kapersky 2010 impossible à mettre à jour [ RESOLU ]

[zagstruck]

bonsoir,

Je suis tout nouveau, je viens de m'inscrire ayant un problème d'infection, mon antivirus ne peut plus faire de mise a jour ( privilège insufisant )

j'ai essayer de le reinstaller, et il me dit que les bases sont corrompue.

si vous pouvez m'aider a enlever cette infection en detaillant les manipulations a faire n'en n'ayant jamais fait.

 

bonne soirée merci

 

voici le rapport de hijackthis:

 

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 18:18:30, on 19/12/2009

Platform: Unknown Windows (WinNT 6.01.3504)

MSIE: Internet Explorer v8.00 (8.00.7600.16385)

Boot mode: Normal

 

Running processes:

C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe

C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe

C:\Program Files (x86)\Skype\Phone\Skype.exe

C:\Users\ludo\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe

C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe

C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe

C:\Program Files (x86)\Mumble\dbus-daemon.exe

C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe

C:\Program Files (x86)\Java\jre6\bin\jusched.exe

C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe

C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin

C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Skype\Toolbars\Shared\SkypeNames.exe

C:\PROGRA~2\FREEDO~1\fdm.exe

C:\Program Files (x86)\Windows Media Player\wmplayer.exe

C:\Program Files (x86)\Steam\Steam.exe

C:\Users\ludo\Desktop\HiJackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll

O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [PokeCreative] "C:\ProgramData\FaceManagerManager.0t6cm5"

O4 - HKCU\..\Run: [media bore program mapi] "C:\ProgramData\Phone Bash Extra.xous8"

O4 - HKCU\..\Run: [steam] "c:\program files (x86)\steam\steam.exe" -silent

O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized

O4 - Startup: Notification de cadeaux MSN.lnk = ludo\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe

O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe

O8 - Extra context menu item: Ajouter à l'Anti-bannière - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm

O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlall.htm

O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dllink.htm

O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlselected.htm

O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlfvideo.htm

O9 - Extra button: Clavier &virtuel - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll

O9 - Extra button: Analyse des &liens - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll

O13 - Gopher Prefix:

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O20 - AppInit_DLLs: C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)

O23 - Service: ASUS System Control Service (AsSysCtrlService) - Unknown owner - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe

O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe

O23 - Service: Dragon Age: Origins - Application de mise à jour (DAUpdaterSvc) - BioWare - C:\Program Files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe

O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

 

--

End of file - 9713 bytes

Modifié le 3 janvier 2010 par zagstruck

[Gof]

Bonsoir zagstruck

 

Messages: 1

Bienvenue sur les forums de Zebulon.

 

Quelques liens pour t'aider à commencer :

• Comment participer à un forum
  
• retrouver ses messages et activer la notification par email
  

 

On va y aller tranquillement, car je ne suis pas à l'aise avec les systèmes 64 bits. Les infections généralement ne sont pas couramment adaptées à ce type de systèmes, et ne peuvent s'étendre de la même façon que sous un 32 bits (sauf celles dédiées et étudiées pour, évidemment). Il est donc probable qu'il n'y ait pas grand chose d'infectieux dans l'origine de tes soucis, mais on va regarder ça. Il y a manifestement une petite infection de type Lop. Il peut arriver avec Kasperksy que les bases soient corrompues, auquel cas il faut désinstaller proprement et réinstaller. Pour l'instant, n'en fais rien, on va regarder un peu.

 

 

Télécharge Malwarebytes' Anti-Malware (MBAM)

• Double clique sur le fichier téléchargé pour lancer le processus d'installation.
  
• Dans l'onglet "mise à jour", clique sur le bouton "Recherche de mise à jour": si le pare-feu demande l'autorisation à MBAM de se connecter, accepte.
  
• Une fois la mise à jour terminée, rends-toi dans l'onglet "Recherche".
  
• Branche tes supports amovibles (clés USB, lecteurs MP3, cartes Flash, etc.) sans les ouvrir.
  
• Sélectionne "Exécuter un examen complet"
  
• Clique sur "Rechercher"
  
• L'analyse démarre.
  
• A la fin de l'analyse, un message s'affiche :

  L'examen s'est terminé normalement. Clique sur 'Afficher les résultats' pour afficher tous les objets trouvés.

  Clique sur "Ok" pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
  
• Ferme tes navigateurs.
  
• Si des malwares ont été détectés, clique sur Afficher les résultats.
  Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
  
• MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport et poste-le dans ta prochaine réponse.
  

 

Télécharge ensuite OTS de OldTimer

• Assure toi que la case "Include 64Bit Scans" soit cochée
  
• Clique sur Run Scan et laisse l'outil travailler.
  
• Lorsque le Bloc-notes s'ouvrira, copie-colle le contenu du rapport dans ta prochaine réponse
  

[zagstruck]

tout d'abord je tiens a te remercier de ton aide

rapport MBAM:

 

Malwarebytes' Anti-Malware 1.42

Version de la base de données: 3405

Windows 6.1.7600

Internet Explorer 8.0.7600.16385

 

21/12/2009 20:41:07

mbam-log-2009-12-21 (20-41-07).txt

 

Type de recherche: Examen complet (C:\|D:\|)

Eléments examinés: 246410

Temps écoulé: 19 minute(s), 3 second(s)

 

Processus mémoire infecté(s): 0

Module(s) mémoire infecté(s): 0

Clé(s) du Registre infectée(s): 0

Valeur(s) du Registre infectée(s): 0

Elément(s) de données du Registre infecté(s): 1

Dossier(s) infecté(s): 0

Fichier(s) infecté(s): 0

 

Processus mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Module(s) mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Clé(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

 

Valeur(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

 

Elément(s) de données du Registre infecté(s):

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

 

Dossier(s) infecté(s):

(Aucun élément nuisible détecté)

 

Fichier(s) infecté(s):

(Aucun élément nuisible détecté)

Modifié le 21 décembre 2009 par zagstruck

[zagstruck]

et le rapport OST:

 

OTS logfile created on: 21/12/2009 20:46:04 - Run 1

OTS by OldTimer - Version 3.1.12.0 Folder = C:\Downloads\Software

64bit- An unknown product (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

 

4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 70,00% Memory free

8,00 Gb Paging File | 7,00 Gb Available in Paging File | 85,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 279,46 Gb Total Space | 129,22 Gb Free Space | 46,24% Space Free | Partition Type: NTFS

Drive D: | 309,02 Gb Total Space | 99,97 Gb Free Space | 32,35% Space Free | Partition Type: NTFS

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

 

Computer Name: DÉDÉ

Current User Name: ludo

Logged in as Administrator.

 

Current Boot Mode: Normal

Scan Mode: Current user

Include 64bit Scans

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

 

[Processes - Safe List]

ots.exe -> C:\Downloads\Software\OTS.exe -> [2009/12/21 20:10:54 | 00,598,528 | ---- | M] (OldTimer Tools)

aawtray.exe -> C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe -> [2009/12/21 01:49:29 | 00,788,880 | ---- | M] (Lavasoft)

aawservice.exe -> C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -> [2009/12/21 01:49:27 | 01,181,328 | ---- | M] (Lavasoft)

pnkbstra.exe -> C:\Windows\SysWOW64\PnkBstrA.exe -> [2009/11/22 12:34:49 | 00,066,872 | ---- | M] ()

lsnfier.exe -> C:\Users\ludo\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe -> [2009/11/19 19:52:38 | 00,135,680 | ---- | M] (Microsoft Corporation)

dtlite.exe -> C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -> [2009/10/30 12:57:08 | 00,369,200 | ---- | M] (DT Soft Ltd)

avp.exe -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe -> [2009/10/20 19:39:28 | 00,340,456 | ---- | M] (Kaspersky Lab)

jusched.exe -> C:\Program Files (x86)\Java\jre6\bin\jusched.exe -> [2009/10/11 04:17:36 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.)

skype.exe -> C:\Program Files (x86)\Skype\Phone\Skype.exe -> [2009/10/09 13:11:12 | 25,623,336 | R--- | M] (Skype Technologies S.A.)

skypepm.exe -> C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe -> [2009/10/09 13:11:12 | 00,078,008 | R--- | M] (Skype Technologies)

reader_sl.exe -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe -> [2009/10/03 04:08:38 | 00,035,696 | ---- | M] (Adobe Systems Incorporated)

aawwsc.exe -> C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWWSC.exe -> [2009/09/23 08:55:40 | 00,707,704 | ---- | M] ()

soffice.bin -> C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin -> [2009/08/19 10:31:42 | 07,418,368 | ---- | M] (OpenOffice.org)

soffice.exe -> C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe -> [2009/08/19 10:31:40 | 07,424,000 | ---- | M] (OpenOffice.org)

msnmsgr.exe -> C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe -> [2009/07/26 16:44:52 | 03,883,856 | ---- | M] (Microsoft Corporation)

sixengine.exe -> C:\Program Files (x86)\ASUS\EPU-6 Engine\SixEngine.exe -> [2009/05/25 10:33:50 | 06,017,024 | ---- | M] ()

assysctrlservice.exe -> C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe -> [2009/04/02 12:27:26 | 00,090,112 | ---- | M] ()

nmindexstoresvr.exe -> C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe -> [2008/01/22 10:13:32 | 01,201,448 | ---- | M] (Nero AG)

nmindexingservice.exe -> C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe -> [2008/01/22 10:13:26 | 00,275,752 | ---- | M] (Nero AG)

nmbgmonitor.exe -> C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe -> [2008/01/22 10:13:20 | 00,152,872 | ---- | M] (Nero AG)

 

[Modules - Safe List]

ots.exe -> C:\Downloads\Software\OTS.exe -> [2009/12/21 20:10:54 | 00,598,528 | ---- | M] (OldTimer Tools)

comctl32.dll -> C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll -> [2009/07/14 02:03:50 | 01,680,896 | ---- | M] (Microsoft Corporation)

 

[Win32 Services - Safe List]

64bit-(AMD External Events Utility) [Auto | Running] -> C:\Windows\SysNative\atiesrxx.exe -> [2009/08/18 02:36:20 | 00,203,264 | ---- | M] (AMD)

64bit-(WwanSvc) [On_Demand | Stopped] -> C:\Windows\SysNative\wwansvc.dll -> [2009/07/14 02:41:59 | 00,229,888 | ---- | M] (Microsoft Corporation)

64bit-(WbioSrvc) [On_Demand | Stopped] -> C:\Windows\SysNative\wbiosrvc.dll -> [2009/07/14 02:41:56 | 00,202,240 | ---- | M] (Microsoft Corporation)

64bit-(UmRdpService) [On_Demand | Stopped] -> C:\Windows\SysNative\umrdp.dll -> [2009/07/14 02:41:56 | 00,195,072 | ---- | M] (Microsoft Corporation)

64bit-(Power) [Auto | Running] -> C:\Windows\SysNative\umpo.dll -> [2009/07/14 02:41:56 | 00,163,840 | ---- | M] (Microsoft Corporation)

64bit-(Themes) [Auto | Running] -> C:\Windows\SysNative\themeservice.dll -> [2009/07/14 02:41:55 | 00,044,544 | ---- | M] (Microsoft Corporation)

64bit-(sppuinotify) [On_Demand | Stopped] -> C:\Windows\SysNative\sppuinotify.dll -> [2009/07/14 02:41:54 | 00,065,536 | ---- | M] (Microsoft Corporation)

64bit-(SensrSvc) [On_Demand | Stopped] -> C:\Windows\SysNative\sensrsvc.dll -> [2009/07/14 02:41:54 | 00,029,184 | ---- | M] (Microsoft Corporation)

64bit-(StorSvc) [On_Demand | Stopped] -> C:\Windows\SysNative\StorSvc.dll -> [2009/07/14 02:41:54 | 00,017,920 | ---- | M] (Microsoft Corporation)

64bit-(PeerDistSvc) [On_Demand | Stopped] -> C:\Windows\SysNative\PeerDistSvc.dll -> [2009/07/14 02:41:53 | 01,361,920 | ---- | M] (Microsoft Corporation)

64bit-(PNRPsvc) [On_Demand | Running] -> C:\Windows\SysNative\pnrpsvc.dll -> [2009/07/14 02:41:53 | 00,327,168 | ---- | M] (Microsoft Corporation)

64bit-(p2pimsvc) [On_Demand | Running] -> C:\Windows\SysNative\pnrpsvc.dll -> [2009/07/14 02:41:53 | 00,327,168 | ---- | M] (Microsoft Corporation)

64bit-(HomeGroupProvider) [On_Demand | Running] -> C:\Windows\SysNative\provsvc.dll -> [2009/07/14 02:41:53 | 00,187,904 | ---- | M] (Microsoft Corporation)

64bit-(RpcEptMapper) [unknown | Running] -> C:\Windows\SysNative\RpcEpMap.dll -> [2009/07/14 02:41:53 | 00,067,072 | ---- | M] (Microsoft Corporation)

64bit-(PNRPAutoReg) [On_Demand | Stopped] -> C:\Windows\SysNative\pnrpauto.dll -> [2009/07/14 02:41:53 | 00,025,088 | ---- | M] (Microsoft Corporation)

64bit-(WinDefend) [Auto | Stopped] -> C:\Program Files\Windows Defender\mpsvc.dll -> [2009/07/14 02:41:27 | 01,011,712 | ---- | M] (Microsoft Corporation)

64bit-(HomeGroupListener) [On_Demand | Running] -> C:\Windows\SysNative\ListSvc.dll -> [2009/07/14 02:41:18 | 00,231,936 | ---- | M] (Microsoft Corporation)

64bit-(FontCache) [On_Demand | Stopped] -> C:\Windows\SysNative\FntCache.dll -> [2009/07/14 02:40:54 | 01,127,936 | ---- | M] (Microsoft Corporation)

64bit-(Dhcp) [Auto | Running] -> C:\Windows\SysNative\dhcpcore.dll -> [2009/07/14 02:40:28 | 00,314,368 | ---- | M] (Microsoft Corporation)

64bit-(defragsvc) [On_Demand | Stopped] -> C:\Windows\SysNative\defragsvc.dll -> [2009/07/14 02:40:28 | 00,291,328 | ---- | M] (Microsoft Corporation)

64bit-(CscService) [Auto | Running] -> C:\Windows\SysNative\cscsvc.dll -> [2009/07/14 02:40:24 | 00,689,152 | ---- | M] (Microsoft Corporation)

64bit-(bthserv) [On_Demand | Stopped] -> C:\Windows\SysNative\bthserv.dll -> [2009/07/14 02:40:13 | 00,083,968 | ---- | M] (Microsoft Corporation)

64bit-(BDESVC) [unknown | Stopped] -> C:\Windows\SysNative\bdesvc.dll -> [2009/07/14 02:40:10 | 00,100,864 | ---- | M] (Microsoft Corporation)

64bit-(AxInstSV) [On_Demand | Stopped] -> C:\Windows\SysNative\AxInstSv.dll -> [2009/07/14 02:40:05 | 00,114,688 | ---- | M] (Microsoft Corporation)

64bit-(AppMgmt) [On_Demand | Stopped] -> C:\Windows\SysNative\appmgmts.dll -> [2009/07/14 02:40:01 | 00,193,536 | ---- | M] (Microsoft Corporation)

64bit-(AppIDSvc) [On_Demand | Stopped] -> C:\Windows\SysNative\appidsvc.dll -> [2009/07/14 02:40:01 | 00,032,256 | ---- | M] (Microsoft Corporation)

64bit-(wbengine) [On_Demand | Stopped] -> C:\Windows\SysNative\wbengine.exe -> [2009/07/14 02:39:51 | 01,503,744 | ---- | M] (Microsoft Corporation)

64bit-(sppsvc) [Auto | Stopped] -> C:\Windows\SysNative\sppsvc.exe -> [2009/07/14 02:39:28 | 03,524,608 | ---- | M] (Microsoft Corporation)

64bit-(Fax) [On_Demand | Stopped] -> C:\Windows\SysNative\FXSSVC.exe -> [2009/07/14 02:39:11 | 00,689,152 | ---- | M] (Microsoft Corporation)

64bit-(msvsmon90) [Disabled | Stopped] -> C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe -> [2007/11/08 01:11:22 | 04,466,688 | ---- | M] (Microsoft Corporation)

(Lavasoft Ad-Aware Service) Lavasoft Ad-Aware Service [Auto | Running] -> C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -> [2009/12/21 01:49:27 | 01,181,328 | ---- | M] (Lavasoft)

(Steam Client Service) Steam Client Service [On_Demand | Stopped] -> C:\Program Files (x86)\Common Files\Steam\SteamService.exe -> [2009/12/11 17:10:09 | 00,321,320 | ---- | M] (Valve Corporation)

(PnkBstrA) PnkBstrA [Auto | Running] -> C:\Windows\SysWOW64\PnkBstrA.exe -> [2009/11/22 12:34:49 | 00,066,872 | ---- | M] ()

(Hamachi2Svc) LogMeIn Hamachi 2.0 Tunneling Engine [Auto | Running] -> C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -> [2009/10/29 12:27:56 | 01,767,816 | ---- | M] (LogMeIn Inc.)

(AVP) Kaspersky Internet Security [Auto | Running] -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe -> [2009/10/20 19:39:28 | 00,340,456 | ---- | M] (Kaspersky Lab)

(DAUpdaterSvc) Dragon Age: Origins - Application de mise à jour [On_Demand | Stopped] -> C:\Program Files (x86)\Dragon Age\bin_ship\daupdatersvc.service.exe -> [2009/07/26 06:43:14 | 00,025,832 | ---- | M] (BioWare)

(VSS) Cliché instantané des volumes [On_Demand | Stopped] -> C:\Windows\Vss -> [2009/07/14 04:20:14 | 00,000,000 | ---D | M]

(MSDTC) Coordinateur de transactions distribuées [unknown | Stopped] -> C:\Windows\SysWOW64\Msdtc -> [2009/07/14 04:20:14 | 00,000,000 | ---D | M]

(HomeGroupProvider) Fournisseur HomeGroup [On_Demand | Running] -> C:\Windows\SysWOW64\provsvc.dll -> [2009/07/14 02:16:12 | 00,165,376 | ---- | M] (Microsoft Corporation)

(Dhcp) Client DHCP [Auto | Running] -> C:\Windows\SysWOW64\dhcpcore.dll -> [2009/07/14 02:15:11 | 00,253,440 | ---- | M] (Microsoft Corporation)

(vds) Disque virtuel [On_Demand | Stopped] -> C:\Windows\SysWOW64\wbem\vds.mof -> [2009/07/13 21:30:11 | 00,061,056 | ---- | M] ()

(clr_optimization_v2.0.50727_64) Microsoft .NET Framework NGEN v2.0.50727_X64 [On_Demand | Stopped] -> C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -> [2009/06/10 21:39:58 | 00,089,920 | ---- | M] (Microsoft Corporation)

(AsSysCtrlService) ASUS System Control Service [Auto | Running] -> C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe -> [2009/04/02 12:27:26 | 00,090,112 | ---- | M] ()

(NMIndexingService) NMIndexingService [On_Demand | Running] -> C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe -> [2008/01/22 10:13:26 | 00,275,752 | ---- | M] (Nero AG)

(NBService) NBService [On_Demand | Stopped] -> C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe -> [2007/11/28 10:27:24 | 00,800,040 | ---- | M] (Nero AG)

 

[Driver Services - Safe List]

64bit-(atksgt) atksgt [Kernel | Auto | Running] -> C:\Windows\SysNative\drivers\atksgt.sys -> [2009/12/15 17:29:43 | 00,314,016 | ---- | M] ()

64bit-(lirsgt) lirsgt [Kernel | Auto | Running] -> C:\Windows\SysNative\drivers\lirsgt.sys -> [2009/12/15 17:29:41 | 00,043,680 | ---- | M] ()

64bit-(sptd) sptd [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\sptd.sys -> [2009/11/26 16:57:33 | 00,834,544 | ---- | M] ()

64bit-(KLIF) Kaspersky Lab Driver [File_System | System | Running] -> C:\Windows\SysNative\drivers\klif.sys -> [2009/11/22 16:06:49 | 00,353,296 | ---- | M] (Kaspersky Lab)

64bit-(KLIM6) Kaspersky Anti-Virus NDIS 6 Filter [Kernel | System | Running] -> C:\Windows\SysNative\drivers\klim6.sys -> [2009/11/03 16:33:44 | 00,027,152 | ---- | M] (Kaspersky Lab)

64bit-(KLBG) Kaspersky Lab Boot Guard Driver [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\klbg.sys -> [2009/10/14 20:18:38 | 00,040,464 | ---- | M] (Kaspersky Lab)

64bit-(klmouflt) Kaspersky Lab KLMOUFLT [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\klmouflt.sys -> [2009/10/02 18:39:32 | 00,021,008 | ---- | M] (Kaspersky Lab)

64bit-(hamachi) Hamachi Network Interface [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\hamachi.sys -> [2009/09/23 09:42:58 | 00,033,856 | -H-- | M] (LogMeIn, Inc.)

64bit-(kl1) kl1 [Kernel | System | Running] -> C:\Windows\SysNative\drivers\kl1.sys -> [2009/09/01 14:29:56 | 00,157,712 | ---- | M] (Kaspersky Lab)

64bit-(L1E) NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\L1E62x64.sys -> [2009/08/23 13:08:10 | 00,056,320 | ---- | M] (Atheros Communications, Inc.)

64bit-(atikmdag) atikmdag [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\atikmdag.sys -> [2009/08/18 03:48:48 | 06,037,504 | ---- | M] (ATI Technologies Inc.)

64bit-(amdsata) amdsata [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\amdsata.sys -> [2009/07/14 02:52:21 | 00,106,576 | ---- | M] (Advanced Micro Devices)

64bit-(amdxata) amdxata [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\amdxata.sys -> [2009/07/14 02:52:21 | 00,028,752 | ---- | M] (Advanced Micro Devices)

64bit-(amdsbs) amdsbs [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\amdsbs.sys -> [2009/07/14 02:52:20 | 00,194,128 | ---- | M] (AMD Technologies Inc.)

64bit-(KSecPkg) KSecPkg [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\ksecpkg.sys -> [2009/07/14 02:48:04 | 00,153,152 | ---- | M] (Microsoft Corporation)

64bit-(LSI_SAS2) LSI_SAS2 [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\lsi_sas2.sys -> [2009/07/14 02:48:04 | 00,065,600 | ---- | M] (LSI Corporation)

64bit-(hwpolicy) Hardware Policy Driver [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\hwpolicy.sys -> [2009/07/14 02:48:04 | 00,014,416 | ---- | M] (Microsoft Corporation)

64bit-(FsDepends) File System Dependency Minifilter [File_System | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\fsdepends.sys -> [2009/07/14 02:47:49 | 00,055,376 | ---- | M] (Microsoft Corporation)

64bit-(HpSAMD) HpSAMD [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\HpSAMD.sys -> [2009/07/14 02:47:48 | 00,077,888 | ---- | M] (Hewlett-Packard Company)

64bit-(WIMMount) WIMMount [File_System | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\wimmount.sys -> [2009/07/14 02:45:56 | 00,022,096 | ---- | M] (Microsoft Corporation)

64bit-(vhdmp) vhdmp [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\vhdmp.sys -> [2009/07/14 02:45:55 | 00,217,680 | ---- | M] (Microsoft Corporation)

64bit-(vmbus) Bus VMBus [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\vmbus.sys -> [2009/07/14 02:45:55 | 00,200,272 | ---- | M] (Microsoft Corporation)

64bit-(storflt) Pilote de filtre d’accélération de bus VMBus [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\vmstorfl.sys -> [2009/07/14 02:45:55 | 00,046,672 | ---- | M] (Microsoft Corporation)

64bit-(vdrvroot) Pilote d’énumérateur de lecteur virtuel Microsoft [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\vdrvroot.sys -> [2009/07/14 02:45:55 | 00,036,432 | ---- | M] (Microsoft Corporation)

64bit-(storvsc) storvsc [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\storvsc.sys -> [2009/07/14 02:45:55 | 00,034,896 | ---- | M] (Microsoft Corporation)

64bit-(stexstor) stexstor [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\stexstor.sys -> [2009/07/14 02:45:55 | 00,024,656 | ---- | M] (Promise Technology)

64bit-(rdyboost) ReadyBoost [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\rdyboost.sys -> [2009/07/14 02:45:46 | 00,214,096 | ---- | M] (Microsoft Corporation)

64bit-(pcw) Performance Counters for Windows Driver [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\pcw.sys -> [2009/07/14 02:45:45 | 00,050,768 | ---- | M] (Microsoft Corporation)

64bit-(CNG) CNG [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\cng.sys -> [2009/07/14 02:43:14 | 00,460,504 | ---- | M] (Microsoft Corporation)

64bit-(fvevol) Pilote de filtre de Chiffrement de lecteur Bitlocker [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\fvevol.sys -> [2009/07/14 02:43:13 | 00,223,448 | ---- | M] (Microsoft Corporation)

64bit-(rdpbus) Remote Desktop Device Redirector Bus Driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\rdpbus.sys -> [2009/07/14 01:17:46 | 00,024,064 | ---- | M] (Microsoft Corporation)

64bit-(RDPREFMP) Reflector Display Driver used to gain access to graphics data [Kernel | System | Running] -> C:\Windows\SysNative\drivers\RDPREFMP.sys -> [2009/07/14 01:16:35 | 00,008,192 | ---- | M] (Microsoft Corporation)

64bit-(RasAgileVpn) WAN Miniport (IKEv2) [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\agilevpn.sys -> [2009/07/14 01:10:24 | 00,060,416 | ---- | M] (Microsoft Corporation)

64bit-(WfpLwf) WFP Lightweight Filter [Kernel | System | Running] -> C:\Windows\SysNative\drivers\wfplwf.sys -> [2009/07/14 01:09:26 | 00,012,800 | ---- | M] (Microsoft Corporation)

64bit-(NdisCap) NDIS Capture LightWeight Filter [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\ndiscap.sys -> [2009/07/14 01:08:13 | 00,035,328 | ---- | M] (Microsoft Corporation)

64bit-(vwififlt) Virtual WiFi Filter Driver [Kernel | System | Running] -> C:\Windows\SysNative\drivers\vwififlt.sys -> [2009/07/14 01:07:22 | 00,059,904 | ---- | M] (Microsoft Corporation)

64bit-(vwifibus) Pilote de bus WiFi virtuel [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\vwifibus.sys -> [2009/07/14 01:07:21 | 00,024,576 | ---- | M] (Microsoft Corporation)

64bit-(1394ohci) Contrôleur d’hôte compatible OHCI 1394 [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\1394ohci.sys -> [2009/07/14 01:07:13 | 00,227,840 | ---- | M] (Microsoft Corporation)

64bit-(HdAudAddService) Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\HdAudio.sys -> [2009/07/14 01:07:00 | 00,350,208 | ---- | M] (Microsoft Corporation)

64bit-(UmPass) Microsoft UMPass Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\umpass.sys -> [2009/07/14 01:06:52 | 00,009,728 | ---- | M] (Microsoft Corporation)

64bit-(WinUsb) WinUsb [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\winusb.sys -> [2009/07/14 01:06:28 | 00,040,448 | ---- | M] (Microsoft Corporation)

64bit-(mshidkmdf) Pass-through HID to KMDF Filter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\mshidkmdf.sys -> [2009/07/14 01:06:24 | 00,008,192 | ---- | M] (Microsoft Corporation)

64bit-(WudfPf) User Mode Driver Frameworks Platform Driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\WUDFPf.sys -> [2009/07/14 01:05:37 | 00,112,128 | ---- | M] (Microsoft Corporation)

64bit-(MTConfig) Microsoft Input Configuration Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\MTConfig.sys -> [2009/07/14 01:02:08 | 00,015,360 | ---- | M] (Microsoft Corporation)

64bit-(CompositeBus) Pilote de l’énumérateur de bus composite [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\CompositeBus.sys -> [2009/07/14 01:00:34 | 00,038,912 | ---- | M] (Microsoft Corporation)

64bit-(Beep) Beep [Kernel | System | Running] -> C:\Windows\SysNative\drivers\beep.sys -> [2009/07/14 01:00:13 | 00,006,656 | ---- | M] (Microsoft Corporation)

64bit-(AppID) Pilote AppID [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\appid.sys -> [2009/07/14 00:52:39 | 00,061,440 | ---- | M] (Microsoft Corporation)

64bit-(scfilter) Pilote de filtre de classe PnP de carte à puce [Kernel | Unknown | Stopped] -> C:\Windows\SysNative\drivers\scfilter.sys -> [2009/07/14 00:50:17 | 00,029,696 | ---- | M] (Microsoft Corporation)

64bit-(s3cap) s3cap [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\vms3cap.sys -> [2009/07/14 00:42:58 | 00,006,656 | ---- | M] (Microsoft Corporation)

64bit-(VMBusHID) VMBusHID [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\VMBusHID.sys -> [2009/07/14 00:42:44 | 00,021,760 | ---- | M] (Microsoft Corporation)

64bit-(discache) System Attribute Cache [Kernel | System | Running] -> C:\Windows\SysNative\drivers\discache.sys -> [2009/07/14 00:37:18 | 00,040,448 | ---- | M] (Microsoft Corporation)

64bit-(HidBatt) HID UPS Battery Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\hidbatt.sys -> [2009/07/14 00:31:06 | 00,026,624 | ---- | M] (Microsoft Corporation)

64bit-(CmBatt) Microsoft ACPI Control Method Battery Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\CmBatt.sys -> [2009/07/14 00:31:03 | 00,017,664 | ---- | M] (Microsoft Corporation)

64bit-(AcpiPmi) ACPI Power Meter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\acpipmi.sys -> [2009/07/14 00:27:17 | 00,012,288 | ---- | M] (Microsoft Corporation)

64bit-(CSC) Pilote Fichiers hors connexion [Kernel | System | Running] -> C:\Windows\SysNative\drivers\csc.sys -> [2009/07/14 00:24:27 | 00,514,048 | ---- | M] (Microsoft Corporation)

64bit-(AmdPPM) AMD Processor Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\amdppm.sys -> [2009/07/14 00:19:25 | 00,060,928 | ---- | M] (Microsoft Corporation)

64bit-(athr) Atheros Extensible Wireless LAN device driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\athrx.sys -> [2009/07/09 00:49:16 | 01,484,800 | ---- | M] (Atheros Communications, Inc.)

64bit-(ebdrv) Broadcom NetXtreme II 10 GigE VBD [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\evbda.sys -> [2009/06/10 21:34:33 | 03,286,016 | ---- | M] (Broadcom Corporation)

64bit-(b06bdrv) Broadcom NetXtreme II VBD [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\bxvbda.sys -> [2009/06/10 21:34:28 | 00,468,480 | ---- | M] (Broadcom Corporation)

64bit-(b57nd60a) Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0 [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\b57nd60a.sys -> [2009/06/10 21:34:23 | 00,270,848 | ---- | M] (Broadcom Corporation)

64bit-(hcw85cir) Hauppauge Consumer Infrared Receiver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\hcw85cir.sys -> [2009/06/10 21:31:59 | 00,031,232 | ---- | M] (Hauppauge Computer Works, Inc.)

64bit-(MTsensor) ATK0110 ACPI UTILITY [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\ASACPI.sys -> [2009/05/14 09:26:24 | 00,015,416 | ---- | M] ()

64bit-(mv61xx) mv61xx [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\mv61xx.sys -> [2009/05/11 23:49:10 | 00,178,728 | ---- | M] (Marvell Semiconductor, Inc.)

(CSC) Pilote Fichiers hors connexion [Kernel | System | Running] -> C:\Windows\CSC -> [2009/11/03 00:48:03 | 00,000,000 | ---D | M]

(WIMMount) WIMMount [File_System | On_Demand | Stopped] -> C:\Windows\SysWOW64\drivers\wimmount.sys -> [2009/07/14 02:19:10 | 00,019,008 | ---- | M] (Microsoft Corporation)

(WinUsb) WinUsb [Kernel | On_Demand | Stopped] -> C:\Windows\SysWOW64\winusb.dll -> [2009/07/14 02:16:19 | 00,016,896 | ---- | M] (Microsoft Corporation)

(NetBIOS) NetBIOS Interface [File_System | System | Running] -> C:\Windows\SysWOW64\netbios.dll -> [2009/07/14 02:16:02 | 00,014,336 | ---- | M] (Microsoft Corporation)

(mpsdrv) Pilote d’autorisation du Pare-feu Windows [Kernel | On_Demand | Running] -> C:\Windows\SysWOW64\wbem\mpsdrv.mof -> [2009/06/10 22:28:14 | 00,001,088 | ---- | M] ()

(Tcpip) Pilote du protocole TCP/IP [Kernel | Boot | Running] -> C:\Windows\SysWOW64\wbem\tcpip.mof -> [2009/06/10 22:15:18 | 00,003,066 | ---- | M] ()

(AsIO) AsIO [Kernel | System | Running] -> C:\Windows\SysWOW64\drivers\AsIO.sys -> [2007/12/17 17:14:14 | 00,014,392 | ---- | M] ()

 

[Registry - Safe List]

< 64bit-Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->

< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->

HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> C:\Windows\SysWOW64\blank.htm ->

< Internet Explorer Settings [HKEY_CURRENT_USER\] > -> ->

HKEY_CURRENT_USER\: Main\\"Start Page" -> http://fr.msn.com/ ->

HKEY_CURRENT_USER\: Main\\"Start Page Redirect Cache" -> http://fr.msn.com/?ocid=iehp ->

HKEY_CURRENT_USER\: Main\\"Start Page Redirect Cache AcceptLangs" -> fr ->

HKEY_CURRENT_USER\: Main\\"Start Page Redirect Cache_TIMESTAMP" -> B3 9F CB CE 18 5C CA 01 [binary data] ->

HKEY_CURRENT_USER\: "ProxyEnable" -> 0 ->

< FireFox Settings [Prefs.js] > -> C:\Users\ludo\AppData\Roaming\Mozilla\FireFox\Profiles\10vpgtbv.default\prefs.js ->

browser.startup.homepage -> "google.fr" ->

extensions.enabledItems -> {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.1 ->

extensions.enabledItems -> fdm_ffext@freedownloadmanager.org:1.3.4 ->

extensions.enabledItems -> linkfilter@kaspersky.ru:9.0.0.736 ->

extensions.enabledItems -> {B13721C7-F507-4982-B2E5-502A71474FED}:3.3.0.3971 ->

extensions.enabledItems -> {de5809e0-2b07-11dd-bd0b-0800200c9a66}:1.1.0 ->

extensions.enabledItems -> {BF32D2C8-9C75-404b-ACF4-880DB4679236}:2 ->

keyword.URL -> "http://www.bing.com/search?mkt=fr-FR&form=MIMWA5&q=" ->

< FireFox Settings [user.js] > -> C:\Users\ludo\AppData\Roaming\Mozilla\FireFox\Profiles\10vpgtbv.default\user.js ->

< FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla

HKLM\software\mozilla\Mozilla Firefox 3.5.6\extensions -> ->

HKLM\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Components -> C:\Program Files (x86)\Mozilla Firefox\components [C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\COMPONENTS] -> [2009/12/17 08:47:24 | 00,000,000 | ---D | M]

HKLM\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Plugins -> C:\Program Files (x86)\Mozilla Firefox\plugins [C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\PLUGINS] -> [2009/12/17 08:47:24 | 00,000,000 | ---D | M]

HKLM\software\mozilla\Thunderbird\Extensions -> ->

HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\THBExt [C:\PROGRAM FILES (X86)\KASPERSKY LAB\KASPERSKY INTERNET SECURITY 2010\THBEXT] -> [2009/11/22 16:06:58 | 00,000,000 | ---D | M]

< FireFox Extensions [user Folders] > ->

-> C:\Users\ludo\AppData\Roaming\mozilla\Extensions -> [2009/11/03 01:53:55 | 00,000,000 | ---D | M]

-> C:\Users\ludo\AppData\Roaming\mozilla\Firefox\Profiles\10vpgtbv.default\extensions -> [2009/12/21 01:50:16 | 00,000,000 | ---D | M]

FlashGot -> C:\Users\ludo\AppData\Roaming\mozilla\Firefox\Profiles\10vpgtbv.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34} -> [2009/12/08 09:48:11 | 00,000,000 | ---D | M]

Yahoo! Toolbar -> C:\Users\ludo\AppData\Roaming\mozilla\Firefox\Profiles\10vpgtbv.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} -> [2009/11/04 12:38:13 | 00,000,000 | ---D | M]

MushroomKingdom -> C:\Users\ludo\AppData\Roaming\mozilla\Firefox\Profiles\10vpgtbv.default\extensions\{BF32D2C8-9C75-404b-ACF4-880DB4679236} -> [2009/11/08 12:55:50 | 00,000,000 | ---D | M]

Gradient iCool -> C:\Users\ludo\AppData\Roaming\mozilla\Firefox\Profiles\10vpgtbv.default\extensions\{de5809e0-2b07-11dd-bd0b-0800200c9a66} -> [2009/11/08 12:56:47 | 00,000,000 | ---D | M]

< FireFox SearchPlugins [user Folders] > ->

bing.xml -> C:\Users\ludo\AppData\Roaming\Mozilla\FireFox\Profiles\10vpgtbv.default\searchplugins\bing.xml -> [2009/11/19 19:52:37 | 00,002,650 | ---- | M] ()

< FireFox Extensions [Program Folders] > ->

-> C:\Program Files (x86)\Mozilla Firefox\extensions -> [2009/12/15 14:50:43 | 00,000,000 | ---D | M]

-> C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru -> [2009/11/03 02:30:31 | 00,000,000 | ---D | M]

< HOSTS File > (824 bytes and 21 lines) -> C:\Windows\SysNative\Drivers\etc\hosts ->

Reset Hosts

< 64bit-BHO's [HKEY_LOCAL_MACHINE] > -> 64bit-HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->

{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} [HKLM] -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\x64\ievkbd.dll [iEVkbdBHO Class] -> [2009/10/20 19:39:12 | 00,061,456 | ---- | M] (Kaspersky Lab)

{E33CF602-D945-461A-83F0-819F76A199F8} [HKLM] -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\x64\klwtbbho.dll [FilterBHO Class] -> [2009/10/20 19:39:14 | 00,345,104 | ---- | M] (Kaspersky Lab)

< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->

{18DF081C-E8AD-4283-A596-FA578C2EBDC3} [HKLM] -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [Adobe PDF Link Helper] -> [2009/02/27 13:07:26 | 00,075,128 | ---- | M] (Adobe Systems Incorporated)

{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} [HKLM] -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll [iEVkbdBHO Class] -> [2009/10/20 19:34:50 | 00,068,112 | ---- | M] (Kaspersky Lab)

{5C255C8A-E604-49b4-9D64-90988571CECB} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found

{9030D464-4C02-4ABF-8ECC-5164760863C6} [HKLM] -> C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll [Programme d'aide de l'Assistant de connexion Windows Live] -> [2009/01/22 15:41:30 | 00,408,448 | ---- | M] (Microsoft Corporation)

{CC59E0F9-7E43-44FA-9FAA-8377850BF205} [HKLM] -> C:\Program Files (x86)\Free Download Manager\iefdm2.dll [FDMIECookiesBHO Class] -> [2008/12/30 01:03:26 | 00,098,304 | ---- | M] ()

{DBC80044-A445-435b-BC74-9C25C1C588A9} [HKLM] -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [Java Plug-In 2 SSV Helper] -> [2009/10/11 04:17:29 | 00,041,760 | ---- | M] (Sun Microsystems, Inc.)

{E33CF602-D945-461A-83F0-819F76A199F8} [HKLM] -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll [FilterBHO Class] -> [2009/10/20 19:34:56 | 00,268,816 | ---- | M] (Kaspersky Lab)

< 64bit-Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->

"RtHDVCpl" -> C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe] -> [2009/05/23 00:20:30 | 07,833,120 | ---- | M] (Realtek Semiconductor)

"Skytel" -> C:\Program Files\Realtek\Audio\HDA\Skytel.exe [C:\Program Files\Realtek\Audio\HDA\Skytel.exe] -> [2009/05/23 00:21:16 | 01,833,504 | ---- | M] (Realtek Semiconductor Corp.)

< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->

"Adobe ARM" -> C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe ["C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"] -> [2009/09/04 12:08:30 | 00,935,288 | R--- | M] (Adobe Systems Incorporated)

"Adobe Reader Speed Launcher" -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe ["C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"] -> [2009/10/03 04:08:38 | 00,035,696 | ---- | M] (Adobe Systems Incorporated)

"AVP" -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe ["C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe"] -> [2009/10/20 19:39:28 | 00,340,456 | ---- | M] (Kaspersky Lab)

"QuickTime Task" -> C:\Program Files (x86)\QuickTime\QTTask.exe ["C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime] -> [2009/11/10 23:08:18 | 00,417,792 | ---- | M] (Apple Inc.)

"SunJavaUpdateSched" -> C:\Program Files (x86)\Java\jre6\bin\jusched.exe ["C:\Program Files (x86)\Java\jre6\bin\jusched.exe"] -> [2009/10/11 04:17:36 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.)

< Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->

"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" -> C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe ["C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"] -> [2008/01/22 10:13:20 | 00,152,872 | ---- | M] (Nero AG)

"DAEMON Tools Lite" -> C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe ["C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun] -> [2009/10/30 12:57:08 | 00,369,200 | ---- | M] (DT Soft Ltd)

"media bore program mapi" -> C:\ProgramData\Phone Bash Extra.xou ["C:\ProgramData\Phone Bash Extra.xous8"] -> File not found

"msnmsgr" -> C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe ["C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background] -> [2009/07/26 16:44:52 | 03,883,856 | ---- | M] (Microsoft Corporation)

"PokeCreative" -> C:\ProgramData\FaceManagerManager.0t6 ["C:\ProgramData\FaceManagerManager.0t6cm5"] -> File not found

"Skype" -> C:\Program Files (x86)\Skype\Phone\Skype.exe ["C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized] -> [2009/10/09 13:11:12 | 25,623,336 | R--- | M] (Skype Technologies S.A.)

"Steam" -> c:\program files (x86)\steam\steam.exe ["c:\program files (x86)\steam\steam.exe" -silent] -> [2009/11/14 11:40:37 | 01,217,808 | ---- | M] (Valve Corporation)

< CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer

\\"NoActiveDesktop" -> [1] -> File not found

< CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System

\\"ConsentPromptBehaviorAdmin" -> [5] -> File not found

\\"ConsentPromptBehaviorUser" -> [3] -> File not found

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats

< 64bit-Internet Explorer Menu Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ ->

Ajouter à l'Anti-bannière -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm [C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm] -> [2009/10/20 19:22:54 | 00,001,452 | ---- | M] ()

Télécharger avec Free Download Manager -> C:\Program Files (x86)\Free Download Manager\dllink.htm [file://C:\Program Files (x86)\Free Download Manager\dllink.htm] -> [2007/06/02 12:25:02 | 00,002,140 | ---- | M] ()

Télécharger la sélection avec Free Download Manager -> C:\Program Files (x86)\Free Download Manager\dlselected.htm [file://C:\Program Files (x86)\Free Download Manager\dlselected.htm] -> [2007/06/02 12:25:02 | 00,000,463 | ---- | M] ()

Télécharger la vidéo avec Free Download Manager -> C:\Program Files (x86)\Free Download Manager\dlfvideo.htm [file://C:\Program Files (x86)\Free Download Manager\dlfvideo.htm] -> [2007/07/27 00:34:42 | 00,001,706 | ---- | M] ()

Tout télécharger avec Free Download Manager -> C:\Program Files (x86)\Free Download Manager\dlall.htm [file://C:\Program Files (x86)\Free Download Manager\dlall.htm] -> [2007/06/02 12:25:02 | 00,000,893 | ---- | M] ()

< Internet Explorer Menu Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ ->

Ajouter à l'Anti-bannière -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm [C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm] -> [2009/10/20 19:22:54 | 00,001,452 | ---- | M] ()

Télécharger avec Free Download Manager -> C:\Program Files (x86)\Free Download Manager\dllink.htm [file://C:\Program Files (x86)\Free Download Manager\dllink.htm] -> [2007/06/02 12:25:02 | 00,002,140 | ---- | M] ()

Télécharger la sélection avec Free Download Manager -> C:\Program Files (x86)\Free Download Manager\dlselected.htm [file://C:\Program Files (x86)\Free Download Manager\dlselected.htm] -> [2007/06/02 12:25:02 | 00,000,463 | ---- | M] ()

Télécharger la vidéo avec Free Download Manager -> C:\Program Files (x86)\Free Download Manager\dlfvideo.htm [file://C:\Program Files (x86)\Free Download Manager\dlfvideo.htm] -> [2007/07/27 00:34:42 | 00,001,706 | ---- | M] ()

Tout télécharger avec Free Download Manager -> C:\Program Files (x86)\Free Download Manager\dlall.htm [file://C:\Program Files (x86)\Free Download Manager\dlall.htm] -> [2007/06/02 12:25:02 | 00,000,893 | ---- | M] ()

< 64bit-Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->

{4248FE82-7FCB-46AC-B270-339F08212110}:{4248FE82-7FCB-46AC-B270-339F08212110} [HKLM] -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\x64\klwtbbho.dll [button: Clavier &virtuel] -> [2009/10/20 19:39:14 | 00,345,104 | ---- | M] (Kaspersky Lab)

{CCF151D8-D089-449F-A5A4-D9909053F20F}:{CCF151D8-D089-449F-A5A4-D9909053F20F} [HKLM] -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\x64\klwtbbho.dll [button: Analyse des &liens] -> [2009/10/20 19:39:14 | 00,345,104 | ---- | M] (Kaspersky Lab)

< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->

{4248FE82-7FCB-46AC-B270-339F08212110}:{4248FE82-7FCB-46AC-B270-339F08212110} [HKLM] -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll [button: Clavier &virtuel] -> [2009/10/20 19:34:56 | 00,268,816 | ---- | M] (Kaspersky Lab)

{CCF151D8-D089-449F-A5A4-D9909053F20F}:{CCF151D8-D089-449F-A5A4-D9909053F20F} [HKLM] -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll [button: Analyse des &liens] -> [2009/10/20 19:34:56 | 00,268,816 | ---- | M] (Kaspersky Lab)

< 64bit-Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ ->

PluginsPageFriendlyName -> Microsoft ActiveX Gallery ->

PluginsPage -> http://activex.microsoft.com/controls/find...=%s&mime=%s ->

< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ ->

< 64bit-Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix

"" -> http://

< Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix

"" -> http://

< 64bit-Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->

< 64bit-Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->

< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->

< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->

< Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->

< Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->

< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->

{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab [Java Plug-in 1.6.0_17] ->

{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab [Java Plug-in 1.6.0_17] ->

{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab [Java Plug-in 1.6.0_17] ->

{D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab [shockwave Flash Object] ->

< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ ->

DhcpNameServer -> 192.168.1.1 192.168.1.1 ->

< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ ->

{FE9F6D9A-6519-4C5B-ACE7-25C9D3EB431A}\\DhcpNameServer -> 192.168.1.1 192.168.1.1 (D-Link AirPlus DWL-G520 Wireless PCI Adapter(rev.B)) ->

< 64bit-AppInit_DLLs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs ->

64bit-*AppInit_DLLs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls ->

C:\PROGRA~2\KASPER~1\KASPER~1\x64\sbhook64.dll -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\x64\sbhook64.dll -> [2009/11/06 23:09:24 | 00,069,648 | ---- | M] (Kaspersky Lab)

C:\PROGRA~2\KASPER~1\KASPER~1\x64\kloehk.dll -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\x64\kloehk.dll -> [2009/11/06 23:09:18 | 00,015,376 | ---- | M] (Kaspersky Lab)

*MultiFile Done* -> ->

< AppInit_DLLs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs ->

*AppInit_DLLs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls ->

C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\mzvkbd3.dll -> [2009/11/06 23:04:36 | 00,109,072 | ---- | M] (Kaspersky Lab)

C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\sbhook.dll -> [2009/11/06 23:04:38 | 00,072,208 | ---- | M] (Kaspersky Lab)

*MultiFile Done* -> ->

< 64bit-Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->

64bit-*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell ->

explorer.exe -> C:\Windows\explorer.exe -> [2009/08/03 07:17:37 | 02,868,224 | ---- | M] (Microsoft Corporation)

*MultiFile Done* -> ->

64bit-*VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet ->

SystemPropertiesPerformance.exe -> C:\Windows\SysNative\SystemPropertiesPerformance.exe -> [2009/07/14 02:39:47 | 00,082,432 | ---- | M] (Microsoft Corporation)

/pagefile -> -> File not found

*MultiFile Done* -> ->

< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->

*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell ->

explorer.exe -> C:\Windows\SysWow64\explorer.exe -> [2009/08/03 06:35:50 | 02,613,248 | ---- | M] (Microsoft Corporation)

*MultiFile Done* -> ->

*VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet ->

SystemPropertiesPerformance.exe -> C:\Windows\SysWow64\SystemPropertiesPerformance.exe -> [2009/07/14 02:14:42 | 00,081,920 | ---- | M] (Microsoft Corporation)

/pagefile -> -> File not found

*MultiFile Done* -> ->

< 64bit-Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ ->

klogon -> C:\Windows\SysNative\klogon.dll -> [2009/10/20 19:39:14 | 00,224,272 | ---- | M] (Kaspersky Lab)

< 64bit-SSODL [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad ->

"{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" [HKLM] -> Reg Error: Key error. [WebCheck] -> File not found

< SSODL [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad ->

"{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" [HKLM] -> Reg Error: Key error. [WebCheck] -> File not found

< LSA Security Packages [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Security Packages ->

64bit-*LSA Security Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Security Packages ->

pku2u -> C:\Windows\SysNative\pku2u.dll -> [2009/07/14 02:41:53 | 00,240,640 | ---- | M] (Microsoft Corporation)

*MultiFile Done* -> ->

*LSA Security Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Security Packages ->

pku2u -> C:\Windows\SysWow64\pku2u.dll -> [2009/07/14 02:16:12 | 00,186,880 | ---- | M] (Microsoft Corporation)

*MultiFile Done* -> ->

< Vista Active Firewall Rules > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules ->

{00E2F448-34F5-4E1D-9F8F-29866BD3D8CF} -> rport=2177 | profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31265 | app=%systemroot%\system32\svchost.exe | svc=qwave |

{02EDEDCC-6C49-4720-BCF2-751AE4994C9E} -> lport=1900 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31269 | app=%systemroot%\system32\svchost.exe | svc=ssdpsrv |

{0D9DE570-7A6A-46BE-9241-18A3908C758A} -> lport=2177 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-31261 | app=%systemroot%\system32\svchost.exe | svc=qwave |

{12861187-6E47-43D3-8269-CB8D55CEE12F} -> lport=139 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28503 | app=system |

{1B1971B8-F33A-4D02-8174-622B895AF94E} -> rport=5355 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-28550 | app=%systemroot%\system32\svchost.exe | svc=dnscache |

{20D49537-8C99-42B9-8D70-4CFF22D3E539} -> lport=137 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-28519 | app=system |

{252D6EF2-653E-4A1D-B6F6-4C794CD85096} -> rport=138 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-28531 | app=system |

{2795051D-E54A-4920-83DA-2D61153FE501} -> rport=445 | profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-28515 | app=system |

{28CCE564-1B99-4257-9CCC-A417967DFE1F} -> lport=5355 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-28548 | app=%systemroot%\system32\svchost.exe | svc=dnscache |

{29F577A1-8F05-4B6D-BE25-25A3AD49232C} -> rport=137 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-28523 | app=system |

{46733CF9-9713-4CC6-8E46-4058E9FDCB52} -> lport=2869 | protocol=6 | dir=in | action=allow | name=windows live messenger (upnp-in) | app=system |

{5016D292-7189-4D61-8784-167B7F0F46A2} -> rport=10243 | profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31289 | app=system |

{61C3117C-6596-4C25-A92E-0DD03C023827} -> rport=1900 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31273 | app=%systemroot%\system32\svchost.exe | svc=ssdpsrv |

{6F69AF0D-8EC4-4E22-9005-6425F369C489} -> lport=445 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28511 | app=system |

{701E5DD2-83F5-42BA-9CF4-8FC9E2A07CB8} -> lport=rpc | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28535 | app=%systemroot%\system32\spoolsv.exe | svc=spooler |

{9A549675-7411-4E90-B8F1-B68B9BBECD70} -> rport=139 | profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-28507 | app=system |

{A51D7FF4-1B5C-411A-BE34-69EF154662AD} -> lport=10243 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-31285 | app=system |

{C2353D3E-8A46-43A7-9863-3B8D793DB2E0} -> lport=5355 | profile=public | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-28548 | app=%systemroot%\system32\svchost.exe | svc=dnscache |

{CDEA38DD-10B9-44BB-AD60-7DA881E5322D} -> lport=rpc-epmap | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28539 | svc=rpcss |

{E2FA41EF-8464-41AD-ACC8-C2A41B163AF3} -> lport=1900 | protocol=17 | dir=in | action=allow | name=windows live messenger (ssdp-in) | app=svchost.exe | svc=ssdpsrv |

{EFB6F8E4-EE9F-4C2D-ADF7-C0E77F76B38C} -> lport=2177 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31253 | app=%systemroot%\system32\svchost.exe | svc=qwave |

{F2C04BC1-92CA-4030-A013-214E2DCD8D64} -> lport=2869 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-31277 | app=system |

{F8D2AA99-CF70-4028-A122-BD75CBE98E7F} -> rport=2177 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31257 | app=%systemroot%\system32\svchost.exe | svc=qwave |

{FAD2AF60-44BE-478A-8394-9E91DE12EECC} -> lport=138 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-28527 | app=system |

{FD63499A-E876-43B8-8022-523D94B6CB9B} -> rport=5355 | profile=public | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-28550 | app=%systemroot%\system32\svchost.exe | svc=dnscache |

< Vista Active Application Exception Rules > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules ->

{0884FD1C-B31E-47B3-9511-6843F5D53803} -> profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31003 | app=%programfiles%\windows media player\wmplayer.exe |

{1340617C-B8D3-4D41-9E17-B43CD60CE681} -> profile=private | protocol=17 | dir=in | action=allow | name=dragon age origins jeu | app=c:\program files (x86)\dragon age\bin_ship\daorigins.exe |

{1D75079C-943E-406C-A4A8-768D80977380} -> profile=private | protocol=6 | dir=in | action=allow | name=empire: total war | app=c:\program files (x86)\steam\steamapps\common\empire total war\empire.exe |

{1EAC83BF-FF96-4D3C-BE98-61ADAC8D7AAD} -> profile=private | protocol=6 | dir=in | action=allow | name=cities xl | app=c:\program files (x86)\steam\steamapps\common\cities xl\runme.exe |

{20CC5C4C-C743-4C77-857D-C02FBDCDE5E0} -> profile=private | protocol=6 | dir=in | action=allow | name=dragon age origins lanceur | app=c:\program files (x86)\dragon age\daoriginslauncher.exe |

{26C75E80-7793-456E-92B6-6267F900659F} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31281 | app=system |

{274E6B5B-2994-402D-9662-E80A27C36C0C} -> profile=private | protocol=17 | dir=in | action=allow | name=cities xl | app=c:\program files (x86)\steam\steamapps\common\cities xl\runme.exe |

{27CB2AC2-4035-4BE7-9778-E4E04A4D8BA1} -> profile=private | protocol=17 | dir=in | action=allow | name=call of duty: modern warfare 2 | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |

{281A2C56-F462-4AB0-8BD4-9A3CF8394162} -> profile=private | protocol=6 | dir=in | action=allow | name=pnkbstra | app=c:\windows\syswow64\pnkbstra.exe |

{2EC4AAE5-570A-4055-8123-F7F179C1DA87} -> protocol=58 | dir=out | action=allow | name=@iphlpsvc.dll,-503 |

{3A4489A7-9C38-4899-90BC-E4F8BA260A78} -> profile=private | protocol=17 | dir=in | action=allow | name=empire: total war | app=c:\program files (x86)\steam\steamapps\common\empire total war\empire.exe |

{3FC6A310-8820-4729-A21D-D8CEB19A0E65} -> profile=private | protocol=17 | dir=in | action=allow | name=dragon age origins application de mise à jour | app=c:\program files (x86)\dragon age\bin_ship\daupdatersvc.service.exe |

{407989EC-4205-40E8-8DEC-60865278207D} -> profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-31313 | app=%programfiles%\windows media player\wmpnetwk.exe |

{41EBC11B-6968-400F-9CE1-E13B3CC6479F} -> profile=private | protocol=17 | dir=in | action=allow | name=dragon age origins lanceur | app=c:\program files (x86)\dragon age\daoriginslauncher.exe |

{44B69706-3FB9-4629-BFAE-40CCE6B0F962} -> profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31007 | app=%programfiles%\windows media player\wmplayer.exe |

{46D746A2-4941-4AE6-85E2-12F925125E4C} -> profile=private | protocol=58 | dir=in | action=allow | name=@firewallapi.dll,-28545 |

{48B7A752-0471-4264-B6D4-492E7EF283F9} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31301 | app=%programfiles%\windows media player\wmplayer.exe |

{56F52D92-180D-4C00-8A25-7EC5B882778D} -> protocol=58 | dir=in | action=allow | name=@iphlpsvc.dll,-502 | app=system |

{601F058F-72AD-46A2-9877-42670C2F9B58} -> dir=in | action=allow | name=skype | app=c:\program files (x86)\skype\phone\skype.exe |

{60C45A65-D787-49CA-95BE-0C175E81EA09} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31011 | app=%programfiles%\windows media player\wmplayer.exe |

{619FC088-B246-43D9-B99C-41CCA35137D5} -> profile=private | protocol=58 | dir=out | action=allow | name=@firewallapi.dll,-28546 |

{679A92C8-E014-44FE-B58B-130AA25676AE} -> profile=private | protocol=6 | dir=in | action=allow | name=anno 1404 web | app=c:\program files (x86)\ubisoft\related designs\anno 1404\tools\anno4web.exe |

{689403BF-AD5F-4376-9B6E-7D6989D71359} -> profile=private | protocol=6 | dir=in | action=allow | name=call of duty® 4 - modern warfare | app=c:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe |

{6ECA3E47-C9A6-44F7-A84D-69D50BCA11E2} -> profile=private | protocol=17 | dir=in | action=allow | name=anno 1404 | app=c:\program files (x86)\ubisoft\related designs\anno 1404\anno4.exe |

{76870D1D-4425-41C4-871A-77F0D939FD94} -> profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31297 | app=%programfiles%\windows media player\wmplayer.exe |

{78BEB4B1-5464-47CD-8630-3247BEC99AC9} -> dir=in | action=allow | name=windows live messenger | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |

{7FE27E34-6AAD-4A60-84C4-585904DBA32F} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31025 | app=%programfiles(x86)%\windows media player\wmplayer.exe |

{8277F05A-7D56-4E62-874E-8104D18E1969} -> profile=private | protocol=17 | dir=in | action=allow | name=call of duty: modern warfare 2 - multiplayer | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |

{870A7AE1-891D-469A-9A42-25CA062BE9C6} -> dir=in | action=allow | name=windows live call | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |

{8974D1A6-382E-42A5-AE9B-4CE1EC52C8A4} -> profile=private | protocol=6 | dir=in | action=allow | name=dragon age origins application de mise à jour | app=c:\program files (x86)\dragon age\bin_ship\daupdatersvc.service.exe |

{907B5358-D610-4C9B-B6AB-5CB15AF8D8AF} -> profile=private | protocol=6 | dir=in | action=allow | name=steam | app=c:\program files (x86)\steam\steam.exe |

{943C27CB-DB95-49F3-8E6E-B345C6C4AA4D} -> profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31309 | app=%programfiles%\windows media player\wmpnetwk.exe |

{9647084E-8BAF-45EA-B938-1E37F1F7E84C} -> profile=private | protocol=6 | dir=in | action=allow | name=call of duty® - world at war | app=c:\program files (x86)\activision\call of duty - world at war\codwaw.exe |

{96A46AA9-9C01-4911-9C24-A4AF027865F7} -> profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31305 | app=%programfiles%\windows media player\wmpnetwk.exe |

{98AFA521-A34D-4A23-B788-1631FB7CCE89} -> profile=private | protocol=17 | dir=in | action=allow | name=call of duty® - world at war | app=c:\program files (x86)\activision\call of duty - world at war\codwawmp.exe |

{9A8DF90D-5E83-4609-9060-1F7DCA44DF69} -> profile=private | protocol=17 | dir=in | action=allow | name=steam | app=c:\program files (x86)\steam\steam.exe |

{9D789E2C-3134-4918-9A14-325511F0B846} -> profile=private | protocol=1 | dir=in | action=allow | name=@firewallapi.dll,-28543 |

{A300B733-1D9A-40A7-BC9E-440808ABAD08} -> profile=private | protocol=17 | dir=in | action=allow | name=call of duty® 4 - modern warfare | app=c:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe |

{A70A9811-0391-4EA4-AB33-611EB2273300} -> profile=private | protocol=6 | dir=in | action=allow | name=anno 1404 | app=c:\program files (x86)\ubisoft\related designs\anno 1404\anno4.exe |

{AEF9CC95-1EC0-49C5-A8AF-12EC0D56D07B} -> profile=private | protocol=6 | dir=in | action=allow | name=call of duty: modern warfare 2 - multiplayer | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |

{B4CC1A85-278A-4E8B-A554-DC2546CF6E76} -> profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31024 | app=%programfiles(x86)%\windows media player\wmplayer.exe |

{CE96F219-FBD9-4278-B3A7-FD34D3F4C1A4} -> profile=private | protocol=17 | dir=in | action=allow | name=anno 1404 web | app=c:\program files (x86)\ubisoft\related designs\anno 1404\tools\anno4web.exe |

{CEC08C00-8878-4D68-BAB2-14668B87BA5C} -> profile=private | protocol=1 | dir=out | action=allow | name=@firewallapi.dll,-28544 |

{D014C908-6A69-4CB3-BD8A-922AD65B01BD} -> profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31293 | app=%programfiles%\windows media player\wmplayer.exe |

{D2CD2AA8-ACAF-473B-9D5A-FB9491F8BAEA} -> profile=private | protocol=6 | dir=in | action=allow | name=dragon age origins jeu | app=c:\program files (x86)\dragon age\bin_ship\daorigins.exe |

{D565E5FE-F069-417E-B385-8B87A5DC4B51} -> profile=private | protocol=6 | dir=in | action=allow | name=call of duty: modern warfare 2 | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |

{D97309A5-BB05-4624-9075-F788F965E138} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31317 | app=%programfiles%\windows media player\wmpnetwk.exe |

{E3C4AC12-1676-4E5F-94BE-BC4C9820F713} -> profile=private | protocol=6 | dir=in | action=allow | name=call of duty® - world at war | app=c:\program files (x86)\activision\call of duty - world at war\codwawmp.exe |

{E655FA48-C2C1-4A76-8945-043C2E373BB5} -> profile=private | protocol=17 | dir=in | action=allow | name=pnkbstrb | app=c:\windows\syswow64\pnkbstrb.exe |

{F4CFEDFD-FB20-4AE0-9BE9-22FD3C542AAC} -> profile=private | protocol=17 | dir=in | action=allow | name=call of duty® - world at war | app=c:\program files (x86)\activision\call of duty - world at war\codwaw.exe |

{F8283F76-E508-4D7E-A1CB-83CB4E6303DF} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31321 | app=%systemroot%\system32\svchost.exe | svc=upnphost |

{F97CA32E-B759-41B1-924F-B17D7F764D77} -> profile=private | protocol=17 | dir=in | action=allow | name=pnkbstra | app=c:\windows\syswow64\pnkbstra.exe |

{FC0B2032-E51F-4FA5-9254-F3AF48A819F7} -> profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31023 | app=%programfiles(x86)%\windows media player\wmplayer.exe |

{FEB176D4-EAEE-4056-A564-5CFD271F0B42} -> profile=private | protocol=6 | dir=in | action=allow | name=pnkbstrb | app=c:\windows\syswow64\pnkbstrb.exe |

TCP Query User{010F37E8-E052-41F6-B3F0-AECF4E89C919}C:\program files (x86)\free download manager\fdm.exe -> profile=private | protocol=6 | dir=in | action=allow | name=free download manager | app=c:\program files (x86)\free download manager\fdm.exe |

TCP Query User{7C2ABF46-3753-4445-BD86-58D262E329CD}C:\program files (x86)\steam\steamapps\common\left 4 dead 2 demo\left4dead2.exe -> profile=private | protocol=6 | dir=in | action=allow | name=left4dead2 | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2 demo\left4dead2.exe |

UDP Query User{33B75B18-0A28-47CB-895C-56ACACEC4AC3}C:\program files (x86)\steam\steamapps\common\left 4 dead 2 demo\left4dead2.exe -> profile=private | protocol=17 | dir=in | action=allow | name=left4dead2 | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2 demo\left4dead2.exe |

UDP Query User{E8BCAABB-A985-4FDF-B109-A603BDA1496A}C:\program files (x86)\free download manager\fdm.exe -> profile=private | protocol=17 | dir=in | action=allow | name=free download manager | app=c:\program files (x86)\free download manager\fdm.exe |

< SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot ->

< CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom ->

"AutoRun" -> 1 ->

"DisplayName" -> Pilote de CD-ROM ->

"ImagePath" -> C:\Windows\SysNative\drivers\cdrom.sys [system32\DRIVERS\cdrom.sys] -> [2009/07/14 00:19:54 | 00,147,456 | ---- | M] (Microsoft Corporation)

< MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 ->

\{9cc04a7f-daa5-11de-a7e8-002354341491}

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9cc04a7f-daa5-11de-a7e8-002354341491}\shell

\{9cc04a7f-daa5-11de-a7e8-002354341491}\shell\\"" -> [AutoRun] -> File not found

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9cc04a7f-daa5-11de-a7e8-002354341491}\shell\AutoRun\command

\{9cc04a7f-daa5-11de-a7e8-002354341491}\shell\AutoRun\command\\"" -> F:\Autorun.exe [F:\Autorun.exe] -> File not found

< Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command ->

64bit-comfile [open] -> "%1" %* -> File not found

64bit-exefile [open] -> "%1" %* -> File not found

comfile [open] -> "%1" %* ->

exefile [open] -> "%1" %* ->

 

 

[Files/Folders - Created Within 30 Days]

Malwarebytes -> C:\Users\ludo\AppData\Roaming\Malwarebytes -> [2009/12/21 20:11:49 | 00,000,000 | ---D | C]

mbamswissarmy.sys -> C:\Windows\SysWow64\drivers\mbamswissarmy.sys -> [2009/12/21 20:11:46 | 00,038,224 | ---- | C] (Malwarebytes Corporation)

mbam.sys -> C:\Windows\SysNative\drivers\mbam.sys -> [2009/12/21 20:11:45 | 00,022,104 | ---- | C] (Malwarebytes Corporation)

Malwarebytes' Anti-Malware -> C:\Program Files (x86)\Malwarebytes' Anti-Malware -> [2009/12/21 20:11:45 | 00,000,000 | ---D | C]

Malwarebytes -> C:\ProgramData\Malwarebytes -> [2009/12/21 20:11:45 | 00,000,000 | ---D | C]

trend micro -> C:\Program Files (x86)\trend micro -> [2009/12/21 14:04:52 | 00,000,000 | ---D | C]

rsit -> C:\rsit -> [2009/12/21 14:04:51 | 00,000,000 | ---D | C]

{CFBD8779-FAAB-4357-84F2-1EC8619FADA6} -> C:\ProgramData\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6} -> [2009/12/21 01:47:04 | 00,000,000 | -H-D | C]

Lavasoft -> C:\ProgramData\Lavasoft -> [2009/12/21 01:47:02 | 00,000,000 | ---D | C]

Lavasoft -> C:\Program Files (x86)\Lavasoft -> [2009/12/21 01:47:02 | 00,000,000 | ---D | C]

a -> C:\Program Files (x86)\a -> [2009/12/21 01:36:58 | 00,000,000 | ---D | C]

Anno 1404 -> C:\Users\ludo\Documents\Anno 1404 -> [2009/12/19 02:08:19 | 00,000,000 | ---D | C]

Ubisoft -> C:\Users\ludo\AppData\Roaming\Ubisoft -> [2009/12/16 18:04:09 | 00,000,000 | ---D | C]

Tages -> C:\ProgramData\Tages -> [2009/12/16 18:00:06 | 00,000,000 | ---D | C]

Ubisoft -> C:\Program Files (x86)\Ubisoft -> [2009/12/15 17:12:28 | 00,000,000 | ---D | C]

skypePM -> C:\Users\ludo\AppData\Roaming\skypePM -> [2009/12/15 14:57:26 | 00,000,000 | ---D | C]

Skype -> C:\Users\ludo\AppData\Roaming\Skype -> [2009/12/15 14:50:51 | 00,000,000 | ---D | C]

Skype -> C:\Program Files (x86)\Skype -> [2009/12/15 14:50:32 | 00,000,000 | R--D | C]

Skype -> C:\Program Files (x86)\Common Files\Skype -> [2009/12/15 14:50:32 | 00,000,000 | ---D | C]

Skype -> C:\ProgramData\Skype -> [2009/12/15 14:50:30 | 00,000,000 | ---D | C]

javaws.exe -> C:\Windows\SysWow64\javaws.exe -> [2009/12/13 16:37:24 | 00,149,280 | ---- | C] (Sun Microsystems, Inc.)

javaw.exe -> C:\Windows\SysWow64\javaw.exe -> [2009/12/13 16:37:24 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.)

java.exe -> C:\Windows\SysWow64\java.exe -> [2009/12/13 16:37:24 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.)

LogMeIn Hamachi -> C:\Users\ludo\AppData\Local\LogMeIn Hamachi -> [2009/12/09 18:14:50 | 00,000,000 | ---D | C]

LogMeIn Hamachi -> C:\Program Files (x86)\LogMeIn Hamachi -> [2009/12/09 18:14:38 | 00,000,000 | ---D | C]

MSXML 4.0 -> C:\Program Files (x86)\MSXML 4.0 -> [2009/12/09 11:50:06 | 00,000,000 | ---D | C]

msfeedsbs.dll -> C:\Windows\SysNative\msfeedsbs.dll -> [2009/12/09 11:48:15 | 00,082,944 | ---- | C] (Microsoft Corporation)

msfeedsbs.dll -> C:\Windows\SysWow64\msfeedsbs.dll -> [2009/12/09 11:48:15 | 00,064,512 | ---- | C] (Microsoft Corporation)

Ahead -> C:\Users\ludo\AppData\Local\Ahead -> [2009/12/08 17:03:20 | 00,000,000 | ---D | C]

Ahead -> C:\Users\ludo\AppData\Roaming\Ahead -> [2009/12/08 17:02:08 | 00,000,000 | ---D | C]

Ahead -> C:\ProgramData\Ahead -> [2009/12/08 17:01:57 | 00,000,000 | ---D | C]

Nero -> C:\ProgramData\Nero -> [2009/12/08 17:01:19 | 00,000,000 | ---D | C]

Nero -> C:\Program Files (x86)\Nero -> [2009/12/08 17:01:19 | 00,000,000 | ---D | C]

Ahead -> C:\Program Files (x86)\Common Files\Ahead -> [2009/12/08 17:01:19 | 00,000,000 | ---D | C]

dvdcss -> C:\Users\ludo\AppData\Roaming\dvdcss -> [2009/12/07 20:12:46 | 00,000,000 | ---D | C]

My Games -> C:\Users\ludo\Documents\My Games -> [2009/12/03 16:58:40 | 00,000,000 | ---D | C]

jeux -> C:\Users\ludo\Desktop\jeux -> [2009/12/03 16:08:55 | 00,000,000 | ---D | C]

CCleaner -> C:\Program Files (x86)\CCleaner -> [2009/11/30 19:07:26 | 00,000,000 | ---D | C]

vlc -> C:\Users\ludo\AppData\Roaming\vlc -> [2009/11/30 18:34:00 | 00,000,000 | ---D | C]

BioWare -> C:\Users\ludo\Documents\BioWare -> [2009/11/30 12:46:00 | 00,000,000 | ---D | C]

AGEIA Technologies -> C:\Program Files (x86)\AGEIA Technologies -> [2009/11/30 12:39:29 | 00,000,000 | ---D | C]

AGEIA -> C:\Windows\SysWow64\AGEIA -> [2009/11/30 12:39:29 | 00,000,000 | ---D | C]

Wise Installation Wizard -> C:\Program Files (x86)\Common Files\Wise Installation Wizard -> [2009/11/30 12:39:24 | 00,000,000 | ---D | C]

Media Center Programs -> C:\ProgramData\Media Center Programs -> [2009/11/30 12:39:17 | 00,000,000 | ---D | C]

Dragon Age -> C:\Program Files (x86)\Dragon Age -> [2009/11/30 12:31:06 | 00,000,000 | ---D | C]

BioWare -> C:\Program Files (x86)\Common Files\BioWare -> [2009/11/30 12:31:06 | 00,000,000 | ---D | C]

XAudio2_5.dll -> C:\Windows\SysNative\XAudio2_5.dll -> [2009/11/26 17:39:39 | 00,517,960 | ---- | C] (Microsoft Corporation)

XAudio2_5.dll -> C:\Windows\SysWow64\XAudio2_5.dll -> [2009/11/26 17:39:39 | 00,515,416 | ---- | C] (Microsoft Corporation)

xactengine3_5.dll -> C:\Windows\SysWow64\xactengine3_5.dll -> [2009/11/26 17:39:38 | 00,238,936 | ---- | C] (Microsoft Corporation)

xactengine3_5.dll -> C:\Windows\SysNative\xactengine3_5.dll -> [2009/11/26 17:39:38 | 00,176,968 | ---- | C] (Microsoft Corporation)

d3dcsx_42.dll -> C:\Windows\SysNative\d3dcsx_42.dll -> [2009/11/26 17:39:37 | 05,554,512 | ---- | C] (Microsoft Corporation)

d3dcsx_42.dll -> C:\Windows\SysWow64\d3dcsx_42.dll -> [2009/11/26 17:39:37 | 05,501,792 | ---- | C] (Microsoft Corporation)

D3DCompiler_42.dll -> C:\Windows\SysNative\D3DCompiler_42.dll -> [2009/11/26 17:39:37 | 02,582,888 | ---- | C] (Microsoft Corporation)

D3DCompiler_42.dll -> C:\Windows\SysWow64\D3DCompiler_42.dll -> [2009/11/26 17:39:37 | 01,974,616 | ---- | C] (Microsoft Corporation)

d3dx11_42.dll -> C:\Windows\SysNative\d3dx11_42.dll -> [2009/11/26 17:39:36 | 00,285,024 | ---- | C] (Microsoft Corporation)

d3dx11_42.dll -> C:\Windows\SysWow64\d3dx11_42.dll -> [2009/11/26 17:39:36 | 00,235,344 | ---- | C] (Microsoft Corporation)

d3dx10_42.dll -> C:\Windows\SysNative\d3dx10_42.dll -> [2009/11/26 17:39:35 | 00,523,088 | ---- | C] (Microsoft Corporation)

d3dx10_42.dll -> C:\Windows\SysWow64\d3dx10_42.dll -> [2009/11/26 17:39:35 | 00,453,456 | ---- | C] (Microsoft Corporation)

D3DX9_42.dll -> C:\Windows\SysNative\D3DX9_42.dll -> [2009/11/26 17:39:34 | 02,475,352 | ---- | C] (Microsoft Corporation)

D3DX9_42.dll -> C:\Windows\SysWow64\D3DX9_42.dll -> [2009/11/26 17:39:34 | 01,892,184 | ---- | C] (Microsoft Corporation)

D3DCompiler_41.dll -> C:\Windows\SysNative\D3DCompiler_41.dll -> [2009/11/26 17:39:33 | 02,430,312 | ---- | C] (Microsoft Corporation)

D3DCompiler_41.dll -> C:\Windows\SysWow64\D3DCompiler_41.dll -> [2009/11/26 17:39:33 | 01,846,632 | ---- | C] (Microsoft Corporation)

d3dx10_41.dll -> C:\Windows\SysNative\d3dx10_41.dll -> [2009/11/26 17:39:33 | 00,520,544 | ---- | C] (Microsoft Corporation)

d3dx10_41.dll -> C:\Windows\SysWow64\d3dx10_41.dll -> [2009/11/26 17:39:33 | 00,453,456 | ---- | C] (Microsoft Corporation)

D3DX9_41.dll -> C:\Windows\SysNative\D3DX9_41.dll -> [2009/11/26 17:39:32 | 05,425,496 | ---- | C] (Microsoft Corporation)

D3DX9_41.dll -> C:\Windows\SysWow64\D3DX9_41.dll -> [2009/11/26 17:39:32 | 04,178,264 | ---- | C] (Microsoft Corporation)

XAudio2_4.dll -> C:\Windows\SysNative\XAudio2_4.dll -> [2009/11/26 17:39:32 | 00,521,560 | ---- | C] (Microsoft Corporation)

XAudio2_4.dll -> C:\Windows\SysWow64\XAudio2_4.dll -> [2009/11/26 17:39:32 | 00,517,448 | ---- | C] (Microsoft Corporation)

XAPOFX1_3.dll -> C:\Windows\SysNative\XAPOFX1_3.dll -> [2009/11/26 17:39:32 | 00,073,544 | ---- | C] (Microsoft Corporation)

XAPOFX1_3.dll -> C:\Windows\SysWow64\XAPOFX1_3.dll -> [2009/11/26 17:39:32 | 00,069,464 | ---- | C] (Microsoft Corporation)

xactengine3_4.dll -> C:\Windows\SysWow64\xactengine3_4.dll -> [2009/11/26 17:39:31 | 00,235,352 | ---- | C] (Microsoft Corporation)

xactengine3_4.dll -> C:\Windows\SysNative\xactengine3_4.dll -> [2009/11/26 17:39:31 | 00,174,936 | ---- | C] (Microsoft Corporation)

X3DAudio1_6.dll -> C:\Windows\SysNative\X3DAudio1_6.dll -> [2009/11/26 17:39:30 | 00,024,920 | ---- | C] (Microsoft Corporation)

X3DAudio1_6.dll -> C:\Windows\SysWow64\X3DAudio1_6.dll -> [2009/11/26 17:39:30 | 00,022,360 | ---- | C] (Microsoft Corporation)

D3DCompiler_40.dll -> C:\Windows\SysNative\D3DCompiler_40.dll -> [2009/11/26 17:39:29 | 02,605,920 | ---- | C] (Microsoft Corporation)

D3DCompiler_40.dll -> C:\Windows\SysWow64\D3DCompiler_40.dll -> [2009/11/26 17:39:29 | 02,036,576 | ---- | C] (Microsoft Corporation)

d3dx10_40.dll -> C:\Windows\SysNative\d3dx10_40.dll -> [2009/11/26 17:39:29 | 00,519,000 | ---- | C] (Microsoft Corporation)

d3dx10_40.dll -> C:\Windows\SysWow64\d3dx10_40.dll -> [2009/11/26 17:39:29 | 00,452,440 | ---- | C] (Microsoft Corporation)

D3DX9_40.dll -> C:\Windows\SysNative\D3DX9_40.dll -> [2009/11/26 17:39:28 | 05,631,312 | ---- | C] (Microsoft Corporation)

D3DX9_40.dll -> C:\Windows\SysWow64\D3DX9_40.dll -> [2009/11/26 17:39:28 | 04,379,984 | ---- | C] (Microsoft Corporation)

XAudio2_3.dll -> C:\Windows\SysNative\XAudio2_3.dll -> [2009/11/26 17:39:27 | 00,518,480 | ---- | C] (Microsoft Corporation)

XAudio2_3.dll -> C:\Windows\SysWow64\XAudio2_3.dll -> [2009/11/26 17:39:27 | 00,514,384 | ---- | C] (Microsoft Corporation)

xactengine3_3.dll -> C:\Windows\SysWow64\xactengine3_3.dll -> [2009/11/26 17:39:27 | 00,235,856 | ---- | C] (Microsoft Corporation)

xactengine3_3.dll -> C:\Windows\SysNative\xactengine3_3.dll -> [2009/11/26 17:39:27 | 00,175,440 | ---- | C] (Microsoft Corporation)

XAPOFX1_2.dll -> C:\Windows\SysNative\XAPOFX1_2.dll -> [2009/11/26 17:39:27 | 00,074,576 | ---- | C] (Microsoft Corporation)

XAPOFX1_2.dll -> C:\Windows\SysWow64\XAPOFX1_2.dll -> [2009/11/26 17:39:27 | 00,070,992 | ---- | C] (Microsoft Corporation)

X3DAudio1_5.dll -> C:\Windows\SysNative\X3DAudio1_5.dll -> [2009/11/26 17:39:26 | 00,025,936 | ---- | C] (Microsoft Corporation)

X3DAudio1_5.dll -> C:\Windows\SysWow64\X3DAudio1_5.dll -> [2009/11/26 17:39:26 | 00,023,376 | ---- | C] (Microsoft Corporation)

XAudio2_2.dll -> C:\Windows\SysNative\XAudio2_2.dll -> [2009/11/26 17:39:25 | 00,513,544 | ---- | C] (Microsoft Corporation)

XAudio2_2.dll -> C:\Windows\SysWow64\XAudio2_2.dll -> [2009/11/26 17:39:25 | 00,509,448 | ---- | C] (Microsoft Corporation)

XAPOFX1_1.dll -> C:\Windows\SysNative\XAPOFX1_1.dll -> [2009/11/26 17:39:25 | 00,072,200 | ---- | C] (Microsoft Corporation)

XAPOFX1_1.dll -> C:\Windows\SysWow64\XAPOFX1_1.dll -> [2009/11/26 17:39:25 | 00,068,616 | ---- | C] (Microsoft Corporation)

xactengine3_2.dll -> C:\Windows\SysWow64\xactengine3_2.dll -> [2009/11/26 17:39:24 | 00,238,088 | ---- | C] (Microsoft Corporation)

xactengine3_2.dll -> C:\Windows\SysNative\xactengine3_2.dll -> [2009/11/26 17:39:24 | 00,177,672 | ---- | C] (Microsoft Corporation)

D3DCompiler_39.dll -> C:\Windows\SysNative\D3DCompiler_39.dll -> [2009/11/26 17:39:23 | 01,942,552 | ---- | C] (Microsoft Corporation)

D3DCompiler_39.dll -> C:\Windows\SysWow64\D3DCompiler_39.dll -> [2009/11/26 17:39:23 | 01,493,528 | ---- | C] (Microsoft Corporation)

d3dx10_39.dll -> C:\Windows\SysNative\d3dx10_39.dll -> [2009/11/26 17:39:23 | 00,540,688 | ---- | C] (Microsoft Corporation)

d3dx10_39.dll -> C:\Windows\SysWow64\d3dx10_39.dll -> [2009/11/26 17:39:23 | 00,467,984 | ---- | C] (Microsoft Corporation)

D3DX9_39.dll -> C:\Windows\SysNative\D3DX9_39.dll -> [2009/11/26 17:39:22 | 04,992,520 | ---- | C] (Microsoft Corporation)

D3DX9_39.dll -> C:\Windows\SysWow64\D3DX9_39.dll -> [2009/11/26 17:39:22 | 03,851,784 | ---- | C] (Microsoft Corporation)

XAudio2_1.dll -> C:\Windows\SysNative\XAudio2_1.dll -> [2009/11/26 17:39:22 | 00,511,496 | ---- | C] (Microsoft Corporation)

XAPOFX1_0.dll -> C:\Windows\SysNative\XAPOFX1_0.dll -> [2009/11/26 17:39:22 | 00,068,104 | ---- | C] (Microsoft Corporation)

xactengine3_1.dll -> C:\Windows\SysWow64\xactengine3_1.dll -> [2009/11/26 17:39:21 | 00,238,088 | ---- | C] (Microsoft Corporation)

xactengine3_1.dll -> C:\Windows\SysNative\xactengine3_1.dll -> [2009/11/26 17:39:21 | 00,177,672 | ---- | C] (Microsoft Corporation)

X3DAudio1_4.dll -> C:\Windows\SysNative\X3DAudio1_4.dll -> [2009/11/26 17:39:21 | 00,028,168 | ---- | C] (Microsoft Corporation)

D3DX9_38.dll -> C:\Windows\SysNative\D3DX9_38.dll -> [2009/11/26 17:39:20 | 04,991,496 | ---- | C] (Microsoft Corporation)

D3DCompiler_38.dll -> C:\Windows\SysNative\D3DCompiler_38.dll -> [2009/11/26 17:39:20 | 01,941,528 | ---- | C] (Microsoft Corporation)

d3dx10_38.dll -> C:\Windows\SysNative\d3dx10_38.dll -> [2009/11/26 17:39:20 | 00,540,688 | ---- | C] (Microsoft Corporation)

XAudio2_0.dll -> C:\Windows\SysNative\XAudio2_0.dll -> [2009/11/26 17:39:19 | 00,489,480 | ---- | C] (Microsoft Corporation)

xactengine3_0.dll -> C:\Windows\SysWow64\xactengine3_0.dll -> [2009/11/26 17:39:19 | 00,238,088 | ---- | C] (Microsoft Corporation)

xactengine3_0.dll -> C:\Windows\SysNative\xactengine3_0.dll -> [2009/11/26 17:39:19 | 00,177,672 | ---- | C] (Microsoft Corporation)

X3DAudio1_3.dll -> C:\Windows\SysNative\X3DAudio1_3.dll -> [2009/11/26 17:39:19 | 00,028,168 | ---- | C] (Microsoft Corporation)

D3DCompiler_37.dll -> C:\Windows\SysNative\D3DCompiler_37.dll -> [2009/11/26 17:39:18 | 01,860,120 | ---- | C] (Microsoft Corporation)

DAEMON Tools Images -> C:\Users\Public\Documents\DAEMON Tools Images -> [2009/11/26 17:08:53 | 00,000,000 | ---D | C]

DAEMON Tools Lite -> C:\Program Files (x86)\DAEMON Tools Lite -> [2009/11/26 16:57:03 | 00,000,000 | ---D | C]

DAEMON Tools Lite -> C:\Users\ludo\AppData\Roaming\DAEMON Tools Lite -> [2009/11/26 16:56:47 | 00,000,000 | ---D | C]

DAEMON Tools Lite -> C:\ProgramData\DAEMON Tools Lite -> [2009/11/26 16:56:45 | 00,000,000 | ---D | C]

OpenOffice.org -> C:\Users\ludo\AppData\Roaming\OpenOffice.org -> [2009/11/25 18:20:00 | 00,000,000 | ---D | C]

tp info -> C:\Users\ludo\Desktop\tp info -> [2009/11/25 18:16:36 | 00,000,000 | ---D | C]

QuickTime -> C:\Program Files (x86)\QuickTime -> [2009/11/25 18:01:47 | 00,000,000 | ---D | C]

Apple Computer -> C:\ProgramData\Apple Computer -> [2009/11/25 18:01:47 | 00,000,000 | ---D | C]

Apple -> C:\Program Files (x86)\Common Files\Apple -> [2009/11/25 18:01:26 | 00,000,000 | ---D | C]

Apple -> C:\Users\ludo\AppData\Local\Apple -> [2009/11/25 18:01:21 | 00,000,000 | ---D | C]

Apple Software Update -> C:\Program Files (x86)\Apple Software Update -> [2009/11/25 18:01:20 | 00,000,000 | ---D | C]

Apple -> C:\ProgramData\Apple -> [2009/11/25 18:01:20 | 00,000,000 | ---D | C]

Adobe -> C:\Users\ludo\AppData\Local\Adobe -> [2009/11/24 12:26:51 | 00,000,000 | ---D | C]

Adobe -> C:\ProgramData\Adobe -> [2009/11/24 12:26:25 | 00,000,000 | ---D | C]

Adobe -> C:\Program Files (x86)\Common Files\Adobe -> [2009/11/24 12:26:24 | 00,000,000 | ---D | C]

Adobe -> C:\Program Files (x86)\Adobe -> [2009/11/24 12:26:24 | 00,000,000 | ---D | C]

Kaspersky Lab -> C:\Program Files (x86)\Kaspersky Lab -> [2009/11/22 16:06:53 | 00,000,000 | ---D | C]

klif.sys -> C:\Windows\SysNative\drivers\klif.sys -> [2009/11/22 16:06:49 | 00,353,296 | ---- | C] (Kaspersky Lab)

Kaspersky Lab Setup Files -> C:\ProgramData\Kaspersky Lab Setup Files -> [2009/11/22 15:13:14 | 00,000,000 | ---D | C]

Activision -> C:\Users\ludo\AppData\Local\Activision -> [2009/11/22 12:37:15 | 00,000,000 | ---D | C]

d3dx10_37.dll -> C:\Windows\SysNative\d3dx10_37.dll -> [2009/11/22 12:36:45 | 00,529,424 | ---- | C] (Microsoft Corporation)

D3DX9_37.dll -> C:\Windows\SysNative\D3DX9_37.dll -> [2009/11/22 12:36:44 | 04,910,088 | ---- | C] (Microsoft Corporation)

xactengine2_10.dll -> C:\Windows\SysNative\xactengine2_10.dll -> [2009/11/22 12:36:44 | 00,411,656 | ---- | C] (Microsoft Corporation)

xactengine2_10.dll -> C:\Windows\SysWow64\xactengine2_10.dll -> [2009/11/22 12:36:44 | 00,267,272 | ---- | C] (Microsoft Corporation)

D3DCompiler_36.dll -> C:\Windows\SysNative\D3DCompiler_36.dll -> [2009/11/22 12:36:43 | 02,006,552 | ---- | C] (Microsoft Corporation)

d3dx10_36.dll -> C:\Windows\SysNative\d3dx10_36.dll -> [2009/11/22 12:36:43 | 00,508,264 | ---- | C] (Microsoft Corporation)

d3dx9_36.dll -> C:\Windows\SysNative\d3dx9_36.dll -> [2009/11/22 12:36:42 | 05,081,608 | ---- | C] (Microsoft Corporation)

D3DCompiler_35.dll -> C:\Windows\SysNative\D3DCompiler_35.dll -> [2009/11/22 12:36:41 | 01,985,904 | ---- | C] (Microsoft Corporation)

d3dx10_35.dll -> C:\Windows\SysNative\d3dx10_35.dll -> [2009/11/22 12:36:41 | 00,508,264 | ---- | C] (Microsoft Corporation)

xactengine2_9.dll -> C:\Windows\SysNative\xactengine2_9.dll -> [2009/11/22 12:36:41 | 00,411,496 | ---- | C] (Microsoft Corporation)

xactengine2_9.dll -> C:\Windows\SysWow64\xactengine2_9.dll -> [2009/11/22 12:36:41 | 00,267,112 | ---- | C] (Microsoft Corporation)

d3dx9_35.dll -> C:\Windows\SysNative\d3dx9_35.dll -> [2009/11/22 12:36:40 | 05,073,256 | ---- | C] (Microsoft Corporation)

xactengine2_8.dll -> C:\Windows\SysNative\xactengine2_8.dll -> [2009/11/22 12:36:39 | 00,409,960 | ---- | C] (Microsoft Corporation)

xactengine2_8.dll -> C:\Windows\SysWow64\xactengine2_8.dll -> [2009/11/22 12:36:39 | 00,266,088 | ---- | C] (Microsoft Corporation)

X3DAudio1_2.dll -> C:\Windows\SysNative\X3DAudio1_2.dll -> [2009/11/22 12:36:39 | 00,021,000 | ---- | C] (Microsoft Corporation)

d3dx9_34.dll -> C:\Windows\SysNative\d3dx9_34.dll -> [2009/11/22 12:36:38 | 04,496,232 | ---- | C] (Microsoft Corporation)

D3DCompiler_34.dll -> C:\Windows\SysNative\D3DCompiler_34.dll -> [2009/11/22 12:36:38 | 01,401,200 | ---- | C] (Microsoft Corporation)

d3dx10_34.dll -> C:\Windows\SysNative\d3dx10_34.dll -> [2009/11/22 12:36:38 | 00,506,728 | ---- | C] (Microsoft Corporation)

xactengine2_7.dll -> C:\Windows\SysNative\xactengine2_7.dll -> [2009/11/22 12:36:37 | 00,403,304 | ---- | C] (Microsoft Corporation)

xactengine2_7.dll -> C:\Windows\SysWow64\xactengine2_7.dll -> [2009/11/22 12:36:37 | 00,261,480 | ---- | C] (Microsoft Corporation)

xinput1_3.dll -> C:\Windows\SysNative\xinput1_3.dll -> [2009/11/22 12:36:37 | 00,107,368 | ---- | C] (Microsoft Corporation)

xinput1_3.dll -> C:\Windows\SysWow64\xinput1_3.dll -> [2009/11/22 12:36:37 | 00,081,768 | ---- | C] (Microsoft Corporation)

D3DCompiler_33.dll -> C:\Windows\SysNative\D3DCompiler_33.dll -> [2009/11/22 12:36:36 | 01,400,176 | ---- | C] (Microsoft Corporation)

d3dx10_33.dll -> C:\Windows\SysNative\d3dx10_33.dll -> [2009/11/22 12:36:36 | 00,506,728 | ---- | C] (Microsoft Corporation)

d3dx9_33.dll -> C:\Windows\SysNative\d3dx9_33.dll -> [2009/11/22 12:36:35 | 04,494,184 | ---- | C] (Microsoft Corporation)

xactengine2_6.dll -> C:\Windows\SysNative\xactengine2_6.dll -> [2009/11/22 12:36:35 | 00,393,576 | ---- | C] (Microsoft Corporation)

xactengine2_6.dll -> C:\Windows\SysWow64\xactengine2_6.dll -> [2009/11/22 12:36:35 | 00,255,848 | ---- | C] (Microsoft Corporation)

x3daudio1_1.dll -> C:\Windows\SysNative\x3daudio1_1.dll -> [2009/11/22 12:36:32 | 00,017,688 | ---- | C] (Microsoft Corporation)

x3daudio1_1.dll -> C:\Windows\SysWow64\x3daudio1_1.dll -> [2009/11/22 12:36:32 | 00,015,128 | ---- | C] (Microsoft Corporation)

Everest Poker -> C:\Program Files (x86)\Everest Poker -> [2009/11/22 11:50:03 | 00,000,000 | ---D | C]

 

[Files/Folders - Modified Within 30 Days]

NTUSER.DAT -> C:\Users\ludo\NTUSER.DAT -> [2009/12/21 20:44:47 | 02,359,296 | -HS- | M] ()

SA.DAT -> C:\Windows\tasks\SA.DAT -> [2009/12/21 20:44:10 | 00,000,006 | -H-- | M] ()

bootstat.dat -> C:\Windows\bootstat.dat -> [2009/12/21 20:44:06 | 00,067,584 | --S- | M] ()

hiberfil.sys -> C:\hiberfil.sys -> [2009/12/21 20:44:04 | 32,204,80000 | -HS- | M] ()

IconCache.db -> C:\Users\ludo\AppData\Local\IconCache.db -> [2009/12/21 20:42:55 | 00,988,313 | -H-- | M] ()

Malwarebytes' Anti-Malware.lnk -> C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk -> [2009/12/21 20:11:48 | 00,001,013 | ---- | M] ()

7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 -> [2009/12/21 19:13:09 | 00,013,248 | -H-- | M] ()

7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 -> [2009/12/21 19:13:09 | 00,013,248 | -H-- | M] ()

PerfStringBackup.INI -> C:\Windows\SysNative\PerfStringBackup.INI -> [2009/12/21 19:11:34 | 01,524,562 | ---- | M] ()

perfh00C.dat -> C:\Windows\SysNative\perfh00C.dat -> [2009/12/21 19:11:34 | 00,694,766 | ---- | M] ()

perfh009.dat -> C:\Windows\SysNative\perfh009.dat -> [2009/12/21 19:11:34 | 00,606,992 | ---- | M] ()

perfc00C.dat -> C:\Windows\SysNative\perfc00C.dat -> [2009/12/21 19:11:34 | 00,127,478 | ---- | M] ()

perfc009.dat -> C:\Windows\SysNative\perfc009.dat -> [2009/12/21 19:11:34 | 00,103,370 | ---- | M] ()

lsdelete.exe -> C:\Windows\SysNative\lsdelete.exe -> [2009/12/21 01:50:59 | 00,015,880 | ---- | M] ()

Ad-Aware.lnk -> C:\Users\Public\Desktop\Ad-Aware.lnk -> [2009/12/21 01:47:03 | 00,001,154 | ---- | M] ()

citation.odt -> C:\Users\ludo\Documents\citation.odt -> [2009/12/20 16:20:36 | 00,007,926 | ---- | M] ()

o.p12 -> C:\Users\ludo\Desktop\o.p12 -> [2009/12/19 12:43:12 | 00,002,392 | ---- | M] ()

Mumble (Backwards Compatible).lnk -> C:\Users\Public\Desktop\Mumble (Backwards Compatible).lnk -> [2009/12/19 12:40:06 | 00,001,000 | ---- | M] ()

Mumble.lnk -> C:\Users\Public\Desktop\Mumble.lnk -> [2009/12/19 12:40:06 | 00,000,983 | ---- | M] ()

Anno4 - Raccourci.lnk -> C:\Users\ludo\Desktop\Anno4 - Raccourci.lnk -> [2009/12/17 12:42:14 | 00,001,301 | ---- | M] ()

citation.odt -> C:\Users\ludo\Desktop\citation.odt -> [2009/12/15 21:50:48 | 00,011,737 | ---- | M] ()

atksgt.sys -> C:\Windows\SysNative\drivers\atksgt.sys -> [2009/12/15 17:29:43 | 00,314,016 | ---- | M] ()

lirsgt.sys -> C:\Windows\SysNative\drivers\lirsgt.sys -> [2009/12/15 17:29:41 | 00,043,680 | ---- | M] ()

ezsidmv.dat -> C:\ProgramData\ezsidmv.dat -> [2009/12/15 14:57:27 | 00,000,056 | ---- | M] ()

Skype.lnk -> C:\Users\Public\Desktop\Skype.lnk -> [2009/12/15 14:50:32 | 00,002,515 | ---- | M] ()

Call of Duty Modern Warfare 2.lnk -> C:\Users\ludo\Desktop\Call of Duty Modern Warfare 2.lnk -> [2009/12/12 20:21:45 | 00,001,885 | ---- | M] ()

Call of Duty Modern Warfare 2 - Multiplayer.lnk -> C:\Users\ludo\Desktop\Call of Duty Modern Warfare 2 - Multiplayer.lnk -> [2009/12/12 20:21:45 | 00,001,885 | ---- | M] ()

Msft_User_WpdMtpDr_01_09_00.Wdf -> C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf -> [2009/12/11 17:59:54 | 00,000,000 | -H-- | M] ()

LogMeIn Hamachi.lnk -> C:\Users\Public\Desktop\LogMeIn Hamachi.lnk -> [2009/12/09 18:14:38 | 00,000,926 | ---- | M] ()

Nero StartSmart.lnk -> C:\Users\Public\Desktop\Nero StartSmart.lnk -> [2009/12/08 17:03:16 | 00,002,786 | ---- | M] ()

Nero Home.lnk -> C:\Users\Public\Desktop\Nero Home.lnk -> [2009/12/08 17:03:16 | 00,002,690 | ---- | M] ()

mbamswissarmy.sys -> C:\Windows\SysWow64\drivers\mbamswissarmy.sys -> [2009/12/03 16:14:06 | 00,038,224 | ---- | M] (Malwarebytes Corporation)

mbam.sys -> C:\Windows\SysNative\drivers\mbam.sys -> [2009/12/03 16:13:58 | 00,022,104 | ---- | M] (Malwarebytes Corporation)

CCleaner.lnk -> C:\Users\ludo\Desktop\CCleaner.lnk -> [2009/11/30 19:07:29 | 00,001,889 | ---- | M] ()

VLC media player.lnk -> C:\Users\Public\Desktop\VLC media player.lnk -> [2009/11/30 18:33:48 | 00,001,070 | ---- | M] ()

daorigins - Raccourci.lnk -> C:\Users\ludo\Desktop\daorigins - Raccourci.lnk -> [2009/11/30 12:51:05 | 00,001,636 | ---- | M] ()

NCLauncher - Raccourci.lnk -> C:\Users\ludo\Desktop\NCLauncher - Raccourci.lnk -> [2009/11/29 17:21:46 | 00,001,599 | ---- | M] ()

DAEMON Tools Lite.lnk -> C:\Users\Public\Desktop\DAEMON Tools Lite.lnk -> [2009/11/26 16:57:34 | 00,001,954 | ---- | M] ()

sptd.sys -> C:\Windows\SysNative\drivers\sptd.sys -> [2009/11/26 16:57:33 | 00,834,544 | ---- | M] ()

Msft_User_WpdFs_01_09_00.Wdf -> C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf -> [2009/11/26 16:54:13 | 00,000,000 | -H-- | M] ()

OpenOffice.org 3.1.lnk -> C:\Users\ludo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk -> [2009/11/25 18:20:19 | 00,001,239 | ---- | M] ()

Adobe Reader 9.lnk -> C:\Users\Public\Desktop\Adobe Reader 9.lnk -> [2009/11/24 12:26:27 | 00,002,014 | ---- | M] ()

PnkBstrB.exe -> C:\Windows\SysWow64\PnkBstrB.exe -> [2009/11/23 16:40:53 | 00,111,928 | ---- | M] ()

klin.dat -> C:\Windows\SysNative\drivers\klin.dat -> [2009/11/22 16:07:15 | 00,143,387 | ---- | M] ()

klick.dat -> C:\Windows\SysNative\drivers\klick.dat -> [2009/11/22 16:07:15 | 00,104,987 | ---- | M] ()

klif.sys -> C:\Windows\SysNative\drivers\klif.sys -> [2009/11/22 16:06:49 | 00,353,296 | ---- | M] (Kaspersky Lab)

pbsvc.exe -> C:\Windows\SysWow64\pbsvc.exe -> [2009/11/22 12:34:49 | 00,682,280 | ---- | M] ()

PnkBstrA.exe -> C:\Windows\SysWow64\PnkBstrA.exe -> [2009/11/22 12:34:49 | 00,066,872 | ---- | M] ()

win.ini -> C:\Windows\win.ini -> [2009/11/22 11:50:27 | 00,000,448 | ---- | M] ()

Everest Poker.lnk -> C:\Users\Public\Desktop\Everest Poker.lnk -> [2009/11/22 11:50:25 | 00,001,962 | ---- | M] ()

 

[Files - No Company Name]

IconCache.db -> C:\Users\ludo\AppData\Local\IconCache.db -> [2009/12/21 20:42:55 | 00,988,313 | -H-- | C] ()

Malwarebytes' Anti-Malware.lnk -> C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk -> [2009/12/21 20:11:48 | 00,001,013 | ---- | C] ()

lsdelete.exe -> C:\Windows\SysNative\lsdelete.exe -> [2009/12/21 02:23:50 | 00,015,880 | ---- | C] ()

Ad-Aware.lnk -> C:\Users\Public\Desktop\Ad-Aware.lnk -> [2009/12/21 01:47:03 | 00,001,154 | ---- | C] ()

citation.odt -> C:\Users\ludo\Documents\citation.odt -> [2009/12/20 16:20:33 | 00,007,926 | ---- | C] ()

o.p12 -> C:\Users\ludo\Desktop\o.p12 -> [2009/12/19 12:43:10 | 00,002,392 | ---- | C] ()

Mumble (Backwards Compatible).lnk -> C:\Users\Public\Desktop\Mumble (Backwards Compatible).lnk -> [2009/12/19 12:40:06 | 00,001,000 | ---- | C] ()

Mumble.lnk -> C:\Users\Public\Desktop\Mumble.lnk -> [2009/12/19 12:40:06 | 00,000,983 | ---- | C] ()

Anno4 - Raccourci.lnk -> C:\Users\ludo\Desktop\Anno4 - Raccourci.lnk -> [2009/12/17 12:42:14 | 00,001,301 | ---- | C] ()

atksgt.sys -> C:\Windows\SysNative\drivers\atksgt.sys -> [2009/12/15 17:29:43 | 00,314,016 | ---- | C] ()

lirsgt.sys -> C:\Windows\SysNative\drivers\lirsgt.sys -> [2009/12/15 17:29:41 | 00,043,680 | ---- | C] ()

ezsidmv.dat -> C:\ProgramData\ezsidmv.dat -> [2009/12/15 14:57:27 | 00,000,056 | ---- | C] ()

Skype.lnk -> C:\Users\Public\Desktop\Skype.lnk -> [2009/12/15 14:50:32 | 00,002,515 | ---- | C] ()

Call of Duty Modern Warfare 2.lnk -> C:\Users\ludo\Desktop\Call of Duty Modern Warfare 2.lnk -> [2009/12/12 20:21:45 | 00,001,885 | ---- | C] ()

Call of Duty Modern Warfare 2 - Multiplayer.lnk -> C:\Users\ludo\Desktop\Call of Duty Modern Warfare 2 - Multiplayer.lnk -> [2009/12/12 20:21:45 | 00,001,885 | ---- | C] ()

Msft_User_WpdMtpDr_01_09_00.Wdf -> C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf -> [2009/12/11 17:59:54 | 00,000,000 | -H-- | C] ()

LogMeIn Hamachi.lnk -> C:\Users\Public\Desktop\LogMeIn Hamachi.lnk -> [2009/12/09 18:14:38 | 00,000,926 | ---- | C] ()

Nero StartSmart.lnk -> C:\Users\Public\Desktop\Nero StartSmart.lnk -> [2009/12/08 17:03:16 | 00,002,786 | ---- | C] ()

Nero Home.lnk -> C:\Users\Public\Desktop\Nero Home.lnk -> [2009/12/08 17:03:16 | 00,002,690 | ---- | C] ()

citation.odt -> C:\Users\ludo\Desktop\citation.odt -> [2009/12/04 23:01:22 | 00,011,737 | ---- | C] ()

CCleaner.lnk -> C:\Users\ludo\Desktop\CCleaner.lnk -> [2009/11/30 19:07:29 | 00,001,889 | ---- | C] ()

VLC media player.lnk -> C:\Users\Public\Desktop\VLC media player.lnk -> [2009/11/30 18:33:48 | 00,001,070 | ---- | C] ()

daorigins - Raccourci.lnk -> C:\Users\ludo\Desktop\daorigins - Raccourci.lnk -> [2009/11/30 12:51:05 | 00,001,636 | ---- | C] ()

NCLauncher - Raccourci.lnk -> C:\Users\ludo\Desktop\NCLauncher - Raccourci.lnk -> [2009/11/29 17:21:46 | 00,001,599 | ---- | C] ()

DAEMON Tools Lite.lnk -> C:\Users\Public\Desktop\DAEMON Tools Lite.lnk -> [2009/11/26 16:57:34 | 00,001,954 | ---- | C] ()

sptd.sys -> C:\Windows\SysNative\drivers\sptd.sys -> [2009/11/26 16:57:33 | 00,834,544 | ---- | C] ()

Msft_User_WpdFs_01_09_00.Wdf -> C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf -> [2009/11/26 16:54:13 | 00,000,000 | -H-- | C] ()

OpenOffice.org 3.1.lnk -> C:\Users\ludo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk -> [2009/11/25 18:20:19 | 00,001,239 | ---- | C] ()

Adobe Reader 9.lnk -> C:\Users\Public\Desktop\Adobe Reader 9.lnk -> [2009/11/24 12:26:27 | 00,002,014 | ---- | C] ()

klin.dat -> C:\Windows\SysNative\drivers\klin.dat -> [2009/11/22 16:07:15 | 00,143,387 | ---- | C] ()

klick.dat -> C:\Windows\SysNative\drivers\klick.dat -> [2009/11/22 16:07:15 | 00,104,987 | ---- | C] ()

pbsvc.exe -> C:\Windows\SysWow64\pbsvc.exe -> [2009/11/22 12:34:49 | 00,682,280 | ---- | C] ()

Everest Poker.lnk -> C:\Users\Public\Desktop\Everest Poker.lnk -> [2009/11/22 11:50:25 | 00,001,962 | ---- | C] ()

game.ini -> C:\Windows\game.ini -> [2009/11/21 19:36:35 | 00,000,331 | ---- | C] ()

AsIO.dll -> C:\Windows\SysWow64\AsIO.dll -> [2009/11/03 13:19:37 | 00,024,576 | ---- | C] ()

AsIO.sys -> C:\Windows\SysWow64\drivers\AsIO.sys -> [2009/11/03 13:19:37 | 00,014,392 | ---- | C] ()

AsInsHelp64.sys -> C:\Windows\SysWow64\drivers\AsInsHelp64.sys -> [2009/11/03 13:19:35 | 00,011,832 | ---- | C] ()

AsInsHelp32.sys -> C:\Windows\SysWow64\drivers\AsInsHelp32.sys -> [2009/11/03 13:19:35 | 00,010,216 | ---- | C] ()

Language_trs.ini -> C:\Windows\Language_trs.ini -> [2009/11/03 12:51:01 | 00,001,769 | ---- | C] ()

GlobalUserInterface.CompositeFont -> C:\Windows\Fonts\GlobalUserInterface.CompositeFont -> [2009/07/14 06:32:39 | 00,043,318 | ---- | C] ()

GlobalSerif.CompositeFont -> C:\Windows\Fonts\GlobalSerif.CompositeFont -> [2009/07/14 06:32:39 | 00,029,779 | ---- | C] ()

GlobalSansSerif.CompositeFont -> C:\Windows\Fonts\GlobalSansSerif.CompositeFont -> [2009/07/14 06:32:39 | 00,026,489 | ---- | C] ()

GlobalMonospace.CompositeFont -> C:\Windows\Fonts\GlobalMonospace.CompositeFont -> [2009/07/14 06:32:39 | 00,026,040 | ---- | C] ()

BWContextHandler.dll -> C:\Windows\SysWow64\BWContextHandler.dll -> [2009/07/14 00:42:10 | 00,064,000 | ---- | C] ()

msjetoledb40.dll -> C:\Windows\SysWow64\msjetoledb40.dll -> [2009/07/13 22:03:59 | 00,364,544 | ---- | C] ()

physxcudart_20.dll -> C:\Windows\SysWow64\physxcudart_20.dll -> [2008/10/07 09:13:30 | 00,197,912 | ---- | C] ()

AgCPanelTraditionalChinese.dll -> C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll -> [2008/10/07 09:13:22 | 00,058,648 | ---- | C] ()

AgCPanelSwedish.dll -> C:\Windows\SysWow64\AgCPanelSwedish.dll -> [2008/10/07 09:13:20 | 00,058,648 | ---- | C] ()

AgCPanelSpanish.dll -> C:\Windows\SysWow64\AgCPanelSpanish.dll -> [2008/10/07 09:13:20 | 00,058,648 | ---- | C] ()

AgCPanelSimplifiedChinese.dll -> C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll -> [2008/10/07 09:13:20 | 00,058,648 | ---- | C] ()

AgCPanelPortugese.dll -> C:\Windows\SysWow64\AgCPanelPortugese.dll -> [2008/10/07 09:13:20 | 00,058,648 | ---- | C] ()

AgCPanelKorean.dll -> C:\Windows\SysWow64\AgCPanelKorean.dll -> [2008/10/07 09:13:20 | 00,058,648 | ---- | C] ()

AgCPanelJapanese.dll -> C:\Windows\SysWow64\AgCPanelJapanese.dll -> [2008/10/07 09:13:20 | 00,058,648 | ---- | C] ()

AgCPanelGerman.dll -> C:\Windows\SysWow64\AgCPanelGerman.dll -> [2008/10/07 09:13:20 | 00,058,648 | ---- | C] ()

AgCPanelFrench.dll -> C:\Windows\SysWow64\AgCPanelFrench.dll -> [2008/10/07 09:13:20 | 00,058,648 | ---- | C] ()

ASUSHWIO.SYS -> C:\Windows\SysWow64\drivers\ASUSHWIO.SYS -> [2007/12/28 16:22:02 | 00,010,296 | ---- | C] ()

< End of report >

Modifié le 21 décembre 2009 par zagstruck

[Gof]

Ton souci ne semble pas d'origine infectieuse. Les deux entrées que j'avais constaté ne sont que des restes de la Base de Registre, les fichiers ne sont pas là ; on s'en occupera par la suite.

 

Je vais te faire correctement désinstaller ton Kaspersky, pour le réinstaller correctement. Prends soin d'abord de bien conserver les informations de licence (code donné dans l'email à l'achat sur le net, ou code sur la boîte en cas d'achat en magasin).

 

Consulte le lien suivant : Removal tool for Kaspersky Lab products.

Il t'y sera expliqué comment désinstaller avec leur outil le produit.

Tu n'as qu'à suivre les instructions.

 

Ensuite, et après avoir redémarré comme demandé, installe une nouvelle version en la récupérant sur le lien suivant : Kaspersky Internet Security 2010. Il est important que tu réinstalles à partir de cette version téléchargée, car l'outil a eu une mise à jour (Critical Fix 2).

 

Dis moi ce qu'il en est

[zagstruck]

c'est bon l'anti virus refonctionne, cependant au demarage j'ai ceci que je n'avais pas avant de ne pu avoir d'anti virus

 

 

 

peut t'on les enlever ?

Modifié le 21 décembre 2009 par zagstruck

[Gof]

Bonjour zagstruck

 

Navré des délais, bonnes fêtes de fin d'année

 

c'est bon l'anti virus refonctionne, cependant au demarage j'ai ceci que je n'avais pas avant de ne pu avoir d'anti virus

Impeccable pour l'antivirus.

 

Pour supprimer les deux fenêtres au démarrage, qui sont des restes d'une infection qui ne semblent plus présente.

 

Exécute à nouveau OTS

• Copie-colle les éléments suivants dans la partie Paste Fix Here
  

• [Registry - Safe List]
  < Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
  YY -> "media bore program mapi" -> C:\ProgramData\Phone Bash Extra.xou ["C:\ProgramData\Phone Bash Extra.xous8"]
  YY -> "PokeCreative" -> C:\ProgramData\FaceManagerManager.0t6 ["C:\ProgramData\FaceManagerManager.0t6cm5"]
  [Empty Temp Folders]
  

• Puis, clique sur Run Fix.
  
• Ce sera très rapide, un rapport sera généré, poste le à la suite.
  

 

Redémarre, tu ne devrais plus avoir les soucis. Tu me confirmes ?

[zagstruck]

bonsoir Gof

tout d'abords je te souhaite de joyeuses fêtes de fin d'années

et je te remercie à nouveau pour ton aide

voici le rapport

 

 

All Processes Killed

[Registry - Safe List]

Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\media bore program mapi deleted successfully.

File C:\ProgramData\Phone Bash Extra.xou not found.

Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\PokeCreative deleted successfully.

File C:\ProgramData\FaceManagerManager.0t6 not found.

[Empty Temp Folders]

 

 

User: All Users

 

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

 

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

 

User: ludo

->Temp folder emptied: 13051744 bytes

->Temporary Internet Files folder emptied: 75348260 bytes

->Java cache emptied: 30259100 bytes

->FireFox cache emptied: 109636940 bytes

 

User: Public

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32 (64bit) .tmp files removed: 0 bytes

Windows Temp folder emptied: 3589250 bytes

%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50540 bytes

RecycleBin emptied: 103410 bytes

 

Total Files Cleaned = 221,00 mb

 

< End of fix log >

OTS by OldTimer - Version 3.1.14.1 fix logfile created on 12272009_230525

 

Files\Folders moved on Reboot...

C:\Users\ludo\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

 

Registry entries deleted on Reboot...

[Gof]

Bonjour zagstruck

 

Navré des délais, grosse semaine encore. Normalement tes fenêtres au démarrage du système ont disparu, me le confirmes tu ?

 

Si tout va bien, je te fais supprimer les outils que nous avons utilisés.

[zagstruck]

bonne année !!!!

oui je confirme elles ont disparues