zagstruck

merci bien

bonne année !!!! oui je confirme elles ont disparues

bonsoir Gof tout d'abords je te souhaite de joyeuses fêtes de fin d'années et je te remercie à nouveau pour ton aide voici le rapport All Processes Killed [Registry - Safe List] Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\media bore program mapi deleted successfully. File C:\ProgramData\Phone Bash Extra.xou not found. Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\PokeCreative deleted successfully. File C:\ProgramData\FaceManagerManager.0t6 not found. [Empty Temp Folders] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: ludo ->Temp folder emptied: 13051744 bytes ->Temporary Internet Files folder emptied: 75348260 bytes ->Java cache emptied: 30259100 bytes ->FireFox cache emptied: 109636940 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes Windows Temp folder emptied: 3589250 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50540 bytes RecycleBin emptied: 103410 bytes Total Files Cleaned = 221,00 mb < End of fix log > OTS by OldTimer - Version 3.1.14.1 fix logfile created on 12272009_230525 Files\Folders moved on Reboot... C:\Users\ludo\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. Registry entries deleted on Reboot...

c'est bon l'anti virus refonctionne, cependant au demarage j'ai ceci que je n'avais pas avant de ne pu avoir d'anti virus peut t'on les enlever ?

et le rapport OST: OTS logfile created on: 21/12/2009 20:46:04 - Run 1 OTS by OldTimer - Version 3.1.12.0 Folder = C:\Downloads\Software 64bit- An unknown product (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy 4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 70,00% Memory free 8,00 Gb Paging File | 7,00 Gb Available in Paging File | 85,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 279,46 Gb Total Space | 129,22 Gb Free Space | 46,24% Space Free | Partition Type: NTFS Drive D: | 309,02 Gb Total Space | 99,97 Gb Free Space | 32,35% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: DÉDÉ Current User Name: ludo Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Include 64bit Scans Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days [Processes - Safe List] ots.exe -> C:\Downloads\Software\OTS.exe -> [2009/12/21 20:10:54 | 00,598,528 | ---- | M] (OldTimer Tools) aawtray.exe -> C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe -> [2009/12/21 01:49:29 | 00,788,880 | ---- | M] (Lavasoft) aawservice.exe -> C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -> [2009/12/21 01:49:27 | 01,181,328 | ---- | M] (Lavasoft) pnkbstra.exe -> C:\Windows\SysWOW64\PnkBstrA.exe -> [2009/11/22 12:34:49 | 00,066,872 | ---- | M] () lsnfier.exe -> C:\Users\ludo\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe -> [2009/11/19 19:52:38 | 00,135,680 | ---- | M] (Microsoft Corporation) dtlite.exe -> C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -> [2009/10/30 12:57:08 | 00,369,200 | ---- | M] (DT Soft Ltd) avp.exe -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe -> [2009/10/20 19:39:28 | 00,340,456 | ---- | M] (Kaspersky Lab) jusched.exe -> C:\Program Files (x86)\Java\jre6\bin\jusched.exe -> [2009/10/11 04:17:36 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) skype.exe -> C:\Program Files (x86)\Skype\Phone\Skype.exe -> [2009/10/09 13:11:12 | 25,623,336 | R--- | M] (Skype Technologies S.A.) skypepm.exe -> C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe -> [2009/10/09 13:11:12 | 00,078,008 | R--- | M] (Skype Technologies) reader_sl.exe -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe -> [2009/10/03 04:08:38 | 00,035,696 | ---- | M] (Adobe Systems Incorporated) aawwsc.exe -> C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWWSC.exe -> [2009/09/23 08:55:40 | 00,707,704 | ---- | M] () soffice.bin -> C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin -> [2009/08/19 10:31:42 | 07,418,368 | ---- | M] (OpenOffice.org) soffice.exe -> C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe -> [2009/08/19 10:31:40 | 07,424,000 | ---- | M] (OpenOffice.org) msnmsgr.exe -> C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe -> [2009/07/26 16:44:52 | 03,883,856 | ---- | M] (Microsoft Corporation) sixengine.exe -> C:\Program Files (x86)\ASUS\EPU-6 Engine\SixEngine.exe -> [2009/05/25 10:33:50 | 06,017,024 | ---- | M] () assysctrlservice.exe -> C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe -> [2009/04/02 12:27:26 | 00,090,112 | ---- | M] () nmindexstoresvr.exe -> C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe -> [2008/01/22 10:13:32 | 01,201,448 | ---- | M] (Nero AG) nmindexingservice.exe -> C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe -> [2008/01/22 10:13:26 | 00,275,752 | ---- | M] (Nero AG) nmbgmonitor.exe -> C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe -> [2008/01/22 10:13:20 | 00,152,872 | ---- | M] (Nero AG) [Modules - Safe List] ots.exe -> C:\Downloads\Software\OTS.exe -> [2009/12/21 20:10:54 | 00,598,528 | ---- | M] (OldTimer Tools) comctl32.dll -> C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll -> [2009/07/14 02:03:50 | 01,680,896 | ---- | M] (Microsoft Corporation) [Win32 Services - Safe List] 64bit-(AMD External Events Utility) [Auto | Running] -> C:\Windows\SysNative\atiesrxx.exe -> [2009/08/18 02:36:20 | 00,203,264 | ---- | M] (AMD) 64bit-(WwanSvc) [On_Demand | Stopped] -> C:\Windows\SysNative\wwansvc.dll -> [2009/07/14 02:41:59 | 00,229,888 | ---- | M] (Microsoft Corporation) 64bit-(WbioSrvc) [On_Demand | Stopped] -> C:\Windows\SysNative\wbiosrvc.dll -> [2009/07/14 02:41:56 | 00,202,240 | ---- | M] (Microsoft Corporation) 64bit-(UmRdpService) [On_Demand | Stopped] -> C:\Windows\SysNative\umrdp.dll -> [2009/07/14 02:41:56 | 00,195,072 | ---- | M] (Microsoft Corporation) 64bit-(Power) [Auto | Running] -> C:\Windows\SysNative\umpo.dll -> [2009/07/14 02:41:56 | 00,163,840 | ---- | M] (Microsoft Corporation) 64bit-(Themes) [Auto | Running] -> C:\Windows\SysNative\themeservice.dll -> [2009/07/14 02:41:55 | 00,044,544 | ---- | M] (Microsoft Corporation) 64bit-(sppuinotify) [On_Demand | Stopped] -> C:\Windows\SysNative\sppuinotify.dll -> [2009/07/14 02:41:54 | 00,065,536 | ---- | M] (Microsoft Corporation) 64bit-(SensrSvc) [On_Demand | Stopped] -> C:\Windows\SysNative\sensrsvc.dll -> [2009/07/14 02:41:54 | 00,029,184 | ---- | M] (Microsoft Corporation) 64bit-(StorSvc) [On_Demand | Stopped] -> C:\Windows\SysNative\StorSvc.dll -> [2009/07/14 02:41:54 | 00,017,920 | ---- | M] (Microsoft Corporation) 64bit-(PeerDistSvc) [On_Demand | Stopped] -> C:\Windows\SysNative\PeerDistSvc.dll -> [2009/07/14 02:41:53 | 01,361,920 | ---- | M] (Microsoft Corporation) 64bit-(PNRPsvc) [On_Demand | Running] -> C:\Windows\SysNative\pnrpsvc.dll -> [2009/07/14 02:41:53 | 00,327,168 | ---- | M] (Microsoft Corporation) 64bit-(p2pimsvc) [On_Demand | Running] -> C:\Windows\SysNative\pnrpsvc.dll -> [2009/07/14 02:41:53 | 00,327,168 | ---- | M] (Microsoft Corporation) 64bit-(HomeGroupProvider) [On_Demand | Running] -> C:\Windows\SysNative\provsvc.dll -> [2009/07/14 02:41:53 | 00,187,904 | ---- | M] (Microsoft Corporation) 64bit-(RpcEptMapper) [unknown | Running] -> C:\Windows\SysNative\RpcEpMap.dll -> [2009/07/14 02:41:53 | 00,067,072 | ---- | M] (Microsoft Corporation) 64bit-(PNRPAutoReg) [On_Demand | Stopped] -> C:\Windows\SysNative\pnrpauto.dll -> [2009/07/14 02:41:53 | 00,025,088 | ---- | M] (Microsoft Corporation) 64bit-(WinDefend) [Auto | Stopped] -> C:\Program Files\Windows Defender\mpsvc.dll -> [2009/07/14 02:41:27 | 01,011,712 | ---- | M] (Microsoft Corporation) 64bit-(HomeGroupListener) [On_Demand | Running] -> C:\Windows\SysNative\ListSvc.dll -> [2009/07/14 02:41:18 | 00,231,936 | ---- | M] (Microsoft Corporation) 64bit-(FontCache) [On_Demand | Stopped] -> C:\Windows\SysNative\FntCache.dll -> [2009/07/14 02:40:54 | 01,127,936 | ---- | M] (Microsoft Corporation) 64bit-(Dhcp) [Auto | Running] -> C:\Windows\SysNative\dhcpcore.dll -> [2009/07/14 02:40:28 | 00,314,368 | ---- | M] (Microsoft Corporation) 64bit-(defragsvc) [On_Demand | Stopped] -> C:\Windows\SysNative\defragsvc.dll -> [2009/07/14 02:40:28 | 00,291,328 | ---- | M] (Microsoft Corporation) 64bit-(CscService) [Auto | Running] -> C:\Windows\SysNative\cscsvc.dll -> [2009/07/14 02:40:24 | 00,689,152 | ---- | M] (Microsoft Corporation) 64bit-(bthserv) [On_Demand | Stopped] -> C:\Windows\SysNative\bthserv.dll -> [2009/07/14 02:40:13 | 00,083,968 | ---- | M] (Microsoft Corporation) 64bit-(BDESVC) [unknown | Stopped] -> C:\Windows\SysNative\bdesvc.dll -> [2009/07/14 02:40:10 | 00,100,864 | ---- | M] (Microsoft Corporation) 64bit-(AxInstSV) [On_Demand | Stopped] -> C:\Windows\SysNative\AxInstSv.dll -> [2009/07/14 02:40:05 | 00,114,688 | ---- | M] (Microsoft Corporation) 64bit-(AppMgmt) [On_Demand | Stopped] -> C:\Windows\SysNative\appmgmts.dll -> [2009/07/14 02:40:01 | 00,193,536 | ---- | M] (Microsoft Corporation) 64bit-(AppIDSvc) [On_Demand | Stopped] -> C:\Windows\SysNative\appidsvc.dll -> [2009/07/14 02:40:01 | 00,032,256 | ---- | M] (Microsoft Corporation) 64bit-(wbengine) [On_Demand | Stopped] -> C:\Windows\SysNative\wbengine.exe -> [2009/07/14 02:39:51 | 01,503,744 | ---- | M] (Microsoft Corporation) 64bit-(sppsvc) [Auto | Stopped] -> C:\Windows\SysNative\sppsvc.exe -> [2009/07/14 02:39:28 | 03,524,608 | ---- | M] (Microsoft Corporation) 64bit-(Fax) [On_Demand | Stopped] -> C:\Windows\SysNative\FXSSVC.exe -> [2009/07/14 02:39:11 | 00,689,152 | ---- | M] (Microsoft Corporation) 64bit-(msvsmon90) [Disabled | Stopped] -> C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe -> [2007/11/08 01:11:22 | 04,466,688 | ---- | M] (Microsoft Corporation) (Lavasoft Ad-Aware Service) Lavasoft Ad-Aware Service [Auto | Running] -> C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -> [2009/12/21 01:49:27 | 01,181,328 | ---- | M] (Lavasoft) (Steam Client Service) Steam Client Service [On_Demand | Stopped] -> C:\Program Files (x86)\Common Files\Steam\SteamService.exe -> [2009/12/11 17:10:09 | 00,321,320 | ---- | M] (Valve Corporation) (PnkBstrA) PnkBstrA [Auto | Running] -> C:\Windows\SysWOW64\PnkBstrA.exe -> [2009/11/22 12:34:49 | 00,066,872 | ---- | M] () (Hamachi2Svc) LogMeIn Hamachi 2.0 Tunneling Engine [Auto | Running] -> C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -> [2009/10/29 12:27:56 | 01,767,816 | ---- | M] (LogMeIn Inc.) (AVP) Kaspersky Internet Security [Auto | Running] -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe -> [2009/10/20 19:39:28 | 00,340,456 | ---- | M] (Kaspersky Lab) (DAUpdaterSvc) Dragon Age: Origins - Application de mise à jour [On_Demand | Stopped] -> C:\Program Files (x86)\Dragon Age\bin_ship\daupdatersvc.service.exe -> [2009/07/26 06:43:14 | 00,025,832 | ---- | M] (BioWare) (VSS) Cliché instantané des volumes [On_Demand | Stopped] -> C:\Windows\Vss -> [2009/07/14 04:20:14 | 00,000,000 | ---D | M] (MSDTC) Coordinateur de transactions distribuées [unknown | Stopped] -> C:\Windows\SysWOW64\Msdtc -> [2009/07/14 04:20:14 | 00,000,000 | ---D | M] (HomeGroupProvider) Fournisseur HomeGroup [On_Demand | Running] -> C:\Windows\SysWOW64\provsvc.dll -> [2009/07/14 02:16:12 | 00,165,376 | ---- | M] (Microsoft Corporation) (Dhcp) Client DHCP [Auto | Running] -> C:\Windows\SysWOW64\dhcpcore.dll -> [2009/07/14 02:15:11 | 00,253,440 | ---- | M] (Microsoft Corporation) (vds) Disque virtuel [On_Demand | Stopped] -> C:\Windows\SysWOW64\wbem\vds.mof -> [2009/07/13 21:30:11 | 00,061,056 | ---- | M] () (clr_optimization_v2.0.50727_64) Microsoft .NET Framework NGEN v2.0.50727_X64 [On_Demand | Stopped] -> C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -> [2009/06/10 21:39:58 | 00,089,920 | ---- | M] (Microsoft Corporation) (AsSysCtrlService) ASUS System Control Service [Auto | Running] -> C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe -> [2009/04/02 12:27:26 | 00,090,112 | ---- | M] () (NMIndexingService) NMIndexingService [On_Demand | Running] -> C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe -> [2008/01/22 10:13:26 | 00,275,752 | ---- | M] (Nero AG) (NBService) NBService [On_Demand | Stopped] -> C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe -> [2007/11/28 10:27:24 | 00,800,040 | ---- | M] (Nero AG) [Driver Services - Safe List] 64bit-(atksgt) atksgt [Kernel | Auto | Running] -> C:\Windows\SysNative\drivers\atksgt.sys -> [2009/12/15 17:29:43 | 00,314,016 | ---- | M] () 64bit-(lirsgt) lirsgt [Kernel | Auto | Running] -> C:\Windows\SysNative\drivers\lirsgt.sys -> [2009/12/15 17:29:41 | 00,043,680 | ---- | M] () 64bit-(sptd) sptd [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\sptd.sys -> [2009/11/26 16:57:33 | 00,834,544 | ---- | M] () 64bit-(KLIF) Kaspersky Lab Driver [File_System | System | Running] -> C:\Windows\SysNative\drivers\klif.sys -> [2009/11/22 16:06:49 | 00,353,296 | ---- | M] (Kaspersky Lab) 64bit-(KLIM6) Kaspersky Anti-Virus NDIS 6 Filter [Kernel | System | Running] -> C:\Windows\SysNative\drivers\klim6.sys -> [2009/11/03 16:33:44 | 00,027,152 | ---- | M] (Kaspersky Lab) 64bit-(KLBG) Kaspersky Lab Boot Guard Driver [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\klbg.sys -> [2009/10/14 20:18:38 | 00,040,464 | ---- | M] (Kaspersky Lab) 64bit-(klmouflt) Kaspersky Lab KLMOUFLT [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\klmouflt.sys -> [2009/10/02 18:39:32 | 00,021,008 | ---- | M] (Kaspersky Lab) 64bit-(hamachi) Hamachi Network Interface [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\hamachi.sys -> [2009/09/23 09:42:58 | 00,033,856 | -H-- | M] (LogMeIn, Inc.) 64bit-(kl1) kl1 [Kernel | System | Running] -> C:\Windows\SysNative\drivers\kl1.sys -> [2009/09/01 14:29:56 | 00,157,712 | ---- | M] (Kaspersky Lab) 64bit-(L1E) NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\L1E62x64.sys -> [2009/08/23 13:08:10 | 00,056,320 | ---- | M] (Atheros Communications, Inc.) 64bit-(atikmdag) atikmdag [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\atikmdag.sys -> [2009/08/18 03:48:48 | 06,037,504 | ---- | M] (ATI Technologies Inc.) 64bit-(amdsata) amdsata [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\amdsata.sys -> [2009/07/14 02:52:21 | 00,106,576 | ---- | M] (Advanced Micro Devices) 64bit-(amdxata) amdxata [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\amdxata.sys -> [2009/07/14 02:52:21 | 00,028,752 | ---- | M] (Advanced Micro Devices) 64bit-(amdsbs) amdsbs [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\amdsbs.sys -> [2009/07/14 02:52:20 | 00,194,128 | ---- | M] (AMD Technologies Inc.) 64bit-(KSecPkg) KSecPkg [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\ksecpkg.sys -> [2009/07/14 02:48:04 | 00,153,152 | ---- | M] (Microsoft Corporation) 64bit-(LSI_SAS2) LSI_SAS2 [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\lsi_sas2.sys -> [2009/07/14 02:48:04 | 00,065,600 | ---- | M] (LSI Corporation) 64bit-(hwpolicy) Hardware Policy Driver [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\hwpolicy.sys -> [2009/07/14 02:48:04 | 00,014,416 | ---- | M] (Microsoft Corporation) 64bit-(FsDepends) File System Dependency Minifilter [File_System | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\fsdepends.sys -> [2009/07/14 02:47:49 | 00,055,376 | ---- | M] (Microsoft Corporation) 64bit-(HpSAMD) HpSAMD [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\HpSAMD.sys -> [2009/07/14 02:47:48 | 00,077,888 | ---- | M] (Hewlett-Packard Company) 64bit-(WIMMount) WIMMount [File_System | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\wimmount.sys -> [2009/07/14 02:45:56 | 00,022,096 | ---- | M] (Microsoft Corporation) 64bit-(vhdmp) vhdmp [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\vhdmp.sys -> [2009/07/14 02:45:55 | 00,217,680 | ---- | M] (Microsoft Corporation) 64bit-(vmbus) Bus VMBus [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\vmbus.sys -> [2009/07/14 02:45:55 | 00,200,272 | ---- | M] (Microsoft Corporation) 64bit-(storflt) Pilote de filtre d’accélération de bus VMBus [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\vmstorfl.sys -> [2009/07/14 02:45:55 | 00,046,672 | ---- | M] (Microsoft Corporation) 64bit-(vdrvroot) Pilote d’énumérateur de lecteur virtuel Microsoft [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\vdrvroot.sys -> [2009/07/14 02:45:55 | 00,036,432 | ---- | M] (Microsoft Corporation) 64bit-(storvsc) storvsc [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\storvsc.sys -> [2009/07/14 02:45:55 | 00,034,896 | ---- | M] (Microsoft Corporation) 64bit-(stexstor) stexstor [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\stexstor.sys -> [2009/07/14 02:45:55 | 00,024,656 | ---- | M] (Promise Technology) 64bit-(rdyboost) ReadyBoost [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\rdyboost.sys -> [2009/07/14 02:45:46 | 00,214,096 | ---- | M] (Microsoft Corporation) 64bit-(pcw) Performance Counters for Windows Driver [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\pcw.sys -> [2009/07/14 02:45:45 | 00,050,768 | ---- | M] (Microsoft Corporation) 64bit-(CNG) CNG [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\cng.sys -> [2009/07/14 02:43:14 | 00,460,504 | ---- | M] (Microsoft Corporation) 64bit-(fvevol) Pilote de filtre de Chiffrement de lecteur Bitlocker [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\fvevol.sys -> [2009/07/14 02:43:13 | 00,223,448 | ---- | M] (Microsoft Corporation) 64bit-(rdpbus) Remote Desktop Device Redirector Bus Driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\rdpbus.sys -> [2009/07/14 01:17:46 | 00,024,064 | ---- | M] (Microsoft Corporation) 64bit-(RDPREFMP) Reflector Display Driver used to gain access to graphics data [Kernel | System | Running] -> C:\Windows\SysNative\drivers\RDPREFMP.sys -> [2009/07/14 01:16:35 | 00,008,192 | ---- | M] (Microsoft Corporation) 64bit-(RasAgileVpn) WAN Miniport (IKEv2) [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\agilevpn.sys -> [2009/07/14 01:10:24 | 00,060,416 | ---- | M] (Microsoft Corporation) 64bit-(WfpLwf) WFP Lightweight Filter [Kernel | System | Running] -> C:\Windows\SysNative\drivers\wfplwf.sys -> [2009/07/14 01:09:26 | 00,012,800 | ---- | M] (Microsoft Corporation) 64bit-(NdisCap) NDIS Capture LightWeight Filter [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\ndiscap.sys -> [2009/07/14 01:08:13 | 00,035,328 | ---- | M] (Microsoft Corporation) 64bit-(vwififlt) Virtual WiFi Filter Driver [Kernel | System | Running] -> C:\Windows\SysNative\drivers\vwififlt.sys -> [2009/07/14 01:07:22 | 00,059,904 | ---- | M] (Microsoft Corporation) 64bit-(vwifibus) Pilote de bus WiFi virtuel [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\vwifibus.sys -> [2009/07/14 01:07:21 | 00,024,576 | ---- | M] (Microsoft Corporation) 64bit-(1394ohci) Contrôleur d’hôte compatible OHCI 1394 [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\1394ohci.sys -> [2009/07/14 01:07:13 | 00,227,840 | ---- | M] (Microsoft Corporation) 64bit-(HdAudAddService) Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\HdAudio.sys -> [2009/07/14 01:07:00 | 00,350,208 | ---- | M] (Microsoft Corporation) 64bit-(UmPass) Microsoft UMPass Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\umpass.sys -> [2009/07/14 01:06:52 | 00,009,728 | ---- | M] (Microsoft Corporation) 64bit-(WinUsb) WinUsb [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\winusb.sys -> [2009/07/14 01:06:28 | 00,040,448 | ---- | M] (Microsoft Corporation) 64bit-(mshidkmdf) Pass-through HID to KMDF Filter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\mshidkmdf.sys -> [2009/07/14 01:06:24 | 00,008,192 | ---- | M] (Microsoft Corporation) 64bit-(WudfPf) User Mode Driver Frameworks Platform Driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\WUDFPf.sys -> [2009/07/14 01:05:37 | 00,112,128 | ---- | M] (Microsoft Corporation) 64bit-(MTConfig) Microsoft Input Configuration Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\MTConfig.sys -> [2009/07/14 01:02:08 | 00,015,360 | ---- | M] (Microsoft Corporation) 64bit-(CompositeBus) Pilote de l’énumérateur de bus composite [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\CompositeBus.sys -> [2009/07/14 01:00:34 | 00,038,912 | ---- | M] (Microsoft Corporation) 64bit-(Beep) Beep [Kernel | System | Running] -> C:\Windows\SysNative\drivers\beep.sys -> [2009/07/14 01:00:13 | 00,006,656 | ---- | M] (Microsoft Corporation) 64bit-(AppID) Pilote AppID [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\appid.sys -> [2009/07/14 00:52:39 | 00,061,440 | ---- | M] (Microsoft Corporation) 64bit-(scfilter) Pilote de filtre de classe PnP de carte à puce [Kernel | Unknown | Stopped] -> C:\Windows\SysNative\drivers\scfilter.sys -> [2009/07/14 00:50:17 | 00,029,696 | ---- | M] (Microsoft Corporation) 64bit-(s3cap) s3cap [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\vms3cap.sys -> [2009/07/14 00:42:58 | 00,006,656 | ---- | M] (Microsoft Corporation) 64bit-(VMBusHID) VMBusHID [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\VMBusHID.sys -> [2009/07/14 00:42:44 | 00,021,760 | ---- | M] (Microsoft Corporation) 64bit-(discache) System Attribute Cache [Kernel | System | Running] -> C:\Windows\SysNative\drivers\discache.sys -> [2009/07/14 00:37:18 | 00,040,448 | ---- | M] (Microsoft Corporation) 64bit-(HidBatt) HID UPS Battery Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\hidbatt.sys -> [2009/07/14 00:31:06 | 00,026,624 | ---- | M] (Microsoft Corporation) 64bit-(CmBatt) Microsoft ACPI Control Method Battery Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\CmBatt.sys -> [2009/07/14 00:31:03 | 00,017,664 | ---- | M] (Microsoft Corporation) 64bit-(AcpiPmi) ACPI Power Meter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\acpipmi.sys -> [2009/07/14 00:27:17 | 00,012,288 | ---- | M] (Microsoft Corporation) 64bit-(CSC) Pilote Fichiers hors connexion [Kernel | System | Running] -> C:\Windows\SysNative\drivers\csc.sys -> [2009/07/14 00:24:27 | 00,514,048 | ---- | M] (Microsoft Corporation) 64bit-(AmdPPM) AMD Processor Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\amdppm.sys -> [2009/07/14 00:19:25 | 00,060,928 | ---- | M] (Microsoft Corporation) 64bit-(athr) Atheros Extensible Wireless LAN device driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\athrx.sys -> [2009/07/09 00:49:16 | 01,484,800 | ---- | M] (Atheros Communications, Inc.) 64bit-(ebdrv) Broadcom NetXtreme II 10 GigE VBD [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\evbda.sys -> [2009/06/10 21:34:33 | 03,286,016 | ---- | M] (Broadcom Corporation) 64bit-(b06bdrv) Broadcom NetXtreme II VBD [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\bxvbda.sys -> [2009/06/10 21:34:28 | 00,468,480 | ---- | M] (Broadcom Corporation) 64bit-(b57nd60a) Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0 [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\b57nd60a.sys -> [2009/06/10 21:34:23 | 00,270,848 | ---- | M] (Broadcom Corporation) 64bit-(hcw85cir) Hauppauge Consumer Infrared Receiver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\hcw85cir.sys -> [2009/06/10 21:31:59 | 00,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) 64bit-(MTsensor) ATK0110 ACPI UTILITY [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\ASACPI.sys -> [2009/05/14 09:26:24 | 00,015,416 | ---- | M] () 64bit-(mv61xx) mv61xx [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\mv61xx.sys -> [2009/05/11 23:49:10 | 00,178,728 | ---- | M] (Marvell Semiconductor, Inc.) (CSC) Pilote Fichiers hors connexion [Kernel | System | Running] -> C:\Windows\CSC -> [2009/11/03 00:48:03 | 00,000,000 | ---D | M] (WIMMount) WIMMount [File_System | On_Demand | Stopped] -> C:\Windows\SysWOW64\drivers\wimmount.sys -> [2009/07/14 02:19:10 | 00,019,008 | ---- | M] (Microsoft Corporation) (WinUsb) WinUsb [Kernel | On_Demand | Stopped] -> C:\Windows\SysWOW64\winusb.dll -> [2009/07/14 02:16:19 | 00,016,896 | ---- | M] (Microsoft Corporation) (NetBIOS) NetBIOS Interface [File_System | System | Running] -> C:\Windows\SysWOW64\netbios.dll -> [2009/07/14 02:16:02 | 00,014,336 | ---- | M] (Microsoft Corporation) (mpsdrv) Pilote d’autorisation du Pare-feu Windows [Kernel | On_Demand | Running] -> C:\Windows\SysWOW64\wbem\mpsdrv.mof -> [2009/06/10 22:28:14 | 00,001,088 | ---- | M] () (Tcpip) Pilote du protocole TCP/IP [Kernel | Boot | Running] -> C:\Windows\SysWOW64\wbem\tcpip.mof -> [2009/06/10 22:15:18 | 00,003,066 | ---- | M] () (AsIO) AsIO [Kernel | System | Running] -> C:\Windows\SysWOW64\drivers\AsIO.sys -> [2007/12/17 17:14:14 | 00,014,392 | ---- | M] () [Registry - Safe List] < 64bit-Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> C:\Windows\SysWOW64\blank.htm -> < Internet Explorer Settings [HKEY_CURRENT_USER\] > -> -> HKEY_CURRENT_USER\: Main\\"Start Page" -> http://fr.msn.com/ -> HKEY_CURRENT_USER\: Main\\"Start Page Redirect Cache" -> http://fr.msn.com/?ocid=iehp -> HKEY_CURRENT_USER\: Main\\"Start Page Redirect Cache AcceptLangs" -> fr -> HKEY_CURRENT_USER\: Main\\"Start Page Redirect Cache_TIMESTAMP" -> B3 9F CB CE 18 5C CA 01 [binary data] -> HKEY_CURRENT_USER\: "ProxyEnable" -> 0 -> < FireFox Settings [Prefs.js] > -> C:\Users\ludo\AppData\Roaming\Mozilla\FireFox\Profiles\10vpgtbv.default\prefs.js -> browser.startup.homepage -> "google.fr" -> extensions.enabledItems -> {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.1 -> extensions.enabledItems -> fdm_ffext@freedownloadmanager.org:1.3.4 -> extensions.enabledItems -> linkfilter@kaspersky.ru:9.0.0.736 -> extensions.enabledItems -> {B13721C7-F507-4982-B2E5-502A71474FED}:3.3.0.3971 -> extensions.enabledItems -> {de5809e0-2b07-11dd-bd0b-0800200c9a66}:1.1.0 -> extensions.enabledItems -> {BF32D2C8-9C75-404b-ACF4-880DB4679236}:2 -> keyword.URL -> "http://www.bing.com/search?mkt=fr-FR&form=MIMWA5&q=" -> < FireFox Settings [user.js] > -> C:\Users\ludo\AppData\Roaming\Mozilla\FireFox\Profiles\10vpgtbv.default\user.js -> < FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla HKLM\software\mozilla\Mozilla Firefox 3.5.6\extensions -> -> HKLM\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Components -> C:\Program Files (x86)\Mozilla Firefox\components [C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\COMPONENTS] -> [2009/12/17 08:47:24 | 00,000,000 | ---D | M] HKLM\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Plugins -> C:\Program Files (x86)\Mozilla Firefox\plugins [C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\PLUGINS] -> [2009/12/17 08:47:24 | 00,000,000 | ---D | M] HKLM\software\mozilla\Thunderbird\Extensions -> -> HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\THBExt [C:\PROGRAM FILES (X86)\KASPERSKY LAB\KASPERSKY INTERNET SECURITY 2010\THBEXT] -> [2009/11/22 16:06:58 | 00,000,000 | ---D | M] < FireFox Extensions [user Folders] > -> -> C:\Users\ludo\AppData\Roaming\mozilla\Extensions -> [2009/11/03 01:53:55 | 00,000,000 | ---D | M] -> C:\Users\ludo\AppData\Roaming\mozilla\Firefox\Profiles\10vpgtbv.default\extensions -> [2009/12/21 01:50:16 | 00,000,000 | ---D | M] FlashGot -> C:\Users\ludo\AppData\Roaming\mozilla\Firefox\Profiles\10vpgtbv.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34} -> [2009/12/08 09:48:11 | 00,000,000 | ---D | M] Yahoo! Toolbar -> C:\Users\ludo\AppData\Roaming\mozilla\Firefox\Profiles\10vpgtbv.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} -> [2009/11/04 12:38:13 | 00,000,000 | ---D | M] MushroomKingdom -> C:\Users\ludo\AppData\Roaming\mozilla\Firefox\Profiles\10vpgtbv.default\extensions\{BF32D2C8-9C75-404b-ACF4-880DB4679236} -> [2009/11/08 12:55:50 | 00,000,000 | ---D | M] Gradient iCool -> C:\Users\ludo\AppData\Roaming\mozilla\Firefox\Profiles\10vpgtbv.default\extensions\{de5809e0-2b07-11dd-bd0b-0800200c9a66} -> [2009/11/08 12:56:47 | 00,000,000 | ---D | M] < FireFox SearchPlugins [user Folders] > -> bing.xml -> C:\Users\ludo\AppData\Roaming\Mozilla\FireFox\Profiles\10vpgtbv.default\searchplugins\bing.xml -> [2009/11/19 19:52:37 | 00,002,650 | ---- | M] () < FireFox Extensions [Program Folders] > -> -> C:\Program Files (x86)\Mozilla Firefox\extensions -> [2009/12/15 14:50:43 | 00,000,000 | ---D | M] -> C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru -> [2009/11/03 02:30:31 | 00,000,000 | ---D | M] < HOSTS File > (824 bytes and 21 lines) -> C:\Windows\SysNative\Drivers\etc\hosts -> Reset Hosts < 64bit-BHO's [HKEY_LOCAL_MACHINE] > -> 64bit-HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} [HKLM] -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\x64\ievkbd.dll [iEVkbdBHO Class] -> [2009/10/20 19:39:12 | 00,061,456 | ---- | M] (Kaspersky Lab) {E33CF602-D945-461A-83F0-819F76A199F8} [HKLM] -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\x64\klwtbbho.dll [FilterBHO Class] -> [2009/10/20 19:39:14 | 00,345,104 | ---- | M] (Kaspersky Lab) < BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} [HKLM] -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [Adobe PDF Link Helper] -> [2009/02/27 13:07:26 | 00,075,128 | ---- | M] (Adobe Systems Incorporated) {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} [HKLM] -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll [iEVkbdBHO Class] -> [2009/10/20 19:34:50 | 00,068,112 | ---- | M] (Kaspersky Lab) {5C255C8A-E604-49b4-9D64-90988571CECB} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {9030D464-4C02-4ABF-8ECC-5164760863C6} [HKLM] -> C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll [Programme d'aide de l'Assistant de connexion Windows Live] -> [2009/01/22 15:41:30 | 00,408,448 | ---- | M] (Microsoft Corporation) {CC59E0F9-7E43-44FA-9FAA-8377850BF205} [HKLM] -> C:\Program Files (x86)\Free Download Manager\iefdm2.dll [FDMIECookiesBHO Class] -> [2008/12/30 01:03:26 | 00,098,304 | ---- | M] () {DBC80044-A445-435b-BC74-9C25C1C588A9} [HKLM] -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [Java Plug-In 2 SSV Helper] -> [2009/10/11 04:17:29 | 00,041,760 | ---- | M] (Sun Microsystems, Inc.) {E33CF602-D945-461A-83F0-819F76A199F8} [HKLM] -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll [FilterBHO Class] -> [2009/10/20 19:34:56 | 00,268,816 | ---- | M] (Kaspersky Lab) < 64bit-Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "RtHDVCpl" -> C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe] -> [2009/05/23 00:20:30 | 07,833,120 | ---- | M] (Realtek Semiconductor) "Skytel" -> C:\Program Files\Realtek\Audio\HDA\Skytel.exe [C:\Program Files\Realtek\Audio\HDA\Skytel.exe] -> [2009/05/23 00:21:16 | 01,833,504 | ---- | M] (Realtek Semiconductor Corp.) < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "Adobe ARM" -> C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe ["C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"] -> [2009/09/04 12:08:30 | 00,935,288 | R--- | M] (Adobe Systems Incorporated) "Adobe Reader Speed Launcher" -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe ["C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"] -> [2009/10/03 04:08:38 | 00,035,696 | ---- | M] (Adobe Systems Incorporated) "AVP" -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe ["C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe"] -> [2009/10/20 19:39:28 | 00,340,456 | ---- | M] (Kaspersky Lab) "QuickTime Task" -> C:\Program Files (x86)\QuickTime\QTTask.exe ["C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime] -> [2009/11/10 23:08:18 | 00,417,792 | ---- | M] (Apple Inc.) "SunJavaUpdateSched" -> C:\Program Files (x86)\Java\jre6\bin\jusched.exe ["C:\Program Files (x86)\Java\jre6\bin\jusched.exe"] -> [2009/10/11 04:17:36 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) < Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" -> C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe ["C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"] -> [2008/01/22 10:13:20 | 00,152,872 | ---- | M] (Nero AG) "DAEMON Tools Lite" -> C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe ["C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun] -> [2009/10/30 12:57:08 | 00,369,200 | ---- | M] (DT Soft Ltd) "media bore program mapi" -> C:\ProgramData\Phone Bash Extra.xou ["C:\ProgramData\Phone Bash Extra.xous8"] -> File not found "msnmsgr" -> C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe ["C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background] -> [2009/07/26 16:44:52 | 03,883,856 | ---- | M] (Microsoft Corporation) "PokeCreative" -> C:\ProgramData\FaceManagerManager.0t6 ["C:\ProgramData\FaceManagerManager.0t6cm5"] -> File not found "Skype" -> C:\Program Files (x86)\Skype\Phone\Skype.exe ["C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized] -> [2009/10/09 13:11:12 | 25,623,336 | R--- | M] (Skype Technologies S.A.) "Steam" -> c:\program files (x86)\steam\steam.exe ["c:\program files (x86)\steam\steam.exe" -silent] -> [2009/11/14 11:40:37 | 01,217,808 | ---- | M] (Valve Corporation) < CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoActiveDesktop" -> [1] -> File not found < CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System \\"ConsentPromptBehaviorAdmin" -> [5] -> File not found \\"ConsentPromptBehaviorUser" -> [3] -> File not found HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats < 64bit-Internet Explorer Menu Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ -> Ajouter à l'Anti-bannière -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm [C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm] -> [2009/10/20 19:22:54 | 00,001,452 | ---- | M] () Télécharger avec Free Download Manager -> C:\Program Files (x86)\Free Download Manager\dllink.htm [file://C:\Program Files (x86)\Free Download Manager\dllink.htm] -> [2007/06/02 12:25:02 | 00,002,140 | ---- | M] () Télécharger la sélection avec Free Download Manager -> C:\Program Files (x86)\Free Download Manager\dlselected.htm [file://C:\Program Files (x86)\Free Download Manager\dlselected.htm] -> [2007/06/02 12:25:02 | 00,000,463 | ---- | M] () Télécharger la vidéo avec Free Download Manager -> C:\Program Files (x86)\Free Download Manager\dlfvideo.htm [file://C:\Program Files (x86)\Free Download Manager\dlfvideo.htm] -> [2007/07/27 00:34:42 | 00,001,706 | ---- | M] () Tout télécharger avec Free Download Manager -> C:\Program Files (x86)\Free Download Manager\dlall.htm [file://C:\Program Files (x86)\Free Download Manager\dlall.htm] -> [2007/06/02 12:25:02 | 00,000,893 | ---- | M] () < Internet Explorer Menu Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ -> Ajouter à l'Anti-bannière -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm [C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm] -> [2009/10/20 19:22:54 | 00,001,452 | ---- | M] () Télécharger avec Free Download Manager -> C:\Program Files (x86)\Free Download Manager\dllink.htm [file://C:\Program Files (x86)\Free Download Manager\dllink.htm] -> [2007/06/02 12:25:02 | 00,002,140 | ---- | M] () Télécharger la sélection avec Free Download Manager -> C:\Program Files (x86)\Free Download Manager\dlselected.htm [file://C:\Program Files (x86)\Free Download Manager\dlselected.htm] -> [2007/06/02 12:25:02 | 00,000,463 | ---- | M] () Télécharger la vidéo avec Free Download Manager -> C:\Program Files (x86)\Free Download Manager\dlfvideo.htm [file://C:\Program Files (x86)\Free Download Manager\dlfvideo.htm] -> [2007/07/27 00:34:42 | 00,001,706 | ---- | M] () Tout télécharger avec Free Download Manager -> C:\Program Files (x86)\Free Download Manager\dlall.htm [file://C:\Program Files (x86)\Free Download Manager\dlall.htm] -> [2007/06/02 12:25:02 | 00,000,893 | ---- | M] () < 64bit-Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> {4248FE82-7FCB-46AC-B270-339F08212110}:{4248FE82-7FCB-46AC-B270-339F08212110} [HKLM] -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\x64\klwtbbho.dll [button: Clavier &virtuel] -> [2009/10/20 19:39:14 | 00,345,104 | ---- | M] (Kaspersky Lab) {CCF151D8-D089-449F-A5A4-D9909053F20F}:{CCF151D8-D089-449F-A5A4-D9909053F20F} [HKLM] -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\x64\klwtbbho.dll [button: Analyse des &liens] -> [2009/10/20 19:39:14 | 00,345,104 | ---- | M] (Kaspersky Lab) < Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> {4248FE82-7FCB-46AC-B270-339F08212110}:{4248FE82-7FCB-46AC-B270-339F08212110} [HKLM] -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll [button: Clavier &virtuel] -> [2009/10/20 19:34:56 | 00,268,816 | ---- | M] (Kaspersky Lab) {CCF151D8-D089-449F-A5A4-D9909053F20F}:{CCF151D8-D089-449F-A5A4-D9909053F20F} [HKLM] -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll [button: Analyse des &liens] -> [2009/10/20 19:34:56 | 00,268,816 | ---- | M] (Kaspersky Lab) < 64bit-Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> PluginsPageFriendlyName -> Microsoft ActiveX Gallery -> PluginsPage -> http://activex.microsoft.com/controls/find...=%s&mime=%s -> < Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> < 64bit-Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix "" -> http:// < Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix "" -> http:// < 64bit-Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < 64bit-Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> {8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab [Java Plug-in 1.6.0_17] -> {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab [Java Plug-in 1.6.0_17] -> {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab [Java Plug-in 1.6.0_17] -> {D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab [shockwave Flash Object] -> < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ -> DhcpNameServer -> 192.168.1.1 192.168.1.1 -> < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> {FE9F6D9A-6519-4C5B-ACE7-25C9D3EB431A}\\DhcpNameServer -> 192.168.1.1 192.168.1.1 (D-Link AirPlus DWL-G520 Wireless PCI Adapter(rev.B)) -> < 64bit-AppInit_DLLs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs -> 64bit-*AppInit_DLLs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls -> C:\PROGRA~2\KASPER~1\KASPER~1\x64\sbhook64.dll -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\x64\sbhook64.dll -> [2009/11/06 23:09:24 | 00,069,648 | ---- | M] (Kaspersky Lab) C:\PROGRA~2\KASPER~1\KASPER~1\x64\kloehk.dll -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\x64\kloehk.dll -> [2009/11/06 23:09:18 | 00,015,376 | ---- | M] (Kaspersky Lab) *MultiFile Done* -> -> < AppInit_DLLs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs -> *AppInit_DLLs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls -> C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\mzvkbd3.dll -> [2009/11/06 23:04:36 | 00,109,072 | ---- | M] (Kaspersky Lab) C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\sbhook.dll -> [2009/11/06 23:04:38 | 00,072,208 | ---- | M] (Kaspersky Lab) *MultiFile Done* -> -> < 64bit-Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> 64bit-*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> explorer.exe -> C:\Windows\explorer.exe -> [2009/08/03 07:17:37 | 02,868,224 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> 64bit-*VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet -> SystemPropertiesPerformance.exe -> C:\Windows\SysNative\SystemPropertiesPerformance.exe -> [2009/07/14 02:39:47 | 00,082,432 | ---- | M] (Microsoft Corporation) /pagefile -> -> File not found *MultiFile Done* -> -> < Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> *Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> explorer.exe -> C:\Windows\SysWow64\explorer.exe -> [2009/08/03 06:35:50 | 02,613,248 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> *VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet -> SystemPropertiesPerformance.exe -> C:\Windows\SysWow64\SystemPropertiesPerformance.exe -> [2009/07/14 02:14:42 | 00,081,920 | ---- | M] (Microsoft Corporation) /pagefile -> -> File not found *MultiFile Done* -> -> < 64bit-Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ -> klogon -> C:\Windows\SysNative\klogon.dll -> [2009/10/20 19:39:14 | 00,224,272 | ---- | M] (Kaspersky Lab) < 64bit-SSODL [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad -> "{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" [HKLM] -> Reg Error: Key error. [WebCheck] -> File not found < SSODL [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad -> "{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" [HKLM] -> Reg Error: Key error. [WebCheck] -> File not found < LSA Security Packages [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Security Packages -> 64bit-*LSA Security Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Security Packages -> pku2u -> C:\Windows\SysNative\pku2u.dll -> [2009/07/14 02:41:53 | 00,240,640 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> *LSA Security Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Security Packages -> pku2u -> C:\Windows\SysWow64\pku2u.dll -> [2009/07/14 02:16:12 | 00,186,880 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> < Vista Active Firewall Rules > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules -> {00E2F448-34F5-4E1D-9F8F-29866BD3D8CF} -> rport=2177 | profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31265 | app=%systemroot%\system32\svchost.exe | svc=qwave | {02EDEDCC-6C49-4720-BCF2-751AE4994C9E} -> lport=1900 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31269 | app=%systemroot%\system32\svchost.exe | svc=ssdpsrv | {0D9DE570-7A6A-46BE-9241-18A3908C758A} -> lport=2177 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-31261 | app=%systemroot%\system32\svchost.exe | svc=qwave | {12861187-6E47-43D3-8269-CB8D55CEE12F} -> lport=139 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28503 | app=system | {1B1971B8-F33A-4D02-8174-622B895AF94E} -> rport=5355 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-28550 | app=%systemroot%\system32\svchost.exe | svc=dnscache | {20D49537-8C99-42B9-8D70-4CFF22D3E539} -> lport=137 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-28519 | app=system | {252D6EF2-653E-4A1D-B6F6-4C794CD85096} -> rport=138 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-28531 | app=system | {2795051D-E54A-4920-83DA-2D61153FE501} -> rport=445 | profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-28515 | app=system | {28CCE564-1B99-4257-9CCC-A417967DFE1F} -> lport=5355 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-28548 | app=%systemroot%\system32\svchost.exe | svc=dnscache | {29F577A1-8F05-4B6D-BE25-25A3AD49232C} -> rport=137 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-28523 | app=system | {46733CF9-9713-4CC6-8E46-4058E9FDCB52} -> lport=2869 | protocol=6 | dir=in | action=allow | name=windows live messenger (upnp-in) | app=system | {5016D292-7189-4D61-8784-167B7F0F46A2} -> rport=10243 | profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31289 | app=system | {61C3117C-6596-4C25-A92E-0DD03C023827} -> rport=1900 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31273 | app=%systemroot%\system32\svchost.exe | svc=ssdpsrv | {6F69AF0D-8EC4-4E22-9005-6425F369C489} -> lport=445 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28511 | app=system | {701E5DD2-83F5-42BA-9CF4-8FC9E2A07CB8} -> lport=rpc | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28535 | app=%systemroot%\system32\spoolsv.exe | svc=spooler | {9A549675-7411-4E90-B8F1-B68B9BBECD70} -> rport=139 | profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-28507 | app=system | {A51D7FF4-1B5C-411A-BE34-69EF154662AD} -> lport=10243 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-31285 | app=system | {C2353D3E-8A46-43A7-9863-3B8D793DB2E0} -> lport=5355 | profile=public | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-28548 | app=%systemroot%\system32\svchost.exe | svc=dnscache | {CDEA38DD-10B9-44BB-AD60-7DA881E5322D} -> lport=rpc-epmap | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28539 | svc=rpcss | {E2FA41EF-8464-41AD-ACC8-C2A41B163AF3} -> lport=1900 | protocol=17 | dir=in | action=allow | name=windows live messenger (ssdp-in) | app=svchost.exe | svc=ssdpsrv | {EFB6F8E4-EE9F-4C2D-ADF7-C0E77F76B38C} -> lport=2177 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31253 | app=%systemroot%\system32\svchost.exe | svc=qwave | {F2C04BC1-92CA-4030-A013-214E2DCD8D64} -> lport=2869 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-31277 | app=system | {F8D2AA99-CF70-4028-A122-BD75CBE98E7F} -> rport=2177 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31257 | app=%systemroot%\system32\svchost.exe | svc=qwave | {FAD2AF60-44BE-478A-8394-9E91DE12EECC} -> lport=138 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-28527 | app=system | {FD63499A-E876-43B8-8022-523D94B6CB9B} -> rport=5355 | profile=public | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-28550 | app=%systemroot%\system32\svchost.exe | svc=dnscache | < Vista Active Application Exception Rules > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules -> {0884FD1C-B31E-47B3-9511-6843F5D53803} -> profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31003 | app=%programfiles%\windows media player\wmplayer.exe | {1340617C-B8D3-4D41-9E17-B43CD60CE681} -> profile=private | protocol=17 | dir=in | action=allow | name=dragon age origins jeu | app=c:\program files (x86)\dragon age\bin_ship\daorigins.exe | {1D75079C-943E-406C-A4A8-768D80977380} -> profile=private | protocol=6 | dir=in | action=allow | name=empire: total war | app=c:\program files (x86)\steam\steamapps\common\empire total war\empire.exe | {1EAC83BF-FF96-4D3C-BE98-61ADAC8D7AAD} -> profile=private | protocol=6 | dir=in | action=allow | name=cities xl | app=c:\program files (x86)\steam\steamapps\common\cities xl\runme.exe | {20CC5C4C-C743-4C77-857D-C02FBDCDE5E0} -> profile=private | protocol=6 | dir=in | action=allow | name=dragon age origins lanceur | app=c:\program files (x86)\dragon age\daoriginslauncher.exe | {26C75E80-7793-456E-92B6-6267F900659F} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31281 | app=system | {274E6B5B-2994-402D-9662-E80A27C36C0C} -> profile=private | protocol=17 | dir=in | action=allow | name=cities xl | app=c:\program files (x86)\steam\steamapps\common\cities xl\runme.exe | {27CB2AC2-4035-4BE7-9778-E4E04A4D8BA1} -> profile=private | protocol=17 | dir=in | action=allow | name=call of duty: modern warfare 2 | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe | {281A2C56-F462-4AB0-8BD4-9A3CF8394162} -> profile=private | protocol=6 | dir=in | action=allow | name=pnkbstra | app=c:\windows\syswow64\pnkbstra.exe | {2EC4AAE5-570A-4055-8123-F7F179C1DA87} -> protocol=58 | dir=out | action=allow | name=@iphlpsvc.dll,-503 | {3A4489A7-9C38-4899-90BC-E4F8BA260A78} -> profile=private | protocol=17 | dir=in | action=allow | name=empire: total war | app=c:\program files (x86)\steam\steamapps\common\empire total war\empire.exe | {3FC6A310-8820-4729-A21D-D8CEB19A0E65} -> profile=private | protocol=17 | dir=in | action=allow | name=dragon age origins application de mise à jour | app=c:\program files (x86)\dragon age\bin_ship\daupdatersvc.service.exe | {407989EC-4205-40E8-8DEC-60865278207D} -> profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-31313 | app=%programfiles%\windows media player\wmpnetwk.exe | {41EBC11B-6968-400F-9CE1-E13B3CC6479F} -> profile=private | protocol=17 | dir=in | action=allow | name=dragon age origins lanceur | app=c:\program files (x86)\dragon age\daoriginslauncher.exe | {44B69706-3FB9-4629-BFAE-40CCE6B0F962} -> profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31007 | app=%programfiles%\windows media player\wmplayer.exe | {46D746A2-4941-4AE6-85E2-12F925125E4C} -> profile=private | protocol=58 | dir=in | action=allow | name=@firewallapi.dll,-28545 | {48B7A752-0471-4264-B6D4-492E7EF283F9} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31301 | app=%programfiles%\windows media player\wmplayer.exe | {56F52D92-180D-4C00-8A25-7EC5B882778D} -> protocol=58 | dir=in | action=allow | name=@iphlpsvc.dll,-502 | app=system | {601F058F-72AD-46A2-9877-42670C2F9B58} -> dir=in | action=allow | name=skype | app=c:\program files (x86)\skype\phone\skype.exe | {60C45A65-D787-49CA-95BE-0C175E81EA09} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31011 | app=%programfiles%\windows media player\wmplayer.exe | {619FC088-B246-43D9-B99C-41CCA35137D5} -> profile=private | protocol=58 | dir=out | action=allow | name=@firewallapi.dll,-28546 | {679A92C8-E014-44FE-B58B-130AA25676AE} -> profile=private | protocol=6 | dir=in | action=allow | name=anno 1404 web | app=c:\program files (x86)\ubisoft\related designs\anno 1404\tools\anno4web.exe | {689403BF-AD5F-4376-9B6E-7D6989D71359} -> profile=private | protocol=6 | dir=in | action=allow | name=call of duty® 4 - modern warfare | app=c:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe | {6ECA3E47-C9A6-44F7-A84D-69D50BCA11E2} -> profile=private | protocol=17 | dir=in | action=allow | name=anno 1404 | app=c:\program files (x86)\ubisoft\related designs\anno 1404\anno4.exe | {76870D1D-4425-41C4-871A-77F0D939FD94} -> profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31297 | app=%programfiles%\windows media player\wmplayer.exe | {78BEB4B1-5464-47CD-8630-3247BEC99AC9} -> dir=in | action=allow | name=windows live messenger | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | {7FE27E34-6AAD-4A60-84C4-585904DBA32F} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31025 | app=%programfiles(x86)%\windows media player\wmplayer.exe | {8277F05A-7D56-4E62-874E-8104D18E1969} -> profile=private | protocol=17 | dir=in | action=allow | name=call of duty: modern warfare 2 - multiplayer | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe | {870A7AE1-891D-469A-9A42-25CA062BE9C6} -> dir=in | action=allow | name=windows live call | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe | {8974D1A6-382E-42A5-AE9B-4CE1EC52C8A4} -> profile=private | protocol=6 | dir=in | action=allow | name=dragon age origins application de mise à jour | app=c:\program files (x86)\dragon age\bin_ship\daupdatersvc.service.exe | {907B5358-D610-4C9B-B6AB-5CB15AF8D8AF} -> profile=private | protocol=6 | dir=in | action=allow | name=steam | app=c:\program files (x86)\steam\steam.exe | {943C27CB-DB95-49F3-8E6E-B345C6C4AA4D} -> profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31309 | app=%programfiles%\windows media player\wmpnetwk.exe | {9647084E-8BAF-45EA-B938-1E37F1F7E84C} -> profile=private | protocol=6 | dir=in | action=allow | name=call of duty® - world at war | app=c:\program files (x86)\activision\call of duty - world at war\codwaw.exe | {96A46AA9-9C01-4911-9C24-A4AF027865F7} -> profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31305 | app=%programfiles%\windows media player\wmpnetwk.exe | {98AFA521-A34D-4A23-B788-1631FB7CCE89} -> profile=private | protocol=17 | dir=in | action=allow | name=call of duty® - world at war | app=c:\program files (x86)\activision\call of duty - world at war\codwawmp.exe | {9A8DF90D-5E83-4609-9060-1F7DCA44DF69} -> profile=private | protocol=17 | dir=in | action=allow | name=steam | app=c:\program files (x86)\steam\steam.exe | {9D789E2C-3134-4918-9A14-325511F0B846} -> profile=private | protocol=1 | dir=in | action=allow | name=@firewallapi.dll,-28543 | {A300B733-1D9A-40A7-BC9E-440808ABAD08} -> profile=private | protocol=17 | dir=in | action=allow | name=call of duty® 4 - modern warfare | app=c:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe | {A70A9811-0391-4EA4-AB33-611EB2273300} -> profile=private | protocol=6 | dir=in | action=allow | name=anno 1404 | app=c:\program files (x86)\ubisoft\related designs\anno 1404\anno4.exe | {AEF9CC95-1EC0-49C5-A8AF-12EC0D56D07B} -> profile=private | protocol=6 | dir=in | action=allow | name=call of duty: modern warfare 2 - multiplayer | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe | {B4CC1A85-278A-4E8B-A554-DC2546CF6E76} -> profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31024 | app=%programfiles(x86)%\windows media player\wmplayer.exe | {CE96F219-FBD9-4278-B3A7-FD34D3F4C1A4} -> profile=private | protocol=17 | dir=in | action=allow | name=anno 1404 web | app=c:\program files (x86)\ubisoft\related designs\anno 1404\tools\anno4web.exe | {CEC08C00-8878-4D68-BAB2-14668B87BA5C} -> profile=private | protocol=1 | dir=out | action=allow | name=@firewallapi.dll,-28544 | {D014C908-6A69-4CB3-BD8A-922AD65B01BD} -> profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31293 | app=%programfiles%\windows media player\wmplayer.exe | {D2CD2AA8-ACAF-473B-9D5A-FB9491F8BAEA} -> profile=private | protocol=6 | dir=in | action=allow | name=dragon age origins jeu | app=c:\program files (x86)\dragon age\bin_ship\daorigins.exe | {D565E5FE-F069-417E-B385-8B87A5DC4B51} -> profile=private | protocol=6 | dir=in | action=allow | name=call of duty: modern warfare 2 | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe | {D97309A5-BB05-4624-9075-F788F965E138} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31317 | app=%programfiles%\windows media player\wmpnetwk.exe | {E3C4AC12-1676-4E5F-94BE-BC4C9820F713} -> profile=private | protocol=6 | dir=in | action=allow | name=call of duty® - world at war | app=c:\program files (x86)\activision\call of duty - world at war\codwawmp.exe | {E655FA48-C2C1-4A76-8945-043C2E373BB5} -> profile=private | protocol=17 | dir=in | action=allow | name=pnkbstrb | app=c:\windows\syswow64\pnkbstrb.exe | {F4CFEDFD-FB20-4AE0-9BE9-22FD3C542AAC} -> profile=private | protocol=17 | dir=in | action=allow | name=call of duty® - world at war | app=c:\program files (x86)\activision\call of duty - world at war\codwaw.exe | {F8283F76-E508-4D7E-A1CB-83CB4E6303DF} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31321 | app=%systemroot%\system32\svchost.exe | svc=upnphost | {F97CA32E-B759-41B1-924F-B17D7F764D77} -> profile=private | protocol=17 | dir=in | action=allow | name=pnkbstra | app=c:\windows\syswow64\pnkbstra.exe | {FC0B2032-E51F-4FA5-9254-F3AF48A819F7} -> profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31023 | app=%programfiles(x86)%\windows media player\wmplayer.exe | {FEB176D4-EAEE-4056-A564-5CFD271F0B42} -> profile=private | protocol=6 | dir=in | action=allow | name=pnkbstrb | app=c:\windows\syswow64\pnkbstrb.exe | TCP Query User{010F37E8-E052-41F6-B3F0-AECF4E89C919}C:\program files (x86)\free download manager\fdm.exe -> profile=private | protocol=6 | dir=in | action=allow | name=free download manager | app=c:\program files (x86)\free download manager\fdm.exe | TCP Query User{7C2ABF46-3753-4445-BD86-58D262E329CD}C:\program files (x86)\steam\steamapps\common\left 4 dead 2 demo\left4dead2.exe -> profile=private | protocol=6 | dir=in | action=allow | name=left4dead2 | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2 demo\left4dead2.exe | UDP Query User{33B75B18-0A28-47CB-895C-56ACACEC4AC3}C:\program files (x86)\steam\steamapps\common\left 4 dead 2 demo\left4dead2.exe -> profile=private | protocol=17 | dir=in | action=allow | name=left4dead2 | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2 demo\left4dead2.exe | UDP Query User{E8BCAABB-A985-4FDF-B109-A603BDA1496A}C:\program files (x86)\free download manager\fdm.exe -> profile=private | protocol=17 | dir=in | action=allow | name=free download manager | app=c:\program files (x86)\free download manager\fdm.exe | < SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot -> < CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom -> "AutoRun" -> 1 -> "DisplayName" -> Pilote de CD-ROM -> "ImagePath" -> C:\Windows\SysNative\drivers\cdrom.sys [system32\DRIVERS\cdrom.sys] -> [2009/07/14 00:19:54 | 00,147,456 | ---- | M] (Microsoft Corporation) < MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 -> \{9cc04a7f-daa5-11de-a7e8-002354341491} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9cc04a7f-daa5-11de-a7e8-002354341491}\shell \{9cc04a7f-daa5-11de-a7e8-002354341491}\shell\\"" -> [AutoRun] -> File not found HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9cc04a7f-daa5-11de-a7e8-002354341491}\shell\AutoRun\command \{9cc04a7f-daa5-11de-a7e8-002354341491}\shell\AutoRun\command\\"" -> F:\Autorun.exe [F:\Autorun.exe] -> File not found < Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command -> 64bit-comfile [open] -> "%1" %* -> File not found 64bit-exefile [open] -> "%1" %* -> File not found comfile [open] -> "%1" %* -> exefile [open] -> "%1" %* -> [Files/Folders - Created Within 30 Days] Malwarebytes -> C:\Users\ludo\AppData\Roaming\Malwarebytes -> [2009/12/21 20:11:49 | 00,000,000 | ---D | C] mbamswissarmy.sys -> C:\Windows\SysWow64\drivers\mbamswissarmy.sys -> [2009/12/21 20:11:46 | 00,038,224 | ---- | C] (Malwarebytes Corporation) mbam.sys -> C:\Windows\SysNative\drivers\mbam.sys -> [2009/12/21 20:11:45 | 00,022,104 | ---- | C] (Malwarebytes Corporation) Malwarebytes' Anti-Malware -> C:\Program Files (x86)\Malwarebytes' Anti-Malware -> [2009/12/21 20:11:45 | 00,000,000 | ---D | C] Malwarebytes -> C:\ProgramData\Malwarebytes -> [2009/12/21 20:11:45 | 00,000,000 | ---D | C] trend micro -> C:\Program Files (x86)\trend micro -> [2009/12/21 14:04:52 | 00,000,000 | ---D | C] rsit -> C:\rsit -> [2009/12/21 14:04:51 | 00,000,000 | ---D | C] {CFBD8779-FAAB-4357-84F2-1EC8619FADA6} -> C:\ProgramData\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6} -> [2009/12/21 01:47:04 | 00,000,000 | -H-D | C] Lavasoft -> C:\ProgramData\Lavasoft -> [2009/12/21 01:47:02 | 00,000,000 | ---D | C] Lavasoft -> C:\Program Files (x86)\Lavasoft -> [2009/12/21 01:47:02 | 00,000,000 | ---D | C] a -> C:\Program Files (x86)\a -> [2009/12/21 01:36:58 | 00,000,000 | ---D | C] Anno 1404 -> C:\Users\ludo\Documents\Anno 1404 -> [2009/12/19 02:08:19 | 00,000,000 | ---D | C] Ubisoft -> C:\Users\ludo\AppData\Roaming\Ubisoft -> [2009/12/16 18:04:09 | 00,000,000 | ---D | C] Tages -> C:\ProgramData\Tages -> [2009/12/16 18:00:06 | 00,000,000 | ---D | C] Ubisoft -> C:\Program Files (x86)\Ubisoft -> [2009/12/15 17:12:28 | 00,000,000 | ---D | C] skypePM -> C:\Users\ludo\AppData\Roaming\skypePM -> [2009/12/15 14:57:26 | 00,000,000 | ---D | C] Skype -> C:\Users\ludo\AppData\Roaming\Skype -> [2009/12/15 14:50:51 | 00,000,000 | ---D | C] Skype -> C:\Program Files (x86)\Skype -> [2009/12/15 14:50:32 | 00,000,000 | R--D | C] Skype -> C:\Program Files (x86)\Common Files\Skype -> [2009/12/15 14:50:32 | 00,000,000 | ---D | C] Skype -> C:\ProgramData\Skype -> [2009/12/15 14:50:30 | 00,000,000 | ---D | C] javaws.exe -> C:\Windows\SysWow64\javaws.exe -> [2009/12/13 16:37:24 | 00,149,280 | ---- | C] (Sun Microsystems, Inc.) javaw.exe -> C:\Windows\SysWow64\javaw.exe -> [2009/12/13 16:37:24 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) java.exe -> C:\Windows\SysWow64\java.exe -> [2009/12/13 16:37:24 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) LogMeIn Hamachi -> C:\Users\ludo\AppData\Local\LogMeIn Hamachi -> [2009/12/09 18:14:50 | 00,000,000 | ---D | C] LogMeIn Hamachi -> C:\Program Files (x86)\LogMeIn Hamachi -> [2009/12/09 18:14:38 | 00,000,000 | ---D | C] MSXML 4.0 -> C:\Program Files (x86)\MSXML 4.0 -> [2009/12/09 11:50:06 | 00,000,000 | ---D | C] msfeedsbs.dll -> C:\Windows\SysNative\msfeedsbs.dll -> [2009/12/09 11:48:15 | 00,082,944 | ---- | C] (Microsoft Corporation) msfeedsbs.dll -> C:\Windows\SysWow64\msfeedsbs.dll -> [2009/12/09 11:48:15 | 00,064,512 | ---- | C] (Microsoft Corporation) Ahead -> C:\Users\ludo\AppData\Local\Ahead -> [2009/12/08 17:03:20 | 00,000,000 | ---D | C] Ahead -> C:\Users\ludo\AppData\Roaming\Ahead -> [2009/12/08 17:02:08 | 00,000,000 | ---D | C] Ahead -> C:\ProgramData\Ahead -> [2009/12/08 17:01:57 | 00,000,000 | ---D | C] Nero -> C:\ProgramData\Nero -> [2009/12/08 17:01:19 | 00,000,000 | ---D | C] Nero -> C:\Program Files (x86)\Nero -> [2009/12/08 17:01:19 | 00,000,000 | ---D | C] Ahead -> C:\Program Files (x86)\Common Files\Ahead -> [2009/12/08 17:01:19 | 00,000,000 | ---D | C] dvdcss -> C:\Users\ludo\AppData\Roaming\dvdcss -> [2009/12/07 20:12:46 | 00,000,000 | ---D | C] My Games -> C:\Users\ludo\Documents\My Games -> [2009/12/03 16:58:40 | 00,000,000 | ---D | C] jeux -> C:\Users\ludo\Desktop\jeux -> [2009/12/03 16:08:55 | 00,000,000 | ---D | C] CCleaner -> C:\Program Files (x86)\CCleaner -> [2009/11/30 19:07:26 | 00,000,000 | ---D | C] vlc -> C:\Users\ludo\AppData\Roaming\vlc -> [2009/11/30 18:34:00 | 00,000,000 | ---D | C] BioWare -> C:\Users\ludo\Documents\BioWare -> [2009/11/30 12:46:00 | 00,000,000 | ---D | C] AGEIA Technologies -> C:\Program Files (x86)\AGEIA Technologies -> [2009/11/30 12:39:29 | 00,000,000 | ---D | C] AGEIA -> C:\Windows\SysWow64\AGEIA -> [2009/11/30 12:39:29 | 00,000,000 | ---D | C] Wise Installation Wizard -> C:\Program Files (x86)\Common Files\Wise Installation Wizard -> [2009/11/30 12:39:24 | 00,000,000 | ---D | C] Media Center Programs -> C:\ProgramData\Media Center Programs -> [2009/11/30 12:39:17 | 00,000,000 | ---D | C] Dragon Age -> C:\Program Files (x86)\Dragon Age -> [2009/11/30 12:31:06 | 00,000,000 | ---D | C] BioWare -> C:\Program Files (x86)\Common Files\BioWare -> [2009/11/30 12:31:06 | 00,000,000 | ---D | C] XAudio2_5.dll -> C:\Windows\SysNative\XAudio2_5.dll -> [2009/11/26 17:39:39 | 00,517,960 | ---- | C] (Microsoft Corporation) XAudio2_5.dll -> C:\Windows\SysWow64\XAudio2_5.dll -> [2009/11/26 17:39:39 | 00,515,416 | ---- | C] (Microsoft Corporation) xactengine3_5.dll -> C:\Windows\SysWow64\xactengine3_5.dll -> [2009/11/26 17:39:38 | 00,238,936 | ---- | C] (Microsoft Corporation) xactengine3_5.dll -> C:\Windows\SysNative\xactengine3_5.dll -> [2009/11/26 17:39:38 | 00,176,968 | ---- | C] (Microsoft Corporation) d3dcsx_42.dll -> C:\Windows\SysNative\d3dcsx_42.dll -> [2009/11/26 17:39:37 | 05,554,512 | ---- | C] (Microsoft Corporation) d3dcsx_42.dll -> C:\Windows\SysWow64\d3dcsx_42.dll -> [2009/11/26 17:39:37 | 05,501,792 | ---- | C] (Microsoft Corporation) D3DCompiler_42.dll -> C:\Windows\SysNative\D3DCompiler_42.dll -> [2009/11/26 17:39:37 | 02,582,888 | ---- | C] (Microsoft Corporation) D3DCompiler_42.dll -> C:\Windows\SysWow64\D3DCompiler_42.dll -> [2009/11/26 17:39:37 | 01,974,616 | ---- | C] (Microsoft Corporation) d3dx11_42.dll -> C:\Windows\SysNative\d3dx11_42.dll -> [2009/11/26 17:39:36 | 00,285,024 | ---- | C] (Microsoft Corporation) d3dx11_42.dll -> C:\Windows\SysWow64\d3dx11_42.dll -> [2009/11/26 17:39:36 | 00,235,344 | ---- | C] (Microsoft Corporation) d3dx10_42.dll -> C:\Windows\SysNative\d3dx10_42.dll -> [2009/11/26 17:39:35 | 00,523,088 | ---- | C] (Microsoft Corporation) d3dx10_42.dll -> C:\Windows\SysWow64\d3dx10_42.dll -> [2009/11/26 17:39:35 | 00,453,456 | ---- | C] (Microsoft Corporation) D3DX9_42.dll -> C:\Windows\SysNative\D3DX9_42.dll -> [2009/11/26 17:39:34 | 02,475,352 | ---- | C] (Microsoft Corporation) D3DX9_42.dll -> C:\Windows\SysWow64\D3DX9_42.dll -> [2009/11/26 17:39:34 | 01,892,184 | ---- | C] (Microsoft Corporation) D3DCompiler_41.dll -> C:\Windows\SysNative\D3DCompiler_41.dll -> [2009/11/26 17:39:33 | 02,430,312 | ---- | C] (Microsoft Corporation) D3DCompiler_41.dll -> C:\Windows\SysWow64\D3DCompiler_41.dll -> [2009/11/26 17:39:33 | 01,846,632 | ---- | C] (Microsoft Corporation) d3dx10_41.dll -> C:\Windows\SysNative\d3dx10_41.dll -> [2009/11/26 17:39:33 | 00,520,544 | ---- | C] (Microsoft Corporation) d3dx10_41.dll -> C:\Windows\SysWow64\d3dx10_41.dll -> [2009/11/26 17:39:33 | 00,453,456 | ---- | C] (Microsoft Corporation) D3DX9_41.dll -> C:\Windows\SysNative\D3DX9_41.dll -> [2009/11/26 17:39:32 | 05,425,496 | ---- | C] (Microsoft Corporation) D3DX9_41.dll -> C:\Windows\SysWow64\D3DX9_41.dll -> [2009/11/26 17:39:32 | 04,178,264 | ---- | C] (Microsoft Corporation) XAudio2_4.dll -> C:\Windows\SysNative\XAudio2_4.dll -> [2009/11/26 17:39:32 | 00,521,560 | ---- | C] (Microsoft Corporation) XAudio2_4.dll -> C:\Windows\SysWow64\XAudio2_4.dll -> [2009/11/26 17:39:32 | 00,517,448 | ---- | C] (Microsoft Corporation) XAPOFX1_3.dll -> C:\Windows\SysNative\XAPOFX1_3.dll -> [2009/11/26 17:39:32 | 00,073,544 | ---- | C] (Microsoft Corporation) XAPOFX1_3.dll -> C:\Windows\SysWow64\XAPOFX1_3.dll -> [2009/11/26 17:39:32 | 00,069,464 | ---- | C] (Microsoft Corporation) xactengine3_4.dll -> C:\Windows\SysWow64\xactengine3_4.dll -> [2009/11/26 17:39:31 | 00,235,352 | ---- | C] (Microsoft Corporation) xactengine3_4.dll -> C:\Windows\SysNative\xactengine3_4.dll -> [2009/11/26 17:39:31 | 00,174,936 | ---- | C] (Microsoft Corporation) X3DAudio1_6.dll -> C:\Windows\SysNative\X3DAudio1_6.dll -> [2009/11/26 17:39:30 | 00,024,920 | ---- | C] (Microsoft Corporation) X3DAudio1_6.dll -> C:\Windows\SysWow64\X3DAudio1_6.dll -> [2009/11/26 17:39:30 | 00,022,360 | ---- | C] (Microsoft Corporation) D3DCompiler_40.dll -> C:\Windows\SysNative\D3DCompiler_40.dll -> [2009/11/26 17:39:29 | 02,605,920 | ---- | C] (Microsoft Corporation) D3DCompiler_40.dll -> C:\Windows\SysWow64\D3DCompiler_40.dll -> [2009/11/26 17:39:29 | 02,036,576 | ---- | C] (Microsoft Corporation) d3dx10_40.dll -> C:\Windows\SysNative\d3dx10_40.dll -> [2009/11/26 17:39:29 | 00,519,000 | ---- | C] (Microsoft Corporation) d3dx10_40.dll -> C:\Windows\SysWow64\d3dx10_40.dll -> [2009/11/26 17:39:29 | 00,452,440 | ---- | C] (Microsoft Corporation) D3DX9_40.dll -> C:\Windows\SysNative\D3DX9_40.dll -> [2009/11/26 17:39:28 | 05,631,312 | ---- | C] (Microsoft Corporation) D3DX9_40.dll -> C:\Windows\SysWow64\D3DX9_40.dll -> [2009/11/26 17:39:28 | 04,379,984 | ---- | C] (Microsoft Corporation) XAudio2_3.dll -> C:\Windows\SysNative\XAudio2_3.dll -> [2009/11/26 17:39:27 | 00,518,480 | ---- | C] (Microsoft Corporation) XAudio2_3.dll -> C:\Windows\SysWow64\XAudio2_3.dll -> [2009/11/26 17:39:27 | 00,514,384 | ---- | C] (Microsoft Corporation) xactengine3_3.dll -> C:\Windows\SysWow64\xactengine3_3.dll -> [2009/11/26 17:39:27 | 00,235,856 | ---- | C] (Microsoft Corporation) xactengine3_3.dll -> C:\Windows\SysNative\xactengine3_3.dll -> [2009/11/26 17:39:27 | 00,175,440 | ---- | C] (Microsoft Corporation) XAPOFX1_2.dll -> C:\Windows\SysNative\XAPOFX1_2.dll -> [2009/11/26 17:39:27 | 00,074,576 | ---- | C] (Microsoft Corporation) XAPOFX1_2.dll -> C:\Windows\SysWow64\XAPOFX1_2.dll -> [2009/11/26 17:39:27 | 00,070,992 | ---- | C] (Microsoft Corporation) X3DAudio1_5.dll -> C:\Windows\SysNative\X3DAudio1_5.dll -> [2009/11/26 17:39:26 | 00,025,936 | ---- | C] (Microsoft Corporation) X3DAudio1_5.dll -> C:\Windows\SysWow64\X3DAudio1_5.dll -> [2009/11/26 17:39:26 | 00,023,376 | ---- | C] (Microsoft Corporation) XAudio2_2.dll -> C:\Windows\SysNative\XAudio2_2.dll -> [2009/11/26 17:39:25 | 00,513,544 | ---- | C] (Microsoft Corporation) XAudio2_2.dll -> C:\Windows\SysWow64\XAudio2_2.dll -> [2009/11/26 17:39:25 | 00,509,448 | ---- | C] (Microsoft Corporation) XAPOFX1_1.dll -> C:\Windows\SysNative\XAPOFX1_1.dll -> [2009/11/26 17:39:25 | 00,072,200 | ---- | C] (Microsoft Corporation) XAPOFX1_1.dll -> C:\Windows\SysWow64\XAPOFX1_1.dll -> [2009/11/26 17:39:25 | 00,068,616 | ---- | C] (Microsoft Corporation) xactengine3_2.dll -> C:\Windows\SysWow64\xactengine3_2.dll -> [2009/11/26 17:39:24 | 00,238,088 | ---- | C] (Microsoft Corporation) xactengine3_2.dll -> C:\Windows\SysNative\xactengine3_2.dll -> [2009/11/26 17:39:24 | 00,177,672 | ---- | C] (Microsoft Corporation) D3DCompiler_39.dll -> C:\Windows\SysNative\D3DCompiler_39.dll -> [2009/11/26 17:39:23 | 01,942,552 | ---- | C] (Microsoft Corporation) D3DCompiler_39.dll -> C:\Windows\SysWow64\D3DCompiler_39.dll -> [2009/11/26 17:39:23 | 01,493,528 | ---- | C] (Microsoft Corporation) d3dx10_39.dll -> C:\Windows\SysNative\d3dx10_39.dll -> [2009/11/26 17:39:23 | 00,540,688 | ---- | C] (Microsoft Corporation) d3dx10_39.dll -> C:\Windows\SysWow64\d3dx10_39.dll -> [2009/11/26 17:39:23 | 00,467,984 | ---- | C] (Microsoft Corporation) D3DX9_39.dll -> C:\Windows\SysNative\D3DX9_39.dll -> [2009/11/26 17:39:22 | 04,992,520 | ---- | C] (Microsoft Corporation) D3DX9_39.dll -> C:\Windows\SysWow64\D3DX9_39.dll -> [2009/11/26 17:39:22 | 03,851,784 | ---- | C] (Microsoft Corporation) XAudio2_1.dll -> C:\Windows\SysNative\XAudio2_1.dll -> [2009/11/26 17:39:22 | 00,511,496 | ---- | C] (Microsoft Corporation) XAPOFX1_0.dll -> C:\Windows\SysNative\XAPOFX1_0.dll -> [2009/11/26 17:39:22 | 00,068,104 | ---- | C] (Microsoft Corporation) xactengine3_1.dll -> C:\Windows\SysWow64\xactengine3_1.dll -> [2009/11/26 17:39:21 | 00,238,088 | ---- | C] (Microsoft Corporation) xactengine3_1.dll -> C:\Windows\SysNative\xactengine3_1.dll -> [2009/11/26 17:39:21 | 00,177,672 | ---- | C] (Microsoft Corporation) X3DAudio1_4.dll -> C:\Windows\SysNative\X3DAudio1_4.dll -> [2009/11/26 17:39:21 | 00,028,168 | ---- | C] (Microsoft Corporation) D3DX9_38.dll -> C:\Windows\SysNative\D3DX9_38.dll -> [2009/11/26 17:39:20 | 04,991,496 | ---- | C] (Microsoft Corporation) D3DCompiler_38.dll -> C:\Windows\SysNative\D3DCompiler_38.dll -> [2009/11/26 17:39:20 | 01,941,528 | ---- | C] (Microsoft Corporation) d3dx10_38.dll -> C:\Windows\SysNative\d3dx10_38.dll -> [2009/11/26 17:39:20 | 00,540,688 | ---- | C] (Microsoft Corporation) XAudio2_0.dll -> C:\Windows\SysNative\XAudio2_0.dll -> [2009/11/26 17:39:19 | 00,489,480 | ---- | C] (Microsoft Corporation) xactengine3_0.dll -> C:\Windows\SysWow64\xactengine3_0.dll -> [2009/11/26 17:39:19 | 00,238,088 | ---- | C] (Microsoft Corporation) xactengine3_0.dll -> C:\Windows\SysNative\xactengine3_0.dll -> [2009/11/26 17:39:19 | 00,177,672 | ---- | C] (Microsoft Corporation) X3DAudio1_3.dll -> C:\Windows\SysNative\X3DAudio1_3.dll -> [2009/11/26 17:39:19 | 00,028,168 | ---- | C] (Microsoft Corporation) D3DCompiler_37.dll -> C:\Windows\SysNative\D3DCompiler_37.dll -> [2009/11/26 17:39:18 | 01,860,120 | ---- | C] (Microsoft Corporation) DAEMON Tools Images -> C:\Users\Public\Documents\DAEMON Tools Images -> [2009/11/26 17:08:53 | 00,000,000 | ---D | C] DAEMON Tools Lite -> C:\Program Files (x86)\DAEMON Tools Lite -> [2009/11/26 16:57:03 | 00,000,000 | ---D | C] DAEMON Tools Lite -> C:\Users\ludo\AppData\Roaming\DAEMON Tools Lite -> [2009/11/26 16:56:47 | 00,000,000 | ---D | C] DAEMON Tools Lite -> C:\ProgramData\DAEMON Tools Lite -> [2009/11/26 16:56:45 | 00,000,000 | ---D | C] OpenOffice.org -> C:\Users\ludo\AppData\Roaming\OpenOffice.org -> [2009/11/25 18:20:00 | 00,000,000 | ---D | C] tp info -> C:\Users\ludo\Desktop\tp info -> [2009/11/25 18:16:36 | 00,000,000 | ---D | C] QuickTime -> C:\Program Files (x86)\QuickTime -> [2009/11/25 18:01:47 | 00,000,000 | ---D | C] Apple Computer -> C:\ProgramData\Apple Computer -> [2009/11/25 18:01:47 | 00,000,000 | ---D | C] Apple -> C:\Program Files (x86)\Common Files\Apple -> [2009/11/25 18:01:26 | 00,000,000 | ---D | C] Apple -> C:\Users\ludo\AppData\Local\Apple -> [2009/11/25 18:01:21 | 00,000,000 | ---D | C] Apple Software Update -> C:\Program Files (x86)\Apple Software Update -> [2009/11/25 18:01:20 | 00,000,000 | ---D | C] Apple -> C:\ProgramData\Apple -> [2009/11/25 18:01:20 | 00,000,000 | ---D | C] Adobe -> C:\Users\ludo\AppData\Local\Adobe -> [2009/11/24 12:26:51 | 00,000,000 | ---D | C] Adobe -> C:\ProgramData\Adobe -> [2009/11/24 12:26:25 | 00,000,000 | ---D | C] Adobe -> C:\Program Files (x86)\Common Files\Adobe -> [2009/11/24 12:26:24 | 00,000,000 | ---D | C] Adobe -> C:\Program Files (x86)\Adobe -> [2009/11/24 12:26:24 | 00,000,000 | ---D | C] Kaspersky Lab -> C:\Program Files (x86)\Kaspersky Lab -> [2009/11/22 16:06:53 | 00,000,000 | ---D | C] klif.sys -> C:\Windows\SysNative\drivers\klif.sys -> [2009/11/22 16:06:49 | 00,353,296 | ---- | C] (Kaspersky Lab) Kaspersky Lab Setup Files -> C:\ProgramData\Kaspersky Lab Setup Files -> [2009/11/22 15:13:14 | 00,000,000 | ---D | C] Activision -> C:\Users\ludo\AppData\Local\Activision -> [2009/11/22 12:37:15 | 00,000,000 | ---D | C] d3dx10_37.dll -> C:\Windows\SysNative\d3dx10_37.dll -> [2009/11/22 12:36:45 | 00,529,424 | ---- | C] (Microsoft Corporation) D3DX9_37.dll -> C:\Windows\SysNative\D3DX9_37.dll -> [2009/11/22 12:36:44 | 04,910,088 | ---- | C] (Microsoft Corporation) xactengine2_10.dll -> C:\Windows\SysNative\xactengine2_10.dll -> [2009/11/22 12:36:44 | 00,411,656 | ---- | C] (Microsoft Corporation) xactengine2_10.dll -> C:\Windows\SysWow64\xactengine2_10.dll -> [2009/11/22 12:36:44 | 00,267,272 | ---- | C] (Microsoft Corporation) D3DCompiler_36.dll -> C:\Windows\SysNative\D3DCompiler_36.dll -> [2009/11/22 12:36:43 | 02,006,552 | ---- | C] (Microsoft Corporation) d3dx10_36.dll -> C:\Windows\SysNative\d3dx10_36.dll -> [2009/11/22 12:36:43 | 00,508,264 | ---- | C] (Microsoft Corporation) d3dx9_36.dll -> C:\Windows\SysNative\d3dx9_36.dll -> [2009/11/22 12:36:42 | 05,081,608 | ---- | C] (Microsoft Corporation) D3DCompiler_35.dll -> C:\Windows\SysNative\D3DCompiler_35.dll -> [2009/11/22 12:36:41 | 01,985,904 | ---- | C] (Microsoft Corporation) d3dx10_35.dll -> C:\Windows\SysNative\d3dx10_35.dll -> [2009/11/22 12:36:41 | 00,508,264 | ---- | C] (Microsoft Corporation) xactengine2_9.dll -> C:\Windows\SysNative\xactengine2_9.dll -> [2009/11/22 12:36:41 | 00,411,496 | ---- | C] (Microsoft Corporation) xactengine2_9.dll -> C:\Windows\SysWow64\xactengine2_9.dll -> [2009/11/22 12:36:41 | 00,267,112 | ---- | C] (Microsoft Corporation) d3dx9_35.dll -> C:\Windows\SysNative\d3dx9_35.dll -> [2009/11/22 12:36:40 | 05,073,256 | ---- | C] (Microsoft Corporation) xactengine2_8.dll -> C:\Windows\SysNative\xactengine2_8.dll -> [2009/11/22 12:36:39 | 00,409,960 | ---- | C] (Microsoft Corporation) xactengine2_8.dll -> C:\Windows\SysWow64\xactengine2_8.dll -> [2009/11/22 12:36:39 | 00,266,088 | ---- | C] (Microsoft Corporation) X3DAudio1_2.dll -> C:\Windows\SysNative\X3DAudio1_2.dll -> [2009/11/22 12:36:39 | 00,021,000 | ---- | C] (Microsoft Corporation) d3dx9_34.dll -> C:\Windows\SysNative\d3dx9_34.dll -> [2009/11/22 12:36:38 | 04,496,232 | ---- | C] (Microsoft Corporation) D3DCompiler_34.dll -> C:\Windows\SysNative\D3DCompiler_34.dll -> [2009/11/22 12:36:38 | 01,401,200 | ---- | C] (Microsoft Corporation) d3dx10_34.dll -> C:\Windows\SysNative\d3dx10_34.dll -> [2009/11/22 12:36:38 | 00,506,728 | ---- | C] (Microsoft Corporation) xactengine2_7.dll -> C:\Windows\SysNative\xactengine2_7.dll -> [2009/11/22 12:36:37 | 00,403,304 | ---- | C] (Microsoft Corporation) xactengine2_7.dll -> C:\Windows\SysWow64\xactengine2_7.dll -> [2009/11/22 12:36:37 | 00,261,480 | ---- | C] (Microsoft Corporation) xinput1_3.dll -> C:\Windows\SysNative\xinput1_3.dll -> [2009/11/22 12:36:37 | 00,107,368 | ---- | C] (Microsoft Corporation) xinput1_3.dll -> C:\Windows\SysWow64\xinput1_3.dll -> [2009/11/22 12:36:37 | 00,081,768 | ---- | C] (Microsoft Corporation) D3DCompiler_33.dll -> C:\Windows\SysNative\D3DCompiler_33.dll -> [2009/11/22 12:36:36 | 01,400,176 | ---- | C] (Microsoft Corporation) d3dx10_33.dll -> C:\Windows\SysNative\d3dx10_33.dll -> [2009/11/22 12:36:36 | 00,506,728 | ---- | C] (Microsoft Corporation) d3dx9_33.dll -> C:\Windows\SysNative\d3dx9_33.dll -> [2009/11/22 12:36:35 | 04,494,184 | ---- | C] (Microsoft Corporation) xactengine2_6.dll -> C:\Windows\SysNative\xactengine2_6.dll -> [2009/11/22 12:36:35 | 00,393,576 | ---- | C] (Microsoft Corporation) xactengine2_6.dll -> C:\Windows\SysWow64\xactengine2_6.dll -> [2009/11/22 12:36:35 | 00,255,848 | ---- | C] (Microsoft Corporation) x3daudio1_1.dll -> C:\Windows\SysNative\x3daudio1_1.dll -> [2009/11/22 12:36:32 | 00,017,688 | ---- | C] (Microsoft Corporation) x3daudio1_1.dll -> C:\Windows\SysWow64\x3daudio1_1.dll -> [2009/11/22 12:36:32 | 00,015,128 | ---- | C] (Microsoft Corporation) Everest Poker -> C:\Program Files (x86)\Everest Poker -> [2009/11/22 11:50:03 | 00,000,000 | ---D | C] [Files/Folders - Modified Within 30 Days] NTUSER.DAT -> C:\Users\ludo\NTUSER.DAT -> [2009/12/21 20:44:47 | 02,359,296 | -HS- | M] () SA.DAT -> C:\Windows\tasks\SA.DAT -> [2009/12/21 20:44:10 | 00,000,006 | -H-- | M] () bootstat.dat -> C:\Windows\bootstat.dat -> [2009/12/21 20:44:06 | 00,067,584 | --S- | M] () hiberfil.sys -> C:\hiberfil.sys -> [2009/12/21 20:44:04 | 32,204,80000 | -HS- | M] () IconCache.db -> C:\Users\ludo\AppData\Local\IconCache.db -> [2009/12/21 20:42:55 | 00,988,313 | -H-- | M] () Malwarebytes' Anti-Malware.lnk -> C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk -> [2009/12/21 20:11:48 | 00,001,013 | ---- | M] () 7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 -> [2009/12/21 19:13:09 | 00,013,248 | -H-- | M] () 7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 -> [2009/12/21 19:13:09 | 00,013,248 | -H-- | M] () PerfStringBackup.INI -> C:\Windows\SysNative\PerfStringBackup.INI -> [2009/12/21 19:11:34 | 01,524,562 | ---- | M] () perfh00C.dat -> C:\Windows\SysNative\perfh00C.dat -> [2009/12/21 19:11:34 | 00,694,766 | ---- | M] () perfh009.dat -> C:\Windows\SysNative\perfh009.dat -> [2009/12/21 19:11:34 | 00,606,992 | ---- | M] () perfc00C.dat -> C:\Windows\SysNative\perfc00C.dat -> [2009/12/21 19:11:34 | 00,127,478 | ---- | M] () perfc009.dat -> C:\Windows\SysNative\perfc009.dat -> [2009/12/21 19:11:34 | 00,103,370 | ---- | M] () lsdelete.exe -> C:\Windows\SysNative\lsdelete.exe -> [2009/12/21 01:50:59 | 00,015,880 | ---- | M] () Ad-Aware.lnk -> C:\Users\Public\Desktop\Ad-Aware.lnk -> [2009/12/21 01:47:03 | 00,001,154 | ---- | M] () citation.odt -> C:\Users\ludo\Documents\citation.odt -> [2009/12/20 16:20:36 | 00,007,926 | ---- | M] () o.p12 -> C:\Users\ludo\Desktop\o.p12 -> [2009/12/19 12:43:12 | 00,002,392 | ---- | M] () Mumble (Backwards Compatible).lnk -> C:\Users\Public\Desktop\Mumble (Backwards Compatible).lnk -> [2009/12/19 12:40:06 | 00,001,000 | ---- | M] () Mumble.lnk -> C:\Users\Public\Desktop\Mumble.lnk -> [2009/12/19 12:40:06 | 00,000,983 | ---- | M] () Anno4 - Raccourci.lnk -> C:\Users\ludo\Desktop\Anno4 - Raccourci.lnk -> [2009/12/17 12:42:14 | 00,001,301 | ---- | M] () citation.odt -> C:\Users\ludo\Desktop\citation.odt -> [2009/12/15 21:50:48 | 00,011,737 | ---- | M] () atksgt.sys -> C:\Windows\SysNative\drivers\atksgt.sys -> [2009/12/15 17:29:43 | 00,314,016 | ---- | M] () lirsgt.sys -> C:\Windows\SysNative\drivers\lirsgt.sys -> [2009/12/15 17:29:41 | 00,043,680 | ---- | M] () ezsidmv.dat -> C:\ProgramData\ezsidmv.dat -> [2009/12/15 14:57:27 | 00,000,056 | ---- | M] () Skype.lnk -> C:\Users\Public\Desktop\Skype.lnk -> [2009/12/15 14:50:32 | 00,002,515 | ---- | M] () Call of Duty Modern Warfare 2.lnk -> C:\Users\ludo\Desktop\Call of Duty Modern Warfare 2.lnk -> [2009/12/12 20:21:45 | 00,001,885 | ---- | M] () Call of Duty Modern Warfare 2 - Multiplayer.lnk -> C:\Users\ludo\Desktop\Call of Duty Modern Warfare 2 - Multiplayer.lnk -> [2009/12/12 20:21:45 | 00,001,885 | ---- | M] () Msft_User_WpdMtpDr_01_09_00.Wdf -> C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf -> [2009/12/11 17:59:54 | 00,000,000 | -H-- | M] () LogMeIn Hamachi.lnk -> C:\Users\Public\Desktop\LogMeIn Hamachi.lnk -> [2009/12/09 18:14:38 | 00,000,926 | ---- | M] () Nero StartSmart.lnk -> C:\Users\Public\Desktop\Nero StartSmart.lnk -> [2009/12/08 17:03:16 | 00,002,786 | ---- | M] () Nero Home.lnk -> C:\Users\Public\Desktop\Nero Home.lnk -> [2009/12/08 17:03:16 | 00,002,690 | ---- | M] () mbamswissarmy.sys -> C:\Windows\SysWow64\drivers\mbamswissarmy.sys -> [2009/12/03 16:14:06 | 00,038,224 | ---- | M] (Malwarebytes Corporation) mbam.sys -> C:\Windows\SysNative\drivers\mbam.sys -> [2009/12/03 16:13:58 | 00,022,104 | ---- | M] (Malwarebytes Corporation) CCleaner.lnk -> C:\Users\ludo\Desktop\CCleaner.lnk -> [2009/11/30 19:07:29 | 00,001,889 | ---- | M] () VLC media player.lnk -> C:\Users\Public\Desktop\VLC media player.lnk -> [2009/11/30 18:33:48 | 00,001,070 | ---- | M] () daorigins - Raccourci.lnk -> C:\Users\ludo\Desktop\daorigins - Raccourci.lnk -> [2009/11/30 12:51:05 | 00,001,636 | ---- | M] () NCLauncher - Raccourci.lnk -> C:\Users\ludo\Desktop\NCLauncher - Raccourci.lnk -> [2009/11/29 17:21:46 | 00,001,599 | ---- | M] () DAEMON Tools Lite.lnk -> C:\Users\Public\Desktop\DAEMON Tools Lite.lnk -> [2009/11/26 16:57:34 | 00,001,954 | ---- | M] () sptd.sys -> C:\Windows\SysNative\drivers\sptd.sys -> [2009/11/26 16:57:33 | 00,834,544 | ---- | M] () Msft_User_WpdFs_01_09_00.Wdf -> C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf -> [2009/11/26 16:54:13 | 00,000,000 | -H-- | M] () OpenOffice.org 3.1.lnk -> C:\Users\ludo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk -> [2009/11/25 18:20:19 | 00,001,239 | ---- | M] () Adobe Reader 9.lnk -> C:\Users\Public\Desktop\Adobe Reader 9.lnk -> [2009/11/24 12:26:27 | 00,002,014 | ---- | M] () PnkBstrB.exe -> C:\Windows\SysWow64\PnkBstrB.exe -> [2009/11/23 16:40:53 | 00,111,928 | ---- | M] () klin.dat -> C:\Windows\SysNative\drivers\klin.dat -> [2009/11/22 16:07:15 | 00,143,387 | ---- | M] () klick.dat -> C:\Windows\SysNative\drivers\klick.dat -> [2009/11/22 16:07:15 | 00,104,987 | ---- | M] () klif.sys -> C:\Windows\SysNative\drivers\klif.sys -> [2009/11/22 16:06:49 | 00,353,296 | ---- | M] (Kaspersky Lab) pbsvc.exe -> C:\Windows\SysWow64\pbsvc.exe -> [2009/11/22 12:34:49 | 00,682,280 | ---- | M] () PnkBstrA.exe -> C:\Windows\SysWow64\PnkBstrA.exe -> [2009/11/22 12:34:49 | 00,066,872 | ---- | M] () win.ini -> C:\Windows\win.ini -> [2009/11/22 11:50:27 | 00,000,448 | ---- | M] () Everest Poker.lnk -> C:\Users\Public\Desktop\Everest Poker.lnk -> [2009/11/22 11:50:25 | 00,001,962 | ---- | M] () [Files - No Company Name] IconCache.db -> C:\Users\ludo\AppData\Local\IconCache.db -> [2009/12/21 20:42:55 | 00,988,313 | -H-- | C] () Malwarebytes' Anti-Malware.lnk -> C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk -> [2009/12/21 20:11:48 | 00,001,013 | ---- | C] () lsdelete.exe -> C:\Windows\SysNative\lsdelete.exe -> [2009/12/21 02:23:50 | 00,015,880 | ---- | C] () Ad-Aware.lnk -> C:\Users\Public\Desktop\Ad-Aware.lnk -> [2009/12/21 01:47:03 | 00,001,154 | ---- | C] () citation.odt -> C:\Users\ludo\Documents\citation.odt -> [2009/12/20 16:20:33 | 00,007,926 | ---- | C] () o.p12 -> C:\Users\ludo\Desktop\o.p12 -> [2009/12/19 12:43:10 | 00,002,392 | ---- | C] () Mumble (Backwards Compatible).lnk -> C:\Users\Public\Desktop\Mumble (Backwards Compatible).lnk -> [2009/12/19 12:40:06 | 00,001,000 | ---- | C] () Mumble.lnk -> C:\Users\Public\Desktop\Mumble.lnk -> [2009/12/19 12:40:06 | 00,000,983 | ---- | C] () Anno4 - Raccourci.lnk -> C:\Users\ludo\Desktop\Anno4 - Raccourci.lnk -> [2009/12/17 12:42:14 | 00,001,301 | ---- | C] () atksgt.sys -> C:\Windows\SysNative\drivers\atksgt.sys -> [2009/12/15 17:29:43 | 00,314,016 | ---- | C] () lirsgt.sys -> C:\Windows\SysNative\drivers\lirsgt.sys -> [2009/12/15 17:29:41 | 00,043,680 | ---- | C] () ezsidmv.dat -> C:\ProgramData\ezsidmv.dat -> [2009/12/15 14:57:27 | 00,000,056 | ---- | C] () Skype.lnk -> C:\Users\Public\Desktop\Skype.lnk -> [2009/12/15 14:50:32 | 00,002,515 | ---- | C] () Call of Duty Modern Warfare 2.lnk -> C:\Users\ludo\Desktop\Call of Duty Modern Warfare 2.lnk -> [2009/12/12 20:21:45 | 00,001,885 | ---- | C] () Call of Duty Modern Warfare 2 - Multiplayer.lnk -> C:\Users\ludo\Desktop\Call of Duty Modern Warfare 2 - Multiplayer.lnk -> [2009/12/12 20:21:45 | 00,001,885 | ---- | C] () Msft_User_WpdMtpDr_01_09_00.Wdf -> C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf -> [2009/12/11 17:59:54 | 00,000,000 | -H-- | C] () LogMeIn Hamachi.lnk -> C:\Users\Public\Desktop\LogMeIn Hamachi.lnk -> [2009/12/09 18:14:38 | 00,000,926 | ---- | C] () Nero StartSmart.lnk -> C:\Users\Public\Desktop\Nero StartSmart.lnk -> [2009/12/08 17:03:16 | 00,002,786 | ---- | C] () Nero Home.lnk -> C:\Users\Public\Desktop\Nero Home.lnk -> [2009/12/08 17:03:16 | 00,002,690 | ---- | C] () citation.odt -> C:\Users\ludo\Desktop\citation.odt -> [2009/12/04 23:01:22 | 00,011,737 | ---- | C] () CCleaner.lnk -> C:\Users\ludo\Desktop\CCleaner.lnk -> [2009/11/30 19:07:29 | 00,001,889 | ---- | C] () VLC media player.lnk -> C:\Users\Public\Desktop\VLC media player.lnk -> [2009/11/30 18:33:48 | 00,001,070 | ---- | C] () daorigins - Raccourci.lnk -> C:\Users\ludo\Desktop\daorigins - Raccourci.lnk -> [2009/11/30 12:51:05 | 00,001,636 | ---- | C] () NCLauncher - Raccourci.lnk -> C:\Users\ludo\Desktop\NCLauncher - Raccourci.lnk -> [2009/11/29 17:21:46 | 00,001,599 | ---- | C] () DAEMON Tools Lite.lnk -> C:\Users\Public\Desktop\DAEMON Tools Lite.lnk -> [2009/11/26 16:57:34 | 00,001,954 | ---- | C] () sptd.sys -> C:\Windows\SysNative\drivers\sptd.sys -> [2009/11/26 16:57:33 | 00,834,544 | ---- | C] () Msft_User_WpdFs_01_09_00.Wdf -> C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf -> [2009/11/26 16:54:13 | 00,000,000 | -H-- | C] () OpenOffice.org 3.1.lnk -> C:\Users\ludo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk -> [2009/11/25 18:20:19 | 00,001,239 | ---- | C] () Adobe Reader 9.lnk -> C:\Users\Public\Desktop\Adobe Reader 9.lnk -> [2009/11/24 12:26:27 | 00,002,014 | ---- | C] () klin.dat -> C:\Windows\SysNative\drivers\klin.dat -> [2009/11/22 16:07:15 | 00,143,387 | ---- | C] () klick.dat -> C:\Windows\SysNative\drivers\klick.dat -> [2009/11/22 16:07:15 | 00,104,987 | ---- | C] () pbsvc.exe -> C:\Windows\SysWow64\pbsvc.exe -> [2009/11/22 12:34:49 | 00,682,280 | ---- | C] () Everest Poker.lnk -> C:\Users\Public\Desktop\Everest Poker.lnk -> [2009/11/22 11:50:25 | 00,001,962 | ---- | C] () game.ini -> C:\Windows\game.ini -> [2009/11/21 19:36:35 | 00,000,331 | ---- | C] () AsIO.dll -> C:\Windows\SysWow64\AsIO.dll -> [2009/11/03 13:19:37 | 00,024,576 | ---- | C] () AsIO.sys -> C:\Windows\SysWow64\drivers\AsIO.sys -> [2009/11/03 13:19:37 | 00,014,392 | ---- | C] () AsInsHelp64.sys -> C:\Windows\SysWow64\drivers\AsInsHelp64.sys -> [2009/11/03 13:19:35 | 00,011,832 | ---- | C] () AsInsHelp32.sys -> C:\Windows\SysWow64\drivers\AsInsHelp32.sys -> [2009/11/03 13:19:35 | 00,010,216 | ---- | C] () Language_trs.ini -> C:\Windows\Language_trs.ini -> [2009/11/03 12:51:01 | 00,001,769 | ---- | C] () GlobalUserInterface.CompositeFont -> C:\Windows\Fonts\GlobalUserInterface.CompositeFont -> [2009/07/14 06:32:39 | 00,043,318 | ---- | C] () GlobalSerif.CompositeFont -> C:\Windows\Fonts\GlobalSerif.CompositeFont -> [2009/07/14 06:32:39 | 00,029,779 | ---- | C] () GlobalSansSerif.CompositeFont -> C:\Windows\Fonts\GlobalSansSerif.CompositeFont -> [2009/07/14 06:32:39 | 00,026,489 | ---- | C] () GlobalMonospace.CompositeFont -> C:\Windows\Fonts\GlobalMonospace.CompositeFont -> [2009/07/14 06:32:39 | 00,026,040 | ---- | C] () BWContextHandler.dll -> C:\Windows\SysWow64\BWContextHandler.dll -> [2009/07/14 00:42:10 | 00,064,000 | ---- | C] () msjetoledb40.dll -> C:\Windows\SysWow64\msjetoledb40.dll -> [2009/07/13 22:03:59 | 00,364,544 | ---- | C] () physxcudart_20.dll -> C:\Windows\SysWow64\physxcudart_20.dll -> [2008/10/07 09:13:30 | 00,197,912 | ---- | C] () AgCPanelTraditionalChinese.dll -> C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll -> [2008/10/07 09:13:22 | 00,058,648 | ---- | C] () AgCPanelSwedish.dll -> C:\Windows\SysWow64\AgCPanelSwedish.dll -> [2008/10/07 09:13:20 | 00,058,648 | ---- | C] () AgCPanelSpanish.dll -> C:\Windows\SysWow64\AgCPanelSpanish.dll -> [2008/10/07 09:13:20 | 00,058,648 | ---- | C] () AgCPanelSimplifiedChinese.dll -> C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll -> [2008/10/07 09:13:20 | 00,058,648 | ---- | C] () AgCPanelPortugese.dll -> C:\Windows\SysWow64\AgCPanelPortugese.dll -> [2008/10/07 09:13:20 | 00,058,648 | ---- | C] () AgCPanelKorean.dll -> C:\Windows\SysWow64\AgCPanelKorean.dll -> [2008/10/07 09:13:20 | 00,058,648 | ---- | C] () AgCPanelJapanese.dll -> C:\Windows\SysWow64\AgCPanelJapanese.dll -> [2008/10/07 09:13:20 | 00,058,648 | ---- | C] () AgCPanelGerman.dll -> C:\Windows\SysWow64\AgCPanelGerman.dll -> [2008/10/07 09:13:20 | 00,058,648 | ---- | C] () AgCPanelFrench.dll -> C:\Windows\SysWow64\AgCPanelFrench.dll -> [2008/10/07 09:13:20 | 00,058,648 | ---- | C] () ASUSHWIO.SYS -> C:\Windows\SysWow64\drivers\ASUSHWIO.SYS -> [2007/12/28 16:22:02 | 00,010,296 | ---- | C] () < End of report >

tout d'abord je tiens a te remercier de ton aide rapport MBAM: Malwarebytes' Anti-Malware 1.42 Version de la base de données: 3405 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 21/12/2009 20:41:07 mbam-log-2009-12-21 (20-41-07).txt Type de recherche: Examen complet (C:\|D:\|) Eléments examinés: 246410 Temps écoulé: 19 minute(s), 3 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 1 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté)

bonsoir, Je suis tout nouveau, je viens de m'inscrire ayant un problème d'infection, mon antivirus ne peut plus faire de mise a jour ( privilège insufisant ) j'ai essayer de le reinstaller, et il me dit que les bases sont corrompue. si vous pouvez m'aider a enlever cette infection en detaillant les manipulations a faire n'en n'ayant jamais fait. bonne soirée merci voici le rapport de hijackthis: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:18:30, on 19/12/2009 Platform: Unknown Windows (WinNT 6.01.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16385) Boot mode: Normal Running processes: C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Users\ludo\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe C:\Program Files (x86)\Mumble\dbus-daemon.exe C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe C:\Program Files (x86)\Java\jre6\bin\jusched.exe C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Skype\Toolbars\Shared\SkypeNames.exe C:\PROGRA~2\FREEDO~1\fdm.exe C:\Program Files (x86)\Windows Media Player\wmplayer.exe C:\Program Files (x86)\Steam\Steam.exe C:\Users\ludo\Desktop\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [PokeCreative] "C:\ProgramData\FaceManagerManager.0t6cm5" O4 - HKCU\..\Run: [media bore program mapi] "C:\ProgramData\Phone Bash Extra.xous8" O4 - HKCU\..\Run: [steam] "c:\program files (x86)\steam\steam.exe" -silent O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized O4 - Startup: Notification de cadeaux MSN.lnk = ludo\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe O8 - Extra context menu item: Ajouter à l'Anti-bannière - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlall.htm O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dllink.htm O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlselected.htm O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlfvideo.htm O9 - Extra button: Clavier &virtuel - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O9 - Extra button: Analyse des &liens - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O13 - Gopher Prefix: O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: ASUS System Control Service (AsSysCtrlService) - Unknown owner - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe O23 - Service: Dragon Age: Origins - Application de mise à jour (DAUpdaterSvc) - BioWare - C:\Program Files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 9713 bytes