:03:47 ----D---- C:\Program Files\Internet Download Manager
2014-06-19 21:00:26 ----A---- C:\WINDOWS\system32\MRT.exe
2014-06-19 20:50:25 ----D---- C:\8d2b2d0f0cbb2b69815a12d55aa6
2014-06-19 20:46:02 ----D---- C:\Documents and Settings\Client\Application Data\Skype
======List of files/folders modified in the last 1 month======
2014-06-25 11:47:45 ----RD---- C:\Program Files
2014-06-25 11:28:37 ----D---- C:\WINDOWS\system32\drivers
2014-06-25 11:28:37 ----D---- C:\WINDOWS
2014-06-25 11:28:37 ----D---- C:\Qoobox
2014-06-25 11:27:09 ----D---- C:\WINDOWS\system32\CatRoot2
2014-06-25 11:24:57 ----D---- C:\Documents and Settings\Client\Application Data\DMCache
2014-06-25 11:24:56 ----A---- C:\WINDOWS\system.ini
2014-06-25 11:24:36 ----D---- C:\WINDOWS\system32\drivers\etc
2014-06-25 11:23:02 ----D---- C:\WINDOWS\system32\config
2014-06-25 11:22:55 ----D---- C:\WINDOWS\erdnt
2014-06-25 11:21:06 ----D---- C:\WINDOWS\system32
2014-06-25 11:21:06 ----D---- C:\WINDOWS\AppPatch
2014-06-25 11:21:02 ----D---- C:\Program Files\Fichiers communs
2014-06-25 11:18:30 ----A---- C:\WINDOWS\SchedLgU.Txt
2014-06-25 11:06:06 ----HD---- C:\WINDOWS\inf
2014-06-24 08:23:26 ----RSHDC---- C:\WINDOWS\system32\dllcache
2014-06-24 01:33:10 ----D---- C:\WINDOWS\system32\CatRoot
2014-06-24 01:25:08 ----D---- C:\Program Files\Outlook Express
2014-06-24 01:24:48 ----D---- C:\Program Files\Movie Maker
2014-06-23 20:25:39 ----ASH---- C:\boot.ini
2014-06-23 20:25:26 ----A---- C:\WINDOWS\win.ini
2014-06-23 19:58:15 ----D---- C:\WINDOWS\SoftwareDistribution
2014-06-23 19:57:09 ----SD---- C:\WINDOWS\Downloaded Program Files
2014-06-23 19:57:05 ----SD---- C:\WINDOWS\Tasks
2014-06-23 18:04:00 ----SHD---- C:\WINDOWS\Installer
2014-06-23 15:42:21 ----D---- C:\WINDOWS\Help
2014-06-23 15:42:21 ----D---- C:\Program Files\Internet Explorer
2014-06-23 15:39:44 ----D---- C:\WINDOWS\system32\en-us
2014-06-23 12:48:23 ----HD---- C:\Program Files\InstallShield Installation Information
2014-06-23 12:48:18 ----D---- C:\Program Files\Fichiers communs\InstallShield
2014-06-23 12:43:34 ----D---- C:\WINDOWS\Debug
2014-06-22 14:20:10 ----D---- C:\WINDOWS\l2schemas
2014-06-22 14:20:09 ----D---- C:\WINDOWS\system32\usmt
2014-06-22 14:19:45 ----D---- C:\WINDOWS\system32\Setup
2014-06-22 14:19:45 ----D---- C:\WINDOWS\ehome
2014-06-22 14:19:44 ----D---- C:\WINDOWS\ime
2014-06-22 14:19:43 ----D---- C:\WINDOWS\network diagnostic
2014-06-22 14:19:43 ----D---- C:\WINDOWS\Media
2014-06-22 14:19:39 ----D---- C:\WINDOWS\system32\fr-fr
2014-06-22 14:19:38 ----D---- C:\WINDOWS\system32\wbem
2014-06-22 14:19:22 ----D---- C:\WINDOWS\PeerNet
2014-06-22 14:19:02 ----D---- C:\WINDOWS\system32\npp
2014-06-22 14:18:50 ----D---- C:\WINDOWS\msagent
2014-06-22 14:18:45 ----D---- C:\WINDOWS\system32\fr
2014-06-22 14:15:50 ----D---- C:\WINDOWS\system32\1036
2014-06-22 13:57:05 ----D---- C:\WINDOWS\twain_32
2014-06-22 13:56:52 ----D---- C:\WINDOWS\system32\icsxml
2014-06-22 13:56:29 ----D---- C:\WINDOWS\system32\ias
2014-06-22 13:56:25 ----D---- C:\WINDOWS\system32\1033
2014-06-22 13:54:59 ----D---- C:\WINDOWS\Driver Cache
2014-06-22 13:22:00 ----SHD---- C:\System Volume Information
2014-06-22 13:22:00 ----D---- C:\WINDOWS\system32\Restore
2014-06-22 12:42:11 ----D---- C:\WINDOWS\security
2014-06-22 12:40:46 ----AC---- C:\WINDOWS\ODBCINST.INI
2014-06-22 12:40:35 ----ASHC---- C:\WINDOWS\fonts\desktop.ini
2014-06-22 12:40:01 ----RD---- C:\WINDOWS\Web
2014-06-22 12:39:54 ----RAHC---- C:\WINDOWS\system32\cdplayer.exe.manifest
2014-06-22 12:39:25 ----D---- C:\Program Files\Windows Media Player
2014-06-22 12:39:24 ----D---- C:\Program Files\NetMeeting
2014-06-22 12:39:23 ----D---- C:\Program Files\Fichiers communs\Services
2014-06-22 12:38:55 ----D---- C:\WINDOWS\system32\oobe
2014-06-22 12:38:42 ----D---- C:\Program Files\Fichiers communs\System
2014-06-22 12:27:05 ----D---- C:\WINDOWS\system32\ReinstallBackups
2014-06-22 12:24:07 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
2014-06-22 12:24:00 ----RSD---- C:\WINDOWS\Fonts
2014-06-22 12:23:29 ----D---- C:\WINDOWS\system
2014-06-22 12:23:16 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
2014-06-22 12:22:32 ----D---- C:\WINDOWS\WinSxS
2014-06-21 00:01:06 ----D---- C:\DLG_TEMP.$$$
2014-06-20 13:43:07 ----D---- C:\Documents and Settings
2014-06-20 12:54:02 ----RSD---- C:\WINDOWS\assembly
2014-06-20 12:49:13 ----D---- C:\WINDOWS\Microsoft.NET
2014-06-20 11:57:04 ----HD---- C:\WINDOWS\$hf_mig$
2014-06-20 00:50:07 ----D---- C:\WINDOWS\system32\XPSViewer
2014-06-19 23:26:12 ----D---- C:\Documents and Settings\Client\Application Data\Mozilla
2014-06-19 23:25:15 ----D---- C:\WINDOWS\Logs
2014-06-19 23:24:50 ----D---- C:\Program Files\CCleaner
2014-06-19 23:01:21 ----D---- C:\WINDOWS\Registration
2014-06-09 20:07:40 ----D---- C:\PCCOMPTA
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2014-06-20 49944]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2014-06-20 180632]
R0 uagp35;Filtre AGP version 3.5 Microsoft; C:\WINDOWS\system32\DRIVERS\uagp35.sys [2008-04-13 44672]
R0 videX32;videX32; C:\WINDOWS\system32\DRIVERS\videX32.sys [2007-11-20 9216]
R0 xfilt;VIA SATA IDE Hot-plug Driver; C:\WINDOWS\system32\DRIVERS\xfilt.sys [2007-11-20 17920]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2014-06-21 777488]
R1 BIOS;BIOS; \??\C:\WINDOWS\system32\drivers\BIOS.sys []
R1 IDMTDI;IDMTDI; C:\WINDOWS\system32\DRIVERS\idmtdi.sys [2013-11-28 121184]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2008-04-14 12032]
R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}; \??\C:\Program Files\CyberLink\PowerDVD8\000.fcl []
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2014-06-20 24184]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2014-06-20 67824]
R2 irda;Protocole IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
R3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
R3 FET5X86V;VIA Rhine-Family Fast-Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2011-04-01 48128]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-10-31 4942336]
R3 Rasirda;Miniport réseau étendu (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2002-09-07 5888]
R3 S3GIGP;S3GIGP; C:\WINDOWS\system32\DRIVERS\S3gIGPm.sys [2007-07-11 714240]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesDriver32.sys []
R3 umpusbxp;UMP Serial Port Driver; C:\WINDOWS\system32\DRIVERS\umpusbxp.sys [2004-07-20 75584]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
S3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2008-06-19 382976]
S3 dsdodyez;dsdodyez; C:\WINDOWS\system32\drivers\dsdodyez.sys []
S3 FETNDIS;Pilote NT de carte VIA PCI 10/100Mo Fast Ethernet; C:\WINDOWS\system32\DRIVERS\fetnd5.sys []
S3 FXDrv32;FXDrv32; \??\F:\FXDrv32.sys []
S3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2009-04-14 102400]
S3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2007-06-05 5761728]
S3 irsir;Pilote série infrarouge Microsoft; C:\WINDOWS\system32\DRIVERS\irsir.sys []
S3 k57w2k;Broadcom NetLink (TM) Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\k57xp32.sys []
S3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys []
S3 mbr;mbr; \??\C:\DOCUME~1\Client\LOCALS~1\Temp\mbr.sys []
S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2002-09-07 12288]
S3 pdbnsyxq;pdbnsyxq; C:\WINDOWS\system32\drivers\pdbnsyxq.sys []
S3 Revoflt;Revoflt; C:\WINDOWS\system32\DRIVERS\revoflt.sys [2009-12-30 27064]
S3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2007-08-07 98944]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\WINDOWS\system32\drivers\viahduaa.sys [2008-01-02 215936]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys []
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Irmon;Moniteur infrarouge; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe [2013-08-30 1740600]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 DynDNS Updater;DynDNS Updater; C:\Program Files\DynDNS Updater\DynUpSvc.exe [2010-04-16 177528]
S4 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S4 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 483912]
S4 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 779336]
S4 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-06-20 184944]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe [2011-01-12 357672]
S4 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 506672]
S4 OODefragAgent;O&O Defrag; C:\Program Files\OO Software\Defrag\oodag.exe [2013-10-01 1442608]
S4 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 218912]
S4 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2011-01-12 163864]
-----------------EOF-----------------
Je m'excuse de ne pas avoir dit merci. merci mille fois d'avance!
Logfile of random's system information tool 1.10 (written by random/random)
Run by Client at 2014-06-25 11:47:45
WIN_XP Service Pack 3
System drive C: has 45 GB (75%) free of 60 GB
Total RAM: 1982 MB (67% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:48:42, on 25/06/2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe
C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesApp32.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Client\Mes documents\Downloads\Programs\RSIT.exe
C:\Program Files\trend micro\Client.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKUS\S-1-5-21-823518204-1454471165-839522115-1003\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Télécharger avec Internet Download Manager - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Télécharger tous les liens avec Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetAll.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{64D33C18-F3CF-430F-87ED-60677A29B797}: NameServer = 216.146.35.35,216.146.36.36
O17 - HKLM\System\CCS\Services\Tcpip\..\{A75E0683-2944-4068-8327-744BA02A074D}: NameServer = 8.8.8.8 8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\..\{EDB82E9F-1070-4352-A965-65F82CBCE708}: NameServer = 216.146.35.35,216.146.36.36
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Telnet (TlntSvr) - Unknown owner - C:\WINDOWS\system32\tlntsvr.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe
--
End of file - 5865 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\avast! Emergency Update.job - C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
C:\WINDOWS\tasks\Notification de fin de service de Microsoft Windows XP - à la connexion.job - C:\WINDOWS\system32\xp_eos.exe -c
C:\WINDOWS\tasks\Notification de fin de service de Microsoft Windows XP -mensuellement.job - C:\WINDOWS\system32\xp_eos.exe
C:\WINDOWS\tasks\User_Feed_Synchronization-{30786781-C237-4283-B252-79BA605A21E6}.job - C:\WINDOWS\system32\msfeedssync.exe sync
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\Client\Application Data\Mozilla\Firefox\Profiles\t3i2mr5p.default
prefs.js - "browser.search.suggest.enabled" - false
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "www.google.fr"
prefs.js - "keyword.URL" - "http://www.google.com/search?ie=UTF-8&btnI=&q="
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"***@***"=C:\Program Files\AVAST Software\Avast\WebRep\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 9
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69]
"Description"=6.0.12.69
"Path"=C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=
C:\Program Files\Mozilla Firefox\components\
nppl3260.xpt
nsJSRealPlayerPlugin.xpt
C:\Program Files\Mozilla Firefox\plugins\
NPOFF12.DLL
nppl3260.dll
nprpjplug.dll
C:\Documents and Settings\Client\Application Data\Mozilla\Firefox\Profiles\t3i2mr5p.default\extensions\
temp
C:\Documents and Settings\Client\Application Data\Mozilla\Firefox\Profiles\t3i2mr5p.default\searchplugins\
binsearch.xml
exalead.xml
live-search.xml
nowtorrents.xml
opensubtitlesorg.xml
vidos-dailymotion.xml
wikipedia-english.xml
youtube---videos.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDM integration (IDMIEHlprObj Class) - C:\Program Files\Internet Download Manager\IDMIECC.dll [2014-02-03 401944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll [2008-03-25 509328]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-06-20 436600]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"IDMan"=C:\Program Files\Internet Download Manager\IDMan.exe [2014-04-09 3907152]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
ALCMTR.EXE []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AvastUI.exe]
C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-06-21 3890208]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDRegion]
C:\Program Files\Cyberlink\Shared Files\brs.exe [2008-05-19 161064]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CNAP2 Launcher]
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\CNAP2LAK.EXE [2011-01-12 406944]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HDAudDeck]
C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe [2011-01-12 29818880]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\WINDOWS\system32\hkcmd.exe [2011-01-12 228120]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IDMan]
C:\Program Files\Internet Download Manager\IDMan.exe [2014-04-09 3907152]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\WINDOWS\system32\igfxtray.exe [2011-01-12 215832]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]
C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-04 208952]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
C:\WINDOWS\system32\dumprep 0 -k []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2011-01-12 222768]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray]
C:\Program Files\OO Software\Defrag\oodtray.exe [2013-10-01 3316016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OrderReminder]
C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe [2006-01-30 172032]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVD8LanguageShortcut]
C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe [2011-01-12 128296]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
C:\WINDOWS\system32\igfxpers.exe [2011-01-12 207640]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl8]
C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe [2008-03-20 156968]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
C:\WINDOWS\RTHDCPL.EXE [2008-10-28 17331200]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\S3Trayp]
C:\WINDOWS\system32\S3trayp.exe [2007-06-11 249856]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]
C:\Program Files\Analog Devices\Core\smax4pnp.exe [2011-01-12 1454080]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTimer]
C:\WINDOWS\system32\VTTimer.exe [2006-09-21 131072]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^DynDNS Updater Tray Icon.lnk]
C:\PROGRA~1\DYNDNS~1\DynTray.exe [2010-04-15 165232]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^O&O Defrag Tray.lnk]
C:\WINDOWS\Installer\{89E55086-6AF5-4C78-BC96-C9EBA300A4F5}\app_icon.ico [2014-06-20 292878]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Client^Menu Démarrer^Programmes^Démarrage^PS.lnk]
C:\PSCRIPT.DLG\PScript.exe [2008-07-07 875008]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"OODefragAgent"=2
"usnjsvc"=3
"ose"=3
"odserv"=3
"NMIndexingService"=3
"idsvc"=3
"DynDNS Updater"=2
"MBAMService"=2
"MBAMScheduler"=2
"TuneUp.UtilitiesSvc"=2
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2007-06-05 204800]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
WgaLogon.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5}
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=1
"DisableRegistryTools"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\CyberLink\PowerDVD8\PowerDVD8.exe"="C:\Program Files\CyberLink\PowerDVD8\PowerDVD8.exe:*:Enabled:CyberLink PowerDVD 8.0"
"C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe"="C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe:*:Enabled:ipsec"
"C:\WINDOWS\system32\igfxtray.exe"="C:\WINDOWS\system32\igfxtray.exe:*:Enabled:ipsec"
"C:\WINDOWS\system32\netsh.exe"="C:\WINDOWS\system32\netsh.exe:*:Enabled:ipsec"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Internet Download Manager\IDMan.exe"="C:\Program Files\Internet Download Manager\IDMan.exe:*:Enabled:ipsec"
"C:\Program Files\OO Software\Defrag\oodtray.exe"="C:\Program Files\OO Software\Defrag\oodtray.exe:*:Enabled:ipsec"
"C:\WINDOWS\system32\wscntfy.exe"="C:\WINDOWS\system32\wscntfy.exe:*:Enabled:ipsec"
"C:\Program Files\CCleaner\CCleaner.exe"="C:\Program Files\CCleaner\CCleaner.exe:*:Enabled:ipsec"
"C:\WINDOWS\system32\xp_eos.exe"="C:\WINDOWS\system32\xp_eos.exe:*:Enabled:ipsec"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:ipsec"
"C:\Program Files\TuneUp Utilities 2014\OneClick.exe"="C:\Program Files\TuneUp Utilities 2014\OneClick.exe:*:Enabled:ipsec"
"C:\Program Files\OO Software\Defrag\OOLiveUpdate.exe"="C:\Program Files\OO Software\Defrag\OOLiveUpdate.exe:*:Enabled:ipsec"
"C:\WINDOWS\system32\VTTimer.exe"="C:\WINDOWS\system32\VTTimer.exe:*:Enabled:ipsec"
"C:\WINDOWS\system32\igfxsrvc.exe"="C:\WINDOWS\system32\igfxsrvc.exe:*:Enabled:ipsec"
"C:\Documents and Settings\Client\Mes documents\Téléchargements\adwcleaner_3.213.exe"="C:\Documents and Settings\Client\Mes documents\Téléchargements\adwcleaner_3.213.exe:*:Enabled:ipsec"
"C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesApp32.exe"="C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesApp32.exe:*:Enabled:ipsec"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Program Files\CyberLink\PowerDVD8\PowerDVD8.exe"="C:\Program Files\CyberLink\PowerDVD8\PowerDVD8.exe:*:Enabled:CyberLink PowerDVD 8.0"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.siren"=sirenacm.dll
"VIDC.MPG4"=mpg4c32.dll
"VIDC.MP42"=mpg4c32.dll
"VIDC.MP43"=mpg4c32.dll
"msacm.voxacm160"=vct3216.acm
"vidc.DIV3"=DIVXc32.dll
"vidc.DIV4"=DIVXc32f.dll
"msacm.divxa32"=DivXa32.acm
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=DivX.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"vidc.DIVX"=DivX.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
======List of files/folders created in the last 1 month======
2014-06-25 11:47:45 ----D---- C:\rsit
2014-06-25 11:47:45 ----D---- C:\Program Files\trend micro
2014-06-25 11:40:29 ----SHD---- C:\RECYCLER
2014-06-25 11:28:37 ----D---- C:\WINDOWS\temp
2014-06-25 11:28:35 ----A---- C:\ComboFix.txt
2014-06-24 01:33:49 ----HDC---- C:\WINDOWS\$NtUninstallKB2868626$
2014-06-24 01:33:45 ----HDC---- C:\WINDOWS\$NtUninstallKB2922229$
2014-06-24 01:33:39 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2014-06-24 01:33:34 ----HDC---- C:\WINDOWS\$NtUninstallKB2387149$
2014-06-24 01:33:28 ----HDC---- C:\WINDOWS\$NtUninstallKB2712808$
2014-06-24 01:33:23 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2014-06-24 01:33:17 ----HDC---- C:\WINDOWS\$NtUninstallKB2479943$
2014-06-24 01:33:14 ----HDC---- C:\WINDOWS\$NtUninstallKB2659262$
2014-06-24 01:33:07 ----HDC---- C:\WINDOWS\$NtUninstallKB2564958$
2014-06-24 01:33:03 ----HDC---- C:\WINDOWS\$NtUninstallKB2916036$
2014-06-24 01:32:57 ----HDC---- C:\WINDOWS\$NtUninstallKB2478971$
2014-06-24 01:32:52 ----HDC---- C:\WINDOWS\$NtUninstallKB2544893-v2$
2014-06-24 01:32:48 ----HDC---- C:\WINDOWS\$NtUninstallKB2834886$
2014-06-24 01:32:43 ----HDC---- C:\WINDOWS\$NtUninstallKB2536276-v2$
2014-06-24 01:32:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2585542$
2014-06-24 01:32:32 ----HDC---- C:\WINDOWS\$NtUninstallKB2631813$
2014-06-24 01:32:28 ----HDC---- C:\WINDOWS\$NtUninstallKB2296011$
2014-06-24 01:32:09 ----HDC---- C:\WINDOWS\$NtUninstallKB2691442$
2014-06-24 01:32:03 ----HDC---- C:\WINDOWS\$NtUninstallKB2115168$
2014-06-24 01:31:55 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2014-06-24 01:31:51 ----HDC---- C:\WINDOWS\$NtUninstallKB2847311$
2014-06-24 01:31:42 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2014-06-24 01:31:37 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2014-06-24 01:31:31 ----HDC---- C:\WINDOWS\$NtUninstallKB2443105$
2014-06-24 01:31:26 ----HDC---- C:\WINDOWS\$NtUninstallKB2655992$
2014-06-24 01:31:21 ----HDC---- C:\WINDOWS\$NtUninstallKB2802968$
2014-06-24 01:31:16 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$
2014-06-24 01:31:09 ----HDC---- C:\WINDOWS\$NtUninstallKB2898715$
2014-06-24 01:31:04 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2014-06-24 01:30:58 ----HDC---- C:\WINDOWS\$NtUninstallKB2598479$
2014-06-24 01:30:54 ----HDC---- C:\WINDOWS\$NtUninstallKB2929961$
2014-06-24 01:30:50 ----HDC---- C:\WINDOWS\$NtUninstallKB2686509$
2014-06-24 01:30:43 ----HDC---- C:\WINDOWS\$NtUninstallKB982132$
2014-06-24 01:30:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2862335$
2014-06-24 01:30:31 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2014-06-24 01:30:26 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2014-06-24 01:30:11 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2014-06-24 01:30:04 ----HDC---- C:\WINDOWS\$NtUninstallKB2507938$
2014-06-24 01:29:59 ----HDC---- C:\WINDOWS\$NtUninstallKB2780091$
2014-06-24 01:29:54 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2014-06-24 01:29:49 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2014-06-24 01:29:42 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2014-06-24 01:29:35 ----HDC---- C:\WINDOWS\$NtUninstallKB2904266$
2014-06-24 01:29:30 ----HDC---- C:\WINDOWS\$NtUninstallKB2347290$
2014-06-24 01:29:25 ----HDC---- C:\WINDOWS\$NtUninstallKB2876217$
2014-06-24 01:29:19 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2014-06-24 01:29:12 ----HDC---- C:\WINDOWS\$NtUninstallKB2483185$
2014-06-24 01:29:06 ----HDC---- C:\WINDOWS\$NtUninstallKB979687$
2014-06-24 01:29:01 ----HDC---- C:\WINDOWS\$NtUninstallKB2930275$
2014-06-24 01:28:57 ----HDC---- C:\WINDOWS\$NtUninstallKB2864063$
2014-06-24 01:28:52 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2014-06-24 01:28:47 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2014-06-24 01:28:41 ----HDC---- C:\WINDOWS\$NtUninstallKB2719985$
2014-06-24 01:28:35 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2014-06-24 01:28:29 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2014-06-24 01:28:25 ----HDC---- C:\WINDOWS\$NtUninstallKB2862152$
2014-06-24 01:28:20 ----HDC---- C:\WINDOWS\$NtUninstallKB2592799$
2014-06-24 01:28:15 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2014-06-24 01:28:08 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2014-06-24 01:28:03 ----HDC---- C:\WINDOWS\$NtUninstallKB2770660$
2014-06-24 01:27:59 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2014-06-24 01:27:28 ----HDC---- C:\WINDOWS\$NtUninstallKB2535512$
2014-06-24 01:27:23 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$
2014-06-24 01:27:18 ----HDC---- C:\WINDOWS\$NtUninstallKB2850869$
2014-06-24 01:27:13 ----HDC---- C:\WINDOWS\$NtUninstallKB2876331$
2014-06-24 01:27:08 ----HDC---- C:\WINDOWS\$NtUninstallKB2859537$
2014-06-24 01:27:02 ----HDC---- C:\WINDOWS\$NtUninstallKB2807986$
2014-06-24 01:26:57 ----HDC---- C:\WINDOWS\$NtUninstallKB2570947$
2014-06-24 01:26:52 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$
2014-06-24 01:26:48 ----HDC---- C:\WINDOWS\$NtUninstallKB2820917$
2014-06-24 01:26:43 ----HDC---- C:\WINDOWS\$NtUninstallKB2603381$
2014-06-24 01:26:38 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2014-06-24 01:26:33 ----HDC---- C:\WINDOWS\$NtUninstallKB2893294$
2014-06-24 01:26:28 ----HDC---- C:\WINDOWS\$NtUninstallKB2757638$
2014-06-24 01:26:17 ----HDC---- C:\WINDOWS\$NtUninstallKB2419632$
2014-06-24 01:26:11 ----HDC---- C:\WINDOWS\$NtUninstallKB2508429$
2014-06-24 01:26:06 ----HDC---- C:\WINDOWS\$NtUninstallKB2653956$
2014-06-24 01:26:01 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2014-06-24 01:25:56 ----HDC---- C:\WINDOWS\$NtUninstallKB2749655$
2014-06-24 01:25:48 ----HDC---- C:\WINDOWS\$NtUninstallKB971029$
2014-06-24 01:25:42 ----HDC---- C:\WINDOWS\$NtUninstallKB2506212$
2014-06-24 01:25:34 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2014-06-24 01:25:26 ----HDC---- C:\WINDOWS\$NtUninstallKB2892075$
2014-06-24 01:25:21 ----HDC---- C:\WINDOWS\$NtUninstallKB2698365$
2014-06-24 01:25:16 ----HDC---- C:\WINDOWS\$NtUninstallKB2619339$
2014-06-24 01:25:11 ----HDC---- C:\WINDOWS\$NtUninstallKB2705219-v2$
2014-06-24 01:25:05 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$
2014-06-24 01:25:01 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2014-06-24 01:24:56 ----HDC---- C:\WINDOWS\$NtUninstallKB2727528$
2014-06-24 01:24:51 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$
2014-06-24 01:24:46 ----HDC---- C:\WINDOWS\$NtUninstallKB981997$
2014-06-24 01:24:40 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2014-06-24 01:24:34 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2014-06-24 01:24:31 ----HDC---- C:\WINDOWS\$NtUninstallKB2862330$
2014-06-24 01:24:20 ----HDC---- C:\WINDOWS\$NtUninstallKB2509553$
2014-06-24 01:24:08 ----HDC---- C:\WINDOWS\$NtUninstallKB2676562$
2014-06-24 01:23:39 ----HDC---- C:\WINDOWS\$NtUninstallKB982665$
2014-06-24 01:23:34 ----HDC---- C:\WINDOWS\$NtUninstallKB2478960$
2014-06-24 01:23:26 ----HDC---- C:\WINDOWS\$NtUninstallKB2393802$
2014-06-24 01:23:21 ----HDC---- C:\WINDOWS\$NtUninstallKB2620712$
2014-06-24 01:23:16 ----HDC---- C:\WINDOWS\$NtUninstallKB2566454$
2014-06-24 01:23:12 ----HDC---- C:\WINDOWS\$NtUninstallKB2914368$
2014-06-24 01:23:07 ----HDC---- C:\WINDOWS\$NtUninstallKB2584146$
2014-06-24 01:23:02 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2014-06-24 01:22:56 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2014-06-24 01:22:52 ----A---- C:\WINDOWS\imsins.BAK
2014-06-24 01:22:49 ----HDC---- C:\WINDOWS\$NtUninstallKB2423089$
2014-06-23 19:58:11 ----A---- C:\WINDOWS\system32\wups2.dll
2014-06-23 19:51:05 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT
2014-06-23 18:28:58 ----D---- C:\Program Files\WinThruster
2014-06-23 12:51:42 ----A---- C:\WINDOWS\ModemLog_HUAWEI WIRELESS MODEM(153.6K).txt
2014-06-23 12:48:23 ----D---- C:\HUAWEI
2014-06-23 12:48:23 ----A---- C:\WINDOWS\system32\drivers\UmpUsbXP.sys
2014-06-23 12:45:00 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2014-06-22 13:54:59 ----ASH---- C:\pagefile.sys
2014-06-22 13:38:12 ----A---- C:\WINDOWS\system32\drivers\revoflt.sys
2014-06-22 13:38:11 ----D---- C:\Program Files\VS Revo Group
2014-06-22 13:20:04 ----D---- C:\WINDOWS\Prefetch
2014-06-22 12:37:48 ----A---- C:\WINDOWS\system32\wshirda.dll
2014-06-22 12:37:48 ----A---- C:\WINDOWS\system32\irmon.dll
2014-06-22 12:37:48 ----A---- C:\WINDOWS\system32\irftp.exe
2014-06-22 12:37:48 ----A---- C:\WINDOWS\system32\drivers\irda.sys
2014-06-22 12:25:50 ----A---- C:\WINDOWS\system32\drivers\rasirda.sys
2014-06-22 12:23:29 ----A---- C:\WINDOWS\system32\spxcoins.dll
2014-06-22 12:23:29 ----A---- C:\WINDOWS\system32\irclass.dll
2014-06-21 19:57:56 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2014-06-21 11:25:47 ----D---- C:\Documents and Settings\Client\Application Data\AVAST Software
2014-06-20 21:57:26 ----A---- C:\WINDOWS\system32\TURegOpt.exe
2014-06-20 21:57:08 ----D---- C:\Documents and Settings\Client\Application Data\TuneUp Software
2014-06-20 21:55:10 ----D---- C:\Program Files\TuneUp Utilities 2014
2014-06-20 21:54:08 ----D---- C:\Documents and Settings\All Users\Application Data\TuneUp Software
2014-06-20 21:53:58 ----SHD---- C:\Documents and Settings\All Users\Application Data\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-06-20 21:53:58 ----HD---- C:\Documents and Settings\All Users\Application Data\Common Files
2014-06-20 21:19:31 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys
2014-06-20 21:19:30 ----A---- C:\WINDOWS\system32\drivers\aswVmm.sys
2014-06-20 21:19:30 ----A---- C:\WINDOWS\system32\drivers\aswsp.sys
2014-06-20 21:19:30 ----A---- C:\WINDOWS\system32\drivers\aswsnx.sys
2014-06-20 21:19:29 ----A---- C:\WINDOWS\system32\drivers\aswRvrt.sys
2014-06-20 21:19:29 ----A---- C:\WINDOWS\system32\drivers\aswMonFlt.sys
2014-06-20 21:19:29 ----A---- C:\WINDOWS\system32\drivers\aswHwid.sys
2014-06-20 21:19:28 ----A---- C:\WINDOWS\system32\drivers\aswrdr.sys
2014-06-20 21:19:25 ----A---- C:\WINDOWS\system32\aswBoot.exe
2014-06-20 21:19:23 ----A---- C:\WINDOWS\avastSS.scr
2014-06-20 21:08:48 ----D---- C:\Program Files\AVAST Software
2014-06-20 20:13:37 ----D---- C:\Documents and Settings\All Users\Application Data\Package Cache
2014-06-20 20:13:34 ----D---- C:\OETemp
2014-06-20 15:21:37 ----D---- C:\Program Files\Mozilla Firefox
2014-06-20 14:43:05 ----D---- C:\WINDOWS\Minidump
2014-06-20 00:49:15 ----D---- C:\WINDOWS\ie8updates
2014-06-20 00:03:30 ----N---- C:\WINDOWS\system32\xp_eos.exe
2014-06-19 23:24:28 ----D---- C:\Program Files\Mozilla Maintenance Service
2014-06-19 23:24:28 ----D---- C:\Documents and Settings\All Users\Application Data\Mozilla
2014-06-19 23:20:42 ----D---- C:\Documents and Settings\All Users\Application Data\AVAST Software
2014-06-19 23:10:12 ----N---- C:\WINDOWS\system32\iacenc.dll
2014-06-19 21:47:23 ----D---- C:\Documents and Settings\Client\Application Data\Malwarebytes
2014-06-19 21:47:16 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2014-06-19 21:36:47 ----HD---- C:\WINDOWS\system32\GroupPolicy
2014-06-19 21:09:54 ----HDC---- C:\WINDOWS\ie8
2014-06-19 21:09:08 ----D---- C:\AdwCleaner
2014-06-19 21:03:50 ----D---- C:\Documents and Settings\Client\Application Data\IDM
2014-06-19 21:03:47 ----D---- C:\Program Files\Internet Download Manager
2014-06-19 21:00:26 ----A---- C:\WINDOWS\system32\MRT.exe
2014-06-19 20:50:25 ----D---- C:\8d2b2d0f0cbb2b69815a12d55aa6
2014-06-19 20:46:02 ----D---- C:\Documents and Settings\Client\Application Data\Skype
======List of files/folders modified in the last 1 month======
2014-06-25 11:47:45 ----RD---- C:\Program Files
2014-06-25 11:28:37 ----D---- C:\WINDOWS\system32\drivers
2014-06-25 11:28:37 ----D---- C:\WINDOWS
2014-06-25 11:28:37 ----D---- C:\Qoobox
2014-06-25 11:27:09 ----D---- C:\WINDOWS\system32\CatRoot2
2014-06-25 11:24:57 ----D---- C:\Documents and Settings\Client\Application Data\DMCache
2014-06-25 11:24:56 ----A---- C:\WINDOWS\system.ini
2014-06-25 11:24:36 ----D---- C:\WINDOWS\system32\drivers\etc
2014-06-25 11:23:02 ----D---- C:\WINDOWS\system32\config
2014-06-25 11:22:55 ----D---- C:\WINDOWS\erdnt
2014-06-25 11:21:06 ----D---- C:\WINDOWS\system32
2014-06-25 11:21:06 ----D---- C:\WINDOWS\AppPatch
2014-06-25 11:21:02 ----D---- C:\Program Files\Fichiers communs
2014-06-25 11:18:30 ----A---- C:\WINDOWS\SchedLgU.Txt
2014-06-25 11:06:06 ----HD---- C:\WINDOWS\inf
2014-06-24 08:23:26 ----RSHDC---- C:\WINDOWS\system32\dllcache
2014-06-24 01:33:10 ----D---- C:\WINDOWS\system32\CatRoot
2014-06-24 01:25:08 ----D---- C:\Program Files\Outlook Express
2014-06-24 01:24:48 ----D---- C:\Program Files\Movie Maker
2014-06-23 20:25:39 ----ASH---- C:\boot.ini
2014-06-23 20:25:26 ----A---- C:\WINDOWS\win.ini
2014-06-23 19:58:15 ----D---- C:\WINDOWS\SoftwareDistribution
2014-06-23 19:57:09 ----SD---- C:\WINDOWS\Downloaded Program Files
2014-06-23 19:57:05 ----SD---- C:\WINDOWS\Tasks
2014-06-23 18:04:00 ----SHD---- C:\WINDOWS\Installer
2014-06-23 15:42:21 ----D---- C:\WINDOWS\Help
2014-06-23 15:42:21 ----D---- C:\Program Files\Internet Explorer
2014-06-23 15:39:44 ----D---- C:\WINDOWS\system32\en-us
2014-06-23 12:48:23 ----HD---- C:\Program Files\InstallShield Installation Information
2014-06-23 12:48:18 ----D---- C:\Program Files\Fichiers communs\InstallShield
2014-06-23 12:43:34 ----D---- C:\WINDOWS\Debug
2014-06-22 14:20:10 ----D---- C:\WINDOWS\l2schemas
2014-06-22 14:20:09 ----D---- C:\WINDOWS\system32\usmt
2014-06-22 14:19:45 ----D---- C:\WINDOWS\system32\Setup
2014-06-22 14:19:45 ----D---- C:\WINDOWS\ehome
2014-06-22 14:19:44 ----D---- C:\WINDOWS\ime
2014-06-22 14:19:43 ----D---- C:\WINDOWS\network diagnostic
2014-06-22 14:19:43 ----D---- C:\WINDOWS\Media
2014-06-22 14:19:39 ----D---- C:\WINDOWS\system32\fr-fr
2014-06-22 14:19:38 ----D---- C:\WINDOWS\system32\wbem
2014-06-22 14:19:22 ----D---- C:\WINDOWS\PeerNet
2014-06-22 14:19:02 ----D---- C:\WINDOWS\system32\npp
2014-06-22 14:18:50 ----D---- C:\WINDOWS\msagent
2014-06-22 14:18:45 ----D---- C:\WINDOWS\system32\fr
2014-06-22 14:15:50 ----D---- C:\WINDOWS\system32\1036
2014-06-22 13:57:05 ----D---- C:\WINDOWS\twain_32
2014-06-22 13:56:52 ----D---- C:\WINDOWS\system32\icsxml
2014-06-22 13:56:29 ----D---- C:\WINDOWS\system32\ias
2014-06-22 13:56:25 ----D---- C:\WINDOWS\system32\1033
2014-06-22 13:54:59 ----D---- C:\WINDOWS\Driver Cache
2014-06-22 13:22:00 ----SHD---- C:\System Volume Information
2014-06-22 13:22:00 ----D---- C:\WINDOWS\system32\Restore
2014-06-22 12:42:11 ----D---- C:\WINDOWS\security
2014-06-22 12:40:46 ----AC---- C:\WINDOWS\ODBCINST.INI
2014-06-22 12:40:35 ----ASHC---- C:\WINDOWS\fonts\desktop.ini
2014-06-22 12:40:01 ----RD---- C:\WINDOWS\Web
2014-06-22 12:39:54 ----RAHC---- C:\WINDOWS\system32\cdplayer.exe.manifest
2014-06-22 12:39:25 ----D---- C:\Program Files\Windows Media Player
2014-06-22 12:39:24 ----D---- C:\Program Files\NetMeeting
2014-06-22 12:39:23 ----D---- C:\Program Files\Fichiers communs\Services
2014-06-22 12:38:55 ----D---- C:\WINDOWS\system32\oobe
2014-06-22 12:38:42 ----D---- C:\Program Files\Fichiers communs\System
2014-06-22 12:27:05 ----D---- C:\WINDOWS\system32\ReinstallBackups
2014-06-22 12:24:07 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
2014-06-22 12:24:00 ----RSD---- C:\WINDOWS\Fonts
2014-06-22 12:23:29 ----D---- C:\WINDOWS\system
2014-06-22 12:23:16 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
2014-06-22 12:22:32 ----D---- C:\WINDOWS\WinSxS
2014-06-21 00:01:06 ----D---- C:\DLG_TEMP.$$$
2014-06-20 13:43:07 ----D---- C:\Documents and Settings
2014-06-20 12:54:02 ----RSD---- C:\WINDOWS\assembly
2014-06-20 12:49:13 ----D---- C:\WINDOWS\Microsoft.NET
2014-06-20 11:57:04 ----HD---- C:\WINDOWS\$hf_mig$
2014-06-20 00:50:07 ----D---- C:\WINDOWS\system32\XPSViewer
2014-06-19 23:26:12 ----D---- C:\Documents and Settings\Client\Application Data\Mozilla
2014-06-19 23:25:15 ----D---- C:\WINDOWS\Logs
2014-06-19 23:24:50 ----D---- C:\Program Files\CCleaner
2014-06-19 23:01:21 ----D---- C:\WINDOWS\Registration
2014-06-09 20:07:40 ----D---- C:\PCCOMPTA
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2014-06-20 49944]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2014-06-20 180632]
R0 uagp35;Filtre AGP version 3.5 Microsoft; C:\WINDOWS\system32\DRIVERS\uagp35.sys [2008-04-13 44672]
R0 videX32;videX32; C:\WINDOWS\system32\DRIVERS\videX32.sys [2007-11-20 9216]
R0 xfilt;VIA SATA IDE Hot-plug Driver; C:\WINDOWS\system32\DRIVERS\xfilt.sys [2007-11-20 17920]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2014-06-21 777488]
R1 BIOS;BIOS; \??\C:\WINDOWS\system32\drivers\BIOS.sys []
R1 IDMTDI;IDMTDI; C:\WINDOWS\system32\DRIVERS\idmtdi.sys [2013-11-28 121184]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2008-04-14 12032]
R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}; \??\C:\Program Files\CyberLink\PowerDVD8\000.fcl []
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2014-06-20 24184]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2014-06-20 67824]
R2 irda;Protocole IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
R3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
R3 FET5X86V;VIA Rhine-Family Fast-Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2011-04-01 48128]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-10-31 4942336]
R3 Rasirda;Miniport réseau étendu (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2002-09-07 5888]
R3 S3GIGP;S3GIGP; C:\WINDOWS\system32\DRIVERS\S3gIGPm.sys [2007-07-11 714240]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesDriver32.sys []
R3 umpusbxp;UMP Serial Port Driver; C:\WINDOWS\system32\DRIVERS\umpusbxp.sys [2004-07-20 75584]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
S3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2008-06-19 382976]
S3 dsdodyez;dsdodyez; C:\WINDOWS\system32\drivers\dsdodyez.sys []
S3 FETNDIS;Pilote NT de carte VIA PCI 10/100Mo Fast Ethernet; C:\WINDOWS\system32\DRIVERS\fetnd5.sys []
S3 FXDrv32;FXDrv32; \??\F:\FXDrv32.sys []
S3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2009-04-14 102400]
S3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2007-06-05 5761728]
S3 irsir;Pilote série infrarouge Microsoft; C:\WINDOWS\system32\DRIVERS\irsir.sys []
S3 k57w2k;Broadcom NetLink (TM) Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\k57xp32.sys []
S3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys []
S3 mbr;mbr; \??\C:\DOCUME~1\Client\LOCALS~1\Temp\mbr.sys []
S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2002-09-07 12288]
S3 pdbnsyxq;pdbnsyxq; C:\WINDOWS\system32\drivers\pdbnsyxq.sys []
S3 Revoflt;Revoflt; C:\WINDOWS\system32\DRIVERS\revoflt.sys [2009-12-30 27064]
S3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2007-08-07 98944]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\WINDOWS\system32\drivers\viahduaa.sys [2008-01-02 215936]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys []
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Irmon;Moniteur infrarouge; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe [2013-08-30 1740600]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 DynDNS Updater;DynDNS Updater; C:\Program Files\DynDNS Updater\DynUpSvc.exe [2010-04-16 177528]
S4 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S4 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 483912]
S4 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 779336]
S4 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-06-20 184944]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe [2011-01-12 357672]
S4 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 506672]
S4 OODefragAgent;O&O Defrag; C:\Program Files\OO Software\Defrag\oodag.exe [2013-10-01 1442608]
S4 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 218912]
S4 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2011-01-12 163864]
-----------------EOF-----------------
Je m'excuse de ne pas avoir dit merci. merci mille fois d'avance!
A voir également:
- PC infesté: Legacy_ABP470N5, Service_abp470n5
- Downloader for pc - Télécharger - Téléchargement & Transfert
- Reinitialiser pc - Guide
- Forcer demarrage pc - Guide
- Temperature pc - Guide
- Pc lent - Guide
1 réponse
Salut,
Commence par désinstaller TuneUp, ça sert à rien, ça détruit les PC ce truc :)
▶ Fais un clic droit et "Enregistrer la cible (du lien sous) -> tonprenom.exe -> destination ton bureau (ET PAS AILLEURS) sur le lien suivant : ComboFix
▶ Ferme les fenêtres de tous les programmes en cours.
Désactive provisoirement et seulement le temps de l'utilisation de ComboFix, la protection en temps réel de ton Antivirus et de tes Antispywares, qui peuvent gêner fortement la procédure de recherche et de nettoyage de l'outil.
si tu as XP => double clique
si tu as Vista ou windows 7 => clic droit "executer en tant que...."
sur combofix renommé
Si tu es sur Windows XP, laisse-le installer la console de récupération.
▶ Ne touche à rien durant le scan
ComboFix devrait redémarrer ton PC.
▶ n'oublie pas de réactiver la garde de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet.
▶▶ Reviens sur le forum, et copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message.
▶▶▶ Si, après le redémarrage de votre pc par combofix, vous avez des erreurs "Clé marquée pour suppression" ou des soucis de connexion internet, redémarrez à nouveau votre ordinateur
A+
Commence par désinstaller TuneUp, ça sert à rien, ça détruit les PC ce truc :)
▶ Fais un clic droit et "Enregistrer la cible (du lien sous) -> tonprenom.exe -> destination ton bureau (ET PAS AILLEURS) sur le lien suivant : ComboFix
▶ Ferme les fenêtres de tous les programmes en cours.
Désactive provisoirement et seulement le temps de l'utilisation de ComboFix, la protection en temps réel de ton Antivirus et de tes Antispywares, qui peuvent gêner fortement la procédure de recherche et de nettoyage de l'outil.
si tu as XP => double clique
si tu as Vista ou windows 7 => clic droit "executer en tant que...."
sur combofix renommé
Si tu es sur Windows XP, laisse-le installer la console de récupération.
▶ Ne touche à rien durant le scan
ComboFix devrait redémarrer ton PC.
▶ n'oublie pas de réactiver la garde de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet.
▶▶ Reviens sur le forum, et copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message.
▶▶▶ Si, après le redémarrage de votre pc par combofix, vous avez des erreurs "Clé marquée pour suppression" ou des soucis de connexion internet, redémarrez à nouveau votre ordinateur
A+
heu tu as déjà utilisé combofix aujourd'hui, tu suis une désinfection ailleurs ?
poste moi C:\ComboFix.txt