DasPtct.SYS infection

[dzerpapa]

Hi

I'm new member in this forum, I'm french Canadian... sorry for my poor english!

I found you by searching in google somme help whit a problem like this : "";"Boucle incluse ntkrnlpa.exe ObOpenObjectByPointer -> DasPtct.SYS +0xE82, C:\Windows\system32\drivers\DasPtct.SYS";"Infecté"
This is the detection name by AVG in my computer.

So, I was intersted by your proposed solution and I ask you to help me...

Thank you

Claude View attachment BSOD_Windows7_Vista_v2.64_jcgriff2_.zipView attachment Run System Health Report.zip

 

[Patrick]

Re: hope

Bonjour, bienvenue à Sysnative! Votre anglais est très bien! J'ai commencé à apprendre le français il ya quelques mois, de sorte que je dis bonjour! :grin1:

Anyway, since this is a malware related issue, I've moved your thread to the proper forum. The issue you're dealing with is indeed malware, and is more than likely causing your BSOD's. With this said, we'll definitely want to take care of those first! An expert will be with you soon (likely Corrine) to provide further instructions, etc.

Regards,

Patrick

 

[Corrine]

Hi, dzerpapa. Welcome to Sysnative.

We will do our best to assist you. However, in order to do so, please follow all instructions provided in the sequence given. Do not install/re-install any programs or run any fixes or scanners that you have not been instructed to use. This may cause conflicts with the tools being used in the cleanup process.

If you have questions regarding any of the instructions or problems running any tools, please let us know.

Please provide a copy of the logs in the Malware Removal Posting Instructions topic.

 

[dzerpapa]

Hi, dzerpapa. Welcome to Sysnative.

We will do our best to assist you. However, in order to do so, please follow all instructions provided in the sequence given. Do not install/re-install any programs or run any fixes or scanners that you have not been instructed to use. This may cause conflicts with the tools being used in the cleanup process.

If you have questions regarding any of the instructions or problems running any tools, please let us know.

Please provide a copy of the logs in the Malware Removal Posting Instructions topic.

Wow! I'm... "impressionné"!

Thank you very much... Patrick and Corrine!
I realy have the feeling that you are not only professionnal but also very good people.

So... I'm happy to meat Sysnative.

Now, I try to follow tour instructions...


Claude

 

[dzerpapa]

I'm sorry, I try to copy the requested files in my new post in Security Arena... I can't or I don't know how!

If someone may help me... I should be more happy!

Thank you!

Claude

 

[Corrine]

Hi, Claude.

I am happy to help you. You can copy the requested files here in this "thread".

1. If the logs are no longer open, you should see them on your computer desktop.

• One at a time, double-click the file to open and the log will open in Notepad.
• Click Edit[
• Click Select All
• Click Edit again and select Copy
• Place your mouse cursor in the "Quick Reply" box
• Right-click and select Paste or use the keyboard shortcut Ctrl+V.

2. You will need to follow those steps for each of the three logs:

• checkup.txt
• DDS.txt
• attach.txt

3. Finally, click the Post Quick Reply button at the bottom.

In the event you are still having a problem, please let me know.

 

[dzerpapa]

Results of screen317's Security Check version 0.99.79
Windows Vista Service Pack 2 x86 (UAC is enabled)
Internet Explorer 9
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````
AVG Internet Security 2014
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Java 7 Update 45
Java(TM) 6 Update 3
Java version out of Date!
Adobe Flash Player 12.0.0.43
Adobe Reader 10.1.9 Adobe Reader out of Date!
Mozilla Firefox (26.0)
Mozilla Thunderbird (17.0.8)
Google Chrome 32.0.1700.102
Google Chrome 32.0.1700.76
````````Process Check: objlist.exe by Laurent````````
AVG avgwdsvc.exe
AVG avgrsx.exe
AVG avgnsx.exe
AVG avgemc.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft® Windows Vista™ Édition Intégrale
Boot Device: \Device\HarddiskVolume2
Install Date: 23/01/2009 12:14:29
System Uptime: 01/02/2014 06:53:27 (1 hours ago)
.
Motherboard: TOSHIBA | |
Processor: AMD Turion(tm) 64 X2 Mobile Technology TL-60 | Socket M2/S1G1 | 2000/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 220 GiB total, 36,838 GiB free.
D: is FIXED (NTFS) - 6 GiB total, 5,577 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Carte Microsoft ISATAP
Device ID: ROOT\*ISATAP\0004
Manufacturer: Microsoft
Name: isatap.{11C4FE9A-818C-4A3F-959C-D65C81724832}
PNP Device ID: ROOT\*ISATAP\0004
Service: tunnel
.
==== System Restore Points ===================
.
.
==== Installed Programs ======================
.
Adobe AIR
Adobe Download Assistant
Adobe Flash Player 11 ActiveX
Adobe Flash Player 12 Plugin
Adobe Reader X (10.1.9) - Français
Advanced Wheel Mouse 6.0.0.008
AMD APP SDK Runtime
AMD Catalyst Install Manager
AMD Fuel
AMD VISION Engine Control Center
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Atheros Driver Installation Program
Atheros Wi-Fi Protected Setup Library
AVG 2014
Bonjour
Brother MFL-Pro Suite MFC-J425W
BrowserSafeguard with RocketTab
Canon DIGITAL CAMERA Solution Disk - Guide d'utilisation des logiciels
Canon Guide d'impression personnelle
Canon MOV Decoder
Canon MOV Encoder
Canon MovieEdit Task for ZoomBrowser EX
Canon PowerShot SX130 IS Guide d'utilisation de l'appareil photo
Canon Utilities CameraWindow DC 8
Canon Utilities CameraWindow Launcher
Canon Utilities Movie Uploader for YouTube
Canon Utilities MyCamera
Canon Utilities PhotoStitch
Canon Utilities ZoomBrowser EX
Canon ZoomBrowser EX Memory Card Utility
Catalyst Control Center - Branding
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-utility
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Codeur Windows Media Série 9
Connexion Mobile
Correctif pour Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789)
DVD MovieFactory for TOSHIBA
fGIS - Forestry GIS 1.0
Fichiers de support d'installation de Microsoft SQL Server 2008
FileZilla Client 3.7.0.2
G.D.G. DLL 12.2.6
Garmin Communicator Plugin
GDR 4053 for SQL Server Database Services 2005 ENU (KB970892)
GearDrvs
Google Chrome
Google Update Helper
Google Earth
GPS Manager 13
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946040)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946308)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946344)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947540)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789)
InstallVC90Support
iTunes
Java 7 Update 45
Java Auto Updater
Java(TM) 6 Update 3
Lenovo_Wireless_Driver
LibreOffice 3.6
LogMeIn
MapInfo Professional 7.5
Microsoft .NET Framework 3.5 Language Pack SP1 - fra
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4.5.1
Microsoft .NET Framework 4.5.1 (FRA)
Microsoft .NET Framework 4.5.1 (NOR)
Microsoft Application Error Reporting
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (French) 2007
Microsoft Office File Validation Add-In
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (French) 2007
Microsoft Office PowerPoint MUI (French) 2007
Microsoft Office Proof (Arabic) 2007
Microsoft Office Proof (Dutch) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (German) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (French) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (French) 2007
Microsoft Office Standard 2007
Microsoft Office Word MUI (French) 2007
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
Microsoft Silverlight
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Express Edition (ACT7)
Microsoft SQL Server 2008
Microsoft SQL Server 2008 Browser
Microsoft SQL Server 2008 Common Files
Microsoft SQL Server 2008 Database Engine Services
Microsoft SQL Server 2008 Database Engine Shared
Microsoft SQL Server 2008 Management Studio
Microsoft SQL Server 2008 Native Client
Microsoft SQL Server 2008 Policies
Microsoft SQL Server 2008 RsFx Driver
Microsoft SQL Server Native Client
Microsoft SQL Server Setup Support Files (English)
Microsoft SQL Server VSS Writer
Microsoft SQL Server Compact 3.5 SP1 - Français
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual Studio Tools for Applications 2.0 - ENU
Microsoft Visual Studio Tools for Applications 2.0 Language Pack - FRA
Microsoft XML Parser
Mise à jour Microsoft Office Excel 2007 Help (KB963678)
Mise à jour Microsoft Office Outlook 2007 Help (KB963677)
Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669)
Mise à jour Microsoft Office Word 2007 Help (KB963665)
Mobile Broadband Generic Drivers
Modèles de sons Windows
Module de compatibilité pour Microsoft Office System 2007
Module linguistique Microsoft .NET Framework 3.5 SP1- fra
Mozilla Firefox 26.0 (x86 fr)
Mozilla Maintenance Service
Mozilla Thunderbird 17.0.8 (x86 fr)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP3 Parser
MSXML 4.0 SP3 Parser (KB2758694)
Norton 360
Nuance PaperPort 12
Nuance PDF Viewer Plus
Outils de requête de SQL Server Compact 3.5 SP1 - Français
PaperPort Image Printer
PerformanceTest v8.0
QuickTime
Realtek 8169, 8168, 8101E and 8102E Ethernet Network Card Driver for Windows Vista
Realtek Card Reader
Realtek High Definition Audio Driver
Realtek USB 2.0 Card Reader
Revo Uninstaller 1.95
Réducteur de bruit du lecteur de CD/DVD
Scansoft PDF Professional
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697)
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2817641) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2837615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office Outlook 2007 (KB2825644) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2837617) 32-Bit Edition
Service Pack 3 pour SQL Server 2008 (KB2546951)
Sql Server Customer Experience Improvement Program
Synaptics Pointing Device Driver
TOSHIBA Assist
TOSHIBA ConfigFree
TOSHIBA Disc Creator
TOSHIBA DVD PLAYER
TOSHIBA Extended Tiles for Windows Mobility Center
TOSHIBA Face Recognition
TOSHIBA Hardware Setup
TOSHIBA Recovery Disc Creator
Toshiba Registration
TOSHIBA Software Modem
TOSHIBA Supervisor Password
TOSHIBA Value Added Package
Ultimate Extras sounds from Microsoft® Tinker™
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition
Visual Studio 2012 x86 Redistributables
VLC media player 2.1.1
Windows Live Family Safety
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live Sync
Windows Live Writer
Windows Live Writer Resources
Windows Small Business Server 2008 ClientAgent
Windows Small Business Server 2008 Desktop Links Gadget
Windows Small Business Server 2008 WMI Provider
WinRAR archiver
.
==== End Of File ===========================
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16526 BrowserJavaVersion: 10.45.2
Run by Contrat2 at 7:08:17 on 2014-02-01
Microsoft® Windows Vista™ Édition Intégrale 6.0.6002.2.1252.2.1036.18.2941.977 [GMT -5:00]
.
AV: AVG Internet Security 2014 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG Internet Security 2014 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG Internet Security 2014 *Enabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
.
============== Running Processes ================
.
C:\PROGRA~1\AVG\AVG2014\avgrsx.exe
C:\Program Files\AVG\AVG2014\avgcsrvx.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\WLANExt.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\agrsmsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG2014\avgfws.exe
C:\Program Files\AVG\AVG2014\avgidsagent.exe
C:\Program Files\AVG\AVG2014\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
C:\Program Files\Novatel Wireless\Novacore\Server\NvtlSrvr.exe
C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files\AVG\AVG2014\avgnsx.exe
C:\Program Files\AVG\AVG2014\avgemcx.exe
C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
C:\Windows\system32\TODDSrv.exe
C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Advanced Wheel Mouse\wh_exec.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
C:\Program Files\ltmoh\ltmoh.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\Program Files\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
C:\Program Files\ControlCenter4\BrCcBoot.exe
C:\Program Files\Browny02\Brother\BrStMonW.exe
C:\Program Files\AVG\AVG2014\avgui.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Browny02\BrYNSvc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\AVG\AVG2014\avgcsrvx.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Google\Update\Install\{71460F17-5726-4466-B030-635CDE448D45}\32.0.1700.102_32.0.1700.76_chrome_updater.exe
C:\Windows\TEMP\CR_5F560.tmp\setup.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
uSearch Bar = hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=Tuguu&co=CA&userid=8aa00f75-bc22-84db-0eac-8c33f83d1f22&searchtype=ds&q={searchTerms}&installDate=05/01/2014
uSearch Page = hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=Tuguu&co=CA&userid=8aa00f75-bc22-84db-0eac-8c33f83d1f22&searchtype=ds&q={searchTerms}&installDate=05/01/2014
mStart Page = hxxp://www.shoptoshiba.ca/welcome
mDefault_Page_URL = hxxp://www.shoptoshiba.ca/welcome
uProxyServer = hxxp=127.0.0.1:49171;https=127.0.0.1:49171
uProxyOverride = <-loopback>
uSearchAssistant = hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=Tuguu&co=CA&userid=8aa00f75-bc22-84db-0eac-8c33f83d1f22&searchtype=ds&q={searchTerms}&installDate=05/01/2014
mURLSearchHooks: {d2cf9842-af95-48cd-b873-bfbb48cd7f5e} - <orphaned>
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [ISUSPM] c:\programdata\flexnet\connect\11\ISUSPM.exe -scheduler
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
mRun: [Bell Canada Connection Manager] "c:\program files\bell\mobile connect\BellCanadaCM.exe" -a
mRun: [WheelMouse] c:\advanc~1\wh_exec.exe
mRun: [TPwrMain] c:\program files\toshiba\power saver\TPwrMain.EXE
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [RtHDVCpl] "c:\program files\realtek\audio\hda\RtHDVCpl.exe" -s
mRun: [PDFHook] c:\program files\nuance\pdf viewer plus\pdfpro5hook.exe
mRun: [PDF5 Registry Controller] c:\program files\nuance\pdf viewer plus\RegistryController.exe
mRun: [LtMoh] c:\program files\ltmoh\Ltmoh.exe
mRun: [LogMeIn GUI] "c:\program files\logmein\x86\LogMeInSystray.exe"
mRun: [iSkysoft Helper Compact.exe] c:\program files\common files\iskysoft\iskysoft helper compact\ISHelper.exe
mRun: [HSON] c:\program files\toshiba\tbs\HSON.exe
mRun: [ControlCenter4] c:\program files\controlcenter4\BrCcBoot.exe /autorun
mRun: [BrStsMon00] c:\program files\browny02\brother\BrStMonW.exe /AUTORUN
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [00TCrdMain] c:\program files\toshiba\flashcards\TCrdMain.exe
mRun: [BrowserSafeguard] "c:\program files\browsersafeguard\BrowserSafeguard.exe"
mRun: [AVG_UI] "c:\program files\avg\avg2014\avgui.exe" /TRAYONLY
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
uPolicies-Explorer: NoThumbnailCache = dword:1
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:255
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xporter vers Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: Ouvrir avec PDF Viewer Plus - c:\program files\nuance\pdf viewer plus\bin\PlusIEContextMenu.dll/PlusIEContextMenu.htm
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-001045-0002-0045-ABCDEFFEDCBC} - <orphaned>
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 192.168.2.1
TCP: Interfaces\{5C5E46B4-F3D7-4708-8958-AC44527DACA2} : DHCPNameServer = 206.47.201.246 207.164.79.254
TCP: Interfaces\{E4E7013A-101B-4376-91CD-9BCA3D88CD2A} : DHCPNameServer = 192.168.2.1
STS: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - c:\windows\system32\DreamScene.dll
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
mASetup: {7070D8E0-650A-46b3-B03C-9497582E6A74} - c:\windows\system32\soundschemes.exe /AddRegistration
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\32.0.1700.76\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
mASetup: {B3688A53-AB2A-4b1d-8CEF-8F93D8C51C24} - c:\windows\system32\soundschemes2.exe /AddRegistration
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\contrat2\appdata\roaming\mozilla\firefox\profiles\6nckl4da.default-1390634376769\
FF - prefs.js: browser.startup.homepage - hxxps://snt148.mail.live.com/mail/?n=271082233&fid=1&cid=1337c784-270b-a2b2-204c-0cae78c9cc91|Nicolet, Québec - Vos Prévisions locales - MétéoMédia
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.3.22.3\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_12_0_0_43.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npmproxy.dll
.
---- FIREFOX POLICIES ----
FF - user.js: network.http.max-connections-per-server - 6
FF - user.js: network.http.max-persistent-connections-per-server - 3
FF - user.js: nglayout.initialpaint.delay - 750
FF - user.js: content.notify.interval - 750000
FF - user.js: content.max.tokenizing.time - 2250000
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2013-10-24 147768]
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2013-10-31 222520]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2013-10-1 102712]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2013-9-10 27448]
R1 Avgdiskx;AVG Disk Driver;c:\windows\system32\drivers\avgdiskx.sys [2013-11-5 120600]
R1 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwd6x.sys [2013-9-26 47928]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2013-11-4 209176]
R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2013-9-17 22840]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2013-10-31 176952]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2013-8-1 193848]
R2 avgfws;Pare-feu AVG;c:\program files\avg\avg2014\avgfws.exe [2013-9-24 1358944]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2014\avgidsagent.exe [2013-11-11 3478544]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2014\avgwdsvc.exe [2013-9-24 348008]
R2 ConfigFree Service;ConfigFree Service;c:\program files\toshiba\configfree\CFSvcs.exe [2007-12-25 40960]
R2 FontCache;Service de cache de police Windows;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
R2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\logmein\x86\LMIGuardianSvc.exe [2011-3-1 375120]
R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\logmein\x86\rainfo.sys [2010-9-17 13624]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [2011-5-27 47640]
R2 NvtlService;NovaCore SDK Service;c:\program files\novatel wireless\novacore\server\NvtlSrvr.exe [2009-11-20 82944]
R2 PDFProFiltSrvPP;PDFProFiltSrvPP;c:\program files\nuance\paperport\PDFProFiltSrvPP.exe [2010-3-8 144672]
R2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service;c:\program files\toshiba\smartlogservice\TosIPCSrv.exe [2007-12-3 126976]
R3 amdiox86;AMD IO Driver;c:\windows\system32\drivers\amdiox86.sys [2014-1-7 37944]
R3 BrYNSvc;BrYNSvc;c:\program files\browny02\BrYNSvc.exe [2013-4-22 245760]
R3 FwLnk;FwLnk Driver;c:\windows\system32\drivers\FwLnk.sys [2009-1-23 7168]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RtsUStor.sys [2013-12-12 209112]
R3 whfltr2k;WheelMouse USB Lower Filter Driver;c:\windows\system32\drivers\whfltr2k.sys [2014-1-7 7040]
S1 jswpslwf;JumpStart Wireless Filter Driver;c:\windows\system32\drivers\jswpslwf.sys [2009-1-23 20352]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S3 aswTap;avast! SecureLine TAP Adapter v3;c:\windows\system32\drivers\aswTap.sys [2013-11-20 35272]
S3 CASMSI;SMSI Con App Svc;c:\program files\bell\mobile connect\ConAppsSvc.exe [2010-5-23 124184]
S3 DIRECTIO;DIRECTIO;c:\program files\performancetest\DirectIo32.sys [2014-1-26 22120]
S3 jswpsapi;Jumpstart Wifi Protected Setup;c:\program files\jumpstart\jswpsapi.exe [2009-1-23 937984]
S3 NWRmNet;Novatel Wireless RmNet Network Adapter;c:\windows\system32\drivers\NWRmNet.sys [2009-8-31 118784]
S3 NWUSBPort2;Novatel Wireless USB Status2 Port Driver;c:\windows\system32\drivers\nwusbser2.sys [2009-7-15 174720]
S3 ProfileImpSvc;Native WiFi Profile Importer;c:\program files\bell\mobile connect\ProfileImpSvc.exe [2010-5-23 169240]
S3 SMSIRcAppSvc;SMSI Rc App Svc;c:\program files\bell\mobile connect\RcAppSvc.exe [2010-5-23 120088]
S3 SWDUMon;SWDUMon;c:\windows\system32\drivers\SWDUMon.sys [2014-1-7 13464]
S3 WPFFontCache_v0400;Cache de police de Windows Presentation Foundation 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2013-9-11 770168]
S4 AMD FUEL Service;AMD FUEL Service;c:\program files\ati technologies\ati.ace\fuel\Fuel.Service.exe [2012-7-4 291840]
S4 MSSQL$ACT7;SQL Server (ACT7);c:\program files\microsoft sql server\mssql.1\mssql\binn\sqlservr.exe [2009-5-27 29262680]
S4 MSSQLServerADHelper100;Service SQL Active Directory Helper;c:\program files\microsoft sql server\100\shared\sqladhlp.exe [2011-9-25 47128]
S4 RsFx0105;RsFx0105 Driver;c:\windows\system32\drivers\RsFx0105.sys [2011-9-22 238696]
S4 SQLAgent$SQLEXPRESS;Agent SQL Server (SQLEXPRESS);c:\program files\microsoft sql server\mssql10.sqlexpress\mssql\binn\SQLAGENT.EXE [2011-9-22 370024]
.
=============== Created Last 30 ================
.
2014-01-31 04:59:38 -------- d-----w- c:\users\contrat2\appdata\roaming\ParetoLogic
2014-01-31 04:59:38 -------- d-----w- c:\users\contrat2\appdata\roaming\DriverCure
2014-01-31 04:59:18 -------- d-----w- c:\programdata\ParetoLogic
2014-01-28 06:41:35 2297552 ----a-w- c:\windows\system32\d3dx9_26.dll
2014-01-28 06:33:35 -------- d-----w- c:\windows\system32\directx
2014-01-26 09:47:23 -------- d-sh--w- C:\$RECYCLE.BIN
2014-01-26 09:40:21 -------- d-----w- c:\programdata\TuneUp Software
2014-01-26 09:39:53 -------- d-sh--w- c:\programdata\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-01-26 09:02:47 -------- d-----w- c:\users\contrat2\appdata\local\PassMark
2014-01-26 09:02:39 -------- d-----w- c:\programdata\Passmark
2014-01-26 09:02:33 -------- d-----w- c:\program files\PerformanceTest
2014-01-26 08:24:30 -------- d-----w- c:\program files\Panda Security
2014-01-25 10:37:29 7760024 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{4d855812-5b87-493a-9388-d625b8587e3a}\mpengine.dll
2014-01-25 10:30:51 -------- d-----w- c:\users\contrat2\appdata\roaming\AVG2014
2014-01-25 10:28:33 -------- d-----w- c:\users\contrat2\appdata\roaming\TuneUp Software
2014-01-25 10:27:09 -------- d-----w- c:\programdata\AVG2014
2014-01-25 10:25:09 -------- d-----w- c:\program files\AVG
2014-01-25 10:20:37 -------- d-----w- c:\users\contrat2\appdata\local\MFAData
2014-01-25 10:20:37 -------- d-----w- c:\users\contrat2\appdata\local\Avg2014
2014-01-25 10:20:37 -------- d-----w- c:\programdata\MFAData
2014-01-25 09:44:18 -------- d-----w- c:\program files\VS Revo Group
2014-01-24 12:07:30 -------- d-----w- c:\users\contrat2\appdata\local\CrashDumps
2014-01-24 11:27:43 -------- d-----w- c:\users\contrat2\appdata\roaming\Malwarebytes
2014-01-24 11:27:30 -------- d-----w- c:\programdata\Malwarebytes
2014-01-24 11:27:25 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2014-01-24 07:00:46 -------- d-----w- c:\program files\Enigma Software Group
2014-01-23 07:24:04 -------- d-----w- c:\programdata\CrypKey
2014-01-23 07:22:49 -------- d-----w- c:\program files\Stellar Phoenix Outlook PST Repair
2014-01-13 08:35:35 -------- d-----w- c:\program files\Browsersafeguard
2014-01-13 08:31:07 -------- d-----w- c:\programdata\SearchModule
2014-01-13 08:30:58 -------- d-----w- c:\program files\common files\Goobzo
2014-01-13 08:30:21 -------- d-----w- c:\users\contrat2\appdata\local\Installer
2014-01-13 08:30:02 -------- d-----w- c:\users\contrat2\appdata\local\CrashRpt
2014-01-13 07:45:28 -------- d-----w- c:\users\contrat2\appdata\local\AMD
2014-01-09 09:56:32 -------- d-----w- c:\windows\system32\drivers\umdf\uk-UA
2014-01-09 09:56:32 -------- d-----w- c:\windows\system32\drivers\umdf\sr-Latn-CS
2014-01-09 09:56:32 -------- d-----w- c:\windows\system32\drivers\umdf\sk-SK
2014-01-09 09:56:32 -------- d-----w- c:\windows\system32\drivers\umdf\ro-RO
2014-01-09 09:56:32 -------- d-----w- c:\windows\system32\drivers\umdf\lv-LV
2014-01-09 09:56:32 -------- d-----w- c:\windows\system32\drivers\umdf\lt-LT
2014-01-09 09:56:31 -------- d-----w- c:\windows\system32\drivers\umdf\zh-HK
2014-01-09 09:56:31 -------- d-----w- c:\windows\system32\drivers\umdf\th-TH
2014-01-09 09:56:31 -------- d-----w- c:\windows\system32\drivers\umdf\sl-SI
2014-01-09 09:56:31 -------- d-----w- c:\windows\system32\drivers\umdf\hr-HR
2014-01-09 09:56:31 -------- d-----w- c:\windows\system32\drivers\umdf\et-EE
2014-01-09 09:56:31 -------- d-----w- c:\windows\system32\drivers\umdf\bg-BG
2014-01-08 21:28:08 -------- d-----w- c:\windows\uk-UA
2014-01-08 21:28:08 -------- d-----w- c:\windows\system32\drivers\uk-UA
2014-01-08 20:12:18 -------- d-----w- c:\windows\tr-TR
2014-01-08 20:11:55 -------- d-----w- c:\windows\system32\drivers\umdf\tr-TR
2014-01-08 20:11:55 -------- d-----w- c:\windows\system32\drivers\tr-TR
2014-01-08 20:11:50 -------- d-----w- c:\windows\system32\wbem\tr-TR
2014-01-08 20:11:42 -------- d-----w- c:\windows\system32\041F
2014-01-08 19:51:42 40960 ----a-w- c:\program files\common files\microsoft shared\ink\tr\Microsoft.Ink.Resources.dll
2014-01-08 19:47:09 3584 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\tr-tr\LMPRTPRC.DLL.mui
2014-01-08 18:47:07 -------- d-----w- c:\windows\system32\drivers\th-TH
2014-01-08 18:46:59 -------- d-----w- c:\windows\th-TH
2014-01-08 17:36:41 -------- d-----w- c:\windows\system32\drivers\umdf\sv-SE
2014-01-08 17:36:41 -------- d-----w- c:\windows\system32\041D
2014-01-08 17:36:40 -------- d-----w- c:\windows\system32\drivers\sv-SE
2014-01-08 17:36:35 -------- d-----w- c:\windows\system32\wbem\sv-SE
2014-01-08 17:36:11 -------- d-----w- c:\windows\sv-SE
2014-01-08 17:17:14 40960 ----a-w- c:\program files\common files\microsoft shared\ink\sv\Microsoft.Ink.Resources.dll
2014-01-08 17:13:06 3584 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\sv-se\LMPRTPRC.DLL.mui
2014-01-08 16:13:01 -------- d-----w- c:\windows\sl-SI
2014-01-08 16:13:00 -------- d-----w- c:\windows\system32\drivers\sl-SI
2014-01-08 15:05:51 -------- d-----w- c:\windows\sk-SK
2014-01-08 15:05:32 -------- d-----w- c:\windows\system32\drivers\sk-SK
2014-01-08 13:49:05 -------- d-----w- c:\windows\sr-Latn-CS
2014-01-08 13:48:57 -------- d-----w- c:\windows\system32\drivers\sr-Latn-CS
2014-01-08 12:42:50 -------- d-----w- c:\windows\system32\0419
2014-01-08 12:42:49 -------- d-----w- c:\windows\system32\drivers\umdf\ru-RU
2014-01-08 12:42:47 -------- d-----w- c:\windows\system32\drivers\ru-RU
2014-01-08 12:42:28 -------- d-----w- c:\windows\system32\wbem\ru-RU
2014-01-08 12:41:59 -------- d-----w- c:\windows\ru-RU
2014-01-08 12:18:41 49152 ----a-w- c:\program files\common files\microsoft shared\ink\ru\Microsoft.Ink.Resources.dll
2014-01-08 12:12:06 3584 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\ru-ru\LMPRTPRC.DLL.mui
2014-01-08 11:07:49 -------- d-----w- c:\windows\ro-RO
2014-01-08 11:07:41 -------- d-----w- c:\windows\system32\drivers\ro-RO
2014-01-08 10:08:21 -------- d-----w- c:\windows\pt-PT
2014-01-08 10:07:53 -------- d-----w- c:\windows\system32\drivers\umdf\pt-PT
2014-01-08 10:07:53 -------- d-----w- c:\windows\system32\drivers\pt-PT
2014-01-08 10:07:48 -------- d-----w- c:\windows\system32\0816
2014-01-08 10:07:39 -------- d-----w- c:\windows\system32\wbem\pt-PT
2014-01-08 09:49:27 40960 ----a-w- c:\program files\common files\microsoft shared\ink\pt\Microsoft.Ink.Resources.dll
2014-01-08 09:44:25 4096 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\pt-pt\LMPRTPRC.DLL.mui
2014-01-08 08:38:13 -------- d-----w- c:\windows\pt-BR
2014-01-08 08:37:51 -------- d-----w- c:\windows\system32\drivers\umdf\pt-BR
2014-01-08 08:37:51 -------- d-----w- c:\windows\system32\drivers\pt-BR
2014-01-08 08:37:47 -------- d-----w- c:\windows\system32\0416
2014-01-08 08:37:46 -------- d-----w- c:\windows\system32\wbem\pt-BR
2014-01-08 08:20:33 40960 ----a-w- c:\program files\common files\microsoft shared\ink\pt-br\Microsoft.Ink.Resources.dll
2014-01-08 08:19:43 3584 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\pt-br\LMPRTPRC.DLL.mui
2014-01-08 07:24:24 -------- d-----w- c:\windows\pl-PL
2014-01-08 07:24:20 -------- d-----w- c:\windows\system32\drivers\umdf\pl-PL
2014-01-08 07:24:20 -------- d-----w- c:\windows\system32\drivers\pl-PL
2014-01-08 07:23:52 -------- d-----w- c:\windows\system32\wbem\pl-PL
2014-01-08 07:23:45 -------- d-----w- c:\windows\system32\0415
2014-01-08 07:09:00 40960 ----a-w- c:\program files\common files\microsoft shared\ink\pl\Microsoft.Ink.Resources.dll
2014-01-08 07:04:28 3584 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\pl-pl\LMPRTPRC.DLL.mui
2014-01-08 06:02:42 -------- d-----w- c:\windows\lt-LT
2014-01-08 06:02:35 -------- d-----w- c:\windows\system32\drivers\lt-LT
2014-01-08 05:17:13 -------- d-----w- c:\windows\lv-LV
2014-01-08 05:17:05 -------- d-----w- c:\windows\system32\drivers\lv-LV
2014-01-08 04:22:42 -------- d-----w- c:\windows\ko-KR
2014-01-08 04:22:40 -------- d-----w- c:\windows\system32\0412
2014-01-08 04:22:39 -------- d-----w- c:\windows\system32\drivers\umdf\ko-KR
2014-01-08 04:22:39 -------- d-----w- c:\windows\system32\drivers\ko-KR
2014-01-08 04:22:20 -------- d-----w- c:\windows\system32\ko
2014-01-08 04:22:13 -------- d-----w- c:\windows\system32\wbem\ko-KR
2014-01-08 04:09:13 40960 ----a-w- c:\program files\common files\microsoft shared\ink\ko\Microsoft.Ink.Resources.dll
2014-01-08 04:06:35 3072 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\ko-kr\LMPRTPRC.DLL.mui
2014-01-08 03:07:04 -------- d-----w- c:\windows\ja-JP
2014-01-08 03:06:43 -------- d-----w- c:\windows\system32\ja
2014-01-08 03:06:43 -------- d-----w- c:\windows\system32\0411
2014-01-08 03:06:42 -------- d-----w- c:\windows\system32\drivers\umdf\ja-JP
2014-01-08 03:06:42 -------- d-----w- c:\windows\system32\drivers\ja-JP
2014-01-08 03:06:30 -------- d-----w- c:\windows\system32\wbem\ja-JP
2014-01-08 02:53:32 45056 ----a-w- c:\program files\common files\microsoft shared\ink\ja\Microsoft.Ink.Resources.dll
2014-01-08 02:48:00 3072 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\ja-jp\LMPRTPRC.DLL.mui
2014-01-08 01:58:14 -------- d-----w- c:\windows\nl-NL
2014-01-08 01:58:12 -------- d-----w- c:\windows\system32\0413
2014-01-08 01:57:53 -------- d-----w- c:\windows\system32\drivers\umdf\nl-NL
2014-01-08 01:57:53 -------- d-----w- c:\windows\system32\drivers\nl-NL
2014-01-08 01:57:48 -------- d-----w- c:\windows\system32\wbem\nl-NL
2014-01-08 01:43:28 40960 ----a-w- c:\program files\common files\microsoft shared\ink\nl\Microsoft.Ink.Resources.dll
2014-01-08 01:42:42 3584 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\nl-nl\LMPRTPRC.DLL.mui
2014-01-08 00:52:45 -------- d-----w- c:\windows\zh-TW
2014-01-08 00:52:44 -------- d-----w- c:\windows\system32\zh-CHT
2014-01-08 00:52:28 -------- d-----w- c:\windows\system32\drivers\zh-TW
2014-01-08 00:52:28 -------- d-----w- c:\windows\system32\drivers\zh-HK
2014-01-08 00:52:28 -------- d-----w- c:\windows\system32\drivers\umdf\zh-TW
2014-01-08 00:52:19 -------- d-----w- c:\windows\system32\wbem\zh-TW
2014-01-08 00:52:19 -------- d-----w- c:\windows\system32\0C04
2014-01-08 00:37:12 36864 ----a-w- c:\program files\common files\microsoft shared\ink\zh-cht\Microsoft.Ink.Resources.dll
2014-01-08 00:35:14 3072 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\zh-tw\LMPRTPRC.DLL.mui
2014-01-07 23:46:21 -------- d-----w- c:\windows\system32\zh-CHS
2014-01-07 23:46:21 -------- d-----w- c:\windows\system32\drivers\umdf\zh-CN
2014-01-07 23:46:20 -------- d-----w- c:\windows\system32\drivers\zh-CN
2014-01-07 23:46:09 -------- d-----w- c:\windows\system32\wbem\zh-CN
2014-01-07 23:46:09 -------- d-----w- c:\windows\system32\0804
2014-01-07 23:45:52 -------- d-----w- c:\windows\zh-CN
2014-01-07 23:33:31 36864 ----a-w- c:\program files\common files\microsoft shared\ink\zh-chs\Microsoft.Ink.Resources.dll
2014-01-07 23:27:34 3072 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\zh-cn\LMPRTPRC.DLL.mui
2014-01-07 22:19:16 -------- d-----w- c:\windows\system32\drivers\umdf\es-ES
2014-01-07 22:19:16 -------- d-----w- c:\windows\system32\0C0A
2014-01-07 22:19:15 -------- d-----w- c:\windows\system32\drivers\es-ES
2014-01-07 22:18:58 -------- d-----w- c:\windows\system32\wbem\es-ES
2014-01-07 22:18:30 -------- d-----w- c:\windows\es-ES
2014-01-07 22:05:28 40960 ----a-w- c:\program files\common files\microsoft shared\ink\es\Microsoft.Ink.Resources.dll
2014-01-07 22:00:54 3584 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\es-es\LMPRTPRC.DLL.mui
2014-01-07 21:12:17 -------- d-----w- c:\windows\it-IT
2014-01-07 21:11:53 -------- d-----w- c:\windows\system32\drivers\umdf\it-IT
2014-01-07 21:11:53 -------- d-----w- c:\windows\system32\drivers\it-IT
2014-01-07 21:11:53 -------- d-----w- c:\windows\system32\0410
2014-01-07 21:11:41 -------- d-----w- c:\windows\system32\wbem\it-IT
2014-01-07 20:58:05 40960 ----a-w- c:\program files\common files\microsoft shared\ink\it\Microsoft.Ink.Resources.dll
2014-01-07 20:54:21 3584 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\it-it\LMPRTPRC.DLL.mui
2014-01-07 20:08:55 -------- d-----w- c:\windows\system32\drivers\umdf\hu-HU
2014-01-07 20:08:54 -------- d-----w- c:\windows\system32\drivers\hu-HU
2014-01-07 20:08:50 -------- d-----w- c:\windows\system32\wbem\hu-HU
2014-01-07 20:08:27 -------- d-----w- c:\windows\system32\040E
2014-01-07 20:08:27 -------- d-----w- c:\windows\hu-HU
2014-01-07 19:53:43 40960 ----a-w- c:\program files\common files\microsoft shared\ink\hu\Microsoft.Ink.Resources.dll
2014-01-07 19:52:12 3584 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\hu-hu\LMPRTPRC.DLL.mui
2014-01-07 19:16:26 -------- d-----w- c:\windows\system32\he
2014-01-07 19:16:26 -------- d-----w- c:\windows\system32\drivers\umdf\he-IL
2014-01-07 19:16:24 -------- d-----w- c:\windows\system32\drivers\he-IL
2014-01-07 19:16:20 -------- d-----w- c:\windows\system32\wbem\he-IL
2014-01-07 19:15:55 -------- d-----w- c:\windows\he-IL
2014-01-07 19:02:00 40960 ----a-w- c:\program files\common files\microsoft shared\ink\he\Microsoft.Ink.Resources.dll
2014-01-07 18:57:49 3584 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\he-il\LMPRTPRC.DLL.mui
2014-01-07 18:22:39 -------- d-----w- c:\windows\el-GR
2014-01-07 18:22:15 -------- d-----w- c:\windows\system32\0408
2014-01-07 18:22:14 -------- d-----w- c:\windows\system32\drivers\umdf\el-GR
2014-01-07 18:22:14 -------- d-----w- c:\windows\system32\drivers\el-GR
2014-01-07 18:22:09 -------- d-----w- c:\windows\system32\wbem\el-GR
2014-01-07 18:07:46 53248 ----a-w- c:\program files\common files\microsoft shared\ink\el\Microsoft.Ink.Resources.dll
2014-01-07 18:04:51 4096 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\el-gr\LMPRTPRC.DLL.mui
2014-01-07 17:31:50 -------- d-----w- c:\windows\de-DE
2014-01-07 17:31:13 -------- d-----w- c:\windows\system32\0407
2014-01-07 17:31:12 -------- d-----w- c:\windows\system32\drivers\umdf\de-DE
2014-01-07 17:31:12 -------- d-----w- c:\windows\system32\drivers\de-DE
2014-01-07 17:31:01 -------- d-----w- c:\windows\system32\wbem\de-DE
2014-01-07 17:12:34 40960 ----a-w- c:\program files\common files\microsoft shared\ink\de\Microsoft.Ink.Resources.dll
2014-01-07 17:11:01 3584 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\de-de\LMPRTPRC.DLL.mui
2014-01-07 16:34:10 -------- d-----w- c:\windows\fi-FI
2014-01-07 16:33:50 -------- d-----w- c:\windows\system32\040B
2014-01-07 16:33:49 -------- d-----w- c:\windows\system32\drivers\umdf\fi-FI
2014-01-07 16:33:49 -------- d-----w- c:\windows\system32\drivers\fi-FI
2014-01-07 16:33:45 -------- d-----w- c:\windows\system32\wbem\fi-FI
2014-01-07 16:22:57 40960 ----a-w- c:\program files\common files\microsoft shared\ink\fi\Microsoft.Ink.Resources.dll
2014-01-07 16:20:07 3584 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\fi-fi\LMPRTPRC.DLL.mui
2014-01-07 15:53:56 -------- d-----w- c:\windows\system32\drivers\et-EE
2014-01-07 15:53:49 -------- d-----w- c:\windows\et-EE
2014-01-07 14:46:21 -------- d-----w- c:\windows\da-DK
2014-01-07 14:46:18 -------- d-----w- c:\windows\system32\drivers\umdf\da-DK
2014-01-07 14:46:18 -------- d-----w- c:\windows\system32\drivers\da-DK
2014-01-07 14:46:18 -------- d-----w- c:\windows\system32\0406
2014-01-07 14:45:51 -------- d-----w- c:\windows\system32\wbem\da-DK
2014-01-07 14:36:04 40960 ----a-w- c:\program files\common files\microsoft shared\ink\da\Microsoft.Ink.Resources.dll
2014-01-07 14:34:15 3584 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\da-dk\LMPRTPRC.DLL.mui
2014-01-07 14:08:56 -------- d-----w- c:\windows\cs-CZ
2014-01-07 14:08:36 -------- d-----w- c:\windows\system32\drivers\umdf\cs-CZ
2014-01-07 14:08:36 -------- d-----w- c:\windows\system32\drivers\cs-CZ
2014-01-07 14:08:33 -------- d-----w- c:\windows\system32\0405
2014-01-07 14:08:32 -------- d-----w- c:\windows\system32\wbem\cs-CZ
2014-01-07 13:58:14 40960 ----a-w- c:\program files\common files\microsoft shared\ink\cs\Microsoft.Ink.Resources.dll
2014-01-07 13:57:19 3584 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\cs-cz\LMPRTPRC.DLL.mui
2014-01-07 13:35:02 -------- d-----w- c:\windows\hr-HR
2014-01-07 13:35:01 -------- d-----w- c:\windows\system32\drivers\hr-HR
2014-01-07 13:11:25 -------- d-----w- c:\windows\bg-BG
2014-01-07 13:11:23 -------- d-----w- c:\windows\system32\drivers\bg-BG
2014-01-07 13:03:57 36864 ----a-w- c:\program files\common files\microsoft shared\ink\en\Microsoft.Ink.Resources.dll
2014-01-07 13:03:07 3584 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\en-us\LMPRTPRC.DLL.mui
2014-01-07 12:41:23 -------- d-----w- c:\windows\ar-SA
2014-01-07 12:41:22 -------- d-----w- c:\windows\system32\ar
2014-01-07 12:41:21 -------- d-----w- c:\windows\system32\drivers\umdf\ar-SA
2014-01-07 12:41:21 -------- d-----w- c:\windows\system32\drivers\ar-SA
2014-01-07 12:40:56 -------- d-----w- c:\windows\system32\wbem\ar-SA
2014-01-07 12:32:13 45056 ----a-w- c:\program files\common files\microsoft shared\ink\ar\Microsoft.Ink.Resources.dll
2014-01-07 12:29:42 3584 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\ar-sa\LMPRTPRC.DLL.mui
2014-01-07 08:42:24 -------- d-----w- c:\program files\FixCleaner
2014-01-07 08:12:11 -------- d-----w- c:\program files\AMD APP
2014-01-07 08:10:22 -------- d-----w- c:\programdata\AMD
2014-01-07 08:09:26 37944 ----a-w- c:\windows\system32\drivers\amdiox86.sys
2014-01-07 07:56:06 14504 ----a-w- c:\windows\system32\drivers\AtiPcie.sys
2014-01-07 07:50:44 -------- d-----w- C:\Advanced Wheel Mouse
2014-01-07 07:50:35 7040 ----a-w- c:\windows\system32\drivers\whfltr2k.sys
2014-01-07 07:13:46 13464 ----a-w- c:\windows\system32\drivers\SWDUMon.sys
2014-01-07 07:13:43 -------- d-----w- c:\users\contrat2\appdata\local\SlimWare Utilities Inc
2014-01-07 07:13:22 -------- d-----w- c:\program files\DriverUpdate
2014-01-07 07:01:00 -------- d-----w- c:\users\contrat2\appdata\roaming\freegames111
2014-01-05 09:48:57 -------- d-----w- c:\program files\predm
2014-01-05 09:47:10 -------- d-----w- c:\program files\Uninstaller
2014-01-05 09:40:17 -------- d-----w- c:\users\contrat2\.android
2014-01-05 09:40:16 -------- d-----w- c:\users\contrat2\appdata\local\cache
2014-01-05 09:40:14 -------- d-----w- c:\users\contrat2\appdata\roaming\newnext.me
2014-01-05 09:40:13 -------- d-----w- c:\users\contrat2\appdata\local\genienext
2014-01-05 09:40:10 -------- d-----w- c:\users\contrat2\appdata\local\Mobogenie
2014-01-05 09:36:22 -------- d-----w- c:\program files\MyPC Backup
.
==================== Find3M ====================
.
2014-01-28 07:23:52 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-01-28 07:23:52 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-01-25 08:59:59 197632 ----a-w- c:\windows\system32\drivers\usbhub.sys.bak
2014-01-25 08:58:59 13312 ----a-w- c:\windows\system32\drivers\sffdisk.sys.bak
2014-01-25 08:57:59 41280 ----a-w- c:\windows\system32\drivers\PCASp50a64.sys.bak
2014-01-25 08:56:59 16440 ----a-w- c:\windows\system32\drivers\msisadrv.sys.bak
2014-01-25 08:55:59 25088 ----a-w- c:\windows\system32\drivers\fdc.sys.bak
2014-01-19 07:32:23 231584 ------w- c:\windows\system32\MpSigStub.exe
2014-01-08 21:13:25 8192 ----a-w- c:\windows\system32\drivers\uk-ua\bthport.sys.mui
2014-01-08 21:11:39 3072 ----a-w- c:\windows\system32\drivers\uk-ua\serscan.sys.mui
2014-01-08 21:11:34 3584 ----a-w- c:\windows\system32\drivers\uk-ua\hidbth.sys.mui
2014-01-08 21:11:17 2560 ----a-w- c:\windows\system32\drivers\uk-ua\amdide.sys.mui
2014-01-08 19:50:53 4608 ----a-w- c:\windows\system32\drivers\tr-tr\isapnp.sys.mui
2014-01-08 19:50:53 3584 ----a-w- c:\windows\system32\drivers\tr-tr\mssmbios.sys.mui
2014-01-08 19:50:53 27136 ----a-w- c:\windows\system32\drivers\tr-tr\mpio.sys.mui
2014-01-08 19:50:52 9216 ----a-w- c:\windows\system32\drivers\tr-tr\pci.sys.mui
2014-01-08 19:50:52 3072 ----a-w- c:\windows\system32\drivers\tr-tr\VIAAGP.SYS.mui
2014-01-08 19:50:52 3072 ----a-w- c:\windows\system32\drivers\tr-tr\ULIAGPKX.SYS.mui
2014-01-08 19:50:52 3072 ----a-w- c:\windows\system32\drivers\tr-tr\SISAGP.SYS.mui
2014-01-08 19:50:52 3072 ----a-w- c:\windows\system32\drivers\tr-tr\NV_AGP.SYS.mui
2014-01-08 19:50:52 3072 ----a-w- c:\windows\system32\drivers\tr-tr\AMDAGP.SYS.mui
2014-01-08 19:50:52 3072 ----a-w- c:\windows\system32\drivers\tr-tr\AGP440.sys.mui
2014-01-08 19:50:50 36864 ----a-w- c:\windows\system32\drivers\tr-tr\http.sys.mui
2014-01-08 19:50:47 13824 ----a-w- c:\windows\system32\drivers\tr-tr\fvevol.sys.mui
2014-01-08 19:48:46 3072 ----a-w- c:\windows\system32\drivers\tr-tr\qwavedrv.sys.mui
2014-01-08 19:48:37 2560 ----a-w- c:\windows\system32\drivers\tr-tr\wd.sys.mui
2014-01-08 19:48:31 6144 ----a-w- c:\windows\system32\drivers\tr-tr\IPMIDrv.sys.mui
2014-01-08 19:48:27 4608 ----a-w- c:\windows\system32\drivers\tr-tr\pcmcia.sys.mui
2014-01-08 19:48:25 3584 ----a-w- c:\windows\system32\drivers\tr-tr\pacer.sys.mui
2014-01-08 19:48:14 4608 ----a-w- c:\windows\system32\drivers\tr-tr\msdsm.sys.mui
2014-01-08 19:48:10 10752 ----a-w- c:\windows\system32\drivers\tr-tr\BrSerId.sys.mui
2014-01-08 19:47:58 3072 ----a-w- c:\windows\system32\drivers\tr-tr\serscan.sys.mui
2014-01-08 19:47:57 4096 ----a-w- c:\windows\system32\drivers\tr-tr\modem.sys.mui
2014-01-08 19:47:56 4096 ----a-w- c:\windows\system32\drivers\tr-tr\ipnat.sys.mui
2014-01-08 19:47:50 9216 ----a-w- c:\windows\system32\drivers\tr-tr\afd.sys.mui
2014-01-08 19:47:49 6144 ----a-w- c:\windows\system32\drivers\tr-tr\yk60x86.sys.mui
2014-01-08 19:47:45 3584 ----a-w- c:\windows\system32\drivers\tr-tr\hidbth.sys.mui
2014-01-08 19:47:43 10240 ----a-w- c:\windows\system32\drivers\tr-tr\ltmdmnt.sys.mui
2014-01-08 19:47:34 3584 ----a-w- c:\windows\system32\drivers\tr-tr\ati2mpad.sys.mui
2014-01-08 19:47:34 3072 ----a-w- c:\windows\system32\drivers\tr-tr\srv.sys.mui
2014-01-08 19:47:33 65536 ----a-w- c:\windows\system32\drivers\tr-tr\ntfs.sys.mui
2014-01-08 19:47:10 4096 ----a-w- c:\windows\system32\drivers\tr-tr\ntrigdigi.sys.mui
2014-01-08 18:33:19 8704 ----a-w- c:\windows\system32\drivers\th-th\bthport.sys.mui
2014-01-08 18:33:18 3584 ----a-w- c:\windows\system32\drivers\th-th\hidbth.sys.mui
2014-01-08 18:31:40 3072 ----a-w- c:\windows\system32\drivers\th-th\serscan.sys.mui
2014-01-08 18:31:21 2560 ----a-w- c:\windows\system32\drivers\th-th\amdide.sys.mui
2014-01-08 17:17:41 10240 ----a-w- c:\windows\system32\drivers\sv-se\battc.sys.mui
2014-01-08 17:17:32 8192 ----a-w- c:\windows\system32\drivers\sv-se\bthport.sys.mui
2014-01-08 17:17:32 4096 ----a-w- c:\windows\system32\drivers\sv-se\hdaudbus.sys.mui
2014-01-08 17:17:03 6144 ----a-w- c:\windows\system32\drivers\sv-se\sermouse.sys.mui
2014-01-08 17:17:03 5120 ----a-w- c:\windows\system32\drivers\sv-se\mouclass.sys.mui
2014-01-08 17:17:03 3584 ----a-w- c:\windows\system32\drivers\sv-se\mouhid.sys.mui
2014-01-08 17:17:03 10752 ----a-w- c:\windows\system32\drivers\sv-se\i8042prt.sys.mui
2014-01-08 17:14:03 3072 ----a-w- c:\windows\system32\drivers\sv-se\qwavedrv.sys.mui
2014-01-08 17:12:34 4608 ----a-w- c:\windows\system32\drivers\sv-se\ntrigdigi.sys.mui
2014-01-08 17:12:23 4096 ----a-w- c:\windows\system32\drivers\sv-se\parport.sys.mui
2014-01-08 17:12:23 3072 ----a-w- c:\windows\system32\drivers\sv-se\parvdm.sys.mui
2014-01-08 17:12:23 10752 ----a-w- c:\windows\system32\drivers\sv-se\serial.sys.mui
2014-01-08 17:12:18 3584 ----a-w- c:\windows\system32\drivers\sv-se\RNDISMP.sys.mui
2014-01-08 17:12:15 12288 ----a-w- c:\windows\system32\drivers\sv-se\ohci1394.sys.mui
2014-01-08 17:12:11 3072 ----a-w- c:\windows\system32\drivers\sv-se\UAGP35.SYS.mui
2014-01-08 17:12:11 3072 ----a-w- c:\windows\system32\drivers\sv-se\GAGP30KX.SYS.mui
2014-01-08 17:12:10 3584 ----a-w- c:\windows\system32\drivers\sv-se\umbus.sys.mui
2014-01-08 17:12:09 2560 ----a-w- c:\windows\system32\drivers\sv-se\BrParwdm.sys.mui
2014-01-08 17:12:04 3072 ----a-w- c:\windows\system32\drivers\sv-se\Dot4usb.sys.mui
2014-01-08 17:12:04 2560 ----a-w- c:\windows\system32\drivers\sv-se\amdide.sys.mui
2014-01-08 17:12:00 5120 ----a-w- c:\windows\system32\drivers\sv-se\fltmgr.sys.mui
2014-01-08 15:59:28 8192 ----a-w- c:\windows\system32\drivers\sl-si\bthport.sys.mui
2014-01-08 15:57:58 3072 ----a-w- c:\windows\system32\drivers\sl-si\serscan.sys.mui
2014-01-08 15:57:54 3584 ----a-w- c:\windows\system32\drivers\sl-si\hidbth.sys.mui
2014-01-08 15:57:40 2560 ----a-w- c:\windows\system32\drivers\sl-si\amdide.sys.mui
2014-01-08 14:50:31 8192 ----a-w- c:\windows\system32\drivers\sk-sk\bthport.sys.mui
2014-01-08 14:47:06 3072 ----a-w- c:\windows\system32\drivers\sk-sk\serscan.sys.mui
2014-01-08 14:46:57 3584 ----a-w- c:\windows\system32\drivers\sk-sk\hidbth.sys.mui
2014-01-08 14:46:38 2560 ----a-w- c:\windows\system32\drivers\sk-sk\amdide.sys.mui
2014-01-08 13:36:33 8192 ----a-w- c:\windows\system32\drivers\sr-latn-cs\bthport.sys.mui
2014-01-08 13:34:56 2560 ----a-w- c:\windows\system32\drivers\sr-latn-cs\amdide.sys.mui
2014-01-08 13:34:34 3072 ----a-w- c:\windows\system32\drivers\sr-latn-cs\serscan.sys.mui
2014-01-08 13:34:30 3584 ----a-w- c:\windows\system32\drivers\sr-latn-cs\hidbth.sys.mui
2014-01-08 12:19:24 8192 ----a-w- c:\windows\system32\drivers\ru-ru\bthport.sys.mui
2014-01-08 12:19:24 4096 ----a-w- c:\windows\system32\drivers\ru-ru\hdaudbus.sys.mui
2014-01-08 12:18:28 6144 ----a-w- c:\windows\system32\drivers\ru-ru\sermouse.sys.mui
2014-01-08 12:18:28 5120 ----a-w- c:\windows\system32\drivers\ru-ru\mouclass.sys.mui
2014-01-08 12:18:28 3072 ----a-w- c:\windows\system32\drivers\ru-ru\mouhid.sys.mui
2014-01-08 12:18:28 11264 ----a-w- c:\windows\system32\drivers\ru-ru\i8042prt.sys.mui
2014-01-08 12:18:10 6144 ----a-w- c:\windows\system32\drivers\ru-ru\tpm.sys.mui
2014-01-08 12:18:06 3072 ----a-w- c:\windows\system32\drivers\ru-ru\kbdhid.sys.mui
2014-01-08 12:18:05 5120 ----a-w- c:\windows\system32\drivers\ru-ru\kbdclass.sys.mui
2014-01-08 12:18:04 5120 ----a-w- c:\windows\system32\drivers\ru-ru\e100b325.sys.mui
2014-01-08 12:18:03 7168 ----a-w- c:\windows\system32\drivers\ru-ru\luafv.sys.mui
2014-01-08 12:13:46 3072 ----a-w- c:\windows\system32\drivers\ru-ru\qwavedrv.sys.mui
2014-01-08 12:13:04 4608 ----a-w- c:\windows\system32\drivers\ru-ru\msdsm.sys.mui
2014-01-08 12:12:37 3072 ----a-w- c:\windows\system32\drivers\ru-ru\serscan.sys.mui
2014-01-08 12:12:35 4096 ----a-w- c:\windows\system32\drivers\ru-ru\modem.sys.mui
2014-01-08 12:12:34 4096 ----a-w- c:\windows\system32\drivers\ru-ru\ipnat.sys.mui
2014-01-08 12:12:25 9728 ----a-w- c:\windows\system32\drivers\ru-ru\afd.sys.mui
2014-01-08 12:12:24 6656 ----a-w- c:\windows\system32\drivers\ru-ru\yk60x86.sys.mui
2014-01-08 12:12:18 3584 ----a-w- c:\windows\system32\drivers\ru-ru\hidbth.sys.mui
2014-01-08 12:12:14 10240 ----a-w- c:\windows\system32\drivers\ru-ru\ltmdmnt.sys.mui
2014-01-08 12:11:56 3072 ----a-w- c:\windows\system32\drivers\ru-ru\srv.sys.mui
.
============= FINISH: 7:17:03,77 ===============

 

[dzerpapa]

OK! I'm supposed to be at least a litle intelligent... I'm so bad whit the new technology!
I'm an old man, my job is in the field... you know, Corrine, I think you are the help that I need!
I feel good about you and this place!

 

[Corrine]

Hi, Claude. Old or young, we all have different experiences and knowledge. Just because you need help with your computer certainly in no way has anything to do with your intelligence.

1. First, I would like to take care of the out-dated and vulnerable software on your computer.

a. Oracle Java is a target of malware writers. Unfortunately, Oracle did not do a good job when version 7 was released and left behind the old version. To start, please uninstall Java(TM) 6 Update 3. If you are unsure how to do this, see the instructions at How to uninstall a program in Windows Vista, Windows 7, and Windows 8.

b. Now, let's update Java to the latest version. The English version of JRE7u51 is at Download Java for Windows. Because you are French Canadian, I also located the French download, if that is your preference: Téléchargement gratuit du logiciel Java

NOTE: Please read each screen when updating. You will need to accept the license agreement but UNCHECK any pre-checked toolbar and/or software options presented with the update. They are not part of the software update and are completely optional.

c. Adobe Reader also needs to be updated. Adobe Reader XI (11.0.06) for Windows is available here: Adobe - Adobe Reader : For Windows. Note: Like the update for Java, UNcheck any pre-checked additional options presented with the update. They are not part of the software update and are completely optional.
​

2. Now, we are going to run a powerful tool to start cleaning your computer. Please follow these instructions carefully. Download ComboFix from the following location: Link 1

!!! IMPORTANT !!! Save ComboFix.exe to your Desktop

• Disable your antivirus and anti-malware security applications. If not disabled, these programs will likely interfere with cleanup process. This can usually be accomplished by a right-click on the icon in the System Tray.
  
  Note: If you are unsure how to disable your security software, see the instructions in this topic at Tech Support Forum: How to disable your security applications.
  
• If infections are found, ComboFix will automatically reboot the machine to complete the removal process. Please ensure all opened windows are closed before proceeding.
• Double-click ComboFix.exe on your desktop and follow the prompts.
• Your desktop may go blank. This is normal. It will return when ComboFix is done. ComboFix may reboot your machine. This is normal.
• When finished, a log will be produced. Please copy C:\ComboFix.txt in your next reply.

I'm sure you'll do fine, but please do not hesitate to ask questions if you are unsure of any of the instructions.

 

[dzerpapa]

Bonjour Corrine,

I'm a little sad... my pc is very slow again!

Combofix did is job... I think! (I paste a copy of the note box texte)

But, I think... I'll cry!
To late... I'm crying!

Ok! I'm ok now!

Do you think that it exist a chance to do someting after that?

Thank you very much Corrine...


Claude

ComboFix 14-02-01.01 - Contrat2 02/02/2014 4:31.1.2 - x86
Microsoft® Windows Vista™ Édition Intégrale 6.0.6002.2.1252.2.1036.18.2941.1435 [GMT -5:00]
Lancé depuis: c:\gdg\UserData\Desktop\ComboFix.exe
AV: AVG Internet Security 2014 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
FW: AVG Internet Security 2014 *Disabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
SP: AVG Internet Security 2014 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\advanc~1\wh_exec.exe
c:\programdata\1382446582.bdinstall.bin
c:\programdata\1384988123.bdinstall.bin
c:\programdata\9334609BCB.sys
c:\users\Contrat2\AppData\Roaming\Microsoft\Windows\Templates\Commandes Aeriennes.lnk
c:\windows\system32\SETFFD2.tmp
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2014-01-02 au 2014-02-02 ))))))))))))))))))))))))))))))))))))
.
.
2014-02-02 09:51 . 2014-02-02 09:51 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-02-02 09:51 . 2014-02-02 09:51 -------- d-----w- c:\users\ccossette.GDG\AppData\Local\temp
2014-02-02 09:51 . 2014-02-02 09:52 -------- d-----w- c:\users\Contrat2\AppData\Local\temp
2014-02-02 09:51 . 2014-02-02 09:51 -------- d-----w- c:\users\dgrandmont\AppData\Local\temp
2014-02-02 09:51 . 2014-02-02 09:51 -------- d-----w- c:\users\ccossette\AppData\Local\temp
2014-02-02 09:50 . 2014-02-02 09:50 -------- d-----w- c:\users\temporaire\AppData\Local\temp
2014-02-02 09:50 . 2014-02-02 09:50 -------- d-----w- c:\users\sgoulet\AppData\Local\temp
2014-02-02 09:50 . 2014-02-02 09:50 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2014-02-02 09:50 . 2014-02-02 09:50 -------- d-----w- c:\users\saisie\AppData\Local\temp
2014-02-02 09:50 . 2014-02-02 09:50 -------- d-----w- c:\users\rlupien\AppData\Local\temp
2014-02-02 09:50 . 2014-02-02 09:50 -------- d-----w- c:\users\gdg\AppData\Local\temp
2014-02-02 09:50 . 2014-02-02 09:50 -------- d-----w- c:\users\Administrateur\AppData\Local\temp
2014-02-02 09:00 . 2014-02-02 08:59 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2014-01-31 04:59 . 2014-01-31 04:59 -------- d-----w- c:\users\Contrat2\AppData\Roaming\ParetoLogic
2014-01-31 04:59 . 2014-01-31 04:59 -------- d-----w- c:\users\Contrat2\AppData\Roaming\DriverCure
2014-01-31 04:59 . 2014-01-31 06:01 -------- d-----w- c:\programdata\ParetoLogic
2014-01-28 06:41 . 2005-05-26 20:34 2297552 ----a-w- c:\windows\system32\d3dx9_26.dll
2014-01-26 09:40 . 2014-01-26 09:54 -------- d-----w- c:\programdata\TuneUp Software
2014-01-26 09:39 . 2014-01-26 10:27 -------- d-sh--w- c:\programdata\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-01-26 09:02 . 2014-01-26 09:02 -------- d-----w- c:\users\Contrat2\AppData\Local\PassMark
2014-01-26 09:02 . 2014-01-26 09:02 -------- d-----w- c:\programdata\Passmark
2014-01-26 09:02 . 2014-01-26 09:02 -------- d-----w- c:\program files\PerformanceTest
2014-01-26 08:24 . 2014-01-26 08:24 -------- d-----w- c:\program files\Panda Security
2014-01-25 10:37 . 2013-12-04 02:57 7760024 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4D855812-5B87-493A-9388-D625B8587E3A}\mpengine.dll
2014-01-25 10:30 . 2014-01-25 10:30 -------- d-----w- c:\users\Contrat2\AppData\Roaming\AVG2014
2014-01-25 10:28 . 2014-01-26 09:49 -------- d-----w- c:\users\Contrat2\AppData\Roaming\TuneUp Software
2014-01-25 10:27 . 2014-01-25 10:29 -------- d-----w- c:\programdata\AVG2014
2014-01-25 10:25 . 2014-01-25 10:25 -------- d-----w- c:\program files\AVG
2014-01-25 10:20 . 2014-02-02 07:52 -------- d-----w- c:\programdata\MFAData
2014-01-25 10:20 . 2014-01-25 10:35 -------- d-----w- c:\users\Contrat2\AppData\Local\Avg2014
2014-01-25 10:20 . 2014-01-25 10:20 -------- d-----w- c:\users\Contrat2\AppData\Local\MFAData
2014-01-25 09:44 . 2014-01-25 09:44 -------- d-----w- c:\program files\VS Revo Group
2014-01-24 12:07 . 2014-01-24 14:53 -------- d-----w- c:\users\Contrat2\AppData\Local\CrashDumps
2014-01-24 11:27 . 2014-01-24 11:27 -------- d-----w- c:\users\Contrat2\AppData\Roaming\Malwarebytes
2014-01-24 11:27 . 2014-01-24 11:27 -------- d-----w- c:\programdata\Malwarebytes
2014-01-24 11:27 . 2014-01-24 11:27 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2014-01-24 07:00 . 2014-01-24 07:00 -------- d-----w- c:\program files\Enigma Software Group
2014-01-23 07:24 . 2014-01-23 07:24 -------- d-----w- c:\programdata\CrypKey
2014-01-23 07:22 . 2014-01-23 07:23 -------- d-----w- c:\program files\Stellar Phoenix Outlook PST Repair
2014-01-13 08:35 . 2014-01-25 06:46 -------- d-----w- c:\program files\Browsersafeguard
2014-01-13 08:31 . 2014-01-13 08:31 -------- d-----w- c:\programdata\SearchModule
2014-01-13 08:30 . 2014-01-16 17:06 -------- d-----w- c:\program files\Common Files\Goobzo
2014-01-13 08:30 . 2014-01-13 08:31 -------- d-----w- c:\users\Contrat2\AppData\Local\Installer
2014-01-13 08:30 . 2014-01-13 08:30 -------- d-----w- c:\users\Contrat2\AppData\Local\CrashRpt
2014-01-13 07:45 . 2014-01-13 07:45 -------- d-----w- c:\users\Contrat2\AppData\Local\AMD
2014-01-13 07:43 . 2014-01-13 07:43 -------- d-----w- c:\programdata\ATI
2014-01-09 09:56 . 2014-01-09 09:56 -------- d-----w- c:\windows\system32\drivers\UMDF\uk-UA
2014-01-09 09:56 . 2014-01-09 09:56 -------- d-----w- c:\windows\system32\drivers\UMDF\sr-Latn-CS
2014-01-09 09:56 . 2014-01-09 09:56 -------- d-----w- c:\windows\system32\drivers\UMDF\sk-SK
2014-01-09 09:56 . 2014-01-09 09:56 -------- d-----w- c:\windows\system32\drivers\UMDF\ro-RO
2014-01-08 20:11 . 2014-01-09 09:12 -------- d-----w- c:\windows\system32\wbem\tr-TR
2014-01-08 20:11 . 2014-01-08 20:11 -------- d-----w- c:\windows\system32\041F
2014-01-08 19:51 . 2014-01-08 19:51 40960 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\tr\Microsoft.Ink.Resources.dll
2014-01-08 19:47 . 2014-01-08 19:47 3584 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\tr-TR\LMPRTPRC.DLL.mui
2014-01-08 18:47 . 2014-01-09 10:12 -------- d-----w- c:\windows\system32\drivers\th-TH
2014-01-08 18:46 . 2014-01-08 18:46 -------- d-----w- c:\windows\th-TH
2014-01-08 17:36 . 2014-01-09 09:56 -------- d-----w- c:\windows\system32\drivers\UMDF\sv-SE
2014-01-08 17:36 . 2014-01-08 17:36 -------- d-----w- c:\windows\system32\041D
2014-01-08 17:36 . 2014-01-09 10:12 -------- d-----w- c:\windows\system32\drivers\sv-SE
2014-01-08 17:36 . 2014-01-09 09:12 -------- d-----w- c:\windows\system32\wbem\sv-SE
2014-01-08 17:36 . 2014-01-08 17:36 -------- d-----w- c:\windows\sv-SE
2014-01-08 17:17 . 2014-01-08 17:17 40960 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\sv\Microsoft.Ink.Resources.dll
2014-01-08 17:13 . 2014-01-08 17:13 3584 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\sv-SE\LMPRTPRC.DLL.mui
2014-01-08 16:13 . 2014-01-08 16:13 -------- d-----w- c:\windows\sl-SI
2014-01-08 16:13 . 2014-01-09 10:12 -------- d-----w- c:\windows\system32\drivers\sl-SI
2014-01-08 15:05 . 2014-01-08 15:05 -------- d-----w- c:\windows\sk-SK
2014-01-08 15:05 . 2014-01-09 10:12 -------- d-----w- c:\windows\system32\drivers\sk-SK
2014-01-08 13:49 . 2014-01-08 13:49 -------- d-----w- c:\windows\sr-Latn-CS
2014-01-08 13:48 . 2014-01-09 10:12 -------- d-----w- c:\windows\system32\drivers\sr-Latn-CS
2014-01-08 12:42 . 2014-01-08 12:42 -------- d-----w- c:\windows\system32\0419
2014-01-08 12:42 . 2014-01-09 09:56 -------- d-----w- c:\windows\system32\drivers\UMDF\ru-RU
2014-01-08 12:42 . 2014-01-09 10:12 -------- d-----w- c:\windows\system32\drivers\ru-RU
2014-01-08 12:42 . 2014-01-09 09:12 -------- d-----w- c:\windows\system32\wbem\ru-RU
2014-01-08 12:41 . 2014-01-08 12:41 -------- d-----w- c:\windows\ru-RU
2014-01-08 12:18 . 2014-01-08 12:18 49152 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\ru\Microsoft.Ink.Resources.dll
2014-01-08 12:12 . 2014-01-08 12:12 3584 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\ru-RU\LMPRTPRC.DLL.mui
2014-01-08 11:07 . 2014-01-24 13:23 -------- d-----w- c:\windows\ro-RO
2014-01-08 11:07 . 2014-01-09 10:12 -------- d-----w- c:\windows\system32\drivers\ro-RO
2014-01-08 10:08 . 2014-01-08 10:08 -------- d-----w- c:\windows\pt-PT
2014-01-08 10:07 . 2014-01-09 10:12 -------- d-----w- c:\windows\system32\drivers\pt-PT
2014-01-08 10:07 . 2014-01-09 09:56 -------- d-----w- c:\windows\system32\drivers\UMDF\pt-PT
2014-01-08 10:07 . 2014-01-08 10:07 -------- d-----w- c:\windows\system32\0816
2014-01-08 10:07 . 2014-01-09 09:12 -------- d-----w- c:\windows\system32\wbem\pt-PT
2014-01-08 09:49 . 2014-01-08 09:49 40960 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\pt\Microsoft.Ink.Resources.dll
2014-01-08 09:44 . 2014-01-08 09:44 4096 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\pt-PT\LMPRTPRC.DLL.mui
2014-01-08 08:38 . 2014-01-08 08:38 -------- d-----w- c:\windows\pt-BR
2014-01-08 08:37 . 2014-01-09 10:12 -------- d-----w- c:\windows\system32\drivers\pt-BR
2014-01-08 08:37 . 2014-01-09 09:56 -------- d-----w- c:\windows\system32\drivers\UMDF\pt-BR
2014-01-08 08:37 . 2014-01-08 08:37 -------- d-----w- c:\windows\system32\0416
2014-01-08 08:37 . 2014-01-09 09:12 -------- d-----w- c:\windows\system32\wbem\pt-BR
2014-01-08 08:20 . 2014-01-08 08:20 40960 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\pt-BR\Microsoft.Ink.Resources.dll
2014-01-08 08:19 . 2014-01-08 08:19 3584 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\pt-BR\LMPRTPRC.DLL.mui
2014-01-08 07:24 . 2014-01-08 07:24 -------- d-----w- c:\windows\pl-PL
2014-01-08 07:24 . 2014-01-09 10:12 -------- d-----w- c:\windows\system32\drivers\pl-PL
2014-01-08 07:24 . 2014-01-09 09:56 -------- d-----w- c:\windows\system32\drivers\UMDF\pl-PL
2014-01-08 07:23 . 2014-01-09 09:12 -------- d-----w- c:\windows\system32\wbem\pl-PL
2014-01-08 07:23 . 2014-01-08 07:23 -------- d-----w- c:\windows\system32\0415
2014-01-08 07:09 . 2014-01-08 07:09 40960 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\pl\Microsoft.Ink.Resources.dll
2014-01-08 07:04 . 2014-01-08 07:04 3584 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\pl-PL\LMPRTPRC.DLL.mui
2014-01-08 06:02 . 2014-01-08 06:02 -------- d-----w- c:\windows\lt-LT
2014-01-08 06:02 . 2014-01-09 10:12 -------- d-----w- c:\windows\system32\drivers\lt-LT
2014-01-08 05:17 . 2014-01-08 05:17 -------- d-----w- c:\windows\lv-LV
2014-01-08 05:17 . 2014-01-09 10:12 -------- d-----w- c:\windows\system32\drivers\lv-LV
2014-01-08 04:22 . 2014-01-08 04:22 -------- d-----w- c:\windows\ko-KR
2014-01-08 04:22 . 2014-01-08 04:22 -------- d-----w- c:\windows\system32\0412
2014-01-08 04:22 . 2014-01-09 10:12 -------- d-----w- c:\windows\system32\drivers\ko-KR
2014-01-08 04:22 . 2014-01-09 09:56 -------- d-----w- c:\windows\system32\drivers\UMDF\ko-KR
2014-01-08 04:22 . 2014-01-08 04:22 -------- d-----w- c:\windows\system32\ko
2014-01-08 04:22 . 2014-01-09 09:12 -------- d-----w- c:\windows\system32\wbem\ko-KR
2014-01-08 04:09 . 2014-01-08 04:09 40960 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\ko\Microsoft.Ink.Resources.dll
2014-01-08 04:06 . 2014-01-08 04:06 3072 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\ko-KR\LMPRTPRC.DLL.mui
2014-01-08 03:07 . 2014-01-08 03:07 -------- d-----w- c:\windows\ja-JP
2014-01-08 03:06 . 2014-01-08 03:06 -------- d-----w- c:\windows\system32\ja
2014-01-08 03:06 . 2014-01-08 03:06 -------- d-----w- c:\windows\system32\0411
2014-01-08 03:06 . 2014-01-09 10:12 -------- d-----w- c:\windows\system32\drivers\ja-JP
2014-01-08 03:06 . 2014-01-09 09:56 -------- d-----w- c:\windows\system32\drivers\UMDF\ja-JP
2014-01-08 03:06 . 2014-01-09 09:12 -------- d-----w- c:\windows\system32\wbem\ja-JP
2014-01-08 02:53 . 2014-01-08 02:53 45056 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\ja\Microsoft.Ink.Resources.dll
2014-01-08 02:48 . 2014-01-08 02:48 3072 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\ja-JP\LMPRTPRC.DLL.mui
2014-01-08 01:58 . 2014-01-08 01:58 -------- d-----w- c:\windows\nl-NL
2014-01-08 01:58 . 2014-01-08 01:58 -------- d-----w- c:\windows\system32\0413
2014-01-08 01:57 . 2014-01-09 10:12 -------- d-----w- c:\windows\system32\drivers\nl-NL
2014-01-08 01:57 . 2014-01-09 09:56 -------- d-----w- c:\windows\system32\drivers\UMDF\nl-NL
2014-01-08 01:57 . 2014-01-09 09:12 -------- d-----w- c:\windows\system32\wbem\nl-NL
2014-01-08 01:43 . 2014-01-08 01:43 40960 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\nl\Microsoft.Ink.Resources.dll
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-28 07:23 . 2012-06-13 15:02 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-01-28 07:23 . 2011-09-07 13:39 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-01-25 09:00 . 2014-01-13 08:58 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys.bak
2014-01-25 09:00 . 2014-01-13 08:58 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys.bak
2014-01-25 09:00 . 2014-01-13 08:58 15872 ----a-w- c:\windows\system32\drivers\ws2ifsl.sys.bak
2014-01-25 09:00 . 2014-01-13 08:58 40448 ----a-w- c:\windows\system32\drivers\WpdUsb.sys.bak
2014-01-25 09:00 . 2014-01-13 08:58 17976 ----a-w- c:\windows\system32\drivers\wmilib.sys.bak
2014-01-25 09:00 . 2014-01-13 08:58 11264 ----a-w- c:\windows\system32\drivers\wmiacpi.sys.bak
2014-01-25 09:00 . 2014-01-13 08:58 31616 ----a-w- c:\windows\system32\drivers\winusb.sys.bak
2014-01-25 09:00 . 2014-01-13 08:58 7040 ----a-w- c:\windows\system32\drivers\whfltr2k.sys.bak
2014-01-25 09:00 . 2014-01-13 08:58 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys.bak
2014-01-25 09:00 . 2014-01-13 08:58 527064 ----a-w- c:\windows\system32\drivers\Wdf01000.sys.bak
2014-01-25 09:00 . 2014-01-13 08:58 22072 ----a-w- c:\windows\system32\drivers\wd.sys.bak
2014-01-25 09:00 . 2014-01-13 08:58 33280 ----a-w- c:\windows\system32\drivers\watchdog.sys.bak
2014-01-25 09:00 . 2014-01-13 08:58 62464 ----a-w- c:\windows\system32\drivers\wanarp.sys.bak
2014-01-25 09:00 . 2014-01-13 08:58 20608 ----a-w- c:\windows\system32\drivers\wacompen.sys.bak
2014-01-25 09:00 . 2014-01-13 08:58 130616 ----a-w- c:\windows\system32\drivers\vsmraid.sys.bak
2014-01-25 09:00 . 2014-01-13 08:58 224640 ----a-w- c:\windows\system32\drivers\volsnap.sys.bak
2014-01-25 09:00 . 2014-01-13 08:58 292840 ----a-w- c:\windows\system32\drivers\volmgrx.sys.bak
2014-01-25 09:00 . 2014-01-13 08:58 52792 ----a-w- c:\windows\system32\drivers\volmgr.sys.bak
2014-01-25 09:00 . 2014-01-13 08:58 110080 ----a-w- c:\windows\system32\drivers\videoprt.sys.bak
2014-01-25 09:00 . 2014-01-13 08:58 20024 ----a-w- c:\windows\system32\drivers\viaide.sys.bak
2014-01-25 09:00 . 2014-01-13 08:58 41472 ----a-w- c:\windows\system32\drivers\viac7.sys.bak
2014-01-25 09:00 . 2014-01-13 08:58 56888 ----a-w- c:\windows\system32\drivers\VIAAGP.SYS.bak
2014-01-25 09:00 . 2014-01-13 08:58 26112 ----a-w- c:\windows\system32\drivers\vgapnp.sys.bak
2014-01-25 09:00 . 2014-01-13 08:58 25088 ----a-w- c:\windows\system32\drivers\vga.sys.bak
2014-01-25 09:00 . 2014-01-13 08:58 18432 ----a-w- c:\windows\system32\drivers\UVCFTR_S.SYS.bak
2014-01-25 09:00 . 2014-01-13 08:58 134272 ----a-w- c:\windows\system32\drivers\usbvideo.sys.bak
2014-01-25 09:00 . 2014-01-13 08:58 23552 ----a-w- c:\windows\system32\drivers\usbuhci.sys.bak
2014-01-25 09:00 . 2014-01-13 08:58 65536 ----a-w- c:\windows\system32\drivers\USBSTOR.SYS.bak
2014-01-25 09:00 . 2014-01-13 08:58 35328 ----a-w- c:\windows\system32\drivers\usbscan.sys.bak
2014-01-25 09:00 . 2014-01-13 08:58 18944 ----a-w- c:\windows\system32\drivers\usbprint.sys.bak
2014-01-25 09:00 . 2014-01-13 08:58 226304 ----a-w- c:\windows\system32\drivers\usbport.sys.bak
2014-01-25 09:00 . 2014-01-13 08:58 19456 ----a-w- c:\windows\system32\drivers\usbohci.sys.bak
2014-01-25 08:59 . 2014-01-13 08:58 197632 ----a-w- c:\windows\system32\drivers\usbhub.sys.bak
2014-01-25 08:59 . 2014-01-13 08:58 39936 ----a-w- c:\windows\system32\drivers\usbehci.sys.bak
2014-01-25 08:59 . 2014-01-13 08:58 6016 ----a-w- c:\windows\system32\drivers\usbd.sys.bak
2014-01-25 08:59 . 2014-01-13 08:58 68608 ----a-w- c:\windows\system32\drivers\usbcir.sys.bak
2014-01-25 08:59 . 2014-01-13 08:58 73216 ----a-w- c:\windows\system32\drivers\usbccgp.sys.bak
2014-01-25 08:59 . 2014-01-13 08:58 25856 ----a-w- c:\windows\system32\drivers\USBCAMD2.sys.bak
2014-01-25 08:59 . 2014-01-13 08:58 44544 ----a-w- c:\windows\system32\drivers\usbaapl.sys.bak
2014-01-25 08:59 . 2014-01-13 08:58 25856 ----a-w- c:\windows\system32\drivers\USBCAMD.sys.bak
2014-01-25 08:59 . 2014-01-13 08:58 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys.bak
2014-01-25 08:59 . 2014-01-13 08:58 7680 ----a-w- c:\windows\system32\drivers\umpass.sys.bak
2014-01-25 08:59 . 2014-01-13 08:58 34816 ----a-w- c:\windows\system32\drivers\umbus.sys.bak
2014-01-25 08:59 . 2014-01-13 08:58 115816 ----a-w- c:\windows\system32\drivers\ulsata2.sys.bak
2014-01-25 08:59 . 2014-01-13 08:58 98408 ----a-w- c:\windows\system32\drivers\ulsata.sys.bak
2014-01-25 08:59 . 2014-01-13 08:58 238648 ----a-w- c:\windows\system32\drivers\uliahci.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 60984 ----a-w- c:\windows\system32\drivers\ULIAGPKX.SYS.bak
2014-01-25 08:59 . 2014-01-13 08:57 226816 ----a-w- c:\windows\system32\drivers\udfs.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 59448 ----a-w- c:\windows\system32\drivers\UAGP35.SYS.bak
2014-01-25 08:59 . 2014-01-13 08:57 23640 ----a-w- c:\windows\system32\drivers\TVALZ_O.SYS.bak
2014-01-25 08:59 . 2014-01-13 08:57 25088 ----a-w- c:\windows\system32\drivers\tunnel.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 15360 ----a-w- c:\windows\system32\drivers\TUNMP.SYS.bak
2014-01-25 08:59 . 2014-01-13 08:57 24064 ----a-w- c:\windows\system32\drivers\tssecsrv.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 7463 ----a-w- c:\windows\system32\drivers\tkbtnpn.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 53224 ----a-w- c:\windows\system32\drivers\termdd.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 72192 ----a-w- c:\windows\system32\drivers\tdx.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 29184 ----a-w- c:\windows\system32\drivers\tdtcp.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 17920 ----a-w- c:\windows\system32\drivers\tdpipe.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 20992 ----a-w- c:\windows\system32\drivers\tdi.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 16128 ----a-w- c:\windows\system32\drivers\tdcmdpst.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 31232 ----a-w- c:\windows\system32\drivers\tcpipreg.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 914880 ----a-w- c:\windows\system32\drivers\tcpip.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 24576 ----a-w- c:\windows\system32\drivers\tape.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 203312 ----a-w- c:\windows\system32\drivers\SynTP.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 34920 ----a-w- c:\windows\system32\drivers\sym_u3.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 31848 ----a-w- c:\windows\system32\drivers\sym_hi.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 35944 ----a-w- c:\windows\system32\drivers\symc8xx.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 24840 ----a-w- c:\windows\system32\drivers\swmsflt.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 15288 ----a-w- c:\windows\system32\drivers\swenum.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 13464 ----a-w- c:\windows\system32\drivers\SWDUMon.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 52992 ----a-w- c:\windows\system32\drivers\stream.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 122344 ----a-w- c:\windows\system32\drivers\Storport.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 146432 ----a-w- c:\windows\system32\drivers\srv2.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 305152 ----a-w- c:\windows\system32\drivers\srv.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 684032 ----a-w- c:\windows\system32\drivers\spsys.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 21048 ----a-w- c:\windows\system32\drivers\spldr.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 17408 ----a-w- c:\windows\system32\drivers\smclib.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 66560 ----a-w- c:\windows\system32\drivers\smb.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 74808 ----a-w- c:\windows\system32\drivers\sisraid4.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 41016 ----a-w- c:\windows\system32\drivers\sisraid2.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 55864 ----a-w- c:\windows\system32\drivers\SISAGP.SYS.bak
2014-01-25 08:59 . 2014-01-13 08:57 13312 ----a-w- c:\windows\system32\drivers\sfloppy.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 11776 ----a-w- c:\windows\system32\drivers\sffp_sd.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 12288 ----a-w- c:\windows\system32\drivers\sffp_mmc.sys.bak
2014-01-25 08:58 . 2014-01-13 08:57 13312 ----a-w- c:\windows\system32\drivers\sffdisk.sys.bak
2014-01-25 08:58 . 2014-01-13 08:57 19968 ----a-w- c:\windows\system32\drivers\sermouse.sys.bak
2014-01-25 08:58 . 2014-01-13 08:57 83456 ----a-w- c:\windows\system32\drivers\serial.sys.bak
2014-01-25 08:58 . 2014-01-13 08:57 17920 ----a-w- c:\windows\system32\drivers\serenum.sys.bak
2014-01-25 08:58 . 2014-01-13 08:57 20480 ----a-w- c:\windows\system32\drivers\secdrv.sys.bak
2014-01-25 08:58 . 2014-01-13 08:57 142904 ----a-w- c:\windows\system32\drivers\scsiport.sys.bak
2014-01-25 08:58 . 2014-01-13 08:57 76392 ----a-w- c:\windows\system32\drivers\sbp2port.sys.bak
2014-01-25 08:58 . 2014-01-13 08:57 209112 ----a-w- c:\windows\system32\drivers\RtsUStor.sys.bak
2014-01-25 08:58 . 2014-01-13 08:57 62464 ----a-w- c:\windows\system32\drivers\RTSTOR.sys.bak
2014-01-25 08:58 . 2014-01-13 08:57 454288 ----a-w- c:\windows\system32\drivers\Rtlh86.sys.bak
2014-01-25 08:58 . 2014-01-13 08:57 2888536 ----a-w- c:\windows\system32\drivers\RTKVHDA.sys.bak
2014-01-25 08:58 . 2014-01-13 08:57 60416 ----a-w- c:\windows\system32\drivers\rspndr.sys.bak
2014-01-25 08:58 . 2014-01-13 08:57 238696 ----a-w- c:\windows\system32\drivers\RsFx0105.sys.bak
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"ISUSPM"="c:\programdata\FLEXnet\Connect\11\ISUSPM.exe" [2009-05-05 222496]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Bell Canada Connection Manager"="c:\program files\Bell\Mobile Connect\BellCanadaCM.exe" [2010-05-26 87320]
"TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2008-01-17 431456]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-08-14 1348904]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2013-10-24 12017368]
"PDFHook"="c:\program files\Nuance\PDF Viewer Plus\pdfpro5hook.exe" [2010-03-06 636192]
"PDF5 Registry Controller"="c:\program files\Nuance\PDF Viewer Plus\RegistryController.exe" [2010-03-05 62752]
"LtMoh"="c:\program files\ltmoh\Ltmoh.exe" [2007-01-09 191552]
"LogMeIn GUI"="c:\program files\LogMeIn\x86\LogMeInSystray.exe" [2010-09-17 63048]
"iSkysoft Helper Compact.exe"="c:\program files\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe" [2013-05-29 1734144]
"HSON"="c:\program files\TOSHIBA\TBS\HSON.exe" [2007-11-01 54608]
"ControlCenter4"="c:\program files\ControlCenter4\BrCcBoot.exe" [2011-04-20 139264]
"BrStsMon00"="c:\program files\Browny02\Brother\BrStMonW.exe" [2011-05-19 2629632]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2014-01-20 43848]
"00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2008-01-22 712704]
"BrowserSafeguard"="c:\program files\Browsersafeguard\BrowserSafeguard.exe" [2013-12-31 412672]
"AVG_UI"="c:\program files\AVG\AVG2014\avgui.exe" [2013-11-08 4956176]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2014-01-20 152392]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-09-24 926896]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoThumbnailCache"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ sasnative32\0autocheck autochk *
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7070D8E0-650A-46b3-B03C-9497582E6A74}]
2008-04-11 21:23 38400 ----a-w- c:\windows\System32\SoundSchemes.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-02-01 12:01 1211672 ----a-w- c:\program files\Google\Chrome\Application\32.0.1700.102\Installer\chrmstp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{B3688A53-AB2A-4b1d-8CEF-8F93D8C51C24}]
2008-08-28 14:50 30720 ----a-w- c:\windows\System32\soundschemes2.exe
.
Contenu du dossier 'Tâches planifiées'
.
2014-02-02 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-13 07:23]
.
2014-02-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-11-30 18:46]
.
2014-02-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-11-30 18:46]
.
.
------- Examen supplémentaire -------
.
uStart Page = about:blank
mStart Page = hxxp://www.shoptoshiba.ca/welcome
uInternet Settings,ProxyOverride = <-loopback>
uInternet Settings,ProxyServer = http=127.0.0.1:49171;https=127.0.0.1:49171
uSearchAssistant = hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=Tuguu&co=CA&userid=8aa00f75-bc22-84db-0eac-8c33f83d1f22&searchtype=ds&q={searchTerms}&installDate=05/01/2014
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Ouvrir avec PDF Viewer Plus - c:\program files\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll/PlusIEContextMenu.htm
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Contrat2\AppData\Roaming\Mozilla\Firefox\Profiles\6nckl4da.default-1390634376769\
FF - prefs.js: browser.startup.homepage - hxxps://snt148.mail.live.com/mail/?n=271082233&fid=1&cid=1337c784-270b-a2b2-204c-0cae78c9cc91|Nicolet, Québec - Vos Prévisions locales - MétéoMédia
FF - user.js: network.http.max-connections-per-server - 6
FF - user.js: network.http.max-persistent-connections-per-server - 3
FF - user.js: nglayout.initialpaint.delay - 750
FF - user.js: content.notify.interval - 750000
FF - user.js: content.max.tokenizing.time - 2250000
.
- - - - ORPHELINS SUPPRIMES - - - -
.
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
HKLM-Run-WheelMouse - c:\advanc~1\wh_exec.exe
SafeBoot-WudfPf
SafeBoot-WudfRd
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2014-02-02 04:52
Windows 6.0.6002 Service Pack 2 NTFS
.
Recherche de processus cachés ...
.
Recherche d'éléments en démarrage automatique cachés ...
.
Recherche de fichiers cachés ...
.
Scan terminé avec succès
Fichiers cachés: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet013\Services\TrueSight]
"ImagePath"="\??\"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet013\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet013\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Heure de fin: 2014-02-02 04:59:31
ComboFix-quarantined-files.txt 2014-02-02 09:59
.
Avant-CF: 39 145 422 848 octets libres
Après-CF: 41 117 388 800 octets libres
.
- - End Of File - - EB02D25CB284B261990B1239D32A9156
5C616939100B85E558DA92B899A0FC36

 

[dzerpapa]

Re: hope

Hi Patrick,

Thank you for your help and for the "compliment"!

Ceci étant dit, ton français est bien meilleur que celui de plusieurs francophones avec lesquels je communique...

Bye!

Claude

 

[Corrine]

Hi, Claude.

Let's get another opinion. I'd like you to do what we call an "online scan". Don't be alarmed that the scan may take a long time.

Please go here to run an on-line scan from ESET.

• Note: It is easiest if you use Internet explorer for this scan. (If you use an alternate browser, it will be necessary to download the ESET Smart Installer)
• Turn off the real time scanner of any existing antivirus program while performing the online scan
• Tick the box next to YES, I accept the Terms of Use.
• Click Start
• When asked, allow the ActiveX control to install
• Click Start
• Make sure that the option Remove found threats is unticked and the Scan Archives option is ticked.
• Click on Advanced Settings, ensure the options Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
• Click Scan
• Wait for the scan to finish
• Use notepad to open the logfile located at C:\Program Files\Eset\Eset Online Scanner\log.txt
• Copy and paste that log as a reply to this topic.

 

[dzerpapa]

Hi Corrine,

Thank you for your support... again!

I'm trying this new option!

 

[dzerpapa]

Hi Corrine,

The logfile ESET after scan


ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=0a172cfb816e9047adee3907c9f00911
# engine=16910
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-02-02 09:11:56
# local_time=2014-02-02 04:11:56 (-0500, Est)
# country="France"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1023 16777215 0 0 0 0 0 0
# compatibility_mode=5892 16776574 100 100 0 227983171 0 0
# scanned=539019
# found=20
# cleaned=0
# scan_time=20359
sh=ADF2AD3B94EB35DC371AB7A1A49B004B7C76BFA5 ft=1 fh=f95766f30bc4ebc6 vn="Win32/Bundled.Toolbar.Google.D application" ac=I fn="C:\GDG\UserData\telechargements\ccsetup406(1).exe"
sh=F0C3BA0940E30702BE26BDA01D894C9B49B38C6E ft=1 fh=f7febe5756a34365 vn="Win32/OpenCandy application" ac=I fn="C:\GDG\UserData\telechargements\DuplicateCleaner_setup.exe"
sh=A0446D386506FECD6B49007E8E358B631ED30C9F ft=1 fh=191cb7c2dda6b7ba vn="Win32/OpenCandy application" ac=I fn="C:\GDG\UserData\telechargements\FreeAudioConverter.exe"
sh=70AB3891B55886014C4B3F5AA8655EAB655A2418 ft=1 fh=1b74548f60424755 vn="Win32/OpenCandy application" ac=I fn="C:\GDG\UserData\telechargements\FreeStudio.exe"
sh=E391227C18DB5CCCF6930FB6B1B1A14A4554411F ft=1 fh=8403bb6629a841c3 vn="a variant of Win32/LogicielsEspions.C application" ac=I fn="C:\GDG\UserData\telechargements\install_sld.exe"
sh=030EB648F0E5403F6454BF0FE6534C58E2394A9F ft=1 fh=00b4a2db668015b9 vn="a variant of Win32/SoftonicDownloader.E application" ac=I fn="C:\GDG\UserData\telechargements\SoftonicDownloader_for_computer-repair-free.exe"
sh=5694DD651E9941EE120AE702B7A9969E79E599A6 ft=1 fh=016bb14c1faed98c vn="Win32/SpeedUpMyPC.A application" ac=I fn="C:\GDG\UserData\telechargements\speedupmypc.exe"
sh=BD534F91FD49B654F3BCDC90B6F410E62FAFBB29 ft=1 fh=084a22a819ae5508 vn="a variant of Win32/LogicielsEspions.C application" ac=I fn="C:\GDG\UserData\telechargements\supprimer-doublons.exe"
sh=96B031C0F9D57EBB904325135B8F7981C7862F9D ft=1 fh=a279aa8766d092ab vn="Win32/Systweak.B application" ac=I fn="C:\GDG\UserData\telechargements\sysrc_trial_3267_770481(1).exe"
sh=96B031C0F9D57EBB904325135B8F7981C7862F9D ft=1 fh=a279aa8766d092ab vn="Win32/Systweak.B application" ac=I fn="C:\GDG\UserData\telechargements\sysrc_trial_3267_770481.exe"
sh=048D6A3C923AB1CAA24BB7E34FC297740AE22092 ft=1 fh=51afa4bffd9e08c8 vn="multiple threats" ac=I fn="C:\GDG\UserData\telechargements\sysrc_trial_9407_french01(1).exe"
sh=048D6A3C923AB1CAA24BB7E34FC297740AE22092 ft=1 fh=51afa4bffd9e08c8 vn="multiple threats" ac=I fn="C:\GDG\UserData\telechargements\sysrc_trial_9407_french01(2).exe"
sh=048D6A3C923AB1CAA24BB7E34FC297740AE22092 ft=1 fh=51afa4bffd9e08c8 vn="multiple threats" ac=I fn="C:\GDG\UserData\telechargements\sysrc_trial_9407_french01(3).exe"
sh=048D6A3C923AB1CAA24BB7E34FC297740AE22092 ft=1 fh=51afa4bffd9e08c8 vn="multiple threats" ac=I fn="C:\GDG\UserData\telechargements\sysrc_trial_9407_french01.exe"
sh=687E4684D889184C55A993785E27C1008EB76A75 ft=1 fh=5af51b0824dceea6 vn="multiple threats" ac=I fn="C:\GDG\UserData\telechargements\vlcmediaplayer-setup.exe"
sh=93510E07EBD463BE51052EC8114EC16C5423103E ft=0 fh=0000000000000000 vn="Win32/Conduit.SearchProtect.A application" ac=I fn="C:\Program Files\Mozilla Firefox\browser\nsprotector.js"
sh=741518CA17409E0C108EA202464829E6C664ED1E ft=1 fh=52477f93f91d8732 vn="a variant of MSIL/DomaIQ.A application" ac=I fn="C:\Program Files\Uninstaller\Uninstall.exe"
sh=8E6A6992A3C7FEC4000FA1A4D764DD597109E0B5 ft=1 fh=c71c0011cd00713e vn="Win32/NextLive.A application" ac=I fn="C:\Users\Contrat2\AppData\Local\genienext\nengine.dll"
sh=8E6A6992A3C7FEC4000FA1A4D764DD597109E0B5 ft=1 fh=c71c0011cd00713e vn="Win32/NextLive.A application" ac=I fn="C:\Users\Contrat2\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\nengine.dll"
sh=8E6A6992A3C7FEC4000FA1A4D764DD597109E0B5 ft=1 fh=c71c0011cd00713e vn="Win32/NextLive.A application" ac=I fn="C:\Users\Contrat2\AppData\Roaming\newnext.me\nengine.dll"

 

[Corrine]

Thank you, Claude.

Rather than having you rescan with ESET, we'll use ComboFix to remove what was found.

Custom CFScript

Note: The following instructions were created specifically for this user. If you are not this user, do NOT follow these directions as they could damage the workings of your system.[/size]

• Please open Notepad (Click Start -> Run -> type notepad in the Open field -> OK). Copy/Paste all of the text present inside the code box below:
  

C:\GDG\UserData\telechargements\ccsetup406(1).exe
C:\GDG\UserData\telechargements\DuplicateCleaner_setup.exe
C:\GDG\UserData\telechargements\FreeAudioConverter.exe
C:\GDG\UserData\telechargements\FreeStudio.exe
C:\GDG\UserData\telechargements\install_sld.exe
C:\GDG\UserData\telechargements\SoftonicDownloader_for_computer-repair-free.exe
C:\GDG\UserData\telechargements\speedupmypc.exe
C:\GDG\UserData\telechargements\supprimer-doublons.exe
C:\GDG\UserData\telechargements\sysrc_trial_3267_770481(1).exe
C:\GDG\UserData\telechargements\sysrc_trial_3267_770481.exe
C:\GDG\UserData\telechargements\sysrc_trial_9407_french01(1).exe
C:\GDG\UserData\telechargements\sysrc_trial_9407_french01(2).exe
C:\GDG\UserData\telechargements\sysrc_trial_9407_french01(3).exe
C:\GDG\UserData\telechargements\sysrc_trial_9407_french01.exe
C:\GDG\UserData\telechargements\vlcmediaplayer-setup.exe
C:\Program Files\Mozilla Firefox\browser\nsprotector.js
C:\Program Files\Uninstaller\Uninstall.exe
C:\Users\Contrat2\AppData\Local\genienext\nengine.dll
C:\Users\Contrat2\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\nengine.dll
C:\Users\Contrat2\AppData\Roaming\newnext.me\nengine.dll

• Save this as CFScript.txt and place it on your desktop.
• Close any open browsers.
• Close/disable all antivirus and anti-malware programs so they do not interfere with the running of ComboFix.
  
  
  
  
  
  
• Referring to the screenshot above, drag CFScript.txt into ComboFix.exe.
• ComboFix will now run a scan on your system. It may reboot your system when it finishes. This is normal.
• When finished, it will produce a log for you. Copy and paste the contents of the log in your next reply.

CAUTION: Do not mouse-click ComboFix's window while it is running. That may cause it to stall.

Please let me know how your computer is --- and that you are not crying. :smile9:

 

[dzerpapa]

Hi Corrine,

Smurff!



ComboFix 14-02-01.01 - Contrat2 02/02/2014 23:25:20.2.2 - x86
Microsoft® Windows Vista™ Édition Intégrale 6.0.6002.2.1252.2.1036.18.2941.860 [GMT -5:00]
Lancé depuis: c:\gdg\UserData\Desktop\ComboFix.exe
Commutateurs utilisés :: c:\gdg\UserData\Desktop\CFScript.txt
AV: AVG Internet Security 2014 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
FW: AVG Internet Security 2014 *Enabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
SP: AVG Internet Security 2014 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2014-01-03 au 2014-02-03 ))))))))))))))))))))))))))))))))))))
.
.
2014-02-02 15:27 . 2014-02-02 15:27 -------- d-----w- c:\program files\ESET
2014-02-02 09:59 . 2014-02-03 05:02 -------- d-----w- c:\users\Contrat2\AppData\Local\temp
2014-02-02 09:00 . 2014-02-02 08:59 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2014-01-31 04:59 . 2014-01-31 04:59 -------- d-----w- c:\users\Contrat2\AppData\Roaming\ParetoLogic
2014-01-31 04:59 . 2014-01-31 04:59 -------- d-----w- c:\users\Contrat2\AppData\Roaming\DriverCure
2014-01-31 04:59 . 2014-01-31 06:01 -------- d-----w- c:\programdata\ParetoLogic
2014-01-28 06:41 . 2005-05-26 20:34 2297552 ----a-w- c:\windows\system32\d3dx9_26.dll
2014-01-26 09:40 . 2014-01-26 09:54 -------- d-----w- c:\programdata\TuneUp Software
2014-01-26 09:39 . 2014-01-26 10:27 -------- d-sh--w- c:\programdata\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-01-26 09:02 . 2014-01-26 09:02 -------- d-----w- c:\users\Contrat2\AppData\Local\PassMark
2014-01-26 09:02 . 2014-01-26 09:02 -------- d-----w- c:\programdata\Passmark
2014-01-26 09:02 . 2014-01-26 09:02 -------- d-----w- c:\program files\PerformanceTest
2014-01-26 08:24 . 2014-01-26 08:24 -------- d-----w- c:\program files\Panda Security
2014-01-25 10:37 . 2013-12-04 02:57 7760024 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4D855812-5B87-493A-9388-D625B8587E3A}\mpengine.dll
2014-01-25 10:30 . 2014-01-25 10:30 -------- d-----w- c:\users\Contrat2\AppData\Roaming\AVG2014
2014-01-25 10:28 . 2014-01-26 09:49 -------- d-----w- c:\users\Contrat2\AppData\Roaming\TuneUp Software
2014-01-25 10:27 . 2014-01-25 10:29 -------- d-----w- c:\programdata\AVG2014
2014-01-25 10:25 . 2014-01-25 10:25 -------- d-----w- c:\program files\AVG
2014-01-25 10:20 . 2014-02-03 03:51 -------- d-----w- c:\programdata\MFAData
2014-01-25 10:20 . 2014-01-25 10:35 -------- d-----w- c:\users\Contrat2\AppData\Local\Avg2014
2014-01-25 10:20 . 2014-01-25 10:20 -------- d-----w- c:\users\Contrat2\AppData\Local\MFAData
2014-01-25 09:44 . 2014-01-25 09:44 -------- d-----w- c:\program files\VS Revo Group
2014-01-24 12:07 . 2014-01-24 14:53 -------- d-----w- c:\users\Contrat2\AppData\Local\CrashDumps
2014-01-24 11:27 . 2014-01-24 11:27 -------- d-----w- c:\users\Contrat2\AppData\Roaming\Malwarebytes
2014-01-24 11:27 . 2014-01-24 11:27 -------- d-----w- c:\programdata\Malwarebytes
2014-01-24 11:27 . 2014-01-24 11:27 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2014-01-24 07:00 . 2014-01-24 07:00 -------- d-----w- c:\program files\Enigma Software Group
2014-01-23 07:24 . 2014-01-23 07:24 -------- d-----w- c:\programdata\CrypKey
2014-01-23 07:22 . 2014-01-23 07:23 -------- d-----w- c:\program files\Stellar Phoenix Outlook PST Repair
2014-01-13 08:35 . 2014-01-25 06:46 -------- d-----w- c:\program files\Browsersafeguard
2014-01-13 08:31 . 2014-01-13 08:31 -------- d-----w- c:\programdata\SearchModule
2014-01-13 08:30 . 2014-01-16 17:06 -------- d-----w- c:\program files\Common Files\Goobzo
2014-01-13 08:30 . 2014-01-13 08:31 -------- d-----w- c:\users\Contrat2\AppData\Local\Installer
2014-01-13 08:30 . 2014-01-13 08:30 -------- d-----w- c:\users\Contrat2\AppData\Local\CrashRpt
2014-01-13 07:45 . 2014-01-13 07:45 -------- d-----w- c:\users\Contrat2\AppData\Local\AMD
2014-01-13 07:43 . 2014-01-13 07:43 -------- d-----w- c:\programdata\ATI
2014-01-09 09:56 . 2014-01-09 09:56 -------- d-----w- c:\windows\system32\drivers\UMDF\uk-UA
2014-01-09 09:56 . 2014-01-09 09:56 -------- d-----w- c:\windows\system32\drivers\UMDF\sr-Latn-CS
2014-01-09 09:56 . 2014-01-09 09:56 -------- d-----w- c:\windows\system32\drivers\UMDF\sk-SK
2014-01-09 09:56 . 2014-01-09 09:56 -------- d-----w- c:\windows\system32\drivers\UMDF\ro-RO
2014-01-08 20:11 . 2014-01-09 09:12 -------- d-----w- c:\windows\system32\wbem\tr-TR
2014-01-08 20:11 . 2014-01-08 20:11 -------- d-----w- c:\windows\system32\041F
2014-01-08 19:51 . 2014-01-08 19:51 40960 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\tr\Microsoft.Ink.Resources.dll
2014-01-08 19:47 . 2014-01-08 19:47 3584 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\tr-TR\LMPRTPRC.DLL.mui
2014-01-08 18:47 . 2014-01-09 10:12 -------- d-----w- c:\windows\system32\drivers\th-TH
2014-01-08 18:46 . 2014-01-08 18:46 -------- d-----w- c:\windows\th-TH
2014-01-08 17:36 . 2014-01-09 09:56 -------- d-----w- c:\windows\system32\drivers\UMDF\sv-SE
2014-01-08 17:36 . 2014-01-08 17:36 -------- d-----w- c:\windows\system32\041D
2014-01-08 17:36 . 2014-01-09 10:12 -------- d-----w- c:\windows\system32\drivers\sv-SE
2014-01-08 17:36 . 2014-01-09 09:12 -------- d-----w- c:\windows\system32\wbem\sv-SE
2014-01-08 17:36 . 2014-01-08 17:36 -------- d-----w- c:\windows\sv-SE
2014-01-08 17:17 . 2014-01-08 17:17 40960 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\sv\Microsoft.Ink.Resources.dll
2014-01-08 17:13 . 2014-01-08 17:13 3584 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\sv-SE\LMPRTPRC.DLL.mui
2014-01-08 16:13 . 2014-01-08 16:13 -------- d-----w- c:\windows\sl-SI
2014-01-08 16:13 . 2014-01-09 10:12 -------- d-----w- c:\windows\system32\drivers\sl-SI
2014-01-08 15:05 . 2014-01-08 15:05 -------- d-----w- c:\windows\sk-SK
2014-01-08 15:05 . 2014-01-09 10:12 -------- d-----w- c:\windows\system32\drivers\sk-SK
2014-01-08 13:49 . 2014-01-08 13:49 -------- d-----w- c:\windows\sr-Latn-CS
2014-01-08 13:48 . 2014-01-09 10:12 -------- d-----w- c:\windows\system32\drivers\sr-Latn-CS
2014-01-08 12:42 . 2014-01-08 12:42 -------- d-----w- c:\windows\system32\0419
2014-01-08 12:42 . 2014-01-09 09:56 -------- d-----w- c:\windows\system32\drivers\UMDF\ru-RU
2014-01-08 12:42 . 2014-01-09 10:12 -------- d-----w- c:\windows\system32\drivers\ru-RU
2014-01-08 12:42 . 2014-01-09 09:12 -------- d-----w- c:\windows\system32\wbem\ru-RU
2014-01-08 12:41 . 2014-01-08 12:41 -------- d-----w- c:\windows\ru-RU
2014-01-08 12:18 . 2014-01-08 12:18 49152 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\ru\Microsoft.Ink.Resources.dll
2014-01-08 12:12 . 2014-01-08 12:12 3584 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\ru-RU\LMPRTPRC.DLL.mui
2014-01-08 11:07 . 2014-01-24 13:23 -------- d-----w- c:\windows\ro-RO
2014-01-08 11:07 . 2014-01-09 10:12 -------- d-----w- c:\windows\system32\drivers\ro-RO
2014-01-08 10:08 . 2014-01-08 10:08 -------- d-----w- c:\windows\pt-PT
2014-01-08 10:07 . 2014-01-09 10:12 -------- d-----w- c:\windows\system32\drivers\pt-PT
2014-01-08 10:07 . 2014-01-09 09:56 -------- d-----w- c:\windows\system32\drivers\UMDF\pt-PT
2014-01-08 10:07 . 2014-01-08 10:07 -------- d-----w- c:\windows\system32\0816
2014-01-08 10:07 . 2014-01-09 09:12 -------- d-----w- c:\windows\system32\wbem\pt-PT
2014-01-08 09:49 . 2014-01-08 09:49 40960 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\pt\Microsoft.Ink.Resources.dll
2014-01-08 09:44 . 2014-01-08 09:44 4096 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\pt-PT\LMPRTPRC.DLL.mui
2014-01-08 08:38 . 2014-01-08 08:38 -------- d-----w- c:\windows\pt-BR
2014-01-08 08:37 . 2014-01-09 10:12 -------- d-----w- c:\windows\system32\drivers\pt-BR
2014-01-08 08:37 . 2014-01-09 09:56 -------- d-----w- c:\windows\system32\drivers\UMDF\pt-BR
2014-01-08 08:37 . 2014-01-08 08:37 -------- d-----w- c:\windows\system32\0416
2014-01-08 08:37 . 2014-01-09 09:12 -------- d-----w- c:\windows\system32\wbem\pt-BR
2014-01-08 08:20 . 2014-01-08 08:20 40960 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\pt-BR\Microsoft.Ink.Resources.dll
2014-01-08 08:19 . 2014-01-08 08:19 3584 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\pt-BR\LMPRTPRC.DLL.mui
2014-01-08 07:24 . 2014-01-08 07:24 -------- d-----w- c:\windows\pl-PL
2014-01-08 07:24 . 2014-01-09 10:12 -------- d-----w- c:\windows\system32\drivers\pl-PL
2014-01-08 07:24 . 2014-01-09 09:56 -------- d-----w- c:\windows\system32\drivers\UMDF\pl-PL
2014-01-08 07:23 . 2014-01-09 09:12 -------- d-----w- c:\windows\system32\wbem\pl-PL
2014-01-08 07:23 . 2014-01-08 07:23 -------- d-----w- c:\windows\system32\0415
2014-01-08 07:09 . 2014-01-08 07:09 40960 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\pl\Microsoft.Ink.Resources.dll
2014-01-08 07:04 . 2014-01-08 07:04 3584 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\pl-PL\LMPRTPRC.DLL.mui
2014-01-08 06:02 . 2014-01-08 06:02 -------- d-----w- c:\windows\lt-LT
2014-01-08 06:02 . 2014-01-09 10:12 -------- d-----w- c:\windows\system32\drivers\lt-LT
2014-01-08 05:17 . 2014-01-08 05:17 -------- d-----w- c:\windows\lv-LV
2014-01-08 05:17 . 2014-01-09 10:12 -------- d-----w- c:\windows\system32\drivers\lv-LV
2014-01-08 04:22 . 2014-01-08 04:22 -------- d-----w- c:\windows\ko-KR
2014-01-08 04:22 . 2014-01-08 04:22 -------- d-----w- c:\windows\system32\0412
2014-01-08 04:22 . 2014-01-09 10:12 -------- d-----w- c:\windows\system32\drivers\ko-KR
2014-01-08 04:22 . 2014-01-09 09:56 -------- d-----w- c:\windows\system32\drivers\UMDF\ko-KR
2014-01-08 04:22 . 2014-01-08 04:22 -------- d-----w- c:\windows\system32\ko
2014-01-08 04:22 . 2014-01-09 09:12 -------- d-----w- c:\windows\system32\wbem\ko-KR
2014-01-08 04:09 . 2014-01-08 04:09 40960 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\ko\Microsoft.Ink.Resources.dll
2014-01-08 04:06 . 2014-01-08 04:06 3072 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\ko-KR\LMPRTPRC.DLL.mui
2014-01-08 03:07 . 2014-01-08 03:07 -------- d-----w- c:\windows\ja-JP
2014-01-08 03:06 . 2014-01-08 03:06 -------- d-----w- c:\windows\system32\ja
2014-01-08 03:06 . 2014-01-08 03:06 -------- d-----w- c:\windows\system32\0411
2014-01-08 03:06 . 2014-01-09 10:12 -------- d-----w- c:\windows\system32\drivers\ja-JP
2014-01-08 03:06 . 2014-01-09 09:56 -------- d-----w- c:\windows\system32\drivers\UMDF\ja-JP
2014-01-08 03:06 . 2014-01-09 09:12 -------- d-----w- c:\windows\system32\wbem\ja-JP
2014-01-08 02:53 . 2014-01-08 02:53 45056 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\ja\Microsoft.Ink.Resources.dll
2014-01-08 02:48 . 2014-01-08 02:48 3072 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\ja-JP\LMPRTPRC.DLL.mui
2014-01-08 01:58 . 2014-01-08 01:58 -------- d-----w- c:\windows\nl-NL
2014-01-08 01:58 . 2014-01-08 01:58 -------- d-----w- c:\windows\system32\0413
2014-01-08 01:57 . 2014-01-09 10:12 -------- d-----w- c:\windows\system32\drivers\nl-NL
2014-01-08 01:57 . 2014-01-09 09:56 -------- d-----w- c:\windows\system32\drivers\UMDF\nl-NL
2014-01-08 01:57 . 2014-01-09 09:12 -------- d-----w- c:\windows\system32\wbem\nl-NL
2014-01-08 01:43 . 2014-01-08 01:43 40960 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\nl\Microsoft.Ink.Resources.dll
2014-01-08 01:42 . 2014-01-08 01:42 3584 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\nl-NL\LMPRTPRC.DLL.mui
2014-01-08 00:52 . 2014-01-08 00:52 -------- d-----w- c:\windows\zh-TW
2014-01-08 00:52 . 2014-01-08 00:52 -------- d-----w- c:\windows\system32\zh-CHT
2014-01-08 00:52 . 2014-01-09 10:12 -------- d-----w- c:\windows\system32\drivers\zh-TW
2014-01-08 00:52 . 2014-01-08 00:52 -------- d-----w- c:\windows\system32\drivers\zh-HK
2014-01-08 00:52 . 2014-01-08 00:52 -------- d-----w- c:\windows\system32\drivers\UMDF\zh-TW
2014-01-08 00:52 . 2014-01-08 00:52 -------- d-----w- c:\windows\system32\wbem\zh-TW
2014-01-08 00:52 . 2014-01-08 00:52 -------- d-----w- c:\windows\system32\0C04
2014-01-08 00:37 . 2014-01-08 00:37 36864 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\zh-CHT\Microsoft.Ink.Resources.dll
2014-01-08 00:35 . 2014-01-08 00:35 3072 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\zh-TW\LMPRTPRC.DLL.mui
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-28 07:23 . 2012-06-13 15:02 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-01-28 07:23 . 2011-09-07 13:39 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-01-25 09:00 . 2014-01-13 08:58 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys.bak
2014-01-25 09:00 . 2014-01-13 08:58 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys.bak
2014-01-25 09:00 . 2014-01-13 08:58 15872 ----a-w- c:\windows\system32\drivers\ws2ifsl.sys.bak
2014-01-25 09:00 . 2014-01-13 08:58 40448 ----a-w- c:\windows\system32\drivers\WpdUsb.sys.bak
2014-01-25 09:00 . 2014-01-13 08:58 17976 ----a-w- c:\windows\system32\drivers\wmilib.sys.bak
2014-01-25 09:00 . 2014-01-13 08:58 11264 ----a-w- c:\windows\system32\drivers\wmiacpi.sys.bak
2014-01-25 09:00 . 2014-01-13 08:58 31616 ----a-w- c:\windows\system32\drivers\winusb.sys.bak
2014-01-25 09:00 . 2014-01-13 08:58 7040 ----a-w- c:\windows\system32\drivers\whfltr2k.sys.bak
2014-01-25 09:00 . 2014-01-13 08:58 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys.bak
2014-01-25 09:00 . 2014-01-13 08:58 527064 ----a-w- c:\windows\system32\drivers\Wdf01000.sys.bak
2014-01-25 09:00 . 2014-01-13 08:58 22072 ----a-w- c:\windows\system32\drivers\wd.sys.bak
2014-01-25 09:00 . 2014-01-13 08:58 33280 ----a-w- c:\windows\system32\drivers\watchdog.sys.bak
2014-01-25 09:00 . 2014-01-13 08:58 62464 ----a-w- c:\windows\system32\drivers\wanarp.sys.bak
2014-01-25 09:00 . 2014-01-13 08:58 20608 ----a-w- c:\windows\system32\drivers\wacompen.sys.bak
2014-01-25 09:00 . 2014-01-13 08:58 130616 ----a-w- c:\windows\system32\drivers\vsmraid.sys.bak
2014-01-25 09:00 . 2014-01-13 08:58 224640 ----a-w- c:\windows\system32\drivers\volsnap.sys.bak
2014-01-25 09:00 . 2014-01-13 08:58 292840 ----a-w- c:\windows\system32\drivers\volmgrx.sys.bak
2014-01-25 09:00 . 2014-01-13 08:58 52792 ----a-w- c:\windows\system32\drivers\volmgr.sys.bak
2014-01-25 09:00 . 2014-01-13 08:58 110080 ----a-w- c:\windows\system32\drivers\videoprt.sys.bak
2014-01-25 09:00 . 2014-01-13 08:58 20024 ----a-w- c:\windows\system32\drivers\viaide.sys.bak
2014-01-25 09:00 . 2014-01-13 08:58 41472 ----a-w- c:\windows\system32\drivers\viac7.sys.bak
2014-01-25 09:00 . 2014-01-13 08:58 56888 ----a-w- c:\windows\system32\drivers\VIAAGP.SYS.bak
2014-01-25 09:00 . 2014-01-13 08:58 26112 ----a-w- c:\windows\system32\drivers\vgapnp.sys.bak
2014-01-25 09:00 . 2014-01-13 08:58 25088 ----a-w- c:\windows\system32\drivers\vga.sys.bak
2014-01-25 09:00 . 2014-01-13 08:58 18432 ----a-w- c:\windows\system32\drivers\UVCFTR_S.SYS.bak
2014-01-25 09:00 . 2014-01-13 08:58 134272 ----a-w- c:\windows\system32\drivers\usbvideo.sys.bak
2014-01-25 09:00 . 2014-01-13 08:58 23552 ----a-w- c:\windows\system32\drivers\usbuhci.sys.bak
2014-01-25 09:00 . 2014-01-13 08:58 65536 ----a-w- c:\windows\system32\drivers\USBSTOR.SYS.bak
2014-01-25 09:00 . 2014-01-13 08:58 35328 ----a-w- c:\windows\system32\drivers\usbscan.sys.bak
2014-01-25 09:00 . 2014-01-13 08:58 18944 ----a-w- c:\windows\system32\drivers\usbprint.sys.bak
2014-01-25 09:00 . 2014-01-13 08:58 226304 ----a-w- c:\windows\system32\drivers\usbport.sys.bak
2014-01-25 09:00 . 2014-01-13 08:58 19456 ----a-w- c:\windows\system32\drivers\usbohci.sys.bak
2014-01-25 08:59 . 2014-01-13 08:58 197632 ----a-w- c:\windows\system32\drivers\usbhub.sys.bak
2014-01-25 08:59 . 2014-01-13 08:58 39936 ----a-w- c:\windows\system32\drivers\usbehci.sys.bak
2014-01-25 08:59 . 2014-01-13 08:58 6016 ----a-w- c:\windows\system32\drivers\usbd.sys.bak
2014-01-25 08:59 . 2014-01-13 08:58 68608 ----a-w- c:\windows\system32\drivers\usbcir.sys.bak
2014-01-25 08:59 . 2014-01-13 08:58 73216 ----a-w- c:\windows\system32\drivers\usbccgp.sys.bak
2014-01-25 08:59 . 2014-01-13 08:58 25856 ----a-w- c:\windows\system32\drivers\USBCAMD2.sys.bak
2014-01-25 08:59 . 2014-01-13 08:58 44544 ----a-w- c:\windows\system32\drivers\usbaapl.sys.bak
2014-01-25 08:59 . 2014-01-13 08:58 25856 ----a-w- c:\windows\system32\drivers\USBCAMD.sys.bak
2014-01-25 08:59 . 2014-01-13 08:58 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys.bak
2014-01-25 08:59 . 2014-01-13 08:58 7680 ----a-w- c:\windows\system32\drivers\umpass.sys.bak
2014-01-25 08:59 . 2014-01-13 08:58 34816 ----a-w- c:\windows\system32\drivers\umbus.sys.bak
2014-01-25 08:59 . 2014-01-13 08:58 115816 ----a-w- c:\windows\system32\drivers\ulsata2.sys.bak
2014-01-25 08:59 . 2014-01-13 08:58 98408 ----a-w- c:\windows\system32\drivers\ulsata.sys.bak
2014-01-25 08:59 . 2014-01-13 08:58 238648 ----a-w- c:\windows\system32\drivers\uliahci.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 60984 ----a-w- c:\windows\system32\drivers\ULIAGPKX.SYS.bak
2014-01-25 08:59 . 2014-01-13 08:57 226816 ----a-w- c:\windows\system32\drivers\udfs.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 59448 ----a-w- c:\windows\system32\drivers\UAGP35.SYS.bak
2014-01-25 08:59 . 2014-01-13 08:57 23640 ----a-w- c:\windows\system32\drivers\TVALZ_O.SYS.bak
2014-01-25 08:59 . 2014-01-13 08:57 25088 ----a-w- c:\windows\system32\drivers\tunnel.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 15360 ----a-w- c:\windows\system32\drivers\TUNMP.SYS.bak
2014-01-25 08:59 . 2014-01-13 08:57 24064 ----a-w- c:\windows\system32\drivers\tssecsrv.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 7463 ----a-w- c:\windows\system32\drivers\tkbtnpn.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 53224 ----a-w- c:\windows\system32\drivers\termdd.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 72192 ----a-w- c:\windows\system32\drivers\tdx.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 29184 ----a-w- c:\windows\system32\drivers\tdtcp.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 17920 ----a-w- c:\windows\system32\drivers\tdpipe.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 20992 ----a-w- c:\windows\system32\drivers\tdi.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 16128 ----a-w- c:\windows\system32\drivers\tdcmdpst.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 31232 ----a-w- c:\windows\system32\drivers\tcpipreg.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 914880 ----a-w- c:\windows\system32\drivers\tcpip.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 24576 ----a-w- c:\windows\system32\drivers\tape.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 203312 ----a-w- c:\windows\system32\drivers\SynTP.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 34920 ----a-w- c:\windows\system32\drivers\sym_u3.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 31848 ----a-w- c:\windows\system32\drivers\sym_hi.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 35944 ----a-w- c:\windows\system32\drivers\symc8xx.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 24840 ----a-w- c:\windows\system32\drivers\swmsflt.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 15288 ----a-w- c:\windows\system32\drivers\swenum.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 13464 ----a-w- c:\windows\system32\drivers\SWDUMon.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 52992 ----a-w- c:\windows\system32\drivers\stream.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 122344 ----a-w- c:\windows\system32\drivers\Storport.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 146432 ----a-w- c:\windows\system32\drivers\srv2.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 305152 ----a-w- c:\windows\system32\drivers\srv.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 684032 ----a-w- c:\windows\system32\drivers\spsys.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 21048 ----a-w- c:\windows\system32\drivers\spldr.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 17408 ----a-w- c:\windows\system32\drivers\smclib.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 66560 ----a-w- c:\windows\system32\drivers\smb.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 74808 ----a-w- c:\windows\system32\drivers\sisraid4.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 41016 ----a-w- c:\windows\system32\drivers\sisraid2.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 55864 ----a-w- c:\windows\system32\drivers\SISAGP.SYS.bak
2014-01-25 08:59 . 2014-01-13 08:57 13312 ----a-w- c:\windows\system32\drivers\sfloppy.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 11776 ----a-w- c:\windows\system32\drivers\sffp_sd.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 12288 ----a-w- c:\windows\system32\drivers\sffp_mmc.sys.bak
2014-01-25 08:58 . 2014-01-13 08:57 13312 ----a-w- c:\windows\system32\drivers\sffdisk.sys.bak
2014-01-25 08:58 . 2014-01-13 08:57 19968 ----a-w- c:\windows\system32\drivers\sermouse.sys.bak
2014-01-25 08:58 . 2014-01-13 08:57 83456 ----a-w- c:\windows\system32\drivers\serial.sys.bak
2014-01-25 08:58 . 2014-01-13 08:57 17920 ----a-w- c:\windows\system32\drivers\serenum.sys.bak
2014-01-25 08:58 . 2014-01-13 08:57 20480 ----a-w- c:\windows\system32\drivers\secdrv.sys.bak
2014-01-25 08:58 . 2014-01-13 08:57 142904 ----a-w- c:\windows\system32\drivers\scsiport.sys.bak
2014-01-25 08:58 . 2014-01-13 08:57 76392 ----a-w- c:\windows\system32\drivers\sbp2port.sys.bak
2014-01-25 08:58 . 2014-01-13 08:57 209112 ----a-w- c:\windows\system32\drivers\RtsUStor.sys.bak
2014-01-25 08:58 . 2014-01-13 08:57 62464 ----a-w- c:\windows\system32\drivers\RTSTOR.sys.bak
2014-01-25 08:58 . 2014-01-13 08:57 454288 ----a-w- c:\windows\system32\drivers\Rtlh86.sys.bak
2014-01-25 08:58 . 2014-01-13 08:57 2888536 ----a-w- c:\windows\system32\drivers\RTKVHDA.sys.bak
2014-01-25 08:58 . 2014-01-13 08:57 60416 ----a-w- c:\windows\system32\drivers\rspndr.sys.bak
2014-01-25 08:58 . 2014-01-13 08:57 238696 ----a-w- c:\windows\system32\drivers\RsFx0105.sys.bak
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"ISUSPM"="c:\programdata\FLEXnet\Connect\11\ISUSPM.exe" [2009-05-05 222496]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Bell Canada Connection Manager"="c:\program files\Bell\Mobile Connect\BellCanadaCM.exe" [2010-05-26 87320]
"TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2008-01-17 431456]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-08-14 1348904]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2013-10-24 12017368]
"PDFHook"="c:\program files\Nuance\PDF Viewer Plus\pdfpro5hook.exe" [2010-03-06 636192]
"PDF5 Registry Controller"="c:\program files\Nuance\PDF Viewer Plus\RegistryController.exe" [2010-03-05 62752]
"LtMoh"="c:\program files\ltmoh\Ltmoh.exe" [2007-01-09 191552]
"LogMeIn GUI"="c:\program files\LogMeIn\x86\LogMeInSystray.exe" [2010-09-17 63048]
"iSkysoft Helper Compact.exe"="c:\program files\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe" [2013-05-29 1734144]
"HSON"="c:\program files\TOSHIBA\TBS\HSON.exe" [2007-11-01 54608]
"ControlCenter4"="c:\program files\ControlCenter4\BrCcBoot.exe" [2011-04-20 139264]
"BrStsMon00"="c:\program files\Browny02\Brother\BrStMonW.exe" [2011-05-19 2629632]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2014-01-20 43848]
"00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2008-01-22 712704]
"BrowserSafeguard"="c:\program files\Browsersafeguard\BrowserSafeguard.exe" [2013-12-31 412672]
"AVG_UI"="c:\program files\AVG\AVG2014\avgui.exe" [2013-11-08 4956176]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2014-01-20 152392]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-09-24 926896]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoThumbnailCache"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ sasnative32\0autocheck autochk *
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7070D8E0-650A-46b3-B03C-9497582E6A74}]
2008-04-11 21:23 38400 ----a-w- c:\windows\System32\SoundSchemes.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-02-01 12:01 1211672 ----a-w- c:\program files\Google\Chrome\Application\32.0.1700.102\Installer\chrmstp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{B3688A53-AB2A-4b1d-8CEF-8F93D8C51C24}]
2008-08-28 14:50 30720 ----a-w- c:\windows\System32\soundschemes2.exe
.
Contenu du dossier 'Tâches planifiées'
.
2014-02-03 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-13 07:23]
.
2014-02-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-11-30 18:46]
.
2014-02-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-11-30 18:46]
.
.
------- Examen supplémentaire -------
.
uStart Page = about:blank
mStart Page = hxxp://www.shoptoshiba.ca/welcome
uInternet Settings,ProxyOverride = <-loopback>
uInternet Settings,ProxyServer = http=127.0.0.1:49171;https=127.0.0.1:49171
uSearchAssistant = hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=Tuguu&co=CA&userid=8aa00f75-bc22-84db-0eac-8c33f83d1f22&searchtype=ds&q={searchTerms}&installDate=05/01/2014
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Ouvrir avec PDF Viewer Plus - c:\program files\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll/PlusIEContextMenu.htm
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Contrat2\AppData\Roaming\Mozilla\Firefox\Profiles\6nckl4da.default-1390634376769\
FF - prefs.js: browser.startup.homepage - hxxps://snt148.mail.live.com/mail/?n=271082233&fid=1&cid=1337c784-270b-a2b2-204c-0cae78c9cc91|Nicolet, Québec - Vos Prévisions locales - MétéoMédia
FF - user.js: network.http.max-connections-per-server - 6
FF - user.js: network.http.max-persistent-connections-per-server - 3
FF - user.js: nglayout.initialpaint.delay - 750
FF - user.js: content.notify.interval - 750000
FF - user.js: content.max.tokenizing.time - 2250000
.
.
**************************************************************************
Recherche de processus cachés ...
.
Recherche d'éléments en démarrage automatique cachés ...
.
Recherche de fichiers cachés ...
.
Scan terminé avec succès
Fichiers cachés:
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet013\Services\TrueSight]
"ImagePath"="\??\"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet013\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet013\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Heure de fin: 2014-02-03 00:12:58
ComboFix-quarantined-files.txt 2014-02-03 05:12
ComboFix2.txt 2014-02-02 09:59
.
Avant-CF: 37 252 919 296 octets libres
Après-CF: 37 687 562 240 octets libres
.
- - End Of File - - 1C838B9639B906BBF240EC7D9D6BFABF
5C616939100B85E558DA92B899A0FC36

 

[Corrine]

Hi, Claude.

My apology, Claude. I listed the files to be removed but didn't tell ComboFix what to do with them. Let's give this another go with the included instructions.

Custom CFScript

Note: The following instructions were created specifically for this user. If you are not this user, do NOT follow these directions as they could damage the workings of your system.[/size]

• Please open Notepad (Click Start -> Run -> type notepad in the Open field -> OK). Copy/Paste all of the text present inside the code box below:
  

File::
C:\GDG\UserData\telechargements\ccsetup406(1).exe
C:\GDG\UserData\telechargements\DuplicateCleaner_setup.exe
C:\GDG\UserData\telechargements\FreeAudioConverter.exe
C:\GDG\UserData\telechargements\FreeStudio.exe
C:\GDG\UserData\telechargements\install_sld.exe
C:\GDG\UserData\telechargements\SoftonicDownloader_for_computer-repair-free.exe
C:\GDG\UserData\telechargements\speedupmypc.exe
C:\GDG\UserData\telechargements\supprimer-doublons.exe
C:\GDG\UserData\telechargements\sysrc_trial_3267_770481(1).exe
C:\GDG\UserData\telechargements\sysrc_trial_3267_770481.exe
C:\GDG\UserData\telechargements\sysrc_trial_9407_french01(1).exe
C:\GDG\UserData\telechargements\sysrc_trial_9407_french01(2).exe
C:\GDG\UserData\telechargements\sysrc_trial_9407_french01(3).exe
C:\GDG\UserData\telechargements\sysrc_trial_9407_french01.exe
C:\GDG\UserData\telechargements\vlcmediaplayer-setup.exe
C:\Program Files\Mozilla Firefox\browser\nsprotector.js
C:\Program Files\Uninstaller\Uninstall.exe
C:\Users\Contrat2\AppData\Local\genienext\nengine.dll
C:\Users\Contrat2\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\nengine.dll
C:\Users\Contrat2\AppData\Roaming\newnext.me\nengine.dll

• Save this as CFScript.txt and place it on your desktop.
• Close any open browsers.
• Close/disable all antivirus and anti-malware programs so they do not interfere with the running of ComboFix.
  
  
  
  
  
  
• Referring to the screenshot above, drag CFScript.txt into ComboFix.exe.
• ComboFix will now run a scan on your system. It may reboot your system when it finishes. This is normal.
• When finished, it will produce a log for you. Copy and paste the contents of the log in your next reply.

CAUTION: Do not mouse-click ComboFix's window while it is running. That may cause it to stall.

Please let me know how your computer is now.

 

[dzerpapa]

Hi Corrine,

You don't have to apologize!
I think you did many things to help me, I'm very satisfied for that!


Thank you to persist!

Claude

 

[Corrine]

Thank you for understanding, Claude.

Please post the new log after you've had an opportunity to run it and let me know how your computer is now.

 

[dzerpapa]

Hello Corrine,

I'm happy... thank you very much!
This time my PC is clearly faster than before... maybe it's near to a normal speed for it!
I don't realy know... at my job I have a more recent PC and it's not comparble.

But some problems persist... sometime it freeze during 1 or 2 minutes, I can't do anything during this time!
Specialy when I'm connecting to Internet...
Also, when I turn it on... it take a very long time to succeed! Maybe 5 or 6 minutes!

Anyway... today, I can use my PC whitout crisis or depression!

Thank you again,

Claude

P.S. : Sorry to insist again, but I have an other question : What do you think about the problem whit Windows update?
Their is 18 importants update to do... it fail each time!

ComboFix 14-02-03.01 - Contrat2 03/02/2014 17:19:36.3.2 - x86
Microsoft® Windows Vista™ Édition Intégrale 6.0.6002.2.1252.2.1036.18.2941.1495 [GMT -5:00]
Lancé depuis: c:\gdg\UserData\Desktop\ComboFix.exe
Commutateurs utilisés :: c:\gdg\UserData\Desktop\CFScript.txt
AV: AVG Internet Security 2014 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
FW: AVG Internet Security 2014 *Enabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
SP: AVG Internet Security 2014 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\gdg\UserData\telechargements\ccsetup406(1).exe"
"c:\gdg\UserData\telechargements\DuplicateCleaner_setup.exe"
"c:\gdg\UserData\telechargements\FreeAudioConverter.exe"
"c:\gdg\UserData\telechargements\FreeStudio.exe"
"c:\gdg\UserData\telechargements\install_sld.exe"
"c:\gdg\UserData\telechargements\SoftonicDownloader_for_computer-repair-free.exe"
"c:\gdg\UserData\telechargements\speedupmypc.exe"
"c:\gdg\UserData\telechargements\supprimer-doublons.exe"
"c:\gdg\UserData\telechargements\sysrc_trial_3267_770481(1).exe"
"c:\gdg\UserData\telechargements\sysrc_trial_3267_770481.exe"
"c:\gdg\UserData\telechargements\sysrc_trial_9407_french01(1).exe"
"c:\gdg\UserData\telechargements\sysrc_trial_9407_french01(2).exe"
"c:\gdg\UserData\telechargements\sysrc_trial_9407_french01(3).exe"
"c:\gdg\UserData\telechargements\sysrc_trial_9407_french01.exe"
"c:\gdg\UserData\telechargements\vlcmediaplayer-setup.exe"
"c:\program files\Mozilla Firefox\browser\nsprotector.js"
"c:\program files\Uninstaller\Uninstall.exe"
"c:\users\Contrat2\AppData\Local\genienext\nengine.dll"
"c:\users\Contrat2\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\nengine.dll"
"c:\users\Contrat2\AppData\Roaming\newnext.me\nengine.dll"
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2014-01-03 au 2014-02-03 ))))))))))))))))))))))))))))))))))))
.
.
2014-02-03 06:26 . 2013-12-19 02:10 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2014-02-02 15:27 . 2014-02-02 15:27 -------- d-----w- c:\program files\ESET
2014-02-02 09:59 . 2014-02-03 22:40 -------- d-----w- c:\users\Contrat2\AppData\Local\temp
2014-01-31 04:59 . 2014-01-31 04:59 -------- d-----w- c:\users\Contrat2\AppData\Roaming\ParetoLogic
2014-01-31 04:59 . 2014-01-31 04:59 -------- d-----w- c:\users\Contrat2\AppData\Roaming\DriverCure
2014-01-31 04:59 . 2014-01-31 06:01 -------- d-----w- c:\programdata\ParetoLogic
2014-01-28 06:41 . 2005-05-26 20:34 2297552 ----a-w- c:\windows\system32\d3dx9_26.dll
2014-01-26 09:40 . 2014-01-26 09:54 -------- d-----w- c:\programdata\TuneUp Software
2014-01-26 09:39 . 2014-01-26 10:27 -------- d-sh--w- c:\programdata\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-01-26 09:02 . 2014-01-26 09:02 -------- d-----w- c:\users\Contrat2\AppData\Local\PassMark
2014-01-26 09:02 . 2014-01-26 09:02 -------- d-----w- c:\programdata\Passmark
2014-01-26 09:02 . 2014-01-26 09:02 -------- d-----w- c:\program files\PerformanceTest
2014-01-26 08:24 . 2014-01-26 08:24 -------- d-----w- c:\program files\Panda Security
2014-01-25 10:37 . 2013-12-04 02:57 7760024 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4D855812-5B87-493A-9388-D625B8587E3A}\mpengine.dll
2014-01-25 10:30 . 2014-01-25 10:30 -------- d-----w- c:\users\Contrat2\AppData\Roaming\AVG2014
2014-01-25 10:28 . 2014-01-26 09:49 -------- d-----w- c:\users\Contrat2\AppData\Roaming\TuneUp Software
2014-01-25 10:27 . 2014-01-25 10:29 -------- d-----w- c:\programdata\AVG2014
2014-01-25 10:25 . 2014-01-25 10:25 -------- d-----w- c:\program files\AVG
2014-01-25 10:20 . 2014-02-03 21:44 -------- d-----w- c:\programdata\MFAData
2014-01-25 10:20 . 2014-01-25 10:35 -------- d-----w- c:\users\Contrat2\AppData\Local\Avg2014
2014-01-25 10:20 . 2014-01-25 10:20 -------- d-----w- c:\users\Contrat2\AppData\Local\MFAData
2014-01-25 09:44 . 2014-01-25 09:44 -------- d-----w- c:\program files\VS Revo Group
2014-01-24 12:07 . 2014-01-24 14:53 -------- d-----w- c:\users\Contrat2\AppData\Local\CrashDumps
2014-01-24 11:27 . 2014-01-24 11:27 -------- d-----w- c:\users\Contrat2\AppData\Roaming\Malwarebytes
2014-01-24 11:27 . 2014-01-24 11:27 -------- d-----w- c:\programdata\Malwarebytes
2014-01-24 11:27 . 2014-01-24 11:27 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2014-01-24 07:00 . 2014-01-24 07:00 -------- d-----w- c:\program files\Enigma Software Group
2014-01-23 07:24 . 2014-01-23 07:24 -------- d-----w- c:\programdata\CrypKey
2014-01-23 07:22 . 2014-01-23 07:23 -------- d-----w- c:\program files\Stellar Phoenix Outlook PST Repair
2014-01-13 08:35 . 2014-01-25 06:46 -------- d-----w- c:\program files\Browsersafeguard
2014-01-13 08:31 . 2014-01-13 08:31 -------- d-----w- c:\programdata\SearchModule
2014-01-13 08:30 . 2014-01-16 17:06 -------- d-----w- c:\program files\Common Files\Goobzo
2014-01-13 08:30 . 2014-01-13 08:31 -------- d-----w- c:\users\Contrat2\AppData\Local\Installer
2014-01-13 08:30 . 2014-01-13 08:30 -------- d-----w- c:\users\Contrat2\AppData\Local\CrashRpt
2014-01-13 07:45 . 2014-01-13 07:45 -------- d-----w- c:\users\Contrat2\AppData\Local\AMD
2014-01-13 07:43 . 2014-01-13 07:43 -------- d-----w- c:\programdata\ATI
2014-01-09 09:56 . 2014-01-09 09:56 -------- d-----w- c:\windows\system32\drivers\UMDF\uk-UA
2014-01-09 09:56 . 2014-01-09 09:56 -------- d-----w- c:\windows\system32\drivers\UMDF\sr-Latn-CS
2014-01-09 09:56 . 2014-01-09 09:56 -------- d-----w- c:\windows\system32\drivers\UMDF\sk-SK
2014-01-09 09:56 . 2014-01-09 09:56 -------- d-----w- c:\windows\system32\drivers\UMDF\ro-RO
2014-01-08 20:11 . 2014-01-09 09:12 -------- d-----w- c:\windows\system32\wbem\tr-TR
2014-01-08 20:11 . 2014-01-08 20:11 -------- d-----w- c:\windows\system32\041F
2014-01-08 19:51 . 2014-01-08 19:51 40960 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\tr\Microsoft.Ink.Resources.dll
2014-01-08 19:47 . 2014-01-08 19:47 3584 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\tr-TR\LMPRTPRC.DLL.mui
2014-01-08 18:47 . 2014-01-09 10:12 -------- d-----w- c:\windows\system32\drivers\th-TH
2014-01-08 18:46 . 2014-01-08 18:46 -------- d-----w- c:\windows\th-TH
2014-01-08 17:36 . 2014-01-09 09:56 -------- d-----w- c:\windows\system32\drivers\UMDF\sv-SE
2014-01-08 17:36 . 2014-01-08 17:36 -------- d-----w- c:\windows\system32\041D
2014-01-08 17:36 . 2014-01-09 10:12 -------- d-----w- c:\windows\system32\drivers\sv-SE
2014-01-08 17:36 . 2014-01-09 09:12 -------- d-----w- c:\windows\system32\wbem\sv-SE
2014-01-08 17:36 . 2014-01-08 17:36 -------- d-----w- c:\windows\sv-SE
2014-01-08 17:17 . 2014-01-08 17:17 40960 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\sv\Microsoft.Ink.Resources.dll
2014-01-08 17:13 . 2014-01-08 17:13 3584 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\sv-SE\LMPRTPRC.DLL.mui
2014-01-08 16:13 . 2014-01-08 16:13 -------- d-----w- c:\windows\sl-SI
2014-01-08 16:13 . 2014-01-09 10:12 -------- d-----w- c:\windows\system32\drivers\sl-SI
2014-01-08 15:05 . 2014-01-08 15:05 -------- d-----w- c:\windows\sk-SK
2014-01-08 15:05 . 2014-01-09 10:12 -------- d-----w- c:\windows\system32\drivers\sk-SK
2014-01-08 13:49 . 2014-01-08 13:49 -------- d-----w- c:\windows\sr-Latn-CS
2014-01-08 13:48 . 2014-01-09 10:12 -------- d-----w- c:\windows\system32\drivers\sr-Latn-CS
2014-01-08 12:42 . 2014-01-08 12:42 -------- d-----w- c:\windows\system32\0419
2014-01-08 12:42 . 2014-01-09 09:56 -------- d-----w- c:\windows\system32\drivers\UMDF\ru-RU
2014-01-08 12:42 . 2014-01-09 10:12 -------- d-----w- c:\windows\system32\drivers\ru-RU
2014-01-08 12:42 . 2014-01-09 09:12 -------- d-----w- c:\windows\system32\wbem\ru-RU
2014-01-08 12:41 . 2014-01-08 12:41 -------- d-----w- c:\windows\ru-RU
2014-01-08 12:18 . 2014-01-08 12:18 49152 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\ru\Microsoft.Ink.Resources.dll
2014-01-08 12:12 . 2014-01-08 12:12 3584 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\ru-RU\LMPRTPRC.DLL.mui
2014-01-08 11:07 . 2014-01-24 13:23 -------- d-----w- c:\windows\ro-RO
2014-01-08 11:07 . 2014-01-09 10:12 -------- d-----w- c:\windows\system32\drivers\ro-RO
2014-01-08 10:08 . 2014-01-08 10:08 -------- d-----w- c:\windows\pt-PT
2014-01-08 10:07 . 2014-01-09 10:12 -------- d-----w- c:\windows\system32\drivers\pt-PT
2014-01-08 10:07 . 2014-01-09 09:56 -------- d-----w- c:\windows\system32\drivers\UMDF\pt-PT
2014-01-08 10:07 . 2014-01-08 10:07 -------- d-----w- c:\windows\system32\0816
2014-01-08 10:07 . 2014-01-09 09:12 -------- d-----w- c:\windows\system32\wbem\pt-PT
2014-01-08 09:49 . 2014-01-08 09:49 40960 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\pt\Microsoft.Ink.Resources.dll
2014-01-08 09:44 . 2014-01-08 09:44 4096 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\pt-PT\LMPRTPRC.DLL.mui
2014-01-08 08:38 . 2014-01-08 08:38 -------- d-----w- c:\windows\pt-BR
2014-01-08 08:37 . 2014-01-09 10:12 -------- d-----w- c:\windows\system32\drivers\pt-BR
2014-01-08 08:37 . 2014-01-09 09:56 -------- d-----w- c:\windows\system32\drivers\UMDF\pt-BR
2014-01-08 08:37 . 2014-01-08 08:37 -------- d-----w- c:\windows\system32\0416
2014-01-08 08:37 . 2014-01-09 09:12 -------- d-----w- c:\windows\system32\wbem\pt-BR
2014-01-08 08:20 . 2014-01-08 08:20 40960 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\pt-BR\Microsoft.Ink.Resources.dll
2014-01-08 08:19 . 2014-01-08 08:19 3584 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\pt-BR\LMPRTPRC.DLL.mui
2014-01-08 07:24 . 2014-01-08 07:24 -------- d-----w- c:\windows\pl-PL
2014-01-08 07:24 . 2014-01-09 10:12 -------- d-----w- c:\windows\system32\drivers\pl-PL
2014-01-08 07:24 . 2014-01-09 09:56 -------- d-----w- c:\windows\system32\drivers\UMDF\pl-PL
2014-01-08 07:23 . 2014-01-09 09:12 -------- d-----w- c:\windows\system32\wbem\pl-PL
2014-01-08 07:23 . 2014-01-08 07:23 -------- d-----w- c:\windows\system32\0415
2014-01-08 07:09 . 2014-01-08 07:09 40960 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\pl\Microsoft.Ink.Resources.dll
2014-01-08 07:04 . 2014-01-08 07:04 3584 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\pl-PL\LMPRTPRC.DLL.mui
2014-01-08 06:02 . 2014-01-08 06:02 -------- d-----w- c:\windows\lt-LT
2014-01-08 06:02 . 2014-01-09 10:12 -------- d-----w- c:\windows\system32\drivers\lt-LT
2014-01-08 05:17 . 2014-01-08 05:17 -------- d-----w- c:\windows\lv-LV
2014-01-08 05:17 . 2014-01-09 10:12 -------- d-----w- c:\windows\system32\drivers\lv-LV
2014-01-08 04:22 . 2014-01-08 04:22 -------- d-----w- c:\windows\ko-KR
2014-01-08 04:22 . 2014-01-08 04:22 -------- d-----w- c:\windows\system32\0412
2014-01-08 04:22 . 2014-01-09 10:12 -------- d-----w- c:\windows\system32\drivers\ko-KR
2014-01-08 04:22 . 2014-01-09 09:56 -------- d-----w- c:\windows\system32\drivers\UMDF\ko-KR
2014-01-08 04:22 . 2014-01-08 04:22 -------- d-----w- c:\windows\system32\ko
2014-01-08 04:22 . 2014-01-09 09:12 -------- d-----w- c:\windows\system32\wbem\ko-KR
2014-01-08 04:09 . 2014-01-08 04:09 40960 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\ko\Microsoft.Ink.Resources.dll
2014-01-08 04:06 . 2014-01-08 04:06 3072 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\ko-KR\LMPRTPRC.DLL.mui
2014-01-08 03:07 . 2014-01-08 03:07 -------- d-----w- c:\windows\ja-JP
2014-01-08 03:06 . 2014-01-08 03:06 -------- d-----w- c:\windows\system32\ja
2014-01-08 03:06 . 2014-01-08 03:06 -------- d-----w- c:\windows\system32\0411
2014-01-08 03:06 . 2014-01-09 10:12 -------- d-----w- c:\windows\system32\drivers\ja-JP
2014-01-08 03:06 . 2014-01-09 09:56 -------- d-----w- c:\windows\system32\drivers\UMDF\ja-JP
2014-01-08 03:06 . 2014-01-09 09:12 -------- d-----w- c:\windows\system32\wbem\ja-JP
2014-01-08 02:53 . 2014-01-08 02:53 45056 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\ja\Microsoft.Ink.Resources.dll
2014-01-08 02:48 . 2014-01-08 02:48 3072 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\ja-JP\LMPRTPRC.DLL.mui
2014-01-08 01:58 . 2014-01-08 01:58 -------- d-----w- c:\windows\nl-NL
2014-01-08 01:58 . 2014-01-08 01:58 -------- d-----w- c:\windows\system32\0413
2014-01-08 01:57 . 2014-01-09 10:12 -------- d-----w- c:\windows\system32\drivers\nl-NL
2014-01-08 01:57 . 2014-01-09 09:56 -------- d-----w- c:\windows\system32\drivers\UMDF\nl-NL
2014-01-08 01:57 . 2014-01-09 09:12 -------- d-----w- c:\windows\system32\wbem\nl-NL
2014-01-08 01:43 . 2014-01-08 01:43 40960 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\nl\Microsoft.Ink.Resources.dll
2014-01-08 01:42 . 2014-01-08 01:42 3584 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\nl-NL\LMPRTPRC.DLL.mui
2014-01-08 00:52 . 2014-01-08 00:52 -------- d-----w- c:\windows\zh-TW
2014-01-08 00:52 . 2014-01-08 00:52 -------- d-----w- c:\windows\system32\zh-CHT
2014-01-08 00:52 . 2014-01-09 10:12 -------- d-----w- c:\windows\system32\drivers\zh-TW
2014-01-08 00:52 . 2014-01-08 00:52 -------- d-----w- c:\windows\system32\drivers\zh-HK
2014-01-08 00:52 . 2014-01-08 00:52 -------- d-----w- c:\windows\system32\drivers\UMDF\zh-TW
2014-01-08 00:52 . 2014-01-08 00:52 -------- d-----w- c:\windows\system32\wbem\zh-TW
2014-01-08 00:52 . 2014-01-08 00:52 -------- d-----w- c:\windows\system32\0C04
2014-01-08 00:37 . 2014-01-08 00:37 36864 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\zh-CHT\Microsoft.Ink.Resources.dll
2014-01-08 00:35 . 2014-01-08 00:35 3072 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\zh-TW\LMPRTPRC.DLL.mui
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-28 07:23 . 2012-06-13 15:02 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-01-28 07:23 . 2011-09-07 13:39 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-01-25 09:00 . 2014-01-13 08:58 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys.bak
2014-01-25 09:00 . 2014-01-13 08:58 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys.bak
2014-01-25 09:00 . 2014-01-13 08:58 15872 ----a-w- c:\windows\system32\drivers\ws2ifsl.sys.bak
2014-01-25 09:00 . 2014-01-13 08:58 40448 ----a-w- c:\windows\system32\drivers\WpdUsb.sys.bak
2014-01-25 09:00 . 2014-01-13 08:58 17976 ----a-w- c:\windows\system32\drivers\wmilib.sys.bak
2014-01-25 09:00 . 2014-01-13 08:58 11264 ----a-w- c:\windows\system32\drivers\wmiacpi.sys.bak
2014-01-25 09:00 . 2014-01-13 08:58 31616 ----a-w- c:\windows\system32\drivers\winusb.sys.bak
2014-01-25 09:00 . 2014-01-13 08:58 7040 ----a-w- c:\windows\system32\drivers\whfltr2k.sys.bak
2014-01-25 09:00 . 2014-01-13 08:58 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys.bak
2014-01-25 09:00 . 2014-01-13 08:58 527064 ----a-w- c:\windows\system32\drivers\Wdf01000.sys.bak
2014-01-25 09:00 . 2014-01-13 08:58 22072 ----a-w- c:\windows\system32\drivers\wd.sys.bak
2014-01-25 09:00 . 2014-01-13 08:58 33280 ----a-w- c:\windows\system32\drivers\watchdog.sys.bak
2014-01-25 09:00 . 2014-01-13 08:58 62464 ----a-w- c:\windows\system32\drivers\wanarp.sys.bak
2014-01-25 09:00 . 2014-01-13 08:58 20608 ----a-w- c:\windows\system32\drivers\wacompen.sys.bak
2014-01-25 09:00 . 2014-01-13 08:58 130616 ----a-w- c:\windows\system32\drivers\vsmraid.sys.bak
2014-01-25 09:00 . 2014-01-13 08:58 224640 ----a-w- c:\windows\system32\drivers\volsnap.sys.bak
2014-01-25 09:00 . 2014-01-13 08:58 292840 ----a-w- c:\windows\system32\drivers\volmgrx.sys.bak
2014-01-25 09:00 . 2014-01-13 08:58 52792 ----a-w- c:\windows\system32\drivers\volmgr.sys.bak
2014-01-25 09:00 . 2014-01-13 08:58 110080 ----a-w- c:\windows\system32\drivers\videoprt.sys.bak
2014-01-25 09:00 . 2014-01-13 08:58 20024 ----a-w- c:\windows\system32\drivers\viaide.sys.bak
2014-01-25 09:00 . 2014-01-13 08:58 41472 ----a-w- c:\windows\system32\drivers\viac7.sys.bak
2014-01-25 09:00 . 2014-01-13 08:58 56888 ----a-w- c:\windows\system32\drivers\VIAAGP.SYS.bak
2014-01-25 09:00 . 2014-01-13 08:58 26112 ----a-w- c:\windows\system32\drivers\vgapnp.sys.bak
2014-01-25 09:00 . 2014-01-13 08:58 25088 ----a-w- c:\windows\system32\drivers\vga.sys.bak
2014-01-25 09:00 . 2014-01-13 08:58 18432 ----a-w- c:\windows\system32\drivers\UVCFTR_S.SYS.bak
2014-01-25 09:00 . 2014-01-13 08:58 134272 ----a-w- c:\windows\system32\drivers\usbvideo.sys.bak
2014-01-25 09:00 . 2014-01-13 08:58 23552 ----a-w- c:\windows\system32\drivers\usbuhci.sys.bak
2014-01-25 09:00 . 2014-01-13 08:58 65536 ----a-w- c:\windows\system32\drivers\USBSTOR.SYS.bak
2014-01-25 09:00 . 2014-01-13 08:58 35328 ----a-w- c:\windows\system32\drivers\usbscan.sys.bak
2014-01-25 09:00 . 2014-01-13 08:58 18944 ----a-w- c:\windows\system32\drivers\usbprint.sys.bak
2014-01-25 09:00 . 2014-01-13 08:58 226304 ----a-w- c:\windows\system32\drivers\usbport.sys.bak
2014-01-25 09:00 . 2014-01-13 08:58 19456 ----a-w- c:\windows\system32\drivers\usbohci.sys.bak
2014-01-25 08:59 . 2014-01-13 08:58 197632 ----a-w- c:\windows\system32\drivers\usbhub.sys.bak
2014-01-25 08:59 . 2014-01-13 08:58 39936 ----a-w- c:\windows\system32\drivers\usbehci.sys.bak
2014-01-25 08:59 . 2014-01-13 08:58 6016 ----a-w- c:\windows\system32\drivers\usbd.sys.bak
2014-01-25 08:59 . 2014-01-13 08:58 68608 ----a-w- c:\windows\system32\drivers\usbcir.sys.bak
2014-01-25 08:59 . 2014-01-13 08:58 73216 ----a-w- c:\windows\system32\drivers\usbccgp.sys.bak
2014-01-25 08:59 . 2014-01-13 08:58 25856 ----a-w- c:\windows\system32\drivers\USBCAMD2.sys.bak
2014-01-25 08:59 . 2014-01-13 08:58 44544 ----a-w- c:\windows\system32\drivers\usbaapl.sys.bak
2014-01-25 08:59 . 2014-01-13 08:58 25856 ----a-w- c:\windows\system32\drivers\USBCAMD.sys.bak
2014-01-25 08:59 . 2014-01-13 08:58 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys.bak
2014-01-25 08:59 . 2014-01-13 08:58 7680 ----a-w- c:\windows\system32\drivers\umpass.sys.bak
2014-01-25 08:59 . 2014-01-13 08:58 34816 ----a-w- c:\windows\system32\drivers\umbus.sys.bak
2014-01-25 08:59 . 2014-01-13 08:58 115816 ----a-w- c:\windows\system32\drivers\ulsata2.sys.bak
2014-01-25 08:59 . 2014-01-13 08:58 98408 ----a-w- c:\windows\system32\drivers\ulsata.sys.bak
2014-01-25 08:59 . 2014-01-13 08:58 238648 ----a-w- c:\windows\system32\drivers\uliahci.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 60984 ----a-w- c:\windows\system32\drivers\ULIAGPKX.SYS.bak
2014-01-25 08:59 . 2014-01-13 08:57 226816 ----a-w- c:\windows\system32\drivers\udfs.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 59448 ----a-w- c:\windows\system32\drivers\UAGP35.SYS.bak
2014-01-25 08:59 . 2014-01-13 08:57 23640 ----a-w- c:\windows\system32\drivers\TVALZ_O.SYS.bak
2014-01-25 08:59 . 2014-01-13 08:57 25088 ----a-w- c:\windows\system32\drivers\tunnel.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 15360 ----a-w- c:\windows\system32\drivers\TUNMP.SYS.bak
2014-01-25 08:59 . 2014-01-13 08:57 24064 ----a-w- c:\windows\system32\drivers\tssecsrv.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 7463 ----a-w- c:\windows\system32\drivers\tkbtnpn.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 53224 ----a-w- c:\windows\system32\drivers\termdd.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 72192 ----a-w- c:\windows\system32\drivers\tdx.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 29184 ----a-w- c:\windows\system32\drivers\tdtcp.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 17920 ----a-w- c:\windows\system32\drivers\tdpipe.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 20992 ----a-w- c:\windows\system32\drivers\tdi.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 16128 ----a-w- c:\windows\system32\drivers\tdcmdpst.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 31232 ----a-w- c:\windows\system32\drivers\tcpipreg.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 914880 ----a-w- c:\windows\system32\drivers\tcpip.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 24576 ----a-w- c:\windows\system32\drivers\tape.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 203312 ----a-w- c:\windows\system32\drivers\SynTP.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 34920 ----a-w- c:\windows\system32\drivers\sym_u3.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 31848 ----a-w- c:\windows\system32\drivers\sym_hi.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 35944 ----a-w- c:\windows\system32\drivers\symc8xx.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 24840 ----a-w- c:\windows\system32\drivers\swmsflt.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 15288 ----a-w- c:\windows\system32\drivers\swenum.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 13464 ----a-w- c:\windows\system32\drivers\SWDUMon.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 52992 ----a-w- c:\windows\system32\drivers\stream.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 122344 ----a-w- c:\windows\system32\drivers\Storport.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 146432 ----a-w- c:\windows\system32\drivers\srv2.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 305152 ----a-w- c:\windows\system32\drivers\srv.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 684032 ----a-w- c:\windows\system32\drivers\spsys.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 21048 ----a-w- c:\windows\system32\drivers\spldr.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 17408 ----a-w- c:\windows\system32\drivers\smclib.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 66560 ----a-w- c:\windows\system32\drivers\smb.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 74808 ----a-w- c:\windows\system32\drivers\sisraid4.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 41016 ----a-w- c:\windows\system32\drivers\sisraid2.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 55864 ----a-w- c:\windows\system32\drivers\SISAGP.SYS.bak
2014-01-25 08:59 . 2014-01-13 08:57 13312 ----a-w- c:\windows\system32\drivers\sfloppy.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 11776 ----a-w- c:\windows\system32\drivers\sffp_sd.sys.bak
2014-01-25 08:59 . 2014-01-13 08:57 12288 ----a-w- c:\windows\system32\drivers\sffp_mmc.sys.bak
2014-01-25 08:58 . 2014-01-13 08:57 13312 ----a-w- c:\windows\system32\drivers\sffdisk.sys.bak
2014-01-25 08:58 . 2014-01-13 08:57 19968 ----a-w- c:\windows\system32\drivers\sermouse.sys.bak
2014-01-25 08:58 . 2014-01-13 08:57 83456 ----a-w- c:\windows\system32\drivers\serial.sys.bak
2014-01-25 08:58 . 2014-01-13 08:57 17920 ----a-w- c:\windows\system32\drivers\serenum.sys.bak
2014-01-25 08:58 . 2014-01-13 08:57 20480 ----a-w- c:\windows\system32\drivers\secdrv.sys.bak
2014-01-25 08:58 . 2014-01-13 08:57 142904 ----a-w- c:\windows\system32\drivers\scsiport.sys.bak
2014-01-25 08:58 . 2014-01-13 08:57 76392 ----a-w- c:\windows\system32\drivers\sbp2port.sys.bak
2014-01-25 08:58 . 2014-01-13 08:57 209112 ----a-w- c:\windows\system32\drivers\RtsUStor.sys.bak
2014-01-25 08:58 . 2014-01-13 08:57 62464 ----a-w- c:\windows\system32\drivers\RTSTOR.sys.bak
2014-01-25 08:58 . 2014-01-13 08:57 454288 ----a-w- c:\windows\system32\drivers\Rtlh86.sys.bak
2014-01-25 08:58 . 2014-01-13 08:57 2888536 ----a-w- c:\windows\system32\drivers\RTKVHDA.sys.bak
2014-01-25 08:58 . 2014-01-13 08:57 60416 ----a-w- c:\windows\system32\drivers\rspndr.sys.bak
2014-01-25 08:58 . 2014-01-13 08:57 238696 ----a-w- c:\windows\system32\drivers\RsFx0105.sys.bak
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"ISUSPM"="c:\programdata\FLEXnet\Connect\11\ISUSPM.exe" [2009-05-05 222496]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Bell Canada Connection Manager"="c:\program files\Bell\Mobile Connect\BellCanadaCM.exe" [2010-05-26 87320]
"TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2008-01-17 431456]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-08-14 1348904]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2013-10-24 12017368]
"PDFHook"="c:\program files\Nuance\PDF Viewer Plus\pdfpro5hook.exe" [2010-03-06 636192]
"PDF5 Registry Controller"="c:\program files\Nuance\PDF Viewer Plus\RegistryController.exe" [2010-03-05 62752]
"LtMoh"="c:\program files\ltmoh\Ltmoh.exe" [2007-01-09 191552]
"LogMeIn GUI"="c:\program files\LogMeIn\x86\LogMeInSystray.exe" [2010-09-17 63048]
"iSkysoft Helper Compact.exe"="c:\program files\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe" [2013-05-29 1734144]
"HSON"="c:\program files\TOSHIBA\TBS\HSON.exe" [2007-11-01 54608]
"ControlCenter4"="c:\program files\ControlCenter4\BrCcBoot.exe" [2011-04-20 139264]
"BrStsMon00"="c:\program files\Browny02\Brother\BrStMonW.exe" [2011-05-19 2629632]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2014-01-20 43848]
"00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2008-01-22 712704]
"BrowserSafeguard"="c:\program files\Browsersafeguard\BrowserSafeguard.exe" [2013-12-31 412672]
"AVG_UI"="c:\program files\AVG\AVG2014\avgui.exe" [2013-11-08 4956176]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2014-01-20 152392]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-09-24 926896]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoThumbnailCache"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ sasnative32\0autocheck autochk *
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7070D8E0-650A-46b3-B03C-9497582E6A74}]
2008-04-11 21:23 38400 ----a-w- c:\windows\System32\SoundSchemes.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-02-01 12:01 1211672 ----a-w- c:\program files\Google\Chrome\Application\32.0.1700.102\Installer\chrmstp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{B3688A53-AB2A-4b1d-8CEF-8F93D8C51C24}]
2008-08-28 14:50 30720 ----a-w- c:\windows\System32\soundschemes2.exe
.
Contenu du dossier 'Tâches planifiées'
.
2014-02-03 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-13 07:23]
.
2014-02-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-11-30 18:46]
.
2014-02-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-11-30 18:46]
.
.
------- Examen supplémentaire -------
.
uStart Page = about:blank
mStart Page = hxxp://www.shoptoshiba.ca/welcome
uInternet Settings,ProxyOverride = <-loopback>
uInternet Settings,ProxyServer = http=127.0.0.1:49171;https=127.0.0.1:49171
uSearchAssistant = hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=Tuguu&co=CA&userid=8aa00f75-bc22-84db-0eac-8c33f83d1f22&searchtype=ds&q={searchTerms}&installDate=05/01/2014
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Ouvrir avec PDF Viewer Plus - c:\program files\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll/PlusIEContextMenu.htm
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Contrat2\AppData\Roaming\Mozilla\Firefox\Profiles\6nckl4da.default-1390634376769\
FF - prefs.js: browser.startup.homepage - hxxps://snt148.mail.live.com/mail/?n=271082233&fid=1&cid=1337c784-270b-a2b2-204c-0cae78c9cc91|Nicolet, Québec - Vos Prévisions locales - MétéoMédia
FF - user.js: network.http.max-connections-per-server - 6
FF - user.js: network.http.max-persistent-connections-per-server - 3
FF - user.js: nglayout.initialpaint.delay - 750
FF - user.js: content.notify.interval - 750000
FF - user.js: content.max.tokenizing.time - 2250000
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2014-02-03 17:40
Windows 6.0.6002 Service Pack 2 NTFS
.
Recherche de processus cachés ...
.
Recherche d'éléments en démarrage automatique cachés ...
.
Recherche de fichiers cachés ...
.
Scan terminé avec succès
Fichiers cachés: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet013\Services\TrueSight]
"ImagePath"="\??\"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet013\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet013\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Heure de fin: 2014-02-03 17:46:45
ComboFix-quarantined-files.txt 2014-02-03 22:46
ComboFix2.txt 2014-02-03 05:12
ComboFix3.txt 2014-02-02 09:59
.
Avant-CF: 26 724 544 512 octets libres
Après-CF: 26 254 020 608 octets libres
.
- - End Of File - - 49813287A932648A8442FD72035E422D
5C616939100B85E558DA92B899A0FC36