VIRUS SUR XP

Fermé
PGPL Messages postés 67 Date d'inscription dimanche 26 juin 2011 Statut Membre Dernière intervention 9 décembre 2011 - 26 nov. 2011 à 09:43
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 - 11 déc. 2011 à 11:20
Bonjour,

Bonjour,

Ce ou ces virus sont terribles (pour moi).
J'ai desinstalle avira free pour tester avira premiun et c'est la cata. Je n'avais plus de connection internet , pc tres lent mais alors tres lent et rien a faire avec avira. J'ai copie via un portable avast, spybot, malwares, et d'AUTRES... Pratiquement chacun a trouve quelque chose mais ma connection est revenue avec Comodo. J'ai supprime avira. Le PC est toujours tres lent, demarrage tres tres lent et usage tres lent car le processeur est toujours a 100% ou presque et internet plus que lent.
Je vous remercie pour votre aide.

A voir également:

98 réponses

jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
3 déc. 2011 à 22:15
Ferme tous tes navigateurs (donc copie ou imprime les instructions avant)

Crée un nouveau document texte : clic droit de souris sur le bureau > Nouveau > Document Texte, et copie dedans les lignes suivantes :





File::
c:\documents and settings\Patrice.PATRICE\Ustawienia lokalne\Dane aplikacji\COMODO
c:\documents and settings\Patrice.PATRICE\Dane aplikacji\QuickScan
c:\documents and settings\Patrice.PATRICE\Dane aplikacji\ArcaBit
c:\documents and settings\Patrice.PATRICE\Dane aplikacji\f-secure
c:\documents and settings\All Users\Dane aplikacji\F-Secure
c:\documents and settings\Patrice.PATRICE\Dane aplikacji\ArcaVirMicroScan
c:\program files\ESET
c:\documents and settings\Patrice.PATRICE\Dane aplikacji\ComodoGroup
c:\documents and settings\Patrice.PATRICE\Dane aplikacjiComodoGroup
c:\documents and settings\All Users\Dane aplikacji\Comodo
c:\documents and settings\All Users\Dane aplikacji\Comodo Downloader
c:\documents and settings\All Users\Dane aplikacji\Spybot - Search & Destroy
c:\documents and settings\Patrice.PATRICE\Dane aplikacji\Avira
c:\documents and settings\All Users\Dane aplikacji\Avira
c:\windows\system32\config\systemprofile\Dane aplikacji\IObit
c:\documents and settings\Patrice.PATRICE\Dane aplikacji\Media Finder
c:\documents and settings\Patrice.PATRICE\Ustawienia lokalne\Dane aplikacji\Babylon
c:\documents and settings\Patrice.PATRICE\Dane aplikacji\Babylon
c:\documents and settings\All Users\Dane aplikacji\Babylon
C:\UsbFix
C:\FyK
C:\adwcleaner(4).exe
c:\documents and settings\Patrice.PATRICE\Dane aplikacji\WinPatrol
c:\program files\Ad-Remover
c:\documents and settings\Patrice.PATRICE\Ustawienia lokalne\Dane aplikacji\COMODO





Enregistre ce fichier sous le nom CFscript


Fait un glisser/déposer de ce fichier CFscrïpt sur le fichier ComboFix.exe

Clique sur le fichier CFScript, maintient le doigt enfoncé et glisse la souris pour que l'icône du CFScript vienne recouvrir l'icône de Combofix. Relache la souris. Combofix va démarrer.

Une fenêtre bleue va apparaître: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide.

Patiente le temps du scan.Le bureau va disparaître à plusieurs reprises: c'est normal!

Ne touche à rien tant que le scan n'est pas terminé.

Une fois le scan achevé, un rapport va s'afficher: poste son contenu.



Si le fichier ne s'ouvre pas, il se trouve ici > C:\ComboFix.txt


____________________



sinon le souci n'est pas apparu après l'installation de Colasoft Capsa 7 - Enterprise Edition Demo ?
0
PGPL Messages postés 67 Date d'inscription dimanche 26 juin 2011 Statut Membre Dernière intervention 9 décembre 2011
4 déc. 2011 à 10:20
Bonjour,
Je viens donc d'effectuer l'operation en mode sans echec. Je viens de revenir en mode normal et... lenteur et desespoir.
Pour ce qui est de Capsa7, je ne pense pas car j'ai charge le logiciel plus tard lorsque je pensais avoir mon adresse piratee, mais le logiciel est trop complique pour moi.


ComboFix 11-12-01.01 - Patrice 2011-12-04 10:01:42.14.1 - FAT32x86 NETWORK
Uruchomiony z: c:\documents and settings\Patrice.PATRICE\Moje dokumenty\Pobieranie\ComboFix.exe
U?yto nast?puj?cych komend :: c:\documents and settings\Patrice.PATRICE\Pulpit\CFscript.txt
.
FILE ::
"C:\adwcleaner(4).exe"
"c:\documents and settings\All Users\Dane aplikacji\Avira"
"c:\documents and settings\All Users\Dane aplikacji\Babylon"
"c:\documents and settings\All Users\Dane aplikacji\Comodo Downloader"
"c:\documents and settings\All Users\Dane aplikacji\Comodo"
"c:\documents and settings\All Users\Dane aplikacji\F-Secure"
"c:\documents and settings\All Users\Dane aplikacji\Spybot - Search & Destroy"
"c:\documents and settings\Patrice.PATRICE\Dane aplikacji\ArcaBit"
"c:\documents and settings\Patrice.PATRICE\Dane aplikacji\ArcaVirMicroScan"
"c:\documents and settings\Patrice.PATRICE\Dane aplikacji\Avira"
"c:\documents and settings\Patrice.PATRICE\Dane aplikacji\Babylon"
"c:\documents and settings\Patrice.PATRICE\Dane aplikacji\ComodoGroup"
"c:\documents and settings\Patrice.PATRICE\Dane aplikacji\f-secure"
"c:\documents and settings\Patrice.PATRICE\Dane aplikacji\Media Finder"
"c:\documents and settings\Patrice.PATRICE\Dane aplikacji\QuickScan"
"c:\documents and settings\Patrice.PATRICE\Dane aplikacji\WinPatrol"
"c:\documents and settings\Patrice.PATRICE\Dane aplikacjiComodoGroup"
"c:\documents and settings\Patrice.PATRICE\Ustawienia lokalne\Dane aplikacji\Babylon"
"c:\documents and settings\Patrice.PATRICE\Ustawienia lokalne\Dane aplikacji\COMODO"
"C:\FyK"
"c:\program files\Ad-Remover"
"c:\program files\ESET"
"C:\UsbFix"
"c:\windows\system32\config\systemprofile\Dane aplikacji\IObit"
.
.
((((((((((((((((((((((((((((((((((((((( Usuni?to )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\adwcleaner(4).exe
c:\windows\CSC\d6
.
.
((((((((((((((((((((((((( Pliki utworzone od 2011-11-04 do 2011-12-04 )))))))))))))))))))))))))))))))
.
.
2011-12-03 18:43 . 2011-12-03 18:43 0 ----a-w- c:\windows\system32\REN87.tmp
2011-12-03 18:43 . 2011-12-03 18:43 0 ----a-w- c:\windows\system32\REN86.tmp
2011-12-03 18:43 . 2011-12-03 18:43 0 ----a-w- c:\windows\system32\REN85.tmp
2011-12-03 18:43 . 2011-10-03 04:06 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-12-03 07:22 . 2011-12-03 07:23 -------- d-----w- C:\UsbFix
2011-12-03 07:14 . 2011-12-03 07:14 -------- d-----w- C:\FyK
2011-12-02 12:07 . 2011-12-02 12:07 -------- d-----w- c:\program files\ZHPDiag
2011-12-02 12:03 . 2011-12-02 12:03 -------- d-----w- C:\BackUpcanneds
2011-12-02 09:37 . 2011-11-28 17:54 111320 ----a-w- c:\windows\system32\drivers\aswFW.sys
2011-12-02 09:37 . 2011-11-28 17:53 195416 ----a-w- c:\windows\system32\drivers\aswNdis2.sys
2011-12-02 09:37 . 2011-11-28 17:26 12112 ----a-w- c:\windows\system32\drivers\aswNdis.sys
2011-12-01 18:32 . 2011-11-28 17:53 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-12-01 18:32 . 2011-11-28 17:53 314456 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-12-01 18:32 . 2011-11-28 17:52 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-12-01 18:32 . 2011-11-28 17:52 52952 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-12-01 18:32 . 2011-11-28 17:52 111320 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-12-01 18:32 . 2011-11-28 17:52 105176 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-12-01 18:32 . 2011-11-28 17:51 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-12-01 18:32 . 2011-11-28 17:48 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-12-01 18:32 . 2011-11-28 18:01 41184 ----a-w- c:\windows\avastSS.scr
2011-12-01 18:32 . 2011-11-28 18:01 199816 ----a-w- c:\windows\system32\aswBoot.exe
2011-12-01 18:32 . 2011-12-01 18:32 -------- d-----w- c:\program files\AVAST Software
2011-12-01 18:32 . 2011-12-01 18:32 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\AVAST Software
2011-12-01 17:44 . 2011-12-01 17:44 114937 ----a-w- c:\windows\cscmondump.bin
2011-12-01 16:01 . 2011-12-01 16:01 -------- d-----w- c:\documents and settings\Patrice.PATRICE\Dane aplikacji\WinPatrol
2011-12-01 16:01 . 2011-12-01 16:01 -------- d-----w- c:\program files\BillP Studios
2011-12-01 16:00 . 1998-02-06 22:39 304128 ----a-w- c:\windows\unin040c.exe
2011-12-01 15:45 . 2011-12-01 15:45 -------- d-----w- C:\ZHP
2011-12-01 12:53 . 2011-12-01 12:53 -------- d-----w- c:\documents and settings\Patrice.PATRICE\Dane aplikacji\InfraRecorder
2011-11-29 13:12 . 2011-11-29 13:13 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\CPA_VA
2011-11-29 12:03 . 2011-11-29 12:03 -------- d-----w- c:\program files\Ad-Remover
2011-11-28 19:17 . 2011-11-28 19:17 -------- d-----w- c:\documents and settings\Patrice.PATRICE\Ustawienia lokalne\Dane aplikacji\Adobe
2011-11-28 13:35 . 2004-08-03 23:44 83456 ----a-w- c:\windows\system32\olepro32.dll
2011-11-28 13:35 . 2004-08-03 23:44 83456 ----a-w- c:\windows\system32\dllcache\olepro32.dll
2011-11-28 13:33 . 2011-11-28 13:33 -------- d-----w- c:\documents and settings\Patrice.PATRICE\Ustawienia lokalne\Dane aplikacji\COMODO
2011-11-28 13:27 . 2005-08-26 00:50 77312 ----a-w- c:\windows\system32\ztvunace26.dll
2011-11-28 11:06 . 2011-11-28 11:06 -------- d-----w- c:\program files\RegCleaner
2011-11-28 07:53 . 2011-11-28 07:53 -------- d-----w- c:\documents and settings\Patrice.PATRICE\Dane aplikacji\Colasoft Packet Builder
2011-11-28 07:35 . 2011-11-28 07:35 -------- d-----w- c:\program files\Common Files\Colasoft Shared
2011-11-28 07:35 . 2011-11-28 07:35 -------- d-----w- c:\documents and settings\Patrice.PATRICE\Dane aplikacji\Colasoft MAC Scanner
2011-11-28 07:35 . 2011-11-28 07:35 -------- d-----w- c:\documents and settings\Patrice.PATRICE\Dane aplikacji\Colasoft Capsa 7 - Enterprise Edition Demo
2011-11-28 07:35 . 2011-11-28 07:35 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Colasoft Capsa 7 - Enterprise Edition Demo
2011-11-28 07:32 . 2010-05-20 14:14 28184 ----a-w- c:\windows\system32\drivers\CSN5PDTS82.sys
2011-11-28 06:35 . 2011-11-28 06:35 -------- d-----w- c:\documents and settings\Patrice.PATRICE\Dane aplikacji\QuickScan
2011-11-27 23:01 . 2011-11-27 23:01 -------- d-----w- c:\documents and settings\Patrice.PATRICE\Dane aplikacji\ArcaBit
2011-11-27 19:03 . 2011-11-27 19:03 -------- d-----w- c:\documents and settings\Patrice.PATRICE\Dane aplikacji\f-secure
2011-11-27 19:02 . 2011-11-27 19:02 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\F-Secure
2011-11-27 18:20 . 2011-11-27 18:20 -------- d-----w- c:\documents and settings\Patrice.PATRICE\Dane aplikacji\ArcaVirMicroScan
2011-11-27 16:59 . 2011-11-27 16:59 -------- d-----w- c:\program files\ESET
2011-11-27 15:55 . 2011-11-27 15:55 -------- d-----w- c:\program files\Unlocker
2011-11-27 06:05 . 2011-08-31 16:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-11-27 05:02 . 2011-11-27 05:02 0 ------w- C:\PhysicalDisk0_MBR.bin
2011-11-25 20:01 . 2011-11-25 20:03 160 ----a-w- c:\windows\crpf.bin
2011-11-25 20:01 . 2011-11-25 20:01 158 ----a-w- c:\windows\crpf_sdum.bin
2011-11-25 18:52 . 2011-11-25 18:52 -------- d-----w- C:\VritualRoot
2011-11-25 18:46 . 2011-11-25 18:46 -------- d-----w- c:\documents and settings\Patrice.PATRICE\Dane aplikacji\ComodoGroup
2011-11-25 18:42 . 2011-11-25 18:42 -------- d-----w- c:\program files\Common Files\Filseclab
2011-11-25 18:37 . 2011-11-25 18:37 -------- d-----w- c:\windows\system32\wbem\Repository
2011-11-25 12:53 . 2011-11-30 07:51 1474832 ----a-w- c:\windows\system32\drivers\sfi.dat
2011-11-25 12:15 . 2011-11-25 12:15 -------- d-----w- c:\documents and settings\Patrice.PATRICE\Dane aplikacjiComodoGroup
2011-11-24 18:35 . 2011-11-24 18:35 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Comodo
2011-11-24 18:13 . 2011-11-24 18:13 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Comodo Downloader
2011-11-24 15:05 . 2011-11-24 15:05 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Spybot - Search & Destroy
2011-11-23 16:01 . 2002-02-18 17:40 6200 ------w- c:\windows\system32\INT13EXT.VXD
2011-11-22 10:32 . 2011-11-22 10:32 -------- d-----w- c:\documents and settings\Patrice.PATRICE\Dane aplikacji\Avira
2011-11-21 14:07 . 2011-11-21 14:07 -------- d-----w- c:\documents and settings\All Users\Dane aplikacji\Avira
2011-11-16 13:44 . 2011-11-16 13:44 -------- d-----w- c:\windows\system32\config\systemprofile\Dane aplikacji\IObit
2011-11-12 09:37 . 2011-11-12 09:37 -------- d-----w- c:\documents and settings\Patrice.PATRICE\Ustawienia lokalne\Dane aplikacji\Help
.
.
.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-21 08:09 . 2008-01-23 16:54 54016 ----a-w- c:\windows\system32\drivers\NVENETFD.sys
2011-09-21 08:09 . 2008-01-23 16:54 199168 ----a-w- c:\windows\system32\fdco1ins.dll
2011-09-21 08:09 . 2008-01-23 16:54 199168 ----a-w- c:\windows\system32\fdco1.dll
2011-09-09 17:23 . 2011-09-18 06:30 2469760 ----a-w- c:\windows\system32\BootMan.exe
.
.
((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domy?lne, prawid?owe wpisy nie s? pokazane
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Stat 'n' Perf"="c:\program files\StatnPerf\StatnPerf.exe" [2011-04-23 147517]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2010-05-06 10:29 64592 ----a-w- c:\program files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0B\0aswBoot.exe /M:56357abc2
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2010-04-16 21:12 3872080 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"d:\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"d:\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"d:\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"d:\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"d:\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"d:\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"d:\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"d:\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"d:\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"d:\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"d:\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"d:\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"d:\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\WINDOWS\\system32\\HPZipm12.exe"=
"c:\\WINDOWS\\SOUNDMAN.EXE"=
"c:\\Program Files\\NVIDIA Corporation\\NvMixer\\NVMixerTray.exe"=
"c:\\WINDOWS\\system32\\wscntfy.exe"=
"c:\\WINDOWS\\system32\\Ati2evxx.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
.
R1 aswSnx;aswSnx; [x]
R1 aswSP;aswSP; [x]
R1 CSN5PDTS82x64;CSN5PDTS82x64 NDIS Protocol Driver;c:\windows\system32\Drivers\CSN5PDTS82x64.sys [x]
R1 CsNdisLWF;CsNdisLWF NDIS Protocol Driver;c:\windows\system32\Drivers\CsNdisLWF.sys [x]
R2 aswFsBlk;aswFsBlk; [x]
R2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe [2011-11-28 127192]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 LBeepKE;Logitech Beep Suppression Driver;c:\windows\system32\Drivers\LBeepKE.sys [2010-03-18 10448]
R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2011-07-29 13192]
R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2011-07-29 8456]
R3 GPCIDrv;GPCIDrv;c:\windows\GPCIDrv.sys [2010-08-09 5112]
R3 M1000Srv;M5603C USB2.0 Camera Driver;c:\windows\system32\Drivers\M1000KNT.sys [2005-07-20 274567]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-08-31 22216]
R3 s816bus;Sony Ericsson Device 816 driver (WDM);c:\windows\system32\DRIVERS\s816bus.sys [2007-06-19 81832]
R3 s816mdfl;Sony Ericsson Device 816 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s816mdfl.sys [2007-06-19 13864]
R3 s816mdm;Sony Ericsson Device 816 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s816mdm.sys [2007-06-19 107304]
R3 s816mgmt;Sony Ericsson Device 816 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s816mgmt.sys [2007-06-19 99112]
R3 s816nd5;Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (NDIS);c:\windows\system32\DRIVERS\s816nd5.sys [2007-06-19 21928]
R3 s816obex;Sony Ericsson Device 816 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s816obex.sys [2007-06-19 97320]
R3 s816unic;Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (WDM);c:\windows\system32\DRIVERS\s816unic.sys [2007-06-19 97704]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\DRIVERS\aswNdis.sys [2011-11-28 12112]
S0 aswNdis2;avast! Firewall Core Firewall Service; [x]
S0 tffsport;M-Systems DiskOnChip 2000;c:\windows\system32\DRIVERS\tffsport.sys [2004-08-03 149376]
S1 aswFW;avast! TDI Firewall driver; [x]
S1 CSN5PDTS82;CSN5PDTS82 NDIS Protocol Driver;c:\windows\system32\Drivers\CSN5PDTS82.sys [2010-05-20 28184]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Zawarto?? folderu 'Zaplanowane zadania'
.
2011-12-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-117609710-583907252-725345543-1003Core.job
- c:\documents and settings\Patrice.PATRICE\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe [2011-12-02 08:02]
.
.
------- Skan uzupe?niaj?cy -------
.
IE: Download with &Media Finder - c:\program files\Media Finder\hook.html
IE: E&ksportuj do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: Interfaces\{25082E3A-F25A-4981-BC83-2422236BB1D4}: NameServer = 192.168.1.254,213.134.134.134
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-12-04 10:04
Windows 5.1.2600 Dodatek Service Pack 2 FAT NTAPI
.
skanowanie ukrytych procesów ...
.
skanowanie ukrytych wpisów autostartu ...
.
skanowanie ukrytych plików ...
.
skanowanie pomy?lnie uko?czone
ukryte pliki: 0
.
**************************************************************************
.
--------------------- Pliki DLL ?adowane pod uruchomionymi procesami ---------------------
.
- - - - - - - > 'winlogon.exe'(1232)
c:\windows\system32\Ati2evxx.dll
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
.
Czas uko?czenia: 2011-12-04 10:05:47
ComboFix-quarantined-files.txt 2011-12-04 09:05
.
Przed: 466 501 632 bajtów wolnych
Po: 455 573 504 bajtów wolnych
.
WindowsXP-KB310994-SP2-Home-BootDisk-PLK.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn
.
- - End Of File - - 914818003BD3F30985FBA3C91E91FAF4
0
PGPL Messages postés 67 Date d'inscription dimanche 26 juin 2011 Statut Membre Dernière intervention 9 décembre 2011
4 déc. 2011 à 10:22
J'ai aussi mis a jour java hier je pensais pouvoir ameliorer la communication internet mais il n'en est rien.
0
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
4 déc. 2011 à 11:11
Les autres pc connectés au net rament aussi ?
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
4 déc. 2011 à 12:52
télécharge OTM
http://www.geekstogo.com/forum/files/file/402-otm-oldtimers-move-it/
(de Old_Timer) sur ton Bureau.

double-clique sur OTM.exe pour le lancer.
copie la liste qui se trouve en citation ci-dessous,
et colle-la dans le cadre de gauche de OTM :Paste instruction for items to be moved.


:processes
explorer.exe
:files
c:\documents and settings\Patrice.PATRICE\Ustawienia lokalne\Dane aplikacji\COMODO
c:\documents and settings\Patrice.PATRICE\Dane aplikacji\QuickScan
c:\documents and settings\Patrice.PATRICE\Dane aplikacji\ArcaBit
c:\documents and settings\Patrice.PATRICE\Dane aplikacji\f-secure
c:\documents and settings\All Users\Dane aplikacji\F-Secure
c:\documents and settings\Patrice.PATRICE\Dane aplikacji\ArcaVirMicroScan
c:\program files\ESET
c:\documents and settings\Patrice.PATRICE\Dane aplikacji\ComodoGroup
c:\documents and settings\Patrice.PATRICE\Dane aplikacjiComodoGroup
c:\documents and settings\All Users\Dane aplikacji\Comodo
c:\documents and settings\All Users\Dane aplikacji\Comodo Downloader
c:\documents and settings\All Users\Dane aplikacji\Spybot - Search & Destroy
c:\documents and settings\Patrice.PATRICE\Dane aplikacji\Avira
c:\documents and settings\All Users\Dane aplikacji\Avira
c:\windows\system32\config\systemprofile\Dane aplikacji\IObit
c:\documents and settings\Patrice.PATRICE\Dane aplikacji\Media Finder
c:\documents and settings\Patrice.PATRICE\Ustawienia lokalne\Dane aplikacji\Babylon
c:\documents and settings\Patrice.PATRICE\Dane aplikacji\Babylon
c:\documents and settings\All Users\Dane aplikacji\Babylon
C:\UsbFix
C:\FyK
C:\adwcleaner(4).exe
c:\documents and settings\Patrice.PATRICE\Dane aplikacji\WinPatrol
c:\program files\Ad-Remover
c:\documents and settings\Patrice.PATRICE\Ustawienia lokalne\Dane aplikacji\COMODO

:commands
[purity]
[emptytemp]
[start explorer]


clique sur MoveIt! pour lancer la suppression.
le résultat apparaitra dans le cadre "Results".
clique sur Exit pour fermer.
poste le rapport situé dans C:\_OTM\MovedFiles.

il te sera peut-être demander de redémarrer le pc pour achever la suppression.si c'est le cas accepte par Yes.
0
PGPL Messages postés 67 Date d'inscription dimanche 26 juin 2011 Statut Membre Dernière intervention 9 décembre 2011
4 déc. 2011 à 21:12
Bonsoir,
voici le rapport, Mais apres avoir redemarrer le pc voila au moins deux trois minutes et meme plus que le processeur travaille tout seul et qu'il y a un upload et download sur internet

All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== FILES ==========
c:\documents and settings\Patrice.PATRICE\Ustawienia lokalne\Dane aplikacji\COMODO folder moved successfully.
c:\documents and settings\Patrice.PATRICE\Dane aplikacji\QuickScan folder moved successfully.
c:\documents and settings\Patrice.PATRICE\Dane aplikacji\ArcaBit\Statistics folder moved successfully.
c:\documents and settings\Patrice.PATRICE\Dane aplikacji\ArcaBit folder moved successfully.
c:\documents and settings\Patrice.PATRICE\Dane aplikacji\f-secure folder moved successfully.
c:\documents and settings\All Users\Dane aplikacji\F-Secure\Daas2\cert folder moved successfully.
c:\documents and settings\All Users\Dane aplikacji\F-Secure\Daas2 folder moved successfully.
c:\documents and settings\All Users\Dane aplikacji\F-Secure folder moved successfully.
c:\documents and settings\Patrice.PATRICE\Dane aplikacji\ArcaVirMicroScan folder moved successfully.
c:\program files\ESET\ESET Online Scanner\Quarantine folder moved successfully.
c:\program files\ESET\ESET Online Scanner folder moved successfully.
c:\program files\ESET folder moved successfully.
c:\documents and settings\Patrice.PATRICE\Dane aplikacji\ComodoGroup\CSC\Cache folder moved successfully.
c:\documents and settings\Patrice.PATRICE\Dane aplikacji\ComodoGroup\CSC folder moved successfully.
c:\documents and settings\Patrice.PATRICE\Dane aplikacji\ComodoGroup folder moved successfully.
c:\documents and settings\Patrice.PATRICE\Dane aplikacjiComodoGroup\CSC\Cache folder moved successfully.
c:\documents and settings\Patrice.PATRICE\Dane aplikacjiComodoGroup\CSC folder moved successfully.
c:\documents and settings\Patrice.PATRICE\Dane aplikacjiComodoGroup folder moved successfully.
c:\documents and settings\All Users\Dane aplikacji\Comodo folder moved successfully.
c:\documents and settings\All Users\Dane aplikacji\Comodo Downloader folder moved successfully.
c:\documents and settings\All Users\Dane aplikacji\Spybot - Search & Destroy folder moved successfully.
c:\documents and settings\Patrice.PATRICE\Dane aplikacji\Avira folder moved successfully.
c:\documents and settings\All Users\Dane aplikacji\Avira\AntiVir Desktop\INFECTED folder moved successfully.
c:\documents and settings\All Users\Dane aplikacji\Avira\AntiVir Desktop\LOGFILES folder moved successfully.
c:\documents and settings\All Users\Dane aplikacji\Avira\AntiVir Desktop\TEMP folder moved successfully.
c:\documents and settings\All Users\Dane aplikacji\Avira\AntiVir Desktop\EVENTDB folder moved successfully.
c:\documents and settings\All Users\Dane aplikacji\Avira\AntiVir Desktop\CONFIG folder moved successfully.
c:\documents and settings\All Users\Dane aplikacji\Avira\AntiVir Desktop\JOBS folder moved successfully.
c:\documents and settings\All Users\Dane aplikacji\Avira\AntiVir Desktop folder moved successfully.
c:\documents and settings\All Users\Dane aplikacji\Avira folder moved successfully.
c:\windows\system32\config\systemprofile\Dane aplikacji\IObit\Advanced SystemCare V5 folder moved successfully.
c:\windows\system32\config\systemprofile\Dane aplikacji\IObit folder moved successfully.
c:\documents and settings\Patrice.PATRICE\Dane aplikacji\Media Finder folder moved successfully.
c:\documents and settings\Patrice.PATRICE\Ustawienia lokalne\Dane aplikacji\Babylon folder moved successfully.
c:\documents and settings\Patrice.PATRICE\Dane aplikacji\Babylon folder moved successfully.
c:\documents and settings\All Users\Dane aplikacji\Babylon folder moved successfully.
C:\UsbFix\Backup\Registry-2011-12-03\Users\00000002 folder moved successfully.
C:\UsbFix\Backup\Registry-2011-12-03\Users\00000001 folder moved successfully.
C:\UsbFix\Backup\Registry-2011-12-03\Users folder moved successfully.
C:\UsbFix\Backup\Registry-2011-12-03 folder moved successfully.
C:\UsbFix\Backup folder moved successfully.
C:\UsbFix\Quarantine\E\MUZYKA\Zdj?cia\ptywatne folder moved successfully.
C:\UsbFix\Quarantine\E\MUZYKA\Zdj?cia\?azy 2008 folder moved successfully.
C:\UsbFix\Quarantine\E\MUZYKA\Zdj?cia\Wyg?upy folder moved successfully.
C:\UsbFix\Quarantine\E\MUZYKA\Zdj?cia\wspin folder moved successfully.
C:\UsbFix\Quarantine\E\MUZYKA\Zdj?cia\Tatry_14-15.03.2009 folder moved successfully.
C:\UsbFix\Quarantine\E\MUZYKA\Zdj?cia\Tatry A?ka\ma?y rozmiar folder moved successfully.
C:\UsbFix\Quarantine\E\MUZYKA\Zdj?cia\Tatry A?ka folder moved successfully.
C:\UsbFix\Quarantine\E\MUZYKA\Zdj?cia\Tatry\pokaz folder moved successfully.
C:\UsbFix\Quarantine\E\MUZYKA\Zdj?cia\Tatry\11.08 tatry folder moved successfully.
C:\UsbFix\Quarantine\E\MUZYKA\Zdj?cia\Tatry\101_PANA folder moved successfully.
C:\UsbFix\Quarantine\E\MUZYKA\Zdj?cia\Tatry folder moved successfully.
C:\UsbFix\Quarantine\E\MUZYKA\Zdj?cia\Sokoliki_Kurs folder moved successfully.
C:\UsbFix\Quarantine\E\MUZYKA\Zdj?cia\Portret folder moved successfully.
C:\UsbFix\Quarantine\E\MUZYKA\Zdj?cia\Makro folder moved successfully.
C:\UsbFix\Quarantine\E\MUZYKA\Zdj?cia\Krajobraz folder moved successfully.
C:\UsbFix\Quarantine\E\MUZYKA\Zdj?cia\JarkaWieczor folder moved successfully.
C:\UsbFix\Quarantine\E\MUZYKA\Zdj?cia\Dream\102_PANA folder moved successfully.
C:\UsbFix\Quarantine\E\MUZYKA\Zdj?cia\Dream folder moved successfully.
C:\UsbFix\Quarantine\E\MUZYKA\Zdj?cia\A?_u_mnie folder moved successfully.
C:\UsbFix\Quarantine\E\MUZYKA\Zdj?cia\A?ka_?wi?ta folder moved successfully.
C:\UsbFix\Quarantine\E\MUZYKA\Zdj?cia\A?ka ?wi?ta razem folder moved successfully.
C:\UsbFix\Quarantine\E\MUZYKA\Zdj?cia\A? folder moved successfully.
C:\UsbFix\Quarantine\E\MUZYKA\Zdj?cia\Alpy 2008-Pokaz\Grossglockner folder moved successfully.
C:\UsbFix\Quarantine\E\MUZYKA\Zdj?cia\Alpy 2008-Pokaz\Dufourspitze folder moved successfully.
C:\UsbFix\Quarantine\E\MUZYKA\Zdj?cia\Alpy 2008-Pokaz folder moved successfully.
C:\UsbFix\Quarantine\E\MUZYKA\Zdj?cia\ALPY 2008\Wszystkie\Wasia\moje\etap gros folder moved successfully.
C:\UsbFix\Quarantine\E\MUZYKA\Zdj?cia\ALPY 2008\Wszystkie\Wasia\moje\etap dufor i pomiedzy folder moved successfully.
C:\UsbFix\Quarantine\E\MUZYKA\Zdj?cia\ALPY 2008\Wszystkie\Wasia\moje folder moved successfully.
C:\UsbFix\Quarantine\E\MUZYKA\Zdj?cia\ALPY 2008\Wszystkie\Wasia folder moved successfully.
C:\UsbFix\Quarantine\E\MUZYKA\Zdj?cia\ALPY 2008\Wszystkie\Leszka\Grossglockner folder moved successfully.
C:\UsbFix\Quarantine\E\MUZYKA\Zdj?cia\ALPY 2008\Wszystkie\Leszka\Dufourspitze folder moved successfully.
C:\UsbFix\Quarantine\E\MUZYKA\Zdj?cia\ALPY 2008\Wszystkie\Leszka folder moved successfully.
C:\UsbFix\Quarantine\E\MUZYKA\Zdj?cia\ALPY 2008\Wszystkie folder moved successfully.
C:\UsbFix\Quarantine\E\MUZYKA\Zdj?cia\ALPY 2008\Pokaz2 folder moved successfully.
C:\UsbFix\Quarantine\E\MUZYKA\Zdj?cia\ALPY 2008\Pokaz\Grossglockner folder moved successfully.
C:\UsbFix\Quarantine\E\MUZYKA\Zdj?cia\ALPY 2008\Pokaz\Dufourspitze folder moved successfully.
C:\UsbFix\Quarantine\E\MUZYKA\Zdj?cia\ALPY 2008\Pokaz folder moved successfully.
C:\UsbFix\Quarantine\E\MUZYKA\Zdj?cia\ALPY 2008 folder moved successfully.
C:\UsbFix\Quarantine\E\MUZYKA\Zdj?cia\106_PANA folder moved successfully.
C:\UsbFix\Quarantine\E\MUZYKA\Zdj?cia\104_PANA folder moved successfully.
C:\UsbFix\Quarantine\E\MUZYKA\Zdj?cia\103_PANA folder moved successfully.
C:\UsbFix\Quarantine\E\MUZYKA\Zdj?cia\102_PANA folder moved successfully.
C:\UsbFix\Quarantine\E\MUZYKA\Zdj?cia\101_PANA folder moved successfully.
C:\UsbFix\Quarantine\E\MUZYKA\Zdj?cia\100_PANA folder moved successfully.
C:\UsbFix\Quarantine\E\MUZYKA\Zdj?cia\100MSDCF folder moved successfully.
C:\UsbFix\Quarantine\E\MUZYKA\Zdj?cia folder moved successfully.
C:\UsbFix\Quarantine\E\MUZYKA\zdjecia_inne folder moved successfully.
C:\UsbFix\Quarantine\E\MUZYKA\ZdjeciaNaKlase\Tatry_2009 folder moved successfully.
C:\UsbFix\Quarantine\E\MUZYKA\ZdjeciaNaKlase\Sokoliki_Kurs folder moved successfully.
C:\UsbFix\Quarantine\E\MUZYKA\ZdjeciaNaKlase\przed obróbk? folder moved successfully.
C:\UsbFix\Quarantine\E\MUZYKA\ZdjeciaNaKlase\pokaz folder moved successfully.
C:\UsbFix\Quarantine\E\MUZYKA\ZdjeciaNaKlase\Obrobione folder moved successfully.
C:\UsbFix\Quarantine\E\MUZYKA\ZdjeciaNaKlase\Nowe na klasa folder moved successfully.
C:\UsbFix\Quarantine\E\MUZYKA\ZdjeciaNaKlase\Kopia przed obróbk? folder moved successfully.
C:\UsbFix\Quarantine\E\MUZYKA\ZdjeciaNaKlase\Janówek folder moved successfully.
C:\UsbFix\Quarantine\E\MUZYKA\ZdjeciaNaKlase folder moved successfully.
C:\UsbFix\Quarantine\E\MUZYKA folder moved successfully.
C:\UsbFix\Quarantine\E\Recycler\S-1-5-21-117609710-583907252-725345543-1003 folder moved successfully.
C:\UsbFix\Quarantine\E\Recycler folder moved successfully.
C:\UsbFix\Quarantine\E folder moved successfully.
C:\UsbFix\Quarantine\D\Recycler\S-1-5-21-117609710-583907252-725345543-1003 folder moved successfully.
C:\UsbFix\Quarantine\D\Recycler folder moved successfully.
C:\UsbFix\Quarantine\D folder moved successfully.
C:\UsbFix\Quarantine folder moved successfully.
C:\UsbFix\Tools folder moved successfully.
C:\UsbFix\Res folder moved successfully.
C:\UsbFix\Erunt folder moved successfully.
C:\UsbFix folder moved successfully.
C:\FyK\Tools folder moved successfully.
C:\FyK folder moved successfully.
File/Folder C:\adwcleaner(4).exe not found.
c:\documents and settings\Patrice.PATRICE\Dane aplikacji\WinPatrol folder moved successfully.
c:\program files\Ad-Remover\Quarantine folder moved successfully.
c:\program files\Ad-Remover\Backup\Registry-2011-12-03\Users\00000002 folder moved successfully.
c:\program files\Ad-Remover\Backup\Registry-2011-12-03\Users\00000001 folder moved successfully.
c:\program files\Ad-Remover\Backup\Registry-2011-12-03\Users folder moved successfully.
c:\program files\Ad-Remover\Backup\Registry-2011-12-03 folder moved successfully.
c:\program files\Ad-Remover\Backup\Registry-2011-11-30\Users\00000002 folder moved successfully.
c:\program files\Ad-Remover\Backup\Registry-2011-11-30\Users\00000001 folder moved successfully.
c:\program files\Ad-Remover\Backup\Registry-2011-11-30\Users folder moved successfully.
c:\program files\Ad-Remover\Backup\Registry-2011-11-30 folder moved successfully.
c:\program files\Ad-Remover\Backup\C\Documents and Settings\Patrice.PATRICE\Dane aplikacji\Mozilla\FireFox\Profiles folder moved successfully.
c:\program files\Ad-Remover\Backup\C\Documents and Settings\Patrice.PATRICE\Dane aplikacji\Mozilla\FireFox folder moved successfully.
c:\program files\Ad-Remover\Backup\C\Documents and Settings\Patrice.PATRICE\Dane aplikacji\Mozilla folder moved successfully.
c:\program files\Ad-Remover\Backup\C\Documents and Settings\Patrice.PATRICE\Dane aplikacji folder moved successfully.
c:\program files\Ad-Remover\Backup\C\Documents and Settings\Patrice.PATRICE folder moved successfully.
c:\program files\Ad-Remover\Backup\C\Documents and Settings folder moved successfully.
c:\program files\Ad-Remover\Backup\C folder moved successfully.
c:\program files\Ad-Remover\Backup\Registry-2011-11-29\Users\00000002 folder moved successfully.
c:\program files\Ad-Remover\Backup\Registry-2011-11-29\Users\00000001 folder moved successfully.
c:\program files\Ad-Remover\Backup\Registry-2011-11-29\Users folder moved successfully.
c:\program files\Ad-Remover\Backup\Registry-2011-11-29 folder moved successfully.
c:\program files\Ad-Remover\Backup folder moved successfully.
c:\program files\Ad-Remover\res\Images folder moved successfully.
c:\program files\Ad-Remover\res\Icons folder moved successfully.
c:\program files\Ad-Remover\res folder moved successfully.
c:\program files\Ad-Remover\Lang folder moved successfully.
c:\program files\Ad-Remover\Erunt folder moved successfully.
c:\program files\Ad-Remover\bin folder moved successfully.
c:\program files\Ad-Remover folder moved successfully.
File/Folder c:\documents and settings\Patrice.PATRICE\Ustawienia lokalne\Dane aplikacji\COMODO not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 56475 bytes

User: All Users

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Patrice
->Flash cache emptied: 1011 bytes

User: Administrator

User: Patrice.PATRICE
->Temp folder emptied: 1525 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 29560 bytes
->Google Chrome cache emptied: 104341952 bytes
->Flash cache emptied: 58176 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 29311 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 100,00 mb


OTM by OldTimer - Version 3.1.19.0 log created on 12042011_210444

Files moved on Reboot...
C:\WINDOWS\temp\_asw_aisI.tm~a01540\setup.lok moved successfully.
C:\WINDOWS\temp\_asw_aisI.tm~a01540\onefile.dld moved successfully.
File C:\WINDOWS\temp\_avast_\Webshlock.txt not found!

Registry entries deleted on Reboot...
0
PGPL Messages postés 67 Date d'inscription dimanche 26 juin 2011 Statut Membre Dernière intervention 9 décembre 2011
4 déc. 2011 à 21:20
Je viens d'eteindre et de rallumer et le resultat est toujours le meme. Il y a un echange sur internet sans que je ne fasse rien comme si apres chaque tentative le ou les virus ou vers se reinstallaient
0
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
Modifié par jlpjlp le 4/12/2011 à 21:52
cela va mieux pendant un moment?
si tu enleve le cable ethernet cela marche mieux ton pc?
les autres pc connéctés n'ont pas de soucis?



Télécharge OTL de OLDTimer ici :

http://www.geekstogo.com/forum/files/file/398-otl-oldtimers-list-it/

et enregistre le sur ton Bureau.

Double clic sur OTL.exe pour le lancer.

Coche les 2 cases Lop et Purity

Coche la case devant "scan all users"

Clic sur Run Scan.

A la fin du scan, le Bloc-Notes va s'ouvrir avec le rapport (OTL.txt).

Ce fichier est sur ton Bureau (en général C:\Documents and settings\le_nom_de_ta_session\OTL.txt)


Pour me le transmettre clique sur ce lien :

http://www.cijoint.fr/

Clique sur Parcourir et cherche le fichier ci-dessus.

Clique sur Ouvrir.

Clique sur "Cliquez ici pour déposer le fichier".

Un lien de cette forme :

http://www.cijoint.fr/cjlink.php?file=cj200905/cijSKAP5fU.txt

est ajouté dans la page.

Copie ce lien dans ta réponse.
0
PGPL Messages postés 67 Date d'inscription dimanche 26 juin 2011 Statut Membre Dernière intervention 9 décembre 2011
5 déc. 2011 à 09:14
Bonjour,
J'ai allume ce matin et bien sur toujours aussi long puis pc travaillant tout seul internet etc...
Apres lecture du message j'ai deconnecte internet et essaye mais rien ce devait etre deja trop tard.
Comme je n'y connais pas grand chose ma question peut paraitre idiote mais, est-ce que le virus ou ver ou autre ne pourrait pas se greffer sur chaque nouveau programme entrant et le rendre en partie inefficace et se mettre a jour en permanence?
En fait que je fasse quelque chose ou pas le pc travaille sans arret avec des pics de connection alors que je ne me sers pas d'internet.

Je n'ai pas reussi a ouvrir la page .cijoint donc le fichier est sur un autre site.
Ca aussi c'est bizarre : il y a des pages qui s'ouvrent presque normalement et d'autres plus que tres longues a charger ou meme impossible.

https://pjjoint.malekal.com/files.php?id=20111205_o13q7x6m6w11
0
PGPL Messages postés 67 Date d'inscription dimanche 26 juin 2011 Statut Membre Dernière intervention 9 décembre 2011
5 déc. 2011 à 13:44
0
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
Modifié par jlpjlp le 5/12/2011 à 14:56
ok
est-ce que le virus ou ver ou autre ne pourrait pas se greffer sur chaque nouveau programme entrant et le rendre en partie inefficace et se mettre a jour en permanence?

cela peut se réactiver un virus au démarrage... si il ya des restes mais au vu des logiciels utilisés NON

un pc du moment qu'il est connecté au net , travaille effectivement tout le temps, il n'y a qu'au voir en mettant un parefeu comme zonealarm qui indique les tentative du net de se connécter ...


il y a surtout que tu as mis de nombreux logiciels antivirus, l'accumulation peut ralentir fortement le pc

des logiciels comme tuneup pour nettoyer un pc, a trop être utilisé peut engendrer des problèmes...


double-clique sur OTM.exe pour le lancer.
copie la liste qui se trouve en citation ci-dessous,
et colle-la dans le cadre de gauche de OTM :Paste instruction for items to be moved.


:processes
explorer.exe
:files
C:\Documents and Settings\All Users\Dane aplikacji\{C4C0E335-EDDF-46A0-A57D-F3802AE44275}
C:\WINDOWS\system32\zvprtmon.dll
C:\WINDOWS\System32\zvprtmonui.dll
C:\Documents and Settings\All Users\Dane aplikacji\Ts_infos.ini

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
:commands
[purity]
[emptytemp]
[start explorer]


clique sur MoveIt! pour lancer la suppression.
le résultat apparaitra dans le cadre "Results".
clique sur Exit pour fermer.
poste le rapport situé dans C:\_OTM\MovedFiles.

il te sera peut-être demander de redémarrer le pc pour achever la suppression.si c'est le cas accepte par Yes.




puis colle un rapport de suppression avec delfix
0
PGPL Messages postés 67 Date d'inscription dimanche 26 juin 2011 Statut Membre Dernière intervention 9 décembre 2011
5 déc. 2011 à 15:40
Je viens d'effectuer otm le rapport suit.
Le redemarrage a ete toujours aussi laborieux et le temps de chargement de cette page catastrophique, il m'a fallu rafraichir plusieurs fois.
Pour moi c'est assez anormal que le pc travaille tout le temps (inexistant avant) et aussi avec internet avant ca ne le faisait pas ou alors tres tres peu seulement lorsque cela etait necessaire (mises a jour, etc... ), sinon non.
C'est vrai qu'il y a un nombre important de logiciels antivirus mais je les ai installes pour traiter le probleme de ralentissement.
Je vais realiser delfix et j'envoie le rapport.


All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== FILES ==========
C:\Documents and Settings\All Users\Dane aplikacji\{C4C0E335-EDDF-46A0-A57D-F3802AE44275}\Microsoft Windows Installer31\mWinRun.dll\unicode folder moved successfully.
C:\Documents and Settings\All Users\Dane aplikacji\{C4C0E335-EDDF-46A0-A57D-F3802AE44275}\Microsoft Windows Installer31\mWinRun.dll\ansi folder moved successfully.
C:\Documents and Settings\All Users\Dane aplikacji\{C4C0E335-EDDF-46A0-A57D-F3802AE44275}\Microsoft Windows Installer31\mWinRun.dll folder moved successfully.
C:\Documents and Settings\All Users\Dane aplikacji\{C4C0E335-EDDF-46A0-A57D-F3802AE44275}\Microsoft Windows Installer31 folder moved successfully.
C:\Documents and Settings\All Users\Dane aplikacji\{C4C0E335-EDDF-46A0-A57D-F3802AE44275} folder moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\zvprtmon.dll
C:\WINDOWS\system32\zvprtmon.dll moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\System32\zvprtmonui.dll
C:\WINDOWS\System32\zvprtmonui.dll moved successfully.
C:\Documents and Settings\All Users\Dane aplikacji\Ts_infos.ini moved successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall\ deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: All Users

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Patrice
->Flash cache emptied: 0 bytes

User: Administrator

User: Patrice.PATRICE
->Temp folder emptied: 176855 bytes
->Temporary Internet Files folder emptied: 44762 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 40276715 bytes
->Flash cache emptied: 1700 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 149283 bytes
RecycleBin emptied: 108476606 bytes

Total Files Cleaned = 142,00 mb


OTM by OldTimer - Version 3.1.19.0 log created on 12052011_151729

Files moved on Reboot...
C:\WINDOWS\temp\_asw_aisI.tm~a02704\setup.lok moved successfully.
File C:\WINDOWS\temp\_avast_\Webshlock.txt not found!

Registry entries deleted on Reboot...
0
PGPL Messages postés 67 Date d'inscription dimanche 26 juin 2011 Statut Membre Dernière intervention 9 décembre 2011
5 déc. 2011 à 16:12
Voici le rapport analyse delfix

# DelFix v8.7 - Rapport créé le 05/12/2011 a 16:12:10
# Mis a jour le 01/12/11 a 20h par Xplode
# Systeme d'exploitation : Microsoft Windows XP Dodatek Service Pack 2 (32 bits)
# Nom d'utilisateur : Patrice - PATRICE (Administrateur)
# Exécuté depuis : C:\Documents and Settings\Patrice.PATRICE\Moje dokumenty\Downloads\delfix.exe
# Option [Recherche]


~~~~~~ Dossiers(s) ~~~~~~

Présent : C:\Qoobox
Présent : C:\_OTM
Présent : C:\ZHP
Présent : C:\Documents and Settings\All Users\Menu Start\Programy\ZHP
Présent : C:\Documents and Settings\Patrice.PATRICE\Pulpit\RK_Quarantine
Présent : C:\Program Files\ZHPDiag

~~~~~~ Fichier(s) ~~~~~~

Présent : C:\cleannavi.txt
Présent : C:\JavaRa.log
Présent : C:\ComboFix.txt
Présent : C:\Ad-Report-SCAN[4].txt
Présent : C:\PhysicalDisk0_MBR.bin
Présent : C:\UsbFix.txt
Présent : C:\FyK.txt
Présent : C:\Ad-Report-SCAN[2].txt
Présent : C:\Ad-Report-CLEAN[2].txt
Présent : C:\Ad-Report-SCAN[1].txt
Présent : C:\Ad-Report-CLEAN[1].txt
Présent : C:\UsbFix1.txt
Présent : C:\TDSSKiller.2.6.21.0_05.12.2011_12.27.41_log.txt
Présent : C:\Ad-Report-SCAN[3].txt
Présent : C:\Ad-Report-CLEAN[3].txt
Présent : C:\Documents and Settings\Patrice.PATRICE\Pulpit\Skrót do OTM.lnk
Présent : C:\Documents and Settings\Patrice.PATRICE\Pulpit\RKreport[5].txt
Présent : C:\Documents and Settings\Patrice.PATRICE\Pulpit\Ad-Remover.lnk
Présent : C:\Documents and Settings\Patrice.PATRICE\Pulpit\Skrót do ComboFix.lnk
Présent : C:\WINDOWS\grep.exe
Présent : C:\WINDOWS\PEV.exe
Présent : C:\WINDOWS\NIRCMD.exe
Présent : C:\WINDOWS\MBR.exe
Présent : C:\WINDOWS\SED.exe
Présent : C:\WINDOWS\SWREG.exe
Présent : C:\WINDOWS\SWSC.exe
Présent : C:\WINDOWS\SWXCACLS.exe
Présent : C:\WINDOWS\Zip.exe

~~~~~~ Registre ~~~~~~

Clé Présente : HKCU\Software\Ad-Remover
Clé Présente : HKCU\Software\USBFix
Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\ZHP
Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Ad-Remover
Clé Présente : HKLM\SOFTWARE\OldTimer Tools
Clé Présente : HKLM\SOFTWARE\AdwCleaner
Clé Présente : HKLM\SOFTWARE\Swearware
Clé Présente : HKLM\SOFTWARE\TrendMicro\Hijackthis
Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\USBFix
Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZHPDiag_is1
Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\combofix.exe

~~~~~~ Autres ~~~~~~


*************************

DelFix[R1].txt - [2541 octets] - [05/12/2011 16:12:10]

########## EOF - C:\DelFix[R1].txt - [2665 octets] ##########
0
PGPL Messages postés 67 Date d'inscription dimanche 26 juin 2011 Statut Membre Dernière intervention 9 décembre 2011
5 déc. 2011 à 17:24
vu qu'il n'y a pas d'amelioration, dois-je desinstaller avec delfix?
0
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
5 déc. 2011 à 18:03
oui vire tout avec delfix

puis remets un rapport OTL ou zhpdaig pour voir
0
PGPL Messages postés 67 Date d'inscription dimanche 26 juin 2011 Statut Membre Dernière intervention 9 décembre 2011
5 déc. 2011 à 19:18
Le menage a ete fait par delfix, je pense.
Apres 4 tentatives de zhpdiag et dont une en mode sans echec, l'ecran se fige lors de l'enregistrement du rapport et je suis oblige de rebooter donc plus de rapport.
Par contre otl fonctionne et le rapport suit

OTL logfile created on: 2011-12-05 19:10:44 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Patrice.PATRICE\Moje dokumenty\Downloads
Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1022,42 Mb Total Physical Memory | 694,62 Mb Available Physical Memory | 67,94% Memory free
2,40 Gb Paging File | 2,24 Gb Available in Paging File | 93,12% Paging File free
Paging file location(s): C:\pagefile.sys 1533 1533 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 14,95 Gb Total Space | 4,94 Gb Free Space | 33,08% Space Free | Partition Type: FAT32
Drive D: | 50,01 Gb Total Space | 29,83 Gb Free Space | 59,64% Space Free | Partition Type: NTFS
Drive E: | 84,08 Gb Total Space | 71,24 Gb Free Space | 84,73% Space Free | Partition Type: NTFS

Computer Name: PATRICE | User Name: Patrice | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========/color

PRC - [2011-12-05 08:46:12 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Patrice.PATRICE\Moje dokumenty\Downloads\OTL.exe
PRC - [2011-11-28 19:01:24 | 003,744,552 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011-11-28 19:01:24 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011-04-23 14:33:32 | 000,147,517 | ---- | M] (Soft4Ever) -- C:\Program Files\StatnPerf\StatnPerf.exe
PRC - [2004-08-04 00:44:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


[color=#E56717]========== Modules (No Company Name) ==========/color

MOD - [2011-12-04 17:46:48 | 001,642,496 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11120401\algo.dll
MOD - [2011-11-29 16:40:56 | 000,241,528 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11120401\aswRep.dll
MOD - [2001-10-28 17:42:30 | 000,116,224 | ---- | M] () -- C:\WINDOWS\system32\pdfcmnnt.dll


[color=#E56717]========== Win32 Services (SafeList) ==========/color

SRV - File not found [Auto | Stopped] -- -- (MBAMService)
SRV - [2011-11-28 19:01:24 | 000,127,192 | ---- | M] (AVAST Software) [Auto | Stopped] -- C:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
SRV - [2011-11-28 19:01:24 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010-07-06 14:07:34 | 000,030,016 | ---- | M] (TuneUp Software) [Disabled | Stopped] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp)
SRV - [2010-05-06 11:29:12 | 000,293,456 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2006-05-23 23:49:14 | 000,024,576 | ---- | M] (Syntek America Inc.) [Disabled | Stopped] -- C:\WINDOWS\system32\StkASv2K.exe -- (StkASSrv)


[color=#E56717]========== Driver Services (SafeList) ==========/color

DRV - [2011-11-28 18:54:38 | 000,111,320 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswFW.sys -- (aswFW)
DRV - [2011-11-28 18:53:54 | 000,435,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011-11-28 18:53:36 | 000,314,456 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011-11-28 18:53:22 | 000,195,416 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswNdis2.sys -- (aswNdis2)
DRV - [2011-11-28 18:52:20 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011-11-28 18:52:16 | 000,052,952 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011-11-28 18:52:02 | 000,111,320 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011-11-28 18:51:50 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011-11-28 18:48:50 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011-11-28 18:26:20 | 000,012,112 | ---- | M] (ALWIL Software) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\aswNdis.sys -- (aswNdis)
DRV - [2011-09-21 09:09:34 | 000,054,016 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2011-08-31 17:00:50 | 000,022,216 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011-07-29 13:54:56 | 000,013,192 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\epmntdrv.sys -- (epmntdrv)
DRV - [2011-07-29 13:54:56 | 000,008,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\EuGdiDrv.sys -- (EuGdiDrv)
DRV - [2010-08-09 19:46:08 | 000,005,112 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\GPCIDrv.sys -- (GPCIDrv)
DRV - [2010-04-28 10:37:12 | 000,305,312 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2010-03-18 11:02:32 | 000,028,624 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2010-03-18 11:02:08 | 000,037,328 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2010-03-18 11:01:52 | 000,038,864 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2010-03-18 11:01:12 | 000,010,448 | ---- | M] (Logitech, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\LBeepKE.sys -- (LBeepKE)
DRV - [2007-12-27 16:02:00 | 000,278,984 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2007-12-27 16:02:00 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2007-06-19 09:51:20 | 000,107,304 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s816mdm.sys -- (s816mdm)
DRV - [2007-06-19 09:51:18 | 000,099,112 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s816mgmt.sys -- (s816mgmt) Sony Ericsson Device 816 USB WMC Device Management Drivers (WDM)
DRV - [2007-06-19 09:51:18 | 000,097,704 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s816unic.sys -- (s816unic) Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (WDM)
DRV - [2007-06-19 09:51:18 | 000,097,320 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s816obex.sys -- (s816obex)
DRV - [2007-06-19 09:51:18 | 000,021,928 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s816nd5.sys -- (s816nd5) Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (NDIS)
DRV - [2007-06-19 09:51:18 | 000,013,864 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s816mdfl.sys -- (s816mdfl)
DRV - [2007-06-19 09:51:16 | 000,081,832 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s816bus.sys -- (s816bus) Sony Ericsson Device 816 driver (WDM)
DRV - [2006-09-27 11:01:36 | 000,241,628 | ---- | M] (Syntek America Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\StkAMini.sys -- (StkAMini)
DRV - [2006-08-02 14:44:04 | 000,004,772 | ---- | M] (Syntek America Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\StkScan.sys -- (StkScan)
DRV - [2005-07-20 14:28:02 | 000,274,567 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\M1000KNT.sys -- (M1000Srv)
DRV - [2005-05-25 04:07:32 | 001,198,080 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2005-04-13 12:34:02 | 000,414,464 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvapu.sys -- (nvnforce) Service for NVIDIA(R) nForce(TM)
DRV - [2005-04-13 12:32:42 | 000,053,376 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvax.sys -- (nvax) Service for NVIDIA(R) nForce(TM)
DRV - [2005-01-12 01:31:26 | 002,284,864 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2005-01-12 00:32:20 | 000,087,936 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvatabus.sys -- (nvatabus)
DRV - [2005-01-12 00:32:14 | 000,012,928 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2004-08-03 23:00:06 | 000,149,376 | ---- | M] (M-Systems) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\tffsport.sys -- (tffsport)
DRV - [2004-05-02 10:47:08 | 000,023,040 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\GVCplDrv.sys -- (GVCplDrv)
DRV - [2001-08-17 21:51:32 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\irsir.sys -- (irsir)


[color=#E56717]========== Standard Registry (SafeList) ==========/color


[color=#E56717]========== Internet Explorer ==========/color

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search bar = http://www.bing.com/spresults.aspx
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-117609710-583907252-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.pl/?gws_rd=ssl
IE - HKU\S-1-5-21-117609710-583907252-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: E:\java\bin\new_plugin\npjp2.dll File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60129.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF - HKLM\Software\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files\Yahoo!\Common\npyaxmpb.dll (Yahoo! Inc.)
FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Patrice.PATRICE\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Patrice.PATRICE\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)


[2011-03-14 15:15:06 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Patrice.PATRICE\Dane aplikacji\Mozilla\Extensions

[color=#E56717]========== Chrome ==========/color

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Patrice.PATRICE\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\15.0.874.121\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.1.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.1.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.1.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.1.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.1.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.1.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.1.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java(TM) Platform SE 6 U13 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.0.60129.0\npctrl.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Patrice.PATRICE\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\15.0.874.121\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Patrice.PATRICE\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\15.0.874.121\pdf.dll
CHR - plugin: Triscape FxFoto Control and Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPFxViewer.dll
CHR - plugin: Windows Genuine Advantage (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll
CHR - plugin: PDF-XChange Viewer (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npPDFXCviewNPPlugin.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Patrice.PATRICE\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Yahoo! activeX Plug-in Bridge (Enabled) = C:\Program Files\Yahoo!\Common\npyaxmpb.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: avast! WebRep = C:\Documents and Settings\Patrice.PATRICE\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\6.0.1367_0\

O1 HOSTS File: ([2011-12-05 13:06:16 | 000,000,021 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Stat 'n' Perf] C:\Program Files\StatnPerf\StatnPerf.exe (Soft4Ever)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-117609710-583907252-725345543-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-117609710-583907252-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-117609710-583907252-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-117609710-583907252-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Download with &Media Finder - C:\Program Files\Media Finder\hook.html File not found
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\java\bin\npjpi160_29.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Wy?lij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Wy?lij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Value error. File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {32505657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/0/A/9/0A9F8B32-9F8C-4D74-A130-E4CAB36EB01F/wmvadvd.cab (Reg Error: Value error.)
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (Reg Error: Value error.)
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} http://www.ma-config.com/plugins/MaConfig_4_2_1_0.cab (Reg Error: Value error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{25082E3A-F25A-4981-BC83-2422236BB1D4}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O24 - Desktop Components:0 (Moja bie??ca strona g?ówna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Patrice.PATRICE\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Patrice.PATRICE\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007-10-11 13:24:46 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2011-12-03 20:51:34 | 000,000,000 | R--D | M] - C:\Autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2010-06-15 09:03:26 | 000,009,263 | ---- | M] () - C:\AutoMapaSetupLog.txt -- [ FAT32 ]
O32 - AutoRun File - [2011-05-10 08:40:00 | 000,000,000 | ---D | M] - D:\auto -- [ NTFS ]
O32 - AutoRun File - [2011-12-03 20:51:32 | 000,000,000 | R--D | M] - D:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2011-05-10 08:36:50 | 000,000,000 | ---D | M] - E:\auto -- [ NTFS ]
O32 - AutoRun File - [2010-06-25 10:30:38 | 000,000,000 | ---D | M] - E:\AutoMapa -- [ NTFS ]
O32 - AutoRun File - [2010-06-19 19:03:00 | 000,524,437 | ---- | M] () - E:\Automapa_v5_install_guide_FR.pdf -- [ NTFS ]
O32 - AutoRun File - [2011-12-03 20:51:32 | 000,000,000 | R--D | M] - E:\Autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (B)
O34 - HKLM BootExecute: (aswBoot.exe /M:56357abc2)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========/color

[2011-12-05 18:33:24 | 000,000,000 | ---D | C] -- C:\ZHP
[2011-12-05 18:33:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\ZHP
[2011-12-05 18:33:04 | 000,000,000 | ---D | C] -- C:\Program Files\ZHPDiag
[2011-12-05 16:44:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\XP TCPIP Repair
[2011-12-04 21:05:05 | 000,000,000 | -HSD | C] -- C:\Recycled
[2011-12-04 10:05:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2011-12-04 10:00:48 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011-12-03 20:51:32 | 000,000,000 | R--D | C] -- C:\Autorun.inf
[2011-12-03 19:43:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Sun
[2011-12-03 19:43:40 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2011-12-02 13:03:25 | 000,000,000 | ---D | C] -- C:\BackUpcanneds
[2011-12-02 10:37:30 | 000,111,320 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFW.sys
[2011-12-02 10:37:23 | 000,195,416 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswNdis2.sys
[2011-12-02 10:37:18 | 000,012,112 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswNdis.sys
[2011-12-02 09:03:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Patrice.PATRICE\Menu Start\Programy\Google Chrome
[2011-12-01 19:38:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\avast! Internet Security
[2011-12-01 19:32:27 | 000,435,032 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011-12-01 19:32:27 | 000,314,456 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011-12-01 19:32:27 | 000,111,320 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011-12-01 19:32:27 | 000,105,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011-12-01 19:32:27 | 000,052,952 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011-12-01 19:32:27 | 000,034,392 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011-12-01 19:32:27 | 000,030,808 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011-12-01 19:32:27 | 000,020,568 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011-12-01 19:32:17 | 000,199,816 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011-12-01 19:32:17 | 000,041,184 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011-12-01 19:32:07 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011-12-01 19:32:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software
[2011-12-01 17:01:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\WinPatrol
[2011-12-01 17:01:00 | 000,000,000 | ---D | C] -- C:\Program Files\BillP Studios
[2011-12-01 17:00:38 | 000,304,128 | ---- | C] (InstallShield Corporation, Inc.) -- C:\WINDOWS\unin040c.exe
[2011-12-01 14:31:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\KeyFinder
[2011-12-01 13:53:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Patrice.PATRICE\Dane aplikacji\InfraRecorder
[2011-11-29 14:12:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\CPA_VA
[2011-11-29 13:03:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Patrice.PATRICE\Menu Start\Programy\Ad-Remover
[2011-11-28 20:17:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Patrice.PATRICE\Ustawienia lokalne\Dane aplikacji\Adobe
[2011-11-28 14:36:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Patrice.PATRICE\Moje dokumenty\Simply Super Software
[2011-11-28 14:35:57 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\olepro32.dll
[2011-11-28 12:06:45 | 000,000,000 | ---D | C] -- C:\Program Files\RegCleaner
[2011-11-28 08:53:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Patrice.PATRICE\Dane aplikacji\Colasoft Packet Builder
[2011-11-28 08:35:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Colasoft Shared
[2011-11-28 08:35:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Patrice.PATRICE\Dane aplikacji\Colasoft MAC Scanner
[2011-11-28 08:35:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Colasoft Capsa 7 - Enterprise Edition Demo
[2011-11-27 16:55:17 | 000,000,000 | ---D | C] -- C:\Program Files\Unlocker
[2011-11-27 16:55:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Patrice.PATRICE\Menu Start\Programy\Unlocker
[2011-11-27 10:35:27 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Patrice.PATRICE\Menu Start\Programy\Narz?dzia administracyjne
[2011-11-27 07:05:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Malwarebytes' Anti-Malware
[2011-11-27 07:05:37 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011-11-25 19:52:42 | 000,000,000 | ---D | C] -- C:\VritualRoot
[2011-11-25 19:42:57 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Filseclab
[2011-11-24 20:56:33 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Patrice.PATRICE\Recent
[2011-11-24 19:16:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\COMODO
[2011-11-21 17:46:08 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2011-11-12 10:37:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Patrice.PATRICE\Ustawienia lokalne\Dane aplikacji\Help
[2011-11-12 10:37:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Patrice.PATRICE\Dane aplikacji\Help

[color=#E56717]========== Files - Modified Within 30 Days ==========/color

[2011-12-05 19:07:32 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011-12-05 18:33:14 | 000,000,577 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\MBRCheck.lnk
[2011-12-05 18:33:14 | 000,000,570 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\ZHPDiag.lnk
[2011-12-05 18:33:14 | 000,000,565 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\ZHPFix.lnk
[2011-12-05 13:08:22 | 000,111,872 | ---- | M] () -- C:\WINDOWS\System32\drivers\TrueSight.sys
[2011-12-05 08:47:38 | 000,000,858 | ---- | M] () -- C:\Documents and Settings\Patrice.PATRICE\Pulpit\Skrót do OTL.lnk
[2011-12-04 10:00:50 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2011-12-03 18:44:44 | 000,196,960 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011-12-03 15:07:42 | 000,000,327 | ---- | M] () -- C:\Boot.bak
[2011-12-02 10:37:24 | 000,002,644 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011-12-02 09:03:40 | 000,002,284 | ---- | M] () -- C:\Documents and Settings\Patrice.PATRICE\Pulpit\Google Chrome.lnk
[2011-12-01 19:38:44 | 000,001,593 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\avast! Internet Security.lnk
[2011-12-01 18:44:28 | 000,114,937 | ---- | M] () -- C:\WINDOWS\cscmondump.bin
[2011-11-30 11:59:28 | 000,000,896 | ---- | M] () -- C:\Documents and Settings\Patrice.PATRICE\Pulpit\Skrót do aswclear.lnk
[2011-11-30 08:51:12 | 001,474,832 | ---- | M] () -- C:\WINDOWS\System32\drivers\sfi.dat
[2011-11-28 19:01:26 | 000,041,184 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011-11-28 19:01:24 | 000,199,816 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011-11-28 18:54:38 | 000,111,320 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFW.sys
[2011-11-28 18:53:54 | 000,435,032 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011-11-28 18:53:36 | 000,314,456 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011-11-28 18:53:22 | 000,195,416 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswNdis2.sys
[2011-11-28 18:52:20 | 000,034,392 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011-11-28 18:52:16 | 000,052,952 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011-11-28 18:52:02 | 000,111,320 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011-11-28 18:52:00 | 000,105,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011-11-28 18:51:50 | 000,020,568 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011-11-28 18:48:50 | 000,030,808 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011-11-28 18:26:20 | 000,012,112 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswNdis.sys
[2011-11-28 12:06:48 | 000,000,549 | ---- | M] () -- C:\Documents and Settings\Patrice.PATRICE\Pulpit\RegCleaner.lnk
[2011-11-28 10:02:10 | 010,392,513 | ---- | M] () -- C:\Documents and Settings\Patrice.PATRICE\Moje dokumenty\Packets.cscpkt
[2011-11-28 09:25:58 | 000,202,563 | ---- | M] () -- C:\Documents and Settings\Patrice.PATRICE\Ustawienia lokalne\Dane aplikacji\census.cache
[2011-11-28 09:25:32 | 000,174,238 | ---- | M] () -- C:\Documents and Settings\Patrice.PATRICE\Ustawienia lokalne\Dane aplikacji\ars.cache
[2011-11-28 09:06:32 | 000,000,036 | ---- | M] () -- C:\Documents and Settings\Patrice.PATRICE\Ustawienia lokalne\Dane aplikacji\housecall.guid.cache
[2011-11-27 20:29:10 | 000,000,646 | ---- | M] () -- C:\Documents and Settings\Patrice.PATRICE\Pulpit\ArcaVirMicroScan.lnk
[2011-11-27 19:44:10 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011-11-27 17:37:58 | 000,000,628 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk
[2011-11-25 21:06:44 | 000,006,292 | ---- | M] () -- C:\WINDOWS\System32\cfrmd.PNF
[2011-11-25 21:03:02 | 000,001,188 | ---- | M] () -- C:\WINDOWS\csdf.dat
[2011-11-25 21:03:02 | 000,000,512 | ---- | M] () -- C:\WINDOWS\csdf_sdum.dat
[2011-11-25 21:03:02 | 000,000,160 | ---- | M] () -- C:\WINDOWS\crpf.bin
[2011-11-25 21:01:54 | 000,000,158 | ---- | M] () -- C:\WINDOWS\crpf_sdum.bin
[2011-11-25 16:19:08 | 000,000,615 | ---- | M] () -- C:\Documents and Settings\Patrice.PATRICE\Pulpit\Revo Uninstaller.lnk
[2011-11-23 16:56:16 | 000,000,133 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2011-11-23 13:56:28 | 000,000,145 | ---- | M] () -- C:\WINDOWS\Eudcedit.ini
[2011-11-22 16:13:26 | 000,000,082 | ---- | M] () -- C:\Documents and Settings\Patrice.PATRICE\Moje dokumenty\cc_20111122_161322.reg
[2011-11-22 08:35:56 | 000,000,788 | ---- | M] () -- C:\Documents and Settings\Patrice.PATRICE\Moje dokumenty\cc_20111122_083541.reg
[2011-11-20 18:43:10 | 000,002,262 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[color=#E56717]========== Files Created - No Company Name ==========/color

[2011-12-05 18:33:13 | 000,000,577 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\MBRCheck.lnk
[2011-12-05 18:33:13 | 000,000,570 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\ZHPDiag.lnk
[2011-12-05 18:33:13 | 000,000,565 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\ZHPFix.lnk
[2011-12-05 13:03:30 | 000,111,872 | ---- | C] () -- C:\WINDOWS\System32\drivers\TrueSight.sys
[2011-12-05 08:47:37 | 000,000,858 | ---- | C] () -- C:\Documents and Settings\Patrice.PATRICE\Pulpit\Skrót do OTL.lnk
[2011-12-02 09:03:38 | 000,002,284 | ---- | C] () -- C:\Documents and Settings\Patrice.PATRICE\Pulpit\Google Chrome.lnk
[2011-12-01 19:38:42 | 000,001,593 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\avast! Internet Security.lnk
[2011-12-01 18:44:27 | 000,114,937 | ---- | C] () -- C:\WINDOWS\cscmondump.bin
[2011-11-30 11:59:27 | 000,000,896 | ---- | C] () -- C:\Documents and Settings\Patrice.PATRICE\Pulpit\Skrót do aswclear.lnk
[2011-11-28 14:27:15 | 000,077,312 | ---- | C] () -- C:\WINDOWS\System32\ztvunace26.dll
[2011-11-28 12:06:46 | 000,000,549 | ---- | C] () -- C:\Documents and Settings\Patrice.PATRICE\Pulpit\RegCleaner.lnk
[2011-11-28 09:25:57 | 000,202,563 | ---- | C] () -- C:\Documents and Settings\Patrice.PATRICE\Ustawienia lokalne\Dane aplikacji\census.cache
[2011-11-28 09:25:30 | 000,174,238 | ---- | C] () -- C:\Documents and Settings\Patrice.PATRICE\Ustawienia lokalne\Dane aplikacji\ars.cache
[2011-11-28 09:07:33 | 010,392,513 | ---- | C] () -- C:\Documents and Settings\Patrice.PATRICE\Moje dokumenty\Packets.cscpkt
[2011-11-28 09:06:31 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Patrice.PATRICE\Ustawienia lokalne\Dane aplikacji\housecall.guid.cache
[2011-11-27 20:29:08 | 000,000,646 | ---- | C] () -- C:\Documents and Settings\Patrice.PATRICE\Pulpit\ArcaVirMicroScan.lnk
[2011-11-27 17:37:56 | 000,000,628 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk
[2011-11-25 21:06:37 | 000,006,292 | ---- | C] () -- C:\WINDOWS\System32\cfrmd.PNF
[2011-11-25 21:02:14 | 000,001,188 | ---- | C] () -- C:\WINDOWS\csdf.dat
[2011-11-25 21:02:14 | 000,000,512 | ---- | C] () -- C:\WINDOWS\csdf_sdum.dat
[2011-11-25 21:01:53 | 000,000,160 | ---- | C] () -- C:\WINDOWS\crpf.bin
[2011-11-25 21:01:53 | 000,000,158 | ---- | C] () -- C:\WINDOWS\crpf_sdum.bin
[2011-11-25 16:19:06 | 000,000,615 | ---- | C] () -- C:\Documents and Settings\Patrice.PATRICE\Pulpit\Revo Uninstaller.lnk
[2011-11-25 13:53:59 | 001,474,832 | ---- | C] () -- C:\WINDOWS\System32\drivers\sfi.dat
[2011-11-25 06:48:29 | 000,196,960 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011-11-23 17:01:34 | 000,006,200 | ---- | C] () -- C:\WINDOWS\System32\INT13EXT.VXD
[2011-11-23 16:56:13 | 000,000,133 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2011-11-23 13:56:27 | 000,000,145 | ---- | C] () -- C:\WINDOWS\Eudcedit.ini
[2011-11-22 16:13:24 | 000,000,082 | ---- | C] () -- C:\Documents and Settings\Patrice.PATRICE\Moje dokumenty\cc_20111122_161322.reg
[2011-11-22 08:35:45 | 000,000,788 | ---- | C] () -- C:\Documents and Settings\Patrice.PATRICE\Moje dokumenty\cc_20111122_083541.reg
[2011-09-18 07:30:55 | 002,469,760 | ---- | C] () -- C:\WINDOWS\System32\BootMan.exe
[2011-09-18 07:30:55 | 000,086,408 | ---- | C] () -- C:\WINDOWS\System32\setupempdrv03.exe
[2011-09-18 07:30:55 | 000,019,840 | ---- | C] () -- C:\WINDOWS\System32\EuEpmGdi.dll
[2011-09-18 07:30:55 | 000,013,192 | ---- | C] () -- C:\WINDOWS\System32\epmntdrv.sys
[2011-09-18 07:30:55 | 000,008,456 | ---- | C] () -- C:\WINDOWS\System32\EuGdiDrv.sys
[2011-08-14 19:54:42 | 000,378,258 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-S-1-5-21-117609710-583907252-725345543-1003-0.dat
[2011-08-14 19:54:40 | 000,189,266 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-System.dat
[2011-08-14 19:52:25 | 000,000,082 | ---- | C] () -- C:\WINDOWS\PhEdit.INI
[2011-08-10 16:10:18 | 000,031,053 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern131.dat
[2011-08-10 16:10:18 | 000,027,417 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern121.dat
[2011-08-10 16:10:18 | 000,024,903 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat
[2011-08-10 16:10:18 | 000,021,390 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat
[2011-08-10 16:10:18 | 000,020,148 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat
[2011-08-10 16:10:18 | 000,011,811 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat
[2011-08-10 16:10:18 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat
[2011-08-10 16:10:18 | 000,001,146 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_DU.dat
[2011-08-10 16:10:18 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat
[2011-08-10 16:10:18 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat
[2011-08-10 16:10:18 | 000,001,136 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat
[2011-08-10 16:10:18 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat
[2011-08-10 16:10:18 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat
[2011-08-10 16:10:18 | 000,001,120 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_IT.dat
[2011-08-10 16:10:18 | 000,001,107 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_GE.dat
[2011-08-10 16:10:18 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat
[2011-06-27 08:50:02 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Patrice.PATRICE\Dane aplikacji\.googlewebacchosts
[2011-04-18 17:07:14 | 000,002,560 | ---- | C] () -- C:\WINDOWS\_MSRSTRT.EXE
[2011-04-18 11:38:49 | 000,002,057 | ---- | C] () -- C:\WINDOWS\EXTRADNS.INI
[2011-03-15 10:42:41 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\Patrice.PATRICE\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-03-14 15:22:38 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Patrice.PATRICE\Dane aplikacji\$_hpcst$.hpc
[2011-03-03 13:59:35 | 000,000,022 | ---- | C] () -- C:\WINDOWS\popcinfot.dat
[2011-01-22 15:37:14 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2011-01-11 11:10:26 | 000,000,068 | --S- | C] () -- C:\WINDOWS\System32\windzfa0.sys
[2010-11-15 16:48:11 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\NetworkService\Dane aplikacji\$_hpcst$.hpc
[2010-11-08 16:49:10 | 000,016,968 | ---- | C] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys
[2010-11-03 17:40:26 | 000,117,088 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat
[2010-09-28 12:21:01 | 000,093,878 | R--- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2010-09-24 12:54:10 | 000,002,576 | ---- | C] () -- C:\WINDOWS\System32\ASOROSet.bin
[2010-09-23 15:47:47 | 000,000,130 | ---- | C] () -- C:\WINDOWS\cfplogvw.INI
[2010-09-22 17:02:50 | 000,000,159 | ---- | C] () -- C:\WINDOWS\MyDrivers.ini
[2010-08-31 16:55:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\HPMProp.INI
[2010-08-31 10:59:57 | 000,000,111 | ---- | C] () -- C:\WINDOWS\System32\sysinter.drv
[2010-08-30 14:07:14 | 000,000,282 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft.SqlServer.Compact.351.32.bc
[2010-08-30 12:07:34 | 000,000,034 | ---- | C] () -- C:\WINDOWS\System32\InternetAccelerator_sysquict.dat
[2010-08-26 13:06:16 | 000,000,155 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010-08-24 13:37:00 | 000,000,022 | -HS- | C] () -- C:\WINDOWS\Sys3390 SettingsCollection.bin
[2010-08-09 17:06:41 | 000,005,112 | ---- | C] () -- C:\WINDOWS\GPCIDrv.sys
[2010-08-09 15:44:02 | 000,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2010-08-08 16:37:52 | 000,023,040 | R--- | C] () -- C:\WINDOWS\System32\drivers\GVCplDrv.sys
[2010-06-26 19:38:31 | 005,653,224 | ---- | C] () -- C:\WINDOWS\System32\SpoonUninstall.exe
[2010-06-26 16:27:45 | 000,044,544 | ---- | C] () -- C:\WINDOWS\System32\GIF89.DLL
[2010-06-26 16:27:30 | 000,484,352 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2010-03-29 21:53:53 | 000,323,072 | ---- | C] () -- C:\WINDOWS\System32\WgaTray.exe
[2010-03-29 21:53:53 | 000,190,976 | ---- | C] () -- C:\WINDOWS\System32\WgaLogon.dll
[2009-12-29 10:50:56 | 000,015,190 | ---- | C] () -- C:\WINDOWS\M1000Twn.ini
[2009-12-29 10:50:55 | 000,274,567 | ---- | C] () -- C:\WINDOWS\System32\drivers\M1000KNT.sys
[2009-12-29 10:50:55 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\M1000DIF.dll
[2009-12-29 10:50:55 | 000,003,716 | R--- | C] () -- C:\WINDOWS\System32\drivers\C10H3111.bin
[2009-12-29 10:50:55 | 000,003,716 | R--- | C] () -- C:\WINDOWS\System32\drivers\C10H2111.bin
[2009-12-29 10:50:55 | 000,003,716 | R--- | C] () -- C:\WINDOWS\System32\drivers\C10H0121.bin
[2009-12-29 10:50:55 | 000,003,716 | R--- | C] () -- C:\WINDOWS\System32\drivers\C10H0111.bin
[2009-12-29 10:50:55 | 000,003,716 | R--- | C] () -- C:\WINDOWS\System32\drivers\C10F3111.bin
[2009-12-29 10:50:55 | 000,003,716 | R--- | C] () -- C:\WINDOWS\System32\drivers\C10F2111.bin
[2009-12-29 10:50:55 | 000,003,716 | R--- | C] () -- C:\WINDOWS\System32\drivers\C10F0121.bin
[2009-12-29 10:50:55 | 000,003,716 | R--- | C] () -- C:\WINDOWS\System32\drivers\C10F0111.bin
[2009-11-23 16:58:56 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2009-08-28 11:39:42 | 000,000,052 | ---- | C] () -- C:\WINDOWS\Relax.ini
[2009-04-02 15:40:36 | 000,000,056 | ---- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2008-05-27 00:39:21 | 000,000,018 | ---- | C] () -- C:\WINDOWS\nsreg2.dat
[2008-03-17 14:04:36 | 000,000,252 | ---- | C] () -- C:\WINDOWS\dao.ini
[2008-03-17 13:42:03 | 000,000,107 | ---- | C] () -- C:\WINDOWS\oledao95.ini
[2007-12-27 16:01:59 | 000,278,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2007-12-27 16:01:58 | 000,025,416 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2007-11-03 15:18:18 | 000,000,081 | -HS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\.zreglib
[2007-10-25 20:16:20 | 000,111,932 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat
[2007-10-25 20:16:20 | 000,026,154 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat
[2007-10-25 20:16:20 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2007-10-21 11:00:30 | 000,113,017 | ---- | C] () -- C:\WINDOWS\hpoins07.dat
[2007-10-21 11:00:30 | 000,021,124 | ---- | C] () -- C:\WINDOWS\hpomdl07.dat
[2007-10-14 16:08:49 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2007-10-14 10:17:32 | 000,000,169 | ---- | C] () -- C:\WINDOWS\RtlRack.ini
[2007-10-14 10:07:25 | 000,156,672 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2007-10-14 10:07:24 | 000,040,448 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2007-10-13 12:21:22 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2007-10-13 12:20:17 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2007-10-11 23:10:38 | 000,000,802 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2007-10-11 22:13:47 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2007-10-11 21:45:15 | 000,004,212 | ---- | C] () -- C:\WINDOWS\System32\zllictbl.dat
[2007-10-11 21:33:36 | 000,000,305 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\addr_file.html
[2007-10-11 14:00:14 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2007-10-11 13:26:35 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2007-10-11 13:22:33 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2007-10-11 13:15:08 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004-08-02 14:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2001-10-26 17:30:20 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2001-10-26 16:15:16 | 000,564,792 | ---- | C] () -- C:\WINDOWS\System32\perfh015.dat
[2001-10-26 16:15:16 | 000,313,828 | ---- | C] () -- C:\WINDOWS\System32\perfi015.dat
[2001-10-26 16:15:16 | 000,109,232 | ---- | C] () -- C:\WINDOWS\System32\perfc015.dat
[2001-10-26 16:15:16 | 000,034,990 | ---- | C] () -- C:\WINDOWS\System32\perfd015.dat
[2001-08-23 13:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001-08-23 13:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001-08-17 21:30:24 | 000,501,822 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001-08-17 21:30:24 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001-08-17 21:30:24 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001-08-17 21:30:22 | 000,087,346 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001-08-17 21:15:38 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001-07-22 02:41:32 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2001-07-21 22:36:48 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001-07-21 22:36:04 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001-07-21 22:24:16 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2001-07-06 15:30:02 | 000,003,234 | ---- | C] () -- C:\WINDOWS\System32\HPTCPMON.INI

[color=#E56717]========== LOP Check ==========/color

[2009-01-06 09:15:26 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{55A29068-F2CE-456C-9148-C869879E2357}
[2009-01-06 09:16:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TuneUp Software
[2009-09-30 13:26:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ulead Systems
[2010-08-10 13:53:42 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2010-09-21 13:22:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\IObit
[2010-09-22 17:02:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\inf
[2010-09-22 18:15:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Drivers HeadQuarters
[2011-08-14 17:17:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Panasonic
[2011-11-28 08:35:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Colasoft Capsa 7 - Enterprise Edition Demo
[2011-11-29 14:13:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\CPA_VA
[2011-12-01 19:32:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software
[2007-10-11 23:58:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrice\Dane aplikacji\Kamerzysta
[2007-10-25 20:16:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrice\Dane aplikacji\Panasonic
[2007-11-05 13:14:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrice\Dane aplikacji\gtk-2.0
[2008-03-10 17:24:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrice\Dane aplikacji\Anuman Interactive
[2008-03-21 13:37:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrice\Dane aplikacji\Leadertech
[2009-03-16 15:48:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrice\Dane aplikacji\GlarySoft
[2009-10-17 15:34:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrice\Dane aplikacji\VSO
[2009-11-23 09:20:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrice\Dane aplikacji\DeviceDoctorSoftware
[2009-12-16 20:39:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrice\Dane aplikacji\BleachBit
[2010-05-09 16:33:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrice\Dane aplikacji\Babylon
[2010-06-26 13:08:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrice\Dane aplikacji\FreeAudioPack
[2010-06-26 16:27:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrice\Dane aplikacji\FreeBurner
[2010-06-29 17:00:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrice\Dane aplikacji\COWON
[2010-08-31 12:35:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrice\Dane aplikacji\Easeware
[2010-09-21 12:49:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrice\Dane aplikacji\IObit
[2010-09-22 19:04:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrice\Dane aplikacji\URSoft
[2010-09-27 19:24:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrice\Dane aplikacji\GetRightToGo
[2010-10-31 07:17:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrice\Dane aplikacji\Audacity
[2010-11-23 12:30:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrice\Dane aplikacji\YcanPDF
[2011-01-08 14:52:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrice\Dane aplikacji\thecleaner
[2011-03-15 14:40:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrice.PATRICE\Dane aplikacji\IObit
[2011-12-01 13:53:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrice.PATRICE\Dane aplikacji\InfraRecorder
[2011-03-17 10:51:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrice.PATRICE\Dane aplikacji\VSRevoGroup
[2011-03-17 14:17:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrice.PATRICE\Dane aplikacji\Auslogics
[2011-03-25 09:50:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrice.PATRICE\Dane aplikacji\GlarySoft
[2011-04-10 15:14:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrice.PATRICE\Dane aplikacji\VSO
[2011-04-10 15:22:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrice.PATRICE\Dane aplikacji\ObviousIdea
[2011-04-13 19:53:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrice.PATRICE\Dane aplikacji\Uniblue
[2011-05-09 09:39:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrice.PATRICE\Dane aplikacji\COWON
[2011-09-18 10:15:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrice.PATRICE\Dane aplikacji\GetRightToGo
[2011-10-13 14:00:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrice.PATRICE\Dane aplikacji\TransMemory_Secure
[2011-11-28 08:35:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrice.PATRICE\Dane aplikacji\Colasoft MAC Scanner
[2011-11-28 08:53:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Patrice.PATRICE\Dane aplikacji\Colasoft Packet Builder
[2011-12-05 18:52:24 | 000,032,560 | ---- | M] () -- C:\WINDOWS\Tasks\SCHEDLGU.TXT

[color=#E56717]========== Purity Check ==========/color



< End of report >
0
PGPL Messages postés 67 Date d'inscription dimanche 26 juin 2011 Statut Membre Dernière intervention 9 décembre 2011
5 déc. 2011 à 19:22
J'ai aussi un extras.txt

OTL Extras logfile created on: 2011-12-05 19:10:44 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Patrice.PATRICE\Moje dokumenty\Downloads
Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1022,42 Mb Total Physical Memory | 694,62 Mb Available Physical Memory | 67,94% Memory free
2,40 Gb Paging File | 2,24 Gb Available in Paging File | 93,12% Paging File free
Paging file location(s): C:\pagefile.sys 1533 1533 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 14,95 Gb Total Space | 4,94 Gb Free Space | 33,08% Space Free | Partition Type: FAT32
Drive D: | 50,01 Gb Total Space | 29,83 Gb Free Space | 59,64% Space Free | Partition Type: NTFS
Drive E: | 84,08 Gb Total Space | 71,24 Gb Free Space | 84,73% Space Free | Partition Type: NTFS

Computer Name: PATRICE | User Name: Patrice | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-117609710-583907252-725345543-1003\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" /S
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[color=#E56717]========== System Restore Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"48113:TCP" = 48113:TCP:LocalSubNet:Enabled:maconfig_tcp
"48113:UDP" = 48113:UDP:LocalSubNet:Enabled:maconfig_udp
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"D:\HP\Digital Imaging\bin\hpofxm08.exe" = D:\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Co.)
"D:\HP\Digital Imaging\bin\hposfx08.exe" = D:\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Co.)
"D:\HP\Digital Imaging\bin\hposid01.exe" = D:\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"D:\HP\Digital Imaging\bin\hpqCopy.exe" = D:\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe -- (Hewlett-Packard Co.)
"D:\HP\Digital Imaging\bin\hpfccopy.exe" = D:\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard)
"D:\HP\Digital Imaging\bin\hpzwiz01.exe" = D:\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Co.)
"D:\HP\Digital Imaging\Unload\HpqPhUnl.exe" = D:\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe -- ()
"D:\HP\Digital Imaging\Unload\HpqDIA.exe" = D:\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe -- ( )
"D:\HP\Digital Imaging\bin\hpoews01.exe" = D:\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\WINDOWS\system32\HPZipm12.exe" = C:\WINDOWS\system32\HPZipm12.exe:*:Enabled:ENABLE -- (HP)
"C:\WINDOWS\SOUNDMAN.EXE" = C:\WINDOWS\SOUNDMAN.EXE:*:Enabled:ENABLE -- (Realtek Semiconductor Corp.)
"C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe" = C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe:*:Enabled:ENABLE -- (NVIDIA Corporation)


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = VC 9.0 Runtime
"{03B1B42B-F6DE-41d9-8CFF-DC44E895C7A7}" = PhotoGallery
"{0611BD4E-4FE4-4a62-B0C0-18A4CC463428}" = CP_Package_Variety1
"{09984AEC-6B9F-4ca7-B78D-CB44D4771DA3}" = Destinations
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0B33B738-AD79-4E32-90C5-E67BFB10BBFF}" = AiO_Scan
"{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}" = OpenOffice.org Installer 1.0
"{133742BA-6F46-4D3E-85AF-78631D9AD8B8}" = Installation Windows Live
"{15EE79F4-4ED1-4267-9B0F-351009325D7D}" = HP Software Update
"{172975EB-9465-4861-95B5-C7BB6D3DE62A}" = DocumentViewer
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1C139D7D-9FEA-468d-A9C8-2A6E3BDE564A}" = CP_Package_Variety3
"{1E04F83B-2AB9-4301-9EF7-E86307F79C72}" = Google Earth
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{23A7B376-BBEC-4e76-BBD7-0F155E70D74B}" = CP_Panorama1Config
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 29
"{2AFF2951-86B1-3C53-B34D-B440F11E7D0A}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - PLK
"{2CADCEAB-D5DA-44D6-B5FC-7DEE87AB3C0C}" = Unload
"{30C19FF2-7FBA-4d09-B9DE-1659977F64F6}" = TrayApp
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{321320E1-0E5A-36CB-9E52-F3B201B8C4D4}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{32BDCCB8-9DC8-496d-9DB1-F77510775BDB}" = InstantShareDevices
"{350C97C2-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36E47DA1-10E1-45d9-8B19-14D19607CDCF}" = CP_CalendarTemplates1
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{445B183D-F4F1-45C8-B9DB-F11355CA657B}" = Windows Live Messenger
"{53EE9E42-CECB-4C92-BF76-9CA65DAF8F1C}" = FullDPAppQFolder
"{54E3707F-808E-4fd4-95C9-15D1AB077E5D}" = NewCopy
"{56A648C2-D185-46A9-BBFF-78AE7A501000}" = USB2.0 Web Camera
"{56EE8B17-8274-418d-89AC-C057C5DB251E}" = RandMap
"{56F8AFC3-FA98-4ff1-9673-8A026CBF85BE}" = WebReg
"{5A01C58E-B0EC-49b9-AD71-7C0468688087}" = CP_Package_Basic1
"{5A0DDC27-88E5-3CAD-BC3D-28FFD05CA6B9}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - PLK
"{5B622B7A-60FB-4630-B11D-F121D20BCCD6}" = MarketResearch
"{5B79CFD1-6845-4158-9D7D-6BE89DF2C135}" = HP PSC & OfficeJet 5.3.B
"{5C19E2DC-4CCF-3114-B40A-6E565987025F}" = Microsoft .NET Framework 4 Extended PLK Language Pack
"{5E863175-E85D-44A6-8968-82507D34AE7F}" = QuickTime
"{5F26311C-B135-4F7F-B11E-8E650F83651E}" = DeviceFunctionQFolder
"{60FFB3E0-6D5B-4D73-AE5B-07E58B83AF0C}" = 32 Bit HP CIO Components Installer
"{64CB2553-C109-4132-AA51-1F421B515FD1}" = Microsoft .NET Framework 1.1 Polish Language Pack
"{65248369-7CB9-43A9-82C8-C438AE04DED4}" = 1500
"{66BA8C26-AFE4-4408-807B-43E76B57EF53}" = SkinsHP1
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B3CA80E-6AC0-4725-BABF-9B0FEF880CB3}" = Power Tab Editor 1.7
"{6BB6627C-694F-4FDC-A3E5-C7F4BED4C724}" = DocProc
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{7850A6D2-CBEA-4728-9877-F1BEDEA9F619}" = AiOSoftware
"{7C03270C-4FAB-4F5C-B10D-52FEDA190790}" = DocumentViewerQFolder
"{7C9B95B7-B598-4398-B30F-7F6827192E6C}" = ProductContext
"{7E27304E-BAA2-4d90-A34E-76641FAFABB4}" = CP_AtenaShokunin1Config
"{81E06318-EEB9-4D55-8CD5-7AC9148D5E66}" = 1500_Help
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D273DE5-ABFA-4BD0-A9D7-EE9C971438C4}_is1" = PDF-Viewer
"{90120000-0010-0415-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Polish) 12
"{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007
"{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007
"{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007
"{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007
"{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007
"{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{923A7F5A-1E8C-4FBE-8DF6-85940A60A79F}" = Readme
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{99052DB7-9592-4522-A558-5417BBAD48EE}" = Microsoft ActiveSync
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9EFDFBA8-9174-3C61-8645-28376C5CA994}" = Microsoft .NET Framework 3.5 Language Pack SP1 - plk
"{A195B13E-A5E3-4BAF-A995-7F70F445CD06}" = ScannerCopy
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A260B422-70E1-41E2-957D-F76FA21266D5}" = Apple Software Update
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A5BB5365-EFB4-44c3-A7E2-EB59B7EFD23D}" = CueTour
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{B3B487E7-6171-4376-9074-B28082CEB504}" = Windows Live Call
"{B4D279F1-4309-49cc-A4B5-3A0D2E59C7B5}" = PanoStandAlone
"{B62A8A6F-5E48-4336-BF13-1632D5921872}" = PHOTOfunSTUDIO 6.0
"{B824B5C9-849F-4b9e-9EA7-6FD8CD8116DA}" = CP_Package_Variety2
"{B996AE66-10DB-4ac5-B151-E8B4BFBC42FC}" = BufferChm
"{BCC5DC79-2275-4171-8CEA-39F0DD9ADF58}" = USB TV Device Driver
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C506A18C-1469-4678-B094-F4EC9DAE6DB7}" = Scan
"{C9E4932C-8417-4E4C-A0E3-EE534810AB4D}" = ClearType Tuning Control Panel Applet
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CBA30674-A242-4531-82B5-586B31F90E04}" = 1500Trb
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{CE24344F-DFD8-40C8-8FD8-C9740B5F25AC}" = Fax
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{D7A6C517-11F2-419F-B5BB-27772B939698}" = NvMixer
"{DC50950F-9308-49FE-8B50-859EBB08B6F6}" = jetVideo Basic VX
"{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live
"{DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A}" = jetAudio Basic VX
"{E337B156-DF81-48D8-8977-B1574EE87BCF}" = USB2.0 Capture Device
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Codeur Windows Media Série 9
"{E3F90083-80D4-4b5a-87C7-E97E12F5516D}" = HPProductAssistant
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype(TM) 5.1
"{EA103B64-C0E4-4C0E-A506-751590E1653D}" = SolutionCenter
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F4C2E5F5-2970-45f4-ABD3-C180C4D961C4}" = Status
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"6C8CBA975B90CF6855DD766D87911AECDBF80C61" = Pakiet sterowników systemu Windows - eMPIA Technology Inc, (emAudio) MEDIA (06/22/2007 5.7.0622.0)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"ATI Display Driver" = ATI Display Driver
"Audacity_is1" = Audacity 1.2.6
"avast" = avast! Internet Security
"BE09208153A179930171B807D44D6D9450B4A05F" = Pakiet sterowników systemu Windows - eMPIA Technology (USB28xxBGA) Media (06/22/2007 5.7.0622.0)
"Bejeweled 31.0" = Bejeweled 3
"CCleaner" = CCleaner
"CodeStuff Starter" = CodeStuff Starter
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Document Viewer" = HP Document Viewer 5.3
"HP Imaging Device Functions" = HP Imaging Device Functions 5.3
"HP Photo & Imaging" = HP Image Zone 5.3
"HP Solution Center & Imaging Support Tools" = HP Solution Center & Imaging Support Tools 5.3
"HPExtendedCapabilities" = HP Extended Capabilities 5.3
"InfraRecorder" = InfraRecorder
"KeyFinder_is1" = Magical Jelly Bean KeyFinder
"LAME for Audacity_is1" = LAME v3.98.3 for Audacity
"Marvell Miniport Driver" = Marvell Miniport Driver
"Microsoft .NET Framework 3.5 Language Pack SP1 - plk" = Pakiet j?zykowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 -- PLK
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet j?zykowy dla programu Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended PLK Language Pack" = Polski pakiet j?zykowy dla programu Microsoft .NET Framework 4 Extended
"NVIDIA Drivers" = NVIDIA Drivers
"PITy 2007_is1" = PITy 2007 dla Windows kompilacja:1.0.1.29
"PITy 2008_is1" = PITy 2008 dla Windows kompilacja:1.0.2.7
"PITy 2010_is1" = PITy 2010 dla Windows kompilacja:1.2.6.16
"Revo Uninstaller" = Revo Uninstaller 1.93
"SP6" = Logitech SetPoint 6.15
"SpywareBlaster_is1" = SpywareBlaster 4.4
"Traduction française jetAudio 8.0x_is1" = jetAudio 8 - Traduction française
"Unlocker" = Unlocker 1.9.1-x64
"Verbatim GREEN BUTTON_is1" = Verbatim GREEN BUTTON 1.49
"Wave Editor_is1" = Wave Editor 3.0.3.1
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"WIC" = Windows Imaging Component
"Windows XP Service Pack" = Windows XP Service Pack 2
"WinGTK-2_is1" = GTK+ 2.6.9 runtime environment
"WinLiveSuite_Wave3" = Installation Windows Live
"WinPatrol" = WinPatrol
"WinRAR archiver" = WinRAR archiver
"Wise Registry Cleaner_is1" = Wise Registry Cleaner Free 5.61
"XP TCP/IP Repair_is1" = XP TCP/IP Repair 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
"ZHPDiag_is1" = ZHPDiag 1.28

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-117609710-583907252-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2011-12-05 13:39:52 | Computer Name = PATRICE | Source = SecurityCenter | ID = 1802
Description = Us?uga Centrum zabezpiecze? systemu Windows nie mo?e ustanowi? kwerend
zdarze? z WMI, aby monitorowa? zapor? i program antywirusowy innej firmy.

Error - 2011-12-05 13:47:50 | Computer Name = PATRICE | Source = EventSystem | ID = 4609
Description = Podczas wewn?trznego przetwarzania system zdarze? modelu COM+ wykry?
z?y kod powrotu. HRESULT to 80070422 z w wierszu 44 z d:\qxp_slp\com\com1x\src\events\tier1\eventsystemobj.cpp.
Skontaktuj si? z Pomoc? techniczn? firmy Microsoft i zg?o? ten b??

Error - 2011-12-05 13:47:50 | Computer Name = PATRICE | Source = VSS | ID = 8193
Description = B??d Us?ugi kopiowania woluminów w tle: nieoczekiwany b??d podczas
wywo?ywania procedury CoCreateInstance. hr = 0x80040206.

Error - 2011-12-05 13:47:52 | Computer Name = PATRICE | Source = SecurityCenter | ID = 1802
Description = Us?uga Centrum zabezpiecze? systemu Windows nie mo?e ustanowi? kwerend
zdarze? z WMI, aby monitorowa? zapor? i program antywirusowy innej firmy.

Error - 2011-12-05 13:58:13 | Computer Name = PATRICE | Source = EventSystem | ID = 4609
Description = Podczas wewn?trznego przetwarzania system zdarze? modelu COM+ wykry?
z?y kod powrotu. HRESULT to 80070422 z w wierszu 44 z d:\qxp_slp\com\com1x\src\events\tier1\eventsystemobj.cpp.
Skontaktuj si? z Pomoc? techniczn? firmy Microsoft i zg?o? ten b??

Error - 2011-12-05 13:58:13 | Computer Name = PATRICE | Source = VSS | ID = 8193
Description = B??d Us?ugi kopiowania woluminów w tle: nieoczekiwany b??d podczas
wywo?ywania procedury CoCreateInstance. hr = 0x80040206.

Error - 2011-12-05 13:58:14 | Computer Name = PATRICE | Source = SecurityCenter | ID = 1802
Description = Us?uga Centrum zabezpiecze? systemu Windows nie mo?e ustanowi? kwerend
zdarze? z WMI, aby monitorowa? zapor? i program antywirusowy innej firmy.

Error - 2011-12-05 14:07:49 | Computer Name = PATRICE | Source = EventSystem | ID = 4609
Description = Podczas wewn?trznego przetwarzania system zdarze? modelu COM+ wykry?
z?y kod powrotu. HRESULT to 80070422 z w wierszu 44 z d:\qxp_slp\com\com1x\src\events\tier1\eventsystemobj.cpp.
Skontaktuj si? z Pomoc? techniczn? firmy Microsoft i zg?o? ten b??

Error - 2011-12-05 14:07:49 | Computer Name = PATRICE | Source = VSS | ID = 8193
Description = B??d Us?ugi kopiowania woluminów w tle: nieoczekiwany b??d podczas
wywo?ywania procedury CoCreateInstance. hr = 0x80040206.

Error - 2011-12-05 14:07:51 | Computer Name = PATRICE | Source = SecurityCenter | ID = 1802
Description = Us?uga Centrum zabezpiecze? systemu Windows nie mo?e ustanowi? kwerend
zdarze? z WMI, aby monitorowa? zapor? i program antywirusowy innej firmy.

[ OSession Events ]
Error - 2007-12-31 10:30:13 | Computer Name = LESZEK | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 6277
seconds with 1320 seconds of active time. This session ended with a crash.

Error - 2010-04-16 11:21:07 | Computer Name = PATRICE | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 724
seconds with 120 seconds of active time. This session ended with a crash.

Error - 2010-06-01 10:51:49 | Computer Name = PATRICE | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 7074
seconds with 300 seconds of active time. This session ended with a crash.

Error - 2010-07-07 10:46:26 | Computer Name = PATRICE | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 19520
seconds with 4320 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 2011-12-05 13:58:24 | Computer Name = PATRICE | Source = Service Control Manager | ID = 7001
Description = Us?uga Zawiadomienie o zdarzeniu systemowym zale?y od us?ugi System
zdarze? COM+, której nie mo?na uruchomi? z powodu nast?puj?cego b??du: %%1058

Error - 2011-12-05 13:59:36 | Computer Name = PATRICE | Source = Service Control Manager | ID = 7022
Description = Us?uga Windows Image Acquisition (WIA) zawiesi?a si? podczas uruchamiania.

Error - 2011-12-05 13:59:36 | Computer Name = PATRICE | Source = Service Control Manager | ID = 7026
Description = Nie mo?na za?adowa? nast?puj?cych sterowników startu rozruchowego
lub systemowego: CSN5PDTS82

Error - 2011-12-05 14:07:49 | Computer Name = PATRICE | Source = DCOM | ID = 10005
Description = Model DCOM odebra? b??d "%1058" podczas próby uruchomienia us?ugi
EventSystem z argumentami "" w celu uruchomienia serwera: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 2011-12-05 14:07:54 | Computer Name = PATRICE | Source = DCOM | ID = 10005
Description = Model DCOM odebra? b??d "%1058" podczas próby uruchomienia us?ugi
EventSystem z argumentami "" w celu uruchomienia serwera: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 2011-12-05 14:09:10 | Computer Name = PATRICE | Source = Service Control Manager | ID = 7001
Description = Us?uga Monitor podczerwieni zale?y od us?ugi Us?ugi terminalowe, której
nie mo?na uruchomi? z powodu nast?puj?cego b??du: %%1058

Error - 2011-12-05 14:09:10 | Computer Name = PATRICE | Source = Service Control Manager | ID = 7000
Description = Nie mo?na uruchomi? us?ugi MBAMService z powodu nast?puj?cego b??du:
%%3

Error - 2011-12-05 14:09:10 | Computer Name = PATRICE | Source = Service Control Manager | ID = 7001
Description = Us?uga Zawiadomienie o zdarzeniu systemowym zale?y od us?ugi System
zdarze? COM+, której nie mo?na uruchomi? z powodu nast?puj?cego b??du: %%1058

Error - 2011-12-05 14:09:12 | Computer Name = PATRICE | Source = Service Control Manager | ID = 7022
Description = Us?uga Windows Image Acquisition (WIA) zawiesi?a si? podczas uruchamiania.

Error - 2011-12-05 14:09:12 | Computer Name = PATRICE | Source = Service Control Manager | ID = 7026
Description = Nie mo?na za?adowa? nast?puj?cych sterowników startu rozruchowego
lub systemowego: CSN5PDTS82


< End of report >
0
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
5 déc. 2011 à 22:17
tu as mis ce parefeu? https://www.01net.com/telecharger/windows/Securite/firewall/fiches/13562.html

C:\Program Files\StatnPerf\StatnPerf.exe
O4 - HKLM..\Run: [Stat 'n' Perf] C:\Program Files\StatnPerf\StatnPerf.exe (Soft4Ever)


pour voir si c'est le cas: va dans le menu demarrer puis EXECUTER puis tape msconfig puis clique sur ok (ou sur la touche entrée) puis dans l'onglet demarrage décoche la case correspondante puis redemarre ton pc et dis nous si le pc va mieux
0
PGPL Messages postés 67 Date d'inscription dimanche 26 juin 2011 Statut Membre Dernière intervention 9 décembre 2011
6 déc. 2011 à 10:48
Bonjour,
Non pas de parefeu a part avast.
Statnperf est un un petit utilitaire qui me permet de voir en permanence les uploads et les downloads. C'est ainsi que je peux voir ces connections qui a mon avis ne devraient pas exister.
Je l'ai desactive et redemarrer mais cela ne change rien. Mais ce pc qui travaille en permanence, je n'avais pas cela avant.
0
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
6 déc. 2011 à 11:44
bizarre

pour vérifier encore : télécharge dr web et colle un rapport avec

https://www.commentcamarche.net/telecharger/securite/7749-dr-web-cureit/
0