Sujet Précédent Sujet Suivant

Problème Rootkit MBR:STT [Rtk]

Résolu/Fermé
yoshi1611 Messages postés 18 Date d'inscription lundi 27 août 2012 Statut Membre Dernière intervention 26 décembre 2013 - 24 nov. 2013 à 14:19
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 - 16 déc. 2013 à 15:18
bonjour à tous,
Depuis quelques temps Avast! m'affiche un message d'alerte de détection de rootkit:
MBR :\\.\PHYSICALDRIVEO et évidemment impossible de le supprimer avec l'antivirus.

Après avoir fait un tour sur le forum j'ai téléchargé le logiciel TDSSKiller et j'ai lancé un scan puis il m'as été proposé de "Cure" le Rootkit et de redémarrer.

Il m'est sorti le rapport suivant, est-ce que quelqu'un pourrai me dire si tout va bien ou si je dois encore faire des manips pour que tout soit clean?

Merci de vos réponses.




14:02:59.0359 0x0ce4 TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:50
14:03:03.0250 0x0ce4 ============================================================
14:03:03.0250 0x0ce4 Current date / time: 2013/11/24 14:03:03.0250
14:03:03.0250 0x0ce4 SystemInfo:
14:03:03.0250 0x0ce4
14:03:03.0250 0x0ce4 OS Version: 5.1.2600 ServicePack: 3.0
14:03:03.0250 0x0ce4 Product type: Workstation
14:03:03.0250 0x0ce4 ComputerName: ORDI-F417C71A60
14:03:03.0250 0x0ce4 UserName: MON ORDI
14:03:03.0250 0x0ce4 Windows directory: C:\WINDOWS
14:03:03.0250 0x0ce4 System windows directory: C:\WINDOWS
14:03:03.0250 0x0ce4 Processor architecture: Intel x86
14:03:03.0250 0x0ce4 Number of processors: 1
14:03:03.0250 0x0ce4 Page size: 0x1000
14:03:03.0250 0x0ce4 Boot type: Normal boot
14:03:03.0250 0x0ce4 ============================================================
14:03:06.0078 0x0ce4 KLMD registered as C:\WINDOWS\system32\drivers\50846284.sys
14:03:06.0593 0x0ce4 System UUID: {F2EB1CEB-0335-F6AA-574E-B4AB0C6393C1}
14:03:07.0890 0x0ce4 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
14:03:07.0906 0x0ce4 ============================================================
14:03:07.0906 0x0ce4 \Device\Harddisk0\DR0:
14:03:07.0906 0x0ce4 MBR partitions:
14:03:07.0906 0x0ce4 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x7530462
14:03:07.0906 0x0ce4 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x75304E0, BlocksNum 0xB4E4720
14:03:07.0906 0x0ce4 ============================================================
14:03:07.0984 0x0ce4 C: <-> \Device\Harddisk0\DR0\Partition1
14:03:08.0000 0x0ce4 D: <-> \Device\Harddisk0\DR0\Partition2
14:03:08.0000 0x0ce4 ============================================================
14:03:08.0000 0x0ce4 Initialize success
14:03:08.0000 0x0ce4 ============================================================
14:03:11.0015 0x0e04 ============================================================
14:03:11.0015 0x0e04 Scan started
14:03:11.0015 0x0e04 Mode: Manual;
14:03:11.0015 0x0e04 ============================================================
14:03:11.0015 0x0e04 KSN ping started
14:03:13.0593 0x0e04 KSN ping finished: true
14:03:14.0718 0x0e04 ================ Scan system memory ========================
14:03:14.0734 0x0e04 System memory - ok
14:03:14.0734 0x0e04 ================ Scan services =============================
14:03:14.0890 0x0e04 [ B33CF4DE909A5B30F526D82053A63C8E, ABF5BB962C038E545C18B96E686E072D780C907096C7BB341297AF31D3703ABD ] ABBYY.Licensing.FineReader.Sprint.9.0 C:\Program Files\Fichiers communs\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
14:03:14.0921 0x0e04 ABBYY.Licensing.FineReader.Sprint.9.0 - ok
14:03:15.0062 0x0e04 Abiosdsk - ok
14:03:15.0093 0x0e04 abp480n5 - ok
14:03:15.0156 0x0e04 [ E5E6DBFC41EA8AAD005CB9A57A96B43B, A02A0EDC9F646406CA136ACE5A21E9FC7B70D21EC1440BDA4F98A95804EFCBD4 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
14:03:15.0156 0x0e04 ACPI - ok
14:03:15.0203 0x0e04 [ E4ABC1212B70BB03D35E60681C447210, 8EB16B67A6D44DA7A4C2090195F1A24A58CA97DA66F66958F5CD6C5695648F2F ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
14:03:15.0218 0x0e04 ACPIEC - ok
14:03:15.0281 0x0e04 [ A283108E14F3970432C21AF4C0CB1BCE, 1D3219EF916D54232838870EDE557296AACB714B456ED0AAE0DE3CE3822F4643 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
14:03:15.0281 0x0e04 AdobeFlashPlayerUpdateSvc - ok
14:03:15.0312 0x0e04 adpu160m - ok
14:03:15.0359 0x0e04 [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec C:\WINDOWS\system32\drivers\aec.sys
14:03:15.0375 0x0e04 aec - ok
14:03:15.0421 0x0e04 [ 322D0E36693D6E24A2398BEE62A268CD, FB0BFF5846E50DBCC2826639318A6A1DE79EE7DEA2719ED74A5F6F44454E13D0 ] AFD C:\WINDOWS\System32\drivers\afd.sys
14:03:15.0421 0x0e04 AFD - ok
14:03:15.0453 0x0e04 Aha154x - ok
14:03:15.0484 0x0e04 aic78u2 - ok
14:03:15.0500 0x0e04 aic78xx - ok
14:03:15.0546 0x0e04 [ 758FDC60D41716EF889D849989B4B1CD, 87D1D86D10ADADEB70F8F1AED738D31EFD30BF78886C4A33A9FA571B469A9F0F ] Alerter C:\WINDOWS\system32\alrsvc.dll
14:03:15.0562 0x0e04 Alerter - ok
14:03:15.0593 0x0e04 [ 5E9A6658A2A69AE7EB195113B7A2E7A9, AE32F1EB1BCA48D69FCD8C8739A8FAB2B9433B0765510D2A0AFDFB7E9D911A68 ] ALG C:\WINDOWS\System32\alg.exe
14:03:15.0593 0x0e04 ALG - ok
14:03:15.0625 0x0e04 AliIde - ok
14:03:15.0640 0x0e04 amsint - ok
14:03:15.0671 0x0e04 AppMgmt - ok
14:03:15.0687 0x0e04 asc - ok
14:03:15.0718 0x0e04 asc3350p - ok
14:03:15.0750 0x0e04 asc3550 - ok
14:03:15.0828 0x0e04 [ D33C507942299753868204CC7642FA27, 4E7096D6F4B1176C4823540427219988AC9180E70954D3BF32A6C15ED1332670 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
14:03:15.0843 0x0e04 aspnet_state - ok
14:03:15.0890 0x0e04 [ B9FE438B3CAD82B2014710349A2022F7, F9A3045590DAC38D7389957377BDD78E608D3078686EFD046FADDC2381ABB599 ] aswFsBlk C:\WINDOWS\system32\drivers\aswFsBlk.sys
14:03:15.0890 0x0e04 aswFsBlk - ok
14:03:15.0953 0x0e04 [ AE5549DD21F6DE06406031EF1D51ACC3, 7E4AA6B03864C3E09DB869174BC5660F825D43FC27ABBE54E84F89650FD7679F ] aswMonFlt C:\WINDOWS\system32\drivers\aswMonFlt.sys
14:03:15.0953 0x0e04 aswMonFlt - ok
14:03:16.0000 0x0e04 [ D084D0A7A66619FC29776CBBB9D5FA55, 1896F3A0A0D5C7E08A1A7D08F9D17D6C535FE688AD93C1BAB2A7D911ACAE1D27 ] AswRdr C:\WINDOWS\system32\drivers\AswRdr.sys
14:03:16.0000 0x0e04 AswRdr - ok
14:03:16.0031 0x0e04 [ FA72FA503F580C3C628DD8C7D7622E37, 434FC6A3CB120299C80D99201D5FBA48E4E8C5DDB76F7F0EF4FE95EE522AEE6C ] aswRvrt C:\WINDOWS\system32\drivers\aswRvrt.sys
14:03:16.0031 0x0e04 aswRvrt - ok
14:03:16.0093 0x0e04 [ 4D53349D848C6BADB3D4ACBE98C27676, AC9EAE6F0611F8876CA45FA499A9C4D4DD8EC5DB77F5C52E1BAFD64598F4437A ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
14:03:16.0140 0x0e04 aswSnx - ok
14:03:16.0390 0x0e04 [ 813024DFD54A41B3AFAE2B1E2796CB80, A8C5FB0510E86B0BE567A67A412530312B36FB5BB777EEEE7E17C1D8D4D9699D ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
14:03:16.0406 0x0e04 aswSP - ok
14:03:16.0437 0x0e04 [ 5E18413310134130D7772F0668698CB7, 18CBA5356341640085575D77ABD24358ACD818603FCA2BD49475239E5B50FDD1 ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys
14:03:16.0437 0x0e04 aswTdi - ok
14:03:16.0468 0x0e04 [ A5F637D61719D37A5B4868C385E363C0, 36505921AF5A09175395EBAEA29C72B2A69A3A9204384A767A5BE8A721F31B10 ] aswVmm C:\WINDOWS\system32\drivers\aswVmm.sys
14:03:16.0484 0x0e04 aswVmm - ok
14:03:16.0531 0x0e04 [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
14:03:16.0531 0x0e04 AsyncMac - ok
14:03:16.0562 0x0e04 [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
14:03:16.0562 0x0e04 atapi - ok
14:03:16.0578 0x0e04 Atdisk - ok
14:03:16.0640 0x0e04 [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
14:03:16.0640 0x0e04 Atmarpc - ok
14:03:16.0671 0x0e04 [ B4005AEF7873144634765B570DAC466E, 57D16C46EF3E94718E4789EDE3F7AE6477B8D1960C044C9A893D4C2F544BFE4B ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
14:03:16.0687 0x0e04 AudioSrv - ok
14:03:16.0734 0x0e04 [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
14:03:16.0734 0x0e04 audstub - ok
14:03:16.0828 0x0e04 [ 9330941C8F6DF417F6DBBE998DB6687E, 28BC051D7C74721BAF85BE2AAB97EAE44152779106C5BDA1FDA07B9C049E2FDC ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
14:03:16.0828 0x0e04 avast! Antivirus - ok
14:03:16.0875 0x0e04 [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep C:\WINDOWS\system32\drivers\Beep.sys
14:03:16.0875 0x0e04 Beep - ok
14:03:16.0937 0x0e04 [ BAA0B6E647C1AD593E9BAE5CC31BCFFB, B88506D2FE38238DCC2159996D167DABE3FF9B14192193E1DA72DA8E3872F4A4 ] BITS C:\WINDOWS\system32\qmgr.dll
14:03:16.0984 0x0e04 BITS - ok
14:03:17.0015 0x0e04 [ 06B54A7B1EF7CB16BFD0E208D343FA71, 4766768ECD5B81A9464A25C66C1F5C77AADF637E266D53161A6D0A84AB8AE225 ] Browser C:\WINDOWS\System32\browser.dll
14:03:17.0031 0x0e04 Browser - ok
14:03:17.0062 0x0e04 [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
14:03:17.0062 0x0e04 cbidf2k - ok
14:03:17.0109 0x0e04 [ 0BE5AEF125BE881C4F854C554F2B025C, 1770DD70B3F115A0EF460907DEDC1E4B7241C08615A98F194D61A49C3E2BAA54 ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
14:03:17.0109 0x0e04 CCDECODE - ok
14:03:17.0140 0x0e04 cd20xrnt - ok
14:03:17.0171 0x0e04 [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
14:03:17.0171 0x0e04 Cdaudio - ok
14:03:17.0234 0x0e04 [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
14:03:17.0234 0x0e04 Cdfs - ok
14:03:17.0265 0x0e04 [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
14:03:17.0281 0x0e04 Cdrom - ok
14:03:17.0296 0x0e04 Changer - ok
14:03:17.0328 0x0e04 [ 793EF38A5FD086C3C8E48A8A861562ED, D30E90FAEB2D583B92B17E3A8AE14B1ACD8BA876F1FB9331D019AD36EFC8B12F ] CiSvc C:\WINDOWS\system32\cisvc.exe
14:03:17.0328 0x0e04 CiSvc - ok
14:03:17.0375 0x0e04 [ 8B30CBB0C07D49B2658FB190946B0E7E, 23D4B368FA215DEF31E927D087260FC81DAB1AB7BBB995892990FE4A5CB5CDC0 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
14:03:17.0375 0x0e04 ClipSrv - ok
14:03:17.0406 0x0e04 [ 3C4D595E7F9B747325AEF28B4ADCAAE5, 4A283F3E2E659DA996EC16BC8181E9F521BDFDFCF246D0E432D65D2672AC9629 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:03:17.0453 0x0e04 clr_optimization_v2.0.50727_32 - ok
14:03:17.0484 0x0e04 CmdIde - ok
14:03:17.0500 0x0e04 COMSysApp - ok
14:03:17.0546 0x0e04 Cpqarray - ok
14:03:17.0578 0x0e04 [ 7A6D0B71035E123FDDA2156A25578AD3, 4893ADB1983E6C8E3BD94A1E29136C4BB60EE49017DF062FFD3701397413197C ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
14:03:17.0593 0x0e04 CryptSvc - ok
14:03:17.0609 0x0e04 dac2w2k - ok
14:03:17.0625 0x0e04 dac960nt - ok
14:03:17.0687 0x0e04 [ 3D65EB82E1FA6DB15A33E024C9E03CAB, 60457C03D0E2F4162F1460A224359DE25FD66D05EF450D00E24481CD82C22167 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
14:03:17.0703 0x0e04 DcomLaunch - ok
14:03:17.0750 0x0e04 [ 318F535DC05551D96DEEB90B6D6904DE, 77856DFB059C1BD6D6B91120A66F0BDE960D78B135EB9DA2D704B73229A9779A ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
14:03:17.0750 0x0e04 Dhcp - ok
14:03:17.0781 0x0e04 [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
14:03:17.0796 0x0e04 Disk - ok
14:03:17.0812 0x0e04 dmadmin - ok
14:03:17.0890 0x0e04 [ F5DEADD42335FB33EDCA74ECB2F36CBA, CCCCC041EFE49AEDE02A4EF05282EC3D2417D4B95511F8C5FB455A10AB9E9D78 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
14:03:17.0921 0x0e04 dmboot - ok
14:03:17.0953 0x0e04 [ 5A7C47C9B3F9FB92A66410A7509F0C71, 484612038BF8CF868D6EEBDA4EB0AB56EE317E78A33C9C1C0E8EA19D97F206E4 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
14:03:17.0953 0x0e04 dmio - ok
14:03:18.0000 0x0e04 [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload C:\WINDOWS\system32\drivers\dmload.sys
14:03:18.0000 0x0e04 dmload - ok
14:03:18.0046 0x0e04 [ 6797C23D6B79935482D7F0E8CA5E5B67, 3DBFD7A5261D2838453E85D20CBD1C599E9EB1AD5889AF9DBD51CC9E59230F2F ] dmserver C:\WINDOWS\System32\dmserver.dll
14:03:18.0046 0x0e04 dmserver - ok
14:03:18.0093 0x0e04 [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
14:03:18.0093 0x0e04 DMusic - ok
14:03:18.0125 0x0e04 [ 8A3CE3E2525E1A341FB25E4BDB648FA9, 04BF09BDC3C4EB62A864F92EFB85F60E37C0DA84D8AC3453E7830AA3E31F3CBB ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
14:03:18.0125 0x0e04 Dnscache - ok
14:03:18.0156 0x0e04 [ 3FCF86F03D0302443C21CE6E5BBF7A25, C5F714B05BEF187804DD72910096870C613E6513CD876FAABA60F1E13F1A42A6 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
14:03:18.0171 0x0e04 Dot3svc - ok
14:03:18.0203 0x0e04 dpti2o - ok
14:03:18.0234 0x0e04 [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
14:03:18.0234 0x0e04 drmkaud - ok
14:03:18.0265 0x0e04 [ 8B5FC9087D2CAB110BC2ED5CC5E7B8AC, 7C1A295C283D98D25309CB78817A53ADC5509DCA75A3F390F286CA35F2F74A4F ] EapHost C:\WINDOWS\System32\eapsvc.dll
14:03:18.0265 0x0e04 EapHost - ok
14:03:18.0312 0x0e04 [ 94F948CB12C4D35483F1E815DEB16C7B, 87FC37F604FC27B8370B4383394559E249D9CFCF723D04533A78DC014C0361FB ] ERSvc C:\WINDOWS\System32\ersvc.dll
14:03:18.0312 0x0e04 ERSvc - ok
14:03:18.0343 0x0e04 [ 54CB50058851D95E56EC70D09F70857F, D0D2A569572F36D0B95580AE9F3B48307C9B5C16DFE99A49AD68B7DB84DC0FF6 ] Eventlog C:\WINDOWS\system32\services.exe
14:03:18.0359 0x0e04 Eventlog - ok
14:03:18.0390 0x0e04 [ 9FD4A0615BF3E9388A46EDF8774C7294, 0E34B1DF2BDCDEE29A9E3695502CEBF87469756F5D14ED91FA857D3FC38496C7 ] EventSystem C:\WINDOWS\system32\es.dll
14:03:18.0406 0x0e04 EventSystem - ok
14:03:18.0437 0x0e04 [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
14:03:18.0453 0x0e04 Fastfat - ok
14:03:18.0484 0x0e04 [ B9F20D71E5B6CE89A7A94B38351FDBDC, 8C35ADC2954A1C39353D3CEAD441D359050D3957A3E8910A18E1A3A3A557DE77 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
14:03:18.0484 0x0e04 FastUserSwitchingCompatibility - ok
14:03:18.0531 0x0e04 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
14:03:18.0531 0x0e04 Fdc - ok
14:03:18.0593 0x0e04 [ E9648254056BCE81A85380C0C3647DC4, AE58F498BD1C33360FE3BB9EA22C13EA562206B68E7946B587CB5A6DF94586A1 ] FETNDIS C:\WINDOWS\system32\DRIVERS\fetnd5.sys
14:03:18.0593 0x0e04 FETNDIS - ok
14:03:18.0640 0x0e04 [ 31F923EB2170FC172C81ABDA0045D18C, 6201C05443ABCF4F16F1AA76B0C10C4A796C839DAA7BFEA903E2FBECD43ABD3D ] Fips C:\WINDOWS\system32\drivers\Fips.sys
14:03:18.0640 0x0e04 Fips - ok
14:03:18.0671 0x0e04 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
14:03:18.0671 0x0e04 Flpydisk - ok
14:03:18.0718 0x0e04 [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
14:03:18.0734 0x0e04 FltMgr - ok
14:03:18.0750 0x0e04 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
14:03:18.0750 0x0e04 Fs_Rec - ok
14:03:18.0781 0x0e04 [ A86859B77B908C18C2657F284AA29FE3, EB571928AC961B143A5A8D2DC95BFCFDC1DF35A9098401944F299DB98209E543 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
14:03:18.0796 0x0e04 Ftdisk - ok
14:03:18.0828 0x0e04 [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
14:03:18.0828 0x0e04 Gpc - ok
14:03:18.0859 0x0e04 [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
14:03:18.0859 0x0e04 HDAudBus - ok
14:03:18.0921 0x0e04 [ 1247F83B705AF0E796330442F7967CF8, 3BD60DCD92AE83947BD8E2EE6A6B1AF9B5B32BFAAE25BB7C6529ECA11B0E99CF ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
14:03:18.0921 0x0e04 helpsvc - ok
14:03:18.0937 0x0e04 HidServ - ok
14:03:19.0000 0x0e04 [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
14:03:19.0000 0x0e04 HidUsb - ok
14:03:19.0046 0x0e04 [ 17B3C3D40CDBA40C2E331D28BE4DE27F, 5B42F04392EDF09F03BACE8A254D8AC20E24C0327615E92E5A2027E2809AC19F ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
14:03:19.0046 0x0e04 hkmsvc - ok
14:03:19.0078 0x0e04 hpn - ok
14:03:19.0125 0x0e04 [ F6AACF5BCE2893E0C1754AFEB672E5C9, 62A7A70515B5570A649DC30A3A122B1302F6839A63927C8B29EBE04ABA654892 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
14:03:19.0140 0x0e04 HTTP - ok
14:03:19.0187 0x0e04 [ BD31CFACE38D1800ABDB43F4260AF0D5, 244C853FCB6701CF1DB1496DDE8674C997FC8BE45EA0732332B3109F9886E0D0 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
14:03:19.0187 0x0e04 HTTPFilter - ok
14:03:19.0203 0x0e04 i2omgmt - ok
14:03:19.0234 0x0e04 i2omp - ok
14:03:19.0265 0x0e04 [ A09BDC4ED10E3B2E0EC27BB94AF32516, E6542BCAE854B23F76A476F529D12CCCA3B4681C56CFAE35D22736C257BF85FE ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
14:03:19.0265 0x0e04 i8042prt - ok
14:03:19.0296 0x0e04 [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
14:03:19.0312 0x0e04 Imapi - ok
14:03:19.0359 0x0e04 [ C4221678BBAA55239C23632875759961, 1229CF35731FDBB67974BCE9BDD09B9FC1B79D2A35DCE9CEF8AB3B17D714D97D ] ImapiService C:\WINDOWS\system32\imapi.exe
14:03:19.0375 0x0e04 ImapiService - ok
14:03:19.0406 0x0e04 ini910u - ok
14:03:19.0453 0x0e04 IntelIde - ok
14:03:19.0484 0x0e04 [ AD340800C35A42D4DE1641A37FEEA34C, 646EF8143C38D8CE937DD83FBFB3099B583F242B53B3DF85CFA20DE09263C7CC ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
14:03:19.0484 0x0e04 intelppm - ok
14:03:19.0515 0x0e04 [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
14:03:19.0515 0x0e04 Ip6Fw - ok
14:03:19.0578 0x0e04 [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
14:03:19.0578 0x0e04 IpFilterDriver - ok
14:03:19.0625 0x0e04 [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
14:03:19.0625 0x0e04 IpInIp - ok
14:03:19.0671 0x0e04 [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
14:03:19.0687 0x0e04 IpNat - ok
14:03:19.0734 0x0e04 [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
14:03:19.0734 0x0e04 IPSec - ok
14:03:19.0781 0x0e04 [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
14:03:19.0781 0x0e04 IRENUM - ok
14:03:19.0828 0x0e04 [ 355836975A67B6554BCA60328CD6CB74, 3B9A6E9F40A025D393B7F7226716909087D495B4B0E8472BB857F14D489D479D ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
14:03:19.0843 0x0e04 isapnp - ok
14:03:19.0937 0x0e04 [ 9ECF00E19736054E019C532AED8228FC, F5A64A8269EA3655BBD4850298F335C0BD30535258928ED7CE62A32A3363E60B ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
14:03:19.0953 0x0e04 JavaQuickStarterService - ok
14:03:20.0000 0x0e04 [ 16813155807C6881F4BFBF6657424659, 5C0A3630E29B7FB9C1A8E9F06AD91A152CB189B0A4CBB2BA2557D937CA4B0AD6 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
14:03:20.0000 0x0e04 Kbdclass - ok
14:03:20.0078 0x0e04 [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
14:03:20.0078 0x0e04 kmixer - ok
14:03:20.0109 0x0e04 [ 1705745D900DABF2D89F90EBADDC7517, FE90589415BDB3BA482D3EBE1A87A7BF1429791E8F18BCB66BF8874631CC8B2C ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
14:03:20.0109 0x0e04 KSecDD - ok
14:03:20.0156 0x0e04 [ B206CEE1CB4876CC59E2C3721E6034E3, BCF9AFFC8F36BBACAA8385B2C0CEB177B65A0DB17B26CE7AECE83A3A123CB396 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
14:03:20.0171 0x0e04 LanmanServer - ok
14:03:20.0218 0x0e04 [ 1E407456DF47B04AF13264BECF3BC3F4, BBC68105EEA17F90B1702C8530C6147B571B7C9EC0EB95D40F4E221CA3FBF3CA ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
14:03:20.0234 0x0e04 lanmanworkstation - ok
14:03:20.0250 0x0e04 lbrtfdc - ok
14:03:20.0312 0x0e04 [ 0F357C079AC529A844AB5B18E4EEF881, D1CF1AB2ABEA672AC1607608390A57C177EC0B9586115CA6A0CD919C7BC86E65 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
14:03:20.0312 0x0e04 LmHosts - ok
14:03:20.0359 0x0e04 [ E67A66A3781C1A483F0F8992664CBE0D, 9C90AB5CCB677E7E81C42A03526547F2ED29B009E0832E87EAC10E814F55FAB6 ] Messenger C:\WINDOWS\System32\msgsvc.dll
14:03:20.0359 0x0e04 Messenger - ok
14:03:20.0406 0x0e04 [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
14:03:20.0406 0x0e04 mnmdd - ok
14:03:20.0453 0x0e04 [ D3A2870CD96CDA7BCFF3DC54F64087AD, FF649A85E4EB9651D3B08C6B5B3EDD40569F22FD322A891E86345157DB053D3F ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
14:03:20.0453 0x0e04 mnmsrvc - ok
14:03:20.0484 0x0e04 [ 510ADE9327FE84C10254E1902697E25F, 2CDCE41F52BF4FC73C7689C371C401C2306FF128E8881C1B5CAAB3F8019F839A ] Modem C:\WINDOWS\system32\drivers\Modem.sys
14:03:20.0484 0x0e04 Modem - ok
14:03:20.0531 0x0e04 [ 027C01BD7EF3349AAEBC883D8A799EFB, 33EF2BF037B650C6EFC271EABAB241AF76B6826DA30B5FA158CC1B8E12DD52DE ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
14:03:20.0531 0x0e04 Mouclass - ok
14:03:20.0578 0x0e04 [ 124D6846040C79B9C997F78EF4B2A4E5, 2C0FA3B5F57D757CB4487F523CAB944E470256685F1C4AF4F06D0D27B67D5BEB ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
14:03:20.0593 0x0e04 mouhid - ok
14:03:20.0609 0x0e04 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
14:03:20.0625 0x0e04 MountMgr - ok
14:03:20.0640 0x0e04 mraid35x - ok
14:03:20.0671 0x0e04 [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
14:03:20.0687 0x0e04 MRxDAV - ok
14:03:20.0734 0x0e04 [ 68755F0FF16070178B54674FE5B847B0, 2FFBCE3A67FA7E30E373624521C602E5510C5565F04381C6C9F961253DA928A6 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
14:03:20.0750 0x0e04 MRxSmb - ok
14:03:20.0828 0x0e04 [ 825DDD8DDD89EDE56B52C71CE8BB4E73, 8B27C58481771431294EC04DBB50F25A0D61F5CFCAD051928C3BFCE7F098CA02 ] MSCamSvc C:\Program Files\Microsoft LifeCam\MSCamSvc.exe
14:03:20.0828 0x0e04 MSCamSvc - ok
14:03:20.0875 0x0e04 [ 8648D670AE0D95C95E7BBB5B80661796, 9CECF01E6D4A223E19676DC6C63A6396076FAFAC3502DB236096B04D8E38F0E5 ] MSDTC C:\WINDOWS\system32\msdtc.exe
14:03:20.0875 0x0e04 MSDTC - ok
14:03:20.0906 0x0e04 [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
14:03:20.0906 0x0e04 Msfs - ok
14:03:20.0937 0x0e04 MSIServer - ok
14:03:20.0968 0x0e04 [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
14:03:20.0968 0x0e04 MSKSSRV - ok
14:03:21.0000 0x0e04 [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
14:03:21.0000 0x0e04 MSPCLOCK - ok
14:03:21.0031 0x0e04 [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
14:03:21.0046 0x0e04 MSPQM - ok
14:03:21.0078 0x0e04 [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
14:03:21.0078 0x0e04 mssmbios - ok
14:03:21.0109 0x0e04 [ E53736A9E30C45FA9E7B5EAC55056D1D, 38602F280BF69EBA3706AD175AFC1AEB561A8302B4B61E3FECB3C27D7A9BDB41 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
14:03:21.0109 0x0e04 MSTEE - ok
14:03:21.0140 0x0e04 [ 2F625D11385B1A94360BFC70AAEFDEE1, 23E4974120233CF1A7BEE48977706A0A55418699379D1450502ABEB24191AC80 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
14:03:21.0140 0x0e04 Mup - ok
14:03:21.0171 0x0e04 [ 5B50F1B2A2ED47D560577B221DA734DB, C16A554B6E1A7F5F98C94DFA88163E0F7426506BF2F51FD351B1A05FC0DB3BC5 ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
14:03:21.0187 0x0e04 NABTSFEC - ok
14:03:21.0218 0x0e04 [ 69E4FBBABAEEE1BFF422E091DA3171DA, DEA178FF8245C41B603C20069846D928381825DF7F29FE12899C0B68FBBE1A2C ] napagent C:\WINDOWS\System32\qagentrt.dll
14:03:21.0234 0x0e04 napagent - ok
14:03:21.0265 0x0e04 [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
14:03:21.0281 0x0e04 NDIS - ok
14:03:21.0312 0x0e04 [ 7FF1F1FD8609C149AA432F95A8163D97, 18CD1FF5AC1EF8A38D1EC53014F2BADD28D9CDF4ECE2EBC2313D08903776F323 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
14:03:21.0312 0x0e04 NdisIP - ok
14:03:21.0343 0x0e04 [ 1AB3D00C991AB086E69DB84B6C0ED78F, 1F881FCCF5557C44C078D99CA2DD38D635413D6212DBEDC06A428EDAC7F8B04E ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
14:03:21.0343 0x0e04 NdisTapi - ok
14:03:21.0390 0x0e04 [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
14:03:21.0390 0x0e04 Ndisuio - ok
14:03:21.0421 0x0e04 [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
14:03:21.0421 0x0e04 NdisWan - ok
14:03:21.0453 0x0e04 [ 6215023940CFD3702B46ABC304E1D45A, C767F3A349B365F6E7566C0738E2F62D8FFF8CB4457347E3614BD403BC6CADCB ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
14:03:21.0453 0x0e04 NDProxy - ok
14:03:21.0484 0x0e04 [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
14:03:21.0500 0x0e04 NetBIOS - ok
14:03:21.0531 0x0e04 [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
14:03:21.0546 0x0e04 NetBT - ok
14:03:21.0593 0x0e04 [ 5C9B1D83755B36237B70F95DF3D46A52, D69F971102C6FBCC0BA2A043D31BBEAD6ADFC606A3E402436EF1A24240D0543A ] NetDDE C:\WINDOWS\system32\netdde.exe
14:03:21.0609 0x0e04 NetDDE - ok
14:03:21.0640 0x0e04 [ 5C9B1D83755B36237B70F95DF3D46A52, D69F971102C6FBCC0BA2A043D31BBEAD6ADFC606A3E402436EF1A24240D0543A ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
14:03:21.0640 0x0e04 NetDDEdsdm - ok
14:03:21.0687 0x0e04 [ 91E6024D6D4DCDECDB36C43ECF9BBECB, D288C5CD69B8E4612B689FB33B9CCD5594634D14C14D53A842DB742264A64D6B ] Netlogon C:\WINDOWS\system32\lsass.exe
14:03:21.0703 0x0e04 Netlogon - ok
14:03:21.0750 0x0e04 [ BE0CB143FA427D93440DED18DB8C918B, 9522756F22E37A2AAF443F486F7BB34C05A0788D213092C09A49EE44C47D79CA ] Netman C:\WINDOWS\System32\netman.dll
14:03:21.0765 0x0e04 Netman - ok
14:03:21.0812 0x0e04 [ 196CCC3FDD21665DCAA9F83FFC03B41A, 9437CE3049B644FF2935A9ED051AE898B39DE8CFC8DD08B2E1CB195B682B2ECD ] Nla C:\WINDOWS\System32\mswsock.dll
14:03:21.0828 0x0e04 Nla - ok
14:03:21.0843 0x0e04 [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
14:03:21.0859 0x0e04 Npfs - ok
14:03:21.0906 0x0e04 [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
14:03:21.0921 0x0e04 Ntfs - ok
14:03:21.0953 0x0e04 [ 91E6024D6D4DCDECDB36C43ECF9BBECB, D288C5CD69B8E4612B689FB33B9CCD5594634D14C14D53A842DB742264A64D6B ] NtLmSsp C:\WINDOWS\system32\lsass.exe
14:03:21.0953 0x0e04 NtLmSsp - ok
14:03:22.0015 0x0e04 [ 037D92B3A7853A183FCAB77FB1D13D6C, 941CAD5CFB1EFFBD997A5694E281E8D63D007FC39907A1840FA966BDF77975A9 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
14:03:22.0031 0x0e04 NtmsSvc - ok
14:03:22.0078 0x0e04 [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null C:\WINDOWS\system32\drivers\Null.sys
14:03:22.0078 0x0e04 Null - ok
14:03:22.0125 0x0e04 [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
14:03:22.0125 0x0e04 NwlnkFlt - ok
14:03:22.0156 0x0e04 [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
14:03:22.0156 0x0e04 NwlnkFwd - ok
14:03:22.0218 0x0e04 [ 7A56CF3E3F12E8AF599963B16F50FB6A, 882C82BAE96D263138D4C0D6C425458B770B7B9C8E9C1D28AC918BF6BE94A5C2 ] ose C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE
14:03:22.0218 0x0e04 ose - ok
14:03:22.0265 0x0e04 [ 8FD0BDBEA875D06CCF6C945CA9ABAF75, 54964CD4C15B7EC4A037AA5E1200BD5C0B23B44EF12BABDA53D491AA23BA1FE6 ] Parport C:\WINDOWS\system32\drivers\Parport.sys
14:03:22.0265 0x0e04 Parport - ok
14:03:22.0296 0x0e04 [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
14:03:22.0296 0x0e04 PartMgr - ok
14:03:22.0359 0x0e04 [ 9575C5630DB8FB804649A6959737154C, B73094C0043CC5CB97D7DF1243D30DF3E41C453F0721C7265F20B735AEF8E723 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
14:03:22.0359 0x0e04 ParVdm - ok
14:03:22.0390 0x0e04 [ 043410877BDA580C528F45165F7125BC, 80B6997166866529F562135D333BA4787EBE466173C82958B28FAF9AD654090C ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
14:03:22.0390 0x0e04 PCI - ok
14:03:22.0421 0x0e04 PCIDump - ok
14:03:22.0437 0x0e04 [ F4BFDE7209C14A07AAA61E4D6AE69EAC, B67D87F22169572AD41884080FA9CBD5BABC248F40B71EA7297E516576982DD3 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
14:03:22.0453 0x0e04 PCIIde - ok
14:03:22.0484 0x0e04 [ F0406CBC60BDB0394A0E17FFB04CDD3D, 8167B46B5DD39E6CB1D49C64D9E88AD2A9C46D6C57B3A3A3F41B3BE18A4706CE ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
14:03:22.0500 0x0e04 Pcmcia - ok
14:03:22.0515 0x0e04 PDCOMP - ok
14:03:22.0546 0x0e04 PDFRAME - ok
14:03:22.0562 0x0e04 PDRELI - ok
14:03:22.0609 0x0e04 PDRFRAME - ok
14:03:22.0625 0x0e04 perc2 - ok
14:03:22.0656 0x0e04 perc2hib - ok
14:03:22.0750 0x0e04 [ 54CB50058851D95E56EC70D09F70857F, D0D2A569572F36D0B95580AE9F3B48307C9B5C16DFE99A49AD68B7DB84DC0FF6 ] PlugPlay C:\WINDOWS\system32\services.exe
14:03:22.0750 0x0e04 PlugPlay - ok
14:03:22.0781 0x0e04 [ 91E6024D6D4DCDECDB36C43ECF9BBECB, D288C5CD69B8E4612B689FB33B9CCD5594634D14C14D53A842DB742264A64D6B ] PolicyAgent C:\WINDOWS\system32\lsass.exe
14:03:22.0781 0x0e04 PolicyAgent - ok
14:03:22.0812 0x0e04 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
14:03:22.0812 0x0e04 PptpMiniport - ok
14:03:22.0859 0x0e04 [ 91E6024D6D4DCDECDB36C43ECF9BBECB, D288C5CD69B8E4612B689FB33B9CCD5594634D14C14D53A842DB742264A64D6B ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
14:03:22.0859 0x0e04 ProtectedStorage - ok
14:03:22.0890 0x0e04 [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
14:03:22.0890 0x0e04 PSched - ok
14:03:22.0921 0x0e04 [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
14:03:22.0921 0x0e04 Ptilink - ok
14:03:22.0937 0x0e04 ql1080 - ok
14:03:22.0968 0x0e04 Ql10wnt - ok
14:03:23.0000 0x0e04 ql12160 - ok
14:03:23.0015 0x0e04 ql1240 - ok
14:03:23.0046 0x0e04 ql1280 - ok
14:03:23.0062 0x0e04 [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
14:03:23.0062 0x0e04 RasAcd - ok
14:03:23.0109 0x0e04 [ 78DA9CCDAC683EF5AA87D1C919F6D221, C564185A684BAB97FBA7320273764DB8961B18D5AD5F1D6B741A6C385FC8717B ] RasAuto C:\WINDOWS\System32\rasauto.dll
14:03:23.0109 0x0e04 RasAuto - ok
14:03:23.0156 0x0e04 [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
14:03:23.0156 0x0e04 Rasl2tp - ok
14:03:23.0203 0x0e04 [ 0A48DF90B4784F9B90A2671AF992C914, CA3696C6688F97D55E5302E5D3040899081FF48E41DF2138B48F405DDDE8AEA0 ] RasMan C:\WINDOWS\System32\rasmans.dll
14:03:23.0218 0x0e04 RasMan - ok
14:03:23.0250 0x0e04 [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
14:03:23.0250 0x0e04 RasPppoe - ok
14:03:23.0265 0x0e04 [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
14:03:23.0281 0x0e04 Raspti - ok
14:03:23.0312 0x0e04 [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
14:03:23.0312 0x0e04 Rdbss - ok
14:03:23.0359 0x0e04 [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
14:03:23.0359 0x0e04 RDPCDD - ok
14:03:23.0421 0x0e04 [ 6728E45B66F93C08F11DE2E316FC70DD, EA63ECD4F84CAE08BD2BF843C48AF505B1B9D7B61349A63536C9C6FEBEF23452 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
14:03:23.0437 0x0e04 RDPWD - ok
14:03:23.0468 0x0e04 [ 9F63D9C5B238ED1C375D417EFF3D5BE7, 168BEA4CDE9A1C6A10998B4217626525C3C3F248956B946F1A2D51E807B0FEE4 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
14:03:23.0484 0x0e04 RDSessMgr - ok
14:03:23.0531 0x0e04 [ D8EB2A7904DB6C916EB5361878DDCBAE, 3C6B04E18D5CE52777E349EFC213B8A570281F3192C491CCB6FA0593CC33B2A4 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
14:03:23.0546 0x0e04 redbook - ok
14:03:23.0593 0x0e04 [ 7DA370C31673C99497BD07068EE6E354, 159B25D0C4AF6C55658364B8DF74ADAE4DECA1B19D1F27D878C607AE29E47CB1 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
14:03:23.0593 0x0e04 RemoteAccess - ok
14:03:23.0640 0x0e04 [ 499C59A2584F6D4EA41E944DA571D993, 45291CBDCCA2B6217C442B788BDEB2202A11C9A51D08AA867F44008471A9C759 ] RpcLocator C:\WINDOWS\system32\locator.exe
14:03:23.0640 0x0e04 RpcLocator - ok
14:03:23.0703 0x0e04 [ 3D65EB82E1FA6DB15A33E024C9E03CAB, 60457C03D0E2F4162F1460A224359DE25FD66D05EF450D00E24481CD82C22167 ] RpcSs C:\WINDOWS\system32\rpcss.dll
14:03:23.0718 0x0e04 RpcSs - ok
14:03:23.0781 0x0e04 [ 414964844F4793ACB868D057E8ED997E, 843E0C7761AC001BF1169251167B08DA24E227F041F80586F2A54197A166FD13 ] RSVP C:\WINDOWS\system32\rsvp.exe
14:03:23.0796 0x0e04 RSVP - ok
14:03:23.0828 0x0e04 [ D507C1400284176573224903819FFDA3, DD0BDB2AB39A8A0A300B6D60FB6A7F5BA08C4DB8F59E0A784FB763EA8AD72AB2 ] rtl8139 C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
14:03:23.0828 0x0e04 rtl8139 - ok
14:03:23.0921 0x0e04 [ 861E6B8B54CF678400BE310007557AE9, 21EEFFB27AB19FD112BCF765BF305C8BFEDB6BCE6643BE970D3EC1FE26793E79 ] S3GIGP C:\WINDOWS\system32\DRIVERS\S3gIGPm.sys
14:03:23.0968 0x0e04 S3GIGP - ok
14:03:24.0000 0x0e04 [ 91E6024D6D4DCDECDB36C43ECF9BBECB, D288C5CD69B8E4612B689FB33B9CCD5594634D14C14D53A842DB742264A64D6B ] SamSs C:\WINDOWS\system32\lsass.exe
14:03:24.0000 0x0e04 SamSs - ok
14:03:24.0031 0x0e04 [ 67949CC8A865296C1333C96A4E1A2D66, 89BD385E3D6634557AE76D427A791A0D9DC4E3DD7DBE923A0A031F124BBC0ED6 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
14:03:24.0046 0x0e04 SCardSvr - ok
14:03:24.0093 0x0e04 [ 55F5C5C1BE1A78E285033E432BA01597, 6844EE76BF36FD88C61F7B312BB53C4C8F5BF328985E9D629CFF4D526C404DD3 ] Schedule C:\WINDOWS\system32\schedsvc.dll
14:03:24.0125 0x0e04 Schedule - ok
14:03:24.0203 0x0e04 [ D358E077A0A05D9B12DA22D137EE8464, 7B6493B199DEF411596B1A6F479F57838202B102C3324333B620E212E0AE9053 ] SeaPort C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
14:03:24.0218 0x0e04 SeaPort - ok
14:03:24.0250 0x0e04 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
14:03:24.0250 0x0e04 Secdrv - ok
14:03:24.0281 0x0e04 [ 5AC311C0AF2AF5EC221670BB8DC479D3, C064CDDE7EAD4D387A7A78BF8AF6B47F1D028D5E57D1BAE3E74D4826B4C38F56 ] seclogon C:\WINDOWS\System32\seclogon.dll
14:03:24.0281 0x0e04 seclogon - ok
14:03:24.0312 0x0e04 [ 3531366F38F453D08FE72E7B32DFE786, F040CE3C2D3E8A67D72DBD7A1BB0AB10576944CBAD930B24A5DA00225365EEFB ] SENS C:\WINDOWS\system32\sens.dll
14:03:24.0312 0x0e04 SENS - ok
14:03:24.0343 0x0e04 [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
14:03:24.0359 0x0e04 serenum - ok
14:03:24.0406 0x0e04 [ 93D313C31F7AD9EA2B75F26075413C7C, 7CBC2C8852D671100AE2EB6F09C416D30C2E65F5FF5D777E4AC133E4F7ACBA7B ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
14:03:24.0406 0x0e04 Serial - ok
14:03:24.0437 0x0e04 [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
14:03:24.0437 0x0e04 Sfloppy - ok
14:03:24.0484 0x0e04 [ F4CE708A7D17A625DE6C0FD746D50E88, 9531A52B5049C9993930704BAAE2A15376274CAC4E98EBF6EA4C8AE3663957CD ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
14:03:24.0500 0x0e04 SharedAccess - ok
14:03:24.0531 0x0e04 [ B9F20D71E5B6CE89A7A94B38351FDBDC, 8C35ADC2954A1C39353D3CEAD441D359050D3957A3E8910A18E1A3A3A557DE77 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
14:03:24.0546 0x0e04 ShellHWDetection - ok
14:03:24.0562 0x0e04 Simbad - ok
14:03:24.0625 0x0e04 [ 866D538EBE33709A5C9F5C62B73B7D14, BC94BEB7C17B4FCAC8B5D0D5006A203BC209E0504EECE149651D8691935696CD ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
14:03:24.0625 0x0e04 SLIP - ok
14:03:24.0656 0x0e04 Sparrow - ok
14:03:24.0703 0x0e04 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter C:\WINDOWS\system32\drivers\splitter.sys
14:03:24.0703 0x0e04 splitter - ok
14:03:24.0734 0x0e04 [ 460E4CE148BD07218DA0B6A3D31885A9, 4022F4FE2D94089D5956002C9218D5F47B52985C3D5736905457BF327C44D44D ] Spooler C:\WINDOWS\system32\spoolsv.exe
14:03:24.0750 0x0e04 Spooler - ok
14:03:24.0812 0x0e04 [ 39626E6DC1FB39434EC40C42722B660A, 4FB99976F0BFA14A176C25B47E55DA448773530018DA4C25DC237C4121DC0EFA ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
14:03:24.0812 0x0e04 sr - ok
14:03:24.0843 0x0e04 [ 6ED29124A1C83BD0CF6B26BD01CA6F6F, B88211872F43A0781EB5F12E19DEA319FEAC8C7F635774C6B59D73C16BF25B5D ] srservice C:\WINDOWS\system32\srsvc.dll
14:03:24.0875 0x0e04 srservice - ok
14:03:24.0906 0x0e04 [ 5252605079810904E31C332E241CD59B, 039DD965DE2137219168F95CA3BF1CA7353957026BDD0481F7964E2578DF2128 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
14:03:24.0921 0x0e04 Srv - ok
14:03:24.0968 0x0e04 [ EA9E0DB8684CEF2FD3BADD671DF5A112, D822BE0278A8FF7DDD14428F6AA557EC581C2D33121777451D86920245FFC6F5 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
14:03:24.0984 0x0e04 SSDPSRV - ok
14:03:25.0031 0x0e04 [ D76B0E8A4ECAD1ADCC75FD14A7ACC54C, 9203AD97A96794DD93F7EEF8273CC9C421CDF7941937C6DDA82C1E14F697A7E0 ] stisvc C:\WINDOWS\system32\wiaservc.dll
14:03:25.0046 0x0e04 stisvc - ok
14:03:25.0078 0x0e04 [ 77813007BA6265C4B6098187E6ED79D2, 93939120E803C46FBFD577C8FC2E6C7E71C0460E01D25CB29579490640AB50C7 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
14:03:25.0093 0x0e04 streamip - ok
14:03:25.0125 0x0e04 [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
14:03:25.0125 0x0e04 swenum - ok
14:03:25.0156 0x0e04 [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
14:03:25.0156 0x0e04 swmidi - ok
14:03:25.0187 0x0e04 SwPrv - ok
14:03:25.0203 0x0e04 symc810 - ok
14:03:25.0234 0x0e04 symc8xx - ok
14:03:25.0265 0x0e04 sym_hi - ok
14:03:25.0281 0x0e04 sym_u3 - ok
14:03:25.0312 0x0e04 [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
14:03:25.0328 0x0e04 sysaudio - ok
14:03:25.0375 0x0e04 [ 0899061318A6B1D9596AABFC77F45E44, A331BD7AC6A7542DEE6478928D756E2E5BA6F957A369F830979A76ACB5E8D612 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
14:03:25.0375 0x0e04 SysmonLog - ok
14:03:25.0421 0x0e04 [ 8E5231171AD6595FF002E848CC54FCD7, C13AF616046C31BCC514B72160A366B0FFA376851C6F76445F03A86B81769670 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
14:03:25.0437 0x0e04 TapiSrv - ok
14:03:25.0484 0x0e04 [ 93EA8D04EC73A85DB02EB8805988F733, 013008E23F5F14E0C836C28524D1181759BAF84530C6331163882A772217F398 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
14:03:25.0500 0x0e04 Tcpip - ok
14:03:25.0546 0x0e04 [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
14:03:25.0546 0x0e04 TDPIPE - ok
14:03:25.0578 0x0e04 [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
14:03:25.0578 0x0e04 TDTCP - ok
14:03:25.0640 0x0e04 [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
14:03:25.0640 0x0e04 TermDD - ok
14:03:25.0687 0x0e04 [ 710BC85A8C22626EE094439E3EA0D38C, B48ED980DBFADDA941170F54D62D6C4B1787435CC97E45D3B2DED9B73FE8F887 ] TermService C:\WINDOWS\System32\termsrv.dll
14:03:25.0718 0x0e04 TermService - ok
14:03:25.0750 0x0e04 [ B9F20D71E5B6CE89A7A94B38351FDBDC, 8C35ADC2954A1C39353D3CEAD441D359050D3957A3E8910A18E1A3A3A557DE77 ] Themes C:\WINDOWS\System32\shsvcs.dll
14:03:25.0750 0x0e04 Themes - ok
14:03:25.0781 0x0e04 TosIde - ok
14:03:25.0812 0x0e04 [ E1A84A5067627407A53C2C4F8D8A1D2E, 23A082FEBB83F9211D63727A94499652CF03A3EE16B782EDFF3947978BC7685A ] TrkWks C:\WINDOWS\system32\trkwks.dll
14:03:25.0828 0x0e04 TrkWks - ok
14:03:25.0875 0x0e04 [ D85938F272D1BCF3DB3A31FC0A048928, 798328C8C06EEE7B0852E6D2B16C3AF24D529737ECA2E9725415261A5736D051 ] uagp35 C:\WINDOWS\system32\DRIVERS\uagp35.sys
14:03:25.0890 0x0e04 uagp35 - ok
14:03:25.0937 0x0e04 [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
14:03:25.0937 0x0e04 Udfs - ok
14:03:25.0953 0x0e04 ultra - ok
14:03:26.0000 0x0e04 [ AB0A7CA90D9E3D6A193905DC1715DED0, CA764A2B92E727E3398134CD50D5622B4EC387436A3644063DA1D114CE63BD64 ] UMWdf C:\WINDOWS\system32\wdfmgr.exe
14:03:26.0015 0x0e04 UMWdf - ok
14:03:26.0078 0x0e04 [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
14:03:26.0093 0x0e04 Update - ok
14:03:26.0140 0x0e04 [ BD8166A495B02308F364B36249475F22, 62D71C84858CF8EC57A1A1899ABA0FC261880BA6D17B3685DD47BF560E14D11C ] upnphost C:\WINDOWS\System32\upnphost.dll
14:03:26.0156 0x0e04 upnphost - ok
14:03:26.0187 0x0e04 [ 1EDC93D7BD731B5CA6248AE245099B60, 1E2BEA04488C89BA45D54AC80DC44F7096946D325590B2BF774D86DE2CE2382C ] UPS C:\WINDOWS\System32\ups.exe
14:03:26.0203 0x0e04 UPS - ok
14:03:26.0234 0x0e04 [ E919708DB44ED8543A7C017953148330, 226D032912D396117213FC29CD0BB5A8B2F872DD91D92F254F2F1FE392481B61 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
14:03:26.0234 0x0e04 usbaudio - ok
14:03:26.0281 0x0e04 [ 173F317CE0DB8E21322E71B7E60A27E8, 7042441BA63AE38AE9D7BE0BC5CA7404FC9EE5BB3F084604A68F01E82769652A ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
14:03:26.0281 0x0e04 usbccgp - ok
14:03:26.0312 0x0e04 [ 65DCF09D0E37D4C6B11B5B0B76D470A7, 90EBA8BAF45932B453D905EDF2BDDDF3A432BFD50B9F7DF58CDEAE98D11C2E2F ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
14:03:26.0312 0x0e04 usbehci - ok
14:03:26.0343 0x0e04 [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
14:03:26.0343 0x0e04 usbhub - ok
14:03:26.0390 0x0e04 [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
14:03:26.0390 0x0e04 usbprint - ok
14:03:26.0437 0x0e04 [ A0B8CF9DEB1184FBDD20784A58FA75D4, D8AFD45BD9CF7B02F2554AA6085194DE82893AF794EDF479BC9B9E9C1758DC75 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
14:03:26.0437 0x0e04 usbscan - ok
14:03:26.0468 0x0e04 [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
14:03:26.0468 0x0e04 USBSTOR - ok
14:03:26.0531 0x0e04 [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
14:03:26.0546 0x0e04 usbuhci - ok
14:03:26.0562 0x0e04 [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
14:03:26.0562 0x0e04 VgaSave - ok
14:03:26.0609 0x0e04 [ 2558130AF8D68FC313F2427DE4DDC3AA, A0D23AD0F3E23144A5E1CF455A4A064A5E6A14E9CD8BD0B2654FBA919BB9FA56 ] VIAHdAudAddService C:\WINDOWS\system32\drivers\viahduaa.sys
14:03:26.0640 0x0e04 VIAHdAudAddService - ok
14:03:26.0671 0x0e04 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E, FC7FFD53FCC0F81587EFF26A43C141D25C43DBC68311520CE2BCDD739CA58CA9 ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
14:03:26.0671 0x0e04 ViaIde - ok
14:03:26.0718 0x0e04 [ 46DE1126684369BACE4849E4FC8C43CA, 7D7B9B9C38D5E07D941B06DCDA8DC1CFFB80D2DD7717209E27A6AF7A9ACC51D4 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
14:03:26.0718 0x0e04 VolSnap - ok
14:03:26.0765 0x0e04 [ 5A4DA252B2C0550AB83D129C02CF6C19, FADE9EB68A47539F647BB5733836ABE73B69C8C43EA5AE4933A43343E459DD5D ] VSS C:\WINDOWS\System32\vssvc.exe
14:03:26.0781 0x0e04 VSS - ok
14:03:26.0890 0x0e04 [ 56D237A542FC494F6CD77C480DBF1A15, D97FDBBE5B03332EF42F96F0229D1744E9FD1FDACA745178DCA25FB7453E7423 ] VX1000 C:\WINDOWS\system32\DRIVERS\VX1000.sys
14:03:26.0968 0x0e04 VX1000 - ok
14:03:27.0031 0x0e04 [ C1F726EE0B043B074A68992BC4AEF8FD, 17C1AA49903E081CEF9DC240A8F897D6C97DAE1DE2CF1FD43D05DC6D46EAAA60 ] W32Time C:\WINDOWS\system32\w32time.dll
14:03:27.0031 0x0e04 W32Time - ok
14:03:27.0078 0x0e04 [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
14:03:27.0078 0x0e04 Wanarp - ok
14:03:27.0109 0x0e04 WDICA - ok
14:03:27.0156 0x0e04 [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
14:03:27.0156 0x0e04 wdmaud - ok
14:03:27.0218 0x0e04 [ 714670E64FBE6D28D99871ED9A52A334, BDC9681A6BCF786C0AD9D999FE0AC16299D8F2486B2DF03962396942964CCCCB ] WebClient C:\WINDOWS\System32\webclnt.dll
14:03:27.0218 0x0e04 WebClient - ok
14:03:27.0296 0x0e04 [ 5E9DEAE9980FF34BCD6DDE2E9E2BF911, 1F6EACA551F4BB222A56CB450A529C001188F1DA46C9E59D9C2F12FA40B6B1E6 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
14:03:27.0296 0x0e04 winmgmt - ok
14:03:27.0390 0x0e04 [ 140EF97B64F560FD78643CAE2CDAD838, 1DEA8005220A3EFEC6E32A7DE4386026CCC1E5328E2FDCB82B1FB335905D1962 ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
14:03:27.0406 0x0e04 WmdmPmSN - ok
14:03:27.0468 0x0e04 [ 4E8E8A58F56B25D0795F484E5EB7F898, 32F8EC10A5992185C13304AAA532C638ECB709EF9D9D883F88032BB30E3AE098 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
14:03:27.0468 0x0e04 WmiApSrv - ok
14:03:27.0515 0x0e04 [ 6ABE6E225ADB5A751622A9CC3BC19CE8, 4061C5D0F051DFF1730E2A3BFC1CCA97B29602FC50F10F6B44D93B0D28F42024 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
14:03:27.0515 0x0e04 WS2IFSL - ok
14:03:27.0578 0x0e04 [ C1FD85DB4A80A98D60ECB7A828E77FE0, CFDADDD4C5355C9052431BFA579B8697A3F46A211E22EA03FDDD44C0D3F0A0CB ] wscsvc C:\WINDOWS\system32\wscsvc.dll
14:03:27.0578 0x0e04 wscsvc - ok
14:03:27.0609 0x0e04 [ C98B39829C2BBD34E454150633C62C78, 71B60EA3AD0E2637917D528C6A9E7ECF2949E3E5E91036AA5BBADA95BD725511 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
14:03:27.0609 0x0e04 WSTCODEC - ok
14:03:27.0656 0x0e04 [ 75D6C5C3D2C93B1F9931E5DFB693AE2A, 793A4417D919EAC190428C3F29D387E67A62E120829463AE9FAF57D1ABCA75A7 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
14:03:27.0687 0x0e04 wuauserv - ok
14:03:27.0734 0x0e04 [ C336E54EE0C291A02F004667DB1E66CB, 4D5486D2CA53A331E84624351474D61E9BD4744A2BDC5034B86B0AE57E59D8E4 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
14:03:27.0765 0x0e04 WZCSVC - ok
14:03:27.0812 0x0e04 [ F92A87FDDA0C11C8604FBC2B864FA726, 84FCD77D690D1D0591C1A0D452F7C8630382C02A8A0187E0A1E68AD6A6E3D575 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
14:03:27.0828 0x0e04 xmlprov - ok
14:03:27.0875 0x0e04 ================ Scan global ===============================
14:03:27.0906 0x0e04 [ 61013AB2E38550619637AA6CC02383D4, BE246809E56C134901A3A4DF1EF2240ABDBFD6876A2B7094DCACB16D1B4929F8 ] C:\WINDOWS\system32\basesrv.dll
14:03:27.0937 0x0e04 [ 3174C4542C75652F498F026F6CB1ADB8, DC0F7178F5C925247288DA22B9B9997A203E1F549A1ED7FDA3660322AA726014 ] C:\WINDOWS\system32\winsrv.dll
14:03:27.0968 0x0e04 [ 3174C4542C75652F498F026F6CB1ADB8, DC0F7178F5C925247288DA22B9B9997A203E1F549A1ED7FDA3660322AA726014 ] C:\WINDOWS\system32\winsrv.dll
14:03:28.0000 0x0e04 [ 54CB50058851D95E56EC70D09F70857F, D0D2A569572F36D0B95580AE9F3B48307C9B5C16DFE99A49AD68B7DB84DC0FF6 ] C:\WINDOWS\system32\services.exe
14:03:28.0015 0x0e04 [ Global ] - ok
14:03:28.0015 0x0e04 ================ Scan MBR ==================================
14:03:28.0046 0x0e04 [ 34FD1509ABFCBE0C1C1BE417A95C7381 ] \Device\Harddisk0\DR0
14:03:28.0062 0x0e04 \Device\Harddisk0\DR0 - detected Rootkit.Boot.SST.a ( 0 )
14:03:28.0062 0x0e04 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.a ) - infected
14:03:30.0500 0x0e04 ================ Scan VBR ==================================
14:03:30.0515 0x0e04 [ EF64636C5636B2AB0380029425017158 ] \Device\Harddisk0\DR0\Partition1
14:03:30.0515 0x0e04 \Device\Harddisk0\DR0\Partition1 - ok
14:03:30.0546 0x0e04 [ 3285DE5F054396C54038B916F2BE86D8 ] \Device\Harddisk0\DR0\Partition2
14:03:30.0546 0x0e04 \Device\Harddisk0\DR0\Partition2 - ok
14:03:30.0562 0x0e04 Waiting for KSN requests completion. In queue: 162
14:03:31.0562 0x0e04 Waiting for KSN requests completion. In queue: 162
14:03:32.0562 0x0e04 Waiting for KSN requests completion. In queue: 162
14:03:33.0906 0x0e04 AV detected via SS1: avast! Antivirus, 5.0.134219225, enabled, updated
14:03:33.0968 0x0e04 Win FW state via NFM: enabled
14:03:36.0328 0x0e04 ============================================================
14:03:36.0328 0x0e04 Scan finished
14:03:36.0328 0x0e04 ============================================================
14:03:36.0343 0x0e40 Detected object count: 1
14:03:36.0343 0x0e40 Actual detected object count: 1
14:03:51.0078 0x0e40 \Device\Harddisk0\DR0\# - copied to quarantine
14:03:51.0078 0x0e40 \Device\Harddisk0\DR0 - copied to quarantine
14:03:51.0187 0x0e40 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.a ) - will be cured on reboot
14:03:51.0187 0x0e40 \Device\Harddisk0\DR0 - ok
14:03:51.0218 0x0e40 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.a ) - User select action: Cure
14:03:52.0218 0x0e40 KLMD registered as C:\WINDOWS\system32\drivers\75582909.sys
14:04:01.0406 0x0ce0 Deinitialize success
A voir également:

10 réponses

Réponse 1 / 10
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 628
Modifié par Malekal_morte- le 24/11/2013 à 14:22
Salut,

As-tu faire Cure sur TDSSKiller ?

Like the angel you are, you laugh creating a lightness in my chest,
Your eyes they penetrate me,
(Your answer's always 'maybe')
That's when I got up and left
1
Réponse 2 / 10
yoshi1611 Messages postés 18 Date d'inscription lundi 27 août 2012 Statut Membre Dernière intervention 26 décembre 2013
24 nov. 2013 à 15:07
oui ça m'as donné différentes propositions dont cure. Je l'ai laissé vu que c'était ce qui m'était proposé par défaut et j'ai cliqué sur continuer.
Ensuite ça m'as demandé de redémarrer. ce que j'ai fait et voila.
0
Réponse 3 / 10
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 628
24 nov. 2013 à 15:12
refais un scan TDSSKiller voir s'il détecté encore le rootkit.
0
Réponse 4 / 10
yoshi1611 Messages postés 18 Date d'inscription lundi 27 août 2012 Statut Membre Dernière intervention 26 décembre 2013
24 nov. 2013 à 15:37
Non le rootkit n'est pas détecté. Ca me dis "No threats found".
Par contre dans le disque local (C:) il y a un fichier "TDSSKiller_Quarantine" avec un fichier "mbr0000" dedans.
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 10
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 628
24 nov. 2013 à 22:26
good :)

Faire un scan OTL pour diagnostiquer les programmes qui tournent et déceler des infections - Le programme va générer deux rapports OTL.txt et Extras.txt
Fournir les deux rapports :

Tu peux suivre les indications de cette page pour t'aider : https://www.malekal.com/tutorial-otl/

* Télécharge http://www.geekstogo.com/forum/files/file/398-otl-oldtimers-list-it/ sur ton bureau.
(Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)

Dans le cas d'Avast!, ne pas lancer le programme dans la Sandbox (voir lien d'aide ci-dessus).

* Lance OTL
* En haut à droite de Analyse rapide, coche "tous les utilisateurs"
* Sur OTL, sous Personnalisation, copie-colle le script ci-dessous :



netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%temp%\*.exe /s
%SYSTEMDRIVE%\*.exe
%systemroot%\*. /mp /s
%systemroot%\system32\consrv.dll
%systemroot%\system32\*.dll /lockedfiles
%windir%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
/md5start
explorer.exe
winlogon.exe
services.exe
wininit.exe
/md5stop
HKEY_CLASSES_ROOT\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InprocServer32 /s
HKEY_LOCAL_MACHINE\SYSTEM\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters /s
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems /s
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\AppCertDlls /s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList /s
HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor /s
HKEY_CURRENT_USER\Software\Microsoft\Command Processor /s
CREATERESTOREPOINT
nslookup https://www.google.fr/?gws_rd=ssl /c
SAVEMBR:0
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs



* Clique sur le bouton Analyse.

* Quand le scan est fini, utilise le site http://pjjoint.malekal.com/ pour envoyer le rapport OTL.txt (et Extra.txt si présent).
Donne le ou les liens pjjoint qui pointent vers ces rapports ici dans une réponse.
Je répète : donne le lien du rapport pjjoint ici en réponse.

NE PAS COPIER/COLLER LE RAPPORT ICI - DONNER LE LIEN PJJOINT DANS UN NOUVEAU MESSAGE


0
Réponse 6 / 10
yoshi1611 Messages postés 18 Date d'inscription lundi 27 août 2012 Statut Membre Dernière intervention 26 décembre 2013
15 déc. 2013 à 15:38
Bonjour,

J'ai fait le scan et voici les rapports qui en ressortent:

- OTL.Txt

https://pjjoint.malekal.com/files.php?id=20131215_b12l8z10y9c12

- Extra.Txt

https://pjjoint.malekal.com/files.php?id=20131215_l12d7j12d6z11


Voila.

Merci
0
Réponse 7 / 10
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 628
15 déc. 2013 à 16:35
Rapport correct :)
0
Réponse 8 / 10
yoshi1611 Messages postés 18 Date d'inscription lundi 27 août 2012 Statut Membre Dernière intervention 26 décembre 2013
16 déc. 2013 à 15:15
Youpi!!

merci beaucoup :)
0
Réponse 9 / 10
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 628
16 déc. 2013 à 15:18
:)


Installe Malwarebyte's Anti-Malware : https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
Fais des scans réguliers avec, il est efficace.


Sécurise ton PC - surtout désactive bien java de tes navigateurs WEB !

Important - ton infection est venue par un exploit sur site web :

Un exploit sur site WEB permet l'infection de ton ordinateur de manière automatiquement à la visite d'un site WEB qui a été hacké, il tire partie du fait que tu as des logiciels (Java, Adobe Reader etc) qui sont pas à jour et possèdent des vulnérabilités qui permettent l'execution de code (malicieux dans notre cas) à ton insu.
Le fait de ne pas avoir des logiciels à jour et qui ont potentiellement des vulnérabilités permettent donc d'infecter ton système.
Exemple avec : Exploit Java

Il faut donc impérativement maintenir tes logiciels à jour afin de ne pas voir ces portes d'entrée sur ton système.
Tant que ces logiciels ne seront pas à jour, ton PC est vulnérable et les infections peuvent s'installer facilement.

IMPORTANT : mettre à jour tes programmes notamment Java/Adobe Reader et Flash :
/faq/13362-mettre-a-jour-son-pc-contre-les-failles-de-securite
https://forum.malekal.com/viewtopic.php?t=15960&start=

Désactive Java de tes navigateurs WEB : https://www.commentcamarche.net/faq/35621-desactiver-java-sur-ses-navigateurs-web


Passe le mot à tes amis !

~~

Filtrer les PUPs/Adwares les plus fréquents avec HOSTS Anti-PUPs/Adwares : http://www.malekal.com/2012/01/10/hosts-anti-pupsadware/

~~

Le reste de la sécurité : http://forum.malekal.com/comment-securiser-son-ordinateur.html


0
Réponse 10 / 10
miss logique Messages postés 20 Date d'inscription dimanche 24 novembre 2013 Statut Membre Dernière intervention 2 décembre 2013
24 nov. 2013 à 14:20
salut verifie ton parefeu
-1
yoshi1611 Messages postés 18 Date d'inscription lundi 27 août 2012 Statut Membre Dernière intervention 26 décembre 2013
24 nov. 2013 à 15:12
mon pare feu windows est activé. C'est un problème? Je dois le désactivier?
Merci
0

Discussions similaires

MBR ERROR1 au démarrage
gregory92 -
gregory92 -

2 réponses
Passer de NTFS à MBR
j0rge08 -
Utilisateur anonyme -

4 réponses
Réparer la MBR d'une partition d'un DD amovi
sohobis -
RépAtout -

11 réponses
MBR error 1
hugotheboss -
Bruce Willix -

5 réponses
Presse any key to boot from floppy
morelia68 -
nathan 60 -

3 réponses