Sujet Précédent Sujet Suivant

Centre de sécurité boqué windows vista

Résolu/Fermé
Sookie - 15 avril 2012 à 15:12
Fish66 Messages postés 17505 Date d'inscription dimanche 24 juillet 2011 Statut Contributeur sécurité Dernière intervention 16 juin 2021 - 26 avril 2012 à 20:58
Bonjour à tous.

Je suis sous Vista 32bits et je viens de subir une attaque du trojan Sirefef.BV.2 , je l'ai supprimé avec mon antivirus (avira antivir). Mais maintenant, le centre de sécurité est inactif et bloqué, j'ai des alertes périodiques de mon antivirus pour suprimer le trojan et mon ordi lance l'installation de adobe flash player tout seul... Sans parler des problèmes de navigation internet avec firefox qui m'envoie sur des pages non désirées.

J'ai déjà essayé de remettre le centre de sécurité sur automatique dans outils d'administration mais il n'apparait même pas dans la liste!

Bref je suis dans la panade!! Quelqu'un pour m'aider please?


A voir également:

38 réponses

  • 1
  • 2
Réponse 1 / 38
Fish66 Messages postés 17505 Date d'inscription dimanche 24 juillet 2011 Statut Contributeur sécurité Dernière intervention 16 juin 2021 1 318
Modifié par Fish66 le 15/04/2012 à 15:17
Salut,
Télécharge TDSSKiller sur ton Bureau.

# Décompresse le (clic droit sur le fichier et extraire) sur le bureau.
# dans le dossier crée, déplacer le fichier TDSSKiller.exe pour le mettre sur le Bureau
# Faire un double clic sur TDSSKiller.exe pour le lancer.
# Cliquer sur Start scan pour lancer l'analyse,

# Lorsque l'outil a terminé son travail d'inspection, si des nuisibles ("Malicious objects") ont été trouvés, vérifier que l'option Cure est sélectionnée,
# Si des objects suspects "Suspicious objects" ont été détectés, sur l'écran de demande de confirmation, laisser l'option sur Skip.
# Puis cliquer sur le bouton Continue.
# Attendre l'affichage du fichier rapport.
# Si l'outil a besoin d'un redémarrage pour finaliser le nettoyage, cliquer sur le bouton Reboot computer.

Envoyer en réponse le rapport de TDSSKiller

Note : Il se trouve aussi en C:\TDSSKiller.Version_Date_Heure_log.txt

@+



_ _ _ Fish66_ _ _ I''"""""I_ _ membre contributeur sécurité_ _I''"""""I_ _ _
¤¤¤ Le meilleur remède pour tous les problèmes, c'est la patience.... ¤¤¤
0
Réponse 2 / 38
Sookie
15 avril 2012 à 15:37
Tout d'abord merci de ta réponse rapise

Voici le rapport TDSSkiller

15:25:58.0929 5016 TDSS rootkit removing tool 2.7.28.0 Apr 10 2012 16:54:05
15:25:59.0288 5016 ============================================================
15:25:59.0288 5016 Current date / time: 2012/04/15 15:25:59.0288
15:25:59.0288 5016 SystemInfo:
15:25:59.0288 5016
15:25:59.0288 5016 OS Version: 6.0.6002 ServicePack: 2.0
15:25:59.0288 5016 Product type: Workstation
15:25:59.0288 5016 ComputerName: PC-DE-ACER
15:25:59.0288 5016 UserName: acer
15:25:59.0288 5016 Windows directory: C:\Windows
15:25:59.0288 5016 System windows directory: C:\Windows
15:25:59.0288 5016 Processor architecture: Intel x86
15:25:59.0288 5016 Number of processors: 2
15:25:59.0288 5016 Page size: 0x1000
15:25:59.0288 5016 Boot type: Normal boot
15:25:59.0288 5016 ============================================================
15:26:00.0114 5016 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
15:26:00.0130 5016 \Device\Harddisk0\DR0:
15:26:00.0130 5016 MBR used
15:26:00.0130 5016 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1400800, BlocksNum 0x12016800
15:26:00.0130 5016 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x13417000, BlocksNum 0x12017000
15:26:00.0208 5016 Initialize success
15:26:00.0208 5016 ============================================================
15:26:01.0877 5540 ============================================================
15:26:01.0877 5540 Scan started
15:26:01.0877 5540 Mode: Manual;
15:26:01.0877 5540 ============================================================
15:26:03.0422 5540 A310 (02e1c46c34f2d2843533c4f223867930) C:\Windows\system32\DRIVERS\AVerA310USB.sys
15:26:03.0437 5540 A310 - ok
15:26:03.0562 5540 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
15:26:03.0578 5540 ACPI - ok
15:26:03.0687 5540 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
15:26:03.0687 5540 adp94xx - ok
15:26:03.0796 5540 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
15:26:03.0796 5540 adpahci - ok
15:26:03.0905 5540 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
15:26:03.0905 5540 adpu160m - ok
15:26:04.0014 5540 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
15:26:04.0014 5540 adpu320 - ok
15:26:04.0108 5540 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
15:26:04.0108 5540 AeLookupSvc - ok
15:26:04.0248 5540 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
15:26:04.0248 5540 AFD - ok
15:26:04.0326 5540 AgereModemAudio (efbc44fbd75e4f80bd927aebf6e7eade) C:\Windows\system32\agrsmsvc.exe
15:26:04.0342 5540 AgereModemAudio - ok
15:26:04.0467 5540 AgereSoftModem (38325c6aa8eae011897d61ce48ec6435) C:\Windows\system32\DRIVERS\AGRSM.sys
15:26:04.0498 5540 AgereSoftModem - ok
15:26:04.0607 5540 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
15:26:04.0607 5540 agp440 - ok
15:26:04.0716 5540 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
15:26:04.0716 5540 aic78xx - ok
15:26:04.0841 5540 AlfaFF (8d59617a9c3dbf4650aa44f4e9215744) C:\Windows\system32\Drivers\AlfaFF.sys
15:26:04.0841 5540 AlfaFF - ok
15:26:04.0919 5540 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
15:26:04.0919 5540 ALG - ok
15:26:05.0028 5540 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
15:26:05.0028 5540 aliide - ok
15:26:05.0138 5540 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
15:26:05.0138 5540 amdagp - ok
15:26:05.0231 5540 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
15:26:05.0231 5540 amdide - ok
15:26:05.0325 5540 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
15:26:05.0325 5540 AmdK7 - ok
15:26:05.0418 5540 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
15:26:05.0418 5540 AmdK8 - ok
15:26:05.0512 5540 AntiVirSchedulerService (a5bcbaf0477c4869b67e0195aea4a9cd) C:\Program Files\Avira\AntiVir Desktop\sched.exe
15:26:05.0512 5540 AntiVirSchedulerService - ok
15:26:05.0606 5540 AntiVirService (3cce4afa4aacdb28e01a148394212186) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
15:26:05.0606 5540 AntiVirService - ok
15:26:05.0746 5540 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
15:26:05.0746 5540 Appinfo - ok
15:26:05.0886 5540 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:26:05.0886 5540 Apple Mobile Device - ok
15:26:06.0011 5540 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
15:26:06.0011 5540 arc - ok
15:26:06.0120 5540 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
15:26:06.0120 5540 arcsas - ok
15:26:06.0230 5540 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
15:26:06.0230 5540 AsyncMac - ok
15:26:06.0432 5540 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
15:26:06.0432 5540 atapi - ok
15:26:06.0526 5540 ATSWPDRV (5e19f7b730c6a32e83174e2d6fee4389) C:\Windows\system32\DRIVERS\ATSwpDrv.sys
15:26:06.0542 5540 ATSWPDRV - ok
15:26:06.0635 5540 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
15:26:06.0651 5540 AudioEndpointBuilder - ok
15:26:06.0682 5540 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
15:26:06.0698 5540 Audiosrv - ok
15:26:06.0744 5540 avgio (f1d43170fdd7399ee17ea32d4f868b0c) C:\Program Files\Avira\AntiVir Desktop\avgio.sys
15:26:06.0744 5540 avgio - ok
15:26:06.0854 5540 avgntflt (1e4114685de1ffa9675e09c6a1fb3f4b) C:\Windows\system32\DRIVERS\avgntflt.sys
15:26:06.0854 5540 avgntflt - ok
15:26:06.0947 5540 avipbb (0f78d3dae6dedd99ae54c9491c62adf2) C:\Windows\system32\DRIVERS\avipbb.sys
15:26:06.0947 5540 avipbb - ok
15:26:07.0072 5540 b57nd60x (7d0f2bfa273831124fa08526af48af18) C:\Windows\system32\DRIVERS\b57nd60x.sys
15:26:07.0072 5540 b57nd60x - ok
15:26:07.0181 5540 BBSvc (01a24b415926bb5f772dbe12459d97de) C:\Program Files\Microsoft\BingBar\BBSvc.EXE
15:26:07.0197 5540 BBSvc - ok
15:26:07.0306 5540 BBUpdate (785de7abda13309d6065305542829e76) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
15:26:07.0306 5540 BBUpdate - ok
15:26:07.0446 5540 BDASwCap (9347a2ddee501c242a8e21990279d688) C:\Windows\system32\drivers\AVerA310Cap.sys
15:26:07.0446 5540 BDASwCap - ok
15:26:07.0556 5540 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
15:26:07.0556 5540 Beep - ok
15:26:07.0712 5540 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\System32\qmgr.dll
15:26:07.0743 5540 BITS - ok
15:26:07.0852 5540 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
15:26:07.0852 5540 blbdrive - ok
15:26:07.0961 5540 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
15:26:07.0961 5540 Bonjour Service - ok
15:26:08.0070 5540 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
15:26:08.0070 5540 bowser - ok
15:26:08.0180 5540 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
15:26:08.0180 5540 BrFiltLo - ok
15:26:08.0258 5540 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
15:26:08.0258 5540 BrFiltUp - ok
15:26:08.0351 5540 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
15:26:08.0351 5540 Browser - ok
15:26:08.0476 5540 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
15:26:08.0492 5540 Brserid - ok
15:26:08.0585 5540 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
15:26:08.0585 5540 BrSerWdm - ok
15:26:08.0679 5540 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
15:26:08.0694 5540 BrUsbMdm - ok
15:26:08.0804 5540 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
15:26:08.0804 5540 BrUsbSer - ok
15:26:08.0913 5540 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
15:26:08.0913 5540 BTHMODEM - ok
15:26:09.0022 5540 BUNAgentSvc (09e6affae6c0e9158bf05c7d08d0107a) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
15:26:09.0022 5540 BUNAgentSvc - ok
15:26:09.0131 5540 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
15:26:09.0131 5540 cdfs - ok
15:26:09.0256 5540 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
15:26:09.0256 5540 cdrom - ok
15:26:09.0334 5540 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
15:26:09.0350 5540 CertPropSvc - ok
15:26:09.0459 5540 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\DRIVERS\circlass.sys
15:26:09.0459 5540 circlass - ok
15:26:09.0568 5540 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
15:26:09.0568 5540 CLFS - ok
15:26:09.0677 5540 CLHNService (5ca9b1062c0c3e3ae19c23ad9d8a5048) C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
15:26:09.0677 5540 CLHNService - ok
15:26:09.0771 5540 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:26:09.0786 5540 clr_optimization_v2.0.50727_32 - ok
15:26:09.0911 5540 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:26:09.0911 5540 clr_optimization_v4.0.30319_32 - ok
15:26:10.0036 5540 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
15:26:10.0036 5540 CmBatt - ok
15:26:10.0130 5540 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
15:26:10.0130 5540 cmdide - ok
15:26:10.0223 5540 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
15:26:10.0223 5540 Compbatt - ok
15:26:10.0286 5540 COMSysApp - ok
15:26:10.0395 5540 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
15:26:10.0395 5540 crcdisk - ok
15:26:10.0504 5540 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
15:26:10.0504 5540 Crusoe - ok
15:26:10.0598 5540 CryptSvc (fb27772beaf8e1d28ccd825c09da939b) C:\Windows\system32\cryptsvc.dll
15:26:10.0598 5540 CryptSvc - ok
15:26:10.0738 5540 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
15:26:10.0785 5540 DcomLaunch - ok
15:26:10.0878 5540 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
15:26:10.0894 5540 DfsC - ok
15:26:11.0097 5540 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
15:26:11.0175 5540 DFSR - ok
15:26:11.0393 5540 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
15:26:11.0409 5540 Dhcp - ok
15:26:11.0534 5540 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
15:26:11.0549 5540 disk - ok
15:26:11.0721 5540 DKbFltr (73baf270d24fe726b9cd7f80bb17a23d) C:\Windows\system32\DRIVERS\DKbFltr.sys
15:26:11.0721 5540 DKbFltr - ok
15:26:11.0877 5540 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
15:26:11.0877 5540 Dnscache - ok
15:26:12.0111 5540 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
15:26:12.0126 5540 dot3svc - ok
15:26:12.0376 5540 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
15:26:12.0376 5540 DPS - ok
15:26:12.0532 5540 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
15:26:12.0532 5540 drmkaud - ok
15:26:12.0657 5540 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
15:26:12.0672 5540 DXGKrnl - ok
15:26:12.0828 5540 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
15:26:12.0828 5540 E1G60 - ok
15:26:12.0922 5540 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
15:26:12.0938 5540 EapHost - ok
15:26:13.0062 5540 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
15:26:13.0078 5540 Ecache - ok
15:26:13.0187 5540 eDataSecurity Service (b7dc2580425225c320ceda78de55a3d0) C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
15:26:13.0203 5540 eDataSecurity Service - ok
15:26:13.0312 5540 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
15:26:13.0343 5540 ehRecvr - ok
15:26:13.0452 5540 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
15:26:13.0452 5540 ehSched - ok
15:26:13.0593 5540 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
15:26:13.0593 5540 ehstart - ok
15:26:13.0718 5540 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
15:26:13.0718 5540 elxstor - ok
15:26:14.0014 5540 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
15:26:14.0045 5540 EMDMgmt - ok
15:26:14.0248 5540 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
15:26:14.0248 5540 ErrDev - ok
15:26:14.0310 5540 ETService (a51fd9df23720485991f56741bbefcfb) C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
15:26:14.0326 5540 ETService - ok
15:26:14.0435 5540 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
15:26:14.0451 5540 EventSystem - ok
15:26:14.0576 5540 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
15:26:14.0576 5540 exfat - ok
15:26:14.0685 5540 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
15:26:14.0685 5540 fastfat - ok
15:26:14.0794 5540 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
15:26:14.0810 5540 fdc - ok
15:26:14.0888 5540 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
15:26:14.0888 5540 fdPHost - ok
15:26:14.0981 5540 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
15:26:14.0997 5540 FDResPub - ok
15:26:15.0122 5540 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
15:26:15.0137 5540 FileInfo - ok
15:26:15.0246 5540 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
15:26:15.0246 5540 Filetrace - ok
15:26:15.0340 5540 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
15:26:15.0340 5540 flpydisk - ok
15:26:15.0465 5540 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
15:26:15.0465 5540 FltMgr - ok
15:26:15.0683 5540 FontCache (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
15:26:15.0730 5540 FontCache - ok
15:26:15.0855 5540 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
15:26:15.0886 5540 FontCache3.0.0.0 - ok
15:26:16.0042 5540 Fs_Rec (b972a66758577e0bfd1de0f91aaa27b5) C:\Windows\system32\drivers\Fs_Rec.sys
15:26:16.0042 5540 Fs_Rec - ok
15:26:16.0167 5540 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
15:26:16.0167 5540 gagp30kx - ok
15:26:16.0260 5540 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:26:16.0260 5540 GEARAspiWDM - ok
15:26:16.0463 5540 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
15:26:16.0479 5540 gpsvc - ok
15:26:16.0666 5540 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
15:26:16.0666 5540 HdAudAddService - ok
15:26:16.0775 5540 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
15:26:16.0791 5540 HDAudBus - ok
15:26:16.0853 5540 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
15:26:16.0853 5540 HidBth - ok
15:26:16.0884 5540 HidIr (d8df3722d5e961baa1292aa2f12827e2) C:\Windows\system32\DRIVERS\hidir.sys
15:26:16.0884 5540 HidIr - ok
15:26:16.0962 5540 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\system32\hidserv.dll
15:26:16.0962 5540 hidserv - ok
15:26:17.0040 5540 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
15:26:17.0040 5540 HidUsb - ok
15:26:17.0103 5540 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
15:26:17.0103 5540 hkmsvc - ok
15:26:17.0165 5540 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
15:26:17.0165 5540 HpCISSs - ok
15:26:17.0212 5540 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
15:26:17.0228 5540 HTTP - ok
15:26:17.0274 5540 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
15:26:17.0274 5540 i2omp - ok
15:26:17.0415 5540 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
15:26:17.0415 5540 i8042prt - ok
15:26:17.0493 5540 IAANTMON (cb686f44bf955ea02520710a56874fa4) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
15:26:17.0508 5540 IAANTMON - ok
15:26:17.0633 5540 iaStor (db0cc620b27a928d968c1a1e9cd9cb87) C:\Windows\system32\DRIVERS\iaStor.sys
15:26:17.0633 5540 iaStor - ok
15:26:17.0680 5540 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
15:26:17.0680 5540 iaStorV - ok
15:26:17.0805 5540 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:26:17.0914 5540 idsvc - ok
15:26:18.0101 5540 IGBASVC (60a52c8e2e25c62ec8359c28a4af6e25) C:\Program Files\Acer\Acer Bio Protection\BASVC.exe
15:26:18.0164 5540 IGBASVC - ok
15:26:18.0288 5540 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
15:26:18.0288 5540 iirsp - ok
15:26:18.0382 5540 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
15:26:18.0413 5540 IKEEXT - ok
15:26:18.0460 5540 int15 (4d8d5b1c895ea0f2a721b98a7ce198f1) C:\Windows\system32\drivers\int15.sys
15:26:18.0476 5540 int15 - ok
15:26:18.0600 5540 IntcAzAudAddService (3cfa12fefea751dae7b8133a6ef3c0d9) C:\Windows\system32\drivers\RTKVHDA.sys
15:26:18.0632 5540 IntcAzAudAddService - ok
15:26:18.0756 5540 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
15:26:18.0756 5540 intelide - ok
15:26:18.0803 5540 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
15:26:18.0803 5540 intelppm - ok
15:26:18.0850 5540 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
15:26:18.0850 5540 IPBusEnum - ok
15:26:18.0897 5540 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:26:18.0897 5540 IpFilterDriver - ok
15:26:18.0912 5540 IpInIp - ok
15:26:18.0959 5540 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
15:26:18.0959 5540 IPMIDRV - ok
15:26:18.0990 5540 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
15:26:19.0006 5540 IPNAT - ok
15:26:19.0068 5540 iPod Service (57edb35ea2feca88f8b17c0c095c9a56) C:\Program Files\iPod\bin\iPodService.exe
15:26:19.0084 5540 iPod Service - ok
15:26:19.0146 5540 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
15:26:19.0146 5540 IRENUM - ok
15:26:19.0178 5540 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
15:26:19.0178 5540 isapnp - ok
15:26:19.0240 5540 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
15:26:19.0256 5540 iScsiPrt - ok
15:26:19.0287 5540 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
15:26:19.0287 5540 iteatapi - ok
15:26:19.0334 5540 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
15:26:19.0334 5540 iteraid - ok
15:26:19.0365 5540 JMCR (858c550ebbd243826a2193262c1b54a3) C:\Windows\system32\DRIVERS\jmcr.sys
15:26:19.0380 5540 JMCR - ok
15:26:19.0412 5540 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
15:26:19.0412 5540 kbdclass - ok
15:26:19.0474 5540 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
15:26:19.0474 5540 kbdhid - ok
15:26:19.0505 5540 KeyIso (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
15:26:19.0521 5540 KeyIso - ok
15:26:19.0568 5540 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
15:26:19.0583 5540 KSecDD - ok
15:26:19.0677 5540 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
15:26:19.0692 5540 KtmRm - ok
15:26:19.0755 5540 LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\system32\srvsvc.dll
15:26:19.0755 5540 LanmanServer - ok
15:26:19.0848 5540 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
15:26:19.0864 5540 LanmanWorkstation - ok
15:26:19.0973 5540 LightScribeService (793ff718477345cd5d232c50bed1e452) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
15:26:19.0973 5540 LightScribeService - ok
15:26:20.0020 5540 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
15:26:20.0020 5540 lltdio - ok
15:26:20.0067 5540 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
15:26:20.0082 5540 lltdsvc - ok
15:26:20.0129 5540 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
15:26:20.0129 5540 lmhosts - ok
15:26:20.0176 5540 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
15:26:20.0176 5540 LSI_FC - ok
15:26:20.0207 5540 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
15:26:20.0207 5540 LSI_SAS - ok
15:26:20.0254 5540 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
15:26:20.0254 5540 LSI_SCSI - ok
15:26:20.0301 5540 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
15:26:20.0301 5540 luafv - ok
15:26:20.0348 5540 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
15:26:20.0348 5540 Mcx2Svc - ok
15:26:20.0379 5540 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
15:26:20.0379 5540 megasas - ok
15:26:20.0441 5540 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
15:26:20.0441 5540 MegaSR - ok
15:26:20.0488 5540 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
15:26:20.0504 5540 MMCSS - ok
15:26:20.0535 5540 MobilityService - ok
15:26:20.0582 5540 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
15:26:20.0597 5540 Modem - ok
15:26:20.0613 5540 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
15:26:20.0613 5540 monitor - ok
15:26:20.0660 5540 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
15:26:20.0660 5540 mouclass - ok
15:26:20.0691 5540 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
15:26:20.0691 5540 mouhid - ok
15:26:20.0738 5540 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
15:26:20.0738 5540 MountMgr - ok
15:26:20.0800 5540 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
15:26:20.0800 5540 mpio - ok
15:26:20.0831 5540 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
15:26:20.0831 5540 mpsdrv - ok
15:26:20.0878 5540 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
15:26:20.0878 5540 Mraid35x - ok
15:26:20.0925 5540 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
15:26:20.0925 5540 MRxDAV - ok
15:26:20.0972 5540 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
15:26:20.0972 5540 mrxsmb - ok
15:26:21.0034 5540 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:26:21.0034 5540 mrxsmb10 - ok
15:26:21.0050 5540 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:26:21.0065 5540 mrxsmb20 - ok
15:26:21.0128 5540 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
15:26:21.0128 5540 msahci - ok
15:26:21.0174 5540 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
15:26:21.0190 5540 msdsm - ok
15:26:21.0237 5540 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
15:26:21.0237 5540 MSDTC - ok
15:26:21.0284 5540 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
15:26:21.0284 5540 Msfs - ok
15:26:21.0330 5540 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
15:26:21.0330 5540 msisadrv - ok
15:26:21.0393 5540 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
15:26:21.0393 5540 MSiSCSI - ok
15:26:21.0424 5540 msiserver - ok
15:26:21.0580 5540 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
15:26:21.0580 5540 MSKSSRV - ok
15:26:21.0627 5540 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
15:26:21.0627 5540 MSPCLOCK - ok
15:26:21.0674 5540 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
15:26:21.0674 5540 MSPQM - ok
15:26:21.0736 5540 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
15:26:21.0736 5540 MsRPC - ok
15:26:21.0752 5540 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
15:26:21.0752 5540 mssmbios - ok
15:26:21.0814 5540 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
15:26:21.0814 5540 MSTEE - ok
15:26:21.0845 5540 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
15:26:21.0861 5540 Mup - ok
15:26:21.0923 5540 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
15:26:21.0939 5540 napagent - ok
15:26:22.0032 5540 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
15:26:22.0032 5540 NativeWifiP - ok
15:26:22.0110 5540 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
15:26:22.0142 5540 NDIS - ok
15:26:22.0173 5540 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
15:26:22.0173 5540 NdisTapi - ok
15:26:22.0204 5540 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
15:26:22.0204 5540 Ndisuio - ok
15:26:22.0344 5540 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
15:26:22.0344 5540 NdisWan - ok
15:26:22.0360 5540 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
15:26:22.0360 5540 NDProxy - ok
15:26:22.0391 5540 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
15:26:22.0391 5540 NetBIOS - ok
15:26:22.0454 5540 netbt (c5d51852d2897a2f13a26c222eb00565) C:\Windows\system32\DRIVERS\netbt.sys
15:26:22.0454 5540 netbt ( Virus.Win32.ZAccess.k ) - infected
15:26:22.0454 5540 netbt - detected Virus.Win32.ZAccess.k (0)
15:26:22.0485 5540 Netlogon (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
15:26:22.0500 5540 Netlogon - ok
15:26:22.0563 5540 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
15:26:22.0578 5540 Netman - ok
15:26:22.0625 5540 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
15:26:22.0641 5540 netprofm - ok
15:26:22.0719 5540 NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:26:22.0766 5540 NetTcpPortSharing - ok
15:26:22.0953 5540 NETw5v32 (e559ea9138c77b5d1fda8c558764a25f) C:\Windows\system32\DRIVERS\NETw5v32.sys
15:26:23.0000 5540 NETw5v32 - ok
15:26:23.0046 5540 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
15:26:23.0046 5540 nfrd960 - ok
15:26:23.0124 5540 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
15:26:23.0124 5540 NlaSvc - ok
15:26:23.0187 5540 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
15:26:23.0187 5540 Npfs - ok
15:26:23.0202 5540 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
15:26:23.0218 5540 nsi - ok
15:26:23.0234 5540 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
15:26:23.0234 5540 nsiproxy - ok
15:26:23.0312 5540 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
15:26:23.0343 5540 Ntfs - ok
15:26:23.0405 5540 NTIBackupSvc (cb76f68ba0d57c5d25b538981b1c611c) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
15:26:23.0405 5540 NTIBackupSvc - ok
15:26:23.0468 5540 NTIDrvr (2757d2ba59aee155209e24942ab127c9) C:\Windows\system32\DRIVERS\NTIDrvr.sys
15:26:23.0468 5540 NTIDrvr - ok
15:26:23.0546 5540 NTIPPKernel (547bfa3591c70674b0bfc99354ab78b3) C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys
15:26:23.0546 5540 NTIPPKernel - ok
15:26:23.0608 5540 NTISchedulerSvc (df1c10a75df7e50195fc417f88a33227) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
15:26:23.0608 5540 NTISchedulerSvc - ok
15:26:23.0717 5540 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
15:26:23.0717 5540 ntrigdigi - ok
15:26:23.0764 5540 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
15:26:23.0764 5540 Null - ok
15:26:23.0826 5540 NVHDA (f972dc046c374a9e02f2dfbe74ebb203) C:\Windows\system32\drivers\nvhda32v.sys
15:26:23.0826 5540 NVHDA - ok
15:26:24.0107 5540 nvlddmkm (0a19680ca54d262534f8a2f4cf79e271) C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:26:24.0216 5540 nvlddmkm - ok
15:26:24.0310 5540 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
15:26:24.0310 5540 nvraid - ok
15:26:24.0341 5540 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
15:26:24.0341 5540 nvstor - ok
15:26:24.0388 5540 nvsvc (342fcbf0b293dbec54b055418df1ee7e) C:\Windows\system32\nvvsvc.exe
15:26:24.0404 5540 nvsvc - ok
15:26:24.0435 5540 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
15:26:24.0450 5540 nv_agp - ok
15:26:24.0466 5540 NwlnkFlt - ok
15:26:24.0482 5540 NwlnkFwd - ok
15:26:24.0653 5540 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
15:26:24.0653 5540 odserv - ok
15:26:24.0731 5540 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
15:26:24.0731 5540 ohci1394 - ok
15:26:24.0856 5540 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:26:24.0872 5540 ose - ok
15:26:25.0012 5540 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
15:26:25.0043 5540 p2pimsvc - ok
15:26:25.0074 5540 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
15:26:25.0090 5540 p2psvc - ok
15:26:25.0168 5540 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
15:26:25.0184 5540 Parport - ok
15:26:25.0215 5540 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
15:26:25.0230 5540 partmgr - ok
15:26:25.0262 5540 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
15:26:25.0262 5540 Parvdm - ok
15:26:25.0308 5540 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
15:26:25.0324 5540 PcaSvc - ok
15:26:25.0386 5540 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
15:26:25.0386 5540 pci - ok
15:26:25.0418 5540 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
15:26:25.0418 5540 pciide - ok
15:26:25.0449 5540 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
15:26:25.0449 5540 pcmcia - ok
15:26:25.0511 5540 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
15:26:25.0542 5540 PEAUTH - ok
15:26:25.0652 5540 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
15:26:25.0730 5540 pla - ok
15:26:25.0792 5540 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
15:26:25.0808 5540 PlugPlay - ok
15:26:25.0886 5540 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
15:26:25.0901 5540 PNRPAutoReg - ok
15:26:25.0948 5540 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
15:26:25.0964 5540 PNRPsvc - ok
15:26:26.0026 5540 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
15:26:26.0042 5540 PolicyAgent - ok
15:26:26.0151 5540 postgresql-8.4 - ok
15:26:26.0244 5540 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
15:26:26.0244 5540 PptpMiniport - ok
15:26:26.0307 5540 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
15:26:26.0307 5540 Processor - ok
15:26:26.0338 5540 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
15:26:26.0369 5540 ProfSvc - ok
15:26:26.0400 5540 ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
15:26:26.0416 5540 ProtectedStorage - ok
15:26:26.0463 5540 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
15:26:26.0463 5540 PSched - ok
15:26:26.0541 5540 PSDFilter (ab94285ff6c6bc5433407d8d182a4bb4) C:\Windows\system32\DRIVERS\psdfilter.sys
15:26:26.0541 5540 PSDFilter - ok
15:26:26.0572 5540 PSDNServ (2aaf9a5d7a63d26bfaea853c5f2292bc) C:\Windows\system32\DRIVERS\PSDNServ.sys
15:26:26.0572 5540 PSDNServ - ok
15:26:26.0634 5540 psdvdisk (0eb8cec99855beae5b0d02c2302619ef) C:\Windows\system32\DRIVERS\PSDVdisk.sys
15:26:26.0634 5540 psdvdisk - ok
15:26:26.0728 5540 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
15:26:26.0744 5540 ql2300 - ok
15:26:26.0775 5540 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
15:26:26.0775 5540 ql40xx - ok
15:26:26.0837 5540 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
15:26:26.0853 5540 QWAVE - ok
15:26:26.0884 5540 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
15:26:26.0884 5540 QWAVEdrv - ok
15:26:26.0900 5540 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
15:26:26.0900 5540 RasAcd - ok
15:26:26.0931 5540 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
15:26:26.0946 5540 RasAuto - ok
15:26:26.0962 5540 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
15:26:26.0962 5540 Rasl2tp - ok
15:26:27.0024 5540 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
15:26:27.0056 5540 RasMan - ok
15:26:27.0102 5540 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
15:26:27.0102 5540 RasPppoe - ok
15:26:27.0149 5540 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
15:26:27.0149 5540 RasSstp - ok
15:26:27.0212 5540 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
15:26:27.0227 5540 rdbss - ok
15:26:27.0258 5540 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
15:26:27.0258 5540 RDPCDD - ok
15:26:27.0321 5540 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
15:26:27.0336 5540 rdpdr - ok
15:26:27.0336 5540 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
15:26:27.0352 5540 RDPENCDD - ok
15:26:27.0399 5540 RDPWD (79c6df8477250f5c54f7c5ae1d6b814e) C:\Windows\system32\drivers\RDPWD.sys
15:26:27.0399 5540 RDPWD - ok
15:26:27.0461 5540 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
15:26:27.0461 5540 RemoteAccess - ok
15:26:27.0524 5540 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
15:26:27.0539 5540 RemoteRegistry - ok
15:26:27.0602 5540 RichVideo (17e0bef5ca5c9ce52cc8082ac6ebc449) C:\Program Files\Cyberlink\Shared files\RichVideo.exe
15:26:27.0602 5540 RichVideo - ok
15:26:27.0664 5540 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
15:26:27.0664 5540 RpcLocator - ok
15:26:27.0742 5540 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
15:26:27.0758 5540 RpcSs - ok
15:26:27.0836 5540 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
15:26:27.0836 5540 rspndr - ok
15:26:27.0882 5540 SamSs (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
15:26:27.0882 5540 SamSs - ok
15:26:28.0023 5540 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
15:26:28.0023 5540 sbp2port - ok
15:26:28.0132 5540 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
15:26:28.0132 5540 SCardSvr - ok
15:26:28.0226 5540 Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
15:26:28.0257 5540 Schedule - ok
15:26:28.0366 5540 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
15:26:28.0366 5540 SCPolicySvc - ok
15:26:28.0491 5540 sdbus (126ea89bcc413ee45e3004fb0764888f) C:\Windows\system32\DRIVERS\sdbus.sys
15:26:28.0491 5540 sdbus - ok
15:26:28.0538 5540 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
15:26:28.0553 5540 SDRSVC - ok
15:26:28.0600 5540 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
15:26:28.0600 5540 secdrv - ok
15:26:28.0631 5540 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
15:26:28.0631 5540 seclogon - ok
15:26:28.0694 5540 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll
15:26:28.0694 5540 SENS - ok
15:26:28.0725 5540 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
15:26:28.0725 5540 Serenum - ok
15:26:28.0756 5540 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
15:26:28.0756 5540 Serial - ok
15:26:28.0787 5540 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
15:26:28.0787 5540 sermouse - ok
15:26:28.0834 5540 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
15:26:28.0850 5540 SessionEnv - ok
15:26:28.0881 5540 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
15:26:28.0881 5540 sffdisk - ok
15:26:28.0912 5540 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
15:26:28.0912 5540 sffp_mmc - ok
15:26:28.0928 5540 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
15:26:28.0928 5540 sffp_sd - ok
15:26:28.0959 5540 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
15:26:28.0959 5540 sfloppy - ok
15:26:29.0006 5540 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
15:26:29.0006 5540 SharedAccess - ok
15:26:29.0068 5540 ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
15:26:29.0084 5540 ShellHWDetection - ok
15:26:29.0099 5540 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
15:26:29.0099 5540 sisagp - ok
15:26:29.0130 5540 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
15:26:29.0130 5540 SiSRaid2 - ok
15:26:29.0162 5540 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
15:26:29.0162 5540 SiSRaid4 - ok
15:26:29.0333 5540 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
15:26:29.0380 5540 slsvc - ok
15:26:29.0474 5540 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
15:26:29.0489 5540 SLUINotify - ok
15:26:29.0536 5540 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
15:26:29.0552 5540 Smb - ok
15:26:29.0630 5540 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
15:26:29.0630 5540 SNMPTRAP - ok
15:26:29.0676 5540 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
15:26:29.0676 5540 spldr - ok
15:26:29.0723 5540 Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
15:26:29.0739 5540 Spooler - ok
15:26:29.0848 5540 sptd (cdddec541bc3c96f91ecb48759673505) C:\Windows\system32\Drivers\sptd.sys
15:26:29.0848 5540 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505
15:26:29.0848 5540 sptd ( LockedFile.Multi.Generic ) - warning
15:26:29.0848 5540 sptd - detected LockedFile.Multi.Generic (1)
15:26:29.0910 5540 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
15:26:29.0910 5540 srv - ok
15:26:29.0942 5540 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
15:26:29.0942 5540 srv2 - ok
15:26:29.0973 5540 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
15:26:29.0973 5540 srvnet - ok
15:26:30.0004 5540 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
15:26:30.0020 5540 SSDPSRV - ok
15:26:30.0066 5540 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
15:26:30.0066 5540 ssmdrv - ok
15:26:30.0098 5540 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
15:26:30.0113 5540 SstpSvc - ok
15:26:30.0191 5540 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
15:26:30.0222 5540 stisvc - ok
15:26:30.0285 5540 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
15:26:30.0285 5540 swenum - ok
15:26:30.0394 5540 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
15:26:30.0456 5540 swprv - ok
15:26:30.0566 5540 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
15:26:30.0566 5540 Symc8xx - ok
15:26:30.0597 5540 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
15:26:30.0597 5540 Sym_hi - ok
15:26:30.0659 5540 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
15:26:30.0675 5540 Sym_u3 - ok
15:26:30.0737 5540 SynTP (bf7aa84d5af0faa0978c840e63b17dbf) C:\Windows\system32\DRIVERS\SynTP.sys
15:26:30.0737 5540 SynTP - ok
15:26:30.0831 5540 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
15:26:30.0862 5540 SysMain - ok
15:26:30.0909 5540 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
15:26:30.0909 5540 TabletInputService - ok
15:26:31.0002 5540 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
15:26:31.0018 5540 TapiSrv - ok
15:26:31.0065 5540 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
15:26:31.0080 5540 TBS - ok
15:26:31.0205 5540 Tcpip (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys
15:26:31.0236 5540 Tcpip - ok
15:26:31.0299 5540 Tcpip6 (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys
15:26:31.0314 5540 Tcpip6 - ok
15:26:31.0361 5540 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
15:26:31.0361 5540 tcpipreg - ok
15:26:31.0408 5540 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
15:26:31.0408 5540 TDPIPE - ok
15:26:31.0455 5540 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
15:26:31.0455 5540 TDTCP - ok
15:26:31.0533 5540 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
15:26:31.0533 5540 tdx - ok
15:26:31.0580 5540 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
15:26:31.0580 5540 TermDD - ok
15:26:31.0642 5540 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
15:26:31.0658 5540 TermService - ok
15:26:31.0736 5540 Themes (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
15:26:31.0751 5540 Themes - ok
15:26:31.0798 5540 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
15:26:31.0798 5540 THREADORDER - ok
15:26:31.0845 5540 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
15:26:31.0860 5540 TrkWks - ok
15:26:31.0907 5540 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
15:26:31.0907 5540 TrustedInstaller - ok
15:26:31.0985 5540 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
15:26:31.0985 5540 tssecsrv - ok
15:26:32.0048 5540 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
15:26:32.0048 5540 tunmp - ok
15:26:32.0063 5540 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
15:26:32.0063 5540 tunnel - ok
15:26:32.0094 5540 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
15:26:32.0094 5540 uagp35 - ok
15:26:32.0141 5540 UBHelper (f763e070843ee2803de1395002b42938) C:\Windows\system32\drivers\UBHelper.sys
15:26:32.0157 5540 UBHelper - ok
15:26:32.0204 5540 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
15:26:32.0204 5540 udfs - ok
15:26:32.0266 5540 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
15:26:32.0266 5540 UI0Detect - ok
15:26:32.0328 5540 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
15:26:32.0344 5540 uliagpkx - ok
15:26:32.0391 5540 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
15:26:32.0391 5540 uliahci - ok
15:26:32.0438 5540 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
15:26:32.0438 5540 UlSata - ok
15:26:32.0469 5540 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
15:26:32.0469 5540 ulsata2 - ok
15:26:32.0516 5540 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
15:26:32.0516 5540 umbus - ok
15:26:32.0578 5540 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
15:26:32.0594 5540 upnphost - ok
15:26:32.0718 5540 USBAAPL (eafe1e00739afe6c51487a050e772e17) C:\Windows\system32\Drivers\usbaapl.sys
15:26:32.0718 5540 USBAAPL - ok
15:26:32.0781 5540 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
15:26:32.0781 5540 usbccgp - ok
15:26:32.0828 5540 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
15:26:32.0843 5540 usbcir - ok
15:26:32.0874 5540 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
15:26:32.0874 5540 usbehci - ok
15:26:32.0937 5540 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
15:26:32.0937 5540 usbhub - ok
15:26:32.0968 5540 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
15:26:32.0968 5540 usbohci - ok
15:26:33.0030 5540 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
15:26:33.0030 5540 usbprint - ok
15:26:33.0108 5540 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
15:26:33.0108 5540 usbscan - ok
15:26:33.0155 5540 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:26:33.0171 5540 USBSTOR - ok
15:26:33.0218 5540 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
15:26:33.0218 5540 usbuhci - ok
15:26:33.0265 5540 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
15:26:33.0281 5540 usbvideo - ok
15:26:33.0343 5540 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
15:26:33.0359 5540 UxSms - ok
15:26:33.0421 5540 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
15:26:33.0453 5540 vds - ok
15:26:33.0499 5540 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
15:26:33.0499 5540 vga - ok
15:26:33.0546 5540 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
15:26:33.0546 5540 VgaSave - ok
15:26:33.0577 5540 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
15:26:33.0577 5540 viaagp - ok
15:26:33.0624 5540 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
15:26:33.0624 5540 ViaC7 - ok
15:26:33.0655 5540 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
15:26:33.0655 5540 viaide - ok
15:26:33.0687 5540 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
15:26:33.0687 5540 volmgr - ok
15:26:33.0749 5540 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
15:26:33.0749 5540 volmgrx - ok
15:26:33.0796 5540 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
15:26:33.0796 5540 volsnap - ok
15:26:33.0843 5540 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
15:26:33.0843 5540 vsmraid - ok
15:26:33.0921 5540 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
15:26:33.0983 5540 VSS - ok
15:26:34.0045 5540 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
15:26:34.0061 5540 W32Time - ok
15:26:34.0139 5540 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
15:26:34.0139 5540 WacomPen - ok
15:26:34.0186 5540 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
15:26:34.0186 5540 Wanarp - ok
15:26:34.0186 5540 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
15:26:34.0201 5540 Wanarpv6 - ok
15:26:34.0248 5540 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
15:26:34.0279 5540 wcncsvc - ok
15:26:34.0311 5540 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
15:26:34.0326 5540 WcsPlugInService - ok
15:26:34.0373 5540 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
15:26:34.0373 5540 Wd - ok
15:26:34.0420 5540 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
15:26:34.0435 5540 Wdf01000 - ok
15:26:34.0467 5540 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
15:26:34.0482 5540 WdiServiceHost - ok
15:26:34.0482 5540 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
15:26:34.0498 5540 WdiSystemHost - ok
15:26:34.0560 5540 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
15:26:34.0576 5540 WebClient - ok
15:26:34.0638 5540 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
15:26:34.0654 5540 Wecsvc - ok
15:26:34.0701 5540 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
15:26:34.0716 5540 wercplsupport - ok
15:26:34.0763 5540 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
15:26:34.0779 5540 WerSvc - ok
15:26:34.0872 5540 winbondcir (3fa87d56769838aac82fafc3e78fc732) C:\Windows\system32\DRIVERS\winbondcir.sys
15:26:34.0872 5540 winbondcir - ok
15:26:34.0888 5540 WinHttpAutoProxySvc - ok
15:26:34.0981 5540 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
15:26:34.0981 5540 Winmgmt - ok
15:26:35.0075 5540 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
15:26:35.0153 5540 WinRM - ok
15:26:35.0247 5540 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
15:26:35.0293 5540 Wlansvc - ok
15:26:35.0340 5540 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
15:26:35.0340 5540 WmiAcpi - ok
15:26:35.0434 5540 wmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
15:26:35.0434 5540 wmiApSrv - ok
15:26:35.0512 5540 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
15:26:35.0559 5540 WMPNetworkSvc - ok
15:26:35.0621 5540 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
15:26:35.0668 5540 WPCSvc - ok
15:26:35.0746 5540 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
15:26:35.0761 5540 WPDBusEnum - ok
15:26:35.0855 5540 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
15:26:35.0855 5540 WpdUsb - ok
15:26:36.0011 5540 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
15:26:36.0042 5540 WPFFontCache_v0400 - ok
15:26:36.0151 5540 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
15:26:36.0151 5540 ws2ifsl - ok
15:26:36.0198 5540 WSearch - ok
15:26:36.0307 5540 wuauserv (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
15:26:36.0401 5540 wuauserv - ok
15:26:36.0495 5540 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
15:26:36.0495 5540 WUDFRd - ok
15:26:36.0557 5540 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
15:26:36.0573 5540 wudfsvc - ok
15:26:36.0666 5540 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796} (4d840c6af3c020ed3a35efba9025cf4a) C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl
15:26:36.0666 5540 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796} - ok
15:26:36.0713 5540 MBR (0x1B8) (7ba4c7ea1ef33a92f5f01be63edacb6a) \Device\Harddisk0\DR0
15:26:44.0029 5540 \Device\Harddisk0\DR0 - ok
15:26:44.0045 5540 Boot (0x1200) (652dd192a7caf13e954ea2c55ea8f2f1) \Device\Harddisk0\DR0\Partition0
15:26:44.0045 5540 \Device\Harddisk0\DR0\Partition0 - ok
15:26:44.0076 5540 Boot (0x1200) (7ebd0a60284dc66377a0a9f12fccef1e) \Device\Harddisk0\DR0\Partition1
15:26:44.0076 5540 \Device\Harddisk0\DR0\Partition1 - ok
15:26:44.0076 5540 ============================================================
15:26:44.0076 5540 Scan finished
15:26:44.0076 5540 ============================================================
15:26:44.0139 5712 Detected object count: 2
15:26:44.0139 5712 Actual detected object count: 2
15:27:24.0964 5712 C:\Windows\system32\DRIVERS\netbt.sys - copied to quarantine
15:27:25.0026 5712 C:\Windows\$NtUninstallKB55425$\691663288\@ - copied to quarantine
15:27:25.0026 5712 C:\Windows\$NtUninstallKB55425$\691663288\cfg.ini - copied to quarantine
15:27:25.0057 5712 C:\Windows\$NtUninstallKB55425$\691663288\Desktop.ini - copied to quarantine
15:27:25.0104 5712 C:\Windows\$NtUninstallKB55425$\691663288\L\qnbwvoto - copied to quarantine
15:27:25.0120 5712 C:\Windows\$NtUninstallKB55425$\691663288\oemid - copied to quarantine
15:27:25.0151 5712 C:\Windows\$NtUninstallKB55425$\691663288\U\00000001.@ - copied to quarantine
15:27:25.0229 5712 C:\Windows\$NtUninstallKB55425$\691663288\U\00000002.@ - copied to quarantine
15:27:25.0276 5712 C:\Windows\$NtUninstallKB55425$\691663288\U\00000004.@ - copied to quarantine
15:27:25.0385 5712 C:\Windows\$NtUninstallKB55425$\691663288\U\80000000.@ - copied to quarantine
15:27:25.0416 5712 C:\Windows\$NtUninstallKB55425$\691663288\U\80000004.@ - copied to quarantine
15:27:25.0494 5712 C:\Windows\$NtUninstallKB55425$\691663288\U\80000032.@ - copied to quarantine
15:27:25.0541 5712 C:\Windows\$NtUninstallKB55425$\691663288\version - copied to quarantine
15:27:25.0697 5712 VerifyFileNameVersionInfo: GetFileVersionInfoSizeW(C:\Windows\system32\drivers\netbt.sys) error 1813
15:27:31.0687 5712 Backup copy found, using it..
15:27:31.0750 5712 C:\Windows\system32\DRIVERS\netbt.sys - will be cured on reboot
15:27:34.0901 5712 C:\Windows\$NtUninstallKB55425$\525419949 - will be deleted on reboot
15:27:34.0917 5712 C:\Windows\$NtUninstallKB55425$\691663288\@ - will be deleted on reboot
15:27:34.0917 5712 C:\Windows\$NtUninstallKB55425$\691663288\cfg.ini - will be deleted on reboot
15:27:34.0917 5712 C:\Windows\$NtUninstallKB55425$\691663288\Desktop.ini - will be deleted on reboot
15:27:34.0917 5712 C:\Windows\$NtUninstallKB55425$\691663288\oemid - will be deleted on reboot
15:27:34.0917 5712 C:\Windows\$NtUninstallKB55425$\691663288\U\00000001.@ - will be deleted on reboot
15:27:34.0917 5712 C:\Windows\$NtUninstallKB55425$\691663288\U\00000002.@ - will be deleted
0
Réponse 3 / 38
Fish66 Messages postés 17505 Date d'inscription dimanche 24 juillet 2011 Statut Contributeur sécurité Dernière intervention 16 juin 2021 1 318
15 avril 2012 à 15:58
Re,

Redémarre ton PC et fais ceci stp :

Avant d'utiliser ComboFix :

Les logiciels d'émulation de CD comme Daemon Tools peuvent gêner les outils de désinfection. Utilise Defogger pour les désactiver temporairement :

si tu as ce genre de d'outils sur ton pc Utilise Defogger pour les désactiver temporairement : sinon passe directement à combofix

* Télécharge Defogger (de jpshortstuff) sur ton Bureau
* Lance le

* Une fenêtre apparait : clique sur "Disable"

* Fais redémarrer l'ordinateur si l'outil te le demande

Note : Quand nous aurons terminé la désinfection, tu pourras réactiver ces logiciels en relançant Defogger et en cliquant sur "Re-enable"

===================================================

Attention, avant de commencer, lis attentivement la procédure

********************************************************

/!\ Ne pas utiliser ce logiciel en dehors du cadre de cette désinfection : DANGEUREUX /!\

* Fais un clic droit sur ce lien, enregistre le dans ton bureau sous un autre nom exemple « ton pseudo.exe »
Voici Aide combofix

* /!\ Déconnecte-toi du net et ARRÊTE TES LOGICIELS DE PROTECTION /!\


*Double-clique sur ComboFix.exe (ou exécuter en tant qu'administrateur pour vista et seven)

Un "pop-up" va apparaître qui dit que ComboFix est utilisé à vos risques et avec aucune garantie... Clique sur oui pour accepter

** SURTOUT INSTALLES LA CONSOLE DE RECUPERATION
(si il te propose de l'installer remets internet)

? Ne touche à rien(souris, clavier) tant que le scan n'est pas terminé, car tu risques de planter ton PC

*En fin de scan, il est possible que ComboFix ait besoin de redémarrer le PC pour finaliser la désinfection, laisse-le faire.

* Une fois le scan achevé, un rapport va s'afficher : Poste son contenu

** /!\ Réactive la protection en temps réel de ton antivirus et de ton antispyware avant de te reconnecter à Internet. /!\

*Note : Le rapport se trouve également là : C:\ComboFix.txt

@+

0
Réponse 4 / 38
Sookie
15 avril 2012 à 16:02
15:27:34.0917 5712 C:\Windows\$NtUninstallKB55425$\691663288\U\00000004.@ - will be deleted on reboot
15:27:34.0917 5712 C:\Windows\$NtUninstallKB55425$\691663288\U\80000000.@ - will be deleted on reboot
15:27:34.0917 5712 C:\Windows\$NtUninstallKB55425$\691663288\U\80000004.@ - will be deleted on reboot
15:27:34.0917 5712 C:\Windows\$NtUninstallKB55425$\691663288\U\80000032.@ - will be deleted on reboot
15:27:34.0917 5712 C:\Windows\$NtUninstallKB55425$\691663288\version - will be deleted on reboot
15:27:34.0917 5712 netbt ( Virus.Win32.ZAccess.k ) - User select action: Cure
15:27:34.0932 5712 sptd ( LockedFile.Multi.Generic ) - skipped by user
15:27:34.0932 5712 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
15:27:58.0597 5044 Deinitialize success
0
Fish66 Messages postés 17505 Date d'inscription dimanche 24 juillet 2011 Statut Contributeur sécurité Dernière intervention 16 juin 2021 1 318
15 avril 2012 à 16:30
Il manque ce que je t'ai demandé : >>> ICI <<<

@+
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 38
Sookie
15 avril 2012 à 17:07
Bon j'ai installé Combofix, l'ai exécuter mais je n'ai pas pu générer de rapport.

Il m'a mit:

Votre PC est infécté par Rootkit.ZeroAcess. Il s'est inséré dans la pile tcp/ip.

Puis: Un Rootkit a été détécté

Enfin: ComboFix a détécté la présence d'une activité de Rootkit et à besoin de faire redémarrer votre ordinateur. Ce qui a été fait

Aucune des étapes comme montré dans le tutorial ne s'est lancé
0
Réponse 6 / 38
Fish66 Messages postés 17505 Date d'inscription dimanche 24 juillet 2011 Statut Contributeur sécurité Dernière intervention 16 juin 2021 1 318
15 avril 2012 à 18:10
Re,

Télécharger AntiZeroAccess sur le bureau
* Double-cliquez dessus pour l'exécuter (Si vous utilisez Vista ou Windows 7, faites un clic droit dessus et sélectionnez "Exécuter en tant qu'administrateur")
* Tapez y et appuyez sur Entrée pour lancer le scan
* Si un redémarrage est nécessaire, le faire immédiatement.
* Poster le rapport AntiZeroAccess_Log.txt sur le forum.
* Ce fichier est enregistré dans le même emplacement que le programme AntiZeroAccess.

@+

0
Réponse 7 / 38
Sookie
15 avril 2012 à 19:35
Voici le fichier

Webroot AntiZeroAccess 0.8 Log File
Execution time: 15/04/2012 - 19:34
Host operation System: Windows Vista X86 version 6.0.6002 Service Pack 2
19:34:11 - CheckSystem - Begin to check system...
19:34:11 - OpenRootDrive - Opening system root volume and physical drive....
19:34:11 - C Root Drive: Disk number: 0 Start sector: 0x01400800 Partition Size: 0x12016800 sectors.
19:34:11 - PrevX Main driver extracted in "C:\Windows\system32\drivers\ZeroAccess.sys".
19:34:11 - InstallAndStartDriver - Main driver was installed and now is running.
19:34:11 - CheckSystem - Disk class driver state is OK.
19:34:15 - CheckFile - Unable to read "sptd.sys" file. CreateFile last eror: 0x00000020.
19:34:16 - StopAndRemoveDriver - AntiZeroAccess Driver is stopped and removed.
19:34:16 - StopAndRemoveDriver - File "ZeroAccess.sys" was deleted!
19:34:16 - Execution Ended!
0
Réponse 8 / 38
Fish66 Messages postés 17505 Date d'inscription dimanche 24 juillet 2011 Statut Contributeur sécurité Dernière intervention 16 juin 2021 1 318
15 avril 2012 à 21:10
Re,

/!\ ATTENTION : cette analyse peut durer quelques heures /!\

* Télécharge MBAM et installe le selon l'emplacement par défaut
https://www.malwarebytes.com/mwb-download/
* Lance Malwarebytes' Anti-Malware
* Fais la mise à jour
* Clique dans l'onglet "Recherche"
* Coche l'option "Exécuter un examen complet" puis sur le bouton "Rechercher"
* Choisis de scanner tous tes disques durs, puis clique sur 'Lancer l'examen"

A la fin de l'analyse, si MBAM n'a rien trouvé :

* Clique sur OK, le rapport s'ouvre spontanément

Si des menaces ont été détectées :

* Clique sur OK puis "Afficher les résultats"
*Vérifie que toutes les lignes sont cochées
* Choisis l'option "Supprimer la sélection"
* Si MBAM demande le redémarrage de Windows : Clique sur "Oui"
* Le rapport s'ouvre automatiquement après la suppression, il se trouve aussi dans l'onglet "Rapports/Logs"

* Copie/colle le rapport dans le prochain message


Remarque :
- S'il y'a un problème de mise à jour de mbam, tu peux la faire manuellement en téléchargeant ce fichier puis en l'exécutant.

@+
0
Réponse 9 / 38
Sookie
16 avril 2012 à 00:43
Voici le rapport:

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Version de la base de données: v2012.04.15.05

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 8.0.6001.19222
acer :: PC-DE-ACER [administrateur]

15/04/2012 21:17:02
mbam-log-2012-04-15 (21-17-02).txt

Type d'examen: Examen complet
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 455842
Temps écoulé: 3 heure(s), 24 minute(s), 34 seconde(s)

Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Module(s) mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Clé(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)

Valeur(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)

Elément(s) de données du Registre détecté(s): 0
(Aucun élément nuisible détecté)

Dossier(s) détecté(s): 0
(Aucun élément nuisible détecté)

Fichier(s) détecté(s): 1
C:\TDSSKiller_Quarantine\15.04.2012_15.25.59\rtkt0000\zafs0000\tsk0002.dta (Rootkit.0Access) -> Mis en quarantaine et supprimé avec succès.

(fin)
0
Réponse 10 / 38
Fish66 Messages postés 17505 Date d'inscription dimanche 24 juillet 2011 Statut Contributeur sécurité Dernière intervention 16 juin 2021 1 318
16 avril 2012 à 09:10
Bonjour,

Télécharge ce fichier depuis ce lien : http://vil.nai.com/images/562354_2.zip
A décompresser et à lancer.

Aide : >>> ICI <<<

Tiens moi au courant si le rootkit est encore détecté

@+

0
Réponse 11 / 38
Sookie
16 avril 2012 à 21:35
Bonsoir.

Le programme n'a détécté aucun virus ou trojan. Le centre de sécurité est de nouveau opérationel sauf le pare feu windows qui est inactif et ne veut pas s'activer... Reste-t-il encore des traces ou non?
0
Réponse 12 / 38
Fish66 Messages postés 17505 Date d'inscription dimanche 24 juillet 2011 Statut Contributeur sécurité Dernière intervention 16 juin 2021 1 318
16 avril 2012 à 22:39
Re,

Nous allons effectuer un diagnostic de ton PC:
*Télécharge ZHPDiag sur ton bureau :

https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html
ou :
http://www.premiumorange.com/zeb-help-process/zhpdiag.html

* Laisse toi guider lors de l'installation,coche "Ajouter une icône sur le bureau" et décoche la case "Exécuter ZHPDiag"

/!\Utilisateur de Vista et Seven : Clique droit sur le logo de ZHPdiag, « exécuter en tant qu'Administrateur »

* Clique sur l'icône représentant une loupe (« Lancer le diagnostic »)
* Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette
* Héberge le rapport ZHPDiag.txt sur un des sites ci dessous, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum : http://pjjoint.malekal.com/
Si indisponible, tu peux essayer avec l'un de ces liens:
https://www.terafiles.net/
https://www.casimages.com/

* Tuto zhpdiag :
http://www.premiumorange.com/zeb-help-process/zhpdiag.html

Hébergement de rapport sur pjjoint.malekal.com

Rends toi sur pjjoint.malekal.com
* Clique sur le bouton Parcourir
* Sélectionne le fichier que tu veux héberger et clique sur Ouvrir
* Clique sur le bouton Envoyer
* Un message de confirmation s'affiche (L'upload a réussi ! - Le lien à transmettre à vos correspondant pour visualiser le fichier est : https://pjjoint.malekal.com/files.php?id=df5ea299241015

* Copie le lien dans ta prochaine réponse.

@+
0
Réponse 13 / 38
Sookie
16 avril 2012 à 22:51
Voici le lien:

http://pjjoint.malekal.com/files.php?id=ZHPDiag_20120416_p13d7d14v812
0
Réponse 14 / 38
Fish66 Messages postés 17505 Date d'inscription dimanche 24 juillet 2011 Statut Contributeur sécurité Dernière intervention 16 juin 2021 1 318
17 avril 2012 à 14:00
Re,

Démarre en mode sans échec avec prise en charge du réseau :

Pour cela, tu tapotes la touche F8 dès le début de l'allumage du pc sans t'arrêter
Une fenêtre va s'ouvrir tu te déplaces avec les flèches du clavier sur >> démarrer en Mode sans échec avec prise en charge réseau
puis tape entrée.
Une fois sur le bureau s'il n'y a pas toutes les couleurs et autres c'est normal !
(Si F8 ne marche pas utilise la touche F5)

Dans ce mode tu lances combofix en suivant les instructions comme
expliqué : >>> ICI <<<

Puis poste le rapport, merci

@+


0
Sookie
17 avril 2012 à 21:00
Bonsoir.

J'ai lancé combofix en mode sans échec et il m'as mit exactement la même chose que précédemment.

Si ça peut aider il me met aussi juste après la phrase Combofix s'apprête à démarrer:

Failed to get dat for 'EnableLUA'
0
Réponse 15 / 38
Fish66 Messages postés 17505 Date d'inscription dimanche 24 juillet 2011 Statut Contributeur sécurité Dernière intervention 16 juin 2021 1 318
17 avril 2012 à 22:57
Re,
1/
Supprime combofix puis retélécharge le et enregistre le sous le nom : titti.exe puis tu continues le reste des procédures en tenant compte des instructions

S'il y'a eu un problème, essais en mode sans échec!

2/
Relance TDSSKiller puis poste le rapport stp

Bonne nuit

A demain
0
Réponse 16 / 38
Sookie
18 avril 2012 à 00:35
Bon j'ai essayé d'exécuter ComboFix normalement ainsi qu'en mode sans échec sans plus de résultats que précédemment...

Voici quand même le rapport TDSSKiller:

00:34:03.0813 4432 TDSS rootkit removing tool 2.7.28.0 Apr 10 2012 16:54:05
00:34:04.0062 4432 ============================================================
00:34:04.0062 4432 Current date / time: 2012/04/18 00:34:04.0062
00:34:04.0062 4432 SystemInfo:
00:34:04.0062 4432
00:34:04.0062 4432 OS Version: 6.0.6002 ServicePack: 2.0
00:34:04.0062 4432 Product type: Workstation
00:34:04.0062 4432 ComputerName: PC-DE-ACER
00:34:04.0062 4432 UserName: acer
00:34:04.0062 4432 Windows directory: C:\Windows
00:34:04.0062 4432 System windows directory: C:\Windows
00:34:04.0062 4432 Processor architecture: Intel x86
00:34:04.0062 4432 Number of processors: 2
00:34:04.0062 4432 Page size: 0x1000
00:34:04.0062 4432 Boot type: Normal boot
00:34:04.0062 4432 ============================================================
00:34:04.0967 4432 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
00:34:04.0967 4432 \Device\Harddisk0\DR0:
00:34:04.0967 4432 MBR used
00:34:04.0967 4432 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1400800, BlocksNum 0x12016800
00:34:04.0967 4432 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x13417000, BlocksNum 0x12017000
00:34:05.0654 4432 Initialize success
00:34:05.0654 4432 ============================================================
00:34:07.0526 2228 ============================================================
00:34:07.0526 2228 Scan started
00:34:07.0526 2228 Mode: Manual;
00:34:07.0526 2228 ============================================================
00:34:08.0040 2228 A310 (02e1c46c34f2d2843533c4f223867930) C:\Windows\system32\DRIVERS\AVerA310USB.sys
00:34:08.0040 2228 A310 - ok
00:34:08.0165 2228 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
00:34:08.0181 2228 ACPI - ok
00:34:08.0274 2228 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
00:34:08.0290 2228 adp94xx - ok
00:34:08.0321 2228 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
00:34:08.0337 2228 adpahci - ok
00:34:08.0384 2228 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
00:34:08.0399 2228 adpu160m - ok
00:34:08.0477 2228 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
00:34:08.0477 2228 adpu320 - ok
00:34:08.0602 2228 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
00:34:08.0602 2228 AeLookupSvc - ok
00:34:08.0711 2228 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
00:34:08.0711 2228 AFD - ok
00:34:08.0774 2228 AgereModemAudio (efbc44fbd75e4f80bd927aebf6e7eade) C:\Windows\system32\agrsmsvc.exe
00:34:08.0789 2228 AgereModemAudio - ok
00:34:08.0883 2228 AgereSoftModem (38325c6aa8eae011897d61ce48ec6435) C:\Windows\system32\DRIVERS\AGRSM.sys
00:34:08.0898 2228 AgereSoftModem - ok
00:34:09.0008 2228 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
00:34:09.0023 2228 agp440 - ok
00:34:09.0195 2228 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
00:34:09.0195 2228 aic78xx - ok
00:34:09.0351 2228 AlfaFF (8d59617a9c3dbf4650aa44f4e9215744) C:\Windows\system32\Drivers\AlfaFF.sys
00:34:09.0351 2228 AlfaFF - ok
00:34:09.0382 2228 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
00:34:09.0382 2228 ALG - ok
00:34:09.0444 2228 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
00:34:09.0444 2228 aliide - ok
00:34:09.0538 2228 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
00:34:09.0538 2228 amdagp - ok
00:34:09.0647 2228 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
00:34:09.0647 2228 amdide - ok
00:34:09.0710 2228 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
00:34:09.0710 2228 AmdK7 - ok
00:34:09.0741 2228 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
00:34:09.0741 2228 AmdK8 - ok
00:34:10.0006 2228 AntiVirSchedulerService (a5bcbaf0477c4869b67e0195aea4a9cd) C:\Program Files\Avira\AntiVir Desktop\sched.exe
00:34:10.0022 2228 AntiVirSchedulerService - ok
00:34:10.0256 2228 AntiVirService (3cce4afa4aacdb28e01a148394212186) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
00:34:10.0256 2228 AntiVirService - ok
00:34:10.0334 2228 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
00:34:10.0334 2228 Appinfo - ok
00:34:10.0443 2228 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
00:34:10.0458 2228 Apple Mobile Device - ok
00:34:10.0536 2228 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
00:34:10.0536 2228 arc - ok
00:34:10.0583 2228 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
00:34:10.0583 2228 arcsas - ok
00:34:10.0630 2228 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
00:34:10.0630 2228 AsyncMac - ok
00:34:10.0739 2228 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
00:34:10.0739 2228 atapi - ok
00:34:10.0786 2228 ATSWPDRV (5e19f7b730c6a32e83174e2d6fee4389) C:\Windows\system32\DRIVERS\ATSwpDrv.sys
00:34:10.0786 2228 ATSWPDRV - ok
00:34:10.0864 2228 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
00:34:10.0864 2228 AudioEndpointBuilder - ok
00:34:10.0895 2228 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
00:34:10.0895 2228 Audiosrv - ok
00:34:10.0973 2228 avgio (f1d43170fdd7399ee17ea32d4f868b0c) C:\Program Files\Avira\AntiVir Desktop\avgio.sys
00:34:10.0973 2228 avgio - ok
00:34:11.0550 2228 avgntflt (1e4114685de1ffa9675e09c6a1fb3f4b) C:\Windows\system32\DRIVERS\avgntflt.sys
00:34:11.0566 2228 avgntflt - ok
00:34:11.0644 2228 avipbb (0f78d3dae6dedd99ae54c9491c62adf2) C:\Windows\system32\DRIVERS\avipbb.sys
00:34:11.0660 2228 avipbb - ok
00:34:11.0753 2228 b57nd60x (7d0f2bfa273831124fa08526af48af18) C:\Windows\system32\DRIVERS\b57nd60x.sys
00:34:11.0753 2228 b57nd60x - ok
00:34:11.0878 2228 BBSvc (01a24b415926bb5f772dbe12459d97de) C:\Program Files\Microsoft\BingBar\BBSvc.EXE
00:34:11.0894 2228 BBSvc - ok
00:34:12.0518 2228 BBUpdate (785de7abda13309d6065305542829e76) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
00:34:12.0533 2228 BBUpdate - ok
00:34:12.0830 2228 BDASwCap (9347a2ddee501c242a8e21990279d688) C:\Windows\system32\drivers\AVerA310Cap.sys
00:34:12.0830 2228 BDASwCap - ok
00:34:12.0908 2228 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
00:34:12.0923 2228 Beep - ok
00:34:13.0064 2228 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\System32\qmgr.dll
00:34:13.0095 2228 BITS - ok
00:34:13.0235 2228 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
00:34:13.0235 2228 blbdrive - ok
00:34:13.0454 2228 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
00:34:13.0454 2228 Bonjour Service - ok
00:34:13.0844 2228 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
00:34:13.0844 2228 bowser - ok
00:34:13.0890 2228 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
00:34:13.0890 2228 BrFiltLo - ok
00:34:13.0937 2228 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
00:34:13.0937 2228 BrFiltUp - ok
00:34:13.0984 2228 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
00:34:13.0984 2228 Browser - ok
00:34:14.0015 2228 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
00:34:14.0015 2228 Brserid - ok
00:34:14.0046 2228 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
00:34:14.0046 2228 BrSerWdm - ok
00:34:14.0109 2228 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
00:34:14.0109 2228 BrUsbMdm - ok
00:34:14.0140 2228 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
00:34:14.0140 2228 BrUsbSer - ok
00:34:14.0218 2228 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
00:34:14.0234 2228 BTHMODEM - ok
00:34:14.0312 2228 BUNAgentSvc (09e6affae6c0e9158bf05c7d08d0107a) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
00:34:14.0312 2228 BUNAgentSvc - ok
00:34:14.0374 2228 catchme - ok
00:34:14.0452 2228 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
00:34:14.0452 2228 cdfs - ok
00:34:14.0530 2228 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
00:34:14.0530 2228 cdrom - ok
00:34:14.0577 2228 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
00:34:14.0577 2228 CertPropSvc - ok
00:34:14.0608 2228 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\DRIVERS\circlass.sys
00:34:14.0608 2228 circlass - ok
00:34:14.0670 2228 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
00:34:14.0670 2228 CLFS - ok
00:34:14.0764 2228 CLHNService (5ca9b1062c0c3e3ae19c23ad9d8a5048) C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
00:34:14.0795 2228 CLHNService - ok
00:34:14.0904 2228 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:34:14.0904 2228 clr_optimization_v2.0.50727_32 - ok
00:34:15.0014 2228 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
00:34:15.0014 2228 clr_optimization_v4.0.30319_32 - ok
00:34:15.0107 2228 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
00:34:15.0107 2228 CmBatt - ok
00:34:15.0232 2228 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
00:34:15.0232 2228 cmdide - ok
00:34:15.0294 2228 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
00:34:15.0294 2228 Compbatt - ok
00:34:15.0310 2228 COMSysApp - ok
00:34:15.0341 2228 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
00:34:15.0341 2228 crcdisk - ok
00:34:15.0372 2228 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
00:34:15.0372 2228 Crusoe - ok
00:34:15.0419 2228 CryptSvc (fb27772beaf8e1d28ccd825c09da939b) C:\Windows\system32\cryptsvc.dll
00:34:15.0419 2228 CryptSvc - ok
00:34:15.0497 2228 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
00:34:15.0513 2228 DcomLaunch - ok
00:34:15.0575 2228 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
00:34:15.0575 2228 DfsC - ok
00:34:15.0684 2228 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
00:34:15.0731 2228 DFSR - ok
00:34:15.0809 2228 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
00:34:15.0825 2228 Dhcp - ok
00:34:15.0918 2228 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
00:34:15.0918 2228 disk - ok
00:34:15.0950 2228 DKbFltr (73baf270d24fe726b9cd7f80bb17a23d) C:\Windows\system32\DRIVERS\DKbFltr.sys
00:34:15.0965 2228 DKbFltr - ok
00:34:15.0996 2228 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
00:34:15.0996 2228 Dnscache - ok
00:34:16.0059 2228 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
00:34:16.0059 2228 dot3svc - ok
00:34:16.0106 2228 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
00:34:16.0106 2228 DPS - ok
00:34:16.0152 2228 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
00:34:16.0152 2228 drmkaud - ok
00:34:16.0230 2228 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
00:34:16.0230 2228 DXGKrnl - ok
00:34:16.0277 2228 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
00:34:16.0277 2228 E1G60 - ok
00:34:16.0340 2228 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
00:34:16.0340 2228 EapHost - ok
00:34:16.0402 2228 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
00:34:16.0418 2228 Ecache - ok
00:34:16.0527 2228 eDataSecurity Service (b7dc2580425225c320ceda78de55a3d0) C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
00:34:16.0542 2228 eDataSecurity Service - ok
00:34:16.0589 2228 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
00:34:16.0589 2228 ehRecvr - ok
00:34:16.0636 2228 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
00:34:16.0652 2228 ehSched - ok
00:34:16.0652 2228 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
00:34:16.0652 2228 ehstart - ok
00:34:16.0776 2228 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
00:34:16.0776 2228 elxstor - ok
00:34:16.0854 2228 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
00:34:16.0870 2228 EMDMgmt - ok
00:34:16.0917 2228 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
00:34:16.0917 2228 ErrDev - ok
00:34:16.0995 2228 ETService (a51fd9df23720485991f56741bbefcfb) C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
00:34:17.0010 2228 ETService - ok
00:34:17.0073 2228 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
00:34:17.0088 2228 EventSystem - ok
00:34:17.0135 2228 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
00:34:17.0135 2228 exfat - ok
00:34:17.0198 2228 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
00:34:17.0198 2228 fastfat - ok
00:34:17.0244 2228 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
00:34:17.0244 2228 fdc - ok
00:34:17.0276 2228 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
00:34:17.0276 2228 fdPHost - ok
00:34:17.0307 2228 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
00:34:17.0307 2228 FDResPub - ok
00:34:17.0322 2228 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
00:34:17.0322 2228 FileInfo - ok
00:34:17.0369 2228 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
00:34:17.0369 2228 Filetrace - ok
00:34:17.0400 2228 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
00:34:17.0400 2228 flpydisk - ok
00:34:17.0463 2228 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
00:34:17.0463 2228 FltMgr - ok
00:34:17.0603 2228 FontCache (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
00:34:17.0619 2228 FontCache - ok
00:34:17.0806 2228 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
00:34:17.0806 2228 FontCache3.0.0.0 - ok
00:34:18.0134 2228 Fs_Rec (b972a66758577e0bfd1de0f91aaa27b5) C:\Windows\system32\drivers\Fs_Rec.sys
00:34:18.0134 2228 Fs_Rec - ok
00:34:18.0290 2228 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
00:34:18.0305 2228 gagp30kx - ok
00:34:18.0383 2228 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
00:34:18.0383 2228 GEARAspiWDM - ok
00:34:18.0477 2228 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
00:34:18.0477 2228 gpsvc - ok
00:34:18.0555 2228 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
00:34:18.0555 2228 HdAudAddService - ok
00:34:18.0758 2228 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
00:34:18.0773 2228 HDAudBus - ok
00:34:18.0945 2228 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
00:34:18.0945 2228 HidBth - ok
00:34:18.0976 2228 HidIr (d8df3722d5e961baa1292aa2f12827e2) C:\Windows\system32\DRIVERS\hidir.sys
00:34:18.0976 2228 HidIr - ok
00:34:19.0054 2228 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\System32\hidserv.dll
00:34:19.0054 2228 hidserv - ok
00:34:19.0194 2228 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
00:34:19.0194 2228 HidUsb - ok
00:34:19.0366 2228 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
00:34:19.0366 2228 hkmsvc - ok
00:34:19.0413 2228 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
00:34:19.0413 2228 HpCISSs - ok
00:34:19.0506 2228 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
00:34:19.0506 2228 HTTP - ok
00:34:19.0553 2228 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
00:34:19.0553 2228 i2omp - ok
00:34:19.0631 2228 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
00:34:19.0631 2228 i8042prt - ok
00:34:19.0756 2228 IAANTMON (cb686f44bf955ea02520710a56874fa4) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
00:34:19.0772 2228 IAANTMON - ok
00:34:20.0052 2228 iaStor (db0cc620b27a928d968c1a1e9cd9cb87) C:\Windows\system32\DRIVERS\iaStor.sys
00:34:20.0068 2228 iaStor - ok
00:34:20.0162 2228 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
00:34:20.0162 2228 iaStorV - ok
00:34:20.0411 2228 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
00:34:20.0427 2228 idsvc - ok
00:34:20.0661 2228 IGBASVC (60a52c8e2e25c62ec8359c28a4af6e25) C:\Program Files\Acer\Acer Bio Protection\BASVC.exe
00:34:20.0723 2228 IGBASVC - ok
00:34:20.0848 2228 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
00:34:20.0848 2228 iirsp - ok
00:34:20.0942 2228 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
00:34:20.0957 2228 IKEEXT - ok
00:34:21.0004 2228 int15 (4d8d5b1c895ea0f2a721b98a7ce198f1) C:\Windows\system32\drivers\int15.sys
00:34:21.0004 2228 int15 - ok
00:34:21.0144 2228 IntcAzAudAddService (3cfa12fefea751dae7b8133a6ef3c0d9) C:\Windows\system32\drivers\RTKVHDA.sys
00:34:21.0191 2228 IntcAzAudAddService - ok
00:34:21.0332 2228 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
00:34:21.0332 2228 intelide - ok
00:34:21.0456 2228 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
00:34:21.0456 2228 intelppm - ok
00:34:21.0550 2228 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
00:34:21.0566 2228 IPBusEnum - ok
00:34:21.0659 2228 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
00:34:21.0659 2228 IpFilterDriver - ok
00:34:21.0722 2228 iphlpsvc (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll
00:34:21.0737 2228 iphlpsvc - ok
00:34:21.0800 2228 IpInIp - ok
00:34:21.0846 2228 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
00:34:21.0846 2228 IPMIDRV - ok
00:34:21.0878 2228 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
00:34:21.0878 2228 IPNAT - ok
00:34:21.0956 2228 iPod Service (57edb35ea2feca88f8b17c0c095c9a56) C:\Program Files\iPod\bin\iPodService.exe
00:34:21.0971 2228 iPod Service - ok
00:34:22.0034 2228 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
00:34:22.0065 2228 IRENUM - ok
00:34:22.0096 2228 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
00:34:22.0096 2228 isapnp - ok
00:34:22.0190 2228 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
00:34:22.0190 2228 iScsiPrt - ok
00:34:22.0221 2228 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
00:34:22.0221 2228 iteatapi - ok
00:34:22.0330 2228 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
00:34:22.0330 2228 iteraid - ok
00:34:22.0470 2228 JMCR (858c550ebbd243826a2193262c1b54a3) C:\Windows\system32\DRIVERS\jmcr.sys
00:34:22.0486 2228 JMCR - ok
00:34:22.0580 2228 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
00:34:22.0595 2228 kbdclass - ok
00:34:22.0626 2228 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
00:34:22.0626 2228 kbdhid - ok
00:34:22.0673 2228 KeyIso (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
00:34:22.0673 2228 KeyIso - ok
00:34:22.0751 2228 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
00:34:22.0751 2228 KSecDD - ok
00:34:22.0829 2228 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
00:34:22.0860 2228 KtmRm - ok
00:34:22.0907 2228 LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\System32\srvsvc.dll
00:34:22.0923 2228 LanmanServer - ok
00:34:22.0985 2228 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
00:34:23.0001 2228 LanmanWorkstation - ok
00:34:23.0094 2228 LightScribeService (793ff718477345cd5d232c50bed1e452) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
00:34:23.0110 2228 LightScribeService - ok
00:34:23.0266 2228 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
00:34:23.0266 2228 lltdio - ok
00:34:23.0344 2228 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
00:34:23.0344 2228 lltdsvc - ok
00:34:23.0438 2228 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
00:34:23.0453 2228 lmhosts - ok
00:34:23.0516 2228 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
00:34:23.0516 2228 LSI_FC - ok
00:34:23.0562 2228 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
00:34:23.0562 2228 LSI_SAS - ok
00:34:23.0828 2228 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
00:34:23.0828 2228 LSI_SCSI - ok
00:34:23.0999 2228 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
00:34:24.0015 2228 luafv - ok
00:34:24.0046 2228 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
00:34:24.0062 2228 Mcx2Svc - ok
00:34:24.0108 2228 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
00:34:24.0124 2228 megasas - ok
00:34:24.0155 2228 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
00:34:24.0155 2228 MegaSR - ok
00:34:24.0218 2228 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
00:34:24.0233 2228 MMCSS - ok
00:34:24.0342 2228 MobilityService - ok
00:34:24.0467 2228 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
00:34:24.0467 2228 Modem - ok
00:34:24.0514 2228 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
00:34:24.0514 2228 monitor - ok
00:34:24.0545 2228 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
00:34:24.0561 2228 mouclass - ok
00:34:24.0592 2228 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
00:34:24.0608 2228 mouhid - ok
00:34:24.0623 2228 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
00:34:24.0639 2228 MountMgr - ok
00:34:24.0686 2228 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
00:34:24.0686 2228 mpio - ok
00:34:24.0732 2228 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
00:34:24.0732 2228 mpsdrv - ok
00:34:24.0779 2228 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
00:34:24.0779 2228 Mraid35x - ok
00:34:24.0842 2228 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
00:34:24.0857 2228 MRxDAV - ok
00:34:24.0904 2228 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
00:34:24.0904 2228 mrxsmb - ok
00:34:24.0998 2228 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
00:34:24.0998 2228 mrxsmb10 - ok
00:34:25.0138 2228 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
00:34:25.0138 2228 mrxsmb20 - ok
00:34:25.0278 2228 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
00:34:25.0278 2228 msahci - ok
00:34:25.0341 2228 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
00:34:25.0341 2228 msdsm - ok
00:34:25.0403 2228 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
00:34:25.0419 2228 MSDTC - ok
00:34:25.0512 2228 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
00:34:25.0528 2228 Msfs - ok
00:34:25.0559 2228 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
00:34:25.0575 2228 msisadrv - ok
00:34:25.0622 2228 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
00:34:25.0622 2228 MSiSCSI - ok
00:34:25.0637 2228 msiserver - ok
00:34:25.0700 2228 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
00:34:25.0715 2228 MSKSSRV - ok
00:34:25.0856 2228 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
00:34:25.0871 2228 MSPCLOCK - ok
00:34:25.0934 2228 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
00:34:25.0934 2228 MSPQM - ok
00:34:26.0012 2228 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
00:34:26.0012 2228 MsRPC - ok
00:34:26.0027 2228 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
00:34:26.0027 2228 mssmbios - ok
00:34:26.0105 2228 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
00:34:26.0105 2228 MSTEE - ok
00:34:26.0168 2228 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
00:34:26.0168 2228 Mup - ok
00:34:26.0339 2228 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
00:34:26.0370 2228 napagent - ok
00:34:26.0651 2228 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
00:34:26.0651 2228 NativeWifiP - ok
00:34:26.0948 2228 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
00:34:26.0948 2228 NDIS - ok
00:34:27.0228 2228 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
00:34:27.0228 2228 NdisTapi - ok
00:34:27.0260 2228 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
00:34:27.0275 2228 Ndisuio - ok
00:34:27.0353 2228 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
00:34:27.0353 2228 NdisWan - ok
00:34:27.0400 2228 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
00:34:27.0400 2228 NDProxy - ok
00:34:27.0509 2228 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
00:34:27.0525 2228 NetBIOS - ok
00:34:27.0884 2228 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
00:34:27.0884 2228 netbt - ok
00:34:28.0086 2228 Netlogon (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
00:34:28.0086 2228 Netlogon - ok
00:34:28.0227 2228 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
00:34:28.0242 2228 Netman - ok
00:34:28.0274 2228 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
00:34:28.0289 2228 netprofm - ok
00:34:28.0414 2228 NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
00:34:28.0430 2228 NetTcpPortSharing - ok
00:34:28.0960 2228 NETw5v32 (e559ea9138c77b5d1fda8c558764a25f) C:\Windows\system32\DRIVERS\NETw5v32.sys
00:34:29.0022 2228 NETw5v32 - ok
00:34:29.0178 2228 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
00:34:29.0194 2228 nfrd960 - ok
00:34:29.0272 2228 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
00:34:29.0272 2228 NlaSvc - ok
00:34:29.0334 2228 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
00:34:29.0334 2228 Npfs - ok
00:34:29.0366 2228 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
00:34:29.0381 2228 nsi - ok
00:34:29.0459 2228 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
00:34:29.0459 2228 nsiproxy - ok
00:34:29.0553 2228 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
00:34:29.0600 2228 Ntfs - ok
00:34:29.0693 2228 NTIBackupSvc (cb76f68ba0d57c5d25b538981b1c611c) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
00:34:29.0740 2228 NTIBackupSvc - ok
00:34:29.0880 2228 NTIDrvr (2757d2ba59aee155209e24942ab127c9) C:\Windows\system32\DRIVERS\NTIDrvr.sys
00:34:29.0896 2228 NTIDrvr - ok
00:34:30.0068 2228 NTIPPKernel (547bfa3591c70674b0bfc99354ab78b3) C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys
00:34:30.0068 2228 NTIPPKernel - ok
00:34:30.0177 2228 NTISchedulerSvc (df1c10a75df7e50195fc417f88a33227) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
00:34:30.0192 2228 NTISchedulerSvc - ok
00:34:30.0333 2228 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
00:34:30.0333 2228 ntrigdigi - ok
00:34:30.0489 2228 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
00:34:30.0504 2228 Null - ok
00:34:30.0536 2228 NVHDA (f972dc046c374a9e02f2dfbe74ebb203) C:\Windows\system32\drivers\nvhda32v.sys
00:34:30.0551 2228 NVHDA - ok
00:34:30.0816 2228 nvlddmkm (0a19680ca54d262534f8a2f4cf79e271) C:\Windows\system32\DRIVERS\nvlddmkm.sys
00:34:30.0926 2228 nvlddmkm - ok
00:34:31.0082 2228 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
00:34:31.0082 2228 nvraid - ok
00:34:31.0113 2228 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
00:34:31.0113 2228 nvstor - ok
00:34:31.0160 2228 nvsvc (342fcbf0b293dbec54b055418df1ee7e) C:\Windows\system32\nvvsvc.exe
00:34:31.0175 2228 nvsvc - ok
00:34:31.0238 2228 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
00:34:31.0238 2228 nv_agp - ok
00:34:31.0253 2228 NwlnkFlt - ok
00:34:31.0269 2228 NwlnkFwd - ok
00:34:31.0612 2228 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
00:34:31.0612 2228 odserv - ok
00:34:31.0752 2228 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
00:34:31.0768 2228 ohci1394 - ok
00:34:31.0955 2228 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
00:34:31.0971 2228 ose - ok
00:34:32.0142 2228 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
00:34:32.0158 2228 p2pimsvc - ok
00:34:32.0205 2228 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
00:34:32.0220 2228 p2psvc - ok
00:34:32.0298 2228 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
00:34:32.0298 2228 Parport - ok
00:34:32.0376 2228 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
00:34:32.0376 2228 partmgr - ok
00:34:32.0423 2228 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
00:34:32.0439 2228 Parvdm - ok
00:34:32.0486 2228 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
00:34:32.0486 2228 PcaSvc - ok
00:34:32.0579 2228 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
00:34:32.0579 2228 pci - ok
00:34:32.0626 2228 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
00:34:32.0642 2228 pciide - ok
00:34:32.0673 2228 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
00:34:32.0673 2228 pcmcia - ok
00:34:32.0735 2228 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
00:34:32.0751 2228 PEAUTH - ok
00:34:32.0922 2228 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
00:34:33.0000 2228 pla - ok
00:34:33.0063 2228 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
00:34:33.0063 2228 PlugPlay - ok
00:34:33.0141 2228 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
00:34:33.0156 2228 PNRPAutoReg - ok
00:34:33.0203 2228 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
00:34:33.0219 2228 PNRPsvc - ok
00:34:33.0312 2228 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
00:34:33.0328 2228 PolicyAgent - ok
00:34:33.0515 2228 postgresql-8.4 - ok
00:34:33.0640 2228 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
00:34:33.0640 2228 PptpMiniport - ok
00:34:33.0780 2228 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
00:34:33.0780 2228 Processor - ok
00:34:33.0874 2228 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
00:34:33.0890 2228 ProfSvc - ok
00:34:33.0968 2228 ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
00:34:33.0968 2228 ProtectedStorage - ok
00:34:34.0077 2228 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
00:34:34.0092 2228 PSched - ok
00:34:34.0139 2228 PSDFilter (ab94285ff6c6bc5433407d8d182a4bb4) C:\Windows\system32\DRIVERS\psdfilter.sys
00:34:34.0139 2228 PSDFilter - ok
00:34:34.0170 2228 PSDNServ (2aaf9a5d7a63d26bfaea853c5f2292bc) C:\Windows\system32\DRIVERS\PSDNServ.sys
00:34:34.0186 2228 PSDNServ - ok
00:34:34.0217 2228 psdvdisk (0eb8cec99855beae5b0d02c2302619ef) C:\Windows\system32\DRIVERS\PSDVdisk.sys
00:34:34.0233 2228 psdvdisk - ok
00:34:34.0342 2228 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
00:34:34.0404 2228 ql2300 - ok
00:34:34.0436 2228 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
00:34:34.0451 2228 ql40xx - ok
00:34:34.0498 2228 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
00:34:34.0514 2228 QWAVE - ok
00:34:34.0576 2228 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
00:34:34.0576 2228 QWAVEdrv - ok
00:34:34.0748 2228 RADAR - ok
00:34:35.0184 2228 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
00:34:35.0184 2228 RasAcd - ok
00:34:35.0496 2228 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
00:34:35.0496 2228 RasAuto - ok
00:34:36.0152 2228 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
00:34:36.0152 2228 Rasl2tp - ok
00:34:36.0479 2228 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
00:34:36.0495 2228 RasMan - ok
00:34:36.0542 2228 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
00:34:36.0542 2228 RasPppoe - ok
00:34:36.0604 2228 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
00:34:36.0604 2228 RasSstp - ok
00:34:36.0635 2228 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
00:34:36.0651 2228 rdbss - ok
00:34:36.0682 2228 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
00:34:36.0698 2228 RDPCDD - ok
00:34:36.0729 2228 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
00:34:36.0744 2228 rdpdr - ok
00:34:36.0760 2228 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
00:34:36.0760 2228 RDPENCDD - ok
00:34:36.0807 2228 RDPWD (79c6df8477250f5c54f7c5ae1d6b814e) C:\Windows\system32\drivers\RDPWD.sys
00:34:36.0822 2228 RDPWD - ok
00:34:36.0854 2228 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
00:34:36.0869 2228 RemoteAccess - ok
00:34:36.0916 2228 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
00:34:36.0932 2228 RemoteRegistry - ok
00:34:37.0025 2228 RichVideo (17e0bef5ca5c9ce52cc8082ac6ebc449) C:\Program Files\Cyberlink\Shared files\RichVideo.exe
00:34:37.0041 2228 RichVideo - ok
00:34:37.0072 2228 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
00:34:37.0072 2228 RpcLocator - ok
00:34:37.0150 2228 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
00:34:37.0166 2228 RpcSs - ok
00:34:37.0212 2228 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
00:34:37.0212 2228 rspndr - ok
00:34:37.0244 2228 SamSs (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
00:34:37.0259 2228 SamSs - ok
00:34:37.0322 2228 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
00:34:37.0322 2228 sbp2port - ok
00:34:37.0368 2228 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
00:34:37.0384 2228 SCardSvr - ok
00:34:37.0446 2228 Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
00:34:37.0478 2228 Schedule - ok
00:34:37.0524 2228 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
00:34:37.0524 2228 SCPolicySvc - ok
00:34:37.0602 2228 sdbus (126ea89bcc413ee45e3004fb0764888f) C:\Windows\system32\DRIVERS\sdbus.sys
00:34:37.0602 2228 sdbus - ok
00:34:37.0649 2228 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
00:34:37.0665 2228 SDRSVC - ok
00:34:37.0696 2228 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
00:34:37.0696 2228 secdrv - ok
00:34:37.0727 2228 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
00:34:37.0727 2228 seclogon - ok
00:34:37.0758 2228 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll
00:34:37.0774 2228 SENS - ok
00:34:37.0790 2228 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
00:34:37.0805 2228 Serenum - ok
00:34:37.0836 2228 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
00:34:37.0836 2228 Serial - ok
00:34:37.0868 2228 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
00:34:37.0883 2228 sermouse - ok
00:34:37.0914 2228 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
00:34:37.0930 2228 SessionEnv - ok
00:34:37.0961 2228 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
00:34:37.0961 2228 sffdisk - ok
00:34:37.0977 2228 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
00:34:37.0992 2228 sffp_mmc - ok
00:34:38.0024 2228 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
00:34:38.0024 2228 sffp_sd - ok
00:34:38.0055 2228 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
00:34:38.0055 2228 sfloppy - ok
00:34:38.0102 2228 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
00:34:38.0117 2228 SharedAccess - ok
00:34:38.0164 2228 ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
00:34:38.0180 2228 ShellHWDetection - ok
00:34:38.0211 2228 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
00:34:38.0211 2228 sisagp - ok
00:34:38.0242 2228 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
00:34:38.0242 2228 SiSRaid2 - ok
00:34:38.0273 2228 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
00:34:38.0273 2228 SiSRaid4 - ok
00:34:38.0445 2228 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
00:34:38.0538 2228 slsvc - ok
00:34:38.0601 2228 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
00:34:38.0616 2228 SLUINotify - ok
00:34:38.0648 2228 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
00:34:38.0663 2228 Smb - ok
00:34:38.0694 2228 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
00:34:38.0710 2228 SNMPTRAP - ok
00:34:38.0741 2228 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
00:34:38.0757 2228 spldr - ok
00:34:38.0804 2228 Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
00:34:38.0804 2228 Spooler - ok
00:34:38.0850 2228 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
00:34:38.0850 2228 srv - ok
00:34:38.0882 2228 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
00:34:38.0882 2228 srv2 - ok
00:34:38.0913 2228 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
00:34:38.0913 2228 srvnet - ok
00:34:38.0944 2228 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
00:34:38.0960 2228 SSDPSRV - ok
00:34:38.0991 2228 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
00:34:39.0006 2228 ssmdrv - ok
00:34:39.0022 2228 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
00:34:39.0038 2228 SstpSvc - ok
00:34:39.0116 2228 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
00:34:39.0131 2228 stisvc - ok
00:34:39.0162 2228 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
00:34:39.0178 2228 swenum - ok
00:34:39.0240 2228 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
00:34:39.0256 2228 swprv - ok
00:34:39.0303 2228 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
00:34:39.0303 2228 Symc8xx - ok
00:34:39.0334 2228 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
00:34:39.0334 2228 Sym_hi - ok
00:34:39.0365 2228 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
00:34:39.0365 2228 Sym_u3 - ok
00:34:39.0428 2228 SynTP (bf7aa84d5af0faa0978c840e63b17dbf) C:\Windows\system32\DRIVERS\SynTP.sys
00:34:39.0443 2228 SynTP - ok
00:34:39.0521 2228 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
00:34:39.0537 2228 SysMain - ok
00:34:39.0584 2228 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
00:34:39.0599 2228 TabletInputService - ok
00:34:39.0662 2228 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
00:34:39.0662 2228 TapiSrv - ok
00:34:39.0693 2228 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
00:34:39.0708 2228 TBS - ok
00:34:39.0818 2228 Tcpip (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys
00:34:39.0833 2228 Tcpip - ok
00:34:39.0896 2228 Tcpip6 (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys
00:34:39.0911 2228 Tcpip6 - ok
00:34:39.0958 2228 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
00:34:39.0958 2228 tcpipreg - ok
00:34:40.0005 2228 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
00:34:40.0020 2228 TDPIPE - ok
00:34:40.0052 2228 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
00:34:40.0052 2228 TDTCP - ok
00:34:40.0098 2228 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
00:34:40.0098 2228 tdx - ok
00:34:40.0145 2228 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
00:34:40.0161 2228 TermDD - ok
00:34:40.0239 2228 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
00:34:40.0254 2228 TermService - ok
00:34:40.0317 2228 Themes (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
00:34:40.0332 2228 Themes - ok
00:34:40.0379 2228 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
00:34:40.0379 2228 THREADORDER - ok
00:34:40.0410 2228 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
00:34:40.0426 2228 TrkWks - ok
00:34:40.0488 2228 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
00:34:40.0504 2228 TrustedInstaller - ok
00:34:40.0660 2228 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
00:34:40.0660 2228 tssecsrv - ok
00:34:40.0769 2228 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
00:34:40.0769 2228 tunmp - ok
00:34:40.0832 2228 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
00:34:40.0832 2228 tunnel - ok
00:34:40.0925 2228 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
00:34:40.0925 2228 uagp35 - ok
00:34:41.0144 2228 UBHelper (f763e070843ee2803de1395002b42938) C:\Windows\system32\drivers\UBHelper.sys
00:34:41.0159 2228 UBHelper - ok
00:34:41.0206 2228 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
00:34:41.0206 2228 udfs - ok
00:34:41.0284 2228 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
00:34:41.0284 2228 UI0Detect - ok
00:34:41.0409 2228 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
00:34:41.0409 2228 uliagpkx - ok
00:34:41.0518 2228 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
00:34:41.0518 2228 uliahci - ok
00:34:41.0596 2228 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
00:34:41.0596 2228 UlSata - ok
00:34:41.0643 2228 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
00:34:41.0643 2228 ulsata2 - ok
00:34:41.0690 2228 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
00:34:41.0690 2228 umbus - ok
00:34:41.0752 2228 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
00:34:41.0783 2228 upnphost - ok
00:34:41.0892 2228 USBAAPL (eafe1e00739afe6c51487a050e772e17) C:\Windows\system32\Drivers\usbaapl.sys
00:34:41.0892 2228 USBAAPL - ok
00:34:42.0064 2228 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
00:34:42.0080 2228 usbccgp - ok
00:34:42.0220 2228 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
00:34:42.0220 2228 usbcir - ok
00:34:42.0282 2228 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
00:34:42.0298 2228 usbehci - ok
00:34:42.0345 2228 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
00:34:42.0345 2228 usbhub - ok
00:34:42.0392 2228 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
00:34:42.0392 2228 usbohci - ok
00:34:42.0438 2228 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
00:34:42.0454 2228 usbprint - ok
00:34:42.0501 2228 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
00:34:42.0516 2228 usbscan - ok
00:34:42.0672 2228 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
00:34:42.0672 2228 USBSTOR - ok
00:34:42.0719 2228 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
00:34:42.0735 2228 usbuhci - ok
00:34:42.0782 2228 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
00:34:42.0782 2228 usbvideo - ok
00:34:42.0828 2228 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
00:34:42.0844 2228 UxSms - ok
00:34:42.0906 2228 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
00:34:42.0922 2228 vds - ok
00:34:42.0953 2228 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
00:34:42.0953 2228 vga - ok
00:34:42.0984 2228 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
00:34:42.0984 2228 VgaSave - ok
00:34:43.0016 2228 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
00:34:43.0016 2228 viaagp - ok
00:34:43.0047 2228 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
00:34:43.0047 2228 ViaC7 - ok
00:34:43.0078 2228 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
00:34:43.0078 2228 viaide - ok
00:34:43.0109 2228 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
00:34:43.0109 2228 volmgr - ok
00:34:43.0172 2228 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
00:34:43.0172 2228 volmgrx - ok
00:34:43.0218 2228 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
00:34:43.0218 2228 volsnap - ok
00:34:43.0265 2228 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
00:34:43.0265 2228 vsmraid - ok
00:34:43.0343 2228 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
00:34:43.0374 2228 VSS - ok
00:34:43.0437 2228 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
00:34:43.0484 2228 W32Time - ok
00:34:43.0546 2228 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
00:34:43.0546 2228 WacomPen - ok
00:34:43.0608 2228 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
00:34:43.0624 2228 Wanarp - ok
00:34:43.0624 2228 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
00:34:43.0624 2228 Wanarpv6 - ok
00:34:43.0749 2228 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
00:34:43.0764 2228 wcncsvc - ok
00:34:43.0811 2228 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
00:34:43.0811 2228 WcsPlugInService - ok
00:34:43.0874 2228 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
00:34:43.0874 2228 Wd - ok
00:34:43.0920 2228 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
00:34:43.0936 2228 Wdf01000 - ok
00:34:43.0967 2228 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
00:34:43.0983 2228 WdiServiceHost - ok
00:34:43.0983 2228 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
00:34:43.0998 2228 WdiSystemHost - ok
00:34:44.0045 2228 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
00:34:44.0061 2228 WebClient - ok
00:34:44.0123 2228 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
00:34:44.0123 2228 Wecsvc - ok
00:34:44.0170 2228 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
00:34:44.0186 2228 wercplsupport - ok
00:34:44.0248 2228 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
00:34:44.0248 2228 WerSvc - ok
00:34:44.0326 2228 winbondcir (3fa87d56769838aac82fafc3e78fc732) C:\Windows\system32\DRIVERS\winbondcir.sys
00:34:44.0326 2228 winbondcir - ok
00:34:44.0435 2228 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
00:34:44.0435 2228 WinDefend - ok
00:34:44.0451 2228 WinHttpAutoProxySvc - ok
00:34:44.0732 2228 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
00:34:44.0732 2228 Winmgmt - ok
00:34:44.0903 2228 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
00:34:44.0919 2228 WinRM - ok
00:34:45.0012 2228 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
00:34:45.0090 2228 Wlansvc - ok
00:34:45.0137 2228 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
00:34:45.0137 2228 WmiAcpi - ok
00:34:45.0278 2228 wmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
00:34:45.0278 2228 wmiApSrv - ok
00:34:45.0402 2228 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
00:34:45.0418 2228 WMPNetworkSvc - ok
00:34:45.0543 2228 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
00:34:45.0558 2228 WPCSvc - ok
00:34:45.0636 2228 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
00:34:45.0652 2228 WPDBusEnum - ok
00:34:45.0761 2228 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
00:34:45.0761 2228 WpdUsb - ok
00:34:46.0151 2228 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
00:34:46.0167 2228 WPFFontCache_v0400 - ok
00:34:46.0307 2228 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
00:34:46.0323 2228 ws2ifsl - ok
00:34:46.0385 2228 wscsvc (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\system32\wscsvc.dll
00:34:46.0385 2228 wscsvc - ok
00:34:46.0401 2228 WSearch - ok
00:34:46.0650 2228 wuauserv (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
00:34:46.0791 2228 wuauserv - ok
00:34:46.0978 2228 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
00:34:46.0978 2228 WUDFRd - ok
00:34:47.0103 2228 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
00:34:47.0103 2228 wudfsvc - ok
00:34:47.0399 2228 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796} (4d840c6af3c020ed3a35efba9025cf4a) C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl
00:34:47.0399 2228 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796} - ok
00:34:47.0430 2228 MBR (0x1B8) (7ba4c7ea1ef33a92f5f01be63edacb6a) \Device\Harddisk0\DR0
00:34:54.0294 2228 \Device\Harddisk0\DR0 - ok
00:34:54.0341 2228 Boot (0x1200) (652dd192a7caf13e954ea2c55ea8f2f1) \Device\Harddisk0\DR0\Partition0
00:34:54.0341 2228 \Device\Harddisk0\DR0\Partition0 - ok
00:34:54.0357 2228 Boot (0x1200) (7ebd0a60284dc66377a0a9f12fccef1e) \Device\Harddisk0\DR0\Partition1
00:34:54.0357 2228 \Device\Harddisk0\DR0\Partition1 - ok
00:34:54.0372 2228 ============================================================
00:34:54.0372 2228 Scan finished
00:34:54.0372 2228 ============================================================
00:34:54.0450 2640 Detected object count: 0
00:34:54.0450 2640 Actual detected object count: 0
0
Réponse 17 / 38
Fish66 Messages postés 17505 Date d'inscription dimanche 24 juillet 2011 Statut Contributeur sécurité Dernière intervention 16 juin 2021 1 318
18 avril 2012 à 09:00
Bonjour,

1/
Télécharge AdwCleaner (merci à Xplode)
Lance AdwCleaner
Clique sur le bouton [ Suppression ]
Patiente...
Poste le rapport qui apparait en fin de recherche.
(Le rapport est sauvegardé aussi sous C:\ AdwCleaner[SX].Txt)

2/
Pour bien vérifier que le fichier ci-dessous est infecté rend toi sur ce site
Virus Total

* Clique sur " choose file "
* Vas sur ton disque chercher ce fichier à cet emplacement :

C:\Users\acer\AppData\Local\d3d9caps.dat


* Clique ensuite sur le bouton « Scan it »
* Patiente le temps de l'analyse qui dépend de la taille du fichier
* Une fois celle-ci terminée, apparaît le rang de détection (Detection Ratio)
* Communique-le dans ta prochaine réponse sur le forum et communique en même temps le lien de la page VirusTotal en le copiant dans la barre d'adresse et en le collant dans ta prochaine réponse

@+
0
Réponse 18 / 38
Sookie
18 avril 2012 à 20:00
Bonsoir.

Voici le rapport AdwCleaner:

# AdwCleaner v1.600 - Rapport créé le 18/04/2012 à 19:51:33
# Mis à jour le 15/04/2012 par Xplode
# Système d'exploitation : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Nom d'utilisateur : acer - PC-DE-ACER
# Exécuté depuis : C:\Users\acer\Downloads\adwcleaner.exe
# Option [Suppression]


***** [Services] *****


***** [Fichiers / Dossiers] *****


***** [H. Navipromo] *****


***** [Registre] *****


***** [Registre - GUID] *****


***** [Navigateurs] *****

-\\ Internet Explorer v8.0.6001.19222

[OK] Le registre ne contient aucune entrée illégitime.

-\\ Mozilla Firefox v11.0 (fr)

## Fichier : C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\stumm43g.default\prefs.js

Supprimée : user_pref("extensions.illimitux.ilx_pref_pt_veoh", true);

*************************

AdwCleaner[S1].txt - [7334 octets] - [16/04/2012 00:51:07]
AdwCleaner[S2].txt - [896 octets] - [18/04/2012 19:51:33]

########## EOF - C:\AdwCleaner[S2].txt - [1023 octets] ##########

Voici le lien pour Virus Total

https://www.virustotal.com/file/888f604061996e6cd79e657ff5debd4290b882ec34227d13ebed9f03abe7681d/analysis/1334771830/
0
Réponse 19 / 38
Fish66 Messages postés 17505 Date d'inscription dimanche 24 juillet 2011 Statut Contributeur sécurité Dernière intervention 16 juin 2021 1 318
19 avril 2012 à 09:26
Bonjour,

1/
Est ce que tu peux poster : C:\AdwCleaner[S1].txt

2/
Lance ZHPDiag depuis le bureau, clique sur l'onglet vert (flèche bas) pour faire la mise à jour et prépare stp un nouveau rapport ZHPDiag

@+
0
Réponse 20 / 38
Sookie
19 avril 2012 à 22:20
Bonsoir .

Voici le fichier C:\AdwCleaner[S1].txt :

http://pjjoint.malekal.com/files.php?id=20120419_14w6z12r6g8


Et pour ZHPDiag/

http://pjjoint.malekal.com/files.php?id=ZHPDiag_20120419_d10o14s510p5
0