x-kom hosting

Komputer strasznie muli- prosba o sprawdzenie logow

elkas
utworzono
utworzono (edytowane)
[attachment=27613:screen manager zadan.bmp]Oto moj problem:
 
Uruchomienie kompa trwa kilka minut, a potem wlaczenie jakiegokolwiek programu 
albo strony internetowej trwa bardzo dlugo.
Obciazenie procesora w momencie kiedy wlaczony jest tylko google chrome 
oscyluje w granicach 80-100% (zalaczam screen managera zadan).
Ponizej zalaczam log z programow OTL, RSIT i Gmer.
 
Dzieki za pomoc
 

[log]

OTL:
OTL logfile created on: 23/10/2013 22:02:35 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = D:\Documents and Settings\Lidia\Mes documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

1,87 Gb Total Physical Memory | 0,85 Gb Available Physical Memory | 45,53% Memory free
3,04 Gb Paging File | 2,18 Gb Available in Paging File | 71,76% Paging File free
Paging file location(s): C:\pagefile.sys 1344 2688 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 43,97 Gb Total Space | 24,77 Gb Free Space | 56,34% Space Free | Partition Type: NTFS
Drive D: | 67,73 Gb Total Space | 23,97 Gb Free Space | 35,39% Space Free | Partition Type: NTFS
Drive G: | 232,83 Gb Total Space | 86,97 Gb Free Space | 37,35% Space Free | Partition Type: FAT32

Computer Name: CHS03 | User Name: Lidia | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2013/10/23 22:00:59 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Lidia\Mes documents\Downloads\OTL.exe
PRC - [2013/10/09 02:02:45 | 000,844,752 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2013/04/04 14:50:32 | 000,887,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2008/04/14 05:00:00 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/10/18 16:32:42 | 000,079,136 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
PRC - [2007/05/10 10:23:50 | 000,094,208 | ---- | M] (SigmaTel, Inc.) -- C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\stacsv.exe
PRC - [2007/02/20 12:24:34 | 000,475,136 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe
PRC - [2006/12/19 14:21:48 | 000,079,432 | ---- | M] (Broadcom Corporation) -- C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe
PRC - [2006/11/02 20:40:12 | 000,174,656 | ---- | M] () -- C:\Program Files\Fichiers communs\Protexis\License Service\PSIService.exe
PRC - [2005/12/27 09:18:34 | 001,778,320 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\Rtvscan.exe
PRC - [2005/12/27 09:16:42 | 000,020,112 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\DefWatch.exe
PRC - [2005/11/16 13:25:22 | 000,177,824 | ---- | M] (Symantec Corporation) -- C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
PRC - [2005/11/16 13:24:10 | 000,186,016 | ---- | M] (Symantec Corporation) -- C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
PRC - [2004/08/26 11:56:08 | 000,044,032 | ---- | M] (DameWare Development) -- C:\WINDOWS\system32\DWRCST.EXE
PRC - [2004/08/26 11:55:26 | 000,205,312 | ---- | M] (DameWare Development LLC) -- C:\WINDOWS\system32\DWRCS.EXE
PRC - [2003/06/19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2013/10/09 02:02:43 | 000,415,184 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\30.0.1599.101\ppgooglenaclpluginchrome.dll
MOD - [2013/10/09 02:02:42 | 013,584,336 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\30.0.1599.101\PepperFlash\pepflashplayer.dll
MOD - [2013/10/09 02:02:41 | 004,055,504 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\30.0.1599.101\pdf.dll
MOD - [2013/10/09 02:01:47 | 001,604,560 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\30.0.1599.101\ffmpegsumo.dll
MOD - [2009/02/27 16:37:16 | 000,311,296 | ---- | M] () -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\pdfshell.FRA
MOD - [2009/02/11 00:04:25 | 000,077,824 | R--- | M] () -- C:\WINDOWS\system32\sasperf.dll
MOD - [2008/06/02 11:42:40 | 000,753,664 | ---- | M] () -- C:\WINDOWS\system32\bcm1xsup.dll
MOD - [2008/04/14 05:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2006/11/02 20:40:12 | 000,174,656 | ---- | M] () -- C:\Program Files\Fichiers communs\Protexis\License Service\PSIService.exe
MOD - [2004/07/20 17:04:02 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\TosBtHcrpAPI.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV - [2013/10/22 14:42:54 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/07/25 08:52:52 | 000,162,672 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2007/11/15 13:43:04 | 000,382,248 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe -- (NMIndexingService)
SRV - [2007/10/18 16:32:42 | 000,079,136 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2007/05/10 10:23:50 | 000,094,208 | ---- | M] (SigmaTel, Inc.) [Auto | Running] -- C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\stacsv.exe -- (STacSV)
SRV - [2007/02/20 12:24:34 | 000,475,136 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe -- (NICCONFIGSVC)
SRV - [2006/12/19 14:21:48 | 000,079,432 | ---- | M] (Broadcom Corporation) [Auto | Running] -- C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe -- (ASFIPmon)
SRV - [2006/11/02 20:40:12 | 000,174,656 | ---- | M] () [Auto | Running] -- C:\Program Files\Fichiers communs\Protexis\License Service\PSIService.exe -- (ProtexisLicensing)
SRV - [2006/10/26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2005/12/27 09:19:12 | 000,172,176 | ---- | M] (symantec) [On_Demand | Stopped] -- C:\Program Files\Symantec AntiVirus\SavRoam.exe -- (SavRoam)
SRV - [2005/12/27 09:18:34 | 001,778,320 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec AntiVirus\Rtvscan.exe -- (Symantec AntiVirus)
SRV - [2005/12/27 09:16:42 | 000,020,112 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec AntiVirus\DefWatch.exe -- (DefWatch)
SRV - [2005/11/16 13:25:22 | 000,177,824 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe -- (ccSetMgr)
SRV - [2005/11/16 13:24:58 | 000,083,616 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe -- (ccPwdSvc)
SRV - [2005/11/16 13:24:10 | 000,186,016 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe -- (ccEvtMgr)
SRV - [2005/10/19 17:39:34 | 000,214,672 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe -- (SNDSrvc)
SRV - [2005/03/30 21:48:22 | 000,992,864 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe -- (SPBBCSvc)
SRV - [2004/08/26 11:55:26 | 000,205,312 | ---- | M] (DameWare Development LLC) [Auto | Running] -- C:\WINDOWS\system32\DWRCS.EXE -- (DWMRCS)
SRV - [2003/06/19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\PCAMPR5.SYS -- (PCAMPR5)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | System | Stopped] -- system32\DRIVERS\AmdK8.sys -- (AmdK8)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (ajogfzy8)
DRV - [2013/06/17 10:00:00 | 001,611,992 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Fichiers communs\Symantec Shared\VirusDefs\20130708.002\NAVEX15.SYS -- (NAVEX15)
DRV - [2013/06/17 10:00:00 | 000,093,272 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Fichiers communs\Symantec Shared\VirusDefs\20130708.002\NAVENG.SYS -- (NAVENG)
DRV - [2013/04/15 11:09:06 | 000,106,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2012/08/01 02:34:45 | 000,376,480 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010/05/13 16:12:44 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2008/09/19 16:43:11 | 000,119,808 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\ahcix86.sys -- (ahcix86)
DRV - [2008/06/02 11:42:52 | 001,287,552 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2007/08/02 17:35:12 | 000,989,952 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2007/08/02 17:34:30 | 000,211,200 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2007/08/02 17:34:26 | 000,731,136 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2007/07/27 23:30:26 | 002,371,584 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2007/05/10 10:24:34 | 001,222,840 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2007/04/23 16:39:00 | 000,113,920 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosrfbd.sys -- (tosrfbd)
DRV - [2007/04/16 21:46:00 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdPPM.sys -- (AmdPPM)
DRV - [2007/04/10 20:29:42 | 000,041,856 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosrfusb.sys -- (Tosrfusb)
DRV - [2007/02/17 21:00:42 | 000,132,608 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2007/02/16 15:46:00 | 000,160,256 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2007/01/16 10:22:00 | 000,031,744 | ---- | M] (CSR, plc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\csrbcxp.sys -- (CSRBC)
DRV - [2006/12/19 14:21:52 | 000,010,480 | ---- | M] (Broadcom Corporation) [Kernel | Auto | Running] -- C:\Program Files\Broadcom\ASFIPMon\BASFND.sys -- (BASFND)
DRV - [2006/11/20 17:55:16 | 000,036,480 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosrfbnp.sys -- (tosrfbnp)
DRV - [2006/10/10 19:33:00 | 000,041,600 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosporte.sys -- (tosporte)
DRV - [2006/10/05 16:07:46 | 000,073,600 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Tosrfhid.sys -- (Tosrfhid)
DRV - [2006/05/25 17:28:44 | 000,684,265 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\torususb.sys -- (TaurusUsb)
DRV - [2005/11/19 03:13:18 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PCASp50.sys -- (PCASp50)
DRV - [2005/10/19 17:39:04 | 000,195,728 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\symtdi.sys -- (SYMTDI)
DRV - [2005/10/19 17:38:58 | 000,024,720 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\symredrv.sys -- (SYMREDRV)
DRV - [2005/09/17 00:20:06 | 000,108,168 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Symantec\SYMEVENT.SYS -- (SymEvent)
DRV - [2005/08/26 14:22:50 | 000,053,896 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Symantec AntiVirus\Savrtpel.sys -- (SAVRTPEL)
DRV - [2005/08/26 14:22:48 | 000,334,984 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Symantec AntiVirus\savrt.sys -- (SAVRT)
DRV - [2005/08/12 16:50:46 | 000,016,128 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\APPDRV.SYS -- (APPDRV)
DRV - [2005/08/01 16:45:00 | 000,064,896 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2005/03/30 21:48:20 | 000,372,832 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2005/01/06 13:42:00 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosrfnds.sys -- (tosrfnds)
DRV - [2003/08/12 16:51:00 | 000,060,255 | R--- | M] (STMicroelectronics ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\stmatm.sys -- (Stmatm)
DRV - [2003/08/04 13:22:44 | 000,016,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\PCANDIS5.SYS -- (PCANDIS5)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1409082233-879983540-1177238915-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02
IE - HKU\S-1-5-21-1409082233-879983540-1177238915-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://home.microsoft.com/access/allinone.asp
IE - HKU\S-1-5-21-1409082233-879983540-1177238915-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.radioplus.pl/
IE - HKU\S-1-5-21-1409082233-879983540-1177238915-1007\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKU\S-1-5-21-1409082233-879983540-1177238915-1007\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\S-1-5-21-1409082233-879983540-1177238915-1007\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = http://www.daemon-search.com/search/web?q={searchTerms}
IE - HKU\S-1-5-21-1409082233-879983540-1177238915-1007\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2481032
IE - HKU\S-1-5-21-1409082233-879983540-1177238915-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


[color=#E56717]========== FireFox ==========[/color]

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.669: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.669: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.669: D:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.669: D:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.669: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.11: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: D:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/11/01 19:25:45 | 000,000,000 | ---D | M]

[2013/05/25 23:27:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/05/25 23:27:36 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/01/28 21:46:54 | 000,307,200 | ---- | M] (ESKA) -- C:\Program Files\mozilla firefox\plugins\npOggX.dll
[1999/12/31 17:00:00 | 000,167,704 | ---- | M] (Tracker Software Products Ltd.) -- C:\Program Files\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll

[color=#E56717]========== Chrome ==========[/color]

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.radioplus.pl/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\30.0.1599.101\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\30.0.1599.101\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java(TM) Platform SE 6 U15 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np32dsw.dll
CHR - plugin: Java Deployment Toolkit 6.0.150.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdivx32.dll
CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL
CHR - plugin: Ogg Player Gecko Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npOggX.dll
CHR - plugin: PDF-XChange Viewer (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npPDFXCviewNPPlugin.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility for IJ (Enabled) = C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll
CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) (Enabled) = D:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = D:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - Extension: Youtube Video Downloader = D:\Documents and Settings\Lidia\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ajcdokmfhjckfhjdgjhdcjpmjgnihkad\1.3_0\
CHR - Extension: Google Docs = D:\Documents and Settings\Lidia\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = D:\Documents and Settings\Lidia\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = D:\Documents and Settings\Lidia\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = D:\Documents and Settings\Lidia\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Reduc.fr = D:\Documents and Settings\Lidia\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\idlnlhoajjambogmnkahaikfmhgfmiim\1.25.20_0\crossrider
CHR - Extension: Reduc.fr = D:\Documents and Settings\Lidia\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\idlnlhoajjambogmnkahaikfmhgfmiim\1.25.20_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = D:\Documents and Settings\Lidia\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: Chrome In-App Payments service = D:\Documents and Settings\Lidia\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\
CHR - Extension: Gmail = D:\Documents and Settings\Lidia\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2008/04/14 05:00:00 | 000,000,790 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - D:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKU\S-1-5-21-1409082233-879983540-1177238915-1007\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKU\S-1-5-21-1409082233-879983540-1177238915-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95 00 00 00 [binary data]
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.microsoft.com/download/e/4/9/e494c802-dd90-4c6b-a074-469358f075a6/OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1224574176578 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} http://office.microsoft.com/officeupdate/content/opuc4.cab (Office Update Installation Engine)
O16 - DPF: {CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_12-windows-i586.cab (Java Plug-in 1.5.0_12)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DF8E5EAD-5904-4254-ABFE-C11B6503BBBE}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Fichiers communs\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\NavLogon: DllName - (C:\WINDOWS\system32\NavLogon.dll) - C:\WINDOWS\system32\NavLogon.dll (Symantec Corporation)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: D:\Documents and Settings\Lidia\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: D:\Documents and Settings\Lidia\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/10/20 14:37:24 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/11/06 10:05:52 | 000,000,088 | ---- | M] () - G:\Autorun.inf -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2013/10/22 21:41:10 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Lidia\Application Data\PriceGong
[2013/09/27 18:17:49 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Menu Démarrer\Programmes\Malwarebytes' Anti-Malware
[2013/09/27 18:16:55 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2013/09/27 18:16:54 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013/09/25 00:27:03 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Lidia\Bureau\Inscription UPMC 2013-2014
[2009/05/21 15:02:09 | 136,095,169 | ---- | C] (RCOM and RExcel team ) -- C:\Program Files\RAndFriendsLightSetup2081V3.0-10-1.exe
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2013/10/23 21:38:01 | 000,001,054 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/10/23 21:35:16 | 000,001,002 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/10/23 21:32:59 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/10/23 21:31:45 | 000,001,050 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/10/23 21:31:43 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1409082233-879983540-1177238915-1007.job
[2013/10/23 21:30:49 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/10/23 15:30:25 | 000,000,299 | ---- | M] () -- D:\Documents and Settings\Lidia\Bureau\Raccourci vers lidiia (D).lnk
[2013/10/23 10:40:31 | 000,001,693 | ---- | M] () -- D:\Documents and Settings\All Users\Bureau\Google Chrome.lnk
[2013/10/23 10:09:13 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1409082233-879983540-1177238915-1007.job
[2013/10/23 10:03:02 | 000,320,632 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/10/22 23:55:14 | 000,000,027 | ---- | M] () -- C:\WINDOWS\ecowin.ini
[2013/10/22 22:21:15 | 000,000,224 | -HS- | M] () -- C:\boot.ini
[2013/10/22 15:12:02 | 000,002,175 | ---- | M] () -- D:\Documents and Settings\All Users\Bureau\Skype.lnk
[2013/10/22 14:42:50 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013/10/22 14:42:50 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013/09/28 11:35:02 | 000,542,767 | ---- | M] () -- D:\Documents and Settings\Lidia\Bureau\zdj 1.JPG
[2013/09/28 11:35:02 | 000,002,148 | ---- | M] () -- D:\Documents and Settings\Lidia\.recently-used.xbel
[2013/09/28 00:12:26 | 000,054,016 | ---- | M] () -- C:\WINDOWS\System32\drivers\fwvotf.sys
[2013/09/27 18:17:50 | 000,000,666 | ---- | M] () -- D:\Documents and Settings\All Users\Bureau\Malwarebytes Anti-Malware.lnk
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2013/10/23 15:30:25 | 000,000,299 | ---- | C] () -- D:\Documents and Settings\Lidia\Bureau\Raccourci vers lidiia (D).lnk
[2013/09/28 11:35:02 | 000,002,148 | ---- | C] () -- D:\Documents and Settings\Lidia\.recently-used.xbel
[2013/09/28 11:34:57 | 000,542,767 | ---- | C] () -- D:\Documents and Settings\Lidia\Bureau\zdj 1.JPG
[2013/09/28 00:12:26 | 000,054,016 | ---- | C] () -- C:\WINDOWS\System32\drivers\fwvotf.sys
[2013/09/27 18:17:50 | 000,000,666 | ---- | C] () -- D:\Documents and Settings\All Users\Bureau\Malwarebytes Anti-Malware.lnk
[2013/06/24 22:19:28 | 000,000,128 | ---- | C] () -- D:\Documents and Settings\Lidia\Local Settings\Application Data\fusioncache.dat
[2012/02/16 13:09:10 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/02/14 11:35:08 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2011/12/22 21:26:33 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/10/30 18:37:46 | 000,000,068 | ---- | C] () -- D:\Documents and Settings\Lidia\_EFI_10303_18_629
[2010/08/01 00:25:09 | 007,739,916 | ---- | C] () -- D:\Documents and Settings\Lidia\jfreechart-1.0.13.zip
[2010/03/21 19:37:40 | 000,000,000 | ---- | C] () -- D:\Documents and Settings\Lidia\convert
[2009/07/18 23:02:51 | 000,002,984 | -HS- | C] () -- D:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys
[2009/07/18 23:02:51 | 000,000,088 | RHS- | C] () -- D:\Documents and Settings\All Users\Application Data\641557BF6B.sys
[2008/12/12 12:55:58 | 000,000,126 | ---- | C] () -- D:\Documents and Settings\Lidia\beanbowlSettings.ser
[2008/12/05 17:10:12 | 000,018,432 | ---- | C] () -- D:\Documents and Settings\Lidia\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2008/10/21 09:39:48 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 05:00:00 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 12:53:55 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 05:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[color=#E56717]========== LOP Check ==========[/color]

[2008/10/21 15:03:16 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Administrateur\Application Data\OfficeUpdate12
[2008/10/21 14:34:26 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Administrateur\Application Data\Thunderbird
[2008/10/23 18:13:29 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Administrateur\Application Data\Wave Systems Corp
[2011/12/29 22:23:27 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\ashampoo
[2012/08/20 12:51:25 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Canon IJ Network Tool
[2012/08/20 12:22:55 | 000,000,000 | -H-D | M] -- D:\Documents and Settings\All Users\Application Data\CanonBJ
[2012/08/20 13:56:42 | 000,000,000 | -H-D | M] -- D:\Documents and Settings\All Users\Application Data\CanonEPP
[2012/08/31 21:58:59 | 000,000,000 | -H-D | M] -- D:\Documents and Settings\All Users\Application Data\CanonIJEGV
[2012/08/20 13:56:42 | 000,000,000 | -H-D | M] -- D:\Documents and Settings\All Users\Application Data\CanonIJEPPEX2
[2012/09/12 08:19:31 | 000,000,000 | -H-D | M] -- D:\Documents and Settings\All Users\Application Data\CanonIJScan
[2012/08/20 12:28:25 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\CanonIJWSpt
[2010/05/13 16:12:20 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2012/06/07 22:43:49 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\InstallMate
[2010/05/13 20:49:41 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\SAS
[2011/01/14 23:22:50 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Tlen.pl
[2008/10/23 19:17:34 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Wave Systems Corp
[2012/06/07 22:33:07 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Lidia\Application Data\aerix
[2011/12/29 22:25:18 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Lidia\Application Data\Ashampoo
[2012/09/12 08:19:31 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Lidia\Application Data\Canon
[2010/05/13 17:09:32 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Lidia\Application Data\DAEMON Tools Lite
[2013/10/23 22:34:39 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Lidia\Application Data\Dropbox
[2013/09/30 23:01:42 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Lidia\Application Data\EndNote
[2013/09/28 11:35:03 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Lidia\Application Data\gtk-2.0
[2009/02/10 15:17:55 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Lidia\Application Data\Leadertech
[2013/06/24 22:57:02 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Lidia\Application Data\PDF Architect
[2013/06/24 22:23:41 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Lidia\Application Data\pdfforge
[2013/10/22 21:41:11 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Lidia\Application Data\PriceGong
[2010/05/13 21:29:29 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Lidia\Application Data\SAS
[2008/12/08 16:25:24 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Lidia\Application Data\Subversion
[2013/08/24 14:59:28 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Lidia\Application Data\Tinn-R
[2012/08/15 20:28:33 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Lidia\Application Data\WinEdt
[2013/08/21 07:36:55 | 000,000,000 | ---D | M] -- D:\Documents and Settings\temime\Application Data\Canon

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 160 bytes -> D:\Documents and Settings\Lidia\Bureau\DSCF3190.JPG:com.dropbox.attributes

< End of report >

[/log]

 

[log]

GMER:

GMER 2.1.19163 - http://www.gmer.net
Rootkit scan 2013-10-24 14:40:23
Windows 5.1.2600 Service Pack 3 \Device\Harddisk0\DR0 -> \Device\Scsi\ahcix861Port2Path0Target0Lun0 ST912081 rev.1.10 111,79GB
Running: lc518n88.exe; Driver: D:\DOCUME~1\Lidia\LOCALS~1\Temp\uxtdqpog.sys


---- System - GMER 2.1 ----

SSDT            895DEC28                                                                                                            ZwConnectPort
SSDT            spgn.sys                                                                                                            ZwCreateKey [0xB9EB50E0]
SSDT            \??\C:\Program Files\Symantec\SYMEVENT.SYS                                                                          ZwDeleteValueKey [0xAF128DC0]
SSDT            spgn.sys                                                                                                            ZwEnumerateKey [0xB9ECDDA4]
SSDT            spgn.sys                                                                                                            ZwEnumerateValueKey [0xB9ECE132]
SSDT            spgn.sys                                                                                                            ZwOpenKey [0xB9EB50C0]
SSDT            spgn.sys                                                                                                            ZwQueryKey [0xB9ECE20A]
SSDT            spgn.sys                                                                                                            ZwQueryValueKey [0xB9ECE08A]
SSDT            \??\C:\Program Files\Symantec\SYMEVENT.SYS                                                                          ZwSetValueKey [0xAF129020]

INT 0x62        ?                                                                                                                   89D72BF8
INT 0x73        ?                                                                                                                   89D04BF8
INT 0x82        ?                                                                                                                   89D72BF8
INT 0x84        ?                                                                                                                   89A66F00
INT 0x94        ?                                                                                                                   89A66F00
INT 0xA4        ?                                                                                                                   89A66F00
INT 0xB4        ?                                                                                                                   89A66F00
INT 0xB4        ?                                                                                                                   89A66F00

---- Kernel code sections - GMER 2.1 ----

?               spgn.sys                                                                                                            Le fichier spécifié est introuvable. !

---- User code sections - GMER 2.1 ----

.text           C:\Program Files\Google\Chrome\Application\chrome.exe[1184] ntdll.dll!NtCreateFile + 6                              7C91D0B4 4 Bytes  [28, 74, F5, 00] {SUB [EBP+ESI*8+0x0], DH}
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[1184] ntdll.dll!NtCreateFile + B                              7C91D0B9 1 Byte  [E2]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[1184] ntdll.dll!NtMapViewOfSection + 6                        7C91D524 4 Bytes  [28, 77, F5, 00]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[1184] ntdll.dll!NtMapViewOfSection + B                        7C91D529 1 Byte  [E2]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[1184] ntdll.dll!NtOpenFile + 6                                7C91D5A4 4 Bytes  [68, 74, F5, 00]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[1184] ntdll.dll!NtOpenFile + B                                7C91D5A9 1 Byte  [E2]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[1184] ntdll.dll!NtOpenProcess + 6                             7C91D604 4 Bytes  [A8, 75, F5, 00]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[1184] ntdll.dll!NtOpenProcess + B                             7C91D609 1 Byte  [E2]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[1184] ntdll.dll!NtOpenProcessToken + 6                        7C91D614 4 Bytes  CALL 7B92CB8E
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[1184] ntdll.dll!NtOpenProcessToken + B                        7C91D619 1 Byte  [E2]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[1184] ntdll.dll!NtOpenProcessTokenEx + 6                      7C91D624 4 Bytes  [A8, 76, F5, 00]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[1184] ntdll.dll!NtOpenProcessTokenEx + B                      7C91D629 1 Byte  [E2]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[1184] ntdll.dll!NtOpenThread + 6                              7C91D664 4 Bytes  [68, 75, F5, 00]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[1184] ntdll.dll!NtOpenThread + B                              7C91D669 1 Byte  [E2]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[1184] ntdll.dll!NtOpenThreadToken + 6                         7C91D674 4 Bytes  [68, 76, F5, 00]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[1184] ntdll.dll!NtOpenThreadToken + B                         7C91D679 1 Byte  [E2]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[1184] ntdll.dll!NtOpenThreadTokenEx + 6                       7C91D684 4 Bytes  CALL 7B92CBFF
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[1184] ntdll.dll!NtOpenThreadTokenEx + B                       7C91D689 1 Byte  [E2]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[1184] ntdll.dll!NtQueryAttributesFile + 6                     7C91D714 4 Bytes  [A8, 74, F5, 00]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[1184] ntdll.dll!NtQueryAttributesFile + B                     7C91D719 1 Byte  [E2]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[1184] ntdll.dll!NtQueryFullAttributesFile + 6                 7C91D7B4 4 Bytes  CALL 7B92CD2D
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[1184] ntdll.dll!NtQueryFullAttributesFile + B                 7C91D7B9 1 Byte  [E2]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[1184] ntdll.dll!NtSetInformationFile + 6                      7C91DC64 4 Bytes  [28, 75, F5, 00]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[1184] ntdll.dll!NtSetInformationFile + B                      7C91DC69 1 Byte  [E2]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[1184] ntdll.dll!NtSetInformationThread + 6                    7C91DCB4 4 Bytes  [28, 76, F5, 00]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[1184] ntdll.dll!NtSetInformationThread + B                    7C91DCB9 1 Byte  [E2]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[1184] ntdll.dll!NtUnmapViewOfSection + 6                      7C91DF14 4 Bytes  [68, 77, F5, 00]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[1184] ntdll.dll!NtUnmapViewOfSection + B                      7C91DF19 1 Byte  [E2]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[2872] ntdll.dll!NtCreateFile + 6                              7C91D0B4 4 Bytes  [28, C8, 1E, 00]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[2872] ntdll.dll!NtCreateFile + B                              7C91D0B9 1 Byte  [E2]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[2872] ntdll.dll!NtMapViewOfSection + 6                        7C91D524 4 Bytes  [28, CB, 1E, 00]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[2872] ntdll.dll!NtMapViewOfSection + B                        7C91D529 1 Byte  [E2]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[2872] ntdll.dll!NtOpenFile + 6                                7C91D5A4 4 Bytes  [68, C8, 1E, 00]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[2872] ntdll.dll!NtOpenFile + B                                7C91D5A9 1 Byte  [E2]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[2872] ntdll.dll!NtOpenProcess + 6                             7C91D604 4 Bytes  [A8, C9, 1E, 00]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[2872] ntdll.dll!NtOpenProcess + B                             7C91D609 1 Byte  [E2]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[2872] ntdll.dll!NtOpenProcessToken + 6                        7C91D614 4 Bytes  CALL 7B91F4E2
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[2872] ntdll.dll!NtOpenProcessToken + B                        7C91D619 1 Byte  [E2]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[2872] ntdll.dll!NtOpenProcessTokenEx + 6                      7C91D624 4 Bytes  [A8, CA, 1E, 00]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[2872] ntdll.dll!NtOpenProcessTokenEx + B                      7C91D629 1 Byte  [E2]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[2872] ntdll.dll!NtOpenThread + 6                              7C91D664 4 Bytes  [68, C9, 1E, 00]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[2872] ntdll.dll!NtOpenThread + B                              7C91D669 1 Byte  [E2]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[2872] ntdll.dll!NtOpenThreadToken + 6                         7C91D674 4 Bytes  [68, CA, 1E, 00]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[2872] ntdll.dll!NtOpenThreadToken + B                         7C91D679 1 Byte  [E2]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[2872] ntdll.dll!NtOpenThreadTokenEx + 6                       7C91D684 4 Bytes  CALL 7B91F553
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[2872] ntdll.dll!NtOpenThreadTokenEx + B                       7C91D689 1 Byte  [E2]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[2872] ntdll.dll!NtQueryAttributesFile + 6                     7C91D714 4 Bytes  [A8, C8, 1E, 00]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[2872] ntdll.dll!NtQueryAttributesFile + B                     7C91D719 1 Byte  [E2]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[2872] ntdll.dll!NtQueryFullAttributesFile + 6                 7C91D7B4 4 Bytes  CALL 7B91F681
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[2872] ntdll.dll!NtQueryFullAttributesFile + B                 7C91D7B9 1 Byte  [E2]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[2872] ntdll.dll!NtSetInformationFile + 6                      7C91DC64 4 Bytes  [28, C9, 1E, 00]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[2872] ntdll.dll!NtSetInformationFile + B                      7C91DC69 1 Byte  [E2]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[2872] ntdll.dll!NtSetInformationThread + 6                    7C91DCB4 4 Bytes  [28, CA, 1E, 00]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[2872] ntdll.dll!NtSetInformationThread + B                    7C91DCB9 1 Byte  [E2]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[2872] ntdll.dll!NtUnmapViewOfSection + 6                      7C91DF14 4 Bytes  [68, CB, 1E, 00]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[2872] ntdll.dll!NtUnmapViewOfSection + B                      7C91DF19 1 Byte  [E2]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[2964] ntdll.dll!NtCreateFile + 6                              7C91D0B4 4 Bytes  [28, C8, BC, 00]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[2964] ntdll.dll!NtCreateFile + B                              7C91D0B9 1 Byte  [E2]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[2964] ntdll.dll!NtMapViewOfSection + 6                        7C91D524 4 Bytes  [28, CB, BC, 00]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[2964] ntdll.dll!NtMapViewOfSection + B                        7C91D529 1 Byte  [E2]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[2964] ntdll.dll!NtOpenFile + 6                                7C91D5A4 4 Bytes  [68, C8, BC, 00]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[2964] ntdll.dll!NtOpenFile + B                                7C91D5A9 1 Byte  [E2]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[2964] ntdll.dll!NtOpenProcess + 6                             7C91D604 4 Bytes  [A8, C9, BC, 00]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[2964] ntdll.dll!NtOpenProcess + B                             7C91D609 1 Byte  [E2]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[2964] ntdll.dll!NtOpenProcessToken + 6                        7C91D614 4 Bytes  CALL 7B9292E2
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[2964] ntdll.dll!NtOpenProcessToken + B                        7C91D619 1 Byte  [E2]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[2964] ntdll.dll!NtOpenProcessTokenEx + 6                      7C91D624 4 Bytes  [A8, CA, BC, 00]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[2964] ntdll.dll!NtOpenProcessTokenEx + B                      7C91D629 1 Byte  [E2]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[2964] ntdll.dll!NtOpenThread + 6                              7C91D664 4 Bytes  [68, C9, BC, 00]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[2964] ntdll.dll!NtOpenThread + B                              7C91D669 1 Byte  [E2]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[2964] ntdll.dll!NtOpenThreadToken + 6                         7C91D674 4 Bytes  [68, CA, BC, 00]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[2964] ntdll.dll!NtOpenThreadToken + B                         7C91D679 1 Byte  [E2]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[2964] ntdll.dll!NtOpenThreadTokenEx + 6                       7C91D684 4 Bytes  CALL 7B929353
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[2964] ntdll.dll!NtOpenThreadTokenEx + B                       7C91D689 1 Byte  [E2]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[2964] ntdll.dll!NtQueryAttributesFile + 6                     7C91D714 4 Bytes  [A8, C8, BC, 00]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[2964] ntdll.dll!NtQueryAttributesFile + B                     7C91D719 1 Byte  [E2]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[2964] ntdll.dll!NtQueryFullAttributesFile + 6                 7C91D7B4 4 Bytes  CALL 7B929481
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[2964] ntdll.dll!NtQueryFullAttributesFile + B                 7C91D7B9 1 Byte  [E2]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[2964] ntdll.dll!NtSetInformationFile + 6                      7C91DC64 4 Bytes  [28, C9, BC, 00]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[2964] ntdll.dll!NtSetInformationFile + B                      7C91DC69 1 Byte  [E2]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[2964] ntdll.dll!NtSetInformationThread + 6                    7C91DCB4 4 Bytes  [28, CA, BC, 00]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[2964] ntdll.dll!NtSetInformationThread + B                    7C91DCB9 1 Byte  [E2]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[2964] ntdll.dll!NtUnmapViewOfSection + 6                      7C91DF14 4 Bytes  [68, CB, BC, 00]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[2964] ntdll.dll!NtUnmapViewOfSection + B                      7C91DF19 1 Byte  [E2]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[3096] ntdll.dll!NtCreateFile + 6                              7C91D0B4 4 Bytes  [28, 64, B2, 00] {SUB [EDX+ESI*4+0x0], AH}
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[3096] ntdll.dll!NtCreateFile + B                              7C91D0B9 1 Byte  [E2]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[3096] ntdll.dll!NtMapViewOfSection + 6                        7C91D524 4 Bytes  [28, 67, B2, 00]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[3096] ntdll.dll!NtMapViewOfSection + B                        7C91D529 1 Byte  [E2]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[3096] ntdll.dll!NtOpenFile + 6                                7C91D5A4 4 Bytes  [68, 64, B2, 00]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[3096] ntdll.dll!NtOpenFile + B                                7C91D5A9 1 Byte  [E2]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[3096] ntdll.dll!NtOpenProcess + 6                             7C91D604 4 Bytes  [A8, 65, B2, 00] {TEST AL, 0x65; MOV DL, 0x0}
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[3096] ntdll.dll!NtOpenProcess + B                             7C91D609 1 Byte  [E2]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[3096] ntdll.dll!NtOpenProcessToken + 6                        7C91D614 4 Bytes  CALL 7B92887E
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[3096] ntdll.dll!NtOpenProcessToken + B                        7C91D619 1 Byte  [E2]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[3096] ntdll.dll!NtOpenProcessTokenEx + 6                      7C91D624 4 Bytes  [A8, 66, B2, 00] {TEST AL, 0x66; MOV DL, 0x0}
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[3096] ntdll.dll!NtOpenProcessTokenEx + B                      7C91D629 1 Byte  [E2]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[3096] ntdll.dll!NtOpenThread + 6                              7C91D664 4 Bytes  [68, 65, B2, 00]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[3096] ntdll.dll!NtOpenThread + B                              7C91D669 1 Byte  [E2]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[3096] ntdll.dll!NtOpenThreadToken + 6                         7C91D674 4 Bytes  [68, 66, B2, 00]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[3096] ntdll.dll!NtOpenThreadToken + B                         7C91D679 1 Byte  [E2]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[3096] ntdll.dll!NtOpenThreadTokenEx + 6                       7C91D684 4 Bytes  CALL 7B9288EF
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[3096] ntdll.dll!NtOpenThreadTokenEx + B                       7C91D689 1 Byte  [E2]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[3096] ntdll.dll!NtQueryAttributesFile + 6                     7C91D714 4 Bytes  [A8, 64, B2, 00] {TEST AL, 0x64; MOV DL, 0x0}
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[3096] ntdll.dll!NtQueryAttributesFile + B                     7C91D719 1 Byte  [E2]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[3096] ntdll.dll!NtQueryFullAttributesFile + 6                 7C91D7B4 4 Bytes  CALL 7B928A1D
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[3096] ntdll.dll!NtQueryFullAttributesFile + B                 7C91D7B9 1 Byte  [E2]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[3096] ntdll.dll!NtSetInformationFile + 6                      7C91DC64 4 Bytes  [28, 65, B2, 00]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[3096] ntdll.dll!NtSetInformationFile + B                      7C91DC69 1 Byte  [E2]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[3096] ntdll.dll!NtSetInformationThread + 6                    7C91DCB4 4 Bytes  [28, 66, B2, 00]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[3096] ntdll.dll!NtSetInformationThread + B                    7C91DCB9 1 Byte  [E2]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[3096] ntdll.dll!NtUnmapViewOfSection + 6                      7C91DF14 4 Bytes  [68, 67, B2, 00]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[3096] ntdll.dll!NtUnmapViewOfSection + B                      7C91DF19 1 Byte  [E2]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[3932] ntdll.dll!NtCreateFile + 6                              7C91D0B4 4 Bytes  [28, 90, CE, 00]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[3932] ntdll.dll!NtCreateFile + B                              7C91D0B9 1 Byte  [E2]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[3932] ntdll.dll!NtMapViewOfSection + 6                        7C91D524 4 Bytes  [28, 93, CE, 00]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[3932] ntdll.dll!NtMapViewOfSection + B                        7C91D529 1 Byte  [E2]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[3932] ntdll.dll!NtOpenFile + 6                                7C91D5A4 4 Bytes  [68, 90, CE, 00]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[3932] ntdll.dll!NtOpenFile + B                                7C91D5A9 1 Byte  [E2]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[3932] ntdll.dll!NtOpenProcess + 6                             7C91D604 4 Bytes  [A8, 91, CE, 00]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[3932] ntdll.dll!NtOpenProcess + B                             7C91D609 1 Byte  [E2]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[3932] ntdll.dll!NtOpenProcessToken + 6                        7C91D614 4 Bytes  CALL 7B92A4AA
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[3932] ntdll.dll!NtOpenProcessToken + B                        7C91D619 1 Byte  [E2]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[3932] ntdll.dll!NtOpenProcessTokenEx + 6                      7C91D624 4 Bytes  [A8, 92, CE, 00]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[3932] ntdll.dll!NtOpenProcessTokenEx + B                      7C91D629 1 Byte  [E2]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[3932] ntdll.dll!NtOpenThread + 6                              7C91D664 4 Bytes  [68, 91, CE, 00]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[3932] ntdll.dll!NtOpenThread + B                              7C91D669 1 Byte  [E2]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[3932] ntdll.dll!NtOpenThreadToken + 6                         7C91D674 4 Bytes  [68, 92, CE, 00]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[3932] ntdll.dll!NtOpenThreadToken + B                         7C91D679 1 Byte  [E2]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[3932] ntdll.dll!NtOpenThreadTokenEx + 6                       7C91D684 4 Bytes  CALL 7B92A51B
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[3932] ntdll.dll!NtOpenThreadTokenEx + B                       7C91D689 1 Byte  [E2]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[3932] ntdll.dll!NtQueryAttributesFile + 6                     7C91D714 4 Bytes  [A8, 90, CE, 00]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[3932] ntdll.dll!NtQueryAttributesFile + B                     7C91D719 1 Byte  [E2]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[3932] ntdll.dll!NtQueryFullAttributesFile + 6                 7C91D7B4 4 Bytes  CALL 7B92A649
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[3932] ntdll.dll!NtQueryFullAttributesFile + B                 7C91D7B9 1 Byte  [E2]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[3932] ntdll.dll!NtSetInformationFile + 6                      7C91DC64 4 Bytes  [28, 91, CE, 00]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[3932] ntdll.dll!NtSetInformationFile + B                      7C91DC69 1 Byte  [E2]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[3932] ntdll.dll!NtSetInformationThread + 6                    7C91DCB4 4 Bytes  [28, 92, CE, 00]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[3932] ntdll.dll!NtSetInformationThread + B                    7C91DCB9 1 Byte  [E2]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[3932] ntdll.dll!NtUnmapViewOfSection + 6                      7C91DF14 4 Bytes  [68, 93, CE, 00]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[3932] ntdll.dll!NtUnmapViewOfSection + B                      7C91DF19 1 Byte  [E2]

---- Devices - GMER 2.1 ----

Device          \FileSystem\Ntfs \Ntfs                                                                                              89D001F8

AttachedDevice  \FileSystem\Ntfs \Ntfs                                                                                              SYMEVENT.SYS
AttachedDevice  \Driver\Tcpip \Device\Ip                                                                                            SYMTDI.SYS

Device          \Driver\usbohci \Device\USBPDO-0                                                                                    89C3C4C0
Device          \Driver\usbohci \Device\USBPDO-1                                                                                    89C3C4C0
Device          \Driver\usbohci \Device\USBPDO-2                                                                                    89C3C4C0
Device          \Driver\NetBT \Device\NetBT_Tcpip_{DF8E5EAD-5904-4254-ABFE-C11B6503BBBE}                                            8954C500
Device          \Driver\NetBT \Device\NetBT_Tcpip_{CA185A3C-3D09-4C1F-9302-79102B769B9B}                                            8954C500
Device          \Driver\usbohci \Device\USBPDO-3                                                                                    89C3C4C0
Device          \Driver\usbohci \Device\USBPDO-4                                                                                    89C3C4C0

AttachedDevice  \Driver\Tcpip \Device\Tcp                                                                                           SYMTDI.SYS

Device          \Driver\usbehci \Device\USBPDO-5                                                                                    89C3A500
Device          \Driver\Ftdisk \Device\HarddiskVolume1                                                                              89D021F8
Device          \Driver\PCI_PNP3028 \Device\00000058                                                                                spgn.sys
Device          \Driver\Ftdisk \Device\HarddiskVolume2                                                                              89D021F8
Device          \Driver\Cdrom \Device\CdRom0                                                                                        89A67500
Device          \Driver\Ftdisk \Device\HarddiskVolume3                                                                              89D021F8
Device          \Driver\Cdrom \Device\CdRom1                                                                                        89A67500
Device          \Driver\atapi \Device\Ide\IdePort0                                                                                  [B9E10B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device          \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3                                                                         [B9E10B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device          \Driver\atapi \Device\Ide\IdePort1                                                                                  [B9E10B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device          \Driver\NetBT \Device\NetBt_Wins_Export                                                                             8954C500
Device          \Driver\NetBT \Device\NetbiosSmb                                                                                    8954C500

AttachedDevice  \Driver\Tcpip \Device\Udp                                                                                           SYMTDI.SYS
AttachedDevice  \Driver\Tcpip \Device\RawIp                                                                                         SYMTDI.SYS

Device          \Driver\usbohci \Device\USBFDO-0                                                                                    89C3C4C0
Device          \Driver\usbohci \Device\USBFDO-1                                                                                    89C3C4C0
Device          \FileSystem\MRxSmb \Device\LanmanDatagramReceiver                                                                   895281F8
Device          \Driver\usbohci \Device\USBFDO-2                                                                                    89C3C4C0
Device                                                                                                                              895281F8
Device          \Driver\usbohci \Device\USBFDO-3                                                                                    89C3C4C0
Device          \Driver\sptd \Device\3559976778                                                                                     spgn.sys
Device          \Driver\usbohci \Device\USBFDO-4                                                                                    89C3C4C0
Device          \Driver\Ftdisk \Device\FtControl                                                                                    89D021F8
Device          \Driver\usbehci \Device\USBFDO-5                                                                                    89C3A500
Device          \Driver\ax80f54x \Device\Scsi\ax80f54x1Port3Path0Target0Lun0                                                        899FD1F8
Device          \Driver\ahcix86 \Device\Scsi\ahcix861Port2Path0Target0Lun0                                                          89D011F8
Device          \Driver\ahcix86 \Device\Scsi\ahcix861                                                                               89D011F8
Device          \Driver\ax80f54x \Device\Scsi\ax80f54x1                                                                             899FD1F8
Device          \Driver\ahcix86 \Device\Scsi\ahcix861Port2Path0Target10Lun0                                                         89D011F8
Device                                                                                                                              rdpdr.sys
Device                                                                                                                              AACA8297

AttachedDevice                                                                                                                      fltMgr.sys
AttachedDevice                                                                                                                      SYMEVENT.SYS

Device          \FileSystem\Fs_Rec \FileSystem\UdfsCdRomRecognizer                                                                  tfsnifs.sys
Device          \FileSystem\Fs_Rec \FileSystem\FatCdRomRecognizer                                                                   tfsnifs.sys
Device          \FileSystem\Fs_Rec \FileSystem\CdfsRecognizer                                                                       tfsnifs.sys
Device          \FileSystem\Fs_Rec \FileSystem\FatDiskRecognizer                                                                    tfsnifs.sys
Device          \FileSystem\Fs_Rec \FileSystem\UdfsDiskRecognizer                                                                   tfsnifs.sys
Device          \FileSystem\Cdfs \Cdfs                                                                                              89C35500
Device          \FileSystem\Cdfs \Cdfs                                                                                              tfsnifs.sys

---- Trace I/O - GMER 2.1 ----

Trace           ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x89d011f8]<<                                        89d011f8
Trace           1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x89caa030]                                                             89caa030
Trace           3 CLASSPNP.SYS[ba108fd7] -> nt!IofCallDriver -> \Device\0000008d[0x89bea920]                                        89bea920
Trace           5 ACPI.sys[b9e73620] -> nt!IofCallDriver -> \Device\Scsi\ahcix861Port2Path0Target0Lun0[0x89caba38]                  89caba38
Trace           \Driver\ahcix86[0x89d77168] -> IRP_MJ_CREATE -> 0x89d011f8                                                          89d011f8

---- Registry - GMER 2.1 ----

Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1                                                                  771343423
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2                                                                  285507792
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0                                                                  1
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC                                    
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0                                 C:\Program Files\DAEMON Tools Lite\
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0                                 0x00 0x00 0x00 0x00 ...
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                 0
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                              0x49 0xFA 0xF0 0x54 ...
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001                           
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0                        0x20 0x01 0x00 0x00 ...
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12                     0xB4 0x31 0x78 0x24 ...
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0                      
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12                0x9A 0x09 0xF0 0xD4 ...
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)                
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0                                     C:\Program Files\DAEMON Tools Lite\
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0                                     0x00 0x00 0x00 0x00 ...
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                     0
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                                  0x49 0xFA 0xF0 0x54 ...
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)       
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0                            0x20 0x01 0x00 0x00 ...
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12                         0xB4 0x31 0x78 0x24 ...
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)  
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12                    0x9A 0x09 0xF0 0xD4 ...

---- EOF - GMER 2.1 ----

[/log]

Dodaje w zalaczniku RSIT, bo gdzies mi zginal przy wklejaniu do pierwszego posta[attachment=27614:RSIT.txt]

Natsuki Kuga
komentarz
komentarz

1. Wykonaj ten skrypt w OTL (instrukcja: http://www.forumpc.pl/topic/277786-nieingerencyjne-narz%C4%99dzia-do-tworzenia-log%C3%B3w-systemowych/#entry1683607 ):


:OTL
IE - HKU\S-1-5-21-1409082233-879983540-1177238915-1007\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = http://www.daemon-search.com/search/web?q={searchTerms}
IE - HKU\S-1-5-21-1409082233-879983540-1177238915-1007\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2481032
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKU\S-1-5-21-1409082233-879983540-1177238915-1007\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()

:Files
C:\Program Files\DAEMON Tools Toolbar

:Reg
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdslTaskBar]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ALLUpdate]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenuEx]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell QuickSet]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dla]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateManager]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Bluetooth Manager.lnk]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^McAfee Security Scan Plus.lnk]

:Commands
[emptytemp]

Pokaż raport.

2. Użyj AdwCleaner z opcji Usuń. Pokaż raport.

3. Pokaż nowe logi z OTL(wraz z Extras).

 

elkas
komentarz
komentarz (edytowane)

Dziekuje za odpowiedz. Ponizej podaje :

Ad 1) raport z OTL
Ad 2) AdwCleaner raport
Ad 3) Nowe logi z OTL wraz z Extras

Ad1)

All processes killed
========== OTL ==========
Registry key HKEY_USERS\S-1-5-21-1409082233-879983540-1177238915-1007\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}\ not found.
Registry key HKEY_USERS\S-1-5-21-1409082233-879983540-1177238915-1007\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5CA3D70E-1895-11CF-8E15-001234567890}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5CA3D70E-1895-11CF-8E15-001234567890}\ deleted successfully.
C:\WINDOWS\system32\dla\tfswshx.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ deleted successfully.
C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll moved successfully.
Registry value HKEY_USERS\S-1-5-21-1409082233-879983540-1177238915-1007\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
File C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll not found.
========== FILES ==========
C:\Program Files\DAEMON Tools Toolbar\Resources folder moved successfully.
C:\Program Files\DAEMON Tools Toolbar folder moved successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdslTaskBar\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ALLUpdate\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenuEx\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell QuickSet\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dla\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateManager\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Bluetooth Manager.lnk\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^McAfee Security Scan Plus.lnk\ deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: Administrateur
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 25849794 bytes
->FireFox cache emptied: 5079863 bytes
->Flash cache emptied: 405 bytes
 
User: All Users
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: Lidia
->Temp folder emptied: 1556700039 bytes
->Temporary Internet Files folder emptied: 77120104 bytes
->Java cache emptied: 119213162 bytes
->Google Chrome cache emptied: 53434016 bytes
->Flash cache emptied: 2236524 bytes
 
User: LocalService
->Temp folder emptied: 116374 bytes
->Temporary Internet Files folder emptied: 1190502 bytes
 
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33237 bytes
 
User: temime
->Temp folder emptied: 1892 bytes
->Temporary Internet Files folder emptied: 752721 bytes
->FireFox cache emptied: 3087680 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2351795 bytes
%systemroot%\System32 .tmp files removed: 3072 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 890005847 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 631917655 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 3497786348 bytes
 
Total Files Cleaned = 6 549,00 mb
 
 
OTL by OldTimer - Version 3.2.69.0 log created on 11182013_000639

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Ad 2) 

# AdwCleaner v3.012 - Rapport créé le 18/11/2013 à 01:01:01
# Mis à jour le 11/11/2013 par Xplode
# Système d'exploitation : Microsoft Windows XP Service Pack 3 (32 bits)
# Nom d'utilisateur : Lidia - CHS03
# Exécuté depuis : D:\Documents and Settings\Lidia\Mes documents\Downloads\adwcleaner (2).exe
# Option : Nettoyer

***** [ Services ] *****


***** [ Fichiers / Dossiers ] *****

Dossier Supprimé : C:\Program Files\Conduit
[!] Dossier Supprimé : C:\Program Files\Reduc.fr
Dossier Supprimé : D:\Documents and Settings\Lidia\Local Settings\Application Data\Conduit
Dossier Supprimé : D:\Documents and Settings\Lidia\Application Data\pdfforge
Dossier Supprimé : D:\Documents and Settings\Lidia\Application Data\PriceGong
Dossier Supprimé : D:\Documents and Settings\temime\Application Data\Mozilla\Firefox\Profiles\i1zock1q.default\Extensions\7b4553ba-d3e5-4b63-bec8-018d1cca90dc@bd8786a4-394b-49ad-b4f6-594d03428448.com
Dossier Supprimé : D:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\tdr6uk73.default\Extensions\7b4553ba-d3e5-4b63-bec8-018d1cca90dc@bd8786a4-394b-49ad-b4f6-594d03428448.com
[!] Dossier Supprimé : D:\Documents and Settings\Lidia\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\idlnlhoajjambogmnkahaikfmhgfmiim

***** [ Raccourcis ] *****


***** [ Registre ] *****

Clé Supprimée : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj
Clé Supprimée : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj.1
Clé Supprimée : HKLM\SOFTWARE\14919ea49a8f3b4aa3cf1058d9a64cec
Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar.CT2481032
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220322012237}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366016637}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{3E288F79-03E4-4983-A48E-0D879B51FF19}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{27d8a2c7-81c9-45fd-8e60-034d8ac2ba24}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{29467817-1a6a-4b6c-876c-44e01710b308}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6bdd2a3b-ace3-4bf1-a0ad-af1323d9b06c}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{b33a7178-05ae-4b20-9a1c-341d68b0dd7c}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{efc1b39e-2953-43c4-ab0c-b058297fce4c}
Clé Supprimée : HKCU\Software\Conduit
Clé Supprimée : HKCU\Software\ConduitSearchScopes
Clé Supprimée : HKCU\Software\Cr_Installer
Clé Supprimée : HKCU\Software\installedbrowserextensions
Clé Supprimée : HKCU\Software\PriceGong
Clé Supprimée : HKCU\Software\smartbar
Clé Supprimée : HKCU\Software\YahooPartnerToolbar
Clé Supprimée : HKCU\Software\Reduc.fr
Clé Supprimée : HKCU\Software\AppDataLow\Software\Conduit
Clé Supprimée : HKLM\Software\Conduit
Clé Supprimée : HKLM\Software\Reduc.fr
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\daemon tools toolbar
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Reduc.fr
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\daemon tools toolbar
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Reduc.fr

***** [ Navigateurs ] *****

-\\ Internet Explorer v7.0.6000.21357


-\\ Google Chrome v31.0.1650.57

[ Fichier : D:\Documents and Settings\Lidia\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [4832 octets] - [17/11/2013 23:59:34]
AdwCleaner[R1].txt - [4238 octets] - [18/11/2013 00:36:52]
AdwCleaner[S0].txt - [4216 octets] - [18/11/2013 01:01:01]

########## EOF - D:\AdwCleaner\AdwCleaner[S0].txt - [4276 octets] ##########

Ad 3) 

logi OTL

 

OTL logfile created on: 18/11/2013 10:16:52 - Run 3
OTL by OldTimer - Version 3.2.69.0     Folder = D:\Documents and Settings\Lidia\Mes documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
 
1,87 Gb Total Physical Memory | 0,34 Gb Available Physical Memory | 18,30% Memory free
3,04 Gb Paging File | 1,76 Gb Available in Paging File | 57,82% Paging File free
Paging file location(s): C:\pagefile.sys 1344 2688 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 43,97 Gb Total Space | 24,90 Gb Free Space | 56,64% Space Free | Partition Type: NTFS
Drive D: | 67,73 Gb Total Space | 28,28 Gb Free Space | 41,76% Space Free | Partition Type: NTFS
 
Computer Name: CHS03 | User Name: Lidia | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2013/11/18 10:14:13 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Lidia\Mes documents\Downloads\OTL (1).exe
PRC - [2013/11/14 12:29:33 | 000,863,184 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2008/04/14 04:00:00 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/10/18 15:32:42 | 000,079,136 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
PRC - [2007/05/10 09:23:50 | 000,094,208 | ---- | M] (SigmaTel, Inc.) -- C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\stacsv.exe
PRC - [2007/02/20 11:24:34 | 000,475,136 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe
PRC - [2006/12/19 13:21:48 | 000,079,432 | ---- | M] (Broadcom Corporation) -- C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe
PRC - [2006/11/02 19:40:12 | 000,174,656 | ---- | M] () -- C:\Program Files\Fichiers communs\Protexis\License Service\PSIService.exe
PRC - [2005/12/27 08:18:34 | 001,778,320 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\Rtvscan.exe
PRC - [2005/12/27 08:16:42 | 000,020,112 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\DefWatch.exe
PRC - [2005/11/16 12:25:22 | 000,177,824 | ---- | M] (Symantec Corporation) -- C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
PRC - [2005/11/16 12:24:10 | 000,186,016 | ---- | M] (Symantec Corporation) -- C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
PRC - [2004/08/26 10:56:08 | 000,044,032 | ---- | M] (DameWare Development) -- C:\WINDOWS\system32\DWRCST.EXE
PRC - [2004/08/26 10:55:26 | 000,205,312 | ---- | M] (DameWare Development LLC) -- C:\WINDOWS\system32\DWRCS.EXE
PRC - [2003/06/19 22:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2013/11/14 12:29:31 | 000,399,312 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\31.0.1650.57\ppgooglenaclpluginchrome.dll
MOD - [2013/11/14 12:29:30 | 013,582,800 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\31.0.1650.57\PepperFlash\pepflashplayer.dll
MOD - [2013/11/14 12:29:29 | 004,055,504 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\31.0.1650.57\pdf.dll
MOD - [2013/11/14 12:28:34 | 001,619,408 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\31.0.1650.57\ffmpegsumo.dll
MOD - [2009/02/10 23:04:25 | 000,077,824 | R--- | M] () -- C:\WINDOWS\system32\sasperf.dll
MOD - [2008/06/02 10:42:40 | 000,753,664 | ---- | M] () -- C:\WINDOWS\system32\bcm1xsup.dll
MOD - [2008/04/14 04:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2006/11/02 19:40:12 | 000,174,656 | ---- | M] () -- C:\Program Files\Fichiers communs\Protexis\License Service\PSIService.exe
MOD - [2004/07/20 16:04:02 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\TosBtHcrpAPI.dll
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV - [2013/10/22 13:42:54 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/09/05 10:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2007/11/15 12:43:04 | 000,382,248 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe -- (NMIndexingService)
SRV - [2007/10/18 15:32:42 | 000,079,136 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2007/05/10 09:23:50 | 000,094,208 | ---- | M] (SigmaTel, Inc.) [Auto | Running] -- C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\stacsv.exe -- (STacSV)
SRV - [2007/02/20 11:24:34 | 000,475,136 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe -- (NICCONFIGSVC)
SRV - [2006/12/19 13:21:48 | 000,079,432 | ---- | M] (Broadcom Corporation) [Auto | Running] -- C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe -- (ASFIPmon)
SRV - [2006/11/02 19:40:12 | 000,174,656 | ---- | M] () [Auto | Running] -- C:\Program Files\Fichiers communs\Protexis\License Service\PSIService.exe -- (ProtexisLicensing)
SRV - [2006/10/26 13:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2005/12/27 08:19:12 | 000,172,176 | ---- | M] (symantec) [On_Demand | Stopped] -- C:\Program Files\Symantec AntiVirus\SavRoam.exe -- (SavRoam)
SRV - [2005/12/27 08:18:34 | 001,778,320 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec AntiVirus\Rtvscan.exe -- (Symantec AntiVirus)
SRV - [2005/12/27 08:16:42 | 000,020,112 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec AntiVirus\DefWatch.exe -- (DefWatch)
SRV - [2005/11/16 12:25:22 | 000,177,824 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe -- (ccSetMgr)
SRV - [2005/11/16 12:24:58 | 000,083,616 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe -- (ccPwdSvc)
SRV - [2005/11/16 12:24:10 | 000,186,016 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe -- (ccEvtMgr)
SRV - [2005/10/19 16:39:34 | 000,214,672 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe -- (SNDSrvc)
SRV - [2005/03/30 20:48:22 | 000,992,864 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe -- (SPBBCSvc)
SRV - [2004/08/26 10:55:26 | 000,205,312 | ---- | M] (DameWare Development LLC) [Auto | Running] -- C:\WINDOWS\system32\DWRCS.EXE -- (DWMRCS)
SRV - [2003/06/19 22:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\PCAMPR5.SYS -- (PCAMPR5)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - File not found [Kernel | System | Stopped] -- system32\DRIVERS\AmdK8.sys -- (AmdK8)
DRV - File not found [Kernel | On_Demand | Unknown] --  -- (am6ilz8y)
DRV - [2013/06/17 09:00:00 | 001,611,992 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Fichiers communs\Symantec Shared\VirusDefs\20130708.002\NAVEX15.SYS -- (NAVEX15)
DRV - [2013/06/17 09:00:00 | 000,093,272 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Fichiers communs\Symantec Shared\VirusDefs\20130708.002\NAVENG.SYS -- (NAVENG)
DRV - [2013/04/15 10:09:06 | 000,106,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2012/08/01 01:34:45 | 000,376,480 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010/05/13 15:12:44 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2008/09/19 15:43:11 | 000,119,808 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\ahcix86.sys -- (ahcix86)
DRV - [2008/06/02 10:42:52 | 001,287,552 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2007/08/02 16:35:12 | 000,989,952 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2007/08/02 16:34:30 | 000,211,200 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2007/08/02 16:34:26 | 000,731,136 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2007/07/27 22:30:26 | 002,371,584 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2007/05/10 09:24:34 | 001,222,840 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2007/04/23 15:39:00 | 000,113,920 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosrfbd.sys -- (tosrfbd)
DRV - [2007/04/16 20:46:00 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdPPM.sys -- (AmdPPM)
DRV - [2007/04/10 19:29:42 | 000,041,856 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosrfusb.sys -- (Tosrfusb)
DRV - [2007/02/17 20:00:42 | 000,132,608 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2007/02/16 14:46:00 | 000,160,256 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2007/01/16 09:22:00 | 000,031,744 | ---- | M] (CSR, plc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\csrbcxp.sys -- (CSRBC)
DRV - [2006/12/19 13:21:52 | 000,010,480 | ---- | M] (Broadcom Corporation) [Kernel | Auto | Running] -- C:\Program Files\Broadcom\ASFIPMon\BASFND.sys -- (BASFND)
DRV - [2006/11/20 16:55:16 | 000,036,480 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosrfbnp.sys -- (tosrfbnp)
DRV - [2006/10/10 18:33:00 | 000,041,600 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosporte.sys -- (tosporte)
DRV - [2006/10/05 15:07:46 | 000,073,600 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Tosrfhid.sys -- (Tosrfhid)
DRV - [2006/05/25 16:28:44 | 000,684,265 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\torususb.sys -- (TaurusUsb)
DRV - [2005/11/19 02:13:18 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PCASp50.sys -- (PCASp50)
DRV - [2005/10/19 16:39:04 | 000,195,728 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\symtdi.sys -- (SYMTDI)
DRV - [2005/10/19 16:38:58 | 000,024,720 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\symredrv.sys -- (SYMREDRV)
DRV - [2005/09/16 23:20:06 | 000,108,168 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Symantec\SYMEVENT.SYS -- (SymEvent)
DRV - [2005/08/26 13:22:50 | 000,053,896 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Symantec AntiVirus\Savrtpel.sys -- (SAVRTPEL)
DRV - [2005/08/26 13:22:48 | 000,334,984 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Symantec AntiVirus\savrt.sys -- (SAVRT)
DRV - [2005/08/12 15:50:46 | 000,016,128 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\APPDRV.SYS -- (APPDRV)
DRV - [2005/08/01 15:45:00 | 000,064,896 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2005/03/30 20:48:20 | 000,372,832 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2005/01/06 12:42:00 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosrfnds.sys -- (tosrfnds)
DRV - [2003/08/12 15:51:00 | 000,060,255 | R--- | M] (STMicroelectronics              ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\stmatm.sys -- (Stmatm)
DRV - [2003/08/04 12:22:44 | 000,016,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\PCANDIS5.SYS -- (PCANDIS5)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-21-1409082233-879983540-1177238915-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02
IE - HKU\S-1-5-21-1409082233-879983540-1177238915-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://home.microsoft.com/access/allinone.asp
IE - HKU\S-1-5-21-1409082233-879983540-1177238915-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.radioplus.pl/
IE - HKU\S-1-5-21-1409082233-879983540-1177238915-1007\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-21-1409082233-879983540-1177238915-1007\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\S-1-5-21-1409082233-879983540-1177238915-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.669: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.669: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.669: D:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.669: D:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.669: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.11: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: D:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/11/01 18:25:45 | 000,000,000 | ---D | M]
 
[2013/05/25 22:27:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/05/25 22:27:36 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/01/28 20:46:54 | 000,307,200 | ---- | M] (ESKA) -- C:\Program Files\mozilla firefox\plugins\npOggX.dll
[1999/12/31 16:00:00 | 000,167,704 | ---- | M] (Tracker Software Products Ltd.) -- C:\Program Files\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.radioplus.pl/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\31.0.1650.57\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\31.0.1650.57\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java(TM) Platform SE 6 U15 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np32dsw.dll
CHR - plugin: Java Deployment Toolkit 6.0.150.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdivx32.dll
CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL
CHR - plugin: Ogg Player Gecko Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npOggX.dll
CHR - plugin: PDF-XChange Viewer (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npPDFXCviewNPPlugin.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)  (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility for IJ (Enabled) = C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll
CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit)  (Enabled) = D:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit)  (Enabled) = D:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - Extension: Youtube Video Downloader = D:\Documents and Settings\Lidia\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ajcdokmfhjckfhjdgjhdcjpmjgnihkad\1.3_0\
CHR - Extension: Google Docs = D:\Documents and Settings\Lidia\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = D:\Documents and Settings\Lidia\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = D:\Documents and Settings\Lidia\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = D:\Documents and Settings\Lidia\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = D:\Documents and Settings\Lidia\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: Google Wallet = D:\Documents and Settings\Lidia\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\
CHR - Extension: Gmail = D:\Documents and Settings\Lidia\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2008/04/14 04:00:00 | 000,000,790 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - D:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKU\S-1-5-21-1409082233-879983540-1177238915-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95 00 00 00  [binary data]
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.microsoft.com/download/e/4/9/e494c802-dd90-4c6b-a074-469358f075a6/OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1224574176578 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} http://office.microsoft.com/officeupdate/content/opuc4.cab (Office Update Installation Engine)
O16 - DPF: {CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_12-windows-i586.cab (Java Plug-in 1.5.0_12)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DF8E5EAD-5904-4254-ABFE-C11B6503BBBE}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Fichiers communs\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\NavLogon: DllName - (C:\WINDOWS\system32\NavLogon.dll) - C:\WINDOWS\system32\NavLogon.dll (Symantec Corporation)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: D:\Documents and Settings\Lidia\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: D:\Documents and Settings\Lidia\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/10/20 13:37:24 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2013/10/29 11:01:53 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\GroupPolicy
[2013/10/24 22:28:46 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013/10/24 22:28:45 | 000,000,000 | ---D | C] -- C:\rsit
[2009/05/21 14:02:09 | 136,095,169 | ---- | C] (RCOM and RExcel team                                        ) -- C:\Program Files\RAndFriendsLightSetup2081V3.0-10-1.exe
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2013/11/18 10:37:31 | 000,001,054 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/11/18 10:35:16 | 000,001,002 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/11/18 10:01:39 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/11/18 10:00:34 | 000,001,050 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/11/18 10:00:33 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1409082233-879983540-1177238915-1007.job
[2013/11/18 09:59:41 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/11/18 00:07:12 | 000,512,916 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2013/11/18 00:07:12 | 000,085,740 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2013/11/18 00:07:11 | 000,443,676 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/11/18 00:07:11 | 000,072,274 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/11/17 23:48:57 | 000,001,699 | ---- | M] () -- D:\Documents and Settings\All Users\Bureau\Google Chrome.lnk
[2013/11/06 15:17:00 | 000,002,175 | ---- | M] () -- D:\Documents and Settings\All Users\Bureau\Skype.lnk
[2013/10/30 10:09:01 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1409082233-879983540-1177238915-1007.job
[2013/10/29 16:30:34 | 002,154,497 | ---- | M] () -- D:\Documents and Settings\Lidia\Bureau\LSC_d_pliant_4_volets_2013__3_.pdf
[2013/10/29 11:05:40 | 000,000,438 | RHS- | M] () -- D:\Documents and Settings\All Users\ntuser.pol
[2013/10/28 12:52:50 | 000,320,632 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/10/28 11:59:15 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013/10/23 14:30:25 | 000,000,299 | ---- | M] () -- D:\Documents and Settings\Lidia\Bureau\Raccourci vers lidiia (D).lnk
[2013/10/22 22:55:14 | 000,000,027 | ---- | M] () -- C:\WINDOWS\ecowin.ini
[2013/10/22 21:21:15 | 000,000,224 | -HS- | M] () -- C:\boot.ini
[2013/10/22 13:42:50 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013/10/22 13:42:50 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2013/10/29 16:23:53 | 002,154,497 | ---- | C] () -- D:\Documents and Settings\Lidia\Bureau\LSC_d_pliant_4_volets_2013__3_.pdf
[2013/10/29 11:05:40 | 000,000,438 | RHS- | C] () -- D:\Documents and Settings\All Users\ntuser.pol
[2013/10/23 14:30:25 | 000,000,299 | ---- | C] () -- D:\Documents and Settings\Lidia\Bureau\Raccourci vers lidiia (D).lnk
[2013/09/28 10:35:02 | 000,002,148 | ---- | C] () -- D:\Documents and Settings\Lidia\.recently-used.xbel
[2013/09/27 23:12:26 | 000,054,016 | ---- | C] () -- C:\WINDOWS\System32\drivers\fwvotf.sys
[2013/06/24 21:19:28 | 000,000,128 | ---- | C] () -- D:\Documents and Settings\Lidia\Local Settings\Application Data\fusioncache.dat
[2012/02/16 12:09:10 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/02/14 10:35:08 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2011/12/22 20:26:33 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/10/30 17:37:46 | 000,000,068 | ---- | C] () -- D:\Documents and Settings\Lidia\_EFI_10303_18_629
[2010/07/31 23:25:09 | 007,739,916 | ---- | C] () -- D:\Documents and Settings\Lidia\jfreechart-1.0.13.zip
[2010/03/21 18:37:40 | 000,000,000 | ---- | C] () -- D:\Documents and Settings\Lidia\convert
[2009/07/18 22:02:51 | 000,002,984 | -HS- | C] () -- D:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys
[2009/07/18 22:02:51 | 000,000,088 | RHS- | C] () -- D:\Documents and Settings\All Users\Application Data\641557BF6B.sys
[2008/12/12 11:55:58 | 000,000,126 | ---- | C] () -- D:\Documents and Settings\Lidia\beanbowlSettings.ser
[2008/12/05 16:10:12 | 000,018,432 | ---- | C] () -- D:\Documents and Settings\Lidia\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2008/10/21 08:39:48 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 04:00:00 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 11:53:55 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 04:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2008/10/21 14:03:16 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Administrateur\Application Data\OfficeUpdate12
[2008/10/21 13:34:26 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Administrateur\Application Data\Thunderbird
[2008/10/23 17:13:29 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Administrateur\Application Data\Wave Systems Corp
[2011/12/29 21:23:27 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\ashampoo
[2012/08/20 11:51:25 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Canon IJ Network Tool
[2012/08/20 11:22:55 | 000,000,000 | -H-D | M] -- D:\Documents and Settings\All Users\Application Data\CanonBJ
[2012/08/20 12:56:42 | 000,000,000 | -H-D | M] -- D:\Documents and Settings\All Users\Application Data\CanonEPP
[2012/08/31 20:58:59 | 000,000,000 | -H-D | M] -- D:\Documents and Settings\All Users\Application Data\CanonIJEGV
[2012/08/20 12:56:42 | 000,000,000 | -H-D | M] -- D:\Documents and Settings\All Users\Application Data\CanonIJEPPEX2
[2012/09/12 07:19:31 | 000,000,000 | -H-D | M] -- D:\Documents and Settings\All Users\Application Data\CanonIJScan
[2012/08/20 11:28:25 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\CanonIJWSpt
[2010/05/13 15:12:20 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2012/06/07 21:43:49 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\InstallMate
[2010/05/13 19:49:41 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\SAS
[2011/01/14 22:22:50 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Tlen.pl
[2008/10/23 18:17:34 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Wave Systems Corp
[2012/06/07 21:33:07 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Lidia\Application Data\aerix
[2011/12/29 21:25:18 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Lidia\Application Data\Ashampoo
[2012/09/12 07:19:31 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Lidia\Application Data\Canon
[2010/05/13 16:09:32 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Lidia\Application Data\DAEMON Tools Lite
[2013/11/10 23:17:42 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Lidia\Application Data\Dropbox
[2013/11/12 22:24:52 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Lidia\Application Data\EndNote
[2013/09/28 10:35:03 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Lidia\Application Data\gtk-2.0
[2009/02/10 14:17:55 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Lidia\Application Data\Leadertech
[2013/06/24 21:57:02 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Lidia\Application Data\PDF Architect
[2010/05/13 20:29:29 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Lidia\Application Data\SAS
[2008/12/08 15:25:24 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Lidia\Application Data\Subversion
[2013/11/10 22:50:10 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Lidia\Application Data\Tinn-R
[2012/08/15 19:28:33 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Lidia\Application Data\WinEdt
[2013/08/21 06:36:55 | 000,000,000 | ---D | M] -- D:\Documents and Settings\temime\Application Data\Canon
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 160 bytes -> D:\Documents and Settings\Lidia\Bureau\DSCF3190.JPG:com.dropbox.attributes

< End of report >

Ad 3) 
Extras

 

OTL Extras logfile created on: 18/11/2013 10:16:52 - Run 3
OTL by OldTimer - Version 3.2.69.0     Folder = D:\Documents and Settings\Lidia\Mes documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
 
1,87 Gb Total Physical Memory | 0,34 Gb Available Physical Memory | 18,30% Memory free
3,04 Gb Paging File | 1,76 Gb Available in Paging File | 57,82% Paging File free
Paging file location(s): C:\pagefile.sys 1344 2688 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 43,97 Gb Total Space | 24,90 Gb Free Space | 56,64% Space Free | Partition Type: NTFS
Drive D: | 67,73 Gb Total Space | 28,28 Gb Free Space | 41,76% Space Free | Partition Type: NTFS
 
Computer Name: CHS03 | User Name: Lidia | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== File Associations ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
 
[HKEY_USERS\S-1-5-21-1409082233-879983540-1177238915-1007\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
[color=#E56717]========== Shell Spawning ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[color=#E56717]========== Security Center Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
[color=#E56717]========== System Restore Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
[color=#E56717]========== Firewall Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"6129:TCP" = 6129:TCP:*:Enabled:dameware
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009
 
[color=#E56717]========== Authorized Applications List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"E:\Temp\InstEng\Setup.exe" = E:\Temp\InstEng\Setup.exe:*:Enabled:Hewlett-Packard Installer
"D:\Eclipse\eclipse\eclipse.exe" = D:\Eclipse\eclipse\eclipse.exe:*:Enabled:eclipse -- ()
"C:\Program Files\Real\RealPlayer\realplay.exe" = C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer -- (RealNetworks, Inc.)
"D:\Documents and Settings\Lidia\Bureau\Lidia\Tlen.pl\tlen.exe" = D:\Documents and Settings\Lidia\Bureau\Lidia\Tlen.pl\tlen.exe:*:Enabled:Komunikator Tlen.pl
"C:\Program Files\Skype\Plugin Manager\skypePM.exe" = C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager
"D:\Documents and Settings\Lidia\Application Data\Dropbox\bin\Dropbox.exe" = D:\Documents and Settings\Lidia\Application Data\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox -- (Dropbox, Inc.)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
 
 
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{63218538-4A69-497F-8455-904261B0E9E4}" = CorelDRAW Graphics Suite X3
"_{CE2DA11A-917F-4CF5-AB55-755EC115DD10}" = CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{09DA4F91-2A09-4232-AB8C-6BC740096DE3}" = Sonic Update Manager
"{108FAA6F-DEEE-48EA-B3A9-1C5EB2605A6B}" = PL
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3100_series" = Canon MG3100 series MP Drivers
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 15
"{27E25625-DB51-42E6-BEB7-0C8DC878770C}" = Broadcom ASF Management Applications
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2CC667CD-2234-4774-A536-2757606A1036}" = Nero 8 Essentials
"{3248F0A8-6813-11D6-A77B-00B0D0150120}" = J2SE Runtime Environment 5.0 Update 12
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{3F7924B9-D148-3141-87B1-68F36043A940}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - FRA
"{42929F0F-CE14-47AF-9FC7-FF297A603021}" = Dell Resource CD
"{46B63F23-2B4A-4525-A827-688026BE5E40}" = Symantec AntiVirus
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.9
"{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}" = FontNav
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{59046D29-2E6B-4224-BF0D-64F3E7A93F7B}" = LightScribe System Software  1.10.19.1
"{63218538-4A69-497F-8455-904261B0E9E4}" = CorelDRAW Graphics Suite X3
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{821D6F49-1B20-4809-8C73-286CFC52B1B1}" = Samsung Auto Backup
"{87F7773C-EC9C-461A-AA7B-4AF8EF54DF49}" = EndNote X1
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8BFD0EC9-696E-4289-AC37-0D2CFA074525}" = PowerArchiver 2007 French
"{9011040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-040C-0000-0000000FF1CE}" = Module de compatibilité pour Microsoft Office System 2007
"{90120000-00D1-0409-0000-0000000FF1CE}" = Microsoft Office Access database engine 2007 (English)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = Sonic RecordNow! Plus
"{9A394342-4A68-4EBA-85A6-55B559F4E700}" = Microsoft .NET Framework 1.1 French Language Pack
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1" = PDF-Viewer
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A654A805-41D9-40C7-AA46-4AF04F044D61}" = Adobe® Photoshop® Album Edition Découverte 3.2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1036-7B44-A95000000001}" = Adobe Reader 9.5.1 - Français
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C5074CC4-0E26-4716-A307-960272A90040}" = QuickSet
"{C75DE0DF-F494-469D-ADFC-055EA3A91BD5}" = SAS Enterprise Guide 4.2
"{C94E45B0-6AA6-4FB9-9AAE-22085F631880}" = VBA
"{C99C0593-3B48-41D9-B42F-6E035B320449}" = Broadcom Management Programs
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE2DA11A-917F-4CF5-AB55-755EC115DD10}" = CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{D3B3B9B2-FE73-44CB-8C0A-F737D92F991B}" = Broadcom Gigabit Integrated Controller
"{D642E38E-0D24-486C-9A2D-E316DD696F4B}" = Microsoft XML Parser
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}" = Update Manager
"{F9390B82-786C-43CF-A970-D39E23EF0366}" = SAS 9.2
"1abeacb405bef0af213c9c087d8ab06c" = SAS 9.2 Formats Library for Teradata
"1d8476e4fcca11dab0f6f685d746a93a" = SAS/SECURE Java 9.2
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"Adobe® Photoshop® Album Edition Découverte 3.2" = Adobe® Photoshop® Album Edition Découverte 3.2
"All ATI Software" = ATI - Utilitaire de désinstallation du logiciel
"ALLPlayer V3.6.6.5_is1" = ALLPlayer V3.X
"Ashampoo Burning Studio Elements_is1" = Ashampoo Burning Studio Elements 10.0.9
"ATI Display Driver" = ATI Display Driver
"Broadcom 802.11b Network Adapter" = Utilitaire de la carte réseau local sans fil Wireless de Dell
"Canon MG3100 series On-screen Manual" = Canon MG3100 series On-screen Manual
"Canon_IJ_Network_Scanner_Selector_EX" = Canon IJ Network Scanner Selector EX
"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenuEX" = Canon Solution Menu EX
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2C06&SUBSYS_14F1000F" = Conexant HDA D330 MDC V.92 Modem
"d512c678901db9d321c85ecf7c30ae2e" = SAS Deployment Tester - Client 1.3
"Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX
"Enregistrement utilisateur de Canon MG3100 series" = Enregistrement utilisateur de Canon MG3100 series
"febb569a337f725f5f8607711f665d3b" = SAS Versioned Jar Repository 9.2
"Google Chrome" = Google Chrome
"GPL Ghostscript 8.70" = GPL Ghostscript 8.70
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ImageMagick 6.6.0 Q16_is1" = ImageMagick 6.6.0-7 Q16 (2010-03-15)
"IrfanView" = IrfanView (remove only)
"ISI ResearchSoft - Export Helper" = ISI ResearchSoft - Export Helper
"LiveUpdate" = LiveUpdate 2.6 (Symantec Corporation)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Mendeley Desktop" = Mendeley Desktop 1.7.1
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MiKTeX 2.8" = MiKTeX 2.8
"MP Navigator EX 5.0" = Canon MP Navigator EX 5.0
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Protege 4.1 beta" = Protege 4.1 beta
"R for Windows 2.8.0_is1" = R for Windows 2.8.0
"R for Windows 2.8.1_is1" = R for Windows 2.8.1
"RAndExcelWorkbooks_is1" = R and Excel Workbooks
"RealPlayer 12.0" = RealPlayer
"Repast" = Repast 3.1
"RExcel_is1" = RExcel
"SecureW2 Client" = SecureW2 Client 3.1.2
"StmAdsl" = ADSL Modem
"Tinn-R_is1" = Tinn-R 1.19.4.7
"VLC media player" = VLC media player 1.1.11
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Lecteur Windows Media 11
"WinEdt_is1" = WinEdt
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinRAR archiver" = Archiveur WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
 
[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]
 
[HKEY_USERS\S-1-5-21-1409082233-879983540-1177238915-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
 
[color=#E56717]========== Last 20 Event Log Errors ==========[/color]
 
[ Application Events ]
Error - 22/10/2013 09:34:08 | Computer Name = CHS03 | Source = Application Hang | ID = 1002
Description = Application bloquée Skype.exe, version 6.7.0.102, module bloqué hungapp,
 version 0.0.0.0, adresse de blocage 0x00000000.
 
Error - 22/10/2013 09:34:33 | Computer Name = CHS03 | Source = Application Hang | ID = 1002
Description = Application bloquée Skype.exe, version 6.7.0.102, module bloqué hungapp,
 version 0.0.0.0, adresse de blocage 0x00000000.
 
Error - 22/10/2013 09:34:39 | Computer Name = CHS03 | Source = Application Hang | ID = 1002
Description = Application bloquée Skype.exe, version 6.7.0.102, module bloqué hungapp,
 version 0.0.0.0, adresse de blocage 0x00000000.
 
Error - 23/10/2013 09:35:19 | Computer Name = CHS03 | Source = Application Hang | ID = 1002
Description = Application bloquée Skype.exe, version 6.7.0.102, module bloqué hungapp,
 version 0.0.0.0, adresse de blocage 0x00000000.
 
Error - 15/11/2013 17:27:27 | Computer Name = CHS03 | Source = Broadcom ASF IP and SMBIOS Mailbox Monitor | ID = 0
Description = 
 
Error - 17/11/2013 11:41:54 | Computer Name = CHS03 | Source = Broadcom ASF IP and SMBIOS Mailbox Monitor | ID = 0
Description = 
 
[ System Events ]
Error - 17/11/2013 19:06:57 | Computer Name = CHS03 | Source = Service Control Manager | ID = 7034
Description = Le service Broadcom ASF IP and SMBIOS Mailbox Monitor s'est terminé
 de façon inattendue pour la 1ème fois.
 
Error - 17/11/2013 19:06:58 | Computer Name = CHS03 | Source = Service Control Manager | ID = 7034
Description = Le service Symantec AntiVirus Definition Watcher s'est terminé de 
façon inattendue pour la 1ème fois.
 
Error - 17/11/2013 19:06:58 | Computer Name = CHS03 | Source = Service Control Manager | ID = 7034
Description = Le service DameWare Mini Remote Control s'est terminé de façon inattendue
 pour la 1ème fois.
 
Error - 17/11/2013 19:06:59 | Computer Name = CHS03 | Source = Service Control Manager | ID = 7034
Description = Le service Java Quick Starter s'est terminé de façon inattendue pour
 la 1ème fois.
 
Error - 17/11/2013 19:06:59 | Computer Name = CHS03 | Source = Service Control Manager | ID = 7034
Description = Le service LightScribeService Direct Disc Labeling Service s'est terminé
 de façon inattendue pour la 1ème fois.
 
Error - 17/11/2013 19:06:59 | Computer Name = CHS03 | Source = Service Control Manager | ID = 7034
Description = Le service Machine Debug Manager s'est terminé de façon inattendue
 pour la 1ème fois.
 
Error - 17/11/2013 19:07:00 | Computer Name = CHS03 | Source = Service Control Manager | ID = 7034
Description = Le service Nero BackItUp Scheduler 3 s'est terminé de façon inattendue
 pour la 1ème fois.
 
Error - 17/11/2013 19:07:01 | Computer Name = CHS03 | Source = Service Control Manager | ID = 7034
Description = Le service NICCONFIGSVC s'est terminé de façon inattendue pour la 
1ème fois.
 
Error - 17/11/2013 19:07:02 | Computer Name = CHS03 | Source = Service Control Manager | ID = 7034
Description = Le service ProtexisLicensing s'est terminé de façon inattendue pour
 la 1ème fois.
 
Error - 17/11/2013 19:07:03 | Computer Name = CHS03 | Source = Service Control Manager | ID = 7034
Description = Le service SigmaTel Audio Service s'est terminé de façon inattendue
 pour la 1ème fois.
 
 
< End of report >

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.