kapersky 2010 impossible à mettre à jour [ RESOLU ]

(2 Pages)
1
2
→

Vous ne pouvez pas commencer un sujet
Vous ne pouvez pas répondre à ce sujet

kapersky 2010 impossible à mettre à jour [ RESOLU ] Noter :

#1 zagstruck

Junior Member

Groupe : Membres
Messages : 7
Inscrit(e) : 19-décembre 09

Posté 19 décembre 2009 - 05:54

bonsoir,
Je suis tout nouveau, je viens de m'inscrire ayant un problème d'infection, mon antivirus ne peut plus faire de mise a jour ( privilège insufisant )
j'ai essayer de le reinstaller, et il me dit que les bases sont corrompue.
si vous pouvez m'aider a enlever cette infection en detaillant les manipulations a faire n'en n'ayant jamais fait.

bonne soirée merci

voici le rapport de hijackthis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:18:30, on 19/12/2009
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\ludo\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
C:\Program Files (x86)\Mumble\dbus-daemon.exe
C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe
C:\Program Files (x86)\Java\jre6\bin\jusched.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Skype\Toolbars\Shared\SkypeNames.exe
C:\PROGRA~2\FREEDO~1\fdm.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Users\ludo\Desktop\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [PokeCreative] "C:\ProgramData\FaceManagerManager.0t6cm5"
O4 - HKCU\..\Run: [media bore program mapi] "C:\ProgramData\Phone Bash Extra.xous8"
O4 - HKCU\..\Run: [Steam] "c:\program files (x86)\steam\steam.exe" -silent
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Startup: Notification de cadeaux MSN.lnk = ludo\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe
O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
O8 - Extra context menu item: Ajouter à l'Anti-bannière - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlfvideo.htm
O9 - Extra button: Clavier &virtuel - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: Analyse des &liens - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: ASUS System Control Service (AsSysCtrlService) - Unknown owner - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
O23 - Service: Dragon Age: Origins - Application de mise à jour (DAUpdaterSvc) - BioWare - C:\Program Files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9713 bytes

Ce message a été modifié par zagstruck - 03 janvier 2010 - 05:05 .

Retour en haut of the page up there ^

#2 Gof

Tera Power Extrem Member

Groupe : Modérateur [Gof]
Messages : 9764
Inscrit(e) : 26-novembre 05

Posté 21 décembre 2009 - 08:12

Bonsoir zagstruck

Citation

Messages: 1

Bienvenue sur les forums de Zebulon.

Quelques liens pour t'aider à commencer :

On va y aller tranquillement, car je ne suis pas à l'aise avec les systèmes 64 bits. Les infections généralement ne sont pas couramment adaptées à ce type de systèmes, et ne peuvent s'étendre de la même façon que sous un 32 bits (sauf celles dédiées et étudiées pour, évidemment). Il est donc probable qu'il n'y ait pas grand chose d'infectieux dans l'origine de tes soucis, mais on va regarder ça. Il y a manifestement une petite infection de type Lop. Il peut arriver avec Kasperksy que les bases soient corrompues, auquel cas il faut désinstaller proprement et réinstaller. Pour l'instant, n'en fais rien, on va regarder un peu.

Télécharge Malwarebytes' Anti-Malware (MBAM)

Double clique sur le fichier téléchargé pour lancer le processus d'installation.
Dans l'onglet "mise à jour", clique sur le bouton "Recherche de mise à jour": si le pare-feu demande l'autorisation à MBAM de se connecter, accepte.
Une fois la mise à jour terminée, rends-toi dans l'onglet "Recherche".
Branche tes supports amovibles (clés USB, lecteurs MP3, cartes Flash, etc.) sans les ouvrir.
Sélectionne "Exécuter un examen complet"
Clique sur "Rechercher"
L'analyse démarre.
A la fin de l'analyse, un message s'affiche :

Citation
L'examen s'est terminé normalement. Clique sur 'Afficher les résultats' pour afficher tous les objets trouvés.

Clique sur "Ok" pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
Ferme tes navigateurs.
Si des malwares ont été détectés, clique sur Afficher les résultats.
Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport et poste-le dans ta prochaine réponse.

Télécharge ensuite OTS de OldTimer

Assure toi que la case "Include 64Bit Scans" soit cochée
Clique sur Run Scan et laisse l'outil travailler.
Lorsque le Bloc-notes s'ouvrira, copie-colle le contenu du rapport dans ta prochaine réponse

Help ! Pourquoi... Gof ? * La Mare du Gof

Retour en haut of the page up there ^

#3 zagstruck

Junior Member

Groupe : Membres
Messages : 7
Inscrit(e) : 19-décembre 09

Posté 21 décembre 2009 - 08:59

tout d'abord je tiens a te remercier de ton aide

rapport MBAM:

Malwarebytes' Anti-Malware 1.42
Version de la base de données: 3405
Windows 6.1.7600
Internet Explorer 8.0.7600.16385

21/12/2009 20:41:07
mbam-log-2009-12-21 (20-41-07).txt

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 246410
Temps écoulé: 19 minute(s), 3 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

Ce message a été modifié par zagstruck - 21 décembre 2009 - 09:06 .

Retour en haut of the page up there ^

#4 zagstruck

Junior Member

Groupe : Membres
Messages : 7
Inscrit(e) : 19-décembre 09

Posté 21 décembre 2009 - 09:08

et le rapport OST:

OTS logfile created on: 21/12/2009 20:46:04 - Run 1
OTS by OldTimer - Version 3.1.12.0 Folder = C:\Downloads\Software
64bit- An unknown product (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 70,00% Memory free
8,00 Gb Paging File | 7,00 Gb Available in Paging File | 85,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 279,46 Gb Total Space | 129,22 Gb Free Space | 46,24% Space Free | Partition Type: NTFS
Drive D: | 309,02 Gb Total Space | 99,97 Gb Free Space | 32,35% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DÉDÉ
Current User Name: ludo
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days

[Processes - Safe List]
ots.exe -> C:\Downloads\Software\OTS.exe -> [2009/12/21 20:10:54 | 00,598,528 | ---- | M] (OldTimer Tools)
aawtray.exe -> C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe -> [2009/12/21 01:49:29 | 00,788,880 | ---- | M] (Lavasoft)
aawservice.exe -> C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -> [2009/12/21 01:49:27 | 01,181,328 | ---- | M] (Lavasoft)
pnkbstra.exe -> C:\Windows\SysWOW64\PnkBstrA.exe -> [2009/11/22 12:34:49 | 00,066,872 | ---- | M] ()
lsnfier.exe -> C:\Users\ludo\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe -> [2009/11/19 19:52:38 | 00,135,680 | ---- | M] (Microsoft Corporation)
dtlite.exe -> C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -> [2009/10/30 12:57:08 | 00,369,200 | ---- | M] (DT Soft Ltd)
avp.exe -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe -> [2009/10/20 19:39:28 | 00,340,456 | ---- | M] (Kaspersky Lab)
jusched.exe -> C:\Program Files (x86)\Java\jre6\bin\jusched.exe -> [2009/10/11 04:17:36 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.)
skype.exe -> C:\Program Files (x86)\Skype\Phone\Skype.exe -> [2009/10/09 13:11:12 | 25,623,336 | R--- | M] (Skype Technologies S.A.)
skypepm.exe -> C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe -> [2009/10/09 13:11:12 | 00,078,008 | R--- | M] (Skype Technologies)
reader_sl.exe -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe -> [2009/10/03 04:08:38 | 00,035,696 | ---- | M] (Adobe Systems Incorporated)
aawwsc.exe -> C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWWSC.exe -> [2009/09/23 08:55:40 | 00,707,704 | ---- | M] ()
soffice.bin -> C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin -> [2009/08/19 10:31:42 | 07,418,368 | ---- | M] (OpenOffice.org)
soffice.exe -> C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe -> [2009/08/19 10:31:40 | 07,424,000 | ---- | M] (OpenOffice.org)
msnmsgr.exe -> C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe -> [2009/07/26 16:44:52 | 03,883,856 | ---- | M] (Microsoft Corporation)
sixengine.exe -> C:\Program Files (x86)\ASUS\EPU-6 Engine\SixEngine.exe -> [2009/05/25 10:33:50 | 06,017,024 | ---- | M] ()
assysctrlservice.exe -> C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe -> [2009/04/02 12:27:26 | 00,090,112 | ---- | M] ()
nmindexstoresvr.exe -> C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe -> [2008/01/22 10:13:32 | 01,201,448 | ---- | M] (Nero AG)
nmindexingservice.exe -> C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe -> [2008/01/22 10:13:26 | 00,275,752 | ---- | M] (Nero AG)
nmbgmonitor.exe -> C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe -> [2008/01/22 10:13:20 | 00,152,872 | ---- | M] (Nero AG)

[Modules - Safe List]
ots.exe -> C:\Downloads\Software\OTS.exe -> [2009/12/21 20:10:54 | 00,598,528 | ---- | M] (OldTimer Tools)
comctl32.dll -> C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll -> [2009/07/14 02:03:50 | 01,680,896 | ---- | M] (Microsoft Corporation)

[Win32 Services - Safe List]
64bit-(AMD External Events Utility) [Auto | Running] -> C:\Windows\SysNative\atiesrxx.exe -> [2009/08/18 02:36:20 | 00,203,264 | ---- | M] (AMD)
64bit-(WwanSvc) [On_Demand | Stopped] -> C:\Windows\SysNative\wwansvc.dll -> [2009/07/14 02:41:59 | 00,229,888 | ---- | M] (Microsoft Corporation)
64bit-(WbioSrvc) [On_Demand | Stopped] -> C:\Windows\SysNative\wbiosrvc.dll -> [2009/07/14 02:41:56 | 00,202,240 | ---- | M] (Microsoft Corporation)
64bit-(UmRdpService) [On_Demand | Stopped] -> C:\Windows\SysNative\umrdp.dll -> [2009/07/14 02:41:56 | 00,195,072 | ---- | M] (Microsoft Corporation)
64bit-(Power) [Auto | Running] -> C:\Windows\SysNative\umpo.dll -> [2009/07/14 02:41:56 | 00,163,840 | ---- | M] (Microsoft Corporation)
64bit-(Themes) [Auto | Running] -> C:\Windows\SysNative\themeservice.dll -> [2009/07/14 02:41:55 | 00,044,544 | ---- | M] (Microsoft Corporation)
64bit-(sppuinotify) [On_Demand | Stopped] -> C:\Windows\SysNative\sppuinotify.dll -> [2009/07/14 02:41:54 | 00,065,536 | ---- | M] (Microsoft Corporation)
64bit-(SensrSvc) [On_Demand | Stopped] -> C:\Windows\SysNative\sensrsvc.dll -> [2009/07/14 02:41:54 | 00,029,184 | ---- | M] (Microsoft Corporation)
64bit-(StorSvc) [On_Demand | Stopped] -> C:\Windows\SysNative\StorSvc.dll -> [2009/07/14 02:41:54 | 00,017,920 | ---- | M] (Microsoft Corporation)
64bit-(PeerDistSvc) [On_Demand | Stopped] -> C:\Windows\SysNative\PeerDistSvc.dll -> [2009/07/14 02:41:53 | 01,361,920 | ---- | M] (Microsoft Corporation)
64bit-(PNRPsvc) [On_Demand | Running] -> C:\Windows\SysNative\pnrpsvc.dll -> [2009/07/14 02:41:53 | 00,327,168 | ---- | M] (Microsoft Corporation)
64bit-(p2pimsvc) [On_Demand | Running] -> C:\Windows\SysNative\pnrpsvc.dll -> [2009/07/14 02:41:53 | 00,327,168 | ---- | M] (Microsoft Corporation)
64bit-(HomeGroupProvider) [On_Demand | Running] -> C:\Windows\SysNative\provsvc.dll -> [2009/07/14 02:41:53 | 00,187,904 | ---- | M] (Microsoft Corporation)
64bit-(RpcEptMapper) [Unknown | Running] -> C:\Windows\SysNative\RpcEpMap.dll -> [2009/07/14 02:41:53 | 00,067,072 | ---- | M] (Microsoft Corporation)
64bit-(PNRPAutoReg) [On_Demand | Stopped] -> C:\Windows\SysNative\pnrpauto.dll -> [2009/07/14 02:41:53 | 00,025,088 | ---- | M] (Microsoft Corporation)
64bit-(WinDefend) [Auto | Stopped] -> C:\Program Files\Windows Defender\mpsvc.dll -> [2009/07/14 02:41:27 | 01,011,712 | ---- | M] (Microsoft Corporation)
64bit-(HomeGroupListener) [On_Demand | Running] -> C:\Windows\SysNative\ListSvc.dll -> [2009/07/14 02:41:18 | 00,231,936 | ---- | M] (Microsoft Corporation)
64bit-(FontCache) [On_Demand | Stopped] -> C:\Windows\SysNative\FntCache.dll -> [2009/07/14 02:40:54 | 01,127,936 | ---- | M] (Microsoft Corporation)
64bit-(Dhcp) [Auto | Running] -> C:\Windows\SysNative\dhcpcore.dll -> [2009/07/14 02:40:28 | 00,314,368 | ---- | M] (Microsoft Corporation)
64bit-(defragsvc) [On_Demand | Stopped] -> C:\Windows\SysNative\defragsvc.dll -> [2009/07/14 02:40:28 | 00,291,328 | ---- | M] (Microsoft Corporation)
64bit-(CscService) [Auto | Running] -> C:\Windows\SysNative\cscsvc.dll -> [2009/07/14 02:40:24 | 00,689,152 | ---- | M] (Microsoft Corporation)
64bit-(bthserv) [On_Demand | Stopped] -> C:\Windows\SysNative\bthserv.dll -> [2009/07/14 02:40:13 | 00,083,968 | ---- | M] (Microsoft Corporation)
64bit-(BDESVC) [Unknown | Stopped] -> C:\Windows\SysNative\bdesvc.dll -> [2009/07/14 02:40:10 | 00,100,864 | ---- | M] (Microsoft Corporation)
64bit-(AxInstSV) [On_Demand | Stopped] -> C:\Windows\SysNative\AxInstSv.dll -> [2009/07/14 02:40:05 | 00,114,688 | ---- | M] (Microsoft Corporation)
64bit-(AppMgmt) [On_Demand | Stopped] -> C:\Windows\SysNative\appmgmts.dll -> [2009/07/14 02:40:01 | 00,193,536 | ---- | M] (Microsoft Corporation)
64bit-(AppIDSvc) [On_Demand | Stopped] -> C:\Windows\SysNative\appidsvc.dll -> [2009/07/14 02:40:01 | 00,032,256 | ---- | M] (Microsoft Corporation)
64bit-(wbengine) [On_Demand | Stopped] -> C:\Windows\SysNative\wbengine.exe -> [2009/07/14 02:39:51 | 01,503,744 | ---- | M] (Microsoft Corporation)
64bit-(sppsvc) [Auto | Stopped] -> C:\Windows\SysNative\sppsvc.exe -> [2009/07/14 02:39:28 | 03,524,608 | ---- | M] (Microsoft Corporation)
64bit-(Fax) [On_Demand | Stopped] -> C:\Windows\SysNative\FXSSVC.exe -> [2009/07/14 02:39:11 | 00,689,152 | ---- | M] (Microsoft Corporation)
64bit-(msvsmon90) [Disabled | Stopped] -> C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe -> [2007/11/08 01:11:22 | 04,466,688 | ---- | M] (Microsoft Corporation)
(Lavasoft Ad-Aware Service) Lavasoft Ad-Aware Service [Auto | Running] -> C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -> [2009/12/21 01:49:27 | 01,181,328 | ---- | M] (Lavasoft)
(Steam Client Service) Steam Client Service [On_Demand | Stopped] -> C:\Program Files (x86)\Common Files\Steam\SteamService.exe -> [2009/12/11 17:10:09 | 00,321,320 | ---- | M] (Valve Corporation)
(PnkBstrA) PnkBstrA [Auto | Running] -> C:\Windows\SysWOW64\PnkBstrA.exe -> [2009/11/22 12:34:49 | 00,066,872 | ---- | M] ()
(Hamachi2Svc) LogMeIn Hamachi 2.0 Tunneling Engine [Auto | Running] -> C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -> [2009/10/29 12:27:56 | 01,767,816 | ---- | M] (LogMeIn Inc.)
(AVP) Kaspersky Internet Security [Auto | Running] -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe -> [2009/10/20 19:39:28 | 00,340,456 | ---- | M] (Kaspersky Lab)
(DAUpdaterSvc) Dragon Age: Origins - Application de mise à jour [On_Demand | Stopped] -> C:\Program Files (x86)\Dragon Age\bin_ship\daupdatersvc.service.exe -> [2009/07/26 06:43:14 | 00,025,832 | ---- | M] (BioWare)
(VSS) Cliché instantané des volumes [On_Demand | Stopped] -> C:\Windows\Vss -> [2009/07/14 04:20:14 | 00,000,000 | ---D | M]
(MSDTC) Coordinateur de transactions distribuées [Unknown | Stopped] -> C:\Windows\SysWOW64\Msdtc -> [2009/07/14 04:20:14 | 00,000,000 | ---D | M]
(HomeGroupProvider) Fournisseur HomeGroup [On_Demand | Running] -> C:\Windows\SysWOW64\provsvc.dll -> [2009/07/14 02:16:12 | 00,165,376 | ---- | M] (Microsoft Corporation)
(Dhcp) Client DHCP [Auto | Running] -> C:\Windows\SysWOW64\dhcpcore.dll -> [2009/07/14 02:15:11 | 00,253,440 | ---- | M] (Microsoft Corporation)
(vds) Disque virtuel [On_Demand | Stopped] -> C:\Windows\SysWOW64\wbem\vds.mof -> [2009/07/13 21:30:11 | 00,061,056 | ---- | M] ()
(clr_optimization_v2.0.50727_64) Microsoft .NET Framework NGEN v2.0.50727_X64 [On_Demand | Stopped] -> C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -> [2009/06/10 21:39:58 | 00,089,920 | ---- | M] (Microsoft Corporation)
(AsSysCtrlService) ASUS System Control Service [Auto | Running] -> C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe -> [2009/04/02 12:27:26 | 00,090,112 | ---- | M] ()
(NMIndexingService) NMIndexingService [On_Demand | Running] -> C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe -> [2008/01/22 10:13:26 | 00,275,752 | ---- | M] (Nero AG)
(NBService) NBService [On_Demand | Stopped] -> C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe -> [2007/11/28 10:27:24 | 00,800,040 | ---- | M] (Nero AG)

[Driver Services - Safe List]
64bit-(atksgt) atksgt [Kernel | Auto | Running] -> C:\Windows\SysNative\drivers\atksgt.sys -> [2009/12/15 17:29:43 | 00,314,016 | ---- | M] ()
64bit-(lirsgt) lirsgt [Kernel | Auto | Running] -> C:\Windows\SysNative\drivers\lirsgt.sys -> [2009/12/15 17:29:41 | 00,043,680 | ---- | M] ()
64bit-(sptd) sptd [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\sptd.sys -> [2009/11/26 16:57:33 | 00,834,544 | ---- | M] ()
64bit-(KLIF) Kaspersky Lab Driver [File_System | System | Running] -> C:\Windows\SysNative\drivers\klif.sys -> [2009/11/22 16:06:49 | 00,353,296 | ---- | M] (Kaspersky Lab)
64bit-(KLIM6) Kaspersky Anti-Virus NDIS 6 Filter [Kernel | System | Running] -> C:\Windows\SysNative\drivers\klim6.sys -> [2009/11/03 16:33:44 | 00,027,152 | ---- | M] (Kaspersky Lab)
64bit-(KLBG) Kaspersky Lab Boot Guard Driver [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\klbg.sys -> [2009/10/14 20:18:38 | 00,040,464 | ---- | M] (Kaspersky Lab)
64bit-(klmouflt) Kaspersky Lab KLMOUFLT [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\klmouflt.sys -> [2009/10/02 18:39:32 | 00,021,008 | ---- | M] (Kaspersky Lab)
64bit-(hamachi) Hamachi Network Interface [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\hamachi.sys -> [2009/09/23 09:42:58 | 00,033,856 | -H-- | M] (LogMeIn, Inc.)
64bit-(kl1) kl1 [Kernel | System | Running] -> C:\Windows\SysNative\drivers\kl1.sys -> [2009/09/01 14:29:56 | 00,157,712 | ---- | M] (Kaspersky Lab)
64bit-(L1E) NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\L1E62x64.sys -> [2009/08/23 13:08:10 | 00,056,320 | ---- | M] (Atheros Communications, Inc.)
64bit-(atikmdag) atikmdag [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\atikmdag.sys -> [2009/08/18 03:48:48 | 06,037,504 | ---- | M] (ATI Technologies Inc.)
64bit-(amdsata) amdsata [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\amdsata.sys -> [2009/07/14 02:52:21 | 00,106,576 | ---- | M] (Advanced Micro Devices)
64bit-(amdxata) amdxata [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\amdxata.sys -> [2009/07/14 02:52:21 | 00,028,752 | ---- | M] (Advanced Micro Devices)
64bit-(amdsbs) amdsbs [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\amdsbs.sys -> [2009/07/14 02:52:20 | 00,194,128 | ---- | M] (AMD Technologies Inc.)
64bit-(KSecPkg) KSecPkg [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\ksecpkg.sys -> [2009/07/14 02:48:04 | 00,153,152 | ---- | M] (Microsoft Corporation)
64bit-(LSI_SAS2) LSI_SAS2 [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\lsi_sas2.sys -> [2009/07/14 02:48:04 | 00,065,600 | ---- | M] (LSI Corporation)
64bit-(hwpolicy) Hardware Policy Driver [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\hwpolicy.sys -> [2009/07/14 02:48:04 | 00,014,416 | ---- | M] (Microsoft Corporation)
64bit-(FsDepends) File System Dependency Minifilter [File_System | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\fsdepends.sys -> [2009/07/14 02:47:49 | 00,055,376 | ---- | M] (Microsoft Corporation)
64bit-(HpSAMD) HpSAMD [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\HpSAMD.sys -> [2009/07/14 02:47:48 | 00,077,888 | ---- | M] (Hewlett-Packard Company)
64bit-(WIMMount) WIMMount [File_System | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\wimmount.sys -> [2009/07/14 02:45:56 | 00,022,096 | ---- | M] (Microsoft Corporation)
64bit-(vhdmp) vhdmp [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\vhdmp.sys -> [2009/07/14 02:45:55 | 00,217,680 | ---- | M] (Microsoft Corporation)
64bit-(vmbus) Bus VMBus [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\vmbus.sys -> [2009/07/14 02:45:55 | 00,200,272 | ---- | M] (Microsoft Corporation)
64bit-(storflt) Pilote de filtre d’accélération de bus VMBus [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\vmstorfl.sys -> [2009/07/14 02:45:55 | 00,046,672 | ---- | M] (Microsoft Corporation)
64bit-(vdrvroot) Pilote d’énumérateur de lecteur virtuel Microsoft [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\vdrvroot.sys -> [2009/07/14 02:45:55 | 00,036,432 | ---- | M] (Microsoft Corporation)
64bit-(storvsc) storvsc [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\storvsc.sys -> [2009/07/14 02:45:55 | 00,034,896 | ---- | M] (Microsoft Corporation)
64bit-(stexstor) stexstor [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\stexstor.sys -> [2009/07/14 02:45:55 | 00,024,656 | ---- | M] (Promise Technology)
64bit-(rdyboost) ReadyBoost [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\rdyboost.sys -> [2009/07/14 02:45:46 | 00,214,096 | ---- | M] (Microsoft Corporation)
64bit-(pcw) Performance Counters for Windows Driver [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\pcw.sys -> [2009/07/14 02:45:45 | 00,050,768 | ---- | M] (Microsoft Corporation)
64bit-(CNG) CNG [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\cng.sys -> [2009/07/14 02:43:14 | 00,460,504 | ---- | M] (Microsoft Corporation)
64bit-(fvevol) Pilote de filtre de Chiffrement de lecteur Bitlocker [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\fvevol.sys -> [2009/07/14 02:43:13 | 00,223,448 | ---- | M] (Microsoft Corporation)
64bit-(rdpbus) Remote Desktop Device Redirector Bus Driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\rdpbus.sys -> [2009/07/14 01:17:46 | 00,024,064 | ---- | M] (Microsoft Corporation)
64bit-(RDPREFMP) Reflector Display Driver used to gain access to graphics data [Kernel | System | Running] -> C:\Windows\SysNative\drivers\RDPREFMP.sys -> [2009/07/14 01:16:35 | 00,008,192 | ---- | M] (Microsoft Corporation)
64bit-(RasAgileVpn) WAN Miniport (IKEv2) [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\agilevpn.sys -> [2009/07/14 01:10:24 | 00,060,416 | ---- | M] (Microsoft Corporation)
64bit-(WfpLwf) WFP Lightweight Filter [Kernel | System | Running] -> C:\Windows\SysNative\drivers\wfplwf.sys -> [2009/07/14 01:09:26 | 00,012,800 | ---- | M] (Microsoft Corporation)
64bit-(NdisCap) NDIS Capture LightWeight Filter [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\ndiscap.sys -> [2009/07/14 01:08:13 | 00,035,328 | ---- | M] (Microsoft Corporation)
64bit-(vwififlt) Virtual WiFi Filter Driver [Kernel | System | Running] -> C:\Windows\SysNative\drivers\vwififlt.sys -> [2009/07/14 01:07:22 | 00,059,904 | ---- | M] (Microsoft Corporation)
64bit-(vwifibus) Pilote de bus WiFi virtuel [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\vwifibus.sys -> [2009/07/14 01:07:21 | 00,024,576 | ---- | M] (Microsoft Corporation)
64bit-(1394ohci) Contrôleur d’hôte compatible OHCI 1394 [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\1394ohci.sys -> [2009/07/14 01:07:13 | 00,227,840 | ---- | M] (Microsoft Corporation)
64bit-(HdAudAddService) Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\HdAudio.sys -> [2009/07/14 01:07:00 | 00,350,208 | ---- | M] (Microsoft Corporation)
64bit-(UmPass) Microsoft UMPass Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\umpass.sys -> [2009/07/14 01:06:52 | 00,009,728 | ---- | M] (Microsoft Corporation)
64bit-(WinUsb) WinUsb [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\winusb.sys -> [2009/07/14 01:06:28 | 00,040,448 | ---- | M] (Microsoft Corporation)
64bit-(mshidkmdf) Pass-through HID to KMDF Filter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\mshidkmdf.sys -> [2009/07/14 01:06:24 | 00,008,192 | ---- | M] (Microsoft Corporation)
64bit-(WudfPf) User Mode Driver Frameworks Platform Driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\WUDFPf.sys -> [2009/07/14 01:05:37 | 00,112,128 | ---- | M] (Microsoft Corporation)
64bit-(MTConfig) Microsoft Input Configuration Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\MTConfig.sys -> [2009/07/14 01:02:08 | 00,015,360 | ---- | M] (Microsoft Corporation)
64bit-(CompositeBus) Pilote de l’énumérateur de bus composite [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\CompositeBus.sys -> [2009/07/14 01:00:34 | 00,038,912 | ---- | M] (Microsoft Corporation)
64bit-(Beep) Beep [Kernel | System | Running] -> C:\Windows\SysNative\drivers\beep.sys -> [2009/07/14 01:00:13 | 00,006,656 | ---- | M] (Microsoft Corporation)
64bit-(AppID) Pilote AppID [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\appid.sys -> [2009/07/14 00:52:39 | 00,061,440 | ---- | M] (Microsoft Corporation)
64bit-(scfilter) Pilote de filtre de classe PnP de carte à puce [Kernel | Unknown | Stopped] -> C:\Windows\SysNative\drivers\scfilter.sys -> [2009/07/14 00:50:17 | 00,029,696 | ---- | M] (Microsoft Corporation)
64bit-(s3cap) s3cap [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\vms3cap.sys -> [2009/07/14 00:42:58 | 00,006,656 | ---- | M] (Microsoft Corporation)
64bit-(VMBusHID) VMBusHID [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\VMBusHID.sys -> [2009/07/14 00:42:44 | 00,021,760 | ---- | M] (Microsoft Corporation)
64bit-(discache) System Attribute Cache [Kernel | System | Running] -> C:\Windows\SysNative\drivers\discache.sys -> [2009/07/14 00:37:18 | 00,040,448 | ---- | M] (Microsoft Corporation)
64bit-(HidBatt) HID UPS Battery Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\hidbatt.sys -> [2009/07/14 00:31:06 | 00,026,624 | ---- | M] (Microsoft Corporation)
64bit-(CmBatt) Microsoft ACPI Control Method Battery Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\CmBatt.sys -> [2009/07/14 00:31:03 | 00,017,664 | ---- | M] (Microsoft Corporation)
64bit-(AcpiPmi) ACPI Power Meter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\acpipmi.sys -> [2009/07/14 00:27:17 | 00,012,288 | ---- | M] (Microsoft Corporation)
64bit-(CSC) Pilote Fichiers hors connexion [Kernel | System | Running] -> C:\Windows\SysNative\drivers\csc.sys -> [2009/07/14 00:24:27 | 00,514,048 | ---- | M] (Microsoft Corporation)
64bit-(AmdPPM) AMD Processor Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\amdppm.sys -> [2009/07/14 00:19:25 | 00,060,928 | ---- | M] (Microsoft Corporation)
64bit-(athr) Atheros Extensible Wireless LAN device driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\athrx.sys -> [2009/07/09 00:49:16 | 01,484,800 | ---- | M] (Atheros Communications, Inc.)
64bit-(ebdrv) Broadcom NetXtreme II 10 GigE VBD [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\evbda.sys -> [2009/06/10 21:34:33 | 03,286,016 | ---- | M] (Broadcom Corporation)
64bit-(b06bdrv) Broadcom NetXtreme II VBD [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\bxvbda.sys -> [2009/06/10 21:34:28 | 00,468,480 | ---- | M] (Broadcom Corporation)
64bit-(b57nd60a) Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0 [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\b57nd60a.sys -> [2009/06/10 21:34:23 | 00,270,848 | ---- | M] (Broadcom Corporation)
64bit-(hcw85cir) Hauppauge Consumer Infrared Receiver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\hcw85cir.sys -> [2009/06/10 21:31:59 | 00,031,232 | ---- | M] (Hauppauge Computer Works, Inc.)
64bit-(MTsensor) ATK0110 ACPI UTILITY [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\ASACPI.sys -> [2009/05/14 09:26:24 | 00,015,416 | ---- | M] ()
64bit-(mv61xx) mv61xx [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\mv61xx.sys -> [2009/05/11 23:49:10 | 00,178,728 | ---- | M] (Marvell Semiconductor, Inc.)
(CSC) Pilote Fichiers hors connexion [Kernel | System | Running] -> C:\Windows\CSC -> [2009/11/03 00:48:03 | 00,000,000 | ---D | M]
(WIMMount) WIMMount [File_System | On_Demand | Stopped] -> C:\Windows\SysWOW64\drivers\wimmount.sys -> [2009/07/14 02:19:10 | 00,019,008 | ---- | M] (Microsoft Corporation)
(WinUsb) WinUsb [Kernel | On_Demand | Stopped] -> C:\Windows\SysWOW64\winusb.dll -> [2009/07/14 02:16:19 | 00,016,896 | ---- | M] (Microsoft Corporation)
(NetBIOS) NetBIOS Interface [File_System | System | Running] -> C:\Windows\SysWOW64\netbios.dll -> [2009/07/14 02:16:02 | 00,014,336 | ---- | M] (Microsoft Corporation)
(mpsdrv) Pilote d’autorisation du Pare-feu Windows [Kernel | On_Demand | Running] -> C:\Windows\SysWOW64\wbem\mpsdrv.mof -> [2009/06/10 22:28:14 | 00,001,088 | ---- | M] ()
(Tcpip) Pilote du protocole TCP/IP [Kernel | Boot | Running] -> C:\Windows\SysWOW64\wbem\tcpip.mof -> [2009/06/10 22:15:18 | 00,003,066 | ---- | M] ()
(AsIO) AsIO [Kernel | System | Running] -> C:\Windows\SysWOW64\drivers\AsIO.sys -> [2007/12/17 17:14:14 | 00,014,392 | ---- | M] ()

[Registry - Safe List]
< 64bit-Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->
HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> C:\Windows\SysWOW64\blank.htm ->
< Internet Explorer Settings [HKEY_CURRENT_USER\] > -> ->
HKEY_CURRENT_USER\: Main\\"Start Page" -> http://fr.msn.com/ ->
HKEY_CURRENT_USER\: Main\\"Start Page Redirect Cache" -> http://fr.msn.com/?ocid=iehp ->
HKEY_CURRENT_USER\: Main\\"Start Page Redirect Cache AcceptLangs" -> fr ->
HKEY_CURRENT_USER\: Main\\"Start Page Redirect Cache_TIMESTAMP" -> B3 9F CB CE 18 5C CA 01 [binary data] ->
HKEY_CURRENT_USER\: "ProxyEnable" -> 0 ->
< FireFox Settings [Prefs.js] > -> C:\Users\ludo\AppData\Roaming\Mozilla\FireFox\Profiles\10vpgtbv.default\prefs.js ->
browser.startup.homepage -> "google.fr" ->
extensions.enabledItems -> {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.1 ->
extensions.enabledItems -> fdm_ffext@freedownloadmanager.org:1.3.4 ->
extensions.enabledItems -> linkfilter@kaspersky.ru:9.0.0.736 ->
extensions.enabledItems -> {B13721C7-F507-4982-B2E5-502A71474FED}:3.3.0.3971 ->
extensions.enabledItems -> {de5809e0-2b07-11dd-bd0b-0800200c9a66}:1.1.0 ->
extensions.enabledItems -> {BF32D2C8-9C75-404b-ACF4-880DB4679236}:2 ->
keyword.URL -> "http://www.bing.com/search?mkt=fr-FR&form=MIMWA5&q=" ->
< FireFox Settings [User.js] > -> C:\Users\ludo\AppData\Roaming\Mozilla\FireFox\Profiles\10vpgtbv.default\user.js ->
< FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla
HKLM\software\mozilla\Mozilla Firefox 3.5.6\extensions -> ->
HKLM\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Components -> C:\Program Files (x86)\Mozilla Firefox\components [C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\COMPONENTS] -> [2009/12/17 08:47:24 | 00,000,000 | ---D | M]
HKLM\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Plugins -> C:\Program Files (x86)\Mozilla Firefox\plugins [C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\PLUGINS] -> [2009/12/17 08:47:24 | 00,000,000 | ---D | M]
HKLM\software\mozilla\Thunderbird\Extensions -> ->
HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\THBExt [C:\PROGRAM FILES (X86)\KASPERSKY LAB\KASPERSKY INTERNET SECURITY 2010\THBEXT] -> [2009/11/22 16:06:58 | 00,000,000 | ---D | M]
< FireFox Extensions [User Folders] > ->
-> C:\Users\ludo\AppData\Roaming\mozilla\Extensions -> [2009/11/03 01:53:55 | 00,000,000 | ---D | M]
-> C:\Users\ludo\AppData\Roaming\mozilla\Firefox\Profiles\10vpgtbv.default\extensions -> [2009/12/21 01:50:16 | 00,000,000 | ---D | M]
FlashGot -> C:\Users\ludo\AppData\Roaming\mozilla\Firefox\Profiles\10vpgtbv.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34} -> [2009/12/08 09:48:11 | 00,000,000 | ---D | M]
Yahoo! Toolbar -> C:\Users\ludo\AppData\Roaming\mozilla\Firefox\Profiles\10vpgtbv.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} -> [2009/11/04 12:38:13 | 00,000,000 | ---D | M]
MushroomKingdom -> C:\Users\ludo\AppData\Roaming\mozilla\Firefox\Profiles\10vpgtbv.default\extensions\{BF32D2C8-9C75-404b-ACF4-880DB4679236} -> [2009/11/08 12:55:50 | 00,000,000 | ---D | M]
Gradient iCool -> C:\Users\ludo\AppData\Roaming\mozilla\Firefox\Profiles\10vpgtbv.default\extensions\{de5809e0-2b07-11dd-bd0b-0800200c9a66} -> [2009/11/08 12:56:47 | 00,000,000 | ---D | M]
< FireFox SearchPlugins [User Folders] > ->
bing.xml -> C:\Users\ludo\AppData\Roaming\Mozilla\FireFox\Profiles\10vpgtbv.default\searchplugins\bing.xml -> [2009/11/19 19:52:37 | 00,002,650 | ---- | M] ()
< FireFox Extensions [Program Folders] > ->
-> C:\Program Files (x86)\Mozilla Firefox\extensions -> [2009/12/15 14:50:43 | 00,000,000 | ---D | M]
-> C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru -> [2009/11/03 02:30:31 | 00,000,000 | ---D | M]
< HOSTS File > (824 bytes and 21 lines) -> C:\Windows\SysNative\Drivers\etc\hosts ->
Reset Hosts
< 64bit-BHO's [HKEY_LOCAL_MACHINE] > -> 64bit-HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} [HKLM] -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\x64\ievkbd.dll [IEVkbdBHO Class] -> [2009/10/20 19:39:12 | 00,061,456 | ---- | M] (Kaspersky Lab)
{E33CF602-D945-461A-83F0-819F76A199F8} [HKLM] -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\x64\klwtbbho.dll [FilterBHO Class] -> [2009/10/20 19:39:14 | 00,345,104 | ---- | M] (Kaspersky Lab)
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} [HKLM] -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [Adobe PDF Link Helper] -> [2009/02/27 13:07:26 | 00,075,128 | ---- | M] (Adobe Systems Incorporated)
{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} [HKLM] -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll [IEVkbdBHO Class] -> [2009/10/20 19:34:50 | 00,068,112 | ---- | M] (Kaspersky Lab)
{5C255C8A-E604-49b4-9D64-90988571CECB} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{9030D464-4C02-4ABF-8ECC-5164760863C6} [HKLM] -> C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll [Programme d'aide de l'Assistant de connexion Windows Live] -> [2009/01/22 15:41:30 | 00,408,448 | ---- | M] (Microsoft Corporation)
{CC59E0F9-7E43-44FA-9FAA-8377850BF205} [HKLM] -> C:\Program Files (x86)\Free Download Manager\iefdm2.dll [FDMIECookiesBHO Class] -> [2008/12/30 01:03:26 | 00,098,304 | ---- | M] ()
{DBC80044-A445-435b-BC74-9C25C1C588A9} [HKLM] -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [Java™ Plug-In 2 SSV Helper] -> [2009/10/11 04:17:29 | 00,041,760 | ---- | M] (Sun Microsystems, Inc.)
{E33CF602-D945-461A-83F0-819F76A199F8} [HKLM] -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll [FilterBHO Class] -> [2009/10/20 19:34:56 | 00,268,816 | ---- | M] (Kaspersky Lab)
< 64bit-Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"RtHDVCpl" -> C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe] -> [2009/05/23 00:20:30 | 07,833,120 | ---- | M] (Realtek Semiconductor)
"Skytel" -> C:\Program Files\Realtek\Audio\HDA\Skytel.exe [C:\Program Files\Realtek\Audio\HDA\Skytel.exe] -> [2009/05/23 00:21:16 | 01,833,504 | ---- | M] (Realtek Semiconductor Corp.)
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"Adobe ARM" -> C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe ["C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"] -> [2009/09/04 12:08:30 | 00,935,288 | R--- | M] (Adobe Systems Incorporated)
"Adobe Reader Speed Launcher" -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe ["C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"] -> [2009/10/03 04:08:38 | 00,035,696 | ---- | M] (Adobe Systems Incorporated)
"AVP" -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe ["C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe"] -> [2009/10/20 19:39:28 | 00,340,456 | ---- | M] (Kaspersky Lab)
"QuickTime Task" -> C:\Program Files (x86)\QuickTime\QTTask.exe ["C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime] -> [2009/11/10 23:08:18 | 00,417,792 | ---- | M] (Apple Inc.)
"SunJavaUpdateSched" -> C:\Program Files (x86)\Java\jre6\bin\jusched.exe ["C:\Program Files (x86)\Java\jre6\bin\jusched.exe"] -> [2009/10/11 04:17:36 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.)
< Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" -> C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe ["C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"] -> [2008/01/22 10:13:20 | 00,152,872 | ---- | M] (Nero AG)
"DAEMON Tools Lite" -> C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe ["C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun] -> [2009/10/30 12:57:08 | 00,369,200 | ---- | M] (DT Soft Ltd)
"media bore program mapi" -> C:\ProgramData\Phone Bash Extra.xou ["C:\ProgramData\Phone Bash Extra.xous8"] -> File not found
"msnmsgr" -> C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe ["C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background] -> [2009/07/26 16:44:52 | 03,883,856 | ---- | M] (Microsoft Corporation)
"PokeCreative" -> C:\ProgramData\FaceManagerManager.0t6 ["C:\ProgramData\FaceManagerManager.0t6cm5"] -> File not found
"Skype" -> C:\Program Files (x86)\Skype\Phone\Skype.exe ["C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized] -> [2009/10/09 13:11:12 | 25,623,336 | R--- | M] (Skype Technologies S.A.)
"Steam" -> c:\program files (x86)\steam\steam.exe ["c:\program files (x86)\steam\steam.exe" -silent] -> [2009/11/14 11:40:37 | 01,217,808 | ---- | M] (Valve Corporation)
< CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoActiveDesktop" -> [1] -> File not found
< CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
\\"ConsentPromptBehaviorAdmin" -> [5] -> File not found
\\"ConsentPromptBehaviorUser" -> [3] -> File not found
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats
< 64bit-Internet Explorer Menu Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ ->
Ajouter à l'Anti-bannière -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm [C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm] -> [2009/10/20 19:22:54 | 00,001,452 | ---- | M] ()
Télécharger avec Free Download Manager -> C:\Program Files (x86)\Free Download Manager\dllink.htm [file://C:\Program Files (x86)\Free Download Manager\dllink.htm] -> [2007/06/02 12:25:02 | 00,002,140 | ---- | M] ()
Télécharger la sélection avec Free Download Manager -> C:\Program Files (x86)\Free Download Manager\dlselected.htm [file://C:\Program Files (x86)\Free Download Manager\dlselected.htm] -> [2007/06/02 12:25:02 | 00,000,463 | ---- | M] ()
Télécharger la vidéo avec Free Download Manager -> C:\Program Files (x86)\Free Download Manager\dlfvideo.htm [file://C:\Program Files (x86)\Free Download Manager\dlfvideo.htm] -> [2007/07/27 00:34:42 | 00,001,706 | ---- | M] ()
Tout télécharger avec Free Download Manager -> C:\Program Files (x86)\Free Download Manager\dlall.htm [file://C:\Program Files (x86)\Free Download Manager\dlall.htm] -> [2007/06/02 12:25:02 | 00,000,893 | ---- | M] ()
< Internet Explorer Menu Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ ->
Ajouter à l'Anti-bannière -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm [C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm] -> [2009/10/20 19:22:54 | 00,001,452 | ---- | M] ()
Télécharger avec Free Download Manager -> C:\Program Files (x86)\Free Download Manager\dllink.htm [file://C:\Program Files (x86)\Free Download Manager\dllink.htm] -> [2007/06/02 12:25:02 | 00,002,140 | ---- | M] ()
Télécharger la sélection avec Free Download Manager -> C:\Program Files (x86)\Free Download Manager\dlselected.htm [file://C:\Program Files (x86)\Free Download Manager\dlselected.htm] -> [2007/06/02 12:25:02 | 00,000,463 | ---- | M] ()
Télécharger la vidéo avec Free Download Manager -> C:\Program Files (x86)\Free Download Manager\dlfvideo.htm [file://C:\Program Files (x86)\Free Download Manager\dlfvideo.htm] -> [2007/07/27 00:34:42 | 00,001,706 | ---- | M] ()
Tout télécharger avec Free Download Manager -> C:\Program Files (x86)\Free Download Manager\dlall.htm [file://C:\Program Files (x86)\Free Download Manager\dlall.htm] -> [2007/06/02 12:25:02 | 00,000,893 | ---- | M] ()
< 64bit-Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->
{4248FE82-7FCB-46AC-B270-339F08212110}:{4248FE82-7FCB-46AC-B270-339F08212110} [HKLM] -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\x64\klwtbbho.dll [Button: Clavier &virtuel] -> [2009/10/20 19:39:14 | 00,345,104 | ---- | M] (Kaspersky Lab)
{CCF151D8-D089-449F-A5A4-D9909053F20F}:{CCF151D8-D089-449F-A5A4-D9909053F20F} [HKLM] -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\x64\klwtbbho.dll [Button: Analyse des &liens] -> [2009/10/20 19:39:14 | 00,345,104 | ---- | M] (Kaspersky Lab)
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->
{4248FE82-7FCB-46AC-B270-339F08212110}:{4248FE82-7FCB-46AC-B270-339F08212110} [HKLM] -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll [Button: Clavier &virtuel] -> [2009/10/20 19:34:56 | 00,268,816 | ---- | M] (Kaspersky Lab)
{CCF151D8-D089-449F-A5A4-D9909053F20F}:{CCF151D8-D089-449F-A5A4-D9909053F20F} [HKLM] -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll [Button: Analyse des &liens] -> [2009/10/20 19:34:56 | 00,268,816 | ---- | M] (Kaspersky Lab)
< 64bit-Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ ->
PluginsPageFriendlyName -> Microsoft ActiveX Gallery ->
PluginsPage -> http://activex.microsoft.com/controls/find...=%s&mime=%s ->
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ ->
< 64bit-Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< 64bit-Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< 64bit-Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->
{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab [Java Plug-in 1.6.0_17] ->
{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab [Java Plug-in 1.6.0_17] ->
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab [Java Plug-in 1.6.0_17] ->
{D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab [Shockwave Flash Object] ->
< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ ->
DhcpNameServer -> 192.168.1.1 192.168.1.1 ->
< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ ->
{FE9F6D9A-6519-4C5B-ACE7-25C9D3EB431A}\\DhcpNameServer -> 192.168.1.1 192.168.1.1 (D-Link AirPlus DWL-G520 Wireless PCI Adapter(rev.B)) ->
< 64bit-AppInit_DLLs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs ->
64bit-*AppInit_DLLs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls ->
C:\PROGRA~2\KASPER~1\KASPER~1\x64\sbhook64.dll -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\x64\sbhook64.dll -> [2009/11/06 23:09:24 | 00,069,648 | ---- | M] (Kaspersky Lab)
C:\PROGRA~2\KASPER~1\KASPER~1\x64\kloehk.dll -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\x64\kloehk.dll -> [2009/11/06 23:09:18 | 00,015,376 | ---- | M] (Kaspersky Lab)
*MultiFile Done* -> ->
< AppInit_DLLs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs ->
*AppInit_DLLs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls ->
C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\mzvkbd3.dll -> [2009/11/06 23:04:36 | 00,109,072 | ---- | M] (Kaspersky Lab)
C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\sbhook.dll -> [2009/11/06 23:04:38 | 00,072,208 | ---- | M] (Kaspersky Lab)
*MultiFile Done* -> ->
< 64bit-Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
64bit-*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell ->
explorer.exe -> C:\Windows\explorer.exe -> [2009/08/03 07:17:37 | 02,868,224 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> ->
64bit-*VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet ->
SystemPropertiesPerformance.exe -> C:\Windows\SysNative\SystemPropertiesPerformance.exe -> [2009/07/14 02:39:47 | 00,082,432 | ---- | M] (Microsoft Corporation)
/pagefile -> -> File not found
*MultiFile Done* -> ->
< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell ->
explorer.exe -> C:\Windows\SysWow64\explorer.exe -> [2009/08/03 06:35:50 | 02,613,248 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> ->
*VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet ->
SystemPropertiesPerformance.exe -> C:\Windows\SysWow64\SystemPropertiesPerformance.exe -> [2009/07/14 02:14:42 | 00,081,920 | ---- | M] (Microsoft Corporation)
/pagefile -> -> File not found
*MultiFile Done* -> ->
< 64bit-Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ ->
klogon -> C:\Windows\SysNative\klogon.dll -> [2009/10/20 19:39:14 | 00,224,272 | ---- | M] (Kaspersky Lab)
< 64bit-SSODL [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad ->
"{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" [HKLM] -> Reg Error: Key error. [WebCheck] -> File not found
< SSODL [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad ->
"{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" [HKLM] -> Reg Error: Key error. [WebCheck] -> File not found
< LSA Security Packages [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Security Packages ->
64bit-*LSA Security Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Security Packages ->
pku2u -> C:\Windows\SysNative\pku2u.dll -> [2009/07/14 02:41:53 | 00,240,640 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> ->
*LSA Security Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Security Packages ->
pku2u -> C:\Windows\SysWow64\pku2u.dll -> [2009/07/14 02:16:12 | 00,186,880 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> ->
< Vista Active Firewall Rules > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules ->
{00E2F448-34F5-4E1D-9F8F-29866BD3D8CF} -> rport=2177 | profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31265 | app=%systemroot%\system32\svchost.exe | svc=qwave |
{02EDEDCC-6C49-4720-BCF2-751AE4994C9E} -> lport=1900 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31269 | app=%systemroot%\system32\svchost.exe | svc=ssdpsrv |
{0D9DE570-7A6A-46BE-9241-18A3908C758A} -> lport=2177 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-31261 | app=%systemroot%\system32\svchost.exe | svc=qwave |
{12861187-6E47-43D3-8269-CB8D55CEE12F} -> lport=139 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28503 | app=system |
{1B1971B8-F33A-4D02-8174-622B895AF94E} -> rport=5355 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-28550 | app=%systemroot%\system32\svchost.exe | svc=dnscache |
{20D49537-8C99-42B9-8D70-4CFF22D3E539} -> lport=137 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-28519 | app=system |
{252D6EF2-653E-4A1D-B6F6-4C794CD85096} -> rport=138 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-28531 | app=system |
{2795051D-E54A-4920-83DA-2D61153FE501} -> rport=445 | profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-28515 | app=system |
{28CCE564-1B99-4257-9CCC-A417967DFE1F} -> lport=5355 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-28548 | app=%systemroot%\system32\svchost.exe | svc=dnscache |
{29F577A1-8F05-4B6D-BE25-25A3AD49232C} -> rport=137 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-28523 | app=system |
{46733CF9-9713-4CC6-8E46-4058E9FDCB52} -> lport=2869 | protocol=6 | dir=in | action=allow | name=windows live messenger (upnp-in) | app=system |
{5016D292-7189-4D61-8784-167B7F0F46A2} -> rport=10243 | profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31289 | app=system |
{61C3117C-6596-4C25-A92E-0DD03C023827} -> rport=1900 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31273 | app=%systemroot%\system32\svchost.exe | svc=ssdpsrv |
{6F69AF0D-8EC4-4E22-9005-6425F369C489} -> lport=445 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28511 | app=system |
{701E5DD2-83F5-42BA-9CF4-8FC9E2A07CB8} -> lport=rpc | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28535 | app=%systemroot%\system32\spoolsv.exe | svc=spooler |
{9A549675-7411-4E90-B8F1-B68B9BBECD70} -> rport=139 | profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-28507 | app=system |
{A51D7FF4-1B5C-411A-BE34-69EF154662AD} -> lport=10243 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-31285 | app=system |
{C2353D3E-8A46-43A7-9863-3B8D793DB2E0} -> lport=5355 | profile=public | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-28548 | app=%systemroot%\system32\svchost.exe | svc=dnscache |
{CDEA38DD-10B9-44BB-AD60-7DA881E5322D} -> lport=rpc-epmap | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28539 | svc=rpcss |
{E2FA41EF-8464-41AD-ACC8-C2A41B163AF3} -> lport=1900 | protocol=17 | dir=in | action=allow | name=windows live messenger (ssdp-in) | app=svchost.exe | svc=ssdpsrv |
{EFB6F8E4-EE9F-4C2D-ADF7-C0E77F76B38C} -> lport=2177 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31253 | app=%systemroot%\system32\svchost.exe | svc=qwave |
{F2C04BC1-92CA-4030-A013-214E2DCD8D64} -> lport=2869 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-31277 | app=system |
{F8D2AA99-CF70-4028-A122-BD75CBE98E7F} -> rport=2177 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31257 | app=%systemroot%\system32\svchost.exe | svc=qwave |
{FAD2AF60-44BE-478A-8394-9E91DE12EECC} -> lport=138 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-28527 | app=system |
{FD63499A-E876-43B8-8022-523D94B6CB9B} -> rport=5355 | profile=public | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-28550 | app=%systemroot%\system32\svchost.exe | svc=dnscache |
< Vista Active Application Exception Rules > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules ->
{0884FD1C-B31E-47B3-9511-6843F5D53803} -> profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31003 | app=%programfiles%\windows media player\wmplayer.exe |
{1340617C-B8D3-4D41-9E17-B43CD60CE681} -> profile=private | protocol=17 | dir=in | action=allow | name=dragon age origins jeu | app=c:\program files (x86)\dragon age\bin_ship\daorigins.exe |
{1D75079C-943E-406C-A4A8-768D80977380} -> profile=private | protocol=6 | dir=in | action=allow | name=empire: total war | app=c:\program files (x86)\steam\steamapps\common\empire total war\empire.exe |
{1EAC83BF-FF96-4D3C-BE98-61ADAC8D7AAD} -> profile=private | protocol=6 | dir=in | action=allow | name=cities xl | app=c:\program files (x86)\steam\steamapps\common\cities xl\runme.exe |
{20CC5C4C-C743-4C77-857D-C02FBDCDE5E0} -> profile=private | protocol=6 | dir=in | action=allow | name=dragon age origins lanceur | app=c:\program files (x86)\dragon age\daoriginslauncher.exe |
{26C75E80-7793-456E-92B6-6267F900659F} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31281 | app=system |
{274E6B5B-2994-402D-9662-E80A27C36C0C} -> profile=private | protocol=17 | dir=in | action=allow | name=cities xl | app=c:\program files (x86)\steam\steamapps\common\cities xl\runme.exe |
{27CB2AC2-4035-4BE7-9778-E4E04A4D8BA1} -> profile=private | protocol=17 | dir=in | action=allow | name=call of duty: modern warfare 2 | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
{281A2C56-F462-4AB0-8BD4-9A3CF8394162} -> profile=private | protocol=6 | dir=in | action=allow | name=pnkbstra | app=c:\windows\syswow64\pnkbstra.exe |
{2EC4AAE5-570A-4055-8123-F7F179C1DA87} -> protocol=58 | dir=out | action=allow | name=@iphlpsvc.dll,-503 |
{3A4489A7-9C38-4899-90BC-E4F8BA260A78} -> profile=private | protocol=17 | dir=in | action=allow | name=empire: total war | app=c:\program files (x86)\steam\steamapps\common\empire total war\empire.exe |
{3FC6A310-8820-4729-A21D-D8CEB19A0E65} -> profile=private | protocol=17 | dir=in | action=allow | name=dragon age origins application de mise à jour | app=c:\program files (x86)\dragon age\bin_ship\daupdatersvc.service.exe |
{407989EC-4205-40E8-8DEC-60865278207D} -> profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-31313 | app=%programfiles%\windows media player\wmpnetwk.exe |
{41EBC11B-6968-400F-9CE1-E13B3CC6479F} -> profile=private | protocol=17 | dir=in | action=allow | name=dragon age origins lanceur | app=c:\program files (x86)\dragon age\daoriginslauncher.exe |
{44B69706-3FB9-4629-BFAE-40CCE6B0F962} -> profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31007 | app=%programfiles%\windows media player\wmplayer.exe |
{46D746A2-4941-4AE6-85E2-12F925125E4C} -> profile=private | protocol=58 | dir=in | action=allow | name=@firewallapi.dll,-28545 |
{48B7A752-0471-4264-B6D4-492E7EF283F9} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31301 | app=%programfiles%\windows media player\wmplayer.exe |
{56F52D92-180D-4C00-8A25-7EC5B882778D} -> protocol=58 | dir=in | action=allow | name=@iphlpsvc.dll,-502 | app=system |
{601F058F-72AD-46A2-9877-42670C2F9B58} -> dir=in | action=allow | name=skype | app=c:\program files (x86)\skype\phone\skype.exe |
{60C45A65-D787-49CA-95BE-0C175E81EA09} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31011 | app=%programfiles%\windows media player\wmplayer.exe |
{619FC088-B246-43D9-B99C-41CCA35137D5} -> profile=private | protocol=58 | dir=out | action=allow | name=@firewallapi.dll,-28546 |
{679A92C8-E014-44FE-B58B-130AA25676AE} -> profile=private | protocol=6 | dir=in | action=allow | name=anno 1404 web | app=c:\program files (x86)\ubisoft\related designs\anno 1404\tools\anno4web.exe |
{689403BF-AD5F-4376-9B6E-7D6989D71359} -> profile=private | protocol=6 | dir=in | action=allow | name=call of duty® 4 - modern warfare™ | app=c:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe |
{6ECA3E47-C9A6-44F7-A84D-69D50BCA11E2} -> profile=private | protocol=17 | dir=in | action=allow | name=anno 1404 | app=c:\program files (x86)\ubisoft\related designs\anno 1404\anno4.exe |
{76870D1D-4425-41C4-871A-77F0D939FD94} -> profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31297 | app=%programfiles%\windows media player\wmplayer.exe |
{78BEB4B1-5464-47CD-8630-3247BEC99AC9} -> dir=in | action=allow | name=windows live messenger | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
{7FE27E34-6AAD-4A60-84C4-585904DBA32F} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31025 | app=%programfiles(x86)%\windows media player\wmplayer.exe |
{8277F05A-7D56-4E62-874E-8104D18E1969} -> profile=private | protocol=17 | dir=in | action=allow | name=call of duty: modern warfare 2 - multiplayer | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
{870A7AE1-891D-469A-9A42-25CA062BE9C6} -> dir=in | action=allow | name=windows live call | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
{8974D1A6-382E-42A5-AE9B-4CE1EC52C8A4} -> profile=private | protocol=6 | dir=in | action=allow | name=dragon age origins application de mise à jour | app=c:\program files (x86)\dragon age\bin_ship\daupdatersvc.service.exe |
{907B5358-D610-4C9B-B6AB-5CB15AF8D8AF} -> profile=private | protocol=6 | dir=in | action=allow | name=steam | app=c:\program files (x86)\steam\steam.exe |
{943C27CB-DB95-49F3-8E6E-B345C6C4AA4D} -> profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31309 | app=%programfiles%\windows media player\wmpnetwk.exe |
{9647084E-8BAF-45EA-B938-1E37F1F7E84C} -> profile=private | protocol=6 | dir=in | action=allow | name=call of duty® - world at war™ | app=c:\program files (x86)\activision\call of duty - world at war\codwaw.exe |
{96A46AA9-9C01-4911-9C24-A4AF027865F7} -> profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31305 | app=%programfiles%\windows media player\wmpnetwk.exe |
{98AFA521-A34D-4A23-B788-1631FB7CCE89} -> profile=private | protocol=17 | dir=in | action=allow | name=call of duty® - world at war™ | app=c:\program files (x86)\activision\call of duty - world at war\codwawmp.exe |
{9A8DF90D-5E83-4609-9060-1F7DCA44DF69} -> profile=private | protocol=17 | dir=in | action=allow | name=steam | app=c:\program files (x86)\steam\steam.exe |
{9D789E2C-3134-4918-9A14-325511F0B846} -> profile=private | protocol=1 | dir=in | action=allow | name=@firewallapi.dll,-28543 |
{A300B733-1D9A-40A7-BC9E-440808ABAD08} -> profile=private | protocol=17 | dir=in | action=allow | name=call of duty® 4 - modern warfare™ | app=c:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe |
{A70A9811-0391-4EA4-AB33-611EB2273300} -> profile=private | protocol=6 | dir=in | action=allow | name=anno 1404 | app=c:\program files (x86)\ubisoft\related designs\anno 1404\anno4.exe |
{AEF9CC95-1EC0-49C5-A8AF-12EC0D56D07B} -> profile=private | protocol=6 | dir=in | action=allow | name=call of duty: modern warfare 2 - multiplayer | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
{B4CC1A85-278A-4E8B-A554-DC2546CF6E76} -> profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31024 | app=%programfiles(x86)%\windows media player\wmplayer.exe |
{CE96F219-FBD9-4278-B3A7-FD34D3F4C1A4} -> profile=private | protocol=17 | dir=in | action=allow | name=anno 1404 web | app=c:\program files (x86)\ubisoft\related designs\anno 1404\tools\anno4web.exe |
{CEC08C00-8878-4D68-BAB2-14668B87BA5C} -> profile=private | protocol=1 | dir=out | action=allow | name=@firewallapi.dll,-28544 |
{D014C908-6A69-4CB3-BD8A-922AD65B01BD} -> profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31293 | app=%programfiles%\windows media player\wmplayer.exe |
{D2CD2AA8-ACAF-473B-9D5A-FB9491F8BAEA} -> profile=private | protocol=6 | dir=in | action=allow | name=dragon age origins jeu | app=c:\program files (x86)\dragon age\bin_ship\daorigins.exe |
{D565E5FE-F069-417E-B385-8B87A5DC4B51} -> profile=private | protocol=6 | dir=in | action=allow | name=call of duty: modern warfare 2 | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
{D97309A5-BB05-4624-9075-F788F965E138} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31317 | app=%programfiles%\windows media player\wmpnetwk.exe |
{E3C4AC12-1676-4E5F-94BE-BC4C9820F713} -> profile=private | protocol=6 | dir=in | action=allow | name=call of duty® - world at war™ | app=c:\program files (x86)\activision\call of duty - world at war\codwawmp.exe |
{E655FA48-C2C1-4A76-8945-043C2E373BB5} -> profile=private | protocol=17 | dir=in | action=allow | name=pnkbstrb | app=c:\windows\syswow64\pnkbstrb.exe |
{F4CFEDFD-FB20-4AE0-9BE9-22FD3C542AAC} -> profile=private | protocol=17 | dir=in | action=allow | name=call of duty® - world at war™ | app=c:\program files (x86)\activision\call of duty - world at war\codwaw.exe |
{F8283F76-E508-4D7E-A1CB-83CB4E6303DF} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31321 | app=%systemroot%\system32\svchost.exe | svc=upnphost |
{F97CA32E-B759-41B1-924F-B17D7F764D77} -> profile=private | protocol=17 | dir=in | action=allow | name=pnkbstra | app=c:\windows\syswow64\pnkbstra.exe |
{FC0B2032-E51F-4FA5-9254-F3AF48A819F7} -> profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31023 | app=%programfiles(x86)%\windows media player\wmplayer.exe |
{FEB176D4-EAEE-4056-A564-5CFD271F0B42} -> profile=private | protocol=6 | dir=in | action=allow | name=pnkbstrb | app=c:\windows\syswow64\pnkbstrb.exe |
TCP Query User{010F37E8-E052-41F6-B3F0-AECF4E89C919}C:\program files (x86)\free download manager\fdm.exe -> profile=private | protocol=6 | dir=in | action=allow | name=free download manager | app=c:\program files (x86)\free download manager\fdm.exe |
TCP Query User{7C2ABF46-3753-4445-BD86-58D262E329CD}C:\program files (x86)\steam\steamapps\common\left 4 dead 2 demo\left4dead2.exe -> profile=private | protocol=6 | dir=in | action=allow | name=left4dead2 | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2 demo\left4dead2.exe |
UDP Query User{33B75B18-0A28-47CB-895C-56ACACEC4AC3}C:\program files (x86)\steam\steamapps\common\left 4 dead 2 demo\left4dead2.exe -> profile=private | protocol=17 | dir=in | action=allow | name=left4dead2 | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2 demo\left4dead2.exe |
UDP Query User{E8BCAABB-A985-4FDF-B109-A603BDA1496A}C:\program files (x86)\free download manager\fdm.exe -> profile=private | protocol=17 | dir=in | action=allow | name=free download manager | app=c:\program files (x86)\free download manager\fdm.exe |
< SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot ->
< CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom ->
"AutoRun" -> 1 ->
"DisplayName" -> Pilote de CD-ROM ->
"ImagePath" -> C:\Windows\SysNative\drivers\cdrom.sys [system32\DRIVERS\cdrom.sys] -> [2009/07/14 00:19:54 | 00,147,456 | ---- | M] (Microsoft Corporation)
< MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 ->
\{9cc04a7f-daa5-11de-a7e8-002354341491}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9cc04a7f-daa5-11de-a7e8-002354341491}\shell
\{9cc04a7f-daa5-11de-a7e8-002354341491}\shell\\"" -> [AutoRun] -> File not found
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9cc04a7f-daa5-11de-a7e8-002354341491}\shell\AutoRun\command
\{9cc04a7f-daa5-11de-a7e8-002354341491}\shell\AutoRun\command\\"" -> F:\Autorun.exe [F:\Autorun.exe] -> File not found
< Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command ->
64bit-comfile [open] -> "%1" %* -> File not found
64bit-exefile [open] -> "%1" %* -> File not found
comfile [open] -> "%1" %* ->
exefile [open] -> "%1" %* ->

[Files/Folders - Created Within 30 Days]
Malwarebytes -> C:\Users\ludo\AppData\Roaming\Malwarebytes -> [2009/12/21 20:11:49 | 00,000,000 | ---D | C]
mbamswissarmy.sys -> C:\Windows\SysWow64\drivers\mbamswissarmy.sys -> [2009/12/21 20:11:46 | 00,038,224 | ---- | C] (Malwarebytes Corporation)
mbam.sys -> C:\Windows\SysNative\drivers\mbam.sys -> [2009/12/21 20:11:45 | 00,022,104 | ---- | C] (Malwarebytes Corporation)
Malwarebytes' Anti-Malware -> C:\Program Files (x86)\Malwarebytes' Anti-Malware -> [2009/12/21 20:11:45 | 00,000,000 | ---D | C]
Malwarebytes -> C:\ProgramData\Malwarebytes -> [2009/12/21 20:11:45 | 00,000,000 | ---D | C]
trend micro -> C:\Program Files (x86)\trend micro -> [2009/12/21 14:04:52 | 00,000,000 | ---D | C]
rsit -> C:\rsit -> [2009/12/21 14:04:51 | 00,000,000 | ---D | C]
{CFBD8779-FAAB-4357-84F2-1EC8619FADA6} -> C:\ProgramData\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6} -> [2009/12/21 01:47:04 | 00,000,000 | -H-D | C]
Lavasoft -> C:\ProgramData\Lavasoft -> [2009/12/21 01:47:02 | 00,000,000 | ---D | C]
Lavasoft -> C:\Program Files (x86)\Lavasoft -> [2009/12/21 01:47:02 | 00,000,000 | ---D | C]
a -> C:\Program Files (x86)\a -> [2009/12/21 01:36:58 | 00,000,000 | ---D | C]
Anno 1404 -> C:\Users\ludo\Documents\Anno 1404 -> [2009/12/19 02:08:19 | 00,000,000 | ---D | C]
Ubisoft -> C:\Users\ludo\AppData\Roaming\Ubisoft -> [2009/12/16 18:04:09 | 00,000,000 | ---D | C]
Tages -> C:\ProgramData\Tages -> [2009/12/16 18:00:06 | 00,000,000 | ---D | C]
Ubisoft -> C:\Program Files (x86)\Ubisoft -> [2009/12/15 17:12:28 | 00,000,000 | ---D | C]
skypePM -> C:\Users\ludo\AppData\Roaming\skypePM -> [2009/12/15 14:57:26 | 00,000,000 | ---D | C]
Skype -> C:\Users\ludo\AppData\Roaming\Skype -> [2009/12/15 14:50:51 | 00,000,000 | ---D | C]
Skype -> C:\Program Files (x86)\Skype -> [2009/12/15 14:50:32 | 00,000,000 | R--D | C]
Skype -> C:\Program Files (x86)\Common Files\Skype -> [2009/12/15 14:50:32 | 00,000,000 | ---D | C]
Skype -> C:\ProgramData\Skype -> [2009/12/15 14:50:30 | 00,000,000 | ---D | C]
javaws.exe -> C:\Windows\SysWow64\javaws.exe -> [2009/12/13 16:37:24 | 00,149,280 | ---- | C] (Sun Microsystems, Inc.)
javaw.exe -> C:\Windows\SysWow64\javaw.exe -> [2009/12/13 16:37:24 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.)
java.exe -> C:\Windows\SysWow64\java.exe -> [2009/12/13 16:37:24 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.)
LogMeIn Hamachi -> C:\Users\ludo\AppData\Local\LogMeIn Hamachi -> [2009/12/09 18:14:50 | 00,000,000 | ---D | C]
LogMeIn Hamachi -> C:\Program Files (x86)\LogMeIn Hamachi -> [2009/12/09 18:14:38 | 00,000,000 | ---D | C]
MSXML 4.0 -> C:\Program Files (x86)\MSXML 4.0 -> [2009/12/09 11:50:06 | 00,000,000 | ---D | C]
msfeedsbs.dll -> C:\Windows\SysNative\msfeedsbs.dll -> [2009/12/09 11:48:15 | 00,082,944 | ---- | C] (Microsoft Corporation)
msfeedsbs.dll -> C:\Windows\SysWow64\msfeedsbs.dll -> [2009/12/09 11:48:15 | 00,064,512 | ---- | C] (Microsoft Corporation)
Ahead -> C:\Users\ludo\AppData\Local\Ahead -> [2009/12/08 17:03:20 | 00,000,000 | ---D | C]
Ahead -> C:\Users\ludo\AppData\Roaming\Ahead -> [2009/12/08 17:02:08 | 00,000,000 | ---D | C]
Ahead -> C:\ProgramData\Ahead -> [2009/12/08 17:01:57 | 00,000,000 | ---D | C]
Nero -> C:\ProgramData\Nero -> [2009/12/08 17:01:19 | 00,000,000 | ---D | C]
Nero -> C:\Program Files (x86)\Nero -> [2009/12/08 17:01:19 | 00,000,000 | ---D | C]
Ahead -> C:\Program Files (x86)\Common Files\Ahead -> [2009/12/08 17:01:19 | 00,000,000 | ---D | C]
dvdcss -> C:\Users\ludo\AppData\Roaming\dvdcss -> [2009/12/07 20:12:46 | 00,000,000 | ---D | C]
My Games -> C:\Users\ludo\Documents\My Games -> [2009/12/03 16:58:40 | 00,000,000 | ---D | C]
jeux -> C:\Users\ludo\Desktop\jeux -> [2009/12/03 16:08:55 | 00,000,000 | ---D | C]
CCleaner -> C:\Program Files (x86)\CCleaner -> [2009/11/30 19:07:26 | 00,000,000 | ---D | C]
vlc -> C:\Users\ludo\AppData\Roaming\vlc -> [2009/11/30 18:34:00 | 00,000,000 | ---D | C]
BioWare -> C:\Users\ludo\Documents\BioWare -> [2009/11/30 12:46:00 | 00,000,000 | ---D | C]
AGEIA Technologies -> C:\Program Files (x86)\AGEIA Technologies -> [2009/11/30 12:39:29 | 00,000,000 | ---D | C]
AGEIA -> C:\Windows\SysWow64\AGEIA -> [2009/11/30 12:39:29 | 00,000,000 | ---D | C]
Wise Installation Wizard -> C:\Program Files (x86)\Common Files\Wise Installation Wizard -> [2009/11/30 12:39:24 | 00,000,000 | ---D | C]
Media Center Programs -> C:\ProgramData\Media Center Programs -> [2009/11/30 12:39:17 | 00,000,000 | ---D | C]
Dragon Age -> C:\Program Files (x86)\Dragon Age -> [2009/11/30 12:31:06 | 00,000,000 | ---D | C]
BioWare -> C:\Program Files (x86)\Common Files\BioWare -> [2009/11/30 12:31:06 | 00,000,000 | ---D | C]
XAudio2_5.dll -> C:\Windows\SysNative\XAudio2_5.dll -> [2009/11/26 17:39:39 | 00,517,960 | ---- | C] (Microsoft Corporation)
XAudio2_5.dll -> C:\Windows\SysWow64\XAudio2_5.dll -> [2009/11/26 17:39:39 | 00,515,416 | ---- | C] (Microsoft Corporation)
xactengine3_5.dll -> C:\Windows\SysWow64\xactengine3_5.dll -> [2009/11/26 17:39:38 | 00,238,936 | ---- | C] (Microsoft Corporation)
xactengine3_5.dll -> C:\Windows\SysNative\xactengine3_5.dll -> [2009/11/26 17:39:38 | 00,176,968 | ---- | C] (Microsoft Corporation)
d3dcsx_42.dll -> C:\Windows\SysNative\d3dcsx_42.dll -> [2009/11/26 17:39:37 | 05,554,512 | ---- | C] (Microsoft Corporation)
d3dcsx_42.dll -> C:\Windows\SysWow64\d3dcsx_42.dll -> [2009/11/26 17:39:37 | 05,501,792 | ---- | C] (Microsoft Corporation)
D3DCompiler_42.dll -> C:\Windows\SysNative\D3DCompiler_42.dll -> [2009/11/26 17:39:37 | 02,582,888 | ---- | C] (Microsoft Corporation)
D3DCompiler_42.dll -> C:\Windows\SysWow64\D3DCompiler_42.dll -> [2009/11/26 17:39:37 | 01,974,616 | ---- | C] (Microsoft Corporation)
d3dx11_42.dll -> C:\Windows\SysNative\d3dx11_42.dll -> [2009/11/26 17:39:36 | 00,285,024 | ---- | C] (Microsoft Corporation)
d3dx11_42.dll -> C:\Windows\SysWow64\d3dx11_42.dll -> [2009/11/26 17:39:36 | 00,235,344 | ---- | C] (Microsoft Corporation)
d3dx10_42.dll -> C:\Windows\SysNative\d3dx10_42.dll -> [2009/11/26 17:39:35 | 00,523,088 | ---- | C] (Microsoft Corporation)
d3dx10_42.dll -> C:\Windows\SysWow64\d3dx10_42.dll -> [2009/11/26 17:39:35 | 00,453,456 | ---- | C] (Microsoft Corporation)
D3DX9_42.dll -> C:\Windows\SysNative\D3DX9_42.dll -> [2009/11/26 17:39:34 | 02,475,352 | ---- | C] (Microsoft Corporation)
D3DX9_42.dll -> C:\Windows\SysWow64\D3DX9_42.dll -> [2009/11/26 17:39:34 | 01,892,184 | ---- | C] (Microsoft Corporation)
D3DCompiler_41.dll -> C:\Windows\SysNative\D3DCompiler_41.dll -> [2009/11/26 17:39:33 | 02,430,312 | ---- | C] (Microsoft Corporation)
D3DCompiler_41.dll -> C:\Windows\SysWow64\D3DCompiler_41.dll -> [2009/11/26 17:39:33 | 01,846,632 | ---- | C] (Microsoft Corporation)
d3dx10_41.dll -> C:\Windows\SysNative\d3dx10_41.dll -> [2009/11/26 17:39:33 | 00,520,544 | ---- | C] (Microsoft Corporation)
d3dx10_41.dll -> C:\Windows\SysWow64\d3dx10_41.dll -> [2009/11/26 17:39:33 | 00,453,456 | ---- | C] (Microsoft Corporation)
D3DX9_41.dll -> C:\Windows\SysNative\D3DX9_41.dll -> [2009/11/26 17:39:32 | 05,425,496 | ---- | C] (Microsoft Corporation)
D3DX9_41.dll -> C:\Windows\SysWow64\D3DX9_41.dll -> [2009/11/26 17:39:32 | 04,178,264 | ---- | C] (Microsoft Corporation)
XAudio2_4.dll -> C:\Windows\SysNative\XAudio2_4.dll -> [2009/11/26 17:39:32 | 00,521,560 | ---- | C] (Microsoft Corporation)
XAudio2_4.dll -> C:\Windows\SysWow64\XAudio2_4.dll -> [2009/11/26 17:39:32 | 00,517,448 | ---- | C] (Microsoft Corporation)
XAPOFX1_3.dll -> C:\Windows\SysNative\XAPOFX1_3.dll -> [2009/11/26 17:39:32 | 00,073,544 | ---- | C] (Microsoft Corporation)
XAPOFX1_3.dll -> C:\Windows\SysWow64\XAPOFX1_3.dll -> [2009/11/26 17:39:32 | 00,069,464 | ---- | C] (Microsoft Corporation)
xactengine3_4.dll -> C:\Windows\SysWow64\xactengine3_4.dll -> [2009/11/26 17:39:31 | 00,235,352 | ---- | C] (Microsoft Corporation)
xactengine3_4.dll -> C:\Windows\SysNative\xactengine3_4.dll -> [2009/11/26 17:39:31 | 00,174,936 | ---- | C] (Microsoft Corporation)
X3DAudio1_6.dll -> C:\Windows\SysNative\X3DAudio1_6.dll -> [2009/11/26 17:39:30 | 00,024,920 | ---- | C] (Microsoft Corporation)
X3DAudio1_6.dll -> C:\Windows\SysWow64\X3DAudio1_6.dll -> [2009/11/26 17:39:30 | 00,022,360 | ---- | C] (Microsoft Corporation)
D3DCompiler_40.dll -> C:\Windows\SysNative\D3DCompiler_40.dll -> [2009/11/26 17:39:29 | 02,605,920 | ---- | C] (Microsoft Corporation)
D3DCompiler_40.dll -> C:\Windows\SysWow64\D3DCompiler_40.dll -> [2009/11/26 17:39:29 | 02,036,576 | ---- | C] (Microsoft Corporation)
d3dx10_40.dll -> C:\Windows\SysNative\d3dx10_40.dll -> [2009/11/26 17:39:29 | 00,519,000 | ---- | C] (Microsoft Corporation)
d3dx10_40.dll -> C:\Windows\SysWow64\d3dx10_40.dll -> [2009/11/26 17:39:29 | 00,452,440 | ---- | C] (Microsoft Corporation)
D3DX9_40.dll -> C:\Windows\SysNative\D3DX9_40.dll -> [2009/11/26 17:39:28 | 05,631,312 | ---- | C] (Microsoft Corporation)
D3DX9_40.dll -> C:\Windows\SysWow64\D3DX9_40.dll -> [2009/11/26 17:39:28 | 04,379,984 | ---- | C] (Microsoft Corporation)
XAudio2_3.dll -> C:\Windows\SysNative\XAudio2_3.dll -> [2009/11/26 17:39:27 | 00,518,480 | ---- | C] (Microsoft Corporation)
XAudio2_3.dll -> C:\Windows\SysWow64\XAudio2_3.dll -> [2009/11/26 17:39:27 | 00,514,384 | ---- | C] (Microsoft Corporation)
xactengine3_3.dll -> C:\Windows\SysWow64\xactengine3_3.dll -> [2009/11/26 17:39:27 | 00,235,856 | ---- | C] (Microsoft Corporation)
xactengine3_3.dll -> C:\Windows\SysNative\xactengine3_3.dll -> [2009/11/26 17:39:27 | 00,175,440 | ---- | C] (Microsoft Corporation)
XAPOFX1_2.dll -> C:\Windows\SysNative\XAPOFX1_2.dll -> [2009/11/26 17:39:27 | 00,074,576 | ---- | C] (Microsoft Corporation)
XAPOFX1_2.dll -> C:\Windows\SysWow64\XAPOFX1_2.dll -> [2009/11/26 17:39:27 | 00,070,992 | ---- | C] (Microsoft Corporation)
X3DAudio1_5.dll -> C:\Windows\SysNative\X3DAudio1_5.dll -> [2009/11/26 17:39:26 | 00,025,936 | ---- | C] (Microsoft Corporation)
X3DAudio1_5.dll -> C:\Windows\SysWow64\X3DAudio1_5.dll -> [2009/11/26 17:39:26 | 00,023,376 | ---- | C] (Microsoft Corporation)
XAudio2_2.dll -> C:\Windows\SysNative\XAudio2_2.dll -> [2009/11/26 17:39:25 | 00,513,544 | ---- | C] (Microsoft Corporation)
XAudio2_2.dll -> C:\Windows\SysWow64\XAudio2_2.dll -> [2009/11/26 17:39:25 | 00,509,448 | ---- | C] (Microsoft Corporation)
XAPOFX1_1.dll -> C:\Windows\SysNative\XAPOFX1_1.dll -> [2009/11/26 17:39:25 | 00,072,200 | ---- | C] (Microsoft Corporation)
XAPOFX1_1.dll -> C:\Windows\SysWow64\XAPOFX1_1.dll -> [2009/11/26 17:39:25 | 00,068,616 | ---- | C] (Microsoft Corporation)
xactengine3_2.dll -> C:\Windows\SysWow64\xactengine3_2.dll -> [2009/11/26 17:39:24 | 00,238,088 | ---- | C] (Microsoft Corporation)
xactengine3_2.dll -> C:\Windows\SysNative\xactengine3_2.dll -> [2009/11/26 17:39:24 | 00,177,672 | ---- | C] (Microsoft Corporation)
D3DCompiler_39.dll -> C:\Windows\SysNative\D3DCompiler_39.dll -> [2009/11/26 17:39:23 | 01,942,552 | ---- | C] (Microsoft Corporation)
D3DCompiler_39.dll -> C:\Windows\SysWow64\D3DCompiler_39.dll -> [2009/11/26 17:39:23 | 01,493,528 | ---- | C] (Microsoft Corporation)
d3dx10_39.dll -> C:\Windows\SysNative\d3dx10_39.dll -> [2009/11/26 17:39:23 | 00,540,688 | ---- | C] (Microsoft Corporation)
d3dx10_39.dll -> C:\Windows\SysWow64\d3dx10_39.dll -> [2009/11/26 17:39:23 | 00,467,984 | ---- | C] (Microsoft Corporation)
D3DX9_39.dll -> C:\Windows\SysNative\D3DX9_39.dll -> [2009/11/26 17:39:22 | 04,992,520 | ---- | C] (Microsoft Corporation)
D3DX9_39.dll -> C:\Windows\SysWow64\D3DX9_39.dll -> [2009/11/26 17:39:22 | 03,851,784 | ---- | C] (Microsoft Corporation)
XAudio2_1.dll -> C:\Windows\SysNative\XAudio2_1.dll -> [2009/11/26 17:39:22 | 00,511,496 | ---- | C] (Microsoft Corporation)
XAPOFX1_0.dll -> C:\Windows\SysNative\XAPOFX1_0.dll -> [2009/11/26 17:39:22 | 00,068,104 | ---- | C] (Microsoft Corporation)
xactengine3_1.dll -> C:\Windows\SysWow64\xactengine3_1.dll -> [2009/11/26 17:39:21 | 00,238,088 | ---- | C] (Microsoft Corporation)
xactengine3_1.dll -> C:\Windows\SysNative\xactengine3_1.dll -> [2009/11/26 17:39:21 | 00,177,672 | ---- | C] (Microsoft Corporation)
X3DAudio1_4.dll -> C:\Windows\SysNative\X3DAudio1_4.dll -> [2009/11/26 17:39:21 | 00,028,168 | ---- | C] (Microsoft Corporation)
D3DX9_38.dll -> C:\Windows\SysNative\D3DX9_38.dll -> [2009/11/26 17:39:20 | 04,991,496 | ---- | C] (Microsoft Corporation)
D3DCompiler_38.dll -> C:\Windows\SysNative\D3DCompiler_38.dll -> [2009/11/26 17:39:20 | 01,941,528 | ---- | C] (Microsoft Corporation)
d3dx10_38.dll -> C:\Windows\SysNative\d3dx10_38.dll -> [2009/11/26 17:39:20 | 00,540,688 | ---- | C] (Microsoft Corporation)
XAudio2_0.dll -> C:\Windows\SysNative\XAudio2_0.dll -> [2009/11/26 17:39:19 | 00,489,480 | ---- | C] (Microsoft Corporation)
xactengine3_0.dll -> C:\Windows\SysWow64\xactengine3_0.dll -> [2009/11/26 17:39:19 | 00,238,088 | ---- | C] (Microsoft Corporation)
xactengine3_0.dll -> C:\Windows\SysNative\xactengine3_0.dll -> [2009/11/26 17:39:19 | 00,177,672 | ---- | C] (Microsoft Corporation)
X3DAudio1_3.dll -> C:\Windows\SysNative\X3DAudio1_3.dll -> [2009/11/26 17:39:19 | 00,028,168 | ---- | C] (Microsoft Corporation)
D3DCompiler_37.dll -> C:\Windows\SysNative\D3DCompiler_37.dll -> [2009/11/26 17:39:18 | 01,860,120 | ---- | C] (Microsoft Corporation)
DAEMON Tools Images -> C:\Users\Public\Documents\DAEMON Tools Images -> [2009/11/26 17:08:53 | 00,000,000 | ---D | C]
DAEMON Tools Lite -> C:\Program Files (x86)\DAEMON Tools Lite -> [2009/11/26 16:57:03 | 00,000,000 | ---D | C]
DAEMON Tools Lite -> C:\Users\ludo\AppData\Roaming\DAEMON Tools Lite -> [2009/11/26 16:56:47 | 00,000,000 | ---D | C]
DAEMON Tools Lite -> C:\ProgramData\DAEMON Tools Lite -> [2009/11/26 16:56:45 | 00,000,000 | ---D | C]
OpenOffice.org -> C:\Users\ludo\AppData\Roaming\OpenOffice.org -> [2009/11/25 18:20:00 | 00,000,000 | ---D | C]
tp info -> C:\Users\ludo\Desktop\tp info -> [2009/11/25 18:16:36 | 00,000,000 | ---D | C]
QuickTime -> C:\Program Files (x86)\QuickTime -> [2009/11/25 18:01:47 | 00,000,000 | ---D | C]
Apple Computer -> C:\ProgramData\Apple Computer -> [2009/11/25 18:01:47 | 00,000,000 | ---D | C]
Apple -> C:\Program Files (x86)\Common Files\Apple -> [2009/11/25 18:01:26 | 00,000,000 | ---D | C]
Apple -> C:\Users\ludo\AppData\Local\Apple -> [2009/11/25 18:01:21 | 00,000,000 | ---D | C]
Apple Software Update -> C:\Program Files (x86)\Apple Software Update -> [2009/11/25 18:01:20 | 00,000,000 | ---D | C]
Apple -> C:\ProgramData\Apple -> [2009/11/25 18:01:20 | 00,000,000 | ---D | C]
Adobe -> C:\Users\ludo\AppData\Local\Adobe -> [2009/11/24 12:26:51 | 00,000,000 | ---D | C]
Adobe -> C:\ProgramData\Adobe -> [2009/11/24 12:26:25 | 00,000,000 | ---D | C]
Adobe -> C:\Program Files (x86)\Common Files\Adobe -> [2009/11/24 12:26:24 | 00,000,000 | ---D | C]
Adobe -> C:\Program Files (x86)\Adobe -> [2009/11/24 12:26:24 | 00,000,000 | ---D | C]
Kaspersky Lab -> C:\Program Files (x86)\Kaspersky Lab -> [2009/11/22 16:06:53 | 00,000,000 | ---D | C]
klif.sys -> C:\Windows\SysNative\drivers\klif.sys -> [2009/11/22 16:06:49 | 00,353,296 | ---- | C] (Kaspersky Lab)
Kaspersky Lab Setup Files -> C:\ProgramData\Kaspersky Lab Setup Files -> [2009/11/22 15:13:14 | 00,000,000 | ---D | C]
Activision -> C:\Users\ludo\AppData\Local\Activision -> [2009/11/22 12:37:15 | 00,000,000 | ---D | C]
d3dx10_37.dll -> C:\Windows\SysNative\d3dx10_37.dll -> [2009/11/22 12:36:45 | 00,529,424 | ---- | C] (Microsoft Corporation)
D3DX9_37.dll -> C:\Windows\SysNative\D3DX9_37.dll -> [2009/11/22 12:36:44 | 04,910,088 | ---- | C] (Microsoft Corporation)
xactengine2_10.dll -> C:\Windows\SysNative\xactengine2_10.dll -> [2009/11/22 12:36:44 | 00,411,656 | ---- | C] (Microsoft Corporation)
xactengine2_10.dll -> C:\Windows\SysWow64\xactengine2_10.dll -> [2009/11/22 12:36:44 | 00,267,272 | ---- | C] (Microsoft Corporation)
D3DCompiler_36.dll -> C:\Windows\SysNative\D3DCompiler_36.dll -> [2009/11/22 12:36:43 | 02,006,552 | ---- | C] (Microsoft Corporation)
d3dx10_36.dll -> C:\Windows\SysNative\d3dx10_36.dll -> [2009/11/22 12:36:43 | 00,508,264 | ---- | C] (Microsoft Corporation)
d3dx9_36.dll -> C:\Windows\SysNative\d3dx9_36.dll -> [2009/11/22 12:36:42 | 05,081,608 | ---- | C] (Microsoft Corporation)
D3DCompiler_35.dll -> C:\Windows\SysNative\D3DCompiler_35.dll -> [2009/11/22 12:36:41 | 01,985,904 | ---- | C] (Microsoft Corporation)
d3dx10_35.dll -> C:\Windows\SysNative\d3dx10_35.dll -> [2009/11/22 12:36:41 | 00,508,264 | ---- | C] (Microsoft Corporation)
xactengine2_9.dll -> C:\Windows\SysNative\xactengine2_9.dll -> [2009/11/22 12:36:41 | 00,411,496 | ---- | C] (Microsoft Corporation)
xactengine2_9.dll -> C:\Windows\SysWow64\xactengine2_9.dll -> [2009/11/22 12:36:41 | 00,267,112 | ---- | C] (Microsoft Corporation)
d3dx9_35.dll -> C:\Windows\SysNative\d3dx9_35.dll -> [2009/11/22 12:36:40 | 05,073,256 | ---- | C] (Microsoft Corporation)
xactengine2_8.dll -> C:\Windows\SysNative\xactengine2_8.dll -> [2009/11/22 12:36:39 | 00,409,960 | ---- | C] (Microsoft Corporation)
xactengine2_8.dll -> C:\Windows\SysWow64\xactengine2_8.dll -> [2009/11/22 12:36:39 | 00,266,088 | ---- | C] (Microsoft Corporation)
X3DAudio1_2.dll -> C:\Windows\SysNative\X3DAudio1_2.dll -> [2009/11/22 12:36:39 | 00,021,000 | ---- | C] (Microsoft Corporation)
d3dx9_34.dll -> C:\Windows\SysNative\d3dx9_34.dll -> [2009/11/22 12:36:38 | 04,496,232 | ---- | C] (Microsoft Corporation)
D3DCompiler_34.dll -> C:\Windows\SysNative\D3DCompiler_34.dll -> [2009/11/22 12:36:38 | 01,401,200 | ---- | C] (Microsoft Corporation)
d3dx10_34.dll -> C:\Windows\SysNative\d3dx10_34.dll -> [2009/11/22 12:36:38 | 00,506,728 | ---- | C] (Microsoft Corporation)
xactengine2_7.dll -> C:\Windows\SysNative\xactengine2_7.dll -> [2009/11/22 12:36:37 | 00,403,304 | ---- | C] (Microsoft Corporation)
xactengine2_7.dll -> C:\Windows\SysWow64\xactengine2_7.dll -> [2009/11/22 12:36:37 | 00,261,480 | ---- | C] (Microsoft Corporation)
xinput1_3.dll -> C:\Windows\SysNative\xinput1_3.dll -> [2009/11/22 12:36:37 | 00,107,368 | ---- | C] (Microsoft Corporation)
xinput1_3.dll -> C:\Windows\SysWow64\xinput1_3.dll -> [2009/11/22 12:36:37 | 00,081,768 | ---- | C] (Microsoft Corporation)
D3DCompiler_33.dll -> C:\Windows\SysNative\D3DCompiler_33.dll -> [2009/11/22 12:36:36 | 01,400,176 | ---- | C] (Microsoft Corporation)
d3dx10_33.dll -> C:\Windows\SysNative\d3dx10_33.dll -> [2009/11/22 12:36:36 | 00,506,728 | ---- | C] (Microsoft Corporation)
d3dx9_33.dll -> C:\Windows\SysNative\d3dx9_33.dll -> [2009/11/22 12:36:35 | 04,494,184 | ---- | C] (Microsoft Corporation)
xactengine2_6.dll -> C:\Windows\SysNative\xactengine2_6.dll -> [2009/11/22 12:36:35 | 00,393,576 | ---- | C] (Microsoft Corporation)
xactengine2_6.dll -> C:\Windows\SysWow64\xactengine2_6.dll -> [2009/11/22 12:36:35 | 00,255,848 | ---- | C] (Microsoft Corporation)
x3daudio1_1.dll -> C:\Windows\SysNative\x3daudio1_1.dll -> [2009/11/22 12:36:32 | 00,017,688 | ---- | C] (Microsoft Corporation)
x3daudio1_1.dll -> C:\Windows\SysWow64\x3daudio1_1.dll -> [2009/11/22 12:36:32 | 00,015,128 | ---- | C] (Microsoft Corporation)
Everest Poker -> C:\Program Files (x86)\Everest Poker -> [2009/11/22 11:50:03 | 00,000,000 | ---D | C]

[Files/Folders - Modified Within 30 Days]
NTUSER.DAT -> C:\Users\ludo\NTUSER.DAT -> [2009/12/21 20:44:47 | 02,359,296 | -HS- | M] ()
SA.DAT -> C:\Windows\tasks\SA.DAT -> [2009/12/21 20:44:10 | 00,000,006 | -H-- | M] ()
bootstat.dat -> C:\Windows\bootstat.dat -> [2009/12/21 20:44:06 | 00,067,584 | --S- | M] ()
hiberfil.sys -> C:\hiberfil.sys -> [2009/12/21 20:44:04 | 32,204,80000 | -HS- | M] ()
IconCache.db -> C:\Users\ludo\AppData\Local\IconCache.db -> [2009/12/21 20:42:55 | 00,988,313 | -H-- | M] ()
Malwarebytes' Anti-Malware.lnk -> C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk -> [2009/12/21 20:11:48 | 00,001,013 | ---- | M] ()
7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 -> [2009/12/21 19:13:09 | 00,013,248 | -H-- | M] ()
7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 -> [2009/12/21 19:13:09 | 00,013,248 | -H-- | M] ()
PerfStringBackup.INI -> C:\Windows\SysNative\PerfStringBackup.INI -> [2009/12/21 19:11:34 | 01,524,562 | ---- | M] ()
perfh00C.dat -> C:\Windows\SysNative\perfh00C.dat -> [2009/12/21 19:11:34 | 00,694,766 | ---- | M] ()
perfh009.dat -> C:\Windows\SysNative\perfh009.dat -> [2009/12/21 19:11:34 | 00,606,992 | ---- | M] ()
perfc00C.dat -> C:\Windows\SysNative\perfc00C.dat -> [2009/12/21 19:11:34 | 00,127,478 | ---- | M] ()
perfc009.dat -> C:\Windows\SysNative\perfc009.dat -> [2009/12/21 19:11:34 | 00,103,370 | ---- | M] ()
lsdelete.exe -> C:\Windows\SysNative\lsdelete.exe -> [2009/12/21 01:50:59 | 00,015,880 | ---- | M] ()
Ad-Aware.lnk -> C:\Users\Public\Desktop\Ad-Aware.lnk -> [2009/12/21 01:47:03 | 00,001,154 | ---- | M] ()
citation.odt -> C:\Users\ludo\Documents\citation.odt -> [2009/12/20 16:20:36 | 00,007,926 | ---- | M] ()
o.p12 -> C:\Users\ludo\Desktop\o.p12 -> [2009/12/19 12:43:12 | 00,002,392 | ---- | M] ()
Mumble (Backwards Compatible).lnk -> C:\Users\Public\Desktop\Mumble (Backwards Compatible).lnk -> [2009/12/19 12:40:06 | 00,001,000 | ---- | M] ()
Mumble.lnk -> C:\Users\Public\Desktop\Mumble.lnk -> [2009/12/19 12:40:06 | 00,000,983 | ---- | M] ()
Anno4 - Raccourci.lnk -> C:\Users\ludo\Desktop\Anno4 - Raccourci.lnk -> [2009/12/17 12:42:14 | 00,001,301 | ---- | M] ()
citation.odt -> C:\Users\ludo\Desktop\citation.odt -> [2009/12/15 21:50:48 | 00,011,737 | ---- | M] ()
atksgt.sys -> C:\Windows\SysNative\drivers\atksgt.sys -> [2009/12/15 17:29:43 | 00,314,016 | ---- | M] ()
lirsgt.sys -> C:\Windows\SysNative\drivers\lirsgt.sys -> [2009/12/15 17:29:41 | 00,043,680 | ---- | M] ()
ezsidmv.dat -> C:\ProgramData\ezsidmv.dat -> [2009/12/15 14:57:27 | 00,000,056 | ---- | M] ()
Skype.lnk -> C:\Users\Public\Desktop\Skype.lnk -> [2009/12/15 14:50:32 | 00,002,515 | ---- | M] ()
Call of Duty Modern Warfare 2.lnk -> C:\Users\ludo\Desktop\Call of Duty Modern Warfare 2.lnk -> [2009/12/12 20:21:45 | 00,001,885 | ---- | M] ()
Call of Duty Modern Warfare 2 - Multiplayer.lnk -> C:\Users\ludo\Desktop\Call of Duty Modern Warfare 2 - Multiplayer.lnk -> [2009/12/12 20:21:45 | 00,001,885 | ---- | M] ()
Msft_User_WpdMtpDr_01_09_00.Wdf -> C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf -> [2009/12/11 17:59:54 | 00,000,000 | -H-- | M] ()
LogMeIn Hamachi.lnk -> C:\Users\Public\Desktop\LogMeIn Hamachi.lnk -> [2009/12/09 18:14:38 | 00,000,926 | ---- | M] ()
Nero StartSmart.lnk -> C:\Users\Public\Desktop\Nero StartSmart.lnk -> [2009/12/08 17:03:16 | 00,002,786 | ---- | M] ()
Nero Home.lnk -> C:\Users\Public\Desktop\Nero Home.lnk -> [2009/12/08 17:03:16 | 00,002,690 | ---- | M] ()
mbamswissarmy.sys -> C:\Windows\SysWow64\drivers\mbamswissarmy.sys -> [2009/12/03 16:14:06 | 00,038,224 | ---- | M] (Malwarebytes Corporation)
mbam.sys -> C:\Windows\SysNative\drivers\mbam.sys -> [2009/12/03 16:13:58 | 00,022,104 | ---- | M] (Malwarebytes Corporation)
CCleaner.lnk -> C:\Users\ludo\Desktop\CCleaner.lnk -> [2009/11/30 19:07:29 | 00,001,889 | ---- | M] ()
VLC media player.lnk -> C:\Users\Public\Desktop\VLC media player.lnk -> [2009/11/30 18:33:48 | 00,001,070 | ---- | M] ()
daorigins - Raccourci.lnk -> C:\Users\ludo\Desktop\daorigins - Raccourci.lnk -> [2009/11/30 12:51:05 | 00,001,636 | ---- | M] ()
NCLauncher - Raccourci.lnk -> C:\Users\ludo\Desktop\NCLauncher - Raccourci.lnk -> [2009/11/29 17:21:46 | 00,001,599 | ---- | M] ()
DAEMON Tools Lite.lnk -> C:\Users\Public\Desktop\DAEMON Tools Lite.lnk -> [2009/11/26 16:57:34 | 00,001,954 | ---- | M] ()
sptd.sys -> C:\Windows\SysNative\drivers\sptd.sys -> [2009/11/26 16:57:33 | 00,834,544 | ---- | M] ()
Msft_User_WpdFs_01_09_00.Wdf -> C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf -> [2009/11/26 16:54:13 | 00,000,000 | -H-- | M] ()
OpenOffice.org 3.1.lnk -> C:\Users\ludo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk -> [2009/11/25 18:20:19 | 00,001,239 | ---- | M] ()
Adobe Reader 9.lnk -> C:\Users\Public\Desktop\Adobe Reader 9.lnk -> [2009/11/24 12:26:27 | 00,002,014 | ---- | M] ()
PnkBstrB.exe -> C:\Windows\SysWow64\PnkBstrB.exe -> [2009/11/23 16:40:53 | 00,111,928 | ---- | M] ()
klin.dat -> C:\Windows\SysNative\drivers\klin.dat -> [2009/11/22 16:07:15 | 00,143,387 | ---- | M] ()
klick.dat -> C:\Windows\SysNative\drivers\klick.dat -> [2009/11/22 16:07:15 | 00,104,987 | ---- | M] ()
klif.sys -> C:\Windows\SysNative\drivers\klif.sys -> [2009/11/22 16:06:49 | 00,353,296 | ---- | M] (Kaspersky Lab)
pbsvc.exe -> C:\Windows\SysWow64\pbsvc.exe -> [2009/11/22 12:34:49 | 00,682,280 | ---- | M] ()
PnkBstrA.exe -> C:\Windows\SysWow64\PnkBstrA.exe -> [2009/11/22 12:34:49 | 00,066,872 | ---- | M] ()
win.ini -> C:\Windows\win.ini -> [2009/11/22 11:50:27 | 00,000,448 | ---- | M] ()
Everest Poker.lnk -> C:\Users\Public\Desktop\Everest Poker.lnk -> [2009/11/22 11:50:25 | 00,001,962 | ---- | M] ()

[Files - No Company Name]
IconCache.db -> C:\Users\ludo\AppData\Local\IconCache.db -> [2009/12/21 20:42:55 | 00,988,313 | -H-- | C] ()
Malwarebytes' Anti-Malware.lnk -> C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk -> [2009/12/21 20:11:48 | 00,001,013 | ---- | C] ()
lsdelete.exe -> C:\Windows\SysNative\lsdelete.exe -> [2009/12/21 02:23:50 | 00,015,880 | ---- | C] ()
Ad-Aware.lnk -> C:\Users\Public\Desktop\Ad-Aware.lnk -> [2009/12/21 01:47:03 | 00,001,154 | ---- | C] ()
citation.odt -> C:\Users\ludo\Documents\citation.odt -> [2009/12/20 16:20:33 | 00,007,926 | ---- | C] ()
o.p12 -> C:\Users\ludo\Desktop\o.p12 -> [2009/12/19 12:43:10 | 00,002,392 | ---- | C] ()
Mumble (Backwards Compatible).lnk -> C:\Users\Public\Desktop\Mumble (Backwards Compatible).lnk -> [2009/12/19 12:40:06 | 00,001,000 | ---- | C] ()
Mumble.lnk -> C:\Users\Public\Desktop\Mumble.lnk -> [2009/12/19 12:40:06 | 00,000,983 | ---- | C] ()
Anno4 - Raccourci.lnk -> C:\Users\ludo\Desktop\Anno4 - Raccourci.lnk -> [2009/12/17 12:42:14 | 00,001,301 | ---- | C] ()
atksgt.sys -> C:\Windows\SysNative\drivers\atksgt.sys -> [2009/12/15 17:29:43 | 00,314,016 | ---- | C] ()
lirsgt.sys -> C:\Windows\SysNative\drivers\lirsgt.sys -> [2009/12/15 17:29:41 | 00,043,680 | ---- | C] ()
ezsidmv.dat -> C:\ProgramData\ezsidmv.dat -> [2009/12/15 14:57:27 | 00,000,056 | ---- | C] ()
Skype.lnk -> C:\Users\Public\Desktop\Skype.lnk -> [2009/12/15 14:50:32 | 00,002,515 | ---- | C] ()
Call of Duty Modern Warfare 2.lnk -> C:\Users\ludo\Desktop\Call of Duty Modern Warfare 2.lnk -> [2009/12/12 20:21:45 | 00,001,885 | ---- | C] ()
Call of Duty Modern Warfare 2 - Multiplayer.lnk -> C:\Users\ludo\Desktop\Call of Duty Modern Warfare 2 - Multiplayer.lnk -> [2009/12/12 20:21:45 | 00,001,885 | ---- | C] ()
Msft_User_WpdMtpDr_01_09_00.Wdf -> C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf -> [2009/12/11 17:59:54 | 00,000,000 | -H-- | C] ()
LogMeIn Hamachi.lnk -> C:\Users\Public\Desktop\LogMeIn Hamachi.lnk -> [2009/12/09 18:14:38 | 00,000,926 | ---- | C] ()
Nero StartSmart.lnk -> C:\Users\Public\Desktop\Nero StartSmart.lnk -> [2009/12/08 17:03:16 | 00,002,786 | ---- | C] ()
Nero Home.lnk -> C:\Users\Public\Desktop\Nero Home.lnk -> [2009/12/08 17:03:16 | 00,002,690 | ---- | C] ()
citation.odt -> C:\Users\ludo\Desktop\citation.odt -> [2009/12/04 23:01:22 | 00,011,737 | ---- | C] ()
CCleaner.lnk -> C:\Users\ludo\Desktop\CCleaner.lnk -> [2009/11/30 19:07:29 | 00,001,889 | ---- | C] ()
VLC media player.lnk -> C:\Users\Public\Desktop\VLC media player.lnk -> [2009/11/30 18:33:48 | 00,001,070 | ---- | C] ()
daorigins - Raccourci.lnk -> C:\Users\ludo\Desktop\daorigins - Raccourci.lnk -> [2009/11/30 12:51:05 | 00,001,636 | ---- | C] ()
NCLauncher - Raccourci.lnk -> C:\Users\ludo\Desktop\NCLauncher - Raccourci.lnk -> [2009/11/29 17:21:46 | 00,001,599 | ---- | C] ()
DAEMON Tools Lite.lnk -> C:\Users\Public\Desktop\DAEMON Tools Lite.lnk -> [2009/11/26 16:57:34 | 00,001,954 | ---- | C] ()
sptd.sys -> C:\Windows\SysNative\drivers\sptd.sys -> [2009/11/26 16:57:33 | 00,834,544 | ---- | C] ()
Msft_User_WpdFs_01_09_00.Wdf -> C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf -> [2009/11/26 16:54:13 | 00,000,000 | -H-- | C] ()
OpenOffice.org 3.1.lnk -> C:\Users\ludo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk -> [2009/11/25 18:20:19 | 00,001,239 | ---- | C] ()
Adobe Reader 9.lnk -> C:\Users\Public\Desktop\Adobe Reader 9.lnk -> [2009/11/24 12:26:27 | 00,002,014 | ---- | C] ()
klin.dat -> C:\Windows\SysNative\drivers\klin.dat -> [2009/11/22 16:07:15 | 00,143,387 | ---- | C] ()
klick.dat -> C:\Windows\SysNative\drivers\klick.dat -> [2009/11/22 16:07:15 | 00,104,987 | ---- | C] ()
pbsvc.exe -> C:\Windows\SysWow64\pbsvc.exe -> [2009/11/22 12:34:49 | 00,682,280 | ---- | C] ()
Everest Poker.lnk -> C:\Users\Public\Desktop\Everest Poker.lnk -> [2009/11/22 11:50:25 | 00,001,962 | ---- | C] ()
game.ini -> C:\Windows\game.ini -> [2009/11/21 19:36:35 | 00,000,331 | ---- | C] ()
AsIO.dll -> C:\Windows\SysWow64\AsIO.dll -> [2009/11/03 13:19:37 | 00,024,576 | ---- | C] ()
AsIO.sys -> C:\Windows\SysWow64\drivers\AsIO.sys -> [2009/11/03 13:19:37 | 00,014,392 | ---- | C] ()
AsInsHelp64.sys -> C:\Windows\SysWow64\drivers\AsInsHelp64.sys -> [2009/11/03 13:19:35 | 00,011,832 | ---- | C] ()
AsInsHelp32.sys -> C:\Windows\SysWow64\drivers\AsInsHelp32.sys -> [2009/11/03 13:19:35 | 00,010,216 | ---- | C] ()
Language_trs.ini -> C:\Windows\Language_trs.ini -> [2009/11/03 12:51:01 | 00,001,769 | ---- | C] ()
GlobalUserInterface.CompositeFont -> C:\Windows\Fonts\GlobalUserInterface.CompositeFont -> [2009/07/14 06:32:39 | 00,043,318 | ---- | C] ()
GlobalSerif.CompositeFont -> C:\Windows\Fonts\GlobalSerif.CompositeFont -> [2009/07/14 06:32:39 | 00,029,779 | ---- | C] ()
GlobalSansSerif.CompositeFont -> C:\Windows\Fonts\GlobalSansSerif.CompositeFont -> [2009/07/14 06:32:39 | 00,026,489 | ---- | C] ()
GlobalMonospace.CompositeFont -> C:\Windows\Fonts\GlobalMonospace.CompositeFont -> [2009/07/14 06:32:39 | 00,026,040 | ---- | C] ()
BWContextHandler.dll -> C:\Windows\SysWow64\BWContextHandler.dll -> [2009/07/14 00:42:10 | 00,064,000 | ---- | C] ()
msjetoledb40.dll -> C:\Windows\SysWow64\msjetoledb40.dll -> [2009/07/13 22:03:59 | 00,364,544 | ---- | C] ()
physxcudart_20.dll -> C:\Windows\SysWow64\physxcudart_20.dll -> [2008/10/07 09:13:30 | 00,197,912 | ---- | C] ()
AgCPanelTraditionalChinese.dll -> C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll -> [2008/10/07 09:13:22 | 00,058,648 | ---- | C] ()
AgCPanelSwedish.dll -> C:\Windows\SysWow64\AgCPanelSwedish.dll -> [2008/10/07 09:13:20 | 00,058,648 | ---- | C] ()
AgCPanelSpanish.dll -> C:\Windows\SysWow64\AgCPanelSpanish.dll -> [2008/10/07 09:13:20 | 00,058,648 | ---- | C] ()
AgCPanelSimplifiedChinese.dll -> C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll -> [2008/10/07 09:13:20 | 00,058,648 | ---- | C] ()
AgCPanelPortugese.dll -> C:\Windows\SysWow64\AgCPanelPortugese.dll -> [2008/10/07 09:13:20 | 00,058,648 | ---- | C] ()
AgCPanelKorean.dll -> C:\Windows\SysWow64\AgCPanelKorean.dll -> [2008/10/07 09:13:20 | 00,058,648 | ---- | C] ()
AgCPanelJapanese.dll -> C:\Windows\SysWow64\AgCPanelJapanese.dll -> [2008/10/07 09:13:20 | 00,058,648 | ---- | C] ()
AgCPanelGerman.dll -> C:\Windows\SysWow64\AgCPanelGerman.dll -> [2008/10/07 09:13:20 | 00,058,648 | ---- | C] ()
AgCPanelFrench.dll -> C:\Windows\SysWow64\AgCPanelFrench.dll -> [2008/10/07 09:13:20 | 00,058,648 | ---- | C] ()
ASUSHWIO.SYS -> C:\Windows\SysWow64\drivers\ASUSHWIO.SYS -> [2007/12/28 16:22:02 | 00,010,296 | ---- | C] ()
< End of report >

Ce message a été modifié par zagstruck - 21 décembre 2009 - 09:11 .

Retour en haut of the page up there ^

#5 Gof

Tera Power Extrem Member

Groupe : Modérateur [Gof]
Messages : 9764
Inscrit(e) : 26-novembre 05

Posté 21 décembre 2009 - 09:45

Ton souci ne semble pas d'origine infectieuse. Les deux entrées que j'avais constaté ne sont que des restes de la Base de Registre, les fichiers ne sont pas là ; on s'en occupera par la suite.

Je vais te faire correctement désinstaller ton Kaspersky, pour le réinstaller correctement. Prends soin d'abord de bien conserver les informations de licence (code donné dans l'email à l'achat sur le net, ou code sur la boîte en cas d'achat en magasin).

Consulte le lien suivant : Removal tool for Kaspersky Lab products.
Il t'y sera expliqué comment désinstaller avec leur outil le produit.
Tu n'as qu'à suivre les instructions.

Ensuite, et après avoir redémarré comme demandé, installe une nouvelle version en la récupérant sur le lien suivant : Kaspersky Internet Security 2010. Il est important que tu réinstalles à partir de cette version téléchargée, car l'outil a eu une mise à jour (Critical Fix 2).

Dis moi ce qu'il en est

Help ! Pourquoi... Gof ? * La Mare du Gof

Retour en haut of the page up there ^

#6 zagstruck

Junior Member

Groupe : Membres
Messages : 7
Inscrit(e) : 19-décembre 09

Posté 21 décembre 2009 - 10:34

c'est bon l'anti virus refonctionne, cependant au demarage j'ai ceci que je n'avais pas avant de ne pu avoir d'anti virus
Image IPB

peut t'on les enlever ?

Ce message a été modifié par zagstruck - 21 décembre 2009 - 10:39 .

Retour en haut of the page up there ^

#7 Gof

Tera Power Extrem Member

Groupe : Modérateur [Gof]
Messages : 9764
Inscrit(e) : 26-novembre 05

Posté 26 décembre 2009 - 05:06

Bonjour zagstruck

Navré des délais, bonnes fêtes de fin d'année

Citation

c'est bon l'anti virus refonctionne, cependant au demarage j'ai ceci que je n'avais pas avant de ne pu avoir d'anti virus

Impeccable pour l'antivirus.

Pour supprimer les deux fenêtres au démarrage, qui sont des restes d'une infection qui ne semblent plus présente.

Exécute à nouveau OTS

Copie-colle les éléments suivants dans la partie Paste Fix Here

[Registry - Safe List]
< Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
YY -> "media bore program mapi" -> C:\ProgramData\Phone Bash Extra.xou ["C:\ProgramData\Phone Bash Extra.xous8"]
YY -> "PokeCreative" -> C:\ProgramData\FaceManagerManager.0t6 ["C:\ProgramData\FaceManagerManager.0t6cm5"]
[Empty Temp Folders]

Puis, clique sur Run Fix.
Ce sera très rapide, un rapport sera généré, poste le à la suite.

Redémarre, tu ne devrais plus avoir les soucis. Tu me confirmes ?

Help ! Pourquoi... Gof ? * La Mare du Gof

Retour en haut of the page up there ^

#8 zagstruck

Junior Member

Groupe : Membres
Messages : 7
Inscrit(e) : 19-décembre 09

Posté 27 décembre 2009 - 11:17

bonsoir Gof
tout d'abords je te souhaite de joyeuses fêtes de fin d'années
et je te remercie à nouveau pour ton aide
voici le rapport

All Processes Killed
[Registry - Safe List]
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\media bore program mapi deleted successfully.
File C:\ProgramData\Phone Bash Extra.xou not found.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\PokeCreative deleted successfully.
File C:\ProgramData\FaceManagerManager.0t6 not found.
[Empty Temp Folders]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: ludo
->Temp folder emptied: 13051744 bytes
->Temporary Internet Files folder emptied: 75348260 bytes
->Java cache emptied: 30259100 bytes
->FireFox cache emptied: 109636940 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
Windows Temp folder emptied: 3589250 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50540 bytes
RecycleBin emptied: 103410 bytes

Total Files Cleaned = 221,00 mb

< End of fix log >
OTS by OldTimer - Version 3.1.14.1 fix logfile created on 12272009_230525

Files\Folders moved on Reboot...
C:\Users\ludo\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...

Retour en haut of the page up there ^

#9 Gof

Tera Power Extrem Member

Groupe : Modérateur [Gof]
Messages : 9764
Inscrit(e) : 26-novembre 05

Posté 31 décembre 2009 - 11:04

Bonjour zagstruck

Navré des délais, grosse semaine encore. Normalement tes fenêtres au démarrage du système ont disparu, me le confirmes tu ?

Si tout va bien, je te fais supprimer les outils que nous avons utilisés.

Help ! Pourquoi... Gof ? * La Mare du Gof

Retour en haut of the page up there ^

#10 zagstruck

Junior Member

Groupe : Membres
Messages : 7
Inscrit(e) : 19-décembre 09

Posté 02 janvier 2010 - 07:48

bonne année !!!!
oui je confirme elles ont disparues

Retour en haut of the page up there ^

(2 Pages)
1
2
→

Vous ne pouvez pas commencer un sujet
Vous ne pouvez pas répondre à ce sujet

Similar Topics
Sujet	Commencé par	Statistiques	Infos sur le dernier message
RAM surexploitée, lenteur, impossible d'enregistrer un projet	Raphaël	2 réponses 104 vues	16 mai 2012 - 07:27 Par : rafw
[Résolu] Firefox a cessé de fonctionner	patisijm	6 réponses 157 vues	Hier, 15:40 Par : patisijm
[Résolu] GPU 98° WTTTTF ? 1 2	alakisi	12 réponses 178 vues	Hier, 17:42 Par : Tonton
Code erreur 80070641 avec Office 2010 1 2 3 5 →	mc guill	44 réponses 1383 vues	28 avril 2012 - 07:26 Par : Tonton
[Résolu] Réseau Wifi Up !	Dragost	2 réponses 135 vues	23 mai 2012 - 07:40 Par : Dragost
[Résolu] Problème drivers Nvidia	yoyothebest	3 réponses 177 vues	Hier, 20:59 Par : yoyothebest
[Résolu] Problème avec Java 1 2 3 4	Editha	33 réponses 1217 vues	19 avril 2012 - 06:24 Par : Editha
[Résolu] Installclick Connector	gilles88	1 réponses 172 vues	22 mai 2012 - 10:21 Par : Raymond 78
[Résolu] Extraire texte et images d'un PDF 1 2 [Résolu… si l'on veut !] Comment procéder ?	BayernFan62	11 réponses 1406 vues	19 août 2011 - 02:41 Par : asap
[Résolu] Apparition bandeau noir sur fond noir Au démarrage de Windows XP	pyramides	8 réponses 290 vues	21 mai 2012 - 07:07 Par : pyramides

1 utilisateur(s) en train de lire ce sujet
0 membre(s), 1 invité(s), 0 utilisateur(s) anonyme(s)

Heure actuelle : mai 26 2012 20:26

Community Forum Software by IP.Board

[Services] [Contact] [Plan du site] [Notice légale] [Twitter]

Forums Zebulon.fr: kapersky 2010 impossible à mettre à jour [ RESOLU ] - Forums Zebulon.fr

kapersky 2010 impossible à mettre à jour [ RESOLU ] Noter :

#1 zagstruck

PUBLICITÉ

#2 Gof

#3 zagstruck

#4 zagstruck

#5 Gof

#6 zagstruck

#7 Gof

#8 zagstruck

#9 Gof

#10 zagstruck

1 utilisateur(s) en train de lire ce sujet
0 membre(s), 1 invité(s), 0 utilisateur(s) anonyme(s)

Supprimer le message

Thème et langage

Statistiques d'exécution

Forums Zebulon.fr: kapersky 2010 impossible à mettre à jour [ RESOLU ] - Forums Zebulon.fr

PUBLICITÉ

1 utilisateur(s) en train de lire ce sujet 0 membre(s), 1 invité(s), 0 utilisateur(s) anonyme(s)

Supprimer le message

Thème et langage

Statistiques d'exécution

1 utilisateur(s) en train de lire ce sujet
0 membre(s), 1 invité(s), 0 utilisateur(s) anonyme(s)