[OK]Besoin d'aide

Sécurité et insécurité. Virus, Trojans, Spywares, Failles etc. …

Modérateur: Modérateurs et Modératrices

Règles du forum
Assiste.com a suspendu l'assistance à la décontamination après presque 15 ans sur l'ancien forum puis celui-ci. Voir :

Procédure de décontamination 1 - Anti-malware
Décontamination anti-malwares

Procédure de décontamination 2 - Anti-malware et antivirus (La Manip)
La Manip - Procédure standard de décontamination

Entretien périodique d'un PC sous Windows
Entretien périodique d'un PC sous Windows

Protection des navigateurs, de la navigation et de la vie privée
Protéger le navigateur, la navigation et la vie privée

Messagede nickW » 09 Déc 2009, 01:56

Bonsoir,

Le 24/11/2009, tu as installé Nero ... peut-être en utilisant un crack/keygen. :?:


Premiers nettoyages, recherche de processus caché:

Au vu de la longueur de la procédure, je te conseille de l'imprimer, ou d'en sélectionner toutes les lignes puis de copier cette sélection dans un fichier texte sur ton PC (Note: tu n'auras pas accès à Internet ni aux navigateurs, et des redémarrages sont possibles).
Il faut exécuter toutes les étapes, sans interruption, dans l'ordre exact indiqué ci-dessous.
Si un élément te paraît obscur, demande des explications avant de commencer la désinfection.


Note: Ces manips doivent être effectuées en ayant ouvert une session avec les "droits Administrateur" (ne pas utiliser le profil utilisateur nommé "Administrateur" visible en mode sans échec)


Étape 1: ERUNT (de Lars Hederer): sauvegarde du Registre
Télécharger ERUNT depuis la page: http://www.larshederer.homepage.t-online.de/erunt/
Sous Download ERUNT:, télécharger erunt-setup.exe
Télécharger également le fichier de langue française: sous French télécharger le fichier erunt-loc_fr.zip

Installer ERUNT en faisant un double clic sur erunt-setup.exe
Décompresser l'archive erunt-loc_fr.zip (sous XP, clic droit puis Extraire tout) et placer les fichiers extraits dans le dossier d'installation de ERUNT.

Lancer ERUNT par un double clic sur ERUNT.EXE
Sur le message de Bienvenue, cliquer sur OK
Dans la fenêtre intitulée "ERU pour Windows NT", cocher toutes les options de sauvegarde (Registre système, Registre utilisateur courant et Autres registres utilisateur)
Cliquer ensuite sur OK
Accepter la création du dossier (dans le dossier Windows\ERDNT\) en cliquant sur Oui.
Attendre la fin de la sauvegarde, signalée par le message "Sauvegarde du registre effectuée", et cliquer sur OK.


Étape 2: Gmer
Télécharger le programme exécutable (fichier .exe) depuis la page http://www.gmer.net/files.php
Cliquer sur le bouton Download EXE.
Enregistrer le fichier à la racine du disque système (généralement C: ) en notant son nom (qui est aléatoire).


Étape 3: OTL (de OldTimer), nettoyage
Ouvrir une fenêtre du Bloc-notes, via Démarrer---->Exécuter, taper notepad puis cliquer sur OK
Sélectionner toutes les lignes de la zone blanche située sous "Code:" ci-dessous, puis appuyer simultanément sur les touches Ctrl et C

Code: Tout sélectionner
rien

:otl
O2 - BHO: (no name) - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - No CLSID value found.
O3 - HKU\S-1-5-21-1770633121-2185212140-2792175243-1007\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-21-1770633121-2185212140-2792175243-1007\..\Toolbar\ShellBrowser: (no name) - {ECDEE021-0D17-467F-A1FF-C7A115230949} - No CLSID value found.
O3 - HKU\S-1-5-21-1770633121-2185212140-2792175243-1007\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab (Reg Error: Key error.)
O33 - MountPoints2\{04ce4956-de82-11da-80bd-0013d43f8306}\Shell\Open(0)\command - "" = H:\Recycled\ctfmon.exe -- File not found
O33 - MountPoints2\{05558724-e297-11da-80c1-0013d43f8306}\Shell - "" = AutoRun
O33 - MountPoints2\{05558724-e297-11da-80c1-0013d43f8306}\Shell\AutoRun\command - "" = L:\load.exe -- File not found
O33 - MountPoints2\{4799e98f-3d81-11db-8165-0013d43f8306}\Shell - "" = AutoRun
O33 - MountPoints2\{8e5df0df-d720-11dc-b218-0013d43f8306}\Shell\Open(0)\command - "" = H:\Recycled\ctfmon.exe -- File not found
O33 - MountPoints2\{baa59ac6-f012-11da-80e0-0013d43f8306}\Shell - "" = AutoRun
@Alternate Data Stream - 133 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:05EE1EEF
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:EEE39B00

:Commands
[emptytemp]



Retourner dans la fenêtre du Bloc-notes, faire un clic droit dans la fenêtre et choisir Coller
Vérifier dans le menu Format (en haut) que "Retour automatique à ligne" n'est pas actif (pas coché).
Enregistrer le fichier sous le nom OTL-1.txt
Fermer le Bloc-notes.
Note: Les lignes de la zone Code ci-dessus ont été créées exclusivement pour CET utilisateur: Zoom62.
si vous n'êtes pas CET utilisateur, il ne faut pas les utiliser: elles pourraient endommager votre système.



Étape 4: Désactivation des programmes de sécurité résidents
Désactiver le module résident de l'antivirus.
Image avast!: clic droit sur l'icône dans la SysBarre (à coté de l'horloge), puis "Arrêter la protection résidente"


Étape 5: Toolbar-S&D (de la Team IDN) , option 2: Suppression

Impératif: Fermer toutes les fenêtres de navigateur (Internet Explorer, Firefox, Mozilla, Opera, etc).

Faire un double clic sur ToolBarSD.exe situé sur le Bureau pour lancer l'exécution de l'outil.

Choisir la langue en tapant F puis en appuyant sur Entrée.
Lire l'avertissement, puis cliquer sur OK.

Après l'affichage du menu, taper 2 puis faire Entrée pour supprimer les fichiers responsables de l'infection.

Ne pas fermer la fenêtre pendant la suppression des fichiers!

Lorsque la suppression est terminée, une fenêtre du Bloc-notes s'ouvre et affiche le rapport (alias log).

Fermer le Bloc-notes, ce qui termine l'exécution de l'outil.

Note:
Si le Bureau ne réapparaît pas, ouvrir le Gestionnaire des tâches en utilisant simultanément les touches CTRL+ALT+SUPP.
Cliquer en haut sur le Menu Fichier et choisir Nouvelle tâche (Exécuter...).
Dans la nouvelle fenêtre Créer une nouvelle tâche qui s'est ouverte, dans la zone Ouvrir, taper exactement explorer puis cliquer sur le bouton OK. Le Bureau va réapparaître.


Étape 6: OTL (de OldTimer), nettoyage
Faire un double clic sur OTL.exe pour lancer l'outil.
Ouvrir le fichier OTL-1.txt dans le Bloc-notes.
Dans le Bloc-notes, cliquer sur le menu Edition (en haut) et choisir Sélectionner tout.
Dans le Bloc-notes, cliquer sur le menu Edition (en haut) et choisir Copier.

Retourner dans la fenêtre de OTL, faire un clic droit dans la fenêtre située en bas nommée "Custom Scans/Fixes" Image et choisir Coller.

Fermer toutes les fenêtres de programme ouvertes (navigateur, traitement de texte, etc...): un redémarrage du PC va se produire.

Cliquer sur le bouton Run Fix: Image

Note: Un redémarrage est parfois nécessaire. S'il est demandé, cliquer sur Oui/Yes

Lorsque l'outil a terminé son travail, il y a affichage dans une petite fenêtre du message "Fix Complete! Click OK to open the fix log". Cliquer sur OK puis fermer OTL.


Étape 7: Gmer

Fermer absolument toutes les applications, les connexions et les navigateurs.

Faire un double clic sur le fichier au nom aléatoire téléchargé précédemment.

Attendre quelques instants le chargement et les premières recherches.

Vérifier que toutes les cases de la colonne de droite sont cochées sauf
Sections
AT/EAT
les lecteurs autres que C:\
"Show all"

comme ceci:
Image

puis cliquer sur le bouton Scan.

Attendre sans rien faire d'autre (... c'est un peu long...).
Les clés de Registre & fichiers scannés s'affichent en bas de la fenêtre.

Lorsque l'outil a terminé (il n'y a plus de défilement en bas de la fenêtre), cliquer sur le bouton Save ....

Une fenêtre du Bloc-notes va s'ouvrir, contenant le fichier rapport.
Note: Dans le Bloc-notes, vérifier dans le menu Format que l'option "Retour automatique à la ligne" n'est pas cochée.
Enregistrer ce fichier sur le Bureau sous le nom gmer-091208.txt.
Fermer la fenêtre Gmer (clic sur OK).


Étape 8: Réactivation des programmes de sécurité résidents
Important: Réactiver le module résident de l'antivirus.


Étape 9: OTL (de OldTimer), analyse
Fermer toutes les fenêtres de programme ouvertes.

Faire un double clic sur OTL.exe pour lancer l'outil.

L'écran principal de OTL s'affiche:
Image

Si ce n'est déjà fait, dans le paragraphe Extra Registry, cocher le bouton-radio Use SafeList:
Image

Cocher (en haut) la case située devant Scan All Users: Image

Dans le paragraphe Custom Scans/Fixes, faire un copier/coller des lignes ci-dessous (dans la zone blanche située sous "Code:")
Code: Tout sélectionner
netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
/md5stop
%systemroot%\*. /mp /s



Puis cliquer sur le bouton Run Scan: Image

Laisser l'outil travailler sans l'interrompre.
Lorsque l'outil a terminé, il y a ouverture d'une fenêtre du Bloc-notes contenant un rapport (log).
Fermer le Bloc-notes.
Le second rapport est visible dans la Barre des tâches. Le fermer également.
Fermer la fenêtre de OTL.


Étape 10: Résultats
Envoyer en réponse:
*- le rapport de Toolbar S&D (contenu du fichier SystemDrive\TB.txt)
[SystemDrive représente la partition sur laquelle est installé le système, généralement C:]
*- le rapport de correction de OTL (contenu du fichier SystemDrive\_OTL\MovedFiles\********_******.log - les *** sont des chiffres représentant la date [moisjourannée] et l'heure)
[SystemDrive représente la partition sur laquelle est installé le système, généralement C:]
*- le rapport de Gmer (contenu du fichier gmer-091208.txt).

Envoyer ensuite en réponse dans deux messages distincts (à cause de la longueur des logs):
*- les deux rapports de OTL (contenu des fichiers OTL.Txt et Extras.Txt situés sur le Bureau).
Les rapports envoyés sur le forum doivent se terminer par une ligne contenant <End>. Si ce n'est pas le cas, ils sont incomplets, et doivent alors être découpés en plusieurs messages.

Note importante: Pour l'envoi de ta(tes) réponse(s), il ne faut pas créer un nouveau sujet, mais cliquer sur le bouton "Répondre"
Image pour continuer dans ce fil de discussion.

A suivre,
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France

Besoin d'aide

Messagede Zoom62 » 09 Déc 2009, 06:47

nickW a écrit:Bonsoir,

Le 24/11/2009, tu as installé Nero ... peut-être en utilisant un crack/keygen. :?:


Bonjour,

Ne sachant pas ce qu'était Nero j'ai utilisé Google et j'en ai conclu que mon fils (l'autre utilisateur de ce pc) était sans doute à l'origine de cette installation. Je vais lui poser la question.

Est-ce un problème pour la procédure si lui a aussi une session en tant qu'administrateur?
Ne devrai-je pas l'appliquer à partir de sa session?

Je te remercie également pour les explications pas à pas qui facilite grandement les choses pour quelqu'un comme moi qui n'y connait pas grand chose.

A bientôt
Zoom62
 
Messages: 25
Inscription: 03 Déc 2009, 17:22
Localisation: Bruxelles

Besoin d'aide

Messagede Zoom62 » 09 Déc 2009, 22:24

Bonsoir,

Ci-après les rapports demandés:

Rapport Toolbar S&D:


-----------\\ ToolBar S&D 1.2.9 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) 4 CPU 3.06GHz )
BIOS : BIOS Date: 05/12/05 22:37:41 Ver: 08.00.09
USER : Martine ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1368 [VPS 091205-1] 4.8.1368 (Not Activated)
Firewall : Norton Internet Security 2005 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:48 Go (Free:14 Go)
D:\ (CD or DVD)
E:\ (CD or DVD)
F:\ (Local Disk) - FAT32 - Total:7 Go (Free:3 Go)
G:\ (CD or DVD)
I:\ (Local Disk) - NTFS - Total:32 Go (Free:9 Go)
J:\ (Local Disk) - NTFS - Total:65 Go (Free:31 Go)
K:\ (USB)
L:\ (USB)
M:\ (Local Disk) - NTFS - Total:31 Go (Free:9 Go)
N:\ (USB)
Z:\ (USB)

"C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )
Option : [2] ( mer. 09/12/2009| 9:39 )

-----------\\ SUPPRESSION

Supprime! - C:\Program Files\AskBarDis\bar
Supprime! - C:\Program Files\AskBarDis\PopSwatter
Supprime! - C:\Program Files\AskBarDis\unins000.dat
Supprime! - C:\Program Files\AskBarDis\unins000.exe
Supprime! - C:\Program Files\AskSBar\bar
Supprime! - C:\DOCUME~1\Martine\Cookies\martine@baidu[1].txt
Supprime! - C:\DOCUME~1\Martine\Cookies\martine@hi.baidu[2].txt
Supprime! - C:\Program Files\Crawler\Cache(2)
Supprime! - C:\Program Files\Crawler\Toolbar
Supprime! - C:\Program Files\AskBarDis
Supprime! - C:\Program Files\AskSBar
Supprime! - C:\Program Files\Crawler

-----------\\ Recherche de Fichiers / Dossiers ...


-----------\\ Extensions

(Administrateur) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar

(Martine) - {582195F5-92E7-40a0-A127-DB71295901D7} => gmanager
(Martine) - {84b24861-62f6-364b-eba5-2e5e2061d7e6} => mediaplayerconnectivity
(Martine) - {b9db16a4-6edc-47ec-a1f4-b86292ed211d} => dwhelper
(Martine) - {04060490-5c60-11da-8cd6-0800200c9a66} => Noia-Cute_TB_Yop_GD
(Martine) - {4e797306-9ff7-11dc-8314-0800200c9a66} => aero_thunderbird-1.0.3-tb


-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.be/"
"Search Page"="http://www.google.com"
"SearchMigratedDefaultURL"="http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}"
"Url"="http://go.microsoft.com/fwlink/?LinkId=68928"
"Url"="http://go.microsoft.com/fwlink/?LinkId=68929"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.msn.com/"


--------------------\\ Recherche d'autres infections

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\..\{8FEDED2D-763C-44CB-AEAA-5C9D637C4DDB}]
DhcpNameServer REG_SZ 85.255.116.51,85.255.112.96
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\..\{D8DF1CDE-CFF6-4E92-93BC-692FD5992AD4}]
DhcpNameServer REG_SZ 85.255.116.51,85.255.112.96
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\..\{8FEDED2D-763C-44CB-AEAA-5C9D637C4DDB}]
DhcpNameServer REG_SZ 85.255.116.51,85.255.112.96
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\..\{D8DF1CDE-CFF6-4E92-93BC-692FD5992AD4}]
DhcpNameServer REG_SZ 85.255.116.51,85.255.112.96
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet007\..\{8FEDED2D-763C-44CB-AEAA-5C9D637C4DDB}]
DhcpNameServer REG_SZ 85.255.116.51,85.255.112.96
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet007\..\{D8DF1CDE-CFF6-4E92-93BC-692FD5992AD4}]
DhcpNameServer REG_SZ 85.255.116.51,85.255.112.96
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet008\..\{8FEDED2D-763C-44CB-AEAA-5C9D637C4DDB}]
DhcpNameServer REG_SZ 85.255.116.51,85.255.112.96
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet008\..\{D8DF1CDE-CFF6-4E92-93BC-692FD5992AD4}]
DhcpNameServer REG_SZ 85.255.116.51,85.255.112.96
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet009\..\{8FEDED2D-763C-44CB-AEAA-5C9D637C4DDB}]
DhcpNameServer REG_SZ 85.255.116.51,85.255.112.96
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet009\..\{D8DF1CDE-CFF6-4E92-93BC-692FD5992AD4}]
DhcpNameServer REG_SZ 85.255.116.51,85.255.112.96
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet010\..\{8FEDED2D-763C-44CB-AEAA-5C9D637C4DDB}]
DhcpNameServer REG_SZ 85.255.116.51,85.255.112.96
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet010\..\{D8DF1CDE-CFF6-4E92-93BC-692FD5992AD4}]
DhcpNameServer REG_SZ 85.255.116.51,85.255.112.96
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet011\..\{8FEDED2D-763C-44CB-AEAA-5C9D637C4DDB}]
DhcpNameServer REG_SZ 85.255.116.51,85.255.112.96
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet011\..\{D8DF1CDE-CFF6-4E92-93BC-692FD5992AD4}]
DhcpNameServer REG_SZ 85.255.116.51,85.255.112.96
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet012\..\{8FEDED2D-763C-44CB-AEAA-5C9D637C4DDB}]
DhcpNameServer REG_SZ 85.255.116.51,85.255.112.96
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet012\..\{D8DF1CDE-CFF6-4E92-93BC-692FD5992AD4}]
DhcpNameServer REG_SZ 85.255.116.51,85.255.112.96
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet013\..\{8FEDED2D-763C-44CB-AEAA-5C9D637C4DDB}]
DhcpNameServer REG_SZ 85.255.116.51,85.255.112.96
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet013\..\{D8DF1CDE-CFF6-4E92-93BC-692FD5992AD4}]
DhcpNameServer REG_SZ 85.255.116.51,85.255.112.96
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet014\..\{8FEDED2D-763C-44CB-AEAA-5C9D637C4DDB}]
DhcpNameServer REG_SZ 85.255.116.51,85.255.112.96
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet014\..\{D8DF1CDE-CFF6-4E92-93BC-692FD5992AD4}]
DhcpNameServer REG_SZ 85.255.116.51,85.255.112.96
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet015\..\{8FEDED2D-763C-44CB-AEAA-5C9D637C4DDB}]
DhcpNameServer REG_SZ 85.255.116.51,85.255.112.96
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet015\..\{D8DF1CDE-CFF6-4E92-93BC-692FD5992AD4}]
DhcpNameServer REG_SZ 85.255.116.51,85.255.112.96
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet016\..\{8FEDED2D-763C-44CB-AEAA-5C9D637C4DDB}]
DhcpNameServer REG_SZ 85.255.116.51,85.255.112.96
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet016\..\{D8DF1CDE-CFF6-4E92-93BC-692FD5992AD4}]
DhcpNameServer REG_SZ 85.255.116.51,85.255.112.96
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet017\..\{8FEDED2D-763C-44CB-AEAA-5C9D637C4DDB}]
DhcpNameServer REG_SZ 85.255.116.51,85.255.112.96
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet017\..\{D8DF1CDE-CFF6-4E92-93BC-692FD5992AD4}]
DhcpNameServer REG_SZ 85.255.116.51,85.255.112.96
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet018\..\{8FEDED2D-763C-44CB-AEAA-5C9D637C4DDB}]
DhcpNameServer REG_SZ 85.255.116.51,85.255.112.96
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet018\..\{D8DF1CDE-CFF6-4E92-93BC-692FD5992AD4}]
DhcpNameServer REG_SZ 85.255.116.51,85.255.112.96
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet019\..\{8FEDED2D-763C-44CB-AEAA-5C9D637C4DDB}]
DhcpNameServer REG_SZ 85.255.116.51,85.255.112.96
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet019\..\{D8DF1CDE-CFF6-4E92-93BC-692FD5992AD4}]
DhcpNameServer REG_SZ 85.255.116.51,85.255.112.96
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet020\..\{8FEDED2D-763C-44CB-AEAA-5C9D637C4DDB}]
DhcpNameServer REG_SZ 85.255.116.51,85.255.112.96
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet020\..\{D8DF1CDE-CFF6-4E92-93BC-692FD5992AD4}]
DhcpNameServer REG_SZ 85.255.116.51,85.255.112.96
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet021\..\{D8DF1CDE-CFF6-4E92-93BC-692FD5992AD4}]
DhcpNameServer REG_SZ 85.255.116.51,85.255.112.96
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet022\..\{D8DF1CDE-CFF6-4E92-93BC-692FD5992AD4}]
DhcpNameServer REG_SZ 85.255.116.51,85.255.112.96
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet023\..\{D8DF1CDE-CFF6-4E92-93BC-692FD5992AD4}]
DhcpNameServer REG_SZ 85.255.116.51,85.255.112.96
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet024\..\{D8DF1CDE-CFF6-4E92-93BC-692FD5992AD4}]
DhcpNameServer REG_SZ 85.255.116.51,85.255.112.96
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet025\..\{D8DF1CDE-CFF6-4E92-93BC-692FD5992AD4}]
DhcpNameServer REG_SZ 85.255.116.51,85.255.112.96
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet026\..\{D8DF1CDE-CFF6-4E92-93BC-692FD5992AD4}]
DhcpNameServer REG_SZ 85.255.116.51,85.255.112.96
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet027\..\{D8DF1CDE-CFF6-4E92-93BC-692FD5992AD4}]
DhcpNameServer REG_SZ 85.255.116.51,85.255.112.96
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet028\..\{D8DF1CDE-CFF6-4E92-93BC-692FD5992AD4}]
DhcpNameServer REG_SZ 85.255.116.51,85.255.112.96
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet029\..\{D8DF1CDE-CFF6-4E92-93BC-692FD5992AD4}]
DhcpNameServer REG_SZ 85.255.116.51,85.255.112.96
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet030\..\{D8DF1CDE-CFF6-4E92-93BC-692FD5992AD4}]
DhcpNameServer REG_SZ 85.255.116.51,85.255.112.96
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet031\..\{D8DF1CDE-CFF6-4E92-93BC-692FD5992AD4}]
DhcpNameServer REG_SZ 85.255.116.51,85.255.112.96
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet032\..\{D8DF1CDE-CFF6-4E92-93BC-692FD5992AD4}]
DhcpNameServer REG_SZ 85.255.116.51,85.255.112.96
==> WAREOUT <==

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\Martine\.housecall6.6\Quarantine\Nero Ultra Edition 8.3.2.1 - KeyGen + Activation + Serials [by qualitytors].zip.bac_a00840
C:\DOCUME~1\Martine\Complete\Nero Ultra Edition 8.3.2.1 - KeyGen + Activation + Serials [by qualitytors].zip



1 - "C:\ToolBar SD\TB_1.txt" - lun. 07/12/2009| 6:26 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - mer. 09/12/2009| 9:41 - Option : [2]

-----------\\ Fin du rapport a 9:41:50,92


Rapport correction OLT:

All processes killed
Error: Unable to interpret <rien> in the current context!
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA}\ not found.
Registry value HKEY_USERS\S-1-5-21-1770633121-2185212140-2792175243-1007\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}\ not found.
Registry value HKEY_USERS\S-1-5-21-1770633121-2185212140-2792175243-1007\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{ECDEE021-0D17-467F-A1FF-C7A115230949} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ECDEE021-0D17-467F-A1FF-C7A115230949}\ not found.
Registry value HKEY_USERS\S-1-5-21-1770633121-2185212140-2792175243-1007\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{04ce4956-de82-11da-80bd-0013d43f8306}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{04ce4956-de82-11da-80bd-0013d43f8306}\ not found.
File H:\Recycled\ctfmon.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{05558724-e297-11da-80c1-0013d43f8306}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{05558724-e297-11da-80c1-0013d43f8306}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{05558724-e297-11da-80c1-0013d43f8306}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{05558724-e297-11da-80c1-0013d43f8306}\ not found.
File L:\load.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4799e98f-3d81-11db-8165-0013d43f8306}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4799e98f-3d81-11db-8165-0013d43f8306}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8e5df0df-d720-11dc-b218-0013d43f8306}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8e5df0df-d720-11dc-b218-0013d43f8306}\ not found.
File H:\Recycled\ctfmon.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{baa59ac6-f012-11da-80e0-0013d43f8306}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{baa59ac6-f012-11da-80e0-0013d43f8306}\ not found.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:05EE1EEF deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:EEE39B00 deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrateur
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 134 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 57639698 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 4538794 bytes

User: Kevin VDE

User: LocalService
->Temp folder emptied: 115616 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Martine
->Temp folder emptied: 33566475 bytes
->Temporary Internet Files folder emptied: 863554 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 87220207 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->FireFox cache emptied: 5966774 bytes

User: Propriétaire

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 473816 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 640 bytes

Total Files Cleaned = 181,66 mb


OTL by OldTimer - Version 3.1.11.4 log created on 12092009_094552

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...
Zoom62
 
Messages: 25
Inscription: 03 Déc 2009, 17:22
Localisation: Bruxelles

Besoin d'aide

Messagede Zoom62 » 10 Déc 2009, 08:33

Le rapport Gmer:

GMER 1.0.15.15273 - http://www.gmer.net
Rootkit scan 2009-12-10 08:32:44
Windows 5.1.2600 Service Pack 3
Running: 7v08s7fs.exe; Driver: C:\DOCUME~1\Martine\LOCALS~1\Temp\pxldypog.sys


---- System - GMER 1.0.15 ----

SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwAdjustPrivilegesToken [0xF43ADBCC]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwClose [0xF40AA6B8]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwConnectPort [0xF43AD1AA]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreateFile [0xF43AD832]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwCreateKey [0xF40AA574]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreatePort [0xF43AD08C]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreateSection [0xF43AF05C]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreateSymbolicLinkObject [0xF43AF2F4]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreateThread [0xF43ACC52]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwDeleteKey [0xF43ADFB6]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDeleteValueKey [0xF40AAA52]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDuplicateObject [0xF40AA14C]
SSDT sppt.sys ZwEnumerateKey [0xF73EDCA4]
SSDT sppt.sys ZwEnumerateValueKey [0xF73EE032]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwLoadDriver [0xF43AECDE]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwMakeTemporaryObject [0xF43AD42E]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwOpenFile [0xF43ADA0E]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenKey [0xF40AA64E]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenProcess [0xF40AA08C]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwOpenSection [0xF43AD6BE]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenThread [0xF40AA0F0]
SSDT sppt.sys ZwQueryKey [0xF73EE10A]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwQueryValueKey [0xF40AA76E]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwRenameKey [0xF43AE712]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwRequestWaitReplyPort [0xF43AF63A]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwRestoreKey [0xF40AA72E]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwSecureConnectPort [0xF43AEA7A]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwSetSecurityObject [0xF43ADDB2]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwSetSystemInformation [0xF43AEE8C]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwSetValueKey [0xF40AA8AE]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwShutdownSystem [0xF43AD3C8]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwSystemDebugControl [0xF43AD5B2]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwTerminateProcess [0xF43ACF56]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwTerminateThread [0xF43ACE24]

INT 0x62 ? 88154BF8
INT 0x74 ? 87F93F00
INT 0x82 ? 88154BF8
INT 0x83 ? 88154BF8
INT 0x84 ? 87F93F00
INT 0x94 ? 87F93F00
INT 0xB4 ? 87F93F00

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs 881331F8

AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)

Device \FileSystem\Fastfat \FatCdrom 879741F8

AttachedDevice \Driver\Tcpip \Device\Ip cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO)
AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)

Device \Driver\usbohci \Device\USBPDO-0 87F8E1F8
Device \Driver\usbohci \Device\USBPDO-1 87F8E1F8
Device \Driver\usbohci \Device\USBPDO-2 87F8E1F8
Device \Driver\usbehci \Device\USBPDO-3 87F6C500

AttachedDevice \Driver\Tcpip \Device\Tcp cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO)
AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)

Device \Driver\Ftdisk \Device\HarddiskVolume1 881561F8

AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume1 snapman.sys (Acronis Snapshot API/Acronis)

Device \Driver\Ftdisk \Device\HarddiskVolume2 881561F8

AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume2 snapman.sys (Acronis Snapshot API/Acronis)

Device \Driver\Cdrom \Device\CdRom0 87FA71F8
Device \Driver\USBSTOR \Device\000000b0 879D91F8
Device \Driver\Ftdisk \Device\HarddiskVolume3 881561F8

AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume3 snapman.sys (Acronis Snapshot API/Acronis)

Device \Driver\Cdrom \Device\CdRom1 87FA71F8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 [F7348B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort0 [F7348B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort1 [F7348B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort2 [F7348B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort3 [F7348B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-1b [F7348B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-13 [F7348B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\USBSTOR \Device\000000b1 879D91F8
Device \Driver\Ftdisk \Device\HarddiskVolume4 881561F8

AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume4 snapman.sys (Acronis Snapshot API/Acronis)

Device \Driver\Cdrom \Device\CdRom2 87FA71F8
Device \Driver\USBSTOR \Device\000000b2 879D91F8
Device \Driver\Ftdisk \Device\HarddiskVolume5 881561F8

AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume5 snapman.sys (Acronis Snapshot API/Acronis)

Device \Driver\USBSTOR \Device\000000b3 879D91F8
Device \Driver\PCI_PNP6608 \Device\00000082 sppt.sys
Device \Driver\PCI_PNP6608 \Device\00000082 sppt.sys
Device \Driver\NetBT \Device\NetBt_Wins_Export 879CB1F8
Device \Driver\NetBT \Device\NetbiosSmb 879CB1F8
Device \Driver\NetBT \Device\NetBT_Tcpip_{9528EE5A-62D4-49D9-8BA5-FA09247FF4C2} 879CB1F8
Device \Driver\sptd \Device\2829780358 sppt.sys

AttachedDevice \Driver\Tcpip \Device\Udp cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO)
AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\RawIp cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO)
AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)

Device \Driver\usbohci \Device\USBFDO-0 87F8E1F8
Device \Driver\usbohci \Device\USBFDO-1 87F8E1F8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 8798C1F8
Device \Driver\usbohci \Device\USBFDO-2 87F8E1F8
Device \FileSystem\MRxSmb \Device\LanmanRedirector 8798C1F8
Device \Driver\USBSTOR \Device\000000ae 879D91F8
Device \Driver\usbehci \Device\USBFDO-3 87F6C500
Device \Driver\Ftdisk \Device\FtControl 881561F8
Device \Driver\ame19tsr \Device\Scsi\ame19tsr1 87F411F8
Device \Driver\ame19tsr \Device\Scsi\ame19tsr1Port4Path0Target0Lun0 87F411F8
Device \FileSystem\Fastfat \Fat 879741F8

AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)

Device \FileSystem\Cdfs \Cdfs 878C9500
Device \FileSystem\Cdfs \Cdfs B8143BCE

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x49 0x81 0xC2 0xD3 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x49 0x81 0xC2 0xD3 ...
Reg HKLM\SYSTEM\ControlSet002\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Current State 0
Reg HKLM\SYSTEM\ControlSet002\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log Type 0
Reg HKLM\SYSTEM\ControlSet002\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Collection Name Vue g?n?rale du syst?me
Reg HKLM\SYSTEM\ControlSet002\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Collection Name Indirect @C:\WINDOWS\system32\smlogcfg.dll,-731
Reg HKLM\SYSTEM\ControlSet002\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Counter List \Processor(_Total)\% Processor Time?\Memory\Pages/sec?\PhysicalDisk(_Total)\Avg. Disk Queue Length?
Reg HKLM\SYSTEM\ControlSet002\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Comment Cet exemple de journal fournit une vue d'ensemble des performances du syst?me.
Reg HKLM\SYSTEM\ControlSet002\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Commentaire indirect @C:\WINDOWS\system32\smlogcfg.dll,-735
Reg HKLM\SYSTEM\ControlSet002\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@RealTime DataSource 1
Reg HKLM\SYSTEM\ControlSet002\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Max Size -1
Reg HKLM\SYSTEM\ControlSet002\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Attributs du magasin de données 33
Reg HKLM\SYSTEM\ControlSet002\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Base Name System_Overview
Reg HKLM\SYSTEM\ControlSet002\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Nom de la base du fichier journal indirect @C:\WINDOWS\system32\smlogcfg.dll,-744
Reg HKLM\SYSTEM\ControlSet002\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Sql Log Base Name SQL:!Vue g?n?rale du syst?me
Reg HKLM\SYSTEM\ControlSet002\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Serial Number 1
Reg HKLM\SYSTEM\ControlSet002\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Folder C:\PerfLogs
Reg HKLM\SYSTEM\ControlSet002\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Auto Format -1
Reg HKLM\SYSTEM\ControlSet002\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Type 2
Reg HKLM\SYSTEM\ControlSet002\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@ExecuteOnly 1
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x49 0x81 0xC2 0xD3 ...
Reg HKLM\SYSTEM\ControlSet003\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Current State 0
Reg HKLM\SYSTEM\ControlSet003\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log Type 0
Reg HKLM\SYSTEM\ControlSet003\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Collection Name Vue g?n?rale du syst?me
Reg HKLM\SYSTEM\ControlSet003\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Collection Name Indirect @C:\WINDOWS\system32\smlogcfg.dll,-731
Reg HKLM\SYSTEM\ControlSet003\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Counter List \Processor(_Total)\% Processor Time?\Memory\Pages/sec?\PhysicalDisk(_Total)\Avg. Disk Queue Length?
Reg HKLM\SYSTEM\ControlSet003\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Comment Cet exemple de journal fournit une vue d'ensemble des performances du syst?me.
Reg HKLM\SYSTEM\ControlSet003\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Commentaire indirect @C:\WINDOWS\system32\smlogcfg.dll,-735
Reg HKLM\SYSTEM\ControlSet003\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@RealTime DataSource 1
Reg HKLM\SYSTEM\ControlSet003\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Max Size -1
Reg HKLM\SYSTEM\ControlSet003\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Attributs du magasin de données 33
Reg HKLM\SYSTEM\ControlSet003\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Base Name System_Overview
Reg HKLM\SYSTEM\ControlSet003\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Nom de la base du fichier journal indirect @C:\WINDOWS\system32\smlogcfg.dll,-744
Reg HKLM\SYSTEM\ControlSet003\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Sql Log Base Name SQL:!Vue g?n?rale du syst?me
Reg HKLM\SYSTEM\ControlSet003\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Serial Number 1
Reg HKLM\SYSTEM\ControlSet003\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Folder C:\PerfLogs
Reg HKLM\SYSTEM\ControlSet003\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Auto Format -1
Reg HKLM\SYSTEM\ControlSet003\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Type 2
Reg HKLM\SYSTEM\ControlSet003\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@ExecuteOnly 1
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x49 0x81 0xC2 0xD3 ...
Reg HKLM\SYSTEM\ControlSet004\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Current State 0
Reg HKLM\SYSTEM\ControlSet004\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log Type 0
Reg HKLM\SYSTEM\ControlSet004\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Collection Name Vue g?n?rale du syst?me
Reg HKLM\SYSTEM\ControlSet004\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Collection Name Indirect @C:\WINDOWS\system32\smlogcfg.dll,-731
Reg HKLM\SYSTEM\ControlSet004\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Counter List \Processor(_Total)\% Processor Time?\Memory\Pages/sec?\PhysicalDisk(_Total)\Avg. Disk Queue Length?
Reg HKLM\SYSTEM\ControlSet004\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Comment Cet exemple de journal fournit une vue d'ensemble des performances du syst?me.
Reg HKLM\SYSTEM\ControlSet004\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Commentaire indirect @C:\WINDOWS\system32\smlogcfg.dll,-735
Reg HKLM\SYSTEM\ControlSet004\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@RealTime DataSource 1
Reg HKLM\SYSTEM\ControlSet004\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Max Size -1
Reg HKLM\SYSTEM\ControlSet004\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Attributs du magasin de données 33
Reg HKLM\SYSTEM\ControlSet004\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Base Name System_Overview
Reg HKLM\SYSTEM\ControlSet004\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Nom de la base du fichier journal indirect @C:\WINDOWS\system32\smlogcfg.dll,-744
Reg HKLM\SYSTEM\ControlSet004\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Sql Log Base Name SQL:!Vue g?n?rale du syst?me
Reg HKLM\SYSTEM\ControlSet004\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Serial Number 1
Reg HKLM\SYSTEM\ControlSet004\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Folder C:\PerfLogs
Reg HKLM\SYSTEM\ControlSet004\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Auto Format -1
Reg HKLM\SYSTEM\ControlSet004\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Type 2
Reg HKLM\SYSTEM\ControlSet004\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@ExecuteOnly 1
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x49 0x81 0xC2 0xD3 ...
Reg HKLM\SYSTEM\ControlSet005\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Current State 0
Reg HKLM\SYSTEM\ControlSet005\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log Type 0
Reg HKLM\SYSTEM\ControlSet005\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Collection Name Vue g?n?rale du syst?me
Reg HKLM\SYSTEM\ControlSet005\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Collection Name Indirect @C:\WINDOWS\system32\smlogcfg.dll,-731
Reg HKLM\SYSTEM\ControlSet005\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Counter List \Processor(_Total)\% Processor Time?\Memory\Pages/sec?\PhysicalDisk(_Total)\Avg. Disk Queue Length?
Reg HKLM\SYSTEM\ControlSet005\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Comment Cet exemple de journal fournit une vue d'ensemble des performances du syst?me.
Reg HKLM\SYSTEM\ControlSet005\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Commentaire indirect @C:\WINDOWS\system32\smlogcfg.dll,-735
Reg HKLM\SYSTEM\ControlSet005\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@RealTime DataSource 1
Reg HKLM\SYSTEM\ControlSet005\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Max Size -1
Reg HKLM\SYSTEM\ControlSet005\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Attributs du magasin de données 33
Reg HKLM\SYSTEM\ControlSet005\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Base Name System_Overview
Reg HKLM\SYSTEM\ControlSet005\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Nom de la base du fichier journal indirect @C:\WINDOWS\system32\smlogcfg.dll,-744
Reg HKLM\SYSTEM\ControlSet005\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Sql Log Base Name SQL:!Vue g?n?rale du syst?me
Reg HKLM\SYSTEM\ControlSet005\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Serial Number 1
Reg HKLM\SYSTEM\ControlSet005\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Folder C:\PerfLogs
Reg HKLM\SYSTEM\ControlSet005\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Auto Format -1
Reg HKLM\SYSTEM\ControlSet005\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Type 2
Reg HKLM\SYSTEM\ControlSet005\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@ExecuteOnly 1
Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x49 0x81 0xC2 0xD3 ...
Reg HKLM\SYSTEM\ControlSet006\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Current State 0
Reg HKLM\SYSTEM\ControlSet006\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log Type 0
Reg HKLM\SYSTEM\ControlSet006\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Collection Name Vue g?n?rale du syst?me
Reg HKLM\SYSTEM\ControlSet006\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Collection Name Indirect @C:\WINDOWS\system32\smlogcfg.dll,-731
Reg HKLM\SYSTEM\ControlSet006\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Counter List \Processor(_Total)\% Processor Time?\Memory\Pages/sec?\PhysicalDisk(_Total)\Avg. Disk Queue Length?
Reg HKLM\SYSTEM\ControlSet006\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Comment Cet exemple de journal fournit une vue d'ensemble des performances du syst?me.
Reg HKLM\SYSTEM\ControlSet006\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Commentaire indirect @C:\WINDOWS\system32\smlogcfg.dll,-735
Reg HKLM\SYSTEM\ControlSet006\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@RealTime DataSource 1
Reg HKLM\SYSTEM\ControlSet006\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Max Size -1
Reg HKLM\SYSTEM\ControlSet006\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Attributs du magasin de données 33
Reg HKLM\SYSTEM\ControlSet006\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Base Name System_Overview
Reg HKLM\SYSTEM\ControlSet006\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Nom de la base du fichier journal indirect @C:\WINDOWS\system32\smlogcfg.dll,-744
Reg HKLM\SYSTEM\ControlSet006\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Sql Log Base Name SQL:!Vue g?n?rale du syst?me
Reg HKLM\SYSTEM\ControlSet006\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Serial Number 1
Reg HKLM\SYSTEM\ControlSet006\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Folder C:\PerfLogs
Reg HKLM\SYSTEM\ControlSet006\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Auto Format -1
Reg HKLM\SYSTEM\ControlSet006\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Type 2
Reg HKLM\SYSTEM\ControlSet006\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@ExecuteOnly 1
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x49 0x81 0xC2 0xD3 ...
Reg HKLM\SYSTEM\ControlSet007\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Current State 0
Reg HKLM\SYSTEM\ControlSet007\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log Type 0
Reg HKLM\SYSTEM\ControlSet007\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Collection Name Vue g?n?rale du syst?me
Reg HKLM\SYSTEM\ControlSet007\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Collection Name Indirect @C:\WINDOWS\system32\smlogcfg.dll,-731
Reg HKLM\SYSTEM\ControlSet007\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Counter List \Processor(_Total)\% Processor Time?\Memory\Pages/sec?\PhysicalDisk(_Total)\Avg. Disk Queue Length?
Reg HKLM\SYSTEM\ControlSet007\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Comment Cet exemple de journal fournit une vue d'ensemble des performances du syst?me.
Reg HKLM\SYSTEM\ControlSet007\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Commentaire indirect @C:\WINDOWS\system32\smlogcfg.dll,-735
Reg HKLM\SYSTEM\ControlSet007\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@RealTime DataSource 1
Reg HKLM\SYSTEM\ControlSet007\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Max Size -1
Reg HKLM\SYSTEM\ControlSet007\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Attributs du magasin de données 33
Reg HKLM\SYSTEM\ControlSet007\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Base Name System_Overview
Reg HKLM\SYSTEM\ControlSet007\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Nom de la base du fichier journal indirect @C:\WINDOWS\system32\smlogcfg.dll,-744
Reg HKLM\SYSTEM\ControlSet007\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Sql Log Base Name SQL:!Vue g?n?rale du syst?me
Reg HKLM\SYSTEM\ControlSet007\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Serial Number 1
Reg HKLM\SYSTEM\ControlSet007\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Folder C:\PerfLogs
Reg HKLM\SYSTEM\ControlSet007\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Auto Format -1
Reg HKLM\SYSTEM\ControlSet007\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Type 2
Reg HKLM\SYSTEM\ControlSet007\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@ExecuteOnly 1
Reg HKLM\SYSTEM\ControlSet008\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet008\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet008\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x49 0x81 0xC2 0xD3 ...
Reg HKLM\SYSTEM\ControlSet008\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Current State 0
Reg HKLM\SYSTEM\ControlSet008\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log Type 0
Reg HKLM\SYSTEM\ControlSet008\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Collection Name Vue g?n?rale du syst?me
Reg HKLM\SYSTEM\ControlSet008\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Collection Name Indirect @C:\WINDOWS\system32\smlogcfg.dll,-731
Reg HKLM\SYSTEM\ControlSet008\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Counter List \Processor(_Total)\% Processor Time?\Memory\Pages/sec?\PhysicalDisk(_Total)\Avg. Disk Queue Length?
Reg HKLM\SYSTEM\ControlSet008\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Comment Cet exemple de journal fournit une vue d'ensemble des performances du syst?me.
Reg HKLM\SYSTEM\ControlSet008\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Commentaire indirect @C:\WINDOWS\system32\smlogcfg.dll,-735
Reg HKLM\SYSTEM\ControlSet008\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@RealTime DataSource 1
Reg HKLM\SYSTEM\ControlSet008\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Max Size -1
Reg HKLM\SYSTEM\ControlSet008\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Attributs du magasin de données 33
Reg HKLM\SYSTEM\ControlSet008\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Base Name System_Overview
Reg HKLM\SYSTEM\ControlSet008\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Nom de la base du fichier journal indirect @C:\WINDOWS\system32\smlogcfg.dll,-744
Reg HKLM\SYSTEM\ControlSet008\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Sql Log Base Name SQL:!Vue g?n?rale du syst?me
Reg HKLM\SYSTEM\ControlSet008\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Serial Number 1
Reg HKLM\SYSTEM\ControlSet008\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Folder C:\PerfLogs
Reg HKLM\SYSTEM\ControlSet008\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Auto Format -1
Reg HKLM\SYSTEM\ControlSet008\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Type 2
Reg HKLM\SYSTEM\ControlSet008\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@ExecuteOnly 1
Reg HKLM\SYSTEM\ControlSet009\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet009\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet009\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x49 0x81 0xC2 0xD3 ...
Reg HKLM\SYSTEM\ControlSet009\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Current State 0
Reg HKLM\SYSTEM\ControlSet009\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log Type 0
Reg HKLM\SYSTEM\ControlSet009\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Collection Name Vue g?n?rale du syst?me
Reg HKLM\SYSTEM\ControlSet009\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Collection Name Indirect @C:\WINDOWS\system32\smlogcfg.dll,-731
Reg HKLM\SYSTEM\ControlSet009\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Counter List \Processor(_Total)\% Processor Time?\Memory\Pages/sec?\PhysicalDisk(_Total)\Avg. Disk Queue Length?
Reg HKLM\SYSTEM\ControlSet009\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Comment Cet exemple de journal fournit une vue d'ensemble des performances du syst?me.
Reg HKLM\SYSTEM\ControlSet009\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Commentaire indirect @C:\WINDOWS\system32\smlogcfg.dll,-735
Reg HKLM\SYSTEM\ControlSet009\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@RealTime DataSource 1
Reg HKLM\SYSTEM\ControlSet009\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Max Size -1
Reg HKLM\SYSTEM\ControlSet009\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Attributs du magasin de données 33
Reg HKLM\SYSTEM\ControlSet009\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Base Name System_Overview
Reg HKLM\SYSTEM\ControlSet009\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Nom de la base du fichier journal indirect @C:\WINDOWS\system32\smlogcfg.dll,-744
Reg HKLM\SYSTEM\ControlSet009\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Sql Log Base Name SQL:!Vue g?n?rale du syst?me
Reg HKLM\SYSTEM\ControlSet009\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Serial Number 1
Reg HKLM\SYSTEM\ControlSet009\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Folder C:\PerfLogs
Reg HKLM\SYSTEM\ControlSet009\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Auto Format -1
Reg HKLM\SYSTEM\ControlSet009\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Type 2
Reg HKLM\SYSTEM\ControlSet009\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@ExecuteOnly 1
Reg HKLM\SYSTEM\ControlSet010\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet010\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet010\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x49 0x81 0xC2 0xD3 ...
Reg HKLM\SYSTEM\ControlSet010\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Current State 0
Reg HKLM\SYSTEM\ControlSet010\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log Type 0
Reg HKLM\SYSTEM\ControlSet010\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Collection Name Vue g?n?rale du syst?me
Reg HKLM\SYSTEM\ControlSet010\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Collection Name Indirect @C:\WINDOWS\system32\smlogcfg.dll,-731
Reg HKLM\SYSTEM\ControlSet010\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Counter List \Processor(_Total)\% Processor Time?\Memory\Pages/sec?\PhysicalDisk(_Total)\Avg. Disk Queue Length?
Reg HKLM\SYSTEM\ControlSet010\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Comment Cet exemple de journal fournit une vue d'ensemble des performances du syst?me.
Reg HKLM\SYSTEM\ControlSet010\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Commentaire indirect @C:\WINDOWS\system32\smlogcfg.dll,-735
Reg HKLM\SYSTEM\ControlSet010\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@RealTime DataSource 1
Reg HKLM\SYSTEM\ControlSet010\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Max Size -1
Reg HKLM\SYSTEM\ControlSet010\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Attributs du magasin de données 33
Reg HKLM\SYSTEM\ControlSet010\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Base Name System_Overview
Reg HKLM\SYSTEM\ControlSet010\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Nom de la base du fichier journal indirect @C:\WINDOWS\system32\smlogcfg.dll,-744
Reg HKLM\SYSTEM\ControlSet010\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Sql Log Base Name SQL:!Vue g?n?rale du syst?me
Reg HKLM\SYSTEM\ControlSet010\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Serial Number 1
Reg HKLM\SYSTEM\ControlSet010\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Folder C:\PerfLogs
Reg HKLM\SYSTEM\ControlSet010\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Auto Format -1
Reg HKLM\SYSTEM\ControlSet010\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Type 2
Reg HKLM\SYSTEM\ControlSet010\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@ExecuteOnly 1
Reg HKLM\SYSTEM\ControlSet011\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet011\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet011\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x49 0x81 0xC2 0xD3 ...
Reg HKLM\SYSTEM\ControlSet011\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Current State 0
Reg HKLM\SYSTEM\ControlSet011\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log Type 0
Reg HKLM\SYSTEM\ControlSet011\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Collection Name Vue g?n?rale du syst?me
Reg HKLM\SYSTEM\ControlSet011\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Collection Name Indirect @C:\WINDOWS\system32\smlogcfg.dll,-731
Reg HKLM\SYSTEM\ControlSet011\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Counter List \Processor(_Total)\% Processor Time?\Memory\Pages/sec?\PhysicalDisk(_Total)\Avg. Disk Queue Length?
Reg HKLM\SYSTEM\ControlSet011\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Comment Cet exemple de journal fournit une vue d'ensemble des performances du syst?me.
Reg HKLM\SYSTEM\ControlSet011\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Commentaire indirect @C:\WINDOWS\system32\smlogcfg.dll,-735
Reg HKLM\SYSTEM\ControlSet011\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@RealTime DataSource 1
Reg HKLM\SYSTEM\ControlSet011\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Max Size -1
Reg HKLM\SYSTEM\ControlSet011\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Attributs du magasin de données 33
Reg HKLM\SYSTEM\ControlSet011\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Base Name System_Overview
Reg HKLM\SYSTEM\ControlSet011\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Nom de la base du fichier journal indirect @C:\WINDOWS\system32\smlogcfg.dll,-744
Reg HKLM\SYSTEM\ControlSet011\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Sql Log Base Name SQL:!Vue g?n?rale du syst?me
Reg HKLM\SYSTEM\ControlSet011\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Serial Number 1
Reg HKLM\SYSTEM\ControlSet011\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Folder C:\PerfLogs
Reg HKLM\SYSTEM\ControlSet011\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Auto Format -1
Reg HKLM\SYSTEM\ControlSet011\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log
Zoom62
 
Messages: 25
Inscription: 03 Déc 2009, 17:22
Localisation: Bruxelles

Besoin d'aide

Messagede Zoom62 » 10 Déc 2009, 08:42

Suite rapport Gmer:
Est-ce normal qu'il soit si long?

Reg HKLM\SYSTEM\ControlSet011\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Type 2
Reg HKLM\SYSTEM\ControlSet011\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@ExecuteOnly 1
Reg HKLM\SYSTEM\ControlSet012\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet012\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet012\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x49 0x81 0xC2 0xD3 ...
Reg HKLM\SYSTEM\ControlSet012\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Current State 0
Reg HKLM\SYSTEM\ControlSet012\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log Type 0
Reg HKLM\SYSTEM\ControlSet012\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Collection Name Vue g?n?rale du syst?me
Reg HKLM\SYSTEM\ControlSet012\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Collection Name Indirect @C:\WINDOWS\system32\smlogcfg.dll,-731
Reg HKLM\SYSTEM\ControlSet012\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Counter List \Processor(_Total)\% Processor Time?\Memory\Pages/sec?\PhysicalDisk(_Total)\Avg. Disk Queue Length?
Reg HKLM\SYSTEM\ControlSet012\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Comment Cet exemple de journal fournit une vue d'ensemble des performances du syst?me.
Reg HKLM\SYSTEM\ControlSet012\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Commentaire indirect @C:\WINDOWS\system32\smlogcfg.dll,-735
Reg HKLM\SYSTEM\ControlSet012\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@RealTime DataSource 1
Reg HKLM\SYSTEM\ControlSet012\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Max Size -1
Reg HKLM\SYSTEM\ControlSet012\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Attributs du magasin de données 33
Reg HKLM\SYSTEM\ControlSet012\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Base Name System_Overview
Reg HKLM\SYSTEM\ControlSet012\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Nom de la base du fichier journal indirect @C:\WINDOWS\system32\smlogcfg.dll,-744
Reg HKLM\SYSTEM\ControlSet012\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Sql Log Base Name SQL:!Vue g?n?rale du syst?me
Reg HKLM\SYSTEM\ControlSet012\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Serial Number 1
Reg HKLM\SYSTEM\ControlSet012\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Folder C:\PerfLogs
Reg HKLM\SYSTEM\ControlSet012\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Auto Format -1
Reg HKLM\SYSTEM\ControlSet012\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Type 2
Reg HKLM\SYSTEM\ControlSet012\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@ExecuteOnly 1
Reg HKLM\SYSTEM\ControlSet013\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet013\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet013\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x49 0x81 0xC2 0xD3 ...
Reg HKLM\SYSTEM\ControlSet013\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Current State 0
Reg HKLM\SYSTEM\ControlSet013\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log Type 0
Reg HKLM\SYSTEM\ControlSet013\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Collection Name Vue g?n?rale du syst?me
Reg HKLM\SYSTEM\ControlSet013\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Collection Name Indirect @C:\WINDOWS\system32\smlogcfg.dll,-731
Reg HKLM\SYSTEM\ControlSet013\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Counter List \Processor(_Total)\% Processor Time?\Memory\Pages/sec?\PhysicalDisk(_Total)\Avg. Disk Queue Length?
Reg HKLM\SYSTEM\ControlSet013\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Comment Cet exemple de journal fournit une vue d'ensemble des performances du syst?me.
Reg HKLM\SYSTEM\ControlSet013\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Commentaire indirect @C:\WINDOWS\system32\smlogcfg.dll,-735
Reg HKLM\SYSTEM\ControlSet013\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@RealTime DataSource 1
Reg HKLM\SYSTEM\ControlSet013\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Max Size -1
Reg HKLM\SYSTEM\ControlSet013\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Attributs du magasin de données 33
Reg HKLM\SYSTEM\ControlSet013\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Base Name System_Overview
Reg HKLM\SYSTEM\ControlSet013\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Nom de la base du fichier journal indirect @C:\WINDOWS\system32\smlogcfg.dll,-744
Reg HKLM\SYSTEM\ControlSet013\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Sql Log Base Name SQL:!Vue g?n?rale du syst?me
Reg HKLM\SYSTEM\ControlSet013\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Serial Number 1
Reg HKLM\SYSTEM\ControlSet013\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Folder C:\PerfLogs
Reg HKLM\SYSTEM\ControlSet013\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Auto Format -1
Reg HKLM\SYSTEM\ControlSet013\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Type 2
Reg HKLM\SYSTEM\ControlSet013\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@ExecuteOnly 1
Reg HKLM\SYSTEM\ControlSet014\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet014\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet014\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x49 0x81 0xC2 0xD3 ...
Reg HKLM\SYSTEM\ControlSet014\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Current State 0
Reg HKLM\SYSTEM\ControlSet014\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log Type 0
Reg HKLM\SYSTEM\ControlSet014\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Collection Name Vue g?n?rale du syst?me
Reg HKLM\SYSTEM\ControlSet014\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Collection Name Indirect @C:\WINDOWS\system32\smlogcfg.dll,-731
Reg HKLM\SYSTEM\ControlSet014\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Counter List \Processor(_Total)\% Processor Time?\Memory\Pages/sec?\PhysicalDisk(_Total)\Avg. Disk Queue Length?
Reg HKLM\SYSTEM\ControlSet014\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Comment Cet exemple de journal fournit une vue d'ensemble des performances du syst?me.
Reg HKLM\SYSTEM\ControlSet014\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Commentaire indirect @C:\WINDOWS\system32\smlogcfg.dll,-735
Reg HKLM\SYSTEM\ControlSet014\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@RealTime DataSource 1
Reg HKLM\SYSTEM\ControlSet014\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Max Size -1
Reg HKLM\SYSTEM\ControlSet014\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Attributs du magasin de données 33
Reg HKLM\SYSTEM\ControlSet014\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Base Name System_Overview
Reg HKLM\SYSTEM\ControlSet014\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Nom de la base du fichier journal indirect @C:\WINDOWS\system32\smlogcfg.dll,-744
Reg HKLM\SYSTEM\ControlSet014\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Sql Log Base Name SQL:!Vue g?n?rale du syst?me
Reg HKLM\SYSTEM\ControlSet014\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Serial Number 1
Reg HKLM\SYSTEM\ControlSet014\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Folder C:\PerfLogs
Reg HKLM\SYSTEM\ControlSet014\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Auto Format -1
Reg HKLM\SYSTEM\ControlSet014\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Type 2
Reg HKLM\SYSTEM\ControlSet014\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@ExecuteOnly 1
Reg HKLM\SYSTEM\ControlSet015\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet015\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet015\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x49 0x81 0xC2 0xD3 ...
Reg HKLM\SYSTEM\ControlSet015\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Current State 0
Reg HKLM\SYSTEM\ControlSet015\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log Type 0
Reg HKLM\SYSTEM\ControlSet015\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Collection Name Vue g?n?rale du syst?me
Reg HKLM\SYSTEM\ControlSet015\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Collection Name Indirect @C:\WINDOWS\system32\smlogcfg.dll,-731
Reg HKLM\SYSTEM\ControlSet015\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Counter List \Processor(_Total)\% Processor Time?\Memory\Pages/sec?\PhysicalDisk(_Total)\Avg. Disk Queue Length?
Reg HKLM\SYSTEM\ControlSet015\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Comment Cet exemple de journal fournit une vue d'ensemble des performances du syst?me.
Reg HKLM\SYSTEM\ControlSet015\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Commentaire indirect @C:\WINDOWS\system32\smlogcfg.dll,-735
Reg HKLM\SYSTEM\ControlSet015\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@RealTime DataSource 1
Reg HKLM\SYSTEM\ControlSet015\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Max Size -1
Reg HKLM\SYSTEM\ControlSet015\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Attributs du magasin de données 33
Reg HKLM\SYSTEM\ControlSet015\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Base Name System_Overview
Reg HKLM\SYSTEM\ControlSet015\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Nom de la base du fichier journal indirect @C:\WINDOWS\system32\smlogcfg.dll,-744
Reg HKLM\SYSTEM\ControlSet015\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Sql Log Base Name SQL:!Vue g?n?rale du syst?me
Reg HKLM\SYSTEM\ControlSet015\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Serial Number 1
Reg HKLM\SYSTEM\ControlSet015\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Folder C:\PerfLogs
Reg HKLM\SYSTEM\ControlSet015\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Auto Format -1
Reg HKLM\SYSTEM\ControlSet015\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Type 2
Reg HKLM\SYSTEM\ControlSet015\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@ExecuteOnly 1
Reg HKLM\SYSTEM\ControlSet016\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet016\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet016\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x49 0x81 0xC2 0xD3 ...
Reg HKLM\SYSTEM\ControlSet016\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Current State 0
Reg HKLM\SYSTEM\ControlSet016\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log Type 0
Reg HKLM\SYSTEM\ControlSet016\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Collection Name Vue g?n?rale du syst?me
Reg HKLM\SYSTEM\ControlSet016\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Collection Name Indirect @C:\WINDOWS\system32\smlogcfg.dll,-731
Reg HKLM\SYSTEM\ControlSet016\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Counter List \Processor(_Total)\% Processor Time?\Memory\Pages/sec?\PhysicalDisk(_Total)\Avg. Disk Queue Length?
Reg HKLM\SYSTEM\ControlSet016\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Comment Cet exemple de journal fournit une vue d'ensemble des performances du syst?me.
Reg HKLM\SYSTEM\ControlSet016\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Commentaire indirect @C:\WINDOWS\system32\smlogcfg.dll,-735
Reg HKLM\SYSTEM\ControlSet016\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@RealTime DataSource 1
Reg HKLM\SYSTEM\ControlSet016\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Max Size -1
Reg HKLM\SYSTEM\ControlSet016\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Attributs du magasin de données 33
Reg HKLM\SYSTEM\ControlSet016\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Base Name System_Overview
Reg HKLM\SYSTEM\ControlSet016\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Nom de la base du fichier journal indirect @C:\WINDOWS\system32\smlogcfg.dll,-744
Reg HKLM\SYSTEM\ControlSet016\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Sql Log Base Name SQL:!Vue g?n?rale du syst?me
Reg HKLM\SYSTEM\ControlSet016\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Serial Number 1
Reg HKLM\SYSTEM\ControlSet016\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Folder C:\PerfLogs
Reg HKLM\SYSTEM\ControlSet016\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Auto Format -1
Reg HKLM\SYSTEM\ControlSet016\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Type 2
Reg HKLM\SYSTEM\ControlSet016\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@ExecuteOnly 1
Reg HKLM\SYSTEM\ControlSet017\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet017\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet017\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x49 0x81 0xC2 0xD3 ...
Reg HKLM\SYSTEM\ControlSet017\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Current State 0
Reg HKLM\SYSTEM\ControlSet017\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log Type 0
Reg HKLM\SYSTEM\ControlSet017\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Collection Name Vue g?n?rale du syst?me
Reg HKLM\SYSTEM\ControlSet017\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Collection Name Indirect @C:\WINDOWS\system32\smlogcfg.dll,-731
Reg HKLM\SYSTEM\ControlSet017\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Counter List \Processor(_Total)\% Processor Time?\Memory\Pages/sec?\PhysicalDisk(_Total)\Avg. Disk Queue Length?
Reg HKLM\SYSTEM\ControlSet017\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Comment Cet exemple de journal fournit une vue d'ensemble des performances du syst?me.
Reg HKLM\SYSTEM\ControlSet017\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Commentaire indirect @C:\WINDOWS\system32\smlogcfg.dll,-735
Reg HKLM\SYSTEM\ControlSet017\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@RealTime DataSource 1
Reg HKLM\SYSTEM\ControlSet017\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Max Size -1
Reg HKLM\SYSTEM\ControlSet017\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Attributs du magasin de données 33
Reg HKLM\SYSTEM\ControlSet017\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Base Name System_Overview
Reg HKLM\SYSTEM\ControlSet017\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Nom de la base du fichier journal indirect @C:\WINDOWS\system32\smlogcfg.dll,-744
Reg HKLM\SYSTEM\ControlSet017\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Sql Log Base Name SQL:!Vue g?n?rale du syst?me
Reg HKLM\SYSTEM\ControlSet017\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Serial Number 1
Reg HKLM\SYSTEM\ControlSet017\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Folder C:\PerfLogs
Reg HKLM\SYSTEM\ControlSet017\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Auto Format -1
Reg HKLM\SYSTEM\ControlSet017\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Type 2
Reg HKLM\SYSTEM\ControlSet017\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@ExecuteOnly 1
Reg HKLM\SYSTEM\ControlSet018\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet018\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet018\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x49 0x81 0xC2 0xD3 ...
Reg HKLM\SYSTEM\ControlSet018\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Current State 0
Reg HKLM\SYSTEM\ControlSet018\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log Type 0
Reg HKLM\SYSTEM\ControlSet018\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Collection Name Vue g?n?rale du syst?me
Reg HKLM\SYSTEM\ControlSet018\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Collection Name Indirect @C:\WINDOWS\system32\smlogcfg.dll,-731
Reg HKLM\SYSTEM\ControlSet018\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Counter List \Processor(_Total)\% Processor Time?\Memory\Pages/sec?\PhysicalDisk(_Total)\Avg. Disk Queue Length?
Reg HKLM\SYSTEM\ControlSet018\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Comment Cet exemple de journal fournit une vue d'ensemble des performances du syst?me.
Reg HKLM\SYSTEM\ControlSet018\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Commentaire indirect @C:\WINDOWS\system32\smlogcfg.dll,-735
Reg HKLM\SYSTEM\ControlSet018\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@RealTime DataSource 1
Reg HKLM\SYSTEM\ControlSet018\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Max Size -1
Reg HKLM\SYSTEM\ControlSet018\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Attributs du magasin de données 33
Reg HKLM\SYSTEM\ControlSet018\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Base Name System_Overview
Reg HKLM\SYSTEM\ControlSet018\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Nom de la base du fichier journal indirect @C:\WINDOWS\system32\smlogcfg.dll,-744
Reg HKLM\SYSTEM\ControlSet018\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Sql Log Base Name SQL:!Vue g?n?rale du syst?me
Reg HKLM\SYSTEM\ControlSet018\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Serial Number 1
Reg HKLM\SYSTEM\ControlSet018\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Folder C:\PerfLogs
Reg HKLM\SYSTEM\ControlSet018\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Auto Format -1
Reg HKLM\SYSTEM\ControlSet018\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Type 2
Reg HKLM\SYSTEM\ControlSet018\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@ExecuteOnly 1
Reg HKLM\SYSTEM\ControlSet019\Services\Eventlog\System\cbidf@EventMessageFile %SystemRoot%\System32\IoLogMsg.dll
Reg HKLM\SYSTEM\ControlSet019\Services\Eventlog\System\cbidf@TypesSupported 7
Reg HKLM\SYSTEM\ControlSet019\Services\Eventlog\System\NtServicePack@EventMessageFile %SystemRoot%\System32\spmsg.dll
Reg HKLM\SYSTEM\ControlSet019\Services\Eventlog\System\NtServicePack@TypesSupported 7
Reg HKLM\SYSTEM\ControlSet019\Services\Eventlog\System\SiS315@EventMessageFile %SystemRoot%\System32\IoLogMsg.dll;%SystemRoot%\System32\drivers\sisgrp.sys
Reg HKLM\SYSTEM\ControlSet019\Services\Eventlog\System\SiS315@TypesSupported 7
Reg HKLM\SYSTEM\ControlSet019\Services\Eventlog\System\Windows Installer 3.1@EventMessageFile %SystemRoot%\System32\spmsg.dll
Reg HKLM\SYSTEM\ControlSet019\Services\Eventlog\System\Windows Installer 3.1@TypesSupported 7
Reg HKLM\SYSTEM\ControlSet019\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet019\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet019\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x49 0x81 0xC2 0xD3 ...
Reg HKLM\SYSTEM\ControlSet019\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Current State 0
Reg HKLM\SYSTEM\ControlSet019\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log Type 0
Reg HKLM\SYSTEM\ControlSet019\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Collection Name Vue g?n?rale du syst?me
Reg HKLM\SYSTEM\ControlSet019\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Collection Name Indirect @C:\WINDOWS\system32\smlogcfg.dll,-731
Reg HKLM\SYSTEM\ControlSet019\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Counter List \Processor(_Total)\% Processor Time?\Memory\Pages/sec?\PhysicalDisk(_Total)\Avg. Disk Queue Length?
Reg HKLM\SYSTEM\ControlSet019\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Comment Cet exemple de journal fournit une vue d'ensemble des performances du syst?me.
Reg HKLM\SYSTEM\ControlSet019\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Commentaire indirect @C:\WINDOWS\system32\smlogcfg.dll,-735
Reg HKLM\SYSTEM\ControlSet019\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@RealTime DataSource 1
Reg HKLM\SYSTEM\ControlSet019\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Max Size -1
Reg HKLM\SYSTEM\ControlSet019\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Attributs du magasin de données 33
Reg HKLM\SYSTEM\ControlSet019\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Base Name System_Overview
Reg HKLM\SYSTEM\ControlSet019\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Nom de la base du fichier journal indirect @C:\WINDOWS\system32\smlogcfg.dll,-744
Reg HKLM\SYSTEM\ControlSet019\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Sql Log Base Name SQL:!Vue g?n?rale du syst?me
Reg HKLM\SYSTEM\ControlSet019\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Serial Number 1
Reg HKLM\SYSTEM\ControlSet019\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Folder C:\PerfLogs
Reg HKLM\SYSTEM\ControlSet019\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Auto Format -1
Reg HKLM\SYSTEM\ControlSet019\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Type 2
Reg HKLM\SYSTEM\ControlSet019\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@ExecuteOnly 1
Zoom62
 
Messages: 25
Inscription: 03 Déc 2009, 17:22
Localisation: Bruxelles

Besoin d'aide

Messagede Zoom62 » 10 Déc 2009, 08:48

Suite rapport Gmer:

Reg HKLM\SYSTEM\ControlSet020\Services\Eventlog\System\cbidf@EventMessageFile %SystemRoot%\System32\IoLogMsg.dll
Reg HKLM\SYSTEM\ControlSet020\Services\Eventlog\System\cbidf@TypesSupported 7
Reg HKLM\SYSTEM\ControlSet020\Services\Eventlog\System\NtServicePack@EventMessageFile %SystemRoot%\System32\spmsg.dll
Reg HKLM\SYSTEM\ControlSet020\Services\Eventlog\System\NtServicePack@TypesSupported 7
Reg HKLM\SYSTEM\ControlSet020\Services\Eventlog\System\SiS315@EventMessageFile %SystemRoot%\System32\IoLogMsg.dll;%SystemRoot%\System32\drivers\sisgrp.sys
Reg HKLM\SYSTEM\ControlSet020\Services\Eventlog\System\SiS315@TypesSupported 7
Reg HKLM\SYSTEM\ControlSet020\Services\Eventlog\System\Windows Installer 3.1@EventMessageFile %SystemRoot%\System32\spmsg.dll
Reg HKLM\SYSTEM\ControlSet020\Services\Eventlog\System\Windows Installer 3.1@TypesSupported 7
Reg HKLM\SYSTEM\ControlSet020\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet020\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet020\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x49 0x81 0xC2 0xD3 ...
Reg HKLM\SYSTEM\ControlSet020\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Current State 0
Reg HKLM\SYSTEM\ControlSet020\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log Type 0
Reg HKLM\SYSTEM\ControlSet020\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Collection Name Vue g?n?rale du syst?me
Reg HKLM\SYSTEM\ControlSet020\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Collection Name Indirect @C:\WINDOWS\system32\smlogcfg.dll,-731
Reg HKLM\SYSTEM\ControlSet020\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Counter List \Processor(_Total)\% Processor Time?\Memory\Pages/sec?\PhysicalDisk(_Total)\Avg. Disk Queue Length?
Reg HKLM\SYSTEM\ControlSet020\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Comment Cet exemple de journal fournit une vue d'ensemble des performances du syst?me.
Reg HKLM\SYSTEM\ControlSet020\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Commentaire indirect @C:\WINDOWS\system32\smlogcfg.dll,-735
Reg HKLM\SYSTEM\ControlSet020\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@RealTime DataSource 1
Reg HKLM\SYSTEM\ControlSet020\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Max Size -1
Reg HKLM\SYSTEM\ControlSet020\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Attributs du magasin de données 33
Reg HKLM\SYSTEM\ControlSet020\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Base Name System_Overview
Reg HKLM\SYSTEM\ControlSet020\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Nom de la base du fichier journal indirect @C:\WINDOWS\system32\smlogcfg.dll,-744
Reg HKLM\SYSTEM\ControlSet020\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Sql Log Base Name SQL:!Vue g?n?rale du syst?me
Reg HKLM\SYSTEM\ControlSet020\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Serial Number 1
Reg HKLM\SYSTEM\ControlSet020\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Folder C:\PerfLogs
Reg HKLM\SYSTEM\ControlSet020\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Auto Format -1
Reg HKLM\SYSTEM\ControlSet020\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Type 2
Reg HKLM\SYSTEM\ControlSet020\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@ExecuteOnly 1
Reg HKLM\SYSTEM\ControlSet021\Services\Eventlog\System\cbidf@EventMessageFile %SystemRoot%\System32\IoLogMsg.dll
Reg HKLM\SYSTEM\ControlSet021\Services\Eventlog\System\cbidf@TypesSupported 7
Reg HKLM\SYSTEM\ControlSet021\Services\Eventlog\System\NtServicePack@EventMessageFile %SystemRoot%\System32\spmsg.dll
Reg HKLM\SYSTEM\ControlSet021\Services\Eventlog\System\NtServicePack@TypesSupported 7
Reg HKLM\SYSTEM\ControlSet021\Services\Eventlog\System\SiS315@EventMessageFile %SystemRoot%\System32\IoLogMsg.dll;%SystemRoot%\System32\drivers\sisgrp.sys
Reg HKLM\SYSTEM\ControlSet021\Services\Eventlog\System\SiS315@TypesSupported 7
Reg HKLM\SYSTEM\ControlSet021\Services\Eventlog\System\Windows Installer 3.1@EventMessageFile %SystemRoot%\System32\spmsg.dll
Reg HKLM\SYSTEM\ControlSet021\Services\Eventlog\System\Windows Installer 3.1@TypesSupported 7
Reg HKLM\SYSTEM\ControlSet021\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet021\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet021\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0xE8 0xD9 0x77 0xC8 ...
Reg HKLM\SYSTEM\ControlSet021\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 C:\Program Files\Alcohol Soft\Alcohol 120\
Reg HKLM\SYSTEM\ControlSet021\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet021\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet021\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew 0x5D 0x43 0xC2 0x27 ...
Reg HKLM\SYSTEM\ControlSet021\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet021\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew 0xF7 0x84 0xF4 0x58 ...
Reg HKLM\SYSTEM\ControlSet021\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet021\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet021\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 1
Reg HKLM\SYSTEM\ControlSet021\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x72 0xF2 0x8A 0x56 ...
Reg HKLM\SYSTEM\ControlSet021\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet021\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet021\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xE2 0x6D 0x55 0xDA ...
Reg HKLM\SYSTEM\ControlSet021\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet021\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x02 0xA8 0x98 0x8B ...
Reg HKLM\SYSTEM\ControlSet021\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Current State 0
Reg HKLM\SYSTEM\ControlSet021\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log Type 0
Reg HKLM\SYSTEM\ControlSet021\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Collection Name Vue g?n?rale du syst?me
Reg HKLM\SYSTEM\ControlSet021\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Collection Name Indirect @C:\WINDOWS\system32\smlogcfg.dll,-731
Reg HKLM\SYSTEM\ControlSet021\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Counter List \Processor(_Total)\% Processor Time?\Memory\Pages/sec?\PhysicalDisk(_Total)\Avg. Disk Queue Length?
Reg HKLM\SYSTEM\ControlSet021\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Comment Cet exemple de journal fournit une vue d'ensemble des performances du syst?me.
Reg HKLM\SYSTEM\ControlSet021\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Commentaire indirect @C:\WINDOWS\system32\smlogcfg.dll,-735
Reg HKLM\SYSTEM\ControlSet021\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@RealTime DataSource 1
Reg HKLM\SYSTEM\ControlSet021\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Max Size -1
Reg HKLM\SYSTEM\ControlSet021\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Attributs du magasin de données 33
Reg HKLM\SYSTEM\ControlSet021\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Base Name System_Overview
Reg HKLM\SYSTEM\ControlSet021\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Nom de la base du fichier journal indirect @C:\WINDOWS\system32\smlogcfg.dll,-744
Reg HKLM\SYSTEM\ControlSet021\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Sql Log Base Name SQL:!Vue g?n?rale du syst?me
Reg HKLM\SYSTEM\ControlSet021\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Serial Number 1
Reg HKLM\SYSTEM\ControlSet021\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Folder C:\PerfLogs
Reg HKLM\SYSTEM\ControlSet021\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Auto Format -1
Reg HKLM\SYSTEM\ControlSet021\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Type 2
Reg HKLM\SYSTEM\ControlSet021\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@ExecuteOnly 1
Reg HKLM\SYSTEM\ControlSet022\Services\Eventlog\System\cbidf@EventMessageFile %SystemRoot%\System32\IoLogMsg.dll
Reg HKLM\SYSTEM\ControlSet022\Services\Eventlog\System\cbidf@TypesSupported 7
Reg HKLM\SYSTEM\ControlSet022\Services\Eventlog\System\NtServicePack@EventMessageFile %SystemRoot%\System32\spmsg.dll
Reg HKLM\SYSTEM\ControlSet022\Services\Eventlog\System\NtServicePack@TypesSupported 7
Reg HKLM\SYSTEM\ControlSet022\Services\Eventlog\System\SiS315@EventMessageFile %SystemRoot%\System32\IoLogMsg.dll;%SystemRoot%\System32\drivers\sisgrp.sys
Reg HKLM\SYSTEM\ControlSet022\Services\Eventlog\System\SiS315@TypesSupported 7
Reg HKLM\SYSTEM\ControlSet022\Services\Eventlog\System\Windows Installer 3.1@EventMessageFile %SystemRoot%\System32\spmsg.dll
Reg HKLM\SYSTEM\ControlSet022\Services\Eventlog\System\Windows Installer 3.1@TypesSupported 7
Reg HKLM\SYSTEM\ControlSet022\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet022\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet022\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0xE8 0xD9 0x77 0xC8 ...
Reg HKLM\SYSTEM\ControlSet022\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 C:\Program Files\Alcohol Soft\Alcohol 120\
Reg HKLM\SYSTEM\ControlSet022\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet022\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet022\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew 0x5D 0x43 0xC2 0x27 ...
Reg HKLM\SYSTEM\ControlSet022\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet022\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew 0xF7 0x84 0xF4 0x58 ...
Reg HKLM\SYSTEM\ControlSet022\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet022\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet022\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 1
Reg HKLM\SYSTEM\ControlSet022\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x72 0xF2 0x8A 0x56 ...
Reg HKLM\SYSTEM\ControlSet022\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet022\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet022\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xE2 0x6D 0x55 0xDA ...
Reg HKLM\SYSTEM\ControlSet022\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet022\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x02 0xA8 0x98 0x8B ...
Reg HKLM\SYSTEM\ControlSet022\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Current State 0
Reg HKLM\SYSTEM\ControlSet022\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log Type 0
Reg HKLM\SYSTEM\ControlSet022\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Collection Name Vue g?n?rale du syst?me
Reg HKLM\SYSTEM\ControlSet022\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Collection Name Indirect @C:\WINDOWS\system32\smlogcfg.dll,-731
Reg HKLM\SYSTEM\ControlSet022\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Counter List \Processor(_Total)\% Processor Time?\Memory\Pages/sec?\PhysicalDisk(_Total)\Avg. Disk Queue Length?
Reg HKLM\SYSTEM\ControlSet022\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Comment Cet exemple de journal fournit une vue d'ensemble des performances du syst?me.
Reg HKLM\SYSTEM\ControlSet022\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Commentaire indirect @C:\WINDOWS\system32\smlogcfg.dll,-735
Reg HKLM\SYSTEM\ControlSet022\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@RealTime DataSource 1
Reg HKLM\SYSTEM\ControlSet022\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Max Size -1
Reg HKLM\SYSTEM\ControlSet022\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Attributs du magasin de données 33
Reg HKLM\SYSTEM\ControlSet022\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Base Name System_Overview
Reg HKLM\SYSTEM\ControlSet022\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Nom de la base du fichier journal indirect @C:\WINDOWS\system32\smlogcfg.dll,-744
Reg HKLM\SYSTEM\ControlSet022\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Sql Log Base Name SQL:!Vue g?n?rale du syst?me
Reg HKLM\SYSTEM\ControlSet022\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Serial Number 1
Reg HKLM\SYSTEM\ControlSet022\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Folder C:\PerfLogs
Reg HKLM\SYSTEM\ControlSet022\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Auto Format -1
Reg HKLM\SYSTEM\ControlSet022\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Type 2
Reg HKLM\SYSTEM\ControlSet022\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@ExecuteOnly 1
Reg HKLM\SYSTEM\ControlSet023\Services\Eventlog\System\cbidf@EventMessageFile %SystemRoot%\System32\IoLogMsg.dll
Reg HKLM\SYSTEM\ControlSet023\Services\Eventlog\System\cbidf@TypesSupported 7
Reg HKLM\SYSTEM\ControlSet023\Services\Eventlog\System\NtServicePack@EventMessageFile %SystemRoot%\System32\spmsg.dll
Reg HKLM\SYSTEM\ControlSet023\Services\Eventlog\System\NtServicePack@TypesSupported 7
Reg HKLM\SYSTEM\ControlSet023\Services\Eventlog\System\SiS315@EventMessageFile %SystemRoot%\System32\IoLogMsg.dll;%SystemRoot%\System32\drivers\sisgrp.sys
Reg HKLM\SYSTEM\ControlSet023\Services\Eventlog\System\SiS315@TypesSupported 7
Reg HKLM\SYSTEM\ControlSet023\Services\Eventlog\System\Windows Installer 3.1@EventMessageFile %SystemRoot%\System32\spmsg.dll
Reg HKLM\SYSTEM\ControlSet023\Services\Eventlog\System\Windows Installer 3.1@TypesSupported 7
Reg HKLM\SYSTEM\ControlSet023\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet023\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet023\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0xE8 0xD9 0x77 0xC8 ...
Reg HKLM\SYSTEM\ControlSet023\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 C:\Program Files\Alcohol Soft\Alcohol 120\
Reg HKLM\SYSTEM\ControlSet023\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet023\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet023\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew 0x5D 0x43 0xC2 0x27 ...
Reg HKLM\SYSTEM\ControlSet023\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet023\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew 0xF7 0x84 0xF4 0x58 ...
Reg HKLM\SYSTEM\ControlSet023\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet023\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet023\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 1
Reg HKLM\SYSTEM\ControlSet023\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x72 0xF2 0x8A 0x56 ...
Reg HKLM\SYSTEM\ControlSet023\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet023\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet023\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xE2 0x6D 0x55 0xDA ...
Reg HKLM\SYSTEM\ControlSet023\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet023\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x02 0xA8 0x98 0x8B ...
Reg HKLM\SYSTEM\ControlSet023\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Current State 0
Reg HKLM\SYSTEM\ControlSet023\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log Type 0
Reg HKLM\SYSTEM\ControlSet023\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Collection Name Vue g?n?rale du syst?me
Reg HKLM\SYSTEM\ControlSet023\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Collection Name Indirect @C:\WINDOWS\system32\smlogcfg.dll,-731
Reg HKLM\SYSTEM\ControlSet023\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Counter List \Processor(_Total)\% Processor Time?\Memory\Pages/sec?\PhysicalDisk(_Total)\Avg. Disk Queue Length?
Reg HKLM\SYSTEM\ControlSet023\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Comment Cet exemple de journal fournit une vue d'ensemble des performances du syst?me.
Reg HKLM\SYSTEM\ControlSet023\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Commentaire indirect @C:\WINDOWS\system32\smlogcfg.dll,-735
Reg HKLM\SYSTEM\ControlSet023\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@RealTime DataSource 1
Reg HKLM\SYSTEM\ControlSet023\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Max Size -1
Reg HKLM\SYSTEM\ControlSet023\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Attributs du magasin de données 33
Reg HKLM\SYSTEM\ControlSet023\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Base Name System_Overview
Reg HKLM\SYSTEM\ControlSet023\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Nom de la base du fichier journal indirect @C:\WINDOWS\system32\smlogcfg.dll,-744
Reg HKLM\SYSTEM\ControlSet023\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Sql Log Base Name SQL:!Vue g?n?rale du syst?me
Reg HKLM\SYSTEM\ControlSet023\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Serial Number 1
Reg HKLM\SYSTEM\ControlSet023\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Folder C:\PerfLogs
Reg HKLM\SYSTEM\ControlSet023\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Auto Format -1
Reg HKLM\SYSTEM\ControlSet023\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Type 2
Reg HKLM\SYSTEM\ControlSet023\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@ExecuteOnly 1
Reg HKLM\SYSTEM\ControlSet024\Services\Eventlog\System\cbidf@EventMessageFile %SystemRoot%\System32\IoLogMsg.dll
Reg HKLM\SYSTEM\ControlSet024\Services\Eventlog\System\cbidf@TypesSupported 7
Reg HKLM\SYSTEM\ControlSet024\Services\Eventlog\System\NtServicePack@EventMessageFile %SystemRoot%\System32\spmsg.dll
Reg HKLM\SYSTEM\ControlSet024\Services\Eventlog\System\NtServicePack@TypesSupported 7
Reg HKLM\SYSTEM\ControlSet024\Services\Eventlog\System\SiS315@EventMessageFile %SystemRoot%\System32\IoLogMsg.dll;%SystemRoot%\System32\drivers\sisgrp.sys
Reg HKLM\SYSTEM\ControlSet024\Services\Eventlog\System\SiS315@TypesSupported 7
Reg HKLM\SYSTEM\ControlSet024\Services\Eventlog\System\Windows Installer 3.1@EventMessageFile %SystemRoot%\System32\spmsg.dll
Reg HKLM\SYSTEM\ControlSet024\Services\Eventlog\System\Windows Installer 3.1@TypesSupported 7
Reg HKLM\SYSTEM\ControlSet024\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet024\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet024\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0xE8 0xD9 0x77 0xC8 ...
Reg HKLM\SYSTEM\ControlSet024\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 C:\Program Files\Alcohol Soft\Alcohol 120\
Reg HKLM\SYSTEM\ControlSet024\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet024\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet024\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew 0x5D 0x43 0xC2 0x27 ...
Reg HKLM\SYSTEM\ControlSet024\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet024\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew 0xF7 0x84 0xF4 0x58 ...
Reg HKLM\SYSTEM\ControlSet024\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet024\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet024\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 1
Reg HKLM\SYSTEM\ControlSet024\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x72 0xF2 0x8A 0x56 ...
Reg HKLM\SYSTEM\ControlSet024\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet024\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet024\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xE2 0x6D 0x55 0xDA ...
Reg HKLM\SYSTEM\ControlSet024\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet024\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x02 0xA8 0x98 0x8B ...
Reg HKLM\SYSTEM\ControlSet024\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Current State 0
Reg HKLM\SYSTEM\ControlSet024\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log Type 0
Reg HKLM\SYSTEM\ControlSet024\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Collection Name Vue g?n?rale du syst?me
Reg HKLM\SYSTEM\ControlSet024\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Collection Name Indirect @C:\WINDOWS\system32\smlogcfg.dll,-731
Reg HKLM\SYSTEM\ControlSet024\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Counter List \Processor(_Total)\% Processor Time?\Memory\Pages/sec?\PhysicalDisk(_Total)\Avg. Disk Queue Length?
Reg HKLM\SYSTEM\ControlSet024\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Comment Cet exemple de journal fournit une vue d'ensemble des performances du syst?me.
Reg HKLM\SYSTEM\ControlSet024\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Commentaire indirect @C:\WINDOWS\system32\smlogcfg.dll,-735
Reg HKLM\SYSTEM\ControlSet024\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@RealTime DataSource 1
Reg HKLM\SYSTEM\ControlSet024\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Max Size -1
Reg HKLM\SYSTEM\ControlSet024\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Attributs du magasin de données 33
Reg HKLM\SYSTEM\ControlSet024\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Base Name System_Overview
Reg HKLM\SYSTEM\ControlSet024\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Nom de la base du fichier journal indirect @C:\WINDOWS\system32\smlogcfg.dll,-744
Reg HKLM\SYSTEM\ControlSet024\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Sql Log Base Name SQL:!Vue g?n?rale du syst?me
Reg HKLM\SYSTEM\ControlSet024\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Serial Number 1
Reg HKLM\SYSTEM\ControlSet024\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Folder C:\PerfLogs
Reg HKLM\SYSTEM\ControlSet024\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Auto Format -1
Reg HKLM\SYSTEM\ControlSet024\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Type 2
Reg HKLM\SYSTEM\ControlSet024\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@ExecuteOnly 1
Reg HKLM\SYSTEM\ControlSet025\Services\Eventlog\System\cbidf@EventMessageFile %SystemRoot%\System32\IoLogMsg.dll
Reg HKLM\SYSTEM\ControlSet025\Services\Eventlog\System\cbidf@TypesSupported 7
Reg HKLM\SYSTEM\ControlSet025\Services\Eventlog\System\NtServicePack@EventMessageFile %SystemRoot%\System32\spmsg.dll
Reg HKLM\SYSTEM\ControlSet025\Services\Eventlog\System\NtServicePack@TypesSupported 7
Reg HKLM\SYSTEM\ControlSet025\Services\Eventlog\System\SiS315@EventMessageFile %SystemRoot%\System32\IoLogMsg.dll;%SystemRoot%\System32\drivers\sisgrp.sys
Reg HKLM\SYSTEM\ControlSet025\Services\Eventlog\System\SiS315@TypesSupported 7
Reg HKLM\SYSTEM\ControlSet025\Services\Eventlog\System\Windows Installer 3.1@EventMessageFile %SystemRoot%\System32\spmsg.dll
Reg HKLM\SYSTEM\ControlSet025\Services\Eventlog\System\Windows Installer 3.1@TypesSupported 7
Reg HKLM\SYSTEM\ControlSet025\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet025\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet025\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0xE8 0xD9 0x77 0xC8 ...
Reg HKLM\SYSTEM\ControlSet025\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 C:\Program Files\Alcohol Soft\Alcohol 120\
Reg HKLM\SYSTEM\ControlSet025\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet025\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet025\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew 0x5D 0x43 0xC2 0x27 ...
Reg HKLM\SYSTEM\ControlSet025\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet025\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew 0xF7 0x84 0xF4 0x58 ...
Reg HKLM\SYSTEM\ControlSet025\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet025\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet025\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 1
Reg HKLM\SYSTEM\ControlSet025\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x72 0xF2 0x8A 0x56 ...
Reg HKLM\SYSTEM\ControlSet025\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet025\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet025\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xE2 0x6D 0x55 0xDA ...
Reg HKLM\SYSTEM\ControlSet025\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet025\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x02 0xA8 0x98 0x8B ...
Reg HKLM\SYSTEM\ControlSet025\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Current State 0
Reg HKLM\SYSTEM\ControlSet025\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log Type 0
Reg HKLM\SYSTEM\ControlSet025\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Collection Name Vue g?n?rale du syst?me
Reg HKLM\SYSTEM\ControlSet025\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Collection Name Indirect @C:\WINDOWS\system32\smlogcfg.dll,-731
Reg HKLM\SYSTEM\ControlSet025\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Counter List \Processor(_Total)\% Processor Time?\Memory\Pages/sec?\PhysicalDisk(_Total)\Avg. Disk Queue Length?
Reg HKLM\SYSTEM\ControlSet025\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Comment Cet exemple de journal fournit une vue d'ensemble des performances du syst?me.
Reg HKLM\SYSTEM\ControlSet025\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Commentaire indirect @C:\WINDOWS\system32\smlogcfg.dll,-735
Reg HKLM\SYSTEM\ControlSet025\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@RealTime DataSource 1
Reg HKLM\SYSTEM\ControlSet025\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Max Size -1
Reg HKLM\SYSTEM\ControlSet025\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Attributs du magasin de données 33
Reg HKLM\SYSTEM\ControlSet025\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Base Name System_Overview
Reg HKLM\SYSTEM\ControlSet025\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Nom de la base du fichier journal indirect @C:\WINDOWS\system32\smlogcfg.dll,-744
Reg HKLM\SYSTEM\ControlSet025\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Sql Log Base Name SQL:!Vue g?n?rale du syst?me
Reg HKLM\SYSTEM\ControlSet025\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Serial Number 1
Reg HKLM\SYSTEM\ControlSet025\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Folder C:\PerfLogs
Reg HKLM\SYSTEM\ControlSet025\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Auto Format -1
Reg HKLM\SYSTEM\ControlSet025\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Type 2
Reg HKLM\SYSTEM\ControlSet025\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@ExecuteOnly 1
Reg HKLM\SYSTEM\ControlSet026\Services\Eventlog\System\cbidf@EventMessageFile %SystemRoot%\System32\IoLogMsg.dll
Reg HKLM\SYSTEM\ControlSet026\Services\Eventlog\System\cbidf@TypesSupported 7
Reg HKLM\SYSTEM\ControlSet026\Services\Eventlog\System\NtServicePack@EventMessageFile %SystemRoot%\System32\spmsg.dll
Reg HKLM\SYSTEM\ControlSet026\Services\Eventlog\System\NtServicePack@TypesSupported 7
Reg HKLM\SYSTEM\ControlSet026\Services\Eventlog\System\SiS315@EventMessageFile %SystemRoot%\System32\IoLogMsg.dll;%SystemRoot%\System32\drivers\sisgrp.sys
Reg HKLM\SYSTEM\ControlSet026\Services\Eventlog\System\SiS315@TypesSupported 7
Reg HKLM\SYSTEM\ControlSet026\Services\Eventlog\System\Windows Installer 3.1@EventMessageFile %SystemRoot%\System32\spmsg.dll
Reg HKLM\SYSTEM\ControlSet026\Services\Eventlog\System\Windows Installer 3.1@TypesSupported 7
Reg HKLM\SYSTEM\ControlSet026\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet026\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet026\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0xE8 0xD9 0x77 0xC8 ...
Reg HKLM\SYSTEM\ControlSet026\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 C:\Program Files\Alcohol Soft\Alcohol 120\
Reg HKLM\SYSTEM\ControlSet026\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet026\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet026\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew 0x5D 0x43 0xC2 0x27 ...
Reg HKLM\SYSTEM\ControlSet026\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet026\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew 0xF7 0x84 0xF4 0x58 ...
Reg HKLM\SYSTEM\ControlSet026\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet026\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet026\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 1
Reg HKLM\SYSTEM\ControlSet026\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x72 0xF2 0x8A 0x56 ...
Reg HKLM\SYSTEM\ControlSet026\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet026\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet026\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xE2 0x6D 0x55 0xDA ...
Reg HKLM\SYSTEM\ControlSet026\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet026\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x02 0xA8 0x98 0x8B ...
Reg HKLM\SYSTEM\ControlSet026\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Current State 0
Reg HKLM\SYSTEM\ControlSet026\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log Type 0
Reg HKLM\SYSTEM\ControlSet026\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Collection Name Vue g?n?rale du syst?me
Reg HKLM\SYSTEM\ControlSet026\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Collection Name Indirect @C:\WINDOWS\system32\smlogcfg.dll,-731
Reg HKLM\SYSTEM\ControlSet026\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Counter List \Processor(_Total)\% Processor Time?\Memory\Pages/sec?\PhysicalDisk(_Total)\Avg. Disk Queue Length?
Reg HKLM\SYSTEM\ControlSet026\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Comment Cet exemple de journal fournit une vue d'ensemble des performances du syst?me.
Reg HKLM\SYSTEM\ControlSet026\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Commentaire indirect @C:\WINDOWS\system32\smlogcfg.dll,-735
Reg HKLM\SYSTEM\ControlSet026\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@RealTime DataSource 1
Reg HKLM\SYSTEM\ControlSet026\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Max Size -1
Reg HKLM\SYSTEM\ControlSet026\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Attributs du magasin de données 33
Reg HKLM\SYSTEM\ControlSet026\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Base Name System_Overview
Reg HKLM\SYSTEM\ControlSet026\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Nom de la base du fichier journal indirect @C:\WINDOWS\system32\smlogcfg.dll,-744
Reg HKLM\SYSTEM\ControlSet026\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Sql Log Base Name SQL:!Vue g?n?rale du syst?me
Reg HKLM\SYSTEM\ControlSet026\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Serial Number 1
Reg HKLM\SYSTEM\ControlSet026\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Folder C:\PerfLogs
Reg HKLM\SYSTEM\ControlSet026\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Auto Format -1
Reg HKLM\SYSTEM\ControlSet026\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Type 2
Reg HKLM\SYSTEM\ControlSet026\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@ExecuteOnly 1
Reg HKLM\SYSTEM\ControlSet027\Services\Eventlog\System\cbidf@EventMessageFile %SystemRoot%\System32\IoLogMsg.dll
Reg HKLM\SYSTEM\ControlSet027\Services\Eventlog\System\cbidf@TypesSupported 7
Reg HKLM\SYSTEM\ControlSet027\Services\Eventlog\System\NtServicePack@EventMessageFile %SystemRoot%\System32\spmsg.dll
Reg HKLM\SYSTEM\ControlSet027\Services\Eventlog\System\NtServicePack@TypesSupported 7
Reg HKLM\SYSTEM\ControlSet027\Services\Eventlog\System\SiS315@EventMessageFile %SystemRoot%\System32\IoLogMsg.dll;%SystemRoot%\System32\drivers\sisgrp.sys
Reg HKLM\SYSTEM\ControlSet027\Services\Eventlog\System\SiS315@TypesSupported 7
Reg HKLM\SYSTEM\ControlSet027\Services\Eventlog\System\Windows Installer 3.1@EventMessageFile %SystemRoot%\System32\spmsg.dll
Reg HKLM\SYSTEM\ControlSet027\Services\Eventlog\System\Windows Installer 3.1@TypesSupported 7
Reg HKLM\SYSTEM\ControlSet027\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet027\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet027\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0xE8 0xD9 0x77 0xC8 ...
Reg HKLM\SYSTEM\ControlSet027\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 C:\Program Files\Alcohol Soft\Alcohol 120\
Reg HKLM\SYSTEM\ControlSet027\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet027\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet027\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew 0x5D 0x43 0xC2 0x27 ...
Reg HKLM\SYSTEM\ControlSet027\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet027\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew 0xF7 0x84 0xF4 0x58 ...
Reg HKLM\SYSTEM\ControlSet027\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet027\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet027\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 1
Reg HKLM\SYSTEM\ControlSet027\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x72 0xF2 0x8A 0x56 ...
Reg HKLM\SYSTEM\ControlSet027\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet027\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet027\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xE2 0x6D 0x55 0xDA ...
Reg HKLM\SYSTEM\ControlSet027\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet027\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x02 0xA8 0x98 0x8B ...
Zoom62
 
Messages: 25
Inscription: 03 Déc 2009, 17:22
Localisation: Bruxelles

Besoin d'aide

Messagede Zoom62 » 10 Déc 2009, 08:58

Suite Gmer:

Reg HKLM\SYSTEM\ControlSet027\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Current State 0
Reg HKLM\SYSTEM\ControlSet027\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log Type 0
Reg HKLM\SYSTEM\ControlSet027\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Collection Name Vue g?n?rale du syst?me
Reg HKLM\SYSTEM\ControlSet027\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Collection Name Indirect @C:\WINDOWS\system32\smlogcfg.dll,-731
Reg HKLM\SYSTEM\ControlSet027\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Counter List \Processor(_Total)\% Processor Time?\Memory\Pages/sec?\PhysicalDisk(_Total)\Avg. Disk Queue Length?
Reg HKLM\SYSTEM\ControlSet027\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Comment Cet exemple de journal fournit une vue d'ensemble des performances du syst?me.
Reg HKLM\SYSTEM\ControlSet027\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Commentaire indirect @C:\WINDOWS\system32\smlogcfg.dll,-735
Reg HKLM\SYSTEM\ControlSet027\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@RealTime DataSource 1
Reg HKLM\SYSTEM\ControlSet027\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Max Size -1
Reg HKLM\SYSTEM\ControlSet027\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Attributs du magasin de données 33
Reg HKLM\SYSTEM\ControlSet027\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Base Name System_Overview
Reg HKLM\SYSTEM\ControlSet027\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Nom de la base du fichier journal indirect @C:\WINDOWS\system32\smlogcfg.dll,-744
Reg HKLM\SYSTEM\ControlSet027\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Sql Log Base Name SQL:!Vue g?n?rale du syst?me
Reg HKLM\SYSTEM\ControlSet027\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Serial Number 1
Reg HKLM\SYSTEM\ControlSet027\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Folder C:\PerfLogs
Reg HKLM\SYSTEM\ControlSet027\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Auto Format -1
Reg HKLM\SYSTEM\ControlSet027\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Type 2
Reg HKLM\SYSTEM\ControlSet027\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@ExecuteOnly 1
Reg HKLM\SYSTEM\ControlSet028\Services\Eventlog\System\cbidf@EventMessageFile %SystemRoot%\System32\IoLogMsg.dll
Reg HKLM\SYSTEM\ControlSet028\Services\Eventlog\System\cbidf@TypesSupported 7
Reg HKLM\SYSTEM\ControlSet028\Services\Eventlog\System\NtServicePack@EventMessageFile %SystemRoot%\System32\spmsg.dll
Reg HKLM\SYSTEM\ControlSet028\Services\Eventlog\System\NtServicePack@TypesSupported 7
Reg HKLM\SYSTEM\ControlSet028\Services\Eventlog\System\SiS315@EventMessageFile %SystemRoot%\System32\IoLogMsg.dll;%SystemRoot%\System32\drivers\sisgrp.sys
Reg HKLM\SYSTEM\ControlSet028\Services\Eventlog\System\SiS315@TypesSupported 7
Reg HKLM\SYSTEM\ControlSet028\Services\Eventlog\System\Windows Installer 3.1@EventMessageFile %SystemRoot%\System32\spmsg.dll
Reg HKLM\SYSTEM\ControlSet028\Services\Eventlog\System\Windows Installer 3.1@TypesSupported 7
Reg HKLM\SYSTEM\ControlSet028\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet028\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet028\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0xE8 0xD9 0x77 0xC8 ...
Reg HKLM\SYSTEM\ControlSet028\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 C:\Program Files\Alcohol Soft\Alcohol 120\
Reg HKLM\SYSTEM\ControlSet028\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet028\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet028\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew 0x5D 0x43 0xC2 0x27 ...
Reg HKLM\SYSTEM\ControlSet028\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet028\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew 0xF7 0x84 0xF4 0x58 ...
Reg HKLM\SYSTEM\ControlSet028\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet028\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet028\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 1
Reg HKLM\SYSTEM\ControlSet028\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x72 0xF2 0x8A 0x56 ...
Reg HKLM\SYSTEM\ControlSet028\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet028\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet028\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xE2 0x6D 0x55 0xDA ...
Reg HKLM\SYSTEM\ControlSet028\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet028\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x02 0xA8 0x98 0x8B ...
Reg HKLM\SYSTEM\ControlSet028\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Current State 0
Reg HKLM\SYSTEM\ControlSet028\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log Type 0
Reg HKLM\SYSTEM\ControlSet028\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Collection Name Vue g?n?rale du syst?me
Reg HKLM\SYSTEM\ControlSet028\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Collection Name Indirect @C:\WINDOWS\system32\smlogcfg.dll,-731
Reg HKLM\SYSTEM\ControlSet028\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Counter List \Processor(_Total)\% Processor Time?\Memory\Pages/sec?\PhysicalDisk(_Total)\Avg. Disk Queue Length?
Reg HKLM\SYSTEM\ControlSet028\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Comment Cet exemple de journal fournit une vue d'ensemble des performances du syst?me.
Reg HKLM\SYSTEM\ControlSet028\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Commentaire indirect @C:\WINDOWS\system32\smlogcfg.dll,-735
Reg HKLM\SYSTEM\ControlSet028\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@RealTime DataSource 1
Reg HKLM\SYSTEM\ControlSet028\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Max Size -1
Reg HKLM\SYSTEM\ControlSet028\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Attributs du magasin de données 33
Reg HKLM\SYSTEM\ControlSet028\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Base Name System_Overview
Reg HKLM\SYSTEM\ControlSet028\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Nom de la base du fichier journal indirect @C:\WINDOWS\system32\smlogcfg.dll,-744
Reg HKLM\SYSTEM\ControlSet028\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Sql Log Base Name SQL:!Vue g?n?rale du syst?me
Reg HKLM\SYSTEM\ControlSet028\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Serial Number 1
Reg HKLM\SYSTEM\ControlSet028\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Folder C:\PerfLogs
Reg HKLM\SYSTEM\ControlSet028\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Auto Format -1
Reg HKLM\SYSTEM\ControlSet028\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Type 2
Reg HKLM\SYSTEM\ControlSet028\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@ExecuteOnly 1
Reg HKLM\SYSTEM\ControlSet029\Services\Eventlog\System\cbidf@EventMessageFile %SystemRoot%\System32\IoLogMsg.dll
Reg HKLM\SYSTEM\ControlSet029\Services\Eventlog\System\cbidf@TypesSupported 7
Reg HKLM\SYSTEM\ControlSet029\Services\Eventlog\System\NtServicePack@EventMessageFile %SystemRoot%\System32\spmsg.dll
Reg HKLM\SYSTEM\ControlSet029\Services\Eventlog\System\NtServicePack@TypesSupported 7
Reg HKLM\SYSTEM\ControlSet029\Services\Eventlog\System\SiS315@EventMessageFile %SystemRoot%\System32\IoLogMsg.dll;%SystemRoot%\System32\drivers\sisgrp.sys
Reg HKLM\SYSTEM\ControlSet029\Services\Eventlog\System\SiS315@TypesSupported 7
Reg HKLM\SYSTEM\ControlSet029\Services\Eventlog\System\Windows Installer 3.1@EventMessageFile %SystemRoot%\System32\spmsg.dll
Reg HKLM\SYSTEM\ControlSet029\Services\Eventlog\System\Windows Installer 3.1@TypesSupported 7
Reg HKLM\SYSTEM\ControlSet029\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet029\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet029\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0xE8 0xD9 0x77 0xC8 ...
Reg HKLM\SYSTEM\ControlSet029\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 C:\Program Files\Alcohol Soft\Alcohol 120\
Reg HKLM\SYSTEM\ControlSet029\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet029\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet029\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew 0x5D 0x43 0xC2 0x27 ...
Reg HKLM\SYSTEM\ControlSet029\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet029\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew 0xF7 0x84 0xF4 0x58 ...
Reg HKLM\SYSTEM\ControlSet029\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet029\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet029\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 1
Reg HKLM\SYSTEM\ControlSet029\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x72 0xF2 0x8A 0x56 ...
Reg HKLM\SYSTEM\ControlSet029\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet029\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet029\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xE2 0x6D 0x55 0xDA ...
Reg HKLM\SYSTEM\ControlSet029\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet029\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x02 0xA8 0x98 0x8B ...
Reg HKLM\SYSTEM\ControlSet029\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Current State 0
Reg HKLM\SYSTEM\ControlSet029\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log Type 0
Reg HKLM\SYSTEM\ControlSet029\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Collection Name Vue g?n?rale du syst?me
Reg HKLM\SYSTEM\ControlSet029\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Collection Name Indirect @C:\WINDOWS\system32\smlogcfg.dll,-731
Reg HKLM\SYSTEM\ControlSet029\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Counter List \Processor(_Total)\% Processor Time?\Memory\Pages/sec?\PhysicalDisk(_Total)\Avg. Disk Queue Length?
Reg HKLM\SYSTEM\ControlSet029\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Comment Cet exemple de journal fournit une vue d'ensemble des performances du syst?me.
Reg HKLM\SYSTEM\ControlSet029\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Commentaire indirect @C:\WINDOWS\system32\smlogcfg.dll,-735
Reg HKLM\SYSTEM\ControlSet029\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@RealTime DataSource 1
Reg HKLM\SYSTEM\ControlSet029\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Max Size -1
Reg HKLM\SYSTEM\ControlSet029\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Attributs du magasin de données 33
Reg HKLM\SYSTEM\ControlSet029\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Base Name System_Overview
Reg HKLM\SYSTEM\ControlSet029\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Nom de la base du fichier journal indirect @C:\WINDOWS\system32\smlogcfg.dll,-744
Reg HKLM\SYSTEM\ControlSet029\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Sql Log Base Name SQL:!Vue g?n?rale du syst?me
Reg HKLM\SYSTEM\ControlSet029\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Serial Number 1
Reg HKLM\SYSTEM\ControlSet029\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Folder C:\PerfLogs
Reg HKLM\SYSTEM\ControlSet029\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Auto Format -1
Reg HKLM\SYSTEM\ControlSet029\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Type 2
Reg HKLM\SYSTEM\ControlSet029\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@ExecuteOnly 1
Reg HKLM\SYSTEM\ControlSet030\Services\Eventlog\System\cbidf@EventMessageFile %SystemRoot%\System32\IoLogMsg.dll
Reg HKLM\SYSTEM\ControlSet030\Services\Eventlog\System\cbidf@TypesSupported 7
Reg HKLM\SYSTEM\ControlSet030\Services\Eventlog\System\NtServicePack@EventMessageFile %SystemRoot%\System32\spmsg.dll
Reg HKLM\SYSTEM\ControlSet030\Services\Eventlog\System\NtServicePack@TypesSupported 7
Reg HKLM\SYSTEM\ControlSet030\Services\Eventlog\System\SiS315@EventMessageFile %SystemRoot%\System32\IoLogMsg.dll;%SystemRoot%\System32\drivers\sisgrp.sys
Reg HKLM\SYSTEM\ControlSet030\Services\Eventlog\System\SiS315@TypesSupported 7
Reg HKLM\SYSTEM\ControlSet030\Services\Eventlog\System\Windows Installer 3.1@EventMessageFile %SystemRoot%\System32\spmsg.dll
Reg HKLM\SYSTEM\ControlSet030\Services\Eventlog\System\Windows Installer 3.1@TypesSupported 7
Reg HKLM\SYSTEM\ControlSet030\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet030\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet030\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0xE8 0xD9 0x77 0xC8 ...
Reg HKLM\SYSTEM\ControlSet030\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 C:\Program Files\Alcohol Soft\Alcohol 120\
Reg HKLM\SYSTEM\ControlSet030\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet030\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet030\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew 0x5D 0x43 0xC2 0x27 ...
Reg HKLM\SYSTEM\ControlSet030\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet030\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew 0xF7 0x84 0xF4 0x58 ...
Reg HKLM\SYSTEM\ControlSet030\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet030\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet030\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 1
Reg HKLM\SYSTEM\ControlSet030\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x72 0xF2 0x8A 0x56 ...
Reg HKLM\SYSTEM\ControlSet030\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet030\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet030\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xE2 0x6D 0x55 0xDA ...
Reg HKLM\SYSTEM\ControlSet030\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet030\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x02 0xA8 0x98 0x8B ...
Reg HKLM\SYSTEM\ControlSet030\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Current State 0
Reg HKLM\SYSTEM\ControlSet030\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log Type 0
Reg HKLM\SYSTEM\ControlSet030\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Collection Name Vue g?n?rale du syst?me
Reg HKLM\SYSTEM\ControlSet030\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Collection Name Indirect @C:\WINDOWS\system32\smlogcfg.dll,-731
Reg HKLM\SYSTEM\ControlSet030\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Counter List \Processor(_Total)\% Processor Time?\Memory\Pages/sec?\PhysicalDisk(_Total)\Avg. Disk Queue Length?
Reg HKLM\SYSTEM\ControlSet030\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Comment Cet exemple de journal fournit une vue d'ensemble des performances du syst?me.
Reg HKLM\SYSTEM\ControlSet030\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Commentaire indirect @C:\WINDOWS\system32\smlogcfg.dll,-735
Reg HKLM\SYSTEM\ControlSet030\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@RealTime DataSource 1
Reg HKLM\SYSTEM\ControlSet030\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Max Size -1
Reg HKLM\SYSTEM\ControlSet030\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Attributs du magasin de données 33
Reg HKLM\SYSTEM\ControlSet030\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Base Name System_Overview
Reg HKLM\SYSTEM\ControlSet030\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Nom de la base du fichier journal indirect @C:\WINDOWS\system32\smlogcfg.dll,-744
Reg HKLM\SYSTEM\ControlSet030\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Sql Log Base Name SQL:!Vue g?n?rale du syst?me
Reg HKLM\SYSTEM\ControlSet030\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Serial Number 1
Reg HKLM\SYSTEM\ControlSet030\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Folder C:\PerfLogs
Reg HKLM\SYSTEM\ControlSet030\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Auto Format -1
Reg HKLM\SYSTEM\ControlSet030\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Type 2
Reg HKLM\SYSTEM\ControlSet030\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@ExecuteOnly 1
Reg HKLM\SYSTEM\ControlSet031\Services\Eventlog\System\cbidf@EventMessageFile %SystemRoot%\System32\IoLogMsg.dll
Reg HKLM\SYSTEM\ControlSet031\Services\Eventlog\System\cbidf@TypesSupported 7
Reg HKLM\SYSTEM\ControlSet031\Services\Eventlog\System\NtServicePack@EventMessageFile %SystemRoot%\System32\spmsg.dll
Reg HKLM\SYSTEM\ControlSet031\Services\Eventlog\System\NtServicePack@TypesSupported 7
Reg HKLM\SYSTEM\ControlSet031\Services\Eventlog\System\SiS315@EventMessageFile %SystemRoot%\System32\IoLogMsg.dll;%SystemRoot%\System32\drivers\sisgrp.sys
Reg HKLM\SYSTEM\ControlSet031\Services\Eventlog\System\SiS315@TypesSupported 7
Reg HKLM\SYSTEM\ControlSet031\Services\Eventlog\System\Windows Installer 3.1@EventMessageFile %SystemRoot%\System32\spmsg.dll
Reg HKLM\SYSTEM\ControlSet031\Services\Eventlog\System\Windows Installer 3.1@TypesSupported 7
Reg HKLM\SYSTEM\ControlSet031\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet031\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet031\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0xE8 0xD9 0x77 0xC8 ...
Reg HKLM\SYSTEM\ControlSet031\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 C:\Program Files\Alcohol Soft\Alcohol 120\
Reg HKLM\SYSTEM\ControlSet031\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet031\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet031\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew 0x5D 0x43 0xC2 0x27 ...
Reg HKLM\SYSTEM\ControlSet031\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet031\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew 0xF7 0x84 0xF4 0x58 ...
Reg HKLM\SYSTEM\ControlSet031\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet031\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet031\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 1
Reg HKLM\SYSTEM\ControlSet031\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x72 0xF2 0x8A 0x56 ...
Reg HKLM\SYSTEM\ControlSet031\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet031\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet031\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xE2 0x6D 0x55 0xDA ...
Reg HKLM\SYSTEM\ControlSet031\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet031\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x02 0xA8 0x98 0x8B ...
Reg HKLM\SYSTEM\ControlSet031\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Current State 0
Reg HKLM\SYSTEM\ControlSet031\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log Type 0
Reg HKLM\SYSTEM\ControlSet031\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Collection Name Vue g?n?rale du syst?me
Reg HKLM\SYSTEM\ControlSet031\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Collection Name Indirect @C:\WINDOWS\system32\smlogcfg.dll,-731
Reg HKLM\SYSTEM\ControlSet031\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Counter List \Processor(_Total)\% Processor Time?\Memory\Pages/sec?\PhysicalDisk(_Total)\Avg. Disk Queue Length?
Reg HKLM\SYSTEM\ControlSet031\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Comment Cet exemple de journal fournit une vue d'ensemble des performances du syst?me.
Reg HKLM\SYSTEM\ControlSet031\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Commentaire indirect @C:\WINDOWS\system32\smlogcfg.dll,-735
Reg HKLM\SYSTEM\ControlSet031\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@RealTime DataSource 1
Reg HKLM\SYSTEM\ControlSet031\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Max Size -1
Reg HKLM\SYSTEM\ControlSet031\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Attributs du magasin de données 33
Reg HKLM\SYSTEM\ControlSet031\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Base Name System_Overview
Reg HKLM\SYSTEM\ControlSet031\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Nom de la base du fichier journal indirect @C:\WINDOWS\system32\smlogcfg.dll,-744
Reg HKLM\SYSTEM\ControlSet031\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Sql Log Base Name SQL:!Vue g?n?rale du syst?me
Reg HKLM\SYSTEM\ControlSet031\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Serial Number 1
Reg HKLM\SYSTEM\ControlSet031\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Folder C:\PerfLogs
Reg HKLM\SYSTEM\ControlSet031\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Auto Format -1
Reg HKLM\SYSTEM\ControlSet031\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Type 2
Reg HKLM\SYSTEM\ControlSet031\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@ExecuteOnly 1
Reg HKLM\SYSTEM\ControlSet032\Services\Eventlog\System\cbidf@EventMessageFile %SystemRoot%\System32\IoLogMsg.dll
Reg HKLM\SYSTEM\ControlSet032\Services\Eventlog\System\cbidf@TypesSupported 7
Reg HKLM\SYSTEM\ControlSet032\Services\Eventlog\System\NtServicePack@EventMessageFile %SystemRoot%\System32\spmsg.dll
Reg HKLM\SYSTEM\ControlSet032\Services\Eventlog\System\NtServicePack@TypesSupported 7
Reg HKLM\SYSTEM\ControlSet032\Services\Eventlog\System\SiS315@EventMessageFile %SystemRoot%\System32\IoLogMsg.dll;%SystemRoot%\System32\drivers\sisgrp.sys
Reg HKLM\SYSTEM\ControlSet032\Services\Eventlog\System\SiS315@TypesSupported 7
Reg HKLM\SYSTEM\ControlSet032\Services\Eventlog\System\Windows Installer 3.1@EventMessageFile %SystemRoot%\System32\spmsg.dll
Reg HKLM\SYSTEM\ControlSet032\Services\Eventlog\System\Windows Installer 3.1@TypesSupported 7
Reg HKLM\SYSTEM\ControlSet032\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet032\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet032\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0xE8 0xD9 0x77 0xC8 ...
Reg HKLM\SYSTEM\ControlSet032\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 C:\Program Files\Alcohol Soft\Alcohol 120\
Reg HKLM\SYSTEM\ControlSet032\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet032\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet032\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew 0x5D 0x43 0xC2 0x27 ...
Reg HKLM\SYSTEM\ControlSet032\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet032\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew 0xF7 0x84 0xF4 0x58 ...
Reg HKLM\SYSTEM\ControlSet032\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet032\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet032\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 1
Reg HKLM\SYSTEM\ControlSet032\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x72 0xF2 0x8A 0x56 ...
Reg HKLM\SYSTEM\ControlSet032\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet032\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet032\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xE2 0x6D 0x55 0xDA ...
Reg HKLM\SYSTEM\ControlSet032\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet032\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x02 0xA8 0x98 0x8B ...
Reg HKLM\SYSTEM\ControlSet032\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Current State 0
Reg HKLM\SYSTEM\ControlSet032\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log Type 0
Reg HKLM\SYSTEM\ControlSet032\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Collection Name Vue g?n?rale du syst?me
Reg HKLM\SYSTEM\ControlSet032\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Collection Name Indirect @C:\WINDOWS\system32\smlogcfg.dll,-731
Reg HKLM\SYSTEM\ControlSet032\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Counter List \Processor(_Total)\% Processor Time?\Memory\Pages/sec?\PhysicalDisk(_Total)\Avg. Disk Queue Length?
Reg HKLM\SYSTEM\ControlSet032\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Comment Cet exemple de journal fournit une vue d'ensemble des performances du syst?me.
Reg HKLM\SYSTEM\ControlSet032\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Commentaire indirect @C:\WINDOWS\system32\smlogcfg.dll,-735
Reg HKLM\SYSTEM\ControlSet032\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@RealTime DataSource 1
Reg HKLM\SYSTEM\ControlSet032\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Max Size -1
Reg HKLM\SYSTEM\ControlSet032\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Attributs du magasin de données 33
Reg HKLM\SYSTEM\ControlSet032\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Base Name System_Overview
Reg HKLM\SYSTEM\ControlSet032\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Nom de la base du fichier journal indirect @C:\WINDOWS\system32\smlogcfg.dll,-744
Reg HKLM\SYSTEM\ControlSet032\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Sql Log Base Name SQL:!Vue g?n?rale du syst?me
Reg HKLM\SYSTEM\ControlSet032\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Serial Number 1
Reg HKLM\SYSTEM\ControlSet032\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Folder C:\PerfLogs
Reg HKLM\SYSTEM\ControlSet032\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Auto Format -1
Reg HKLM\SYSTEM\ControlSet032\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Type 2
Reg HKLM\SYSTEM\ControlSet032\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@ExecuteOnly 1
Reg HKLM\SYSTEM\ControlSet033\Services\Eventlog\System\cbidf@EventMessageFile %SystemRoot%\System32\IoLogMsg.dll
Reg HKLM\SYSTEM\ControlSet033\Services\Eventlog\System\cbidf@TypesSupported 7
Reg HKLM\SYSTEM\ControlSet033\Services\Eventlog\System\NtServicePack@EventMessageFile %SystemRoot%\System32\spmsg.dll
Reg HKLM\SYSTEM\ControlSet033\Services\Eventlog\System\NtServicePack@TypesSupported 7
Reg HKLM\SYSTEM\ControlSet033\Services\Eventlog\System\SiS315@EventMessageFile %SystemRoot%\System32\IoLogMsg.dll;%SystemRoot%\System32\drivers\sisgrp.sys
Reg HKLM\SYSTEM\ControlSet033\Services\Eventlog\System\SiS315@TypesSupported 7
Reg HKLM\SYSTEM\ControlSet033\Services\Eventlog\System\Windows Installer 3.1@EventMessageFile %SystemRoot%\System32\spmsg.dll
Reg HKLM\SYSTEM\ControlSet033\Services\Eventlog\System\Windows Installer 3.1@TypesSupported 7
Reg HKLM\SYSTEM\ControlSet033\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet033\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet033\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0xE8 0xD9 0x77 0xC8 ...
Reg HKLM\SYSTEM\ControlSet033\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 C:\Program Files\Alcohol Soft\Alcohol 120\
Reg HKLM\SYSTEM\ControlSet033\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet033\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet033\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew 0x5D 0x43 0xC2 0x27 ...
Reg HKLM\SYSTEM\ControlSet033\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet033\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew 0xF7 0x84 0xF4 0x58 ...
Reg HKLM\SYSTEM\ControlSet033\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet033\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet033\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 1
Reg HKLM\SYSTEM\ControlSet033\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x72 0xF2 0x8A 0x56 ...
Reg HKLM\SYSTEM\ControlSet033\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet033\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet033\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xE2 0x6D 0x55 0xDA ...
Reg HKLM\SYSTEM\ControlSet033\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet033\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x02 0xA8 0x98 0x8B ...
Reg HKLM\SYSTEM\ControlSet033\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Current State 0
Reg HKLM\SYSTEM\ControlSet033\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log Type 0
Reg HKLM\SYSTEM\ControlSet033\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Collection Name Vue g?n?rale du syst?me
Reg HKLM\SYSTEM\ControlSet033\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Collection Name Indirect @C:\WINDOWS\system32\smlogcfg.dll,-731
Reg HKLM\SYSTEM\ControlSet033\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Counter List \Processor(_Total)\% Processor Time?\Memory\Pages/sec?\PhysicalDisk(_Total)\Avg. Disk Queue Length?
Reg HKLM\SYSTEM\ControlSet033\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Comment Cet exemple de journal fournit une vue d'ensemble des performances du syst?me.
Reg HKLM\SYSTEM\ControlSet033\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Commentaire indirect @C:\WINDOWS\system32\smlogcfg.dll,-735
Reg HKLM\SYSTEM\ControlSet033\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@RealTime DataSource 1
Reg HKLM\SYSTEM\ControlSet033\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Max Size -1
Reg HKLM\SYSTEM\ControlSet033\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Attributs du magasin de données 33
Reg HKLM\SYSTEM\ControlSet033\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Base Name System_Overview
Reg HKLM\SYSTEM\ControlSet033\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Nom de la base du fichier journal indirect @C:\WINDOWS\system32\smlogcfg.dll,-744
Reg HKLM\SYSTEM\ControlSet033\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Sql Log Base Name SQL:!Vue g?n?rale du syst?me
Reg HKLM\SYSTEM\ControlSet033\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Serial Number 1
Reg HKLM\SYSTEM\ControlSet033\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Folder C:\PerfLogs
Reg HKLM\SYSTEM\ControlSet033\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Auto Format -1
Reg HKLM\SYSTEM\ControlSet033\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Type 2
Reg HKLM\SYSTEM\ControlSet033\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@ExecuteOnly 1
Reg HKLM\SYSTEM\ControlSet034\Services\Eventlog\System\cbidf@EventMessageFile %SystemRoot%\System32\IoLogMsg.dll
Reg HKLM\SYSTEM\ControlSet034\Services\Eventlog\System\cbidf@TypesSupported 7
Reg HKLM\SYSTEM\ControlSet034\Services\Eventlog\System\NtServicePack@EventMessageFile %SystemRoot%\System32\spmsg.dll
Reg HKLM\SYSTEM\ControlSet034\Services\Eventlog\System\NtServicePack@TypesSupported 7
Reg HKLM\SYSTEM\ControlSet034\Services\Eventlog\System\SiS315@EventMessageFile %SystemRoot%\System32\IoLogMsg.dll;%SystemRoot%\System32\drivers\sisgrp.sys
Reg HKLM\SYSTEM\ControlSet034\Services\Eventlog\System\SiS315@TypesSupported 7
Reg HKLM\SYSTEM\ControlSet034\Services\Eventlog\System\Windows Installer 3.1@EventMessageFile %SystemRoot%\System32\spmsg.dll
Reg HKLM\SYSTEM\ControlSet034\Services\Eventlog\System\Windows Installer 3.1@TypesSupported 7
Reg HKLM\SYSTEM\ControlSet034\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet034\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet034\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0xE8 0xD9 0x77 0xC8 ...
Reg HKLM\SYSTEM\ControlSet034\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 C:\Program Files\Alcohol Soft\Alcohol 120\
Reg HKLM\SYSTEM\ControlSet034\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet034\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet034\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew 0x5D 0x43 0xC2 0x27 ...
Reg HKLM\SYSTEM\ControlSet034\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet034\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew 0xF7 0x84 0xF4 0x58 ...
Reg HKLM\SYSTEM\ControlSet034\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet034\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet034\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 1
Reg HKLM\SYSTEM\ControlSet034\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x72 0xF2 0x8A 0x56 ...
Reg HKLM\SYSTEM\ControlSet034\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet034\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet034\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xE2 0x6D 0x55 0xDA ...
Reg HKLM\SYSTEM\ControlSet034\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet034\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x02 0xA8 0x98 0x8B ...
Reg HKLM\SYSTEM\ControlSet034\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Current State 0
Reg HKLM\SYSTEM\ControlSet034\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log Type 0
Reg HKLM\SYSTEM\ControlSet034\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Collection Name Vue g?n?rale du syst?me
Reg HKLM\SYSTEM\ControlSet034\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Collection Name Indirect @C:\WINDOWS\system32\smlogcfg.dll,-731
Reg HKLM\SYSTEM\ControlSet034\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Counter List \Processor(_Total)\% Processor Time?\Memory\Pages/sec?\PhysicalDisk(_Total)\Avg. Disk Queue Length?
Reg HKLM\SYSTEM\ControlSet034\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Comment Cet exemple de journal fournit une vue d'ensemble des performances du syst?me.
Reg HKLM\SYSTEM\ControlSet034\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Commentaire indirect @C:\WINDOWS\system32\smlogcfg.dll,-735
Reg HKLM\SYSTEM\ControlSet034\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@RealTime DataSource 1
Reg HKLM\SYSTEM\ControlSet034\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Max Size -1
Reg HKLM\SYSTEM\ControlSet034\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Attributs du magasin de données 33
Reg HKLM\SYSTEM\ControlSet034\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Base Name System_Overview
Zoom62
 
Messages: 25
Inscription: 03 Déc 2009, 17:22
Localisation: Bruxelles

Besoin d'aide

Messagede Zoom62 » 10 Déc 2009, 09:05

Suite et fin rapport Gmer:

Reg HKLM\SYSTEM\ControlSet034\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Nom de la base du fichier journal indirect @C:\WINDOWS\system32\smlogcfg.dll,-744
Reg HKLM\SYSTEM\ControlSet034\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Sql Log Base Name SQL:!Vue g?n?rale du syst?me
Reg HKLM\SYSTEM\ControlSet034\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Serial Number 1
Reg HKLM\SYSTEM\ControlSet034\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Folder C:\PerfLogs
Reg HKLM\SYSTEM\ControlSet034\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Auto Format -1
Reg HKLM\SYSTEM\ControlSet034\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Type 2
Reg HKLM\SYSTEM\ControlSet034\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@ExecuteOnly 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\System\cbidf@EventMessageFile %SystemRoot%\System32\IoLogMsg.dll
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\System\cbidf@TypesSupported 7
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\System\dtscsi@EventMessageFile %SystemRoot%\System32\IoLogMsg.dll
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\System\dtscsi@TypesSupported 7
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\System\NtServicePack@EventMessageFile %SystemRoot%\System32\spmsg.dll
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\System\NtServicePack@TypesSupported 7
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\System\PrintFilterPipelineSvc@EventMessageFile %SystemRoot%\System32\PrintFilterPipelineSvc.exe
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\System\PrintFilterPipelineSvc@TypesSupported 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\System\SiS315@EventMessageFile %SystemRoot%\System32\IoLogMsg.dll;%SystemRoot%\System32\drivers\sisgrp.sys
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\System\SiS315@TypesSupported 7
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\System\Windows Installer 3.1@EventMessageFile %SystemRoot%\System32\spmsg.dll
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\System\Windows Installer 3.1@TypesSupported 7
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 815207267
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 337812941
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 2
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0xA3 0x8C 0x62 0xFE ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 J:\Kevin\Programmes Divers\Alcohol 52\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew 0x6C 0xF1 0xDB 0x81 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew 0xAF 0x0D 0x86 0xE2 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 J:\Kevin\Programmes Divers\DAEMON Tools\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xB7 0xE8 0xAE 0x41 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x17 0x19 0x14 0x0E ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x4A 0x44 0xDD 0x02 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Current State 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log Type 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Collection Name Vue g?n?rale du syst?me
Reg HKLM\SYSTEM\CurrentControlSet\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Collection Name Indirect @C:\WINDOWS\system32\smlogcfg.dll,-731
Reg HKLM\SYSTEM\CurrentControlSet\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Counter List \Processor(_Total)\% Processor Time?\Memory\Pages/sec?\PhysicalDisk(_Total)\Avg. Disk Queue Length?
Reg HKLM\SYSTEM\CurrentControlSet\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Comment Cet exemple de journal fournit une vue d'ensemble des performances du syst?me.
Reg HKLM\SYSTEM\CurrentControlSet\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Commentaire indirect @C:\WINDOWS\system32\smlogcfg.dll,-735
Reg HKLM\SYSTEM\CurrentControlSet\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@RealTime DataSource 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Max Size -1
Reg HKLM\SYSTEM\CurrentControlSet\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Attributs du magasin de données 33
Reg HKLM\SYSTEM\CurrentControlSet\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Base Name System_Overview
Reg HKLM\SYSTEM\CurrentControlSet\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Nom de la base du fichier journal indirect @C:\WINDOWS\system32\smlogcfg.dll,-744
Reg HKLM\SYSTEM\CurrentControlSet\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Sql Log Base Name SQL:!Vue g?n?rale du syst?me
Reg HKLM\SYSTEM\CurrentControlSet\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Serial Number 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Folder C:\PerfLogs
Reg HKLM\SYSTEM\CurrentControlSet\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Auto Format -1
Reg HKLM\SYSTEM\CurrentControlSet\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Type 2
Reg HKLM\SYSTEM\CurrentControlSet\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@ExecuteOnly 1
Reg HKLM\SYSTEM\ControlSet036\Services\Eventlog\System\cbidf@EventMessageFile %SystemRoot%\System32\IoLogMsg.dll
Reg HKLM\SYSTEM\ControlSet036\Services\Eventlog\System\cbidf@TypesSupported 7
Reg HKLM\SYSTEM\ControlSet036\Services\Eventlog\System\NtServicePack@EventMessageFile %SystemRoot%\System32\spmsg.dll
Reg HKLM\SYSTEM\ControlSet036\Services\Eventlog\System\NtServicePack@TypesSupported 7
Reg HKLM\SYSTEM\ControlSet036\Services\Eventlog\System\SiS315@EventMessageFile %SystemRoot%\System32\IoLogMsg.dll;%SystemRoot%\System32\drivers\sisgrp.sys
Reg HKLM\SYSTEM\ControlSet036\Services\Eventlog\System\SiS315@TypesSupported 7
Reg HKLM\SYSTEM\ControlSet036\Services\Eventlog\System\Windows Installer 3.1@EventMessageFile %SystemRoot%\System32\spmsg.dll
Reg HKLM\SYSTEM\ControlSet036\Services\Eventlog\System\Windows Installer 3.1@TypesSupported 7
Reg HKLM\SYSTEM\ControlSet036\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet036\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet036\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0xE8 0xD9 0x77 0xC8 ...
Reg HKLM\SYSTEM\ControlSet036\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 C:\Program Files\Alcohol Soft\Alcohol 120\
Reg HKLM\SYSTEM\ControlSet036\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet036\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet036\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew 0x5D 0x43 0xC2 0x27 ...
Reg HKLM\SYSTEM\ControlSet036\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet036\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew 0xF7 0x84 0xF4 0x58 ...
Reg HKLM\SYSTEM\ControlSet036\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet036\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet036\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 1
Reg HKLM\SYSTEM\ControlSet036\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x72 0xF2 0x8A 0x56 ...
Reg HKLM\SYSTEM\ControlSet036\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet036\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet036\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xE2 0x6D 0x55 0xDA ...
Reg HKLM\SYSTEM\ControlSet036\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet036\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x02 0xA8 0x98 0x8B ...
Reg HKLM\SYSTEM\ControlSet036\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Current State 0
Reg HKLM\SYSTEM\ControlSet036\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log Type 0
Reg HKLM\SYSTEM\ControlSet036\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Collection Name Vue g?n?rale du syst?me
Reg HKLM\SYSTEM\ControlSet036\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Collection Name Indirect @C:\WINDOWS\system32\smlogcfg.dll,-731
Reg HKLM\SYSTEM\ControlSet036\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Counter List \Processor(_Total)\% Processor Time?\Memory\Pages/sec?\PhysicalDisk(_Total)\Avg. Disk Queue Length?
Reg HKLM\SYSTEM\ControlSet036\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Comment Cet exemple de journal fournit une vue d'ensemble des performances du syst?me.
Reg HKLM\SYSTEM\ControlSet036\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Commentaire indirect @C:\WINDOWS\system32\smlogcfg.dll,-735
Reg HKLM\SYSTEM\ControlSet036\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@RealTime DataSource 1
Reg HKLM\SYSTEM\ControlSet036\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Max Size -1
Reg HKLM\SYSTEM\ControlSet036\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Attributs du magasin de données 33
Reg HKLM\SYSTEM\ControlSet036\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Base Name System_Overview
Reg HKLM\SYSTEM\ControlSet036\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Nom de la base du fichier journal indirect @C:\WINDOWS\system32\smlogcfg.dll,-744
Reg HKLM\SYSTEM\ControlSet036\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Sql Log Base Name SQL:!Vue g?n?rale du syst?me
Reg HKLM\SYSTEM\ControlSet036\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Serial Number 1
Reg HKLM\SYSTEM\ControlSet036\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Folder C:\PerfLogs
Reg HKLM\SYSTEM\ControlSet036\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Auto Format -1
Reg HKLM\SYSTEM\ControlSet036\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Type 2
Reg HKLM\SYSTEM\ControlSet036\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@ExecuteOnly 1
Reg HKLM\SYSTEM\ControlSet037\Services\Eventlog\System\cbidf@EventMessageFile %SystemRoot%\System32\IoLogMsg.dll
Reg HKLM\SYSTEM\ControlSet037\Services\Eventlog\System\cbidf@TypesSupported 7
Reg HKLM\SYSTEM\ControlSet037\Services\Eventlog\System\dtscsi@EventMessageFile %SystemRoot%\System32\IoLogMsg.dll
Reg HKLM\SYSTEM\ControlSet037\Services\Eventlog\System\dtscsi@TypesSupported 7
Reg HKLM\SYSTEM\ControlSet037\Services\Eventlog\System\NtServicePack@EventMessageFile %SystemRoot%\System32\spmsg.dll
Reg HKLM\SYSTEM\ControlSet037\Services\Eventlog\System\NtServicePack@TypesSupported 7
Reg HKLM\SYSTEM\ControlSet037\Services\Eventlog\System\PrintFilterPipelineSvc@EventMessageFile %SystemRoot%\System32\PrintFilterPipelineSvc.exe
Reg HKLM\SYSTEM\ControlSet037\Services\Eventlog\System\PrintFilterPipelineSvc@TypesSupported 1
Reg HKLM\SYSTEM\ControlSet037\Services\Eventlog\System\SiS315@EventMessageFile %SystemRoot%\System32\IoLogMsg.dll;%SystemRoot%\System32\drivers\sisgrp.sys
Reg HKLM\SYSTEM\ControlSet037\Services\Eventlog\System\SiS315@TypesSupported 7
Reg HKLM\SYSTEM\ControlSet037\Services\Eventlog\System\Windows Installer 3.1@EventMessageFile %SystemRoot%\System32\spmsg.dll
Reg HKLM\SYSTEM\ControlSet037\Services\Eventlog\System\Windows Installer 3.1@TypesSupported 7
Reg HKLM\SYSTEM\ControlSet037\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet037\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet037\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0xA3 0x8C 0x62 0xFE ...
Reg HKLM\SYSTEM\ControlSet037\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 J:\Kevin\Programmes Divers\Alcohol 52\
Reg HKLM\SYSTEM\ControlSet037\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet037\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet037\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew 0x6C 0xF1 0xDB 0x81 ...
Reg HKLM\SYSTEM\ControlSet037\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet037\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew 0xAF 0x0D 0x86 0xE2 ...
Reg HKLM\SYSTEM\ControlSet037\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet037\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 J:\Kevin\Programmes Divers\DAEMON Tools\
Reg HKLM\SYSTEM\ControlSet037\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 1
Reg HKLM\SYSTEM\ControlSet037\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xB7 0xE8 0xAE 0x41 ...
Reg HKLM\SYSTEM\ControlSet037\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet037\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet037\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x17 0x19 0x14 0x0E ...
Reg HKLM\SYSTEM\ControlSet037\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet037\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x4A 0x44 0xDD 0x02 ...
Reg HKLM\SYSTEM\ControlSet037\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Current State 0
Reg HKLM\SYSTEM\ControlSet037\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log Type 0
Reg HKLM\SYSTEM\ControlSet037\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Collection Name Vue g?n?rale du syst?me
Reg HKLM\SYSTEM\ControlSet037\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Collection Name Indirect @C:\WINDOWS\system32\smlogcfg.dll,-731
Reg HKLM\SYSTEM\ControlSet037\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Counter List \Processor(_Total)\% Processor Time?\Memory\Pages/sec?\PhysicalDisk(_Total)\Avg. Disk Queue Length?
Reg HKLM\SYSTEM\ControlSet037\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Comment Cet exemple de journal fournit une vue d'ensemble des performances du syst?me.
Reg HKLM\SYSTEM\ControlSet037\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Commentaire indirect @C:\WINDOWS\system32\smlogcfg.dll,-735
Reg HKLM\SYSTEM\ControlSet037\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@RealTime DataSource 1
Reg HKLM\SYSTEM\ControlSet037\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Max Size -1
Reg HKLM\SYSTEM\ControlSet037\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Attributs du magasin de données 33
Reg HKLM\SYSTEM\ControlSet037\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Base Name System_Overview
Reg HKLM\SYSTEM\ControlSet037\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Nom de la base du fichier journal indirect @C:\WINDOWS\system32\smlogcfg.dll,-744
Reg HKLM\SYSTEM\ControlSet037\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Sql Log Base Name SQL:!Vue g?n?rale du syst?me
Reg HKLM\SYSTEM\ControlSet037\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Serial Number 1
Reg HKLM\SYSTEM\ControlSet037\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Folder C:\PerfLogs
Reg HKLM\SYSTEM\ControlSet037\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Auto Format -1
Reg HKLM\SYSTEM\ControlSet037\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@Log File Type 2
Reg HKLM\SYSTEM\ControlSet037\Services\SysmonLog\Log Queries\{de7e2df5-685e-43a2-bc20-de42684154cf}@ExecuteOnly 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\OptionalComponents\SwDir@Installed 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\OptionalComponents\SwFlash@Installed 1
Reg HKLM\SOFTWARE\Microsoft\Windows Media Device Manager\Plugins\SCP\SCPTRANS@ProgID MsScp.SCPTRANS.1
Reg HKLM\SOFTWARE\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance\{9BC1B781-85E3-11D2-98D0-0080C84E9C39}\Capabilities@{374ac4df-7c98-4257-b13d-36087dbee458} 1
Reg HKLM\SOFTWARE\Classes\CLSID\{0A04E0F8-DC88-B943-2C7B-226A2C7B226A}\InprocServer32@ C:\WINDOWS\system32\wbem\wmiprov.dll
Reg HKLM\SOFTWARE\Classes\CLSID\{0A04E0F8-DC88-B943-2C7B-226A2C7B226A}\InprocServer32@ThreadingModel Both
Reg HKLM\SOFTWARE\Classes\FirefoxURL\DefaultIcon@ C:\PROGRA~1\MOZILL~1\FIREFOX.EXE,1
Reg HKLM\SOFTWARE\Classes\ftp\shell\open\ddeexec@ "%1",,0,0,,,,
Reg HKLM\SOFTWARE\Classes\ftp\shell\open\ddeexec@NoActivateHandler
Reg HKLM\SOFTWARE\Classes\ftp\shell\open\ddeexec\Application
Reg HKLM\SOFTWARE\Classes\ftp\shell\open\ddeexec\Application@ Firefox
Reg HKLM\SOFTWARE\Classes\ftp\shell\open\ddeexec\Topic
Reg HKLM\SOFTWARE\Classes\ftp\shell\open\ddeexec\Topic@ WWW_OpenURL
Reg HKLM\SOFTWARE\Classes\gopher\shell\open\ddeexec@ "%1",,0,0,,,,
Reg HKLM\SOFTWARE\Classes\gopher\shell\open\ddeexec@NoActivateHandler
Reg HKLM\SOFTWARE\Classes\gopher\shell\open\ddeexec\Application
Reg HKLM\SOFTWARE\Classes\gopher\shell\open\ddeexec\Application@ Firefox
Reg HKLM\SOFTWARE\Classes\gopher\shell\open\ddeexec\Topic
Reg HKLM\SOFTWARE\Classes\gopher\shell\open\ddeexec\Topic@ WWW_OpenURL
Reg HKLM\SOFTWARE\Classes\HTTP\shell\open\ddeexec@ "%1",,0,0,,,,
Reg HKLM\SOFTWARE\Classes\HTTP\shell\open\ddeexec@NoActivateHandler
Reg HKLM\SOFTWARE\Classes\HTTP\shell\open\ddeexec\Application
Reg HKLM\SOFTWARE\Classes\HTTP\shell\open\ddeexec\Application@ Firefox
Reg HKLM\SOFTWARE\Classes\HTTP\shell\open\ddeexec\Topic
Reg HKLM\SOFTWARE\Classes\HTTP\shell\open\ddeexec\Topic@ WWW_OpenURL
Reg HKLM\SOFTWARE\Classes\https\shell\open\ddeexec@ "%1",,0,0,,,,
Reg HKLM\SOFTWARE\Classes\https\shell\open\ddeexec@NoActivateHandler
Reg HKLM\SOFTWARE\Classes\https\shell\open\ddeexec\Application
Reg HKLM\SOFTWARE\Classes\https\shell\open\ddeexec\Application@ Firefox
Reg HKLM\SOFTWARE\Classes\https\shell\open\ddeexec\Topic
Reg HKLM\SOFTWARE\Classes\https\shell\open\ddeexec\Topic@ WWW_OpenURL
Reg HKLM\SOFTWARE\Classes\Software\RealNetworks\Update\6.0\Preferences\Components\Free:6.0\File38\ACCESSPOINT@ QUICKLAUNCH
Reg HKLM\SOFTWARE\Classes\Software\RealNetworks\Update\6.0\Preferences\Components\Free:6.0\File39\ACCESSPOINT@ DESKTOP

---- EOF - GMER 1.0.15 ----
Zoom62
 
Messages: 25
Inscription: 03 Déc 2009, 17:22
Localisation: Bruxelles

Besoin d'aide

Messagede Zoom62 » 10 Déc 2009, 09:09

Rapport OTL.Txt:

OTL logfile created on: 9/12/2009 21:46:12 - Run 2
OTL by OldTimer - Version 3.1.11.4 Folder = J:\Program Files\Hijackthis\OTL (analyse HijackThis)
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 0000080C | Country: Belgique | Language: FRB | Date Format: d/MM/yyyy

1022,73 Mb Total Physical Memory | 639,63 Mb Available Physical Memory | 62,54% Memory free
3,86 Gb Paging File | 3,49 Gb Available in Paging File | 90,26% Paging File free
Paging file location(s): [Binary data over 100 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 48,98 Gb Total Space | 14,21 Gb Free Space | 29,01% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 7,99 Gb Total Space | 3,53 Gb Free Space | 44,20% Space Free | Partition Type: FAT32
G: Drive not present or media not loaded
H: Drive not present or media not loaded
Drive I: | 32,23 Gb Total Space | 9,00 Gb Free Space | 27,94% Space Free | Partition Type: NTFS
Drive J: | 65,85 Gb Total Space | 31,68 Gb Free Space | 48,12% Space Free | Partition Type: NTFS
Drive M: | 31,25 Gb Total Space | 9,52 Gb Free Space | 30,47% Space Free | Partition Type: NTFS

Computer Name: Zoom
Current User Name: Martine
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2009/12/04 09:29:48 | 00,535,552 | ---- | M] (OldTimer Tools) -- J:\Program Files\Hijackthis\OTL (analyse HijackThis)\OTL.exe
PRC - [2009/11/25 00:51:40 | 00,081,000 | ---- | M] (ALWIL Software) -- J:\Avast (Anti virus)\ashDisp.exe
PRC - [2009/11/25 00:51:35 | 00,138,680 | ---- | M] (ALWIL Software) -- J:\Avast (Anti virus)\ashServ.exe
PRC - [2009/11/25 00:48:48 | 00,352,920 | ---- | M] (ALWIL Software) -- J:\Avast (Anti virus)\ashWebSv.exe
PRC - [2009/11/25 00:43:56 | 00,018,752 | ---- | M] (ALWIL Software) -- J:\Avast (Anti virus)\aswUpdSv.exe
PRC - [2009/11/20 18:10:18 | 01,800,464 | ---- | M] (COMODO) -- C:\Program Files\Comodo\Firewall\cfp.exe
PRC - [2009/11/20 18:10:05 | 00,723,632 | ---- | M] (COMODO) -- C:\Program Files\Comodo\Firewall\cmdagent.exe
PRC - [2009/10/11 04:17:36 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2008/11/20 13:20:54 | 00,290,088 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
PRC - [2008/11/20 13:20:44 | 00,536,872 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2008/04/14 03:34:03 | 01,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (SafeList) ==========

MOD - [2009/12/04 09:29:48 | 00,535,552 | ---- | M] (OldTimer Tools) -- J:\Program Files\Hijackthis\OTL (analyse HijackThis)\OTL.exe
MOD - [2009/12/01 09:48:34 | 00,171,552 | ---- | M] (COMODO) -- C:\WINDOWS\system32\guard32.dll
MOD - [2006/05/03 22:53:54 | 00,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\framedyn.dll


========== Win32 Services (SafeList) ==========

SRV - File not found -- -- (FLEXnet Licensing Service)
SRV - File not found -- -- (Diskeeper)
SRV - [2009/11/25 00:51:35 | 00,138,680 | ---- | M] (ALWIL Software) -- J:\Avast (Anti virus)\ashServ.exe -- (avast! Antivirus)
SRV - [2009/11/25 00:51:21 | 00,254,040 | ---- | M] (ALWIL Software) -- J:\Avast (Anti virus)\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009/11/25 00:48:48 | 00,352,920 | ---- | M] (ALWIL Software) -- J:\Avast (Anti virus)\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009/11/25 00:43:56 | 00,018,752 | ---- | M] (ALWIL Software) -- J:\Avast (Anti virus)\aswUpdSv.exe -- (aswUpdSv)
SRV - [2009/11/22 10:13:34 | 00,066,872 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrA.exe -- (PnkBstrA)
SRV - [2009/11/20 18:10:05 | 00,723,632 | ---- | M] (COMODO) -- C:\Program Files\Comodo\Firewall\cmdagent.exe -- (cmdAgent)
SRV - [2009/10/11 04:17:35 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2009/10/01 09:05:49 | 01,858,144 | ---- | M] (Emsi Software GmbH) -- J:\Program Files\a-Squared (Scanner pc malwares)\a-squared Free\a2service.exe -- (a2free)
SRV - [2009/09/23 14:50:28 | 00,238,960 | ---- | M] (CybelSoft) -- C:\Program Files\ma-config.com\maconfservice.exe -- (maconfservice)
SRV - [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2008/11/20 13:20:44 | 00,536,872 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2008/11/07 14:28:16 | 00,132,424 | ---- | M] (Apple Inc.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2008/05/30 11:32:16 | 00,572,416 | ---- | M] (Nokia.) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008/04/14 03:34:22 | 00,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\snmp.exe -- (SNMP)
SRV - [2008/04/14 03:33:38 | 00,105,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\p2pgasvc.dll -- (p2pgasvc)
SRV - [2007/05/28 17:57:54 | 00,275,968 | ---- | M] (Rocket Division Software) -- J:\Kevin\Programmes Divers\Alcohol 52\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2006/08/11 14:42:50 | 00,155,715 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc)
SRV - [2006/04/25 19:40:50 | 00,138,504 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2006/01/17 16:36:56 | 00,172,032 | ---- | M] (Acronis) -- C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2005/01/28 10:11:40 | 00,024,576 | ---- | M] (Cyberlink) -- C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe -- (CyberLink Media Library Service)
SRV - [2005/01/28 10:11:14 | 00,110,682 | ---- | M] () -- c:\APPS\Powercinema\Kernel\TV\CLSched.exe -- (CLSched) CyberLink Task Scheduler (CTS)
SRV - [2005/01/28 10:11:10 | 00,176,220 | ---- | M] () -- c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe -- (CLCapSvc) CyberLink Background Capture Service (CBCS)
SRV - [2005/01/07 11:01:52 | 00,049,152 | ---- | M] () -- c:\APPS\HIDSERVICE\HidService.exe -- (GenericHidService)
SRV - [2004/10/22 02:24:18 | 00,073,728 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2004/09/29 11:14:36 | 00,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2004/08/05 13:00:00 | 00,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tcpsvcs.exe -- (SimpTcp)
SRV - [2004/08/05 13:00:00 | 00,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tcpsvcs.exe -- (LPDSVC)
SRV - [2003/06/19 22:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe -- (MDM)
SRV - [1999/12/13 02:01:00 | 00,044,032 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\CTSVCCDA.EXE -- (Creative Service for CDROM Access)


========== Driver Services (SafeList) ==========

DRV - [2009/12/01 09:48:31 | 00,133,064 | ---- | M] (COMODO) -- C:\WINDOWS\system32\drivers\cmdguard.sys -- (cmdGuard)
DRV - [2009/11/25 00:49:07 | 00,048,560 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009/11/25 00:48:57 | 00,023,120 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009/11/25 00:47:54 | 00,027,408 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2009/11/24 15:24:27 | 00,721,904 | ---- | M] () -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009/11/24 15:18:04 | 00,223,128 | ---- | M] (DT Soft Ltd.) -- C:\WINDOWS\System32\Drivers\dtscsi.sys -- (dtscsi)
DRV - [2009/11/20 18:11:05 | 00,087,104 | ---- | M] (COMODO) -- C:\WINDOWS\System32\DRIVERS\inspect.sys -- (Inspect)
DRV - [2009/11/20 18:11:04 | 00,025,160 | ---- | M] (COMODO) -- C:\WINDOWS\system32\drivers\cmdhlp.sys -- (cmdHlp)
DRV - [2009/10/03 06:14:17 | 00,074,480 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- J:\Program Files\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2009/09/29 08:11:22 | 00,012,160 | ---- | M] (LG Electronics Inc.) -- C:\WINDOWS\system32\drivers\lgbtport.sys -- (LgBttPort)
DRV - [2009/09/29 08:11:20 | 00,012,928 | ---- | M] (LG Electronics Inc.) -- C:\WINDOWS\system32\drivers\lgvmodem.sys -- (LGVMODEM)
DRV - [2009/09/29 08:11:20 | 00,010,496 | ---- | M] (LG Electronics Inc.) -- C:\WINDOWS\system32\drivers\lgbtbus.sys -- (lgbusenum)
DRV - [2009/09/23 14:53:20 | 00,014,336 | ---- | M] (CybelSoft) -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys -- (driverhardwarev2)
DRV - [2009/09/15 11:56:14 | 00,094,160 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2009/09/15 11:55:30 | 00,114,768 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2009/09/15 11:55:19 | 00,020,560 | ---- | M] (ALWIL Software) -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009/08/21 02:08:00 | 00,024,960 | ---- | M] (LG Electronics Inc.) -- C:\WINDOWS\system32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2009/08/21 02:08:00 | 00,020,864 | ---- | M] (LG Electronics Inc.) -- C:\WINDOWS\system32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2009/08/21 02:08:00 | 00,013,056 | ---- | M] (LG Electronics Inc.) -- C:\WINDOWS\system32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2009/06/09 05:58:56 | 00,033,536 | ---- | M] (Advanced Card Systems Ltd) -- C:\WINDOWS\system32\drivers\a38usb.sys -- (ACSSCR)
DRV - [2009/03/30 05:21:18 | 00,009,968 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- J:\Program Files\SASDIFSV.SYS -- (SASDIFSV)
DRV - [2009/01/07 07:30:58 | 00,005,632 | ---- | M] () -- C:\WINDOWS\system32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2008/09/24 11:29:25 | 00,029,184 | ---- | M] (Elaborate Bytes AG) -- C:\WINDOWS\system32\drivers\VClone.sys -- (VClone)
DRV - [2008/07/21 13:11:58 | 00,024,392 | ---- | M] (Elaborate Bytes AG) -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV - [2008/06/20 12:08:27 | 00,225,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2008/04/17 13:12:54 | 00,015,464 | ---- | M] (GEAR Software Inc.) -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2008/04/14 02:57:14 | 00,032,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\wceusbsh.sys -- (wceusbsh)
DRV - [2008/04/13 19:45:32 | 00,059,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\gckernel.sys -- (GcKernel)
DRV - [2008/04/13 19:45:12 | 00,060,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio) Pilote USB audio (WDM)
DRV - [2008/04/13 19:36:39 | 00,043,008 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2007/11/13 11:25:54 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2007/09/17 14:53:26 | 00,021,632 | ---- | M] (Nokia) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007/04/15 16:26:31 | 00,249,152 | ---- | M] (Acronis) -- C:\WINDOWS\system32\DRIVERS\timntr.sys -- (timounter)
DRV - [2007/04/15 16:26:31 | 00,030,688 | ---- | M] (Acronis) -- C:\WINDOWS\system32\drivers\tifsfilt.sys -- (tifsfilter)
DRV - [2007/04/15 16:26:27 | 00,096,320 | ---- | M] (Acronis) -- C:\WINDOWS\system32\DRIVERS\snapman.sys -- (snapman)
DRV - [2007/03/08 00:51:00 | 00,043,528 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2007/01/25 15:37:16 | 04,027,456 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2006/09/13 20:23:13 | 00,076,560 | ---- | M] (Trend Micro Inc.) -- C:\WINDOWS\system32\drivers\tmcomm.sys -- (tmcomm)
DRV - [2006/08/11 14:42:42 | 03,958,496 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2006/02/16 16:51:08 | 00,004,096 | R--- | M] (SuperAdBlocker, Inc.) -- J:\Program Files\SASENUM.SYS -- (SASENUM)
DRV - [2005/12/07 16:27:52 | 00,013,324 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) -- C:\WINDOWS\system32\drivers\krait.sys -- (krait03)
DRV - [2005/11/03 15:40:07 | 00,063,488 | ---- | M] (Protection Technology) -- C:\WINDOWS\System32\drivers\sfvfs02.sys -- (sfvfs02) StarForce Protection VFS Driver (version 2.x)
DRV - [2005/08/30 17:59:00 | 00,094,000 | ---- | M] (MCCI) -- C:\WINDOWS\system32\drivers\ss_mdm.sys -- (ss_mdm)
DRV - [2005/08/30 17:58:56 | 00,008,304 | ---- | M] (MCCI) -- C:\WINDOWS\system32\drivers\ss_mdfl.sys -- (ss_mdfl)
DRV - [2005/08/30 17:57:18 | 00,058,320 | ---- | M] (MCCI) -- C:\WINDOWS\system32\drivers\ss_bus.sys -- (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM)
DRV - [2005/08/10 13:44:04 | 00,050,688 | ---- | M] (Protection Technology) -- C:\WINDOWS\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2005/05/16 14:20:39 | 00,006,656 | ---- | M] (Protection Technology) -- C:\WINDOWS\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2005/03/08 05:43:27 | 00,021,744 | R--- | M] (HP) -- C:\WINDOWS\system32\drivers\HPZius12.sys -- (HPZius12)
DRV - [2005/03/08 05:43:26 | 00,016,496 | R--- | M] (HP) -- C:\WINDOWS\system32\drivers\HPZipr12.sys -- (HPZipr12)
DRV - [2005/03/08 05:43:25 | 00,051,120 | R--- | M] (HP) -- C:\WINDOWS\system32\drivers\HPZid412.sys -- (HPZid412)
DRV - [2005/01/04 16:46:14 | 00,013,184 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\system32\drivers\srvkp.sys -- (SiSkp)
DRV - [2005/01/04 16:01:48 | 00,239,104 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\system32\drivers\sisgrp.sys -- (SiS315)
DRV - [2004/12/02 15:36:08 | 00,070,912 | ---- | M] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys -- (RTL8023xp)
DRV - [2004/09/03 12:43:00 | 00,046,464 | ---- | M] (Silicon Integrated Systems) -- C:\WINDOWS\system32\DRIVERS\SiSRaid.sys -- (SiSRaid)
DRV - [2004/08/05 13:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2004/08/03 21:41:40 | 00,013,776 | ---- | M] (Smart Link) -- C:\WINDOWS\system32\drivers\RecAgent.sys -- (RecAgent)
DRV - [2004/06/28 14:08:56 | 00,042,752 | ---- | M] (Prolific Technology Inc.) -- C:\WINDOWS\system32\drivers\ser2pl.sys -- (Ser2pl)
DRV - [2004/05/18 00:25:00 | 00,016,880 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\drivers\ctpdusb.sys -- (Jukebox3)
DRV - [2004/05/05 22:15:04 | 00,004,228 | ---- | M] (PowerQuest Corporation) -- C:\WINDOWS\system32\drivers\PQNTDRV.sys -- (PQNTDrv)
DRV - [2003/11/28 10:46:44 | 00,070,632 | ---- | M] (Windows (R) 2000 DDK provider) -- C:\WINDOWS\system32\drivers\toywdm.sys -- (JL2005)
DRV - [2003/08/20 16:34:50 | 00,548,952 | ---- | M] ( ) -- C:\WINDOWS\system32\drivers\slntamr.sys -- (Slntamr)
DRV - [2003/07/16 11:30:26 | 00,221,736 | ---- | M] ( ) -- C:\WINDOWS\system32\drivers\mtlmnt5.sys -- (Mtlmnt5)
DRV - [2003/07/02 15:26:36 | 01,301,128 | ---- | M] ( ) -- C:\WINDOWS\system32\drivers\mtlstrm.sys -- (Mtlstrm)
DRV - [2003/07/02 15:24:36 | 00,086,128 | ---- | M] ( ) -- C:\WINDOWS\system32\drivers\slnthal.sys -- (SlNtHal)
DRV - [2003/07/02 15:12:52 | 00,039,348 | ---- | M] (Vireo Software) -- C:\WINDOWS\system32\drivers\slwdmsup.sys -- (SlWdmSup)
DRV - [2003/07/02 14:57:10 | 00,167,384 | ---- | M] ( ) -- C:\WINDOWS\system32\drivers\ntmtlfax.sys -- (NtMtlFax)
DRV - [2001/08/23 16:20:50 | 00,006,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\serscan.sys -- (StillCam)
DRV - [2001/08/23 16:04:44 | 00,006,656 | ---- | M] (CMD Technology, Inc.) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)
DRV - [2001/08/17 21:07:44 | 00,019,072 | ---- | M] (Adaptec, Inc.) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001/08/17 21:07:42 | 00,030,688 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 21:07:40 | 00,028,384 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 21:07:36 | 00,032,640 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 21:07:34 | 00,016,256 | ---- | M] (Symbios Logic Inc.) -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 21:02:50 | 00,002,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\HIDSwvd.sys -- (HIDSwvd)
DRV - [2001/08/17 20:52:22 | 00,036,736 | ---- | M] (Promise Technology, Inc.) -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001/08/17 20:52:20 | 00,045,312 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001/08/17 20:52:20 | 00,040,320 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001/08/17 20:52:18 | 00,049,024 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001/08/17 20:52:16 | 00,179,584 | ---- | M] (Mylex Corporation) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001/08/17 20:52:12 | 00,017,280 | ---- | M] (American Megatrends Inc.) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001/08/17 20:52:00 | 00,026,496 | ---- | M] (Advanced System Products, Inc.) -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2001/08/17 20:51:58 | 00,014,848 | ---- | M] (Advanced System Products, Inc.) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001/08/17 20:51:56 | 00,005,248 | ---- | M] (Acer Laboratories Inc.) -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.01net.com/http://www.01men.com/ [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.01net.com/http://www.01men.com/ [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/


IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


IE - HKU\S-1-5-21-1770633121-2185212140-2792175243-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-1770633121-2185212140-2792175243-1007\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-1770633121-2185212140-2792175243-1007\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Live Search
IE - HKU\S-1-5-21-1770633121-2185212140-2792175243-1007\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\S-1-5-21-1770633121-2185212140-2792175243-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
IE - HKU\S-1-5-21-1770633121-2185212140-2792175243-1007\S-1-5-21-1770633121-2185212140-2792175243-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1770633121-2185212140-2792175243-1007\S-1-5-21-1770633121-2185212140-2792175243-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Bing"
FF - prefs.js..browser.search.defaulturl: "http://www.bing.com/search?FORM=MIMWA5&q="
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.fr"
FF - prefs.js..extensions.enabledItems: {582195F5-92E7-40a0-A127-DB71295901D7}:0.5.7.5
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {07b2a769-ed19-4483-87ce-c643914c81bb}:3.0.0.62
FF - prefs.js..keyword.URL: "http://www.bing.com/search?FORM=MIMWA5&q="


FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/12/04 15:38:50 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/12/04 09:46:52 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.22\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2009/12/03 10:57:46 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.22\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2009/12/04 09:46:53 | 00,000,000 | ---D | M]

[2009/08/29 11:46:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Martine\Application Data\Mozilla\Extensions
[2009/08/29 11:46:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Martine\Application Data\Mozilla\Extensions\mozswing@mozswing.org
[2009/12/09 06:37:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Martine\Application Data\Mozilla\Firefox\Profiles\yt3vnwpd.default\extensions
[2009/09/14 06:54:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Martine\Application Data\Mozilla\Firefox\Profiles\yt3vnwpd.default\extensions\{07b2a769-ed19-4483-87ce-c643914c81bb}
[2009/12/03 17:18:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Martine\Application Data\Mozilla\Firefox\Profiles\yt3vnwpd.default\extensions\{27c60876-b5c9-4335-b4f3-52b26782220c}
[2009/10/22 05:36:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Martine\Application Data\Mozilla\Firefox\Profiles\yt3vnwpd.default\extensions\{582195F5-92E7-40a0-A127-DB71295901D7}
[2009/07/28 06:25:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Martine\Application Data\Mozilla\Firefox\Profiles\yt3vnwpd.default\extensions\{84b24861-62f6-364b-eba5-2e5e2061d7e6}
[2009/11/29 21:01:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Martine\Application Data\Mozilla\Firefox\Profiles\yt3vnwpd.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2009/08/26 06:12:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Martine\Application Data\Mozilla\Firefox\Profiles\yt3vnwpd.default\extensions\fr@dictionaries.addons.mozilla.org
[2009/10/20 06:09:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Martine\Application Data\Mozilla\Firefox\Profiles\yt3vnwpd.default\extensions\imdldb@p4ul.info
[2008/08/24 12:44:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Martine\Application Data\Mozilla\Firefox\Profiles\yt3vnwpd.default\extensions\piclens@cooliris(2).com
[2008/08/24 12:44:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Martine\Application Data\Mozilla\Firefox\Profiles\yt3vnwpd.default\extensions\piclens@cooliris.com
[2008/08/24 12:44:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Martine\Application Data\Mozilla\Firefox\Profiles\yt3vnwpd.default\extensions\piclens@cooliris.com-trash
[2009/09/12 08:34:08 | 00,002,172 | ---- | M] () -- C:\Documents and Settings\Martine\Application Data\Mozilla\Firefox\Profiles\yt3vnwpd.default\searchplugins\bing.xml
[2009/01/26 06:25:40 | 00,015,292 | ---- | M] () -- C:\Documents and Settings\Martine\Application Data\Mozilla\Firefox\Profiles\yt3vnwpd.default\searchplugins\wikia-search.xml
[2009/01/26 06:25:53 | 00,001,032 | ---- | M] () -- C:\Documents and Settings\Martine\Application Data\Mozilla\Firefox\Profiles\yt3vnwpd.default\searchplugins\wikipedia-eng.xml
[2009/12/09 06:37:07 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/08/14 14:02:38 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2008/02/27 14:24:51 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}
[2008/10/01 15:29:01 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla(2).org
[2008/11/22 08:45:10 | 00,056,576 | ---- | M] (Foxit Software Company) -- C:\Program Files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
[2008/03/20 17:06:50 | 00,454,656 | ---- | M] (StoneTrip) -- C:\Program Files\Mozilla Firefox\plugins\npSton3D.dll
[2007/03/10 00:16:44 | 00,189,496 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll
[2009/08/26 06:11:27 | 00,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
[2009/08/26 06:11:27 | 00,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
[2009/08/26 06:11:27 | 00,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
[2006/09/10 12:35:08 | 00,000,748 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\MediaDICO-fr.xml
[2009/08/26 06:11:27 | 00,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
[2009/08/26 06:11:27 | 00,000,652 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: (792 bytes) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (no name) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O2 - BHO: (no name) - {EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA} - C:\Program Files\PicLensIE\cooliris.dll (Cooliris Inc.)
O3 - HKLM\..\Toolbar: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No CLSID value found.
O3 - HKU\S-1-5-21-1770633121-2185212140-2792175243-1007\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-1770633121-2185212140-2792175243-1007\..\Toolbar\WebBrowser: (no name) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - No CLSID value found.
O3 - HKU\S-1-5-21-1770633121-2185212140-2792175243-1007\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKU\S-1-5-21-1770633121-2185212140-2792175243-1007\..\Toolbar\WebBrowser: (no name) - {4E7BD74F-2B8D-469E-A0E8-ED6AB197B82D} - No CLSID value found.
O3 - HKU\S-1-5-21-1770633121-2185212140-2792175243-1007\..\Toolbar\WebBrowser: (no name) - {BC4FFE41-DE9F-46FA-B455-AAD49B9F9938} - No CLSID value found.
O3 - HKU\S-1-5-21-1770633121-2185212140-2792175243-1007\..\Toolbar\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No CLSID value found.
O3 - HKU\S-1-5-21-1770633121-2185212140-2792175243-1007\..\Toolbar\WebBrowser: (no name) - {C75C8E7E-5059-4469-AC11-D7544B260382} - No CLSID value found.
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast!] J:\Avast (Anti virus)\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [COMODO Firewall Pro] C:\Program Files\Comodo\Firewall\cfp.exe (COMODO)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\Comodo\Firewall\cfp.exe (COMODO)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [QuickTime Task] J:\Program Files\Quicktime (vidéo)\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - Startup: C:\Documents and Settings\Default User\Menu Démarrer\Programmes\Démarrage\desktop(2).ini ()
O4 - Startup: C:\Documents and Settings\Martine\Menu Démarrer\Programmes\Démarrage\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BackupNoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Launch Cooliris - {3437D640-C91A-458f-89F5-B9095EA4C28B} - C:\Program Files\PicLensIE\cooliris.dll (Cooliris Inc.)
O9 - Extra 'Tools' menuitem : Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\.DEFAULT\..Trusted Domains: 110 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-18\..Trusted Domains: 110 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-20\..Trusted Domains: 110 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-21-1770633121-2185212140-2792175243-1007\..Trusted Domains: 22 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} http://messenger.zone.msn.com/binary/ms ... b31267.cab (Reg Error: Key error.)
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} http://www.creative.com/su/ocx/15015/CTSUEng.cab (Reg Error: Key error.)
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} http://messenger.zone.msn.com/binary/Me ... b31267.cab (Reg Error: Key error.)
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} http://housecall65.trendmicro.com/house ... hcImpl.cab (Trend Micro ActiveX Scan Agent 6.6)
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} http://messenger.zone.msn.com/binary/Mi ... b31267.cab (Reg Error: Key error.)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx2.hotmail.com/mail/w3/pr01/re ... NPUpld.cab (MSN Photo Upload Tool)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/FR-BE/a-U ... E_UNO1.cab (UnoCtrl Class)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://bitdefender.bwm-mediasoft.com/scan8/oscan8.cab (BDSCANONLINE Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/microso ... 5285014078 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microso ... 5284983656 (MUWebControl Class)
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} http://a840.g.akamai.net/7/840/537/2005 ... scan53.cab (Reg Error: Key error.)
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} http://www.inoculer.com/antivirus/Msie/bitdefender.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} http://messenger.zone.msn.com/binary/Me ... b31267.cab (Reg Error: Key error.)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://messenger.zone.msn.com/binary/ZI ... b56649.cab (Reg Error: Key error.)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/Me ... b56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} http://download.mcafee.com/molbin/iss-l ... cfscan.cab (McFreeScan Class)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://www.creative.com/su/ocx/15023/CTPID.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\WINDOWS\system32\guard32.dll) - C:\WINDOWS\system32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (C:\WINDOWS\system32\logonuiX.exe) - C:\WINDOWS\system32\logonuiX.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - J:\Program Files\SASWINLO.DLL - J:\Program Files\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - J:\Program Files\SASSEH.DLL (SuperAdBlocker.com)
O30 - LSA: Authentication Packages - (relog_ap) - C:\WINDOWS\System32\relog_ap.dll (Acronis)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/10/18 20:02:16 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2003/04/10 09:24:34 | 00,004,398 | ---- | M] () - F:\AUTOEXEC.BAT -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (*) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2005/10/01 22:14:19 | 00,000,000 | ---D | M]
NetSvcs: Iprip - C:\WINDOWS\system32\iprip.dll (Microsoft Corporation)
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\system32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found

========== Files/Folders - Created Within 30 Days ==========

[2009/12/09 09:12:24 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/12/09 07:22:36 | 00,000,000 | ---D | C] -- C:\Program Files\Gmer (procédure hijackThis)
[2009/12/07 06:23:34 | 00,000,000 | ---D | C] -- C:\ToolBar SD
[2009/12/07 06:19:19 | 00,000,000 | ---D | C] -- C:\Program Files\RootRepeal
[2009/12/04 21:41:29 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\Martine\Recent
[2009/12/04 06:58:00 | 00,000,000 | ---D | C] -- C:\Program Files\ma-config.com
[2009/12/04 06:58:00 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ma-config.com
[2009/11/24 15:39:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Nero
[2009/11/24 15:39:12 | 00,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Nero
[2009/11/24 15:18:04 | 00,223,128 | ---- | C] (DT Soft Ltd.) -- C:\WINDOWS\System32\drivers\dtscsi.sys
[2009/11/17 09:30:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Martine\.thumbnails
[2009/11/17 09:06:21 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Martine\.gimp-2.6
[2009/11/17 09:06:20 | 00,000,000 | ---D | C] -- J:\1-Divers documents (Martine-Guy)\gegl-0.0
[2009/11/16 06:38:27 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Martine\Local Settings\Application Data\Karen's Power Tools
[2009/11/16 06:37:23 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Karen's Power Tools
[2009/11/14 21:49:16 | 00,000,000 | ---D | C] -- J:\1-Divers documents (Martine-Guy)\LG Electronics
[2009/11/14 21:47:01 | 01,164,728 | ---- | C] (NuMedia Soft, Inc.) -- C:\WINDOWS\System32\NMSDVDXU.dll
[2009/11/14 21:47:01 | 00,630,784 | ---- | C] (ComponentOne) -- C:\WINDOWS\System32\vsflex8u.ocx
[2009/11/14 21:47:01 | 00,419,240 | ---- | C] (VideoSoft) -- C:\WINDOWS\System32\Vsflex7L.ocx
[2009/11/14 21:47:01 | 00,244,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Msflxgrd.ocx
[2009/11/14 21:46:54 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\Martine\Application Data\{D94BA408-F110-488B-A65E-3AE7945F79E6}
[2009/11/14 20:27:15 | 00,016,896 | ---- | C] (Danish Wireless Design A/S) -- C:\WINDOWS\System32\drivers\FlashUsb.sys
[2009/11/14 20:27:15 | 00,000,000 | ---D | C] -- C:\Program Files\infineon
[2009/11/14 20:24:43 | 00,013,056 | ---- | C] (LG Electronics Inc.) -- C:\WINDOWS\System32\drivers\lgusbbus.sys
[2009/11/14 20:18:47 | 00,000,000 | ---D | C] -- C:\GB220
[2009/11/14 14:56:21 | 00,000,000 | ---D | C] -- C:\Program Files\LG Electronics
[2009/11/14 14:55:46 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Martine\Application Data\LG Electronics
[2009/11/14 14:22:27 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\LGMOBILEAX
[2009/11/14 08:21:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Martine\Application Data\ViGlance
[2009/11/14 08:21:52 | 00,000,000 | ---D | C] -- C:\Program Files\ViGlance
[2009/11/10 23:08:24 | 00,094,208 | ---- | C] (Apple Inc.) -- C:\WINDOWS\System32\QuickTimeVR.qtx
[2009/11/10 23:08:24 | 00,069,632 | ---- | C] (Apple Inc.) -- C:\WINDOWS\System32\QuickTime.qts
[2005/07/24 16:07:01 | 00,014,976 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\winddx.sys
[1979/12/31 23:00:00 | 01,301,128 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\mtlstrm.sys
[1979/12/31 23:00:00 | 00,548,952 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\slntamr.sys
[1979/12/31 23:00:00 | 00,221,736 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys
[1979/12/31 23:00:00 | 00,167,384 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys
[1979/12/31 23:00:00 | 00,086,128 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\slnthal.sys

========== Files - Modified Within 30 Days ==========

[2009/12/09 11:52:16 | 11,272,192 | ---- | M] () -- C:\Documents and Settings\Martine\ntuser.dat
[2009/12/09 11:52:16 | 00,000,284 | -HS- | M] () -- C:\Documents and Settings\Martine\ntuser.ini
[2009/12/09 11:52:13 | 14,304,966 | -H-- | M] () -- C:\Documents and Settings\Martine\Local Settings\Application Data\IconCache.db
[2009/12/09 09:49:58 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/12/09 09:12:57 | 00,000,770 | ---- | M] () -- C:\Documents and Settings\Martine\Menu Démarrer\Programmes\Démarrage\ERUNT AutoBackup.lnk
[2009/12/09 09:12:25 | 00,000,614 | ---- | M] () -- C:\Documents and Settings\Martine\Bureau\NTREGOPT.lnk
[2009/12/09 09:12:25 | 00,000,595 | ---- | M] () -- C:\Documents and Settings\Martine\Bureau\ERUNT.lnk
[2009/12/09 07:10:16 | 00,159,744 | ---- | M] () -- C:\Documents and Settings\Martine\Bureau\Premiers nettoyages.doc
[2009/12/09 06:53:59 | 00,002,551 | ---- | M] () -- C:\Documents and Settings\Martine\Bureau\Microsoft Word.lnk
[2009/12/06 09:19:26 | 00,003,105 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2009/12/05 16:56:01 | 04,196,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\logonuiX.exe
[2009/12/05 16:54:03 | 00,000,024 | ---- | M] () -- C:\WINDOWS\LogonStudio.ini
[2009/12/05 07:33:19 | 01,148,376 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/12/05 07:33:19 | 00,521,400 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2009/12/05 07:33:19 | 00,448,016 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/12/05 07:33:19 | 00,440,380 | ---- | M] () -- C:\WINDOWS\System32\perfh040.dat
[2009/12/05 07:33:19 | 00,090,222 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2009/12/05 07:33:19 | 00,073,982 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/12/05 07:33:19 | 00,061,112 | ---- | M] () -- C:\WINDOWS\System32\perfc040.dat
[2009/12/04 09:46:53 | 00,001,732 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Adobe Reader 9.lnk
[2009/12/03 16:14:06 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/12/03 16:13:56 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/12/03 11:15:01 | 00,002,341 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\iTunes.lnk
[2009/12/03 10:57:29 | 00,001,518 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\QuickTime Player.lnk
[2009/12/03 08:08:13 | 00,000,919 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/12/03 08:08:13 | 00,000,456 | -HS- | M] () -- C:\boot.ini
[2009/12/03 08:08:13 | 00,000,256 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/12/02 08:26:10 | 00,000,666 | ---- | M] () -- C:\Documents and Settings\Martine\Bureau\CCleaner.lnk
[2009/12/01 09:48:34 | 00,171,552 | ---- | M] (COMODO) -- C:\WINDOWS\System32\guard32.dll
[2009/12/01 09:48:31 | 00,133,064 | ---- | M] (COMODO) -- C:\WINDOWS\System32\drivers\cmdguard.sys
[2009/11/29 19:34:59 | 00,034,304 | ---- | M] () -- C:\Documents and Settings\Martine\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/11/25 00:54:29 | 01,280,480 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe
[2009/11/25 00:51:09 | 00,093,424 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2009/11/25 00:49:07 | 00,048,560 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2009/11/25 00:48:57 | 00,023,120 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2009/11/25 00:47:54 | 00,027,408 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2009/11/25 00:47:28 | 00,097,480 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\AvastSS.scr
[2009/11/24 16:23:58 | 00,098,304 | ---- | M] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll
[2009/11/24 15:24:27 | 00,721,904 | ---- | M] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009/11/24 15:18:04 | 00,223,128 | ---- | M] (DT Soft Ltd.) -- C:\WINDOWS\System32\drivers\dtscsi.sys
[2009/11/24 11:04:28 | 00,001,508 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Vuze.lnk
[2009/11/22 10:13:34 | 00,066,872 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2009/11/21 07:17:34 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/11/20 18:11:05 | 00,087,104 | ---- | M] (COMODO) -- C:\WINDOWS\System32\drivers\inspect.sys
[2009/11/20 18:11:04 | 00,025,160 | ---- | M] (COMODO) -- C:\WINDOWS\System32\drivers\cmdhlp.sys
[2009/11/20 09:25:55 | 00,000,218 | ---- | M] () -- C:\Documents and Settings\Martine\.recently-used.xbel
[2009/11/19 06:56:45 | 00,000,653 | ---- | M] () -- C:\Documents and Settings\Martine\Bureau\37g86v47.exe.lnk
[2009/11/17 09:06:11 | 00,000,743 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\GIMP 2.lnk
[2009/11/14 21:47:17 | 00,000,910 | ---- | M] () -- C:\Documents and Settings\Martine\Bureau\LG PC Suite III.lnk
[2009/11/14 20:28:29 | 00,002,412 | ---- | M] () -- C:\WINDOWS\System32\lgAxconfig.ini
[2009/11/14 20:10:00 | 00,046,952 | ---- | M] () -- C:\WINDOWS\System32\GDIPFONTCACHEV1.DAT
[2009/11/14 15:16:00 | 00,203,272 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/11/14 07:37:16 | 00,093,696 | ---- | M] () -- C:\WINDOWS\System32\MyDefragScreenSaver.scr
[2009/11/14 07:37:14 | 00,931,328 | ---- | M] (J.C. Kessels) -- C:\WINDOWS\System32\MyDefragScreenSaver.exe
[2009/11/10 23:08:24 | 00,094,208 | ---- | M] (Apple Inc.) -- C:\WINDOWS\System32\QuickTimeVR.qtx
[2009/11/10 23:08:24 | 00,069,632 | ---- | M] (Apple Inc.) -- C:\WINDOWS\System32\QuickTime.qts

========== Files Created - No Company Name ==========

[2009/12/09 09:12:57 | 00,000,770 | ---- | C] () -- C:\Documents and Settings\Martine\Menu Démarrer\Programmes\Démarrage\ERUNT AutoBackup.lnk
[2009/12/09 09:12:25 | 00,000,614 | ---- | C] () -- C:\Documents and Settings\Martine\Bureau\NTREGOPT.lnk
[2009/12/09 09:12:25 | 00,000,595 | ---- | C] () -- C:\Documents and Settings\Martine\Bureau\ERUNT.lnk
[2009/12/09 06:54:32 | 00,159,744 | ---- | C] () -- C:\Documents and Settings\Martine\Bureau\Premiers nettoyages.doc
[2009/12/04 09:46:53 | 00,001,732 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Adobe Reader 9.lnk
[2009/12/03 11:15:01 | 00,002,341 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\iTunes.lnk
[2009/12/03 10:57:29 | 00,001,518 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\QuickTime Player.lnk
[2009/11/20 09:25:55 | 00,000,218 | ---- | C] () -- C:\Documents and Settings\Martine\.recently-used.xbel
[2009/11/19 06:56:51 | 00,000,653 | ---- | C] () -- C:\Documents and Settings\Martine\Bureau\37g86v47.exe.lnk
[2009/11/17 09:06:11 | 00,000,743 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\GIMP 2.lnk
[2009/11/14 21:47:17 | 00,000,910 | ---- | C] () -- C:\Documents and Settings\Martine\Bureau\LG PC Suite III.lnk
[2009/11/14 14:23:12 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\CommonDL.dll
[2009/11/14 14:23:12 | 00,002,412 | ---- | C] () -- C:\WINDOWS\System32\lgAxconfig.ini
[2009/11/13 23:33:11 | 00,380,928 | ---- | C] () -- C:\WINDOWS\System32\actskin4.ocx
[2009/09/24 16:28:00 | 00,018,944 | ---- | C] () -- C:\WINDOWS\System32\xrxscnui.dll
[2009/06/09 05:58:56 | 00,110,592 | ---- | C] () -- C:\WINDOWS\System32\usbr38.dll
[2009/01/07 07:54:45 | 00,000,033 | ---- | C] () -- C:\WINDOWS\Multimedia manager.INI
[2009/01/07 07:51:25 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\LauncherAccess.dt
[2009/01/07 07:15:07 | 00,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2008/12/23 19:33:44 | 00,000,011 | ---- | C] () -- C:\WINDOWS\permis.ini
[2008/12/20 11:48:02 | 00,138,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2008/12/10 16:52:29 | 00,045,794 | ---- | C] () -- C:\Documents and Settings\Martine\Application Data\Update_HP_RedboxHprblog_HPSU.log
[2008/12/10 16:52:29 | 00,000,221 | ---- | C] () -- C:\WINDOWS\HP_RedboxHprblog_HPSU.ini
[2008/10/23 05:44:42 | 02,869,760 | ---- | C] () -- C:\Documents and Settings\Martine\Local Settings\Application Data\cooliris-win-iemin-release-1.8.5.14750.msi
[2008/10/20 05:51:14 | 02,869,760 | ---- | C] () -- C:\Documents and Settings\Martine\Local Settings\Application Data\cooliris-win-iemin-release-1.8.4.14391.msi
[2008/10/04 06:00:34 | 02,849,792 | ---- | C] () -- C:\Documents and Settings\Martine\Local Settings\Application Data\cooliris-win-iemin-release-1.8.3.14080.msi
[2008/09/17 05:42:24 | 00,939,080 | ---- | C] () -- C:\Documents and Settings\Martine\Local Settings\Application Data\cooliris-win-iemin-release-1.8.2.4689.msi
[2008/08/22 07:55:08 | 02,149,376 | ---- | C] () -- C:\Documents and Settings\Martine\Local Settings\Application Data\cooliris-win-iemin-release-1.8.0.4272.msi
[2008/07/25 14:00:21 | 01,854,464 | ---- | C] () -- C:\Documents and Settings\Martine\Local Settings\Application Data\piclens-win-iemin-release-1.7.1.3938.msi
[2008/07/24 07:31:51 | 01,916,928 | ---- | C] () -- C:\Documents and Settings\Martine\Local Settings\Application Data\piclens-win-iefull-release-1.7.1.3900.msi
[2008/07/23 17:50:52 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008/07/23 17:47:34 | 00,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest
[2008/07/23 17:47:34 | 00,000,416 | ---- | C] () -- C:\WINDOWS\System32\dpl100.dll.manifest
[2008/07/23 17:46:38 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2008/06/18 05:35:06 | 01,699,328 | ---- | C] () -- C:\Documents and Settings\Martine\Local Settings\Application Data\piclens-win-iefull-release-1.7.0.3458.msi
[2008/05/31 14:00:36 | 00,688,128 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2008/05/31 14:00:36 | 00,155,648 | ---- | C] () -- C:\WINDOWS\System32\SSLeay32.dll
[2008/05/29 05:28:02 | 01,641,472 | ---- | C] () -- C:\Documents and Settings\Martine\Local Settings\Application Data\piclens-win-iefull-release-1.6.4.3021.msi
[2008/04/13 17:26:17 | 00,081,332 | ---- | C] () -- C:\WINDOWS\System32\bass.dll
[2008/03/25 11:50:28 | 00,347,136 | ---- | C] () -- C:\WINDOWS\System32\binkw32.dll
[2007/12/14 09:52:27 | 00,000,003 | ---- | C] () -- C:\WINDOWS\System32\Trial The Santa Claus 3D.dll
[2007/12/12 09:54:02 | 00,000,193 | ---- | C] () -- C:\WINDOWS\MyDrivers.ini
[2007/12/06 11:15:19 | 00,000,024 | ---- | C] () -- C:\WINDOWS\LogonStudio.ini
[2007/12/05 19:38:41 | 00,003,459 | ---- | C] () -- C:\WINDOWS\stricot.ini
[2007/12/02 13:36:27 | 00,000,034 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2007/09/10 15:25:23 | 00,000,305 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\addr_file.html
[2007/06/12 06:43:34 | 00,000,206 | ---- | C] () -- C:\WINDOWS\System32\ebcefaa_r.dll
[2007/05/06 08:46:38 | 00,000,041 | ---- | C] () -- C:\WINDOWS\System32\aaafe_s.dll
[2007/04/10 16:38:23 | 00,155,411 | ---- | C] () -- C:\WINDOWS\System32\drivers\dump_wmimmc.sys
[2007/01/07 13:32:41 | 00,002,053 | ---- | C] () -- C:\Documents and Settings\Martine\Application Data\Hewlett-PackardHP PSC 1500 series1153030812_PROTOCOL.log
[2007/01/07 13:32:41 | 00,000,589 | ---- | C] () -- C:\Documents and Settings\Martine\Application Data\Hewlett-PackardHP PSC 1500 series1153030812_UI.log
[2007/01/07 13:32:41 | 00,000,221 | ---- | C] () -- C:\WINDOWS\NCLogConfig.ini
[2007/01/07 13:32:41 | 00,000,108 | ---- | C] () -- C:\Documents and Settings\Martine\Application Data\Hewlett-PackardHP PSC 1500 series1153030812_API.log
[2007/01/07 13:25:47 | 00,002,095 | ---- | C] () -- C:\Documents and Settings\Martine\Application Data\HPSU_48BitScanUpdate.log
[2007/01/07 13:25:47 | 00,000,214 | ---- | C] () -- C:\WINDOWS\HP_48BitScanUpdatePatch.ini
[2006/09/06 09:23:05 | 00,721,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2006/09/04 12:56:59 | 00,001,208 | ---- | C] () -- C:\WINDOWS\Radio_Fr.ini
[2006/08/28 15:40:12 | 00,000,736 | ---- | C] () -- C:\WINDOWS\DigimaxMaster.INI
[2006/08/24 15:58:51 | 00,589,824 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2006/08/24 15:58:51 | 00,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2006/08/21 18:51:10 | 00,001,160 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006/08/11 14:45:20 | 00,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006/08/11 14:43:10 | 00,196,608 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2006/08/11 14:43:00 | 01,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006/08/11 14:43:00 | 01,470,464 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006/08/11 14:43:00 | 01,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006/08/11 14:43:00 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006/08/11 14:43:00 | 00,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006/08/08 08:16:03 | 00,000,067 | ---- | C] () -- C:\WINDOWS\StationRipper.INI
[2006/08/05 07:38:50 | 00,071,749 | ---- | C] () -- C:\WINDOWS\hcextoutput.dll
[2006/08/05 07:38:50 | 00,000,823 | ---- | C] () -- C:\WINDOWS\tsc.ini
[2006/08/05 07:38:11 | 00,000,170 | ---- | C] () -- C:\WINDOWS\GetServer.ini
[2006/07/28 11:19:02 | 00,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2006/07/27 06:42:24 | 00,028,672 | ---- | C] () -- C:\WINDOWS\System32\PdeSrvps.dll
[2006/07/27 06:42:22 | 00,005,885 | ---- | C] () -- C:\WINDOWS\UNWISE.INI
[2006/07/16 07:01:54 | 00,000,726 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2006/06/03 06:35:41 | 00,000,021 | ---- | C] () -- C:\WINDOWS\cdtppoint.ini
[2006/05/26 15:23:23 | 00,000,040 | ---- | C] () -- C:\WINDOWS\Navigma.INI
[2006/05/13 16:43:05 | 00,000,112 | ---- | C] () -- C:\WINDOWS\ActiveSkin.INI
[2006/02/27 05:54:15 | 00,000,039 | ---- | C] () -- C:\WINDOWS\System32\CielComponent.ini
[2006/02/27 05:52:48 | 00,110,592 | ---- | C] () -- C:\WINDOWS\System32\XXXProgress.dll
[2006/02/27 05:50:21 | 00,000,032 | ---- | C] () -- C:\WINDOWS\CD_Start.INI
[2006/01/11 13:50:16 | 00,034,304 | ---- | C] () -- C:\Documents and Settings\Martine\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/12/17 13:49:50 | 00,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2005/12/17 13:49:50 | 00,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2005/12/17 13:49:50 | 00,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2005/10/18 18:56:51 | 00,003,712 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2005/10/15 18:03:32 | 00,000,302 | ---- | C] () -- C:\WINDOWS\GALLERY.INI
[2005/10/05 18:03:14 | 00,000,021 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2005/10/02 16:02:47 | 00,260,096 | ---- | C] () -- C:\WINDOWS\System32\cp21_comeai.dll
[2005/10/01 13:29:59 | 00,000,130 | ---- | C] () -- C:\Documents and Settings\Martine\Local Settings\Application Data\fusioncache.dat
[2005/07/24 16:40:04 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/07/24 16:29:24 | 00,000,497 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/07/24 16:26:40 | 00,007,584 | ---- | C] () -- C:\WINDOWS\HDReg.ini
[2005/07/24 16:21:46 | 00,000,501 | ---- | C] () -- C:\WINDOWS\System32\SETUPPC.INI
[2005/07/24 16:13:45 | 00,083,822 | ---- | C] () -- C:\WINDOWS\VGAsetup.ini
[2005/07/24 16:13:36 | 00,097,931 | ---- | C] () -- C:\WINDOWS\System32\VGAunistlog.ini
[2005/07/24 16:13:04 | 00,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2005/07/24 16:13:03 | 00,147,456 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2005/07/24 16:07:01 | 00,475,136 | ---- | C] () -- C:\WINDOWS\System32\SLLights.dll
[2005/07/24 16:07:01 | 00,155,648 | ---- | C] () -- C:\WINDOWS\System32\amr_cpl.dll
[2005/07/24 16:07:01 | 00,135,168 | ---- | C] () -- C:\WINDOWS\System32\SLMOHServ.dll
[2005/06/22 20:54:30 | 04,202,496 | ---- | C] () -- C:\WINDOWS\System32\qt-mt334.dll
[2005/06/22 20:54:30 | 04,202,496 | ---- | C] () -- C:\WINDOWS\System32\qt-mt334(4).dll
[2005/06/22 20:54:30 | 04,202,496 | ---- | C] () -- C:\WINDOWS\System32\qt-mt334(3).dll
[2005/06/22 20:54:30 | 04,202,496 | ---- | C] () -- C:\WINDOWS\System32\qt-mt334(2).dll
[2005/05/20 13:05:02 | 00,005,606 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/05/20 13:05:02 | 00,005,606 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO(2).INI
[2005/03/14 13:38:28 | 00,000,469 | ---- | C] () -- C:\WINDOWS\bdoscandellang.ini
[2004/08/16 17:25:16 | 00,000,926 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/16 16:41:02 | 00,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv(2).sys
[2004/08/16 16:40:40 | 00,014,336 | ---- | C] () -- C:\WINDOWS\System32\msdmo(9).dll
[2004/08/16 16:40:40 | 00,014,336 | ---- | C] () -- C:\WINDOWS\System32\msdmo(8).dll
[2004/08/16 16:40:40 | 00,014,336 | ---- | C] () -- C:\WINDOWS\System32\msdmo(7).dll
[2004/08/16 16:40:40 | 00,014,336 | ---- | C] () -- C:\WINDOWS\System32\msdmo(6).dll
[2004/08/16 16:40:40 | 00,014,336 | ---- | C] () -- C:\WINDOWS\System32\msdmo(5).dll
[2004/08/16 16:40:40 | 00,014,336 | ---- | C] () -- C:\WINDOWS\System32\msdmo(4).dll
[2004/08/16 16:40:40 | 00,014,336 | ---- | C] () -- C:\WINDOWS\System32\msdmo(3).dll
[2004/08/16 16:40:40 | 00,014,336 | ---- | C] () -- C:\WINDOWS\System32\msdmo(2).dll
[2004/08/16 16:40:31 | 00,199,168 | ---- | C] () -- C:\WINDOWS\System32\ir32_32(3).dll
[2004/08/16 16:40:31 | 00,199,168 | ---- | C] () -- C:\WINDOWS\System32\ir32_32(2).dll
[2004/08/03 16:00:00 | 00,773,120 | ---- | C] () -- C:\WINDOWS\System32\RGSS100J.dll
[2002/11/01 15:17:50 | 00,000,256 | ---- | C] () -- C:\WINDOWS\aucfg.ini
[2002/07/04 14:05:34 | 00,000,269 | ---- | C] () -- C:\WINDOWS\tmupdate.ini
[2001/12/14 12:34:46 | 00,164,864 | ---- | C] () -- C:\WINDOWS\patchw32.dll
[2001/07/06 14:30:00 | 00,003,279 | ---- | C] () -- C:\WINDOWS\System32\HPTCPMON.INI
[1999/07/23 12:46:48 | 00,000,116 | ---- | C] () -- C:\WINDOWS\AuHCcup1.ini
[1999/07/23 09:53:20 | 00,129,536 | ---- | C] () -- C:\WINDOWS\AuHCcup1.dll
[1999/01/22 19:46:58 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
[1998/09/14 20:43:16 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\TWAIN32d.dll
[1979/12/31 23:00:00 | 00,188,416 | ---- | C] () -- C:\WINDOWS\System32\slextspk.dll
[1979/12/31 23:00:00 | 00,159,744 | ---- | C] () -- C:\WINDOWS\System32\SLGen.dll
[1979/12/31 23:00:00 | 00,135,168 | ---- | C] () -- C:\WINDOWS\System32\property.dll
[1979/12/31 23:00:00 | 00,049,152 | ---- | C] () -- C:\WINDOWS\System32\coinst.dll

========== Custom Scans ==========


<SYSTEMDRIVE>
[2001/05/24 11:59:30 | 00,162,304 | ---- | M] () -- C:\UNWISE.EXE


<MD5>
[2008/04/13 19:36:38 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 19:36:38 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004/08/03 22:07:42 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys

<MD5>
[2008/04/13 19:40:30 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 19:40:30 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/03 21:59:44 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

<MD5>
[2004/08/05 13:00:00 | 00,055,808 | ---- | M] (Microsoft Corporation) MD5=21E83876A6287F15538EF187D286FE11 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
[2008/04/14 03:33:24 | 00,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/14 03:33:24 | 00,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\system32\eventlog.dll

<MD5>
[2008/04/14 03:33:34 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/14 03:33:34 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\system32\netlogon.dll
[2004/08/05 13:00:00 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=FAF07FDCDE76000621A28D19F8E2E8EB -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

<MD5>
[2008/04/14 03:33:40 | 00,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/14 03:33:40 | 00,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\system32\scecli.dll
[2004/08/05 13:00:00 | 00,186,368 | ---- | M] (Microsoft Corporation) MD5=DEC0397F35D027874804EC72979D03CC -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll

<systemroot>
<End>
Zoom62
 
Messages: 25
Inscription: 03 Déc 2009, 17:22
Localisation: Bruxelles

Besoin d'aide

Messagede Zoom62 » 10 Déc 2009, 09:11

Rapport OTL Extras.Txt:

OTL Extras logfile created on: 9/12/2009 21:46:12 - Run 2
OTL by OldTimer - Version 3.1.11.4 Folder = J:\Program Files\Hijackthis\OTL (analyse HijackThis)
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 0000080C | Country: Belgique | Language: FRB | Date Format: d/MM/yyyy

1022,73 Mb Total Physical Memory | 639,63 Mb Available Physical Memory | 62,54% Memory free
3,86 Gb Paging File | 3,49 Gb Available in Paging File | 90,26% Paging File free
Paging file location(s): [Binary data over 100 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 48,98 Gb Total Space | 14,21 Gb Free Space | 29,01% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 7,99 Gb Total Space | 3,53 Gb Free Space | 44,20% Space Free | Partition Type: FAT32
G: Drive not present or media not loaded
H: Drive not present or media not loaded
Drive I: | 32,23 Gb Total Space | 9,00 Gb Free Space | 27,94% Space Free | Partition Type: NTFS
Drive J: | 65,85 Gb Total Space | 31,68 Gb Free Space | 48,12% Space Free | Partition Type: NTFS
Drive M: | 31,25 Gb Total Space | 9,52 Gb Free Space | 30,47% Space Free | Partition Type: NTFS

Computer Name: Zoom
Current User Name: Martine
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- Reg Error: Key error. File not found

[HKEY_USERS\S-1-5-21-1770633121-2185212140-2792175243-1007\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- J:\Program Files\VLC Media Player\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- J:\Program Files\VLC Media Player\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"FirewallDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"4000:TCP" = 4000:TCP:*:Enabled:Diablo
"6112:TCP" = 6112:TCP:*:Enabled:Diablo2

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- File not found
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- (Lime Wire, LLC)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour -- (Apple Inc.)
"F:\MININT\system32\p000001\APPS\skype\phone\Skype.exe" = F:\MININT\system32\p000001\APPS\skype\phone\Skype.exe:*:Enabled:Skype -- ()
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- File not found
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001040C-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 SR-1 Professional
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{0611BD4E-4FE4-4a62-B0C0-18A4CC463428}" = CP_Package_Variety1
"{065D5505-3821-4C2E-BB6C-FE66A7E7CB4F}" = USB Flash Port Driver
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{09984AEC-6B9F-4ca7-B78D-CB44D4771DA3}" = Destinations
"{0B1C0E32-0589-49BE-AFEE-6888ED4A4FF4}" = Analyseur XML Microsoft
"{0B33B738-AD79-4E32-90C5-E67BFB10BBFF}" = AiO_Scan
"{0C0BE8DE-7BD2-45A5-BBA4-95C9FA2CE292}" = DM_Install
"{0FA44E79-CD7D-4E8D-A2EE-26FE05F509B6}" = OpenOffice.org 3.1
"{1103112B-513D-4DEF-96B4-9889774E0118}" = Creative Zen Touch
"{121634B0-2F4A-11D3-ADA3-00C04F52DD53}" = Windows Installer Clean Up
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{175B7C4A-CAF8-437A-B597-73E0D2D970FE}" = Détecteur de flux Windows Live Toolbar (Windows Live Toolbar)
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1C139D7D-9FEA-468d-A9C8-2A6E3BDE564A}" = CP_Package_Variety3
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Sonic MyDVD
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}" = Adobe ExtendScript Toolkit 2
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 17
"{29B3C64A-0F93-47CD-9C54-72C0C5578487}" = Samsung PC Studio
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2CADCEAB-D5DA-44D6-B5FC-7DEE87AB3C0C}" = Unload
"{2E0C1913-886B-4C5C-8DAF-D1E649CE5FCC}" = Creative MediaSource
"{30C19FF2-7FBA-4d09-B9DE-1659977F64F6}" = TrayApp
"{318AB667-3230-41B5-A617-CB3BF748D371}" = iTunes
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java(TM) SE Runtime Environment 6
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3585ED1C-74C5-43B0-A232-831B96A12A2B}" = Menus intelligents (Windows Live Toolbar)
"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{4002F73D-EBB3-4EA1-A2FF-DBCB4529759E}" = Barre d'outils Outlook de Windows Live (Windows Live Toolbar)
"{425FFD94-36BD-4933-881B-FE0B9DADF2B7}" = Ma-Config.com
"{46ABBC54-1872-4AA3-95E2-F2C063A63F31}" = Installation Windows Live
"{48110A46-A3A4-481E-8230-7873B7F4C696}" = Nokia Software Updater
"{514DF7BB-D192-417C-BB60-58BF1FD34253}" = S500/S600 USB Driver
"{51F366F4-C2E4-429A-866A-59C885ED42FD}" = Bloqueur de fenêtres pop-up (Windows Live Toolbar)
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{54E3707F-808E-4fd4-95C9-15D1AB077E5D}" = NewCopy
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{56F8AFC3-FA98-4ff1-9673-8A026CBF85BE}" = WebReg
"{5B79CFD1-6845-4158-9D7D-6BE89DF2C135}" = HP PSC & OfficeJet 5.3.B
"{5F82B545-AE13-45ED-A8A2-67E56F3165BC}" = Conjugaison
"{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}" = Adobe Setup
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6994491D-D491-48F1-AE1F-E179C1FFFC2F}" = HP Photosmart Essential
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6BB6627C-694F-4FDC-A3E5-C7F4BED4C724}" = DocProc
"{6CDC748B-47B0-45EB-B740-681E8429F7F9}" = Opera 10.01
"{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}" = Adobe Color Common Settings
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{73B5D990-04EA-4751-B10F-5534770B91F2}" = Adobe Color EU Recommended Settings
"{770F1BEC-2871-4E70-B837-FB8525FFA3B1}" = Windows Live Messenger
"{77A1C7DD-E4F6-4057-92FC-710219215987}" = Logitech G11 Keyboard Software 1.03
"{7850A6D2-CBEA-4728-9877-F1BEDEA9F619}" = AiOSoftware
"{7AC15160-A49B-4A89-B181-D4619C025FFF}" = Samsung Samples Installer
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7C9B95B7-B598-4398-B30F-7F6827192E6C}" = ProductContext
"{7D1D6A24-65D4-454C-8815-4F08A5FFF12C}" = Macromedia Shockwave Player
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}" = Windows Live Call
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{868D7896-99D4-4513-BC62-2B3AD3E24926}" = TuneUp Utilities 2006
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8F5A0981-5CDC-41D0-BCA2-AD3B777FC358}" = Thrustmaster FFB Driver
"{9011040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{911B040C-6000-11D3-8CFE-0050048383C9}" = Microsoft Word 2002
"{923A7F5A-1E8C-4FBE-8DF6-85940A60A79F}" = Readme
"{924EB80F-C2BB-4B9F-8412-88BBA937393F}" = MobileMe Control Panel
"{926DEB4E-2B0A-4C5C-AE4A-BF6C06949702}" = Adobe Setup
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = Sonic RecordNow!
"{9A394342-4A68-4EBA-85A6-55B559F4E700}" = Microsoft .NET Framework 1.1 French Language Pack
"{9C7C8898-DC29-4E8B-9E77-55A77C3250F6}" = PC Connectivity Solution
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A195B13E-A5E3-4BAF-A995-7F70F445CD06}" = ScannerCopy
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A804B134-F03D-4EFD-9BC0-DCD257AA1B22}" = Hitman Blood Money
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{ABD7DBE3-E344-4BCA-B8AD-4360494DD1D9}" = LG MC USB U330 driver
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1036-7B44-A92000000001}" = Adobe Reader 9.2 - Français
"{AC7EE5F1-0DE4-4256-8E43-92B73C8E6019}" = LG Bluetooth Drivers
"{ADA6814F-4DB9-468A-A3F0-A41E68C459EB}_is1" = ZNsoft Free 2007
"{AEC0CEBC-0FC7-4716-8222-1C4A742719B1}" = Digimax Master
"{AFD12747-7CDA-49A5-BC5F-18B90FAD6822}" = DM_Install
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}" = Adobe Setup
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B824B5C9-849F-4b9e-9EA7-6FD8CD8116DA}" = CP_Package_Variety2
"{B996AE66-10DB-4ac5-B151-E8B4BFBC42FC}" = BufferChm
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BA63612E-0458-416A-ADCD-B2349194F20F}" = Creative ZEN Nano Plus
"{BEAD39CD-901D-4267-8B8B-EAA83CB4B70D}" = Pivot Stickfigure Animator
"{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}" = Creative MediaSource 5
"{BF794769-8875-4E01-B7BE-E00104604F4A}" = Adobe Photoshop CS3
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C4A4722E-79F9-417C-BD72-8D359A090C97}" = Samsung PC Studio
"{C506A18C-1469-4678-B094-F4EC9DAE6DB7}" = Scan
"{C92651B8-39F6-3DD5-80EF-E71D2A21DE2F}" = PicLens for Internet Explorer
"{CA83357B-931E-44DC-AD43-9996FEEB8116}" = TrueImage
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CE24344F-DFD8-40C8-8FD8-C9740B5F25AC}" = Fax
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D137B59C-551C-4659-8AA8-206FA650BF40}" = LG USB Modem Drivers
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}" = Assistant de connexion Windows Live
"{D518AD32-C710-4616-BA0D-D4B1FA5F82E8}" = Extension de Windows Live Toolbar (Windows Live Toolbar)
"{D94BA408-F110-488B-A65E-3AE7945F79E6}_is1" = Désinst. LG PC Suite III
"{DB52432E-3AD8-41A5-A586-0F065FB6A31E}" = Game Cam
"{DCA1EA45-4F03-3842-B36A-EF5369BDD0DB}" = Cooliris for Internet Explorer
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{E3F90083-80D4-4b5a-87C7-E97E12F5516D}" = HPProductAssistant
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E6DA58C0-4EC5-4F5E-B73E-2F22ED30ACFC}" = Razer Krait
"{EA103B64-C0E4-4C0E-A506-751590E1653D}" = SolutionCenter
"{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}" = Samsung PC Studio 3 USB Driver Installer
"{EC4455AB-F155-4CC1-A4C5-88F3777F9886}" = Apple Mobile Device Support
"{EE0D5DCD-2B97-4473-98DF-E93C0BD92F7A}" = Adobe Stock Photos 1.0
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F242B06B-517F-4D62-B654-16B11564A912}" = OneCare Advisor (Windows Live Toolbar)
"{F4C2E5F5-2970-45f4-ABD3-C180C4D961C4}" = Status
"{F9E3CA72-816F-3905-898C-3962A49F666A}" = Cooliris for Internet Explorer
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FE57DE70-95DE-4B64-9266-84DA811053DB}" = HP Update
"{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}" = Adobe Color NA Extra Settings
"7D6D030B3D73FCCA3D4E45319380F315DFBE7A54" = Package de pilotes Windows - Infineon Technologies (FlashUSB) USB (04/16/2009 1.0.0.6)
"8461-7759-5462-8226" = Vuze
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_3e054d2218e7aa282c2369d939e58ff" = Adobe ExtendScript Toolkit 2
"Adobe_6c8e2cb4fd241c55406016127a6ab2e" = Adobe Color Common Settings
"aignesamdeadlink" = AM-DeadLink 3.3
"Ask Toolbar_is1" = Foxit Toolbar
"a-squared Free_is1" = a-squared Free 3.5
"Audacity_is1" = Audacity 1.2.6
"avast!" = avast! Antivirus
"Battle.net" = Battle.net
"CCleaner" = CCleaner
"COMODO Firewall Pro" = COMODO Firewall Pro
"Creative Jukebox Driver" = Creative Jukebox Driver
"Diablo II" = Diablo II
"ERUNT_is1" = ERUNT 1.1j
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"FastStone Capture" = FastStone Capture 4.8
"Folderico" = Folderico 3.7.2
"Foxit Reader" = Foxit Reader
"Fraps" = Fraps (remove only)
"GlobFX Space Travel" = GlobFX Space Travel
"Guild Wars" = GUILD WARS
"HP Imaging Device Functions" = HP Imaging Device Functions 5.3
"HP Solution Center & Imaging Support Tools" = HP Solution Center & Imaging Support Tools 5.3
"Infineon USB driver_is1" = Infineon USB driver 1.0.0.6
"INFORAD MANAGER_is1" = INFORAD MANAGER 3.4
"Inkscape" = Inkscape 0.46
"Karen's Directory Printer" = Karen's Directory Printer
"LimeWire" = LimeWire 5.2.13
"LogonStudio" = LogonStudio
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.5.5)" = Mozilla Firefox (3.5.5)
"Mozilla Thunderbird (2.0.0.22)" = Mozilla Thunderbird (2.0.0.22)
"MSNINST" = MSN
"Multi Virus Cleaner 2008_is1" = Multi Virus Cleaner 2008
"Multi Virus Cleaner 2009_is1" = Multi Virus Cleaner 2009
"My Drivers 3.11" = My Drivers 3.11
"MyDefrag v4.2.5_is1" = MyDefrag v4.2.5
"MyDefrag v4.2.6_is1" = MyDefrag v4.2.6
"MyDefrag_is1" = MyDefrag v4.1.2
"NVIDIA Drivers" = NVIDIA Drivers
"PunkBusterSvc" = PunkBuster Services
"RGSS de RPG MAKER XP_is1" = RGSS de RMXP version 1.0.1
"SAMSUNG CDMA Modem" = SAMSUNG CDMA Modem Driver Set
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"Shockwave" = Shockwave
"SideWinder Precision 2" = SideWinder Precision 2
"SiS VGA Driver" = SiS VGA Utilities
"Steam App 10" = Counter-Strike
"Steam App 590" = Left 4 Dead 2 Demo
"SWIV 3D" = SWIV 3D
"SysInfo" = Creative System Information
"TRUST SPYC@M 100_is1" = TRUST SPYC@M 100
"TuneUpMedia" = TuneUp Companion 1.5.9
"Unlocker" = Unlocker 1.8.7
"ViGlance" = ViGlance
"VLC media player" = VLC media player 0.9.6
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows XP Service" = Windows XP Service Pack 3
"WinGimp-2.0_is1" = GIMP 2.6.7
"WinLiveSuite_Wave3" = Installation Windows Live
"WinRAR archiver" = Archiveur WinRAR
"YInstHelper" = Yahoo! Install Manager

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1770633121-2185212140-2792175243-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Notification de cadeaux MSN" = Notification de cadeaux MSN

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]
Error - 21/08/2009 2:17:53 | Computer Name = Zoom | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Program Files\InstallShield Installation Information\{DB52432E-3AD8-41A5-A586-0F065FB6A31E}\setup.ilg
failed, 00000005.

Error - 24/08/2009 3:51:22 | Computer Name = Zoom | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Program Files\InstallShield Installation Information\{DB52432E-3AD8-41A5-A586-0F065FB6A31E}\setup.ilg
failed, 00000005.

Error - 27/08/2009 1:44:00 | Computer Name = Zoom | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Program Files\InstallShield Installation Information\{DB52432E-3AD8-41A5-A586-0F065FB6A31E}\setup.ilg
failed, 00000005.

Error - 27/08/2009 1:59:49 | Computer Name = Zoom | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\RECYCLER\S-1-5-21-1770633121-2185212140-2792175243-1010\Dc1.jpg failed, 00000005.


Error - 16/09/2009 1:33:57 | Computer Name = Zoom | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Program Files\InstallShield Installation Information\{DB52432E-3AD8-41A5-A586-0F065FB6A31E}\setup.ilg
failed, 00000005.

Error - 1/10/2009 4:46:50 | Computer Name = Zoom | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Program Files\InstallShield Installation Information\{DB52432E-3AD8-41A5-A586-0F065FB6A31E}\setup.ilg
failed, 00000005.

Error - 14/10/2009 1:43:37 | Computer Name = Zoom | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Program Files\InstallShield Installation Information\{DB52432E-3AD8-41A5-A586-0F065FB6A31E}\setup.ilg
failed, 00000005.

Error - 14/10/2009 1:59:20 | Computer Name = Zoom | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\RECYCLER\S-1-5-21-1770633121-2185212140-2792175243-1010\Dc1.jpg failed, 00000005.


Error - 14/10/2009 1:59:20 | Computer Name = Zoom | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\RECYCLER\S-1-5-21-1770633121-2185212140-2792175243-1010\Dc2.jpg failed, 00000005.


Error - 24/11/2009 1:34:27 | Computer Name = Zoom | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Program Files\InstallShield Installation Information\{DB52432E-3AD8-41A5-A586-0F065FB6A31E}\setup.ilg
failed, 00000005.

[ Application Events ]
Error - 1/12/2009 1:27:24 | Computer Name = Zoom | Source = PerfNet | ID = 2004
Description = Impossible d'ouvrir le Service serveur. Les données de performance
du serveur ne seront pas renvoyées. Le code d'erreur renvoyé est la donnée DWORD
0.

Error - 1/12/2009 4:48:32 | Computer Name = Zoom | Source = crypt32 | ID = 131083
Description = Échec de l'extraction de la liste racine tierce partie depuis le fichier
CAB de mise à jour automatique à : <http>
avec l'erreur : Une erreur interne de chaînage des certificats s'est produite.

Error - 1/12/2009 4:50:28 | Computer Name = Zoom | Source = PerfNet | ID = 2004
Description = Impossible d'ouvrir le Service serveur. Les données de performance
du serveur ne seront pas renvoyées. Le code d'erreur renvoyé est la donnée DWORD
0.

Error - 1/12/2009 7:06:51 | Computer Name = Zoom | Source = Application Error | ID = 1000
Description = Application défaillante hitmanbloodmoney.exe, version 0.0.0.0, module
défaillant hitmanbloodmoney.exe, version 0.0.0.0, adresse de défaillance 0x0005d5fd.

Error - 2/12/2009 1:42:32 | Computer Name = Zoom | Source = PerfNet | ID = 2004
Description = Impossible d'ouvrir le Service serveur. Les données de performance
du serveur ne seront pas renvoyées. Le code d'erreur renvoyé est la donnée DWORD
0.

Error - 3/12/2009 1:08:09 | Computer Name = Zoom | Source = PerfNet | ID = 2004
Description = Impossible d'ouvrir le Service serveur. Les données de performance
du serveur ne seront pas renvoyées. Le code d'erreur renvoyé est la donnée DWORD
0.

Error - 6/12/2009 10:05:30 | Computer Name = Zoom | Source = Application Error | ID = 1000
Description = Application défaillante hitmanbloodmoney.exe, version 0.0.0.0, module
défaillant hitmanbloodmoney.exe, version 0.0.0.0, adresse de défaillance 0x0005d47d.

Error - 6/12/2009 10:06:24 | Computer Name = Zoom | Source = Application Error | ID = 1000
Description = Application défaillante hitmanbloodmoney.exe, version 0.0.0.0, module
défaillant hitmanbloodmoney.exe, version 0.0.0.0, adresse de défaillance 0x0005d47d.

Error - 6/12/2009 10:35:29 | Computer Name = Zoom | Source = Application Error | ID = 1000
Description = Application défaillante hitmanbloodmoney.exe, version 0.0.0.0, module
défaillant hitmanbloodmoney.exe, version 0.0.0.0, adresse de défaillance 0x0005d47d.

Error - 8/12/2009 6:14:33 | Computer Name = Zoom | Source = Application Error | ID = 1000
Description = Application défaillante hitmanbloodmoney.exe, version 0.0.0.0, module
défaillant hitmanbloodmoney.exe, version 0.0.0.0, adresse de défaillance 0x0005d47d.

[ System Events ]
Error - 9/12/2009 6:53:13 | Computer Name = Zoom | Source = DCOM | ID = 10005
Description = DCOM a reçu l'erreur "%1058" lors de la mise en route du service SENS
avec les arguments "" pour démarrer le serveur : {D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E}

Error - 9/12/2009 16:22:34 | Computer Name = Zoom | Source = DCOM | ID = 10005
Description = DCOM a reçu l'erreur "%1058" lors de la mise en route du service SENS
avec les arguments "" pour démarrer le serveur : {D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E}

Error - 9/12/2009 16:22:34 | Computer Name = Zoom | Source = DCOM | ID = 10005
Description = DCOM a reçu l'erreur "%1058" lors de la mise en route du service SENS
avec les arguments "" pour démarrer le serveur : {D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E}

Error - 9/12/2009 16:24:18 | Computer Name = Zoom | Source = DCOM | ID = 10005
Description = DCOM a reçu l'erreur "%1058" lors de la mise en route du service BITS
avec les arguments "" pour démarrer le serveur : {4991D34B-80A1-4291-83B6-3328366B9097}

Error - 9/12/2009 16:27:07 | Computer Name = Zoom | Source = DCOM | ID = 10005
Description = DCOM a reçu l'erreur "%1058" lors de la mise en route du service SENS
avec les arguments "" pour démarrer le serveur : {D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E}

Error - 9/12/2009 16:27:11 | Computer Name = Zoom | Source = DCOM | ID = 10005
Description = DCOM a reçu l'erreur "%1058" lors de la mise en route du service SENS
avec les arguments "" pour démarrer le serveur : {D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E}

Error - 9/12/2009 16:27:29 | Computer Name = Zoom | Source = DCOM | ID = 10005
Description = DCOM a reçu l'erreur "%1058" lors de la mise en route du service MDM
avec les arguments "" pour démarrer le serveur : {0C0A3666-30C9-11D0-8F20-00805F2CD064}

Error - 9/12/2009 16:39:12 | Computer Name = Zoom | Source = DCOM | ID = 10005
Description = DCOM a reçu l'erreur "%1058" lors de la mise en route du service MDM
avec les arguments "" pour démarrer le serveur : {0C0A3666-30C9-11D0-8F20-00805F2CD064}

Error - 9/12/2009 16:39:12 | Computer Name = Zoom | Source = DCOM | ID = 10005
Description = DCOM a reçu l'erreur "%1058" lors de la mise en route du service SENS
avec les arguments "" pour démarrer le serveur : {D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E}

Error - 9/12/2009 16:39:13 | Computer Name = Zoom | Source = DCOM | ID = 10005
Description = DCOM a reçu l'erreur "%1058" lors de la mise en route du service SENS
avec les arguments "" pour démarrer le serveur : {D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E}


<End>
Zoom62
 
Messages: 25
Inscription: 03 Déc 2009, 17:22
Localisation: Bruxelles

PrécédenteSuivante

Retourner vers Sécurité (Contamination - Décontamination)

Qui est en ligne

Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 8 invités