Virus !!! Résolu/Fermé

Question

Bonjour,

Mon PC étant sûrement infecté,des drivers ont été désinstallés donc j'ai effectué ces 2 actions : 

-J'ai mis le CD D'installation de drivers de ma carte graphique ATI Radeon 4890 pour les réinstaller,j'ai redémarré comme demandé,mais toujours pas de drivers. 

-J'ai été sur "touslesdrivers.com" pour lancer une détection des drivers manquants,j'ai réinstallé les drivers manquants,parfois c'étit "installation réussie" et parfois ça me disait qu'il y avait une erreur. 
Je refais une détection et je constate que les drivers manquent toujours même ceux qui disent "installation réussie" ! 

Mon PC s'éteint aussi sans raison et j'ai déjà eu un écran bleu s'affichant sur mon écran.

Pourriez-vous m'aider s'il vous plaît ?

dédétraqué · Answer

Salut cedric18om


On va vérifier cela, télécharge RSIT (de random/random) sur le bureau ici :
http://images.malwareremoval.com/random/RSIT.exe

- Double clique sur RSIT.exe qui est sur le bureau
(Sous Vista/7, il faut cliquer droit sur RSIT.exe et choisir Exécuter en tant qu'administrateur)

- Clique sur Continue dans la fenêtre
- RSIT téléchargera HijackThis si il n’est pas présent où détecté, alors il faudra accepter la licence
- Poste le contenue des deux rapports, log.txt et info.txt(réduit dans la barre des tâches) à la fin de l’analyse

Les rapports sont dans le dossier ici C:\rsit


@++ :)

cedric18om · Answer

Logfile of random's system information tool 1.06 (written by random/random)
Run by Castor Troy at 2010-02-13 20:19:24
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 253 GB (83%) free of 305 GB
Total RAM: 2558 MB (52% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:19:36, on 13/02/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\OrangeHSS\Launcher\Launcher.exe
C:\Program Files\Hercules\DualPix Exchange\Camservice.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\svchost.exe
C:\Documents and Settings\Castor Troy\Application Data\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\CheckPoint\ZAForceField\ISWMGR.exe
C:\Program Files\CheckPoint\ZAForceField\ISWMGR.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\OrangeHSS\systray\systrayapp.exe
C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Skype\Toolbars\Shared\SkypeNames.exe
C:\Program Files\Skype\Toolbars\Shared\SkypeNames.exe
C:\Documents and Settings\Castor Troy\Bureau\RSIT.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files	rend micro\Castor Troy.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.orange.fr/portail?kw=
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://y.lo.st
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/toolbar/ie8/sidebar.html
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: ForceField Toolbar Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: ForceField Toolbar - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [GEST] m’|\ü
O4 - HKLM\..\Run: [CamserviceDP] C:\Program Files\Hercules\DualPix Exchange\Camservice.exe /startup
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation
View
wiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [SoftwareHelper] C:\Documents and Settings\Castor Troy\Application Data\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe
O4 - HKLM\..\Run: [ISW] "C:\Program Files\CheckPoint\ZAForceField\ForceField.exe" /start_mode="auto"
O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\RunOnce: [Config] %systemroot%\system32un.cmd (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32	scupgrd.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\RunOnce: [Config] %systemroot%\system32un.cmd (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [Config] %systemroot%\system32un.cmd (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [Config] %systemroot%\system32un.cmd (User 'Default user')
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://*.mappy.com
O15 - Trusted Zone: http://*.orange.fr
O15 - Trusted Zone: http://rw.search.ke.voila.fr
O15 - Trusted Zone: http://orange.weborama.fr
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (Ma-Config control) - http://fichiers.touslesdrivers.com/maconfig/MaConfig_4_0_2_0.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: ES lite Service for program management. (ES lite Service) - Unknown owner - C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: ForceField IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32
vsvc32.exe

cedric18om · Answer

info.txt logfile of random's system information tool 1.06 2010-02-13 20:08:42

======Uninstall list======

-->MsiExec /X{A5B5A16D-277A-476B-8F62-1029A2F23072}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe AIR-->c:\Program Files\Fichiers communs\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Age of Empires III-->C:\Program Files\InstallShield Installation Information\{70F8B183-99EB-4304-BA35-080E2DFFD2A3}\install.exe -runfromtemp -l0x040c
AGEIA PhysX v8.01.18-->MsiExec.exe /X{A5B5A16D-277A-476B-8F62-1029A2F23072}
Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
ATI - Utilitaire de désinstallation du logiciel-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI AVIVO Codecs-->MsiExec.exe /I{27CFE881-A92F-B029-CB34-5B56C520C3BA}
ATI AVIVO Codecs-->MsiExec.exe /I{79AE776D-FA42-4040-B5F3-F317500D0FCD}
ATI Catalyst Control Center-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe" -l0x0 
ATI Catalyst Registration-->MsiExec.exe /X{72736F5F-520D-472A-88CC-7B02872FD34E}
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
ATI Problem Report Wizard-->MsiExec.exe /X{0E057625-6C35-FB95-B957-1548AFD17D21}
ATI Problem Report Wizard-->MsiExec.exe /X{5DA6F06A-B389-407B-BF8C-1548767914D8}
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE
Battlestations: Pacific-->MsiExec.exe /I{BBAB6D5D-1DD4-4D46-B5D9-121DCAB17DEC}
Browser Configuration Utility-->"C:\Program Files\InstallShield Installation Information\{E8AEA11B-E60A-455E-B008-E4E763604612}\setup.exe" -runfromtemp -l0x0009 -removeonly
Catalyst Control Center - Branding-->MsiExec.exe /I{8D7133DE-27D2-47E5-B248-4180278D32AA}
Catalyst Control Center - Branding-->MsiExec.exe /I{D9D93D74-107D-4BD3-87D0-AABCF7C98BD5}
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB976098-v2)-->"C:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe"
EA Download Manager UI-->msiexec /qb /x {C4FFCD8D-3A06-E243-2747-2CE771A8B7D4}
EA Download Manager UI-->MsiExec.exe /I{C4FFCD8D-3A06-E243-2747-2CE771A8B7D4}
EA Download Manager-->C:\Program Files\Electronic Arts\EADM\EADMUninstall.exe
EasySaver B8.0729.1 -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{07300F01-89CA-4CF8-92BD-2A605EB83C95}\setup.exe" -l0x9  -removeonly
EVEREST Home Edition v2.20-->"C:\Program Files\Lavalys\EVEREST Home Edition\unins000.exe"
Galerie de photos Windows Live-->MsiExec.exe /X{B131E59D-202C-43C6-84C9-68F0C37541F1}
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_0E996B068B56FCA2.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
Hercules DualPix Exchange Webcam-->C:\Program Files\InstallShield Installation Information\{04BEFF7A-DF5D-4E49-AB46-BA3D3BE49FCB}\setup.exe -runfromtemp -l0x040c -removeonly
High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
HijackThis 2.0.2-->"C:\Program Files	rend micro\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall  /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
HydraVision-->MsiExec.exe /X{512AB381-48CF-AF3E-185A-580812E4C1F1}
HydraVision-->MsiExec.exe /X{FCCDE84B-0154-459E-A8F2-C6B3FA5C1881}
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
Java(TM) 6 Update 17-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216017FF}
Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}
Les Sims™ 3-->"C:\Program Files\InstallShield Installation Information\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}\setup.exe" -runfromtemp -l0x040c -removeonly
Ma-Config.com-->MsiExec.exe /X{B9706D6B-754E-4D81-8EE9-393008D57EDB}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Games for Windows - LIVE -->MsiExec.exe /X{4D243BA7-9AC4-46D1-90E5-EEB88974F501}
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{05B49229-22A2-4F88-842A-BBC2EBE1CCF6}
Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft WSE 3.0 Runtime-->MsiExec.exe /X{E3E71D07-CD27-46CB-8448-16D4FB29AA13}
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9L$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB974455)-->"C:\WINDOWS\ie8updates\KB974455-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB976325)-->"C:\WINDOWS\ie8updates\KB976325-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB978207)-->"C:\WINDOWS\ie8updates\KB978207-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961371-v2)-->"C:\WINDOWS\$NtUninstallKB961371-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971468)-->"C:\WINDOWS\$NtUninstallKB971468$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB975560)-->"C:\WINDOWS\$NtUninstallKB975560$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB975713)-->"C:\WINDOWS\$NtUninstallKB975713$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB977165)-->"C:\WINDOWS\$NtUninstallKB977165$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB977914)-->"C:\WINDOWS\$NtUninstallKB977914$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB978037)-->"C:\WINDOWS\$NtUninstallKB978037$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB978251)-->"C:\WINDOWS\$NtUninstallKB978251$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB978262)-->"C:\WINDOWS\$NtUninstallKB978262$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB978706)-->"C:\WINDOWS\$NtUninstallKB978706$\spuninst\spuninst.exe"
Mise à jour pour Windows Internet Explorer 8 (KB975364)-->"C:\WINDOWS\ie8updates\KB975364-IE8\spuninst\spuninst.exe"
Mise à jour pour Windows Internet Explorer 8 (KB976749)-->"C:\WINDOWS\ie8updates\KB976749-IE8\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB961503)-->"C:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
NVIDIA Drivers-->C:\Program Files\NVIDIA Corporation\Uninstall
vuninst.exe UninstallGUI
NVIDIA nView Desktop Manager-->C:\Program Files\NVIDIA Corporation
View
ViewSetup.exe -uninstall
Orange - Logiciels Internet-->C:\Program Files\OrangeHSS\installation\core\Installgui.exe -u
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Prototype-->"C:\Program Files\Prototype\Uninstall\unins000.exe"
REALTEK GbE & FE Ethernet PCI-E NIC Driver-->C:\Program Files\InstallShield Installation Information\{C9BED750-1211-4480-B1A5-718A3BE15525}\SETUP.EXE -runfromtemp -l0x040c -removeonly
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\SETUP.EXE" -l0x40c  -removeonly
Scarface: The World is Yours-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\1150\INTEL3~1\IDriver.exe /M{27D7F575-4AA0-4C12-AA68-128E1C8979F7} /l1036 
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Skype web features-->MsiExec.exe /I{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}
Skype™ 4.1-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
SoftwareUpdate 1.0-->"C:\Documents and Settings\Castor Troy\Application Data\eoRezo\SoftwareUpdate\unins000.exe"
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Turok-->C:\Program Files\InstallShield Installation Information\{1BC3AF44-D80E-4744-A8E1-9BC540424AC9}\setup.exe -runfromtemp -l0x040cTurok -removeonly
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Contrôle parental-->MsiExec.exe /X{D5D81435-B8DE-4CAF-867F-7998F2B92CFC}
Windows Live FolderShare-->MsiExec.exe /X{2075CB0A-D26F-4DAA-B424-5079296B43BA}
Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818}
Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353}
Windows Live Writer-->MsiExec.exe /X{4634B21A-CC07-4396-890C-2B8168661FEA}
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
Xtra Controller Pro-->C:\Program Files\InstallShield Installation Information\{B7224BE2-C180-4526-B3B2-49DF87ACF22D}\setup.exe -runfromtemp -l0x040c -removeonly
ZoneAlarm ForceField-->C:\Program Files\CheckPoint\ZAForceField\Uninstall.exe

======Hosts File======

127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com

======Security center information======

AV: AntiVir Desktop

======System event log======

Computer Name: XPSP2-1CE4900E0
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Compatibilité avec le Changement rapide d'utilisateur.

Record Number: 3012
Source Name: Service Control Manager
Time Written: 20091221220503.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: XPSP2-1CE4900E0
Event Code: 7036
Message: Le service Services Terminal Server est entré dans l'état : en cours d'exécution.

Record Number: 3011
Source Name: Service Control Manager
Time Written: 20091221220503.000000+060
Event Type: Informations
User: 

Computer Name: XPSP2-1CE4900E0
Event Code: 6005
Message: Le service d'Enregistrement d'événement a démarré.

Record Number: 3010
Source Name: EventLog
Time Written: 20091221220441.000000+060
Event Type: Informations
User: 

Computer Name: XPSP2-1CE4900E0
Event Code: 6009
Message: Microsoft (R) Windows (R) 5.01. 2600 Service Pack 3 Multiprocessor Free.

Record Number: 3009
Source Name: EventLog
Time Written: 20091221220441.000000+060
Event Type: Informations
User: 

Computer Name: XPSP2-1CE4900E0
Event Code: 11
Message: Le pilote a détecté une erreur du contrôleur sur \Device\Harddisk0\D.

Record Number: 3008
Source Name: Disk
Time Written: 20091221215649.000000+060
Event Type: erreur
User: 

=====Application event log=====

Computer Name: XPSP2-1CE4900E0
Event Code: 4099
Message: Échec de l'ouverture de services.

Record Number: 5
Source Name: WmiAdapter
Time Written: 20091226151838.000000+060
Event Type: erreur
User: BUILTIN\Administrateurs

Computer Name: XPSP2-1CE4900E0
Event Code: 4096
Message: Le service AntiVir a bien démarré!

Record Number: 4
Source Name: Avira AntiVir
Time Written: 20091226151827.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: XPSP2-1CE4900E0
Event Code: 1800
Message: Le service Centre de sécurité Windows a démarré.

Record Number: 3
Source Name: SecurityCenter
Time Written: 20091226151825.000000+060
Event Type: Informations
User: 

Computer Name: XPSP2-1CE4900E0
Event Code: 0
Message: Service started

Record Number: 2
Source Name: SeaPort
Time Written: 20091226151823.000000+060
Event Type: Informations
User: 

Computer Name: XPSP2-1CE4900E0
Event Code: 105
Message: The service was started.

Record Number: 1
Source Name: ATI Smart
Time Written: 20091226151818.000000+060
Event Type: Informations
User: 

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 6 Stepping 4, GenuineIntel
"PROCESSOR_REVISION"=0604
"NUMBER_OF_PROCESSORS"=2
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH

-----------------EOF-----------------

cedric18om · Answer

Et merci de ton attention dédétraqué !!! ^^

dédétraqué · Answer

Salut  cedric18om


[*]Télécharge AD-Remover (de Cyrildu17 / C_XX) sur ton Bureau.
http://pagesperso-orange.fr/NosTools/C_XX/AD-R.exe

Déconnecte-toi et ferme toutes applications en cours

[*]Double-clique sur le programme d'installation, installe-le dans son emplacement par défaut (C:\Program files).
[*]Double-clique sur l'icône AD-Remover située sur ton Bureau
[*]Au menu principal, choisis l'option L.
[*]Poste le rapport qui apparaît à la fin.

(Le rapport est sauvegardé aussi sous C:\Ad-report(date).log)

(CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)

Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus comme une infection, ne pas en tenir compte, il s'agit d'un faux positif, continue la procédure

Aide : https://kerio.probb.fr/t3786-tuto-ad-remover


@++  :)

cedric18om · Answer

.
======= RAPPORT D'AD-REMOVER 1.1.4.6_J | UNIQUEMENT XP/VISTA/7 =======
.
Mis à jour par C_XX le 05.02.2010 à 17:34
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Lancé à: 21:40:09, 13/02/2010 | Mode Normal | Option: CLEAN
Exécuté de: C:\Ad-Remover\
Système d'exploitation: Microsoft® Windows XP™  Service Pack 3 v5.1.2600
Nom du PC: XPSP2-1CE4900E0 | Utilisateur actuel: Castor Troy
.
============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
.

C:\Program Files\EoRezo 
C:\DOCUME~1\CASTOR~1\APPLIC~1\eoRezo 
C:\DOCUME~1\CASTOR~1\LOCALS~1\Temp\is-IH87C.tmp\EoRezo 

(!) -- Fichiers temporaires supprimés.
 
.
.
============== Scan additionnel ==============
.
.
* Mozilla FireFox Version [Impossible d'obtenir la version] *
.
 Nom du profil: rxyflauz.default (Castor Troy)
.
(CASTOR~1, prefs.js) Browser.startup.homepage, hxxp://y.lo.st
(CASTOR~1, prefs.js) Extensions.enabledItems, {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20091209.4,jqs@sun.com:1.0,{20a82645-c095-46ed-80e3-08825760534b}:1.1,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.7
. 
(CASTOR~1, prefs.js) EFFACE - Browser.startup.homepage, hxxp://y.lo.st
. 
.
* Internet Explorer Version 8.0.6001.18702 *
.
[HKEY_CURRENT_USER\..\Internet Explorer\Main]
.
Start Page: hxxp://fr.msn.com/
Do404Search: 01000000
Local Page: C:\WINDOWS\system32\blank.htm
Show_ToolBar: yes
Enable Browser Extensions: yes
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Start Page Redirect Cache: hxxp://fr.msn.com/?ocid=iehp
Start Page Redirect Cache_TIMESTAMP: 7abf2b657a6cca01
Start Page Redirect Cache AcceptLangs: fr
Search Bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Use Custom Search URL: 1 (0x1)
Default_search_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
.
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Delete_Temp_Files_On_Exit: yes
Local Page: C:\WINDOWS\system32\blank.htm
Start Page: hxxp://fr.msn.com/
Search Bar: hxxp://search.msn.com/spbasic.htm
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
.
Tabs: res://ieframe.dll/tabswelcome.htm
.
===================================
.
2460 Octet(s) - C:\Ad-Report-CLEAN[1].log 
.
145 Fichier(s) - C:\DOCUME~1\CASTOR~1\LOCALS~1\Temp 
36 Fichier(s) - C:\WINDOWS\Temp 
0 Fichier(s) - C:\WINDOWS\Prefetch 
.
17 Fichier(s) - C:\Ad-Remover\BACKUP
12 Fichier(s) - C:\Ad-Remover\QUARANTINE
.
Fin à: 21:44:35 | 13/02/2010 - CLEAN[1]
.
============== E.O.F ==============
.

dédétraqué · Answer

Salut cedric18om


-Télécharge et installe MalwareByte's Anti-Malware
http://www.malwarebytes.org/mbam/program/mbam-setup.exe

- Mets le à jour

---

- Redémarre en mode sans échec :

Au redémarrage de ton PC tapote sur la touche F8 ou F5, sur l'écran suivant déplace toi avec les flèches de direction et choisis Mode sans échec. Choisis ta session habituelle et non la session Administrateur

---

- Double clique sur le raccourci de MalwareByte's Anti-Malware qui est sur le bureau.
- Sélectionne Exécuter un examen complet si ce n'est pas déjà fait
- clique sur Rechercher

- Une fois le scan terminé, une fenêtre s'ouvre, clique sur  sur OK

- Si MalwareByte's n'a rien détecté, clique sur OK  Un rapport va apparaître ferme-le.

- Si MalwareByte's a détecté des infections, clique sur Afficher les résultats  ensuite sur Supprimer la sélection

- Enregistre le rapport sur ton Bureau comme cela il sera plus facile à retrouver, poste ensuite ce rapport.

Note : Si MalwareByte's  a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur OK

Tutoriel pour MalwareByte's ici : 
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/


@++   :)

cedric18om · Answer

Malwarebytes' Anti-Malware 1.44
Version de la base de données: 3734
Windows 5.1.2600 Service Pack 3 (Safe Mode)
Internet Explorer 8.0.6001.18702

14/02/2010 00:18:33
mbam-log-2010-02-14 (00-18-33).txt

Type de recherche: Examen complet (C:\|D:\|E:\|)
Eléments examinés: 150385
Temps écoulé: 38 minute(s), 57 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 3
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 3

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\Ad-Remover\QUARANTINE\DOCUME~1\CASTOR~1\APPLIC~1\eoRezo\SOFTWA~1\SoftwareUpdate.exe.vir (Rogue.Eorezo) -> Quarantined and deleted successfully.
C:\Ad-Remover\QUARANTINE\DOCUME~1\CASTOR~1\APPLIC~1\eoRezo\SOFTWA~1\SoftwareUpdateHP.exe.vir (Rogue.Eorezo) -> Quarantined and deleted successfully.
C:\Ad-Remover\QUARANTINE\PROGRA~1\EoRezo\EoRezoBHO.dll.vir (Rogue.Eorezo) -> Quarantined and deleted successfully.

dédétraqué · Answer

Salut cedric18om


Refais un scan avec RSIT et poste le rapport log.txt à la fin de l’analyse

Le rapport est dans le dossier ici C:\rsit


@++   :)

cedric18om · Answer

Logfile of random's system information tool 1.06 (written by random/random)
Run by Castor Troy at 2010-02-14 04:26:05
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 253 GB (83%) free of 305 GB
Total RAM: 2558 MB (61% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 04:26:18, on 14/02/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Hercules\DualPix Exchange\Camservice.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\OrangeHSS\Launcher\Launcher.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\OrangeHSS\systray\systrayapp.exe
C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Skype\Toolbars\Shared\SkypeNames.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Castor Troy\Bureau\RSIT.exe
C:\Program Files	rend micro\Castor Troy.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [GEST] m’|\ü
O4 - HKLM\..\Run: [CamserviceDP] C:\Program Files\Hercules\DualPix Exchange\Camservice.exe /startup
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation
View
wiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://*.mappy.com
O15 - Trusted Zone: http://*.orange.fr
O15 - Trusted Zone: http://rw.search.ke.voila.fr
O15 - Trusted Zone: http://orange.weborama.fr
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (Ma-Config control) - http://fichiers.touslesdrivers.com/maconfig/MaConfig_4_0_2_0.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: ES lite Service for program management. (ES lite Service) - Unknown owner - C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32
vsvc32.exe

dédétraqué · Answer

Salut cedric18om


Télécharge SystemLook sur ton Bureau :
http://jpshortstuff.247fixes.com/SystemLook.exe

- Double-clique sur SystemLook.exe pour le lancer.

- Copie le contenu en gras ci-dessous et colle-le dans la zone texte de SystemLook :

 :regfind
GEST

- Clique sur le bouton Look pour démarrer l'examen.
- A la fin, le Bloc-notes s'ouvre avec le résultat de l'analyse. Copie-colle le rapport dans ta prochaine réponse.


@++   :)

cedric18om · Answer

Merci pour le suivi !!! ^^

SystemLook v1.0 by jpshortstuff (11.01.10)
Log created at 13:48 on 14/02/2010 by Castor Troy (Administrator - Elevation successful)

========== regfind ==========

Searching for "GEST "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\009]
"Counter"="1 1847 2 System 4 Memory 6 % Processor Time 10 File Read Operations/sec 12 File Write Operations/sec 14 File Control Operations/sec 16 File Read Bytes/sec 18 File Write Bytes/sec 20 File Control Bytes/sec 24 Available Bytes 26 Committed Bytes 28 Page Faults/sec 30 Commit Limit 32 Write Copies/sec 34 Transition Faults/sec 36 Cache Faults/sec 38 Demand Zero Faults/sec 40 Pages/sec 42 Page Reads/sec 44 Processor Queue Length 46 Thread State 48 Pages Output/sec 50 Page Writes/sec 52 Browser 54 Announcements Server/sec 56 Pool Paged Bytes 58 Pool Nonpaged Bytes 60 Pool Paged Allocs 64 Pool Nonpaged Allocs 66 Pool Paged Resident Bytes 68 System Code Total Bytes 70 System Code Resident Bytes 72 System Driver Total Bytes 74 System Driver Resident Bytes 76 System Cache Resident Bytes 78 Announcements Domain/sec 80 Election Packets/sec 82 Mailslot Writes/sec 84 Server List Requests/sec 86 Cache 88 Data Maps/sec 90 Sync Data Maps/sec 92 Async Data Maps/sec 94 Data Map Hits % 96 Data Map Pins/sec 98 Pin Reads/sec 100 Sync Pin Reads/sec 102 Async Pin Reads/sec 104 Pin Read Hits % 106 Copy Reads/sec 108 Sync Copy Reads/sec 110 Async Copy Reads/sec 112 Copy Read Hits % 114 MDL Reads/sec 116 Sync MDL Reads/sec 118 Async MDL Reads/sec 120 MDL Read Hits % 122 Read Aheads/sec 124 Fast Reads/sec 126 Sync Fast Reads/sec 128 Async Fast Reads/sec 130 Fast Read Resource Misses/sec 132 Fast Read Not Possibles/sec 134 Lazy Write Flushes/sec 136 Lazy Write Pages/sec 138 Data Flushes/sec 140 Data Flush Pages/sec 142 % User Time 144 % Privileged Time 146 Context Switches/sec 148 Interrupts/sec 150 System Calls/sec 152 Level 1 TLB Fills/sec 154 Level 2 TLB Fills/sec 156 Enumerations Server/sec 158 Enumerations Domain/sec 160 Enumerations Other/sec 162 Missed Server Announcements 164 Missed Mailslot Datagrams 166 Missed Server List Requests 168 Server Announce Allocations Failed/sec 170 Mailslot Allocations Failed 172 Virtual Bytes Peak 174 Virtual Bytes 178 Working Set Peak 180 Working Set 182 Page File Bytes Peak 184 Page File Bytes 186 Private Bytes 188 Announcements Total/sec 190 Enumerations Total/sec 198 Current Disk Queue Length 200 % Disk Time 202 % Disk Read Time 204 % Disk Write Time 206 Avg. Disk sec/Transfer 208 Avg. Disk sec/Read 210 Avg. Disk sec/Write 212 Disk Transfers/sec 214 Disk Reads/sec 216 Disk Writes/sec 218 Disk Bytes/sec 220 Disk Read Bytes/sec 222 Disk Write Bytes/sec 224 Avg. Disk Bytes/Transfer 226 Avg. Disk Bytes/Read 228 Avg. Disk Bytes/Write 230 Process 232 Thread 234 PhysicalDisk 236 LogicalDisk 238 Processor 240 % Total Processor Time 242 % Total User Time 244 % Total Privileged Time 246 Total Interrupts/sec 248 Processes 250 Threads 252 Events 254 Semaphores 256 Mutexes 258 Sections 260 Objects 262 Redirector 264 Bytes Received/sec 266 Packets Received/sec 268 Read Bytes Paging/sec 270 Read Bytes Non-Paging/sec 272 Read Bytes Cache/sec 274 Read Bytes Network/sec 276 Bytes Transmitted/sec 278 Packets Transmitted/sec 280 Write Bytes Paging/sec 282 Write Bytes Non-Paging/sec 284 Write Bytes Cache/sec 286 Write Bytes Network/sec 288 Read Operations/sec 290 Read Operations Random/sec 292 Read Packets/sec 294 Reads Large/sec 296 Read Packets Small/sec 298 Write Operations/sec 300 Write Operations Random/sec 302 Write Packets/sec 304 Writes Large/sec 306 Write Packets Small/sec 308 Reads Denied/sec 310 Writes Denied/sec 312 Network Errors/sec 314 Server Sessions 316 Server Reconnects 318 Connects Core 320 Connects Lan Manager 2.0 322 Connects Lan Manager 2.1 324 Connects Windows NT 326 Server Disconnects 328 Server Sessions Hung 330 Server 336 Thread Wait Reason 340 Sessions Timed Out 342 Sessions Errored Out 344 Sessions Logged Off 346 Sessions Forced Off 348 Errors Logon 350 Errors Access Permissions 352 Errors Granted Access 354 Errors System 356 Blocking Requests Rejected 358 Work Item Shortages 360 Files Opened Total 362 Files Open 366 File Directory Searches 370 Pool Nonpaged Failures 372 Pool Nonpaged Peak 376 Pool Paged Failures 378 Pool Paged Peak 388 Bytes Total/sec 392 Current Commands 398 NWLink NetBIOS 400 Packets/sec 404 Context Blocks Queued/sec 406 File Data Operations/sec 408 % Free Space 410 Free Megabytes 412 Connections Open 414 Connections No Retries 416 Connections With Retries 418 Disconnects Local 420 Disconnects Remote 422 Failures Link 424 Failures Adapter 426 Connection Session Timeouts 428 Connections Canceled 430 Failures Resource Remote 432 Failures Resource Local 434 Failures Not Found 436 Failures No Listen 438 Datagrams/sec 440 Datagram Bytes/sec 442 Datagrams Sent/sec 444 Datagram Bytes Sent/sec 446 Datagrams Received/sec 448 Datagram Bytes Received/sec 452 Packets Sent/sec 456 Frames/sec 458 Frame Bytes/sec 460 Frames Sent/sec 462 Frame Bytes Sent/sec 464 Frames Received/sec 466 Frame Bytes Received/sec 468 Frames Re-Sent/sec 470 Frame Bytes Re-Sent/sec 472 Frames Rejected/sec 474 Frame Bytes Rejected/sec 476 Expirations Response 478 Expirations Ack 480 Window Send Maximum  482 Window Send Average 484 Piggyback Ack Queued/sec 486 Piggyback Ack Timeouts 488 NWLink IPX 490 NWLink SPX 492 NetBEUI 494 NetBEUI Resource 496 Used Maximum 498 Used Average 500 Times Exhausted 502 NBT Connection 506 Bytes Sent/sec 508 Total Bytes/sec 510 Network Interface 512 Bytes/sec 520 Current Bandwidth 524 Packets Received Unicast/sec 526 Packets Received Non-Unicast/sec 528 Packets Received Discarded 530 Packets Received Errors 532 Packets Received Unknown 536 Packets Sent Unicast/sec 538 Packets Sent Non-Unicast/sec 540 Packets Outbound Discarded 542 Packets Outbound Errors 544 Output Queue Length 546 IP 552 Datagrams Received Header Errors 554 Datagrams Received Address Errors 556 Datagrams Forwarded/sec 558 Datagrams Received Unknown Protocol 560 Datagrams Received Discarded 562 Datagrams Received Delivered/sec 566 Datagrams Outbound Discarded 568 Datagrams Outbound No Route 570 Fragments Received/sec 572 Fragments Re-assembled/sec 574 Fragment Re-assembly Failures 576 Fragmented Datagrams/sec 578 Fragmentation Failures 580 Fragments Created/sec 582 ICMP 584 Messages/sec 586 Messages Received/sec 588 Messages Received Errors 590 Received Dest. Unreachable 592 Received Time Exceeded 594 Received Parameter Problem 596 Received Source Quench 598 Received Redirect/sec 600 Received Echo/sec 602 Received Echo Reply/sec 604 Received Timestamp/sec 606 Received Timestamp Reply/sec 608 Received Address Mask 610 Received Address Mask Reply 612 Messages Sent/sec 614 Messages Outbound Errors 616 Sent Destination Unreachable 618 Sent Time Exceeded 620 Sent Parameter Problem 622 Sent Source Quench 624 Sent Redirect/sec 626 Sent Echo/sec 628 Sent Echo Reply/sec 630 Sent Timestamp/sec 632 Sent Timestamp Reply/sec 634 Sent Address Mask 636 Sent Address Mask Reply 638 TCP 640 Segments/sec 642 Connections Established 644 Connections Active 646 Connections Passive 648 Connection Failures 650 Connections Reset 652 Segments Received/sec 654 Segments Sent/sec 656 Segments Retransmitted/sec 658 UDP 660 % Total DPC Time 662 % Total Interrupt Time 664 Datagrams No Port/sec 666 Datagrams Received Errors 670 Disk Storage Unit 672 Allocation Failures 674 System Up Time 676 System Handle Count 678 Free System Page Table Entries 680 Thread Count 682 Priority Base 684 Elapsed Time 686 Alignment Fixups/sec 688 Exception Dispatches/sec 690 Floating Emulations/sec 692 Logon/sec 694 Priority Current 696 % DPC Time 698 % Interrupt Time 700 Paging File 702 % Usage 704 % Usage Peak 706 Start Address 708 User PC 710 Mapped Space No Access 712 Mapped Space Read Only 714 Mapped Space Read/Write 716 Mapped Space Write Copy 718 Mapped Space Executable 720 Mapped Space Exec Read Only 722 Mapped Space Exec Read/Write 724 Mapped Space Exec Write Copy 726 Reserved Space No Access 728 Reserved Space Read Only 730 Reserved Space Read/Write 732 Reserved Space Write Copy 734 Reserved Space Executable 736 Reserved Space Exec Read Only 738 Reserved Space Exec Read/Write 740 Image 742 Reserved Space Exec Write Copy 744 Unassigned Space No Access 746 Unassigned Space Read Only 748 Unassigned Space Read/Write 750 Unassigned Space Write Copy 752 Unassigned Space Executable 754 Unassigned Space Exec Read Only 756 Unassigned Space Exec Read/Write 758 Unassigned Space Exec Write Copy 760 Image Space No Access 762 Image Space Read Only 764 Image Space Read/Write 766 Image Space Write Copy 768 Image Space Executable 770 Image Space Exec Read Only 772 Image Space Exec Read/Write 774 Image Space Exec Write Copy 776 Bytes Image Reserved 778 Bytes Image Free 780 Bytes Reserved 782 Bytes Free 784 ID Process 786 Process Address Space 788 No Access 790 Read Only 792 Read/Write 794 Write Copy 796 Executable 798 Exec Read Only 800 Exec Read/Write 802 Exec Write Copy 804 ID Thread 806 Mailslot Receives Failed 808 Mailslot Writes Failed 810 Mailslot Opens Failed/sec 812 Duplicate Master Announcements 814 Illegal Datagrams/sec 816 Thread Details 818 Cache Bytes 820 Cache Bytes Peak 822 Pages Input/sec 870 RAS Port 872 Bytes Transmitted 874 Bytes Received 876 Frames Transmitted 878 Frames Received. 880 Percent Compression Out 882 Percent Compression In 884 CRC Errors 886 Timeout Errors 888 Serial Overrun Errors 890 Alignment Errors 892 Buffer Overrun Errors 894 Total Errors 896 Bytes Transmitted/Sec 898 Bytes Received/Sec 900 Frames Transmitted/Sec 902 Frames Received/Sec 904 Total Errors/Sec 906 RAS Total 908 Total Connections 920 WINS Server 922 Unique Registrations/sec 924 Group Registrations/sec 926 Total Number of Registrations/sec 928 Unique Renewals/sec 930 Group Renewals/sec 932 Total Number of Renewals/sec 934 Releases/sec 936 Queries/sec 938 Unique Conflicts/sec 940 Group Conflicts/sec 942 Total Number of Conflicts/sec 944 Successful Releases/sec 946 Failed Releases/sec 948 Successful Queries/sec 950 Failed Queries/sec 952 Handle Count 1000 MacFile Server 1002 Max Paged Memory 1004 Current Paged Memory 1006 Max NonPaged Memory 1008 Current NonPaged memory 1010 Current Sessions 1012 Maximum Sessions 1014 Current Files Open 1016 Maximum Files Open 1018 Failed Logons 1020 Data Read/sec 1022 Data Written/sec 1024 Data Received/sec 1026 Data Transmitted/sec 1028 Current Queue Length 1030 Maximum Queue Length 1032 Current Threads 1034 Maximum Threads 1050 AppleTalk 1052 Packets In/sec 1054 Packets Out/sec 1056 Bytes In/sec 1058 Bytes Out/sec 1060 Average Time/DDP Packet 1062 DDP Packets/sec 1064 Average Time/AARP Packet 1066 AARP Packets/sec 1068 Average Time/ATP Packet 1070 ATP Packets/sec 1072 Average Time/NBP Packet 1074 NBP Packets/sec 1076 Average Time/ZIP Packet 1078 ZIP Packets/sec 1080 Average Time/RTMP Packet 1082 RTMP Packets/sec 1084 ATP Retries Local 1086 ATP Response Timouts 1088 ATP XO Response/Sec 1090 ATP ALO Response/Sec 1092 ATP Recvd Release/Sec 1094 Current NonPaged Pool 1096 Packets Routed In/Sec 1098 Packets dropped 1100 ATP Retries Remote 1102 Packets Routed Out/Sec 1110 Network Segment 1112 Total frames received/second 1114 Total bytes received/second 1116 Broadcast frames received/second 1118 Multicast frames received/second 1120 % Network utilization 1124 % Broadcast Frames 1126 % Multicast Frames 1150 Telephony 1152 Lines 1154 Telephone Devices 1156 Active Lines 1158 Active Telephones 1160 Outgoing Calls/sec 1162 Incoming Calls/sec 1164 Client Apps 1166 Current Outgoing Calls 1168 Current Incoming Calls 1228 Gateway Service For NetWare 1230 Client Service For NetWare 1232 Packet Burst Read NCP Count/sec 1234 Packet Burst Read Timeouts/sec 1236 Packet Burst Write NCP Count/sec 1238 Packet Burst Write Timeouts/sec 1240 Packet Burst IO/sec 1242 Connect NetWare 2.x 1244 Connect NetWare 3.x 1246 Connect NetWare 4.x 1260 Logon Total 1300 Server Work Queues 1302 Queue Length 1304 Active Threads 1306 Available Threads 1308 Available Work Items 1310 Borrowed Work Items 1312 Work Item Shortages 1314 Current Clients 1320 Bytes Transferred/sec 1324 Read Bytes/sec 1328 Write Bytes/sec 1332 Total Operations/sec 1334 DPCs Queued/sec 1336 DPC Rate 1342 Total DPCs Queued/sec 1344 Total DPC Rate 1350 % Registry Quota In Use 1360 VL Memory 1362 VLM % Virtual Size In Use 1364 VLM Virtual Size 1366 VLM Virtual Size Peak  1368 VLM Virtual Size Available 1370 VLM Commit Charge 1372 VLM Commit Charge Peak 1374 System VLM Commit Charge 1376 System VLM Commit Charge Peak 1378 System VLM Shared Commit Charge 1380 Available KBytes 1382 Available MBytes 1400 Avg. Disk Queue Length 1402 Avg. Disk Read Queue Length 1404 Avg. Disk Write Queue Length 1406 % Committed Bytes In Use 1408 Full Image 1410 Creating Process ID 1412 IO Read Operations/sec 1414 IO Write Operations/sec 1416 IO Data Operations/sec 1418 IO Other Operations/sec 1420 IO Read Bytes/sec 1422 IO Write Bytes/sec 1424 IO Data Bytes/sec 1426 IO Other Bytes/sec 1450 Print Queue 1452 Total Jobs Printed 1454 Bytes Printed/sec 1456 Total Pages Printed 1458 Jobs 1460 References 1462 Max References 1464 Jobs Spooling 1466 Max Jobs Spooling 1468 Out of Paper Errors 1470 Not Ready Errors 1472 Job Errors 1474 Enumerate Network Printer Calls 1476 Add Network Printer Calls 1478 Working Set - Private 1480 Working Set - Shared 1482 % Idle Time 1484 Split IO/Sec 1500 Job Object 1502 Current % Processor Time 1504 Current % User Mode Time 1506 Current % Kernel Mode Time 1508 This Period mSec - Processor 1510 This Period mSec - User Mode 1512 This Period mSec - Kernel Mode 1514 Pages/Sec 1516 Process Count - Total 1518 Process Count - Active 1520 Process Count - Terminated 1522 Total mSec - Processor 1524 Total mSec - User Mode 1526 Total mSec - Kernel Mode 1548 Job Object Details 1746 % Idle Time 1748 % C1 Time 1750 % C2 Time 1752 % C3 Time 1754 C1 Transitions/sec 1756 C2 Transitions/sec 1758 C3 Transitions/sec 1760 Heap 1762 Committed Bytes 1764 Reserved Bytes 1766 Virtual Bytes 1768 Free Bytes 1770 Free List Length 1772 Avg. alloc rate 1774 Avg. free rate 1776 Uncommitted Ranges Length 1778 Allocs - Frees 1780 Cached Allocs/sec 1782 Cached Frees/sec 1784 Allocs <1K/sec 1786 Frees <1K/sec 1788 Allocs 1-8K/sec 1790 Frees 1-8K/sec 1792 Allocs over 8K/sec 1794 Frees over 8K/sec 1796 Total Allocs/sec 1798 Total Frees/sec 1800 Blocks in Heap Cache 1802 Largest Cache Depth 1804 % Fragmentation 1806 % VAFragmentation 1808 Heap Lock contention 1846 End Marker 1848 RSVP Service 1850 Network Interfaces 1852 Network sockets 1854 Timers 1856 RSVP sessions 1858 QoS clients 1860 QoS-enabled senders 1862 QoS-enabled receivers 1864 Failed QoS requests 1866 Failed QoS sends 1868 QoS notifications 1870 Bytes in QoS notifications 1872 RSVP Interfaces 1874 Signaling bytes received 1876 Signaling bytes sent 1878 PATH messages received 1880 RESV messages received 1882 PATH ERR messages received 1884 RESV ERR messages received 1886 PATH TEAR messages received 1888 RESV TEAR messages received 1890 RESV CONFIRM messages received 1892 PATH messages sent 1894 RESV messages sent 1896 PATH ERR messages sent 1898 RESV ERR messages sent 1900 PATH TEAR messages sent 1902 RESV TEAR messages sent 1904 RESV CONFIRM messages sent 1906 Resource control failures 1908 Policy control failures 1910 General failures 1912 Blocked RESVs 1914 RESV state block timeouts 1916 PATH state block timeouts 1918 Send messages errors - Big messages 1920 Receive messages errors - Big messages 1922 Send messages errors - No memory 1924 Receive messages errors - No memory 1926 Number of incoming messages dropped 1928 Number of outgoing messages dropped 1930 Number of active flows 1932 Reserved bandwidth 1934 Maximum admitted bandwidth 1936 PSched Flow 1938 PSched Pipe 1940 Packets dropped 1942 Packets scheduled 1944 Packets transmitted 1946 Average packets in shaper 1948 Max packets in shaper 1950 Average packets in sequencer 1952 Max packets in sequencer 1954 Bytes scheduled 1956 Bytes transmitted 1958 Bytes transmitted/sec 1960 Bytes scheduled/sec 1962 Packets transmitted/sec 1964 Packets scheduled/sec 1966 Packets dropped/sec 1968 Nonconforming packets scheduled 1970 Nonconforming packets scheduled/sec 1972 Nonconforming packets transmitted 1974 Nonconforming packets transmitted/sec 1976 Maximum Packets in netcard 1978 Average Packets in netcard 1980 Out of packets 1982 Flows opened 1984 Flows closed 1986 Flows rejected 1988 Flows modified 1990 Flow mods rejected 1992 Max simultaneous flows 1994 Nonconforming packets scheduled 1996 Nonconforming packets scheduled/sec 1998 Nonconforming packets transmitted 2000 Nonconforming packets transmitted/sec 2002 Average packets in shaper 2004 Max packets in shaper 2006 Average packets in sequencer 2008 Max packets in sequencer 2010 Max packets in netcard 2012 Average packets in netcard 2014 RAS Port 2016 Bytes Transmitted 2018 Bytes Received 2020 Frames Transmitted 2022 Frames Received 2024 Percent Compression Out 2026 Percent Compression In 2028 CRC Errors 2030 Timeout Errors 2032 Serial Overrun Errors 2034 Alignment Errors 2036 Buffer Overrun Errors 2038 Total Errors 2040 Bytes Transmitted/Sec 2042 Bytes Received/Sec 2044 Frames Transmitted/Sec 2046 Frames Received/Sec 2048 Total Errors/Sec 2050 RAS Total 2052 Total Connections 2054 Terminal Services Session 2056 Input WdBytes 2058 Input WdFrames 2060 Input WaitForOutBuf 2062 Input Frames 2064 Input Bytes 2066 Input Compressed Bytes 2068 Input Compress Flushes 2070 Input Errors 2072 Input Timeouts 2074 Input Async Frame Error 2076 Input Async Overrun 2078 Input Async Overflow 2080 Input Async Parity Error 2082 Input Transport Errors 2084 Output WdBytes 2086 Output WdFrames 2088 Output WaitForOutBuf 2090 Output Frames 2092 Output Bytes 2094 Output Compressed Bytes 2096 Output Compress Flushes 2098 Output Errors 2100 Output Timeouts 2102 Output Async Frame Error 2104 Output Async Overrun 2106 Output Async Overflow 2108 Output Async Parity Error 2110 Output Transport Errors 2112 Total WdBytes 2114 Total WdFrames 2116 Total WaitForOutBuf 2118 Total Frames 2120 Total Bytes 2122 Total Compressed Bytes 2124 Total Compress Flushes 2126 Total Errors 2128 Total Timeouts 2130 Total Async Frame Error 2132 Total Async Overrun 2134 Total Async Overflow 2136 Total Async Parity Error 2138 Total Transport Errors 2140 Total Protocol Cache Reads 2142 Total Protocol Cache Hits 2144 Total Protocol Cache Hit Ratio 2146 Protocol Bitmap Cache Reads 2148 Protocol Bitmap Cache Hits 2150 Protocol Bitmap Cache Hit Ratio 2152 Protocol Glyph Cache Reads 2154 Protocol Glyph Cache Hits 2156 Protocol Glyph Cache Hit Ratio 2158 Protocol Brush Cache Reads 2160 Protocol Brush Cache Hits 2162 Protocol Brush Cache Hit Ratio 2164 Protocol Save Screen Bitmap Cache Reads 2166 Protocol Save Screen Bitmap Cache Hits 2168 Protocol Save Screen Bitmap Cache Hit Ratio 2170 Input Compression Ratio 2172 Output Compression Ratio 2174 Total Compression Ratio 2176 Terminal Services 2178 Total Sessions 2180 Active Sessions 2182 Inactive Sessions 2184 Distributed Transaction Coordinator 2186 Active Transactions 2188 Committed Transactions 2190 Aborted Transactions 2192 In Doubt Transactions 2194 Active Transactions Maximum 2196 Force Committed Transactions 2198 Force Aborted Transactions 2200 Response Time -- Minimum 2202 Response Time -- Average 2204 Response Time -- Maximum 2206 Transactions/sec 2208 Committed Transactions/sec 2210 Aborted Transactions/sec 2212 Indexing Service 2214 Word lists 2216 Saved indexes 2218 Index size (MB) 2220 Files to be indexed 2222 Unique keys 2224 Running queries 2226 Merge progress 2228 # documents indexed 2230 Total # documents 2232 Total # of queries 2234 Deferred for indexing 2236 Indexing Service Filter 2238 Total indexing speed (MB/hr) 2240 Binding time (msec) 2242 Indexing speed (MB/hr) 2244 Http Indexing Service 2246 Cache items 2248 % Cache hits 2250 Total cache accesses 1 2252 % Cache misses 2254 Total cache accesses 2 2256 Active queries 2258 Total queries 2260 Queries per minute 2262 Current requests queued 2264 Total requests rejected 2864 .NET CLR Networking 2866 Connections Established 2868 Bytes Received 2870 Bytes Sent 2872 Datagrams Received 2874 Datagrams Sent 2876 .NET Data Provider for Oracle 2878 HardConnectsPerSecond 2880 HardDisconnectsPerSecond 2882 SoftConnectsPerSecond 2884 SoftDisconnectsPerSecond 2886 NumberOfNonPooledConnections 2888 NumberOfPooledConnections 2890 NumberOfActiveConnectionPoolGroups 2892 NumberOfInactiveConnectionPoolGroups 2894 NumberOfActiveConnectionPools 2896 NumberOfInactiveConnectionPools 2898 NumberOfActiveConnections 2900 NumberOfFreeConnections 2902 NumberOfStasisConnections 2904 NumberOfReclaimedConnections 2906 .NET Data Provider for SqlServer 2908 HardConnectsPerSecond 2910 HardDisconnectsPerSecond 2912 SoftConnectsPerSecond 2914 SoftDisconnectsPerSecond 2916 NumberOfNonPooledConnections 2918 NumberOfPooledConnections 2920 NumberOfActiveConnectionPoolGroups 2922 NumberOfInactiveConnectionPoolGroups 2924 NumberOfActiveConnectionPools 2926 NumberOfInactiveConnectionPools 2928 NumberOfActiveConnections 2930 NumberOfFreeConnections 2932 NumberOfStasisConnections 2934 NumberOfReclaimedConnections 2936 .NET CLR Data 2938 SqlClient: Current # pooled and nonpooled connections 2940 SqlClient: Current # pooled connections 2942 SqlClient: Current # connection pools 2944 SqlClient: Peak # pooled connections 2946 SqlClient: Total # failed connects 2948 SqlClient: Total # failed commands 2950 .NET CLR Memory 2952 # Gen 0 Collections 2954 # Gen 1 Collections 2956 # Gen 2 Collections 2958 Promoted Memory from Gen 0 2960 Promoted Memory from Gen 1 2962 Gen 0 Promoted Bytes/Sec 2964 Gen 1 Promoted Bytes/Sec 2966 Promoted Finalization-Memory from Gen 0 2968 Process ID 2970 Gen 0 heap size 2972 Gen 1 heap size 2974 Gen 2 heap size 2976 Large Object Heap size 2978 Finalization Survivors 2980 # GC Handles 2982 Allocated Bytes/sec 2984 # Induced GC 2986 % Time in GC 2988 Not Displayed 2990 # Bytes in all Heaps 2992 # Total committed Bytes 2994 # Total reserved Bytes 2996 # of Pinned Objects 2998 # of Sink Blocks in use 3000 .NET CLR Loading 3002 Total Classes Loaded 3004 % Time Loading 3006 Assembly Search Length 3008 Total # of Load Failures 3010 Rate of Load Failures 3012 Bytes in Loader Heap 3014 Total appdomains unloaded 3016 Rate of appdomains unloaded 3018 Current Classes Loaded 3020 Rate of Classes Loaded 3022 Current appdomains 3024 Total Appdomains 3026 Rate of appdomains 3028 Current Assemblies 3030 Total Assemblies 3032 Rate of Assemblies 3034 .NET CLR Jit 3036 # of Methods Jitted 3038 # of IL Bytes Jitted 3040 Total # of IL Bytes Jitted 3042 IL Bytes Jitted / sec 3044 Standard Jit Failures 3046 % Time in Jit 3048 Not Displayed 3050 .NET CLR Interop 3052 # of CCWs 3054 # of Stubs 3056 # of marshalling 3058 # of TLB imports / sec 3060 # of TLB exports / sec 3062 .NET CLR LocksAndThreads 3064 Total # of Contentions 3066 Contention Rate / sec 3068 Current Queue Length 3070 Queue Length Peak 3072 Queue Length / sec 3074 # of current logical Threads 3076 # of current physical Threads 3078 # of current recognized threads 3080 # of total recognized threads 3082 rate of recognized threads / sec 3084 .NET CLR Security 3086 Total Runtime Checks 3088 % Time Sig. Authenticating 3090 # Link Time Checks 3092 % Time in RT checks 3094 Not Displayed 3096 Stack Walk Depth 3098 .NET CLR Remoting 3100 Remote Calls/sec 3102 Channels 3104 Context Proxies 3106 Context-Bound Classes Loaded 3108 Context-Bound Objects Alloc / sec 3110 Contexts 3112 Total Remote Calls 3114 .NET CLR Exceptions 3116 # of Exceps Thrown 3118 # of Exceps Thrown / sec 3120 # of Filters / sec 3122 # of Finallys / sec 3124 Throw To Catch Depth / sec 3784 Windows Workflow Foundation 3786 Workflows Created 3788 Workflows Created/sec 3790 Workflows Unloaded 3792 Workflows Unloaded/sec 3794 Workflows Loaded 3796 Workflows Loaded/sec 3798 Workflows Completed 3800 Workflows Completed/sec 3802 Workflows Suspended 3804 Workflows Suspended/sec 3806 Workflows Terminated 3808 Workflows Terminated/sec 3810 Workflows In Memory 3812 Workflows Aborted 3814 Workflows Aborted/sec 3816 Workflows Persisted 3818 Workflows Persisted/sec 3820 Workflows Executing 3822 Workflows Idle/sec 3824 Workflows Runnable 3826 Workflows Pending 3828 ServiceModelEndpoint 3.0.0.0 3830 Calls 3832 Calls Per Second 3834 Calls Outstanding 3836 Calls Failed 3838 Calls Failed Per Second 3840 Calls Faulted 3842 Calls Faulted Per Second 3844 Calls Duration 3846 Calls Duration Base 3848 Transactions Flowed 3850 Transactions Flowed Per Second 3852 Security Validation and Authentication Failures 3854 Security Validation and Authentication Failures Per Second 3856 Security Calls Not Authorized 3858 Security Calls Not Authorized Per Second 3860 Reliable Messaging Sessions Faulted 3862 Reliable Messaging Sessions Faulted Per Second 3864 Reliable Messaging Messages Dropped 3866 Reliable Messaging Messages Dropped Per Second 3868 ServiceModelOperation 3.0.0.0 3870 Calls 3872 Calls Per Second 3874 Calls Outstanding 3876 Calls Failed 3878 Call Failed Per Second 3880 Calls Faulted 3882 Calls Faulted Per Second 3884 Calls Duration 3886 Calls Duration Base 3888 Transactions Flowed 3890 Transactions Flowed Per Second 3892 Security Validation and Authentication Failures 3894 Security Validation and Authentication Failures Per Second 3896 Security Calls Not Authorized 3898 Security Calls Not Authorized Per Second 3900 ServiceModelService 3.0.0.0 3902 Calls 3904 Calls Per Second 3906 Calls Outstanding 3908 Calls Failed 3910 Calls Failed Per Second 3912 Calls Faulted 3914 Calls Faulted Per Second 3916 Calls Duration 3918 Calls Duration Base 3920 Transactions Flowed 3922 Transactions Flowed Per Second 3924 Transacted Operations Committed 3926 Transacted Operations Committed Per Second 3928 Transacted Operations Aborted 3930 Transacted Operations Aborted Per Second 3932 Transacted Operations In Doubt 3934 Transacted Operations In Doubt Per Second 3936 Security Validation and Authentication Failures 3938 Security Validation and Authentication Failures Per Second 3940 Security Calls Not Authorized 3942 Security Calls Not Authorized Per Second 3944 Instances 3946 Instances Created Per Second 3948 Reliable Messaging Sessions Faulted 3950 Reliable Messaging Sessions Faulted Per Second 3952 Reliable Messaging Messages Dropped 3954 Reliable Messaging Messages Dropped Per Second 3956 Queued Poison Messages 3958 Queued Poison Messages Per Second 3960 Queued Messages Rejected 3962 Queued Messages Rejected Per Second 3964 Queued Messages Dropped 3966 Queued Messages Dropped Per Second 3968 SMSvcHost 3.0.0.0 3970 Protocol Failures over net.tcp 3972 Protocol Failures over net.pipe 3974 Dispatch Failures over net.tcp 3976 Dispatch Failures over net.pipe 3978 Connections Dispatched over net.tcp 3980 Connections Dispatched over net.pipe 3982 Connections Accepted over net.tcp 3984 Connections Accepted over net.pipe 3986 Registrations Active for net.tcp 3988 Registrations Active for net.pipe 3990 Uris Registered for net.tcp 3992 Uris Registered for net.pipe 3994 Uris Unregistered for net.tcp 3996 Uris Unregistered for net.pipe 3998 MSDTC Bridge 3.0.0.0 4000 Message send failures/sec 4002 Prepare retry count/sec 4004 Commit retry count/sec 4006 Prepared retry count/sec 4008 Replay retry count/sec 4010 Faults received count/sec 4012 Faults sent count/sec 4014 Average participant prepare response time 4016 Average participant prepare response time Base 4018 Average participant commit response time 4020 Average participant commit response time Base 4680 ASP.NET State Service 4886 State Server Sessions Active 4888 State Server Sessions Abandoned 4890 State Server Sessions Timed Out 4892 State Server Sessions Total 4894 ASP.NET v2.0.50727 4896 ASP.NET Apps v2.0.50727 4898 Application Restarts 4900 Applications Running 4902 Requests Disconnected 4904 Request Execution Time 4906 Requests Rejected 4908 Requests Queued 4910 Worker Processes Running 4912 Worker Process Restarts 4914 Request Wait Time 4916 State Server Sessions Active 4918 State Server Sessions Abandoned 4920 State Server Sessions Timed Out 4922 State Server Sessions Total 4924 Requests Current 4926 Audit Success Events Raised 4928 Audit Failure Events Raised 4930 Error Events Raised 4932 Request Error Events Raised 4934 Infrastructure Error Events Raised 4936 Anonymous Requests 4938 Anonymous Requests/Sec 4940 Cache Total Entries 4942 Cache Total Turnover Rate 4944 Cache Total Hits 4946 Cache Total Misses 4948 Cache Total Hit Ratio 4950 Cache Total Hit Ratio Base 4952 Cache API Entries 4954 Cache API Turnover Rate 4956 Cache API Hits 4958 Cache API Misses 4960 Cache API Hit Ratio 4962 Cache API Hit Ratio Base 4964 Output Cache Entries 4966 Output Cache Turnover Rate 4968 Output Cache Hits 4970 Output Cache Misses 4972 Output Cache Hit Ratio 4974 Output Cache Hit Ratio Base 4976 Compilations Total 4978 Debugging Requests 4980 Errors During Preprocessing 4982 Errors During Compilation 4984 Errors During Execution 4986 Errors Unhandled During Execution 4988 Errors Unhandled During Execution/Sec 4990 Errors Total 4992 Errors Total/Sec 4994 Pipeline Instance Count 4996 Request Bytes In Total 4998 Request Bytes Out Total 5000 Requests Executing 5002 Requests Failed 5004 Requests Not Found 5006 Requests Not Authorized 5008 Requests In Application Queue 5010 Requests Timed Out 5012 Requests Succeeded 5014 Requests Total 5016 Requests/Sec 5018 Sessions Active 5020 Sessions Abandoned 5022 Sessions Timed Out 5024 Sessions Total 5026 Transactions Aborted 5028 Transactions Committed 5030 Transactions Pending 5032 Transactions Total 5034 Transactions/Sec 5036 Session State Server connections total 5038 Session SQL Server connections total 5040 Events Raised 5042 Events Raised/Sec 5044 Application Lifetime Events 5046 Application Lifetime Events/Sec 5048 Error Events Raised 5050 Error Events Raised/Sec 5052 Request Error Events Raised 5054 Request Error Events Raised/Sec 5056 Infrastructure Error Events Raised 5058 Infrastructure Error Events Raised/Sec 5060 Request Events Raised 5062 Request Events Raised/Sec 5064 Audit Success Events Raised 5066 Audit Failure Events Raised 5068 Membership Authentication Success 5070 Membership Authentication Failure 5072 Forms Authentication Success 5074 Forms Authentication Failure 5076 Viewstate MAC Validation Failure 5078 Request Execution Time 5080 Requests Disconnected 5082 Requests Rejected 5084 Request Wait Time 5086 Cache % Machine Memory Limit Used 5088 Cache % Machine Memory Limit Used Base 5090 Cache % Process Memory Limit Used 5092 Cache % Process Memory Limit Used Base 5094 Cache Total Trims 5096 Cache API Trims 5098 Output Cache Trims 5100 ASP.NET 5102 ASP.NET Applications 5104 Application Restarts 5106 Applications Running 5108 Requests Disconnected 5110 Request Execution Time 5112 Requests Rejected 5114 Requests Queued 5116 Worker Processes Running 5118 Worker Process Restarts 5120 Request Wait Time 5122 State Server Sessions Active 5124 State Server Sessions Abandoned 5126 State Server Sessions Timed Out 5128 State Server Sessions Total 5130 Requests Current 5132 Audit Success Events Raised 5134 Audit Failure Events Raised 5136 Error Events Raised 5138 Request Error Events Raised 5140 Infrastructure Error Events Raised 5142 Anonymous Requests 5144 Anonymous Requests/Sec 5146 Cache Total Entries 5148 Cache Total Turnover Rate 5150 Cache Total Hits 5152 Cache Total Misses 5154 Cache Total Hit Ratio 5156 Cache Total Hit Ratio Base 5158 Cache API Entries 5160 Cache API Turnover Rate 5162 Cache API Hits 5164 Cache API Misses 5166 Cache API Hit Ratio 5168 Cache API Hit Ratio Base 5170 Output Cache Entries 5172 Output Cache Turnover Rate 5174 Output Cache Hits 5176 Output Cache Misses 5178 Output Cache Hit Ratio 5180 Output Cache Hit Ratio Base 5182 Compilations Total 5184 Debugging Requests 5186 Errors During Preprocessing 5188 Errors During Compilation 5190 Errors During Execution 5192 Errors Unhandled During Execution 5194 Errors Unhandled During Execution/Sec 5196 Errors Total 5198 Errors Total/Sec 5200 Pipeline Instance Count 5202 Request Bytes In Total 5204 Request Bytes Out Total 5206 Requests Executing 5208 Requests Failed 5210 Requests Not Found 5212 Requests Not Authorized 5214 Requests In Application Queue 5216 Requests Timed Out 5218 Requests Succeeded 5220 Requests Total 5222 Requests/Sec 5224 Sessions Active 5226 Sessions Abandoned 5228 Sessions Timed Out 5230 Sessions Total 5232 Transactions Aborted 5234 Transactions Committed 5236 Transactions Pending 5238 Transactions Total 5240 Transactions/Sec 5242 Session State Server connections total 5244 Session SQL Server connections total 5246 Events Raised 5248 Events Raised/Sec 5250 Application Lifetime Events 5252 Application Lifetime Events/Sec 5254 Error Events Raised 5256 Error Events Raised/Sec 5258 Request Error Events Raised 5260 Request Error Events Raised/Sec 5262 Infrastructure Error Events Raised 5264 Infrastructure Error Events Raised/Sec 5266 Request Events Raised 5268 Request Events Raised/Sec 5270 Audit Success Events Raised 5272 Audit Failure Events Raised 5274 Membership Authentication Success 5276 Membership Authentication Failure 5278 Forms Authentication Success 5280 Forms Authentication Failure 5282 Viewstate MAC Validation Failure 5284 Request Execution Time 5286 Requests Disconnected 5288 Requests Rejected 5290 Request Wait Time 5292 Cache % Machine Memory Limit Used 5294 Cache % Machine Memory Limit Used Base 5296 Cache % Process Memory Limit Used 5298 Cache % Process Memory Limit Used Base 5300 Cache Total Trims 5302 Cache API Trims 5304 Output Cache Trims 5306 WMI Objects 5308 HiPerf Classes 5310 HiPerf Validity 5312 ProcessorPerformance 5314 frequency 5316 percentage 5318 power 5320 WindowsLive_FamilySafety 5322 Accepted 5324 Dropped 5326 HeaderModified 5328 PacketsPerSecond 5330 Queued 5332 Rejected 5334 Reserved 5336 TotalPackets"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\009]
"Counter"="1 1847 2 System 4 Memory 6 % Processor Time 10 File Read Operations/sec 12 File Write Operations/sec 14 File Control Operations/sec 16 File Read Bytes/sec 18 File Write Bytes/sec 20 File Control Bytes/sec 24 Available Bytes 26 Committed Bytes 28 Page Faults/sec 30 Commit Limit 32 Write Copies/sec 34 Transition Faults/sec 36 Cache Faults/sec 38 Demand Zero Faults/sec 40 Pages/sec 42 Page Reads/sec 44 Processor Queue Length 46 Thread State 48 Pages Output/sec 50 Page Writes/sec 52 Browser 54 Announcements Server/sec 56 Pool Paged Bytes 58 Pool Nonpaged Bytes 60 Pool Paged Allocs 64 Pool Nonpaged Allocs 66 Pool Paged Resident Bytes 68 System Code Total Bytes 70 System Code Resident Bytes 72 System Driver Total Bytes 74 System Driver Resident Bytes 76 System Cache Resident Bytes 78 Announcements Domain/sec 80 Election Packets/sec 82 Mailslot Writes/sec 84 Server List Requests/sec 86 Cache 88 Data Maps/sec 90 Sync Data Maps/sec 92 Async Data Maps/sec 94 Data Map Hits % 96 Data Map Pins/sec 98 Pin Reads/sec 100 Sync Pin Reads/sec 102 Async Pin Reads/sec 104 Pin Read Hits % 106 Copy Reads/sec 108 Sync Copy Reads/sec 110 Async Copy Reads/sec 112 Copy Read Hits % 114 MDL Reads/sec 116 Sync MDL Reads/sec 118 Async MDL Reads/sec 120 MDL Read Hits % 122 Read Aheads/sec 124 Fast Reads/sec 126 Sync Fast Reads/sec 128 Async Fast Reads/sec 130 Fast Read Resource Misses/sec 132 Fast Read Not Possibles/sec 134 Lazy Write Flushes/sec 136 Lazy Write Pages/sec 138 Data Flushes/sec 140 Data Flush Pages/sec 142 % User Time 144 % Privileged Time 146 Context Switches/sec 148 Interrupts/sec 150 System Calls/sec 152 Level 1 TLB Fills/sec 154 Level 2 TLB Fills/sec 156 Enumerations Server/sec 158 Enumerations Domain/sec 160 Enumerations Other/sec 162 Missed Server Announcements 164 Missed Mailslot Datagrams 166 Missed Server List Requests 168 Server Announce Allocations Failed/sec 170 Mailslot Allocations Failed 172 Virtual Bytes Peak 174 Virtual Bytes 178 Working Set Peak 180 Working Set 182 Page File Bytes Peak 184 Page File Bytes 186 Private Bytes 188 Announcements Total/sec 190 Enumerations Total/sec 198 Current Disk Queue Length 200 % Disk Time 202 % Disk Read Time 204 % Disk Write Time 206 Avg. Disk sec/Transfer 208 Avg. Disk sec/Read 210 Avg. Disk sec/Write 212 Disk Transfers/sec 214 Disk Reads/sec 216 Disk Writes/sec 218 Disk Bytes/sec 220 Disk Read Bytes/sec 222 Disk Write Bytes/sec 224 Avg. Disk Bytes/Transfer 226 Avg. Disk Bytes/Read 228 Avg. Disk Bytes/Write 230 Process 232 Thread 234 PhysicalDisk 236 LogicalDisk 238 Processor 240 % Total Processor Time 242 % Total User Time 244 % Total Privileged Time 246 Total Interrupts/sec 248 Processes 250 Threads 252 Events 254 Semaphores 256 Mutexes 258 Sections 260 Objects 262 Redirector 264 Bytes Received/sec 266 Packets Received/sec 268 Read Bytes Paging/sec 270 Read Bytes Non-Paging/sec 272 Read Bytes Cache/sec 274 Read Bytes Network/sec 276 Bytes Transmitted/sec 278 Packets Transmitted/sec 280 Write Bytes Paging/sec 282 Write Bytes Non-Paging/sec 284 Write Bytes Cache/sec 286 Write Bytes Network/sec 288 Read Operations/sec 290 Read Operations Random/sec 292 Read Packets/sec 294 Reads Large/sec 296 Read Packets Small/sec 298 Write Operations/sec 300 Write Operations Random/sec 302 Write Packets/sec 304 Writes Large/sec 306 Write Packets Small/sec 308 Reads Denied/sec 310 Writes Denied/sec 312 Network Errors/sec 314 Server Sessions 316 Server Reconnects 318 Connects Core 320 Connects Lan Manager 2.0 322 Connects Lan Manager 2.1 324 Connects Windows NT 326 Server Disconnects 328 Server Sessions Hung 330 Server 336 Thread Wait Reason 340 Sessions Timed Out 342 Sessions Errored Out 344 Sessions Logged Off 346 Sessions Forced Off 348 Errors Logon 350 Errors Access Permissions 352 Errors Granted Access 354 Errors System 356 Blocking Requests Rejected 358 Work Item Shortages 360 Files Opened Total 362 Files Open 366 File Directory Searches 370 Pool Nonpaged Failures 372 Pool Nonpaged Peak 376 Pool Paged Failures 378 Pool Paged Peak 388 Bytes Total/sec 392 Current Commands 398 NWLink NetBIOS 400 Packets/sec 404 Context Blocks Queued/sec 406 File Data Operations/sec 408 % Free Space 410 Free Megabytes 412 Connections Open 414 Connections No Retries 416 Connections With Retries 418 Disconnects Local 420 Disconnects Remote 422 Failures Link 424 Failures Adapter 426 Connection Session Timeouts 428 Connections Canceled 430 Failures Resource Remote 432 Failures Resource Local 434 Failures Not Found 436 Failures No Listen 438 Datagrams/sec 440 Datagram Bytes/sec 442 Datagrams Sent/sec 444 Datagram Bytes Sent/sec 446 Datagrams Received/sec 448 Datagram Bytes Received/sec 452 Packets Sent/sec 456 Frames/sec 458 Frame Bytes/sec 460 Frames Sent/sec 462 Frame Bytes Sent/sec 464 Frames Received/sec 466 Frame Bytes Received/sec 468 Frames Re-Sent/sec 470 Frame Bytes Re-Sent/sec 472 Frames Rejected/sec 474 Frame Bytes Rejected/sec 476 Expirations Response 478 Expirations Ack 480 Window Send Maximum  482 Window Send Average 484 Piggyback Ack Queued/sec 486 Piggyback Ack Timeouts 488 NWLink IPX 490 NWLink SPX 492 NetBEUI 494 NetBEUI Resource 496 Used Maximum 498 Used Average 500 Times Exhausted 502 NBT Connection 506 Bytes Sent/sec 508 Total Bytes/sec 510 Network Interface 512 Bytes/sec 520 Current Bandwidth 524 Packets Received Unicast/sec 526 Packets Received Non-Unicast/sec 528 Packets Received Discarded 530 Packets Received Errors 532 Packets Received Unknown 536 Packets Sent Unicast/sec 538 Packets Sent Non-Unicast/sec 540 Packets Outbound Discarded 542 Packets Outbound Errors 544 Output Queue Length 546 IP 552 Datagrams Received Header Errors 554 Datagrams Received Address Errors 556 Datagrams Forwarded/sec 558 Datagrams Received Unknown Protocol 560 Datagrams Received Discarded 562 Datagrams Received Delivered/sec 566 Datagrams Outbound Discarded 568 Datagrams Outbound No Route 570 Fragments Received/sec 572 Fragments Re-assembled/sec 574 Fragment Re-assembly Failures 576 Fragmented Datagrams/sec 578 Fragmentation Failures 580 Fragments Created/sec 582 ICMP 584 Messages/sec 586 Messages Received/sec 588 Messages Received Errors 590 Received Dest. Unreachable 592 Received Time Exceeded 594 Received Parameter Problem 596 Received Source Quench 598 Received Redirect/sec 600 Received Echo/sec 602 Received Echo Reply/sec 604 Received Timestamp/sec 606 Received Timestamp Reply/sec 608 Received Address Mask 610 Received Address Mask Reply 612 Messages Sent/sec 614 Messages Outbound Errors 616 Sent Destination Unreachable 618 Sent Time Exceeded 620 Sent Parameter Problem 622 Sent Source Quench 624 Sent Redirect/sec 626 Sent Echo/sec 628 Sent Echo Reply/sec 630 Sent Timestamp/sec 632 Sent Timestamp Reply/sec 634 Sent Address Mask 636 Sent Address Mask Reply 638 TCP 640 Segments/sec 642 Connections Established 644 Connections Active 646 Connections Passive 648 Connection Failures 650 Connections Reset 652 Segments Received/sec 654 Segments Sent/sec 656 Segments Retransmitted/sec 658 UDP 660 % Total DPC Time 662 % Total Interrupt Time 664 Datagrams No Port/sec 666 Datagrams Received Errors 670 Disk Storage Unit 672 Allocation Failures 674 System Up Time 676 System Handle Count 678 Free System Page Table Entries 680 Thread Count 682 Priority Base 684 Elapsed Time 686 Alignment Fixups/sec 688 Exception Dispatches/sec 690 Floating Emulations/sec 692 Logon/sec 694 Priority Current 696 % DPC Time 698 % Interrupt Time 700 Paging File 702 % Usage 704 % Usage Peak 706 Start Address 708 User PC 710 Mapped Space No Access 712 Mapped Space Read Only 714 Mapped Space Read/Write 716 Mapped Space Write Copy 718 Mapped Space Executable 720 Mapped Space Exec Read Only 722 Mapped Space Exec Read/Write 724 Mapped Space Exec Write Copy 726 Reserved Space No Access 728 Reserved Space Read Only 730 Reserved Space Read/Write 732 Reserved Space Write Copy 734 Reserved Space Executable 736 Reserved Space Exec Read Only 738 Reserved Space Exec Read/Write 740 Image 742 Reserved Space Exec Write Copy 744 Unassigned Space No Access 746 Unassigned Space Read Only 748 Unassigned Space Read/Write 750 Unassigned Space Write Copy 752 Unassigned Space Executable 754 Unassigned Space Exec Read Only 756 Unassigned Space Exec Read/Write 758 Unassigned Space Exec Write Copy 760 Image Space No Access 762 Image Space Read Only 764 Image Space Read/Write 766 Image Space Write Copy 768 Image Space Executable 770 Image Space Exec Read Only 772 Image Space Exec Read/Write 774 Image Space Exec Write Copy 776 Bytes Image Reserved 778 Bytes Image Free 780 Bytes Reserved 782 Bytes Free 784 ID Process 786 Process Address Space 788 No Access 790 Read Only 792 Read/Write 794 Write Copy 796 Executable 798 Exec Read Only 800 Exec Read/Write 802 Exec Write Copy 804 ID Thread 806 Mailslot Receives Failed 808 Mailslot Writes Failed 810 Mailslot Opens Failed/sec 812 Duplicate Master Announcements 814 Illegal Datagrams/sec 816 Thread Details 818 Cache Bytes 820 Cache Bytes Peak 822 Pages Input/sec 870 RAS Port 872 Bytes Transmitted 874 Bytes Received 876 Frames Transmitted 878 Frames Received. 880 Percent Compression Out 882 Percent Compression In 884 CRC Errors 886 Timeout Errors 888 Serial Overrun Errors 890 Alignment Errors 892 Buffer Overrun Errors 894 Total Errors 896 Bytes Transmitted/Sec 898 Bytes Received/Sec 900 Frames Transmitted/Sec 902 Frames Received/Sec 904 Total Errors/Sec 906 RAS Total 908 Total Connections 920 WINS Server 922 Unique Registrations/sec 924 Group Registrations/sec 926 Total Number of Registrations/sec 928 Unique Renewals/sec 930 Group Renewals/sec 932 Total Number of Renewals/sec 934 Releases/sec 936 Queries/sec 938 Unique Conflicts/sec 940 Group Conflicts/sec 942 Total Number of Conflicts/sec 944 Successful Releases/sec 946 Failed Releases/sec 948 Successful Queries/sec 950 Failed Queries/sec 952 Handle Count 1000 MacFile Server 1002 Max Paged Memory 1004 Current Paged Memory 1006 Max NonPaged Memory 1008 Current NonPaged memory 1010 Current Sessions 1012 Maximum Sessions 1014 Current Files Open 1016 Maximum Files Open 1018 Failed Logons 1020 Data Read/sec 1022 Data Written/sec 1024 Data Received/sec 1026 Data Transmitted/sec 1028 Current Queue Length 1030 Maximum Queue Length 1032 Current Threads 1034 Maximum Threads 1050 AppleTalk 1052 Packets In/sec 1054 Packets Out/sec 1056 Bytes In/sec 1058 Bytes Out/sec 1060 Average Time/DDP Packet 1062 DDP Packets/sec 1064 Average Time/AARP Packet 1066 AARP Packets/sec 1068 Average Time/ATP Packet 1070 ATP Packets/sec 1072 Average Time/NBP Packet 1074 NBP Packets/sec 1076 Average Time/ZIP Packet 1078 ZIP Packets/sec 1080 Average Time/RTMP Packet 1082 RTMP Packets/sec 1084 ATP Retries Local 1086 ATP Response Timouts 1088 ATP XO Response/Sec 1090 ATP ALO Response/Sec 1092 ATP Recvd Release/Sec 1094 Current NonPaged Pool 1096 Packets Routed In/Sec 1098 Packets dropped 1100 ATP Retries Remote 1102 Packets Routed Out/Sec 1110 Network Segment 1112 Total frames received/second 1114 Total bytes received/second 1116 Broadcast frames received/second 1118 Multicast frames received/second 1120 % Network utilization 1124 % Broadcast Frames 1126 % Multicast Frames 1150 Telephony 1152 Lines 1154 Telephone Devices 1156 Active Lines 1158 Active Telephones 1160 Outgoing Calls/sec 1162 Incoming Calls/sec 1164 Client Apps 1166 Current Outgoing Calls 1168 Current Incoming Calls 1228 Gateway Service For NetWare 1230 Client Service For NetWare 1232 Packet Burst Read NCP Count/sec 1234 Packet Burst Read Timeouts/sec 1236 Packet Burst Write NCP Count/sec 1238 Packet Burst Write Timeouts/sec 1240 Packet Burst IO/sec 1242 Connect NetWare 2.x 1244 Connect NetWare 3.x 1246 Connect NetWare 4.x 1260 Logon Total 1300 Server Work Queues 1302 Queue Length 1304 Active Threads 1306 Available Threads 1308 Available Work Items 1310 Borrowed Work Items 1312 Work Item Shortages 1314 Current Clients 1320 Bytes Transferred/sec 1324 Read Bytes/sec 1328 Write Bytes/sec 1332 Total Operations/sec 1334 DPCs Queued/sec 1336 DPC Rate 1342 Total DPCs Queued/sec 1344 Total DPC Rate 1350 % Registry Quota In Use 1360 VL Memory 1362 VLM % Virtual Size In Use 1364 VLM Virtual Size 1366 VLM Virtual Size Peak  1368 VLM Virtual Size Available 1370 VLM Commit Charge 1372 VLM Commit Charge Peak 1374 System VLM Commit Charge 1376 System VLM Commit Charge Peak 1378 System VLM Shared Commit Charge 1380 Available KBytes 1382 Available MBytes 1400 Avg. Disk Queue Length 1402 Avg. Disk Read Queue Length 1404 Avg. Disk Write Queue Length 1406 % Committed Bytes In Use 1408 Full Image 1410 Creating Process ID 1412 IO Read Operations/sec 1414 IO Write Operations/sec 1416 IO Data Operations/sec 1418 IO Other Operations/sec 1420 IO Read Bytes/sec 1422 IO Write Bytes/sec 1424 IO Data Bytes/sec 1426 IO Other Bytes/sec 1450 Print Queue 1452 Total Jobs Printed 1454 Bytes Printed/sec 1456 Total Pages Printed 1458 Jobs 1460 References 1462 Max References 1464 Jobs Spooling 1466 Max Jobs Spooling 1468 Out of Paper Errors 1470 Not Ready Errors 1472 Job Errors 1474 Enumerate Network Printer Calls 1476 Add Network Printer Calls 1478 Working Set - Private 1480 Working Set - Shared 1482 % Idle Time 1484 Split IO/Sec 1500 Job Object 1502 Current % Processor Time 1504 Current % User Mode Time 1506 Current % Kernel Mode Time 1508 This Period mSec - Processor 1510 This Period mSec - User Mode 1512 This Period mSec - Kernel Mode 1514 Pages/Sec 1516 Process Count - Total 1518 Process Count - Active 1520 Process Count - Terminated 1522 Total mSec - Processor 1524 Total mSec - User Mode 1526 Total mSec - Kernel Mode 1548 Job Object Details 1746 % Idle Time 1748 % C1 Time 1750 % C2 Time 1752 % C3 Time 1754 C1 Transitions/sec 1756 C2 Transitions/sec 1758 C3 Transitions/sec 1760 Heap 1762 Committed Bytes 1764 Reserved Bytes 1766 Virtual Bytes 1768 Free Bytes 1770 Free List Length 1772 Avg. alloc rate 1774 Avg. free rate 1776 Uncommitted Ranges Length 1778 Allocs - Frees 1780 Cached Allocs/sec 1782 Cached Frees/sec 1784 Allocs <1K/sec 1786 Frees <1K/sec 1788 Allocs 1-8K/sec 1790 Frees 1-8K/sec 1792 Allocs over 8K/sec 1794 Frees over 8K/sec 1796 Total Allocs/sec 1798 Total Frees/sec 1800 Blocks in Heap Cache 1802 Largest Cache Depth 1804 % Fragmentation 1806 % VAFragmentation 1808 Heap Lock contention 1846 End Marker 1848 RSVP Service 1850 Network Interfaces 1852 Network sockets 1854 Timers 1856 RSVP sessions 1858 QoS clients 1860 QoS-enabled senders 1862 QoS-enabled receivers 1864 Failed QoS requests 1866 Failed QoS sends 1868 QoS notifications 1870 Bytes in QoS notifications 1872 RSVP Interfaces 1874 Signaling bytes received 1876 Signaling bytes sent 1878 PATH messages received 1880 RESV messages received 1882 PATH ERR messages received 1884 RESV ERR messages received 1886 PATH TEAR messages received 1888 RESV TEAR messages received 1890 RESV CONFIRM messages received 1892 PATH messages sent 1894 RESV messages sent 1896 PATH ERR messages sent 1898 RESV ERR messages sent 1900 PATH TEAR messages sent 1902 RESV TEAR messages sent 1904 RESV CONFIRM messages sent 1906 Resource control failures 1908 Policy control failures 1910 General failures 1912 Blocked RESVs 1914 RESV state block timeouts 1916 PATH state block timeouts 1918 Send messages errors - Big messages 1920 Receive messages errors - Big messages 1922 Send messages errors - No memory 1924 Receive messages errors - No memory 1926 Number of incoming messages dropped 1928 Number of outgoing messages dropped 1930 Number of active flows 1932 Reserved bandwidth 1934 Maximum admitted bandwidth 1936 PSched Flow 1938 PSched Pipe 1940 Packets dropped 1942 Packets scheduled 1944 Packets transmitted 1946 Average packets in shaper 1948 Max packets in shaper 1950 Average packets in sequencer 1952 Max packets in sequencer 1954 Bytes scheduled 1956 Bytes transmitted 1958 Bytes transmitted/sec 1960 Bytes scheduled/sec 1962 Packets transmitted/sec 1964 Packets scheduled/sec 1966 Packets dropped/sec 1968 Nonconforming packets scheduled 1970 Nonconforming packets scheduled/sec 1972 Nonconforming packets transmitted 1974 Nonconforming packets transmitted/sec 1976 Maximum Packets in netcard 1978 Average Packets in netcard 1980 Out of packets 1982 Flows opened 1984 Flows closed 1986 Flows rejected 1988 Flows modified 1990 Flow mods rejected 1992 Max simultaneous flows 1994 Nonconforming packets scheduled 1996 Nonconforming packets scheduled/sec 1998 Nonconforming packets transmitted 2000 Nonconforming packets transmitted/sec 2002 Average packets in shaper 2004 Max packets in shaper 2006 Average packets in sequencer 2008 Max packets in sequencer 2010 Max packets in netcard 2012 Average packets in netcard 2014 RAS Port 2016 Bytes Transmitted 2018 Bytes Received 2020 Frames Transmitted 2022 Frames Received 2024 Percent Compression Out 2026 Percent Compression In 2028 CRC Errors 2030 Timeout Errors 2032 Serial Overrun Errors 2034 Alignment Errors 2036 Buffer Overrun Errors 2038 Total Errors 2040 Bytes Transmitted/Sec 2042 Bytes Received/Sec 2044 Frames Transmitted/Sec 2046 Frames Received/Sec 2048 Total Errors/Sec 2050 RAS Total 2052 Total Connections 2054 Terminal Services Session 2056 Input WdBytes 2058 Input WdFrames 2060 Input WaitForOutBuf 2062 Input Frames 2064 Input Bytes 2066 Input Compressed Bytes 2068 Input Compress Flushes 2070 Input Errors 2072 Input Timeouts 2074 Input Async Frame Error 2076 Input Async Overrun 2078 Input Async Overflow 2080 Input Async Parity Error 2082 Input Transport Errors 2084 Output WdBytes 2086 Output WdFrames 2088 Output WaitForOutBuf 2090 Output Frames 2092 Output Bytes 2094 Output Compressed Bytes 2096 Output Compress Flushes 2098 Output Errors 2100 Output Timeouts 2102 Output Async Frame Error 2104 Output Async Overrun 2106 Output Async Overflow 2108 Output Async Parity Error 2110 Output Transport Errors 2112 Total WdBytes 2114 Total WdFrames 2116 Total WaitForOutBuf 2118 Total Frames 2120 Total Bytes 2122 Total Compressed Bytes 2124 Total Compress Flushes 2126 Total Errors 2128 Total Timeouts 2130 Total Async Frame Error 2132 Total Async Overrun 2134 Total Async Overflow 2136 Total Async Parity Error 2138 Total Transport Errors 2140 Total Protocol Cache Reads 2142 Total Protocol Cache Hits 2144 Total Protocol Cache Hit Ratio 2146 Protocol Bitmap Cache Reads 2148 Protocol Bitmap Cache Hits 2150 Protocol Bitmap Cache Hit Ratio 2152 Protocol Glyph Cache Reads 2154 Protocol Glyph Cache Hits 2156 Protocol Glyph Cache Hit Ratio 2158 Protocol Brush Cache Reads 2160 Protocol Brush Cache Hits 2162 Protocol Brush Cache Hit Ratio 2164 Protocol Save Screen Bitmap Cache Reads 2166 Protocol Save Screen Bitmap Cache Hits 2168 Protocol Save Screen Bitmap Cache Hit Ratio 2170 Input Compression Ratio 2172 Output Compression Ratio 2174 Total Compression Ratio 2176 Terminal Services 2178 Total Sessions 2180 Active Sessions 2182 Inactive Sessions 2184 Distributed Transaction Coordinator 2186 Active Transactions 2188 Committed Transactions 2190 Aborted Transactions 2192 In Doubt Transactions 2194 Active Transactions Maximum 2196 Force Committed Transactions 2198 Force Aborted Transactions 2200 Response Time -- Minimum 2202 Response Time -- Average 2204 Response Time -- Maximum 2206 Transactions/sec 2208 Committed Transactions/sec 2210 Aborted Transactions/sec 2212 Indexing Service 2214 Word lists 2216 Saved indexes 2218 Index size (MB) 2220 Files to be indexed 2222 Unique keys 2224 Running queries 2226 Merge progress 2228 # documents indexed 2230 Total # documents 2232 Total # of queries 2234 Deferred for indexing 2236 Indexing Service Filter 2238 Total indexing speed (MB/hr) 2240 Binding time (msec) 2242 Indexing speed (MB/hr) 2244 Http Indexing Service 2246 Cache items 2248 % Cache hits 2250 Total cache accesses 1 2252 % Cache misses 2254 Total cache accesses 2 2256 Active queries 2258 Total queries 2260 Queries per minute 2262 Current requests queued 2264 Total requests rejected 2864 .NET CLR Networking 2866 Connections Established 2868 Bytes Received 2870 Bytes Sent 2872 Datagrams Received 2874 Datagrams Sent 2876 .NET Data Provider for Oracle 2878 HardConnectsPerSecond 2880 HardDisconnectsPerSecond 2882 SoftConnectsPerSecond 2884 SoftDisconnectsPerSecond 2886 NumberOfNonPooledConnections 2888 NumberOfPooledConnections 2890 NumberOfActiveConnectionPoolGroups 2892 NumberOfInactiveConnectionPoolGroups 2894 NumberOfActiveConnectionPools 2896 NumberOfInactiveConnectionPools 2898 NumberOfActiveConnections 2900 NumberOfFreeConnections 2902 NumberOfStasisConnections 2904 NumberOfReclaimedConnections 2906 .NET Data Provider for SqlServer 2908 HardConnectsPerSecond 2910 HardDisconnectsPerSecond 2912 SoftConnectsPerSecond 2914 SoftDisconnectsPerSecond 2916 NumberOfNonPooledConnections 2918 NumberOfPooledConnections 2920 NumberOfActiveConnectionPoolGroups 2922 NumberOfInactiveConnectionPoolGroups 2924 NumberOfActiveConnectionPools 2926 NumberOfInactiveConnectionPools 2928 NumberOfActiveConnections 2930 NumberOfFreeConnections 2932 NumberOfStasisConnections 2934 NumberOfReclaimedConnections 2936 .NET CLR Data 2938 SqlClient: Current # pooled and nonpooled connections 2940 SqlClient: Current # pooled connections 2942 SqlClient: Current # connection pools 2944 SqlClient: Peak # pooled connections 2946 SqlClient: Total # failed connects 2948 SqlClient: Total # failed commands 2950 .NET CLR Memory 2952 # Gen 0 Collections 2954 # Gen 1 Collections 2956 # Gen 2 Collections 2958 Promoted Memory from Gen 0 2960 Promoted Memory from Gen 1 2962 Gen 0 Promoted Bytes/Sec 2964 Gen 1 Promoted Bytes/Sec 2966 Promoted Finalization-Memory from Gen 0 2968 Process ID 2970 Gen 0 heap size 2972 Gen 1 heap size 2974 Gen 2 heap size 2976 Large Object Heap size 2978 Finalization Survivors 2980 # GC Handles 2982 Allocated Bytes/sec 2984 # Induced GC 2986 % Time in GC 2988 Not Displayed 2990 # Bytes in all Heaps 2992 # Total committed Bytes 2994 # Total reserved Bytes 2996 # of Pinned Objects 2998 # of Sink Blocks in use 3000 .NET CLR Loading 3002 Total Classes Loaded 3004 % Time Loading 3006 Assembly Search Length 3008 Total # of Load Failures 3010 Rate of Load Failures 3012 Bytes in Loader Heap 3014 Total appdomains unloaded 3016 Rate of appdomains unloaded 3018 Current Classes Loaded 3020 Rate of Classes Loaded 3022 Current appdomains 3024 Total Appdomains 3026 Rate of appdomains 3028 Current Assemblies 3030 Total Assemblies 3032 Rate of Assemblies 3034 .NET CLR Jit 3036 # of Methods Jitted 3038 # of IL Bytes Jitted 3040 Total # of IL Bytes Jitted 3042 IL Bytes Jitted / sec 3044 Standard Jit Failures 3046 % Time in Jit 3048 Not Displayed 3050 .NET CLR Interop 3052 # of CCWs 3054 # of Stubs 3056 # of marshalling 3058 # of TLB imports / sec 3060 # of TLB exports / sec 3062 .NET CLR LocksAndThreads 3064 Total # of Contentions 3066 Contention Rate / sec 3068 Current Queue Length 3070 Queue Length Peak 3072 Queue Length / sec 3074 # of current logical Threads 3076 # of current physical Threads 3078 # of current recognized threads 3080 # of total recognized threads 3082 rate of recognized threads / sec 3084 .NET CLR Security 3086 Total Runtime Checks 3088 % Time Sig. Authenticating 3090 # Link Time Checks 3092 % Time in RT checks 3094 Not Displayed 3096 Stack Walk Depth 3098 .NET CLR Remoting 3100 Remote Calls/sec 3102 Channels 3104 Context Proxies 3106 Context-Bound Classes Loaded 3108 Context-Bound Objects Alloc / sec 3110 Contexts 3112 Total Remote Calls 3114 .NET CLR Exceptions 3116 # of Exceps Thrown 3118 # of Exceps Thrown / sec 3120 # of Filters / sec 3122 # of Finallys / sec 3124 Throw To Catch Depth / sec 3784 Windows Workflow Foundation 3786 Workflows Created 3788 Workflows Created/sec 3790 Workflows Unloaded 3792 Workflows Unloaded/sec 3794 Workflows Loaded 3796 Workflows Loaded/sec 3798 Workflows Completed 3800 Workflows Completed/sec 3802 Workflows Suspended 3804 Workflows Suspended/sec 3806 Workflows Terminated 3808 Workflows Terminated/sec 3810 Workflows In Memory 3812 Workflows Aborted 3814 Workflows Aborted/sec 3816 Workflows Persisted 3818 Workflows Persisted/sec 3820 Workflows Executing 3822 Workflows Idle/sec 3824 Workflows Runnable 3826 Workflows Pending 3828 ServiceModelEndpoint 3.0.0.0 3830 Calls 3832 Calls Per Second 3834 Calls Outstanding 3836 Calls Failed 3838 Calls Failed Per Second 3840 Calls Faulted 3842 Calls Faulted Per Second 3844 Calls Duration 3846 Calls Duration Base 3848 Transactions Flowed 3850 Transactions Flowed Per Second 3852 Security Validation and Authentication Failures 3854 Security Validation and Authentication Failures Per Second 3856 Security Calls Not Authorized 3858 Security Calls Not Authorized Per Second 3860 Reliable Messaging Sessions Faulted 3862 Reliable Messaging Sessions Faulted Per Second 3864 Reliable Messaging Messages Dropped 3866 Reliable Messaging Messages Dropped Per Second 3868 ServiceModelOperation 3.0.0.0 3870 Calls 3872 Calls Per Second 3874 Calls Outstanding 3876 Calls Failed 3878 Call Failed Per Second 3880 Calls Faulted 3882 Calls Faulted Per Second 3884 Calls Duration 3886 Calls Duration Base 3888 Transactions Flowed 3890 Transactions Flowed Per Second 3892 Security Validation and Authentication Failures 3894 Security Validation and Authentication Failures Per Second 3896 Security Calls Not Authorized 3898 Security Calls Not Authorized Per Second 3900 ServiceModelService 3.0.0.0 3902 Calls 3904 Calls Per Second 3906 Calls Outstanding 3908 Calls Failed 3910 Calls Failed Per Second 3912 Calls Faulted 3914 Calls Faulted Per Second 3916 Calls Duration 3918 Calls Duration Base 3920 Transactions Flowed 3922 Transactions Flowed Per Second 3924 Transacted Operations Committed 3926 Transacted Operations Committed Per Second 3928 Transacted Operations Aborted 3930 Transacted Operations Aborted Per Second 3932 Transacted Operations In Doubt 3934 Transacted Operations In Doubt Per Second 3936 Security Validation and Authentication Failures 3938 Security Validation and Authentication Failures Per Second 3940 Security Calls Not Authorized 3942 Security Calls Not Authorized Per Second 3944 Instances 3946 Instances Created Per Second 3948 Reliable Messaging Sessions Faulted 3950 Reliable Messaging Sessions Faulted Per Second 3952 Reliable Messaging Messages Dropped 3954 Reliable Messaging Messages Dropped Per Second 3956 Queued Poison Messages 3958 Queued Poison Messages Per Second 3960 Queued Messages Rejected 3962 Queued Messages Rejected Per Second 3964 Queued Messages Dropped 3966 Queued Messages Dropped Per Second 3968 SMSvcHost 3.0.0.0 3970 Protocol Failures over net.tcp 3972 Protocol Failures over net.pipe 3974 Dispatch Failures over net.tcp 3976 Dispatch Failures over net.pipe 3978 Connections Dispatched over net.tcp 3980 Connections Dispatched over net.pipe 3982 Connections Accepted over net.tcp 3984 Connections Accepted over net.pipe 3986 Registrations Active for net.tcp 3988 Registrations Active for net.pipe 3990 Uris Registered for net.tcp 3992 Uris Registered for net.pipe 3994 Uris Unregistered for net.tcp 3996 Uris Unregistered for net.pipe 3998 MSDTC Bridge 3.0.0.0 4000 Message send failures/sec 4002 Prepare retry count/sec 4004 Commit retry count/sec 4006 Prepared retry count/sec 4008 Replay retry count/sec 4010 Faults received count/sec 4012 Faults sent count/sec 4014 Average participant prepare response time 4016 Average participant prepare response time Base 4018 Average participant commit response time 4020 Average participant commit response time Base 4680 ASP.NET State Service 4886 State Server Sessions Active 4888 State Server Sessions Abandoned 4890 State Server Sessions Timed Out 4892 State Server Sessions Total 4894 ASP.NET v2.0.50727 4896 ASP.NET Apps v2.0.50727 4898 Application Restarts 4900 Applications Running 4902 Requests Disconnected 4904 Request Execution Time 4906 Requests Rejected 4908 Requests Queued 4910 Worker Processes Running 4912 Worker Process Restarts 4914 Request Wait Time 4916 State Server Sessions Active 4918 State Server Sessions Abandoned 4920 State Server Sessions Timed Out 4922 State Server Sessions Total 4924 Requests Current 4926 Audit Success Events Raised 4928 Audit Failure Events Raised 4930 Error Events Raised 4932 Request Error Events Raised 4934 Infrastructure Error Events Raised 4936 Anonymous Requests 4938 Anonymous Requests/Sec 4940 Cache Total Entries 4942 Cache Total Turnover Rate 4944 Cache Total Hits 4946 Cache Total Misses 4948 Cache Total Hit Ratio 4950 Cache Total Hit Ratio Base 4952 Cache API Entries 4954 Cache API Turnover Rate 4956 Cache API Hits 4958 Cache API Misses 4960 Cache API Hit Ratio 4962 Cache API Hit Ratio Base 4964 Output Cache Entries 4966 Output Cache Turnover Rate 4968 Output Cache Hits 4970 Output Cache Misses 4972 Output Cache Hit Ratio 4974 Output Cache Hit Ratio Base 4976 Compilations Total 4978 Debugging Requests 4980 Errors During Preprocessing 4982 Errors During Compilation 4984 Errors During Execution 4986 Errors Unhandled During Execution 4988 Errors Unhandled During Execution/Sec 4990 Errors Total 4992 Errors Total/Sec 4994 Pipeline Instance Count 4996 Request Bytes In Total 4998 Request Bytes Out Total 5000 Requests Executing 5002 Requests Failed 5004 Requests Not Found 5006 Requests Not Authorized 5008 Requests In Application Queue 5010 Requests Timed Out 5012 Requests Succeeded 5014 Requests Total 5016 Requests/Sec 5018 Sessions Active 5020 Sessions Abandoned 5022 Sessions Timed Out 5024 Sessions Total 5026 Transactions Aborted 5028 Transactions Committed 5030 Transactions Pending 5032 Transactions Total 5034 Transactions/Sec 5036 Session State Server connections total 5038 Session SQL Server connections total 5040 Events Raised 5042 Events Raised/Sec 5044 Application Lifetime Events 5046 Application Lifetime Events/Sec 5048 Error Events Raised 5050 Error Events Raised/Sec 5052 Request Error Events Raised 5054 Request Error Events Raised/Sec 5056 Infrastructure Error Events Raised 5058 Infrastructure Error Events Raised/Sec 5060 Request Events Raised 5062 Request Events Raised/Sec 5064 Audit Success Events Raised 5066 Audit Failure Events Raised 5068 Membership Authentication Success 5070 Membership Authentication Failure 5072 Forms Authentication Success 5074 Forms Authentication Failure 5076 Viewstate MAC Validation Failure 5078 Request Execution Time 5080 Requests Disconnected 5082 Requests Rejected 5084 Request Wait Time 5086 Cache % Machine Memory Limit Used 5088 Cache % Machine Memory Limit Used Base 5090 Cache % Process Memory Limit Used 5092 Cache % Process Memory Limit Used Base 5094 Cache Total Trims 5096 Cache API Trims 5098 Output Cache Trims 5100 ASP.NET 5102 ASP.NET Applications 5104 Application Re

dédétraqué · Answer

Salut cedric18om


Ton rapport n'est pas complet, utilise cjoint.com pour poster en lien ton rapport :
https://www.cjoint.com/

- Clique sur Parcourir pour aller chercher le rapport
- Clique sur Ouvrir ensuite sur Créer le lien Cjoint

- Fais un copier/coller du lien qui est devant Le lien a été créé: dans ta prochaine réponse.


@++  :)

cedric18om · Answer

http://cjoint.com/data/cpnILgNTkk.htm

J'espère que c'est bon ce que j'ai fait !

dédétraqué · Answer

Salut cedric18om


C'est pas ce que j'espérais, on va faire autrement.

- Double-clique sur SystemLook.exe pour le lancer.

- Copie le contenu en gras ci-dessous et colle-le dans la zone texte de SystemLook :

 :reg
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run /s

- Clique sur le bouton Look pour démarrer l'examen.
- A la fin, le Bloc-notes s'ouvre avec le résultat de l'analyse. Copie-colle le rapport dans ta prochaine réponse.


@++   :)

cedric18om · Answer

SystemLook v1.0 by jpshortstuff (11.01.10)
Log created at 13:14 on 16/02/2010 by Castor Troy (Administrator - Elevation successful)

========== reg ==========

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Alcmtr"="ALCMTR.EXE"
"ATICustomerCare"=""C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe""
"avgnt"=""C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min"
"CamserviceDP"="C:\Program Files\Hercules\DualPix Exchange\Camservice.exe /startup"
"GEST"="m’|\ü"
"NvCplDaemon"="RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup"
"NvMediaCenter"="RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit"
"nwiz"="C:\Program Files\NVIDIA Corporation
View
wiz.exe /install"
"ORAHSSSessionManager"="C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe"
"RTHDCPL"="RTHDCPL.EXE"
"StartCCC"=""C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun"
"SunJavaUpdateSched"=""C:\Program Files\Java\jre6\bin\jusched.exe""


-=End Of File=-

dédétraqué · Answer

Salut cedric18om


Bon OK toujours ces caractères, connais-tu ce programme au démarrage :
"GEST"="m’|\ü" 


Si non voir dans menu démarrer/Exécuter et tape msconfig, OK pour valider.
Regarde dans l'onglet Démarrage et voir dans Élément de démarrage si tu voie GEST, si oui copie moi la Commande qui est a coté.


@++   :)

cedric18om · Answer

J'ai fait ce que tu m'as dit mais je ne vois pas GEST !

dédétraqué · Answer

Salut cedric18om


OK c'est bien ce que je pensait, voici la suite :

Important Désactive TeaTimer le résident de Spybot, il va gêner la désinfection en empêchant la modification des BHO


- Démarre Spybot clique sur Mode coche Mode avancé
- A gauche clique sur Outils ==> Résident 

- Décoche la case devant Résident "TeaTimer", voir la capture : 

http://apu.mabul.org/up/5/apu-5-gpdx9e06cwz2dypom2q7n6nc.jpg

- Quitte Spybot


-----


Double clique sur le raccourci d'HijackThis sur ton Bureau, clique sur Do a scan system only coche la case devant la(les) ligne(s) suivante(s) si présente(s)
Si pas de raccourci sur le bureau, il ce trouve ici :
C:\Program Files	rend micro\Castor Troy.exe

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) 
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) 
O4 - HKLM\..\Run: [GEST] m’|\ü     
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"


- Ferme les fenêtres en cours sauf HijackThis, clique sur Fix checked 

- Quitte HijackThis


-----


On va vérifier si rien de caché :

Faire un scan avec Nod32 en ligne (il faut utiliser Internet Explorer) ici :

https://www.eset.com/int/home/online-scanner/

(coche toutes les cases à chaque fois, sauf les deux dernières a la fin du scan, sinon le rapport est supprimer) 
A la fin, colle le rapport : C:\Program Files\EsetOnlineScanner\log.txt


@++   :)

cedric18om · Answer

J'ai fait précisément tout ce que tu m'as dit mais je n'ai pas touvé les 2 cases à ne pas cocher à la fin du scan !
Qui ne signalait aucune anomalie.

dédétraqué · Answer

Salut cedric18om


Cela est bon alors si rien trouvé, as-tu d'autre souci?


@++   :)

cedric18om · Answer

Suite à ton dernier message,j'ai tenté de réinstallé les derniers drivers,j'ai donc redémarré et là écran bleu qui disait :

"Un processsus ou une thread crucialau fonctionnement du système s'est terminéea été interrompu de façon innatendue"
"Début du vidage de la mémoire physique
Vidage mémoire physique terminée"

Jai donc éteint manuellement le PC et en me connectant,drivers toujours pas réinstallés  :(

dédétraqué · Answer

Salut cedric18om


Donne moi le code de l'erreur dans l'écran bleu juste après la mention Erreur STOP.
Par exemple : "0x0000001D (0x000E00E0, 0XF83207D0, 0XF83204D0, OXF46E9F4F)".
Parfois, l'intitulé est également indiqué.
Par exemple : NO_SPIN_LOCK_AVAILABLE.

Le code de l'erreur est en gras dans cet exemple.


@++   :)

cedric18om · Answer

Comment je peux faire pour que l'écran bleu réapparaisse ?

dédétraqué · Answer

Salut cedric18om


On ne peut pas la faire réapparaitre cette écran.
Cela dit quoi dans le Gestionnaire de périphériques, va dans le menu démarrer/Exécuter et tape devmgmt.msc clic sur OK, voir si tu as des ? où ! jaune.


@++  :)

cedric18om · Answer

Non pas de "?" ou "!" jaunes.

dédétraqué · Answer

Salut cedric18om 


Alors pas de souci de ce coté, quel périphérique essais-tu de mettre à jour?

Si tout fonctionne bien je ne voie pas l'intérêt de changer de driver, tu installes probablement pas la bonne chose et cela te provoque l'écran bleu.


@++   :)

cedric18om · Answer

J'installe les drivers avec le CD fourni avec ma carte graphique.
Enfin je réinstalle.

Comment je peux savoir quel périphérique manquant que je veux installer ?

Et oui,je débute ...

Merci encore pour ton attention !

dédétraqué · Answer

Salut cedric18om 


Bien si tu n'as pas de ? où ! jaune dans le gestionnaire de périphériques, alors cela veux dire que tout est bien installé et qu'il ne manque rien.


@++   :)

cedric18om · Answer

Ok mais comment expliquer que  depuis plus d'une semaine :

1)quand je fais défiler une page de haut en bas,ça se fait par "vagues",ça rame
2)une page ne tient plus en entier,il y a des flèches à droite et en bas de l'écran pour pouvoir toute la page
3)et les caractères (la police)est plus grande qu'avant

dédétraqué · Answer

Salut cedric18om


Tu parles de Firefox là?


@++   :)

cedric18om · Answer

Non,d'Internet explorer

dédétraqué · Answer

Salut cedric18om


Voir à remettre les paramètres par défauts :

Ouvre IE, dans le haut clique sur Outils/Options Internet et dans le dernier onglet Avancé, clique dans le bas sur Réinitialiser...
Dans la nouvelle fenêtre ne coche aucune case et clique sur Réinitialiser, faudra redémarrer IE pour que cela soit pris en compte.


Tiens moi au courant si du mieux


@++ :)

cedric18om · Answer

Toujours pareil :(

dédétraqué · Answer

Salut cedric18om


Cela te fait-il la même chose avec Firefox?


@++   :)

cedric18om · Answer

Non sur Mozilla tout va bien !

dédétraqué · Answer

Salut cedric18om


Via Ajout/Suppression de programmes désinstalle Internet Explorer 8 

Et voir a sa réinstallation :
https://support.microsoft.com/en-US/topic/internet-explorer-downloads-d49e1f0d-571c-9a7b-d97e-be248806ca70


@++   :)

cedric18om · Answer

Toujours pareil :(

cedric18om · Answer

Bon j'en déduis que je dois changer de navigateur :(

Je tiens à te remercier du suivi pendant 1 semaine,c'est sympa ! ^^

Dernière question,que mle conseilles-tu d'installé comme protection ?

J'ai Antivir et pare feu windows,je dois en changer ? Autre sécurité à ajouter ?

dédétraqué · Answer

Salut cedric18om


Effectivement j'ai pas trop d'idée pour IE8, quelque astuce sur le site de Microsoft ici :
http://support.microsoft.com/kb/936213/fr

Un pare feu autre que celui de Windows (COMODO, ZoneAlarm, Kerio, etc...), avec MalwareByte's cela devrais être bon.


On va faire un ménage des outils téléchargés pour la désinfection, télécharge Tools Cleaner sur le bureau :

http://pc-system.fr/


- Double clique sur ToolsCleaner2.exe sur le bureau
- Clique sur Recherche et laisse le scan agir.
- Clique sur Suppression pour finaliser.
- Tu peux, si tu le souhaites, te servir des Options facultatives.
- Clique sur Quitter pour obtenir le rapport.
- Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).
- Si des outils restes après le passage de Tools Cleaner, tu pourras les supprimer manuellement ainsi que tous les rapports qui on été généré lors de la désinfection.


-----


Important de mettre à jour Windows et tes logiciels :
Mettre Windows(catégories critique, Services Pack et Services Release) à jour : http://www.windowsupdate.com/windowsupdate/v6/default.aspx

Faire un scan de vulnérabilités afin de vérifier que tes logiciels soit à jour sans failles de sécurités et mettre à jour :
https://www.malekal.com/tester-la-vulnerabilite-de-son-systeme-2/

Faire un ménage des fichiers inutiles et de la base de registre : 
https://www.malekal.com/tutoriel-ccleaner/

Dis moi quand cela est fais où si tu as des soucis et on passe à la résolution du sujet par la suite.


@++ :)

cedric18om · Answer

[ Rapport ToolsCleaner version 2.3.11 (par A.Rothstein & dj QUIOU) ]

--> Recherche: 

C:\Rsit: trouvé !
C:\Ad-remover: trouvé !
C:\Documents and Settings\Castor Troy\Bureau\HijackThis.exe: trouvé !
C:\Documents and Settings\Castor Troy\Bureau\Rsit.exe: trouvé !
C:\Program Files	rend micro\HijackThis.exe: trouvé !
C:\Program Files	rend micro\hijackthis.log: trouvé !

---------------------------------
--> Suppression: 

C:\Documents and Settings\Castor Troy\Bureau\HijackThis.exe: supprimé !
C:\Program Files	rend micro\HijackThis.exe: supprimé !
C:\Documents and Settings\Castor Troy\Bureau\Rsit.exe: supprimé !
C:\Program Files	rend micro\hijackthis.log: supprimé !
C:\Rsit: supprimé !
C:\Ad-remover: supprimé !

dédétraqué · Answer

Salut cedric18om


Cela est bon, tu pourras supprimer ToolsCleaner.


Je te donne quelques consignes de sécurité :

-  Windows Update  parfaitement à jour http://www.windowsupdate.com/windowsupdate/v6/default.aspx (catégories critique, Services Pack et Services Release)
- pare-feu bien paramétré, je te conseil ZoneAlarm : 
https://www.malekal.com/tutoriel-zonealarm-firewall/
- antivirus bien paramétré et mis à jour régulièrement (quotidiennement s'il le faut) avec un scan complet régulier (journalier s'il le faut).
- une attitude prudente vis à vis de la navigation (pas de sites douteux : cracks, warez, sexe...) et vis à vis de la messagerie (fichiers joints aux messages doivent être scannés avant d'être ouverts)
- pas de téléchargement illégal, qui est le principal facteur d’infection (µTorrent, BitTorrent, eMule, Limewire, etc..)   http://forum.malekal.com/ftopic893.php
- une attitude vigilante (être à l'affût d'un fonctionnement inhabituel de son système)
- nettoyage hebdomadaire du système (suppression des fichiers inutiles, nettoyage de la base de registre, scandisk, defrag)
- scan hebdomadaire antispyware, je conseil MalwareByte's Anti-Malware :
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
- un contrôle régulier de la console JAVA pour s'assurer qu'elle est à jour :
https://www.java.com/en/download/uninstalltool.jsp 
- faire régulièrement un scan de vulnérabilités afin de vérifier que tes logiciels soit à jour sans failles de sécurités :
https://www.malekal.com/tester-la-vulnerabilite-de-son-systeme-2/


De bonne lecture si tu veux en savoir plus sur la sécurité et le fonctionnement de Windows :
http://www.malekal.com/menu_windows_general.php
http://www.malekal.com/menu_windows_securite.php

Si tu considères ton problème comme résolu, tu pourras mettre en résolu :
https://www.commentcamarche.net/infos/25917-marquer-un-fil-de-discussion-comme-etant-resolu/

Bonne journée/soirée et bon surf   


@++  :)

cedric18om · Answer

Salut Dédétraqué ! 

Bon je réponds en retard mais c'était pour te dire que je te remercie beaucoup beaucoup pour le temps que tu m'as accordé et que le problème a bien été résolu ^^

Et merci aussi pour tous les conseils de sécurité ! ^^

Bonne continuation collègue ^^

dédétraqué · Answer

Salut cedric18om 


Bien de rien cela a été un plaisir, soit prudent  ;)


@++   :)

Virus !!!

44 réponses

Discussions similaires