analise lente et pc ki ventile

Accélérer son PC et résoudre les problèmes de lenteur PC et Windows

Modérateur : Mods Windows

elsass

analise lente et pc ki ventile

par elsass »

salut a tous ,

mon soucis analise kaspersky lente ( 15 % en 5 hr !!! ) et pc qui ventile !!!!
j attend vos conseils merci d avance...
SkyTech

Re: analise lente et pc ki ventile

par SkyTech »

Salut,

Pour voir :


Télécharge Random's System Information Tool (RSIT) (de random/random) et sauvegarde-le sur le Bureau.
  • Double-clique sur RSIT.exe afin de lancer RSIT.
  • Clique Continue à l'écran Disclaimer.
  • Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
  • Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (qui sera affiché)
    ainsi que de info.txt (qui sera réduit dans la Barre des Tâches)
  • NB : Les rapports sont sauvegardés dans le dossier C:\rsit
  • Veille bien à me poster l'intégralité des rapports, vérifie qu'ils soient complets une fois que tu les as postés.
Sous Seven, clic droit sur RSIT, Propriété :

Image
elsass

Re: analise lente et pc ki ventile

par elsass »

ok merci !!! j éspere j ai bien fait la manip.

info.txt logfile of random's system information tool 1.06 2010-06-15 14:50:19

======Uninstall list======

-->MsiExec.exe /I{977FBE6C-AE9A-4429-B249-814F0B3A4CB1}
Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A90000000001}
Advertising Center-->MsiExec.exe /X{b2ec4a38-b545-4a00-8214-13fe0e915e6d}
Apple Application Support-->MsiExec.exe /I{553255F3-78FD-40F1-A6F8-6882140265FE}
Apple Mobile Device Support-->MsiExec.exe /I{9DE1BE03-AFE2-4CDB-BFEB-D06D736CD01A}
Apple Software Update-->MsiExec.exe /I{C41300B9-185D-475E-BFEC-39EF732F19B1}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
ArcSoft PhotoImpression 4-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{546C7D0B-1E12-4573-BCD0-F5B0D3C66A74}\Setup.exe" -l0x40c
Assistant de connexion Windows Live-->MsiExec.exe /I{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}
ASUS InstantFun-->MsiExec.exe /I{57B15AD4-8C9D-4164-82BB-E33D8644E757}
ASUS Live Update-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}\setup.exe" -l0x9
ASUS Splendid Video Enhancement Technology-->C:\Program Files\InstallShield Installation Information\{C0FC1C14-4824-4A73-87A6-9E888C9C3102}\SETUP.exe -runfromtemp -l0x0009 -removeonly
ASUS Touch Pad Extra-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DB891739-2EB3-45A8-9CBD-941C255CECD4}\SETUP.EXE" -l0x9
Asus_Camera_ScreenSaver-->"C:\Windows\ASUS Camera ScreenSaver Uninstaller.exe"
Atheros Driver Installation Program-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{28006915-2739-4EBE-B5E8-49B25D32EB33}\SETUP.exe" -l0x9 -removeonly
ATK Generic Function Service-->C:\Program Files\InstallShield Installation Information\{D3D54F3E-C5C3-443D-978F-87A72E5616E8}\setup.exe -runfromtemp -l0x0009 -removeonly
ATK Hotkey-->C:\Program Files\InstallShield Installation Information\{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}\SETUP.exe -runfromtemp -l0x0009 -removeonly
ATK Media-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{139B0FFA-187E-4BA1-BCA6-6B56B2B6AB8C}\SETUP.EXE" -l0x9
ATKOSD2-->C:\Program Files\InstallShield Installation Information\{5C1DB4ED-E9B4-402D-BB14-D75D97D6C1A6}\SETUP.exe -runfromtemp -l0x0009 -removeonly
Bonjour-->MsiExec.exe /X{8A253629-0511-4854-8B4E-46E57E66005C}
CamStudio-->C:\Program Files\CamStudio\uninstall.exe
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Free Mp3 Wma Converter V 1.9-->"C:\Program Files\Free Audio Pack\unins000.exe"
Hide IP NG 1.54-->"C:\Program Files\Hide IP NG\unins000.exe"
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
iTunes-->MsiExec.exe /I{5ECB3A3C-980B-4D12-9724-25DCB07A1F47}
IZArc 3.81-->"C:\Program Files\IZArc\unins000.exe"
Java(TM) 6 Update 18-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216018FF}
Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}
Kaspersky Internet Security 2010-->MsiExec.exe /I{9D8B0949-7C47-476F-9F06-F900D3B078EA}
Kaspersky Internet Security 2010-->MsiExec.exe /I{9D8B0949-7C47-476F-9F06-F900D3B078EA}
LifeFrame2-->MsiExec.exe /I{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}
Mega Manager-->"C:\Program Files\InstallShield Installation Information\{3B6E3FC6-274C-4B6C-BC85-5C3B15DE18E2}\setup.exe" -runfromtemp -l0x0409 -removeonly
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
Microsoft .NET Framework 3.5 SP1-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
Mozilla Firefox (3.6.3)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVC80_x86_v2-->MsiExec.exe /I{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}
MSVC90_x86-->MsiExec.exe /I{AF111648-99A1-453E-81DD-80DBBF6DAD0D}
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
NB Probe-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}\SETUP.EXE" -l0x9
Nero 9 Essentials-->C:\Program Files\Common Files\Nero\Nero ProductInstaller 4\SetupX.exe REMOVESERIALNUMBER="XM02-508X-MHAT-19WU-9Z3Z-0CH0-3U6E-85W5-MMHH-6647-1Z5L-7M8C-0U45-758P-0000"
Nero ControlCenter-->MsiExec.exe /X{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}
Nero Installer-->MsiExec.exe /X{e8a80433-302b-4ff1-815d-fcc8eac482ff}
Nero Online Upgrade-->MsiExec.exe /X{dba84796-8503-4ff0-af57-1747dd9a166d}
Nero StartSmart OEM-->MsiExec.exe /X{4D43D635-6FDA-4fa5-AA9B-23CF73D058EA}
Nero StartSmart-->MsiExec.exe /X{7748ac8c-18e3-43bb-959b-088faea16fb2}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Nokia Connectivity Cable Driver-->MsiExec.exe /I{B9C9DB4C-6D77-4AE9-AD1C-C708C23239A0}
Nokia Ovi Player-->MsiExec.exe /I{50D25574-2C48-4AEC-8FFC-32AEAD2EAEFF}
Nokia Ovi Suite Software Updater-->MsiExec.exe /X{4FFD1AB4-54F0-4069-88D9-3A55B38F874B}
Nokia Ovi Suite-->C:\ProgramData\OviInstallerCache\{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}\Nokia_Ovi_Suite_11_update.exe
Nokia Ovi Suite-->MsiExec.exe /X{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}
Nokia Photos-->MsiExec.exe /I{0EABFEF6-6D10-4C12-8667-3029C481D355}
Nokia_Multimedia_Common_Components_2_5-->MsiExec.exe /I{70B31335-50EE-4834-8431-27412CDE62BD}
NVIDIA Drivers-->C:\Windows\system32\NVUNINST.EXE UninstallGUI
OpenOffice.org 3.2-->MsiExec.exe /I{4EE2EF4B-25D3-4D44-8384-A2B96F811F55}
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Ovi Desktop Sync Engine-->MsiExec.exe /X{60DED9C2-22BF-47A3-B6C8-6B141BA31DFD}
OviMPlatform-->MsiExec.exe /I{4E1CD3D5-D4EE-4246-AE24-F0FD5A60390D}
Package de pilotes Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)-->C:\PROGRA~1\DIFX\B4723E9A0713E5B1\dpinst.exe /u C:\Windows\system32\DRVSTORE\pccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294\pccsmcfd.inf
PC Connectivity Solution-->MsiExec.exe /I{7397EDED-F38A-4654-B669-BF61065803D0}
Power4Gear eXtreme-->C:\Program Files\InstallShield Installation Information\{8CFEBE9C-F29F-4C49-80E0-7106970F8734}\setup.exe -runfromtemp -l0x0009 -removeonly
PowerForPhone-->C:\Program Files\InstallShield Installation Information\{FC3D290D-79BE-44B7-ABF9-FDD110925930}\setup.exe -runfromtemp -l0x0009 -removeonly
QuickTime-->MsiExec.exe /I{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}
Real Alternative 1.8.4-->"C:\Program Files\Real Alternative\unins000.exe"
Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" -l0x40c -removeonly
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
Realtek USB 2.0 Card Reader-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DC24971E-1946-445D-8A82-CE685433FA7D}\SETUP.exe" -l0x9 -removeonly
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Uninstall 1.0.0.1-->"C:\Program Files\Common Files\DVDVideoSoft\unins000.exe"
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
USB2.0 1.3M WebCam-->C:\Windows\StkUnist.exe
VLC media player 0.9.9-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{ED00D08A-3C5F-488D-93A0-A04F21F23956}
Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818}
Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
WinFlash-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DE10AB76-4756-4913-BE25-55D1C1051F9A}\setup.exe" -l0x9
Wireless Console 2-->C:\Program Files\InstallShield Installation Information\{83F73CB1-7705-49D1-9852-84D839CA2A45}\SETUP.exe -runfromtemp -l0x0009 -removeonly

======Security center information======

AS: Windows Defender

======System event log======

Computer Name: PC-de-mikael
Event Code: 4001
Message: Le Service d’autoconfiguration WLAN s’est arrêté correctement.

Record Number: 230110
Source Name: Microsoft-Windows-WLAN-AutoConfig
Time Written: 20100613221131.572800-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM

Computer Name: PC-de-mikael
Event Code: 15016
Message: Impossible d’initialiser le package de sécurité Kerberos pour l’authentification côté serveur. Le champ de données contient le numéro de l’erreur.
Record Number: 230122
Source Name: Microsoft-Windows-HttpEvent
Time Written: 20100614121234.227457-000
Event Type: Erreur
User:

Computer Name: PC-de-mikael
Event Code: 10010
Message: Le serveur {DC0C2640-1415-4644-875C-6F4D769839BA} ne s'est pas enregistré sur DCOM avant la fin du temps imparti.
Record Number: 230237
Source Name: Microsoft-Windows-DistributedCOM
Time Written: 20100614205037.000000-000
Event Type: Erreur
User:

Computer Name: PC-de-mikael
Event Code: 4001
Message: Le Service d’autoconfiguration WLAN s’est arrêté correctement.

Record Number: 230257
Source Name: Microsoft-Windows-WLAN-AutoConfig
Time Written: 20100614214002.159400-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM

Computer Name: PC-de-mikael
Event Code: 15016
Message: Impossible d’initialiser le package de sécurité Kerberos pour l’authentification côté serveur. Le champ de données contient le numéro de l’erreur.
Record Number: 230266
Source Name: Microsoft-Windows-HttpEvent
Time Written: 20100615054052.592262-000
Event Type: Erreur
User:

=====Application event log=====

Computer Name: PC-de-mikael
Event Code: 513
Message: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer.

Details:
AddWin32ServiceFiles: Unable to back up image of service getPlusHelper since QueryServiceConfig API failed

System Error:
Le fichier spécifié est introuvable.
.
Record Number: 49970
Source Name: Microsoft-Windows-CAPI2
Time Written: 20100613153554.000000-000
Event Type: Erreur
User:

Computer Name: PC-de-mikael
Event Code: 513
Message: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer.

Details:
AddWin32ServiceFiles: Unable to back up image of service getPlusHelper since QueryServiceConfig API failed

System Error:
Le fichier spécifié est introuvable.
.
Record Number: 49983
Source Name: Microsoft-Windows-CAPI2
Time Written: 20100613154716.000000-000
Event Type: Erreur
User:

Computer Name: PC-de-mikael
Event Code: 513
Message: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer.

Details:
AddWin32ServiceFiles: Unable to back up image of service getPlusHelper since QueryServiceConfig API failed

System Error:
Le fichier spécifié est introuvable.
.
Record Number: 50014
Source Name: Microsoft-Windows-CAPI2
Time Written: 20100614131844.000000-000
Event Type: Erreur
User:

Computer Name: PC-de-mikael
Event Code: 1530
Message: Windows a détecté que votre fichier de Registre est toujours utilisé par d'autres applications ou services. Le fichier va être déchargé. Les applications ou services qui ont accès à votre Registre risquent de ne pas fonctionner correctement après cela.

DÉTAIL -
2 user registry handles leaked from \Registry\User\S-1-5-21-1366163348-2319272844-2422959233-1000:
Process 4844 (\Device\HarddiskVolume2\Windows\System32\wuauclt.exe) has opened key \REGISTRY\USER\S-1-5-21-1366163348-2319272844-2422959233-1000
Process 4844 (\Device\HarddiskVolume2\Windows\System32\wuauclt.exe) has opened key \REGISTRY\USER\S-1-5-21-1366163348-2319272844-2422959233-1000\Software\Microsoft\Windows\CurrentVersion\Explorer

Record Number: 50021
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20100614213941.000000-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM

Computer Name: PC-de-mikael
Event Code: 513
Message: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer.

Details:
AddWin32ServiceFiles: Unable to back up image of service getPlusHelper since QueryServiceConfig API failed

System Error:
Le fichier spécifié est introuvable.
.
Record Number: 50039
Source Name: Microsoft-Windows-CAPI2
Time Written: 20100615072753.000000-000
Event Type: Erreur
User:

=====Security event log=====

Computer Name: PC-de-mikael
Event Code: 5024
Message: Le démarrage du service Pare-feu Windows s’est correctement déroulé.
Record Number: 52668
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091014032213.863467-000
Event Type: Succès de l'audit
User:

Computer Name: PC-de-mikael
Event Code: 5032
Message: Le Pare-feu Windows n’a pas pu notifier l’utilisateur qu’il a empêché une application d’accepter des connexions entrantes sur le réseau.

Code d’erreur : 2
Record Number: 52669
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091014032215.563867-000
Event Type: Échec de l'audit
User:

Computer Name: PC-de-mikael
Event Code: 4648
Message: Tentative d’ouverture de session en utilisant des informations d’identification explicites.

Sujet :
ID de sécurité : S-1-5-18
Nom du compte : PC-DE-MIKAEL$
Domaine du compte : WORKGROUP
ID d’ouverture de session : 0x3e7
GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}

Compte dont les informations d’identification ont été utilisées :
Nom du compte : SYSTEM
Domaine du compte : AUTORITE NT
GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}

Serveur cible :
Nom du serveur cible : localhost
Informations supplémentaires : localhost

Informations sur le processus :
ID du processus : 0x2b4
Nom du processus : C:\Windows\System32\services.exe

Informations sur le réseau :
Adresse du réseau : -
Port : -

Cet événement est généré lorsqu’un processus tente d’ouvrir une session pour un compte en spécifiant explicitement les informations d’identification de ce compte. Ceci se produit le plus souvent dans les configurations par lot comme les tâches planifiées, ou avec l’utilisation de la commande RUNAS.
Record Number: 52670
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091014032216.843067-000
Event Type: Succès de l'audit
User:

Computer Name: PC-de-mikael
Event Code: 4624
Message: L’ouverture de session d’un compte s’est correctement déroulée.

Sujet :
ID de sécurité : S-1-5-18
Nom du compte : PC-DE-MIKAEL$
Domaine du compte : WORKGROUP
ID d’ouverture de session : 0x3e7

Type d’ouverture de session : 5

Nouvelle ouverture de session :
ID de sécurité : S-1-5-18
Nom du compte : SYSTEM
Domaine du compte : AUTORITE NT
ID d’ouverture de session : 0x3e7
GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}

Informations sur le processus :
ID du processus : 0x2b4
Nom du processus : C:\Windows\System32\services.exe

Informations sur le réseau :
Nom de la station de travail :
Adresse du réseau source : -
Port source : -

Informations détaillées sur l’authentification :
Processus d’ouverture de session : Advapi
Package d’authentification : Negotiate
Services en transit : -
Nom du package (NTLM uniquement) : -
Longueur de la clé : 0

Cet événement est généré lors de la création d’une ouverture de session. Il est généré sur l’ordinateur sur lequel l’ouverture de session a été effectuée.

Le champ Objet indique le compte sur le système local qui a demandé l’ouverture de session. Il s’agit le plus souvent d’un service, comme le service Serveur, ou un processus local tel que Winlogon.exe ou Services.exe.

Le champ Type d’ouverture de session indique le type d’ouverture de session qui s’est produit. Les types les plus courants sont 2 (interactif) et 3 (réseau).

Le champ Nouvelle ouverture de session indique le compte pour lequel la nouvelle ouverture de session a été créée, par exemple, le compte qui s’est connecté.

Les champs relatifs au réseau indiquent la provenance d’une demande d’ouverture de session à distance. Le nom de la station de travail n’étant pas toujours disponible, peut être laissé vide dans certains cas.

Les champs relatifs aux informations d’authentification fournissent des détails sur cette demande d’ouverture de session spécifique.
- Le GUID d’ouverture de session est un identificateur unique pouvant servir à associer cet événement à un événement KDC .
- Les services en transit indiquent les services intermédiaires qui ont participé à cette demande d’ouverture de session.
- Nom du package indique quel est le sous-protocole qui a été utilisé parmi les protocoles NTLM.
- La longueur de la clé indique la longueur de la clé de session générée. Elle a la valeur 0 si aucune clé de session n’a été demandée.
Record Number: 52671
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091014032216.843067-000
Event Type: Succès de l'audit
User:

Computer Name: PC-de-mikael
Event Code: 4672
Message: Privilèges spéciaux attribués à la nouvelle ouverture de session.

Sujet :
ID de sécurité : S-1-5-18
Nom du compte : SYSTEM
Domaine du compte : AUTORITE NT
ID d’ouverture de session : 0x3e7

Privilèges : SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 52672
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091014032216.843067-000
Event Type: Succès de l'audit
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 104 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=6802
"NUMBER_OF_PROCESSORS"=2
"configsetroot"=%SystemRoot%\ConfigSetRoot
"asl.log"=Destination=file;OnFirstLog=command,environment
"CLASSPATH"=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
"QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip

-----------------EOF-----------------
elsass

Re: analise lente et pc ki ventile

par elsass »

Logfile of random's system information tool 1.07 (written by random/random)
Run by mikael at 2010-06-15 14:45:06
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
System drive C: has 27 GB (23%) free of 119 GB
Total RAM: 1919 MB (44% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:50:06, on 15/06/2010
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18470)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Windows\System32\ASUSTPE.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\ASScrPro.exe
C:\Program Files\PowerForPhone\PowerForPhone.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Users\mikael\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe
C:\Windows\System32\rundll32.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtblfs.exe
C:\Program Files\iTunes\iTunes.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Megaupload\Mega Manager\MegaManager.exe
C:\Users\mikael\Documents\My Downloads\RSIT.exe
C:\Program Files\trend micro\mikael.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://moteur.chat-land.org/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = socks=
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = plimus.com,www.plimus.com,regnow.com,www.regnow.com,;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [ASUSTPE] C:\Windows\system32\ASUSTPE.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\Windows\ASScrProlog.exe
O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\ASScrPro.exe
O4 - HKLM\..\Run: [PowerForPhone] C:\Program Files\PowerForPhone\PowerForPhone.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RestartNeroSetup] "C:\Users\mikael\AppData\Local\Temp\Nero Web\SetupXu.exe" MODE="update" STARTMODE="2" USERSEL="3" FAMILYNAME="Nero 7" RUNSETUPXU="1" UPGRADE="1"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: Outil de notification Live Search.lnk = C:\Users\mikael\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe
O8 - Extra context menu item: Ajouter à l'Anti-bannière - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Clavier &virtuel - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: Analyse des &liens - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O15 - Trusted Zone: *.chat-land.org
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe
O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (BthServ) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe
O23 - Service: @%SystemRoot%\system32\dhcpcsvc.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe
O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe
O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\emdmgmt.dll,-1000 (EMDMgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (Eventlog) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - Unknown owner - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: @C:\Program Files\NOS\bin\getPlus_Helper.dll,-101 (getPlusHelper) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-200 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe
O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe
O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netprof.dll,-246 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe
O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe
O23 - Service: @%SystemRoot%\system32\SLUINotify.dll,-103 (SLUINotify) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe
O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) - Syntek America Inc. - C:\Windows\System32\StkCSrv.exe
O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe
O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe
O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Windows Defender (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe
O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe

--
End of file - 22312 bytes

======Scheduled tasks folder======

C:\Windows\tasks\User_Feed_Synchronization-{785885E6-205B-40D4-B66B-9A8D1DED09A5}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
IEVkbdBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll [2009-10-20 68112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf00e119-21a3-4fd1-b178-3b8537e75c92}]
IeMonitorBho Class - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll [2009-12-01 108544]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-06-13 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}]
FilterBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll [2009-10-20 268816]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-12-12 4710400]
"ATKMEDIA"=C:\Program Files\ASUS\ATK Media\DMEDIA.EXE [2006-11-02 61440]
"ASUSTPE"=C:\Windows\system32\ASUSTPE.exe [2007-01-17 106496]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-03-01 857648]
"ASUS Camera ScreenSaver"=C:\Windows\ASScrProlog.exe [2008-05-22 37232]
"ASUS Screen Saver Protector"=C:\Windows\ASScrPro.exe [2008-05-22 33136]
"PowerForPhone"=C:\Program Files\PowerForPhone\PowerForPhone.exe [2007-06-26 778240]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"Skytel"=C:\Windows\Skytel.exe [2007-11-20 1826816]
"NvSvc"=C:\Windows\system32\nvsvc.dll [2007-05-14 86016]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2007-05-14 8429568]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2007-05-14 81920]
"RestartNeroSetup"=C:\Users\mikael\AppData\Local\Temp\Nero Web\SetupXu.exe MODE=update STARTMODE=2 USERSEL=3 FAMILYNAME=Nero 7 RUNSETUPXU=1 UPGRADE=1 []
"AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [2009-10-20 340456]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-03-17 421888]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2010-04-28 142120]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-01-11 246504]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-19 1233920]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952]
""= []
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2007-06-20 451872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2009-07-26 3883856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMusic FastStart]
C:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe [2010-03-04 2192672]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaOviSuite2]
C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe [2010-02-24 385928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2010-03-17 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Digimax Viewer 2.1.lnk]
C:\PROGRA~1\Samsung\DIGIMA~1.1\STIMGB~1.EXE /s []

C:\Users\mikael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Outil de notification Live Search.lnk - C:\Users\mikael\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
C:\Windows\system32\klogon.dll [2009-10-20 219664]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c87facd4-6874-11dd-9a5f-001fc6f314b8}]
shell\AutoRun\command - G:\AutoTransfer.exe


======List of files/folders created in the last 1 months======

2010-06-15 14:45:11 ----D---- C:\Program Files\trend micro
2010-06-15 14:45:06 ----D---- C:\rsit
2010-06-13 17:51:07 ----D---- C:\Program Files\JRE
2010-06-13 17:44:50 ----D---- C:\ProgramData\Sun
2010-06-13 17:44:35 ----D---- C:\Program Files\Common Files\Java
2010-06-13 17:40:59 ----A---- C:\Windows\system32\deploytk.dll
2010-06-13 17:40:57 ----A---- C:\Windows\system32\javaws.exe
2010-06-13 17:40:55 ----A---- C:\Windows\system32\javaw.exe
2010-06-13 17:40:53 ----A---- C:\Windows\system32\java.exe
2010-06-11 00:19:34 ----HD---- C:\Program Files\Temp
2010-06-10 20:28:36 ----D---- C:\Users\mikael\AppData\Roaming\Megaupload
2010-06-10 20:15:51 ----D---- C:\Program Files\Megaupload
2010-06-10 11:06:36 ----D---- C:\Program Files\iPod
2010-06-10 11:06:28 ----D---- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2010-06-10 11:06:28 ----D---- C:\Program Files\iTunes
2010-06-10 10:46:22 ----D---- C:\Program Files\QuickTime
2010-06-10 10:44:18 ----D---- C:\Program Files\Apple Software Update
2010-06-10 10:30:54 ----D---- C:\Program Files\Bonjour
2010-06-09 10:35:43 ----A---- C:\Windows\system32\atmfd.dll
2010-06-09 10:35:40 ----A---- C:\Windows\system32\atmlib.dll
2010-06-09 10:35:12 ----A---- C:\Windows\system32\asycfilt.dll
2010-06-09 10:32:12 ----A---- C:\Windows\system32\mshtml.dll
2010-06-09 10:32:11 ----A---- C:\Windows\system32\occache.dll
2010-06-09 10:32:09 ----A---- C:\Windows\system32\wininet.dll
2010-06-09 10:32:08 ----A---- C:\Windows\system32\urlmon.dll
2010-06-09 10:32:04 ----A---- C:\Windows\system32\ieframe.dll
2010-06-09 10:32:01 ----A---- C:\Windows\system32\ieapfltr.dll
2010-06-09 10:32:00 ----A---- C:\Windows\system32\mshtmled.dll
2010-06-09 10:31:59 ----A---- C:\Windows\system32\iertutil.dll
2010-06-09 10:31:58 ----A---- C:\Windows\system32\msfeeds.dll
2010-06-09 10:31:58 ----A---- C:\Windows\system32\iedkcs32.dll
2010-06-09 10:31:57 ----A---- C:\Windows\system32\iepeers.dll
2010-06-09 10:31:57 ----A---- C:\Windows\system32\ieaksie.dll
2010-06-09 10:31:55 ----A---- C:\Windows\system32\ieUnatt.exe
2010-06-09 10:31:53 ----A---- C:\Windows\system32\ieencode.dll
2010-06-09 10:31:50 ----A---- C:\Windows\system32\mstime.dll
2010-06-09 10:31:41 ----A---- C:\Windows\system32\jsproxy.dll
2010-06-09 10:31:17 ----A---- C:\Windows\system32\quartz.dll
2010-05-26 17:23:50 ----D---- C:\Users\mikael\AppData\Roaming\InstallShield
2010-05-26 17:21:39 ----A---- C:\Windows\STImgBrowser.INI
2010-05-26 17:03:58 ----A---- C:\Windows\MegaManager.INI
2010-05-26 12:06:31 ----D---- C:\Windows\pss
2010-05-26 12:00:54 ----A---- C:\Windows\system32\tzres.dll

======List of files/folders modified in the last 1 months======

2010-06-15 14:45:31 ----D---- C:\Windows\Prefetch
2010-06-15 14:45:11 ----RD---- C:\Program Files
2010-06-15 14:45:05 ----D---- C:\Windows\Temp
2010-06-15 09:29:00 ----SHD---- C:\System Volume Information
2010-06-15 07:44:08 ----D---- C:\ProgramData\Kaspersky Lab
2010-06-15 07:42:08 ----D---- C:\Windows\system32\drivers
2010-06-15 07:41:32 ----A---- C:\Windows\system32\acovcnt.exe
2010-06-13 18:08:59 ----SHD---- C:\Windows\Installer
2010-06-13 18:01:40 ----RSD---- C:\Windows\assembly
2010-06-13 17:53:17 ----RSD---- C:\Windows\Fonts
2010-06-13 17:50:48 ----D---- C:\Program Files\OpenOffice.org 3
2010-06-13 17:44:50 ----HD---- C:\ProgramData
2010-06-13 17:44:35 ----D---- C:\Program Files\Common Files
2010-06-13 17:40:59 ----D---- C:\Windows\System32
2010-06-13 17:37:23 ----D---- C:\Program Files\Java
2010-06-12 08:47:06 ----D---- C:\Windows
2010-06-11 13:07:27 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-06-11 13:07:26 ----D---- C:\Windows\inf
2010-06-11 00:30:16 ----D---- C:\Windows\system32\catroot
2010-06-10 20:30:10 ----SD---- C:\Windows\Downloaded Program Files
2010-06-10 20:15:45 ----HD---- C:\Program Files\InstallShield Installation Information
2010-06-10 11:06:32 ----D---- C:\Program Files\Common Files\Apple
2010-06-10 10:43:52 ----D---- C:\Windows\system32\Tasks
2010-06-10 09:28:24 ----D---- C:\Windows\Microsoft.NET
2010-06-10 09:22:03 ----D---- C:\Windows\winsxs
2010-06-10 08:59:49 ----D---- C:\Windows\system32\catroot2
2010-06-10 08:57:19 ----D---- C:\Windows\system32\wbem
2010-06-10 08:57:17 ----D---- C:\Program Files\Internet Explorer
2010-06-10 08:57:15 ----D---- C:\Program Files\Windows Mail
2010-06-09 23:26:22 ----D---- C:\Windows\Debug
2010-06-09 16:32:14 ----D---- C:\Program Files\Symantec
2010-05-28 21:37:34 ----A---- C:\Windows\system32\mrt.exe
2010-05-26 18:01:23 ----SD---- C:\Users\mikael\AppData\Roaming\Microsoft
2010-05-26 17:33:48 ----D---- C:\Program Files\Yahoo!
2010-05-26 17:32:45 ----D---- C:\Program Files\LG Electronics
2010-05-26 13:12:52 ----D---- C:\Windows\rescache
2010-05-26 12:23:30 ----D---- C:\Windows\system32\fr-FR
2010-05-21 14:14:28 ----N---- C:\Windows\system32\MpSigStub.exe
2010-05-16 10:48:49 ----D---- C:\Users\mikael\AppData\Roaming\Nokia

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2009-09-01 128016]
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2009-12-28 311312]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys [2009-11-03 21520]
R2 ASMMAP;ASMMAP; \??\C:\Program Files\ATKGFNEX\ASMMAP.sys [2007-07-24 13880]
R2 ghaio;ghaio; \??\C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys [2007-08-03 20936]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2007-07-31 743424]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-19 14208]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2009-05-18 26600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-12-12 2030488]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2007-01-24 5632]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\Windows\system32\DRIVERS\klmouflt.sys [2009-10-02 19472]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2006-12-14 7680]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2007-03-06 1059112]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-05-14 7115264]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2007-02-16 12032]
R3 RTSTOR;USB Mass Storage Device; C:\Windows\system32\drivers\RTSTOR.SYS [2007-11-10 57856]
R3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2006-11-02 1010560]
R3 StkCMini;Syntek AVStream USB2.0 1.3M WebCam; C:\Windows\System32\Drivers\StkCMini.sys [2007-06-06 1260672]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-03-01 182456]
S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2006-11-02 19456]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2006-11-02 92160]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2006-11-02 220160]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2006-11-02 29184]
S3 CrystalSysInfo;CrystalSysInfo; \??\C:\Program Files\MediaCoder\SysInfo.sys []
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MODEMCSA;Périphérique de filtrage de flux Unimodem; C:\Windows\system32\drivers\MODEMCSA.sys [2008-01-19 18432]
S3 motmodem;Motorola USB CDC ACM Driver; C:\Windows\system32\DRIVERS\motmodem.sys [2007-02-27 21504]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 NETw3v32;Intel(R) PRO/Wireless 3945BG Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-11-02 1781760]
S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmb.sys [2010-01-21 18048]
S3 nmwcdc;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbo.sys [2009-12-30 22016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2006-11-02 49664]
S3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2006-11-02 44544]
S3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2006-11-02 41064]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2009-12-30 7936]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2008-10-01 32000]
S3 usbbus;LGE Mobile Composite USB Device; C:\Windows\system32\DRIVERS\lgusbbus.sys []
S3 UsbDiag;LGE Mobile USB Serial Port; C:\Windows\system32\DRIVERS\lgusbdiag.sys []
S3 USBModem;LGE Mobile USB Modem; C:\Windows\system32\DRIVERS\lgusbmodem.sys []
S3 usbser;USB Modem Driver; C:\Windows\system32\DRIVERS\usbser.sys [2008-01-19 28160]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-19 39936]
S4 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2006-11-02 82432]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-04-16 144672]
R2 ASLDRService;ASLDR Service; C:\Program Files\ATK Hotkey\ASLDRSrv.exe [2007-02-06 94208]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
R2 AVP;Kaspersky Internet Security; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [2009-10-20 340456]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2010-04-08 345376]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 FTRTSVC;France Telecom Routing Table Service; C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe [2007-09-25 65536]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-06-28 79136]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-07-20 935208]
R2 spmgr;spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [2007-08-03 125496]
R2 StkSSrv;Syntek AVStream USB2.0 WebCam Service; C:\Windows\System32\StkCSrv.exe [2007-04-19 24576]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2010-04-28 545576]
S3 getPlusHelper;@C:\Program Files\NOS\bin\getPlus_Helper.dll,-101; C:\Windows\System32\svchost.exe [2008-01-19 21504]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe []
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-01-26 652800]

-----------------EOF-----------------
SkyTech

Re: analise lente et pc ki ventile

par SkyTech »

Salut,

Désinstalle via Programmes & fonctionnalités du Panneau de configuration :
  • Advertising Center
    Bonjour
    Les programmes Orange
---

Relance HijackThis (clic droit dessus, Exécuter en tant qu'administrateur), coche ces lignes en rouge et clic sur Fix checked.

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://moteur.chat-land.org/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = socks=
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = plimus.com,www.plimus.com,regnow.com,www.regnow.com,;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [PowerForPhone] C:\Program Files\PowerForPhone\PowerForPhone.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RestartNeroSetup] "C:\Users\mikael\AppData\Local\Temp\Nero Web\SetupXu.exe" MODE="update" STARTMODE="2" USERSEL="3" FAMILYNAME="Nero 7" RUNSETUPXU="1" UPGRADE="1"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: Outil de notification Live Search.lnk = C:\Users\mikael\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe
O15 - Trusted Zone: *.chat-land.org


Si pas l'utilité au démarrage, fix aussi :
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [ASUSTPE] C:\Windows\system32\ASUSTPE.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\Windows\ASScrProlog.exe
O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\ASScrPro.exe
---

Utilise cette astuce : http://forum.malekal.com/executer-dans- ... tml#p64205

Et :

Menu démarrer, exécuter, tape services.msc, entrée

Dans la fenêtre qui s'ouvre cherche :

LightScribeService Direct Disc Labeling Service
NMIndexingService
spmgr


Double clique dessus, dans type de démarrage mets Désactivé.

Redémarre

---

Ton Windows n'est pas à jour, il contient des failles de sécurités, les virus passent par ces failles pour infecter ton ordinateur.
Ton Windows est donc vulnérable.

Installe le SP2 : http://www.microsoft.com/downloads/deta ... c3199ea2b3

Installe IE8 : http://www.microsoft.com/downloads/deta ... e0f1dd84d1

Redémarre à nouveau et poste un nouveau rapport RSIT.
elsass

Re: analise lente et pc ki ventile

par elsass »

Sous Seven, clic droit sur RSIT, Propriété :

c est quoi seven ? désolé suis une brele en pc ....
j ai viré prog bonjour , mais les 2 autres je trouve pas c est quoi éxactement orange ? pour le portable nokia ?
et l autre n apparait pas dans la liste ...
merci
SkyTech

Re: analise lente et pc ki ventile

par SkyTech »

Re,
elsass a écrit :Sous Seven, clic droit sur RSIT, Propriété :

c est quoi seven ?
Comme tu es sous Windows Vista, ne t'en occupe pas.

Seven c'est : http://fr.wikipedia.org/wiki/Windows_7
elsass a écrit :mais les 2 autres je trouve pas c est quoi éxactement orange ?
Laisse si ça n'apparait pas, on va le virer après.

Au passage :

Java est pas à jour, il contient des failles de sécurités, installe la dernière version : http://www.java.com/fr/download/installed.jsp
elsass

Re: analise lente et pc ki ventile

par elsass »

salut ,

Relance HijackThis (clic droit dessus, Exécuter en tant qu'administrateur), coche ces lignes en rouge et clic sur Fix checked.

je l ai fait sa me fait direct un scan pui le document log txt , mais avant sa je ne peut rien cocher de ce que tu ma dit....

et en cliquant droit sur RSIT je n arrive pas a trouvé vista dans la liste....
elsass

Re: analise lente et pc ki ventile

par elsass »

le lien pour IE8 ne marche pas quand je clique dessus....
l autre j ai installé ..
SkyTech

Re: analise lente et pc ki ventile

par SkyTech »

Salut,

Effectivement je me suis un peu trompé dans mes canneds :/
elsass a écrit :Relance HijackThis (clic droit dessus, Exécuter en tant qu'administrateur), coche ces lignes en rouge et clic sur Fix checked.

je l ai fait sa me fait direct un scan pui le document log txt , mais avant sa je ne peut rien cocher de ce que tu ma dit....
Lance HijackThis : C:\Program Files\trend micro\mikael.exe (clic droit dessus, Exécuter en tant qu'administrateur),
Do a system scan only,
Coche ces lignes en rouge et clic sur Fix checked.
et en cliquant droit sur RSIT je n arrive pas a trouvé vista dans la liste....
Normal tu es déjà sous Vista, c'est la manip pour Seven ;)
elsass a écrit :le lien pour IE8 ne marche pas quand je clique dessus....
l autre j ai installé ..
Exact, c'est corrigé.
elsass

Re: analise lente et pc ki ventile

par elsass »

voila j ai pu tout faire et redémarré , par contre IE8 obligé ? je préfere firefox....


je te poste les rapports :

Logfile of random's system information tool 1.07 (written by random/random)
Run by mikael at 2010-06-16 19:15:52
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2
System drive C: has 43 GB (36%) free of 119 GB
Total RAM: 1919 MB (50% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:22:29, on 16/06/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtblfs.exe
C:\Users\mikael\Desktop\RSIT.exe
C:\Program Files\trend micro\mikael.exe
C:\Windows\system32\WerCon.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: Ajouter à l'Anti-bannière - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Clavier &virtuel - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: Analyse des &liens - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe
O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (BthServ) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe
O23 - Service: @%SystemRoot%\system32\dhcpcsvc.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe
O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe
O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\emdmgmt.dll,-1000 (EMDMgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (Eventlog) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - Unknown owner - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: @C:\Program Files\NOS\bin\getPlus_Helper.dll,-101 (getPlusHelper) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-200 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe
O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe
O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netprof.dll,-246 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe
O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe
O23 - Service: @%SystemRoot%\system32\SLUINotify.dll,-103 (SLUINotify) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe
O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) - Syntek America Inc. - C:\Windows\System32\StkCSrv.exe
O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe
O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe
O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Windows Defender (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe
O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe

--
End of file - 17922 bytes

======Scheduled tasks folder======

C:\Windows\tasks\User_Feed_Synchronization-{785885E6-205B-40D4-B66B-9A8D1DED09A5}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf00e119-21a3-4fd1-b178-3b8537e75c92}]
IeMonitorBho Class - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll [2009-12-01 108544]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-06-16 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}]
FilterBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll [2009-10-20 268816]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [2009-10-20 340456]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-10 1233920]
""= []
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2007-06-20 451872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2009-07-26 3883856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMusic FastStart]
C:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe [2010-03-04 2192672]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaOviSuite2]
C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe [2010-02-24 385928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2010-03-17 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Digimax Viewer 2.1.lnk]
C:\PROGRA~1\Samsung\DIGIMA~1.1\STIMGB~1.EXE /s []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
C:\Windows\system32\klogon.dll [2009-10-20 219664]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppInfo]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BFE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\bowser]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dfsc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dot3Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Eaphost]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\IKEEXT]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\KeyIso]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSDrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb10]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb20]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NativeWifiP]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\netprofm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NlaSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Nsi]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nsiproxy.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NTDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PolicyAgent]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ProfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdbss]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdpencdd.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sacsvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCardSvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SWPRV]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TabletInputService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TBS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TrustedInstaller]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgr.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgrx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wlansvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=
"BindDirectlyToPropertySetStorage"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c87facd4-6874-11dd-9a5f-001fc6f314b8}]
shell\AutoRun\command - G:\AutoTransfer.exe
elsass

Re: analise lente et pc ki ventile

par elsass »

suite rapport :

======List of files/folders created in the last 1 months======

2010-06-16 14:36:42 ----D---- C:\Windows\system32\eu-ES
2010-06-16 14:36:42 ----D---- C:\Windows\system32\ca-ES
2010-06-16 14:36:40 ----D---- C:\Windows\system32\vi-VN
2010-06-16 14:19:33 ----D---- C:\Windows\system32\SPReview
2010-06-16 13:14:00 ----A---- C:\Windows\system32\scavenge.dll
2010-06-16 13:13:21 ----A---- C:\Windows\system32\compcln.exe
2010-06-16 13:09:43 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2010-06-16 13:09:43 ----A---- C:\Windows\system32\SearchFilterHost.exe
2010-06-16 13:09:42 ----A---- C:\Windows\system32\SearchIndexer.exe
2010-06-16 13:09:41 ----A---- C:\Windows\system32\sdohlp.dll
2010-06-16 13:09:41 ----A---- C:\Windows\system32\sdclt.exe
2010-06-16 13:09:39 ----A---- C:\Windows\system32\rsaenh.dll
2010-06-16 13:09:38 ----A---- C:\Windows\system32\samlib.dll
2010-06-16 13:09:38 ----A---- C:\Windows\system32\rtutils.dll
2010-06-16 13:09:38 ----A---- C:\Windows\system32\rtffilt.dll
2010-06-16 13:09:37 ----A---- C:\Windows\system32\riched20.dll
2010-06-16 13:09:35 ----A---- C:\Windows\system32\rpcss.dll
2010-06-16 13:09:34 ----A---- C:\Windows\system32\rpchttp.dll
2010-06-16 13:09:33 ----A---- C:\Windows\system32\scrrun.dll
2010-06-16 13:09:32 ----A---- C:\Windows\system32\SCardSvr.dll
2010-06-16 13:09:32 ----A---- C:\Windows\system32\scansetting.dll
2010-06-16 13:09:32 ----A---- C:\Windows\system32\samsrv.dll
2010-06-16 13:09:31 ----A---- C:\Windows\system32\scksp.dll
2010-06-16 13:09:31 ----A---- C:\Windows\system32\schedsvc.dll
2010-06-16 13:09:30 ----A---- C:\Windows\system32\scrobj.dll
2010-06-16 13:09:30 ----A---- C:\Windows\system32\scesrv.dll
2010-06-16 13:09:30 ----A---- C:\Windows\system32\scecli.dll
2010-06-16 13:09:24 ----A---- C:\Windows\system32\pdh.dll
2010-06-16 13:09:22 ----A---- C:\Windows\system32\perfdisk.dll
2010-06-16 13:09:22 ----A---- C:\Windows\system32\PerfCenterCPL.dll
2010-06-16 13:09:22 ----A---- C:\Windows\system32\p2psvc.dll
2010-06-16 13:09:22 ----A---- C:\Windows\system32\P2PGraph.dll
2010-06-16 13:09:21 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2010-06-16 13:09:21 ----A---- C:\Windows\system32\PNPXAssoc.dll
2010-06-16 13:09:21 ----A---- C:\Windows\system32\PnPutil.exe
2010-06-16 13:09:21 ----A---- C:\Windows\system32\PnPUnattend.exe
2010-06-16 13:09:21 ----A---- C:\Windows\system32\pnpui.dll
2010-06-16 13:09:21 ----A---- C:\Windows\system32\pnpsetup.dll
2010-06-16 13:09:21 ----A---- C:\Windows\system32\pnidui.dll
2010-06-16 13:09:21 ----A---- C:\Windows\system32\pcaui.dll
2010-06-16 13:09:20 ----A---- C:\Windows\system32\powercpl.dll
2010-06-16 13:09:20 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2010-06-16 13:09:20 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2010-06-16 13:09:20 ----A---- C:\Windows\system32\photowiz.dll
2010-06-16 13:09:19 ----A---- C:\Windows\system32\pidgenx.dll
2010-06-16 13:09:19 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2010-06-16 13:09:18 ----A---- C:\Windows\system32\PkgMgr.exe
2010-06-16 13:09:17 ----A---- C:\Windows\system32\ntdll.dll
2010-06-16 13:09:17 ----A---- C:\Windows\system32\nslookup.exe
2010-06-16 13:09:15 ----A---- C:\Windows\system32\NlsLexicons0009.dll
2010-06-16 13:09:13 ----A---- C:\Windows\system32\NlsLexicons0007.dll
2010-06-16 13:09:12 ----A---- C:\Windows\system32\oleaut32.dll
2010-06-16 13:09:12 ----A---- C:\Windows\system32\offfilt.dll
2010-06-16 13:09:12 ----A---- C:\Windows\system32\nlhtml.dll
2010-06-16 13:09:11 ----A---- C:\Windows\system32\onex.dll
2010-06-16 13:09:11 ----A---- C:\Windows\system32\ole32.dll
2010-06-16 13:09:11 ----A---- C:\Windows\system32\odbccp32.dll
2010-06-16 13:09:11 ----A---- C:\Windows\system32\odbcconf.dll
2010-06-16 13:09:11 ----A---- C:\Windows\system32\odbc32.dll
2010-06-16 13:09:10 ----A---- C:\Windows\system32\osk.exe
2010-06-16 13:09:10 ----A---- C:\Windows\system32\oobefldr.dll
2010-06-16 13:09:10 ----A---- C:\Windows\system32\olepro32.dll
2010-06-16 13:09:10 ----A---- C:\Windows\system32\oleprn.dll
2010-06-16 13:09:09 ----A---- C:\Windows\system32\ocsetup.exe
2010-06-16 13:09:09 ----A---- C:\Windows\system32\occache.dll
2010-06-16 13:09:09 ----A---- C:\Windows\system32\ntprint.dll
2010-06-16 13:09:09 ----A---- C:\Windows\system32\ntmarta.dll
2010-06-16 13:09:08 ----A---- C:\Windows\system32\rasdlg.dll
2010-06-16 13:09:07 ----A---- C:\Windows\system32\rasmontr.dll
2010-06-16 13:09:07 ----A---- C:\Windows\system32\rasmans.dll
2010-06-16 13:09:07 ----A---- C:\Windows\system32\rasgcw.dll
2010-06-16 13:09:07 ----A---- C:\Windows\system32\rasdial.exe
2010-06-16 13:09:07 ----A---- C:\Windows\system32\rasdiag.dll
2010-06-16 13:09:07 ----A---- C:\Windows\system32\rasapi32.dll
2010-06-16 13:09:06 ----A---- C:\Windows\system32\rastapi.dll
2010-06-16 13:09:06 ----A---- C:\Windows\system32\rasppp.dll
2010-06-16 13:09:06 ----A---- C:\Windows\system32\rasplap.dll
2010-06-16 13:09:06 ----A---- C:\Windows\system32\raschap.dll
2010-06-16 13:09:06 ----A---- C:\Windows\system32\Query.dll
2010-06-16 13:09:05 ----A---- C:\Windows\system32\regsvc.dll
2010-06-16 13:09:05 ----A---- C:\Windows\system32\RacEngn.dll
2010-06-16 13:09:05 ----A---- C:\Windows\system32\qmgr.dll
2010-06-16 13:09:05 ----A---- C:\Windows\system32\qedit.dll
2010-06-16 13:09:04 ----A---- C:\Windows\system32\RelMon.dll
2010-06-16 13:09:04 ----A---- C:\Windows\system32\rekeywiz.exe
2010-06-16 13:09:04 ----A---- C:\Windows\system32\rdpencom.dll
2010-06-16 13:09:03 ----A---- C:\Windows\system32\regapi.dll
2010-06-16 13:09:03 ----A---- C:\Windows\system32\reg.exe
2010-06-16 13:09:03 ----A---- C:\Windows\system32\rdpwsx.dll
2010-06-16 13:09:03 ----A---- C:\Windows\system32\PresentationSettings.exe
2010-06-16 13:09:03 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2010-06-16 13:09:03 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2010-06-16 13:09:03 ----A---- C:\Windows\system32\PresentationHost.exe
2010-06-16 13:09:02 ----A---- C:\Windows\system32\prnntfy.dll
2010-06-16 13:09:02 ----A---- C:\Windows\system32\printui.dll
2010-06-16 13:09:02 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2010-06-16 13:09:02 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2010-06-16 13:09:01 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2010-06-16 13:09:01 ----A---- C:\Windows\system32\powrprof.dll
2010-06-16 13:08:59 ----A---- C:\Windows\system32\puiapi.dll
2010-06-16 13:08:58 ----A---- C:\Windows\system32\qdvd.dll
2010-06-16 13:08:58 ----A---- C:\Windows\system32\QAGENTRT.DLL
2010-06-16 13:08:58 ----A---- C:\Windows\system32\propdefs.dll
2010-06-16 13:08:58 ----A---- C:\Windows\system32\profsvc.dll
2010-06-16 13:08:57 ----A---- C:\Windows\system32\psisdecd.dll
2010-06-16 13:08:57 ----A---- C:\Windows\system32\PSHED.DLL
2010-06-16 13:08:57 ----A---- C:\Windows\system32\propsys.dll
2010-06-16 13:08:50 ----A---- C:\Windows\system32\sendmail.dll
2010-06-16 13:08:48 ----A---- C:\Windows\system32\shell32.dll
2010-06-16 13:08:47 ----A---- C:\Windows\system32\shlwapi.dll
2010-06-16 13:08:47 ----A---- C:\Windows\system32\shdocvw.dll
2010-06-16 13:08:46 ----A---- C:\Windows\system32\sethc.exe
2010-06-16 13:08:46 ----A---- C:\Windows\system32\services.exe
2010-06-16 13:08:45 ----A---- C:\Windows\system32\setupapi.dll
2010-06-16 13:08:23 ----A---- C:\Windows\system32\eapphost.dll
2010-06-16 13:08:23 ----A---- C:\Windows\system32\eappgnui.dll
2010-06-16 13:08:21 ----A---- C:\Windows\system32\eappcfg.dll
2010-06-16 13:08:21 ----A---- C:\Windows\system32\eapp3hst.dll
2010-06-16 13:08:20 ----A---- C:\Windows\system32\EhStorAPI.dll
2010-06-16 13:08:19 ----A---- C:\Windows\system32\dsprop.dll
2010-06-16 13:08:19 ----A---- C:\Windows\system32\dsound.dll
2010-06-16 13:08:18 ----A---- C:\Windows\system32\ExplorerFrame.dll
2010-06-16 13:08:18 ----A---- C:\Windows\system32\evr.dll
2010-06-16 13:08:18 ----A---- C:\Windows\system32\eudcedit.exe
2010-06-16 13:08:18 ----A---- C:\Windows\system32\dwm.exe
2010-06-16 13:08:17 ----A---- C:\Windows\system32\f3ahvoas.dll
2010-06-16 13:08:17 ----A---- C:\Windows\system32\extmgr.dll
2010-06-16 13:08:17 ----A---- C:\Windows\system32\esent.dll
2010-06-16 13:08:17 ----A---- C:\Windows\explorer.exe
2010-06-16 13:08:16 ----A---- C:\Windows\system32\es.dll
2010-06-16 13:08:16 ----A---- C:\Windows\system32\EncDec.dll
2010-06-16 13:08:16 ----A---- C:\Windows\system32\emdmgmt.dll
2010-06-16 13:08:16 ----A---- C:\Windows\system32\EhStorShell.dll
2010-06-16 13:08:16 ----A---- C:\Windows\system32\EhStorPwdMgr.dll
2010-06-16 13:08:16 ----A---- C:\Windows\system32\EhStorAuthn.dll
2010-06-16 13:08:15 ----A---- C:\Windows\system32\diskraid.exe
2010-06-16 13:08:15 ----A---- C:\Windows\system32\diskpart.exe
2010-06-16 13:08:15 ----A---- C:\Windows\system32\dimsroam.dll
2010-06-16 13:08:15 ----A---- C:\Windows\system32\diagperf.dll
2010-06-16 13:08:15 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2010-06-16 13:08:14 ----A---- C:\Windows\system32\dfsr.exe
2010-06-16 13:08:14 ----A---- C:\Windows\system32\dfshim.dll
2010-06-16 13:08:13 ----A---- C:\Windows\system32\dhcpcsvc.dll
2010-06-16 13:08:13 ----A---- C:\Windows\system32\devmgr.dll
2010-06-16 13:08:12 ----A---- C:\Windows\system32\dpapimig.exe
2010-06-16 13:08:12 ----A---- C:\Windows\system32\dot3cfg.dll
2010-06-16 13:08:11 ----A---- C:\Windows\system32\drvstore.dll
2010-06-16 13:08:11 ----A---- C:\Windows\system32\drvinst.exe
2010-06-16 13:08:11 ----A---- C:\Windows\system32\drmv2clt.dll
2010-06-16 13:08:11 ----A---- C:\Windows\system32\drmmgrtn.dll
2010-06-16 13:08:11 ----A---- C:\Windows\system32\dot3svc.dll
2010-06-16 13:08:11 ----A---- C:\Windows\system32\dot3msm.dll
2010-06-16 13:08:10 ----A---- C:\Windows\system32\dnsrslvr.dll
2010-06-16 13:08:10 ----A---- C:\Windows\system32\dnsapi.dll
2010-06-16 13:08:10 ----A---- C:\Windows\system32\dmusic.dll
2010-06-16 13:08:10 ----A---- C:\Windows\system32\dmsynth.dll
2010-06-16 13:08:09 ----A---- C:\Windows\system32\hbaapi.dll
2010-06-16 13:08:09 ----A---- C:\Windows\system32\gpresult.exe
2010-06-16 13:08:08 ----A---- C:\Windows\system32\iashlpr.dll
2010-06-16 13:08:08 ----A---- C:\Windows\system32\iasdatastore.dll
2010-06-16 13:08:08 ----A---- C:\Windows\system32\iasads.dll
2010-06-16 13:08:08 ----A---- C:\Windows\system32\iasacct.dll
2010-06-16 13:08:08 ----A---- C:\Windows\system32\gpupdate.exe
2010-06-16 13:08:08 ----A---- C:\Windows\system32\gpsvc.dll
2010-06-16 13:08:07 ----A---- C:\Windows\system32\iasnap.dll
2010-06-16 13:08:07 ----A---- C:\Windows\system32\IasMigReader.exe
2010-06-16 13:08:07 ----A---- C:\Windows\system32\IasMigPlugin.dll
2010-06-16 13:08:06 ----A---- C:\Windows\system32\hidserv.dll
2010-06-16 13:08:06 ----A---- C:\Windows\system32\hdwwiz.exe
2010-06-16 13:08:05 ----A---- C:\Windows\system32\fontext.dll
2010-06-16 13:08:05 ----A---- C:\Windows\system32\findstr.exe
2010-06-16 13:08:04 ----A---- C:\Windows\system32\feclient.dll
2010-06-16 13:08:04 ----A---- C:\Windows\system32\fdWSD.dll
2010-06-16 13:08:04 ----A---- C:\Windows\system32\fdWCN.dll
2010-06-16 13:08:04 ----A---- C:\Windows\system32\fdSSDP.dll
2010-06-16 13:08:04 ----A---- C:\Windows\system32\fdBthProxy.dll
2010-06-16 13:08:04 ----A---- C:\Windows\system32\fdBth.dll
2010-06-16 13:08:04 ----A---- C:\Windows\system32\fc.exe
2010-06-16 13:08:04 ----A---- C:\Windows\system32\Faultrep.dll
2010-06-16 13:08:03 ----A---- C:\Windows\system32\gpapi.dll
2010-06-16 13:08:03 ----A---- C:\Windows\system32\gdi32.dll
2010-06-16 13:08:03 ----A---- C:\Windows\system32\fdProxy.dll
2010-06-16 13:08:03 ----A---- C:\Windows\system32\fdeploy.dll
2010-06-16 13:08:02 ----A---- C:\Windows\system32\gpedit.dll
2010-06-16 13:08:01 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2010-06-16 13:08:01 ----A---- C:\Windows\system32\fundisc.dll
2010-06-16 13:08:01 ----A---- C:\Windows\system32\FunctionDiscoveryFolder.dll
2010-06-16 13:08:01 ----A---- C:\Windows\system32\ftp.exe
2010-06-16 13:08:00 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2010-06-16 13:08:00 ----A---- C:\Windows\system32\authui.dll
2010-06-16 13:08:00 ----A---- C:\Windows\system32\audiosrv.dll
2010-06-16 13:08:00 ----A---- C:\Windows\system32\AudioSes.dll
2010-06-16 13:07:59 ----A---- C:\Windows\system32\AuxiliaryDisplayServices.dll
2010-06-16 13:07:59 ----A---- C:\Windows\system32\AuxiliaryDisplayDriverLib.dll
2010-06-16 13:07:59 ----A---- C:\Windows\system32\AuxiliaryDisplayCpl.dll
2010-06-16 13:07:59 ----A---- C:\Windows\system32\autoplay.dll
2010-06-16 13:07:59 ----A---- C:\Windows\system32\autofmt.exe
2010-06-16 13:07:59 ----A---- C:\Windows\system32\autoconv.exe
2010-06-16 13:07:59 ----A---- C:\Windows\system32\autochk.exe
2010-06-16 13:07:59 ----A---- C:\Windows\system32\authz.dll
2010-06-16 13:07:59 ----A---- C:\Windows\system32\audiodg.exe
2010-06-16 13:07:51 ----A---- C:\Windows\system32\brcpl.dll
2010-06-16 13:07:50 ----A---- C:\Windows\system32\bthci.dll
2010-06-16 13:07:50 ----A---- C:\Windows\system32\browseui.dll
2010-06-16 13:07:50 ----A---- C:\Windows\system32\basecsp.dll
2010-06-16 13:07:49 ----A---- C:\Windows\system32\blackbox.dll
2010-06-16 13:07:49 ----A---- C:\Windows\system32\bitsigd.dll
2010-06-16 13:07:49 ----A---- C:\Windows\system32\BFE.DLL
2010-06-16 13:07:49 ----A---- C:\Windows\system32\bcrypt.dll
2010-06-16 13:07:49 ----A---- C:\Windows\system32\azroles.dll
2010-06-16 13:07:48 ----A---- C:\Windows\system32\accessibilitycpl.dll
2010-06-16 13:07:46 ----A---- C:\Windows\system32\apphelp.dll
2010-06-16 13:07:46 ----A---- C:\Windows\system32\apds.dll
2010-06-16 13:07:45 ----A---- C:\Windows\system32\adsmsext.dll
2010-06-16 13:07:45 ----A---- C:\Windows\system32\adsldpc.dll
2010-06-16 13:07:44 ----A---- C:\Windows\system32\conime.exe
2010-06-16 13:07:44 ----A---- C:\Windows\system32\comuid.dll
2010-06-16 13:07:44 ----A---- C:\Windows\system32\comsvcs.dll
2010-06-16 13:07:44 ----A---- C:\Windows\system32\advapi32.dll
2010-06-16 13:07:44 ----A---- C:\Windows\system32\adtschema.dll
2010-06-16 13:07:43 ----A---- C:\Windows\system32\crypt32.dll
2010-06-16 13:07:43 ----A---- C:\Windows\system32\credui.dll
2010-06-16 13:07:43 ----A---- C:\Windows\system32\connect.dll
2010-06-16 13:07:42 ----A---- C:\Windows\system32\dbgeng.dll
2010-06-16 13:07:42 ----A---- C:\Windows\system32\davclnt.dll
2010-06-16 13:07:42 ----A---- C:\Windows\system32\comdlg32.dll
2010-06-16 13:07:42 ----A---- C:\Windows\system32\cmmon32.exe
2010-06-16 13:07:42 ----A---- C:\Windows\system32\cmdial32.dll
2010-06-16 13:07:41 ----A---- C:\Windows\system32\DevicePairingWizard.exe
2010-06-16 13:07:41 ----A---- C:\Windows\system32\DevicePairingProxy.dll
2010-06-16 13:07:41 ----A---- C:\Windows\system32\DevicePairing.dll
2010-06-16 13:07:41 ----A---- C:\Windows\system32\DeviceEject.exe
2010-06-16 13:07:41 ----A---- C:\Windows\system32\dataclen.dll
2010-06-16 13:07:41 ----A---- C:\Windows\system32\d3d9.dll
2010-06-16 13:07:41 ----A---- C:\Windows\system32\cscdll.dll
2010-06-16 13:07:41 ----A---- C:\Windows\system32\cscapi.dll
2010-06-16 13:07:40 ----A---- C:\Windows\system32\csrstub.exe
2010-06-16 13:07:40 ----A---- C:\Windows\system32\cscript.exe
2010-06-16 13:07:40 ----A---- C:\Windows\system32\cryptui.dll
2010-06-16 13:07:40 ----A---- C:\Windows\system32\cryptsvc.dll
2010-06-16 13:07:39 ----A---- C:\Windows\system32\certmgr.dll
2010-06-16 13:07:39 ----A---- C:\Windows\system32\certcli.dll
2010-06-16 13:07:39 ----A---- C:\Windows\system32\cdd.dll
2010-06-16 13:07:38 ----A---- C:\Windows\system32\CertEnrollUI.dll
2010-06-16 13:07:38 ----A---- C:\Windows\system32\CertEnroll.dll
2010-06-16 13:07:38 ----A---- C:\Windows\system32\bthudtask.exe
2010-06-16 13:07:38 ----A---- C:\Windows\system32\bthserv.dll
2010-06-16 13:07:37 ----A---- C:\Windows\system32\cbsra.exe
2010-06-16 13:07:36 ----A---- C:\Windows\system32\cipher.exe
2010-06-16 13:07:36 ----A---- C:\Windows\system32\ci.dll
2010-06-16 13:07:35 ----A---- C:\Windows\system32\CHxReadingStringIME.dll
2010-06-16 13:07:35 ----A---- C:\Windows\system32\chsbrkr.dll
2010-06-16 13:07:34 ----A---- C:\Windows\system32\chtbrkr.dll
2010-06-16 13:07:33 ----A---- C:\Windows\system32\certreq.exe
2010-06-16 13:07:33 ----A---- C:\Windows\system32\certprop.dll
2010-06-16 13:07:32 ----A---- C:\Windows\system32\certutil.exe
2010-06-16 13:07:31 ----A---- C:\Windows\system32\msftedit.dll
2010-06-16 13:07:31 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-06-16 13:07:31 ----A---- C:\Windows\system32\msfeeds.dll
2010-06-16 13:07:30 ----A---- C:\Windows\system32\msihnd.dll
2010-06-16 13:07:30 ----A---- C:\Windows\system32\msiexec.exe
2010-06-16 13:07:30 ----A---- C:\Windows\system32\msexcl40.dll
2010-06-16 13:07:30 ----A---- C:\Windows\system32\msexch40.dll
2010-06-16 13:07:30 ----A---- C:\Windows\system32\msdtctm.dll
2010-06-16 13:07:28 ----A---- C:\Windows\system32\msi.dll
2010-06-16 13:07:27 ----A---- C:\Windows\system32\msdtcprx.dll
2010-06-16 13:07:27 ----A---- C:\Windows\system32\msctfui.dll
2010-06-16 13:07:27 ----A---- C:\Windows\system32\MsCtfMonitor.dll
2010-06-16 13:07:27 ----A---- C:\Windows\system32\msctf.dll
2010-06-16 13:07:26 ----A---- C:\Windows\system32\msctfp.dll
2010-06-16 13:07:25 ----A---- C:\Windows\system32\msimsg.dll
2010-06-16 13:07:24 ----A---- C:\Windows\system32\MPSSVC.dll
2010-06-16 13:07:24 ----A---- C:\Windows\system32\mprapi.dll
2010-06-16 13:07:24 ----A---- C:\Windows\system32\mpr.dll
2010-06-16 13:07:23 ----A---- C:\Windows\system32\MMDevAPI.dll
2010-06-16 13:07:22 ----A---- C:\Windows\system32\modemui.dll
2010-06-16 13:07:21 ----A---- C:\Windows\system32\mscms.dll
2010-06-16 13:07:21 ----A---- C:\Windows\system32\mscandui.dll
2010-06-16 13:07:20 ----A---- C:\Windows\system32\mscories.dll
2010-06-16 13:07:20 ----A---- C:\Windows\system32\mscorier.dll
2010-06-16 13:07:20 ----A---- C:\Windows\system32\mscoree.dll
2010-06-16 13:07:19 ----A---- C:\Windows\system32\netapi32.dll
2010-06-16 13:07:18 ----A---- C:\Windows\system32\netplwiz.dll
2010-06-16 13:07:18 ----A---- C:\Windows\system32\netcenter.dll
2010-06-16 13:07:18 ----A---- C:\Windows\system32\ncryptui.dll
2010-06-16 13:07:18 ----A---- C:\Windows\system32\ncrypt.dll
2010-06-16 13:07:17 ----A---- C:\Windows\system32\NetProjW.dll
2010-06-16 13:07:17 ----A---- C:\Windows\system32\netlogon.dll
2010-06-16 13:07:17 ----A---- C:\Windows\system32\mtxclu.dll
2010-06-16 13:07:14 ----A---- C:\Windows\system32\NcdProp.dll
2010-06-16 13:07:14 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2010-06-16 13:07:12 ----A---- C:\Windows\system32\newdev.exe
2010-06-16 13:07:12 ----A---- C:\Windows\system32\newdev.dll
2010-06-16 13:07:12 ----A---- C:\Windows\system32\netshell.dll
2010-06-16 13:07:11 ----A---- C:\Windows\system32\networkexplorer.dll
2010-06-16 13:07:10 ----A---- C:\Windows\system32\networkmap.dll
2010-06-16 13:07:10 ----A---- C:\Windows\system32\networkitemfactory.dll
2010-06-16 13:07:09 ----A---- C:\Windows\system32\msscntrs.dll
2010-06-16 13:07:09 ----A---- C:\Windows\system32\msscb.dll
2010-06-16 13:07:09 ----A---- C:\Windows\system32\msrepl40.dll
2010-06-16 13:07:09 ----A---- C:\Windows\system32\msrd3x40.dll
2010-06-16 13:07:09 ----A---- C:\Windows\system32\msrating.dll
2010-06-16 13:07:09 ----A---- C:\Windows\system32\mspbde40.dll
2010-06-16 13:07:09 ----A---- C:\Windows\system32\msnetobj.dll
2010-06-16 13:07:09 ----A---- C:\Windows\system32\MSMPEG2VDEC.DLL
2010-06-16 13:07:09 ----A---- C:\Windows\system32\msltus40.dll
2010-06-16 13:07:08 ----A---- C:\Windows\system32\msrd2x40.dll
2010-06-16 13:07:08 ----A---- C:\Windows\system32\msinfo32.exe
2010-06-16 13:07:08 ----A---- C:\Windows\system32\msimtf.dll
2010-06-16 13:07:07 ----A---- C:\Windows\system32\msjtes40.dll
2010-06-16 13:07:07 ----A---- C:\Windows\system32\msjint40.dll
2010-06-16 13:07:07 ----A---- C:\Windows\system32\msjetoledb40.dll
2010-06-16 13:07:03 ----A---- C:\Windows\system32\msjter40.dll
2010-06-16 13:07:03 ----A---- C:\Windows\system32\msjet40.dll
2010-06-16 13:07:03 ----A---- C:\Windows\system32\msisip.dll
2010-06-16 13:07:02 ----A---- C:\Windows\system32\msvcp60.dll
2010-06-16 13:07:02 ----A---- C:\Windows\system32\msutb.dll
2010-06-16 13:07:01 ----A---- C:\Windows\system32\mswsock.dll
2010-06-16 13:07:01 ----A---- C:\Windows\system32\mswdat10.dll
2010-06-16 13:07:00 ----A---- C:\Windows\system32\msxbde40.dll
2010-06-16 13:07:00 ----A---- C:\Windows\system32\mswstr10.dll
2010-06-16 13:07:00 ----A---- C:\Windows\system32\MSVidCtl.dll
2010-06-16 13:07:00 ----A---- C:\Windows\system32\msvcrt.dll
2010-06-16 13:07:00 ----A---- C:\Windows\system32\mssphtb.dll
2010-06-16 13:07:00 ----A---- C:\Windows\system32\mssph.dll
2010-06-16 13:06:59 ----A---- C:\Windows\system32\mstsc.exe
2010-06-16 13:06:59 ----A---- C:\Windows\system32\mstlsapi.dll
2010-06-16 13:06:59 ----A---- C:\Windows\system32\mssvp.dll
2010-06-16 13:06:59 ----A---- C:\Windows\system32\mssrch.dll
2010-06-16 13:06:59 ----A---- C:\Windows\system32\mssprxy.dll
2010-06-16 13:06:59 ----A---- C:\Windows\system32\mssitlb.dll
2010-06-16 13:06:59 ----A---- C:\Windows\system32\msshsq.dll
2010-06-16 13:06:59 ----A---- C:\Windows\system32\msshooks.dll
2010-06-16 13:06:59 ----A---- C:\Windows\system32\msscp.dll
2010-06-16 13:06:58 ----A---- C:\Windows\system32\mstime.dll
2010-06-16 13:06:58 ----A---- C:\Windows\system32\mstext40.dll
2010-06-16 13:06:58 ----A---- C:\Windows\system32\msstrc.dll
2010-06-16 13:06:57 ----A---- C:\Windows\system32\InkEd.dll
2010-06-16 13:06:57 ----A---- C:\Windows\system32\infocardapi.dll
2010-06-16 13:06:57 ----A---- C:\Windows\system32\inetppui.dll
2010-06-16 13:06:57 ----A---- C:\Windows\system32\inetpp.dll
2010-06-16 13:06:56 ----A---- C:\Windows\system32\imm32.dll
2010-06-16 13:06:55 ----A---- C:\Windows\system32\iscsilog.dll
2010-06-16 13:06:55 ----A---- C:\Windows\system32\ipsmsnap.dll
2010-06-16 13:06:55 ----A---- C:\Windows\system32\IPSECSVC.DLL
2010-06-16 13:06:55 ----A---- C:\Windows\system32\input.dll
2010-06-16 13:06:54 ----A---- C:\Windows\system32\ipsecsnp.dll
2010-06-16 13:06:54 ----A---- C:\Windows\system32\IPHLPAPI.DLL
2010-06-16 13:06:54 ----A---- C:\Windows\system32\ipconfig.exe
2010-06-16 13:06:54 ----A---- C:\Windows\system32\iertutil.dll
2010-06-16 13:06:53 ----A---- C:\Windows\system32\ifmon.dll
2010-06-16 13:06:53 ----A---- C:\Windows\system32\icardres.dll
2010-06-16 13:06:53 ----A---- C:\Windows\system32\iassvcs.dll
2010-06-16 13:06:53 ----A---- C:\Windows\system32\iassdo.dll
2010-06-16 13:06:52 ----A---- C:\Windows\system32\iedkcs32.dll
2010-06-16 13:06:52 ----A---- C:\Windows\system32\ieaksie.dll
2010-06-16 13:06:52 ----A---- C:\Windows\system32\icardagt.exe
2010-06-16 13:06:52 ----A---- C:\Windows\system32\iassam.dll
2010-06-16 13:06:52 ----A---- C:\Windows\system32\iasrecst.dll
2010-06-16 13:06:52 ----A---- C:\Windows\system32\iasrad.dll
2010-06-16 13:06:52 ----A---- C:\Windows\system32\iaspolcy.dll
2010-06-16 13:06:51 ----A---- C:\Windows\system32\IMJP10K.DLL
2010-06-16 13:06:50 ----A---- C:\Windows\system32\imapi2fs.dll
2010-06-16 13:06:50 ----A---- C:\Windows\system32\imapi2.dll
2010-06-16 13:06:50 ----A---- C:\Windows\system32\imapi.dll
2010-06-16 13:06:50 ----A---- C:\Windows\system32\IKEEXT.DLL
2010-06-16 13:06:48 ----A---- C:\Windows\system32\mfplat.dll
2010-06-16 13:06:48 ----A---- C:\Windows\system32\mfc42.dll
2010-06-16 13:06:47 ----A---- C:\Windows\system32\mfc42u.dll
2010-06-16 13:06:46 ----A---- C:\Windows\system32\milcore.dll
2010-06-16 13:06:45 ----A---- C:\Windows\system32\mimefilt.dll
2010-06-16 13:06:45 ----A---- C:\Windows\system32\midimap.dll
2010-06-16 13:06:44 ----A---- C:\Windows\system32\mmcndmgr.dll
2010-06-16 13:06:44 ----A---- C:\Windows\system32\mmcico.dll
2010-06-16 13:06:44 ----A---- C:\Windows\system32\mmci.dll
2010-06-16 13:06:44 ----A---- C:\Windows\system32\mmc.exe
2010-06-16 13:06:42 ----A---- C:\Windows\system32\korwbrkr.dll
2010-06-16 13:06:41 ----A---- C:\Windows\system32\l2nacp.dll
2010-06-16 13:06:41 ----A---- C:\Windows\system32\kernel32.dll
2010-06-16 13:06:41 ----A---- C:\Windows\system32\kdusb.dll
2010-06-16 13:06:41 ----A---- C:\Windows\system32\kdcom.dll
2010-06-16 13:06:41 ----A---- C:\Windows\system32\kd1394.dll
2010-06-16 13:06:40 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
2010-06-16 13:06:40 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2010-06-16 13:06:40 ----A---- C:\Windows\system32\mcmde.dll
2010-06-16 13:06:40 ----A---- C:\Windows\system32\mblctr.exe
2010-06-16 13:06:39 ----A---- C:\Windows\system32\logman.exe
2010-06-16 13:06:39 ----A---- C:\Windows\system32\logagent.exe
2010-06-16 13:06:38 ----A---- C:\Windows\system32\shsetup.dll
2010-06-16 13:06:38 ----A---- C:\Windows\system32\Magnify.exe
2010-06-16 13:06:37 ----A---- C:\Windows\system32\wercon.exe
2010-06-16 13:06:37 ----A---- C:\Windows\system32\wer.dll
2010-06-16 13:06:37 ----A---- C:\Windows\system32\WebClnt.dll
2010-06-16 13:06:37 ----A---- C:\Windows\system32\webcheck.dll
2010-06-16 13:06:37 ----A---- C:\Windows\system32\wdscore.dll
2010-06-16 13:06:37 ----A---- C:\Windows\system32\wdc.dll
2010-06-16 13:06:36 ----A---- C:\Windows\system32\WindowsCodecs.dll
2010-06-16 13:06:35 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2010-06-16 13:06:33 ----A---- C:\Windows\system32\WindowsAnytimeUpgradeCPL.dll
2010-06-16 13:06:31 ----A---- C:\Windows\system32\wevtutil.exe
2010-06-16 13:06:30 ----A---- C:\Windows\system32\whealogr.dll
2010-06-16 13:06:30 ----A---- C:\Windows\system32\wevtsvc.dll
2010-06-16 13:06:28 ----A---- C:\Windows\system32\wevtapi.dll
2010-06-16 13:06:28 ----A---- C:\Windows\system32\WerFaultSecure.exe
2010-06-16 13:06:28 ----A---- C:\Windows\system32\WerFault.exe
2010-06-16 13:06:27 ----A---- C:\Windows\system32\win32spl.dll
2010-06-16 13:06:27 ----A---- C:\Windows\system32\wersvc.dll
2010-06-16 13:06:26 ----A---- C:\Windows\system32\wiaservc.dll
2010-06-16 13:06:26 ----A---- C:\Windows\system32\wiaaut.dll
2010-06-16 13:06:26 ----A---- C:\Windows\system32\version.dll
2010-06-16 13:06:26 ----A---- C:\Windows\system32\vdsutil.dll
2010-06-16 13:06:26 ----A---- C:\Windows\system32\vdsdyn.dll
2010-06-16 13:06:26 ----A---- C:\Windows\system32\vds.exe
2010-06-16 13:06:26 ----A---- C:\Windows\system32\vdmdbg.dll
2010-06-16 13:06:25 ----A---- C:\Windows\system32\uxsms.dll
2010-06-16 13:06:25 ----A---- C:\Windows\system32\Utilman.exe
2010-06-16 13:06:25 ----A---- C:\Windows\system32\user32.dll
2010-06-16 13:06:24 ----A---- C:\Windows\system32\usp10.dll
2010-06-16 13:06:24 ----A---- C:\Windows\system32\userenv.dll
2010-06-16 13:06:24 ----A---- C:\Windows\system32\usercpl.dll
2010-06-16 13:06:23 ----A---- C:\Windows\system32\wcnwiz2.dll
2010-06-16 13:06:23 ----A---- C:\Windows\system32\wcnwiz.dll
2010-06-16 13:06:23 ----A---- C:\Windows\system32\WcnNetsh.dll
2010-06-16 13:06:23 ----A---- C:\Windows\system32\wcncsvc.dll
2010-06-16 13:06:22 ----A---- C:\Windows\system32\WSDMon.dll
2010-06-16 13:06:22 ----A---- C:\Windows\system32\wsdchngr.dll
2010-06-16 13:06:22 ----A---- C:\Windows\system32\wscisvif.dll
2010-06-16 13:06:22 ----A---- C:\Windows\system32\WscEapPr.dll
2010-06-16 13:06:22 ----A---- C:\Windows\system32\wscapi.dll
2010-06-16 13:06:22 ----A---- C:\Windows\system32\w32time.dll
2010-06-16 13:06:22 ----A---- C:\Windows\system32\VSSVC.exe
2010-06-16 13:06:22 ----A---- C:\Windows\system32\vssapi.dll
2010-06-16 13:06:21 ----A---- C:\Windows\system32\wscsvc.dll
2010-06-16 13:06:21 ----A---- C:\Windows\system32\wscript.exe
2010-06-16 13:06:21 ----A---- C:\Windows\system32\wscntfy.dll
2010-06-16 13:06:21 ----A---- C:\Windows\system32\wow32.dll
2010-06-16 13:06:21 ----A---- C:\Windows\system32\WMVXENCD.DLL
2010-06-16 13:06:21 ----A---- C:\Windows\system32\WMVSDECD.DLL
2010-06-16 13:06:21 ----A---- C:\Windows\system32\WMVENCOD.DLL
2010-06-16 13:06:20 ----A---- C:\Windows\system32\wusa.exe
2010-06-16 13:06:20 ----A---- C:\Windows\system32\wpcsvc.dll
2010-06-16 13:06:20 ----A---- C:\Windows\system32\wpccpl.dll
2010-06-16 13:06:20 ----A---- C:\Windows\system32\wpcao.dll
2010-06-16 13:06:19 ----A---- C:\Windows\system32\xmlfilter.dll
2010-06-16 13:06:19 ----A---- C:\Windows\system32\wshext.dll
2010-06-16 13:06:19 ----A---- C:\Windows\system32\wshbth.dll
2010-06-16 13:06:19 ----A---- C:\Windows\system32\wsepno.dll
2010-06-16 13:06:18 ----A---- C:\Windows\system32\wsnmp32.dll
2010-06-16 13:06:18 ----A---- C:\Windows\system32\WsmSvc.dll
2010-06-16 13:06:18 ----A---- C:\Windows\system32\wlanui.dll
2010-06-16 13:06:18 ----A---- C:\Windows\system32\wlanpref.dll
2010-06-16 13:06:18 ----A---- C:\Windows\system32\wlangpui.dll
2010-06-16 13:06:18 ----A---- C:\Windows\system32\wisptis.exe
2010-06-16 13:06:17 ----A---- C:\Windows\system32\wlgpclnt.dll
2010-06-16 13:06:17 ----A---- C:\Windows\system32\Wldap32.dll
2010-06-16 13:06:17 ----A---- C:\Windows\system32\WinSCard.dll
2010-06-16 13:06:17 ----A---- C:\Windows\system32\WinSAT.exe
2010-06-16 13:06:17 ----A---- C:\Windows\system32\winrnr.dll
2010-06-16 13:06:17 ----A---- C:\Windows\system32\winresume.exe
2010-06-16 13:06:17 ----A---- C:\Windows\system32\winload.exe
2010-06-16 13:06:16 ----A---- C:\Windows\system32\WMNetMgr.dll
2010-06-16 13:06:16 ----A---- C:\Windows\system32\winsrv.dll
2010-06-16 13:06:16 ----A---- C:\Windows\system32\winmm.dll
2010-06-16 13:06:16 ----A---- C:\Windows\system32\winlogon.exe
2010-06-16 13:06:15 ----A---- C:\Windows\system32\wmpmde.dll
2010-06-16 13:06:15 ----A---- C:\Windows\system32\WMPhoto.dll
2010-06-16 13:06:15 ----A---- C:\Windows\system32\wmpeffects.dll
2010-06-16 13:06:14 ----A---- C:\Windows\system32\wmdrmsdk.dll
2010-06-16 13:06:13 ----A---- C:\Windows\system32\wmicmiplugin.dll
2010-06-16 13:06:13 ----A---- C:\Windows\system32\Storprop.dll
2010-06-16 13:06:13 ----A---- C:\Windows\system32\stobject.dll
2010-06-16 13:06:12 ----A---- C:\Windows\system32\sud.dll
2010-06-16 13:06:12 ----A---- C:\Windows\system32\srcore.dll
2010-06-16 13:06:12 ----A---- C:\Windows\system32\srchadmin.dll
2010-06-16 13:06:11 ----A---- C:\Windows\system32\srvsvc.dll
2010-06-16 13:06:09 ----A---- C:\Windows\system32\sysmain.dll
2010-06-16 13:06:09 ----A---- C:\Windows\system32\sysclass.dll
2010-06-16 13:06:09 ----A---- C:\Windows\system32\SyncCenter.dll
2010-06-16 13:06:09 ----A---- C:\Windows\system32\swprv.dll
2010-06-16 13:06:08 ----A---- C:\Windows\system32\smss.exe
2010-06-16 13:06:08 ----A---- C:\Windows\system32\SmiEngine.dll
2010-06-16 13:06:08 ----A---- C:\Windows\system32\SMBHelperClass.dll
2010-06-16 13:06:08 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2010-06-16 13:06:08 ----A---- C:\Windows\system32\slwmi.dll
2010-06-16 13:06:08 ----A---- C:\Windows\system32\slcc.dll
2010-06-16 13:06:07 ----A---- C:\Windows\system32\spp.dll
2010-06-16 13:06:07 ----A---- C:\Windows\system32\spoolsv.exe
2010-06-16 13:06:07 ----A---- C:\Windows\system32\spoolss.dll
2010-06-16 13:06:07 ----A---- C:\Windows\system32\spinstall.exe
2010-06-16 13:06:07 ----A---- C:\Windows\system32\spcmsg.dll
2010-06-16 13:06:07 ----A---- C:\Windows\system32\slwga.dll
2010-06-16 13:06:07 ----A---- C:\Windows\system32\SLUINotify.dll
2010-06-16 13:06:07 ----A---- C:\Windows\system32\SLUI.exe
2010-06-16 13:06:07 ----A---- C:\Windows\system32\SLsvc.exe
2010-06-16 13:06:07 ----A---- C:\Windows\system32\slmgr.vbs
2010-06-16 13:06:07 ----A---- C:\Windows\system32\SLLUA.exe
2010-06-16 13:06:07 ----A---- C:\Windows\system32\SLCommDlg.dll
2010-06-16 13:06:07 ----A---- C:\Windows\system32\slcinst.dll
2010-06-16 13:06:07 ----A---- C:\Windows\system32\SLCExt.dll
2010-06-16 13:06:07 ----A---- C:\Windows\system32\SLC.dll
2010-06-16 13:06:07 ----A---- C:\Windows\system32\shwebsvc.dll
2010-06-16 13:06:07 ----A---- C:\Windows\system32\shsvcs.dll
2010-06-16 13:06:06 ----A---- C:\Windows\system32\sperror.dll
2010-06-16 13:06:05 ----A---- C:\Windows\system32\sqlsrv32.dll
2010-06-16 13:06:05 ----A---- C:\Windows\system32\spwizui.dll
2010-06-16 13:06:05 ----A---- C:\Windows\system32\spwinsat.dll
2010-06-16 13:06:05 ----A---- C:\Windows\system32\spreview.exe
2010-06-16 13:06:05 ----A---- C:\Windows\system32\SnippingTool.exe
2010-06-16 13:06:05 ----A---- C:\Windows\system32\SndVol.exe
2010-06-16 13:06:04 ----A---- C:\Windows\system32\TsWpfWrp.exe
2010-06-16 13:06:04 ----A---- C:\Windows\system32\TSTheme.exe
2010-06-16 13:06:04 ----A---- C:\Windows\system32\softkbd.dll
2010-06-16 13:06:03 ----A---- C:\Windows\system32\tscupgrd.exe
2010-06-16 13:06:02 ----A---- C:\Windows\system32\zipfldr.dll
2010-06-16 13:06:02 ----A---- C:\Windows\system32\untfs.dll
2010-06-16 13:06:01 ----A---- C:\Windows\system32\umpnpmgr.dll
2010-06-16 13:06:01 ----A---- C:\Windows\system32\ulib.dll
2010-06-16 13:06:01 ----A---- C:\Windows\system32\uDWM.dll
2010-06-16 13:06:00 ----A---- C:\Windows\system32\systemcpl.dll
2010-06-16 13:05:53 ----A---- C:\Windows\system32\tquery.dll
2010-06-16 13:05:53 ----A---- C:\Windows\system32\termsrv.dll
2010-06-16 13:05:53 ----A---- C:\Windows\system32\tcpmon.dll
2010-06-16 13:05:53 ----A---- C:\Windows\system32\tcpipcfg.dll
2010-06-16 13:05:53 ----A---- C:\Windows\system32\taskeng.exe
2010-06-16 13:05:53 ----A---- C:\Windows\system32\taskcomp.dll
2010-06-16 13:05:53 ----A---- C:\Windows\system32\tapisrv.dll
2010-06-16 13:05:52 ----A---- C:\Windows\system32\themeui.dll
2010-06-16 13:05:52 ----A---- C:\Windows\system32\themecpl.dll
2010-06-16 13:05:52 ----A---- C:\Windows\system32\thawbrkr.dll
2010-06-16 12:56:42 ----D---- C:\Windows\system32\EventProviders
2010-06-16 09:50:00 ----D---- C:\Program Files\Common Files\Java
2010-06-16 09:47:29 ----A---- C:\Windows\system32\deployJava1.dll
2010-06-16 09:47:28 ----A---- C:\Windows\system32\javaws.exe
2010-06-16 09:47:28 ----A---- C:\Windows\system32\javaw.exe
2010-06-16 09:47:27 ----A---- C:\Windows\system32\java.exe
2010-06-15 14:45:11 ----D---- C:\Program Files\trend micro
2010-06-15 14:45:06 ----D---- C:\rsit
2010-06-13 17:51:07 ----D---- C:\Program Files\JRE
2010-06-13 17:44:50 ----D---- C:\ProgramData\Sun
2010-06-11 00:19:34 ----HD---- C:\Program Files\Temp
2010-06-10 20:28:36 ----D---- C:\Users\mikael\AppData\Roaming\Megaupload
2010-06-10 20:15:51 ----D---- C:\Program Files\Megaupload
2010-06-10 11:06:36 ----D---- C:\Program Files\iPod
2010-06-10 11:06:28 ----D---- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2010-06-10 11:06:28 ----D---- C:\Program Files\iTunes
2010-06-10 10:46:22 ----D---- C:\Program Files\QuickTime
2010-06-10 10:44:18 ----D---- C:\Program Files\Apple Software Update
2010-06-09 10:35:44 ----A---- C:\Windows\system32\atmfd.dll
2010-06-09 10:35:40 ----A---- C:\Windows\system32\atmlib.dll
2010-06-09 10:35:12 ----A---- C:\Windows\system32\asycfilt.dll
2010-06-09 10:32:17 ----A---- C:\Windows\system32\mshtml.dll
2010-06-09 10:32:15 ----A---- C:\Windows\system32\ieframe.dll
2010-06-09 10:32:10 ----A---- C:\Windows\system32\wininet.dll
2010-06-09 10:32:08 ----A---- C:\Windows\system32\urlmon.dll
2010-06-09 10:32:01 ----A---- C:\Windows\system32\ieapfltr.dll
2010-06-09 10:32:00 ----A---- C:\Windows\system32\mshtmled.dll
2010-06-09 10:31:58 ----A---- C:\Windows\system32\ieui.dll
2010-06-09 10:31:58 ----A---- C:\Windows\system32\iepeers.dll
2010-06-09 10:31:53 ----A---- C:\Windows\system32\ieencode.dll
2010-05-26 17:23:50 ----D---- C:\Users\mikael\AppData\Roaming\InstallShield
2010-05-26 17:21:39 ----A---- C:\Windows\STImgBrowser.INI
2010-05-26 17:03:58 ----A---- C:\Windows\MegaManager.INI
2010-05-26 12:06:31 ----D---- C:\Windows\pss
2010-05-26 12:00:55 ----A---- C:\Windows\system32\tzres.dll

======List of files/folders modified in the last 1 months======

2010-06-16 19:18:19 ----D---- C:\Windows\Temp
2010-06-16 19:17:41 ----D---- C:\Windows\Prefetch
2010-06-16 19:16:07 ----D---- C:\Windows\System32
2010-06-16 19:16:07 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-06-16 19:16:04 ----D---- C:\Windows\inf
2010-06-16 19:08:50 ----D---- C:\ProgramData\Kaspersky Lab
2010-06-16 19:08:16 ----D---- C:\Windows\system32\drivers
2010-06-16 17:58:48 ----A---- C:\Windows\system32\acovcnt.exe
2010-06-16 15:20:27 ----D---- C:\Windows\Microsoft.NET
2010-06-16 15:19:53 ----RSD---- C:\Windows\assembly
2010-06-16 15:17:35 ----D---- C:\Windows\rescache
2010-06-16 14:56:55 ----D---- C:\Windows
2010-06-16 14:56:25 ----SHD---- C:\Boot
2010-06-16 14:55:14 ----D---- C:\Windows\system32\catroot
2010-06-16 14:38:33 ----D---- C:\Program Files\Windows Sidebar
2010-06-16 14:38:33 ----D---- C:\Program Files\Windows Mail
2010-06-16 14:38:33 ----D---- C:\Program Files\Windows Calendar
2010-06-16 14:38:33 ----D---- C:\Program Files\Movie Maker
2010-06-16 14:38:33 ----D---- C:\Program Files\Internet Explorer
2010-06-16 14:38:32 ----D---- C:\Program Files\Windows Media Player
2010-06-16 14:38:32 ----D---- C:\Program Files\Windows Journal
2010-06-16 14:38:32 ----D---- C:\Program Files\Windows Collaboration
2010-06-16 14:38:31 ----D---- C:\Program Files\Windows Photo Gallery
2010-06-16 14:38:31 ----D---- C:\Program Files\Common Files\System
2010-06-16 14:38:28 ----D---- C:\Program Files\Windows Defender
2010-06-16 14:38:27 ----D---- C:\Windows\servicing
2010-06-16 14:38:27 ----D---- C:\Windows\ehome
2010-06-16 14:38:13 ----D---- C:\Windows\system32\XPSViewer
2010-06-16 14:38:13 ----D---- C:\Windows\system32\lv-LV
2010-06-16 14:38:13 ----D---- C:\Windows\IME
2010-06-16 14:38:12 ----D---- C:\Windows\system32\sk-SK
2010-06-16 14:38:12 ----D---- C:\Windows\system32\ko-KR
2010-06-16 14:38:12 ----D---- C:\Windows\system32\it-IT
2010-06-16 14:38:12 ----D---- C:\Windows\system32\hr-HR
2010-06-16 14:38:12 ----D---- C:\Windows\system32\et-EE
2010-06-16 14:38:12 ----D---- C:\Windows\system32\en-US
2010-06-16 14:38:12 ----D---- C:\Windows\system32\de-DE
2010-06-16 14:38:12 ----D---- C:\Windows\system32\da-DK
2010-06-16 14:38:11 ----D---- C:\Windows\system32\oobe
2010-06-16 14:38:11 ----D---- C:\Windows\system32\migration
2010-06-16 14:38:11 ----D---- C:\Windows\system32\fr
2010-06-16 14:38:11 ----D---- C:\Windows\system32\el-GR
2010-06-16 14:38:08 ----D---- C:\Windows\system32\AdvancedInstallers
2010-06-16 14:38:07 ----D---- C:\Windows\system32\ru-RU
2010-06-16 14:38:05 ----D---- C:\Windows\system32\fr-FR
2010-06-16 14:38:01 ----D---- C:\Windows\system32\sv-SE
2010-06-16 14:38:01 ----D---- C:\Windows\system32\SLUI
2010-06-16 14:38:01 ----D---- C:\Windows\system32\setup
2010-06-16 14:38:01 ----D---- C:\Windows\system32\pt-PT
2010-06-16 14:38:01 ----D---- C:\Windows\system32\hu-HU
2010-06-16 14:38:01 ----D---- C:\Windows\system32\he-IL
2010-06-16 14:38:01 ----D---- C:\Windows\system32\fi-FI
2010-06-16 14:38:01 ----D---- C:\Windows\system32\cs-CZ
2010-06-16 14:37:58 ----D---- C:\Windows\system32\zh-TW
2010-06-16 14:37:58 ----D---- C:\Windows\system32\zh-CN
2010-06-16 14:37:58 ----D---- C:\Windows\system32\uk-UA
2010-06-16 14:37:58 ----D---- C:\Windows\system32\sr-Latn-CS
2010-06-16 14:37:58 ----D---- C:\Windows\system32\sl-SI
2010-06-16 14:37:58 ----D---- C:\Windows\system32\pl-PL
2010-06-16 14:37:58 ----D---- C:\Windows\system32\manifeststore
2010-06-16 14:37:58 ----D---- C:\Windows\system32\es-ES
2010-06-16 14:37:57 ----D---- C:\Windows\system32\th-TH
2010-06-16 14:37:57 ----D---- C:\Windows\system32\ro-RO
2010-06-16 14:37:57 ----D---- C:\Windows\system32\ja-JP
2010-06-16 14:37:57 ----D---- C:\Windows\system32\bg-BG
2010-06-16 14:37:54 ----D---- C:\Windows\system32\tr-TR
2010-06-16 14:37:53 ----D---- C:\Windows\system32\wbem
2010-06-16 14:37:51 ----D---- C:\Windows\system32\nl-NL
2010-06-16 14:37:51 ----D---- C:\Windows\system32\nb-NO
2010-06-16 14:37:51 ----D---- C:\Windows\system32\lt-LT
2010-06-16 14:37:51 ----D---- C:\Windows\system32\ar-SA
2010-06-16 14:37:50 ----D---- C:\Windows\system32\migwiz
2010-06-16 14:37:49 ----D---- C:\Windows\system32\pt-BR
2010-06-16 14:36:55 ----RSD---- C:\Windows\Fonts
2010-06-16 14:36:55 ----D---- C:\Windows\AppPatch
2010-06-16 14:36:40 ----D---- C:\Windows\system32\Boot
2010-06-16 14:32:06 ----D---- C:\Windows\system32\RTCOM
2010-06-16 14:17:08 ----D---- C:\Windows\winsxs
2010-06-16 13:04:14 ----SHD---- C:\System Volume Information
2010-06-16 09:50:21 ----SHD---- C:\Windows\Installer
2010-06-16 09:50:00 ----D---- C:\Program Files\Common Files
2010-06-16 09:45:33 ----D---- C:\Program Files\Java
2010-06-15 23:51:04 ----RD---- C:\Program Files
2010-06-13 17:50:48 ----D---- C:\Program Files\OpenOffice.org 3
2010-06-13 17:44:50 ----HD---- C:\ProgramData
2010-06-10 20:30:10 ----SD---- C:\Windows\Downloaded Program Files
2010-06-10 20:15:45 ----HD---- C:\Program Files\InstallShield Installation Information
2010-06-10 11:06:32 ----D---- C:\Program Files\Common Files\Apple
2010-06-10 10:43:52 ----D---- C:\Windows\system32\Tasks
2010-06-10 08:59:49 ----D---- C:\Windows\system32\catroot2
2010-06-09 23:26:22 ----D---- C:\Windows\Debug
2010-06-09 16:32:14 ----D---- C:\Program Files\Symantec
2010-05-28 21:37:34 ----A---- C:\Windows\system32\mrt.exe
2010-05-26 18:01:23 ----SD---- C:\Users\mikael\AppData\Roaming\Microsoft
2010-05-26 17:33:48 ----D---- C:\Program Files\Yahoo!
2010-05-26 17:32:45 ----D---- C:\Program Files\LG Electronics
2010-05-21 14:14:28 ----N---- C:\Windows\system32\MpSigStub.exe
elsass

Re: analise lente et pc ki ventile

par elsass »

re suite :

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 DfsC;@%systemroot%\system32\drivers\dfsc.sys,-101; C:\Windows\System32\Drivers\dfsc.sys [2009-04-10 75264]
R1 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2009-09-01 128016]
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2009-12-28 311312]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys [2009-11-03 21520]
R1 nsiproxy;NSI proxy service; C:\Windows\system32\drivers\nsiproxy.sys [2008-01-19 16384]
R1 RDPENCDD;RDP Encoder Mirror Driver; C:\Windows\system32\drivers\rdpencdd.sys [2008-01-19 6144]
R1 Smb;@%SystemRoot%\system32\tcpipcfg.dll,-50005; C:\Windows\system32\DRIVERS\smb.sys [2009-04-10 66560]
R1 tdx;@%SystemRoot%\system32\tcpipcfg.dll,-50004; C:\Windows\system32\DRIVERS\tdx.sys [2009-04-10 72192]
R1 Wanarpv6;Remote Access IPv6 ARP Driver; C:\Windows\system32\DRIVERS\wanarp.sys [2008-01-19 62464]
R2 ASMMAP;ASMMAP; \??\C:\Program Files\ATKGFNEX\ASMMAP.sys [2007-07-24 13880]
R2 ghaio;ghaio; \??\C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys [2007-08-03 20936]
R2 lltdio;Pilote d’E/S du mappage de découverte de topologie de la couche de liaison; C:\Windows\system32\DRIVERS\lltdio.sys [2008-01-19 47104]
R2 luafv;UAC File Virtualization; C:\Windows\system32\drivers\luafv.sys [2008-01-19 84480]
R2 PEAUTH;PEAUTH; C:\Windows\system32\drivers\peauth.sys [2006-11-02 878080]
R2 rspndr;Répondeur de découverte de topologie de la couche de liaison; C:\Windows\system32\DRIVERS\rspndr.sys [2008-01-19 60416]
R2 tcpipreg;TCP/IP Registry Compatibility; C:\Windows\System32\drivers\tcpipreg.sys [2009-12-08 30720]
R3 AmdK8;Pilote de processeur AMD K8; C:\Windows\system32\DRIVERS\amdk8.sys [2008-01-19 44032]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2007-07-31 743424]
R3 bowser;Bowser; C:\Windows\system32\DRIVERS\bowser.sys [2008-01-19 69632]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-19 14208]
R3 DXGKrnl;LDDM Graphics Subsystem; C:\Windows\System32\drivers\dxgkrnl.sys [2009-04-10 626176]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2009-05-18 26600]
R3 HDAudBus;Pilote de bus UAA Microsoft pour High Definition Audio; C:\Windows\system32\DRIVERS\HDAudBus.sys [2009-04-10 561152]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-12-12 2030488]
R3 iScsiPrt;Pilote iScsiPort; C:\Windows\system32\DRIVERS\msiscsi.sys [2009-04-10 180712]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2007-01-24 5632]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\Windows\system32\DRIVERS\klmouflt.sys [2009-10-02 19472]
R3 monitor;Service Pilote de fonction de classe Moniteur Microsoft; C:\Windows\system32\DRIVERS\monitor.sys [2008-01-19 41984]
R3 mpsdrv;@%SystemRoot%\system32\FirewallAPI.dll,-23092; C:\Windows\System32\drivers\mpsdrv.sys [2008-01-19 64000]
R3 mrxsmb10;SMB 1.x MiniRedirector; C:\Windows\system32\DRIVERS\mrxsmb10.sys [2010-02-23 212992]
R3 mrxsmb20;SMB 2.0 MiniRedirector; C:\Windows\system32\DRIVERS\mrxsmb20.sys [2010-02-23 79360]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2006-12-14 7680]
R3 NativeWifiP;Filtre NativeWiFi; C:\Windows\system32\DRIVERS\nwifi.sys [2009-04-10 148480]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2007-03-06 1059112]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-05-14 7115264]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2007-02-16 12032]
R3 RasSstp;@%systemroot%\system32\sstpsvc.dll,-202; C:\Windows\system32\DRIVERS\rassstp.sys [2009-04-10 69120]
R3 RTSTOR;USB Mass Storage Device; C:\Windows\system32\drivers\RTSTOR.SYS [2007-11-10 57856]
R3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2006-11-02 1010560]
R3 srv2;srv2; C:\Windows\System32\DRIVERS\srv2.sys [2009-09-14 144896]
R3 srvnet;srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [2009-12-11 98816]
R3 StkCMini;Syntek AVStream USB2.0 1.3M WebCam; C:\Windows\System32\Drivers\StkCMini.sys [2007-06-06 1260672]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-03-01 182456]
R3 tunmp;Pilote de carte miniport Microsoft Tun; C:\Windows\system32\DRIVERS\tunmp.sys [2008-01-19 15360]
R3 tunnel;Pilote de carte miniport Microsoft IPv6 Tunnel; C:\Windows\system32\DRIVERS\tunnel.sys [2010-02-18 25088]
R3 umbus;Pilote d’énumérateur UMBus; C:\Windows\system32\DRIVERS\umbus.sys [2008-01-19 34816]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\Windows\system32\DRIVERS\usbehci.sys [2009-04-10 39936]
R3 usbhub;Concentrateur USB2; C:\Windows\system32\DRIVERS\usbhub.sys [2009-04-10 196096]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\Windows\system32\DRIVERS\usbohci.sys [2009-04-10 19456]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
S3 agp440;Intel AGP Bus Filter; C:\Windows\system32\drivers\agp440.sys [2006-11-02 53864]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2006-11-02 54888]
S3 BrFiltLo;Brother USB Mass-Storage Lower Filter Driver; C:\Windows\system32\drivers\brfiltlo.sys [2006-11-02 13568]
S3 BrFiltUp;Brother USB Mass-Storage Upper Filter Driver; C:\Windows\system32\drivers\brfiltup.sys [2006-11-02 5248]
S3 BrUsbSer;Brother MFC USB Serial WDM Driver; C:\Windows\system32\drivers\brusbser.sys [2006-11-02 11904]
S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2006-11-02 19456]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2006-11-02 92160]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2006-11-02 220160]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2006-11-02 29184]
S3 CrystalSysInfo;CrystalSysInfo; \??\C:\Program Files\MediaCoder\SysInfo.sys []
S3 E1G60;Intel(R) PRO/1000 NDIS 6 Adapter Driver; C:\Windows\system32\DRIVERS\E1G60I32.sys [2006-11-02 117760]
S3 exfat;exFAT File System Driver; C:\Windows\system32\drivers\exfat.sys [2009-04-10 136704]
S3 Filetrace;FileTrace; C:\Windows\system32\drivers\filetrace.sys [2008-01-19 27648]
S3 gagp30kx;Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms; C:\Windows\system32\drivers\gagp30kx.sys [2006-11-02 58984]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MODEMCSA;Périphérique de filtrage de flux Unimodem; C:\Windows\system32\drivers\MODEMCSA.sys [2008-01-19 18432]
S3 motmodem;Motorola USB CDC ACM Driver; C:\Windows\system32\DRIVERS\motmodem.sys [2007-02-27 21504]
S3 MsRPC;MsRPC; C:\Windows\system32\drivers\MsRPC.sys [2009-04-10 161752]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 NETw3v32;Intel(R) PRO/Wireless 3945BG Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-11-02 1781760]
S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmb.sys [2010-01-21 18048]
S3 nmwcdc;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbo.sys [2009-12-30 22016]
S3 nv_agp;NVIDIA nForce AGP Bus Filter; C:\Windows\system32\drivers\nv_agp.sys [2006-11-02 106600]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 QWAVEdrv;@%SystemRoot%\system32\drivers\qwavedrv.sys,-1; C:\Windows\system32\drivers\qwavedrv.sys [2008-01-19 31232]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2006-11-02 49664]
S3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2006-11-02 44544]
S3 sffp_mmc;SFF Storage Protocol Driver for MMC; C:\Windows\system32\drivers\sffp_mmc.sys [2006-11-02 12800]
S3 sffp_sd;SFF Storage Protocol Driver for SDBus; C:\Windows\system32\drivers\sffp_sd.sys [2006-11-02 12800]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2006-11-02 53352]
S3 Tcpip6;Pilote de protocole IPv6 Microsoft; C:\Windows\system32\DRIVERS\tcpip.sys [2010-02-18 904576]
S3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2006-11-02 41064]
S3 tssecsrv;Terminal Services Security Filter Driver; C:\Windows\System32\DRIVERS\tssecsrv.sys [2008-01-19 23552]
S3 uagp35;Microsoft AGPv3.5 Filter; C:\Windows\system32\drivers\uagp35.sys [2006-11-02 56936]
S3 uliagpkx;Uli AGP Bus Filter; C:\Windows\system32\drivers\uliagpkx.sys [2006-11-02 58472]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2009-12-30 7936]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2008-10-01 32000]
S3 usbbus;LGE Mobile Composite USB Device; C:\Windows\system32\DRIVERS\lgusbbus.sys []
S3 UsbDiag;LGE Mobile USB Serial Port; C:\Windows\system32\DRIVERS\lgusbdiag.sys []
S3 USBModem;LGE Mobile USB Modem; C:\Windows\system32\DRIVERS\lgusbmodem.sys []
S3 usbser;USB Modem Driver; C:\Windows\system32\DRIVERS\usbser.sys [2009-04-10 27648]
S3 USBSTOR;Pilote de stockage de masse USB; C:\Windows\system32\DRIVERS\USBSTOR.SYS [2009-04-10 65536]
S3 vga;vga; C:\Windows\system32\DRIVERS\vgapnp.sys [2006-11-02 26112]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2006-11-02 54376]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-19 39936]
S4 adp94xx;adp94xx; C:\Windows\system32\drivers\adp94xx.sys [2006-11-02 420968]
S4 adpahci;adpahci; C:\Windows\system32\drivers\adpahci.sys [2006-11-02 297576]
S4 adpu320;adpu320; C:\Windows\system32\drivers\adpu320.sys [2006-11-02 147048]
S4 amdide;amdide; C:\Windows\system32\drivers\amdide.sys [2006-11-02 15464]
S4 AmdK7;AMD K7 Processor Driver; C:\Windows\system32\drivers\amdk7.sys [2006-11-02 38912]
S4 arc;arc; C:\Windows\system32\drivers\arc.sys [2006-11-02 67688]
S4 arcsas;arcsas; C:\Windows\system32\drivers\arcsas.sys [2006-11-02 67688]
S4 blbdrive;blbdrive; C:\Windows\system32\drivers\blbdrive.sys []
S4 Brserid;Brother MFC Serial Port Interface Driver (WDM); C:\Windows\system32\drivers\brserid.sys [2006-11-02 71808]
S4 BrSerWdm;Brother WDM Serial driver; C:\Windows\system32\drivers\brserwdm.sys [2006-11-02 62336]
S4 BrUsbMdm;Brother MFC USB Fax Only Modem; C:\Windows\system32\drivers\brusbmdm.sys [2006-11-02 12160]
S4 BTHMODEM;Bluetooth Serial Communications Driver; C:\Windows\system32\drivers\bthmodem.sys [2006-11-02 39936]
S4 circlass;Consumer IR Devices; C:\Windows\system32\drivers\circlass.sys [2006-11-02 35328]
S4 Crusoe;Transmeta Crusoe Processor Driver; C:\Windows\system32\drivers\crusoe.sys [2006-11-02 38912]
S4 elxstor;elxstor; C:\Windows\system32\drivers\elxstor.sys [2006-11-02 316520]
S4 HidBth;Microsoft Bluetooth HID Miniport; C:\Windows\system32\drivers\hidbth.sys [2006-11-02 29184]
S4 HidIr;Microsoft Infrared HID Driver; C:\Windows\system32\drivers\hidir.sys [2006-11-02 21504]
S4 HidUsb;Microsoft HID Class Driver; C:\Windows\system32\drivers\hidusb.sys [2006-11-02 12288]
S4 HpCISSs;HpCISSs; C:\Windows\system32\drivers\hpcisss.sys [2006-11-02 37480]
S4 iaStorV;Intel RAID Controller Vista; C:\Windows\system32\drivers\iastorv.sys [2006-11-02 232040]
S4 iirsp;iirsp; C:\Windows\system32\drivers\iirsp.sys [2006-11-02 41576]
S4 intelide;intelide; C:\Windows\system32\drivers\intelide.sys [2006-11-02 14952]
S4 intelppm;Intel Processor Driver; C:\Windows\system32\DRIVERS\intelppm.sys [2006-11-02 39424]
S4 IPMIDRV;IPMIDRV; C:\Windows\system32\drivers\ipmidrv.sys [2006-11-02 65536]
S4 isapnp;PnP ISA/EISA Bus Driver; C:\Windows\system32\drivers\isapnp.sys [2006-11-02 47208]
S4 iteatapi;ITEATAPI_Service_Install; C:\Windows\system32\drivers\iteatapi.sys [2006-11-02 35944]
S4 iteraid;ITERAID_Service_Install; C:\Windows\system32\drivers\iteraid.sys [2006-11-02 35944]
S4 kbdhid;Keyboard HID Driver; C:\Windows\system32\drivers\kbdhid.sys [2006-11-02 15872]
S4 LSI_FC;LSI_FC; C:\Windows\system32\drivers\lsi_fc.sys [2006-11-02 65640]
S4 LSI_SAS;LSI_SAS; C:\Windows\system32\drivers\lsi_sas.sys [2006-11-02 65640]
S4 LSI_SCSI;LSI_SCSI; C:\Windows\system32\drivers\lsi_scsi.sys [2006-11-02 65640]
S4 megasas;megasas; C:\Windows\system32\drivers\megasas.sys [2006-11-02 28776]
S4 mouhid;Mouse HID Driver; C:\Windows\system32\drivers\mouhid.sys [2006-11-02 15872]
S4 mpio;Microsoft Multi-Path Bus Driver; C:\Windows\system32\drivers\mpio.sys [2006-11-02 78952]
S4 msahci;msahci; C:\Windows\system32\drivers\msahci.sys [2006-11-02 23144]
S4 msdsm;Microsoft Multi-Path Device Specific Module; C:\Windows\system32\drivers\msdsm.sys [2006-11-02 80488]
S4 nfrd960;nfrd960; C:\Windows\system32\drivers\nfrd960.sys [2006-11-02 45160]
S4 ntrigdigi;N-trig HID Tablet Driver; C:\Windows\system32\drivers\ntrigdigi.sys [2006-11-02 20608]
S4 nvraid;nvraid; C:\Windows\system32\drivers\nvraid.sys [2006-11-02 88680]
S4 nvstor;nvstor; C:\Windows\system32\drivers\nvstor.sys [2006-11-02 40040]
S4 ohci1394;RICOH OHCI Compliant IEEE 1394 Host Controller; C:\Windows\system32\DRIVERS\ohci1394.sys [2006-11-02 62080]
S4 ql2300;QLogic Fibre Channel Miniport Driver; C:\Windows\system32\drivers\ql2300.sys [2006-11-02 900712]
S4 ql40xx;QLogic iSCSI Miniport Driver; C:\Windows\system32\drivers\ql40xx.sys [2006-11-02 106088]
S4 sbp2port;SBP-2 Transport/Protocol Bus Driver; C:\Windows\system32\drivers\sbp2port.sys [2006-11-02 76392]
S4 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2006-11-02 82432]
S4 sermouse;Serial Mouse Driver; C:\Windows\system32\drivers\sermouse.sys [2008-01-19 19968]
S4 sffdisk;SFF Storage Class Driver; C:\Windows\system32\drivers\sffdisk.sys [2006-11-02 13312]
S4 SiSRaid2;SiSRaid2; C:\Windows\system32\drivers\sisraid2.sys [2006-11-02 38504]
S4 SiSRaid4;SiSRaid4; C:\Windows\system32\drivers\sisraid4.sys [2006-11-02 71784]
S4 uliahci;uliahci; C:\Windows\system32\drivers\uliahci.sys [2006-11-02 235112]
S4 UlSata;UlSata; C:\Windows\system32\drivers\ulsata.sys [2006-11-02 98408]
S4 ulsata2;ulsata2; C:\Windows\system32\drivers\ulsata2.sys [2006-11-02 115816]
S4 usbccgp;Microsoft USB Generic Parent Driver; C:\Windows\system32\drivers\usbccgp.sys [2006-11-02 73216]
S4 usbcir;eHome Infrared Receiver (USBCIR); C:\Windows\system32\drivers\usbcir.sys [2006-11-02 68608]
S4 usbprint;Microsoft USB PRINTER Class; C:\Windows\system32\drivers\usbprint.sys [2006-11-02 18944]
S4 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\Windows\system32\DRIVERS\usbuhci.sys [2006-11-02 22528]
S4 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2006-11-02 39424]
S4 vsmraid;vsmraid; C:\Windows\system32\drivers\vsmraid.sys [2006-11-02 112232]
S4 WacomPen;Wacom Serial Pen HID Driver; C:\Windows\system32\drivers\wacompen.sys [2006-11-02 20608]
S4 Wd;Microsoft Watchdog Timer Driver; C:\Windows\system32\drivers\wd.sys [2006-11-02 19560]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]
S4 ws2ifsl;Winsock IFS driver; C:\Windows\system32\drivers\ws2ifsl.sys [2008-01-19 15872]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AeLookupSvc;@%SystemRoot%\system32\aelupsvc.dll,-1; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-04-16 144672]
R2 ASLDRService;ASLDR Service; C:\Program Files\ATK Hotkey\ASLDRSrv.exe [2007-02-06 94208]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
R2 AudioEndpointBuilder;@%SystemRoot%\system32\audiosrv.dll,-204; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 AVP;Kaspersky Internet Security; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [2009-10-20 340456]
R2 BFE;@%SystemRoot%\system32\bfe.dll,-1001; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 DPS;@%systemroot%\system32\dps.dll,-500; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 EMDMgmt;@%SystemRoot%\system32\emdmgmt.dll,-1000; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 FDResPub;@%systemroot%\system32\fdrespub.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 FTRTSVC;France Telecom Routing Table Service; C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe [2007-09-25 65536]
R2 gpsvc;@gpapi.dll,-112; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 IKEEXT;@%SystemRoot%\system32\ikeext.dll,-501; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 iphlpsvc;@%SystemRoot%\system32\iphlpsvc.dll,-200; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 KtmRm;@comres.dll,-2946; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 MMCSS;@%systemroot%\system32\mmcss.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 MpsSvc;@%SystemRoot%\system32\FirewallAPI.dll,-23090; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-07-20 935208]
R2 netprofm;@%SystemRoot%\system32\netprof.dll,-246; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 NlaSvc;@%SystemRoot%\System32\nlasvc.dll,-1; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 nsi;@%SystemRoot%\system32\nsisvc.dll,-200; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 PcaSvc;@%SystemRoot%\system32\pcasvc.dll,-1; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 ProfSvc;@%systemroot%\system32\profsvc.dll,-300; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 slsvc;@%SystemRoot%\system32\SLsvc.exe,-101; C:\Windows\system32\SLsvc.exe [2009-04-10 3408896]
R2 StkSSrv;Syntek AVStream USB2.0 WebCam Service; C:\Windows\System32\StkCSrv.exe [2007-04-19 24576]
R2 SysMain;@%SystemRoot%\system32\sysmain.dll,-1000; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 TabletInputService;@%SystemRoot%\system32\TabSvc.dll,-100; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 UxSms;@%SystemRoot%\system32\dwm.exe,-2000; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 WerSvc;@%SystemRoot%\System32\wersvc.dll,-100; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 Wlansvc;@%SystemRoot%\System32\wlansvc.dll,-257; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 WPDBusEnum;@%SystemRoot%\system32\wpdbusenum.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 wudfsvc;@%SystemRoot%\system32\wudfsvc.dll,-1000; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R3 Appinfo;@%systemroot%\system32\appinfo.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R3 fdPHost;@%systemroot%\system32\fdPHost.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R3 KeyIso;@keyiso.dll,-100; C:\Windows\system32\lsass.exe [2009-06-15 9728]
R3 SstpSvc;@%SystemRoot%\system32\sstpsvc.dll,-200; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R3 TrustedInstaller;@%SystemRoot%\servicing\TrustedInstaller.exe,-100; C:\Windows\servicing\TrustedInstaller.exe [2009-04-10 39424]
R3 WdiSystemHost;@%systemroot%\system32\wdi.dll,-500; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R3 WinHttpAutoProxySvc;@%SystemRoot%\system32\winhttp.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S2 ehstart;@%SystemRoot%\ehome\ehstart.dll,-101; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S2 TBS;@%SystemRoot%\system32\tbssvc.dll,-100; C:\Windows\System32\svchost.exe [2008-01-19 21504]
S3 CertPropSvc;@%SystemRoot%\System32\certprop.dll,-11; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S3 clr_optimization_v2.0.50727_32;Microsoft .NET Framework NGEN v2.0.50727_X86; C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2009-03-29 66368]
S3 DFSR;@dfsrres.dll,-101; C:\Windows\system32\DFSR.exe [2009-04-10 2092544]
S3 ehRecvr;@%SystemRoot%\ehome\ehrecvr.exe,-101; C:\Windows\ehome\ehRecvr.exe [2008-01-19 292352]
S3 ehSched;@%SystemRoot%\ehome\ehsched.exe,-101; C:\Windows\ehome\ehsched.exe [2006-11-02 131072]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2009-02-18 43904]
S3 getPlusHelper;@C:\Program Files\NOS\bin\getPlus_Helper.dll,-101; C:\Windows\System32\svchost.exe [2008-01-19 21504]
S3 idsvc;@%systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8193; C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2009-02-18 879448]
S3 IPBusEnum;@%systemroot%\system32\IPBusEnum.dll,-102; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2010-04-28 545576]
S3 lltdsvc;@%SystemRoot%\system32\lltdres.dll,-1; C:\Windows\System32\svchost.exe [2008-01-19 21504]
S3 MSiSCSI;@%SystemRoot%\system32\iscsidsc.dll,-5000; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S3 p2pimsvc;@%SystemRoot%\system32\p2psvc.dll,-8004; C:\Windows\System32\svchost.exe [2008-01-19 21504]
S3 p2psvc;@%SystemRoot%\system32\p2psvc.dll,-8006; C:\Windows\System32\svchost.exe [2008-01-19 21504]
S3 pla;@%systemroot%\system32\pla.dll,-500; C:\Windows\System32\svchost.exe [2008-01-19 21504]
S3 PNRPAutoReg;@%SystemRoot%\system32\p2psvc.dll,-8002; C:\Windows\System32\svchost.exe [2008-01-19 21504]
S3 PNRPsvc;@%SystemRoot%\system32\p2psvc.dll,-8000; C:\Windows\System32\svchost.exe [2008-01-19 21504]
S3 QWAVE;@%SystemRoot%\system32\qwave.dll,-1; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S3 SCPolicySvc;@%SystemRoot%\System32\certprop.dll,-13; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S3 SDRSVC;@%SystemRoot%\system32\sdrsvc.dll,-107; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-01-26 652800]
S3 SessionEnv;@%SystemRoot%\System32\SessEnv.dll,-1026; C:\Windows\System32\svchost.exe [2008-01-19 21504]
S3 SLUINotify;@%SystemRoot%\system32\SLUINotify.dll,-103; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S3 SNMPTRAP;@%SystemRoot%\system32\snmptrap.exe,-3; C:\Windows\System32\snmptrap.exe [2006-11-02 12800]
S3 THREADORDER;@%systemroot%\system32\mmcss.dll,-102; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S3 UI0Detect;@%SystemRoot%\system32\ui0detect.exe,-101; C:\Windows\system32\UI0Detect.exe [2008-01-19 35840]
S3 vds;@%SystemRoot%\system32\vds.exe,-100; C:\Windows\System32\vds.exe [2009-04-10 385536]
S3 wcncsvc;@%SystemRoot%\system32\wcncsvc.dll,-3; C:\Windows\System32\svchost.exe [2008-01-19 21504]
S3 WcsPlugInService;@%SystemRoot%\system32\WcsPlugInService.dll,-200; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S3 WdiServiceHost;@%systemroot%\system32\wdi.dll,-502; C:\Windows\System32\svchost.exe [2008-01-19 21504]
S3 Wecsvc;@%SystemRoot%\system32\wecsvc.dll,-200; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S3 wercplsupport;@%SystemRoot%\System32\wercplsupport.dll,-101; C:\Windows\System32\svchost.exe [2008-01-19 21504]
S3 WinDefend;Windows Defender; C:\Windows\System32\svchost.exe [2008-01-19 21504]
S3 WinRM;@%Systemroot%\system32\wsmsvc.dll,-101; C:\Windows\System32\svchost.exe [2008-01-19 21504]
S3 WMPNetworkSvc;@%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101; C:\Program Files\Windows Media Player\wmpnetwk.exe [2008-01-19 896512]
S3 WPCSvc;@%SystemRoot%\system32\wpcsvc.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S4 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-06-28 79136]
S4 Mcx2Svc;@%SystemRoot%\ehome\ehres.dll,-15501; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S4 NetTcpPortSharing;@%systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8201; C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2009-02-18 129880]
S4 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe []
S4 spmgr;spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [2007-08-03 125496]
S4 WSearch;Windows Search; C:\Windows\system32\SearchIndexer.exe [2009-04-10 441344]

-----------------EOF-----------------
SkyTech

Re: analise lente et pc ki ventile

par SkyTech »

Salut,
elsass a écrit :par contre IE8 obligé ? je préfere firefox....
Tu n'es pas obligé de l'utiliser, installe-le ça fera toujours un logiciel de moins de vulnérable.

Relance HijackThis (clic droit dessus, Exécuter en tant qu'administrateur), coche ces lignes et clic sur Fix checked.
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE RÉSEAU')
Si pas l'utilité de la Windows Sidebar, fix aussi :
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
---

Menu démarrer, exécuter, tape services.msc, entrée

Dans la fenêtre qui s'ouvre cherche :

Apple Mobile Device
France Telecom Routing Table Service
Nero BackItUp Scheduler 4.0
ServiceLayer
Syntek AVStream USB2.0 WebCam Service


Double clique dessus, dans type de démarrage mets manuel.

Redémarre,

Télécharge OTM (de OldTimer). Sauvegarde-le sur ton Bureau.
Copie (Ctrl+C) le texte se situant dans le cadre ci-dessous :
:services
FTRTSVC

:files
C:\Program Files\Orange
C:\PROGRA~1\FICHIE~1\France Telecom
C:\Program Files\Wanadoo
C:\PROGRA~1\MESSAG~1
C:\Program Files\OrangeHSS

:commands
[purity]
[emptytemp]
Clique droit sur OTM.exe, Exécuter en tant qu'admininistrateur afin de le lancer.
Colle (ou Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
Clique maintenant sur le bouton MoveIt! puis ferme OTM.

Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.

Poste le rapport situé dans ce dossier : C:\_OTM\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log

Redémarre et poste un nouveau rapport HijackThis.
elsass

Re: analise lente et pc ki ventile

par elsass »

voila le rapport

All processes killed
========== SERVICES/DRIVERS ==========
Service FTRTSVC stopped successfully!
Service FTRTSVC deleted successfully!
========== FILES ==========
C:\Program Files\Orange\Uninstall\KillSuite folder moved successfully.
C:\Program Files\Orange\Uninstall\FTRTSVC folder moved successfully.
C:\Program Files\Orange\Uninstall\FTCOMModule folder moved successfully.
C:\Program Files\Orange\Uninstall folder moved successfully.
C:\Program Files\Orange folder moved successfully.
File/Folder C:\PROGRA~1\FICHIE~1\France Telecom not found.
File/Folder C:\Program Files\Wanadoo not found.
File/Folder C:\PROGRA~1\MESSAG~1 not found.
File/Folder C:\Program Files\OrangeHSS not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User

User: Invité
->Temp folder emptied: 57903 bytes
->Temporary Internet Files folder emptied: 46288095 bytes
->Flash cache emptied: 480 bytes

User: mikael
->Temp folder emptied: 26103239 bytes
->Temporary Internet Files folder emptied: 896764 bytes
->Java cache emptied: 5206882 bytes
->FireFox cache emptied: 61581730 bytes
->Google Chrome cache emptied: 52914287 bytes
->Opera cache emptied: 130481044 bytes
->Flash cache emptied: 5504 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 59149 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 136881 bytes
%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 743 bytes
RecycleBin emptied: 2706647560 bytes

Total Files Cleaned = 2 890,00 mb


OTM by OldTimer - Version 3.1.12.2 log created on 06172010_010722

Files moved on Reboot...

Registry entries deleted on Reboot...

Revenir à « Accélérer Windows et problème de lenteur PC »